Enano CMS (1.1.x): plugins/SpecialUserFuncs.php@4629ad98ee88 (annotated)

0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1	<?php
519 94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable. Dan parents: 517 diff changeset	2	/!info
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable. Dan parents: 517 diff changeset	3	{
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable. Dan parents: 517 diff changeset	4	"Plugin Name" : "plugin_specialuserfuncs_title",
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable. Dan parents: 517 diff changeset	5	"Plugin URI" : "http://enanocms.org/",
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable. Dan parents: 517 diff changeset	6	"Description" : "plugin_specialuserfuncs_desc",
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable. Dan parents: 517 diff changeset	7	"Author" : "Dan Fuhry",
685 17ebe24cdf85 Rebranded as 1.1.5 (Caoineag alpha 5) and fixed a couple bugs related to CDN support in template_nodb and installerUI. Updated readme. Dan parents: 684 diff changeset	8	"Version" : "1.1.5",
519 94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable. Dan parents: 517 diff changeset	9	"Author URI" : "http://enanocms.org/"
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable. Dan parents: 517 diff changeset	10	}
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable. Dan parents: 517 diff changeset	11	*!/
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	12
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	13	/*
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	14	* Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
685 17ebe24cdf85 Rebranded as 1.1.5 (Caoineag alpha 5) and fixed a couple bugs related to CDN support in template_nodb and installerUI. Updated readme. Dan parents: 684 diff changeset	15	* Version 1.1.5 (Caoineag alpha 5)
536 218a627eb53e Rebrand as 1.1.4 (Caoineag alpha 4) Dan parents: 525 diff changeset	16	* Copyright (C) 2006-2008 Dan Fuhry
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	17	*
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	18	* This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	19	* as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	20	*
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	21	* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	22	* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	23	*/
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	24
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	25	global $db, $session, $paths, $template, $plugins; // Common objects
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	26
593 4f9bec0d65c1 More optimization work. Moved special page init functions to common instead of common_post hook. Allowed paths to cache page metadata on filesystem. Phased out the redundancy in $paths->pages that paired a number with every urlname as foreach loops are allowed now (and have been for some time). Fixed missing includes for several functions. Rewrote str_replace_once to be a lot more efficient. Dan parents: 591 diff changeset	27	// $plugins->attachHook('session_started', 'SpecialUserFuncs_paths_init();');
590 03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	28
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	29	function SpecialUserFuncs_paths_init()
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	30	{
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	31	global $paths;
590 03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	32	$paths->add_page(Array(
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	33	'name'=>'specialpage_log_in',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	34	'urlname'=>'Login',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	35	'namespace'=>'Special',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	36	'special'=>0,'visible'=>1,'comments_on'=>0,'protected'=>1,'delvotes'=>0,'delvote_ips'=>'',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	37	));
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	38	$paths->add_page(Array(
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	39	'name'=>'specialpage_log_out',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	40	'urlname'=>'Logout',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	41	'namespace'=>'Special',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	42	'special'=>0,'visible'=>1,'comments_on'=>0,'protected'=>1,'delvotes'=>0,'delvote_ips'=>'',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	43	));
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	44	$paths->add_page(Array(
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	45	'name'=>'specialpage_register',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	46	'urlname'=>'Register',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	47	'namespace'=>'Special',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	48	'special'=>0,'visible'=>1,'comments_on'=>0,'protected'=>1,'delvotes'=>0,'delvote_ips'=>'',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	49	));
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	50	$paths->add_page(Array(
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	51	'name'=>'specialpage_preferences',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	52	'urlname'=>'Preferences',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	53	'namespace'=>'Special',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	54	'special'=>0,'visible'=>1,'comments_on'=>0,'protected'=>1,'delvotes'=>0,'delvote_ips'=>'',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	55	));
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	56
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	57	$paths->add_page(Array(
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	58	'name'=>'specialpage_contributions',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	59	'urlname'=>'Contributions',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	60	'namespace'=>'Special',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	61	'special'=>0,'visible'=>1,'comments_on'=>0,'protected'=>1,'delvotes'=>0,'delvote_ips'=>'',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	62	));
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	63
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	64	$paths->add_page(Array(
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	65	'name'=>'specialpage_change_theme',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	66	'urlname'=>'ChangeStyle',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	67	'namespace'=>'Special',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	68	'special'=>0,'visible'=>1,'comments_on'=>0,'protected'=>1,'delvotes'=>0,'delvote_ips'=>'',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	69	));
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	70
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	71	$paths->add_page(Array(
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	72	'name'=>'specialpage_activate_account',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	73	'urlname'=>'ActivateAccount',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	74	'namespace'=>'Special',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	75	'special'=>0,'visible'=>1,'comments_on'=>0,'protected'=>1,'delvotes'=>0,'delvote_ips'=>'',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	76	));
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	77
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	78	$paths->add_page(Array(
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	79	'name'=>'specialpage_captcha',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	80	'urlname'=>'Captcha',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	81	'namespace'=>'Special',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	82	'special'=>0,'visible'=>1,'comments_on'=>0,'protected'=>1,'delvotes'=>0,'delvote_ips'=>'',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	83	));
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	84
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	85	$paths->add_page(Array(
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	86	'name'=>'specialpage_password_reset',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	87	'urlname'=>'PasswordReset',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	88	'namespace'=>'Special',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	89	'special'=>0,'visible'=>1,'comments_on'=>0,'protected'=>1,'delvotes'=>0,'delvote_ips'=>'',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	90	));
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	91
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	92	$paths->add_page(Array(
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	93	'name'=>'specialpage_member_list',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	94	'urlname'=>'Memberlist',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	95	'namespace'=>'Special',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	96	'special'=>0,'visible'=>1,'comments_on'=>0,'protected'=>1,'delvotes'=>0,'delvote_ips'=>'',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	97	));
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	98
590 03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	99	$paths->add_page(Array(
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	100	'name'=>'specialpage_language_export',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	101	'urlname'=>'LangExportJSON',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	102	'namespace'=>'Special',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	103	'special'=>0,'visible'=>0,'comments_on'=>0,'protected'=>1,'delvotes'=>0,'delvote_ips'=>'',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	104	));
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	105
590 03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	106	$paths->add_page(Array(
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	107	'name'=>'specialpage_avatar',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	108	'urlname'=>'Avatar',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	109	'namespace'=>'Special',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	110	'special'=>0,'visible'=>0,'comments_on'=>0,'protected'=>1,'delvotes'=>0,'delvote_ips'=>'',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	111	));
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	112	}
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	113
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	114	// function names are IMPORTANT!!! The name pattern is: page_<namespace ID>_<page URLname, without namespace>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	115
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	116	$__login_status = '';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	117
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	118	function page_Special_Login()
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	119	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	120	global $db, $session, $paths, $template, $plugins; // Common objects
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	121	global $__login_status;
209 8a00247d1dee Login page mostly localized Dan parents: 193 diff changeset	122	global $lang;
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	123
684 15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	124	require_once( ENANO_ROOT . '/includes/diffiehellman.php' );
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	125	global $dh_supported, $_math;
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	126
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	127	$pubkey = $session->rijndael_genkey();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	128	$challenge = $session->dss_rand();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	129
179 36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	130	$locked_out = false;
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	131	// are we locked out?
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	132	$threshold = ( $_ = getConfig('lockout_threshold') ) ? intval($_) : 5;
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	133	$duration = ( $_ = getConfig('lockout_duration') ) ? intval($_) : 15;
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	134	// convert to minutes
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	135	$duration = $duration * 60;
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	136	$policy = ( $x = getConfig('lockout_policy') && in_array(getConfig('lockout_policy'), array('lockout', 'disable', 'captcha')) ) ? getConfig('lockout_policy') : 'lockout';
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	137	if ( $policy != 'disable' )
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	138	{
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	139	$ipaddr = $db->escape($_SERVER['REMOTE_ADDR']);
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	140	$timestamp_cutoff = time() - $duration;
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	141	$q = $session->sql('SELECT timestamp FROM '.table_prefix.'lockout WHERE timestamp > ' . $timestamp_cutoff . ' AND ipaddr = \'' . $ipaddr . '\' ORDER BY timestamp DESC;');
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	142	$fails = $db->numrows();
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	143	if ( $fails >= $threshold )
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	144	{
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	145	$row = $db->fetchrow();
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	146	$locked_out = true;
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	147	$lockdata = array(
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	148	'locked_out' => true,
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	149	'lockout_threshold' => $threshold,
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	150	'lockout_duration' => ( $duration / 60 ),
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	151	'lockout_fails' => $fails,
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	152	'lockout_policy' => $policy,
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	153	'lockout_last_time' => $row['timestamp'],
182 c69730750be3 Fixed the security hole (really, I'm a moron - used $failed > $threshold instead of $failed >= $threashold) and patched up some...erm... math issues Dan parents: 179 diff changeset	154	'time_rem' => ( $duration / 60 ) - round( ( time() - $row['timestamp'] ) / 60 ),
179 36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	155	'captcha' => ''
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	156	);
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	157	if ( $policy == 'captcha' )
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	158	{
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	159	$lockdata['captcha'] = $session->make_captcha();
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	160	}
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	161	}
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	162	$db->free_result();
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	163	}
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	164
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	165	if ( isset($_GET['act']) && $_GET['act'] == 'getkey' )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	166	{
436 242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	167	header('Content-type: text/javascript');
60 71b50f8c8f85 Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint Dan parents: 57 diff changeset	168	$username = ( $session->user_logged_in ) ? $session->username : false;
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	169	$response = Array(
60 71b50f8c8f85 Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint Dan parents: 57 diff changeset	170	'username' => $username,
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	171	'key' => $pubkey,
179 36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	172	'challenge' => $challenge,
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	173	'locked_out' => false
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	174	);
179 36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	175
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	176	if ( $locked_out )
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	177	{
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	178	foreach ( $lockdata as $x => $y )
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	179	{
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	180	$response[$x] = $y;
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	181	}
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	182	unset($x, $y);
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	183	}
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	184
436 242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	185	// 1.1.3: generate diffie hellman key
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	186	$response['dh_supported'] = $dh_supported;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	187	if ( $dh_supported )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	188	{
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	189	$dh_key_priv = dh_gen_private();
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	190	$dh_key_pub = dh_gen_public($dh_key_priv);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	191	$dh_key_priv = $_math->str($dh_key_priv);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	192	$dh_key_pub = $_math->str($dh_key_pub);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	193	$response['dh_public_key'] = $dh_key_pub;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	194	// store the keys in the DB
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	195	$q = $db->sql_query('INSERT INTO ' . table_prefix . "diffiehellman( public_key, private_key ) VALUES ( '$dh_key_pub', '$dh_key_priv' );");
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	196	if ( !$q )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	197	$db->die_json();
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	198	}
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	199
334 c72b545f1304 More localization work. Resolved major issue with JSON parser not parsing files over ~50KB. Switched JSON parser to the one from the Zend Framework (BSD licensed). Forced to split enano.json into five different files. Dan parents: 326 diff changeset	200	$response = enano_json_encode($response);
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	201	echo $response;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	202	return null;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	203	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	204
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	205	$level = ( isset($_GET['level']) && in_array($_GET['level'], array('0', '1', '2', '3', '4', '5', '6', '7', '8', '9') ) ) ? intval($_GET['level']) : USER_LEVEL_MEMBER;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	206	if ( isset($_POST['login']) )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	207	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	208	if ( in_array($_POST['auth_level'], array('0', '1', '2', '3', '4', '5', '6', '7', '8', '9') ) )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	209	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	210	$level = intval($_POST['auth_level']);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	211	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	212	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	213
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	214	if ( $level > USER_LEVEL_MEMBER && !$session->user_logged_in )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	215	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	216	$level = USER_LEVEL_MEMBER;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	217	}
93 95c4d91bd954 Redirections to the main page use the redirect() function now Dan parents: 85 diff changeset	218	if ( $level <= USER_LEVEL_MEMBER && $session->user_logged_in )
95c4d91bd954 Redirections to the main page use the redirect() function now Dan parents: 85 diff changeset	219	$paths->main_page();
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	220	$template->header();
507 586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	221	echo '<form action="'.makeUrl($paths->nslist['Special'].'Login').'" method="post" name="loginform" onsubmit="try{runEncryption();}catch(e){};">';
209 8a00247d1dee Login page mostly localized Dan parents: 193 diff changeset	222	$header = ( $level > USER_LEVEL_MEMBER ) ? $lang->get('user_login_message_short_elev') : $lang->get('user_login_message_short');
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	223	if ( isset($_POST['login']) )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	224	{
179 36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	225	$errstring = $__login_status['error'];
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	226	switch($__login_status['error'])
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	227	{
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	228	case 'key_not_found':
209 8a00247d1dee Login page mostly localized Dan parents: 193 diff changeset	229	$errstring = $lang->get('user_err_key_not_found');
179 36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	230	break;
562 75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	231	case 'ERR_DH_KEY_NOT_FOUND':
586 234ddd896555 Made encryption work in form-based logon again; modified load_component() to fetch compressed versions when possible Dan parents: 573 diff changeset	232	$errstring = $lang->get('user_err_dh_key_not_found'); // . " -- {$__login_status['debug']}";
562 75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	233	break;
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	234	case 'ERR_DH_KEY_NOT_INTEGER':
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	235	$errstring = $lang->get('user_err_dh_key_not_numeric');
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	236	break;
179 36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	237	case 'key_wrong_length':
209 8a00247d1dee Login page mostly localized Dan parents: 193 diff changeset	238	$errstring = $lang->get('user_err_key_wrong_length');
179 36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	239	break;
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	240	case 'too_big_for_britches':
209 8a00247d1dee Login page mostly localized Dan parents: 193 diff changeset	241	$errstring = $lang->get('user_err_too_big_for_britches');
179 36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	242	break;
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	243	case 'invalid_credentials':
209 8a00247d1dee Login page mostly localized Dan parents: 193 diff changeset	244	$errstring = $lang->get('user_err_invalid_credentials');
179 36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	245	if ( $__login_status['lockout_policy'] == 'lockout' )
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	246	{
507 586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	247	$errstring .= $lang->get('err_invalid_credentials_lockout', array('fails' => $__login_status['lockout_fails']));
179 36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	248	}
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	249	else if ( $__login_status['lockout_policy'] == 'captcha' )
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	250	{
507 586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	251	$errstring .= $lang->get('user_err_invalid_credentials_lockout_captcha', array('fails' => $__login_status['lockout_fails']));
179 36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	252	}
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	253	break;
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	254	case 'backend_fail':
209 8a00247d1dee Login page mostly localized Dan parents: 193 diff changeset	255	$errstring = $lang->get('user_err_backend_fail');
179 36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	256	break;
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	257	case 'locked_out':
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	258	$attempts = intval($__login_status['lockout_fails']);
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	259	if ( $attempts > $__login_status['lockout_threshold'])
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	260	$attempts = $__login_status['lockout_threshold'];
182 c69730750be3 Fixed the security hole (really, I'm a moron - used $failed > $threshold instead of $failed >= $threashold) and patched up some...erm... math issues Dan parents: 179 diff changeset	261
c69730750be3 Fixed the security hole (really, I'm a moron - used $failed > $threshold instead of $failed >= $threashold) and patched up some...erm... math issues Dan parents: 179 diff changeset	262	$server_time = time();
562 75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	263	$time_rem = ( intval(@$__login_status['lockout_last_time']) == time() ) ? $__login_status['lockout_duration'] : $__login_status['lockout_duration'] - round( ( $server_time - $__login_status['lockout_last_time'] ) / 60 );
209 8a00247d1dee Login page mostly localized Dan parents: 193 diff changeset	264	if ( $time_rem < 1 )
8a00247d1dee Login page mostly localized Dan parents: 193 diff changeset	265	$time_rem = $__login_status['lockout_duration'];
182 c69730750be3 Fixed the security hole (really, I'm a moron - used $failed > $threshold instead of $failed >= $threashold) and patched up some...erm... math issues Dan parents: 179 diff changeset	266
209 8a00247d1dee Login page mostly localized Dan parents: 193 diff changeset	267	$s = ( $time_rem == 1 ) ? '' : $lang->get('meta_plural');
8a00247d1dee Login page mostly localized Dan parents: 193 diff changeset	268
507 586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	269	$captcha_string = ( $__login_status['lockout_policy'] == 'captcha' ) ? $lang->get('user_err_locked_out_captcha_blurb') : '';
209 8a00247d1dee Login page mostly localized Dan parents: 193 diff changeset	270	$errstring = $lang->get('user_err_locked_out', array('plural' => $s, 'captcha_blurb' => $captcha_string, 'time_rem' => $time_rem));
8a00247d1dee Login page mostly localized Dan parents: 193 diff changeset	271
179 36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	272	break;
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	273	}
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	274	echo '<div class="error-box-mini">'.$errstring.'</div>';
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	275	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	276	if ( $p = $paths->getAllParams() )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	277	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	278	echo '<input type="hidden" name="return_to" value="'.$p.'" />';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	279	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	280	else if ( isset($_POST['login']) && isset($_POST['return_to']) )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	281	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	282	echo '<input type="hidden" name="return_to" value="'.htmlspecialchars($_POST['return_to']).'" />';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	283	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	284	?>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	285	<div class="tblholder">
