1
+ − 1
<?php
+ − 2
+ − 3
/*
+ − 4
* Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 5
* Version 1.0 (Banshee)
1
+ − 6
* Copyright (C) 2006-2007 Dan Fuhry
+ − 7
*
+ − 8
* This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
+ − 9
* as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
+ − 10
*
+ − 11
* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ − 12
* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
+ − 13
*/
+ − 14
+ − 15
class template {
+ − 16
var $tpl_strings, $tpl_bool, $theme, $style, $no_headers, $additional_headers, $sidebar_extra, $sidebar_widgets, $toolbar_menu, $theme_list, $named_theme_list, $default_theme, $default_style, $plugin_blocks, $namespace_string, $style_list, $theme_loaded;
30
+ − 17
+ − 18
/**
+ − 19
* Set to true if the site is disabled and thus a message needs to be shown. This should ONLY be changed by common.php.
+ − 20
* @var bool
+ − 21
* @access private
+ − 22
*/
+ − 23
+ − 24
var $site_disabled = false;
+ − 25
53
+ − 26
/**
+ − 27
* One of the absolute best parts of Enano :-P
+ − 28
* @var string
+ − 29
*/
+ − 30
+ − 31
var $fading_button = '<a href="http://enanocms.org" onclick="window.open(this.href); return false;" style="text-align: center; margin: 0 auto; display: table; background-image: none;">
+ − 32
<img alt="Powered by Enano CMS" style="border-width: 0; position: absolute;"
+ − 33
src="/images/about-powered-enano.png" id="enanoFader" onmouseover="domOpacity(this, 100, 0, 500);"
+ − 34
onmouseout="opacity(this.id, 0, 100, 500);" />
+ − 35
<img alt="Powered by Enano CMS" style="border-width: 0px;" src="/images/about-powered-enano-hover.png" />
+ − 36
</a>';
+ − 37
1
+ − 38
function __construct()
+ − 39
{
+ − 40
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 41
dc_here('template: initializing all class variables');
+ − 42
$this->tpl_bool = Array();
+ − 43
$this->tpl_strings = Array();
+ − 44
$this->sidebar_extra = '';
+ − 45
$this->toolbar_menu = '';
+ − 46
$this->additional_headers = '';
+ − 47
$this->plugin_blocks = Array();
+ − 48
$this->theme_loaded = false;
+ − 49
+ − 50
$this->theme_list = Array();
+ − 51
$this->named_theme_list = Array();
+ − 52
$e = $db->sql_query('SELECT theme_id,theme_name,enabled,default_style FROM '.table_prefix.'themes WHERE enabled=1 ORDER BY theme_order;');
+ − 53
if(!$e) $db->_die('The list of themes could not be selected.');
+ − 54
for($i=0;$i < $db->numrows(); $i++)
+ − 55
{
+ − 56
$this->theme_list[$i] = $db->fetchrow();
+ − 57
$this->named_theme_list[$this->theme_list[$i]['theme_id']] = $this->theme_list[$i];
+ − 58
}
+ − 59
$db->free_result();
+ − 60
$this->default_theme = $this->theme_list[0]['theme_id'];
+ − 61
$dir = ENANO_ROOT.'/themes/'.$this->default_theme.'/css/';
+ − 62
$list = Array();
+ − 63
// Open a known directory, and proceed to read its contents
+ − 64
if (is_dir($dir)) {
+ − 65
if ($dh = opendir($dir)) {
+ − 66
while (($file = readdir($dh)) !== false) {
+ − 67
if(preg_match('#^(.*?)\.css$#i', $file) && $file != '_printable.css') {
+ − 68
$list[] = substr($file, 0, strlen($file)-4);
+ − 69
}
+ − 70
}
+ − 71
closedir($dh);
+ − 72
}
+ − 73
}
+ − 74
+ − 75
$def = ENANO_ROOT.'/themes/'.$this->default_theme.'/css/'.$this->named_theme_list[$this->default_theme]['default_style'];
+ − 76
if(file_exists($def))
+ − 77
{
+ − 78
$this->default_style = substr($this->named_theme_list[$this->default_theme]['default_style'], 0, strlen($this->named_theme_list[$this->default_theme]['default_style'])-4);
+ − 79
} else {
+ − 80
$this->default_style = $list[0];
+ − 81
}
+ − 82
+ − 83
$this->style_list = $list;
+ − 84
+ − 85
}
+ − 86
function template()
+ − 87
{
+ − 88
$this->__construct();
+ − 89
}
+ − 90
function sidebar_widget($t, $h)
+ − 91
{
+ − 92
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 93
if(!defined('ENANO_TEMPLATE_LOADED'))
+ − 94
{
+ − 95
$this->load_theme($session->theme, $session->style);
+ − 96
}
+ − 97
if(!$this->sidebar_widgets)
+ − 98
$this->sidebar_widgets = '';
+ − 99
$tplvars = $this->extract_vars('elements.tpl');
+ − 100
$parser = $this->makeParserText($tplvars['sidebar_section_raw']);
+ − 101
$parser->assign_vars(Array('TITLE'=>$t,'CONTENT'=>$h));
+ − 102
$this->plugin_blocks[$t] = $h;
+ − 103
$this->sidebar_widgets .= $parser->run();
+ − 104
}
+ − 105
function add_header($html)
+ − 106
{
+ − 107
$this->additional_headers .= "\n" . $html;
+ − 108
}
+ − 109
function get_css($s = false)
+ − 110
{
+ − 111
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 112
if(!defined('ENANO_TEMPLATE_LOADED'))
+ − 113
$this->load_theme($session->theme, $session->style);
+ − 114
$path = ( $s ) ? 'css/'.$s : 'css/'.$this->style.'.css';
+ − 115
if ( !file_exists(ENANO_ROOT . '/themes/' . $this->theme . '/' . $path) )
+ − 116
{
+ − 117
echo "/* WARNING: Falling back to default file because file $path does not exist */\n";
+ − 118
$path = 'css/' . $this->style_list[0] . '.css';
+ − 119
}
+ − 120
return $this->process_template($path);
+ − 121
}
+ − 122
function load_theme($name = false, $css = false)
+ − 123
{
+ − 124
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 125
$this->theme = ( $name ) ? $name : $session->theme;
+ − 126
$this->style = ( $css ) ? $css : $session->style;
+ − 127
if ( !$this->theme )
+ − 128
{
+ − 129
$this->theme = $this->theme_list[0]['theme_id'];
+ − 130
$this->style = substr($this->theme_list[0]['default_style'], 0, strlen($this->theme_list[0]['default_style'])-4);
+ − 131
}
+ − 132
$this->theme_loaded = true;
+ − 133
}
+ − 134
+ − 135
function init_vars()
+ − 136
{
+ − 137
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 138
global $email;
+ − 139
+ − 140
dc_here("template: initializing all variables");
+ − 141
+ − 142
if(!$this->theme || !$this->style)
+ − 143
{
+ − 144
$this->load_theme();
+ − 145
}
+ − 146
+ − 147
if(defined('ENANO_TEMPLATE_LOADED'))
+ − 148
{
+ − 149
dc_here('template: access denied to call template::init_vars(), bailing out');
+ − 150
die_semicritical('Illegal call', '<p>$template->load_theme was called multiple times, this is not supposed to happen. Exiting with fatal error.</p>');
+ − 151
}
+ − 152
+ − 153
define('ENANO_TEMPLATE_LOADED', '');
+ − 154
+ − 155
$tplvars = $this->extract_vars('elements.tpl');
+ − 156
+ − 157
dc_here('template: setting all template vars');
+ − 158
+ − 159
if(isset($_SERVER['HTTP_USER_AGENT']) && strstr($_SERVER['HTTP_USER_AGENT'], 'MSIE'))
+ − 160
{
+ − 161
$this->add_header('
+ − 162
<!--[if lt IE 7]>
+ − 163
<script language="JavaScript">
+ − 164
function correctPNG() // correctly handle PNG transparency in Win IE 5.5 & 6.
+ − 165
{
+ − 166
var arVersion = navigator.appVersion.split("MSIE")
+ − 167
var version = parseFloat(arVersion[1])
+ − 168
if (version >= 5.5 && typeof(document.body.filters) == "object")
+ − 169
{
+ − 170
for(var i=0; i<document.images.length; i++)
+ − 171
{
+ − 172
var img = document.images[i];
+ − 173
continue;
+ − 174
var imgName = img.src.toUpperCase();
+ − 175
if (imgName.substring(imgName.length-3, imgName.length) == "PNG")
+ − 176
{
+ − 177
var imgID = (img.id) ? "id=\'" + img.id + "\' " : "";
+ − 178
var imgClass = (img.className) ? "class=\'" + img.className + "\' " : "";
+ − 179
var imgTitle = (img.title) ? "title=\'" + img.title + "\' " : "title=\'" + img.alt + "\' ";
+ − 180
var imgStyle = "display:inline-block;" + img.style.cssText;
+ − 181
if (img.align == "left") imgStyle = "float:left;" + imgStyle;
+ − 182
if (img.align == "right") imgStyle = "float:right;" + imgStyle;
+ − 183
if (img.parentElement.href) imgStyle = "cursor:hand;" + imgStyle;
+ − 184
var strNewHTML = "<span " + imgID + imgClass + imgTitle + " style=\\"" + "width:" + img.width + "px; height:" + img.height + "px;" + imgStyle + ";" + "filter:progid:DXImageTransform.Microsoft.AlphaImageLoader" + "(src=\\\'" + img.src + "\\\', sizingMethod=\'scale\');\\"></span>";
+ − 185
img.outerHTML = strNewHTML;
+ − 186
i = i-1;
+ − 187
}
+ − 188
}
+ − 189
}
+ − 190
}
+ − 191
window.attachEvent("onload", correctPNG);
+ − 192
</script>
+ − 193
<![endif]-->
+ − 194
');
+ − 195
}
+ − 196
+ − 197
// Get the "article" button text (depends on namespace)
+ − 198
switch($paths->namespace) {
+ − 199
case "Article":
+ − 200
default:
+ − 201
$ns = 'article';
+ − 202
break;
+ − 203
case "Admin":
+ − 204
$ns = 'administration page';
+ − 205
break;
+ − 206
case "System":
+ − 207
$ns = 'system message';
+ − 208
break;
+ − 209
case "File":
+ − 210
$ns = 'uploaded file';
+ − 211
break;
+ − 212
case "Help":
+ − 213
$ns = 'documentation page';
+ − 214
break;
+ − 215
case "User":
+ − 216
$ns = 'user page';
+ − 217
break;
+ − 218
case "Special":
+ − 219
$ns = 'special page';
+ − 220
break;
+ − 221
case "Template":
+ − 222
$ns = 'template';
+ − 223
break;
+ − 224
case "Project":
+ − 225
$ns = 'project page';
+ − 226
break;
+ − 227
case "Category":
+ − 228
$ns = 'category';
+ − 229
break;
+ − 230
}
+ − 231
$this->namespace_string = $ns;
+ − 232
$code = $plugins->setHook('page_type_string_set');
+ − 233
foreach ( $code as $cmd )
+ − 234
{
+ − 235
eval($cmd);
+ − 236
}
+ − 237
$ns =& $this->namespace_string;
+ − 238
+ − 239
// Initialize the toolbar
+ − 240
$tb = '';
+ − 241
+ − 242
// Create "xx page" button
+ − 243
+ − 244
$btn_selected = ( isset($tplvars['toolbar_button_selected'])) ? $tplvars['toolbar_button_selected'] : $tplvars['toolbar_button'];
+ − 245
$parser = $this->makeParserText($btn_selected);
+ − 246
+ − 247
$parser->assign_vars(array(
+ − 248
'FLAGS' => 'onclick="void(ajaxReset()); return false;" title="View the page contents, all of the page contents, and nothing but the page contents (alt-a)" accesskey="a"',
+ − 249
'PARENTFLAGS' => 'id="mdgToolbar_article"',
+ − 250
'HREF' => makeUrl($paths->page, null, true),
+ − 251
'TEXT' => $this->namespace_string
+ − 252
));
+ − 253
+ − 254
$tb .= $parser->run();
+ − 255
+ − 256
