Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
authorDan
Sun, 02 Mar 2008 19:32:19 -0500
changeset 472 bc4b58034f4d
parent 471 7906fb190fc1
child 473 518bc2b214f1
Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
ajax.php
includes/clientside/static/acl.js
includes/clientside/static/enano-lib-basic.js
includes/clientside/static/l10n.js
includes/clientside/static/login.js
includes/functions.php
includes/pageprocess.php
includes/rijndael.php
includes/sessions.php
includes/template.php
plugins/SpecialUserFuncs.php
--- a/ajax.php	Sat Mar 01 23:02:05 2008 -0500
+++ b/ajax.php	Sun Mar 02 19:32:19 2008 -0500
@@ -361,7 +361,7 @@
       }
       
       // If this is based on a draft version, delete the draft - we no longer need it.
-      if ( @$request['used_draft'] )
+      if ( @$request['used_draft'] && !$request['draft'] )
       {
         $q = $db->sql_query('DELETE FROM ' . table_prefix . 'logs WHERE log_type = \'page\' AND action = \'edit\'
                                AND page_id = \'' . $db->escape($paths->page_id) . '\'
--- a/includes/clientside/static/acl.js	Sat Mar 01 23:02:05 2008 -0500
+++ b/includes/clientside/static/acl.js	Sun Mar 02 19:32:19 2008 -0500
@@ -433,6 +433,8 @@
             note.appendChild(document.createElement('br'));
             note.appendChild(document.createTextNode($lang.get('acl_lbl_save_success_body', { target_name: data.target_name })));
             note.appendChild(document.createElement('br'));
+            
+            /*
             var a = document.createElement('a');
             a.href = '#';
             a.id = aclManagerID + '_btn_dismiss';
@@ -443,18 +445,28 @@
             a.id = aclManagerID + '_btn_close';
             a2.appendChild(document.createTextNode(': ' + $lang.get('acl_btn_success_close') + ' ]'));
             note.appendChild(a2);
-            document.getElementById(aclManagerID + '_main').insertBefore(note, document.getElementById(aclManagerID + '_main').firstChild);
-            if(!document.getElementById(aclManagerID+'_deletelnk'))
-              document.getElementById(aclManagerID + '_main').innerHTML += '<p id="'+aclManagerID+'_deletelnk" style="text-align: right;"><a href="#delete_acl_rule" onclick="if(confirm(\'' + $lang.get('acl_msg_deleterule_confirm') + '\')) __aclDeleteRule(); return false;" style="color: red;">' + $lang.get('acl_lbl_deleterule') + '</a></p>';
-            //fadeInfoBoxes();
-            document.getElementById(aclManagerID+'_main').scrollTop = 0;
+            */
+            
+            var a_dismiss = document.createElement('a');
+            a_dismiss.href = '#';
+            a_dismiss.appendChild(document.createTextNode('[ ' + $lang.get('acl_btn_success_dismiss') + ' :'));
+            note.appendChild(a_dismiss);
             
-            var a = document.getElementById(aclManagerID + '_btn_dismiss');
-            var a2 = document.getElementById(aclManagerID + '_btn_close');
+            var a_close = document.createElement('a');
+            a_close.href = '#';
+            a_close.appendChild(document.createTextNode(': ' + $lang.get('acl_btn_success_close') + ' ]'));
+            note.appendChild(a_close);
+            
+            document.getElementById(aclManagerID + '_main').insertBefore(note, document.getElementById(aclManagerID + '_main').firstChild);
             
-            a.setAttribute('onclick', function(e) { this.parentNode.parentNode.removeChild(this.parentNode); return false; });
-            a2.setAttribute('onclick', function(e) { killACLManager(); return false; });
+            a_dismiss.setAttribute('onclick', 'var parent = this.parentNode.parentNode; parent.removeChild(this.parentNode); return false;');
+            a_close.setAttribute('onclick', 'killACLManager(); return false;');
             
