1
+ − 1
<?php
+ − 2
+ − 3
/*
+ − 4
* Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 5
* Version 1.0 (Banshee)
1
+ − 6
* Copyright (C) 2006-2007 Dan Fuhry
+ − 7
*
+ − 8
* This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
+ − 9
* as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
+ − 10
*
+ − 11
* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ − 12
* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
+ − 13
*/
+ − 14
+ − 15
class template {
+ − 16
var $tpl_strings, $tpl_bool, $theme, $style, $no_headers, $additional_headers, $sidebar_extra, $sidebar_widgets, $toolbar_menu, $theme_list, $named_theme_list, $default_theme, $default_style, $plugin_blocks, $namespace_string, $style_list, $theme_loaded;
+ − 17
function __construct()
+ − 18
{
+ − 19
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 20
dc_here('template: initializing all class variables');
+ − 21
$this->tpl_bool = Array();
+ − 22
$this->tpl_strings = Array();
+ − 23
$this->sidebar_extra = '';
+ − 24
$this->toolbar_menu = '';
+ − 25
$this->additional_headers = '';
+ − 26
$this->plugin_blocks = Array();
+ − 27
$this->theme_loaded = false;
+ − 28
+ − 29
$this->theme_list = Array();
+ − 30
$this->named_theme_list = Array();
+ − 31
$e = $db->sql_query('SELECT theme_id,theme_name,enabled,default_style FROM '.table_prefix.'themes WHERE enabled=1 ORDER BY theme_order;');
+ − 32
if(!$e) $db->_die('The list of themes could not be selected.');
+ − 33
for($i=0;$i < $db->numrows(); $i++)
+ − 34
{
+ − 35
$this->theme_list[$i] = $db->fetchrow();
+ − 36
$this->named_theme_list[$this->theme_list[$i]['theme_id']] = $this->theme_list[$i];
+ − 37
}
+ − 38
$db->free_result();
+ − 39
$this->default_theme = $this->theme_list[0]['theme_id'];
+ − 40
$dir = ENANO_ROOT.'/themes/'.$this->default_theme.'/css/';
+ − 41
$list = Array();
+ − 42
// Open a known directory, and proceed to read its contents
+ − 43
if (is_dir($dir)) {
+ − 44
if ($dh = opendir($dir)) {
+ − 45
while (($file = readdir($dh)) !== false) {
+ − 46
if(preg_match('#^(.*?)\.css$#i', $file) && $file != '_printable.css') {
+ − 47
$list[] = substr($file, 0, strlen($file)-4);
+ − 48
}
+ − 49
}
+ − 50
closedir($dh);
+ − 51
}
+ − 52
}
+ − 53
+ − 54
$def = ENANO_ROOT.'/themes/'.$this->default_theme.'/css/'.$this->named_theme_list[$this->default_theme]['default_style'];
+ − 55
if(file_exists($def))
+ − 56
{
+ − 57
$this->default_style = substr($this->named_theme_list[$this->default_theme]['default_style'], 0, strlen($this->named_theme_list[$this->default_theme]['default_style'])-4);
+ − 58
} else {
+ − 59
$this->default_style = $list[0];
+ − 60
}
+ − 61
+ − 62
$this->style_list = $list;
+ − 63
+ − 64
}
+ − 65
function template()
+ − 66
{
+ − 67
$this->__construct();
+ − 68
}
+ − 69
function sidebar_widget($t, $h)
+ − 70
{
+ − 71
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 72
if(!defined('ENANO_TEMPLATE_LOADED'))
+ − 73
{
+ − 74
$this->load_theme($session->theme, $session->style);
+ − 75
}
+ − 76
if(!$this->sidebar_widgets)
+ − 77
$this->sidebar_widgets = '';
+ − 78
$tplvars = $this->extract_vars('elements.tpl');
+ − 79
$parser = $this->makeParserText($tplvars['sidebar_section_raw']);
+ − 80
$parser->assign_vars(Array('TITLE'=>$t,'CONTENT'=>$h));
+ − 81
$this->plugin_blocks[$t] = $h;
+ − 82
$this->sidebar_widgets .= $parser->run();
+ − 83
}
+ − 84
function add_header($html)
+ − 85
{
+ − 86
$this->additional_headers .= "\n" . $html;
+ − 87
}
+ − 88
function get_css($s = false)
+ − 89
{
+ − 90
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 91
if(!defined('ENANO_TEMPLATE_LOADED'))
+ − 92
$this->load_theme($session->theme, $session->style);
+ − 93
$path = ( $s ) ? 'css/'.$s : 'css/'.$this->style.'.css';
+ − 94
if ( !file_exists(ENANO_ROOT . '/themes/' . $this->theme . '/' . $path) )
+ − 95
{
+ − 96
echo "/* WARNING: Falling back to default file because file $path does not exist */\n";
+ − 97
$path = 'css/' . $this->style_list[0] . '.css';
+ − 98
}
+ − 99
return $this->process_template($path);
+ − 100
}
+ − 101
function load_theme($name = false, $css = false)
+ − 102
{
+ − 103
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 104
$this->theme = ( $name ) ? $name : $session->theme;
+ − 105
$this->style = ( $css ) ? $css : $session->style;
+ − 106
if ( !$this->theme )
+ − 107
{
+ − 108
$this->theme = $this->theme_list[0]['theme_id'];
+ − 109
$this->style = substr($this->theme_list[0]['default_style'], 0, strlen($this->theme_list[0]['default_style'])-4);
+ − 110
}
+ − 111
$this->theme_loaded = true;
+ − 112
}
+ − 113
+ − 114
function init_vars()
+ − 115
{
+ − 116
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 117
global $email;
+ − 118
+ − 119
dc_here("template: initializing all variables");
+ − 120
+ − 121
if(!$this->theme || !$this->style)
+ − 122
{
+ − 123
$this->load_theme();
+ − 124
}
+ − 125
+ − 126
if(defined('ENANO_TEMPLATE_LOADED'))
+ − 127
{
+ − 128
dc_here('template: access denied to call template::init_vars(), bailing out');
+ − 129
die_semicritical('Illegal call', '<p>$template->load_theme was called multiple times, this is not supposed to happen. Exiting with fatal error.</p>');
+ − 130
}
+ − 131
+ − 132
define('ENANO_TEMPLATE_LOADED', '');
+ − 133
+ − 134
$tplvars = $this->extract_vars('elements.tpl');
+ − 135
+ − 136
dc_here('template: setting all template vars');
+ − 137
+ − 138
if(isset($_SERVER['HTTP_USER_AGENT']) && strstr($_SERVER['HTTP_USER_AGENT'], 'MSIE'))
+ − 139
{
+ − 140
$this->add_header('
+ − 141
<!--[if lt IE 7]>
+ − 142
<script language="JavaScript">
+ − 143
function correctPNG() // correctly handle PNG transparency in Win IE 5.5 & 6.
+ − 144
{
+ − 145
var arVersion = navigator.appVersion.split("MSIE")
+ − 146
var version = parseFloat(arVersion[1])
+ − 147
if (version >= 5.5 && typeof(document.body.filters) == "object")
+ − 148
{
+ − 149
for(var i=0; i<document.images.length; i++)
+ − 150
{
+ − 151
var img = document.images[i];
+ − 152
continue;
+ − 153
var imgName = img.src.toUpperCase();
+ − 154
if (imgName.substring(imgName.length-3, imgName.length) == "PNG")
+ − 155
{
+ − 156
var imgID = (img.id) ? "id=\'" + img.id + "\' " : "";
+ − 157
var imgClass = (img.className) ? "class=\'" + img.className + "\' " : "";
+ − 158
var imgTitle = (img.title) ? "title=\'" + img.title + "\' " : "title=\'" + img.alt + "\' ";
+ − 159
var imgStyle = "display:inline-block;" + img.style.cssText;
+ − 160
if (img.align == "left") imgStyle = "float:left;" + imgStyle;
+ − 161
if (img.align == "right") imgStyle = "float:right;" + imgStyle;
+ − 162
if (img.parentElement.href) imgStyle = "cursor:hand;" + imgStyle;
+ − 163
var strNewHTML = "<span " + imgID + imgClass + imgTitle + " style=\\"" + "width:" + img.width + "px; height:" + img.height + "px;" + imgStyle + ";" + "filter:progid:DXImageTransform.Microsoft.AlphaImageLoader" + "(src=\\\'" + img.src + "\\\', sizingMethod=\'scale\');\\"></span>";
+ − 164
img.outerHTML = strNewHTML;
+ − 165
i = i-1;
+ − 166
}
+ − 167
}
+ − 168
}
+ − 169
}
+ − 170
window.attachEvent("onload", correctPNG);
+ − 171
</script>
+ − 172
<![endif]-->
+ − 173
');
+ − 174
}
+ − 175
+ − 176
// Get the "article" button text (depends on namespace)
+ − 177
switch($paths->namespace) {
+ − 178
case "Article":
+ − 179
default:
+ − 180
$ns = 'article';
+ − 181
break;
+ − 182
case "Admin":
+ − 183
$ns = 'administration page';
+ − 184
break;
+ − 185
case "System":
+ − 186
$ns = 'system message';
+ − 187
break;
+ − 188
case "File":
+ − 189
$ns = 'uploaded file';
+ − 190
break;
+ − 191
case "Help":
+ − 192
$ns = 'documentation page';
+ − 193
break;
+ − 194
case "User":
+ − 195
$ns = 'user page';
+ − 196
break;
+ − 197
case "Special":
+ − 198
$ns = 'special page';
+ − 199
break;
+ − 200
case "Template":
+ − 201
$ns = 'template';
+ − 202
break;
+ − 203
case "Project":
+ − 204
$ns = 'project page';
+ − 205
break;
+ − 206
case "Category":
+ − 207
$ns = 'category';
+ − 208
break;
+ − 209
}
+ − 210
$this->namespace_string = $ns;
+ − 211
$code = $plugins->setHook('page_type_string_set');
+ − 212
foreach ( $code as $cmd )
+ − 213
{
+ − 214
eval($cmd);
+ − 215
}
+ − 216
$ns =& $this->namespace_string;
+ − 217
+ − 218
// Initialize the toolbar
+ − 219
$tb = '';
+ − 220
+ − 221
// Create "xx page" button
+ − 222
+ − 223
$btn_selected = ( isset($tplvars['toolbar_button_selected'])) ? $tplvars['toolbar_button_selected'] : $tplvars['toolbar_button'];
+ − 224
$parser = $this->makeParserText($btn_selected);
+ − 225
+ − 226
$parser->assign_vars(array(
+ − 227
'FLAGS' => 'onclick="void(ajaxReset()); return false;" title="View the page contents, all of the page contents, and nothing but the page contents (alt-a)" accesskey="a"',
+ − 228
'PARENTFLAGS' => 'id="mdgToolbar_article"',
+ − 229
'HREF' => makeUrl($paths->page, null, true),
+ − 230
'TEXT' => $this->namespace_string
+ − 231
));
+ − 232
+ − 233
$tb .= $parser->run();
+ − 234
+ − 235
$button = $this->makeParserText($tplvars['toolbar_button']);
+ − 236
+ − 237
// Page toolbar
+ − 238
// Comments button
+ − 239
if ( $session->get_permissions('read') && getConfig('enable_comments')=='1' && $paths->namespace != 'Special' && $paths->namespace != 'Admin' && $paths->cpage['comments_on'] == 1 )
+ − 240
{
+ − 241
+ − 242
$e = $db->sql_query('SELECT approved FROM '.table_prefix.'comments WHERE page_id=\''.$paths->cpage['urlname_nons'].'\' AND namespace=\''.$paths->namespace.'\';');