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	286	<table border="0" style="width: 100%;" cellspacing="1" cellpadding="4">
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	287	<tr>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	288	<th colspan="3"><?php echo $header; ?></th>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	289	</tr>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	290	<tr>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	291	<td colspan="3" class="row1">
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	292	<?php
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	293	if ( $level <= USER_LEVEL_MEMBER )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	294	{
209 8a00247d1dee Login page mostly localized Dan parents: 193 diff changeset	295	echo '<p>' . $lang->get('user_login_body', array('reg_link' => makeUrlNS('Special', 'Register'))) . '</p>';
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	296	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	297	else
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	298	{
209 8a00247d1dee Login page mostly localized Dan parents: 193 diff changeset	299	echo '<p>' . $lang->get('user_login_body_elev') . '</p>';
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	300	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	301	?>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	302	</td>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	303	</tr>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	304	<tr>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	305	<td class="row2">
209 8a00247d1dee Login page mostly localized Dan parents: 193 diff changeset	306	<?php echo $lang->get('user_login_field_username'); ?>:
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	307	</td>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	308	<td class="row1">
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	309	<input name="username" size="25" type="text" <?php
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	310	if ( $level <= USER_LEVEL_MEMBER )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	311	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	312	echo 'tabindex="1" ';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	313	}
32 4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details Dan parents: 30 diff changeset	314	else
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details Dan parents: 30 diff changeset	315	{
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details Dan parents: 30 diff changeset	316	echo 'tabindex="3" ';
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details Dan parents: 30 diff changeset	317	}
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	318	if ( $session->user_logged_in )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	319	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	320	echo 'value="' . $session->username . '"';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	321	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	322	?> />
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	323	</td>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	324	<?php if ( $level <= USER_LEVEL_MEMBER ) { ?>
179 36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	325	<td rowspan="<?php echo ( ( $locked_out && $lockdata['lockout_policy'] == 'captcha' ) ) ? '4' : '2'; ?>" class="row3">
209 8a00247d1dee Login page mostly localized Dan parents: 193 diff changeset	326	<small><?php echo $lang->get('user_login_forgotpass_blurb', array('forgotpass_link' => makeUrlNS('Special', 'PasswordReset'))); ?><br />
8a00247d1dee Login page mostly localized Dan parents: 193 diff changeset	327	<?php echo $lang->get('user_login_createaccount_blurb', array('reg_link' => makeUrlNS('Special', 'Register'))); ?></small>
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	328	</td>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	329	<?php } ?>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	330	</tr>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	331	<tr>
209 8a00247d1dee Login page mostly localized Dan parents: 193 diff changeset	332	<td class="row2">
8a00247d1dee Login page mostly localized Dan parents: 193 diff changeset	333	<?php echo $lang->get('user_login_field_password'); ?>:
8a00247d1dee Login page mostly localized Dan parents: 193 diff changeset	334	</td><td class="row1"><input name="pass" size="25" type="password" tabindex="<?php echo ( $level <= USER_LEVEL_MEMBER ) ? '2' : '1'; ?>" /></td>
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	335	</tr>
179 36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	336	<?php
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	337	if ( $locked_out && $lockdata['lockout_policy'] == 'captcha' )
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	338	{
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	339	?>
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	340	<tr>
209 8a00247d1dee Login page mostly localized Dan parents: 193 diff changeset	341	<td class="row2" rowspan="2"><?php echo $lang->get('user_login_field_captcha'); ?>:<br /></td><td class="row1"><input type="hidden" name="captcha_hash" value="<?php echo $lockdata['captcha']; ?>" /><input name="captcha_code" size="25" type="text" tabindex="<?php echo ( $level <= USER_LEVEL_MEMBER ) ? '3' : '4'; ?>" /></td>
179 36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	342	</tr>
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	343	<tr>
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	344	<td class="row3">
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	345	<img src="<?php echo makeUrlNS('Special', 'Captcha/' . $lockdata['captcha']) ?>" onclick="this.src=this.src+'/a';" style="cursor: pointer;" />
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	346	</td>
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	347	</tr>
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	348	<?php
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	349	}
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	350	?>
507 586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	351	<?php
688 f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	352	if ( $level <= USER_LEVEL_MEMBER )
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	353	{
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	354	// "remember me" switch
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	355	// first order of business is to determine what the checkbox should say
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	356	$session_time = intval(getConfig('session_remember_time', '30'));
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	357	if ( $session_time === 0 )
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	358	{
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	359	// sessions are infinite
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	360	$text_remember = $lang->get('user_login_check_remember_infinite');
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	361	}
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	362	else
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	363	{
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	364	// is the number of days evenly divisible by 7? if so, use weeks
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	365	if ( $session_time % 7 == 0 )
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	366	{
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	367	$session_time = $session_time / 7;
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	368	$unit = 'week';
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	369	}
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	370	else
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	371	{
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	372	$unit = 'day';
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	373	}
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	374	// if it's not equal to 1, pluralize it
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	375	if ( $session_time != 1 )
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	376	{
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	377	$unit .= 's';
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	378	}
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	379	$text_remember = $lang->get('user_login_check_remember', array(
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	380	'session_length' => $session_time,
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	381	'length_units' => $lang->get("etc_unit_$unit")
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	382	));
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	383	}
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	384	?>
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	385	<tr>
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	386	<td class="row2">
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	387	<?php echo $lang->get('user_login_field_remember'); ?>
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	388	</td>
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	389	<td class="row1" colspan="2">
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	390	<label>
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	391	<input type="checkbox" name="remember" tabindex="3" />
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	392	<?php echo $text_remember; ?>
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	393	</label>
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	394	</td>
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	395	</tr>
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	396	<?php
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	397	}
507 586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	398	if ( $level <= USER_LEVEL_MEMBER && ( !isset($_GET['use_crypt']) \|\| ( isset($_GET['use_crypt']) && $_GET['use_crypt']!='0' ) ) )
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	399	{
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	400	echo '<tr>
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	401	<td class="row3" colspan="3">';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	402
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	403	$returnpage_link = ( $return = $paths->getAllParams() ) ? '/' . $return : '';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	404	$nocrypt_link = makeUrlNS('Special', "Login$returnpage_link", "level=$level&use_crypt=0", true);
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	405	echo '<p><b>' . $lang->get('user_login_nocrypt_title') . '</b> ' . $lang->get('user_login_nocrypt_body', array('nocrypt_link' => $nocrypt_link)) . '</p>';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	406	echo '<p>' . $lang->get('user_login_nocrypt_countrylist') . '</p>';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	407
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	408	echo ' </td>
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	409	</tr>';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	410	}
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	411	else if ( $level <= USER_LEVEL_MEMBER && ( isset($_GET['use_crypt']) && $_GET['use_crypt']=='0' ) )
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	412	{
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	413	echo '<tr>
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	414	<td class="row3" colspan="3">';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	415
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	416	$returnpage_link = ( $return = $paths->getAllParams() ) ? '/' . $return : '';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	417	$usecrypt_link = makeUrlNS('Special', "Login$returnpage_link", "level=$level&use_crypt=1", true);
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	418	echo '<p><b>' . $lang->get('user_login_usecrypt_title') . '</b> ' . $lang->get('user_login_usecrypt_body', array('usecrypt_link' => $usecrypt_link)) . '</p>';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	419	echo '<p>' . $lang->get('user_login_usecrypt_countrylist') . '</p>';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	420
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	421	echo ' </td>
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	422	</tr>';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	423	}
684 15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	424	else if ( $level > USER_LEVEL_MEMBER && !strstr($_SERVER['HTTP_USER_AGENT'], 'iPhone') && $dh_supported )
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	425	{
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	426	echo '<tr>';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	427	echo '<td class="row3" colspan="3">';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	428	echo '<p>' . $lang->get('user_login_dh_notice') . '</p>';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	429	echo '</td>';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	430	echo '</tr>';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	431	}
507 586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	432	?>
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	433
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	434	<tr>
688 f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	435	<th colspan="3" style="text-align: center" class="subhead"><input type="submit" name="login" value="Log in" tabindex="<?php echo ( $level <= USER_LEVEL_MEMBER ) ? '4' : '2'; ?>" /></th>
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	436	</tr>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	437	</table>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	438	</div>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	439	<input type="hidden" name="challenge_data" value="<?php echo $challenge; ?>" />
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	440	<input type="hidden" name="use_crypt" value="no" />
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	441	<input type="hidden" name="crypt_key" value="<?php echo $pubkey; ?>" />
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	442	<input type="hidden" name="crypt_data" value="" />
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	443	<input type="hidden" name="auth_level" value="<?php echo (string)$level; ?>" />
32 4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details Dan parents: 30 diff changeset	444	<?php if ( $level <= USER_LEVEL_MEMBER ): ?>
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details Dan parents: 30 diff changeset	445	<script type="text/javascript">
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details Dan parents: 30 diff changeset	446	document.forms.loginform.username.focus();
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details Dan parents: 30 diff changeset	447	</script>
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details Dan parents: 30 diff changeset	448	<?php else: ?>
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details Dan parents: 30 diff changeset	449	<script type="text/javascript">
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details Dan parents: 30 diff changeset	450	document.forms.loginform.pass.focus();
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details Dan parents: 30 diff changeset	451	</script>
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details Dan parents: 30 diff changeset	452	<?php endif; ?>
507 586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	453	<?php
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	454	// 1.1.4
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	455
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	456	require_once( ENANO_ROOT . '/includes/diffiehellman.php' );
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	457
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	458	global $dh_supported, $_math;
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	459	if ( $dh_supported )
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	460	{
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	461	$dh_key_priv = dh_gen_private();
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	462	$dh_key_pub = dh_gen_public($dh_key_priv);
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	463	$dh_key_priv = $_math->str($dh_key_priv);
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	464	$dh_key_pub = $_math->str($dh_key_pub);
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	465	// store the keys in the DB
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	466	$q = $db->sql_query('INSERT INTO ' . table_prefix . "diffiehellman( public_key, private_key ) VALUES ( '$dh_key_pub', '$dh_key_priv' );");
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	467	if ( !$q )
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	468	$db->_die();
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	469
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	470	echo "<input type=\"hidden\" name=\"dh_supported\" value=\"true\" />
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	471	<input type=\"hidden\" name=\"dh_public_key\" value=\"$dh_key_pub\" />
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	472	<input type=\"hidden\" name=\"dh_client_public_key\" value=\"\" />";
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	473	}
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	474	else
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	475	{
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	476	echo "<input type=\"hidden\" name=\"dh_supported\" value=\"false\" />";
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	477	}
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	478	?>
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	479	</form>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	480	<?php
507 586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	481	echo $session->aes_javascript('loginform', 'pass', 'use_crypt', 'crypt_key', 'crypt_data', 'challenge_data', 'dh_supported', 'dh_public_key', 'dh_client_public_key');
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	482	?>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	483	<?php
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	484	$template->footer();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	485	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	486
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	487	function page_Special_Login_preloader() // adding _preloader to the end of the function name calls the function before $session and $paths setup routines are called
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	488	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	489	global $db, $session, $paths, $template, $plugins; // Common objects
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	490	global $__login_status;
210 2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	491	global $lang;
604 6a90893622f0 Fixed missing require() on math.php in SpecialUserFuncs Dan parents: 593 diff changeset	492	require_once( ENANO_ROOT . '/includes/math.php' );
6a90893622f0 Fixed missing require() on math.php in SpecialUserFuncs Dan parents: 593 diff changeset	493
436 242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	494	if ( $paths->getParam(0) === 'action.json' )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	495	{
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	496	if ( !isset($_POST['r']) )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	497	die('No request.');
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	498
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	499	$request = $_POST['r'];
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	500	try
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	501	{
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	502	$request = enano_json_decode($request);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	503	}
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	504	catch ( Exception $e )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	505	{
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	506	die(enano_json_encode(array(
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	507	'mode' => 'error',
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	508	'error' => 'ERR_JSON_PARSE_FAILED'
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	509	)));
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	510	}
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	511
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	512	echo enano_json_encode($session->process_login_request($request));
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	513
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	514	$db->close();
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	515	exit;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	516	}
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	517	if ( isset($_GET['act']) && $_GET['act'] == 'ajaxlogin' )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	518	{
562 75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	519	echo 'This version of the Enano LoginAPI is deprecated. Please use the action.json method instead.';
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	520	return true;
507 586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	521	}
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	522	if(isset($_POST['login']))
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	523	{
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	524	$captcha_hash = ( isset($_POST['captcha_hash']) ) ? $_POST['captcha_hash'] : false;
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	525	$captcha_code = ( isset($_POST['captcha_code']) ) ? $_POST['captcha_code'] : false;
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	526	if ( $_POST['use_crypt'] == 'yes' )
436 242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	527	{
688 f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	528	$result = $session->login_with_crypto($_POST['username'], $_POST['crypt_data'], $_POST['crypt_key'], $_POST['challenge_data'], intval($_POST['auth_level']), $captcha_hash, $captcha_code, isset($_POST['remember']));
507 586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	529	}
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	530	else if ( $_POST['use_crypt'] == 'yes_dh' )
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	531	{
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	532	// retrieve and decrypt the password using DiffieHellman
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	533
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	534	require_once( ENANO_ROOT . '/includes/diffiehellman.php' );
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	535	global $dh_supported, $_math;
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	536
436 242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	537	if ( !$dh_supported )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	538	{
507 586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	539	die_semicritical('DiffieHellman error', 'Server does not support DiffieHellman, denying logon request');
436 242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	540	}
507 586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	541
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	542	// Fetch private key
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	543	$dh_public = $_POST['dh_public_key'];
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	544	if ( !preg_match('/^[0-9]+$/', $dh_public) )
436 242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	545	{
562 75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	546	$__login_status = array(
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	547	'success' => false,
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	548	'error' => 'ERR_DH_KEY_NOT_INTEGER',
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	549	'debug' => "public key: $dh_public"
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	550	);
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	551	return false;
436 242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	552	}
507 586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	553	$q = $db->sql_query('SELECT private_key, key_id FROM ' . table_prefix . "diffiehellman WHERE public_key = '$dh_public';");
436 242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	554	if ( !$q )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	555	$db->die_json();
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	556
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	557	if ( $db->numrows() < 1 )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	558	{
562 75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	559	$__login_status = array(
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	560	'success' => false,
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	561	'error' => 'ERR_DH_KEY_NOT_FOUND',
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	562	'debug' => "public key: $dh_public"
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	563	);
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	564	return false;
436 242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	565	}
507 586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	566
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	567	list($dh_private, $dh_key_id) = $db->fetchrow_num();
436 242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	568	$db->free_result();
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	569
507 586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	570	// We have the private key, now delete the key pair, we no longer need it
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	571	$q = $db->sql_query('DELETE FROM ' . table_prefix . "diffiehellman WHERE key_id = $dh_key_id;");
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	572	if ( !$q )
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	573	$db->die_json();
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	574
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	575	// Generate the shared secret
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	576	$dh_secret = dh_gen_shared_secret($dh_private, $_POST['dh_client_public_key']);
436 242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	577	$dh_secret = $_math->str($dh_secret);
507 586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	578
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	579	// Did we get all our math right?