+            if ( !document.getElementById(aclManagerID+'_deletelnk') )
+              document.getElementById(aclManagerID + '_main').innerHTML += '<p id="'+aclManagerID+'_deletelnk" style="text-align: right;"><a href="#delete_acl_rule" onclick="if(confirm(\'' + $lang.get('acl_msg_deleterule_confirm') + '\')) __aclDeleteRule(); return false;" style="color: red;">' + $lang.get('acl_lbl_deleterule') + '</a></p>';
+            
+            document.getElementById(aclManagerID+'_main').scrollTop = 0;
+                        
             aclDataCache.mode = 'save_edit';
             break;
           case 'delete':
--- a/includes/clientside/static/enano-lib-basic.js	Sat Mar 01 23:02:05 2008 -0500
+++ b/includes/clientside/static/enano-lib-basic.js	Sun Mar 02 19:32:19 2008 -0500
@@ -272,6 +272,20 @@
   }
 }
 
+// wrapper for window.console
+if ( !window.console )
+{
+  window.console = {
+    log: function() {},
+    debug: function() {},
+    info: function() {},
+    warn: function() {},
+    warning: function() {},
+    error: function() {},
+    write: function() {}
+  }
+}
+
 // Do not remove the following comments, they are used by jsres.php.
 /*!START_INCLUDER*/
 
@@ -360,5 +374,4 @@
   }
 });
 
-
 //*/
--- a/includes/clientside/static/l10n.js	Sat Mar 01 23:02:05 2008 -0500
+++ b/includes/clientside/static/l10n.js	Sun Mar 02 19:32:19 2008 -0500
@@ -77,6 +77,10 @@
 // isn't ready yet
 function language_onload_resched()
 {
+  if ( window.console )
+  {
+    window.console.info('Delaying language init by 0.2s because language_onload decided that enano_lang[ENANO_LANG_ID] isn\'t ready');
+  }
   setTimeout('language_onload();', 200);
 }
 
--- a/includes/clientside/static/login.js	Sat Mar 01 23:02:05 2008 -0500
+++ b/includes/clientside/static/login.js	Sun Mar 02 19:32:19 2008 -0500
@@ -357,6 +357,28 @@
           ajaxLoginShowFriendlyError(response);
         }, 2500);
       break;
+    case 'login_success_reset':
+      var conf = confirm($lang.get('user_login_ajax_msg_used_temp_pass'));
+      if ( conf )
+      {
+        var url = makeUrlNS('Special', 'PasswordReset/stage2/' + response.user_id + '/' + response.temp_password);
+        window.location = url;
+      }
+      else
+      {
+        // treat as a failure
+        ajaxLoginSetStatus(AJAX_STATUS_DESTROY);
+        document.getElementById('messageBox').style.backgroundColor = '#C0C0C0';
+        var mb_parent = document.getElementById('messageBox').parentNode;
+        new Spry.Effect.Shake(mb_parent, {duration: 1500}).start();
+        setTimeout(function()
+          {
+            document.getElementById('messageBox').style.backgroundColor = '#FFF';
+            ajaxLoginBuildForm(response.respawn_info);
+            // don't show an error here, just silently respawn
+          }, 2500);
+      }
+      break;
     case 'noop':
       break;
   }
--- a/includes/functions.php	Sat Mar 01 23:02:05 2008 -0500
+++ b/includes/functions.php	Sun Mar 02 19:32:19 2008 -0500
@@ -1025,6 +1025,8 @@
     @reset($header_array);
 
     $headers = '';
+    $cc = '';
+    $bcc = '';
     while(list(, $header) = each($header_array))
     {
       if (preg_match('#^cc:#si', $header))
@@ -3101,7 +3103,7 @@
  * @return int
  */
 
-function password_score($password, &$debug)
+function password_score($password, &$debug = false)
 {
   if ( !is_string($password) )
   {
--- a/includes/pageprocess.php	Sat Mar 01 23:02:05 2008 -0500
+++ b/includes/pageprocess.php	Sun Mar 02 19:32:19 2008 -0500
@@ -369,11 +369,11 @@
   }
   
   /**
-   * Updates the content of the page.
+   * Updates (saves/changes/edits) the content of the page.
    * @param string The new text for the page
    * @param string A summary of edits made to the page.
    * @param bool If true, the edit is marked as a minor revision
-   * @return bool True on success, false on failure
+   * @return bool True on success, false on failure. When returning false, it will push errors to the PageProcessor error stack; read with $page->pop_error()
    */
   