+ − 243
if ( !$e )
+ − 244
{
+ − 245
$db->_die();
+ − 246
}
+ − 247
$nc = $db->numrows();
+ − 248
$nu = 0;
+ − 249
$na = 0;
+ − 250
+ − 251
while ( $r = $db->fetchrow() )
+ − 252
{
+ − 253
if ( !$r['approved'] )
+ − 254
{
+ − 255
$nu++;
+ − 256
}
+ − 257
else
+ − 258
{
+ − 259
$na++;
+ − 260
}
+ − 261
}
+ − 262
+ − 263
$db->free_result();
+ − 264
$n = ( $session->get_permissions('mod_comments') ) ? (string)$nc : (string)$na;
+ − 265
if ( $session->get_permissions('mod_comments') && $nu > 0 )
+ − 266
{
+ − 267
$n .= ' total/'.$nu.' unapp.';
+ − 268
}
+ − 269
+ − 270
$button->assign_vars(array(
+ − 271
'FLAGS' => 'onclick="void(ajaxComments()); return false;" title="View the comments that other users have posted about this page (alt-c)" accesskey="c"',
+ − 272
'PARENTFLAGS' => 'id="mdgToolbar_discussion"',
+ − 273
'HREF' => makeUrl($paths->page, 'do=comments', true),
+ − 274
'TEXT' => 'discussion ('.$n.')',
+ − 275
));
+ − 276
+ − 277
$tb .= $button->run();
+ − 278
}
+ − 279
// Edit button
+ − 280
if($session->get_permissions('read') && ($paths->namespace != 'Special' && $paths->namespace != 'Admin') && ( $session->get_permissions('edit_page') && ( ( $paths->page_protected && $session->get_permissions('even_when_protected') ) || !$paths->page_protected ) ) )
+ − 281
{
+ − 282
$button->assign_vars(array(
+ − 283
'FLAGS' => 'onclick="void(ajaxEditor()); return false;" title="Edit the contents of this page (alt-e)" accesskey="e"',
+ − 284
'PARENTFLAGS' => 'id="mdgToolbar_edit"',
+ − 285
'HREF' => makeUrl($paths->page, 'do=edit', true),
+ − 286
'TEXT' => 'edit this page'
+ − 287
));
+ − 288
$tb .= $button->run();
+ − 289
// View source button
+ − 290
}
+ − 291
else if($session->get_permissions('view_source') && ( !$session->get_permissions('edit_page') || !$session->get_permissions('even_when_protected') && $paths->page_protected ) && $paths->namespace != 'Special' && $paths->namespace != 'Admin')
+ − 292
{
+ − 293
$button->assign_vars(array(
+ − 294
'FLAGS' => 'onclick="void(ajaxViewSource()); return false;" title="View the source code (wiki markup) that this page uses (alt-e)" accesskey="e"',
+ − 295
'PARENTFLAGS' => 'id="mdgToolbar_edit"',
+ − 296
'HREF' => makeUrl($paths->page, 'do=viewsource', true),
+ − 297
'TEXT' => 'view source'
+ − 298
));
+ − 299
$tb .= $button->run();
+ − 300
}
+ − 301
// History button
+ − 302
if ( $session->get_permissions('read') /* && $paths->wiki_mode */ && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' && $session->get_permissions('history_view') )
+ − 303
{
+ − 304
$button->assign_vars(array(
+ − 305
'FLAGS' => 'onclick="void(ajaxHistory()); return false;" title="View a log of actions taken on this page (alt-h)" accesskey="h"',
+ − 306
'PARENTFLAGS' => 'id="mdgToolbar_history"',
+ − 307
'HREF' => makeUrl($paths->page, 'do=history', true),
+ − 308
'TEXT' => 'history'
+ − 309
));
+ − 310
$tb .= $button->run();
+ − 311
}
+ − 312
+ − 313
$menubtn = $this->makeParserText($tplvars['toolbar_menu_button']);
+ − 314
+ − 315
// Additional actions menu
+ − 316
// Rename button
+ − 317
if ( $session->get_permissions('read') && $paths->page_exists && ( $session->get_permissions('rename') && ( $paths->page_protected && $session->get_permissions('even_when_protected') || !$paths->page_protected ) ) && $paths->namespace != 'Special' && $paths->namespace != 'Admin' )
+ − 318
{
+ − 319
$menubtn->assign_vars(array(
+ − 320
'FLAGS' => 'onclick="void(ajaxRename()); return false;" title="Change the display name of this page (alt-r)" accesskey="r"',
+ − 321
'HREF' => makeUrl($paths->page, 'do=rename', true),
+ − 322
'TEXT' => 'rename',
+ − 323
));
+ − 324
$this->toolbar_menu .= $menubtn->run();
+ − 325
}
+ − 326
+ − 327
// Vote-to-delete button
+ − 328
if ( $paths->wiki_mode && $session->get_permissions('vote_delete') && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin')
+ − 329
{
+ − 330
$menubtn->assign_vars(array(
+ − 331
'FLAGS' => 'onclick="void(ajaxDelVote()); return false;" title="Vote to have this page deleted (alt-d)" accesskey="d"',
+ − 332
'HREF' => makeUrl($paths->page, 'do=delvote', true),
+ − 333
'TEXT' => 'vote to delete this page',
+ − 334
));
+ − 335
$this->toolbar_menu .= $menubtn->run();
+ − 336
}
+ − 337
+ − 338
// Clear-votes button
+ − 339
if ( $session->get_permissions('read') && $paths->wiki_mode && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' && $session->get_permissions('vote_reset') && $paths->cpage['delvotes'] > 0)
+ − 340
{
+ − 341
$menubtn->assign_vars(array(
+ − 342
'FLAGS' => 'onclick="void(ajaxResetDelVotes()); return false;" title="Vote to have this page deleted (alt-y)" accesskey="y"',
+ − 343
'HREF' => makeUrl($paths->page, 'do=resetvotes', true),
+ − 344
'TEXT' => 'reset deletion votes',
+ − 345
));
+ − 346
$this->toolbar_menu .= $menubtn->run();
+ − 347
}
+ − 348
+ − 349
// Printable page button
+ − 350
if ( $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' )
+ − 351
{
+ − 352
$menubtn->assign_vars(array(
+ − 353
'FLAGS' => 'title="View a version of this page that is suitable for printing"',
+ − 354
'HREF' => makeUrl($paths->page, 'printable=yes', true),
+ − 355
'TEXT' => 'view printable version',
+ − 356
));
+ − 357
$this->toolbar_menu .= $menubtn->run();
+ − 358
}
+ − 359
+ − 360
// Protect button
+ − 361
if($session->get_permissions('read') && $paths->wiki_mode && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' && $session->get_permissions('protect'))
+ − 362
{
+ − 363
+ − 364
$label = $this->makeParserText($tplvars['toolbar_label']);
+ − 365
$label->assign_vars(array('TEXT' => 'protection:'));
+ − 366
$t0 = $label->run();
+ − 367
+ − 368
$ctmp = '';
+ − 369
if ( $paths->cpage['protected'] == 1 )
+ − 370
{
+ − 371
$ctmp=' style="text-decoration: underline;"';
+ − 372
}
+ − 373
$menubtn->assign_vars(array(
+ − 374
'FLAGS' => 'accesskey="i" onclick="ajaxProtect(1); return false;" id="protbtn_1" title="Prevents all non-administrators from editing this page. [alt-i]"'.$ctmp,
+ − 375
'HREF' => makeUrl($paths->page, 'do=protect&level=1', true),
+ − 376
'TEXT' => 'on'
+ − 377
));
+ − 378
$t1 = $menubtn->run();
+ − 379
+ − 380
$ctmp = '';
+ − 381
if ( $paths->cpage['protected'] == 0 )
+ − 382
{
+ − 383
$ctmp=' style="text-decoration: underline;"';
+ − 384
}
+ − 385
$menubtn->assign_vars(array(
+ − 386
'FLAGS' => 'accesskey="o" onclick="ajaxProtect(0); return false;" id="protbtn_0" title="Allows everyone to edit this page. [alt-o]"'.$ctmp,
+ − 387
'HREF' => makeUrl($paths->page, 'do=protect&level=0', true),
+ − 388
'TEXT' => 'off'
+ − 389
));
+ − 390
$t2 = $menubtn->run();
+ − 391
+ − 392
$ctmp = '';
+ − 393
if ( $paths->cpage['protected'] == 2 )
+ − 394
{
+ − 395
$ctmp = ' style="text-decoration: underline;"';
+ − 396
}
+ − 397
$menubtn->assign_vars(array(
+ − 398
'FLAGS' => 'accesskey="p" onclick="ajaxProtect(2); return false;" id="protbtn_2" title="Allows only users who have been registered for 4 days to edit this page. [alt-p]"'.$ctmp,
+ − 399
'HREF' => makeUrl($paths->page, 'do=protect&level=2', true),
+ − 400
'TEXT' => 'semi'
+ − 401
));
+ − 402
$t3 = $menubtn->run();
+ − 403
+ − 404
$this->toolbar_menu .= ' <table border="0" cellspacing="0" cellpadding="0">
+ − 405
<tr>
+ − 406
<td>'.$t0.'</td>
+ − 407
<td>'.$t1.'</td>
+ − 408
<td>'.$t2.'</td>
+ − 409
<td>'.$t3.'</td>
+ − 410
</tr>
+ − 411
</table>';
+ − 412
}
+ − 413
+ − 414
// Wiki mode button
+ − 415
if($session->get_permissions('read') && $paths->page_exists && $session->get_permissions('set_wiki_mode') && $paths->namespace != 'Special' && $paths->namespace != 'Admin')
+ − 416
{
+ − 417
// label at start
+ − 418
$label = $this->makeParserText($tplvars['toolbar_label']);
+ − 419
$label->assign_vars(array('TEXT' => 'page wiki mode:'));
+ − 420
$t0 = $label->run();
+ − 421
+ − 422
// on button
+ − 423
$ctmp = '';
+ − 424
if ( $paths->cpage['wiki_mode'] == 1 )
+ − 425
{
+ − 426
$ctmp = ' style="text-decoration: underline;"';
+ − 427
}
+ − 428
$menubtn->assign_vars(array(
+ − 429
'FLAGS' => 'onclick="ajaxSetWikiMode(1); return false;" id="wikibtn_1" title="Forces wiki functions to be allowed on this page."'.$ctmp,
+ − 430
'HREF' => makeUrl($paths->page, 'do=setwikimode&level=1', true),
+ − 431
'TEXT' => 'on'
+ − 432
));
+ − 433
$t1 = $menubtn->run();
+ − 434
+ − 435
// off button
+ − 436
$ctmp = '';
+ − 437
if ( $paths->cpage['wiki_mode'] == 0 )
+ − 438
{
+ − 439
$ctmp=' style="text-decoration: underline;"';
+ − 440
}
+ − 441
$menubtn->assign_vars(array(
+ − 442
'FLAGS' => 'onclick="ajaxSetWikiMode(0); return false;" id="wikibtn_0" title="Forces wiki functions to be disabled on this page."'.$ctmp,
+ − 443
'HREF' => makeUrl($paths->page, 'do=setwikimode&level=0', true),
+ − 444
'TEXT' => 'off'
+ − 445
));
+ − 446
$t2 = $menubtn->run();
+ − 447
+ − 448
// global button
+ − 449
$ctmp = '';
+ − 450
if ( $paths->cpage['wiki_mode'] == 2 )
+ − 451
{
+ − 452
$ctmp=' style="text-decoration: underline;"';
+ − 453
}
+ − 454
$menubtn->assign_vars(array(
+ − 455
'FLAGS' => 'onclick="ajaxSetWikiMode(2); return false;" id="wikibtn_2" title="Causes this page to use the global wiki mode setting (default)"'.$ctmp,
+ − 456
'HREF' => makeUrl($paths->page, 'do=setwikimode&level=2', true),
+ − 457
'TEXT' => 'global'
+ − 458
));
+ − 459
$t3 = $menubtn->run();
+ − 460
+ − 461
// Tack it onto the list of buttons that are already there...
