1
+ − 1
<?php
+ − 2
+ − 3
/*
+ − 4
* Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
142
ca9118d9c0f2
Rebrand as 1.0.2 (Coblynau); internal links are now parsed by RenderMan::parse_internal_links()
Dan
diff
changeset
+ − 5
* Version 1.0.2 (Coblynau)
1
+ − 6
* Copyright (C) 2006-2007 Dan Fuhry
+ − 7
*
+ − 8
* This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
+ − 9
* as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
+ − 10
*
+ − 11
* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ − 12
* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
+ − 13
*/
+ − 14
+ − 15
class template {
+ − 16
var $tpl_strings, $tpl_bool, $theme, $style, $no_headers, $additional_headers, $sidebar_extra, $sidebar_widgets, $toolbar_menu, $theme_list, $named_theme_list, $default_theme, $default_style, $plugin_blocks, $namespace_string, $style_list, $theme_loaded;
30
+ − 17
+ − 18
/**
+ − 19
* Set to true if the site is disabled and thus a message needs to be shown. This should ONLY be changed by common.php.
+ − 20
* @var bool
+ − 21
* @access private
+ − 22
*/
+ − 23
+ − 24
var $site_disabled = false;
+ − 25
53
+ − 26
/**
+ − 27
* One of the absolute best parts of Enano :-P
+ − 28
* @var string
+ − 29
*/
+ − 30
54
84b56303cab5
Bugfixes: Login system properly handles blank password situation (returns ""); fading button now works right with relative URLs
Dan
diff
changeset
+ − 31
var $fading_button = '';
53
+ − 32
1
+ − 33
function __construct()
+ − 34
{
+ − 35
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 36
dc_here('template: initializing all class variables');
+ − 37
$this->tpl_bool = Array();
+ − 38
$this->tpl_strings = Array();
+ − 39
$this->sidebar_extra = '';
+ − 40
$this->toolbar_menu = '';
+ − 41
$this->additional_headers = '';
+ − 42
$this->plugin_blocks = Array();
+ − 43
$this->theme_loaded = false;
+ − 44
87
570f68c3fe36
Redid stupid fading button code and fixed several RC2 bugs in the upgrade schema; 1.0.1 release candidate
Dan
diff
changeset
+ − 45
$this->fading_button = '<div style="background-image: url('.scriptPath.'/images/about-powered-enano-hover.png); background-repeat: no-repeat; width: 88px; height: 31px; margin: 0 auto;">
570f68c3fe36
Redid stupid fading button code and fixed several RC2 bugs in the upgrade schema; 1.0.1 release candidate
Dan
diff
changeset
+ − 46
<a href="http://enanocms.org/" onclick="window.open(this.href); return false;"><img style="border-width: 0;" alt=" " src="'.scriptPath.'/images/about-powered-enano.png" onmouseover="domOpacity(this, 100, 0, 500);" onmouseout="domOpacity(this, 0, 100, 500);" /></a>
570f68c3fe36
Redid stupid fading button code and fixed several RC2 bugs in the upgrade schema; 1.0.1 release candidate
Dan
diff
changeset
+ − 47
</div>';
54
84b56303cab5
Bugfixes: Login system properly handles blank password situation (returns ""); fading button now works right with relative URLs
Dan
diff
changeset
+ − 48
1
+ − 49
$this->theme_list = Array();
+ − 50
$this->named_theme_list = Array();
+ − 51
$e = $db->sql_query('SELECT theme_id,theme_name,enabled,default_style FROM '.table_prefix.'themes WHERE enabled=1 ORDER BY theme_order;');
+ − 52
if(!$e) $db->_die('The list of themes could not be selected.');
+ − 53
for($i=0;$i < $db->numrows(); $i++)
+ − 54
{
+ − 55
$this->theme_list[$i] = $db->fetchrow();
+ − 56
$this->named_theme_list[$this->theme_list[$i]['theme_id']] = $this->theme_list[$i];
+ − 57
}
+ − 58
$db->free_result();
+ − 59
$this->default_theme = $this->theme_list[0]['theme_id'];
+ − 60
$dir = ENANO_ROOT.'/themes/'.$this->default_theme.'/css/';
+ − 61
$list = Array();
+ − 62
// Open a known directory, and proceed to read its contents
+ − 63
if (is_dir($dir)) {
+ − 64
if ($dh = opendir($dir)) {
+ − 65
while (($file = readdir($dh)) !== false) {
+ − 66
if(preg_match('#^(.*?)\.css$#i', $file) && $file != '_printable.css') {
+ − 67
$list[] = substr($file, 0, strlen($file)-4);
+ − 68
}
+ − 69
}
+ − 70
closedir($dh);
+ − 71
}
+ − 72
}
+ − 73
+ − 74
$def = ENANO_ROOT.'/themes/'.$this->default_theme.'/css/'.$this->named_theme_list[$this->default_theme]['default_style'];
+ − 75
if(file_exists($def))
+ − 76
{
+ − 77
$this->default_style = substr($this->named_theme_list[$this->default_theme]['default_style'], 0, strlen($this->named_theme_list[$this->default_theme]['default_style'])-4);
+ − 78
} else {
+ − 79
$this->default_style = $list[0];
+ − 80
}
+ − 81
+ − 82
$this->style_list = $list;
+ − 83
+ − 84
}
+ − 85
function template()
+ − 86
{
+ − 87
$this->__construct();
+ − 88
}
+ − 89
function sidebar_widget($t, $h)
+ − 90
{
+ − 91
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 92
if(!defined('ENANO_TEMPLATE_LOADED'))
+ − 93
{
+ − 94
$this->load_theme($session->theme, $session->style);
+ − 95
}
+ − 96
if(!$this->sidebar_widgets)
+ − 97
$this->sidebar_widgets = '';
+ − 98
$tplvars = $this->extract_vars('elements.tpl');
+ − 99
$parser = $this->makeParserText($tplvars['sidebar_section_raw']);
+ − 100
$parser->assign_vars(Array('TITLE'=>$t,'CONTENT'=>$h));
+ − 101
$this->plugin_blocks[$t] = $h;
+ − 102
$this->sidebar_widgets .= $parser->run();
+ − 103
}
+ − 104
function add_header($html)
+ − 105
{
+ − 106
$this->additional_headers .= "\n" . $html;
+ − 107
}
+ − 108
function get_css($s = false)
+ − 109
{
+ − 110
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 111
if(!defined('ENANO_TEMPLATE_LOADED'))
+ − 112
$this->load_theme($session->theme, $session->style);
+ − 113
$path = ( $s ) ? 'css/'.$s : 'css/'.$this->style.'.css';
+ − 114
if ( !file_exists(ENANO_ROOT . '/themes/' . $this->theme . '/' . $path) )
+ − 115
{
+ − 116
echo "/* WARNING: Falling back to default file because file $path does not exist */\n";
+ − 117
$path = 'css/' . $this->style_list[0] . '.css';
+ − 118
}
+ − 119
return $this->process_template($path);
+ − 120
}
+ − 121
function load_theme($name = false, $css = false)
+ − 122
{
+ − 123
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 124
$this->theme = ( $name ) ? $name : $session->theme;
+ − 125
$this->style = ( $css ) ? $css : $session->style;
+ − 126
if ( !$this->theme )
+ − 127
{
+ − 128
$this->theme = $this->theme_list[0]['theme_id'];
+ − 129
$this->style = substr($this->theme_list[0]['default_style'], 0, strlen($this->theme_list[0]['default_style'])-4);
+ − 130
}
+ − 131
$this->theme_loaded = true;
+ − 132
}
+ − 133
+ − 134
function init_vars()
+ − 135
{
+ − 136
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 137
global $email;
+ − 138
+ − 139
dc_here("template: initializing all variables");
+ − 140
+ − 141
if(!$this->theme || !$this->style)
+ − 142
{
+ − 143
$this->load_theme();
+ − 144
}
+ − 145
+ − 146
if(defined('ENANO_TEMPLATE_LOADED'))
+ − 147
{
+ − 148
dc_here('template: access denied to call template::init_vars(), bailing out');
+ − 149
die_semicritical('Illegal call', '<p>$template->load_theme was called multiple times, this is not supposed to happen. Exiting with fatal error.</p>');
+ − 150
}
+ − 151
+ − 152
define('ENANO_TEMPLATE_LOADED', '');
+ − 153
+ − 154
$tplvars = $this->extract_vars('elements.tpl');
+ − 155
+ − 156
dc_here('template: setting all template vars');
+ − 157
+ − 158
if(isset($_SERVER['HTTP_USER_AGENT']) && strstr($_SERVER['HTTP_USER_AGENT'], 'MSIE'))
+ − 159
{
+ − 160
$this->add_header('
+ − 161
<!--[if lt IE 7]>
+ − 162
<script language="JavaScript">
+ − 163
function correctPNG() // correctly handle PNG transparency in Win IE 5.5 & 6.
+ − 164
{
86
c162ca39db8f
Finished pagination code (was incomplete in previous revision) and added a few hacks for an upcoming theme
Dan
diff
changeset
+ − 165
var arVersion = navigator.appVersion.split("MSIE");
c162ca39db8f
Finished pagination code (was incomplete in previous revision) and added a few hacks for an upcoming theme
Dan
diff
changeset
+ − 166
var version = parseFloat(arVersion[1]);
1
+ − 167
if (version >= 5.5 && typeof(document.body.filters) == "object")
+ − 168
{
+ − 169
for(var i=0; i<document.images.length; i++)
+ − 170
{
+ − 171
var img = document.images[i];
+ − 172
continue;
+ − 173
var imgName = img.src.toUpperCase();
+ − 174
if (imgName.substring(imgName.length-3, imgName.length) == "PNG")
+ − 175
{
+ − 176
var imgID = (img.id) ? "id=\'" + img.id + "\' " : "";
+ − 177
var imgClass = (img.className) ? "class=\'" + img.className + "\' " : "";
+ − 178
var imgTitle = (img.title) ? "title=\'" + img.title + "\' " : "title=\'" + img.alt + "\' ";
+ − 179
var imgStyle = "display:inline-block;" + img.style.cssText;
+ − 180
if (img.align == "left") imgStyle = "float:left;" + imgStyle;
+ − 181
if (img.align == "right") imgStyle = "float:right;" + imgStyle;
+ − 182
if (img.parentElement.href) imgStyle = "cursor:hand;" + imgStyle;
+ − 183
var strNewHTML = "<span " + imgID + imgClass + imgTitle + " style=\\"" + "width:" + img.width + "px; height:" + img.height + "px;" + imgStyle + ";" + "filter:progid:DXImageTransform.Microsoft.AlphaImageLoader" + "(src=\\\'" + img.src + "\\\', sizingMethod=\'scale\');\\"></span>";
+ − 184
img.outerHTML = strNewHTML;
+ − 185
i = i-1;
+ − 186
}
+ − 187
}
+ − 188
}
+ − 189
}
+ − 190
window.attachEvent("onload", correctPNG);
+ − 191
</script>
+ − 192
<![endif]-->
+ − 193
');
+ − 194
}
+ − 195
+ − 196
// Get the "article" button text (depends on namespace)
+ − 197
switch($paths->namespace) {
+ − 198
case "Article":
+ − 199
default:
+ − 200
$ns = 'article';
+ − 201
break;
+ − 202
case "Admin":
+ − 203
$ns = 'administration page';
+ − 204
break;
+ − 205
case "System":
+ − 206
$ns = 'system message';
+ − 207
break;
+ − 208
case "File":
+ − 209
$ns = 'uploaded file';
+ − 210
break;
+ − 211
case "Help":
+ − 212
$ns = 'documentation page';
+ − 213
break;
+ − 214
case "User":
+ − 215
$ns = 'user page';
+ − 216
break;
+ − 217
case "Special":
+ − 218
$ns = 'special page';
+ − 219
break;
+ − 220
case "Template":
+ − 221
$ns = 'template';
+ − 222
break;
+ − 223
case "Project":
+ − 224
$ns = 'project page';
+ − 225
break;
+ − 226
case "Category":
+ − 227
$ns = 'category';
+ − 228
break;
+ − 229
}
+ − 230
$this->namespace_string = $ns;
+ − 231
$code = $plugins->setHook('page_type_string_set');
+ − 232
foreach ( $code as $cmd )
+ − 233
{
+ − 234
eval($cmd);
+ − 235
}
+ − 236
$ns =& $this->namespace_string;
+ − 237
+ − 238
// Initialize the toolbar
+ − 239
$tb = '';
+ − 240
+ − 241
// Create "xx page" button
+ − 242
+ − 243
$btn_selected = ( isset($tplvars['toolbar_button_selected'])) ? $tplvars['toolbar_button_selected'] : $tplvars['toolbar_button'];
+ − 244
$parser = $this->makeParserText($btn_selected);
+ − 245
+ − 246
$parser->assign_vars(array(
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 247
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxReset()); return false; }" title="View the page contents, all of the page contents, and nothing but the page contents (alt-a)" accesskey="a"',
1
+ − 248
'PARENTFLAGS' => 'id="mdgToolbar_article"',
+ − 249