   function update_page($text, $edit_summary = false, $minor_edit = false)
--- a/includes/rijndael.php	Sat Mar 01 23:02:05 2008 -0500
+++ b/includes/rijndael.php	Sun Mar 02 19:32:19 2008 -0500
@@ -909,7 +909,7 @@
     {
       $key .= chr(mt_rand(0, 255));
     }
-    if ( file_exists('/dev/urandom') && is_readable('/dev/urandom') )
+    if ( @file_exists('/dev/urandom') && @is_readable('/dev/urandom') )
     {
       // Let's use something a little more secure
       $ur = @fopen('/dev/urandom', 'r');
--- a/includes/sessions.php	Sat Mar 01 23:02:05 2008 -0500
+++ b/includes/sessions.php	Sun Mar 02 19:32:19 2008 -0500
@@ -3195,6 +3195,10 @@
         $username =& $userinfo['username'];
         $password =& $userinfo['password'];
         
+        // If we're logging in with a temp password, attach to the login_password_reset hook to send our JSON response
+        // A bit hackish since it just dies with the response :-(
+        $plugins->attachHook('login_password_reset', '$this->process_login_request(array(\'mode\' => \'respond_password_reset\', \'user_id\' => $row[\'user_id\'], \'temp_password\' => $row[\'temp_password\']));');
+        
         // attempt the login
         // function login_without_crypto($username, $password, $already_md5ed = false, $level = USER_LEVEL_MEMBER, $captcha_hash = false, $captcha_code = false)
         $login_result = $this->login_without_crypto($username, $password, false, intval($req['level']), @$req['captcha_hash'], @$req['captcha_code']);
@@ -3219,6 +3223,7 @@
         break;
       case 'clean_key':
         // Clean out a key, since it won't be used.
+        // This is called when the user clicks Cancel in the AJAX login interface.
         if ( !empty($req['key_aes']) )
         {
           $this->fetch_public_key($req['key_aes']);
@@ -3234,6 +3239,14 @@
             'mode' => 'noop'
           );
         break;
+      case 'respond_password_reset':
+        die(enano_json_encode(array(
+            'mode' => 'login_success_reset',
+            'user_id' => $req['user_id'],
+            'temp_password' => $req['temp_password'],
+            'respawn_info' => $this->process_login_request(array('mode' => 'getkey'))
+          )));
+        break;
     }
     
   }
--- a/includes/template.php	Sat Mar 01 23:02:05 2008 -0500
+++ b/includes/template.php	Sun Mar 02 19:32:19 2008 -0500
@@ -111,6 +111,8 @@
     {
       if ( !$theme['group_list'] )
         continue;
+      if ( $theme['theme_id'] === getConfig('theme_default') )
+        continue;
       switch ( $theme['group_policy'] )
       {
         case 'allow_all':
@@ -1088,7 +1090,7 @@
     if ( !is_file($tpl_file_fullpath) )
     {
       die_semicritical('Cannot find template file',
-                       '<p>The template parser was asked to load the file "' . htmlspecialchars($filename) . '", but that file couldn\'t be found in the directory for
+                       '<p>The template parser was asked to load the file "' . htmlspecialchars($tpl_file_fullpath) . '", but that file couldn\'t be found in the directory for
                            the current theme.</p>
                         <p>Additional debugging information:<br />
                            <b>Theme currently in use: </b>' . $this->theme . '<br />
@@ -1845,7 +1847,7 @@
           break;
         case BLOCK_PLUGIN:
           $parser = $this->makeParserText('{CONTENT}');
-          $c = (gettype($this->fetch_block($row['block_content'])) == 'string') ? $this->fetch_block($row['block_content']) : 'Can\'t find plugin block';
+          $c = (gettype($this->fetch_block($row['block_content'])) == 'string') ? $this->fetch_block($row['block_content']) : /* This used to say "can't find plugin block" but I think it's more friendly to just silently hide it. */ '';
           break;
       }
       $parser->assign_vars(Array( 'TITLE'=>$this->tplWikiFormat($row['block_name']), 'CONTENT'=>$c ));
--- a/plugins/SpecialUserFuncs.php	Sat Mar 01 23:02:05 2008 -0500
+++ b/plugins/SpecialUserFuncs.php	Sun Mar 02 19:32:19 2008 -0500
@@ -1439,7 +1439,7 @@
   
   require ( ENANO_ROOT.'/includes/captcha.php' );
   $captcha = captcha_object($hash, 'freecap');
-  $captcha->debug = true;
+  // $captcha->debug = true;
   $captcha->make_image();
   
   exit;