+ − 462
$this->toolbar_menu .= ' <table border="0" cellspacing="0" cellpadding="0">
+ − 463
<tr>
+ − 464
<td>'.$t0.'</td>
+ − 465
<td>'.$t1.'</td>
+ − 466
<td>'.$t2.'</td>
+ − 467
<td>'.$t3.'</td>
+ − 468
</tr>
+ − 469
</table>';
+ − 470
}
+ − 471
+ − 472
// Clear logs button
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 473
if ( $session->get_permissions('read') && $session->get_permissions('clear_logs') && $paths->namespace != 'Special' && $paths->namespace != 'Admin' )
1
+ − 474
{
+ − 475
$menubtn->assign_vars(array(
+ − 476
'FLAGS' => 'onclick="void(ajaxClearLogs()); return false;" title="Remove all edit and action logs for this page from the database. IRREVERSIBLE! (alt-l)" accesskey="l"',
+ − 477
'HREF' => makeUrl($paths->page, 'do=flushlogs', true),
+ − 478
'TEXT' => 'clear page logs',
+ − 479
));
+ − 480
$this->toolbar_menu .= $menubtn->run();
+ − 481
}
+ − 482
+ − 483
// Delete page button
+ − 484
if ( $session->get_permissions('read') && $session->get_permissions('delete_page') && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' )
+ − 485
{
+ − 486
$s = 'delete this page';
+ − 487
if ( $paths->cpage['delvotes'] == 1 )
+ − 488
{
+ − 489
$s .= ' (<b>'.$paths->cpage['delvotes'].'</b> vote)';
+ − 490
}
+ − 491
else if ( $paths->cpage['delvotes'] > 1 )
+ − 492
{
+ − 493
$s .= ' (<b>'.$paths->cpage['delvotes'].'</b> votes)';
+ − 494
}
+ − 495
+ − 496
$menubtn->assign_vars(array(
+ − 497
'FLAGS' => 'onclick="void(ajaxDeletePage()); return false;" title="Delete this page. This is always reversible unless the logs are cleared. (alt-k)" accesskey="k"',
+ − 498
'HREF' => makeUrl($paths->page, 'do=deletepage', true),
+ − 499
'TEXT' => $s,
+ − 500
));
+ − 501
$this->toolbar_menu .= $menubtn->run();
+ − 502
+ − 503
}
+ − 504
+ − 505
// Password-protect button
+ − 506
if(isset($paths->cpage['password']))
+ − 507
{
+ − 508
if ( $paths->cpage['password'] == '' )
+ − 509
{
+ − 510
$a = $session->get_permissions('password_set');
+ − 511
}
+ − 512
else
+ − 513
{
+ − 514
$a = $session->get_permissions('password_reset');
+ − 515
}
+ − 516
}
+ − 517
else
+ − 518
{
+ − 519
$a = $session->get_permissions('password_set');
+ − 520
}
+ − 521
if ( $a && $session->get_permissions('read') && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' )
+ − 522
{
+ − 523
// label at start
+ − 524
$label = $this->makeParserText($tplvars['toolbar_label']);
13
fdd6b9dd42c3
Installer actually works now on dev servers; minor language change in template.php; code cleanliness fix in sessions.php
Dan
diff
changeset
+ − 525
$label->assign_vars(array('TEXT' => 'page password:'));
1
+ − 526
$t0 = $label->run();
+ − 527
+ − 528
$menubtn->assign_vars(array(
+ − 529
'FLAGS' => 'onclick="void(ajaxSetPassword()); return false;" title="Require a password in order for this page to be viewed"',
+ − 530
'HREF' => '#',
+ − 531
'TEXT' => 'set',
+ − 532
));
+ − 533
$t = $menubtn->run();
+ − 534
+ − 535
$this->toolbar_menu .= '<table border="0" cellspacing="0" cellpadding="0"><tr><td>'.$t0.'</td><td><input type="password" id="mdgPassSetField" size="10" /></td><td>'.$t.'</td></tr></table>';
+ − 536
}
+ − 537
+ − 538
// Manage ACLs button
+ − 539
if($session->get_permissions('edit_acl') || $session->user_level >= USER_LEVEL_ADMIN)
+ − 540
{
+ − 541
$menubtn->assign_vars(array(
+ − 542
'FLAGS' => 'onclick="return ajaxOpenACLManager();" title="Manage who can do what with this page (alt-m)" accesskey="m"',
+ − 543
'HREF' => makeUrl($paths->page, 'do=aclmanager', true),
+ − 544
'TEXT' => 'manage page access',
+ − 545
));
+ − 546
$this->toolbar_menu .= $menubtn->run();
+ − 547
}
+ − 548
+ − 549
// Administer page button
+ − 550
if ( $session->user_level >= USER_LEVEL_ADMIN && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' )
+ − 551
{
+ − 552
$menubtn->assign_vars(array(
+ − 553
'FLAGS' => 'onclick="void(ajaxAdminPage()); return false;" title="Administrative options for this page" accesskey="g"',
+ − 554
'HREF' => makeUrlNS('Special', 'Administration', 'module='.$paths->nslist['Admin'].'PageManager', true),
+ − 555
'TEXT' => 'administrative options',
+ − 556
));
+ − 557
$this->toolbar_menu .= $menubtn->run();
+ − 558
}
+ − 559
+ − 560
if ( strlen($this->toolbar_menu) > 0 )
+ − 561
{
+ − 562
$button->assign_vars(array(
+ − 563
'FLAGS' => 'id="mdgToolbar_moreoptions" onclick="return false;" title="Additional options for working with this page"',
+ − 564
'PARENTFLAGS' => '',
+ − 565
'HREF' => makeUrl($paths->page, 'do=moreoptions', true),
+ − 566
'TEXT' => 'more options'
+ − 567
));
+ − 568
$tb .= $button->run();
+ − 569
}
+ − 570
+ − 571
$is_opera = (isset($_SERVER['HTTP_USER_AGENT']) && strstr($_SERVER['HTTP_USER_AGENT'], 'Opera')) ? true : false;
+ − 572
+ − 573
$this->tpl_bool = Array(
+ − 574
'auth_admin'=>$session->user_level >= USER_LEVEL_ADMIN ? true : false,
+ − 575
'user_logged_in'=>$session->user_logged_in,
+ − 576
'opera'=>$is_opera,
+ − 577
);
+ − 578
+ − 579
if($session->sid_super) { $ash = '&auth='.$session->sid_super; $asq = "?auth=".$session->sid_super; $asa = "&auth=".$session->sid_super; $as2 = htmlspecialchars(urlSeparator).'auth='.$session->sid_super; }
+ − 580
else { $asq=''; $asa=''; $as2 = ''; $ash = ''; }
+ − 581
+ − 582
$code = $plugins->setHook('compile_template');
+ − 583
foreach ( $code as $cmd )
+ − 584
{
+ − 585
eval($cmd);
+ − 586
}
+ − 587
+ − 588
// Some additional sidebar processing
+ − 589
if($this->sidebar_extra != '') {
+ − 590
$se = $this->sidebar_extra;
+ − 591
$parser = $this->makeParserText($tplvars['sidebar_section_raw']);
+ − 592
$parser->assign_vars(Array('TITLE'=>'Links','CONTENT'=>$se));
+ − 593
$this->sidebar_extra = $parser->run();
+ − 594
}
+ − 595
+ − 596
$this->sidebar_extra = $this->sidebar_extra.$this->sidebar_widgets;
+ − 597
+ − 598
$this->tpl_bool['fixed_menus'] = false;
+ − 599
/* if($this->sidebar_extra == '') $this->tpl_bool['right_sidebar'] = false;
+ − 600
else */ $this->tpl_bool['right_sidebar'] = true;
+ − 601
+ − 602
$this->tpl_bool['auth_rename'] = ( $paths->page_exists && ( $session->get_permissions('rename') && ( $paths->page_protected && $session->get_permissions('even_when_protected') || !$paths->page_protected ) ) && $paths->namespace != 'Special' && $paths->namespace != 'Admin');
+ − 603
+ − 604
$this->tpl_bool['enable_uploads'] = ( getConfig('enable_uploads') == '1' && $session->get_permissions('upload_files') ) ? true : false;
+ − 605
+ − 606
$this->tpl_bool['stupid_mode'] = false;
+ − 607
+ − 608
if($paths->page == $paths->nslist['Special'].'Administration') $this->tpl_bool['in_admin'] = true;
+ − 609
else $this->tpl_bool['in_admin'] = false;
+ − 610
+ − 611
$p = ( isset($_GET['printable']) ) ? '/printable' : '';
+ − 612
+ − 613
// Add the e-mail address client code to the header
+ − 614
$this->add_header($email->jscode());
+ − 615
+ − 616
// Generate the code for the Log out and Change theme sidebar buttons
+ − 617
// Once again, the new template parsing system can be used here
+ − 618
+ − 619
$parser = $this->makeParserText($tplvars['sidebar_button']);
+ − 620
+ − 621
$parser->assign_vars(Array(
+ − 622
'HREF'=>makeUrlNS('Special', 'Logout'),
+ − 623
'FLAGS'=>'onclick="mb_logout(); return false;"',
+ − 624
'TEXT'=>'Log out',
+ − 625
));
+ − 626
+ − 627
$logout_link = $parser->run();
+ − 628
+ − 629
$parser->assign_vars(Array(
+ − 630
'HREF'=>makeUrlNS('Special', 'Login/' . $paths->page),
+ − 631
'FLAGS'=>'onclick="ajaxStartLogin(); return false;"',
+ − 632
'TEXT'=>'Log in',
+ − 633
));
+ − 634
+ − 635
$login_link = $parser->run();
+ − 636
+ − 637
$parser->assign_vars(Array(
+ − 638
'HREF'=>makeUrlNS('Special', 'ChangeStyle/'.$paths->page),
+ − 639
'FLAGS'=>'onclick="ajaxChangeStyle(); return false;"',
+ − 640
'TEXT'=>'Change theme',
+ − 641
));
+ − 642
+ − 643
$theme_link = $parser->run();
+ − 644
+ − 645
$SID = ($session->sid_super) ? $session->sid_super : '';
+ − 646
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 647
$urlname_clean = str_replace('\'', '\\\'', str_replace('\\', '\\\\', dirtify_page_id($paths->fullpage)));
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 648
$urlname_clean = strtr( $urlname_clean, array( '<' => '<', '>' => '>' ) );
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 649
1
+ − 650
// Generate the dynamic javascript vars
+ − 651
$js_dynamic = ' <script type="text/javascript">// <![CDATA[
+ − 652
// This section defines some basic and very important variables that are used later in the static Javascript library.
+ − 653
// SKIN DEVELOPERS: The template variable for this code block is {JS_DYNAMIC_VARS}. This MUST be inserted BEFORE the tag that links to the main Javascript lib.
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 654
var title=\''. $urlname_clean .'\';
1
+ − 655
var page_exists='. ( ( $paths->page_exists) ? 'true' : 'false' ) .';
+ − 656
var scriptPath=\''. scriptPath .'\';
+ − 657
var contentPath=\''.contentPath.'\';
+ − 658
var ENANO_SID =\'' . $SID . '\';
+ − 659
var auth_level=' . $session->auth_level . ';
+ − 660
var USER_LEVEL_GUEST = ' . USER_LEVEL_GUEST . ';
+ − 661
var USER_LEVEL_MEMBER = ' . USER_LEVEL_MEMBER . ';
+ − 662
var USER_LEVEL_CHPREF = ' . USER_LEVEL_CHPREF . ';
+ − 663
var USER_LEVEL_MOD = ' . USER_LEVEL_MOD . ';
+ − 664
var USER_LEVEL_ADMIN = ' . USER_LEVEL_ADMIN . ';
+ − 665
var editNotice = \'' . ( (getConfig('wiki_edit_notice')=='1') ? str_replace("\n", "\\\n", RenderMan::render(getConfig('wiki_edit_notice_text'))) : '' ) . '\';
+ − 666
var prot = ' . ( ($paths->page_protected && !$session->get_permissions('even_when_protected')) ? 'true' : 'false' ) .'; // No, hacking this var won\'t work, it\'s re-checked on the server
+ − 667
var ENANO_SPECIAL_CREATEPAGE = \''. makeUrl($paths->nslist['Special'].'CreatePage') .'\';
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 668
var ENANO_CREATEPAGE_PARAMS = \'_do=&pagename='. $urlname_clean .'&namespace=' . $paths->namespace . '\';
1
+ − 669
var ENANO_SPECIAL_CHANGESTYLE = \''. makeUrlNS('Special', 'ChangeStyle') .'\';
+ − 670
var namespace_list = new Array();
+ − 671
var AES_BITS = '.AES_BITS.';
+ − 672
var AES_BLOCKSIZE = '.AES_BLOCKSIZE.';
+ − 673
var pagepass = \''. ( ( isset($_REQUEST['pagepass']) ) ? sha1($_REQUEST['pagepass']) : '' ) .'\';
+ − 674
var ENANO_THEME_LIST = \'';
+ − 675
foreach($this->theme_list as $t) {
+ − 676
if($t['enabled'])
+ − 677
{
+ − 678
$js_dynamic .= '<option value="'.$t['theme_id'].'"';
+ − 679
if($t['theme_id'] == $session->theme) $js_dynamic .= ' selected="selected"';
+ − 680
$js_dynamic .= '>'.$t['theme_name'].'</option>';
+ − 681
}
+ − 682
}
+ − 683
$js_dynamic .= '\';
+ − 684
var ENANO_CURRENT_THEME = \''. $session->theme .'\';';
+ − 685
foreach($paths->nslist as $k => $c)
+ − 686
{
+ − 687
$js_dynamic .= "namespace_list['{$k}'] = '$c';";
+ − 688
}
+ − 689
$js_dynamic .= "\n //]]>\n </script>";
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 690
1
+ − 691
$tpl_strings = Array(
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 692
'PAGE_NAME'=>htmlspecialchars($paths->cpage['name']),
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 693
'PAGE_URLNAME'=> $urlname_clean,
1
+ − 694
'SITE_NAME'=>getConfig('site_name'),
+ − 695
'USERNAME'=>$session->username,
+ − 696
'SITE_DESC'=>getConfig('site_desc'),
+ − 697