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	580	$dh_secret_check = sha1($dh_secret);
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	581	$dh_hash = $_POST['crypt_key'];
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	582	if ( $dh_secret_check !== $dh_hash )
436 242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	583	{
562 75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	584	$__login_status = array(
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	585	'success' => false,
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	586	'error' => 'ERR_DH_HASH_NO_MATCH',
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	587	'debug' => "dh_secret_check = $dh_secret_check\ndh_hash_input = $dh_hash"
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	588	);
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	589	return false;
436 242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	590	}
507 586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	591
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	592	// All good! Generate the AES key
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	593	$aes_key = substr(sha256($dh_secret), 0, ( AES_BITS / 4 ));
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	594
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	595	// decrypt user info
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	596	$aes_key = hexdecode($aes_key);
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	597	$aes = AESCrypt::singleton(AES_BITS, AES_BLOCKSIZE);
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	598	$password = $aes->decrypt($_POST['crypt_data'], $aes_key, ENC_HEX);
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	599
688 f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	600	$result = $session->login_without_crypto($_POST['username'], $password, false, intval($_POST['auth_level']), $captcha_hash, $captcha_code, isset($_POST['remember']));
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	601	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	602	else
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	603	{
688 f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	604	$result = $session->login_without_crypto($_POST['username'], $_POST['pass'], false, intval($_POST['auth_level']), $captcha_hash, $captcha_code, isset($_POST['remember']));
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	605	}
372 5bd429428101 A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager Dan parents: 371 diff changeset	606
179 36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	607	if($result['success'])
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	608	{
372 5bd429428101 A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager Dan parents: 371 diff changeset	609	$session->start();
5bd429428101 A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager Dan parents: 371 diff changeset	610
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	611	$template->load_theme($session->theme, $session->style);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	612	if(isset($_POST['return_to']))
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	613	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	614	$name = ( isset($paths->pages[$_POST['return_to']]['name']) ) ? $paths->pages[$_POST['return_to']]['name'] : $_POST['return_to'];
210 2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	615	$subst = array(
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	616	'username' => $session->username,
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	617	'redir_target' => $name
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	618	);
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	619	redirect( makeUrl($_POST['return_to'], false, true), $lang->get('user_login_success_title'), $lang->get('user_login_success_body', $subst) );
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	620	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	621	else
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	622	{
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	623	$subst = array(
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	624	'username' => $session->username,
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	625	'redir_target' => $lang->get('user_login_success_body_mainpage')
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	626	);
741 a216e412c439 Added ability to have alternate main page for members Dan parents: 701 diff changeset	627	redirect( makeUrl(get_main_page(), false, true), $lang->get('user_login_success_title'), $lang->get('user_login_success_body', $subst) );
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	628	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	629	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	630	else
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	631	{
521 d264784355e5 Implemented the password-reset redirect _properly_ instead of the hackish direct header() call in sessions.php Dan parents: 517 diff changeset	632	if ( $result['error'] === 'valid_reset' )
d264784355e5 Implemented the password-reset redirect _properly_ instead of the hackish direct header() call in sessions.php Dan parents: 517 diff changeset	633	{
d264784355e5 Implemented the password-reset redirect _properly_ instead of the hackish direct header() call in sessions.php Dan parents: 517 diff changeset	634	header('HTTP/1.1 302 Temporary Redirect');
d264784355e5 Implemented the password-reset redirect _properly_ instead of the hackish direct header() call in sessions.php Dan parents: 517 diff changeset	635	header('Location: ' . $result['redirect_url']);
d264784355e5 Implemented the password-reset redirect _properly_ instead of the hackish direct header() call in sessions.php Dan parents: 517 diff changeset	636
d264784355e5 Implemented the password-reset redirect _properly_ instead of the hackish direct header() call in sessions.php Dan parents: 517 diff changeset	637	$db->close();
d264784355e5 Implemented the password-reset redirect _properly_ instead of the hackish direct header() call in sessions.php Dan parents: 517 diff changeset	638	exit();
d264784355e5 Implemented the password-reset redirect _properly_ instead of the hackish direct header() call in sessions.php Dan parents: 517 diff changeset	639	}
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	640	$GLOBALS['__login_status'] = $result;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	641	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	642	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	643	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	644
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	645	function SpecialLogin_SendResponse_PasswordReset($user_id, $passkey)
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	646	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	647	$response = Array(
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	648	'result' => 'success_reset',
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	649	'user_id' => $user_id,
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	650	'temppass' => $passkey
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	651	);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	652
334 c72b545f1304 More localization work. Resolved major issue with JSON parser not parsing files over ~50KB. Switched JSON parser to the one from the Zend Framework (BSD licensed). Forced to split enano.json into five different files. Dan parents: 326 diff changeset	653	$response = enano_json_encode($response);
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	654	echo $response;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	655
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	656	$db->close();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	657	exit;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	658	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	659
562 75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	660	function page_Special_Logout()
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	661	{
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	662	global $db, $session, $paths, $template, $plugins; // Common objects
210 2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	663	global $lang;
562 75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	664
93 95c4d91bd954 Redirections to the main page use the redirect() function now Dan parents: 85 diff changeset	665	if ( !$session->user_logged_in )
95c4d91bd954 Redirections to the main page use the redirect() function now Dan parents: 85 diff changeset	666	$paths->main_page();
95c4d91bd954 Redirections to the main page use the redirect() function now Dan parents: 85 diff changeset	667
562 75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	668	$token = $paths->getParam(0);
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	669	if ( $token !== $session->csrf_token )
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	670	{
573 43e7254afdb4 Renamed some functions (that were new in this release anyway) due to compatibility broken with PunBB bridge Dan parents: 562 diff changeset	671	csrf_request_confirm();
562 75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	672	}
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	673
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	674	$l = $session->logout();
93 95c4d91bd954 Redirections to the main page use the redirect() function now Dan parents: 85 diff changeset	675	if ( $l == 'success' )
95c4d91bd954 Redirections to the main page use the redirect() function now Dan parents: 85 diff changeset	676	{
741 a216e412c439 Added ability to have alternate main page for members Dan parents: 701 diff changeset	677	$url = makeUrl(get_main_page(), false, true);
562 75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	678	if ( $paths->getParam(1) )
436 242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	679	{
562 75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	680	$pi = explode('/', $paths->getAllParams());
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	681	$pi = implode('/', array_values(array_slice($pi, 1)));
436 242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	682	list($pid, $ns) = RenderMan::strToPageID($pi);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	683	$perms = $session->fetch_page_acl($pid, $ns);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	684	if ( $perms->get_permissions('read') )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	685	{
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	686	$url = makeUrl($pi, false, true);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	687	}
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	688	}
562 75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	689	redirect($url, $lang->get('user_logout_success_title'), $lang->get('user_logout_success_body'), 3);
93 95c4d91bd954 Redirections to the main page use the redirect() function now Dan parents: 85 diff changeset	690	}
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	691	$template->header();
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	692	echo '<h3>' . $lang->get('user_logout_err_title') . '</h3>';
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	693	echo '<p>' . $l . '</p>';
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	694	$template->footer();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	695	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	696
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	697	function page_Special_Register()
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	698	{
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	699	global $db, $session, $paths, $template, $plugins; // Common objects
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	700	global $lang;
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	701
701 dd80cde96a6c Autocomplete further stabilized. Made Special:PasswordReset and Special:Register prevent use if logged in. Dan parents: 688 diff changeset	702	if ( $session->user_logged_in )
dd80cde96a6c Autocomplete further stabilized. Made Special:PasswordReset and Special:Register prevent use if logged in. Dan parents: 688 diff changeset	703	{
dd80cde96a6c Autocomplete further stabilized. Made Special:PasswordReset and Special:Register prevent use if logged in. Dan parents: 688 diff changeset	704	$paths->main_page();
dd80cde96a6c Autocomplete further stabilized. Made Special:PasswordReset and Special:Register prevent use if logged in. Dan parents: 688 diff changeset	705	}
dd80cde96a6c Autocomplete further stabilized. Made Special:PasswordReset and Special:Register prevent use if logged in. Dan parents: 688 diff changeset	706
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	707	// form field trackers
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	708	$username = '';
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	709	$email = '';
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	710	$realname = '';
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	711
348 87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	712	$terms = getConfig('register_tou');
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	713
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	714	if(getConfig('account_activation') == 'disable' && ( ( $session->user_level >= USER_LEVEL_ADMIN && !isset($_GET['IWannaPlayToo']) ) \|\| $session->user_level < USER_LEVEL_ADMIN \|\| !$session->user_logged_in ))
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	715	{
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	716	$s = ($session->user_level >= USER_LEVEL_ADMIN) ? '<p>' . $lang->get('user_reg_err_disabled_body_adminblurb', array( 'reg_link' => makeUrl($paths->page, 'IWannaPlayToo&coppa=no', true) )) . '</p>' : '';
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	717	die_friendly($lang->get('user_reg_err_disabled_title'), '<p>' . $lang->get('user_reg_err_disabled_body') . '</p>' . $s);
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	718	}
684 15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	719	// are we locked out from logging in? if so, also lock out registration
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	720	if ( getConfig('lockout_policy') === 'lockout' )
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	721	{
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	722	$ip = $db->escape($_SERVER['REMOTE_ADDR']);
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	723	$threshold = time() - ( 60 * intval(getConfig('lockout_duration')) );
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	724	$limit = intval(getConfig('lockout_threshold'));
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	725	$q = $db->sql_query('SELECT * FROM ' . table_prefix . "lockout WHERE timestamp >= $threshold ORDER BY timestamp DESC;");
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	726	if ( !$q )
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	727	$db->_die();
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	728	if ( $db->numrows() >= $limit )
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	729	{
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	730	$row = $db->fetchrow();
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	731	$db->free_result();
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	732	$time_rem = intval(getConfig('lockout_duration')) - round((time() - $row['timestamp']) / 60);
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	733	die_friendly($lang->get('user_reg_err_disabled_title'), '<p>' . $lang->get('user_reg_err_locked_out', array('time' => $time_rem)) . '</p>');
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	734	}
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	735	$db->free_result();
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	736	}
93 95c4d91bd954 Redirections to the main page use the redirect() function now Dan parents: 85 diff changeset	737	if ( $session->user_level < USER_LEVEL_ADMIN && $session->user_logged_in )
95c4d91bd954 Redirections to the main page use the redirect() function now Dan parents: 85 diff changeset	738	{
95c4d91bd954 Redirections to the main page use the redirect() function now Dan parents: 85 diff changeset	739	$paths->main_page();
95c4d91bd954 Redirections to the main page use the redirect() function now Dan parents: 85 diff changeset	740	}
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	741	if(isset($_POST['submit']))
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	742	{
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	743	$_GET['coppa'] = ( isset($_POST['coppa']) ) ? $_POST['coppa'] : 'x';
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	744
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	745	$captcharesult = $session->get_captcha($_POST['captchahash']);
263 d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true Dan parents: 192 diff changeset	746	$session->kill_captcha();
345 4ccdfeee9a11 WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite Dan parents: 343 diff changeset	747	if ( strtolower($captcharesult) != strtolower($_POST['captchacode']) )
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	748	{
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	749	$s = $lang->get('user_reg_err_captcha');
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	750	}
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	751	else
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	752	{
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	753	if ( getConfig('enable_coppa') == '1' && ( !isset($_POST['coppa']) \|\| ( isset($_POST['coppa']) && !in_array($_POST['coppa'], array('yes', 'no')) ) ) )
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	754	{
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	755	$s = 'Invalid COPPA input';
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	756	}
348 87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	757	else if ( !empty($terms) && !isset($_POST['tou_agreed']) )
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	758	{
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	759	$s = $lang->get('user_reg_err_accept_tou');
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	760	}
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	761	else
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	762	{
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	763	$coppa = ( isset($_POST['coppa']) && $_POST['coppa'] == 'yes' );
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	764	$s = false;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	765
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	766	// decrypt password
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	767	// as with the change pass form, we aren't going to bother checking the confirmation code because if the passwords didn't match
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	768	// and yet the password got encrypted, that means the user screwed with the code, and if the user screwed with the code and thus
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	769	// forgot his password, that's his problem.
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	770
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	771	if ( $_POST['use_crypt'] == 'yes' )
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	772	{
286 b2f985e4cef3 Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added Dan parents: 270 diff changeset	773	$aes = AESCrypt::singleton(AES_BITS, AES_BLOCKSIZE);
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	774	$crypt_key = $session->fetch_public_key($_POST['crypt_key']);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	775	if ( !$crypt_key )
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	776	{
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	777	$s = $lang->get('user_reg_err_missing_key');
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	778	}
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	779	else
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	780	{
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	781	$data = $_POST['crypt_data'];
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	782	$bin_key = hexdecode($crypt_key);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	783	//die("Decrypting with params: key $crypt_key, data $data");
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	784	$password = $aes->decrypt($data, $bin_key, ENC_HEX);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	785	}
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	786	}
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	787	else
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	788	{
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	789	$password = $_POST['password'];
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	790	}
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	791
799 4629ad98ee88 Added a couple of hooks for the registration form. Dan parents: 782 diff changeset	792	$error =& $s;
4629ad98ee88 Added a couple of hooks for the registration form. Dan parents: 782 diff changeset	793
4629ad98ee88 Added a couple of hooks for the registration form. Dan parents: 782 diff changeset	794	/**
4629ad98ee88 Added a couple of hooks for the registration form. Dan parents: 782 diff changeset	795	* Validation of POST data coming from registration. Put an error message in the variable $error to stop registration.
