1
+ − 1
<?php
+ − 2
+ − 3
/*
+ − 4
* Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
73
0a74676a2f2f
Made the move to Loch Ness, and got some basic page grouping functionality working. TODO: fix some UI issues in Javascript ACL editor and change non-JS ACL editor to work with page groups too
Dan
diff
changeset
+ − 5
* Version 1.0.1 (Loch Ness)
1
+ − 6
* Copyright (C) 2006-2007 Dan Fuhry
+ − 7
*
+ − 8
* This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
+ − 9
* as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
+ − 10
*
+ − 11
* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ − 12
* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
+ − 13
*/
+ − 14
+ − 15
class template {
+ − 16
var $tpl_strings, $tpl_bool, $theme, $style, $no_headers, $additional_headers, $sidebar_extra, $sidebar_widgets, $toolbar_menu, $theme_list, $named_theme_list, $default_theme, $default_style, $plugin_blocks, $namespace_string, $style_list, $theme_loaded;
30
+ − 17
+ − 18
/**
+ − 19
* Set to true if the site is disabled and thus a message needs to be shown. This should ONLY be changed by common.php.
+ − 20
* @var bool
+ − 21
* @access private
+ − 22
*/
+ − 23
+ − 24
var $site_disabled = false;
+ − 25
53
+ − 26
/**
+ − 27
* One of the absolute best parts of Enano :-P
+ − 28
* @var string
+ − 29
*/
+ − 30
54
84b56303cab5
Bugfixes: Login system properly handles blank password situation (returns ""); fading button now works right with relative URLs
Dan
diff
changeset
+ − 31
var $fading_button = '';
53
+ − 32
1
+ − 33
function __construct()
+ − 34
{
+ − 35
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 36
dc_here('template: initializing all class variables');
+ − 37
$this->tpl_bool = Array();
+ − 38
$this->tpl_strings = Array();
+ − 39
$this->sidebar_extra = '';
+ − 40
$this->toolbar_menu = '';
+ − 41
$this->additional_headers = '';
+ − 42
$this->plugin_blocks = Array();
+ − 43
$this->theme_loaded = false;
+ − 44
87
570f68c3fe36
Redid stupid fading button code and fixed several RC2 bugs in the upgrade schema; 1.0.1 release candidate
Dan
diff
changeset
+ − 45
$this->fading_button = '<div style="background-image: url('.scriptPath.'/images/about-powered-enano-hover.png); background-repeat: no-repeat; width: 88px; height: 31px; margin: 0 auto;">
570f68c3fe36
Redid stupid fading button code and fixed several RC2 bugs in the upgrade schema; 1.0.1 release candidate
Dan
diff
changeset
+ − 46
<a href="http://enanocms.org/" onclick="window.open(this.href); return false;"><img style="border-width: 0;" alt=" " src="'.scriptPath.'/images/about-powered-enano.png" onmouseover="domOpacity(this, 100, 0, 500);" onmouseout="domOpacity(this, 0, 100, 500);" /></a>
570f68c3fe36
Redid stupid fading button code and fixed several RC2 bugs in the upgrade schema; 1.0.1 release candidate
Dan
diff
changeset
+ − 47
</div>';
54
84b56303cab5
Bugfixes: Login system properly handles blank password situation (returns ""); fading button now works right with relative URLs
Dan
diff
changeset
+ − 48
1
+ − 49
$this->theme_list = Array();
+ − 50
$this->named_theme_list = Array();
+ − 51
$e = $db->sql_query('SELECT theme_id,theme_name,enabled,default_style FROM '.table_prefix.'themes WHERE enabled=1 ORDER BY theme_order;');
+ − 52
if(!$e) $db->_die('The list of themes could not be selected.');
+ − 53
for($i=0;$i < $db->numrows(); $i++)
+ − 54
{
+ − 55
$this->theme_list[$i] = $db->fetchrow();
+ − 56
$this->named_theme_list[$this->theme_list[$i]['theme_id']] = $this->theme_list[$i];
+ − 57
}
+ − 58
$db->free_result();
+ − 59
$this->default_theme = $this->theme_list[0]['theme_id'];
+ − 60
$dir = ENANO_ROOT.'/themes/'.$this->default_theme.'/css/';
+ − 61
$list = Array();
+ − 62
// Open a known directory, and proceed to read its contents
+ − 63
if (is_dir($dir)) {
+ − 64
if ($dh = opendir($dir)) {
+ − 65
while (($file = readdir($dh)) !== false) {
+ − 66
if(preg_match('#^(.*?)\.css$#i', $file) && $file != '_printable.css') {
+ − 67
$list[] = substr($file, 0, strlen($file)-4);
+ − 68
}
+ − 69
}
+ − 70
closedir($dh);
+ − 71
}
+ − 72
}
+ − 73
+ − 74
$def = ENANO_ROOT.'/themes/'.$this->default_theme.'/css/'.$this->named_theme_list[$this->default_theme]['default_style'];
+ − 75
if(file_exists($def))
+ − 76
{
+ − 77
$this->default_style = substr($this->named_theme_list[$this->default_theme]['default_style'], 0, strlen($this->named_theme_list[$this->default_theme]['default_style'])-4);
+ − 78
} else {
+ − 79
$this->default_style = $list[0];
+ − 80
}
+ − 81
+ − 82
$this->style_list = $list;
+ − 83
+ − 84
}
+ − 85
function template()
+ − 86
{
+ − 87
$this->__construct();
+ − 88
}
+ − 89
function sidebar_widget($t, $h)
+ − 90
{
+ − 91
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 92
if(!defined('ENANO_TEMPLATE_LOADED'))
+ − 93
{
+ − 94
$this->load_theme($session->theme, $session->style);
+ − 95
}
+ − 96
if(!$this->sidebar_widgets)
+ − 97
$this->sidebar_widgets = '';
+ − 98
$tplvars = $this->extract_vars('elements.tpl');
+ − 99
$parser = $this->makeParserText($tplvars['sidebar_section_raw']);
+ − 100
$parser->assign_vars(Array('TITLE'=>$t,'CONTENT'=>$h));
+ − 101
$this->plugin_blocks[$t] = $h;
+ − 102
$this->sidebar_widgets .= $parser->run();
+ − 103
}
+ − 104
function add_header($html)
+ − 105
{
+ − 106
$this->additional_headers .= "\n" . $html;
+ − 107
}
+ − 108
function get_css($s = false)
+ − 109
{
+ − 110
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 111
if(!defined('ENANO_TEMPLATE_LOADED'))
+ − 112
$this->load_theme($session->theme, $session->style);
+ − 113
$path = ( $s ) ? 'css/'.$s : 'css/'.$this->style.'.css';
+ − 114
if ( !file_exists(ENANO_ROOT . '/themes/' . $this->theme . '/' . $path) )
+ − 115
{
+ − 116
echo "/* WARNING: Falling back to default file because file $path does not exist */\n";
+ − 117
$path = 'css/' . $this->style_list[0] . '.css';
+ − 118
}
+ − 119
return $this->process_template($path);
+ − 120
}
+ − 121
function load_theme($name = false, $css = false)
+ − 122
{
+ − 123
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 124
$this->theme = ( $name ) ? $name : $session->theme;
+ − 125
$this->style = ( $css ) ? $css : $session->style;
+ − 126
if ( !$this->theme )
+ − 127
{
+ − 128
$this->theme = $this->theme_list[0]['theme_id'];
+ − 129
$this->style = substr($this->theme_list[0]['default_style'], 0, strlen($this->theme_list[0]['default_style'])-4);
+ − 130
}
+ − 131
$this->theme_loaded = true;
+ − 132
}
+ − 133
+ − 134
function init_vars()
+ − 135
{
+ − 136
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 137
global $email;
+ − 138
+ − 139
dc_here("template: initializing all variables");
+ − 140
+ − 141
if(!$this->theme || !$this->style)
+ − 142
{
+ − 143
$this->load_theme();
+ − 144
}
+ − 145
+ − 146
if(defined('ENANO_TEMPLATE_LOADED'))
+ − 147
{
+ − 148
dc_here('template: access denied to call template::init_vars(), bailing out');
+ − 149
die_semicritical('Illegal call', '<p>$template->load_theme was called multiple times, this is not supposed to happen. Exiting with fatal error.</p>');
+ − 150
}
+ − 151
+ − 152
define('ENANO_TEMPLATE_LOADED', '');
+ − 153
+ − 154
$tplvars = $this->extract_vars('elements.tpl');
+ − 155
+ − 156
dc_here('template: setting all template vars');
+ − 157
+ − 158
if(isset($_SERVER['HTTP_USER_AGENT']) && strstr($_SERVER['HTTP_USER_AGENT'], 'MSIE'))
+ − 159
{
+ − 160
$this->add_header('
+ − 161
<!--[if lt IE 7]>
+ − 162
<script language="JavaScript">
+ − 163
function correctPNG() // correctly handle PNG transparency in Win IE 5.5 & 6.
+ − 164
{
86
c162ca39db8f
Finished pagination code (was incomplete in previous revision) and added a few hacks for an upcoming theme
Dan
diff
changeset
+ − 165
var arVersion = navigator.appVersion.split("MSIE");
c162ca39db8f
Finished pagination code (was incomplete in previous revision) and added a few hacks for an upcoming theme
Dan
diff
changeset
+ − 166
var version = parseFloat(arVersion[1]);
1
+ − 167
if (version >= 5.5 && typeof(document.body.filters) == "object")
+ − 168
{
+ − 169
for(var i=0; i<document.images.length; i++)
+ − 170
{
+ − 171
var img = document.images[i];
+ − 172
continue;
+ − 173
var imgName = img.src.toUpperCase();
+ − 174
if (imgName.substring(imgName.length-3, imgName.length) == "PNG")
+ − 175
{
+ − 176
var imgID = (img.id) ? "id=\'" + img.id + "\' " : "";
+ − 177
var imgClass = (img.className) ? "class=\'" + img.className + "\' " : "";
+ − 178
var imgTitle = (img.title) ? "title=\'" + img.title + "\' " : "title=\'" + img.alt + "\' ";
+ − 179
var imgStyle = "display:inline-block;" + img.style.cssText;
+ − 180
if (img.align == "left") imgStyle = "float:left;" + imgStyle;
+ − 181
if (img.align == "right") imgStyle = "float:right;" + imgStyle;
+ − 182
if (img.parentElement.href) imgStyle = "cursor:hand;" + imgStyle;
+ − 183
var strNewHTML = "<span " + imgID + imgClass + imgTitle + " style=\\"" + "width:" + img.width + "px; height:" + img.height + "px;" + imgStyle + ";" + "filter:progid:DXImageTransform.Microsoft.AlphaImageLoader" + "(src=\\\'" + img.src + "\\\', sizingMethod=\'scale\');\\"></span>";
+ − 184
img.outerHTML = strNewHTML;
+ − 185
i = i-1;
+ − 186
}
+ − 187
}
+ − 188
}
+ − 189
}
+ − 190
window.attachEvent("onload", correctPNG);
+ − 191
</script>
+ − 192
<![endif]-->
+ − 193
');
+ − 194
}
+ − 195
+ − 196
// Get the "article" button text (depends on namespace)
+ − 197
switch($paths->namespace) {
+ − 198
case "Article":
+ − 199
default:
+ − 200
$ns = 'article';
+ − 201
break;
+ − 202
case "Admin":
+ − 203
$ns = 'administration page';
+ − 204
break;
+ − 205
case "System":
+ − 206
$ns = 'system message';
+ − 207
break;
+ − 208
case "File":
+ − 209
$ns = 'uploaded file';
+ − 210
break;
+ − 211
case "Help":
+ − 212
$ns = 'documentation page';
+ − 213
break;
+ − 214
case "User":
+ − 215
$ns = 'user page';
+ − 216
break;
+ − 217
case "Special":
+ − 218
$ns = 'special page';
+ − 219
break;
+ − 220
case "Template":
+ − 221
$ns = 'template';
+ − 222
break;
+ − 223
case "Project":
+ − 224
$ns = 'project page';
+ − 225
break;
+ − 226
case "Category":
+ − 227
$ns = 'category';
+ − 228
break;
+ − 229
}
+ − 230
$this->namespace_string = $ns;
+ − 231
$code = $plugins->setHook('page_type_string_set');
+ − 232
foreach ( $code as $cmd )
+ − 233
{
+ − 234
eval($cmd);
+ − 235
}
+ − 236
$ns =& $this->namespace_string;
+ − 237
+ − 238
// Initialize the toolbar
+ − 239
$tb = '';
+ − 240
+ − 241
// Create "xx page" button
+ − 242
+ − 243
$btn_selected = ( isset($tplvars['toolbar_button_selected'])) ? $tplvars['toolbar_button_selected'] : $tplvars['toolbar_button'];
+ − 244
$parser = $this->makeParserText($btn_selected);
+ − 245
+ − 246
$parser->assign_vars(array(
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 247
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxReset()); return false; }" title="View the page contents, all of the page contents, and nothing but the page contents (alt-a)" accesskey="a"',
1
+ − 248