'TOOLBAR'=>$tb,
+ − 698
'SCRIPTPATH'=>scriptPath,
+ − 699
'CONTENTPATH'=>contentPath,
+ − 700
'ADMIN_SID_QUES'=>$asq,
+ − 701
'ADMIN_SID_AMP'=>$asa,
+ − 702
'ADMIN_SID_AMP_HTML'=>$ash,
+ − 703
'ADMIN_SID_AUTO'=>$as2,
+ − 704
'ADDITIONAL_HEADERS'=>$this->additional_headers,
+ − 705
'COPYRIGHT'=>getConfig('copyright_notice'),
+ − 706
'TOOLBAR_EXTRAS'=>$this->toolbar_menu,
+ − 707
'REQUEST_URI'=>$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'],
+ − 708
'STYLE_LINK'=>makeUrlNS('Special', 'CSS'.$p, null, true), //contentPath.$paths->nslist['Special'].'CSS' . $p,
+ − 709
'LOGIN_LINK'=>$login_link,
+ − 710
'LOGOUT_LINK'=>$logout_link,
+ − 711
'THEME_LINK'=>$theme_link,
+ − 712
'TEMPLATE_DIR'=>scriptPath.'/themes/'.$this->theme,
+ − 713
'THEME_ID'=>$this->theme,
+ − 714
'STYLE_ID'=>$this->style,
+ − 715
'JS_DYNAMIC_VARS'=>$js_dynamic,
+ − 716
'UNREAD_PMS'=>$session->unread_pms
+ − 717
);
+ − 718
+ − 719
foreach ( $paths->nslist as $ns_id => $ns_prefix )
+ − 720
{
+ − 721
$tpl_strings[ 'NS_' . strtoupper($ns_id) ] = $ns_prefix;
+ − 722
}
+ − 723
+ − 724
$this->tpl_strings = array_merge($tpl_strings, $this->tpl_strings);
+ − 725
list($this->tpl_strings['SIDEBAR_LEFT'], $this->tpl_strings['SIDEBAR_RIGHT'], $min) = $this->fetch_sidebar();
+ − 726
$this->tpl_bool['sidebar_left'] = ( $this->tpl_strings['SIDEBAR_LEFT'] != $min) ? true : false;
+ − 727
$this->tpl_bool['sidebar_right'] = ( $this->tpl_strings['SIDEBAR_RIGHT'] != $min) ? true : false;
+ − 728
$this->tpl_bool['right_sidebar'] = $this->tpl_bool['sidebar_right']; // backward compatibility
+ − 729
}
+ − 730
+ − 731
function header($simple = false)
+ − 732
{
+ − 733
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 734
ob_start();
+ − 735
+ − 736
if(!$this->theme_loaded)
+ − 737
{
+ − 738
$this->load_theme($session->theme, $session->style);
+ − 739
}
+ − 740
+ − 741
$headers_sent = true;
+ − 742
dc_here('template: generating and sending the page header');
+ − 743
if(!defined('ENANO_HEADERS_SENT'))
+ − 744
define('ENANO_HEADERS_SENT', '');
+ − 745
if(!$this->no_headers) echo ( $simple ) ? $this->process_template('simple-header.tpl') : $this->process_template('header.tpl');
+ − 746
if ( !$simple && $session->user_logged_in && $session->unread_pms > 0 )
+ − 747
{
+ − 748
echo $this->notify_unread_pms();
+ − 749
}
+ − 750
if ( !$simple && $session->sw_timed_out )
+ − 751
{
+ − 752
$login_link = makeUrlNS('Special', 'Login/' . $paths->fullpage, 'level=' . $session->user_level, true);
+ − 753
echo '<div class="usermessage">';
+ − 754
echo '<b>Your administrative session has timed out.</b> <a href="' . $login_link . '">Log in again</a>';
+ − 755
echo '</div>';
+ − 756
}
+ − 757
}
+ − 758
function footer($simple = false)
+ − 759
{
+ − 760
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 761
dc_here('template: generating and sending the page footer');
+ − 762
if(!$this->no_headers) {
+ − 763
+ − 764
if(!defined('ENANO_HEADERS_SENT'))
+ − 765
$this->header();
+ − 766
+ − 767
global $_starttime;
+ − 768
if(isset($_GET['sqldbg']) && $session->get_permissions('mod_misc'))
+ − 769
{
+ − 770
echo '<h3>Query list as requested on URI</h3><pre style="margin-left: 1em">';
+ − 771
echo $db->sql_backtrace();
+ − 772
echo '</pre>';
+ − 773
}
+ − 774
+ − 775
$f = microtime_float();
+ − 776
$f = $f - $_starttime;
+ − 777
$f = round($f, 4);
+ − 778
$dbg = 'Time: '.$f.'s | Queries: '.$db->num_queries;
+ − 779
$t = ( $simple ) ? $this->process_template('simple-footer.tpl') : $this->process_template('footer.tpl');
+ − 780
$t = str_replace('[[Stats]]', $dbg, $t);
+ − 781
$t = str_replace('[[NumQueries]]', (string)$db->num_queries, $t);
+ − 782
$t = str_replace('[[GenTime]]', (string)$f, $t);
+ − 783
echo $t;
+ − 784
+ − 785
ob_end_flush();
+ − 786
}
+ − 787
else return '';
+ − 788
}
+ − 789
function getHeader()
+ − 790
{
+ − 791
$headers_sent = true;
+ − 792
dc_here('template: generating and sending the page header');
+ − 793
if(!defined('ENANO_HEADERS_SENT'))
+ − 794
define('ENANO_HEADERS_SENT', '');
+ − 795
if(!$this->no_headers) return $this->process_template('header.tpl');
+ − 796
}
+ − 797
function getFooter()
+ − 798
{
+ − 799
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 800
dc_here('template: generating and sending the page footer');
+ − 801
if(!$this->no_headers) {
+ − 802
global $_starttime;
+ − 803
$t = '';
+ − 804
+ − 805
if(isset($_GET['sqldbg']) && $session->get_permissions('mod_misc'))
+ − 806
{
+ − 807
$t .= '<h3>Query list as requested on URI</h3><pre style="margin-left: 1em">';
+ − 808
$t .= $db->sql_backtrace();
+ − 809
$t .= '</pre>';
+ − 810
}
+ − 811
+ − 812
$f = microtime_float();
+ − 813
$f = $f - $_starttime;
+ − 814
$f = round($f, 4);
+ − 815
$dbg = 'Time: '.$f.'s | Queries: '.$db->num_queries;
+ − 816
$t.= $this->process_template('footer.tpl');
+ − 817
$t = str_replace('[[Stats]]', $dbg, $t);
+ − 818
$t = str_replace('[[NumQueries]]', (string)$db->num_queries, $t);
+ − 819
$t = str_replace('[[GenTime]]', (string)$f, $t);
+ − 820
return $t;
+ − 821
}
+ − 822
else return '';
+ − 823
}
+ − 824
+ − 825
function process_template($file) {
+ − 826
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 827
if(!defined('ENANO_TEMPLATE_LOADED'))
+ − 828
{
+ − 829
$this->load_theme();
+ − 830
$this->init_vars();
+ − 831
}
+ − 832
eval($this->compile_template($file));
+ − 833
return $tpl_code;
+ − 834
}
+ − 835
+ − 836
function extract_vars($file) {
+ − 837
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 838
if(!$this->theme)
+ − 839
{
+ − 840
die('$template->extract_vars(): theme not yet loaded, so we can\'t open template files yet...this is a bug and should be reported.<br /><br />Backtrace, most recent call first:<pre>'.enano_debug_print_backtrace(true).'</pre>');
+ − 841
}
+ − 842
if(!is_file(ENANO_ROOT . '/themes/'.$this->theme.'/'.$file)) die('Cannot find '.$file.' file for style "'.$this->theme.'", exiting');
+ − 843
$text = file_get_contents(ENANO_ROOT . '/themes/'.$this->theme.'/'.$file);
+ − 844
preg_match_all('#<\!-- VAR ([A-z0-9_-]*) -->(.*?)<\!-- ENDVAR \\1 -->#is', $text, $matches);
+ − 845
$tplvars = Array();
+ − 846
for($i=0;$i<sizeof($matches[1]);$i++)
+ − 847
{
+ − 848
$tplvars[$matches[1][$i]] = $matches[2][$i];
+ − 849
}
+ − 850
return $tplvars;
+ − 851
}
+ − 852
function compile_template($text) {
+ − 853
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 854
if(!is_file(ENANO_ROOT . '/themes/'.$this->theme.'/'.$text)) die('Cannot find '.$text.' file for style, exiting');
+ − 855
$n = $text;
+ − 856
$tpl_filename = ENANO_ROOT . '/cache/' . $this->theme . '-' . str_replace('/', '-', $n) . '.php';
+ − 857
if(!is_file(ENANO_ROOT . '/themes/'.$this->theme.'/'.$text)) die('Cannot find '.$text.' file for style, exiting');
+ − 858
if(file_exists($tpl_filename) && getConfig('cache_thumbs')=='1')
+ − 859
{
+ − 860
include($tpl_filename);
+ − 861
$text = file_get_contents(ENANO_ROOT . '/themes/'.$this->theme.'/'.$text);
+ − 862
if(isset($md5) && $md5 == md5($text)) {
+ − 863
return str_replace('\\"', '"', $tpl_text);
+ − 864
}
+ − 865
}
+ − 866
$text = file_get_contents(ENANO_ROOT . '/themes/'.$this->theme.'/'.$n);
+ − 867
+ − 868
$md5 = md5($text);
+ − 869
+ − 870
$seed = md5 ( microtime() . mt_rand() );
+ − 871
preg_match_all("/<\?php(.*?)\?>/is", $text, $m);
+ − 872
//die('<pre>'.htmlspecialchars(print_r($m, true)).'</pre>');
+ − 873
for($i = 0; $i < sizeof($m[1]); $i++)
+ − 874
{
+ − 875
$text = str_replace("<?php{$m[1][$i]}?>", "{PHPCODE:{$i}:{$seed}}", $text);
+ − 876
}
+ − 877
//die('<pre>'.htmlspecialchars($text).'</pre>');
+ − 878
$text = 'ob_start(); echo \''.str_replace('\'', '\\\'', $text).'\'; $tpl_code = ob_get_contents(); ob_end_clean();';
+ − 879
$text = preg_replace('#<!-- BEGIN (.*?) -->#is', '\'; if(isset($this->tpl_bool[\'\\1\']) && $this->tpl_bool[\'\\1\']) { echo \'', $text);
+ − 880
$text = preg_replace('#<!-- IFSET (.*?) -->#is', '\'; if(isset($this->tpl_strings[\'\\1\'])) { echo \'', $text);
+ − 881
$text = preg_replace('#<!-- IFPLUGIN (.*?) -->#is', '\'; if(getConfig(\'plugin_\\1\')==\'1\') { echo \'', $text);
+ − 882
$text = preg_replace('#<!-- SYSMSG (.*?) -->#is', '\'; echo $template->tplWikiFormat($paths->sysMsg(\'\\1\')); echo \'', $text);
+ − 883
$text = preg_replace('#<!-- BEGINNOT (.*?) -->#is', '\'; if(!$this->tpl_bool[\'\\1\']) { echo \'', $text);
+ − 884
$text = preg_replace('#<!-- BEGINELSE (.*?) -->#is', '\'; } else { echo \'', $text);
+ − 885
$text = preg_replace('#<!-- END (.*?) -->#is', '\'; } echo \'', $text);
+ − 886
$text = preg_replace('#\{([A-z0-9]*)\}#is', '\'.$this->tpl_strings[\'\\1\'].\'', $text);
+ − 887
for($i = 0; $i < sizeof($m[1]); $i++)
+ − 888
{
+ − 889
$text = str_replace("{PHPCODE:{$i}:{$seed}}", "'; {$m[1][$i]} echo '", $text);
+ − 890
}
+ − 891
if(is_writable(ENANO_ROOT.'/cache/') && getConfig('cache_thumbs')=='1')
+ − 892
{
+ − 893
//die($tpl_filename);
+ − 894
$h = fopen($tpl_filename, 'w');
+ − 895
if(!$h) return $text;
+ − 896
$t = addslashes($text);
+ − 897
fwrite($h, '<?php $md5 = \''.$md5.'\'; $tpl_text = \''.$t.'\'; ?>');
+ − 898
fclose($h);
+ − 899
}
+ − 900
return $text; //('<pre>'.htmlspecialchars($text).'</pre>');
+ − 901
}
+ − 902
+ − 903
function compile_template_text($text) {
+ − 904
$seed = md5 ( microtime() . mt_rand() );
+ − 905
preg_match_all("/<\?php(.*?)\?>/is", $text, $m);
+ − 906
//die('<pre>'.htmlspecialchars(print_r($m, true)).'</pre>');
+ − 907
for($i = 0; $i < sizeof($m[1]); $i++)
+ − 908
{
+ − 909
$text = str_replace("<?php{$m[1][$i]}?>", "{PHPCODE:{$i}:{$seed}}", $text);
+ − 910
}
+ − 911
//die('<pre>'.htmlspecialchars($text).'</pre>');
+ − 912
$text = 'ob_start(); echo \''.str_replace('\'', '\\\'', $text).'\'; $tpl_code = ob_get_contents(); ob_end_clean(); return $tpl_code;';
+ − 913
$text = preg_replace('#<!-- BEGIN (.*?) -->#is', '\'; if(isset($this->tpl_bool[\'\\1\']) && $this->tpl_bool[\'\\1\']) { echo \'', $text);
+ − 914
$text = preg_replace('#<!-- IFSET (.*?) -->#is', '\'; if(isset($this->tpl_strings[\'\\1\'])) { echo \'', $text);
+ − 915
$text = preg_replace('#<!-- IFPLUGIN (.*?) -->#is', '\'; if(getConfig(\'plugin_\\1\')==\'1\') { echo \'', $text);
+ − 916
$text = preg_replace('#<!-- SYSMSG (.*?) -->#is', '\'; echo $template->tplWikiFormat($paths->sysMsg(\'\\1\')); echo \'', $text);
+ − 917
$text = preg_replace('#<!-- BEGINNOT (.*?) -->#is', '\'; if(!$this->tpl_bool[\'\\1\']) { echo \'', $text);
+ − 918
$text = preg_replace('#<!-- BEGINELSE (.*?) -->#is', '\'; } else { echo \'', $text);
+ − 919
$text = preg_replace('#<!-- END (.*?) -->#is', '\'; } echo \'', $text);
+ − 920
$text = preg_replace('#\{([A-z0-9]*)\}#is', '\'.$this->tpl_strings[\'\\1\'].\'', $text);
+ − 921
for($i = 0; $i < sizeof($m[1]); $i++)
+ − 922
{
+ − 923
$text = str_replace("{PHPCODE:{$i}:{$seed}}", "'; {$m[1][$i]} echo '", $text);
+ − 924
}
+ − 925
return $text; //('<pre>'.htmlspecialchars($text).'</pre>');
+ − 926
}
+ − 927
+ − 928
function parse($text)
+ − 929
{
+ − 930
$text = $this->compile_template_text($text);
+ − 931
return eval($text);
+ − 932
}
+ − 933
+ − 934
// Steps to turn this:
+ − 935
// [[Project:Community Portal]]
+ − 936
// into this:
+ − 937
// <a href="/Project:Community_Portal">Community Portal</a>
+ − 938
// Must be done WITHOUT creating eval'ed code!!!