'HREF' => makeUrl($paths->page, null, true),
+ − 250
'TEXT' => $this->namespace_string
+ − 251
));
+ − 252
+ − 253
$tb .= $parser->run();
+ − 254
+ − 255
$button = $this->makeParserText($tplvars['toolbar_button']);
+ − 256
+ − 257
// Page toolbar
+ − 258
// Comments button
+ − 259
if ( $session->get_permissions('read') && getConfig('enable_comments')=='1' && $paths->namespace != 'Special' && $paths->namespace != 'Admin' && $paths->cpage['comments_on'] == 1 )
+ − 260
{
+ − 261
+ − 262
$e = $db->sql_query('SELECT approved FROM '.table_prefix.'comments WHERE page_id=\''.$paths->cpage['urlname_nons'].'\' AND namespace=\''.$paths->namespace.'\';');
+ − 263
if ( !$e )
+ − 264
{
+ − 265
$db->_die();
+ − 266
}
+ − 267
$nc = $db->numrows();
+ − 268
$nu = 0;
+ − 269
$na = 0;
+ − 270
+ − 271
while ( $r = $db->fetchrow() )
+ − 272
{
+ − 273
if ( !$r['approved'] )
+ − 274
{
+ − 275
$nu++;
+ − 276
}
+ − 277
else
+ − 278
{
+ − 279
$na++;
+ − 280
}
+ − 281
}
+ − 282
+ − 283
$db->free_result();
+ − 284
$n = ( $session->get_permissions('mod_comments') ) ? (string)$nc : (string)$na;
+ − 285
if ( $session->get_permissions('mod_comments') && $nu > 0 )
+ − 286
{
+ − 287
$n .= ' total/'.$nu.' unapp.';
+ − 288
}
+ − 289
+ − 290
$button->assign_vars(array(
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 291
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxComments()); return false; }" title="View the comments that other users have posted about this page (alt-c)" accesskey="c"',
1
+ − 292
'PARENTFLAGS' => 'id="mdgToolbar_discussion"',
+ − 293
'HREF' => makeUrl($paths->page, 'do=comments', true),
+ − 294
'TEXT' => 'discussion ('.$n.')',
+ − 295
));
+ − 296
+ − 297
$tb .= $button->run();
+ − 298
}
+ − 299
// Edit button
+ − 300
if($session->get_permissions('read') && ($paths->namespace != 'Special' && $paths->namespace != 'Admin') && ( $session->get_permissions('edit_page') && ( ( $paths->page_protected && $session->get_permissions('even_when_protected') ) || !$paths->page_protected ) ) )
+ − 301
{
+ − 302
$button->assign_vars(array(
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 303
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxEditor()); return false; }" title="Edit the contents of this page (alt-e)" accesskey="e"',
1
+ − 304
'PARENTFLAGS' => 'id="mdgToolbar_edit"',
+ − 305
'HREF' => makeUrl($paths->page, 'do=edit', true),
+ − 306
'TEXT' => 'edit this page'
+ − 307
));
+ − 308
$tb .= $button->run();
+ − 309
// View source button
+ − 310
}
+ − 311
else if($session->get_permissions('view_source') && ( !$session->get_permissions('edit_page') || !$session->get_permissions('even_when_protected') && $paths->page_protected ) && $paths->namespace != 'Special' && $paths->namespace != 'Admin')
+ − 312
{
+ − 313
$button->assign_vars(array(
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 314
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxViewSource()); return false; }" title="View the source code (wiki markup) that this page uses (alt-e)" accesskey="e"',
1
+ − 315
'PARENTFLAGS' => 'id="mdgToolbar_edit"',
+ − 316
'HREF' => makeUrl($paths->page, 'do=viewsource', true),
+ − 317
'TEXT' => 'view source'
+ − 318
));
+ − 319
$tb .= $button->run();
+ − 320
}
+ − 321
// History button
+ − 322
if ( $session->get_permissions('read') /* && $paths->wiki_mode */ && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' && $session->get_permissions('history_view') )
+ − 323
{
+ − 324
$button->assign_vars(array(
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 325
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxHistory()); return false; }" title="View a log of actions taken on this page (alt-h)" accesskey="h"',
1
+ − 326
'PARENTFLAGS' => 'id="mdgToolbar_history"',
+ − 327
'HREF' => makeUrl($paths->page, 'do=history', true),
+ − 328
'TEXT' => 'history'
+ − 329
));
+ − 330
$tb .= $button->run();
+ − 331
}
+ − 332
+ − 333
$menubtn = $this->makeParserText($tplvars['toolbar_menu_button']);
+ − 334
+ − 335
// Additional actions menu
+ − 336
// Rename button
+ − 337
if ( $session->get_permissions('read') && $paths->page_exists && ( $session->get_permissions('rename') && ( $paths->page_protected && $session->get_permissions('even_when_protected') || !$paths->page_protected ) ) && $paths->namespace != 'Special' && $paths->namespace != 'Admin' )
+ − 338
{
+ − 339
$menubtn->assign_vars(array(
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 340
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxRename()); return false; }" title="Change the display name of this page (alt-r)" accesskey="r"',
1
+ − 341
'HREF' => makeUrl($paths->page, 'do=rename', true),
+ − 342
'TEXT' => 'rename',
+ − 343
));
+ − 344
$this->toolbar_menu .= $menubtn->run();
+ − 345
}
+ − 346
+ − 347
// Vote-to-delete button
+ − 348
if ( $paths->wiki_mode && $session->get_permissions('vote_delete') && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin')
+ − 349
{
+ − 350
$menubtn->assign_vars(array(
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 351
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxDelVote()); return false; }" title="Vote to have this page deleted (alt-d)" accesskey="d"',
1
+ − 352
'HREF' => makeUrl($paths->page, 'do=delvote', true),
+ − 353
'TEXT' => 'vote to delete this page',
+ − 354
));
+ − 355
$this->toolbar_menu .= $menubtn->run();
+ − 356
}
+ − 357
+ − 358
// Clear-votes button
+ − 359
if ( $session->get_permissions('read') && $paths->wiki_mode && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' && $session->get_permissions('vote_reset') && $paths->cpage['delvotes'] > 0)
+ − 360
{
+ − 361
$menubtn->assign_vars(array(
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 362
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxResetDelVotes()); return false; }" title="Vote to have this page deleted (alt-y)" accesskey="y"',
1
+ − 363
'HREF' => makeUrl($paths->page, 'do=resetvotes', true),
+ − 364
'TEXT' => 'reset deletion votes',
+ − 365
));
+ − 366
$this->toolbar_menu .= $menubtn->run();
+ − 367
}
+ − 368
+ − 369
// Printable page button
+ − 370
if ( $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' )
+ − 371
{
+ − 372
$menubtn->assign_vars(array(
+ − 373
'FLAGS' => 'title="View a version of this page that is suitable for printing"',
+ − 374
'HREF' => makeUrl($paths->page, 'printable=yes', true),
+ − 375
'TEXT' => 'view printable version',
+ − 376
));
+ − 377
$this->toolbar_menu .= $menubtn->run();
+ − 378
}
+ − 379
+ − 380
// Protect button
+ − 381
if($session->get_permissions('read') && $paths->wiki_mode && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' && $session->get_permissions('protect'))
+ − 382
{
+ − 383
+ − 384
$label = $this->makeParserText($tplvars['toolbar_label']);
+ − 385
$label->assign_vars(array('TEXT' => 'protection:'));
+ − 386
$t0 = $label->run();
+ − 387
+ − 388
$ctmp = '';
+ − 389
if ( $paths->cpage['protected'] == 1 )
+ − 390
{
+ − 391
$ctmp=' style="text-decoration: underline;"';
+ − 392
}
+ − 393
$menubtn->assign_vars(array(
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 394
'FLAGS' => 'accesskey="i" onclick="if ( !KILL_SWITCH ) { ajaxProtect(1); return false; }" id="protbtn_1" title="Prevents all non-administrators from editing this page. [alt-i]"'.$ctmp,
1
+ − 395
'HREF' => makeUrl($paths->page, 'do=protect&level=1', true),
+ − 396
'TEXT' => 'on'
+ − 397
));
+ − 398
$t1 = $menubtn->run();
+ − 399
+ − 400
$ctmp = '';
+ − 401
if ( $paths->cpage['protected'] == 0 )
+ − 402
{
+ − 403
$ctmp=' style="text-decoration: underline;"';
+ − 404
}
+ − 405
$menubtn->assign_vars(array(
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 406
'FLAGS' => 'accesskey="o" onclick="if ( !KILL_SWITCH ) { ajaxProtect(0); return false; }" id="protbtn_0" title="Allows everyone to edit this page. [alt-o]"'.$ctmp,
1
+ − 407
'HREF' => makeUrl($paths->page, 'do=protect&level=0', true),
+ − 408
'TEXT' => 'off'
+ − 409
));
+ − 410
$t2 = $menubtn->run();
+ − 411
+ − 412
$ctmp = '';
+ − 413
if ( $paths->cpage['protected'] == 2 )
+ − 414
{
+ − 415
$ctmp = ' style="text-decoration: underline;"';
+ − 416
}
+ − 417
$menubtn->assign_vars(array(
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 418
'FLAGS' => 'accesskey="p" onclick="if ( !KILL_SWITCH ) { ajaxProtect(2); return false; }" id="protbtn_2" title="Allows only users who have been registered for 4 days to edit this page. [alt-p]"'.$ctmp,
1
+ − 419
'HREF' => makeUrl($paths->page, 'do=protect&level=2', true),
+ − 420
'TEXT' => 'semi'
+ − 421
));
+ − 422
$t3 = $menubtn->run();
+ − 423
+ − 424
$this->toolbar_menu .= ' <table border="0" cellspacing="0" cellpadding="0">
+ − 425
<tr>
+ − 426
<td>'.$t0.'</td>
+ − 427
<td>'.$t1.'</td>
+ − 428
<td>'.$t2.'</td>
+ − 429
<td>'.$t3.'</td>
+ − 430
</tr>
+ − 431
</table>';
+ − 432
}
+ − 433
+ − 434
// Wiki mode button
+ − 435
if($session->get_permissions('read') && $paths->page_exists && $session->get_permissions('set_wiki_mode') && $paths->namespace != 'Special' && $paths->namespace != 'Admin')
+ − 436
{
+ − 437
// label at start
+ − 438
$label = $this->makeParserText($tplvars['toolbar_label']);
+ − 439
$label->assign_vars(array('TEXT' => 'page wiki mode:'));
+ − 440
$t0 = $label->run();
+ − 441
+ − 442
// on button
+ − 443
$ctmp = '';
+ − 444
if ( $paths->cpage['wiki_mode'] == 1 )
+ − 445
{
+ − 446
$ctmp = ' style="text-decoration: underline;"';
+ − 447
}
+ − 448
$menubtn->assign_vars(array(
102
+ − 449
'FLAGS' => /* 'onclick="if ( !KILL_SWITCH ) { ajaxSetWikiMode(1); return false; }" id="wikibtn_1" title="Forces wiki functions to be allowed on this page."'. */ $ctmp,
1
+ − 450
'HREF' => makeUrl($paths->page, 'do=setwikimode&level=1', true),
+ − 451
'TEXT' => 'on'
+ − 452
));
+ − 453
$t1 = $menubtn->run();
+ − 454
+ − 455
// off button
+ − 456
$ctmp = '';
+ − 457
if ( $paths->cpage['wiki_mode'] == 0 )
+ − 458
{
+ − 459
$ctmp=' style="text-decoration: underline;"';
+ − 460
}
+ − 461
$menubtn->assign_vars(array(
102
+ − 462
'FLAGS' => /* 'onclick="if ( !KILL_SWITCH ) { ajaxSetWikiMode(0); return false; }" id="wikibtn_0" title="Forces wiki functions to be disabled on this page."'. */ $ctmp,
1
+ − 463
'HREF' => makeUrl($paths->page, 'do=setwikimode&level=0', true),
+ − 464
'TEXT' => 'off'
+ − 465
));
+ − 466
$t2 = $menubtn->run();
+ − 467
+ − 468
// global button
+ − 469
$ctmp = '';
+ − 470
if ( $paths->cpage['wiki_mode'] == 2 )
+ − 471
{
+ − 472
$ctmp=' style="text-decoration: underline;"';
+ − 473
}
+ − 474
$menubtn->assign_vars(array(
102
+ − 475
'FLAGS' => /* 'onclick="if ( !KILL_SWITCH ) { ajaxSetWikiMode(2); return false; }" id="wikibtn_2" title="Causes this page to use the global wiki mode setting (default)"'. */ $ctmp,
1
+ − 476
'HREF' => makeUrl($paths->page, 'do=setwikimode&level=2', true),
+ − 477
'TEXT' => 'global'
+ − 478
));
+ − 479
$t3 = $menubtn->run();
+ − 480
+ − 481
// Tack it onto the list of buttons that are already there...