'PARENTFLAGS' => 'id="mdgToolbar_article"',
+ − 249
'HREF' => makeUrl($paths->page, null, true),
+ − 250
'TEXT' => $this->namespace_string
+ − 251
));
+ − 252
+ − 253
$tb .= $parser->run();
+ − 254
+ − 255
$button = $this->makeParserText($tplvars['toolbar_button']);
+ − 256
+ − 257
// Page toolbar
+ − 258
// Comments button
+ − 259
if ( $session->get_permissions('read') && getConfig('enable_comments')=='1' && $paths->namespace != 'Special' && $paths->namespace != 'Admin' && $paths->cpage['comments_on'] == 1 )
+ − 260
{
+ − 261
+ − 262
$e = $db->sql_query('SELECT approved FROM '.table_prefix.'comments WHERE page_id=\''.$paths->cpage['urlname_nons'].'\' AND namespace=\''.$paths->namespace.'\';');
+ − 263
if ( !$e )
+ − 264
{
+ − 265
$db->_die();
+ − 266
}
+ − 267
$nc = $db->numrows();
+ − 268
$nu = 0;
+ − 269
$na = 0;
+ − 270
+ − 271
while ( $r = $db->fetchrow() )
+ − 272
{
+ − 273
if ( !$r['approved'] )
+ − 274
{
+ − 275
$nu++;
+ − 276
}
+ − 277
else
+ − 278
{
+ − 279
$na++;
+ − 280
}
+ − 281
}
+ − 282
+ − 283
$db->free_result();
+ − 284
$n = ( $session->get_permissions('mod_comments') ) ? (string)$nc : (string)$na;
+ − 285
if ( $session->get_permissions('mod_comments') && $nu > 0 )
+ − 286
{
+ − 287
$n .= ' total/'.$nu.' unapp.';
+ − 288
}
+ − 289
+ − 290
$button->assign_vars(array(
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 291
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxComments()); return false; }" title="View the comments that other users have posted about this page (alt-c)" accesskey="c"',
1
+ − 292
'PARENTFLAGS' => 'id="mdgToolbar_discussion"',
+ − 293
'HREF' => makeUrl($paths->page, 'do=comments', true),
+ − 294
'TEXT' => 'discussion ('.$n.')',
+ − 295
));
+ − 296
+ − 297
$tb .= $button->run();
+ − 298
}
+ − 299
// Edit button
+ − 300
if($session->get_permissions('read') && ($paths->namespace != 'Special' && $paths->namespace != 'Admin') && ( $session->get_permissions('edit_page') && ( ( $paths->page_protected && $session->get_permissions('even_when_protected') ) || !$paths->page_protected ) ) )
+ − 301
{
+ − 302
$button->assign_vars(array(
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 303
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxEditor()); return false; }" title="Edit the contents of this page (alt-e)" accesskey="e"',
1
+ − 304
'PARENTFLAGS' => 'id="mdgToolbar_edit"',
+ − 305
'HREF' => makeUrl($paths->page, 'do=edit', true),
+ − 306
'TEXT' => 'edit this page'
+ − 307
));
+ − 308
$tb .= $button->run();
+ − 309
// View source button
+ − 310
}
+ − 311
else if($session->get_permissions('view_source') && ( !$session->get_permissions('edit_page') || !$session->get_permissions('even_when_protected') && $paths->page_protected ) && $paths->namespace != 'Special' && $paths->namespace != 'Admin')
+ − 312
{
+ − 313
$button->assign_vars(array(
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 314
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxViewSource()); return false; }" title="View the source code (wiki markup) that this page uses (alt-e)" accesskey="e"',
1
+ − 315
'PARENTFLAGS' => 'id="mdgToolbar_edit"',
+ − 316
'HREF' => makeUrl($paths->page, 'do=viewsource', true),
+ − 317
'TEXT' => 'view source'
+ − 318
));
+ − 319
$tb .= $button->run();
+ − 320
}
+ − 321
// History button
+ − 322
if ( $session->get_permissions('read') /* && $paths->wiki_mode */ && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' && $session->get_permissions('history_view') )
+ − 323
{
+ − 324
$button->assign_vars(array(
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 325
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxHistory()); return false; }" title="View a log of actions taken on this page (alt-h)" accesskey="h"',
1
+ − 326
'PARENTFLAGS' => 'id="mdgToolbar_history"',
+ − 327
'HREF' => makeUrl($paths->page, 'do=history', true),
+ − 328
'TEXT' => 'history'
+ − 329
));
+ − 330
$tb .= $button->run();
+ − 331
}
+ − 332
+ − 333
$menubtn = $this->makeParserText($tplvars['toolbar_menu_button']);
+ − 334
+ − 335
// Additional actions menu
+ − 336
// Rename button
+ − 337
if ( $session->get_permissions('read') && $paths->page_exists && ( $session->get_permissions('rename') && ( $paths->page_protected && $session->get_permissions('even_when_protected') || !$paths->page_protected ) ) && $paths->namespace != 'Special' && $paths->namespace != 'Admin' )
+ − 338
{
+ − 339
$menubtn->assign_vars(array(
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 340
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxRename()); return false; }" title="Change the display name of this page (alt-r)" accesskey="r"',
1
+ − 341
'HREF' => makeUrl($paths->page, 'do=rename', true),
+ − 342
'TEXT' => 'rename',
+ − 343
));
+ − 344
$this->toolbar_menu .= $menubtn->run();
+ − 345
}
+ − 346
+ − 347
// Vote-to-delete button
+ − 348
if ( $paths->wiki_mode && $session->get_permissions('vote_delete') && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin')
+ − 349
{
+ − 350
$menubtn->assign_vars(array(
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 351
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxDelVote()); return false; }" title="Vote to have this page deleted (alt-d)" accesskey="d"',
1
+ − 352
'HREF' => makeUrl($paths->page, 'do=delvote', true),
+ − 353
'TEXT' => 'vote to delete this page',
+ − 354
));
+ − 355
$this->toolbar_menu .= $menubtn->run();
+ − 356
}
+ − 357
+ − 358
// Clear-votes button
+ − 359
if ( $session->get_permissions('read') && $paths->wiki_mode && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' && $session->get_permissions('vote_reset') && $paths->cpage['delvotes'] > 0)
+ − 360
{
+ − 361
$menubtn->assign_vars(array(
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 362
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxResetDelVotes()); return false; }" title="Vote to have this page deleted (alt-y)" accesskey="y"',
1
+ − 363
'HREF' => makeUrl($paths->page, 'do=resetvotes', true),
+ − 364
'TEXT' => 'reset deletion votes',
+ − 365
));
+ − 366
$this->toolbar_menu .= $menubtn->run();
+ − 367
}
+ − 368
+ − 369
// Printable page button
+ − 370
if ( $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' )
+ − 371
{
+ − 372
$menubtn->assign_vars(array(
+ − 373
'FLAGS' => 'title="View a version of this page that is suitable for printing"',
+ − 374
'HREF' => makeUrl($paths->page, 'printable=yes', true),
+ − 375
'TEXT' => 'view printable version',
+ − 376
));
+ − 377
$this->toolbar_menu .= $menubtn->run();
+ − 378
}
+ − 379
+ − 380
// Protect button
+ − 381
if($session->get_permissions('read') && $paths->wiki_mode && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' && $session->get_permissions('protect'))
+ − 382
{
+ − 383
+ − 384
$label = $this->makeParserText($tplvars['toolbar_label']);
+ − 385
$label->assign_vars(array('TEXT' => 'protection:'));
+ − 386
$t0 = $label->run();
+ − 387
+ − 388
$ctmp = '';
+ − 389
if ( $paths->cpage['protected'] == 1 )
+ − 390
{
+ − 391
$ctmp=' style="text-decoration: underline;"';
+ − 392
}
+ − 393
$menubtn->assign_vars(array(
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 394
'FLAGS' => 'accesskey="i" onclick="if ( !KILL_SWITCH ) { ajaxProtect(1); return false; }" id="protbtn_1" title="Prevents all non-administrators from editing this page. [alt-i]"'.$ctmp,
1
+ − 395
'HREF' => makeUrl($paths->page, 'do=protect&level=1', true),
+ − 396
'TEXT' => 'on'
+ − 397
));
+ − 398
$t1 = $menubtn->run();
+ − 399
+ − 400
$ctmp = '';
+ − 401
if ( $paths->cpage['protected'] == 0 )
+ − 402
{
+ − 403
$ctmp=' style="text-decoration: underline;"';
+ − 404
}
+ − 405
$menubtn->assign_vars(array(
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 406
'FLAGS' => 'accesskey="o" onclick="if ( !KILL_SWITCH ) { ajaxProtect(0); return false; }" id="protbtn_0" title="Allows everyone to edit this page. [alt-o]"'.$ctmp,
1
+ − 407
'HREF' => makeUrl($paths->page, 'do=protect&level=0', true),
+ − 408
'TEXT' => 'off'
+ − 409
));
+ − 410
$t2 = $menubtn->run();
+ − 411
+ − 412
$ctmp = '';
+ − 413
if ( $paths->cpage['protected'] == 2 )
+ − 414
{
+ − 415
$ctmp = ' style="text-decoration: underline;"';
+ − 416
}
+ − 417
$menubtn->assign_vars(array(
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 418
'FLAGS' => 'accesskey="p" onclick="if ( !KILL_SWITCH ) { ajaxProtect(2); return false; }" id="protbtn_2" title="Allows only users who have been registered for 4 days to edit this page. [alt-p]"'.$ctmp,
1
+ − 419
'HREF' => makeUrl($paths->page, 'do=protect&level=2', true),
+ − 420
'TEXT' => 'semi'
+ − 421
));
+ − 422
$t3 = $menubtn->run();
+ − 423
+ − 424
$this->toolbar_menu .= ' <table border="0" cellspacing="0" cellpadding="0">
+ − 425
<tr>
+ − 426
<td>'.$t0.'</td>
+ − 427
<td>'.$t1.'</td>
+ − 428
<td>'.$t2.'</td>
+ − 429
<td>'.$t3.'</td>
+ − 430
</tr>
+ − 431
</table>';
+ − 432
}
+ − 433
+ − 434
// Wiki mode button
+ − 435
if($session->get_permissions('read') && $paths->page_exists && $session->get_permissions('set_wiki_mode') && $paths->namespace != 'Special' && $paths->namespace != 'Admin')
+ − 436
{
+ − 437
// label at start
+ − 438
$label = $this->makeParserText($tplvars['toolbar_label']);
+ − 439
$label->assign_vars(array('TEXT' => 'page wiki mode:'));
+ − 440
$t0 = $label->run();
+ − 441
+ − 442
// on button
+ − 443
$ctmp = '';
+ − 444
if ( $paths->cpage['wiki_mode'] == 1 )
+ − 445
{
+ − 446
$ctmp = ' style="text-decoration: underline;"';
+ − 447
}
+ − 448
$menubtn->assign_vars(array(
102
+ − 449
'FLAGS' => /* 'onclick="if ( !KILL_SWITCH ) { ajaxSetWikiMode(1); return false; }" id="wikibtn_1" title="Forces wiki functions to be allowed on this page."'. */ $ctmp,
1
+ − 450
'HREF' => makeUrl($paths->page, 'do=setwikimode&level=1', true),
+ − 451
'TEXT' => 'on'
+ − 452
));
+ − 453
$t1 = $menubtn->run();
+ − 454
+ − 455
// off button
+ − 456
$ctmp = '';
+ − 457
if ( $paths->cpage['wiki_mode'] == 0 )
+ − 458
{
+ − 459
$ctmp=' style="text-decoration: underline;"';
+ − 460
}
+ − 461
$menubtn->assign_vars(array(
102
+ − 462
'FLAGS' => /* 'onclick="if ( !KILL_SWITCH ) { ajaxSetWikiMode(0); return false; }" id="wikibtn_0" title="Forces wiki functions to be disabled on this page."'. */ $ctmp,
1
+ − 463
'HREF' => makeUrl($paths->page, 'do=setwikimode&level=0', true),
+ − 464
'TEXT' => 'off'
+ − 465
));
+ − 466
$t2 = $menubtn->run();
+ − 467
+ − 468
// global button
+ − 469
$ctmp = '';
+ − 470
if ( $paths->cpage['wiki_mode'] == 2 )
+ − 471
{
+ − 472
$ctmp=' style="text-decoration: underline;"';
+ − 473
}
+ − 474
$menubtn->assign_vars(array(
102
+ − 475
'FLAGS' => /* 'onclick="if ( !KILL_SWITCH ) { ajaxSetWikiMode(2); return false; }" id="wikibtn_2" title="Causes this page to use the global wiki mode setting (default)"'. */ $ctmp,
1
+ − 476
'HREF' => makeUrl($paths->page, 'do=setwikimode&level=2', true),
+ − 477
'TEXT' => 'global'
+ − 478
));
+ − 479
$t3 = $menubtn->run();
+ − 480
+ − 481
// Tack it onto the list of buttons that are already there...