+ − 939
+ − 940
// 1. preg_replace \[\[([a-zA-Z0-9 -_:]*?)\]\] with <a href="'.contentPath.'\\1">\\1</a>
+ − 941
// 2. preg_match_all <a href="'.preg_quote(contentPath).'([a-zA-Z0-9 -_:]*?)">
+ − 942
// 3. For each match, replace matches with identifiers
+ − 943
// 4. For each match, str_replace ' ' with '_'
+ − 944
// 5. For each match, str_replace match_id:random_val with $matches[$match_id]
+ − 945
+ − 946
// The template language is really a miniature programming language; with variables, conditionals, everything!
+ − 947
// So you can implement custom logic into your sidebar if you wish.
+ − 948
// "Real" PHP support coming soon :-D
+ − 949
+ − 950
function tplWikiFormat($message, $filter_links = false, $filename = 'elements.tpl') {
+ − 951
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 952
$filter_links = false;
+ − 953
$tplvars = $this->extract_vars($filename);
+ − 954
if($session->sid_super) $as = htmlspecialchars(urlSeparator).'auth='.$session->sid_super;
+ − 955
else $as = '';
+ − 956
error_reporting(E_ALL);
+ − 957
$random_id = sha1(microtime().''); // A temp value
+ − 958
+ − 959
/*
+ − 960
* PREPROCESSOR
+ − 961
*/
+ − 962
+ − 963
// Variables
+ − 964
+ − 965
preg_match_all('#\$([A-Z_-]+)\$#', $message, $links);
+ − 966
$links = $links[1];
+ − 967
+ − 968
for($i=0;$i<sizeof($links);$i++)
+ − 969
{
+ − 970
$message = str_replace('$'.$links[$i].'$', $this->tpl_strings[$links[$i]], $message);
+ − 971
}
+ − 972
+ − 973
// Conditionals
+ − 974
+ − 975
preg_match_all('#\{if ([A-Za-z0-9_ &\|\!-]*)\}(.*?)\{\/if\}#is', $message, $links);
+ − 976
+ − 977
for($i=0;$i<sizeof($links[1]);$i++)
+ − 978
{
+ − 979
$message = str_replace('{if '.$links[1][$i].'}'.$links[2][$i].'{/if}', '{CONDITIONAL:'.$i.':'.$random_id.'}', $message);
+ − 980
+ − 981
// Time for some manual parsing...
+ − 982
$chk = false;
+ − 983
$current_id = '';
+ − 984
$prn_level = 0;
+ − 985
// Used to keep track of where we are in the conditional
+ − 986
// Object of the game: turn {if this && ( that OR !something_else )} ... {/if} into if( ( isset($this->tpl_bool['that']) && $this->tpl_bool['that'] ) && ...
+ − 987
// Method of attack: escape all variables, ignore all else. Non-valid code is filtered out by a regex above.
+ − 988
$in_var_now = true;
+ − 989
$in_var_last = false;
+ − 990
$current_var = '';
+ − 991
$current_var_start_pos = 0;
+ − 992
$current_var_end_pos = 0;
+ − 993
$j = -1;
+ − 994
$links[1][$i] = $links[1][$i] . ' ';
+ − 995
$d = strlen($links[1][$i]);
+ − 996
while($j < $d)
+ − 997
{
+ − 998
$j++;
+ − 999
$in_var_last = $in_var_now;
+ − 1000
+ − 1001
$char = substr($links[1][$i], $j, 1);
+ − 1002
$in_var_now = ( preg_match('#^([A-z0-9_]*){1}$#', $char) ) ? true : false;
+ − 1003
if(!$in_var_last && $in_var_now)
+ − 1004
{
+ − 1005
$current_var_start_pos = $j;
+ − 1006
}
+ − 1007
if($in_var_last && !$in_var_now)
+ − 1008
{
+ − 1009
$current_var_end_pos = $j;
+ − 1010
}
+ − 1011
if($in_var_now)
+ − 1012
{
+ − 1013
$current_var .= $char;
+ − 1014
continue;
+ − 1015
}
+ − 1016
// OK we are not inside of a variable. That means that we JUST hit the end because the counter ($j) will be advanced to the beginning of the next variable once processing here is complete.
+ − 1017
if($char != ' ' && $char != '(' && $char != ')' && $char != 'A' && $char != 'N' && $char != 'D' && $char != 'O' && $char != 'R' && $char != '&' && $char != '|' && $char != '!' && $char != '<' && $char != '>' && $char != '0' && $char != '1' && $char != '2' && $char != '3' && $char != '4' && $char != '5' && $char != '6' && $char != '7' && $char != '8' && $char != '9')
+ − 1018
{
+ − 1019
// XSS attack! Bail out
+ − 1020
echo '<p><b>Error:</b> Syntax error (possibly XSS attack) caught in template code:</p>';
+ − 1021
echo '<pre>';
+ − 1022
echo '{if '.$links[1][$i].'}';
+ − 1023
echo "\n ";
+ − 1024
for($k=0;$k<$j;$k++) echo " ";
+ − 1025
echo '<span style="color: red;">^</span>';
+ − 1026
echo '</pre>';
+ − 1027
continue 2;
+ − 1028
}
+ − 1029
if($current_var != '')
+ − 1030
{
+ − 1031
$cd = '( isset($this->tpl_bool[\''.$current_var.'\']) && $this->tpl_bool[\''.$current_var.'\'] )';
+ − 1032
$cvt = substr($links[1][$i], 0, $current_var_start_pos) . $cd . substr($links[1][$i], $current_var_end_pos, strlen($links[1][$i]));
+ − 1033
$j = $j + strlen($cd) - strlen($current_var);
+ − 1034
$current_var = '';
+ − 1035
$links[1][$i] = $cvt;
+ − 1036
$d = strlen($links[1][$i]);
+ − 1037
}
+ − 1038
}
+ − 1039
$links[1][$i] = substr($links[1][$i], 0, strlen($links[1][$i])-1);
+ − 1040
$links[1][$i] = '$chk = ( '.$links[1][$i].' ) ? true : false;';
+ − 1041
eval($links[1][$i]);
+ − 1042
+ − 1043
if($chk) { // isset($this->tpl_bool[$links[1][$i]]) && $this->tpl_bool[$links[1][$i]]
+ − 1044
if(strstr($links[2][$i], '{else}')) $c = substr($links[2][$i], 0, strpos($links[2][$i], '{else}'));
+ − 1045
else $c = $links[2][$i];
+ − 1046
$message = str_replace('{CONDITIONAL:'.$i.':'.$random_id.'}', $c, $message);
+ − 1047
} else {
+ − 1048
if(strstr($links[2][$i], '{else}')) $c = substr($links[2][$i], strpos($links[2][$i], '{else}')+6, strlen($links[2][$i]));
+ − 1049
else $c = '';
+ − 1050
$message = str_replace('{CONDITIONAL:'.$i.':'.$random_id.'}', $c, $message);
+ − 1051
}
+ − 1052
}
+ − 1053
+ − 1054
preg_match_all('#\{!if ([A-Za-z_-]*)\}(.*?)\{\/if\}#is', $message, $links);
+ − 1055
+ − 1056
for($i=0;$i<sizeof($links[1]);$i++)
+ − 1057
{
+ − 1058
$message = str_replace('{!if '.$links[1][$i].'}'.$links[2][$i].'{/if}', '{CONDITIONAL:'.$i.':'.$random_id.'}', $message);
+ − 1059
if(isset($this->tpl_bool[$links[1][$i]]) && $this->tpl_bool[$links[1][$i]]) {
+ − 1060
if(strstr($links[2][$i], '{else}')) $c = substr($links[2][$i], strpos($links[2][$i], '{else}')+6, strlen($links[2][$i]));
+ − 1061
else $c = '';
+ − 1062
$message = str_replace('{CONDITIONAL:'.$i.':'.$random_id.'}', $c, $message);
+ − 1063
} else {
+ − 1064
if(strstr($links[2][$i], '{else}')) $c = substr($links[2][$i], 0, strpos($links[2][$i], '{else}'));
+ − 1065
else $c = $links[2][$i];
+ − 1066
$message = str_replace('{CONDITIONAL:'.$i.':'.$random_id.'}', $c, $message);
+ − 1067
}
+ − 1068
}
+ − 1069
+ − 1070
/*
+ − 1071
* HTML RENDERER
+ − 1072
*/
+ − 1073
+ − 1074
// Images
+ − 1075
$j = preg_match_all('#\[\[:'.$paths->nslist['File'].'([\w\s0-9_\(\)!@%\^\+\|\.-]+?)\]\]#is', $message, $matchlist);
+ − 1076
$matches = Array();
+ − 1077
$matches['images'] = $matchlist[1];
+ − 1078
for($i=0;$i<sizeof($matchlist[1]);$i++)
+ − 1079
{
+ − 1080
if(isPage($paths->nslist['File'].$matches['images'][$i]))
+ − 1081
{
+ − 1082
$message = str_replace('[[:'.$paths->nslist['File'].$matches['images'][$i].']]',
+ − 1083
'<img alt="'.$matches['images'][$i].'" style="border: 0" src="'.makeUrlNS('Special', 'DownloadFile/'.$matches['images'][$i]).'" />',
+ − 1084
$message);
+ − 1085
}
+ − 1086
}
+ − 1087
+ − 1088
// Internal links
+ − 1089
+ − 1090
$text_parser = $this->makeParserText($tplvars['sidebar_button']);
+ − 1091
+ − 1092
preg_match_all('#\[\[([a-zA-Z0-9 -_]*?)\]\]#is', $message, $il);
+ − 1093
for($i=0;$i<sizeof($il[1]);$i++)
+ − 1094
{
+ − 1095
$href = makeUrl(str_replace(' ', '_', $il[1][$i]), null, true);
+ − 1096
$text_parser->assign_vars(Array(
+ − 1097
'HREF' => $href,
+ − 1098
'FLAGS' => '',
+ − 1099
'TEXT' => $il[1][$i]
+ − 1100
));
+ − 1101
$message = str_replace("[[{$il[1][$i]}]]", $text_parser->run(), $message);
+ − 1102
}
+ − 1103
+ − 1104
preg_match_all('#\[\[([a-zA-Z0-9 -_]*?)\|([a-zA-Z0-9!@\#\$%\^&\*\(\)\{\} -_]*?)\]\]#is', $message, $il);
+ − 1105
for($i=0;$i<sizeof($il[1]);$i++)
+ − 1106
{
+ − 1107
$href = makeUrl(str_replace(' ', '_', $il[1][$i]), null, true);
+ − 1108
$text_parser->assign_vars(Array(
+ − 1109
'HREF' => $href,
+ − 1110
'FLAGS' => '',
+ − 1111
'TEXT' => $il[2][$i]
+ − 1112
));
+ − 1113
$message = str_replace("[[{$il[1][$i]}|{$il[2][$i]}]]", $text_parser->run(), $message);
+ − 1114
}
+ − 1115
+ − 1116
// External links
+ − 1117
$message = preg_replace('#\[(http|ftp|irc):\/\/([a-z0-9\/:_\.\?&%\#@_\\\\-]+?)\\ ([^\]]+)]#', '<a href="\\1://\\2">\\3</a><br style="display: none;" />', $message);
+ − 1118
$message = preg_replace('#\[(http|ftp|irc):\/\/([a-z0-9\/:_\.\?&%\#@_\\\\-]+?)\\]#', '<a href="\\1://\\2">\\1://\\2</a><br style="display: none;" />', $message);
+ − 1119
+ − 1120
$parser1 = $this->makeParserText($tplvars['sidebar_section']);
+ − 1121
$parser2 = $this->makeParserText($tplvars['sidebar_section_raw']);
+ − 1122
+ − 1123
preg_match_all('#\{slider(2|)=(.*?)\}(.*?)\{\/slider(2|)\}#is', $message, $sb);
+ − 1124
+ − 1125
// Modified to support the sweet new template var system
+ − 1126
for($i=0;$i<sizeof($sb[1]);$i++)
+ − 1127
{
+ − 1128
$p = ($sb[1][$i] == '2') ? $parser2 : $parser1;
+ − 1129
$p->assign_vars(Array('TITLE'=>$sb[2][$i],'CONTENT'=>$sb[3][$i]));
+ − 1130
$message = str_replace("{slider{$sb[1][$i]}={$sb[2][$i]}}{$sb[3][$i]}{/slider{$sb[4][$i]}}", $p->run(), $message);
+ − 1131
}
+ − 1132
+ − 1133
/*
+ − 1134
Extras ;-)
+ − 1135
$message = preg_replace('##is', '', $message);
+ − 1136
$message = preg_replace('##is', '', $message);
+ − 1137
$message = preg_replace('##is', '', $message);
+ − 1138
$message = preg_replace('##is', '', $message);
+ − 1139
$message = preg_replace('##is', '', $message);
+ − 1140
*/
+ − 1141
+ − 1142
//die('<pre>'.htmlspecialchars($message).'</pre>');
+ − 1143
//eval($message); exit;
+ − 1144
return $message;
+ − 1145
}
+ − 1146
+ − 1147
/**
+ − 1148
* Print a text field that auto-completes a username entered into it.