$button = $this->makeParserText($tplvars['toolbar_button']);
+ − 257
+ − 258
// Page toolbar
+ − 259
// Comments button
+ − 260
if ( $session->get_permissions('read') && getConfig('enable_comments')=='1' && $paths->namespace != 'Special' && $paths->namespace != 'Admin' && $paths->cpage['comments_on'] == 1 )
+ − 261
{
+ − 262
+ − 263
$e = $db->sql_query('SELECT approved FROM '.table_prefix.'comments WHERE page_id=\''.$paths->cpage['urlname_nons'].'\' AND namespace=\''.$paths->namespace.'\';');
+ − 264
if ( !$e )
+ − 265
{
+ − 266
$db->_die();
+ − 267
}
+ − 268
$nc = $db->numrows();
+ − 269
$nu = 0;
+ − 270
$na = 0;
+ − 271
+ − 272
while ( $r = $db->fetchrow() )
+ − 273
{
+ − 274
if ( !$r['approved'] )
+ − 275
{
+ − 276
$nu++;
+ − 277
}
+ − 278
else
+ − 279
{
+ − 280
$na++;
+ − 281
}
+ − 282
}
+ − 283
+ − 284
$db->free_result();
+ − 285
$n = ( $session->get_permissions('mod_comments') ) ? (string)$nc : (string)$na;
+ − 286
if ( $session->get_permissions('mod_comments') && $nu > 0 )
+ − 287
{
+ − 288
$n .= ' total/'.$nu.' unapp.';
+ − 289
}
+ − 290
+ − 291
$button->assign_vars(array(
+ − 292
'FLAGS' => 'onclick="void(ajaxComments()); return false;" title="View the comments that other users have posted about this page (alt-c)" accesskey="c"',
+ − 293
'PARENTFLAGS' => 'id="mdgToolbar_discussion"',
+ − 294
'HREF' => makeUrl($paths->page, 'do=comments', true),
+ − 295
'TEXT' => 'discussion ('.$n.')',
+ − 296
));
+ − 297
+ − 298
$tb .= $button->run();
+ − 299
}
+ − 300
// Edit button
+ − 301
if($session->get_permissions('read') && ($paths->namespace != 'Special' && $paths->namespace != 'Admin') && ( $session->get_permissions('edit_page') && ( ( $paths->page_protected && $session->get_permissions('even_when_protected') ) || !$paths->page_protected ) ) )
+ − 302
{
+ − 303
$button->assign_vars(array(
+ − 304
'FLAGS' => 'onclick="void(ajaxEditor()); return false;" title="Edit the contents of this page (alt-e)" accesskey="e"',
+ − 305
'PARENTFLAGS' => 'id="mdgToolbar_edit"',
+ − 306
'HREF' => makeUrl($paths->page, 'do=edit', true),
+ − 307
'TEXT' => 'edit this page'
+ − 308
));
+ − 309
$tb .= $button->run();
+ − 310
// View source button
+ − 311
}
+ − 312
else if($session->get_permissions('view_source') && ( !$session->get_permissions('edit_page') || !$session->get_permissions('even_when_protected') && $paths->page_protected ) && $paths->namespace != 'Special' && $paths->namespace != 'Admin')
+ − 313
{
+ − 314
$button->assign_vars(array(
+ − 315
'FLAGS' => 'onclick="void(ajaxViewSource()); return false;" title="View the source code (wiki markup) that this page uses (alt-e)" accesskey="e"',
+ − 316
'PARENTFLAGS' => 'id="mdgToolbar_edit"',
+ − 317
'HREF' => makeUrl($paths->page, 'do=viewsource', true),
+ − 318
'TEXT' => 'view source'
+ − 319
));
+ − 320
$tb .= $button->run();
+ − 321
}
+ − 322
// History button
+ − 323
if ( $session->get_permissions('read') /* && $paths->wiki_mode */ && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' && $session->get_permissions('history_view') )
+ − 324
{
+ − 325
$button->assign_vars(array(
+ − 326
'FLAGS' => 'onclick="void(ajaxHistory()); return false;" title="View a log of actions taken on this page (alt-h)" accesskey="h"',
+ − 327
'PARENTFLAGS' => 'id="mdgToolbar_history"',
+ − 328
'HREF' => makeUrl($paths->page, 'do=history', true),
+ − 329
'TEXT' => 'history'
+ − 330
));
+ − 331
$tb .= $button->run();
+ − 332
}
+ − 333
+ − 334
$menubtn = $this->makeParserText($tplvars['toolbar_menu_button']);
+ − 335
+ − 336
// Additional actions menu
+ − 337
// Rename button
+ − 338
if ( $session->get_permissions('read') && $paths->page_exists && ( $session->get_permissions('rename') && ( $paths->page_protected && $session->get_permissions('even_when_protected') || !$paths->page_protected ) ) && $paths->namespace != 'Special' && $paths->namespace != 'Admin' )
+ − 339
{
+ − 340
$menubtn->assign_vars(array(
+ − 341
'FLAGS' => 'onclick="void(ajaxRename()); return false;" title="Change the display name of this page (alt-r)" accesskey="r"',
+ − 342
'HREF' => makeUrl($paths->page, 'do=rename', true),
+ − 343
'TEXT' => 'rename',
+ − 344
));
+ − 345
$this->toolbar_menu .= $menubtn->run();
+ − 346
}
+ − 347
+ − 348
// Vote-to-delete button
+ − 349
if ( $paths->wiki_mode && $session->get_permissions('vote_delete') && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin')
+ − 350
{
+ − 351
$menubtn->assign_vars(array(
+ − 352
'FLAGS' => 'onclick="void(ajaxDelVote()); return false;" title="Vote to have this page deleted (alt-d)" accesskey="d"',
+ − 353
'HREF' => makeUrl($paths->page, 'do=delvote', true),
+ − 354
'TEXT' => 'vote to delete this page',
+ − 355
));
+ − 356
$this->toolbar_menu .= $menubtn->run();
+ − 357
}
+ − 358
+ − 359
// Clear-votes button
+ − 360
if ( $session->get_permissions('read') && $paths->wiki_mode && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' && $session->get_permissions('vote_reset') && $paths->cpage['delvotes'] > 0)
+ − 361
{
+ − 362
$menubtn->assign_vars(array(
+ − 363
'FLAGS' => 'onclick="void(ajaxResetDelVotes()); return false;" title="Vote to have this page deleted (alt-y)" accesskey="y"',
+ − 364
'HREF' => makeUrl($paths->page, 'do=resetvotes', true),
+ − 365
'TEXT' => 'reset deletion votes',
+ − 366
));
+ − 367
$this->toolbar_menu .= $menubtn->run();
+ − 368
}
+ − 369
+ − 370
// Printable page button
+ − 371
if ( $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' )
+ − 372
{
+ − 373
$menubtn->assign_vars(array(
+ − 374
'FLAGS' => 'title="View a version of this page that is suitable for printing"',
+ − 375
'HREF' => makeUrl($paths->page, 'printable=yes', true),
+ − 376
'TEXT' => 'view printable version',
+ − 377
));
+ − 378
$this->toolbar_menu .= $menubtn->run();
+ − 379
}
+ − 380
+ − 381
// Protect button
+ − 382
if($session->get_permissions('read') && $paths->wiki_mode && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' && $session->get_permissions('protect'))
+ − 383
{
+ − 384
+ − 385
$label = $this->makeParserText($tplvars['toolbar_label']);
+ − 386
$label->assign_vars(array('TEXT' => 'protection:'));
+ − 387
$t0 = $label->run();
+ − 388
+ − 389
$ctmp = '';
+ − 390
if ( $paths->cpage['protected'] == 1 )
+ − 391
{
+ − 392
$ctmp=' style="text-decoration: underline;"';
+ − 393
}
+ − 394
$menubtn->assign_vars(array(
+ − 395
'FLAGS' => 'accesskey="i" onclick="ajaxProtect(1); return false;" id="protbtn_1" title="Prevents all non-administrators from editing this page. [alt-i]"'.$ctmp,
+ − 396
'HREF' => makeUrl($paths->page, 'do=protect&level=1', true),
+ − 397
'TEXT' => 'on'
+ − 398
));
+ − 399
$t1 = $menubtn->run();
+ − 400
+ − 401
$ctmp = '';
+ − 402
if ( $paths->cpage['protected'] == 0 )
+ − 403
{
+ − 404
$ctmp=' style="text-decoration: underline;"';
+ − 405
}
+ − 406
$menubtn->assign_vars(array(
+ − 407
'FLAGS' => 'accesskey="o" onclick="ajaxProtect(0); return false;" id="protbtn_0" title="Allows everyone to edit this page. [alt-o]"'.$ctmp,
+ − 408
'HREF' => makeUrl($paths->page, 'do=protect&level=0', true),
+ − 409
'TEXT' => 'off'
+ − 410
));
+ − 411
$t2 = $menubtn->run();
+ − 412
+ − 413
$ctmp = '';
+ − 414
if ( $paths->cpage['protected'] == 2 )
+ − 415
{
+ − 416
$ctmp = ' style="text-decoration: underline;"';
+ − 417
}
+ − 418
$menubtn->assign_vars(array(
+ − 419
'FLAGS' => 'accesskey="p" onclick="ajaxProtect(2); return false;" id="protbtn_2" title="Allows only users who have been registered for 4 days to edit this page. [alt-p]"'.$ctmp,
+ − 420
'HREF' => makeUrl($paths->page, 'do=protect&level=2', true),
+ − 421
'TEXT' => 'semi'
+ − 422
));
+ − 423
$t3 = $menubtn->run();
+ − 424
+ − 425
$this->toolbar_menu .= ' <table border="0" cellspacing="0" cellpadding="0">
+ − 426
<tr>
+ − 427
<td>'.$t0.'</td>
+ − 428
<td>'.$t1.'</td>
+ − 429
<td>'.$t2.'</td>
+ − 430
<td>'.$t3.'</td>
+ − 431
</tr>
+ − 432
</table>';
+ − 433
}
+ − 434
+ − 435
// Wiki mode button
+ − 436
if($session->get_permissions('read') && $paths->page_exists && $session->get_permissions('set_wiki_mode') && $paths->namespace != 'Special' && $paths->namespace != 'Admin')
+ − 437
{
+ − 438
// label at start
+ − 439
$label = $this->makeParserText($tplvars['toolbar_label']);
+ − 440
$label->assign_vars(array('TEXT' => 'page wiki mode:'));
+ − 441
$t0 = $label->run();
+ − 442
+ − 443
// on button
+ − 444
$ctmp = '';
+ − 445
if ( $paths->cpage['wiki_mode'] == 1 )
+ − 446
{
+ − 447
$ctmp = ' style="text-decoration: underline;"';
+ − 448
}
+ − 449
$menubtn->assign_vars(array(
+ − 450
'FLAGS' => 'onclick="ajaxSetWikiMode(1); return false;" id="wikibtn_1" title="Forces wiki functions to be allowed on this page."'.$ctmp,
+ − 451
'HREF' => makeUrl($paths->page, 'do=setwikimode&level=1', true),
+ − 452
'TEXT' => 'on'
+ − 453
));
+ − 454
$t1 = $menubtn->run();
+ − 455
+ − 456
// off button
+ − 457
$ctmp = '';
+ − 458
if ( $paths->cpage['wiki_mode'] == 0 )
+ − 459
{
+ − 460
$ctmp=' style="text-decoration: underline;"';
+ − 461
}
+ − 462
$menubtn->assign_vars(array(
+ − 463
'FLAGS' => 'onclick="ajaxSetWikiMode(0); return false;" id="wikibtn_0" title="Forces wiki functions to be disabled on this page."'.$ctmp,
+ − 464
'HREF' => makeUrl($paths->page, 'do=setwikimode&level=0', true),
+ − 465
'TEXT' => 'off'
+ − 466
));
+ − 467
$t2 = $menubtn->run();
+ − 468
+ − 469
// global button
+ − 470
$ctmp = '';
+ − 471
if ( $paths->cpage['wiki_mode'] == 2 )
+ − 472
{
+ − 473
$ctmp=' style="text-decoration: underline;"';
+ − 474
}
+ − 475
$menubtn->assign_vars(array(
+ − 476
'FLAGS' => 'onclick="ajaxSetWikiMode(2); return false;" id="wikibtn_2" title="Causes this page to use the global wiki mode setting (default)"'.$ctmp,
+ − 477
'HREF' => makeUrl($paths->page, 'do=setwikimode&level=2', true),
+ − 478
'TEXT' => 'global'
+ − 479
));
+ − 480
$t3 = $menubtn->run();
+ − 481
+ − 482
// Tack it onto the list of buttons that are already there...