+ − 482
$this->toolbar_menu .= ' <table border="0" cellspacing="0" cellpadding="0">
+ − 483
<tr>
+ − 484
<td>'.$t0.'</td>
+ − 485
<td>'.$t1.'</td>
+ − 486
<td>'.$t2.'</td>
+ − 487
<td>'.$t3.'</td>
+ − 488
</tr>
+ − 489
</table>';
+ − 490
}
+ − 491
+ − 492
// Clear logs button
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 493
if ( $session->get_permissions('read') && $session->get_permissions('clear_logs') && $paths->namespace != 'Special' && $paths->namespace != 'Admin' )
1
+ − 494
{
+ − 495
$menubtn->assign_vars(array(
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 496
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxClearLogs()); return false; }" title="Remove all edit and action logs for this page from the database. IRREVERSIBLE! (alt-l)" accesskey="l"',
1
+ − 497
'HREF' => makeUrl($paths->page, 'do=flushlogs', true),
+ − 498
'TEXT' => 'clear page logs',
+ − 499
));
+ − 500
$this->toolbar_menu .= $menubtn->run();
+ − 501
}
+ − 502
+ − 503
// Delete page button
+ − 504
if ( $session->get_permissions('read') && $session->get_permissions('delete_page') && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' )
+ − 505
{
+ − 506
$s = 'delete this page';
+ − 507
if ( $paths->cpage['delvotes'] == 1 )
+ − 508
{
+ − 509
$s .= ' (<b>'.$paths->cpage['delvotes'].'</b> vote)';
+ − 510
}
+ − 511
else if ( $paths->cpage['delvotes'] > 1 )
+ − 512
{
+ − 513
$s .= ' (<b>'.$paths->cpage['delvotes'].'</b> votes)';
+ − 514
}
+ − 515
+ − 516
$menubtn->assign_vars(array(
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 517
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxDeletePage()); return false; }" title="Delete this page. This is always reversible unless the logs are cleared. (alt-k)" accesskey="k"',
1
+ − 518
'HREF' => makeUrl($paths->page, 'do=deletepage', true),
+ − 519
'TEXT' => $s,
+ − 520
));
+ − 521
$this->toolbar_menu .= $menubtn->run();
+ − 522
+ − 523
}
+ − 524
+ − 525
// Password-protect button
+ − 526
if(isset($paths->cpage['password']))
+ − 527
{
+ − 528
if ( $paths->cpage['password'] == '' )
+ − 529
{
+ − 530
$a = $session->get_permissions('password_set');
+ − 531
}
+ − 532
else
+ − 533
{
+ − 534
$a = $session->get_permissions('password_reset');
+ − 535
}
+ − 536
}
+ − 537
else
+ − 538
{
+ − 539
$a = $session->get_permissions('password_set');
+ − 540
}
+ − 541
if ( $a && $session->get_permissions('read') && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' )
+ − 542
{
+ − 543
// label at start
+ − 544
$label = $this->makeParserText($tplvars['toolbar_label']);
13
fdd6b9dd42c3
Installer actually works now on dev servers; minor language change in template.php; code cleanliness fix in sessions.php
Dan
diff
changeset
+ − 545
$label->assign_vars(array('TEXT' => 'page password:'));
1
+ − 546
$t0 = $label->run();
+ − 547
+ − 548
$menubtn->assign_vars(array(
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 549
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxSetPassword()); return false; }" title="Require a password in order for this page to be viewed"',
1
+ − 550
'HREF' => '#',
+ − 551
'TEXT' => 'set',
+ − 552
));
+ − 553
$t = $menubtn->run();
+ − 554
+ − 555
$this->toolbar_menu .= '<table border="0" cellspacing="0" cellpadding="0"><tr><td>'.$t0.'</td><td><input type="password" id="mdgPassSetField" size="10" /></td><td>'.$t.'</td></tr></table>';
+ − 556
}
+ − 557
+ − 558
// Manage ACLs button
+ − 559
if($session->get_permissions('edit_acl') || $session->user_level >= USER_LEVEL_ADMIN)
+ − 560
{
+ − 561
$menubtn->assign_vars(array(
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 562
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { return ajaxOpenACLManager(); }" title="Manage who can do what with this page (alt-m)" accesskey="m"',
1
+ − 563
'HREF' => makeUrl($paths->page, 'do=aclmanager', true),
+ − 564
'TEXT' => 'manage page access',
+ − 565
));
+ − 566
$this->toolbar_menu .= $menubtn->run();
+ − 567
}
+ − 568
+ − 569
// Administer page button
+ − 570
if ( $session->user_level >= USER_LEVEL_ADMIN && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' )
+ − 571
{
+ − 572
$menubtn->assign_vars(array(
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 573
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxAdminPage()); return false; }" title="Administrative options for this page" accesskey="g"',
1
+ − 574
'HREF' => makeUrlNS('Special', 'Administration', 'module='.$paths->nslist['Admin'].'PageManager', true),
+ − 575
'TEXT' => 'administrative options',
+ − 576
));
+ − 577
$this->toolbar_menu .= $menubtn->run();
+ − 578
}
+ − 579
+ − 580
if ( strlen($this->toolbar_menu) > 0 )
+ − 581
{
+ − 582
$button->assign_vars(array(
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 583
'FLAGS' => 'id="mdgToolbar_moreoptions" onclick="if ( !KILL_SWITCH ) { return false; }" title="Additional options for working with this page"',
1
+ − 584
'PARENTFLAGS' => '',
+ − 585
'HREF' => makeUrl($paths->page, 'do=moreoptions', true),
+ − 586
'TEXT' => 'more options'
+ − 587
));
+ − 588
$tb .= $button->run();
+ − 589
}
+ − 590
+ − 591
$is_opera = (isset($_SERVER['HTTP_USER_AGENT']) && strstr($_SERVER['HTTP_USER_AGENT'], 'Opera')) ? true : false;
+ − 592
+ − 593
$this->tpl_bool = Array(
+ − 594
'auth_admin'=>$session->user_level >= USER_LEVEL_ADMIN ? true : false,
+ − 595
'user_logged_in'=>$session->user_logged_in,
+ − 596
'opera'=>$is_opera,
+ − 597
);
+ − 598
+ − 599
if($session->sid_super) { $ash = '&auth='.$session->sid_super; $asq = "?auth=".$session->sid_super; $asa = "&auth=".$session->sid_super; $as2 = htmlspecialchars(urlSeparator).'auth='.$session->sid_super; }
+ − 600
else { $asq=''; $asa=''; $as2 = ''; $ash = ''; }
+ − 601
+ − 602
$code = $plugins->setHook('compile_template');
+ − 603
foreach ( $code as $cmd )
+ − 604
{
+ − 605
eval($cmd);
+ − 606
}
+ − 607
+ − 608
// Some additional sidebar processing
+ − 609
if($this->sidebar_extra != '') {
+ − 610
$se = $this->sidebar_extra;
+ − 611
$parser = $this->makeParserText($tplvars['sidebar_section_raw']);
+ − 612
$parser->assign_vars(Array('TITLE'=>'Links','CONTENT'=>$se));
+ − 613
$this->sidebar_extra = $parser->run();
+ − 614
}
+ − 615
+ − 616
$this->sidebar_extra = $this->sidebar_extra.$this->sidebar_widgets;
+ − 617
+ − 618
$this->tpl_bool['fixed_menus'] = false;
+ − 619
/* if($this->sidebar_extra == '') $this->tpl_bool['right_sidebar'] = false;
+ − 620
else */ $this->tpl_bool['right_sidebar'] = true;
+ − 621
+ − 622
$this->tpl_bool['auth_rename'] = ( $paths->page_exists && ( $session->get_permissions('rename') && ( $paths->page_protected && $session->get_permissions('even_when_protected') || !$paths->page_protected ) ) && $paths->namespace != 'Special' && $paths->namespace != 'Admin');
+ − 623
+ − 624
$this->tpl_bool['enable_uploads'] = ( getConfig('enable_uploads') == '1' && $session->get_permissions('upload_files') ) ? true : false;
+ − 625
+ − 626
$this->tpl_bool['stupid_mode'] = false;
+ − 627
+ − 628
if($paths->page == $paths->nslist['Special'].'Administration') $this->tpl_bool['in_admin'] = true;
+ − 629
else $this->tpl_bool['in_admin'] = false;
+ − 630
+ − 631
$p = ( isset($_GET['printable']) ) ? '/printable' : '';
+ − 632
+ − 633
// Add the e-mail address client code to the header
+ − 634
$this->add_header($email->jscode());
+ − 635
+ − 636
// Generate the code for the Log out and Change theme sidebar buttons
+ − 637
// Once again, the new template parsing system can be used here
+ − 638
+ − 639
$parser = $this->makeParserText($tplvars['sidebar_button']);
+ − 640
+ − 641
$parser->assign_vars(Array(
+ − 642
'HREF'=>makeUrlNS('Special', 'Logout'),
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 643
'FLAGS'=>'onclick="if ( !KILL_SWITCH ) { mb_logout(); return false; }"',
1
+ − 644
'TEXT'=>'Log out',
+ − 645
));
+ − 646
+ − 647
$logout_link = $parser->run();
+ − 648
+ − 649
$parser->assign_vars(Array(
+ − 650
'HREF'=>makeUrlNS('Special', 'Login/' . $paths->page),
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 651
'FLAGS'=>'onclick="if ( !KILL_SWITCH ) { ajaxStartLogin(); return false; }"',
1
+ − 652
'TEXT'=>'Log in',
+ − 653
));
+ − 654
+ − 655
$login_link = $parser->run();
+ − 656
+ − 657
$parser->assign_vars(Array(
+ − 658
'HREF'=>makeUrlNS('Special', 'ChangeStyle/'.$paths->page),
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 659
'FLAGS'=>'onclick="if ( !KILL_SWITCH ) { ajaxChangeStyle(); return false; }"',
1
+ − 660
'TEXT'=>'Change theme',
+ − 661
));
+ − 662
+ − 663
$theme_link = $parser->run();
+ − 664
60
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 665
$parser->assign_vars(Array(
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 666
'HREF'=>makeUrlNS('Special', 'Administration'),
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 667
'FLAGS'=>'onclick="if ( !KILL_SWITCH ) { void(ajaxStartAdminLogin()); return false; }"',
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 668
'TEXT'=>'Administration',
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 669
));
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 670
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 671
$admin_link = $parser->run();
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 672
1
+ − 673
$SID = ($session->sid_super) ? $session->sid_super : '';
+ − 674
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 675
$urlname_clean = str_replace('\'', '\\\'', str_replace('\\', '\\\\', dirtify_page_id($paths->fullpage)));
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 676
$urlname_clean = strtr( $urlname_clean, array( '<' => '<', '>' => '>' ) );
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 677
22
+ − 678
$urlname_jssafe = sanitize_page_id($paths->fullpage);
+ − 679
1
+ − 680
// Generate the dynamic javascript vars
+ − 681
$js_dynamic = ' <script type="text/javascript">// <![CDATA[
+ − 682
// This section defines some basic and very important variables that are used later in the static Javascript library.
+ − 683
// SKIN DEVELOPERS: The template variable for this code block is {JS_DYNAMIC_VARS}. This MUST be inserted BEFORE the tag that links to the main Javascript lib.
22
+ − 684
var title=\''. $urlname_jssafe .'\';
1
+ − 685
var page_exists='. ( ( $paths->page_exists) ? 'true' : 'false' ) .';
+ − 686
var scriptPath=\''. scriptPath .'\';
+ − 687
var contentPath=\''.contentPath.'\';
+ − 688
var ENANO_SID =\'' . $SID . '\';
+ − 689
var auth_level=' . $session->auth_level . ';
+ − 690
var USER_LEVEL_GUEST = ' . USER_LEVEL_GUEST . ';
+ − 691
var USER_LEVEL_MEMBER = ' . USER_LEVEL_MEMBER . ';
+ − 692
var USER_LEVEL_CHPREF = ' . USER_LEVEL_CHPREF . ';
+ − 693
var USER_LEVEL_MOD = ' . USER_LEVEL_MOD . ';
+ − 694
var USER_LEVEL_ADMIN = ' . USER_LEVEL_ADMIN . ';
+ − 695
var editNotice = \'' . ( (getConfig('wiki_edit_notice')=='1') ? str_replace("\n", "\\\n", RenderMan::render(getConfig('wiki_edit_notice_text'))) : '' ) . '\';
+ − 696
var prot = ' . ( ($paths->page_protected && !$session->get_permissions('even_when_protected')) ? 'true' : 'false' ) .'; // No, hacking this var won\'t work, it\'s re-checked on the server
+ − 697
var ENANO_SPECIAL_CREATEPAGE = \''. makeUrl($paths->nslist['Special'].'CreatePage') .'\';
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 698
var ENANO_CREATEPAGE_PARAMS = \'_do=&pagename='. $urlname_clean .'&namespace=' . $paths->namespace . '\';
1
+ − 699
var ENANO_SPECIAL_CHANGESTYLE = \''. makeUrlNS('Special', 'ChangeStyle') .'\';
+ − 700
var namespace_list = new Array();
+ − 701
var AES_BITS = '.AES_BITS.';
+ − 702
var AES_BLOCKSIZE = '.AES_BLOCKSIZE.';
+ − 703
var pagepass = \''. ( ( isset($_REQUEST['pagepass']) ) ? sha1($_REQUEST['pagepass']) : '' ) .'\';
+ − 704
var ENANO_THEME_LIST = \'';
+ − 705
foreach($this->theme_list as $t) {
+ − 706
if($t['enabled'])
+ − 707
{
+ − 708
$js_dynamic .= '<option value="'.$t['theme_id'].'"';
29
e5484a9e0818
Rewrote change theme dialog; a few minor stability fixes here and there; fixed IE + St Patty background image
Dan
diff
changeset
+ − 709
// if($t['theme_id'] == $session->theme) $js_dynamic .= ' selected="selected"';
1
+ − 710
$js_dynamic .= '>'.$t['theme_name'].'</option>';
+ − 711
}
+ − 712
}
+ − 713
$js_dynamic .= '\';
+ − 714
var ENANO_CURRENT_THEME = \''. $session->theme .'\';';
+ − 715
foreach($paths->nslist as $k => $c)
+ − 716
{
+ − 717
$js_dynamic .= "namespace_list['{$k}'] = '$c';";
+ − 718
}
+ − 719
$js_dynamic .= "\n //]]>\n </script>";
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 720
1
+ − 721
$tpl_strings = Array(
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 722
'PAGE_NAME'=>htmlspecialchars($paths->cpage['name']),
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 723
'PAGE_URLNAME'=> $urlname_clean,
40
+ − 724
'SITE_NAME'=>htmlspecialchars(getConfig('site_name')),
1
+ − 725
'USERNAME'=>$session->username,
40
+ − 726
'SITE_DESC'=>htmlspecialchars(getConfig('site_desc')),
1
+ − 727
'TOOLBAR'=>$tb,
+ − 728
'SCRIPTPATH'=>scriptPath,
+ − 729
'CONTENTPATH'=>contentPath,
+ − 730
'ADMIN_SID_QUES'=>$asq,
+ − 731
'ADMIN_SID_AMP'=>$asa,
+ − 732
'ADMIN_SID_AMP_HTML'=>$ash,
+ − 733
'ADMIN_SID_AUTO'=>$as2,
114
47393c6619ea
Nothing special, just syncing to Scribus, several bugs have been found with GET forms and a fix is in the works
Dan
diff
changeset
+ − 734
'ADMIN_SID_RAW'=> ( is_string($session->sid_super) ? $session->sid_super : '' ),
1
+ − 735
'ADDITIONAL_HEADERS'=>$this->additional_headers,
91
+ − 736
'COPYRIGHT'=>RenderMan::parse_internal_links(getConfig('copyright_notice')),
1
+ − 737
'TOOLBAR_EXTRAS'=>$this->toolbar_menu,
+ − 738
'REQUEST_URI'=>$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'],
+ − 739
'STYLE_LINK'=>makeUrlNS('Special', 'CSS'.$p, null, true), //contentPath.$paths->nslist['Special'].'CSS' . $p,
+ − 740
'LOGIN_LINK'=>$login_link,
+ − 741
'LOGOUT_LINK'=>$logout_link,
60
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 742
'ADMIN_LINK'=>$admin_link,
1
+ − 743
'THEME_LINK'=>$theme_link,
115
261f367623af
Fixed the obnoxious issue with forms using GET and index.php?title=Foo URL scheme (this works a whole lot better than MediaWiki now
Dan
diff
changeset
+ − 744
'SEARCH_ACTION'=>makeUrlNS('Special', 'Search'),
261f367623af
Fixed the obnoxious issue with forms using GET and index.php?title=Foo URL scheme (this works a whole lot better than MediaWiki now
Dan
diff
changeset
+ − 745
'INPUT_TITLE'=>( urlSeparator == '&' ? '<input type="hidden" name="title" value="' . htmlspecialchars( $paths->nslist[$paths->namespace] . $paths->cpage['urlname_nons'] ) . '" />' : ''),
261f367623af
Fixed the obnoxious issue with forms using GET and index.php?title=Foo URL scheme (this works a whole lot better than MediaWiki now
Dan
diff
changeset
+ − 746
'INPUT_AUTH'=>( $session->sid_super ? '<input type="hidden" name="auth" value="' . $session->sid_super . '" />' : ''),
1
+ − 747
'TEMPLATE_DIR'=>scriptPath.'/themes/'.$this->theme,
+ − 748
'THEME_ID'=>$this->theme,
+ − 749
'STYLE_ID'=>$this->style,
+ − 750
'JS_DYNAMIC_VARS'=>$js_dynamic,
85
7c68a18a27be
AJAX comments are now paginated; plugin manager can now show system plugins; typo in installer corrected; links in oxygen/stpatty/admin footers changed to "About Enano" page; 1.0.1 release candidate
Dan
diff
changeset
+ − 751
'UNREAD_PMS'=>$session->unread_pms,
86
c162ca39db8f
Finished pagination code (was incomplete in previous revision) and added a few hacks for an upcoming theme
Dan
diff
changeset
+ − 752
'URL_ABOUT_ENANO' => makeUrlNS('Special', 'About_Enano', '', true)
1
+ − 753
);
+ − 754
+ − 755
foreach ( $paths->nslist as $ns_id => $ns_prefix )
+ − 756
{
+ − 757
$tpl_strings[ 'NS_' . strtoupper($ns_id) ] = $ns_prefix;
+ − 758
}
+ − 759
+ − 760
$this->tpl_strings = array_merge($tpl_strings, $this->tpl_strings);
+ − 761
list($this->tpl_strings['SIDEBAR_LEFT'], $this->tpl_strings['SIDEBAR_RIGHT'], $min) = $this->fetch_sidebar();
+ − 762
$this->tpl_bool['sidebar_left'] = ( $this->tpl_strings['SIDEBAR_LEFT'] != $min) ? true : false;
+ − 763
$this->tpl_bool['sidebar_right'] = ( $this->tpl_strings['SIDEBAR_RIGHT'] != $min) ? true : false;
+ − 764
$this->tpl_bool['right_sidebar'] = $this->tpl_bool['sidebar_right']; // backward compatibility
118
0c5efda996bf
Added keep-alive function to admin panel (had been planned for some time) and a new hook, template_var_init_end
Dan
diff
changeset
+ − 765
0c5efda996bf
Added keep-alive function to admin panel (had been planned for some time) and a new hook, template_var_init_end
Dan
diff
changeset
+ − 766
$code = $plugins->setHook('template_var_init_end');
0c5efda996bf
Added keep-alive function to admin panel (had been planned for some time) and a new hook, template_var_init_end
Dan
diff
changeset
+ − 767
foreach ( $code as $cmd )
0c5efda996bf
Added keep-alive function to admin panel (had been planned for some time) and a new hook, template_var_init_end
Dan
diff
changeset
+ − 768
{
0c5efda996bf
Added keep-alive function to admin panel (had been planned for some time) and a new hook, template_var_init_end
Dan
diff
changeset
+ − 769
eval($cmd);
0c5efda996bf
Added keep-alive function to admin panel (had been planned for some time) and a new hook, template_var_init_end
Dan
diff
changeset
+ − 770
}
1
+ − 771
}
+ − 772
+ − 773
function header($simple = false)
+ − 774
{
+ − 775
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 776
ob_start();
+ − 777
+ − 778
if(!$this->theme_loaded)
+ − 779
{
+ − 780
$this->load_theme($session->theme, $session->style);
+ − 781
}
+ − 782
+ − 783
$headers_sent = true;
+ − 784
dc_here('template: generating and sending the page header');
+ − 785
if(!defined('ENANO_HEADERS_SENT'))
+ − 786
define('ENANO_HEADERS_SENT', '');
+ − 787
if(!$this->no_headers) echo ( $simple ) ? $this->process_template('simple-header.tpl') : $this->process_template('header.tpl');
+ − 788
if ( !$simple && $session->user_logged_in && $session->unread_pms > 0 )
+ − 789
{
+ − 790
echo $this->notify_unread_pms();
+ − 791
}
+ − 792
if ( !$simple && $session->sw_timed_out )
+ − 793
{
+ − 794
$login_link = makeUrlNS('Special', 'Login/' . $paths->fullpage, 'level=' . $session->user_level, true);
+ − 795
echo '<div class="usermessage">';
+ − 796
echo '<b>Your administrative session has timed out.</b> <a href="' . $login_link . '">Log in again</a>';
+ − 797
echo '</div>';
+ − 798
}
30
+ − 799
if ( $this->site_disabled && $session->user_level >= USER_LEVEL_ADMIN && ( $paths->page != $paths->nslist['Special'] . 'Administration' ) )
+ − 800
{
+ − 801
$admin_link = makeUrlNS('Special', 'Administration', 'module=' . $paths->nslist['Admin'] . 'GeneralConfig', true);
+ − 802
echo '<div class="usermessage"><b>The site is currently disabled and thus is only accessible to administrators.</b><br />
+ − 803
You can re-enable the site through the <a href="' . $admin_link . '">administration panel</a>.