+ − 1149
* @param string $name - the name of the form field
+ − 1150
* @return string
+ − 1151
*/
+ − 1152
+ − 1153
function username_field($name, $value = false)
+ − 1154
{
+ − 1155
$randomid = md5( time() . microtime() . mt_rand() );
+ − 1156
$text = '<input name="'.$name.'" onkeyup="ajaxUserNameComplete(this)" autocomplete="off" type="text" size="30" id="userfield_'.$randomid.'"';
+ − 1157
if($value) $text .= ' value="'.$value.'"';
+ − 1158
$text .= ' />';
+ − 1159
return $text;
+ − 1160
}
+ − 1161
+ − 1162
/**
+ − 1163
* Print a text field that auto-completes a page name entered into it.
+ − 1164
* @param string $name - the name of the form field
+ − 1165
* @return string
+ − 1166
*/
+ − 1167
+ − 1168
function pagename_field($name, $value = false)
+ − 1169
{
+ − 1170
$randomid = md5( time() . microtime() . mt_rand() );
+ − 1171
$text = '<input name="'.$name.'" onkeyup="ajaxPageNameComplete(this)" type="text" size="30" id="pagefield_'.$randomid.'"';
+ − 1172
if($value) $text .= ' value="'.$value.'"';
+ − 1173
$text .= ' />';
+ − 1174
$text .= '<script type="text/javascript">
+ − 1175
var inp = document.getElementById(\'pagefield_' . $randomid . '\');
+ − 1176
var f = get_parent_form(inp);
+ − 1177
if ( f )
+ − 1178
{
+ − 1179
if ( typeof(f.onsubmit) != \'function\' )
+ − 1180
{
+ − 1181
f.onsubmit = function() {
+ − 1182
if ( !submitAuthorized )
+ − 1183
{
+ − 1184
return false;
+ − 1185
}
+ − 1186
}
+ − 1187
}
+ − 1188
}</script>';
+ − 1189
return $text;
+ − 1190
}
+ − 1191
+ − 1192
/**
+ − 1193
* Sends a textarea that can be converted to and from a TinyMCE widget on the fly.
+ − 1194
* @param string The name of the form element
+ − 1195
* @param string The initial content. Optional, defaults to blank
+ − 1196
* @param int Rows in textarea
+ − 1197
* @param int Columns in textarea
+ − 1198
* @return string HTML and Javascript code.
+ − 1199
*/
+ − 1200
+ − 1201
function tinymce_textarea($name, $content = '', $rows = 20, $cols = 60)
+ − 1202
{
+ − 1203
$randomid = md5(microtime() . mt_rand());
+ − 1204
$html = '';
+ − 1205
$html .= '<textarea name="' . $name . '" rows="'.$rows.'" cols="'.$cols.'" style="width: 100%;" id="toggleMCEroot_'.$randomid.'">' . $content . '</textarea>';
+ − 1206
$html .= '<div style="float: right; display: table;" id="mceSwitchAgent_' . $randomid . '">text editor | <a href="#" onclick="toggleMCE_'.$randomid.'(); return false;">graphical editor</a></div>';
+ − 1207
$html .= '<script type="text/javascript">
+ − 1208
// <![CDATA[
+ − 1209
function toggleMCE_'.$randomid.'()
+ − 1210
{
+ − 1211
var the_obj = document.getElementById(\'toggleMCEroot_' . $randomid . '\');
+ − 1212
var panel = document.getElementById(\'mceSwitchAgent_' . $randomid . '\');
+ − 1213
if ( the_obj.dnIsMCE == "yes" )
+ − 1214
{
+ − 1215
$dynano(the_obj).destroyMCE();
+ − 1216
panel.innerHTML = \'text editor | <a href="#" onclick="toggleMCE_'.$randomid.'(); return false;">graphical editor</a>\';
+ − 1217
}
+ − 1218
else
+ − 1219
{
+ − 1220
$dynano(the_obj).switchToMCE();
+ − 1221
panel.innerHTML = \'<a href="#" onclick="toggleMCE_'.$randomid.'(); return false;">text editor</a> | graphical editor\';
+ − 1222
}
+ − 1223
}
+ − 1224
// ]]>
+ − 1225
</script>';
+ − 1226
return $html;
+ − 1227
}
+ − 1228
+ − 1229
/**
+ − 1230
* Allows individual parsing of template files. Similar to phpBB but follows the spirit of object-oriented programming ;)
+ − 1231
* Returns on object of class templateIndividual. Usage instructions can be found in the inline docs for that class.
+ − 1232
* @param $filename the filename of the template to be parsed
+ − 1233
* @return object
+ − 1234
*/
+ − 1235
+ − 1236
function makeParser($filename)
+ − 1237
{
+ − 1238
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1239
$filename = ENANO_ROOT.'/themes/'.$template->theme.'/'.$filename;
+ − 1240
if(!file_exists($filename)) die('templateIndividual: file '.$filename.' does not exist');
+ − 1241
$code = file_get_contents($filename);
+ − 1242
$parser = new templateIndividual($code);
+ − 1243
return $parser;
+ − 1244
}
+ − 1245
+ − 1246
/**
+ − 1247
* Same as $template->makeParser(), but takes a string instead of a filename.
+ − 1248
* @param $text the text to parse
+ − 1249
* @return object
+ − 1250
*/
+ − 1251
+ − 1252
function makeParserText($code)
+ − 1253
{
+ − 1254
$parser = new templateIndividual($code);
+ − 1255
return $parser;
+ − 1256
}
+ − 1257
+ − 1258
/**
+ − 1259
* Fetch the HTML for a plugin-added sidebar block
+ − 1260
* @param $name the plugin name
+ − 1261
* @return string
+ − 1262
*/
+ − 1263
+ − 1264
function fetch_block($id)
+ − 1265
{
+ − 1266
if(isset($this->plugin_blocks[$id])) return $this->plugin_blocks[$id];
+ − 1267
else return false;
+ − 1268
}
+ − 1269
+ − 1270
/**
+ − 1271
* Fetches the contents of both sidebars.
+ − 1272
* @return array - key 0 is left, key 1 is right
+ − 1273
* @example list($left, $right) = $template->fetch_sidebar();
+ − 1274
*/
+ − 1275
+ − 1276
function fetch_sidebar()
+ − 1277
{
+ − 1278
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1279
+ − 1280
$left = '';
+ − 1281
$right = '';
+ − 1282
+ − 1283
if ( !$this->fetch_block('Links') )
+ − 1284
$this->initLinksWidget();
+ − 1285
+ − 1286
$q = $db->sql_query('SELECT item_id,sidebar_id,block_name,block_type,block_content FROM '.table_prefix.'sidebar WHERE item_enabled=1 ORDER BY sidebar_id ASC, item_order ASC;');
+ − 1287
if(!$q) $db->_die('The sidebar text data could not be selected.');
+ − 1288
+ − 1289
$vars = $this->extract_vars('elements.tpl');
+ − 1290
+ − 1291
if(isset($vars['sidebar_top']))
+ − 1292
{
+ − 1293
$left .= $this->parse($vars['sidebar_top']);
+ − 1294
$right .= $this->parse($vars['sidebar_top']);
+ − 1295
}
+ − 1296
while($row = $db->fetchrow())
+ − 1297
{
+ − 1298
switch($row['block_type'])
+ − 1299
{
+ − 1300
case BLOCK_WIKIFORMAT:
+ − 1301
default:
+ − 1302
$parser = $this->makeParserText($vars['sidebar_section']);
+ − 1303
$c = RenderMan::render($row['block_content']);
+ − 1304
break;
+ − 1305
case BLOCK_TEMPLATEFORMAT:
+ − 1306
$parser = $this->makeParserText($vars['sidebar_section']);
+ − 1307
$c = $this->tplWikiFormat($row['block_content']);
+ − 1308
break;
+ − 1309
case BLOCK_HTML:
+ − 1310
$parser = $this->makeParserText($vars['sidebar_section_raw']);
+ − 1311
$c = $row['block_content'];
+ − 1312
break;
+ − 1313
case BLOCK_PHP:
+ − 1314
$parser = $this->makeParserText($vars['sidebar_section_raw']);
+ − 1315
ob_start();
+ − 1316
@eval($row['block_content']);
+ − 1317
$c = ob_get_contents();
+ − 1318
ob_end_clean();
+ − 1319
break;
+ − 1320
case BLOCK_PLUGIN:
+ − 1321
$parser = $this->makeParserText($vars['sidebar_section_raw']);
+ − 1322
$c = (gettype($this->fetch_block($row['block_content'])) == 'string') ? $this->fetch_block($row['block_content']) : 'Can\'t find plugin block';
+ − 1323
break;
+ − 1324
}
+ − 1325
$parser->assign_vars(Array( 'TITLE'=>$this->tplWikiFormat($row['block_name']), 'CONTENT'=>$c ));
+ − 1326
if ($row['sidebar_id'] == SIDEBAR_LEFT ) $left .= $parser->run();
+ − 1327
elseif($row['sidebar_id'] == SIDEBAR_RIGHT) $right .= $parser->run();
+ − 1328
unset($parser);
+ − 1329
}
+ − 1330
$db->free_result();
+ − 1331
if(isset($vars['sidebar_bottom']))
+ − 1332
{
+ − 1333
$left .= $this->parse($vars['sidebar_bottom']);
+ − 1334
$right .= $this->parse($vars['sidebar_bottom']);
+ − 1335
}
+ − 1336
$min = '';
+ − 1337
if(isset($vars['sidebar_top']))
+ − 1338
{
+ − 1339
$min .= $this->parse($vars['sidebar_top']);
+ − 1340
}
+ − 1341
if(isset($vars['sidebar_bottom']))
+ − 1342
{
+ − 1343
$min .= $this->parse($vars['sidebar_bottom']);
+ − 1344
}
+ − 1345
return Array($left, $right, $min);
+ − 1346
}
+ − 1347
+ − 1348
function initLinksWidget()
+ − 1349
{
+ − 1350
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1351
// SourceForge/W3C buttons
+ − 1352
$ob = Array();
+ − 1353
if(getConfig('powered_btn') =='1') $ob[] = '<a style="text-align: center;" href="http://www.enanocms.org/" onclick="window.open(this.href);return false;"><img alt="Powered by Enano" src="'.scriptPath.'/images/about-powered-enano.png" onmouseover="this.src=\''.scriptPath.'/images/about-powered-enano-hover.png\';" onmouseout="this.src=\''.scriptPath.'/images/about-powered-enano.png\';" style="border-width: 0px;" width="88" height="31" /></a>';
+ − 1354
if(getConfig('sflogo_enabled')=='1')
+ − 1355
{
+ − 1356
$ob[] = '<a style="text-align: center;" href="http://sourceforge.net/" onclick="window.open(this.href);return false;"><img style="border-width: 0px;" alt="SourceForge.net Logo" src="http://sflogo.sourceforge.net/sflogo.php?group_id='.getConfig('sflogo_groupid').'&type='.getConfig('sflogo_type').'" /></a>';
+ − 1357
}
+ − 1358
if(getConfig('w3c_v32') =='1') $ob[] = '<a style="text-align: center;" href="http://validator.w3.org/check?uri=referer" onclick="window.open(this.href);return false;"><img style="border: 0px solid #FFFFFF;" alt="Valid HTML 3.2" src="http://www.w3.org/Icons/valid-html32" /></a>';
+ − 1359
if(getConfig('w3c_v40') =='1') $ob[] = '<a style="text-align: center;" href="http://validator.w3.org/check?uri=referer" onclick="window.open(this.href);return false;"><img style="border: 0px solid #FFFFFF;" alt="Valid HTML 4.0" src="http://www.w3.org/Icons/valid-html40" /></a>';
+ − 1360
if(getConfig('w3c_v401') =='1') $ob[] = '<a style="text-align: center;" href="http://validator.w3.org/check?uri=referer" onclick="window.open(this.href);return false;"><img style="border: 0px solid #FFFFFF;" alt="Valid HTML 4.01" src="http://www.w3.org/Icons/valid-html401" /></a>';
+ − 1361
if(getConfig('w3c_vxhtml10')=='1') $ob[] = '<a style="text-align: center;" href="http://validator.w3.org/check?uri=referer" onclick="window.open(this.href);return false;"><img style="border: 0px solid #FFFFFF;" alt="Valid XHTML 1.0" src="http://www.w3.org/Icons/valid-xhtml10" /></a>';
+ − 1362
if(getConfig('w3c_vxhtml11')=='1') $ob[] = '<a style="text-align: center;" href="http://validator.w3.org/check?uri=referer" onclick="window.open(this.href);return false;"><img style="border: 0px solid #FFFFFF;" alt="Valid XHTML 1.1" src="http://www.w3.org/Icons/valid-xhtml11" /></a>';
+ − 1363
if(getConfig('w3c_vcss') =='1') $ob[] = '<a style="text-align: center;" href="http://validator.w3.org/check?uri=referer" onclick="window.open(this.href);return false;"><img style="border: 0px solid #FFFFFF;" alt="Valid CSS" src="http://www.w3.org/Icons/valid-css" /></a>';
+ − 1364
if(getConfig('dbd_button') =='1') $ob[] = '<a style="text-align: center;" href="http://www.defectivebydesign.org/join/button" onclick="window.open(this.href);return false;"><img style="border: 0px solid #FFFFFF;" alt="DRM technology restricts what you can do with your computer" src="http://defectivebydesign.org/sites/nodrm.civicactions.net/files/images/dbd_sm_btn.gif" /><br /><small>Protect your freedom >></small></a>';
+ − 1365
+ − 1366
$code = $plugins->setHook('links_widget');
+ − 1367
foreach ( $code as $cmd )
+ − 1368
{
+ − 1369
eval($cmd);
+ − 1370
}
+ − 1371
+ − 1372
if(count($ob) > 0) $sb_links = '<div style="text-align: center; padding: 5px 0;">'.implode('<br />', $ob).'</div>';
+ − 1373
else $sb_links = '';
+ − 1374
+ − 1375
$this->sidebar_widget('Links', $sb_links);
+ − 1376
}
+ − 1377
+ − 1378
/**
+ − 1379
* Builds a box showing unread private messages.