+ − 483
$this->toolbar_menu .= ' <table border="0" cellspacing="0" cellpadding="0">
+ − 484
<tr>
+ − 485
<td>'.$t0.'</td>
+ − 486
<td>'.$t1.'</td>
+ − 487
<td>'.$t2.'</td>
+ − 488
<td>'.$t3.'</td>
+ − 489
</tr>
+ − 490
</table>';
+ − 491
}
+ − 492
+ − 493
// Clear logs button
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 494
if ( $session->get_permissions('read') && $session->get_permissions('clear_logs') && $paths->namespace != 'Special' && $paths->namespace != 'Admin' )
1
+ − 495
{
+ − 496
$menubtn->assign_vars(array(
+ − 497
'FLAGS' => 'onclick="void(ajaxClearLogs()); return false;" title="Remove all edit and action logs for this page from the database. IRREVERSIBLE! (alt-l)" accesskey="l"',
+ − 498
'HREF' => makeUrl($paths->page, 'do=flushlogs', true),
+ − 499
'TEXT' => 'clear page logs',
+ − 500
));
+ − 501
$this->toolbar_menu .= $menubtn->run();
+ − 502
}
+ − 503
+ − 504
// Delete page button
+ − 505
if ( $session->get_permissions('read') && $session->get_permissions('delete_page') && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' )
+ − 506
{
+ − 507
$s = 'delete this page';
+ − 508
if ( $paths->cpage['delvotes'] == 1 )
+ − 509
{
+ − 510
$s .= ' (<b>'.$paths->cpage['delvotes'].'</b> vote)';
+ − 511
}
+ − 512
else if ( $paths->cpage['delvotes'] > 1 )
+ − 513
{
+ − 514
$s .= ' (<b>'.$paths->cpage['delvotes'].'</b> votes)';
+ − 515
}
+ − 516
+ − 517
$menubtn->assign_vars(array(
+ − 518
'FLAGS' => 'onclick="void(ajaxDeletePage()); return false;" title="Delete this page. This is always reversible unless the logs are cleared. (alt-k)" accesskey="k"',
+ − 519
'HREF' => makeUrl($paths->page, 'do=deletepage', true),
+ − 520
'TEXT' => $s,
+ − 521
));
+ − 522
$this->toolbar_menu .= $menubtn->run();
+ − 523
+ − 524
}
+ − 525
+ − 526
// Password-protect button
+ − 527
if(isset($paths->cpage['password']))
+ − 528
{
+ − 529
if ( $paths->cpage['password'] == '' )
+ − 530
{
+ − 531
$a = $session->get_permissions('password_set');
+ − 532
}
+ − 533
else
+ − 534
{
+ − 535
$a = $session->get_permissions('password_reset');
+ − 536
}
+ − 537
}
+ − 538
else
+ − 539
{
+ − 540
$a = $session->get_permissions('password_set');
+ − 541
}
+ − 542
if ( $a && $session->get_permissions('read') && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' )
+ − 543
{
+ − 544
// label at start
+ − 545
$label = $this->makeParserText($tplvars['toolbar_label']);
13
fdd6b9dd42c3
Installer actually works now on dev servers; minor language change in template.php; code cleanliness fix in sessions.php
Dan
diff
changeset
+ − 546
$label->assign_vars(array('TEXT' => 'page password:'));
1
+ − 547
$t0 = $label->run();
+ − 548
+ − 549
$menubtn->assign_vars(array(
+ − 550
'FLAGS' => 'onclick="void(ajaxSetPassword()); return false;" title="Require a password in order for this page to be viewed"',
+ − 551
'HREF' => '#',
+ − 552
'TEXT' => 'set',
+ − 553
));
+ − 554
$t = $menubtn->run();
+ − 555
+ − 556
$this->toolbar_menu .= '<table border="0" cellspacing="0" cellpadding="0"><tr><td>'.$t0.'</td><td><input type="password" id="mdgPassSetField" size="10" /></td><td>'.$t.'</td></tr></table>';
+ − 557
}
+ − 558
+ − 559
// Manage ACLs button
+ − 560
if($session->get_permissions('edit_acl') || $session->user_level >= USER_LEVEL_ADMIN)
+ − 561
{
+ − 562
$menubtn->assign_vars(array(
+ − 563
'FLAGS' => 'onclick="return ajaxOpenACLManager();" title="Manage who can do what with this page (alt-m)" accesskey="m"',
+ − 564
'HREF' => makeUrl($paths->page, 'do=aclmanager', true),
+ − 565
'TEXT' => 'manage page access',
+ − 566
));
+ − 567
$this->toolbar_menu .= $menubtn->run();
+ − 568
}
+ − 569
+ − 570
// Administer page button
+ − 571
if ( $session->user_level >= USER_LEVEL_ADMIN && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' )
+ − 572
{
+ − 573
$menubtn->assign_vars(array(
+ − 574
'FLAGS' => 'onclick="void(ajaxAdminPage()); return false;" title="Administrative options for this page" accesskey="g"',
+ − 575
'HREF' => makeUrlNS('Special', 'Administration', 'module='.$paths->nslist['Admin'].'PageManager', true),
+ − 576
'TEXT' => 'administrative options',
+ − 577
));
+ − 578
$this->toolbar_menu .= $menubtn->run();
+ − 579
}
+ − 580
+ − 581
if ( strlen($this->toolbar_menu) > 0 )
+ − 582
{
+ − 583
$button->assign_vars(array(
+ − 584
'FLAGS' => 'id="mdgToolbar_moreoptions" onclick="return false;" title="Additional options for working with this page"',
+ − 585
'PARENTFLAGS' => '',
+ − 586
'HREF' => makeUrl($paths->page, 'do=moreoptions', true),
+ − 587
'TEXT' => 'more options'
+ − 588
));
+ − 589
$tb .= $button->run();
+ − 590
}
+ − 591
+ − 592
$is_opera = (isset($_SERVER['HTTP_USER_AGENT']) && strstr($_SERVER['HTTP_USER_AGENT'], 'Opera')) ? true : false;
+ − 593
+ − 594
$this->tpl_bool = Array(
+ − 595
'auth_admin'=>$session->user_level >= USER_LEVEL_ADMIN ? true : false,
+ − 596
'user_logged_in'=>$session->user_logged_in,
+ − 597
'opera'=>$is_opera,
+ − 598
);
+ − 599
+ − 600
if($session->sid_super) { $ash = '&auth='.$session->sid_super; $asq = "?auth=".$session->sid_super; $asa = "&auth=".$session->sid_super; $as2 = htmlspecialchars(urlSeparator).'auth='.$session->sid_super; }
+ − 601
else { $asq=''; $asa=''; $as2 = ''; $ash = ''; }
+ − 602
+ − 603
$code = $plugins->setHook('compile_template');
+ − 604
foreach ( $code as $cmd )
+ − 605
{
+ − 606
eval($cmd);
+ − 607
}
+ − 608
+ − 609
// Some additional sidebar processing
+ − 610
if($this->sidebar_extra != '') {
+ − 611
$se = $this->sidebar_extra;
+ − 612
$parser = $this->makeParserText($tplvars['sidebar_section_raw']);
+ − 613
$parser->assign_vars(Array('TITLE'=>'Links','CONTENT'=>$se));
+ − 614
$this->sidebar_extra = $parser->run();
+ − 615
}
+ − 616
+ − 617
$this->sidebar_extra = $this->sidebar_extra.$this->sidebar_widgets;
+ − 618
+ − 619
$this->tpl_bool['fixed_menus'] = false;
+ − 620
/* if($this->sidebar_extra == '') $this->tpl_bool['right_sidebar'] = false;
+ − 621
else */ $this->tpl_bool['right_sidebar'] = true;
+ − 622
+ − 623
$this->tpl_bool['auth_rename'] = ( $paths->page_exists && ( $session->get_permissions('rename') && ( $paths->page_protected && $session->get_permissions('even_when_protected') || !$paths->page_protected ) ) && $paths->namespace != 'Special' && $paths->namespace != 'Admin');
+ − 624
+ − 625
$this->tpl_bool['enable_uploads'] = ( getConfig('enable_uploads') == '1' && $session->get_permissions('upload_files') ) ? true : false;
+ − 626
+ − 627
$this->tpl_bool['stupid_mode'] = false;
+ − 628
+ − 629
if($paths->page == $paths->nslist['Special'].'Administration') $this->tpl_bool['in_admin'] = true;
+ − 630
else $this->tpl_bool['in_admin'] = false;
+ − 631
+ − 632
$p = ( isset($_GET['printable']) ) ? '/printable' : '';
+ − 633
+ − 634
// Add the e-mail address client code to the header
+ − 635
$this->add_header($email->jscode());
+ − 636
+ − 637
// Generate the code for the Log out and Change theme sidebar buttons
+ − 638
// Once again, the new template parsing system can be used here
+ − 639
+ − 640
$parser = $this->makeParserText($tplvars['sidebar_button']);
+ − 641
+ − 642
$parser->assign_vars(Array(
+ − 643
'HREF'=>makeUrlNS('Special', 'Logout'),
+ − 644
'FLAGS'=>'onclick="mb_logout(); return false;"',
+ − 645
'TEXT'=>'Log out',
+ − 646
));
+ − 647
+ − 648
$logout_link = $parser->run();
+ − 649
+ − 650
$parser->assign_vars(Array(
+ − 651
'HREF'=>makeUrlNS('Special', 'Login/' . $paths->page),
+ − 652
'FLAGS'=>'onclick="ajaxStartLogin(); return false;"',
+ − 653
'TEXT'=>'Log in',
+ − 654
));
+ − 655
+ − 656
$login_link = $parser->run();
+ − 657
+ − 658
$parser->assign_vars(Array(
+ − 659
'HREF'=>makeUrlNS('Special', 'ChangeStyle/'.$paths->page),
+ − 660
'FLAGS'=>'onclick="ajaxChangeStyle(); return false;"',
+ − 661
'TEXT'=>'Change theme',
+ − 662
));
+ − 663
+ − 664
$theme_link = $parser->run();
+ − 665
+ − 666
$SID = ($session->sid_super) ? $session->sid_super : '';
+ − 667
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 668
$urlname_clean = str_replace('\'', '\\\'', str_replace('\\', '\\\\', dirtify_page_id($paths->fullpage)));
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 669
$urlname_clean = strtr( $urlname_clean, array( '<' => '<', '>' => '>' ) );
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 670
22
+ − 671
$urlname_jssafe = sanitize_page_id($paths->fullpage);
+ − 672
1
+ − 673
// Generate the dynamic javascript vars
+ − 674
$js_dynamic = ' <script type="text/javascript">// <![CDATA[
+ − 675
// This section defines some basic and very important variables that are used later in the static Javascript library.
+ − 676
// SKIN DEVELOPERS: The template variable for this code block is {JS_DYNAMIC_VARS}. This MUST be inserted BEFORE the tag that links to the main Javascript lib.
22
+ − 677
var title=\''. $urlname_jssafe .'\';
1
+ − 678
var page_exists='. ( ( $paths->page_exists) ? 'true' : 'false' ) .';
+ − 679
var scriptPath=\''. scriptPath .'\';
+ − 680
var contentPath=\''.contentPath.'\';
+ − 681
var ENANO_SID =\'' . $SID . '\';
+ − 682
var auth_level=' . $session->auth_level . ';
+ − 683
var USER_LEVEL_GUEST = ' . USER_LEVEL_GUEST . ';
+ − 684
var USER_LEVEL_MEMBER = ' . USER_LEVEL_MEMBER . ';
+ − 685
var USER_LEVEL_CHPREF = ' . USER_LEVEL_CHPREF . ';
+ − 686
var USER_LEVEL_MOD = ' . USER_LEVEL_MOD . ';
+ − 687
var USER_LEVEL_ADMIN = ' . USER_LEVEL_ADMIN . ';
+ − 688
var editNotice = \'' . ( (getConfig('wiki_edit_notice')=='1') ? str_replace("\n", "\\\n", RenderMan::render(getConfig('wiki_edit_notice_text'))) : '' ) . '\';
+ − 689
var prot = ' . ( ($paths->page_protected && !$session->get_permissions('even_when_protected')) ? 'true' : 'false' ) .'; // No, hacking this var won\'t work, it\'s re-checked on the server
+ − 690
var ENANO_SPECIAL_CREATEPAGE = \''. makeUrl($paths->nslist['Special'].'CreatePage') .'\';
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 691
var ENANO_CREATEPAGE_PARAMS = \'_do=&pagename='. $urlname_clean .'&namespace=' . $paths->namespace . '\';
1
+ − 692
var ENANO_SPECIAL_CHANGESTYLE = \''. makeUrlNS('Special', 'ChangeStyle') .'\';
+ − 693
var namespace_list = new Array();
+ − 694
var AES_BITS = '.AES_BITS.';
+ − 695
var AES_BLOCKSIZE = '.AES_BLOCKSIZE.';
+ − 696
var pagepass = \''. ( ( isset($_REQUEST['pagepass']) ) ? sha1($_REQUEST['pagepass']) : '' ) .'\';
+ − 697
var ENANO_THEME_LIST = \'';
+ − 698
foreach($this->theme_list as $t) {
+ − 699
if($t['enabled'])
+ − 700
{
+ − 701
$js_dynamic .= '<option value="'.$t['theme_id'].'"';
29
e5484a9e0818
Rewrote change theme dialog; a few minor stability fixes here and there; fixed IE + St Patty background image
Dan
diff
changeset
+ − 702
// if($t['theme_id'] == $session->theme) $js_dynamic .= ' selected="selected"';
1
+ − 703
$js_dynamic .= '>'.$t['theme_name'].'</option>';
+ − 704
}
+ − 705
}
+ − 706
$js_dynamic .= '\';
+ − 707
var ENANO_CURRENT_THEME = \''. $session->theme .'\';';
+ − 708
foreach($paths->nslist as $k => $c)
+ − 709
{
+ − 710
$js_dynamic .= "namespace_list['{$k}'] = '$c';";
+ − 711
}
+ − 712
$js_dynamic .= "\n //]]>\n </script>";
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 713
1
+ − 714
$tpl_strings = Array(
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 715
'PAGE_NAME'=>htmlspecialchars($paths->cpage['name']),
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 716
'PAGE_URLNAME'=> $urlname_clean,
40
+ − 717
'SITE_NAME'=>htmlspecialchars(getConfig('site_name')),
1
+ − 718
'USERNAME'=>$session->username,
40
+ − 719
'SITE_DESC'=>htmlspecialchars(getConfig('site_desc')),
1
+ − 720
'TOOLBAR'=>$tb,
+ − 721
'SCRIPTPATH'=>scriptPath,
+ − 722
'CONTENTPATH'=>contentPath,
+ − 723
'ADMIN_SID_QUES'=>$asq,
+ − 724
'ADMIN_SID_AMP'=>$asa,
+ − 725
'ADMIN_SID_AMP_HTML'=>$ash,
+ − 726
'ADMIN_SID_AUTO'=>$as2,
+ − 727
'ADDITIONAL_HEADERS'=>$this->additional_headers,
+ − 728
'COPYRIGHT'=>getConfig('copyright_notice'),
+ − 729
'TOOLBAR_EXTRAS'=>$this->toolbar_menu,
+ − 730
'REQUEST_URI'=>$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'],
+ − 731
'STYLE_LINK'=>makeUrlNS('Special', 'CSS'.$p, null, true), //contentPath.$paths->nslist['Special'].'CSS' . $p,
+ − 732
'LOGIN_LINK'=>$login_link,
+ − 733
'LOGOUT_LINK'=>$logout_link,
+ − 734
'THEME_LINK'=>$theme_link,
+ − 735
'TEMPLATE_DIR'=>scriptPath.'/themes/'.$this->theme,
+ − 736
'THEME_ID'=>$this->theme,
+ − 737
'STYLE_ID'=>$this->style,
+ − 738
'JS_DYNAMIC_VARS'=>$js_dynamic,
+ − 739
'UNREAD_PMS'=>$session->unread_pms
+ − 740
);
+ − 741
+ − 742
foreach ( $paths->nslist as $ns_id => $ns_prefix )
+ − 743
{
+ − 744
$tpl_strings[ 'NS_' . strtoupper($ns_id) ] = $ns_prefix;
+ − 745
}
+ − 746
+ − 747
$this->tpl_strings = array_merge($tpl_strings, $this->tpl_strings);
+ − 748
list($this->tpl_strings['SIDEBAR_LEFT'], $this->tpl_strings['SIDEBAR_RIGHT'], $min) = $this->fetch_sidebar();
+ − 749
$this->tpl_bool['sidebar_left'] = ( $this->tpl_strings['SIDEBAR_LEFT'] != $min) ? true : false;
+ − 750
$this->tpl_bool['sidebar_right'] = ( $this->tpl_strings['SIDEBAR_RIGHT'] != $min) ? true : false;
+ − 751
$this->tpl_bool['right_sidebar'] = $this->tpl_bool['sidebar_right']; // backward compatibility
+ − 752
}
+ − 753
+ − 754
function header($simple = false)
+ − 755
{
+ − 756
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 757
ob_start();
+ − 758
+ − 759
if(!$this->theme_loaded)
+ − 760
{
+ − 761
$this->load_theme($session->theme, $session->style);
+ − 762
}
+ − 763
+ − 764
$headers_sent = true;
+ − 765
dc_here('template: generating and sending the page header');
+ − 766
if(!defined('ENANO_HEADERS_SENT'))
+ − 767
define('ENANO_HEADERS_SENT', '');
+ − 768
if(!$this->no_headers) echo ( $simple ) ? $this->process_template('simple-header.tpl') : $this->process_template('header.tpl');
+ − 769
if ( !$simple && $session->user_logged_in && $session->unread_pms > 0 )
+ − 770
{
+ − 771
echo $this->notify_unread_pms();
+ − 772
}
+ − 773
if ( !$simple && $session->sw_timed_out )
+ − 774
{
+ − 775
$login_link = makeUrlNS('Special', 'Login/' . $paths->fullpage, 'level=' . $session->user_level, true);
+ − 776
echo '<div class="usermessage">';
+ − 777
echo '<b>Your administrative session has timed out.</b> <a href="' . $login_link . '">Log in again</a>';
+ − 778
echo '</div>';
+ − 779
}
30
+ − 780
if ( $this->site_disabled && $session->user_level >= USER_LEVEL_ADMIN && ( $paths->page != $paths->nslist['Special'] . 'Administration' ) )
+ − 781
{
+ − 782
$admin_link = makeUrlNS('Special', 'Administration', 'module=' . $paths->nslist['Admin'] . 'GeneralConfig', true);
+ − 783
echo '<div class="usermessage"><b>The site is currently disabled and thus is only accessible to administrators.</b><br />
+ − 784
You can re-enable the site through the <a href="' . $admin_link . '">administration panel</a>.