+ − 482
$this->toolbar_menu .= ' <table border="0" cellspacing="0" cellpadding="0">
+ − 483
<tr>
+ − 484
<td>'.$t0.'</td>
+ − 485
<td>'.$t1.'</td>
+ − 486
<td>'.$t2.'</td>
+ − 487
<td>'.$t3.'</td>
+ − 488
</tr>
+ − 489
</table>';
+ − 490
}
+ − 491
+ − 492
// Clear logs button
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 493
if ( $session->get_permissions('read') && $session->get_permissions('clear_logs') && $paths->namespace != 'Special' && $paths->namespace != 'Admin' )
1
+ − 494
{
+ − 495
$menubtn->assign_vars(array(
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 496
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxClearLogs()); return false; }" title="Remove all edit and action logs for this page from the database. IRREVERSIBLE! (alt-l)" accesskey="l"',
1
+ − 497
'HREF' => makeUrl($paths->page, 'do=flushlogs', true),
+ − 498
'TEXT' => 'clear page logs',
+ − 499
));
+ − 500
$this->toolbar_menu .= $menubtn->run();
+ − 501
}
+ − 502
+ − 503
// Delete page button
+ − 504
if ( $session->get_permissions('read') && $session->get_permissions('delete_page') && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' )
+ − 505
{
+ − 506
$s = 'delete this page';
+ − 507
if ( $paths->cpage['delvotes'] == 1 )
+ − 508
{
+ − 509
$s .= ' (<b>'.$paths->cpage['delvotes'].'</b> vote)';
+ − 510
}
+ − 511
else if ( $paths->cpage['delvotes'] > 1 )
+ − 512
{
+ − 513
$s .= ' (<b>'.$paths->cpage['delvotes'].'</b> votes)';
+ − 514
}
+ − 515
+ − 516
$menubtn->assign_vars(array(
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 517
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxDeletePage()); return false; }" title="Delete this page. This is always reversible unless the logs are cleared. (alt-k)" accesskey="k"',
1
+ − 518
'HREF' => makeUrl($paths->page, 'do=deletepage', true),
+ − 519
'TEXT' => $s,
+ − 520
));
+ − 521
$this->toolbar_menu .= $menubtn->run();
+ − 522
+ − 523
}
+ − 524
+ − 525
// Password-protect button
+ − 526
if(isset($paths->cpage['password']))
+ − 527
{
+ − 528
if ( $paths->cpage['password'] == '' )
+ − 529
{
+ − 530
$a = $session->get_permissions('password_set');
+ − 531
}
+ − 532
else
+ − 533
{
+ − 534
$a = $session->get_permissions('password_reset');
+ − 535
}
+ − 536
}
+ − 537
else
+ − 538
{
+ − 539
$a = $session->get_permissions('password_set');
+ − 540
}
+ − 541
if ( $a && $session->get_permissions('read') && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' )
+ − 542
{
+ − 543
// label at start
+ − 544
$label = $this->makeParserText($tplvars['toolbar_label']);
13
fdd6b9dd42c3
Installer actually works now on dev servers; minor language change in template.php; code cleanliness fix in sessions.php
Dan
diff
changeset
+ − 545
$label->assign_vars(array('TEXT' => 'page password:'));
1
+ − 546
$t0 = $label->run();
+ − 547
+ − 548
$menubtn->assign_vars(array(
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 549
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxSetPassword()); return false; }" title="Require a password in order for this page to be viewed"',
1
+ − 550
'HREF' => '#',
+ − 551
'TEXT' => 'set',
+ − 552
));
+ − 553
$t = $menubtn->run();
+ − 554
+ − 555
$this->toolbar_menu .= '<table border="0" cellspacing="0" cellpadding="0"><tr><td>'.$t0.'</td><td><input type="password" id="mdgPassSetField" size="10" /></td><td>'.$t.'</td></tr></table>';
+ − 556
}
+ − 557
+ − 558
// Manage ACLs button
+ − 559
if($session->get_permissions('edit_acl') || $session->user_level >= USER_LEVEL_ADMIN)
+ − 560
{
+ − 561
$menubtn->assign_vars(array(
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 562
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { return ajaxOpenACLManager(); }" title="Manage who can do what with this page (alt-m)" accesskey="m"',
1
+ − 563
'HREF' => makeUrl($paths->page, 'do=aclmanager', true),
+ − 564
'TEXT' => 'manage page access',
+ − 565
));
+ − 566
$this->toolbar_menu .= $menubtn->run();
+ − 567
}
+ − 568
+ − 569
// Administer page button
+ − 570
if ( $session->user_level >= USER_LEVEL_ADMIN && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' )
+ − 571
{
+ − 572
$menubtn->assign_vars(array(
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 573
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxAdminPage()); return false; }" title="Administrative options for this page" accesskey="g"',
1
+ − 574
'HREF' => makeUrlNS('Special', 'Administration', 'module='.$paths->nslist['Admin'].'PageManager', true),
+ − 575
'TEXT' => 'administrative options',
+ − 576
));
+ − 577
$this->toolbar_menu .= $menubtn->run();
+ − 578
}
+ − 579
+ − 580
if ( strlen($this->toolbar_menu) > 0 )
+ − 581
{
+ − 582
$button->assign_vars(array(
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 583
'FLAGS' => 'id="mdgToolbar_moreoptions" onclick="if ( !KILL_SWITCH ) { return false; }" title="Additional options for working with this page"',
1
+ − 584
'PARENTFLAGS' => '',
+ − 585
'HREF' => makeUrl($paths->page, 'do=moreoptions', true),
+ − 586
'TEXT' => 'more options'
+ − 587
));
+ − 588
$tb .= $button->run();
+ − 589
}
+ − 590
+ − 591
$is_opera = (isset($_SERVER['HTTP_USER_AGENT']) && strstr($_SERVER['HTTP_USER_AGENT'], 'Opera')) ? true : false;
+ − 592
+ − 593
$this->tpl_bool = Array(
+ − 594
'auth_admin'=>$session->user_level >= USER_LEVEL_ADMIN ? true : false,
+ − 595
'user_logged_in'=>$session->user_logged_in,
+ − 596
'opera'=>$is_opera,
+ − 597
);
+ − 598
+ − 599
if($session->sid_super) { $ash = '&auth='.$session->sid_super; $asq = "?auth=".$session->sid_super; $asa = "&auth=".$session->sid_super; $as2 = htmlspecialchars(urlSeparator).'auth='.$session->sid_super; }
+ − 600
else { $asq=''; $asa=''; $as2 = ''; $ash = ''; }
+ − 601
+ − 602
$code = $plugins->setHook('compile_template');
+ − 603
foreach ( $code as $cmd )
+ − 604
{
+ − 605
eval($cmd);
+ − 606
}
+ − 607
+ − 608
// Some additional sidebar processing
+ − 609
if($this->sidebar_extra != '') {
+ − 610
$se = $this->sidebar_extra;
+ − 611
$parser = $this->makeParserText($tplvars['sidebar_section_raw']);
+ − 612
$parser->assign_vars(Array('TITLE'=>'Links','CONTENT'=>$se));
+ − 613
$this->sidebar_extra = $parser->run();
+ − 614
}
+ − 615
+ − 616
$this->sidebar_extra = $this->sidebar_extra.$this->sidebar_widgets;
+ − 617
+ − 618
$this->tpl_bool['fixed_menus'] = false;
+ − 619
/* if($this->sidebar_extra == '') $this->tpl_bool['right_sidebar'] = false;
+ − 620
else */ $this->tpl_bool['right_sidebar'] = true;
+ − 621
+ − 622
$this->tpl_bool['auth_rename'] = ( $paths->page_exists && ( $session->get_permissions('rename') && ( $paths->page_protected && $session->get_permissions('even_when_protected') || !$paths->page_protected ) ) && $paths->namespace != 'Special' && $paths->namespace != 'Admin');
+ − 623
+ − 624
$this->tpl_bool['enable_uploads'] = ( getConfig('enable_uploads') == '1' && $session->get_permissions('upload_files') ) ? true : false;
+ − 625
+ − 626
$this->tpl_bool['stupid_mode'] = false;
+ − 627
+ − 628
if($paths->page == $paths->nslist['Special'].'Administration') $this->tpl_bool['in_admin'] = true;
+ − 629
else $this->tpl_bool['in_admin'] = false;
+ − 630
+ − 631
$p = ( isset($_GET['printable']) ) ? '/printable' : '';
+ − 632
+ − 633
// Add the e-mail address client code to the header
+ − 634
$this->add_header($email->jscode());
+ − 635
+ − 636
// Generate the code for the Log out and Change theme sidebar buttons
+ − 637
// Once again, the new template parsing system can be used here
+ − 638
+ − 639
$parser = $this->makeParserText($tplvars['sidebar_button']);
+ − 640
+ − 641
$parser->assign_vars(Array(
+ − 642
'HREF'=>makeUrlNS('Special', 'Logout'),
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 643
'FLAGS'=>'onclick="if ( !KILL_SWITCH ) { mb_logout(); return false; }"',
1
+ − 644
'TEXT'=>'Log out',
+ − 645
));
+ − 646
+ − 647
$logout_link = $parser->run();
+ − 648
+ − 649
$parser->assign_vars(Array(
+ − 650
'HREF'=>makeUrlNS('Special', 'Login/' . $paths->page),
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 651
'FLAGS'=>'onclick="if ( !KILL_SWITCH ) { ajaxStartLogin(); return false; }"',
1
+ − 652
'TEXT'=>'Log in',
+ − 653
));
+ − 654
+ − 655
$login_link = $parser->run();
+ − 656
+ − 657
$parser->assign_vars(Array(
+ − 658
'HREF'=>makeUrlNS('Special', 'ChangeStyle/'.$paths->page),
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 659
'FLAGS'=>'onclick="if ( !KILL_SWITCH ) { ajaxChangeStyle(); return false; }"',
1
+ − 660
'TEXT'=>'Change theme',
+ − 661
));
+ − 662
+ − 663
$theme_link = $parser->run();
+ − 664
60
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 665
$parser->assign_vars(Array(
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 666
'HREF'=>makeUrlNS('Special', 'Administration'),
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 667
'FLAGS'=>'onclick="if ( !KILL_SWITCH ) { void(ajaxStartAdminLogin()); return false; }"',
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 668
'TEXT'=>'Administration',
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 669
));
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 670
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 671
$admin_link = $parser->run();
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 672
1
+ − 673
$SID = ($session->sid_super) ? $session->sid_super : '';
+ − 674
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 675
$urlname_clean = str_replace('\'', '\\\'', str_replace('\\', '\\\\', dirtify_page_id($paths->fullpage)));
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 676
$urlname_clean = strtr( $urlname_clean, array( '<' => '<', '>' => '>' ) );
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 677
22
+ − 678
$urlname_jssafe = sanitize_page_id($paths->fullpage);
+ − 679
1
+ − 680
// Generate the dynamic javascript vars
+ − 681
$js_dynamic = ' <script type="text/javascript">// <![CDATA[
+ − 682
// This section defines some basic and very important variables that are used later in the static Javascript library.
+ − 683
// SKIN DEVELOPERS: The template variable for this code block is {JS_DYNAMIC_VARS}. This MUST be inserted BEFORE the tag that links to the main Javascript lib.
22
+ − 684
var title=\''. $urlname_jssafe .'\';
1
+ − 685
var page_exists='. ( ( $paths->page_exists) ? 'true' : 'false' ) .';
+ − 686
var scriptPath=\''. scriptPath .'\';
+ − 687
var contentPath=\''.contentPath.'\';
+ − 688
var ENANO_SID =\'' . $SID . '\';
+ − 689
var auth_level=' . $session->auth_level . ';
+ − 690
var USER_LEVEL_GUEST = ' . USER_LEVEL_GUEST . ';
+ − 691
var USER_LEVEL_MEMBER = ' . USER_LEVEL_MEMBER . ';
+ − 692
var USER_LEVEL_CHPREF = ' . USER_LEVEL_CHPREF . ';
+ − 693
var USER_LEVEL_MOD = ' . USER_LEVEL_MOD . ';
+ − 694
var USER_LEVEL_ADMIN = ' . USER_LEVEL_ADMIN . ';
+ − 695
var editNotice = \'' . ( (getConfig('wiki_edit_notice')=='1') ? str_replace("\n", "\\\n", RenderMan::render(getConfig('wiki_edit_notice_text'))) : '' ) . '\';
+ − 696
var prot = ' . ( ($paths->page_protected && !$session->get_permissions('even_when_protected')) ? 'true' : 'false' ) .'; // No, hacking this var won\'t work, it\'s re-checked on the server
+ − 697
var ENANO_SPECIAL_CREATEPAGE = \''. makeUrl($paths->nslist['Special'].'CreatePage') .'\';
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 698
var ENANO_CREATEPAGE_PARAMS = \'_do=&pagename='. $urlname_clean .'&namespace=' . $paths->namespace . '\';
1
+ − 699
var ENANO_SPECIAL_CHANGESTYLE = \''. makeUrlNS('Special', 'ChangeStyle') .'\';
+ − 700
var namespace_list = new Array();
+ − 701
var AES_BITS = '.AES_BITS.';
+ − 702
var AES_BLOCKSIZE = '.AES_BLOCKSIZE.';
+ − 703
var pagepass = \''. ( ( isset($_REQUEST['pagepass']) ) ? sha1($_REQUEST['pagepass']) : '' ) .'\';
+ − 704
var ENANO_THEME_LIST = \'';
+ − 705
foreach($this->theme_list as $t) {
+ − 706
if($t['enabled'])
+ − 707
{
+ − 708
$js_dynamic .= '<option value="'.$t['theme_id'].'"';
29
e5484a9e0818
Rewrote change theme dialog; a few minor stability fixes here and there; fixed IE + St Patty background image
Dan
diff
changeset
+ − 709
// if($t['theme_id'] == $session->theme) $js_dynamic .= ' selected="selected"';
1
+ − 710
$js_dynamic .= '>'.$t['theme_name'].'</option>';
+ − 711
}
+ − 712
}
+ − 713
$js_dynamic .= '\';
+ − 714
var ENANO_CURRENT_THEME = \''. $session->theme .'\';';
+ − 715
foreach($paths->nslist as $k => $c)
+ − 716
{
+ − 717
$js_dynamic .= "namespace_list['{$k}'] = '$c';";
+ − 718
}
+ − 719
$js_dynamic .= "\n //]]>\n </script>";
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 720
1
+ − 721
$tpl_strings = Array(
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 722
'PAGE_NAME'=>htmlspecialchars($paths->cpage['name']),
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 723
'PAGE_URLNAME'=> $urlname_clean,
40
+ − 724
'SITE_NAME'=>htmlspecialchars(getConfig('site_name')),
1
+ − 725
'USERNAME'=>$session->username,
40
+ − 726
'SITE_DESC'=>htmlspecialchars(getConfig('site_desc')),
1
+ − 727
'TOOLBAR'=>$tb,
+ − 728
'SCRIPTPATH'=>scriptPath,
+ − 729
'CONTENTPATH'=>contentPath,
+ − 730
'ADMIN_SID_QUES'=>$asq,
+ − 731
'ADMIN_SID_AMP'=>$asa,
+ − 732
'ADMIN_SID_AMP_HTML'=>$ash,
+ − 733
'ADMIN_SID_AUTO'=>$as2,
114
47393c6619ea
Nothing special, just syncing to Scribus, several bugs have been found with GET forms and a fix is in the works
Dan
diff
changeset
+ − 734
'ADMIN_SID_RAW'=> ( is_string($session->sid_super) ? $session->sid_super : '' ),
1
+ − 735
'ADDITIONAL_HEADERS'=>$this->additional_headers,
91
+ − 736
'COPYRIGHT'=>RenderMan::parse_internal_links(getConfig('copyright_notice')),
1
+ − 737
'TOOLBAR_EXTRAS'=>$this->toolbar_menu,
+ − 738
'REQUEST_URI'=>$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'],
+ − 739
'STYLE_LINK'=>makeUrlNS('Special', 'CSS'.$p, null, true), //contentPath.$paths->nslist['Special'].'CSS' . $p,
+ − 740
'LOGIN_LINK'=>$login_link,
+ − 741
'LOGOUT_LINK'=>$logout_link,
60
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 742
'ADMIN_LINK'=>$admin_link,
1
+ − 743
'THEME_LINK'=>$theme_link,
+ − 744
'TEMPLATE_DIR'=>scriptPath.'/themes/'.$this->theme,
+ − 745
'THEME_ID'=>$this->theme,
+ − 746
'STYLE_ID'=>$this->style,
+ − 747
'JS_DYNAMIC_VARS'=>$js_dynamic,
85
7c68a18a27be
AJAX comments are now paginated; plugin manager can now show system plugins; typo in installer corrected; links in oxygen/stpatty/admin footers changed to "About Enano" page; 1.0.1 release candidate
Dan
diff
changeset
+ − 748
'UNREAD_PMS'=>$session->unread_pms,
86
c162ca39db8f
Finished pagination code (was incomplete in previous revision) and added a few hacks for an upcoming theme
Dan
diff
changeset
+ − 749
'URL_ABOUT_ENANO' => makeUrlNS('Special', 'About_Enano', '', true)
1
+ − 750
);
+ − 751
+ − 752
foreach ( $paths->nslist as $ns_id => $ns_prefix )
+ − 753
{
+ − 754
$tpl_strings[ 'NS_' . strtoupper($ns_id) ] = $ns_prefix;
+ − 755
}
+ − 756
+ − 757
$this->tpl_strings = array_merge($tpl_strings, $this->tpl_strings);
+ − 758
list($this->tpl_strings['SIDEBAR_LEFT'], $this->tpl_strings['SIDEBAR_RIGHT'], $min) = $this->fetch_sidebar();
+ − 759
$this->tpl_bool['sidebar_left'] = ( $this->tpl_strings['SIDEBAR_LEFT'] != $min) ? true : false;
+ − 760
$this->tpl_bool['sidebar_right'] = ( $this->tpl_strings['SIDEBAR_RIGHT'] != $min) ? true : false;
+ − 761
$this->tpl_bool['right_sidebar'] = $this->tpl_bool['sidebar_right']; // backward compatibility
+ − 762
}
+ − 763
+ − 764
function header($simple = false)
+ − 765
{
+ − 766
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 767
ob_start();
+ − 768
+ − 769
if(!$this->theme_loaded)
+ − 770
{
+ − 771
$this->load_theme($session->theme, $session->style);
+ − 772
}
+ − 773
+ − 774
$headers_sent = true;
+ − 775
dc_here('template: generating and sending the page header');
+ − 776
if(!defined('ENANO_HEADERS_SENT'))
+ − 777
define('ENANO_HEADERS_SENT', '');
+ − 778
if(!$this->no_headers) echo ( $simple ) ? $this->process_template('simple-header.tpl') : $this->process_template('header.tpl');
+ − 779
if ( !$simple && $session->user_logged_in && $session->unread_pms > 0 )
+ − 780
{
+ − 781
echo $this->notify_unread_pms();
+ − 782
}
+ − 783
if ( !$simple && $session->sw_timed_out )
+ − 784
{
+ − 785
$login_link = makeUrlNS('Special', 'Login/' . $paths->fullpage, 'level=' . $session->user_level, true);
+ − 786
echo '<div class="usermessage">';
+ − 787
echo '<b>Your administrative session has timed out.</b> <a href="' . $login_link . '">Log in again</a>';
+ − 788
echo '</div>';
+ − 789
}
30
+ − 790
if ( $this->site_disabled && $session->user_level >= USER_LEVEL_ADMIN && ( $paths->page != $paths->nslist['Special'] . 'Administration' ) )
+ − 791
{
+ − 792
$admin_link = makeUrlNS('Special', 'Administration', 'module=' . $paths->nslist['Admin'] . 'GeneralConfig', true);
+ − 793
echo '<div class="usermessage"><b>The site is currently disabled and thus is only accessible to administrators.</b><br />
+ − 794
You can re-enable the site through the <a href="' . $admin_link . '">administration panel</a>.