+ − 1380
*/
+ − 1381
+ − 1382
function notify_unread_pms()
+ − 1383
{
+ − 1384
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1385
if ( ( $paths->cpage['urlname_nons'] == 'PrivateMessages' || $paths->cpage['urlname_nons'] == 'Preferences' ) && $paths->namespace == 'Special' )
+ − 1386
{
+ − 1387
return '';
+ − 1388
}
+ − 1389
$ob = '<div class="usermessage">'."\n";
+ − 1390
$s = ( $session->unread_pms == 1 ) ? '' : 's';
+ − 1391
$ob .= " <b>You have $session->unread_pms <a href=" . '"' . makeUrlNS('Special', 'PrivateMessages' ) . '"' . ">unread private message$s</a>.</b><br />\n Messages: ";
+ − 1392
$q = $db->sql_query('SELECT message_id,message_from,subject,date FROM '.table_prefix.'privmsgs WHERE message_to=\'' . $session->username . '\' AND message_read=0 ORDER BY date DESC;');
+ − 1393
if ( !$q )
+ − 1394
$db->_die();
+ − 1395
$messages = array();
+ − 1396
while ( $row = $db->fetchrow() )
+ − 1397
{
+ − 1398
$messages[] = '<a href="' . makeUrlNS('Special', 'PrivateMessages/View/' . $row['message_id']) . '" title="Sent ' . date('F d, Y h:i a', $row['date']) . ' by ' . $row['message_from'] . '">' . $row['subject'] . '</a>';
+ − 1399
}
+ − 1400
$ob .= implode(",\n " , $messages)."\n";
+ − 1401
$ob .= '</div>'."\n";
+ − 1402
return $ob;
+ − 1403
}
+ − 1404
+ − 1405
} // class template
+ − 1406
+ − 1407
/**
+ − 1408
* Handles parsing of an individual template file. Instances should only be created through $template->makeParser(). To use:
+ − 1409
* - Call $template->makeParser(template file name) - file name should be something.tpl, css/whatever.css, etc.
+ − 1410
* - Make an array of strings you want the template to access. $array['STRING'] would be referenced in the template like {STRING}
+ − 1411
* - Make an array of boolean values. These can be used for conditionals in the template (<!-- IF something --> whatever <!-- ENDIF something -->)
+ − 1412
* - Call assign_vars() to pass the strings to the template parser. Same thing with assign_bool().
+ − 1413
* - Call run() to parse the template and get your fully compiled HTML.
+ − 1414
* @access private
+ − 1415
*/
+ − 1416
+ − 1417
class templateIndividual extends template {
+ − 1418
var $tpl_strings, $tpl_bool, $tpl_code;
+ − 1419
var $compiled = false;
+ − 1420
/**
+ − 1421
* Constructor.
+ − 1422
*/
+ − 1423
function __construct($text)
+ − 1424
{
+ − 1425
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1426
$this->tpl_code = $text;
+ − 1427
$this->tpl_strings = $template->tpl_strings;
+ − 1428
$this->tpl_bool = $template->tpl_bool;
+ − 1429
}
+ − 1430
/**
+ − 1431
* PHP 4 constructor.
+ − 1432
*/
+ − 1433
function templateIndividual($text)
+ − 1434
{
+ − 1435
$this->__construct($text);
+ − 1436
}
+ − 1437
/**
+ − 1438
* Assigns an array of string values to the template. Strings can be accessed from the template by inserting {KEY_NAME} in the template file.
+ − 1439
* @param $vars array
+ − 1440
*/
+ − 1441
function assign_vars($vars)
+ − 1442
{
+ − 1443
$this->tpl_strings = array_merge($this->tpl_strings, $vars);
+ − 1444
}
+ − 1445
/**
+ − 1446
* Assigns an array of boolean values to the template. These can be used for <!-- IF ... --> statements.
+ − 1447
* @param $vars array
+ − 1448
*/
+ − 1449
function assign_bool($vars)
+ − 1450
{
+ − 1451
$this->tpl_bool = array_merge($this->tpl_bool, $vars);
+ − 1452
}
+ − 1453
/**
+ − 1454
* Compiles and executes the template code.
+ − 1455
* @return string
+ − 1456
*/
+ − 1457
function run()
+ − 1458
{
+ − 1459
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1460
if(!$this->compiled)
+ − 1461
{
+ − 1462
$this->tpl_code = $this->compile_template_text($this->tpl_code);
+ − 1463
$this->compiled = true;
+ − 1464
}
+ − 1465
return eval($this->tpl_code);
+ − 1466
}
+ − 1467
}
+ − 1468
+ − 1469
/**
+ − 1470
* A version of the template compiler that does not rely at all on the other parts of Enano. Used during installation and for showing
+ − 1471
* "critical error" messages. ** REQUIRES ** the Oxygen theme.
+ − 1472
*/
+ − 1473
+ − 1474
class template_nodb {
+ − 1475
var $tpl_strings, $tpl_bool, $theme, $style, $no_headers, $additional_headers, $sidebar_extra, $sidebar_widgets, $toolbar_menu, $theme_list;
+ − 1476
function __construct() {
+ − 1477
+ − 1478
$this->tpl_bool = Array();
+ − 1479
$this->tpl_strings = Array();
+ − 1480
$this->sidebar_extra = '';
+ − 1481
$this->sidebar_widgets = '';
+ − 1482
$this->toolbar_menu = '';
+ − 1483
$this->additional_headers = '';
+ − 1484
+ − 1485
$this->theme_list = Array(Array(
+ − 1486
'theme_id'=>'oxygen',
+ − 1487
'theme_name'=>'Oxygen',
+ − 1488
'theme_order'=>1,
+ − 1489
'enabled'=>1,
+ − 1490
));
+ − 1491
}
+ − 1492
function template() {
+ − 1493
$this->__construct();
+ − 1494
}
+ − 1495
function get_css($s = false) {
+ − 1496
if($s)
+ − 1497
return $this->process_template('css/'.$s);
+ − 1498
else
+ − 1499
return $this->process_template('css/'.$this->style.'.css');
+ − 1500
}
+ − 1501
function load_theme($name, $css, $auto_init = true) {
+ − 1502
$this->theme = $name;
+ − 1503
$this->style = $css;
+ − 1504
+ − 1505
$this->tpl_strings['SCRIPTPATH'] = scriptPath;
+ − 1506
if ( $auto_init )
+ − 1507
$this->init_vars();
+ − 1508
}
+ − 1509
function init_vars()
+ − 1510
{
+ − 1511
global $sideinfo;
+ − 1512
global $this_page;
+ − 1513
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1514
$tplvars = $this->extract_vars('elements.tpl');
+ − 1515
$tb = '';
+ − 1516
// Get the "article" button text (depends on namespace)
+ − 1517
if(defined('IN_ENANO_INSTALL')) $ns = 'installation page';
+ − 1518
else $ns = 'system error page';
+ − 1519
$t = str_replace('{FLAGS}', 'onclick="return false;" title="Hey! A button that doesn\'t do anything. Clever..." accesskey="a"', $tplvars['toolbar_button']);
+ − 1520
$t = str_replace('{HREF}', '#', $t);
+ − 1521
$t = str_replace('{TEXT}', $ns, $t);
+ − 1522
$tb .= $t;
+ − 1523
+ − 1524
// Page toolbar
+ − 1525
+ − 1526
$this->tpl_bool = Array(
+ − 1527
'auth_admin'=>true,
+ − 1528
'user_logged_in'=>true,
+ − 1529
'right_sidebar'=>false,
+ − 1530
);
+ − 1531
$this->tpl_bool['in_sidebar_admin'] = false;
+ − 1532
+ − 1533
$this->tpl_bool['auth_rename'] = false;
+ − 1534
+ − 1535
$asq = $asa = '';
+ − 1536
+ − 1537
$this->tpl_bool['fixed_menus'] = false;
+ − 1538
$slink = defined('IN_ENANO_INSTALL') ? scriptPath.'/install.php?mode=css' : makeUrlNS('Special', 'CSS');
+ − 1539
+ − 1540
$title = ( is_object($paths) ) ? $paths->page : 'Critical error';
+ − 1541
+ − 1542
// The rewritten template engine will process all required vars during the load_template stage instead of (cough) re-processing everything each time around.