+ − 804
</div>';
+ − 805
}
1
+ − 806
}
+ − 807
function footer($simple = false)
+ − 808
{
+ − 809
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 810
dc_here('template: generating and sending the page footer');
+ − 811
if(!$this->no_headers) {
+ − 812
+ − 813
if(!defined('ENANO_HEADERS_SENT'))
+ − 814
$this->header();
+ − 815
+ − 816
global $_starttime;
+ − 817
if(isset($_GET['sqldbg']) && $session->get_permissions('mod_misc'))
+ − 818
{
+ − 819
echo '<h3>Query list as requested on URI</h3><pre style="margin-left: 1em">';
+ − 820
echo $db->sql_backtrace();
+ − 821
echo '</pre>';
+ − 822
}
+ − 823
+ − 824
$f = microtime_float();
+ − 825
$f = $f - $_starttime;
+ − 826
$f = round($f, 4);
+ − 827
$dbg = 'Time: '.$f.'s | Queries: '.$db->num_queries;
+ − 828
$t = ( $simple ) ? $this->process_template('simple-footer.tpl') : $this->process_template('footer.tpl');
+ − 829
$t = str_replace('[[Stats]]', $dbg, $t);
+ − 830
$t = str_replace('[[NumQueries]]', (string)$db->num_queries, $t);
+ − 831
$t = str_replace('[[GenTime]]', (string)$f, $t);
+ − 832
echo $t;
+ − 833
+ − 834
ob_end_flush();
+ − 835
}
+ − 836
else return '';
+ − 837
}
+ − 838
function getHeader()
+ − 839
{
+ − 840
$headers_sent = true;
+ − 841
dc_here('template: generating and sending the page header');
+ − 842
if(!defined('ENANO_HEADERS_SENT'))
+ − 843
define('ENANO_HEADERS_SENT', '');
+ − 844
if(!$this->no_headers) return $this->process_template('header.tpl');
+ − 845
}
+ − 846
function getFooter()
+ − 847
{
+ − 848
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 849
dc_here('template: generating and sending the page footer');
+ − 850
if(!$this->no_headers) {
+ − 851
global $_starttime;
+ − 852
$t = '';
+ − 853
+ − 854
if(isset($_GET['sqldbg']) && $session->get_permissions('mod_misc'))
+ − 855
{
+ − 856
$t .= '<h3>Query list as requested on URI</h3><pre style="margin-left: 1em">';
+ − 857
$t .= $db->sql_backtrace();
+ − 858
$t .= '</pre>';
+ − 859
}
+ − 860
+ − 861
$f = microtime_float();
+ − 862
$f = $f - $_starttime;
+ − 863
$f = round($f, 4);
+ − 864
$dbg = 'Time: '.$f.'s | Queries: '.$db->num_queries;
+ − 865
$t.= $this->process_template('footer.tpl');
+ − 866
$t = str_replace('[[Stats]]', $dbg, $t);
+ − 867
$t = str_replace('[[NumQueries]]', (string)$db->num_queries, $t);
+ − 868
$t = str_replace('[[GenTime]]', (string)$f, $t);
+ − 869
return $t;
+ − 870
}
+ − 871
else return '';
+ − 872
}
+ − 873
+ − 874
function process_template($file) {
+ − 875
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 876
if(!defined('ENANO_TEMPLATE_LOADED'))
+ − 877
{
+ − 878
$this->load_theme();
+ − 879
$this->init_vars();
+ − 880
}
+ − 881
eval($this->compile_template($file));
+ − 882
return $tpl_code;
+ − 883
}
+ − 884
+ − 885
function extract_vars($file) {
+ − 886
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 887
if(!$this->theme)
+ − 888
{
+ − 889
die('$template->extract_vars(): theme not yet loaded, so we can\'t open template files yet...this is a bug and should be reported.<br /><br />Backtrace, most recent call first:<pre>'.enano_debug_print_backtrace(true).'</pre>');
+ − 890
}
+ − 891
if(!is_file(ENANO_ROOT . '/themes/'.$this->theme.'/'.$file)) die('Cannot find '.$file.' file for style "'.$this->theme.'", exiting');
+ − 892
$text = file_get_contents(ENANO_ROOT . '/themes/'.$this->theme.'/'.$file);
+ − 893
preg_match_all('#<\!-- VAR ([A-z0-9_-]*) -->(.*?)<\!-- ENDVAR \\1 -->#is', $text, $matches);
+ − 894
$tplvars = Array();
+ − 895
for($i=0;$i<sizeof($matches[1]);$i++)
+ − 896
{
+ − 897
$tplvars[$matches[1][$i]] = $matches[2][$i];
+ − 898
}
+ − 899
return $tplvars;
+ − 900
}
+ − 901
function compile_template($text) {
+ − 902
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 903
if(!is_file(ENANO_ROOT . '/themes/'.$this->theme.'/'.$text)) die('Cannot find '.$text.' file for style, exiting');
+ − 904
$n = $text;
+ − 905
$tpl_filename = ENANO_ROOT . '/cache/' . $this->theme . '-' . str_replace('/', '-', $n) . '.php';
+ − 906
if(!is_file(ENANO_ROOT . '/themes/'.$this->theme.'/'.$text)) die('Cannot find '.$text.' file for style, exiting');
+ − 907
if(file_exists($tpl_filename) && getConfig('cache_thumbs')=='1')
+ − 908
{
+ − 909
include($tpl_filename);
+ − 910
$text = file_get_contents(ENANO_ROOT . '/themes/'.$this->theme.'/'.$text);
+ − 911
if(isset($md5) && $md5 == md5($text)) {
+ − 912
return str_replace('\\"', '"', $tpl_text);
+ − 913
}
+ − 914
}
+ − 915
$text = file_get_contents(ENANO_ROOT . '/themes/'.$this->theme.'/'.$n);
+ − 916
+ − 917
$md5 = md5($text);
+ − 918
+ − 919
$seed = md5 ( microtime() . mt_rand() );
+ − 920
preg_match_all("/<\?php(.*?)\?>/is", $text, $m);
+ − 921
//die('<pre>'.htmlspecialchars(print_r($m, true)).'</pre>');
+ − 922
for($i = 0; $i < sizeof($m[1]); $i++)
+ − 923
{
+ − 924
$text = str_replace("<?php{$m[1][$i]}?>", "{PHPCODE:{$i}:{$seed}}", $text);
+ − 925
}
+ − 926
//die('<pre>'.htmlspecialchars($text).'</pre>');
+ − 927
$text = 'ob_start(); echo \''.str_replace('\'', '\\\'', $text).'\'; $tpl_code = ob_get_contents(); ob_end_clean();';
+ − 928
$text = preg_replace('#<!-- BEGIN (.*?) -->#is', '\'; if(isset($this->tpl_bool[\'\\1\']) && $this->tpl_bool[\'\\1\']) { echo \'', $text);
+ − 929
$text = preg_replace('#<!-- IFSET (.*?) -->#is', '\'; if(isset($this->tpl_strings[\'\\1\'])) { echo \'', $text);
+ − 930
$text = preg_replace('#<!-- IFPLUGIN (.*?) -->#is', '\'; if(getConfig(\'plugin_\\1\')==\'1\') { echo \'', $text);
+ − 931
$text = preg_replace('#<!-- SYSMSG (.*?) -->#is', '\'; echo $template->tplWikiFormat($paths->sysMsg(\'\\1\')); echo \'', $text);
+ − 932
$text = preg_replace('#<!-- BEGINNOT (.*?) -->#is', '\'; if(!$this->tpl_bool[\'\\1\']) { echo \'', $text);
+ − 933
$text = preg_replace('#<!-- BEGINELSE (.*?) -->#is', '\'; } else { echo \'', $text);
+ − 934
$text = preg_replace('#<!-- END (.*?) -->#is', '\'; } echo \'', $text);
+ − 935
$text = preg_replace('#\{([A-z0-9]*)\}#is', '\'.$this->tpl_strings[\'\\1\'].\'', $text);
+ − 936
for($i = 0; $i < sizeof($m[1]); $i++)
+ − 937
{
+ − 938
$text = str_replace("{PHPCODE:{$i}:{$seed}}", "'; {$m[1][$i]} echo '", $text);
+ − 939
}
+ − 940
if(is_writable(ENANO_ROOT.'/cache/') && getConfig('cache_thumbs')=='1')
+ − 941
{
+ − 942
//die($tpl_filename);
+ − 943
$h = fopen($tpl_filename, 'w');
+ − 944
if(!$h) return $text;
+ − 945
$t = addslashes($text);
128
01955bf53f96
Improved ban control page and allowed multiple entries/IP ranges; changed some parameters on jBox; user level changes are logged now
Dan
diff
changeset
+ − 946
$notice = <<<EOF
01955bf53f96
Improved ban control page and allowed multiple entries/IP ranges; changed some parameters on jBox; user level changes are logged now
Dan
diff
changeset
+ − 947
01955bf53f96
Improved ban control page and allowed multiple entries/IP ranges; changed some parameters on jBox; user level changes are logged now
Dan
diff
changeset
+ − 948
/*
01955bf53f96
Improved ban control page and allowed multiple entries/IP ranges; changed some parameters on jBox; user level changes are logged now
Dan
diff
changeset
+ − 949
* NOTE: This file was automatically generated by Enano and is based on compiled code. Do not edit this file.
01955bf53f96
Improved ban control page and allowed multiple entries/IP ranges; changed some parameters on jBox; user level changes are logged now
Dan
diff
changeset
+ − 950
* If you edit this file, any changes you make will be lost the next time the associated source template file is edited.