4629ad98ee88 Added a couple of hooks for the registration form. Dan parents: 782 diff changeset	796	* @hook ucp_register_validate
4629ad98ee88 Added a couple of hooks for the registration form. Dan parents: 782 diff changeset	797	*/
4629ad98ee88 Added a couple of hooks for the registration form. Dan parents: 782 diff changeset	798
4629ad98ee88 Added a couple of hooks for the registration form. Dan parents: 782 diff changeset	799	$code = $plugins->setHook('ucp_register_validate');
4629ad98ee88 Added a couple of hooks for the registration form. Dan parents: 782 diff changeset	800	foreach ( $code as $cmd )
4629ad98ee88 Added a couple of hooks for the registration form. Dan parents: 782 diff changeset	801	{
4629ad98ee88 Added a couple of hooks for the registration form. Dan parents: 782 diff changeset	802	eval($cmd);
4629ad98ee88 Added a couple of hooks for the registration form. Dan parents: 782 diff changeset	803	}
4629ad98ee88 Added a couple of hooks for the registration form. Dan parents: 782 diff changeset	804
4629ad98ee88 Added a couple of hooks for the registration form. Dan parents: 782 diff changeset	805	// All things verified, create account
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	806	if ( !$s )
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	807	$s = $session->create_user($_POST['username'], $password, $_POST['email'], $_POST['real_name'], $coppa);
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	808	}
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	809	}
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	810	if($s == 'success' && !$coppa)
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	811	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	812	switch(getConfig('account_activation'))
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	813	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	814	case "none":
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	815	default:
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	816	$str = $lang->get('user_reg_msg_success_activ_none', array('login_link' => makeUrlNS('Special', 'Login', false, true)));
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	817	break;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	818	case "user":
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	819	$str = $lang->get('user_reg_msg_success_activ_user');
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	820	break;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	821	case "admin":
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	822	$str = $lang->get('user_reg_msg_success_activ_admin');
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	823	break;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	824	}
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	825	die_friendly($lang->get('user_reg_msg_success_title'), '<p>' . $lang->get('user_reg_msg_success_body') . ' ' . $str . '</p>');
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	826	}
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	827	else if ( $s == 'success' && $coppa )
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	828	{
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	829	$str = $lang->get('user_reg_msg_success_activ_coppa');
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	830	die_friendly($lang->get('user_reg_msg_success_title'), '<p>' . $lang->get('user_reg_msg_success_body') . ' ' . $str . '</p>');
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	831	}
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	832	$username = htmlspecialchars($_POST['username']);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	833	$email = htmlspecialchars($_POST['email']);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	834	$realname = htmlspecialchars($_POST['real_name']);
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	835	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	836	$template->header();
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	837	echo $lang->get('user_reg_msg_greatercontrol');
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	838
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	839	if ( getConfig('enable_coppa') != '1' \|\| ( isset($_GET['coppa']) && in_array($_GET['coppa'], array('yes', 'no')) ) )
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	840	{
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	841	$coppa = ( isset($_GET['coppa']) && $_GET['coppa'] == 'yes' );
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	842	$session->kill_captcha();
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	843	$captchacode = $session->make_captcha();
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	844
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	845	$pubkey = $session->rijndael_genkey();
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	846	$challenge = $session->dss_rand();
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	847
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	848	?>
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	849	<h3><?php echo $lang->get('user_reg_msg_table_title'); ?></h3>
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	850	<form name="regform" action="<?php echo makeUrl($paths->page); ?>" method="post" onsubmit="return runEncryption();">
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	851	<div class="tblholder">
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	852	<table border="0" width="100%" cellspacing="1" cellpadding="4">
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	853	<tr><th class="subhead" colspan="3"><?php echo $lang->get('user_reg_msg_table_subtitle'); ?></th></tr>
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	854
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	855	<?php if(isset($_POST['submit'])) echo '<tr><td colspan="3" class="row2" style="color: red;">'.$s.'</td></tr>'; ?>
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	856
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	857	<!-- FIELD: Username -->
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	858	<tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	859	<td class="row1" style="width: 50%;">
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	860	<?php echo $lang->get('user_reg_lbl_field_username'); ?>
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	861	<span id="e_username"></span>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	862	</td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	863	<td class="row1" style="width: 50%;">
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	864	<input tabindex="1" type="text" name="username" size="30" value="<?php echo $username; ?>" onkeyup="namegood = false; validateForm(this);" onblur="checkUsername();" />
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	865	</td>
404 fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list. Dan parents: 402 diff changeset	866	<td class="row1" style="width: 1px;">
fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list. Dan parents: 402 diff changeset	867	<img alt="Good/bad icon" src="<?php echo scriptPath; ?>/images/checkbad.png" id="s_username" />
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	868	</td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	869	</tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	870
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	871	<!-- FIELD: Password -->
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	872	<tr>
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	873	<td class="row3" style="width: 50%;" rowspan="<?php echo ( getConfig('pw_strength_enable') == '1' ) ? '3' : '2'; ?>">
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	874	<?php echo $lang->get('user_reg_lbl_field_password'); ?>
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	875	<span id="e_password"></span>
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	876	<?php if ( getConfig('pw_strength_enable') == '1' && getConfig('pw_strength_minimum') > -10 ): ?>
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	877	<small><?php echo $lang->get('user_reg_msg_password_score'); ?></small>
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	878	<?php endif; ?>
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	879	</td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	880	<td class="row3" style="width: 50%;">
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	881	<input tabindex="2" type="password" name="password" size="15" onkeyup="<?php if ( getConfig('pw_strength_enable') == '1' ): ?>password_score_field(this); <?php endif; ?>validateForm(this);" /><?php if ( getConfig('pw_strength_enable') == '1' ): ?><span class="password-checker" style="font-weight: bold; color: #aaaaaa;"> Loading...</span><?php endif; ?>
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	882	</td>
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	883	<td rowspan="<?php echo ( getConfig('pw_strength_enable') == '1' ) ? '3' : '2'; ?>" class="row3" style="max-width: 24px;">
404 fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list. Dan parents: 402 diff changeset	884	<img alt="Good/bad icon" src="<?php echo scriptPath; ?>/images/checkbad.png" id="s_password" />
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	885	</td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	886	</tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	887
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	888	<!-- FIELD: Password confirmation -->
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	889	<tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	890	<td class="row3" style="width: 50%;">
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	891	<input tabindex="3" type="password" name="password_confirm" size="15" onkeyup="validateForm(this);" /> <small><?php echo $lang->get('user_reg_lbl_field_password_confirm'); ?></small>
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	892	</td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	893	</tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	894
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	895	<!-- FIELD: Password strength meter -->
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	896
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	897	<?php if ( getConfig('pw_strength_enable') == '1' ): ?>
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	898	<tr>
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	899	<td class="row3" style="width: 50%;">
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	900	<div id="pwmeter"></div>
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	901	</td>
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	902	</tr>
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	903	<?php endif; ?>
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	904
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	905	<!-- FIELD: E-mail address -->
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	906	<tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	907	<td class="row1" style="width: 50%;">
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	908	<?php
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	909	if ( $coppa )
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	910	{
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	911	echo $lang->get('user_reg_lbl_field_email_coppa');
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	912	}
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	913	else
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	914	{
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	915	echo $lang->get('user_reg_lbl_field_email');
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	916	}
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	917	?>
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	918	<?php
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	919	if ( ( $x = getConfig('account_activation') ) == 'user' )
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	920	{
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	921	echo '<br /><small>' . $lang->get('user_reg_msg_email_activuser') . '</small>';
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	922	}
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	923	?>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	924	</td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	925	<td class="row1" style="width: 50%;">
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	926	<input tabindex="4" type="text" name="email" size="30" value="<?php echo $email; ?>" onkeyup="validateForm(this);" />
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	927	</td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	928	<td class="row1" style="max-width: 24px;">
404 fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list. Dan parents: 402 diff changeset	929	<img alt="Good/bad icon" src="<?php echo scriptPath; ?>/images/checkbad.png" id="s_email" />
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	930	</td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	931	</tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	932
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	933	<!-- FIELD: Real name -->
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	934	<tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	935	<td class="row3" style="width: 50%;">
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	936	<?php echo $lang->get('user_reg_lbl_field_realname'); ?><br />
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	937	<small><?php echo $lang->get('user_reg_msg_realname_optional'); ?></small>
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	938	</td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	939	<td class="row3" style="width: 50%;">
799 4629ad98ee88 Added a couple of hooks for the registration form. Dan parents: 782 diff changeset	940	<input tabindex="5" type="text" name="real_name" size="30" value="<?php echo $realname; ?>" />
4629ad98ee88 Added a couple of hooks for the registration form. Dan parents: 782 diff changeset	941	</td>
4629ad98ee88 Added a couple of hooks for the registration form. Dan parents: 782 diff changeset	942	<td class="row3" style="max-width: 24px;">
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	943	</td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	944	</tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	945
799 4629ad98ee88 Added a couple of hooks for the registration form. Dan parents: 782 diff changeset	946	<?php
4629ad98ee88 Added a couple of hooks for the registration form. Dan parents: 782 diff changeset	947	/**
4629ad98ee88 Added a couple of hooks for the registration form. Dan parents: 782 diff changeset	948	* Allows adding fields to the user registration form. Form is built with Enano tables, 3 columns. (Rightmost can be left empty or if you're using Javascript validation an image you can update with your own Javascript code)
4629ad98ee88 Added a couple of hooks for the registration form. Dan parents: 782 diff changeset	949	* @hook ucp_register_form
4629ad98ee88 Added a couple of hooks for the registration form. Dan parents: 782 diff changeset	950	*/
4629ad98ee88 Added a couple of hooks for the registration form. Dan parents: 782 diff changeset	951
4629ad98ee88 Added a couple of hooks for the registration form. Dan parents: 782 diff changeset	952	$code = $plugins->setHook('ucp_register_form');
4629ad98ee88 Added a couple of hooks for the registration form. Dan parents: 782 diff changeset	953	foreach ( $code as $cmd )
4629ad98ee88 Added a couple of hooks for the registration form. Dan parents: 782 diff changeset	954	{
4629ad98ee88 Added a couple of hooks for the registration form. Dan parents: 782 diff changeset	955	eval($cmd);
4629ad98ee88 Added a couple of hooks for the registration form. Dan parents: 782 diff changeset	956	}
4629ad98ee88 Added a couple of hooks for the registration form. Dan parents: 782 diff changeset	957	?>
4629ad98ee88 Added a couple of hooks for the registration form. Dan parents: 782 diff changeset	958
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	959	<!-- FIELD: CAPTCHA image -->
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	960	<tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	961	<td class="row1" style="width: 50%;" rowspan="2">
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	962	<?php echo $lang->get('user_reg_lbl_field_captcha'); ?><br />
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	963	<small>
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	964	<?php echo $lang->get('user_reg_msg_captcha_pleaseenter', array('regen_flags' => 'href="#" onclick="regenCaptcha(); return false;"')); ?><br />
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	965	<br />
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	966	<?php echo $lang->get('user_reg_msg_captcha_blind'); ?>
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	967	</small>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	968	</td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	969	<td colspan="2" class="row1">
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	970	<img id="captchaimg" alt="CAPTCHA image" src="<?php echo makeUrlNS('Special', 'Captcha/'.$captchacode); ?>" />
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	971	<span id="b_username"></span>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	972	</td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	973	</tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	974
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	975	<!-- FIELD: CAPTCHA input field -->
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	976	<tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	977	<td class="row1" colspan="2">
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	978	<?php echo $lang->get('user_reg_lbl_field_captcha_code'); ?>
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	979	<input tabindex="6" name="captchacode" type="text" size="10" />
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	980	<input type="hidden" name="captchahash" value="<?php echo $captchacode; ?>" />
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	981	</td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	982	</tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	983
348 87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	984	<!-- FIELD: TOU -->
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	985
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	986	<?php
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	987	if ( !empty($terms) ):
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	988	?>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	989
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	990	<tr>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	991	<td class="row1" colspan="3">
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	992	<?php
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	993	echo $lang->get('user_reg_msg_please_read_tou');
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	994	?>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	995	</td>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	996	</tr>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	997
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	998	<tr>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	999	<td class="row3" colspan="3">
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	1000	<div style="border: 1px solid #000000; height: 75px; width: 60%; clip: rect(0px,auto,auto,0px); overflow: auto; background-color: #FFF; margin: 0 auto; padding: 4px;">
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	1001	<?php
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	1002	echo RenderMan::render($terms);
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	1003	?>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	1004	</div>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	1005	<p style="text-align: center;">
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	1006	<label>
371 dc6026376919 Improved compatibility with PostgreSQL and fixed a number of installer bugs; fixed missing "meta" category declaration in language files Dan parents: 359 diff changeset	1007	<input tabindex="7" type="checkbox" name="tou_agreed" />
348 87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	1008	<b><?php echo $lang->get('user_reg_lbl_field_tou'); ?></b>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	1009	</label>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	1010	</p>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	1011	</td>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	1012	</tr>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	1013
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	1014	<?php
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	1015	endif;
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	1016	?>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	1017
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	1018	<!-- FIELD: submit button -->
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	1019	<tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	1020	<th class="subhead" colspan="3" style="text-align: center;">
371 dc6026376919 Improved compatibility with PostgreSQL and fixed a number of installer bugs; fixed missing "meta" category declaration in language files Dan parents: 359 diff changeset	1021	<input tabindex="8" type="submit" name="submit" value="<?php echo $lang->get('user_reg_btn_create_account'); ?>" />
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	1022	</td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	1023	</tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	1024
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1025	</table>
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1026	</div>
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1027	<?php
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1028	$val = ( $coppa ) ? 'yes' : 'no';
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1029	echo '<input type="hidden" name="coppa" value="' . $val . '" />';
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1030	?>
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1031	<input type="hidden" name="challenge_data" value="<?php echo $challenge; ?>" />
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1032	<input type="hidden" name="use_crypt" value="no" />
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1033	<input type="hidden" name="crypt_key" value="<?php echo $pubkey; ?>" />
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1034	<input type="hidden" name="crypt_data" value="" />
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1035	<script type="text/javascript">
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1036	// ENCRYPTION CODE
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1037	function runEncryption()
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1038	{
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1039	var frm = document.forms.regform;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1040	if ( frm.password.value.length < 1 )
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1041	return true;
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1042	pass1 = frm.password.value;
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1043	pass2 = frm.password_confirm.value;
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1044	if ( pass1 != pass2 )
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1045	{
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1046	alert($lang.get('user_reg_err_alert_password_nomatch'));
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1047	return false;
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1048	}
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1049	if ( pass1.length < 6 && pass1.length > 0 )
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1050	{
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1051	alert($lang.get('user_reg_err_alert_password_tooshort'));
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1052	return false;
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1053	}
614 78d1e71dc720 Got user registration working with the new componentized JS framework Dan parents: 604 diff changeset	1054	if(aes_self_test())
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1055	{
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1056	frm.use_crypt.value = 'yes';
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1057	var cryptkey = frm.crypt_key.value;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1058	frm.crypt_key.value = hex_md5(cryptkey);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1059	cryptkey = hexToByteArray(cryptkey);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1060	if(!cryptkey \|\| ( ( typeof cryptkey == 'string' \|\| typeof cryptkey == 'object' ) ) && cryptkey.length != keySizeInBits / 8 )
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1061	{
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1062	frm.submit.disabled = true;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1063	len = ( typeof cryptkey == 'string' \|\| typeof cryptkey == 'object' ) ? '\nLen: '+cryptkey.length : '';
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1064	alert('The key is messed up\nType: '+typeof(cryptkey)+len);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1065	}
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1066	pass = frm.password.value;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1067	pass = stringToByteArray(pass);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1068	cryptstring = rijndaelEncrypt(pass, cryptkey, 'ECB');
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1069	if(!cryptstring)
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1070	{
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1071	return false;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1072	}
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1073	cryptstring = byteArrayToHex(cryptstring);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1074	frm.crypt_data.value = cryptstring;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1075	frm.password.value = "";
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1076	frm.password_confirm.value = "";
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1077	}
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1078	return true;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1079	}
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1080	</script>
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1081	</form>
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1082	<!-- Don't optimize this script, it fails when compressed -->
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1083	<enano:no-opt>
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1084	<script type="text/javascript">
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1085	// <![CDATA[
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1086	var namegood = false;
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1087	function validateForm(field)
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1088	{
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1089	if ( typeof(field) != 'object' )
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1090	{
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1091	field = {
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1092	name: '_nil',
459 31c23016ab62 Upgraded tinyMCE to 3.0.1 in hopes of fixing IE race conditions. Fixed a couple minor syntax errors in Javascript objects declared in various places. Dan parents: 458 diff changeset	1093	value: '_nil'
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1094	}
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1095	}
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1096	// wait until $lang is initted
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1097	if ( typeof($lang) != 'object' )
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1098	{
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1099	setTimeout('validateForm();', 200);
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1100	return false;
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1101	}
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1102	var frm = document.forms.regform;
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1103	failed = false;
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1104
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1105	// Username
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1106	if(!namegood && ( field.name == 'username' \|\| field.name == '_nil' ) )
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1107	{
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1108	//if(frm.username.value.match(/^([A-z0-9 \!@\-]+){2,}$/ig))
270 5bcdee999015 Major fixes to the ban system - large IP match lists don't slow down the server miserably anymore. Dan parents: 263 diff changeset	1109	var regex = new RegExp('^([^<>&\?]+){2,}$', 'ig');