+ − 1543
$tpl_strings = Array(
+ − 1544
'PAGE_NAME'=>$this_page,
+ − 1545
'PAGE_URLNAME'=>'Null',
+ − 1546
'SITE_NAME'=>'Enano Installation',
+ − 1547
'USERNAME'=>'admin',
+ − 1548
'SITE_DESC'=>'Install Enano on your server.',
+ − 1549
'TOOLBAR'=>$tb,
+ − 1550
'SCRIPTPATH'=>scriptPath,
+ − 1551
'CONTENTPATH'=>contentPath,
+ − 1552
'ADMIN_SID_QUES'=>$asq,
+ − 1553
'ADMIN_SID_AMP'=>$asa,
+ − 1554
'ADMIN_SID_AMP_HTML'=>'',
+ − 1555
'ADDITIONAL_HEADERS'=>'<style type="text/css">div.pagenav { border-top: 1px solid #CCC; padding-top: 7px; margin-top: 10px; }</style>',
+ − 1556
'SIDEBAR_EXTRA'=>'',
+ − 1557
'COPYRIGHT'=>'Enano and all of its code, graphics, and more code is copyright © 2006 Dan Fuhry.<br />This program is Free Software; see the file "GPL" included with this package for details.',
+ − 1558
'TOOLBAR_EXTRAS'=>'',
+ − 1559
'REQUEST_URI'=>$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'],
+ − 1560
'STYLE_LINK'=>$slink,
+ − 1561
'LOGOUT_LINK'=>'',
+ − 1562
'THEME_LINK'=>'',
+ − 1563
'TEMPLATE_DIR'=>scriptPath.'/themes/'.$this->theme,
+ − 1564
'THEME_ID'=>$this->theme,
+ − 1565
'STYLE_ID'=>$this->style,
+ − 1566
'JS_DYNAMIC_VARS'=>'<script type="text/javascript">var title="'. $title .'"; var scriptPath="'.scriptPath.'"; var ENANO_SID=""; var AES_BITS='.AES_BITS.'; var AES_BLOCKSIZE=' . AES_BLOCKSIZE . '; var pagepass=\'\';</script>',
+ − 1567
'SIDEBAR_RIGHT'=>'',
+ − 1568
);
+ − 1569
$this->tpl_strings = array_merge($tpl_strings, $this->tpl_strings);
+ − 1570
+ − 1571
$sidebar = ( gettype($sideinfo) == 'string' ) ? $sideinfo : '';
+ − 1572
if($sidebar != '')
+ − 1573
{
+ − 1574
if(isset($tplvars['sidebar_top']))
+ − 1575
{
+ − 1576
$text = $this->makeParserText($tplvars['sidebar_top']);
+ − 1577
$top = $text->run();
+ − 1578
} else {
+ − 1579
$top = '';
+ − 1580
}
+ − 1581
$p = $this->makeParserText($tplvars['sidebar_section']);
+ − 1582
$p->assign_vars(Array(
+ − 1583
'TITLE'=>'Installation progress',
+ − 1584
'CONTENT'=>$sidebar,
+ − 1585
));
+ − 1586
$sidebar = $p->run();
+ − 1587
if(isset($tplvars['sidebar_bottom']))
+ − 1588
{
+ − 1589
$text = $this->makeParserText($tplvars['sidebar_bottom']);
+ − 1590
$bottom = $text->run();
+ − 1591
} else {
+ − 1592
$bottom = '';
+ − 1593
}
+ − 1594
$sidebar = $top . $sidebar . $bottom;
+ − 1595
}
+ − 1596
$this->tpl_strings['SIDEBAR_LEFT'] = $sidebar;
+ − 1597
+ − 1598
$this->tpl_bool['sidebar_left'] = ( $this->tpl_strings['SIDEBAR_LEFT'] != '') ? true : false;
+ − 1599
$this->tpl_bool['sidebar_right'] = ( $this->tpl_strings['SIDEBAR_RIGHT'] != '') ? true : false;
+ − 1600
$this->tpl_bool['right_sidebar'] = $this->tpl_bool['sidebar_right']; // backward compatibility
+ − 1601
$this->tpl_bool['stupid_mode'] = true;
+ − 1602
}
+ − 1603
function header()
+ − 1604
{
+ − 1605
if(!$this->no_headers) echo $this->process_template('header.tpl');
+ − 1606
}
+ − 1607
function footer()
+ − 1608
{
+ − 1609
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1610
if(!$this->no_headers) {
+ − 1611
global $_starttime;
+ − 1612
$f = microtime(true);
+ − 1613
$f = $f - $_starttime;
+ − 1614
$f = round($f, 4);
+ − 1615
if(defined('IN_ENANO_INSTALL')) $nq = 'N/A';
+ − 1616
else $nq = $db->num_queries;
+ − 1617
if($nq == 0) $nq = 'N/A';
+ − 1618
$dbg = 'Time: '.$f.'s | Queries: '.$nq;
+ − 1619
$t = $this->process_template('footer.tpl');
+ − 1620
$t = str_replace('[[Stats]]', $dbg, $t);
+ − 1621
echo $t;
+ − 1622
}
+ − 1623
else return '';
+ − 1624
}
+ − 1625
function getHeader()
+ − 1626
{
+ − 1627
if(!$this->no_headers) return $this->process_template('header.tpl');
+ − 1628
else return '';
+ − 1629
}
+ − 1630
function getFooter()
+ − 1631
{
+ − 1632
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1633
if(!$this->no_headers) {
+ − 1634
global $_starttime;
+ − 1635
$f = microtime(true);
+ − 1636
$f = $f - $_starttime;
+ − 1637
$f = round($f, 4);
+ − 1638
if(defined('IN_ENANO_INSTALL')) $nq = 'N/A';
+ − 1639
else $nq = $db->num_queries;
+ − 1640
if($nq == 0) $nq = 'N/A';
+ − 1641
$dbg = 'Time: '.$f.'s | Queries: '.$nq;
+ − 1642
if($nq == 0) $nq = 'N/A';
+ − 1643
$t = $this->process_template('footer.tpl');
+ − 1644
$t = str_replace('[[Stats]]', $dbg, $t);
+ − 1645
return $t;
+ − 1646
}
+ − 1647
else return '';
+ − 1648
}
+ − 1649
+ − 1650
function process_template($file) {
+ − 1651
+ − 1652
eval($this->compile_template($file));
+ − 1653
return $tpl_code;
+ − 1654
}
+ − 1655
+ − 1656
function extract_vars($file) {
+ − 1657
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1658
if(!is_file(ENANO_ROOT . '/themes/'.$this->theme.'/'.$file)) die('Cannot find '.$file.' file for style "'.$this->theme.'", exiting');
+ − 1659
$text = file_get_contents(ENANO_ROOT . '/themes/'.$this->theme.'/'.$file);
+ − 1660
preg_match_all('#<\!-- VAR ([A-z0-9_-]*) -->(.*?)<\!-- ENDVAR \\1 -->#is', $text, $matches);
+ − 1661
$tplvars = Array();
+ − 1662
for($i=0;$i<sizeof($matches[1]);$i++)
+ − 1663
{
+ − 1664
$tplvars[$matches[1][$i]] = $matches[2][$i];
+ − 1665
}
+ − 1666
return $tplvars;
+ − 1667
}
+ − 1668
function compile_template($text) {
+ − 1669
global $sideinfo;
+ − 1670
$text = file_get_contents(ENANO_ROOT . '/themes/'.$this->theme.'/'.$text);
+ − 1671
$text = str_replace('<script type="text/javascript" src="{SCRIPTPATH}/ajax.php?title={PAGE_URLNAME}&_mode=jsres"></script>', '', $text); // Remove the AJAX code - we don't need it, and it requires a database connection
+ − 1672
$text = '$tpl_code = \''.str_replace('\'', '\\\'', $text).'\'; return $tpl_code;';
+ − 1673
$text = preg_replace('#<!-- BEGIN (.*?) -->#is', '\'; if($this->tpl_bool[\'\\1\']) { $tpl_code .= \'', $text);
+ − 1674
$text = preg_replace('#<!-- IFPLUGIN (.*?) -->#is', '\'; if(getConfig(\'plugin_\\1\')==\'1\') { $tpl_code .= \'', $text);
+ − 1675
if(defined('IN_ENANO_INSTALL')) $text = str_replace('<!-- SYSMSG Sidebar -->', '<div class="slider"><div class="heading"><a class="head">Installation progress</a></div><div class="slideblock">'.$sideinfo.'</div></div>', $text);
+ − 1676
else $text = str_replace('<!-- SYSMSG Sidebar -->', '<div class="slider"><div class="heading"><a class="head">System error</a></div><div class="slideblock"><a href="#" onclick="return false;">Enano critical error page</a></div></div>', $text);
+ − 1677
$text = preg_replace('#<!-- SYSMSG (.*?) -->#is', '', $text);
+ − 1678
$text = preg_replace('#<!-- BEGINNOT (.*?) -->#is', '\'; if(!$this->tpl_bool[\'\\1\']) { $tpl_code .= \'', $text);
+ − 1679
$text = preg_replace('#<!-- BEGINELSE (.*?) -->#is', '\'; } else { $tpl_code .= \'', $text);
+ − 1680
$text = preg_replace('#<!-- END (.*?) -->#is', '\'; } $tpl_code .= \'', $text);
+ − 1681
$text = preg_replace('#{([A-z0-9]*)}#is', '\'.$this->tpl_strings[\'\\1\'].\'', $text);
+ − 1682
return $text; //('<pre>'.htmlspecialchars($text).'</pre>');
+ − 1683
}
+ − 1684
+ − 1685
function compile_template_text($text) {
+ − 1686
global $sideinfo;
+ − 1687
$text = str_replace('<script type="text/javascript" src="{SCRIPTPATH}/ajax.php?title={PAGE_URLNAME}&_mode=jsres"></script>', '', $text); // Remove the AJAX code - we don't need it, and it requires a database connection
+ − 1688
$text = '$tpl_code = \''.str_replace('\'', '\\\'', $text).'\'; return $tpl_code;';
+ − 1689
$text = preg_replace('#<!-- BEGIN (.*?) -->#is', '\'; if($this->tpl_bool[\'\\1\']) { $tpl_code .= \'', $text);
+ − 1690
$text = preg_replace('#<!-- IFPLUGIN (.*?) -->#is', '\'; if(getConfig(\'plugin_\\1\')==\'1\') { $tpl_code .= \'', $text);
+ − 1691
if(defined('IN_ENANO_INSTALL')) $text = str_replace('<!-- SYSMSG Sidebar -->', '<div class="slider"><div class="heading"><a class="head">Installation progress</a></div><div class="slideblock">'.$sideinfo.'</div></div>', $text);
+ − 1692
else $text = str_replace('<!-- SYSMSG Sidebar -->', '<div class="slider"><div class="heading"><a class="head">System error</a></div><div class="slideblock"><a href="#" onclick="return false;">Enano critical error page</a></div></div>', $text);
+ − 1693
$text = preg_replace('#<!-- SYSMSG (.*?) -->#is', '', $text);
+ − 1694
$text = preg_replace('#<!-- BEGINNOT (.*?) -->#is', '\'; if(!$this->tpl_bool[\'\\1\']) { $tpl_code .= \'', $text);
+ − 1695
$text = preg_replace('#<!-- BEGINELSE (.*?) -->#is', '\'; } else { $tpl_code .= \'', $text);
+ − 1696
$text = preg_replace('#<!-- END (.*?) -->#is', '\'; } $tpl_code .= \'', $text);
+ − 1697
$text = preg_replace('#{([A-z0-9]*)}#is', '\'.$this->tpl_strings[\'\\1\'].\'', $text);
+ − 1698
return $text; //('<pre>'.htmlspecialchars($text).'</pre>');
+ − 1699
}
+ − 1700
+ − 1701
/**
+ − 1702
* Allows individual parsing of template files. Similar to phpBB but follows the spirit of object-oriented programming ;)
+ − 1703
* Returns on object of class templateIndividual. Usage instructions can be found in the inline docs for that class.
+ − 1704
* @param $filename the filename of the template to be parsed
+ − 1705
* @return object
+ − 1706
*/
+ − 1707
+ − 1708
function makeParser($filename)
+ − 1709
{
+ − 1710
$filename = ENANO_ROOT.'/themes/'.$this->theme.'/'.$filename;
+ − 1711
if(!file_exists($filename)) die('templateIndividual: file '.$filename.' does not exist');
+ − 1712
$code = file_get_contents($filename);
+ − 1713
$parser = new templateIndividualSafe($code, $this);
+ − 1714
return $parser;
+ − 1715
}
+ − 1716
+ − 1717
/**
+ − 1718
* Same as $template->makeParser(), but takes a string instead of a filename.
+ − 1719
* @param $text the text to parse
+ − 1720
* @return object
+ − 1721
*/
+ − 1722
+ − 1723
function makeParserText($code)
+ − 1724
{
+ − 1725
$parser = new templateIndividualSafe($code, $this);
+ − 1726
return $parser;
+ − 1727
}
+ − 1728
+ − 1729
} // class template_nodb
+ − 1730
+ − 1731
/**
+ − 1732
* Identical to templateIndividual, except extends template_nodb instead of template
+ − 1733
* @see class template
+ − 1734
*/
+ − 1735
+ − 1736
class templateIndividualSafe extends template_nodb {
+ − 1737
var $tpl_strings, $tpl_bool, $tpl_code;
+ − 1738
var $compiled = false;
+ − 1739
/**
+ − 1740
* Constructor.
+ − 1741
*/
+ − 1742
function __construct($text, $parent)
+ − 1743
{
+ − 1744
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1745
$this->tpl_code = $text;
+ − 1746
$this->tpl_strings = $parent->tpl_strings;
+ − 1747
$this->tpl_bool = $parent->tpl_bool;
+ − 1748
}
+ − 1749
/**
+ − 1750
* PHP 4 constructor.
+ − 1751
*/
+ − 1752
function templateIndividual($text)
+ − 1753
{
+ − 1754
$this->__construct($text);
+ − 1755
}
+ − 1756
/**
+ − 1757
* Assigns an array of string values to the template. Strings can be accessed from the template by inserting {KEY_NAME} in the template file.
+ − 1758
* @param $vars array
+ − 1759
*/
+ − 1760
function assign_vars($vars)
+ − 1761
{
+ − 1762
if(is_array($this->tpl_strings))
+ − 1763
$this->tpl_strings = array_merge($this->tpl_strings, $vars);
+ − 1764
else
+ − 1765
$this->tpl_strings = $vars;
+ − 1766
}
+ − 1767
/**
+ − 1768
* Assigns an array of boolean values to the template. These can be used for <!-- IF ... --> statements.
+ − 1769
* @param $vars array
+ − 1770
*/
+ − 1771
function assign_bool($vars)
+ − 1772
{
+ − 1773
$this->tpl_bool = array_merge($this->tpl_bool, $vars);
+ − 1774
}
+ − 1775
/**
+ − 1776
* Compiles and executes the template code.
+ − 1777
* @return string
+ − 1778
*/
+ − 1779
function run()
+ − 1780
{
+ − 1781
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1782
if(!$this->compiled)
+ − 1783
{
+ − 1784
$this->tpl_code = $this->compile_template_text($this->tpl_code);
+ − 1785
$this->compiled = true;
+ − 1786
}
+ − 1787
return eval($this->tpl_code);
+ − 1788
}
+ − 1789
}
+ − 1790
+ − 1791
?>