01955bf53f96
Improved ban control page and allowed multiple entries/IP ranges; changed some parameters on jBox; user level changes are logged now
Dan
diff
changeset
+ − 951
*/
01955bf53f96
Improved ban control page and allowed multiple entries/IP ranges; changed some parameters on jBox; user level changes are logged now
Dan
diff
changeset
+ − 952
01955bf53f96
Improved ban control page and allowed multiple entries/IP ranges; changed some parameters on jBox; user level changes are logged now
Dan
diff
changeset
+ − 953
EOF;
01955bf53f96
Improved ban control page and allowed multiple entries/IP ranges; changed some parameters on jBox; user level changes are logged now
Dan
diff
changeset
+ − 954
fwrite($h, '<?php ' . $notice . ' $md5 = \''.$md5.'\'; $tpl_text = \''.$t.'\'; ?>');
1
+ − 955
fclose($h);
+ − 956
}
+ − 957
return $text; //('<pre>'.htmlspecialchars($text).'</pre>');
+ − 958
}
+ − 959
+ − 960
function compile_template_text($text) {
+ − 961
$seed = md5 ( microtime() . mt_rand() );
+ − 962
preg_match_all("/<\?php(.*?)\?>/is", $text, $m);
+ − 963
//die('<pre>'.htmlspecialchars(print_r($m, true)).'</pre>');
+ − 964
for($i = 0; $i < sizeof($m[1]); $i++)
+ − 965
{
+ − 966
$text = str_replace("<?php{$m[1][$i]}?>", "{PHPCODE:{$i}:{$seed}}", $text);
+ − 967
}
+ − 968
//die('<pre>'.htmlspecialchars($text).'</pre>');
+ − 969
$text = 'ob_start(); echo \''.str_replace('\'', '\\\'', $text).'\'; $tpl_code = ob_get_contents(); ob_end_clean(); return $tpl_code;';
+ − 970
$text = preg_replace('#<!-- BEGIN (.*?) -->#is', '\'; if(isset($this->tpl_bool[\'\\1\']) && $this->tpl_bool[\'\\1\']) { echo \'', $text);
+ − 971
$text = preg_replace('#<!-- IFSET (.*?) -->#is', '\'; if(isset($this->tpl_strings[\'\\1\'])) { echo \'', $text);
+ − 972
$text = preg_replace('#<!-- IFPLUGIN (.*?) -->#is', '\'; if(getConfig(\'plugin_\\1\')==\'1\') { echo \'', $text);
+ − 973
$text = preg_replace('#<!-- SYSMSG (.*?) -->#is', '\'; echo $template->tplWikiFormat($paths->sysMsg(\'\\1\')); echo \'', $text);
+ − 974
$text = preg_replace('#<!-- BEGINNOT (.*?) -->#is', '\'; if(!$this->tpl_bool[\'\\1\']) { echo \'', $text);
+ − 975
$text = preg_replace('#<!-- BEGINELSE (.*?) -->#is', '\'; } else { echo \'', $text);
+ − 976
$text = preg_replace('#<!-- END (.*?) -->#is', '\'; } echo \'', $text);
+ − 977
$text = preg_replace('#\{([A-z0-9]*)\}#is', '\'.$this->tpl_strings[\'\\1\'].\'', $text);
+ − 978
for($i = 0; $i < sizeof($m[1]); $i++)
+ − 979
{
+ − 980
$text = str_replace("{PHPCODE:{$i}:{$seed}}", "'; {$m[1][$i]} echo '", $text);
+ − 981
}
+ − 982
return $text; //('<pre>'.htmlspecialchars($text).'</pre>');
+ − 983
}
+ − 984
+ − 985
function parse($text)
+ − 986
{
+ − 987
$text = $this->compile_template_text($text);
+ − 988
return eval($text);
+ − 989
}
+ − 990
+ − 991
// Steps to turn this:
+ − 992
// [[Project:Community Portal]]
+ − 993
// into this:
+ − 994
// <a href="/Project:Community_Portal">Community Portal</a>
+ − 995
// Must be done WITHOUT creating eval'ed code!!!
+ − 996
+ − 997
// 1. preg_replace \[\[([a-zA-Z0-9 -_:]*?)\]\] with <a href="'.contentPath.'\\1">\\1</a>
+ − 998
// 2. preg_match_all <a href="'.preg_quote(contentPath).'([a-zA-Z0-9 -_:]*?)">
+ − 999
// 3. For each match, replace matches with identifiers
+ − 1000
// 4. For each match, str_replace ' ' with '_'
+ − 1001
// 5. For each match, str_replace match_id:random_val with $matches[$match_id]
+ − 1002
+ − 1003
// The template language is really a miniature programming language; with variables, conditionals, everything!
+ − 1004
// So you can implement custom logic into your sidebar if you wish.
+ − 1005
// "Real" PHP support coming soon :-D
+ − 1006
+ − 1007
function tplWikiFormat($message, $filter_links = false, $filename = 'elements.tpl') {
+ − 1008
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1009
$filter_links = false;
+ − 1010
$tplvars = $this->extract_vars($filename);
+ − 1011
if($session->sid_super) $as = htmlspecialchars(urlSeparator).'auth='.$session->sid_super;
+ − 1012
else $as = '';
+ − 1013
error_reporting(E_ALL);
+ − 1014
$random_id = sha1(microtime().''); // A temp value
+ − 1015
+ − 1016
/*
+ − 1017
* PREPROCESSOR
+ − 1018
*/
+ − 1019
+ − 1020
// Variables
+ − 1021
+ − 1022
preg_match_all('#\$([A-Z_-]+)\$#', $message, $links);
+ − 1023
$links = $links[1];
+ − 1024
+ − 1025
for($i=0;$i<sizeof($links);$i++)
+ − 1026
{
+ − 1027
$message = str_replace('$'.$links[$i].'$', $this->tpl_strings[$links[$i]], $message);
+ − 1028
}
+ − 1029
+ − 1030
// Conditionals
+ − 1031
+ − 1032
preg_match_all('#\{if ([A-Za-z0-9_ &\|\!-]*)\}(.*?)\{\/if\}#is', $message, $links);
+ − 1033
+ − 1034
for($i=0;$i<sizeof($links[1]);$i++)
+ − 1035
{
+ − 1036
$message = str_replace('{if '.$links[1][$i].'}'.$links[2][$i].'{/if}', '{CONDITIONAL:'.$i.':'.$random_id.'}', $message);
+ − 1037
+ − 1038
// Time for some manual parsing...
+ − 1039
$chk = false;
+ − 1040
$current_id = '';
+ − 1041
$prn_level = 0;
+ − 1042
// Used to keep track of where we are in the conditional
+ − 1043
// Object of the game: turn {if this && ( that OR !something_else )} ... {/if} into if( ( isset($this->tpl_bool['that']) && $this->tpl_bool['that'] ) && ...
+ − 1044
// Method of attack: escape all variables, ignore all else. Non-valid code is filtered out by a regex above.
+ − 1045
$in_var_now = true;
+ − 1046
$in_var_last = false;
+ − 1047
$current_var = '';
+ − 1048
$current_var_start_pos = 0;
+ − 1049
$current_var_end_pos = 0;
+ − 1050
$j = -1;
+ − 1051
$links[1][$i] = $links[1][$i] . ' ';
+ − 1052
$d = strlen($links[1][$i]);
+ − 1053
while($j < $d)
+ − 1054
{
+ − 1055
$j++;
+ − 1056
$in_var_last = $in_var_now;
+ − 1057
+ − 1058
$char = substr($links[1][$i], $j, 1);
+ − 1059
$in_var_now = ( preg_match('#^([A-z0-9_]*){1}$#', $char) ) ? true : false;
+ − 1060
if(!$in_var_last && $in_var_now)
+ − 1061
{
+ − 1062
$current_var_start_pos = $j;
+ − 1063
}
+ − 1064
if($in_var_last && !$in_var_now)
+ − 1065
{
+ − 1066
$current_var_end_pos = $j;
+ − 1067
}
+ − 1068
if($in_var_now)
+ − 1069
{
+ − 1070
$current_var .= $char;
+ − 1071
continue;
+ − 1072
}
+ − 1073
// OK we are not inside of a variable. That means that we JUST hit the end because the counter ($j) will be advanced to the beginning of the next variable once processing here is complete.
+ − 1074
if($char != ' ' && $char != '(' && $char != ')' && $char != 'A' && $char != 'N' && $char != 'D' && $char != 'O' && $char != 'R' && $char != '&' && $char != '|' && $char != '!' && $char != '<' && $char != '>' && $char != '0' && $char != '1' && $char != '2' && $char != '3' && $char != '4' && $char != '5' && $char != '6' && $char != '7' && $char != '8' && $char != '9')
+ − 1075
{
+ − 1076
// XSS attack! Bail out
+ − 1077
echo '<p><b>Error:</b> Syntax error (possibly XSS attack) caught in template code:</p>';
+ − 1078
echo '<pre>';
+ − 1079
echo '{if '.$links[1][$i].'}';
+ − 1080
echo "\n ";
+ − 1081
for($k=0;$k<$j;$k++) echo " ";
+ − 1082
echo '<span style="color: red;">^</span>';
+ − 1083
echo '</pre>';
+ − 1084
continue 2;
+ − 1085
}
+ − 1086
if($current_var != '')
+ − 1087
{
+ − 1088
$cd = '( isset($this->tpl_bool[\''.$current_var.'\']) && $this->tpl_bool[\''.$current_var.'\'] )';
+ − 1089
$cvt = substr($links[1][$i], 0, $current_var_start_pos) . $cd . substr($links[1][$i], $current_var_end_pos, strlen($links[1][$i]));
+ − 1090
$j = $j + strlen($cd) - strlen($current_var);
+ − 1091
$current_var = '';
+ − 1092
$links[1][$i] = $cvt;
+ − 1093
$d = strlen($links[1][$i]);
+ − 1094
}
+ − 1095
}
+ − 1096
$links[1][$i] = substr($links[1][$i], 0, strlen($links[1][$i])-1);
+ − 1097
$links[1][$i] = '$chk = ( '.$links[1][$i].' ) ? true : false;';
+ − 1098
eval($links[1][$i]);
+ − 1099
+ − 1100
if($chk) { // isset($this->tpl_bool[$links[1][$i]]) && $this->tpl_bool[$links[1][$i]]
+ − 1101
if(strstr($links[2][$i], '{else}')) $c = substr($links[2][$i], 0, strpos($links[2][$i], '{else}'));
+ − 1102
else $c = $links[2][$i];
+ − 1103
$message = str_replace('{CONDITIONAL:'.$i.':'.$random_id.'}', $c, $message);
+ − 1104
} else {
+ − 1105
if(strstr($links[2][$i], '{else}')) $c = substr($links[2][$i], strpos($links[2][$i], '{else}')+6, strlen($links[2][$i]));
+ − 1106
else $c = '';
+ − 1107
$message = str_replace('{CONDITIONAL:'.$i.':'.$random_id.'}', $c, $message);
+ − 1108
}
+ − 1109
}
+ − 1110
+ − 1111
preg_match_all('#\{!if ([A-Za-z_-]*)\}(.*?)\{\/if\}#is', $message, $links);
+ − 1112
+ − 1113
for($i=0;$i<sizeof($links[1]);$i++)
+ − 1114
{
+ − 1115
$message = str_replace('{!if '.$links[1][$i].'}'.$links[2][$i].'{/if}', '{CONDITIONAL:'.$i.':'.$random_id.'}', $message);
+ − 1116
if(isset($this->tpl_bool[$links[1][$i]]) && $this->tpl_bool[$links[1][$i]]) {
+ − 1117
if(strstr($links[2][$i], '{else}')) $c = substr($links[2][$i], strpos($links[2][$i], '{else}')+6, strlen($links[2][$i]));
+ − 1118
else $c = '';
+ − 1119
$message = str_replace('{CONDITIONAL:'.$i.':'.$random_id.'}', $c, $message);
+ − 1120
} else {
+ − 1121
if(strstr($links[2][$i], '{else}')) $c = substr($links[2][$i], 0, strpos($links[2][$i], '{else}'));
+ − 1122
else $c = $links[2][$i];
+ − 1123
$message = str_replace('{CONDITIONAL:'.$i.':'.$random_id.'}', $c, $message);
+ − 1124
}
+ − 1125
}
+ − 1126
+ − 1127
/*
+ − 1128
* HTML RENDERER
+ − 1129
*/
+ − 1130
+ − 1131
// Images
+ − 1132
$j = preg_match_all('#\[\[:'.$paths->nslist['File'].'([\w\s0-9_\(\)!@%\^\+\|\.-]+?)\]\]#is', $message, $matchlist);
+ − 1133
$matches = Array();
+ − 1134
$matches['images'] = $matchlist[1];
+ − 1135
for($i=0;$i<sizeof($matchlist[1]);$i++)
+ − 1136
{
+ − 1137
if(isPage($paths->nslist['File'].$matches['images'][$i]))
+ − 1138
{
+ − 1139
$message = str_replace('[[:'.$paths->nslist['File'].$matches['images'][$i].']]',
+ − 1140
'<img alt="'.$matches['images'][$i].'" style="border: 0" src="'.makeUrlNS('Special', 'DownloadFile/'.$matches['images'][$i]).'" />',
+ − 1141
$message);
+ − 1142
}
+ − 1143
}
+ − 1144
+ − 1145
// Internal links
+ − 1146
+ − 1147
$text_parser = $this->makeParserText($tplvars['sidebar_button']);
+ − 1148
133
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
diff
changeset
+ − 1149
preg_match_all("#\[\[([^\|\]\n\a\r\t]*?)\]\]#is", $message, $il);
1
+ − 1150
for($i=0;$i<sizeof($il[1]);$i++)
+ − 1151
{
+ − 1152
$href = makeUrl(str_replace(' ', '_', $il[1][$i]), null, true);
59
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1153
$text_parser->assign_vars(Array(
1
+ − 1154
'HREF' => $href,
+ − 1155
'FLAGS' => '',
+ − 1156
'TEXT' => $il[1][$i]
+ − 1157
));
+ − 1158
$message = str_replace("[[{$il[1][$i]}]]", $text_parser->run(), $message);
+ − 1159
}
+ − 1160
133
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
diff
changeset
+ − 1161
preg_match_all('#\[\[([^\|\]\n\a\r\t]*?)\|([^\]\r\n\a\t]*?)\]\]#is', $message, $il);
1
+ − 1162
for($i=0;$i<sizeof($il[1]);$i++)
+ − 1163
{
+ − 1164
$href = makeUrl(str_replace(' ', '_', $il[1][$i]), null, true);
+ − 1165
$text_parser->assign_vars(Array(
+ − 1166
'HREF' => $href,
+ − 1167
'FLAGS' => '',
+ − 1168
'TEXT' => $il[2][$i]
+ − 1169
));
+ − 1170
$message = str_replace("[[{$il[1][$i]}|{$il[2][$i]}]]", $text_parser->run(), $message);
+ − 1171
}
+ − 1172
+ − 1173
// External links
59
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1174
// $message = preg_replace('#\[(http|ftp|irc):\/\/([a-z0-9\/:_\.\?&%\#@_\\\\-]+?) ([^\]]+)\\]#', '<a href="\\1://\\2">\\3</a><br style="display: none;" />', $message);
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1175
// $message = preg_replace('#\[(http|ftp|irc):\/\/([a-z0-9\/:_\.\?&%\#@_\\\\-]+?)\\]#', '<a href="\\1://\\2">\\1://\\2</a><br style="display: none;" />', $message);
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1176
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1177
preg_match_all('#\[(http|ftp|irc):\/\/([a-z0-9\/:_\.\?&%\#@_\\\\-]+?)\\ ([^\]]+)]#', $message, $ext_link);
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1178
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1179
for ( $i = 0; $i < count($ext_link[0]); $i++ )
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1180
{
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1181
$text_parser->assign_vars(Array(
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1182
'HREF' => "{$ext_link[1][$i]}://{$ext_link[2][$i]}",
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1183
'FLAGS' => '',
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1184
'TEXT' => $ext_link[3][$i]
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1185
));
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1186
$message = str_replace($ext_link[0][$i], $text_parser->run(), $message);
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1187
}
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1188
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1189
preg_match_all('#\[(http|ftp|irc):\/\/([a-z0-9\/:_\.\?&%\#@_\\\\-]+?)\\]#', $message, $ext_link);
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1190
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1191
for ( $i = 0; $i < count($ext_link[0]); $i++ )
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1192
{
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1193
$text_parser->assign_vars(Array(
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1194
'HREF' => "{$ext_link[1][$i]}://{$ext_link[2][$i]}",
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1195
'FLAGS' => '',
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1196
'TEXT' => htmlspecialchars("{$ext_link[1][$i]}://{$ext_link[2][$i]}")
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1197
));
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1198
$message = str_replace($ext_link[0][$i], $text_parser->run(), $message);
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1199
}
1
+ − 1200
+ − 1201
$parser1 = $this->makeParserText($tplvars['sidebar_section']);
+ − 1202
$parser2 = $this->makeParserText($tplvars['sidebar_section_raw']);
+ − 1203
60
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 1204
preg_match_all('#\{slider(2|)=([^\}]*?)\}(.*?)\{\/slider(2|)\}#is', $message, $sb);
1
+ − 1205
+ − 1206
// Modified to support the sweet new template var system
+ − 1207
for($i=0;$i<sizeof($sb[1]);$i++)
+ − 1208
{
+ − 1209
$p = ($sb[1][$i] == '2') ? $parser2 : $parser1;
+ − 1210
$p->assign_vars(Array('TITLE'=>$sb[2][$i],'CONTENT'=>$sb[3][$i]));
+ − 1211
$message = str_replace("{slider{$sb[1][$i]}={$sb[2][$i]}}{$sb[3][$i]}{/slider{$sb[4][$i]}}", $p->run(), $message);
+ − 1212
}
+ − 1213
+ − 1214
/*
+ − 1215
Extras ;-)
+ − 1216
$message = preg_replace('##is', '', $message);
+ − 1217
$message = preg_replace('##is', '', $message);
+ − 1218
$message = preg_replace('##is', '', $message);
+ − 1219
$message = preg_replace('##is', '', $message);
+ − 1220
$message = preg_replace('##is', '', $message);
+ − 1221
*/
+ − 1222
+ − 1223
//die('<pre>'.htmlspecialchars($message).'</pre>');
+ − 1224
//eval($message); exit;
+ − 1225
return $message;
+ − 1226
}
+ − 1227
+ − 1228
/**
+ − 1229
* Print a text field that auto-completes a username entered into it.
