--- a/includes/functions.php Fri Jul 17 20:48:53 2009 -0400
+++ b/includes/functions.php Fri Jul 31 19:15:48 2009 -0400
@@ -2512,7 +2512,7 @@
// Remove character escapes
$page_id = dirtify_page_id($page_id);
- $pid_clean = preg_replace('/[\w\.\/:;\(\)@\[\]_-]/', 'X', $page_id);
+ $pid_clean = preg_replace('/[\w\.\/:;\(\)@\[\]=_-]/', 'X', $page_id);
$pid_dirty = enano_str_split($pid_clean, 1);
foreach ( $pid_dirty as $id => $char )
@@ -2577,7 +2577,7 @@
$char = strtolower($char);
$char = intval(hexdec($char));
$char = chr($char);
- if ( preg_match('/^[\w\.\/:;\(\)@\[\]_-]$/', $char) )
+ if ( preg_match('/^[\w\.\/:;\(\)@\[\]=_-]$/', $char) )
continue;
$page_id = str_replace($matches[0][$id], $char, $page_id);
}
--- a/includes/namespaces/user.php Fri Jul 17 20:48:53 2009 -0400
+++ b/includes/namespaces/user.php Fri Jul 31 19:15:48 2009 -0400
@@ -23,7 +23,7 @@
if ( ( $this->title == str_replace('_', ' ', $this->page_id) || $this->title == $paths->nslist['User'] . str_replace('_', ' ', $this->page_id) ) || !$this->exists )
{
- $this->title = $lang->get('userpage_page_title', array('username' => $this->page_id));
+ $this->title = $lang->get('userpage_page_title', array('username' => str_replace('_', ' ', dirtify_page_id($this->page_id))));
$this->cdata['name'] = $this->title;
}
--- a/includes/sessions.php Fri Jul 17 20:48:53 2009 -0400
+++ b/includes/sessions.php Fri Jul 31 19:15:48 2009 -0400
@@ -698,11 +698,12 @@
// Retrieve the real password from the database
$username_db = $db->escape(strtolower($username));
+ $username_db_upper = $db->escape($username);
if ( !$db->sql_query('SELECT password,password_salt,old_encryption,user_id,user_level,temp_password,temp_password_time FROM '.table_prefix."users\n"
- . " WHERE " . ENANO_SQLFUNC_LOWERCASE . "(username) = '$username_db';") )
+ . " WHERE ( " . ENANO_SQLFUNC_LOWERCASE . "(username) = '$username_db' OR username = '$username_db_upper' );") )
{
$this->sql('SELECT password,\'\' AS password_salt,old_encryption,user_id,user_level,temp_password,temp_password_time FROM '.table_prefix."users\n"
- . " WHERE " . ENANO_SQLFUNC_LOWERCASE . "(username) = '$username_db';");
+ . " WHERE ( " . ENANO_SQLFUNC_LOWERCASE . "(username) = '$username_db' OR username = '$username_db_upper' );");
}
if ( $db->numrows() < 1 )
{
--- a/includes/template.php Fri Jul 17 20:48:53 2009 -0400
+++ b/includes/template.php Fri Jul 31 19:15:48 2009 -0400
@@ -22,6 +22,7 @@
var $page_id = false;
var $namespace = false;
var $js_preload = array();
+ var $js_append = '';
/**
* Page action conditions
@@ -470,6 +471,16 @@
}
/**
+ * Queue some HTML to be inserted after the Javascript runtime.
+ * @param string HTML glob
+ */
+
+ function add_header_js($html)
+ {
+ $this->js_append .= "$html\n ";
+ }
+
+ /**
* Global, only-called-once init. Goes to all themes.