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1110	if ( frm.username.value.match(regex) )
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1111	{
404 fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list. Dan parents: 402 diff changeset	1112	document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/checkunk.png';
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1113	document.getElementById('e_username').innerHTML = ' ';
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1114	} else {
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1115	failed = true;
404 fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list. Dan parents: 402 diff changeset	1116	document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/checkbad.png';
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1117	document.getElementById('e_username').innerHTML = '<br /><small>' + $lang.get('user_reg_err_username_invalid') + '</small>';
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1118	}
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1119	}
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1120	document.getElementById('b_username').innerHTML = '';
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1121	if(hex_md5(frm.real_name.value) == '5a397df72678128cf0e8147a2befd5f1')
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1122	{
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1123	document.getElementById('b_username').innerHTML = '<br /><br />Hey...I know you!<br /><img alt="" src="http://upload.wikimedia.org/wikipedia/commons/thumb/7/7f/Bill_Gates_2004_cr.jpg/220px-Bill_Gates_2004_cr.jpg" />';
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1124	}
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1126	// Password
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1127	if ( field.name == 'password' \|\| field.name == 'password_confirm' \|\| field.name == '_nil' )
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1128	{
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1129	if(frm.password.value.match(/^(.+){6,}$/ig) && frm.password_confirm.value.match(/^(.+){6,}$/ig) && frm.password.value == frm.password_confirm.value )
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1130	{
404 fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list. Dan parents: 402 diff changeset	1131	document.getElementById('s_password').src='<?php echo scriptPath; ?>/images/check.png';
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1132	document.getElementById('e_password').innerHTML = '<br /><small>' + $lang.get('user_reg_err_password_good') + '</small>';
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1133	} else {
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1134	failed = true;
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1135	if(frm.password.value.length < 6)
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1136	{
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1137	document.getElementById('e_password').innerHTML = '<br /><small>' + $lang.get('user_reg_msg_password_length') + '</small>';
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1138	}
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1139	else if(frm.password.value != frm.password_confirm.value)
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1140	{
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1141	document.getElementById('e_password').innerHTML = '<br /><small>' + $lang.get('user_reg_msg_password_needmatch') + '</small>';
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1142	}
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1143	else
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1144	{
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1145	document.getElementById('e_password').innerHTML = '';
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1146	}
404 fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list. Dan parents: 402 diff changeset	1147	document.getElementById('s_password').src='<?php echo scriptPath; ?>/images/checkbad.png';
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1148	}
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1149	}
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1150
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1151	// E-mail address
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1152
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1153	// workaround for idiot jEdit bug
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1154	if ( validateEmail(frm.email.value) && ( field.name == 'email' \|\| field.name == '_nil' ) )
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1155	{
404 fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list. Dan parents: 402 diff changeset	1156	document.getElementById('s_email').src='<?php echo scriptPath; ?>/images/check.png';
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1157	} else {
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1158	failed = true;
404 fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list. Dan parents: 402 diff changeset	1159	document.getElementById('s_email').src='<?php echo scriptPath; ?>/images/checkbad.png';
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1160	}
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1161	if(failed)
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1162	{
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1163	frm.submit.disabled = 'disabled';
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1164	} else {
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1165	frm.submit.disabled = false;
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1166	}
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1167	}
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1168	function checkUsername()
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1169	{
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1170	var frm = document.forms.regform;
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1171
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1172	if(!namegood)
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1173	{
270 5bcdee999015 Major fixes to the ban system - large IP match lists don't slow down the server miserably anymore. Dan parents: 263 diff changeset	1174	var regex = new RegExp('^([^<>&\?]+){2,}$', 'ig');
5bcdee999015 Major fixes to the ban system - large IP match lists don't slow down the server miserably anymore. Dan parents: 263 diff changeset	1175	if ( frm.username.value.match(regex) )
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1176	{
404 fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list. Dan parents: 402 diff changeset	1177	document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/checkunk.png';
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1178	document.getElementById('e_username').innerHTML = ' ';
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1179	} else {
404 fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list. Dan parents: 402 diff changeset	1180	document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/checkbad.png';
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1181	document.getElementById('e_username').innerHTML = '<br /><small>' + $lang.get('user_reg_err_username_invalid') + '</small>';
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1182	return false;
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1183	}
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1184	}
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1185
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1186	document.getElementById('e_username').innerHTML = '<br /><small><b>' + $lang.get('user_reg_msg_username_checking') + '</b></small>';
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1187	ajaxGet('<?php echo scriptPath; ?>/ajax.php?title=null&_mode=checkusername&name='+escape(frm.username.value), function() {
407 35d94240a197 Mass-fixed all AJAX functions to also check the HTTP status code before parsing the response Dan parents: 404 diff changeset	1188	if ( ajax.readyState == 4 && ajax.status == 200 )
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1189	if(ajax.responseText == 'good')
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1190	{
404 fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list. Dan parents: 402 diff changeset	1191	document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/check.png';
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1192	document.getElementById('e_username').innerHTML = '<br /><small><b>' + $lang.get('user_reg_msg_username_available') + '</b></small>';
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1193	namegood = true;
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1194	} else if(ajax.responseText == 'bad') {
404 fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list. Dan parents: 402 diff changeset	1195	document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/checkbad.png';
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1196	document.getElementById('e_username').innerHTML = '<br /><small><b>' + $lang.get('user_reg_msg_username_unavailable') + '</b></small>';
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1197	namegood = false;
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1198	} else {
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1199	document.getElementById('e_username').innerHTML = ajax.responseText;
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1200	}
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1201	});
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1202	}
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1203	function regenCaptcha()
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1204	{
448 f725a16e4a20 Fixed broken regenCaptcha() in Special:Register Dan parents: 324 diff changeset	1205	var frm = document.forms.regform;
517 c6118b9e13bd Fixed bad captcha refresh code on registration page Dan parents: 507 diff changeset	1206	document.getElementById('captchaimg').src = '<?php echo makeUrlNS("Special", "Captcha/$captchacode"); ?>/'+Math.floor(Math.random() * 100000);
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1207	return false;
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1208	}
614 78d1e71dc720 Got user registration working with the new componentized JS framework Dan parents: 604 diff changeset	1209	addOnloadHook(function()
78d1e71dc720 Got user registration working with the new componentized JS framework Dan parents: 604 diff changeset	1210	{
78d1e71dc720 Got user registration working with the new componentized JS framework Dan parents: 604 diff changeset	1211	<?php if ( getConfig('pw_strength_enable') == '1' ): ?>
78d1e71dc720 Got user registration working with the new componentized JS framework Dan parents: 604 diff changeset	1212	var frm = document.forms.regform;
78d1e71dc720 Got user registration working with the new componentized JS framework Dan parents: 604 diff changeset	1213	load_component('pwstrength');
78d1e71dc720 Got user registration working with the new componentized JS framework Dan parents: 604 diff changeset	1214	password_score_field(frm.password);
78d1e71dc720 Got user registration working with the new componentized JS framework Dan parents: 604 diff changeset	1215	<?php endif; ?>
78d1e71dc720 Got user registration working with the new componentized JS framework Dan parents: 604 diff changeset	1216	load_component('crypto');
78d1e71dc720 Got user registration working with the new componentized JS framework Dan parents: 604 diff changeset	1217	validateForm();
78d1e71dc720 Got user registration working with the new componentized JS framework Dan parents: 604 diff changeset	1218	setTimeout('checkUsername();', 1000);
78d1e71dc720 Got user registration working with the new componentized JS framework Dan parents: 604 diff changeset	1219	});
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1220	// ]]>
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1221	</script>
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1222	</enano:no-opt>
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1223	<?php
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1224	}
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1225	else
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1226	{
345 4ccdfeee9a11 WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite Dan parents: 343 diff changeset	1227	$year = intval( enano_date('Y') );
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1228	$year = $year - 13;
345 4ccdfeee9a11 WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite Dan parents: 343 diff changeset	1229	$month = enano_date('F');
4ccdfeee9a11 WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite Dan parents: 343 diff changeset	1230	$day = enano_date('d');
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1231
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1232	$yo13_date = "$month $day, $year";
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1233	$link_coppa_yes = makeUrlNS('Special', 'Register', 'coppa=yes', true);
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1234	$link_coppa_no = makeUrlNS('Special', 'Register', 'coppa=no', true);
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1235
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1236	// COPPA enabled, ask age
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1237	echo '<div class="tblholder">';
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1238	echo '<table border="0" cellspacing="1" cellpadding="4">';
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1239	echo '<tr>
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1240	<td class="row1">
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1241	' . $lang->get('user_reg_coppa_title') . '
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1242	</td>
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1243	</tr>
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1244	<tr>
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1245	<td class="row3">
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1246	<a href="' . $link_coppa_no . '">' . $lang->get('user_reg_coppa_link_atleast13', array( 'yo13_date' => $yo13_date )) . '</a><br />
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1247	<a href="' . $link_coppa_yes . '">' . $lang->get('user_reg_coppa_link_not13', array( 'yo13_date' => $yo13_date )) . '</a>
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1248	</td>
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1249	</tr>';
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1250	echo '</table>';
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1251	echo '</div>';
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1252	}
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1253	$template->footer();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1254	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1255
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1256	function page_Special_Contributions() {
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1257	global $db, $session, $paths, $template, $plugins; // Common objects
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1258	global $lang;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1259
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1260	// This is a vast improvement over the old Special:Contributions in 1.0.x.
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1261
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1262	$template->header();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1263	$user = $paths->getParam();
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1264	if ( !$user && isset($_GET['user']) )
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1265	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1266	$user = $_GET['user'];
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1267	}
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1268	else if ( !$user && !isset($_GET['user']) )
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1269	{
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1270	echo '<p>' . $lang->get('userfuncs_contribs_err_no_user') . '</p>';
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1271	$template->footer();
81 d7fc25acd3f3 Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate Dan parents: 60 diff changeset	1272	return;
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1273	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1274
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1275	$user = $db->escape($user);
414 818b4cd12b8b Added "is_draft != 1" where appropriate in SQL queries to prevent drafts from being treated as real revisions. Dan parents: 411 diff changeset	1276	$q = 'SELECT log_type, time_id, action, date_string, page_id, namespace, author, edit_summary, minor_edit, page_id, namespace, ( action = \'edit\' ) AS is_edit FROM '.table_prefix.'logs WHERE author=\''.$user.'\' AND log_type=\'page\' AND is_draft != 1 ORDER BY is_edit DESC, time_id DESC;';
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1277	$q = $db->sql_query($q);
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1278	if ( !$q )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1279	$db->_die('SpecialUserFuncs selecting contribution data');
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1280
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1281	echo '<h3>' . $lang->get('userfuncs_contribs_heading_edits') . '</h3>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1282
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1283	$cnt_edits = 0;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1284	$cnt_other = 0;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1285	$current = 'cnt_edits';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1286	$cls = 'row2';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1287
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1288	while ( $row = $db->fetchrow($q) )
81 d7fc25acd3f3 Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate Dan parents: 60 diff changeset	1289	{
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1290	if ( $current == 'cnt_edits' && $row['is_edit'] != 1 )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1291	{
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1292	// No longer processing page edits - split the table
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1293	if ( $cnt_edits == 0 )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1294	{
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1295	echo '<p>' . $lang->get('userfuncs_contribs_msg_no_edits') . '</p>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1296	}
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1297	else
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1298	{
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1299	echo '</table></div>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1300	echo '<h3>' . $lang->get('userfuncs_contribs_heading_other') . '</h3>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1301	}
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1302	$current = 'cnt_other';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1303	$cls = 'row2';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1304	}
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1305	if ( $$current == 0 )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1306	{
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1307	echo '<div class="tblholder">
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1308	<table border="0" cellspacing="1" cellpadding="4">';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1309	echo ' <tr>
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1310	<th>' . $lang->get('history_col_datetime') . '</th>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1311	echo ' <th>' . $lang->get('history_col_page') . '</th>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1312	if ( $current == 'cnt_edits' )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1313	{
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1314	echo ' <th>' . $lang->get('history_col_summary') . '</th>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1315	}
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1316	echo ' <th>' . $lang->get('history_col_minor') . '</th>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1317	if ( $current == 'cnt_other' )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1318	{
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1319	echo ' <th>' . $lang->get('history_col_action_taken') . '</th>
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1320	<th>' . $lang->get('history_col_extra') . '</th>
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1321	';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1322	}
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1323	echo ' <th>' . $lang->get('history_col_actions') . '</th>
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1324	</tr>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1325	}
377 bb3e6c3bd4f4 Removed stray debugging info from ACL editor success notification; added ability for guests to set language on URI (?lang=eng); added html_in_pages ACL type and separated from php_in_pages so HTML can be embedded but not PHP; rewote portions of the path manager to better abstract URL input; added Zend Framework into list of BSD-licensed libraries; localized some remaining strings; got the migration script working, but just barely; fixed display bug in Special:Contributions; localized Main Page button in admin panel Dan parents: 372 diff changeset	1326	$$current++;
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1327	$cls = ( $cls == 'row1' ) ? 'row2' : 'row1';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1328
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1329	echo '<tr>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1330
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1331	// date & time
345 4ccdfeee9a11 WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite Dan parents: 343 diff changeset	1332	echo ' <td class="' . $cls . '">' . enano_date('d M Y h:i a', $row['time_id']) . '</td>';
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1333
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1334	// page & link to said page
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1335	echo ' <td class="' . $cls . '"><a href="' . makeUrlNS($row['namespace'], $row['page_id']) . '">' . get_page_title_ns($row['page_id'], $row['namespace']) . '</a></td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1336
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1337	switch ( $row['action'] )
81 d7fc25acd3f3 Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate Dan parents: 60 diff changeset	1338	{
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1339	case 'edit':
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1340	if ( $row['edit_summary'] == 'Automatic backup created when logs were purged' )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1341	{
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1342	$row['edit_summary'] = $lang->get('history_summary_clearlogs');
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1343	}
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1344	else if ( empty($row['edit_summary']) )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1345	{
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1346	$row['edit_summary'] = '<span style="color: #808080">' . $lang->get('history_summary_none_given') . '</span>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1347	}
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1348	echo ' <td class="' . $cls . '">' . $row['edit_summary'] . '</td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1349	if ( $row['minor_edit'] == 1 )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1350	{
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1351	echo '<td class="' . $cls . '"><b>M</b></td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1352	}
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1353	else
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1354	{
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1355	echo '<td class="' . $cls . '"></td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1356	}
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1357	break;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1358	case 'prot':
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1359	echo ' <td class="' . $cls . '"></td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1360	echo ' <td class="' . $cls . '">' . $lang->get('history_log_protect') . '</td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1361	echo ' <td class="' . $cls . '">' . $lang->get('history_extra_reason') . ' ' . $row['edit_summary'] . '</td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1362	break;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1363	case 'unprot':
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1364	echo ' <td class="' . $cls . '"></td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1365	echo ' <td class="' . $cls . '">' . $lang->get('history_log_unprotect') . '</td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1366	echo ' <td class="' . $cls . '">' . $lang->get('history_extra_reason') . ' ' . $row['edit_summary'] . '</td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1367	break;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1368	case 'semiprot':
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1369	echo ' <td class="' . $cls . '"></td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1370	echo ' <td class="' . $cls . '">' . $lang->get('history_log_semiprotect') . '</td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1371	echo ' <td class="' . $cls . '">' . $lang->get('history_extra_reason') . ' ' . $row['edit_summary'] . '</td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1372	break;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1373	case 'rename':
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1374	echo ' <td class="' . $cls . '"></td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1375	echo ' <td class="' . $cls . '">' . $lang->get('history_log_rename') . '</td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1376	echo ' <td class="' . $cls . '">' . $lang->get('history_extra_oldtitle') . ' ' . htmlspecialchars($row['edit_summary']) . '</td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1377	break;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1378	case 'create':
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1379	echo ' <td class="' . $cls . '"></td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1380	echo ' <td class="' . $cls . '">' . $lang->get('history_log_create') . '</td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1381	echo ' <td class="' . $cls . '"></td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1382	break;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1383	case 'delete':
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1384	echo ' <td class="' . $cls . '"></td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1385	echo ' <td class="' . $cls . '">' . $lang->get('history_log_delete') . '</td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1386	echo ' <td class="' . $cls . '">' . $lang->get('history_extra_reason') . ' ' . $row['edit_summary'] . '</td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1387	break;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1388	case 'reupload':
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1389	echo ' <td class="' . $cls . '"></td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1390	echo ' <td class="' . $cls . '">' . $lang->get('history_log_uploadnew') . '</td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1391	echo ' <td class="' . $cls . '">' . $lang->get('history_extra_reason') . ' ' . $row['edit_summary'] . '</td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1392	break;
81 d7fc25acd3f3 Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate Dan parents: 60 diff changeset	1393	}
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1394
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1395	// actions column
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1396	echo ' <td class="' . $cls . '" style="text-align: center;">';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1397	if ( $row['is_edit'] == 1 )
81 d7fc25acd3f3 Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate Dan parents: 60 diff changeset	1398	{
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1399	echo ' <a href="' . makeUrlNS($row['namespace'], $row['page_id'], "oldid={$row['time_id']}", true) . '">' . $lang->get('history_action_view') . '</a> \| ';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1400	echo ' <a href="' . makeUrlNS($row['namespace'], $row['page_id'], "do=rollback&id={$row['time_id']}", true) . '">' . $lang->get('history_action_restore') . '</a>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1401	}