+ − 795
</div>';
+ − 796
}
1
+ − 797
}
+ − 798
function footer($simple = false)
+ − 799
{
+ − 800
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 801
dc_here('template: generating and sending the page footer');
+ − 802
if(!$this->no_headers) {
+ − 803
+ − 804
if(!defined('ENANO_HEADERS_SENT'))
+ − 805
$this->header();
+ − 806
+ − 807
global $_starttime;
+ − 808
if(isset($_GET['sqldbg']) && $session->get_permissions('mod_misc'))
+ − 809
{
+ − 810
echo '<h3>Query list as requested on URI</h3><pre style="margin-left: 1em">';
+ − 811
echo $db->sql_backtrace();
+ − 812
echo '</pre>';
+ − 813
}
+ − 814
+ − 815
$f = microtime_float();
+ − 816
$f = $f - $_starttime;
+ − 817
$f = round($f, 4);
+ − 818
$dbg = 'Time: '.$f.'s | Queries: '.$db->num_queries;
+ − 819
$t = ( $simple ) ? $this->process_template('simple-footer.tpl') : $this->process_template('footer.tpl');
+ − 820
$t = str_replace('[[Stats]]', $dbg, $t);
+ − 821
$t = str_replace('[[NumQueries]]', (string)$db->num_queries, $t);
+ − 822
$t = str_replace('[[GenTime]]', (string)$f, $t);
+ − 823
echo $t;
+ − 824
+ − 825
ob_end_flush();
+ − 826
}
+ − 827
else return '';
+ − 828
}
+ − 829
function getHeader()
+ − 830
{
+ − 831
$headers_sent = true;
+ − 832
dc_here('template: generating and sending the page header');
+ − 833
if(!defined('ENANO_HEADERS_SENT'))
+ − 834
define('ENANO_HEADERS_SENT', '');
+ − 835
if(!$this->no_headers) return $this->process_template('header.tpl');
+ − 836
}
+ − 837
function getFooter()
+ − 838
{
+ − 839
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 840
dc_here('template: generating and sending the page footer');
+ − 841
if(!$this->no_headers) {
+ − 842
global $_starttime;
+ − 843
$t = '';
+ − 844
+ − 845
if(isset($_GET['sqldbg']) && $session->get_permissions('mod_misc'))
+ − 846
{
+ − 847
$t .= '<h3>Query list as requested on URI</h3><pre style="margin-left: 1em">';
+ − 848
$t .= $db->sql_backtrace();
+ − 849
$t .= '</pre>';
+ − 850
}
+ − 851
+ − 852
$f = microtime_float();
+ − 853
$f = $f - $_starttime;
+ − 854
$f = round($f, 4);
+ − 855
$dbg = 'Time: '.$f.'s | Queries: '.$db->num_queries;
+ − 856
$t.= $this->process_template('footer.tpl');
+ − 857
$t = str_replace('[[Stats]]', $dbg, $t);
+ − 858
$t = str_replace('[[NumQueries]]', (string)$db->num_queries, $t);
+ − 859
$t = str_replace('[[GenTime]]', (string)$f, $t);
+ − 860
return $t;
+ − 861
}
+ − 862
else return '';
+ − 863
}
+ − 864
+ − 865
function process_template($file) {
+ − 866
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 867
if(!defined('ENANO_TEMPLATE_LOADED'))
+ − 868
{
+ − 869
$this->load_theme();
+ − 870
$this->init_vars();
+ − 871
}
+ − 872
eval($this->compile_template($file));
+ − 873
return $tpl_code;
+ − 874
}
+ − 875
+ − 876
function extract_vars($file) {
+ − 877
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 878
if(!$this->theme)
+ − 879
{
+ − 880
die('$template->extract_vars(): theme not yet loaded, so we can\'t open template files yet...this is a bug and should be reported.<br /><br />Backtrace, most recent call first:<pre>'.enano_debug_print_backtrace(true).'</pre>');
+ − 881
}
+ − 882
if(!is_file(ENANO_ROOT . '/themes/'.$this->theme.'/'.$file)) die('Cannot find '.$file.' file for style "'.$this->theme.'", exiting');
+ − 883
$text = file_get_contents(ENANO_ROOT . '/themes/'.$this->theme.'/'.$file);
+ − 884
preg_match_all('#<\!-- VAR ([A-z0-9_-]*) -->(.*?)<\!-- ENDVAR \\1 -->#is', $text, $matches);
+ − 885
$tplvars = Array();
+ − 886
for($i=0;$i<sizeof($matches[1]);$i++)
+ − 887
{
+ − 888
$tplvars[$matches[1][$i]] = $matches[2][$i];
+ − 889
}
+ − 890
return $tplvars;
+ − 891
}
+ − 892
function compile_template($text) {
+ − 893
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 894
if(!is_file(ENANO_ROOT . '/themes/'.$this->theme.'/'.$text)) die('Cannot find '.$text.' file for style, exiting');
+ − 895
$n = $text;
+ − 896
$tpl_filename = ENANO_ROOT . '/cache/' . $this->theme . '-' . str_replace('/', '-', $n) . '.php';
+ − 897
if(!is_file(ENANO_ROOT . '/themes/'.$this->theme.'/'.$text)) die('Cannot find '.$text.' file for style, exiting');
+ − 898
if(file_exists($tpl_filename) && getConfig('cache_thumbs')=='1')
+ − 899
{
+ − 900
include($tpl_filename);
+ − 901
$text = file_get_contents(ENANO_ROOT . '/themes/'.$this->theme.'/'.$text);
+ − 902
if(isset($md5) && $md5 == md5($text)) {
+ − 903
return str_replace('\\"', '"', $tpl_text);
+ − 904
}
+ − 905
}
+ − 906
$text = file_get_contents(ENANO_ROOT . '/themes/'.$this->theme.'/'.$n);
+ − 907
+ − 908
$md5 = md5($text);
+ − 909
+ − 910
$seed = md5 ( microtime() . mt_rand() );
+ − 911
preg_match_all("/<\?php(.*?)\?>/is", $text, $m);
+ − 912
//die('<pre>'.htmlspecialchars(print_r($m, true)).'</pre>');
+ − 913
for($i = 0; $i < sizeof($m[1]); $i++)
+ − 914
{
+ − 915
$text = str_replace("<?php{$m[1][$i]}?>", "{PHPCODE:{$i}:{$seed}}", $text);
+ − 916
}
+ − 917
//die('<pre>'.htmlspecialchars($text).'</pre>');
+ − 918
$text = 'ob_start(); echo \''.str_replace('\'', '\\\'', $text).'\'; $tpl_code = ob_get_contents(); ob_end_clean();';
+ − 919
$text = preg_replace('#<!-- BEGIN (.*?) -->#is', '\'; if(isset($this->tpl_bool[\'\\1\']) && $this->tpl_bool[\'\\1\']) { echo \'', $text);
+ − 920
$text = preg_replace('#<!-- IFSET (.*?) -->#is', '\'; if(isset($this->tpl_strings[\'\\1\'])) { echo \'', $text);
+ − 921
$text = preg_replace('#<!-- IFPLUGIN (.*?) -->#is', '\'; if(getConfig(\'plugin_\\1\')==\'1\') { echo \'', $text);
+ − 922
$text = preg_replace('#<!-- SYSMSG (.*?) -->#is', '\'; echo $template->tplWikiFormat($paths->sysMsg(\'\\1\')); echo \'', $text);
+ − 923
$text = preg_replace('#<!-- BEGINNOT (.*?) -->#is', '\'; if(!$this->tpl_bool[\'\\1\']) { echo \'', $text);
+ − 924
$text = preg_replace('#<!-- BEGINELSE (.*?) -->#is', '\'; } else { echo \'', $text);
+ − 925
$text = preg_replace('#<!-- END (.*?) -->#is', '\'; } echo \'', $text);
+ − 926
$text = preg_replace('#\{([A-z0-9]*)\}#is', '\'.$this->tpl_strings[\'\\1\'].\'', $text);
+ − 927
for($i = 0; $i < sizeof($m[1]); $i++)
+ − 928
{
+ − 929
$text = str_replace("{PHPCODE:{$i}:{$seed}}", "'; {$m[1][$i]} echo '", $text);
+ − 930
}
+ − 931
if(is_writable(ENANO_ROOT.'/cache/') && getConfig('cache_thumbs')=='1')
+ − 932
{
+ − 933
//die($tpl_filename);
+ − 934
$h = fopen($tpl_filename, 'w');
+ − 935
if(!$h) return $text;
+ − 936
$t = addslashes($text);
+ − 937
fwrite($h, '<?php $md5 = \''.$md5.'\'; $tpl_text = \''.$t.'\'; ?>');
+ − 938
fclose($h);
+ − 939
}
+ − 940
return $text; //('<pre>'.htmlspecialchars($text).'</pre>');
+ − 941
}
+ − 942
+ − 943
function compile_template_text($text) {
+ − 944
$seed = md5 ( microtime() . mt_rand() );
+ − 945
preg_match_all("/<\?php(.*?)\?>/is", $text, $m);
+ − 946
//die('<pre>'.htmlspecialchars(print_r($m, true)).'</pre>');
+ − 947
for($i = 0; $i < sizeof($m[1]); $i++)
+ − 948
{
+ − 949
$text = str_replace("<?php{$m[1][$i]}?>", "{PHPCODE:{$i}:{$seed}}", $text);
+ − 950
}
+ − 951
//die('<pre>'.htmlspecialchars($text).'</pre>');
+ − 952
$text = 'ob_start(); echo \''.str_replace('\'', '\\\'', $text).'\'; $tpl_code = ob_get_contents(); ob_end_clean(); return $tpl_code;';
+ − 953
$text = preg_replace('#<!-- BEGIN (.*?) -->#is', '\'; if(isset($this->tpl_bool[\'\\1\']) && $this->tpl_bool[\'\\1\']) { echo \'', $text);
+ − 954
$text = preg_replace('#<!-- IFSET (.*?) -->#is', '\'; if(isset($this->tpl_strings[\'\\1\'])) { echo \'', $text);
+ − 955
$text = preg_replace('#<!-- IFPLUGIN (.*?) -->#is', '\'; if(getConfig(\'plugin_\\1\')==\'1\') { echo \'', $text);
+ − 956
$text = preg_replace('#<!-- SYSMSG (.*?) -->#is', '\'; echo $template->tplWikiFormat($paths->sysMsg(\'\\1\')); echo \'', $text);
+ − 957
$text = preg_replace('#<!-- BEGINNOT (.*?) -->#is', '\'; if(!$this->tpl_bool[\'\\1\']) { echo \'', $text);
+ − 958
$text = preg_replace('#<!-- BEGINELSE (.*?) -->#is', '\'; } else { echo \'', $text);
+ − 959
$text = preg_replace('#<!-- END (.*?) -->#is', '\'; } echo \'', $text);
+ − 960
$text = preg_replace('#\{([A-z0-9]*)\}#is', '\'.$this->tpl_strings[\'\\1\'].\'', $text);
+ − 961
for($i = 0; $i < sizeof($m[1]); $i++)
+ − 962
{
+ − 963
$text = str_replace("{PHPCODE:{$i}:{$seed}}", "'; {$m[1][$i]} echo '", $text);
+ − 964
}
+ − 965
return $text; //('<pre>'.htmlspecialchars($text).'</pre>');
+ − 966
}
+ − 967
+ − 968
function parse($text)
+ − 969
{
+ − 970
$text = $this->compile_template_text($text);
+ − 971
return eval($text);
+ − 972
}
+ − 973
+ − 974
// Steps to turn this:
+ − 975
// [[Project:Community Portal]]
+ − 976
// into this:
+ − 977
// <a href="/Project:Community_Portal">Community Portal</a>
+ − 978
// Must be done WITHOUT creating eval'ed code!!!