+ − 1230
* @param string $name - the name of the form field
+ − 1231
* @return string
+ − 1232
*/
+ − 1233
+ − 1234
function username_field($name, $value = false)
+ − 1235
{
+ − 1236
$randomid = md5( time() . microtime() . mt_rand() );
+ − 1237
$text = '<input name="'.$name.'" onkeyup="ajaxUserNameComplete(this)" autocomplete="off" type="text" size="30" id="userfield_'.$randomid.'"';
+ − 1238
if($value) $text .= ' value="'.$value.'"';
+ − 1239
$text .= ' />';
+ − 1240
return $text;
+ − 1241
}
+ − 1242
+ − 1243
/**
+ − 1244
* Print a text field that auto-completes a page name entered into it.
+ − 1245
* @param string $name - the name of the form field
+ − 1246
* @return string
+ − 1247
*/
+ − 1248
+ − 1249
function pagename_field($name, $value = false)
+ − 1250
{
+ − 1251
$randomid = md5( time() . microtime() . mt_rand() );
+ − 1252
$text = '<input name="'.$name.'" onkeyup="ajaxPageNameComplete(this)" type="text" size="30" id="pagefield_'.$randomid.'"';
+ − 1253
if($value) $text .= ' value="'.$value.'"';
+ − 1254
$text .= ' />';
+ − 1255
$text .= '<script type="text/javascript">
+ − 1256
var inp = document.getElementById(\'pagefield_' . $randomid . '\');
+ − 1257
var f = get_parent_form(inp);
+ − 1258
if ( f )
+ − 1259
{
+ − 1260
if ( typeof(f.onsubmit) != \'function\' )
+ − 1261
{
+ − 1262
f.onsubmit = function() {
+ − 1263
if ( !submitAuthorized )
+ − 1264
{
+ − 1265
return false;
+ − 1266
}
+ − 1267
}
+ − 1268
}
+ − 1269
}</script>';
+ − 1270
return $text;
+ − 1271
}
+ − 1272
+ − 1273
/**
+ − 1274
* Sends a textarea that can be converted to and from a TinyMCE widget on the fly.
+ − 1275
* @param string The name of the form element
+ − 1276
* @param string The initial content. Optional, defaults to blank
+ − 1277
* @param int Rows in textarea
+ − 1278
* @param int Columns in textarea
+ − 1279
* @return string HTML and Javascript code.
+ − 1280
*/
+ − 1281
+ − 1282
function tinymce_textarea($name, $content = '', $rows = 20, $cols = 60)
+ − 1283
{
+ − 1284
$randomid = md5(microtime() . mt_rand());
+ − 1285
$html = '';
+ − 1286
$html .= '<textarea name="' . $name . '" rows="'.$rows.'" cols="'.$cols.'" style="width: 100%;" id="toggleMCEroot_'.$randomid.'">' . $content . '</textarea>';
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 1287
$html .= '<div style="float: right; display: table;" id="mceSwitchAgent_' . $randomid . '">text editor | <a href="#" onclick="if ( !KILL_SWITCH ) { toggleMCE_'.$randomid.'(); return false; }">graphical editor</a></div>';
1
+ − 1288
$html .= '<script type="text/javascript">
+ − 1289
// <![CDATA[
+ − 1290
function toggleMCE_'.$randomid.'()
+ − 1291
{
+ − 1292
var the_obj = document.getElementById(\'toggleMCEroot_' . $randomid . '\');
+ − 1293
var panel = document.getElementById(\'mceSwitchAgent_' . $randomid . '\');
+ − 1294
if ( the_obj.dnIsMCE == "yes" )
+ − 1295
{
+ − 1296
$dynano(the_obj).destroyMCE();
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 1297
panel.innerHTML = \'text editor | <a href="#" onclick="if ( !KILL_SWITCH ) { toggleMCE_'.$randomid.'(); return false; }">graphical editor</a>\';
1
+ − 1298
}
+ − 1299
else
+ − 1300
{
+ − 1301
$dynano(the_obj).switchToMCE();
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 1302
panel.innerHTML = \'<a href="#" onclick="if ( !KILL_SWITCH ) { toggleMCE_'.$randomid.'(); return false; }">text editor</a> | graphical editor\';
1
+ − 1303
}
+ − 1304
}
+ − 1305
// ]]>
+ − 1306
</script>';
+ − 1307
return $html;
+ − 1308
}
+ − 1309
+ − 1310
/**
+ − 1311
* Allows individual parsing of template files. Similar to phpBB but follows the spirit of object-oriented programming ;)
+ − 1312
* Returns on object of class templateIndividual. Usage instructions can be found in the inline docs for that class.
+ − 1313
* @param $filename the filename of the template to be parsed
+ − 1314
* @return object
+ − 1315
*/
+ − 1316
+ − 1317
function makeParser($filename)
+ − 1318
{
+ − 1319
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1320
$filename = ENANO_ROOT.'/themes/'.$template->theme.'/'.$filename;
+ − 1321
if(!file_exists($filename)) die('templateIndividual: file '.$filename.' does not exist');
+ − 1322
$code = file_get_contents($filename);
+ − 1323
$parser = new templateIndividual($code);
+ − 1324
return $parser;
+ − 1325
}
+ − 1326
+ − 1327
/**
+ − 1328
* Same as $template->makeParser(), but takes a string instead of a filename.
+ − 1329
* @param $text the text to parse
+ − 1330
* @return object
+ − 1331
*/
+ − 1332
+ − 1333
function makeParserText($code)
+ − 1334
{
+ − 1335
$parser = new templateIndividual($code);
+ − 1336
return $parser;
+ − 1337
}
+ − 1338
+ − 1339
/**
+ − 1340
* Fetch the HTML for a plugin-added sidebar block
+ − 1341
* @param $name the plugin name
+ − 1342
* @return string
+ − 1343
*/
+ − 1344
+ − 1345
function fetch_block($id)
+ − 1346
{
+ − 1347
if(isset($this->plugin_blocks[$id])) return $this->plugin_blocks[$id];
+ − 1348
else return false;
+ − 1349
}
+ − 1350
+ − 1351
/**
+ − 1352
* Fetches the contents of both sidebars.
+ − 1353
* @return array - key 0 is left, key 1 is right
+ − 1354
* @example list($left, $right) = $template->fetch_sidebar();
+ − 1355
*/
+ − 1356
+ − 1357
function fetch_sidebar()
+ − 1358
{
+ − 1359
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1360
+ − 1361
$left = '';
+ − 1362
$right = '';
+ − 1363
+ − 1364
if ( !$this->fetch_block('Links') )
+ − 1365
$this->initLinksWidget();
+ − 1366
+ − 1367
$q = $db->sql_query('SELECT item_id,sidebar_id,block_name,block_type,block_content FROM '.table_prefix.'sidebar WHERE item_enabled=1 ORDER BY sidebar_id ASC, item_order ASC;');
+ − 1368
if(!$q) $db->_die('The sidebar text data could not be selected.');
+ − 1369
+ − 1370
$vars = $this->extract_vars('elements.tpl');
+ − 1371
+ − 1372
if(isset($vars['sidebar_top']))
+ − 1373
{
+ − 1374
$left .= $this->parse($vars['sidebar_top']);
+ − 1375
$right .= $this->parse($vars['sidebar_top']);
+ − 1376
}
+ − 1377
while($row = $db->fetchrow())
+ − 1378
{
+ − 1379
switch($row['block_type'])
+ − 1380
{
+ − 1381
case BLOCK_WIKIFORMAT:
+ − 1382
default:
+ − 1383
$parser = $this->makeParserText($vars['sidebar_section']);
+ − 1384
$c = RenderMan::render($row['block_content']);
+ − 1385
break;
+ − 1386
case BLOCK_TEMPLATEFORMAT:
+ − 1387
$parser = $this->makeParserText($vars['sidebar_section']);
+ − 1388
$c = $this->tplWikiFormat($row['block_content']);
+ − 1389
break;
+ − 1390
case BLOCK_HTML:
+ − 1391
$parser = $this->makeParserText($vars['sidebar_section_raw']);
+ − 1392
$c = $row['block_content'];
+ − 1393
break;
+ − 1394
case BLOCK_PHP:
+ − 1395
$parser = $this->makeParserText($vars['sidebar_section_raw']);
+ − 1396
ob_start();
+ − 1397
@eval($row['block_content']);
+ − 1398
$c = ob_get_contents();
+ − 1399
ob_end_clean();
+ − 1400
break;
+ − 1401
case BLOCK_PLUGIN:
+ − 1402
$parser = $this->makeParserText($vars['sidebar_section_raw']);
+ − 1403
$c = (gettype($this->fetch_block($row['block_content'])) == 'string') ? $this->fetch_block($row['block_content']) : 'Can\'t find plugin block';
+ − 1404
break;
+ − 1405
}
+ − 1406
$parser->assign_vars(Array( 'TITLE'=>$this->tplWikiFormat($row['block_name']), 'CONTENT'=>$c ));
+ − 1407
if ($row['sidebar_id'] == SIDEBAR_LEFT ) $left .= $parser->run();
+ − 1408
elseif($row['sidebar_id'] == SIDEBAR_RIGHT) $right .= $parser->run();
+ − 1409
unset($parser);
+ − 1410
}
+ − 1411
$db->free_result();
+ − 1412
if(isset($vars['sidebar_bottom']))
+ − 1413
{
+ − 1414
$left .= $this->parse($vars['sidebar_bottom']);
+ − 1415
$right .= $this->parse($vars['sidebar_bottom']);
+ − 1416
}
+ − 1417
$min = '';
+ − 1418
if(isset($vars['sidebar_top']))
+ − 1419
{
+ − 1420
$min .= $this->parse($vars['sidebar_top']);
+ − 1421
}
+ − 1422
if(isset($vars['sidebar_bottom']))
+ − 1423
{
+ − 1424
$min .= $this->parse($vars['sidebar_bottom']);
+ − 1425
}
+ − 1426
return Array($left, $right, $min);
+ − 1427
}
+ − 1428
+ − 1429
function initLinksWidget()
+ − 1430
{
+ − 1431
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1432
// SourceForge/W3C buttons
+ − 1433
$ob = Array();
27
dd659f6ba891
Converting all tables on new installations to UTF-8; this may break MySQL 4.0 compatibility; several minor cosmetic fixes; set Powered button under Links to "on" by default
Dan
diff
changeset
+ − 1434
$admintitle = ( $session->user_level >= USER_LEVEL_ADMIN ) ? 'title="You may disable this button in the admin panel under General Configuration."' : '';
1
+ − 1435
if(getConfig('sflogo_enabled')=='1')
+ − 1436
{
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 1437
$ob[] = '<a style="text-align: center;" href="http://sourceforge.net/" onclick="if ( !KILL_SWITCH ) { window.open(this.href);return false; }"><img style="border-width: 0px;" alt="SourceForge.net Logo" src="http://sflogo.sourceforge.net/sflogo.php?group_id='.getConfig('sflogo_groupid').'&type='.getConfig('sflogo_type').'" /></a>';
1
+ − 1438
}
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 1439
if(getConfig('w3c_v32') =='1') $ob[] = '<a style="text-align: center;" href="http://validator.w3.org/check?uri=referer" onclick="if ( !KILL_SWITCH ) { window.open(this.href);return false; }"><img style="border: 0px solid #FFFFFF;" alt="Valid HTML 3.2" src="http://www.w3.org/Icons/valid-html32" /></a>';
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 1440
if(getConfig('w3c_v40') =='1') $ob[] = '<a style="text-align: center;" href="http://validator.w3.org/check?uri=referer" onclick="if ( !KILL_SWITCH ) { window.open(this.href);return false; }"><img style="border: 0px solid #FFFFFF;" alt="Valid HTML 4.0" src="http://www.w3.org/Icons/valid-html40" /></a>';
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 1441
if(getConfig('w3c_v401') =='1') $ob[] = '<a style="text-align: center;" href="http://validator.w3.org/check?uri=referer" onclick="if ( !KILL_SWITCH ) { window.open(this.href);return false; }"><img style="border: 0px solid #FFFFFF;" alt="Valid HTML 4.01" src="http://www.w3.org/Icons/valid-html401" /></a>';
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 1442
if(getConfig('w3c_vxhtml10')=='1') $ob[] = '<a style="text-align: center;" href="http://validator.w3.org/check?uri=referer" onclick="if ( !KILL_SWITCH ) { window.open(this.href);return false; }"><img style="border: 0px solid #FFFFFF;" alt="Valid XHTML 1.0" src="http://www.w3.org/Icons/valid-xhtml10" /></a>';
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 1443
if(getConfig('w3c_vxhtml11')=='1') $ob[] = '<a style="text-align: center;" href="http://validator.w3.org/check?uri=referer" onclick="if ( !KILL_SWITCH ) { window.open(this.href);return false; }"><img style="border: 0px solid #FFFFFF;" alt="Valid XHTML 1.1" src="http://www.w3.org/Icons/valid-xhtml11" /></a>';
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 1444
if(getConfig('w3c_vcss') =='1') $ob[] = '<a style="text-align: center;" href="http://validator.w3.org/check?uri=referer" onclick="if ( !KILL_SWITCH ) { window.open(this.href);return false; }"><img style="border: 0px solid #FFFFFF;" alt="Valid CSS" src="http://www.w3.org/Icons/valid-css" /></a>';
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 1445
if(getConfig('dbd_button') =='1') $ob[] = '<a style="text-align: center;" href="http://www.defectivebydesign.org/join/button" onclick="if ( !KILL_SWITCH ) { window.open(this.href);return false; }"><img style="border: 0px solid #FFFFFF;" alt="DRM technology restricts what you can do with your computer" src="http://defectivebydesign.org/sites/nodrm.civicactions.net/files/images/dbd_sm_btn.gif" /><br /><small>Protect your freedom >></small></a>';
1
+ − 1446
+ − 1447
$code = $plugins->setHook('links_widget');
+ − 1448
foreach ( $code as $cmd )
+ − 1449
{
+ − 1450
eval($cmd);
+ − 1451
}
+ − 1452
71
+ − 1453
if(count($ob) > 0 || getConfig('powered_btn') == '1') $sb_links = '<div style="text-align: center; padding: 5px 0;">'. ( ( getConfig('powered_btn') == '1' ) ? $this->fading_button : '' ) . implode('<br />', $ob).'</div>';
1
+ − 1454
else $sb_links = '';
+ − 1455
+ − 1456
$this->sidebar_widget('Links', $sb_links);
+ − 1457
}
+ − 1458
+ − 1459
/**
+ − 1460
* Builds a box showing unread private messages.