+ − 785
</div>';
+ − 786
}
1
+ − 787
}
+ − 788
function footer($simple = false)
+ − 789
{
+ − 790
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 791
dc_here('template: generating and sending the page footer');
+ − 792
if(!$this->no_headers) {
+ − 793
+ − 794
if(!defined('ENANO_HEADERS_SENT'))
+ − 795
$this->header();
+ − 796
+ − 797
global $_starttime;
+ − 798
if(isset($_GET['sqldbg']) && $session->get_permissions('mod_misc'))
+ − 799
{
+ − 800
echo '<h3>Query list as requested on URI</h3><pre style="margin-left: 1em">';
+ − 801
echo $db->sql_backtrace();
+ − 802
echo '</pre>';
+ − 803
}
+ − 804
+ − 805
$f = microtime_float();
+ − 806
$f = $f - $_starttime;
+ − 807
$f = round($f, 4);
+ − 808
$dbg = 'Time: '.$f.'s | Queries: '.$db->num_queries;
+ − 809
$t = ( $simple ) ? $this->process_template('simple-footer.tpl') : $this->process_template('footer.tpl');
+ − 810
$t = str_replace('[[Stats]]', $dbg, $t);
+ − 811
$t = str_replace('[[NumQueries]]', (string)$db->num_queries, $t);
+ − 812
$t = str_replace('[[GenTime]]', (string)$f, $t);
+ − 813
echo $t;
+ − 814
+ − 815
ob_end_flush();
+ − 816
}
+ − 817
else return '';
+ − 818
}
+ − 819
function getHeader()
+ − 820
{
+ − 821
$headers_sent = true;
+ − 822
dc_here('template: generating and sending the page header');
+ − 823
if(!defined('ENANO_HEADERS_SENT'))
+ − 824
define('ENANO_HEADERS_SENT', '');
+ − 825
if(!$this->no_headers) return $this->process_template('header.tpl');
+ − 826
}
+ − 827
function getFooter()
+ − 828
{
+ − 829
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 830
dc_here('template: generating and sending the page footer');
+ − 831
if(!$this->no_headers) {
+ − 832
global $_starttime;
+ − 833
$t = '';
+ − 834
+ − 835
if(isset($_GET['sqldbg']) && $session->get_permissions('mod_misc'))
+ − 836
{
+ − 837
$t .= '<h3>Query list as requested on URI</h3><pre style="margin-left: 1em">';
+ − 838
$t .= $db->sql_backtrace();
+ − 839
$t .= '</pre>';
+ − 840
}
+ − 841
+ − 842
$f = microtime_float();
+ − 843
$f = $f - $_starttime;
+ − 844
$f = round($f, 4);
+ − 845
$dbg = 'Time: '.$f.'s | Queries: '.$db->num_queries;
+ − 846
$t.= $this->process_template('footer.tpl');
+ − 847
$t = str_replace('[[Stats]]', $dbg, $t);
+ − 848
$t = str_replace('[[NumQueries]]', (string)$db->num_queries, $t);
+ − 849
$t = str_replace('[[GenTime]]', (string)$f, $t);
+ − 850
return $t;
+ − 851
}
+ − 852
else return '';
+ − 853
}
+ − 854
+ − 855
function process_template($file) {
+ − 856
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 857
if(!defined('ENANO_TEMPLATE_LOADED'))
+ − 858
{
+ − 859
$this->load_theme();
+ − 860
$this->init_vars();
+ − 861
}
+ − 862
eval($this->compile_template($file));
+ − 863
return $tpl_code;
+ − 864
}
+ − 865
+ − 866
function extract_vars($file) {
+ − 867
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 868
if(!$this->theme)
+ − 869
{
+ − 870
die('$template->extract_vars(): theme not yet loaded, so we can\'t open template files yet...this is a bug and should be reported.<br /><br />Backtrace, most recent call first:<pre>'.enano_debug_print_backtrace(true).'</pre>');
+ − 871
}
+ − 872
if(!is_file(ENANO_ROOT . '/themes/'.$this->theme.'/'.$file)) die('Cannot find '.$file.' file for style "'.$this->theme.'", exiting');
+ − 873
$text = file_get_contents(ENANO_ROOT . '/themes/'.$this->theme.'/'.$file);
+ − 874
preg_match_all('#<\!-- VAR ([A-z0-9_-]*) -->(.*?)<\!-- ENDVAR \\1 -->#is', $text, $matches);
+ − 875
$tplvars = Array();
+ − 876
for($i=0;$i<sizeof($matches[1]);$i++)
+ − 877
{
+ − 878
$tplvars[$matches[1][$i]] = $matches[2][$i];
+ − 879
}
+ − 880
return $tplvars;
+ − 881
}
+ − 882
function compile_template($text) {
+ − 883
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 884
if(!is_file(ENANO_ROOT . '/themes/'.$this->theme.'/'.$text)) die('Cannot find '.$text.' file for style, exiting');
+ − 885
$n = $text;
+ − 886
$tpl_filename = ENANO_ROOT . '/cache/' . $this->theme . '-' . str_replace('/', '-', $n) . '.php';
+ − 887
if(!is_file(ENANO_ROOT . '/themes/'.$this->theme.'/'.$text)) die('Cannot find '.$text.' file for style, exiting');
+ − 888
if(file_exists($tpl_filename) && getConfig('cache_thumbs')=='1')
+ − 889
{
+ − 890
include($tpl_filename);
+ − 891
$text = file_get_contents(ENANO_ROOT . '/themes/'.$this->theme.'/'.$text);
+ − 892
if(isset($md5) && $md5 == md5($text)) {
+ − 893
return str_replace('\\"', '"', $tpl_text);
+ − 894
}
+ − 895
}
+ − 896
$text = file_get_contents(ENANO_ROOT . '/themes/'.$this->theme.'/'.$n);
+ − 897
+ − 898
$md5 = md5($text);
+ − 899
+ − 900
$seed = md5 ( microtime() . mt_rand() );
+ − 901
preg_match_all("/<\?php(.*?)\?>/is", $text, $m);
+ − 902
//die('<pre>'.htmlspecialchars(print_r($m, true)).'</pre>');
+ − 903
for($i = 0; $i < sizeof($m[1]); $i++)
+ − 904
{
+ − 905
$text = str_replace("<?php{$m[1][$i]}?>", "{PHPCODE:{$i}:{$seed}}", $text);
+ − 906
}
+ − 907
//die('<pre>'.htmlspecialchars($text).'</pre>');
+ − 908
$text = 'ob_start(); echo \''.str_replace('\'', '\\\'', $text).'\'; $tpl_code = ob_get_contents(); ob_end_clean();';
+ − 909
$text = preg_replace('#<!-- BEGIN (.*?) -->#is', '\'; if(isset($this->tpl_bool[\'\\1\']) && $this->tpl_bool[\'\\1\']) { echo \'', $text);
+ − 910
$text = preg_replace('#<!-- IFSET (.*?) -->#is', '\'; if(isset($this->tpl_strings[\'\\1\'])) { echo \'', $text);
+ − 911
$text = preg_replace('#<!-- IFPLUGIN (.*?) -->#is', '\'; if(getConfig(\'plugin_\\1\')==\'1\') { echo \'', $text);
+ − 912
$text = preg_replace('#<!-- SYSMSG (.*?) -->#is', '\'; echo $template->tplWikiFormat($paths->sysMsg(\'\\1\')); echo \'', $text);
+ − 913
$text = preg_replace('#<!-- BEGINNOT (.*?) -->#is', '\'; if(!$this->tpl_bool[\'\\1\']) { echo \'', $text);
+ − 914
$text = preg_replace('#<!-- BEGINELSE (.*?) -->#is', '\'; } else { echo \'', $text);
+ − 915
$text = preg_replace('#<!-- END (.*?) -->#is', '\'; } echo \'', $text);
+ − 916
$text = preg_replace('#\{([A-z0-9]*)\}#is', '\'.$this->tpl_strings[\'\\1\'].\'', $text);
+ − 917
for($i = 0; $i < sizeof($m[1]); $i++)
+ − 918
{
+ − 919
$text = str_replace("{PHPCODE:{$i}:{$seed}}", "'; {$m[1][$i]} echo '", $text);
+ − 920
}
+ − 921
if(is_writable(ENANO_ROOT.'/cache/') && getConfig('cache_thumbs')=='1')
+ − 922
{
+ − 923
//die($tpl_filename);
+ − 924
$h = fopen($tpl_filename, 'w');
+ − 925
if(!$h) return $text;
+ − 926
$t = addslashes($text);
+ − 927
fwrite($h, '<?php $md5 = \''.$md5.'\'; $tpl_text = \''.$t.'\'; ?>');
+ − 928
fclose($h);
+ − 929
}
+ − 930
return $text; //('<pre>'.htmlspecialchars($text).'</pre>');
+ − 931
}
+ − 932
+ − 933
function compile_template_text($text) {
+ − 934
$seed = md5 ( microtime() . mt_rand() );
+ − 935
preg_match_all("/<\?php(.*?)\?>/is", $text, $m);
+ − 936
//die('<pre>'.htmlspecialchars(print_r($m, true)).'</pre>');
+ − 937
for($i = 0; $i < sizeof($m[1]); $i++)
+ − 938
{
+ − 939
$text = str_replace("<?php{$m[1][$i]}?>", "{PHPCODE:{$i}:{$seed}}", $text);
+ − 940
}
+ − 941
//die('<pre>'.htmlspecialchars($text).'</pre>');
+ − 942
$text = 'ob_start(); echo \''.str_replace('\'', '\\\'', $text).'\'; $tpl_code = ob_get_contents(); ob_end_clean(); return $tpl_code;';
+ − 943
$text = preg_replace('#<!-- BEGIN (.*?) -->#is', '\'; if(isset($this->tpl_bool[\'\\1\']) && $this->tpl_bool[\'\\1\']) { echo \'', $text);
+ − 944
$text = preg_replace('#<!-- IFSET (.*?) -->#is', '\'; if(isset($this->tpl_strings[\'\\1\'])) { echo \'', $text);
+ − 945
$text = preg_replace('#<!-- IFPLUGIN (.*?) -->#is', '\'; if(getConfig(\'plugin_\\1\')==\'1\') { echo \'', $text);
+ − 946
$text = preg_replace('#<!-- SYSMSG (.*?) -->#is', '\'; echo $template->tplWikiFormat($paths->sysMsg(\'\\1\')); echo \'', $text);
+ − 947
$text = preg_replace('#<!-- BEGINNOT (.*?) -->#is', '\'; if(!$this->tpl_bool[\'\\1\']) { echo \'', $text);
+ − 948
$text = preg_replace('#<!-- BEGINELSE (.*?) -->#is', '\'; } else { echo \'', $text);
+ − 949
$text = preg_replace('#<!-- END (.*?) -->#is', '\'; } echo \'', $text);
+ − 950
$text = preg_replace('#\{([A-z0-9]*)\}#is', '\'.$this->tpl_strings[\'\\1\'].\'', $text);
+ − 951
for($i = 0; $i < sizeof($m[1]); $i++)
+ − 952
{
+ − 953
$text = str_replace("{PHPCODE:{$i}:{$seed}}", "'; {$m[1][$i]} echo '", $text);
+ − 954
}
+ − 955
return $text; //('<pre>'.htmlspecialchars($text).'</pre>');
+ − 956
}
+ − 957
+ − 958
function parse($text)
+ − 959
{
+ − 960
$text = $this->compile_template_text($text);
+ − 961
return eval($text);
+ − 962
}
+ − 963
+ − 964
// Steps to turn this:
+ − 965
// [[Project:Community Portal]]
+ − 966
// into this:
+ − 967
// <a href="/Project:Community_Portal">Community Portal</a>
+ − 968
// Must be done WITHOUT creating eval'ed code!!!