+ − 979
+ − 980
// 1. preg_replace \[\[([a-zA-Z0-9 -_:]*?)\]\] with <a href="'.contentPath.'\\1">\\1</a>
+ − 981
// 2. preg_match_all <a href="'.preg_quote(contentPath).'([a-zA-Z0-9 -_:]*?)">
+ − 982
// 3. For each match, replace matches with identifiers
+ − 983
// 4. For each match, str_replace ' ' with '_'
+ − 984
// 5. For each match, str_replace match_id:random_val with $matches[$match_id]
+ − 985
+ − 986
// The template language is really a miniature programming language; with variables, conditionals, everything!
+ − 987
// So you can implement custom logic into your sidebar if you wish.
+ − 988
// "Real" PHP support coming soon :-D
+ − 989
+ − 990
function tplWikiFormat($message, $filter_links = false, $filename = 'elements.tpl') {
+ − 991
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 992
$filter_links = false;
+ − 993
$tplvars = $this->extract_vars($filename);
+ − 994
if($session->sid_super) $as = htmlspecialchars(urlSeparator).'auth='.$session->sid_super;
+ − 995
else $as = '';
+ − 996
error_reporting(E_ALL);
+ − 997
$random_id = sha1(microtime().''); // A temp value
+ − 998
+ − 999
/*
+ − 1000
* PREPROCESSOR
+ − 1001
*/
+ − 1002
+ − 1003
// Variables
+ − 1004
+ − 1005
preg_match_all('#\$([A-Z_-]+)\$#', $message, $links);
+ − 1006
$links = $links[1];
+ − 1007
+ − 1008
for($i=0;$i<sizeof($links);$i++)
+ − 1009
{
+ − 1010
$message = str_replace('$'.$links[$i].'$', $this->tpl_strings[$links[$i]], $message);
+ − 1011
}
+ − 1012
+ − 1013
// Conditionals
+ − 1014
+ − 1015
preg_match_all('#\{if ([A-Za-z0-9_ &\|\!-]*)\}(.*?)\{\/if\}#is', $message, $links);
+ − 1016
+ − 1017
for($i=0;$i<sizeof($links[1]);$i++)
+ − 1018
{
+ − 1019
$message = str_replace('{if '.$links[1][$i].'}'.$links[2][$i].'{/if}', '{CONDITIONAL:'.$i.':'.$random_id.'}', $message);
+ − 1020
+ − 1021
// Time for some manual parsing...
+ − 1022
$chk = false;
+ − 1023
$current_id = '';
+ − 1024
$prn_level = 0;
+ − 1025
// Used to keep track of where we are in the conditional
+ − 1026
// Object of the game: turn {if this && ( that OR !something_else )} ... {/if} into if( ( isset($this->tpl_bool['that']) && $this->tpl_bool['that'] ) && ...
+ − 1027
// Method of attack: escape all variables, ignore all else. Non-valid code is filtered out by a regex above.
+ − 1028
$in_var_now = true;
+ − 1029
$in_var_last = false;
+ − 1030
$current_var = '';
+ − 1031
$current_var_start_pos = 0;
+ − 1032
$current_var_end_pos = 0;
+ − 1033
$j = -1;
+ − 1034
$links[1][$i] = $links[1][$i] . ' ';
+ − 1035
$d = strlen($links[1][$i]);
+ − 1036
while($j < $d)
+ − 1037
{
+ − 1038
$j++;
+ − 1039
$in_var_last = $in_var_now;
+ − 1040
+ − 1041
$char = substr($links[1][$i], $j, 1);
+ − 1042
$in_var_now = ( preg_match('#^([A-z0-9_]*){1}$#', $char) ) ? true : false;
+ − 1043
if(!$in_var_last && $in_var_now)
+ − 1044
{
+ − 1045
$current_var_start_pos = $j;
+ − 1046
}
+ − 1047
if($in_var_last && !$in_var_now)
+ − 1048
{
+ − 1049
$current_var_end_pos = $j;
+ − 1050
}
+ − 1051
if($in_var_now)
+ − 1052
{
+ − 1053
$current_var .= $char;
+ − 1054
continue;
+ − 1055
}
+ − 1056
// OK we are not inside of a variable. That means that we JUST hit the end because the counter ($j) will be advanced to the beginning of the next variable once processing here is complete.
+ − 1057
if($char != ' ' && $char != '(' && $char != ')' && $char != 'A' && $char != 'N' && $char != 'D' && $char != 'O' && $char != 'R' && $char != '&' && $char != '|' && $char != '!' && $char != '<' && $char != '>' && $char != '0' && $char != '1' && $char != '2' && $char != '3' && $char != '4' && $char != '5' && $char != '6' && $char != '7' && $char != '8' && $char != '9')
+ − 1058
{
+ − 1059
// XSS attack! Bail out
+ − 1060
echo '<p><b>Error:</b> Syntax error (possibly XSS attack) caught in template code:</p>';
+ − 1061
echo '<pre>';
+ − 1062
echo '{if '.$links[1][$i].'}';
+ − 1063
echo "\n ";
+ − 1064
for($k=0;$k<$j;$k++) echo " ";
+ − 1065
echo '<span style="color: red;">^</span>';
+ − 1066
echo '</pre>';
+ − 1067
continue 2;
+ − 1068
}
+ − 1069
if($current_var != '')
+ − 1070
{
+ − 1071
$cd = '( isset($this->tpl_bool[\''.$current_var.'\']) && $this->tpl_bool[\''.$current_var.'\'] )';
+ − 1072
$cvt = substr($links[1][$i], 0, $current_var_start_pos) . $cd . substr($links[1][$i], $current_var_end_pos, strlen($links[1][$i]));
+ − 1073
$j = $j + strlen($cd) - strlen($current_var);
+ − 1074
$current_var = '';
+ − 1075
$links[1][$i] = $cvt;
+ − 1076
$d = strlen($links[1][$i]);
+ − 1077
}
+ − 1078
}
+ − 1079
$links[1][$i] = substr($links[1][$i], 0, strlen($links[1][$i])-1);
+ − 1080
$links[1][$i] = '$chk = ( '.$links[1][$i].' ) ? true : false;';
+ − 1081
eval($links[1][$i]);
+ − 1082
+ − 1083
if($chk) { // isset($this->tpl_bool[$links[1][$i]]) && $this->tpl_bool[$links[1][$i]]
+ − 1084
if(strstr($links[2][$i], '{else}')) $c = substr($links[2][$i], 0, strpos($links[2][$i], '{else}'));
+ − 1085
else $c = $links[2][$i];
+ − 1086
$message = str_replace('{CONDITIONAL:'.$i.':'.$random_id.'}', $c, $message);
+ − 1087
} else {
+ − 1088
if(strstr($links[2][$i], '{else}')) $c = substr($links[2][$i], strpos($links[2][$i], '{else}')+6, strlen($links[2][$i]));
+ − 1089
else $c = '';
+ − 1090
$message = str_replace('{CONDITIONAL:'.$i.':'.$random_id.'}', $c, $message);
+ − 1091
}
+ − 1092
}
+ − 1093
+ − 1094
preg_match_all('#\{!if ([A-Za-z_-]*)\}(.*?)\{\/if\}#is', $message, $links);
+ − 1095
+ − 1096
for($i=0;$i<sizeof($links[1]);$i++)
+ − 1097
{
+ − 1098
$message = str_replace('{!if '.$links[1][$i].'}'.$links[2][$i].'{/if}', '{CONDITIONAL:'.$i.':'.$random_id.'}', $message);
+ − 1099
if(isset($this->tpl_bool[$links[1][$i]]) && $this->tpl_bool[$links[1][$i]]) {
+ − 1100
if(strstr($links[2][$i], '{else}')) $c = substr($links[2][$i], strpos($links[2][$i], '{else}')+6, strlen($links[2][$i]));
+ − 1101
else $c = '';
+ − 1102
$message = str_replace('{CONDITIONAL:'.$i.':'.$random_id.'}', $c, $message);
+ − 1103
} else {
+ − 1104
if(strstr($links[2][$i], '{else}')) $c = substr($links[2][$i], 0, strpos($links[2][$i], '{else}'));
+ − 1105
else $c = $links[2][$i];
+ − 1106
$message = str_replace('{CONDITIONAL:'.$i.':'.$random_id.'}', $c, $message);
+ − 1107
}
+ − 1108
}
+ − 1109
+ − 1110
/*
+ − 1111
* HTML RENDERER
+ − 1112
*/
+ − 1113
+ − 1114
// Images
+ − 1115
$j = preg_match_all('#\[\[:'.$paths->nslist['File'].'([\w\s0-9_\(\)!@%\^\+\|\.-]+?)\]\]#is', $message, $matchlist);
+ − 1116
$matches = Array();
+ − 1117
$matches['images'] = $matchlist[1];
+ − 1118
for($i=0;$i<sizeof($matchlist[1]);$i++)
+ − 1119
{
+ − 1120
if(isPage($paths->nslist['File'].$matches['images'][$i]))
+ − 1121
{
+ − 1122
$message = str_replace('[[:'.$paths->nslist['File'].$matches['images'][$i].']]',
+ − 1123
'<img alt="'.$matches['images'][$i].'" style="border: 0" src="'.makeUrlNS('Special', 'DownloadFile/'.$matches['images'][$i]).'" />',
+ − 1124
$message);
+ − 1125
}
+ − 1126
}
+ − 1127
+ − 1128
// Internal links
+ − 1129
+ − 1130
$text_parser = $this->makeParserText($tplvars['sidebar_button']);
+ − 1131
+ − 1132
preg_match_all('#\[\[([a-zA-Z0-9 -_]*?)\]\]#is', $message, $il);
+ − 1133
for($i=0;$i<sizeof($il[1]);$i++)
+ − 1134
{
+ − 1135
$href = makeUrl(str_replace(' ', '_', $il[1][$i]), null, true);
59
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1136
$text_parser->assign_vars(Array(
1
+ − 1137
'HREF' => $href,
+ − 1138
'FLAGS' => '',
+ − 1139
'TEXT' => $il[1][$i]
+ − 1140
));
+ − 1141
$message = str_replace("[[{$il[1][$i]}]]", $text_parser->run(), $message);
+ − 1142
}
+ − 1143
+ − 1144
preg_match_all('#\[\[([a-zA-Z0-9 -_]*?)\|([a-zA-Z0-9!@\#\$%\^&\*\(\)\{\} -_]*?)\]\]#is', $message, $il);
+ − 1145
for($i=0;$i<sizeof($il[1]);$i++)
+ − 1146
{
+ − 1147
$href = makeUrl(str_replace(' ', '_', $il[1][$i]), null, true);
+ − 1148
$text_parser->assign_vars(Array(
+ − 1149
'HREF' => $href,
+ − 1150
'FLAGS' => '',
+ − 1151
'TEXT' => $il[2][$i]
+ − 1152
));
+ − 1153
$message = str_replace("[[{$il[1][$i]}|{$il[2][$i]}]]", $text_parser->run(), $message);
+ − 1154
}
+ − 1155
+ − 1156
// External links
59
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1157
// $message = preg_replace('#\[(http|ftp|irc):\/\/([a-z0-9\/:_\.\?&%\#@_\\\\-]+?) ([^\]]+)\\]#', '<a href="\\1://\\2">\\3</a><br style="display: none;" />', $message);
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1158
// $message = preg_replace('#\[(http|ftp|irc):\/\/([a-z0-9\/:_\.\?&%\#@_\\\\-]+?)\\]#', '<a href="\\1://\\2">\\1://\\2</a><br style="display: none;" />', $message);
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1159
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1160
preg_match_all('#\[(http|ftp|irc):\/\/([a-z0-9\/:_\.\?&%\#@_\\\\-]+?)\\ ([^\]]+)]#', $message, $ext_link);
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1161
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1162
for ( $i = 0; $i < count($ext_link[0]); $i++ )
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1163
{
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1164
$text_parser->assign_vars(Array(
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1165
'HREF' => "{$ext_link[1][$i]}://{$ext_link[2][$i]}",
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1166
'FLAGS' => '',
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1167
'TEXT' => $ext_link[3][$i]
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1168
));
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1169
$message = str_replace($ext_link[0][$i], $text_parser->run(), $message);
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1170
}
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1171
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1172
preg_match_all('#\[(http|ftp|irc):\/\/([a-z0-9\/:_\.\?&%\#@_\\\\-]+?)\\]#', $message, $ext_link);
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1173
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1174
for ( $i = 0; $i < count($ext_link[0]); $i++ )
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1175
{
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1176
$text_parser->assign_vars(Array(
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1177
'HREF' => "{$ext_link[1][$i]}://{$ext_link[2][$i]}",
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1178
'FLAGS' => '',
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1179
'TEXT' => htmlspecialchars("{$ext_link[1][$i]}://{$ext_link[2][$i]}")
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1180
));
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1181
$message = str_replace($ext_link[0][$i], $text_parser->run(), $message);
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1182
}
1
+ − 1183
+ − 1184
$parser1 = $this->makeParserText($tplvars['sidebar_section']);
+ − 1185
$parser2 = $this->makeParserText($tplvars['sidebar_section_raw']);
+ − 1186
60
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 1187
preg_match_all('#\{slider(2|)=([^\}]*?)\}(.*?)\{\/slider(2|)\}#is', $message, $sb);
1
+ − 1188
+ − 1189
// Modified to support the sweet new template var system
+ − 1190
for($i=0;$i<sizeof($sb[1]);$i++)
+ − 1191
{
+ − 1192
$p = ($sb[1][$i] == '2') ? $parser2 : $parser1;
+ − 1193
$p->assign_vars(Array('TITLE'=>$sb[2][$i],'CONTENT'=>$sb[3][$i]));
+ − 1194
$message = str_replace("{slider{$sb[1][$i]}={$sb[2][$i]}}{$sb[3][$i]}{/slider{$sb[4][$i]}}", $p->run(), $message);
+ − 1195
}
+ − 1196
+ − 1197
/*
+ − 1198
Extras ;-)
+ − 1199
$message = preg_replace('##is', '', $message);
+ − 1200
$message = preg_replace('##is', '', $message);
+ − 1201
$message = preg_replace('##is', '', $message);
+ − 1202
$message = preg_replace('##is', '', $message);
+ − 1203
$message = preg_replace('##is', '', $message);
+ − 1204
*/
+ − 1205
+ − 1206
//die('<pre>'.htmlspecialchars($message).'</pre>');
+ − 1207
//eval($message); exit;
+ − 1208
return $message;
+ − 1209
}
+ − 1210
+ − 1211
/**
+ − 1212
* Print a text field that auto-completes a username entered into it.