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1402	else
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1403	{
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1404	echo ' <a href="' . makeUrlNS($row['namespace'], $row['page_id'], "do=rollback&id={$row['time_id']}", true) . '">' . $lang->get('history_action_revert') . '</a>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1405	}
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1406	echo ' </td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1407
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1408	if ( $current == 'cnt_other' && $cnt_edits + $cnt_other >= $db->numrows($q) )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1409	{
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1410	echo '</table></div>';
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1411	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1412	}
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1413
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1414	if ( $current == 'cnt_edits' )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1415	{
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1416	// no "other" edits, close the table
377 bb3e6c3bd4f4 Removed stray debugging info from ACL editor success notification; added ability for guests to set language on URI (?lang=eng); added html_in_pages ACL type and separated from php_in_pages so HTML can be embedded but not PHP; rewote portions of the path manager to better abstract URL input; added Zend Framework into list of BSD-licensed libraries; localized some remaining strings; got the migration script working, but just barely; fixed display bug in Special:Contributions; localized Main Page button in admin panel Dan parents: 372 diff changeset	1417	if ( $cnt_edits > 0 )
bb3e6c3bd4f4 Removed stray debugging info from ACL editor success notification; added ability for guests to set language on URI (?lang=eng); added html_in_pages ACL type and separated from php_in_pages so HTML can be embedded but not PHP; rewote portions of the path manager to better abstract URL input; added Zend Framework into list of BSD-licensed libraries; localized some remaining strings; got the migration script working, but just barely; fixed display bug in Special:Contributions; localized Main Page button in admin panel Dan parents: 372 diff changeset	1418	echo '</table></div>';
bb3e6c3bd4f4 Removed stray debugging info from ACL editor success notification; added ability for guests to set language on URI (?lang=eng); added html_in_pages ACL type and separated from php_in_pages so HTML can be embedded but not PHP; rewote portions of the path manager to better abstract URL input; added Zend Framework into list of BSD-licensed libraries; localized some remaining strings; got the migration script working, but just barely; fixed display bug in Special:Contributions; localized Main Page button in admin panel Dan parents: 372 diff changeset	1419	else
bb3e6c3bd4f4 Removed stray debugging info from ACL editor success notification; added ability for guests to set language on URI (?lang=eng); added html_in_pages ACL type and separated from php_in_pages so HTML can be embedded but not PHP; rewote portions of the path manager to better abstract URL input; added Zend Framework into list of BSD-licensed libraries; localized some remaining strings; got the migration script working, but just barely; fixed display bug in Special:Contributions; localized Main Page button in admin panel Dan parents: 372 diff changeset	1420	echo '<p>' . $lang->get('userfuncs_contribs_msg_no_edits') . '</p>';
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1421	echo '<h3>' . $lang->get('userfuncs_contribs_heading_other') . '</h3>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1422	echo '<p>' . $lang->get('userfuncs_contribs_msg_no_other') . '</p>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1423	}
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1424
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1425	$db->free_result();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1426	$template->footer();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1427	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1428
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1429	function page_Special_ChangeStyle()
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1430	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1431	global $db, $session, $paths, $template, $plugins; // Common objects
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1432	global $lang;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1433
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1434	if ( !$session->user_logged_in )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1435	{
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1436	die_friendly('Access denied', '<p>You must be logged in to change your style. Spoofer.</p>');
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1437	}
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1438	if(isset($_POST['theme']) && isset($_POST['style']) && isset($_POST['return_to']))
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1439	{
81 d7fc25acd3f3 Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate Dan parents: 60 diff changeset	1440	if ( !preg_match('/^([a-z0-9_-]+)$/i', $_POST['theme']) )
d7fc25acd3f3 Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate Dan parents: 60 diff changeset	1441	die('Hacking attempt');
d7fc25acd3f3 Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate Dan parents: 60 diff changeset	1442	if ( !preg_match('/^([a-z0-9_-]+)$/i', $_POST['style']) )
d7fc25acd3f3 Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate Dan parents: 60 diff changeset	1443	die('Hacking attempt');
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1444	$d = ENANO_ROOT . '/themes/' . $_POST['theme'];
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1445	$f = ENANO_ROOT . '/themes/' . $_POST['theme'] . '/css/' . $_POST['style'] . '.css';
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1446	if ( !file_exists($d) \|\| !is_dir($d) )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1447	{
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1448	die('The directory "'.$d.'" does not exist.');
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1449	}
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1450	if ( !file_exists($f) )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1451	{
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1452	die('The file "'.$f.'" does not exist.');
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1453	}
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1454	$d = $db->escape($_POST['theme']);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1455	$f = $db->escape($_POST['style']);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1456	$q = 'UPDATE '.table_prefix.'users SET theme=\''.$d.'\',style=\''.$f.'\' WHERE username=\''.$session->username.'\'';
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1457	if ( !$db->sql_query($q) )
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1458	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1459	$db->_die('Your theme/style preferences were not updated.');
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1460	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1461	else
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1462	{
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1463	redirect(makeUrl($_POST['return_to']), $lang->get('userfuncs_changetheme_success_title'), $lang->get('userfuncs_changetheme_success_body'), 3);
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1464	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1465	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1466	else
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1467	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1468	$template->header();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1469	$ret = ( isset($_POST['return_to']) ) ? $_POST['return_to'] : $paths->getParam(0);
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1470	if ( !$ret )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1471	{
741 a216e412c439 Added ability to have alternate main page for members Dan parents: 701 diff changeset	1472	$ret = get_main_page();
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1473	}
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1474	?>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1475	<form action="<?php echo makeUrl($paths->page); ?>" method="post">
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1476	<?php if ( !isset($_POST['themeselected']) ) { ?>
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1477	<h3><?php echo $lang->get('userfuncs_changetheme_heading_theme'); ?></h3>
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1478	<p>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1479	<select name="theme">
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1480	<?php
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1481	foreach ( $template->theme_list as $t )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1482	{
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1483	if ( $t['enabled'] )
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1484	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1485	echo '<option value="'.$t['theme_id'].'"';
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1486	if ( $t['theme_id'] == $session->theme )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1487	{
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1488	echo ' selected="selected"';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1489	}
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1490	echo '>' . $t['theme_name'] . '</option>';
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1491	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1492	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1493	?>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1494	</select>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1495	</p>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1496	<p><input type="hidden" name="return_to" value="<?php echo $ret; ?>" />
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1497	<input type="submit" name="themeselected" value="<?php echo $lang->get('userfuncs_changetheme_btn_continue'); ?>" /></p>
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1498	<?php } else {
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1499	$theme = $_POST['theme'];
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1500	if ( !preg_match('/^([0-9A-z_-]+)$/i', $theme ) )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1501	die('Hacking attempt');
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1502	?>
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1503	<h3><?php echo $lang->get('userfuncs_changetheme_heading_style'); ?></h3>
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1504	<p>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1505	<select name="style">
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1506	<?php
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1507	$dir = './themes/'.$theme.'/css/';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1508	$list = Array();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1509	// Open a known directory, and proceed to read its contents
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1510	if (is_dir($dir)) {
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1511	if ($dh = opendir($dir)) {
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1512	while (($file = readdir($dh)) !== false) {
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1513	if(preg_match('#^(.*?)\.css$#is', $file) && $file != '_printable.css') {
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1514	$list[] = substr($file, 0, strlen($file)-4);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1515	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1516	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1517	closedir($dh);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1518	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1519	} else die($dir.' is not a dir');
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1520	foreach ( $list as $l )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1521	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1522	echo '<option value="'.$l.'">'.capitalize_first_letter($l).'</option>';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1523	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1524	?>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1525	</select>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1526	</p>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1527	<p><input type="hidden" name="return_to" value="<?php echo $ret; ?>" />
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1528	<input type="hidden" name="theme" value="<?php echo $theme; ?>" />
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1529	<input type="submit" name="allclear" value="<?php echo $lang->get('userfuncs_changetheme_btn_allclear'); ?>" /></p>
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1530	<?php } ?>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1531	</form>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1532	<?php
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1533	$template->footer();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1534	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1535	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1536
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1537	function page_Special_ActivateAccount()
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1538	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1539	global $db, $session, $paths, $template, $plugins; // Common objects
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1540	global $lang;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1541
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1542	$user = $paths->getParam(0);
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1543	if ( !$user )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1544	{
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1545	die_friendly($lang->get('userfuncs_activate_err_badlink_title'), '<p>' . $lang->get('userfuncs_activate_err_badlink_body') . '</p>');
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1546	}
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1547	$key = $paths->getParam(1);
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1548	if ( !$key )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1549	{
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1550	die_friendly($lang->get('userfuncs_activate_err_badlink_title'), '<p>' . $lang->get('userfuncs_activate_err_badlink_body') . '</p>');
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1551	}
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1552	$s = $session->activate_account(str_replace('_', ' ', $user), $key);
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1553	if ( $s > 0 )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1554	{
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1555	die_friendly($lang->get('userfuncs_activate_success_title'), '<p>' . $lang->get('userfuncs_activate_success_body') . '</p>');
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1556	}
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1557	else
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1558	{
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1559	die_friendly($lang->get('userfuncs_activate_err_badlink_title'), '<p>' . $lang->get('userfuncs_activate_err_bad_key') . '</p>');
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1560	}
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1561	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1562
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1563	function page_Special_Captcha()
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1564	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1565	global $db, $session, $paths, $template, $plugins; // Common objects
263 d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true Dan parents: 192 diff changeset	1566	if ( $paths->getParam(0) == 'make' )
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1567	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1568	$session->kill_captcha();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1569	echo $session->make_captcha();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1570	return;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1571	}
263 d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true Dan parents: 192 diff changeset	1572
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1573	$hash = $paths->getParam(0);
401 6ae6e387a0e3 Implemented a new CAPTCHA API; the frontend ($session->{make,get}_captcha) is API-compatible but the backend (the captcha class) is deprecated. Dan parents: 387 diff changeset	1574	if ( !$hash \|\| !preg_match('#^([0-9a-f]*){32,40}$#i', $hash) )
263 d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true Dan parents: 192 diff changeset	1575	{
d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true Dan parents: 192 diff changeset	1576	$paths->main_page();
d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true Dan parents: 192 diff changeset	1577	}
402 d907601ccad2 Fixed some captcha bugs and made all captcha fields case-insensitive Dan parents: 401 diff changeset	1578
d907601ccad2 Fixed some captcha bugs and made all captcha fields case-insensitive Dan parents: 401 diff changeset	1579	$session->make_captcha(7, $hash);
401 6ae6e387a0e3 Implemented a new CAPTCHA API; the frontend ($session->{make,get}_captcha) is API-compatible but the backend (the captcha class) is deprecated. Dan parents: 387 diff changeset	1580	$code = $session->generate_captcha_code();
6ae6e387a0e3 Implemented a new CAPTCHA API; the frontend ($session->{make,get}_captcha) is API-compatible but the backend (the captcha class) is deprecated. Dan parents: 387 diff changeset	1581	$q = $db->sql_query('UPDATE ' . table_prefix . "captcha SET code = '$code' WHERE session_id = '$hash';");
263 d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true Dan parents: 192 diff changeset	1582	if ( !$q )
401 6ae6e387a0e3 Implemented a new CAPTCHA API; the frontend ($session->{make,get}_captcha) is API-compatible but the backend (the captcha class) is deprecated. Dan parents: 387 diff changeset	1583	$db->_die();
263 d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true Dan parents: 192 diff changeset	1584
d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true Dan parents: 192 diff changeset	1585	require ( ENANO_ROOT.'/includes/captcha.php' );
401 6ae6e387a0e3 Implemented a new CAPTCHA API; the frontend ($session->{make,get}_captcha) is API-compatible but the backend (the captcha class) is deprecated. Dan parents: 387 diff changeset	1586	$captcha = captcha_object($hash, 'freecap');
472 bc4b58034f4d Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug Dan parents: 459 diff changeset	1587	// $captcha->debug = true;
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1588	$captcha->make_image();
401 6ae6e387a0e3 Implemented a new CAPTCHA API; the frontend ($session->{make,get}_captcha) is API-compatible but the backend (the captcha class) is deprecated. Dan parents: 387 diff changeset	1589
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1590	exit;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1591	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1592
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1593	function page_Special_PasswordReset()
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1594	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1595	global $db, $session, $paths, $template, $plugins; // Common objects
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1596	global $lang;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1597
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1598	$template->header();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1599	if($paths->getParam(0) == 'stage2')
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1600	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1601	$user_id = intval($paths->getParam(1));
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1602	$encpass = $paths->getParam(2);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1603	if ( $user_id < 2 )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1604	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1605	echo '<p>Hacking attempt</p>';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1606	$template->footer();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1607	return false;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1608	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1609	if(!preg_match('#^([a-f0-9]+)$#i', $encpass))
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1610	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1611	echo '<p>Hacking attempt</p>';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1612	$template->footer();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1613	return false;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1614	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1615
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1616	$q = $db->sql_query('SELECT username,temp_password_time FROM '.table_prefix.'users WHERE user_id='.$user_id.' AND temp_password=\'' . $encpass . '\';');
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1617	if($db->numrows() < 1)
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1618	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1619	echo '<p>Invalid credentials</p>';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1620	$template->footer();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1621	return false;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1622	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1623	$row = $db->fetchrow();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1624	$db->free_result();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1625
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1626	if ( ( intval($row['temp_password_time']) + ( 3600 * 24 ) ) < time() )
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1627	{
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1628	echo '<p>' . $lang->get('userfuncs_passreset_err_pass_expired', array('reset_url' => makeUrlNS('Special', 'PasswordReset'))) . '</p>';
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1629	$template->footer();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1630	return false;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1631	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1632
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1633	if ( isset($_POST['do_stage2']) )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1634	{
286 b2f985e4cef3 Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added Dan parents: 270 diff changeset	1635	$aes = AESCrypt::singleton(AES_BITS, AES_BLOCKSIZE);
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1636	if($_POST['use_crypt'] == 'yes')
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1637	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1638	$crypt_key = $session->fetch_public_key($_POST['crypt_key']);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1639	if(!$crypt_key)
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1640	{
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1641	echo $lang->get('user_err_key_not_found');
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1642	$template->footer();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1643	return false;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1644	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1645	$crypt_key = hexdecode($crypt_key);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1646	$data = $aes->decrypt($_POST['crypt_data'], $crypt_key, ENC_HEX);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1647	if(strlen($data) < 6)
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1648	{
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1649	echo $lang->get('userfuncs_passreset_err_too_short');
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1650	$template->footer();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1651	return false;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1652	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1653	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1654	else
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1655	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1656	$data = $_POST['pass'];
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1657	$conf = $_POST['pass_confirm'];
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1658	if($data != $conf)
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1659	{
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1660	echo $lang->get('userfuncs_passreset_err_no_match');
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1661	$template->footer();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1662	return false;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1663	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1664	if(strlen($data) < 6)
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1665	{
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1666	echo $lang->get('userfuncs_passreset_err_too_short');
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1667	$template->footer();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1668	return false;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1669	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1670	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1671	if(empty($data))
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1672	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1673	echo 'ERROR: Sanity check failed!';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1674	$template->footer();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1675	return false;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1676	}
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1677	if ( getConfig('pw_strength_enable') == '1' )
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1678	{
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1679	$min_score = intval(getConfig('pw_strength_minimum'));
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1680	$inp_score = password_score($data);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1681	if ( $inp_score < $min_score )
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1682	{
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1683	$url = makeUrl($paths->fullpage);
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1684	echo "<p>" . $lang->get('userfuncs_passreset_err_failed_score', array('inp_score' => $inp_score, 'url' => $url)) . "</p>";
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1685	$template->footer();
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1686	return false;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1687	}
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1688	}
591 2529833a7731 Made $session->private_key protected and added pk_{en,de}crypt methods for encrypting and decrypting data using the private key Dan parents: 590 diff changeset	1689	$encpass = $session->pk_encrypt($data, ENC_HEX);
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1690	$q = $db->sql_query('UPDATE '.table_prefix.'users SET password=\'' . $encpass . '\',temp_password=\'\',temp_password_time=0 WHERE user_id='.$user_id.';');
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1691
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1692	if($q)
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1693	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1694	$session->login_without_crypto($row['username'], $data);
741 a216e412c439 Added ability to have alternate main page for members Dan parents: 701 diff changeset	1695	echo '<p>' . $lang->get('userfuncs_passreset_stage2_success', array('url_mainpage' => makeUrl(get_main_page()))) . '</p>';
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1696	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1697	else
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1698	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1699	echo $db->get_error();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1700	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1701
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1702	$template->footer();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1703	return false;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1704	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1705