+ − 969
+ − 970
// 1. preg_replace \[\[([a-zA-Z0-9 -_:]*?)\]\] with <a href="'.contentPath.'\\1">\\1</a>
+ − 971
// 2. preg_match_all <a href="'.preg_quote(contentPath).'([a-zA-Z0-9 -_:]*?)">
+ − 972
// 3. For each match, replace matches with identifiers
+ − 973
// 4. For each match, str_replace ' ' with '_'
+ − 974
// 5. For each match, str_replace match_id:random_val with $matches[$match_id]
+ − 975
+ − 976
// The template language is really a miniature programming language; with variables, conditionals, everything!
+ − 977
// So you can implement custom logic into your sidebar if you wish.
+ − 978
// "Real" PHP support coming soon :-D
+ − 979
+ − 980
function tplWikiFormat($message, $filter_links = false, $filename = 'elements.tpl') {
+ − 981
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 982
$filter_links = false;
+ − 983
$tplvars = $this->extract_vars($filename);
+ − 984
if($session->sid_super) $as = htmlspecialchars(urlSeparator).'auth='.$session->sid_super;
+ − 985
else $as = '';
+ − 986
error_reporting(E_ALL);
+ − 987
$random_id = sha1(microtime().''); // A temp value
+ − 988
+ − 989
/*
+ − 990
* PREPROCESSOR
+ − 991
*/
+ − 992
+ − 993
// Variables
+ − 994
+ − 995
preg_match_all('#\$([A-Z_-]+)\$#', $message, $links);
+ − 996
$links = $links[1];
+ − 997
+ − 998
for($i=0;$i<sizeof($links);$i++)
+ − 999
{
+ − 1000
$message = str_replace('$'.$links[$i].'$', $this->tpl_strings[$links[$i]], $message);
+ − 1001
}
+ − 1002
+ − 1003
// Conditionals
+ − 1004
+ − 1005
preg_match_all('#\{if ([A-Za-z0-9_ &\|\!-]*)\}(.*?)\{\/if\}#is', $message, $links);
+ − 1006
+ − 1007
for($i=0;$i<sizeof($links[1]);$i++)
+ − 1008
{
+ − 1009
$message = str_replace('{if '.$links[1][$i].'}'.$links[2][$i].'{/if}', '{CONDITIONAL:'.$i.':'.$random_id.'}', $message);
+ − 1010
+ − 1011
// Time for some manual parsing...
+ − 1012
$chk = false;
+ − 1013
$current_id = '';
+ − 1014
$prn_level = 0;
+ − 1015
// Used to keep track of where we are in the conditional
+ − 1016
// Object of the game: turn {if this && ( that OR !something_else )} ... {/if} into if( ( isset($this->tpl_bool['that']) && $this->tpl_bool['that'] ) && ...
+ − 1017
// Method of attack: escape all variables, ignore all else. Non-valid code is filtered out by a regex above.
+ − 1018
$in_var_now = true;
+ − 1019
$in_var_last = false;
+ − 1020
$current_var = '';
+ − 1021
$current_var_start_pos = 0;
+ − 1022
$current_var_end_pos = 0;
+ − 1023
$j = -1;
+ − 1024
$links[1][$i] = $links[1][$i] . ' ';
+ − 1025
$d = strlen($links[1][$i]);
+ − 1026
while($j < $d)
+ − 1027
{
+ − 1028
$j++;
+ − 1029
$in_var_last = $in_var_now;
+ − 1030
+ − 1031
$char = substr($links[1][$i], $j, 1);
+ − 1032
$in_var_now = ( preg_match('#^([A-z0-9_]*){1}$#', $char) ) ? true : false;
+ − 1033
if(!$in_var_last && $in_var_now)
+ − 1034
{
+ − 1035
$current_var_start_pos = $j;
+ − 1036
}
+ − 1037
if($in_var_last && !$in_var_now)
+ − 1038
{
+ − 1039
$current_var_end_pos = $j;
+ − 1040
}
+ − 1041
if($in_var_now)
+ − 1042
{
+ − 1043
$current_var .= $char;
+ − 1044
continue;
+ − 1045
}
+ − 1046
// OK we are not inside of a variable. That means that we JUST hit the end because the counter ($j) will be advanced to the beginning of the next variable once processing here is complete.
+ − 1047
if($char != ' ' && $char != '(' && $char != ')' && $char != 'A' && $char != 'N' && $char != 'D' && $char != 'O' && $char != 'R' && $char != '&' && $char != '|' && $char != '!' && $char != '<' && $char != '>' && $char != '0' && $char != '1' && $char != '2' && $char != '3' && $char != '4' && $char != '5' && $char != '6' && $char != '7' && $char != '8' && $char != '9')
+ − 1048
{
+ − 1049
// XSS attack! Bail out
+ − 1050
echo '<p><b>Error:</b> Syntax error (possibly XSS attack) caught in template code:</p>';
+ − 1051
echo '<pre>';
+ − 1052
echo '{if '.$links[1][$i].'}';
+ − 1053
echo "\n ";
+ − 1054
for($k=0;$k<$j;$k++) echo " ";
+ − 1055
echo '<span style="color: red;">^</span>';
+ − 1056
echo '</pre>';
+ − 1057
continue 2;
+ − 1058
}
+ − 1059
if($current_var != '')
+ − 1060
{
+ − 1061
$cd = '( isset($this->tpl_bool[\''.$current_var.'\']) && $this->tpl_bool[\''.$current_var.'\'] )';
+ − 1062
$cvt = substr($links[1][$i], 0, $current_var_start_pos) . $cd . substr($links[1][$i], $current_var_end_pos, strlen($links[1][$i]));
+ − 1063
$j = $j + strlen($cd) - strlen($current_var);
+ − 1064
$current_var = '';
+ − 1065
$links[1][$i] = $cvt;
+ − 1066
$d = strlen($links[1][$i]);
+ − 1067
}
+ − 1068
}
+ − 1069
$links[1][$i] = substr($links[1][$i], 0, strlen($links[1][$i])-1);
+ − 1070
$links[1][$i] = '$chk = ( '.$links[1][$i].' ) ? true : false;';
+ − 1071
eval($links[1][$i]);
+ − 1072
+ − 1073
if($chk) { // isset($this->tpl_bool[$links[1][$i]]) && $this->tpl_bool[$links[1][$i]]
+ − 1074
if(strstr($links[2][$i], '{else}')) $c = substr($links[2][$i], 0, strpos($links[2][$i], '{else}'));
+ − 1075
else $c = $links[2][$i];
+ − 1076
$message = str_replace('{CONDITIONAL:'.$i.':'.$random_id.'}', $c, $message);
+ − 1077
} else {
+ − 1078
if(strstr($links[2][$i], '{else}')) $c = substr($links[2][$i], strpos($links[2][$i], '{else}')+6, strlen($links[2][$i]));
+ − 1079
else $c = '';
+ − 1080
$message = str_replace('{CONDITIONAL:'.$i.':'.$random_id.'}', $c, $message);
+ − 1081
}
+ − 1082
}
+ − 1083
+ − 1084
preg_match_all('#\{!if ([A-Za-z_-]*)\}(.*?)\{\/if\}#is', $message, $links);
+ − 1085
+ − 1086
for($i=0;$i<sizeof($links[1]);$i++)
+ − 1087
{
+ − 1088
$message = str_replace('{!if '.$links[1][$i].'}'.$links[2][$i].'{/if}', '{CONDITIONAL:'.$i.':'.$random_id.'}', $message);
+ − 1089
if(isset($this->tpl_bool[$links[1][$i]]) && $this->tpl_bool[$links[1][$i]]) {
+ − 1090
if(strstr($links[2][$i], '{else}')) $c = substr($links[2][$i], strpos($links[2][$i], '{else}')+6, strlen($links[2][$i]));
+ − 1091
else $c = '';
+ − 1092
$message = str_replace('{CONDITIONAL:'.$i.':'.$random_id.'}', $c, $message);
+ − 1093
} else {
+ − 1094
if(strstr($links[2][$i], '{else}')) $c = substr($links[2][$i], 0, strpos($links[2][$i], '{else}'));
+ − 1095
else $c = $links[2][$i];
+ − 1096
$message = str_replace('{CONDITIONAL:'.$i.':'.$random_id.'}', $c, $message);
+ − 1097
}
+ − 1098
}
+ − 1099
+ − 1100
/*
+ − 1101
* HTML RENDERER
+ − 1102
*/
+ − 1103
+ − 1104
// Images
+ − 1105
$j = preg_match_all('#\[\[:'.$paths->nslist['File'].'([\w\s0-9_\(\)!@%\^\+\|\.-]+?)\]\]#is', $message, $matchlist);
+ − 1106
$matches = Array();
+ − 1107
$matches['images'] = $matchlist[1];
+ − 1108
for($i=0;$i<sizeof($matchlist[1]);$i++)
+ − 1109
{
+ − 1110
if(isPage($paths->nslist['File'].$matches['images'][$i]))
+ − 1111
{
+ − 1112
$message = str_replace('[[:'.$paths->nslist['File'].$matches['images'][$i].']]',
+ − 1113
'<img alt="'.$matches['images'][$i].'" style="border: 0" src="'.makeUrlNS('Special', 'DownloadFile/'.$matches['images'][$i]).'" />',
+ − 1114
$message);
+ − 1115
}
+ − 1116
}
+ − 1117
+ − 1118
// Internal links
+ − 1119
+ − 1120
$text_parser = $this->makeParserText($tplvars['sidebar_button']);
+ − 1121
+ − 1122
preg_match_all('#\[\[([a-zA-Z0-9 -_]*?)\]\]#is', $message, $il);
+ − 1123
for($i=0;$i<sizeof($il[1]);$i++)
+ − 1124
{
+ − 1125
$href = makeUrl(str_replace(' ', '_', $il[1][$i]), null, true);
+ − 1126
$text_parser->assign_vars(Array(
+ − 1127
'HREF' => $href,
+ − 1128
'FLAGS' => '',
+ − 1129
'TEXT' => $il[1][$i]
+ − 1130
));
+ − 1131
$message = str_replace("[[{$il[1][$i]}]]", $text_parser->run(), $message);
+ − 1132
}
+ − 1133
+ − 1134
preg_match_all('#\[\[([a-zA-Z0-9 -_]*?)\|([a-zA-Z0-9!@\#\$%\^&\*\(\)\{\} -_]*?)\]\]#is', $message, $il);
+ − 1135
for($i=0;$i<sizeof($il[1]);$i++)
+ − 1136
{
+ − 1137
$href = makeUrl(str_replace(' ', '_', $il[1][$i]), null, true);
+ − 1138
$text_parser->assign_vars(Array(
+ − 1139
'HREF' => $href,
+ − 1140
'FLAGS' => '',
+ − 1141
'TEXT' => $il[2][$i]
+ − 1142
));
+ − 1143
$message = str_replace("[[{$il[1][$i]}|{$il[2][$i]}]]", $text_parser->run(), $message);
+ − 1144
}
+ − 1145
+ − 1146
// External links
+ − 1147
$message = preg_replace('#\[(http|ftp|irc):\/\/([a-z0-9\/:_\.\?&%\#@_\\\\-]+?)\\ ([^\]]+)]#', '<a href="\\1://\\2">\\3</a><br style="display: none;" />', $message);
+ − 1148
$message = preg_replace('#\[(http|ftp|irc):\/\/([a-z0-9\/:_\.\?&%\#@_\\\\-]+?)\\]#', '<a href="\\1://\\2">\\1://\\2</a><br style="display: none;" />', $message);
+ − 1149
+ − 1150
$parser1 = $this->makeParserText($tplvars['sidebar_section']);
+ − 1151
$parser2 = $this->makeParserText($tplvars['sidebar_section_raw']);
+ − 1152
+ − 1153
preg_match_all('#\{slider(2|)=(.*?)\}(.*?)\{\/slider(2|)\}#is', $message, $sb);
+ − 1154
+ − 1155
// Modified to support the sweet new template var system
+ − 1156
for($i=0;$i<sizeof($sb[1]);$i++)
+ − 1157
{
+ − 1158
$p = ($sb[1][$i] == '2') ? $parser2 : $parser1;
+ − 1159
$p->assign_vars(Array('TITLE'=>$sb[2][$i],'CONTENT'=>$sb[3][$i]));
+ − 1160
$message = str_replace("{slider{$sb[1][$i]}={$sb[2][$i]}}{$sb[3][$i]}{/slider{$sb[4][$i]}}", $p->run(), $message);
+ − 1161
}
+ − 1162
+ − 1163
/*
+ − 1164
Extras ;-)
+ − 1165
$message = preg_replace('##is', '', $message);
+ − 1166
$message = preg_replace('##is', '', $message);
+ − 1167
$message = preg_replace('##is', '', $message);
+ − 1168
$message = preg_replace('##is', '', $message);
+ − 1169
$message = preg_replace('##is', '', $message);
+ − 1170
*/
+ − 1171
+ − 1172
//die('<pre>'.htmlspecialchars($message).'</pre>');
+ − 1173
//eval($message); exit;
+ − 1174
return $message;
+ − 1175
}
+ − 1176
+ − 1177
/**
+ − 1178
* Print a text field that auto-completes a username entered into it.