+ − 1213
* @param string $name - the name of the form field
+ − 1214
* @return string
+ − 1215
*/
+ − 1216
+ − 1217
function username_field($name, $value = false)
+ − 1218
{
+ − 1219
$randomid = md5( time() . microtime() . mt_rand() );
+ − 1220
$text = '<input name="'.$name.'" onkeyup="ajaxUserNameComplete(this)" autocomplete="off" type="text" size="30" id="userfield_'.$randomid.'"';
+ − 1221
if($value) $text .= ' value="'.$value.'"';
+ − 1222
$text .= ' />';
+ − 1223
return $text;
+ − 1224
}
+ − 1225
+ − 1226
/**
+ − 1227
* Print a text field that auto-completes a page name entered into it.
+ − 1228
* @param string $name - the name of the form field
+ − 1229
* @return string
+ − 1230
*/
+ − 1231
+ − 1232
function pagename_field($name, $value = false)
+ − 1233
{
+ − 1234
$randomid = md5( time() . microtime() . mt_rand() );
+ − 1235
$text = '<input name="'.$name.'" onkeyup="ajaxPageNameComplete(this)" type="text" size="30" id="pagefield_'.$randomid.'"';
+ − 1236
if($value) $text .= ' value="'.$value.'"';
+ − 1237
$text .= ' />';
+ − 1238
$text .= '<script type="text/javascript">
+ − 1239
var inp = document.getElementById(\'pagefield_' . $randomid . '\');
+ − 1240
var f = get_parent_form(inp);
+ − 1241
if ( f )
+ − 1242
{
+ − 1243
if ( typeof(f.onsubmit) != \'function\' )
+ − 1244
{
+ − 1245
f.onsubmit = function() {
+ − 1246
if ( !submitAuthorized )
+ − 1247
{
+ − 1248
return false;
+ − 1249
}
+ − 1250
}
+ − 1251
}
+ − 1252
}</script>';
+ − 1253
return $text;
+ − 1254
}
+ − 1255
+ − 1256
/**
+ − 1257
* Sends a textarea that can be converted to and from a TinyMCE widget on the fly.
+ − 1258
* @param string The name of the form element
+ − 1259
* @param string The initial content. Optional, defaults to blank
+ − 1260
* @param int Rows in textarea
+ − 1261
* @param int Columns in textarea
+ − 1262
* @return string HTML and Javascript code.
+ − 1263
*/
+ − 1264
+ − 1265
function tinymce_textarea($name, $content = '', $rows = 20, $cols = 60)
+ − 1266
{
+ − 1267
$randomid = md5(microtime() . mt_rand());
+ − 1268
$html = '';
+ − 1269
$html .= '<textarea name="' . $name . '" rows="'.$rows.'" cols="'.$cols.'" style="width: 100%;" id="toggleMCEroot_'.$randomid.'">' . $content . '</textarea>';
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 1270
$html .= '<div style="float: right; display: table;" id="mceSwitchAgent_' . $randomid . '">text editor | <a href="#" onclick="if ( !KILL_SWITCH ) { toggleMCE_'.$randomid.'(); return false; }">graphical editor</a></div>';
1
+ − 1271
$html .= '<script type="text/javascript">
+ − 1272
// <![CDATA[
+ − 1273
function toggleMCE_'.$randomid.'()
+ − 1274
{
+ − 1275
var the_obj = document.getElementById(\'toggleMCEroot_' . $randomid . '\');
+ − 1276
var panel = document.getElementById(\'mceSwitchAgent_' . $randomid . '\');
+ − 1277
if ( the_obj.dnIsMCE == "yes" )
+ − 1278
{
+ − 1279
$dynano(the_obj).destroyMCE();
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 1280
panel.innerHTML = \'text editor | <a href="#" onclick="if ( !KILL_SWITCH ) { toggleMCE_'.$randomid.'(); return false; }">graphical editor</a>\';
1
+ − 1281
}
+ − 1282
else
+ − 1283
{
+ − 1284
$dynano(the_obj).switchToMCE();
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 1285
panel.innerHTML = \'<a href="#" onclick="if ( !KILL_SWITCH ) { toggleMCE_'.$randomid.'(); return false; }">text editor</a> | graphical editor\';
1
+ − 1286
}
+ − 1287
}
+ − 1288
// ]]>
+ − 1289
</script>';
+ − 1290
return $html;
+ − 1291
}
+ − 1292
+ − 1293
/**
+ − 1294
* Allows individual parsing of template files. Similar to phpBB but follows the spirit of object-oriented programming ;)
+ − 1295
* Returns on object of class templateIndividual. Usage instructions can be found in the inline docs for that class.
+ − 1296
* @param $filename the filename of the template to be parsed
+ − 1297
* @return object
+ − 1298
*/
+ − 1299
+ − 1300
function makeParser($filename)
+ − 1301
{
+ − 1302
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1303
$filename = ENANO_ROOT.'/themes/'.$template->theme.'/'.$filename;
+ − 1304
if(!file_exists($filename)) die('templateIndividual: file '.$filename.' does not exist');
+ − 1305
$code = file_get_contents($filename);
+ − 1306
$parser = new templateIndividual($code);
+ − 1307
return $parser;
+ − 1308
}
+ − 1309
+ − 1310
/**
+ − 1311
* Same as $template->makeParser(), but takes a string instead of a filename.
+ − 1312
* @param $text the text to parse
+ − 1313
* @return object
+ − 1314
*/
+ − 1315
+ − 1316
function makeParserText($code)
+ − 1317
{
+ − 1318
$parser = new templateIndividual($code);
+ − 1319
return $parser;
+ − 1320
}
+ − 1321
+ − 1322
/**
+ − 1323
* Fetch the HTML for a plugin-added sidebar block
+ − 1324
* @param $name the plugin name
+ − 1325
* @return string
+ − 1326
*/
+ − 1327
+ − 1328
function fetch_block($id)
+ − 1329
{
+ − 1330
if(isset($this->plugin_blocks[$id])) return $this->plugin_blocks[$id];
+ − 1331
else return false;
+ − 1332
}
+ − 1333
+ − 1334
/**
+ − 1335
* Fetches the contents of both sidebars.
+ − 1336
* @return array - key 0 is left, key 1 is right
+ − 1337
* @example list($left, $right) = $template->fetch_sidebar();
+ − 1338
*/
+ − 1339
+ − 1340
function fetch_sidebar()
+ − 1341
{
+ − 1342
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1343
+ − 1344
$left = '';
+ − 1345
$right = '';
+ − 1346
+ − 1347
if ( !$this->fetch_block('Links') )
+ − 1348
$this->initLinksWidget();
+ − 1349
+ − 1350
$q = $db->sql_query('SELECT item_id,sidebar_id,block_name,block_type,block_content FROM '.table_prefix.'sidebar WHERE item_enabled=1 ORDER BY sidebar_id ASC, item_order ASC;');
+ − 1351
if(!$q) $db->_die('The sidebar text data could not be selected.');
+ − 1352
+ − 1353
$vars = $this->extract_vars('elements.tpl');
+ − 1354
+ − 1355
if(isset($vars['sidebar_top']))
+ − 1356
{
+ − 1357
$left .= $this->parse($vars['sidebar_top']);
+ − 1358
$right .= $this->parse($vars['sidebar_top']);
+ − 1359
}
+ − 1360
while($row = $db->fetchrow())
+ − 1361
{
+ − 1362
switch($row['block_type'])
+ − 1363
{
+ − 1364
case BLOCK_WIKIFORMAT:
+ − 1365
default:
+ − 1366
$parser = $this->makeParserText($vars['sidebar_section']);
+ − 1367
$c = RenderMan::render($row['block_content']);
+ − 1368
break;
+ − 1369
case BLOCK_TEMPLATEFORMAT:
+ − 1370
$parser = $this->makeParserText($vars['sidebar_section']);
+ − 1371
$c = $this->tplWikiFormat($row['block_content']);
+ − 1372
break;
+ − 1373
case BLOCK_HTML:
+ − 1374
$parser = $this->makeParserText($vars['sidebar_section_raw']);
+ − 1375
$c = $row['block_content'];
+ − 1376
break;
+ − 1377
case BLOCK_PHP:
+ − 1378
$parser = $this->makeParserText($vars['sidebar_section_raw']);
+ − 1379
ob_start();
+ − 1380
@eval($row['block_content']);
+ − 1381
$c = ob_get_contents();
+ − 1382
ob_end_clean();
+ − 1383
break;
+ − 1384
case BLOCK_PLUGIN:
+ − 1385
$parser = $this->makeParserText($vars['sidebar_section_raw']);
+ − 1386
$c = (gettype($this->fetch_block($row['block_content'])) == 'string') ? $this->fetch_block($row['block_content']) : 'Can\'t find plugin block';
+ − 1387
break;
+ − 1388
}
+ − 1389
$parser->assign_vars(Array( 'TITLE'=>$this->tplWikiFormat($row['block_name']), 'CONTENT'=>$c ));
+ − 1390
if ($row['sidebar_id'] == SIDEBAR_LEFT ) $left .= $parser->run();
+ − 1391
elseif($row['sidebar_id'] == SIDEBAR_RIGHT) $right .= $parser->run();
+ − 1392
unset($parser);
+ − 1393
}
+ − 1394
$db->free_result();
+ − 1395
if(isset($vars['sidebar_bottom']))
+ − 1396
{
+ − 1397
$left .= $this->parse($vars['sidebar_bottom']);
+ − 1398
$right .= $this->parse($vars['sidebar_bottom']);
+ − 1399
}
+ − 1400
$min = '';
+ − 1401
if(isset($vars['sidebar_top']))
+ − 1402
{
+ − 1403
$min .= $this->parse($vars['sidebar_top']);
+ − 1404
}
+ − 1405
if(isset($vars['sidebar_bottom']))
+ − 1406
{
+ − 1407
$min .= $this->parse($vars['sidebar_bottom']);
+ − 1408
}
+ − 1409
return Array($left, $right, $min);
+ − 1410
}
+ − 1411
+ − 1412
function initLinksWidget()
+ − 1413
{
+ − 1414
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1415
// SourceForge/W3C buttons
+ − 1416
$ob = Array();
27
dd659f6ba891
Converting all tables on new installations to UTF-8; this may break MySQL 4.0 compatibility; several minor cosmetic fixes; set Powered button under Links to "on" by default
Dan
diff
changeset
+ − 1417
$admintitle = ( $session->user_level >= USER_LEVEL_ADMIN ) ? 'title="You may disable this button in the admin panel under General Configuration."' : '';
1
+ − 1418
if(getConfig('sflogo_enabled')=='1')
+ − 1419
{
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 1420
$ob[] = '<a style="text-align: center;" href="http://sourceforge.net/" onclick="if ( !KILL_SWITCH ) { window.open(this.href);return false; }"><img style="border-width: 0px;" alt="SourceForge.net Logo" src="http://sflogo.sourceforge.net/sflogo.php?group_id='.getConfig('sflogo_groupid').'&type='.getConfig('sflogo_type').'" /></a>';
1
+ − 1421
}
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 1422
if(getConfig('w3c_v32') =='1') $ob[] = '<a style="text-align: center;" href="http://validator.w3.org/check?uri=referer" onclick="if ( !KILL_SWITCH ) { window.open(this.href);return false; }"><img style="border: 0px solid #FFFFFF;" alt="Valid HTML 3.2" src="http://www.w3.org/Icons/valid-html32" /></a>';
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 1423
if(getConfig('w3c_v40') =='1') $ob[] = '<a style="text-align: center;" href="http://validator.w3.org/check?uri=referer" onclick="if ( !KILL_SWITCH ) { window.open(this.href);return false; }"><img style="border: 0px solid #FFFFFF;" alt="Valid HTML 4.0" src="http://www.w3.org/Icons/valid-html40" /></a>';
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 1424
if(getConfig('w3c_v401') =='1') $ob[] = '<a style="text-align: center;" href="http://validator.w3.org/check?uri=referer" onclick="if ( !KILL_SWITCH ) { window.open(this.href);return false; }"><img style="border: 0px solid #FFFFFF;" alt="Valid HTML 4.01" src="http://www.w3.org/Icons/valid-html401" /></a>';
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 1425
if(getConfig('w3c_vxhtml10')=='1') $ob[] = '<a style="text-align: center;" href="http://validator.w3.org/check?uri=referer" onclick="if ( !KILL_SWITCH ) { window.open(this.href);return false; }"><img style="border: 0px solid #FFFFFF;" alt="Valid XHTML 1.0" src="http://www.w3.org/Icons/valid-xhtml10" /></a>';
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 1426
if(getConfig('w3c_vxhtml11')=='1') $ob[] = '<a style="text-align: center;" href="http://validator.w3.org/check?uri=referer" onclick="if ( !KILL_SWITCH ) { window.open(this.href);return false; }"><img style="border: 0px solid #FFFFFF;" alt="Valid XHTML 1.1" src="http://www.w3.org/Icons/valid-xhtml11" /></a>';
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 1427
if(getConfig('w3c_vcss') =='1') $ob[] = '<a style="text-align: center;" href="http://validator.w3.org/check?uri=referer" onclick="if ( !KILL_SWITCH ) { window.open(this.href);return false; }"><img style="border: 0px solid #FFFFFF;" alt="Valid CSS" src="http://www.w3.org/Icons/valid-css" /></a>';
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 1428
if(getConfig('dbd_button') =='1') $ob[] = '<a style="text-align: center;" href="http://www.defectivebydesign.org/join/button" onclick="if ( !KILL_SWITCH ) { window.open(this.href);return false; }"><img style="border: 0px solid #FFFFFF;" alt="DRM technology restricts what you can do with your computer" src="http://defectivebydesign.org/sites/nodrm.civicactions.net/files/images/dbd_sm_btn.gif" /><br /><small>Protect your freedom >></small></a>';
1
+ − 1429
+ − 1430
$code = $plugins->setHook('links_widget');
+ − 1431
foreach ( $code as $cmd )
+ − 1432
{
+ − 1433
eval($cmd);
+ − 1434
}
+ − 1435
71
+ − 1436
if(count($ob) > 0 || getConfig('powered_btn') == '1') $sb_links = '<div style="text-align: center; padding: 5px 0;">'. ( ( getConfig('powered_btn') == '1' ) ? $this->fading_button : '' ) . implode('<br />', $ob).'</div>';
1
+ − 1437
else $sb_links = '';
+ − 1438
+ − 1439
$this->sidebar_widget('Links', $sb_links);
+ − 1440
}
+ − 1441
+ − 1442
/**
+ − 1443
* Builds a box showing unread private messages.