+ − 1461
*/
+ − 1462
+ − 1463
function notify_unread_pms()
+ − 1464
{
+ − 1465
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1466
if ( ( $paths->cpage['urlname_nons'] == 'PrivateMessages' || $paths->cpage['urlname_nons'] == 'Preferences' ) && $paths->namespace == 'Special' )
+ − 1467
{
+ − 1468
return '';
+ − 1469
}
+ − 1470
$ob = '<div class="usermessage">'."\n";
+ − 1471
$s = ( $session->unread_pms == 1 ) ? '' : 's';
+ − 1472
$ob .= " <b>You have $session->unread_pms <a href=" . '"' . makeUrlNS('Special', 'PrivateMessages' ) . '"' . ">unread private message$s</a>.</b><br />\n Messages: ";
+ − 1473
$q = $db->sql_query('SELECT message_id,message_from,subject,date FROM '.table_prefix.'privmsgs WHERE message_to=\'' . $session->username . '\' AND message_read=0 ORDER BY date DESC;');
+ − 1474
if ( !$q )
+ − 1475
$db->_die();
+ − 1476
$messages = array();
+ − 1477
while ( $row = $db->fetchrow() )
+ − 1478
{
+ − 1479
$messages[] = '<a href="' . makeUrlNS('Special', 'PrivateMessages/View/' . $row['message_id']) . '" title="Sent ' . date('F d, Y h:i a', $row['date']) . ' by ' . $row['message_from'] . '">' . $row['subject'] . '</a>';
+ − 1480
}
+ − 1481
$ob .= implode(",\n " , $messages)."\n";
+ − 1482
$ob .= '</div>'."\n";
+ − 1483
return $ob;
+ − 1484
}
+ − 1485
+ − 1486
} // class template
+ − 1487
+ − 1488
/**
+ − 1489
* Handles parsing of an individual template file. Instances should only be created through $template->makeParser(). To use:
+ − 1490
* - Call $template->makeParser(template file name) - file name should be something.tpl, css/whatever.css, etc.
+ − 1491
* - Make an array of strings you want the template to access. $array['STRING'] would be referenced in the template like {STRING}
+ − 1492
* - Make an array of boolean values. These can be used for conditionals in the template (<!-- IF something --> whatever <!-- ENDIF something -->)
+ − 1493
* - Call assign_vars() to pass the strings to the template parser. Same thing with assign_bool().
+ − 1494
* - Call run() to parse the template and get your fully compiled HTML.
+ − 1495
* @access private
+ − 1496
*/
+ − 1497
+ − 1498
class templateIndividual extends template {
+ − 1499
var $tpl_strings, $tpl_bool, $tpl_code;
+ − 1500
var $compiled = false;
+ − 1501
/**
+ − 1502
* Constructor.
+ − 1503
*/
+ − 1504
function __construct($text)
+ − 1505
{
+ − 1506
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1507
$this->tpl_code = $text;
+ − 1508
$this->tpl_strings = $template->tpl_strings;
+ − 1509
$this->tpl_bool = $template->tpl_bool;
+ − 1510
}
+ − 1511
/**
+ − 1512
* PHP 4 constructor.
+ − 1513
*/
+ − 1514
function templateIndividual($text)
+ − 1515
{
+ − 1516
$this->__construct($text);
+ − 1517
}
+ − 1518
/**
+ − 1519
* Assigns an array of string values to the template. Strings can be accessed from the template by inserting {KEY_NAME} in the template file.
+ − 1520
* @param $vars array
+ − 1521
*/
+ − 1522
function assign_vars($vars)
+ − 1523
{
+ − 1524
$this->tpl_strings = array_merge($this->tpl_strings, $vars);
+ − 1525
}
+ − 1526
/**
+ − 1527
* Assigns an array of boolean values to the template. These can be used for <!-- IF ... --> statements.
+ − 1528
* @param $vars array
+ − 1529
*/
+ − 1530
function assign_bool($vars)
+ − 1531
{
+ − 1532
$this->tpl_bool = array_merge($this->tpl_bool, $vars);
+ − 1533
}
+ − 1534
/**
+ − 1535
* Compiles and executes the template code.
+ − 1536
* @return string
+ − 1537
*/
+ − 1538
function run()
+ − 1539
{
+ − 1540
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1541
if(!$this->compiled)
+ − 1542
{
+ − 1543
$this->tpl_code = $this->compile_template_text($this->tpl_code);
+ − 1544
$this->compiled = true;
+ − 1545
}
+ − 1546
return eval($this->tpl_code);
+ − 1547
}
+ − 1548
}
+ − 1549
+ − 1550
/**
+ − 1551
* A version of the template compiler that does not rely at all on the other parts of Enano. Used during installation and for showing
+ − 1552
* "critical error" messages. ** REQUIRES ** the Oxygen theme.
+ − 1553
*/
+ − 1554
+ − 1555
class template_nodb {
+ − 1556
var $tpl_strings, $tpl_bool, $theme, $style, $no_headers, $additional_headers, $sidebar_extra, $sidebar_widgets, $toolbar_menu, $theme_list;
+ − 1557
function __construct() {
+ − 1558
+ − 1559
$this->tpl_bool = Array();
+ − 1560
$this->tpl_strings = Array();
+ − 1561
$this->sidebar_extra = '';
+ − 1562
$this->sidebar_widgets = '';
+ − 1563
$this->toolbar_menu = '';
+ − 1564
$this->additional_headers = '';
+ − 1565
+ − 1566
$this->theme_list = Array(Array(
+ − 1567
'theme_id'=>'oxygen',
+ − 1568
'theme_name'=>'Oxygen',
+ − 1569
'theme_order'=>1,
+ − 1570
'enabled'=>1,
+ − 1571
));
+ − 1572
}
+ − 1573
function template() {
+ − 1574
$this->__construct();
+ − 1575
}
+ − 1576
function get_css($s = false) {
+ − 1577
if($s)
+ − 1578
return $this->process_template('css/'.$s);
+ − 1579
else
+ − 1580
return $this->process_template('css/'.$this->style.'.css');
+ − 1581
}
+ − 1582
function load_theme($name, $css, $auto_init = true) {
+ − 1583
$this->theme = $name;
+ − 1584
$this->style = $css;
+ − 1585
+ − 1586
$this->tpl_strings['SCRIPTPATH'] = scriptPath;
+ − 1587
if ( $auto_init )
+ − 1588
$this->init_vars();
+ − 1589
}
+ − 1590
function init_vars()
+ − 1591
{
+ − 1592
global $sideinfo;
+ − 1593
global $this_page;
+ − 1594
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1595
$tplvars = $this->extract_vars('elements.tpl');
+ − 1596
$tb = '';
+ − 1597
// Get the "article" button text (depends on namespace)
+ − 1598
if(defined('IN_ENANO_INSTALL')) $ns = 'installation page';
+ − 1599
else $ns = 'system error page';
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 1600
$t = str_replace('{FLAGS}', 'onclick="if ( !KILL_SWITCH ) { return false; }" title="Hey! A button that doesn\'t do anything. Clever..." accesskey="a"', $tplvars['toolbar_button']);
1
+ − 1601
$t = str_replace('{HREF}', '#', $t);
+ − 1602
$t = str_replace('{TEXT}', $ns, $t);
+ − 1603
$tb .= $t;
+ − 1604
+ − 1605
// Page toolbar
+ − 1606
+ − 1607
$this->tpl_bool = Array(
+ − 1608
'auth_admin'=>true,
+ − 1609
'user_logged_in'=>true,
+ − 1610
'right_sidebar'=>false,
+ − 1611
);
+ − 1612
$this->tpl_bool['in_sidebar_admin'] = false;
+ − 1613
+ − 1614
$this->tpl_bool['auth_rename'] = false;
+ − 1615
+ − 1616
$asq = $asa = '';
+ − 1617
+ − 1618
$this->tpl_bool['fixed_menus'] = false;
+ − 1619
$slink = defined('IN_ENANO_INSTALL') ? scriptPath.'/install.php?mode=css' : makeUrlNS('Special', 'CSS');
+ − 1620
+ − 1621
$title = ( is_object($paths) ) ? $paths->page : 'Critical error';
+ − 1622
+ − 1623
// The rewritten template engine will process all required vars during the load_template stage instead of (cough) re-processing everything each time around.