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1706	// Password reset form
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1707	$pubkey = $session->rijndael_genkey();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1708
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1709	$evt_get_score = ( getConfig('pw_strength_enable') == '1' ) ? 'onkeyup="password_score_field(this);" ' : '';
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1710	$pw_meter = ( getConfig('pw_strength_enable') == '1' ) ? '<tr><td class="row1">' . $lang->get('userfuncs_passreset_stage2_lbl_strength') . '</td><td class="row1"><div id="pwmeter"></div><script type="text/javascript">password_score_field(document.forms.resetform.pass);</script></td></tr>' : '';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1711	$pw_blurb = ( getConfig('pw_strength_enable') == '1' && intval(getConfig('pw_strength_minimum')) > -10 ) ? '<br /><small>' . $lang->get('userfuncs_passreset_stage2_blurb_strength') . '</small>' : '';
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1712
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1713	?>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1714	<form action="<?php echo makeUrl($paths->fullpage); ?>" method="post" name="resetform" onsubmit="return runEncryption();">
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1715	<br />
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1716	<div class="tblholder">
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1717	<table border="0" style="width: 100%;" cellspacing="1" cellpadding="4">
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1718	<tr><th colspan="2"><?php echo $lang->get('userfuncs_passreset_stage2_th'); ?></th></tr>
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1719	<tr><td class="row1"><?php echo $lang->get('userfuncs_passreset_stage2_lbl_password'); ?> <?php echo $pw_blurb; ?></td><td class="row1"><input name="pass" type="password" <?php echo $evt_get_score; ?>/></td></tr>
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1720	<tr><td class="row2"><?php echo $lang->get('userfuncs_passreset_stage2_lbl_confirm'); ?> </td><td class="row2"><input name="pass_confirm" type="password" /></td></tr>
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1721	<?php echo $pw_meter; ?>
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1722	<tr>
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1723	<td colspan="2" class="row3" style="text-align: center;">
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1724	<input type="hidden" name="use_crypt" value="no" />
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1725	<input type="hidden" name="crypt_key" value="<?php echo $pubkey; ?>" />
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1726	<input type="hidden" name="crypt_data" value="" />
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1727	<input type="submit" name="do_stage2" value="<?php echo $lang->get('userfuncs_passreset_stage2_btn_submit'); ?>" />
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1728	</td>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1729	</tr>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1730	</table>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1731	</div>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1732	</form>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1733	<script type="text/javascript">
57 b354deeaa4c4 Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions Dan parents: 32 diff changeset	1734	if ( !KILL_SWITCH )
b354deeaa4c4 Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions Dan parents: 32 diff changeset	1735	{
b354deeaa4c4 Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions Dan parents: 32 diff changeset	1736	disableJSONExts();
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1737	str = '';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1738	for(i=0;i<keySizeInBits/4;i++) str+='0';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1739	var key = hexToByteArray(str);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1740	var pt = hexToByteArray(str);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1741	var ct = rijndaelEncrypt(pt, key, "ECB");
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1742	var ct = byteArrayToHex(ct);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1743	switch(keySizeInBits)
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1744	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1745	case 128:
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1746	v = '66e94bd4ef8a2c3b884cfa59ca342b2e';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1747	break;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1748	case 192:
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1749	v = 'aae06992acbf52a3e8f4a96ec9300bd7aae06992acbf52a3e8f4a96ec9300bd7';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1750	break;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1751	case 256:
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1752	v = 'dc95c078a2408989ad48a21492842087dc95c078a2408989ad48a21492842087';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1753	break;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1754	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1755	var testpassed = ( ct == v && md5_vm_test() );
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1756	var frm = document.forms.resetform;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1757	if(testpassed)
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1758	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1759	frm.use_crypt.value = 'yes';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1760	var cryptkey = frm.crypt_key.value;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1761	frm.crypt_key.value = hex_md5(cryptkey);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1762	cryptkey = hexToByteArray(cryptkey);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1763	if(!cryptkey \|\| ( ( typeof cryptkey == 'string' \|\| typeof cryptkey == 'object' ) ) && cryptkey.length != keySizeInBits / 8 )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1764	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1765	frm._login.disabled = true;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1766	len = ( typeof cryptkey == 'string' \|\| typeof cryptkey == 'object' ) ? '\nLen: '+cryptkey.length : '';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1767	alert('The key is messed up\nType: '+typeof(cryptkey)+len);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1768	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1769	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1770	function runEncryption()
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1771	{
57 b354deeaa4c4 Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions Dan parents: 32 diff changeset	1772	var frm = document.forms.resetform;
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1773	pass1 = frm.pass.value;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1774	pass2 = frm.pass_confirm.value;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1775	if ( pass1 != pass2 )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1776	{
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1777	alert($lang.get('userfuncs_passreset_err_no_match'));
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1778	return false;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1779	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1780	if ( pass1.length < 6 )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1781	{
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1782	alert($lang.get('userfuncs_passreset_err_too_short'));
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1783	return false;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1784	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1785	if(testpassed)
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1786	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1787	pass = frm.pass.value;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1788	pass = stringToByteArray(pass);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1789	cryptstring = rijndaelEncrypt(pass, cryptkey, 'ECB');
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1790	if(!cryptstring)
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1791	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1792	return false;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1793	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1794	cryptstring = byteArrayToHex(cryptstring);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1795	frm.crypt_data.value = cryptstring;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1796	frm.pass.value = "";
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1797	frm.pass_confirm.value = "";
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1798	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1799	return true;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1800	}
57 b354deeaa4c4 Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions Dan parents: 32 diff changeset	1801	}
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1802	</script>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1803	<?php
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1804	$template->footer();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1805	return true;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1806	}
701 dd80cde96a6c Autocomplete further stabilized. Made Special:PasswordReset and Special:Register prevent use if logged in. Dan parents: 688 diff changeset	1807	if ( $session->user_logged_in )
dd80cde96a6c Autocomplete further stabilized. Made Special:PasswordReset and Special:Register prevent use if logged in. Dan parents: 688 diff changeset	1808	{
dd80cde96a6c Autocomplete further stabilized. Made Special:PasswordReset and Special:Register prevent use if logged in. Dan parents: 688 diff changeset	1809	$paths->main_page();
dd80cde96a6c Autocomplete further stabilized. Made Special:PasswordReset and Special:Register prevent use if logged in. Dan parents: 688 diff changeset	1810	}
dd80cde96a6c Autocomplete further stabilized. Made Special:PasswordReset and Special:Register prevent use if logged in. Dan parents: 688 diff changeset	1811
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1812	if(isset($_POST['do_reset']))
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1813	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1814	if($session->mail_password_reset($_POST['username']))
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1815	{
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1816	echo '<p>' . $lang->get('userfuncs_passreset_stage1_success') . '</p>';
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1817	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1818	else
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1819	{
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1820	echo '<p>' . $lang->get('userfuncs_passreset_stage1_error') . '</p>';
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1821	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1822	$template->footer();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1823	return true;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1824	}
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1825	echo '<p>' . $lang->get('userfuncs_passreset_blurb_line1') . '</p>
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1826	<p>' . $lang->get('userfuncs_passreset_blurb_line2') . '</p>
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1827	<form action="'.makeUrl($paths->page).'" method="post" onsubmit="if(!submitAuthorized) return false;">
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1828	<p>' . $lang->get('userfuncs_passreset_lbl_username') . ' '.$template->username_field('username').'</p>
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1829	<p><input type="submit" name="do_reset" value="' . $lang->get('userfuncs_passreset_btn_mailpasswd') . '" /></p>
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1830	</form>';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1831	$template->footer();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1832	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1833
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1834	function page_Special_Memberlist()
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1835	{
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1836	global $db, $session, $paths, $template, $plugins; // Common objects
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1837	global $lang;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1838
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1839	$template->header();
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1840
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1841	$startletters = 'abcdefghijklmnopqrstuvwxyz';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1842	$startletters = enano_str_split($startletters);
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1843	$startletter = ( isset($_GET['letter']) ) ? strtolower($_GET['letter']) : '';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1844	if ( !in_array($startletter, $startletters) && $startletter != 'chr' )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1845	{
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1846	$startletter = '';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1847	}
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1848
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1849	$startletter_sql = $startletter;
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1850	if ( $startletter == 'chr' )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1851	{
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1852	$startletter_sql = '([^a-z])';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1853	}
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1854
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1855	// offset
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1856	$offset = ( isset($_GET['offset']) && strval(intval($_GET['offset'])) === $_GET['offset']) ? intval($_GET['offset']) : 0;
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1857
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1858	// sort order
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1859	$sortkeys = array(
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1860	'uid' => 'u.user_id',
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1861	'username' => 'u.username',
111 b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	1862	'email' => 'u.email',
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	1863	'regist' => 'u.reg_time'
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1864	);
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1865
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1866	$sortby = ( isset($_GET['sort']) && isset($sortkeys[$_GET['sort']]) ) ? $_GET['sort'] : 'username';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1867	$sort_sqllet = $sortkeys[$sortby];
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1868
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1869	$target_order = ( isset($_GET['orderby']) && in_array($_GET['orderby'], array('ASC', 'DESC')) )? $_GET['orderby'] : 'ASC';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1870
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1871	$sortorders = array();
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1872	foreach ( $sortkeys as $k => $_unused )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1873	{
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1874	$sortorders[$k] = ( $sortby == $k ) ? ( $target_order == 'ASC' ? 'DESC' : 'ASC' ) : 'ASC';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1875	}
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1876
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1877	// Why 3.3714%? 100 percent / 28 cells, minus a little (0.2% / cell) to account for cell spacing
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1878
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1879	echo '<div class="tblholder">
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1880	<table border="0" cellspacing="1" cellpadding="4" style="text-align: center;">
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1881	<tr>';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1882	echo '<td class="row1" style="width: 3.3714%;"><a href="' . makeUrlNS('Special', 'Memberlist', 'letter=&sort=' . $sortby . '&orderby=' . $target_order, true) . '">All</a></td>';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1883	echo '<td class="row1" style="width: 3.3714%;"><a href="' . makeUrlNS('Special', 'Memberlist', 'letter=chr&sort=' . $sortby . '&orderby=' . $target_order, true) . '">#</a></td>';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1884	foreach ( $startletters as $letter )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1885	{
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1886	echo '<td class="row1" style="width: 3.3714%;"><a href="' . makeUrlNS('Special', 'Memberlist', 'letter=' . $letter . '&sort=' . $sortby . '&orderby=' . $target_order, true) . '">' . strtoupper($letter) . '</a></td>';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1887	}
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1888	echo ' </tr>
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1889	</table>
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1890	</div>';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1891
105 f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1892	// User search
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1893	if ( isset($_GET['finduser']) )
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1894	{
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1895	$finduser = str_replace(array( '%', '_'),
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1896	array('\\%', '\\_'),
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1897	$_GET['finduser']);
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1898	$finduser = str_replace(array('*', '?'),
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1899	array('%', '_'),
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1900	$finduser);
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1901	$finduser = $db->escape($finduser);
322 5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time. Dan parents: 317 diff changeset	1902	$username_where = ENANO_SQLFUNC_LOWERCASE . '(u.username) LIKE \'%' . strtolower($finduser) . '%\'';
105 f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1903	$finduser_url = 'finduser=' . rawurlencode($_GET['finduser']) . '&';
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1904	}
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1905	else
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1906	{
322 5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time. Dan parents: 317 diff changeset	1907	if ( ENANO_DBLAYER == 'MYSQL' )
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time. Dan parents: 317 diff changeset	1908	$username_where = 'lcase(u.username) REGEXP lcase("^' . $startletter_sql . '")';
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time. Dan parents: 317 diff changeset	1909	else if ( ENANO_DBLAYER == 'PGSQL' )
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time. Dan parents: 317 diff changeset	1910	$username_where = 'lower(u.username) ~ lower(\'^' . $startletter_sql . '\')';
105 f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1911	$finduser_url = '';
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1912	}
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1913
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1914	// Column markers
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1915	$headings = '<tr>
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1916	<th style="max-width: 50px;">
105 f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1917	<a href="' . makeUrlNS('Special', 'Memberlist', $finduser_url . 'letter=' . $startletter . '&sort=uid&orderby=' . $sortorders['uid'], true) . '">#</a>
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1918	</th>
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1919	<th>
342 ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	1920	<a href="' . makeUrlNS('Special', 'Memberlist', $finduser_url . 'letter=' . $startletter . '&sort=username&orderby=' . $sortorders['username'], true) . '">' . $lang->get('userfuncs_ml_column_username') . '</a>
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1921	</th>
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1922	<th>
342 ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	1923	' . $lang->get('userfuncs_ml_column_userlevel') . '
111 b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	1924	</th>
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	1925	<th>
342 ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	1926	<a href="' . makeUrlNS('Special', 'Memberlist', $finduser_url . 'letter=' . $startletter . '&sort=email&orderby=' . $sortorders['email'], true) . '">' . $lang->get('userfuncs_ml_column_email') . '</a>
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1927	</th>
111 b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	1928	<th>
342 ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	1929	<a href="' . makeUrlNS('Special', 'Memberlist', $finduser_url . 'letter=' . $startletter . '&sort=regist&orderby=' . $sortorders['regist'], true) . '">' . $lang->get('userfuncs_ml_column_regtime') . '</a>
111 b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	1930	</th>
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1931	</tr>';
105 f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1932
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1933	// determine number of rows
322 5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time. Dan parents: 317 diff changeset	1934	$q = $db->sql_query('SELECT u.user_id FROM '.table_prefix.'users AS u WHERE ' . $username_where . ' AND u.username != \'Anonymous\';');
105 f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1935	if ( !$q )
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1936	$db->_die();
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1937
105 f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1938	$num_rows = $db->numrows();
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1939	$db->free_result();
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1940
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1941	if ( !empty($finduser_url) )
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1942	{
342 ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	1943	switch ( $num_rows )
ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	1944	{
ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	1945	case 0:
ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	1946	$str = $lang->get('userfuncs_ml_msg_matches_zero'); break;
ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	1947	case 1:
ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	1948	$str = $lang->get('userfuncs_ml_msg_matches_one'); break;
ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	1949	default:
ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	1950	$str = $lang->get('userfuncs_ml_msg_matches', array('matches' => $num_rows)); break;
ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	1951	}
ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	1952	echo "<h3>$str</h3>";
105 f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1953	}
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1954
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1955	// main selector
684 15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	1956	$pgsql_additional_group_by = ( ENANO_DBLAYER == 'PGSQL' ) ? ', u.username, u.reg_time, u.email, u.user_level, u.user_has_avatar, u.avatar_type, x.email_public' : '';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	1957	$q = $db->sql_unbuffered_query('SELECT \'\' AS infobit, u.user_id, u.username, u.reg_time, u.email, u.user_level, u.user_has_avatar, u.avatar_type, x.email_public, COUNT(c.comment_id) AS num_comments FROM '.table_prefix.'users AS u
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1958	LEFT JOIN '.table_prefix.'users_extra AS x
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1959	ON ( u.user_id = x.user_id )
684 15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	1960	LEFT JOIN ' . table_prefix . 'comments AS c
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	1961	ON ( u.user_id = c.user_id )
322 5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time. Dan parents: 317 diff changeset	1962	WHERE ' . $username_where . ' AND u.username != \'Anonymous\'
684 15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	1963	GROUP BY u.user_id' . $pgsql_additional_group_by . '
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1964	ORDER BY ' . $sort_sqllet . ' ' . $target_order . ';');
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1965	if ( !$q )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1966	$db->_die();
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1967
684 15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	1968	// formatter parameters
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	1969	$formatter = new MemberlistFormatter();
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	1970	$formatters = array(
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	1971	'username' => array($formatter, 'username'),
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	1972	'user_level' => array($formatter, 'user_level'),
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	1973	'email' => array($formatter, 'email'),
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	1974	'reg_time' => array($formatter, 'reg_time'),
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	1975	'infobit' => array($formatter, 'infobit')
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	1976	);
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	1977
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1978	$html = paginate(
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1979	$q, // MySQL result resource
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1980	'<tr>
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1981	<td class="{_css_class}">{user_id}</td>
111 b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	1982	<td class="{_css_class}" style="text-align: left;">{username}</td>
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	1983	<td class="{_css_class}">{user_level}</td>
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1984	<td class="{_css_class}">{email}</small></td>
111 b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	1985	<td class="{_css_class}">{reg_time}</td>
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1986	</tr>
684 15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	1987	<tr>
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	1988	<td colspan="5" class="row3" style="text-align: left;">
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	1989	<div id="ml_moreinfo_{user_id}" style="display: none;">
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	1990	{infobit}
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	1991	</div>
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	1992	</td>
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	1993	</tr>
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1994	', // TPL code for rows
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1995	$num_rows, // Number of results
105 f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1996	makeUrlNS('Special', 'Memberlist', ( str_replace('%', '%%', $finduser_url) ) . 'letter=' . $startletter . '&offset=%s&sort=' . $sortby . '&orderby=' . $target_order ), // Result URL
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1997	$offset, // Start at this number
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1998	25, // Results per page
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1999	$formatters, // Formatting hooks
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2000	'<div class="tblholder">
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2001	<table border="0" cellspacing="1" cellpadding="4" style="text-align: center;">
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2002	' . $headings . '
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2003	', // Header (printed before rows)
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2004	' ' . $headings . '
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2005	</table>
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2006	</div>
105 f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	2007	' .