+ − 1179
* @param string $name - the name of the form field
+ − 1180
* @return string
+ − 1181
*/
+ − 1182
+ − 1183
function username_field($name, $value = false)
+ − 1184
{
+ − 1185
$randomid = md5( time() . microtime() . mt_rand() );
+ − 1186
$text = '<input name="'.$name.'" onkeyup="ajaxUserNameComplete(this)" autocomplete="off" type="text" size="30" id="userfield_'.$randomid.'"';
+ − 1187
if($value) $text .= ' value="'.$value.'"';
+ − 1188
$text .= ' />';
+ − 1189
return $text;
+ − 1190
}
+ − 1191
+ − 1192
/**
+ − 1193
* Print a text field that auto-completes a page name entered into it.
+ − 1194
* @param string $name - the name of the form field
+ − 1195
* @return string
+ − 1196
*/
+ − 1197
+ − 1198
function pagename_field($name, $value = false)
+ − 1199
{
+ − 1200
$randomid = md5( time() . microtime() . mt_rand() );
+ − 1201
$text = '<input name="'.$name.'" onkeyup="ajaxPageNameComplete(this)" type="text" size="30" id="pagefield_'.$randomid.'"';
+ − 1202
if($value) $text .= ' value="'.$value.'"';
+ − 1203
$text .= ' />';
+ − 1204
$text .= '<script type="text/javascript">
+ − 1205
var inp = document.getElementById(\'pagefield_' . $randomid . '\');
+ − 1206
var f = get_parent_form(inp);
+ − 1207
if ( f )
+ − 1208
{
+ − 1209
if ( typeof(f.onsubmit) != \'function\' )
+ − 1210
{
+ − 1211
f.onsubmit = function() {
+ − 1212
if ( !submitAuthorized )
+ − 1213
{
+ − 1214
return false;
+ − 1215
}
+ − 1216
}
+ − 1217
}
+ − 1218
}</script>';
+ − 1219
return $text;
+ − 1220
}
+ − 1221
+ − 1222
/**
+ − 1223
* Sends a textarea that can be converted to and from a TinyMCE widget on the fly.
+ − 1224
* @param string The name of the form element
+ − 1225
* @param string The initial content. Optional, defaults to blank
+ − 1226
* @param int Rows in textarea
+ − 1227
* @param int Columns in textarea
+ − 1228
* @return string HTML and Javascript code.
+ − 1229
*/
+ − 1230
+ − 1231
function tinymce_textarea($name, $content = '', $rows = 20, $cols = 60)
+ − 1232
{
+ − 1233
$randomid = md5(microtime() . mt_rand());
+ − 1234
$html = '';
+ − 1235
$html .= '<textarea name="' . $name . '" rows="'.$rows.'" cols="'.$cols.'" style="width: 100%;" id="toggleMCEroot_'.$randomid.'">' . $content . '</textarea>';
+ − 1236
$html .= '<div style="float: right; display: table;" id="mceSwitchAgent_' . $randomid . '">text editor | <a href="#" onclick="toggleMCE_'.$randomid.'(); return false;">graphical editor</a></div>';
+ − 1237
$html .= '<script type="text/javascript">
+ − 1238
// <![CDATA[
+ − 1239
function toggleMCE_'.$randomid.'()
+ − 1240
{
+ − 1241
var the_obj = document.getElementById(\'toggleMCEroot_' . $randomid . '\');
+ − 1242
var panel = document.getElementById(\'mceSwitchAgent_' . $randomid . '\');
+ − 1243
if ( the_obj.dnIsMCE == "yes" )
+ − 1244
{
+ − 1245
$dynano(the_obj).destroyMCE();
+ − 1246
panel.innerHTML = \'text editor | <a href="#" onclick="toggleMCE_'.$randomid.'(); return false;">graphical editor</a>\';
+ − 1247
}
+ − 1248
else
+ − 1249
{
+ − 1250
$dynano(the_obj).switchToMCE();
+ − 1251
panel.innerHTML = \'<a href="#" onclick="toggleMCE_'.$randomid.'(); return false;">text editor</a> | graphical editor\';
+ − 1252
}
+ − 1253
}
+ − 1254
// ]]>
+ − 1255
</script>';
+ − 1256
return $html;
+ − 1257
}
+ − 1258
+ − 1259
/**
+ − 1260
* Allows individual parsing of template files. Similar to phpBB but follows the spirit of object-oriented programming ;)
+ − 1261
* Returns on object of class templateIndividual. Usage instructions can be found in the inline docs for that class.
+ − 1262
* @param $filename the filename of the template to be parsed
+ − 1263
* @return object
+ − 1264
*/
+ − 1265
+ − 1266
function makeParser($filename)
+ − 1267
{
+ − 1268
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1269
$filename = ENANO_ROOT.'/themes/'.$template->theme.'/'.$filename;
+ − 1270
if(!file_exists($filename)) die('templateIndividual: file '.$filename.' does not exist');
+ − 1271
$code = file_get_contents($filename);
+ − 1272
$parser = new templateIndividual($code);
+ − 1273
return $parser;
+ − 1274
}
+ − 1275
+ − 1276
/**
+ − 1277
* Same as $template->makeParser(), but takes a string instead of a filename.
+ − 1278
* @param $text the text to parse
+ − 1279
* @return object
+ − 1280
*/
+ − 1281
+ − 1282
function makeParserText($code)
+ − 1283
{
+ − 1284
$parser = new templateIndividual($code);
+ − 1285
return $parser;
+ − 1286
}
+ − 1287
+ − 1288
/**
+ − 1289
* Fetch the HTML for a plugin-added sidebar block
+ − 1290
* @param $name the plugin name
+ − 1291
* @return string
+ − 1292
*/
+ − 1293
+ − 1294
function fetch_block($id)
+ − 1295
{
+ − 1296
if(isset($this->plugin_blocks[$id])) return $this->plugin_blocks[$id];
+ − 1297
else return false;
+ − 1298
}
+ − 1299
+ − 1300
/**
+ − 1301
* Fetches the contents of both sidebars.
+ − 1302
* @return array - key 0 is left, key 1 is right
+ − 1303
* @example list($left, $right) = $template->fetch_sidebar();
+ − 1304
*/
+ − 1305
+ − 1306
function fetch_sidebar()
+ − 1307
{
+ − 1308
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1309
+ − 1310
$left = '';
+ − 1311
$right = '';
+ − 1312
+ − 1313
if ( !$this->fetch_block('Links') )
+ − 1314
$this->initLinksWidget();
+ − 1315
+ − 1316
$q = $db->sql_query('SELECT item_id,sidebar_id,block_name,block_type,block_content FROM '.table_prefix.'sidebar WHERE item_enabled=1 ORDER BY sidebar_id ASC, item_order ASC;');
+ − 1317
if(!$q) $db->_die('The sidebar text data could not be selected.');
+ − 1318
+ − 1319
$vars = $this->extract_vars('elements.tpl');
+ − 1320
+ − 1321
if(isset($vars['sidebar_top']))
+ − 1322
{
+ − 1323
$left .= $this->parse($vars['sidebar_top']);
+ − 1324
$right .= $this->parse($vars['sidebar_top']);
+ − 1325
}
+ − 1326
while($row = $db->fetchrow())
+ − 1327
{
+ − 1328
switch($row['block_type'])
+ − 1329
{
+ − 1330
case BLOCK_WIKIFORMAT:
+ − 1331
default:
+ − 1332
$parser = $this->makeParserText($vars['sidebar_section']);
+ − 1333
$c = RenderMan::render($row['block_content']);
+ − 1334
break;
+ − 1335
case BLOCK_TEMPLATEFORMAT:
+ − 1336
$parser = $this->makeParserText($vars['sidebar_section']);
+ − 1337
$c = $this->tplWikiFormat($row['block_content']);
+ − 1338
break;
+ − 1339
case BLOCK_HTML:
+ − 1340
$parser = $this->makeParserText($vars['sidebar_section_raw']);
+ − 1341
$c = $row['block_content'];
+ − 1342
break;
+ − 1343
case BLOCK_PHP:
+ − 1344
$parser = $this->makeParserText($vars['sidebar_section_raw']);
+ − 1345
ob_start();
+ − 1346
@eval($row['block_content']);
+ − 1347
$c = ob_get_contents();
+ − 1348
ob_end_clean();
+ − 1349
break;
+ − 1350
case BLOCK_PLUGIN:
+ − 1351
$parser = $this->makeParserText($vars['sidebar_section_raw']);
+ − 1352
$c = (gettype($this->fetch_block($row['block_content'])) == 'string') ? $this->fetch_block($row['block_content']) : 'Can\'t find plugin block';
+ − 1353
break;
+ − 1354
}
+ − 1355
$parser->assign_vars(Array( 'TITLE'=>$this->tplWikiFormat($row['block_name']), 'CONTENT'=>$c ));
+ − 1356
if ($row['sidebar_id'] == SIDEBAR_LEFT ) $left .= $parser->run();
+ − 1357
elseif($row['sidebar_id'] == SIDEBAR_RIGHT) $right .= $parser->run();
+ − 1358
unset($parser);
+ − 1359
}
+ − 1360
$db->free_result();
+ − 1361
if(isset($vars['sidebar_bottom']))
+ − 1362
{
+ − 1363
$left .= $this->parse($vars['sidebar_bottom']);
+ − 1364
$right .= $this->parse($vars['sidebar_bottom']);
+ − 1365
}
+ − 1366
$min = '';
+ − 1367
if(isset($vars['sidebar_top']))
+ − 1368
{
+ − 1369
$min .= $this->parse($vars['sidebar_top']);
+ − 1370
}
+ − 1371
if(isset($vars['sidebar_bottom']))
+ − 1372
{
+ − 1373
$min .= $this->parse($vars['sidebar_bottom']);
+ − 1374
}
+ − 1375
return Array($left, $right, $min);
+ − 1376
}
+ − 1377
+ − 1378
function initLinksWidget()
+ − 1379
{
+ − 1380
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1381
// SourceForge/W3C buttons
+ − 1382
$ob = Array();
27
dd659f6ba891
Converting all tables on new installations to UTF-8; this may break MySQL 4.0 compatibility; several minor cosmetic fixes; set Powered button under Links to "on" by default
Dan
diff
changeset
+ − 1383
$admintitle = ( $session->user_level >= USER_LEVEL_ADMIN ) ? 'title="You may disable this button in the admin panel under General Configuration."' : '';
1
+ − 1384
if(getConfig('sflogo_enabled')=='1')
+ − 1385
{
+ − 1386
$ob[] = '<a style="text-align: center;" href="http://sourceforge.net/" onclick="window.open(this.href);return false;"><img style="border-width: 0px;" alt="SourceForge.net Logo" src="http://sflogo.sourceforge.net/sflogo.php?group_id='.getConfig('sflogo_groupid').'&type='.getConfig('sflogo_type').'" /></a>';
+ − 1387
}
+ − 1388
if(getConfig('w3c_v32') =='1') $ob[] = '<a style="text-align: center;" href="http://validator.w3.org/check?uri=referer" onclick="window.open(this.href);return false;"><img style="border: 0px solid #FFFFFF;" alt="Valid HTML 3.2" src="http://www.w3.org/Icons/valid-html32" /></a>';
+ − 1389
if(getConfig('w3c_v40') =='1') $ob[] = '<a style="text-align: center;" href="http://validator.w3.org/check?uri=referer" onclick="window.open(this.href);return false;"><img style="border: 0px solid #FFFFFF;" alt="Valid HTML 4.0" src="http://www.w3.org/Icons/valid-html40" /></a>';
+ − 1390
if(getConfig('w3c_v401') =='1') $ob[] = '<a style="text-align: center;" href="http://validator.w3.org/check?uri=referer" onclick="window.open(this.href);return false;"><img style="border: 0px solid #FFFFFF;" alt="Valid HTML 4.01" src="http://www.w3.org/Icons/valid-html401" /></a>';
+ − 1391
if(getConfig('w3c_vxhtml10')=='1') $ob[] = '<a style="text-align: center;" href="http://validator.w3.org/check?uri=referer" onclick="window.open(this.href);return false;"><img style="border: 0px solid #FFFFFF;" alt="Valid XHTML 1.0" src="http://www.w3.org/Icons/valid-xhtml10" /></a>';
+ − 1392
if(getConfig('w3c_vxhtml11')=='1') $ob[] = '<a style="text-align: center;" href="http://validator.w3.org/check?uri=referer" onclick="window.open(this.href);return false;"><img style="border: 0px solid #FFFFFF;" alt="Valid XHTML 1.1" src="http://www.w3.org/Icons/valid-xhtml11" /></a>';
+ − 1393
if(getConfig('w3c_vcss') =='1') $ob[] = '<a style="text-align: center;" href="http://validator.w3.org/check?uri=referer" onclick="window.open(this.href);return false;"><img style="border: 0px solid #FFFFFF;" alt="Valid CSS" src="http://www.w3.org/Icons/valid-css" /></a>';
+ − 1394
if(getConfig('dbd_button') =='1') $ob[] = '<a style="text-align: center;" href="http://www.defectivebydesign.org/join/button" onclick="window.open(this.href);return false;"><img style="border: 0px solid #FFFFFF;" alt="DRM technology restricts what you can do with your computer" src="http://defectivebydesign.org/sites/nodrm.civicactions.net/files/images/dbd_sm_btn.gif" /><br /><small>Protect your freedom >></small></a>';
+ − 1395
+ − 1396
$code = $plugins->setHook('links_widget');
+ − 1397
foreach ( $code as $cmd )
+ − 1398
{
+ − 1399
eval($cmd);
+ − 1400
}
+ − 1401
53
+ − 1402
if(count($ob) > 0) $sb_links = '<div style="text-align: center; padding: 5px 0;">'. ( ( getConfig('powered_btn') == '1' ) ? $this->fading_button : '' ) . implode('<br />', $ob).'</div>';
1
+ − 1403
else $sb_links = '';
+ − 1404
+ − 1405
$this->sidebar_widget('Links', $sb_links);
+ − 1406
}
+ − 1407
+ − 1408
/**
+ − 1409
* Builds a box showing unread private messages.