+ − 1444
*/
+ − 1445
+ − 1446
function notify_unread_pms()
+ − 1447
{
+ − 1448
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1449
if ( ( $paths->cpage['urlname_nons'] == 'PrivateMessages' || $paths->cpage['urlname_nons'] == 'Preferences' ) && $paths->namespace == 'Special' )
+ − 1450
{
+ − 1451
return '';
+ − 1452
}
+ − 1453
$ob = '<div class="usermessage">'."\n";
+ − 1454
$s = ( $session->unread_pms == 1 ) ? '' : 's';
+ − 1455
$ob .= " <b>You have $session->unread_pms <a href=" . '"' . makeUrlNS('Special', 'PrivateMessages' ) . '"' . ">unread private message$s</a>.</b><br />\n Messages: ";
+ − 1456
$q = $db->sql_query('SELECT message_id,message_from,subject,date FROM '.table_prefix.'privmsgs WHERE message_to=\'' . $session->username . '\' AND message_read=0 ORDER BY date DESC;');
+ − 1457
if ( !$q )
+ − 1458
$db->_die();
+ − 1459
$messages = array();
+ − 1460
while ( $row = $db->fetchrow() )
+ − 1461
{
+ − 1462
$messages[] = '<a href="' . makeUrlNS('Special', 'PrivateMessages/View/' . $row['message_id']) . '" title="Sent ' . date('F d, Y h:i a', $row['date']) . ' by ' . $row['message_from'] . '">' . $row['subject'] . '</a>';
+ − 1463
}
+ − 1464
$ob .= implode(",\n " , $messages)."\n";
+ − 1465
$ob .= '</div>'."\n";
+ − 1466
return $ob;
+ − 1467
}
+ − 1468
+ − 1469
} // class template
+ − 1470
+ − 1471
/**
+ − 1472
* Handles parsing of an individual template file. Instances should only be created through $template->makeParser(). To use:
+ − 1473
* - Call $template->makeParser(template file name) - file name should be something.tpl, css/whatever.css, etc.
+ − 1474
* - Make an array of strings you want the template to access. $array['STRING'] would be referenced in the template like {STRING}
+ − 1475
* - Make an array of boolean values. These can be used for conditionals in the template (<!-- IF something --> whatever <!-- ENDIF something -->)
+ − 1476
* - Call assign_vars() to pass the strings to the template parser. Same thing with assign_bool().
+ − 1477
* - Call run() to parse the template and get your fully compiled HTML.
+ − 1478
* @access private
+ − 1479
*/
+ − 1480
+ − 1481
class templateIndividual extends template {
+ − 1482
var $tpl_strings, $tpl_bool, $tpl_code;
+ − 1483
var $compiled = false;
+ − 1484
/**
+ − 1485
* Constructor.
+ − 1486
*/
+ − 1487
function __construct($text)
+ − 1488
{
+ − 1489
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1490
$this->tpl_code = $text;
+ − 1491
$this->tpl_strings = $template->tpl_strings;
+ − 1492
$this->tpl_bool = $template->tpl_bool;
+ − 1493
}
+ − 1494
/**
+ − 1495
* PHP 4 constructor.
+ − 1496
*/
+ − 1497
function templateIndividual($text)
+ − 1498
{
+ − 1499
$this->__construct($text);
+ − 1500
}
+ − 1501
/**
+ − 1502
* Assigns an array of string values to the template. Strings can be accessed from the template by inserting {KEY_NAME} in the template file.
+ − 1503
* @param $vars array
+ − 1504
*/
+ − 1505
function assign_vars($vars)
+ − 1506
{
+ − 1507
$this->tpl_strings = array_merge($this->tpl_strings, $vars);
+ − 1508
}
+ − 1509
/**
+ − 1510
* Assigns an array of boolean values to the template. These can be used for <!-- IF ... --> statements.
+ − 1511
* @param $vars array
+ − 1512
*/
+ − 1513
function assign_bool($vars)
+ − 1514
{
+ − 1515
$this->tpl_bool = array_merge($this->tpl_bool, $vars);
+ − 1516
}
+ − 1517
/**
+ − 1518
* Compiles and executes the template code.
+ − 1519
* @return string
+ − 1520
*/
+ − 1521
function run()
+ − 1522
{
+ − 1523
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1524
if(!$this->compiled)
+ − 1525
{
+ − 1526
$this->tpl_code = $this->compile_template_text($this->tpl_code);
+ − 1527
$this->compiled = true;
+ − 1528
}
+ − 1529
return eval($this->tpl_code);
+ − 1530
}
+ − 1531
}
+ − 1532
+ − 1533
/**
+ − 1534
* A version of the template compiler that does not rely at all on the other parts of Enano. Used during installation and for showing
+ − 1535
* "critical error" messages. ** REQUIRES ** the Oxygen theme.
+ − 1536
*/
+ − 1537
+ − 1538
class template_nodb {
+ − 1539
var $tpl_strings, $tpl_bool, $theme, $style, $no_headers, $additional_headers, $sidebar_extra, $sidebar_widgets, $toolbar_menu, $theme_list;
+ − 1540
function __construct() {
+ − 1541
+ − 1542
$this->tpl_bool = Array();
+ − 1543
$this->tpl_strings = Array();
+ − 1544
$this->sidebar_extra = '';
+ − 1545
$this->sidebar_widgets = '';
+ − 1546
$this->toolbar_menu = '';
+ − 1547
$this->additional_headers = '';
+ − 1548
+ − 1549
$this->theme_list = Array(Array(
+ − 1550
'theme_id'=>'oxygen',
+ − 1551
'theme_name'=>'Oxygen',
+ − 1552
'theme_order'=>1,
+ − 1553
'enabled'=>1,
+ − 1554
));
+ − 1555
}
+ − 1556
function template() {
+ − 1557
$this->__construct();
+ − 1558
}
+ − 1559
function get_css($s = false) {
+ − 1560
if($s)
+ − 1561
return $this->process_template('css/'.$s);
+ − 1562
else
+ − 1563
return $this->process_template('css/'.$this->style.'.css');
+ − 1564
}
+ − 1565
function load_theme($name, $css, $auto_init = true) {
+ − 1566
$this->theme = $name;
+ − 1567
$this->style = $css;
+ − 1568
+ − 1569
$this->tpl_strings['SCRIPTPATH'] = scriptPath;
+ − 1570
if ( $auto_init )
+ − 1571
$this->init_vars();
+ − 1572
}
+ − 1573
function init_vars()
+ − 1574
{
+ − 1575
global $sideinfo;
+ − 1576
global $this_page;
+ − 1577
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1578
$tplvars = $this->extract_vars('elements.tpl');
+ − 1579
$tb = '';
+ − 1580
// Get the "article" button text (depends on namespace)
+ − 1581
if(defined('IN_ENANO_INSTALL')) $ns = 'installation page';
+ − 1582
else $ns = 'system error page';
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 1583
$t = str_replace('{FLAGS}', 'onclick="if ( !KILL_SWITCH ) { return false; }" title="Hey! A button that doesn\'t do anything. Clever..." accesskey="a"', $tplvars['toolbar_button']);
1
+ − 1584
$t = str_replace('{HREF}', '#', $t);
+ − 1585
$t = str_replace('{TEXT}', $ns, $t);
+ − 1586
$tb .= $t;
+ − 1587
+ − 1588
// Page toolbar
+ − 1589
+ − 1590
$this->tpl_bool = Array(
+ − 1591
'auth_admin'=>true,
+ − 1592
'user_logged_in'=>true,
+ − 1593
'right_sidebar'=>false,
+ − 1594
);
+ − 1595
$this->tpl_bool['in_sidebar_admin'] = false;
+ − 1596
+ − 1597
$this->tpl_bool['auth_rename'] = false;
+ − 1598
+ − 1599
$asq = $asa = '';
+ − 1600
+ − 1601
$this->tpl_bool['fixed_menus'] = false;
+ − 1602
$slink = defined('IN_ENANO_INSTALL') ? scriptPath.'/install.php?mode=css' : makeUrlNS('Special', 'CSS');
+ − 1603
+ − 1604
$title = ( is_object($paths) ) ? $paths->page : 'Critical error';
+ − 1605
+ − 1606
// The rewritten template engine will process all required vars during the load_template stage instead of (cough) re-processing everything each time around.