+ − 1624
$tpl_strings = Array(
+ − 1625
'PAGE_NAME'=>$this_page,
+ − 1626
'PAGE_URLNAME'=>'Null',
+ − 1627
'SITE_NAME'=>'Enano Installation',
+ − 1628
'USERNAME'=>'admin',
+ − 1629
'SITE_DESC'=>'Install Enano on your server.',
+ − 1630
'TOOLBAR'=>$tb,
+ − 1631
'SCRIPTPATH'=>scriptPath,
+ − 1632
'CONTENTPATH'=>contentPath,
+ − 1633
'ADMIN_SID_QUES'=>$asq,
+ − 1634
'ADMIN_SID_AMP'=>$asa,
+ − 1635
'ADMIN_SID_AMP_HTML'=>'',
+ − 1636
'ADDITIONAL_HEADERS'=>'<style type="text/css">div.pagenav { border-top: 1px solid #CCC; padding-top: 7px; margin-top: 10px; }</style>',
+ − 1637
'SIDEBAR_EXTRA'=>'',
+ − 1638
'COPYRIGHT'=>'Enano and all of its code, graphics, and more code is copyright © 2006 Dan Fuhry.<br />This program is Free Software; see the file "GPL" included with this package for details.',
+ − 1639
'TOOLBAR_EXTRAS'=>'',
125
+ − 1640
'REQUEST_URI'=>( isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : '' ).$_SERVER['REQUEST_URI'],
1
+ − 1641
'STYLE_LINK'=>$slink,
+ − 1642
'LOGOUT_LINK'=>'',
+ − 1643
'THEME_LINK'=>'',
+ − 1644
'TEMPLATE_DIR'=>scriptPath.'/themes/'.$this->theme,
+ − 1645
'THEME_ID'=>$this->theme,
+ − 1646
'STYLE_ID'=>$this->style,
+ − 1647
'JS_DYNAMIC_VARS'=>'<script type="text/javascript">var title="'. $title .'"; var scriptPath="'.scriptPath.'"; var ENANO_SID=""; var AES_BITS='.AES_BITS.'; var AES_BLOCKSIZE=' . AES_BLOCKSIZE . '; var pagepass=\'\';</script>',
+ − 1648
'SIDEBAR_RIGHT'=>'',
+ − 1649
);
+ − 1650
$this->tpl_strings = array_merge($tpl_strings, $this->tpl_strings);
+ − 1651
+ − 1652
$sidebar = ( gettype($sideinfo) == 'string' ) ? $sideinfo : '';
+ − 1653
if($sidebar != '')
+ − 1654
{
+ − 1655
if(isset($tplvars['sidebar_top']))
+ − 1656
{
+ − 1657
$text = $this->makeParserText($tplvars['sidebar_top']);
+ − 1658
$top = $text->run();
+ − 1659
} else {
+ − 1660
$top = '';
+ − 1661
}
+ − 1662
$p = $this->makeParserText($tplvars['sidebar_section']);
+ − 1663
$p->assign_vars(Array(
+ − 1664
'TITLE'=>'Installation progress',
+ − 1665
'CONTENT'=>$sidebar,
+ − 1666
));
+ − 1667
$sidebar = $p->run();
+ − 1668
if(isset($tplvars['sidebar_bottom']))
+ − 1669
{
+ − 1670
$text = $this->makeParserText($tplvars['sidebar_bottom']);
+ − 1671
$bottom = $text->run();
+ − 1672
} else {
+ − 1673
$bottom = '';
+ − 1674
}
+ − 1675
$sidebar = $top . $sidebar . $bottom;
+ − 1676
}
+ − 1677
$this->tpl_strings['SIDEBAR_LEFT'] = $sidebar;
+ − 1678
+ − 1679
$this->tpl_bool['sidebar_left'] = ( $this->tpl_strings['SIDEBAR_LEFT'] != '') ? true : false;
+ − 1680
$this->tpl_bool['sidebar_right'] = ( $this->tpl_strings['SIDEBAR_RIGHT'] != '') ? true : false;
+ − 1681
$this->tpl_bool['right_sidebar'] = $this->tpl_bool['sidebar_right']; // backward compatibility
+ − 1682
$this->tpl_bool['stupid_mode'] = true;
+ − 1683
}
+ − 1684
function header()
+ − 1685
{
+ − 1686
if(!$this->no_headers) echo $this->process_template('header.tpl');
+ − 1687
}
+ − 1688
function footer()
+ − 1689
{
+ − 1690
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1691
if(!$this->no_headers) {
+ − 1692
global $_starttime;
91
+ − 1693
1
+ − 1694
$f = microtime(true);
+ − 1695
$f = $f - $_starttime;
+ − 1696
$f = round($f, 4);
+ − 1697
if(defined('IN_ENANO_INSTALL')) $nq = 'N/A';
+ − 1698
else $nq = $db->num_queries;
+ − 1699
if($nq == 0) $nq = 'N/A';
+ − 1700
$dbg = 'Time: '.$f.'s | Queries: '.$nq;
+ − 1701
$t = $this->process_template('footer.tpl');
+ − 1702
$t = str_replace('[[Stats]]', $dbg, $t);
98
6457a9b983c6
Fixed non-object reference in databaseless template, added locking for Javascript paginator, made comments on AES key size more clear in constants, and disallowed "anonymous" and IP addresses for admin username in install.php; Loch Ness release candidate
Dan
diff
changeset
+ − 1703
if ( is_object($db) )
6457a9b983c6
Fixed non-object reference in databaseless template, added locking for Javascript paginator, made comments on AES key size more clear in constants, and disallowed "anonymous" and IP addresses for admin username in install.php; Loch Ness release candidate
Dan
diff
changeset
+ − 1704
{
6457a9b983c6
Fixed non-object reference in databaseless template, added locking for Javascript paginator, made comments on AES key size more clear in constants, and disallowed "anonymous" and IP addresses for admin username in install.php; Loch Ness release candidate
Dan
diff
changeset
+ − 1705
$t = str_replace('[[NumQueries]]', (string)$db->num_queries, $t);
6457a9b983c6
Fixed non-object reference in databaseless template, added locking for Javascript paginator, made comments on AES key size more clear in constants, and disallowed "anonymous" and IP addresses for admin username in install.php; Loch Ness release candidate
Dan
diff
changeset
+ − 1706
}
6457a9b983c6
Fixed non-object reference in databaseless template, added locking for Javascript paginator, made comments on AES key size more clear in constants, and disallowed "anonymous" and IP addresses for admin username in install.php; Loch Ness release candidate
Dan
diff
changeset
+ − 1707
else
6457a9b983c6
Fixed non-object reference in databaseless template, added locking for Javascript paginator, made comments on AES key size more clear in constants, and disallowed "anonymous" and IP addresses for admin username in install.php; Loch Ness release candidate
Dan
diff
changeset
+ − 1708
{
6457a9b983c6
Fixed non-object reference in databaseless template, added locking for Javascript paginator, made comments on AES key size more clear in constants, and disallowed "anonymous" and IP addresses for admin username in install.php; Loch Ness release candidate
Dan
diff
changeset
+ − 1709
$t = str_replace('[[NumQueries]]', '0', $t);
6457a9b983c6
Fixed non-object reference in databaseless template, added locking for Javascript paginator, made comments on AES key size more clear in constants, and disallowed "anonymous" and IP addresses for admin username in install.php; Loch Ness release candidate
Dan
diff
changeset
+ − 1710
}
91
+ − 1711
$t = str_replace('[[GenTime]]', (string)$f, $t);
+ − 1712
1
+ − 1713
echo $t;
+ − 1714
}
+ − 1715
else return '';
+ − 1716
}
+ − 1717
function getHeader()
+ − 1718
{
+ − 1719
if(!$this->no_headers) return $this->process_template('header.tpl');
+ − 1720
else return '';
+ − 1721
}
+ − 1722
function getFooter()
+ − 1723
{
+ − 1724
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1725
if(!$this->no_headers) {
+ − 1726
global $_starttime;
+ − 1727
$f = microtime(true);
+ − 1728
$f = $f - $_starttime;
+ − 1729
$f = round($f, 4);
+ − 1730
if(defined('IN_ENANO_INSTALL')) $nq = 'N/A';
+ − 1731
else $nq = $db->num_queries;
+ − 1732
if($nq == 0) $nq = 'N/A';
+ − 1733
$dbg = 'Time: '.$f.'s | Queries: '.$nq;
+ − 1734
if($nq == 0) $nq = 'N/A';
+ − 1735
$t = $this->process_template('footer.tpl');
+ − 1736
$t = str_replace('[[Stats]]', $dbg, $t);
+ − 1737
return $t;
+ − 1738
}
+ − 1739
else return '';
+ − 1740
}
+ − 1741
+ − 1742
function process_template($file) {
+ − 1743
+ − 1744
eval($this->compile_template($file));
+ − 1745
return $tpl_code;
+ − 1746
}
+ − 1747
+ − 1748
function extract_vars($file) {
+ − 1749
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1750
if(!is_file(ENANO_ROOT . '/themes/'.$this->theme.'/'.$file)) die('Cannot find '.$file.' file for style "'.$this->theme.'", exiting');
+ − 1751
$text = file_get_contents(ENANO_ROOT . '/themes/'.$this->theme.'/'.$file);
+ − 1752
preg_match_all('#<\!-- VAR ([A-z0-9_-]*) -->(.*?)<\!-- ENDVAR \\1 -->#is', $text, $matches);
+ − 1753
$tplvars = Array();
+ − 1754
for($i=0;$i<sizeof($matches[1]);$i++)
+ − 1755
{
+ − 1756
$tplvars[$matches[1][$i]] = $matches[2][$i];
+ − 1757
}
+ − 1758
return $tplvars;
+ − 1759
}
+ − 1760
function compile_template($text) {
+ − 1761
global $sideinfo;
+ − 1762
$text = file_get_contents(ENANO_ROOT . '/themes/'.$this->theme.'/'.$text);
+ − 1763
$text = str_replace('<script type="text/javascript" src="{SCRIPTPATH}/ajax.php?title={PAGE_URLNAME}&_mode=jsres"></script>', '', $text); // Remove the AJAX code - we don't need it, and it requires a database connection
+ − 1764
$text = '$tpl_code = \''.str_replace('\'', '\\\'', $text).'\'; return $tpl_code;';
+ − 1765
$text = preg_replace('#<!-- BEGIN (.*?) -->#is', '\'; if($this->tpl_bool[\'\\1\']) { $tpl_code .= \'', $text);
+ − 1766
$text = preg_replace('#<!-- IFPLUGIN (.*?) -->#is', '\'; if(getConfig(\'plugin_\\1\')==\'1\') { $tpl_code .= \'', $text);
+ − 1767
if(defined('IN_ENANO_INSTALL')) $text = str_replace('<!-- SYSMSG Sidebar -->', '<div class="slider"><div class="heading"><a class="head">Installation progress</a></div><div class="slideblock">'.$sideinfo.'</div></div>', $text);
+ − 1768
else $text = str_replace('<!-- SYSMSG Sidebar -->', '<div class="slider"><div class="heading"><a class="head">System error</a></div><div class="slideblock"><a href="#" onclick="return false;">Enano critical error page</a></div></div>', $text);
+ − 1769
$text = preg_replace('#<!-- SYSMSG (.*?) -->#is', '', $text);
+ − 1770
$text = preg_replace('#<!-- BEGINNOT (.*?) -->#is', '\'; if(!$this->tpl_bool[\'\\1\']) { $tpl_code .= \'', $text);
+ − 1771
$text = preg_replace('#<!-- BEGINELSE (.*?) -->#is', '\'; } else { $tpl_code .= \'', $text);
+ − 1772
$text = preg_replace('#<!-- END (.*?) -->#is', '\'; } $tpl_code .= \'', $text);
+ − 1773
$text = preg_replace('#{([A-z0-9]*)}#is', '\'.$this->tpl_strings[\'\\1\'].\'', $text);
+ − 1774
return $text; //('<pre>'.htmlspecialchars($text).'</pre>');
+ − 1775
}
+ − 1776
+ − 1777
function compile_template_text($text) {
+ − 1778
global $sideinfo;
+ − 1779
$text = str_replace('<script type="text/javascript" src="{SCRIPTPATH}/ajax.php?title={PAGE_URLNAME}&_mode=jsres"></script>', '', $text); // Remove the AJAX code - we don't need it, and it requires a database connection
+ − 1780
$text = '$tpl_code = \''.str_replace('\'', '\\\'', $text).'\'; return $tpl_code;';
+ − 1781
$text = preg_replace('#<!-- BEGIN (.*?) -->#is', '\'; if($this->tpl_bool[\'\\1\']) { $tpl_code .= \'', $text);
+ − 1782
$text = preg_replace('#<!-- IFPLUGIN (.*?) -->#is', '\'; if(getConfig(\'plugin_\\1\')==\'1\') { $tpl_code .= \'', $text);
+ − 1783
if(defined('IN_ENANO_INSTALL')) $text = str_replace('<!-- SYSMSG Sidebar -->', '<div class="slider"><div class="heading"><a class="head">Installation progress</a></div><div class="slideblock">'.$sideinfo.'</div></div>', $text);
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 1784
else $text = str_replace('<!-- SYSMSG Sidebar -->', '<div class="slider"><div class="heading"><a class="head">System error</a></div><div class="slideblock"><a href="#" onclick="return false;>Enano critical error page</a></div></div>', $text);
1
+ − 1785
$text = preg_replace('#<!-- SYSMSG (.*?) -->#is', '', $text);
+ − 1786
$text = preg_replace('#<!-- BEGINNOT (.*?) -->#is', '\'; if(!$this->tpl_bool[\'\\1\']) { $tpl_code .= \'', $text);
+ − 1787
$text = preg_replace('#<!-- BEGINELSE (.*?) -->#is', '\'; } else { $tpl_code .= \'', $text);
+ − 1788
$text = preg_replace('#<!-- END (.*?) -->#is', '\'; } $tpl_code .= \'', $text);
+ − 1789
$text = preg_replace('#{([A-z0-9]*)}#is', '\'.$this->tpl_strings[\'\\1\'].\'', $text);
+ − 1790
return $text; //('<pre>'.htmlspecialchars($text).'</pre>');
+ − 1791
}
+ − 1792
+ − 1793
/**
+ − 1794
* Allows individual parsing of template files. Similar to phpBB but follows the spirit of object-oriented programming ;)
+ − 1795
* Returns on object of class templateIndividual. Usage instructions can be found in the inline docs for that class.
+ − 1796
* @param $filename the filename of the template to be parsed
+ − 1797
* @return object
+ − 1798
*/
+ − 1799
+ − 1800
function makeParser($filename)
+ − 1801
{
+ − 1802
$filename = ENANO_ROOT.'/themes/'.$this->theme.'/'.$filename;
+ − 1803
if(!file_exists($filename)) die('templateIndividual: file '.$filename.' does not exist');
+ − 1804
$code = file_get_contents($filename);
+ − 1805
$parser = new templateIndividualSafe($code, $this);
+ − 1806
return $parser;
+ − 1807
}
+ − 1808
+ − 1809
/**
+ − 1810
* Same as $template->makeParser(), but takes a string instead of a filename.
+ − 1811
* @param $text the text to parse
+ − 1812
* @return object
+ − 1813
*/
+ − 1814
+ − 1815
function makeParserText($code)
+ − 1816
{
+ − 1817
$parser = new templateIndividualSafe($code, $this);
+ − 1818
return $parser;
+ − 1819
}
+ − 1820
+ − 1821
} // class template_nodb
+ − 1822
+ − 1823
/**
+ − 1824
* Identical to templateIndividual, except extends template_nodb instead of template
+ − 1825
* @see class template
+ − 1826
*/
+ − 1827
+ − 1828
class templateIndividualSafe extends template_nodb {
+ − 1829
var $tpl_strings, $tpl_bool, $tpl_code;
+ − 1830
var $compiled = false;
+ − 1831
/**
+ − 1832
* Constructor.
+ − 1833
*/
+ − 1834
function __construct($text, $parent)
+ − 1835
{
+ − 1836
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1837
$this->tpl_code = $text;
+ − 1838
$this->tpl_strings = $parent->tpl_strings;
+ − 1839
$this->tpl_bool = $parent->tpl_bool;
+ − 1840
}
+ − 1841
/**
+ − 1842
* PHP 4 constructor.
+ − 1843
*/
+ − 1844
function templateIndividual($text)
+ − 1845
{
+ − 1846
$this->__construct($text);
+ − 1847
}
+ − 1848
/**
+ − 1849
* Assigns an array of string values to the template. Strings can be accessed from the template by inserting {KEY_NAME} in the template file.
+ − 1850
* @param $vars array
+ − 1851
*/
+ − 1852
function assign_vars($vars)
+ − 1853
{
+ − 1854
if(is_array($this->tpl_strings))
+ − 1855
$this->tpl_strings = array_merge($this->tpl_strings, $vars);
+ − 1856
else
+ − 1857
$this->tpl_strings = $vars;
+ − 1858
}
+ − 1859
/**
+ − 1860
* Assigns an array of boolean values to the template. These can be used for <!-- IF ... --> statements.
+ − 1861
* @param $vars array
+ − 1862
*/
+ − 1863
function assign_bool($vars)
+ − 1864
{
+ − 1865
$this->tpl_bool = array_merge($this->tpl_bool, $vars);
+ − 1866
}
+ − 1867
/**
+ − 1868
* Compiles and executes the template code.
+ − 1869
* @return string
+ − 1870
*/
+ − 1871
function run()
+ − 1872
{
+ − 1873
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1874
if(!$this->compiled)
+ − 1875
{
+ − 1876
$this->tpl_code = $this->compile_template_text($this->tpl_code);
+ − 1877
$this->compiled = true;
+ − 1878
}
+ − 1879
return eval($this->tpl_code);
+ − 1880
}
+ − 1881
}
+ − 1882
+ − 1883
?>