+ − 1410
*/
+ − 1411
+ − 1412
function notify_unread_pms()
+ − 1413
{
+ − 1414
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1415
if ( ( $paths->cpage['urlname_nons'] == 'PrivateMessages' || $paths->cpage['urlname_nons'] == 'Preferences' ) && $paths->namespace == 'Special' )
+ − 1416
{
+ − 1417
return '';
+ − 1418
}
+ − 1419
$ob = '<div class="usermessage">'."\n";
+ − 1420
$s = ( $session->unread_pms == 1 ) ? '' : 's';
+ − 1421
$ob .= " <b>You have $session->unread_pms <a href=" . '"' . makeUrlNS('Special', 'PrivateMessages' ) . '"' . ">unread private message$s</a>.</b><br />\n Messages: ";
+ − 1422
$q = $db->sql_query('SELECT message_id,message_from,subject,date FROM '.table_prefix.'privmsgs WHERE message_to=\'' . $session->username . '\' AND message_read=0 ORDER BY date DESC;');
+ − 1423
if ( !$q )
+ − 1424
$db->_die();
+ − 1425
$messages = array();
+ − 1426
while ( $row = $db->fetchrow() )
+ − 1427
{
+ − 1428
$messages[] = '<a href="' . makeUrlNS('Special', 'PrivateMessages/View/' . $row['message_id']) . '" title="Sent ' . date('F d, Y h:i a', $row['date']) . ' by ' . $row['message_from'] . '">' . $row['subject'] . '</a>';
+ − 1429
}
+ − 1430
$ob .= implode(",\n " , $messages)."\n";
+ − 1431
$ob .= '</div>'."\n";
+ − 1432
return $ob;
+ − 1433
}
+ − 1434
+ − 1435
} // class template
+ − 1436
+ − 1437
/**
+ − 1438
* Handles parsing of an individual template file. Instances should only be created through $template->makeParser(). To use:
+ − 1439
* - Call $template->makeParser(template file name) - file name should be something.tpl, css/whatever.css, etc.
+ − 1440
* - Make an array of strings you want the template to access. $array['STRING'] would be referenced in the template like {STRING}
+ − 1441
* - Make an array of boolean values. These can be used for conditionals in the template (<!-- IF something --> whatever <!-- ENDIF something -->)
+ − 1442
* - Call assign_vars() to pass the strings to the template parser. Same thing with assign_bool().
+ − 1443
* - Call run() to parse the template and get your fully compiled HTML.
+ − 1444
* @access private
+ − 1445
*/
+ − 1446
+ − 1447
class templateIndividual extends template {
+ − 1448
var $tpl_strings, $tpl_bool, $tpl_code;
+ − 1449
var $compiled = false;
+ − 1450
/**
+ − 1451
* Constructor.
+ − 1452
*/
+ − 1453
function __construct($text)
+ − 1454
{
+ − 1455
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1456
$this->tpl_code = $text;
+ − 1457
$this->tpl_strings = $template->tpl_strings;
+ − 1458
$this->tpl_bool = $template->tpl_bool;
+ − 1459
}
+ − 1460
/**
+ − 1461
* PHP 4 constructor.
+ − 1462
*/
+ − 1463
function templateIndividual($text)
+ − 1464
{
+ − 1465
$this->__construct($text);
+ − 1466
}
+ − 1467
/**
+ − 1468
* Assigns an array of string values to the template. Strings can be accessed from the template by inserting {KEY_NAME} in the template file.
+ − 1469
* @param $vars array
+ − 1470
*/
+ − 1471
function assign_vars($vars)
+ − 1472
{
+ − 1473
$this->tpl_strings = array_merge($this->tpl_strings, $vars);
+ − 1474
}
+ − 1475
/**
+ − 1476
* Assigns an array of boolean values to the template. These can be used for <!-- IF ... --> statements.
+ − 1477
* @param $vars array
+ − 1478
*/
+ − 1479
function assign_bool($vars)
+ − 1480
{
+ − 1481
$this->tpl_bool = array_merge($this->tpl_bool, $vars);
+ − 1482
}
+ − 1483
/**
+ − 1484
* Compiles and executes the template code.
+ − 1485
* @return string
+ − 1486
*/
+ − 1487
function run()
+ − 1488
{
+ − 1489
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1490
if(!$this->compiled)
+ − 1491
{
+ − 1492
$this->tpl_code = $this->compile_template_text($this->tpl_code);
+ − 1493
$this->compiled = true;
+ − 1494
}
+ − 1495
return eval($this->tpl_code);
+ − 1496
}
+ − 1497
}
+ − 1498
+ − 1499
/**
+ − 1500
* A version of the template compiler that does not rely at all on the other parts of Enano. Used during installation and for showing
+ − 1501
* "critical error" messages. ** REQUIRES ** the Oxygen theme.
+ − 1502
*/
+ − 1503
+ − 1504
class template_nodb {
+ − 1505
var $tpl_strings, $tpl_bool, $theme, $style, $no_headers, $additional_headers, $sidebar_extra, $sidebar_widgets, $toolbar_menu, $theme_list;
+ − 1506
function __construct() {
+ − 1507
+ − 1508
$this->tpl_bool = Array();
+ − 1509
$this->tpl_strings = Array();
+ − 1510
$this->sidebar_extra = '';
+ − 1511
$this->sidebar_widgets = '';
+ − 1512
$this->toolbar_menu = '';
+ − 1513
$this->additional_headers = '';
+ − 1514
+ − 1515
$this->theme_list = Array(Array(
+ − 1516
'theme_id'=>'oxygen',
+ − 1517
'theme_name'=>'Oxygen',
+ − 1518
'theme_order'=>1,
+ − 1519
'enabled'=>1,
+ − 1520
));
+ − 1521
}
+ − 1522
function template() {
+ − 1523
$this->__construct();
+ − 1524
}
+ − 1525
function get_css($s = false) {
+ − 1526
if($s)
+ − 1527
return $this->process_template('css/'.$s);
+ − 1528
else
+ − 1529
return $this->process_template('css/'.$this->style.'.css');
+ − 1530
}
+ − 1531
function load_theme($name, $css, $auto_init = true) {
+ − 1532
$this->theme = $name;
+ − 1533
$this->style = $css;
+ − 1534
+ − 1535
$this->tpl_strings['SCRIPTPATH'] = scriptPath;
+ − 1536
if ( $auto_init )
+ − 1537
$this->init_vars();
+ − 1538
}
+ − 1539
function init_vars()
+ − 1540
{
+ − 1541
global $sideinfo;
+ − 1542
global $this_page;
+ − 1543
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1544
$tplvars = $this->extract_vars('elements.tpl');
+ − 1545
$tb = '';
+ − 1546
// Get the "article" button text (depends on namespace)
+ − 1547
if(defined('IN_ENANO_INSTALL')) $ns = 'installation page';
+ − 1548
else $ns = 'system error page';
+ − 1549
$t = str_replace('{FLAGS}', 'onclick="return false;" title="Hey! A button that doesn\'t do anything. Clever..." accesskey="a"', $tplvars['toolbar_button']);
+ − 1550
$t = str_replace('{HREF}', '#', $t);
+ − 1551
$t = str_replace('{TEXT}', $ns, $t);
+ − 1552
$tb .= $t;
+ − 1553
+ − 1554
// Page toolbar
+ − 1555
+ − 1556
$this->tpl_bool = Array(
+ − 1557
'auth_admin'=>true,
+ − 1558
'user_logged_in'=>true,
+ − 1559
'right_sidebar'=>false,
+ − 1560
);
+ − 1561
$this->tpl_bool['in_sidebar_admin'] = false;
+ − 1562
+ − 1563
$this->tpl_bool['auth_rename'] = false;
+ − 1564
+ − 1565
$asq = $asa = '';
+ − 1566
+ − 1567
$this->tpl_bool['fixed_menus'] = false;
+ − 1568
$slink = defined('IN_ENANO_INSTALL') ? scriptPath.'/install.php?mode=css' : makeUrlNS('Special', 'CSS');
+ − 1569
+ − 1570
$title = ( is_object($paths) ) ? $paths->page : 'Critical error';
+ − 1571
+ − 1572
// The rewritten template engine will process all required vars during the load_template stage instead of (cough) re-processing everything each time around.