*/
@@ -557,6 +568,7 @@
window.onload = function(e) { };
}
</script>
+ $this->js_append
JSEOF;
}
else
@@ -604,6 +616,7 @@
window.onload = function(e) { };
}
//]]></script>
+ $this->js_append
JSEOF;
}
@@ -1757,7 +1770,7 @@
$params = false;
$escape = !empty($escape);
- $result = makeUrlNS($namespace, $page_id, $params, $escape);
+ $result = makeUrlNS($namespace, sanitize_page_id($page_id), $params, $escape);
if ( !$post_eval )
{
--- a/language/english/user.json Fri Jul 17 20:48:53 2009 -0400
+++ b/language/english/user.json Fri Jul 31 19:15:48 2009 -0400
@@ -271,10 +271,7 @@
// CP home
intro_heading_main: '%username%, welcome to your control panel',
- intro_para1: 'Here you can make changes to your profile, view statistics on yourself on this site, and set your preferences.',
- intro_para2: 'Your <a href="%userpage_link%">user page</a> <sup>(<a href="%userpage_link%#do:comments">comments</a>)</sup> is your free writing space. You can use it to tell the other members of this site a little bit about yourself. If you haven\'t already made a user page, why not <a href="%userpage_link%#do:edit">make one now</a>?',
- intro_para3: 'Use the menu at the top to navigate around. If you have any questions, you may contact the %admin_contact_link%.',
- intro_para3_admin_link: 'administrator',
+ intro: '<p>Your User Control Panel lets you change settings on the site.</p><p>If you haven\'t created a <a href="%userpage_link%">user page</a> yet, consider doing so - it\'s your free writing space. It\'s also where information you put on this page can be viewed by others. People can also leave <a href="%userpage_link%#do:comments">comments</a> on your user page.</p>',
// E-mail / password change form
emailpassword_title: 'Change E-mail Address or Password',
--- a/plugins/SpecialUpdownload.php Fri Jul 17 20:48:53 2009 -0400
+++ b/plugins/SpecialUpdownload.php Fri Jul 31 19:15:48 2009 -0400
@@ -196,9 +196,9 @@
global $db, $session, $paths, $template, $plugins; // Common objects
global $lang;
global $do_gzip;
- $filename = rawurldecode($paths->getParam(0));
+ $filename = $paths->getParam(0);
$timeid = $paths->getParam(1);
- if ( $timeid && preg_match('#^([0-9]+)$#', (string)$timeid) )
+ if ( $timeid && ctype_digit((string)$timeid) )
{
$tid = ' AND time_id='.$timeid;
}
@@ -243,7 +243,13 @@
// Determine appropriate width and height
$width = ( isset($_GET['width']) ) ? intval($_GET['width'] ) : 320;
$height = ( isset($_GET['height']) ) ? intval($_GET['height']) : 320;
- $cache_filename = ENANO_ROOT . "/cache/{$filename}-{$row['time_id']}-{$width}x{$height}{$row['file_extension']}";
+
+ // 1.1.7: allow different format output
+ $extension = $row['file_extension'];
+ if ( isset($_GET['fmt']) && in_array($_GET['fmt'], array('png', 'jpg')) )
+ $extension = ".{$_GET['fmt']}";
+
+ $cache_filename = ENANO_ROOT . "/cache/{$filename}-{$row['time_id']}-{$width}x{$height}$extension";
if ( file_exists($cache_filename) )
{
$fname = $cache_filename;
--- a/plugins/SpecialUserPrefs.php Fri Jul 17 20:48:53 2009 -0400
+++ b/plugins/SpecialUserPrefs.php Fri Jul 31 19:15:48 2009 -0400
@@ -116,7 +116,7 @@
userprefs_menu_add('usercp_sec_profile', 'usercp_sec_profile_emailpassword', makeUrlNS('Special', 'Preferences/EmailPassword') . '" onclick="ajaxLoginNavTo(\'Special\', \'Preferences/EmailPassword\', '.USER_LEVEL_CHPREF.'); return false;');
userprefs_menu_add('usercp_sec_profile', 'usercp_sec_profile_signature', makeUrlNS('Special', 'Preferences/Signature'));
- userprefs_menu_add('usercp_sec_profile', 'usercp_sec_profile_publicinfo', makeUrlNS('Special', 'Preferences/Profile'));
+ // userprefs_menu_add('usercp_sec_profile', 'usercp_sec_profile_publicinfo', makeUrlNS('Special', 'Preferences/Profile'));
userprefs_menu_add('usercp_sec_profile', 'usercp_sec_profile_usergroups', makeUrlNS('Special', 'Usergroups'));
if ( getConfig('avatar_enable') == '1' )
{
@@ -299,19 +299,6 @@
switch ( $section )
{
- case 'Home':
- global $email;
- $userpage_id = $paths->nslist['User'] . sanitize_page_id($session->username);
- $userpage_exists = ( isPage($userpage_id) ) ? '' : ' class="wikilink-nonexistent"';
- $user_page = makeUrlNS('User', sanitize_page_id($session->username));
- $site_admin = $email->encryptEmail(getConfig('contact_email'), '', '', $lang->get('usercp_intro_para3_admin_link'));
-
- echo '<h3 style="margin-top: 0;">' . $lang->get('usercp_intro_heading_main', array('username' => $session->username)) . '</h3>';
-
- echo '<p>' . $lang->get('usercp_intro_para1') . '</p>
- <p>' . $lang->get('usercp_intro_para2', array('userpage_link' => $user_page)) . '</p>
- <p>' . $lang->get('usercp_intro_para3', array('admin_contact_link' => $site_admin)) . '</p>';
- break;
case 'EmailPassword':
$errors = trim($errors);
@@ -380,6 +367,18 @@
echo '</form>';
break;
case "Profile":
+ case 'Home':
+
+ global $email;
+ $userpage_id = $paths->nslist['User'] . sanitize_page_id($session->username);
+ $userpage_exists = ( isPage($userpage_id) ) ? '' : ' class="wikilink-nonexistent"';
+ $user_page = makeUrlNS('User', sanitize_page_id($session->username));
+ $site_admin = $email->encryptEmail(getConfig('contact_email'), '', '', $lang->get('usercp_intro_para3_admin_link'));
+
+ echo '<h3 style="margin-top: 0;">' . $lang->get('usercp_intro_heading_main', array('username' => $session->username)) . '</h3>';
+
+ echo $lang->get('usercp_intro', array('userpage_link' => $user_page));
+
$available_ranks = $session->get_user_possible_ranks($session->user_id);
$current_rank = $session->get_user_rank($session->user_id);