+ − 1607
$tpl_strings = Array(
+ − 1608
'PAGE_NAME'=>$this_page,
+ − 1609
'PAGE_URLNAME'=>'Null',
+ − 1610
'SITE_NAME'=>'Enano Installation',
+ − 1611
'USERNAME'=>'admin',
+ − 1612
'SITE_DESC'=>'Install Enano on your server.',
+ − 1613
'TOOLBAR'=>$tb,
+ − 1614
'SCRIPTPATH'=>scriptPath,
+ − 1615
'CONTENTPATH'=>contentPath,
+ − 1616
'ADMIN_SID_QUES'=>$asq,
+ − 1617
'ADMIN_SID_AMP'=>$asa,
+ − 1618
'ADMIN_SID_AMP_HTML'=>'',
+ − 1619
'ADDITIONAL_HEADERS'=>'<style type="text/css">div.pagenav { border-top: 1px solid #CCC; padding-top: 7px; margin-top: 10px; }</style>',
+ − 1620
'SIDEBAR_EXTRA'=>'',
+ − 1621
'COPYRIGHT'=>'Enano and all of its code, graphics, and more code is copyright © 2006 Dan Fuhry.<br />This program is Free Software; see the file "GPL" included with this package for details.',
+ − 1622
'TOOLBAR_EXTRAS'=>'',
+ − 1623
'REQUEST_URI'=>$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'],
+ − 1624
'STYLE_LINK'=>$slink,
+ − 1625
'LOGOUT_LINK'=>'',
+ − 1626
'THEME_LINK'=>'',
+ − 1627
'TEMPLATE_DIR'=>scriptPath.'/themes/'.$this->theme,
+ − 1628
'THEME_ID'=>$this->theme,
+ − 1629
'STYLE_ID'=>$this->style,
+ − 1630
'JS_DYNAMIC_VARS'=>'<script type="text/javascript">var title="'. $title .'"; var scriptPath="'.scriptPath.'"; var ENANO_SID=""; var AES_BITS='.AES_BITS.'; var AES_BLOCKSIZE=' . AES_BLOCKSIZE . '; var pagepass=\'\';</script>',
+ − 1631
'SIDEBAR_RIGHT'=>'',
+ − 1632
);
+ − 1633
$this->tpl_strings = array_merge($tpl_strings, $this->tpl_strings);
+ − 1634
+ − 1635
$sidebar = ( gettype($sideinfo) == 'string' ) ? $sideinfo : '';
+ − 1636
if($sidebar != '')
+ − 1637
{
+ − 1638
if(isset($tplvars['sidebar_top']))
+ − 1639
{
+ − 1640
$text = $this->makeParserText($tplvars['sidebar_top']);
+ − 1641
$top = $text->run();
+ − 1642
} else {
+ − 1643
$top = '';
+ − 1644
}
+ − 1645
$p = $this->makeParserText($tplvars['sidebar_section']);
+ − 1646
$p->assign_vars(Array(
+ − 1647
'TITLE'=>'Installation progress',
+ − 1648
'CONTENT'=>$sidebar,
+ − 1649
));
+ − 1650
$sidebar = $p->run();
+ − 1651
if(isset($tplvars['sidebar_bottom']))
+ − 1652
{
+ − 1653
$text = $this->makeParserText($tplvars['sidebar_bottom']);
+ − 1654
$bottom = $text->run();
+ − 1655
} else {
+ − 1656
$bottom = '';
+ − 1657
}
+ − 1658
$sidebar = $top . $sidebar . $bottom;
+ − 1659
}
+ − 1660
$this->tpl_strings['SIDEBAR_LEFT'] = $sidebar;
+ − 1661
+ − 1662
$this->tpl_bool['sidebar_left'] = ( $this->tpl_strings['SIDEBAR_LEFT'] != '') ? true : false;
+ − 1663
$this->tpl_bool['sidebar_right'] = ( $this->tpl_strings['SIDEBAR_RIGHT'] != '') ? true : false;
+ − 1664
$this->tpl_bool['right_sidebar'] = $this->tpl_bool['sidebar_right']; // backward compatibility
+ − 1665
$this->tpl_bool['stupid_mode'] = true;
+ − 1666
}
+ − 1667
function header()
+ − 1668
{
+ − 1669
if(!$this->no_headers) echo $this->process_template('header.tpl');
+ − 1670
}
+ − 1671
function footer()
+ − 1672
{
+ − 1673
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1674
if(!$this->no_headers) {
+ − 1675
global $_starttime;
91
+ − 1676
1
+ − 1677
$f = microtime(true);
+ − 1678
$f = $f - $_starttime;
+ − 1679
$f = round($f, 4);
+ − 1680
if(defined('IN_ENANO_INSTALL')) $nq = 'N/A';
+ − 1681
else $nq = $db->num_queries;
+ − 1682
if($nq == 0) $nq = 'N/A';
+ − 1683
$dbg = 'Time: '.$f.'s | Queries: '.$nq;
+ − 1684
$t = $this->process_template('footer.tpl');
+ − 1685
$t = str_replace('[[Stats]]', $dbg, $t);
98
6457a9b983c6
Fixed non-object reference in databaseless template, added locking for Javascript paginator, made comments on AES key size more clear in constants, and disallowed "anonymous" and IP addresses for admin username in install.php; Loch Ness release candidate
Dan
diff
changeset
+ − 1686
if ( is_object($db) )
6457a9b983c6
Fixed non-object reference in databaseless template, added locking for Javascript paginator, made comments on AES key size more clear in constants, and disallowed "anonymous" and IP addresses for admin username in install.php; Loch Ness release candidate
Dan
diff
changeset
+ − 1687
{
6457a9b983c6
Fixed non-object reference in databaseless template, added locking for Javascript paginator, made comments on AES key size more clear in constants, and disallowed "anonymous" and IP addresses for admin username in install.php; Loch Ness release candidate
Dan
diff
changeset
+ − 1688
$t = str_replace('[[NumQueries]]', (string)$db->num_queries, $t);
6457a9b983c6
Fixed non-object reference in databaseless template, added locking for Javascript paginator, made comments on AES key size more clear in constants, and disallowed "anonymous" and IP addresses for admin username in install.php; Loch Ness release candidate
Dan
diff
changeset
+ − 1689
}
6457a9b983c6
Fixed non-object reference in databaseless template, added locking for Javascript paginator, made comments on AES key size more clear in constants, and disallowed "anonymous" and IP addresses for admin username in install.php; Loch Ness release candidate
Dan
diff
changeset
+ − 1690
else
6457a9b983c6
Fixed non-object reference in databaseless template, added locking for Javascript paginator, made comments on AES key size more clear in constants, and disallowed "anonymous" and IP addresses for admin username in install.php; Loch Ness release candidate
Dan
diff
changeset
+ − 1691
{
6457a9b983c6
Fixed non-object reference in databaseless template, added locking for Javascript paginator, made comments on AES key size more clear in constants, and disallowed "anonymous" and IP addresses for admin username in install.php; Loch Ness release candidate
Dan
diff
changeset
+ − 1692
$t = str_replace('[[NumQueries]]', '0', $t);
6457a9b983c6
Fixed non-object reference in databaseless template, added locking for Javascript paginator, made comments on AES key size more clear in constants, and disallowed "anonymous" and IP addresses for admin username in install.php; Loch Ness release candidate
Dan
diff
changeset
+ − 1693
}
91
+ − 1694
$t = str_replace('[[GenTime]]', (string)$f, $t);
+ − 1695
1
+ − 1696
echo $t;
+ − 1697
}
+ − 1698
else return '';
+ − 1699
}
+ − 1700
function getHeader()
+ − 1701
{
+ − 1702
if(!$this->no_headers) return $this->process_template('header.tpl');
+ − 1703
else return '';
+ − 1704
}
+ − 1705
function getFooter()
+ − 1706
{
+ − 1707
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1708
if(!$this->no_headers) {
+ − 1709
global $_starttime;
+ − 1710
$f = microtime(true);
+ − 1711
$f = $f - $_starttime;
+ − 1712
$f = round($f, 4);
+ − 1713
if(defined('IN_ENANO_INSTALL')) $nq = 'N/A';
+ − 1714
else $nq = $db->num_queries;
+ − 1715
if($nq == 0) $nq = 'N/A';
+ − 1716
$dbg = 'Time: '.$f.'s | Queries: '.$nq;
+ − 1717
if($nq == 0) $nq = 'N/A';
+ − 1718
$t = $this->process_template('footer.tpl');
+ − 1719
$t = str_replace('[[Stats]]', $dbg, $t);
+ − 1720
return $t;
+ − 1721
}
+ − 1722
else return '';
+ − 1723
}
+ − 1724
+ − 1725
function process_template($file) {
+ − 1726
+ − 1727
eval($this->compile_template($file));
+ − 1728
return $tpl_code;
+ − 1729
}
+ − 1730
+ − 1731
function extract_vars($file) {
+ − 1732
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1733
if(!is_file(ENANO_ROOT . '/themes/'.$this->theme.'/'.$file)) die('Cannot find '.$file.' file for style "'.$this->theme.'", exiting');
+ − 1734
$text = file_get_contents(ENANO_ROOT . '/themes/'.$this->theme.'/'.$file);
+ − 1735
preg_match_all('#<\!-- VAR ([A-z0-9_-]*) -->(.*?)<\!-- ENDVAR \\1 -->#is', $text, $matches);
+ − 1736
$tplvars = Array();
+ − 1737
for($i=0;$i<sizeof($matches[1]);$i++)
+ − 1738
{
+ − 1739
$tplvars[$matches[1][$i]] = $matches[2][$i];
+ − 1740
}
+ − 1741
return $tplvars;
+ − 1742
}
+ − 1743
function compile_template($text) {
+ − 1744
global $sideinfo;
+ − 1745
$text = file_get_contents(ENANO_ROOT . '/themes/'.$this->theme.'/'.$text);
+ − 1746
$text = str_replace('<script type="text/javascript" src="{SCRIPTPATH}/ajax.php?title={PAGE_URLNAME}&_mode=jsres"></script>', '', $text); // Remove the AJAX code - we don't need it, and it requires a database connection
+ − 1747
$text = '$tpl_code = \''.str_replace('\'', '\\\'', $text).'\'; return $tpl_code;';
+ − 1748
$text = preg_replace('#<!-- BEGIN (.*?) -->#is', '\'; if($this->tpl_bool[\'\\1\']) { $tpl_code .= \'', $text);
+ − 1749
$text = preg_replace('#<!-- IFPLUGIN (.*?) -->#is', '\'; if(getConfig(\'plugin_\\1\')==\'1\') { $tpl_code .= \'', $text);
+ − 1750
if(defined('IN_ENANO_INSTALL')) $text = str_replace('<!-- SYSMSG Sidebar -->', '<div class="slider"><div class="heading"><a class="head">Installation progress</a></div><div class="slideblock">'.$sideinfo.'</div></div>', $text);
+ − 1751
else $text = str_replace('<!-- SYSMSG Sidebar -->', '<div class="slider"><div class="heading"><a class="head">System error</a></div><div class="slideblock"><a href="#" onclick="return false;">Enano critical error page</a></div></div>', $text);
+ − 1752
$text = preg_replace('#<!-- SYSMSG (.*?) -->#is', '', $text);
+ − 1753
$text = preg_replace('#<!-- BEGINNOT (.*?) -->#is', '\'; if(!$this->tpl_bool[\'\\1\']) { $tpl_code .= \'', $text);
+ − 1754
$text = preg_replace('#<!-- BEGINELSE (.*?) -->#is', '\'; } else { $tpl_code .= \'', $text);
+ − 1755
$text = preg_replace('#<!-- END (.*?) -->#is', '\'; } $tpl_code .= \'', $text);
+ − 1756
$text = preg_replace('#{([A-z0-9]*)}#is', '\'.$this->tpl_strings[\'\\1\'].\'', $text);
+ − 1757
return $text; //('<pre>'.htmlspecialchars($text).'</pre>');
+ − 1758
}
+ − 1759
+ − 1760
function compile_template_text($text) {
+ − 1761
global $sideinfo;
+ − 1762
$text = str_replace('<script type="text/javascript" src="{SCRIPTPATH}/ajax.php?title={PAGE_URLNAME}&_mode=jsres"></script>', '', $text); // Remove the AJAX code - we don't need it, and it requires a database connection
+ − 1763
$text = '$tpl_code = \''.str_replace('\'', '\\\'', $text).'\'; return $tpl_code;';
+ − 1764
$text = preg_replace('#<!-- BEGIN (.*?) -->#is', '\'; if($this->tpl_bool[\'\\1\']) { $tpl_code .= \'', $text);
+ − 1765
$text = preg_replace('#<!-- IFPLUGIN (.*?) -->#is', '\'; if(getConfig(\'plugin_\\1\')==\'1\') { $tpl_code .= \'', $text);
+ − 1766
if(defined('IN_ENANO_INSTALL')) $text = str_replace('<!-- SYSMSG Sidebar -->', '<div class="slider"><div class="heading"><a class="head">Installation progress</a></div><div class="slideblock">'.$sideinfo.'</div></div>', $text);
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 1767
else $text = str_replace('<!-- SYSMSG Sidebar -->', '<div class="slider"><div class="heading"><a class="head">System error</a></div><div class="slideblock"><a href="#" onclick="return false;>Enano critical error page</a></div></div>', $text);
1
+ − 1768
$text = preg_replace('#<!-- SYSMSG (.*?) -->#is', '', $text);
+ − 1769
$text = preg_replace('#<!-- BEGINNOT (.*?) -->#is', '\'; if(!$this->tpl_bool[\'\\1\']) { $tpl_code .= \'', $text);
+ − 1770
$text = preg_replace('#<!-- BEGINELSE (.*?) -->#is', '\'; } else { $tpl_code .= \'', $text);
+ − 1771
$text = preg_replace('#<!-- END (.*?) -->#is', '\'; } $tpl_code .= \'', $text);
+ − 1772
$text = preg_replace('#{([A-z0-9]*)}#is', '\'.$this->tpl_strings[\'\\1\'].\'', $text);
+ − 1773
return $text; //('<pre>'.htmlspecialchars($text).'</pre>');
+ − 1774
}
+ − 1775
+ − 1776
/**
+ − 1777
* Allows individual parsing of template files. Similar to phpBB but follows the spirit of object-oriented programming ;)
+ − 1778
* Returns on object of class templateIndividual. Usage instructions can be found in the inline docs for that class.
+ − 1779
* @param $filename the filename of the template to be parsed
+ − 1780
* @return object
+ − 1781
*/
+ − 1782
+ − 1783
function makeParser($filename)
+ − 1784
{
+ − 1785
$filename = ENANO_ROOT.'/themes/'.$this->theme.'/'.$filename;
+ − 1786
if(!file_exists($filename)) die('templateIndividual: file '.$filename.' does not exist');
+ − 1787
$code = file_get_contents($filename);
+ − 1788
$parser = new templateIndividualSafe($code, $this);
+ − 1789
return $parser;
+ − 1790
}
+ − 1791
+ − 1792
/**
+ − 1793
* Same as $template->makeParser(), but takes a string instead of a filename.
+ − 1794
* @param $text the text to parse
+ − 1795
* @return object
+ − 1796
*/
+ − 1797
+ − 1798
function makeParserText($code)
+ − 1799
{
+ − 1800
$parser = new templateIndividualSafe($code, $this);
+ − 1801
return $parser;
+ − 1802
}
+ − 1803
+ − 1804
} // class template_nodb
+ − 1805
+ − 1806
/**
+ − 1807
* Identical to templateIndividual, except extends template_nodb instead of template
+ − 1808
* @see class template
+ − 1809
*/
+ − 1810
+ − 1811
class templateIndividualSafe extends template_nodb {
+ − 1812
var $tpl_strings, $tpl_bool, $tpl_code;
+ − 1813
var $compiled = false;
+ − 1814
/**
+ − 1815
* Constructor.
+ − 1816
*/
+ − 1817
function __construct($text, $parent)
+ − 1818
{
+ − 1819
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1820
$this->tpl_code = $text;
+ − 1821
$this->tpl_strings = $parent->tpl_strings;
+ − 1822
$this->tpl_bool = $parent->tpl_bool;
+ − 1823
}
+ − 1824
/**
+ − 1825
* PHP 4 constructor.
+ − 1826
*/
+ − 1827
function templateIndividual($text)
+ − 1828
{
+ − 1829
$this->__construct($text);
+ − 1830
}
+ − 1831
/**
+ − 1832
* Assigns an array of string values to the template. Strings can be accessed from the template by inserting {KEY_NAME} in the template file.
+ − 1833
* @param $vars array
+ − 1834
*/
+ − 1835
function assign_vars($vars)
+ − 1836
{
+ − 1837
if(is_array($this->tpl_strings))
+ − 1838
$this->tpl_strings = array_merge($this->tpl_strings, $vars);
+ − 1839
else
+ − 1840
$this->tpl_strings = $vars;
+ − 1841
}
+ − 1842
/**
+ − 1843
* Assigns an array of boolean values to the template. These can be used for <!-- IF ... --> statements.
+ − 1844
* @param $vars array
+ − 1845
*/
+ − 1846
function assign_bool($vars)
+ − 1847
{
+ − 1848
$this->tpl_bool = array_merge($this->tpl_bool, $vars);
+ − 1849
}
+ − 1850
/**
+ − 1851
* Compiles and executes the template code.
+ − 1852
* @return string
+ − 1853
*/
+ − 1854
function run()
+ − 1855
{
+ − 1856
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1857
if(!$this->compiled)
+ − 1858
{
+ − 1859
$this->tpl_code = $this->compile_template_text($this->tpl_code);
+ − 1860
$this->compiled = true;
+ − 1861
}
+ − 1862
return eval($this->tpl_code);
+ − 1863
}
+ − 1864
}
+ − 1865
+ − 1866
?>