+ − 1573
$tpl_strings = Array(
+ − 1574
'PAGE_NAME'=>$this_page,
+ − 1575
'PAGE_URLNAME'=>'Null',
+ − 1576
'SITE_NAME'=>'Enano Installation',
+ − 1577
'USERNAME'=>'admin',
+ − 1578
'SITE_DESC'=>'Install Enano on your server.',
+ − 1579
'TOOLBAR'=>$tb,
+ − 1580
'SCRIPTPATH'=>scriptPath,
+ − 1581
'CONTENTPATH'=>contentPath,
+ − 1582
'ADMIN_SID_QUES'=>$asq,
+ − 1583
'ADMIN_SID_AMP'=>$asa,
+ − 1584
'ADMIN_SID_AMP_HTML'=>'',
+ − 1585
'ADDITIONAL_HEADERS'=>'<style type="text/css">div.pagenav { border-top: 1px solid #CCC; padding-top: 7px; margin-top: 10px; }</style>',
+ − 1586
'SIDEBAR_EXTRA'=>'',
+ − 1587
'COPYRIGHT'=>'Enano and all of its code, graphics, and more code is copyright © 2006 Dan Fuhry.<br />This program is Free Software; see the file "GPL" included with this package for details.',
+ − 1588
'TOOLBAR_EXTRAS'=>'',
+ − 1589
'REQUEST_URI'=>$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'],
+ − 1590
'STYLE_LINK'=>$slink,
+ − 1591
'LOGOUT_LINK'=>'',
+ − 1592
'THEME_LINK'=>'',
+ − 1593
'TEMPLATE_DIR'=>scriptPath.'/themes/'.$this->theme,
+ − 1594
'THEME_ID'=>$this->theme,
+ − 1595
'STYLE_ID'=>$this->style,
+ − 1596
'JS_DYNAMIC_VARS'=>'<script type="text/javascript">var title="'. $title .'"; var scriptPath="'.scriptPath.'"; var ENANO_SID=""; var AES_BITS='.AES_BITS.'; var AES_BLOCKSIZE=' . AES_BLOCKSIZE . '; var pagepass=\'\';</script>',
+ − 1597
'SIDEBAR_RIGHT'=>'',
+ − 1598
);
+ − 1599
$this->tpl_strings = array_merge($tpl_strings, $this->tpl_strings);
+ − 1600
+ − 1601
$sidebar = ( gettype($sideinfo) == 'string' ) ? $sideinfo : '';
+ − 1602
if($sidebar != '')
+ − 1603
{
+ − 1604
if(isset($tplvars['sidebar_top']))
+ − 1605
{
+ − 1606
$text = $this->makeParserText($tplvars['sidebar_top']);
+ − 1607
$top = $text->run();
+ − 1608
} else {
+ − 1609
$top = '';
+ − 1610
}
+ − 1611
$p = $this->makeParserText($tplvars['sidebar_section']);
+ − 1612
$p->assign_vars(Array(
+ − 1613
'TITLE'=>'Installation progress',
+ − 1614
'CONTENT'=>$sidebar,
+ − 1615
));
+ − 1616
$sidebar = $p->run();
+ − 1617
if(isset($tplvars['sidebar_bottom']))
+ − 1618
{
+ − 1619
$text = $this->makeParserText($tplvars['sidebar_bottom']);
+ − 1620
$bottom = $text->run();
+ − 1621
} else {
+ − 1622
$bottom = '';
+ − 1623
}
+ − 1624
$sidebar = $top . $sidebar . $bottom;
+ − 1625
}
+ − 1626
$this->tpl_strings['SIDEBAR_LEFT'] = $sidebar;
+ − 1627
+ − 1628
$this->tpl_bool['sidebar_left'] = ( $this->tpl_strings['SIDEBAR_LEFT'] != '') ? true : false;
+ − 1629
$this->tpl_bool['sidebar_right'] = ( $this->tpl_strings['SIDEBAR_RIGHT'] != '') ? true : false;
+ − 1630
$this->tpl_bool['right_sidebar'] = $this->tpl_bool['sidebar_right']; // backward compatibility
+ − 1631
$this->tpl_bool['stupid_mode'] = true;
+ − 1632
}
+ − 1633
function header()
+ − 1634
{
+ − 1635
if(!$this->no_headers) echo $this->process_template('header.tpl');
+ − 1636
}
+ − 1637
function footer()
+ − 1638
{
+ − 1639
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1640
if(!$this->no_headers) {
+ − 1641
global $_starttime;
+ − 1642
$f = microtime(true);
+ − 1643
$f = $f - $_starttime;
+ − 1644
$f = round($f, 4);
+ − 1645
if(defined('IN_ENANO_INSTALL')) $nq = 'N/A';
+ − 1646
else $nq = $db->num_queries;
+ − 1647
if($nq == 0) $nq = 'N/A';
+ − 1648
$dbg = 'Time: '.$f.'s | Queries: '.$nq;
+ − 1649
$t = $this->process_template('footer.tpl');
+ − 1650
$t = str_replace('[[Stats]]', $dbg, $t);
+ − 1651
echo $t;
+ − 1652
}
+ − 1653
else return '';
+ − 1654
}
+ − 1655
function getHeader()
+ − 1656
{
+ − 1657
if(!$this->no_headers) return $this->process_template('header.tpl');
+ − 1658
else return '';
+ − 1659
}
+ − 1660
function getFooter()
+ − 1661
{
+ − 1662
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1663
if(!$this->no_headers) {
+ − 1664
global $_starttime;
+ − 1665
$f = microtime(true);
+ − 1666
$f = $f - $_starttime;
+ − 1667
$f = round($f, 4);
+ − 1668
if(defined('IN_ENANO_INSTALL')) $nq = 'N/A';
+ − 1669
else $nq = $db->num_queries;
+ − 1670
if($nq == 0) $nq = 'N/A';
+ − 1671
$dbg = 'Time: '.$f.'s | Queries: '.$nq;
+ − 1672
if($nq == 0) $nq = 'N/A';
+ − 1673
$t = $this->process_template('footer.tpl');
+ − 1674
$t = str_replace('[[Stats]]', $dbg, $t);
+ − 1675
return $t;
+ − 1676
}
+ − 1677
else return '';
+ − 1678
}
+ − 1679
+ − 1680
function process_template($file) {
+ − 1681
+ − 1682
eval($this->compile_template($file));
+ − 1683
return $tpl_code;
+ − 1684
}
+ − 1685
+ − 1686
function extract_vars($file) {
+ − 1687
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1688
if(!is_file(ENANO_ROOT . '/themes/'.$this->theme.'/'.$file)) die('Cannot find '.$file.' file for style "'.$this->theme.'", exiting');
+ − 1689
$text = file_get_contents(ENANO_ROOT . '/themes/'.$this->theme.'/'.$file);
+ − 1690
preg_match_all('#<\!-- VAR ([A-z0-9_-]*) -->(.*?)<\!-- ENDVAR \\1 -->#is', $text, $matches);
+ − 1691
$tplvars = Array();
+ − 1692
for($i=0;$i<sizeof($matches[1]);$i++)
+ − 1693
{
+ − 1694
$tplvars[$matches[1][$i]] = $matches[2][$i];
+ − 1695
}
+ − 1696
return $tplvars;
+ − 1697
}
+ − 1698
function compile_template($text) {
+ − 1699
global $sideinfo;
+ − 1700
$text = file_get_contents(ENANO_ROOT . '/themes/'.$this->theme.'/'.$text);
+ − 1701
$text = str_replace('<script type="text/javascript" src="{SCRIPTPATH}/ajax.php?title={PAGE_URLNAME}&_mode=jsres"></script>', '', $text); // Remove the AJAX code - we don't need it, and it requires a database connection
+ − 1702
$text = '$tpl_code = \''.str_replace('\'', '\\\'', $text).'\'; return $tpl_code;';
+ − 1703
$text = preg_replace('#<!-- BEGIN (.*?) -->#is', '\'; if($this->tpl_bool[\'\\1\']) { $tpl_code .= \'', $text);
+ − 1704
$text = preg_replace('#<!-- IFPLUGIN (.*?) -->#is', '\'; if(getConfig(\'plugin_\\1\')==\'1\') { $tpl_code .= \'', $text);
+ − 1705
if(defined('IN_ENANO_INSTALL')) $text = str_replace('<!-- SYSMSG Sidebar -->', '<div class="slider"><div class="heading"><a class="head">Installation progress</a></div><div class="slideblock">'.$sideinfo.'</div></div>', $text);
+ − 1706
else $text = str_replace('<!-- SYSMSG Sidebar -->', '<div class="slider"><div class="heading"><a class="head">System error</a></div><div class="slideblock"><a href="#" onclick="return false;">Enano critical error page</a></div></div>', $text);
+ − 1707
$text = preg_replace('#<!-- SYSMSG (.*?) -->#is', '', $text);
+ − 1708
$text = preg_replace('#<!-- BEGINNOT (.*?) -->#is', '\'; if(!$this->tpl_bool[\'\\1\']) { $tpl_code .= \'', $text);
+ − 1709
$text = preg_replace('#<!-- BEGINELSE (.*?) -->#is', '\'; } else { $tpl_code .= \'', $text);
+ − 1710
$text = preg_replace('#<!-- END (.*?) -->#is', '\'; } $tpl_code .= \'', $text);
+ − 1711
$text = preg_replace('#{([A-z0-9]*)}#is', '\'.$this->tpl_strings[\'\\1\'].\'', $text);
+ − 1712
return $text; //('<pre>'.htmlspecialchars($text).'</pre>');
+ − 1713
}
+ − 1714
+ − 1715
function compile_template_text($text) {
+ − 1716
global $sideinfo;
+ − 1717
$text = str_replace('<script type="text/javascript" src="{SCRIPTPATH}/ajax.php?title={PAGE_URLNAME}&_mode=jsres"></script>', '', $text); // Remove the AJAX code - we don't need it, and it requires a database connection
+ − 1718
$text = '$tpl_code = \''.str_replace('\'', '\\\'', $text).'\'; return $tpl_code;';
+ − 1719
$text = preg_replace('#<!-- BEGIN (.*?) -->#is', '\'; if($this->tpl_bool[\'\\1\']) { $tpl_code .= \'', $text);
+ − 1720
$text = preg_replace('#<!-- IFPLUGIN (.*?) -->#is', '\'; if(getConfig(\'plugin_\\1\')==\'1\') { $tpl_code .= \'', $text);
+ − 1721
if(defined('IN_ENANO_INSTALL')) $text = str_replace('<!-- SYSMSG Sidebar -->', '<div class="slider"><div class="heading"><a class="head">Installation progress</a></div><div class="slideblock">'.$sideinfo.'</div></div>', $text);
+ − 1722
else $text = str_replace('<!-- SYSMSG Sidebar -->', '<div class="slider"><div class="heading"><a class="head">System error</a></div><div class="slideblock"><a href="#" onclick="return false;">Enano critical error page</a></div></div>', $text);
+ − 1723
$text = preg_replace('#<!-- SYSMSG (.*?) -->#is', '', $text);
+ − 1724
$text = preg_replace('#<!-- BEGINNOT (.*?) -->#is', '\'; if(!$this->tpl_bool[\'\\1\']) { $tpl_code .= \'', $text);
+ − 1725
$text = preg_replace('#<!-- BEGINELSE (.*?) -->#is', '\'; } else { $tpl_code .= \'', $text);
+ − 1726
$text = preg_replace('#<!-- END (.*?) -->#is', '\'; } $tpl_code .= \'', $text);
+ − 1727
$text = preg_replace('#{([A-z0-9]*)}#is', '\'.$this->tpl_strings[\'\\1\'].\'', $text);
+ − 1728
return $text; //('<pre>'.htmlspecialchars($text).'</pre>');
+ − 1729
}
+ − 1730
+ − 1731
/**
+ − 1732
* Allows individual parsing of template files. Similar to phpBB but follows the spirit of object-oriented programming ;)
+ − 1733
* Returns on object of class templateIndividual. Usage instructions can be found in the inline docs for that class.
+ − 1734
* @param $filename the filename of the template to be parsed
+ − 1735
* @return object
+ − 1736
*/
+ − 1737
+ − 1738
function makeParser($filename)
+ − 1739
{
+ − 1740
$filename = ENANO_ROOT.'/themes/'.$this->theme.'/'.$filename;
+ − 1741
if(!file_exists($filename)) die('templateIndividual: file '.$filename.' does not exist');
+ − 1742
$code = file_get_contents($filename);
+ − 1743
$parser = new templateIndividualSafe($code, $this);
+ − 1744
return $parser;
+ − 1745
}
+ − 1746
+ − 1747
/**
+ − 1748
* Same as $template->makeParser(), but takes a string instead of a filename.
+ − 1749
* @param $text the text to parse
+ − 1750
* @return object
+ − 1751
*/
+ − 1752
+ − 1753
function makeParserText($code)
+ − 1754
{
+ − 1755
$parser = new templateIndividualSafe($code, $this);
+ − 1756
return $parser;
+ − 1757
}
+ − 1758
+ − 1759
} // class template_nodb
+ − 1760
+ − 1761
/**
+ − 1762
* Identical to templateIndividual, except extends template_nodb instead of template
+ − 1763
* @see class template
+ − 1764
*/
+ − 1765
+ − 1766
class templateIndividualSafe extends template_nodb {
+ − 1767
var $tpl_strings, $tpl_bool, $tpl_code;
+ − 1768
var $compiled = false;
+ − 1769
/**
+ − 1770
* Constructor.
+ − 1771
*/
+ − 1772
function __construct($text, $parent)
+ − 1773
{
+ − 1774
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1775
$this->tpl_code = $text;
+ − 1776
$this->tpl_strings = $parent->tpl_strings;
+ − 1777
$this->tpl_bool = $parent->tpl_bool;
+ − 1778
}
+ − 1779
/**
+ − 1780
* PHP 4 constructor.
+ − 1781
*/
+ − 1782
function templateIndividual($text)
+ − 1783
{
+ − 1784
$this->__construct($text);
+ − 1785
}
+ − 1786
/**
+ − 1787
* Assigns an array of string values to the template. Strings can be accessed from the template by inserting {KEY_NAME} in the template file.
+ − 1788
* @param $vars array
+ − 1789
*/
+ − 1790
function assign_vars($vars)
+ − 1791
{
+ − 1792
if(is_array($this->tpl_strings))
+ − 1793
$this->tpl_strings = array_merge($this->tpl_strings, $vars);
+ − 1794
else
+ − 1795
$this->tpl_strings = $vars;
+ − 1796
}
+ − 1797
/**
+ − 1798
* Assigns an array of boolean values to the template. These can be used for <!-- IF ... --> statements.
+ − 1799
* @param $vars array
+ − 1800
*/
+ − 1801
function assign_bool($vars)
+ − 1802
{
+ − 1803
$this->tpl_bool = array_merge($this->tpl_bool, $vars);
+ − 1804
}
+ − 1805
/**
+ − 1806
* Compiles and executes the template code.
+ − 1807
* @return string
+ − 1808
*/
+ − 1809
function run()
+ − 1810
{
+ − 1811
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1812
if(!$this->compiled)
+ − 1813
{
+ − 1814
$this->tpl_code = $this->compile_template_text($this->tpl_code);
+ − 1815
$this->compiled = true;
+ − 1816
}
+ − 1817
return eval($this->tpl_code);
+ − 1818
}
+ − 1819
}
+ − 1820
+ − 1821
?>