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	2008	'<div style="float: left;">
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	2009	<form action="' . makeUrlNS('Special', 'Memberlist') . '" method="get" onsubmit="if ( !submitAuthorized ) return false;">'
322 5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time. Dan parents: 317 diff changeset	2010	. ( urlSeparator == '&' ? '<input type="hidden" name="title" value="' . htmlspecialchars( $paths->page ) . '" />' : '' )
115 261f367623af Fixed the obnoxious issue with forms using GET and index.php?title=Foo URL scheme (this works a whole lot better than MediaWiki now Dan parents: 111 diff changeset	2011	. ( $session->sid_super ? '<input type="hidden" name="auth" value="' . $session->sid_super . '" />' : '')
342 ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	2012	. '<p>' . $lang->get('userfuncs_ml_lbl_finduser') . ' ' . $template->username_field('finduser') . ' <input type="submit" value="' . $lang->get('userfuncs_ml_btn_go') . '" /><br />
ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	2013	<small>' . $lang->get('userfuncs_ml_tip_wildcard') . '</small></p>'
105 f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	2014	. '</form>
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	2015	</div>' // Footer (printed after rows)
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2016	);
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2017
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2018	if ( $num_rows < 1 )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2019	{
342 ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	2020	echo ( isset($_GET['finduser']) ) ? '<p>' . $lang->get('userfuncs_ml_err_nousers_find') . '</p>' :
ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	2021	'<p>' . $lang->get('userfuncs_ml_err_nousers') . '</p>';
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2022	}
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2023	else
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2024	{
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2025	echo $html;
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2026	}
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2027
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2028	$template->footer();
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2029	}
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2030
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2031	/**
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2032	* Class for formatting results for the memberlist.
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2033	* @access private
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2034	*/
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2035
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2036	class MemberlistFormatter
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2037	{
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2038	function username($username, $row)
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2039	{
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2040	global $db, $session, $paths, $template, $plugins; // Common objects
342 ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	2041	global $lang;
ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	2042
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2043	$userpage = $paths->nslist['User'] . sanitize_page_id($username);
684 15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2044	$class = ( isPage($userpage) ) ? '' : ' class="wikilink-nonexistent"';
743 0acb5d0f8328 Fixed: Special:Memberlist still used SpryEffects Dan parents: 741 diff changeset	2045	$anchor = '<a href="' . makeUrlNS('User', sanitize_page_id($username)) . '"' . $class . ' onclick="load_component(\'jquery\'); load_component(\'jquery-ui\'); var el = document.getElementById(\'ml_moreinfo_' . $row['user_id'] . '\'); $(el).toggle(\'blind\'); return false;">' . htmlspecialchars($username) . '</a>';
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2046	if ( $session->user_level >= USER_LEVEL_ADMIN )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2047	{
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2048	$anchor .= ' <small>- <a href="' . makeUrlNS('Special', 'Administration', 'module=' . $paths->nslist['Admin'] . 'UserManager&src=get&username=' . urlencode($username), true) . '"
342 ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	2049	onclick="ajaxAdminUser(\'' . addslashes(htmlspecialchars($username)) . '\'); return false;">' . $lang->get('userfuncs_ml_btn_adminuser') . '</a></small>';
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2050	}
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2051	return $anchor;
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2052	}
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2053	function user_level($level, $row)
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2054	{
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2055	global $db, $session, $paths, $template, $plugins; // Common objects
342 ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	2056	global $lang;
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2057	switch ( $level )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2058	{
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2059	case USER_LEVEL_GUEST:
342 ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	2060	$s_level = $lang->get('userfuncs_ml_level_guest'); break;
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2061	case USER_LEVEL_MEMBER:
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2062	case USER_LEVEL_CHPREF:
342 ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	2063	$s_level = $lang->get('userfuncs_ml_level_member'); break;
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2064	case USER_LEVEL_MOD:
342 ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	2065	$s_level = $lang->get('userfuncs_ml_level_mod'); break;
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2066	case USER_LEVEL_ADMIN:
342 ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	2067	$s_level = $lang->get('userfuncs_ml_level_admin'); break;
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2068	default:
342 ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	2069	$s_level = $lang->get('userfuncs_ml_level_unknown', array( 'level' => $level ));
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2070	}
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2071	return $s_level;
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2072	}
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2073	function email($addy, $row)
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2074	{
342 ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	2075	global $lang;
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2076	if ( $row['email_public'] == '1' )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2077	{
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2078	global $email;
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2079	$addy = $email->encryptEmail($addy);
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2080	return $addy;
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2081	}
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2082	else
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2083	{
342 ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	2084	return '<small><' . $lang->get('userfuncs_ml_email_nonpublic') . '></small>';
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2085	}
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2086	}
111 b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2087	/**
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2088	* Format a time as a reference to a day, with user-friendly "X days ago"/"Today"/"Yesterday" returned when relevant.
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2089	* @param int UNIX timestamp
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2090	* @return string
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2091	*/
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2092
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2093	function format_date($time)
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2094	{
342 ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	2095	global $lang;
345 4ccdfeee9a11 WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite Dan parents: 343 diff changeset	2096	// Our formattting string to pass to enano_date()
111 b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2097	// This should not include minute/second info, only today's date in whatever format suits your fancy
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2098	$formatstring = 'F j, Y';
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2099	// Today's date
345 4ccdfeee9a11 WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite Dan parents: 343 diff changeset	2100	$today = enano_date($formatstring);
111 b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2101	// Yesterday's date
345 4ccdfeee9a11 WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite Dan parents: 343 diff changeset	2102	$yesterday = enano_date($formatstring, (time() - (246060)));
111 b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2103	// Date on the input
345 4ccdfeee9a11 WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite Dan parents: 343 diff changeset	2104	$then = enano_date($formatstring, $time);
111 b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2105	// "X days ago" logic
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2106	for ( $i = 2; $i <= 6; $i++ )
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2107	{
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2108	// hours_in_day * minutes_in_hour * seconds_in_minute * num_days
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2109	$offset = 24 * 60 * 60 * $i;
345 4ccdfeee9a11 WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite Dan parents: 343 diff changeset	2110	$days_ago = enano_date($formatstring, (time() - $offset));
111 b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2111	// so does the input timestamp match the date from $i days ago?
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2112	if ( $then == $days_ago )
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2113	{
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2114	// yes, return $i
342 ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	2115	return $lang->get('userfuncs_ml_date_daysago', array('days_ago' => $i));
111 b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2116	}
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2117	}
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2118	// either yesterday, today, or before 6 days ago
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2119	switch($then)
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2120	{
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2121	case $today:
342 ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	2122	return $lang->get('userfuncs_ml_date_today');
111 b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2123	case $yesterday:
342 ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	2124	return $lang->get('userfuncs_ml_date_yesterday');
111 b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2125	default:
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2126	return $then;
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2127	}
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2128	// .--.
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2129	// \|o_o \|
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2130	// \|!_/ \|
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2131	// // \ \
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2132	// (\| \| )
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2133	// /'\_ _/`\
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2134	// \___)=(___/
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2135	return 'Linux rocks!';
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2136	}
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2137	function reg_time($time, $row)
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2138	{
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2139	return $this->format_date($time);
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2140	}
684 15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2141	function infobit($_, $row)
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2142	{
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2143	global $db, $session, $paths, $template, $plugins; // Common objects
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2144	global $lang;
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2145
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2146	$bit = '';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2147	if ( $row['user_has_avatar'] == 1 )
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2148	{
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2149	$bit .= '<div style="float: left; margin-right: 10px;">
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2150	<img alt=" " src="' . make_avatar_url(intval($row['user_id']), $row['avatar_type'], $row['email']) . '" />
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2151	</div>';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2152	}
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2153	$rank_data = $session->get_user_rank(intval($row['user_id']));
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2154	$userpage = $paths->nslist['User'] . sanitize_page_id($row['username']);
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2155	$title = ( isPage($userpage) ) ? ' title="' . $lang->get('userfuncs_ml_tip_userpage') . '"' : ' title="' . $lang->get('userfuncs_ml_tip_nouserpage') . '"';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2156	$bit .= '<a' . $title . ' href="' . makeUrlNS('User', $row['username'], false, true) . '" style="font-size: x-large; ' . $rank_data['rank_style'] . '">' . htmlspecialchars($row['username']) . '</a><br />';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2157	if ( $rank_data['user_title'] )
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2158	$bit .= htmlspecialchars($rank_data['user_title']) . '<br />';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2159	if ( $rank_data['rank_title'] )
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2160	$bit .= '<small>' . htmlspecialchars($lang->get($rank_data['rank_title'])) . '</small><br />';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2161
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2162	$bit .= '<div style="text-align: right;">
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2163	<a href="' . makeUrlNS('Special', "PrivateMessages/Compose/To/{$row['username']}", false, true) . '" class="abutton abutton_blue"><img alt=" " src="' . cdnPath . '/images/icons/send_pm.png" /> ' . $lang->get('comment_btn_send_privmsg') . '</a>
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2164	<a href="' . makeUrlNS('Special', "PrivateMessages/FriendList/Add/{$row['username']}", false, true) . '" class="abutton abutton_green"><img alt=" " src="' . cdnPath . '/images/icons/add_buddy.png" /> ' . $lang->get('comment_btn_add_buddy') . '</a>
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2165	</div>';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2166
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2167	return $bit;
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2168	}
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2169	}
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2170
210 2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2171	function page_Special_LangExportJSON()
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2172	{
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2173	global $db, $session, $paths, $template, $plugins; // Common objects
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2174	global $lang;
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2175
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2176	$lang_id = ( $x = $paths->getParam(0) ) ? intval($x) : $lang->lang_id;
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2177
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2178	if ( $lang->lang_id == $lang_id )
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2179	$lang_local =& $lang;
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2180	else
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2181	$lang_local = new Language($lang_id);
782 96848f04bbba Corrected a few issues with languages and client-side code Dan parents: 743 diff changeset	2182
96848f04bbba Corrected a few issues with languages and client-side code Dan parents: 743 diff changeset	2183	$lang_local->get('meta_meta');
210 2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2184
542 5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit. Dan parents: 541 diff changeset	2185	$lang_strings = enano_json_encode($lang_local->strings);
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit. Dan parents: 541 diff changeset	2186	$etag = substr(sha1($lang_strings), 0, 20) . '-' . dechex($lang_local->lang_timestamp);
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit. Dan parents: 541 diff changeset	2187
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit. Dan parents: 541 diff changeset	2188	if ( isset($_SERVER['HTTP_IF_NONE_MATCH']) )
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit. Dan parents: 541 diff changeset	2189	{
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit. Dan parents: 541 diff changeset	2190	if ( "\"$etag\"" == $_SERVER['HTTP_IF_NONE_MATCH'] )
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit. Dan parents: 541 diff changeset	2191	{
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit. Dan parents: 541 diff changeset	2192	header('HTTP/1.1 304 Not Modified');
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit. Dan parents: 541 diff changeset	2193	exit();
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit. Dan parents: 541 diff changeset	2194	}
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit. Dan parents: 541 diff changeset	2195	}
210 2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2196
345 4ccdfeee9a11 WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite Dan parents: 343 diff changeset	2197	$timestamp = enano_date('D, j M Y H:i:s T', $lang_local->lang_timestamp);
562 75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	2198	// generate expires header
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	2199	$expires = date('r', mktime(-1, -1, -1, -1, -1, intval(date('y'))+1));
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	2200
210 2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2201	header("Last-Modified: $timestamp");
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2202	header("Date: $timestamp");
542 5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit. Dan parents: 541 diff changeset	2203	header("ETag: \"$etag\"");
210 2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2204	header('Content-type: text/javascript');
562 75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	2205	header("Expires: $expires");
210 2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2206
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2207	$lang_local->fetch();
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2208	echo "if ( typeof(enano_lang) != 'object' )
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2209	var enano_lang = new Object();
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2210
782 96848f04bbba Corrected a few issues with languages and client-side code Dan parents: 743 diff changeset	2211	enano_lang[{$lang_local->lang_id}] = " . $lang_strings . ";";
555 ac4c6a7f01d8 Added user preference for disabling visual effects in Javascript applets; added re-import button to installed plugins Dan parents: 542 diff changeset	2212
ac4c6a7f01d8 Added user preference for disabling visual effects in Javascript applets; added re-import button to installed plugins Dan parents: 542 diff changeset	2213	gzip_output();
210 2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2214
542 5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit. Dan parents: 541 diff changeset	2215	exit(0);
210 2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2216	}
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2217
541 acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2218	/**
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2219	* Fetches and displays an avatar from the filesystem. Avatar fetching is abstracted as of 1.1.4.
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2220	*/
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2221
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2222	function page_Special_Avatar()
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2223	{
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2224	global $db, $session, $paths, $template, $plugins; // Common objects
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2225	global $aggressive_optimize_html;
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2226	$aggressive_optimize_html = false;
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2227
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2228	$img_types = array(
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2229	IMAGE_TYPE_PNG => 'png',
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2230	IMAGE_TYPE_GIF => 'gif',
621 68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2231	IMAGE_TYPE_JPG => 'jpg',
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2232	IMAGE_TYPE_GRV => 'grv'
541 acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2233	);
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2234
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2235	$avi_id = $paths->getParam(0);
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2236	if ( !$avi_id \|\| !@preg_match('/^[a-f0-9]+$/', $avi_id) )
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2237	{
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2238	echo 'Doesn\'t match the regexp';
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2239	return true;
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2240	}
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2241
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2242	$avi_id_dec = hexdecode($avi_id);
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2243	$avi_id_dec = @unpack('Vdate/Vuid/vimg_type', $avi_id_dec);
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2244	if ( !$avi_id_dec )
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2245	{
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2246	echo 'Bad unpack';
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2247	return true;
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2248	}
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2249
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2250	// check parameters
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2251	if ( !isset($img_types[$avi_id_dec['img_type']]) )
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2252	{
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2253	echo 'Invalid image type';
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2254	return true;
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2255	}
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2256
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2257	// build file path
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2258	$avi_type = $img_types[$avi_id_dec['img_type']];
621 68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2259
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2260	// is this a gravatar?
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2261	if ( $avi_type == 'grv' )
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2262	{
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2263	// yes, we'll have to redirect
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2264	// sanitize UID
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2265	$uid = intval($avi_id_dec['uid']);
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2266
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2267	// fetch email
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2268	$q = $db->sql_query('SELECT email FROM ' . table_prefix . "users WHERE user_id = $uid;");
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2269	if ( !$q )
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2270	$db->_die();
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2271	if ( $db->numrows() < 1 )
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2272	return false;
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2273
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2274	list($email) = $db->fetchrow_num();
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2275	$db->free_result();
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2276
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2277	$url = make_gravatar_url($url);
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2278
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2279	// ship out the redirect
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2280	header('HTTP/1.1 302 Permanent Redirect');
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2281	header("Location: $url");
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2282	}
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2283
541 acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2284	$avi_path = ENANO_ROOT . '/' . getConfig('avatar_directory') . '/' . $avi_id_dec['uid'] . '.' . $avi_type;
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2285	if ( file_exists($avi_path) )
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2286	{
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2287	$avi_mod_time = @filemtime($avi_path);
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2288	$avi_mod_time = date('r', $avi_mod_time);
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2289	$avi_size = @filesize($avi_path);
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2290	header("Last-Modified: $avi_mod_time");
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2291	header("Content-Length: $avi_size");
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2292	header("Content-Type: image/$avi_type");
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2293	// http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2294	header("Cache-Control: public");
684 15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2295	// expire it 30 days from now
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2296	$expiry_time = time() + ( 86400 * 30 );
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2297	header("Expires: " . date('r', $expiry_time));
541 acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2298
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2299	$fh = @fopen($avi_path, 'r');
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2300	if ( !$fh )
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2301	{
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2302	echo 'Could not open file';
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2303	return true;
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2304	}
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2305
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2306	while ( $fd = @fread($fh, 1024) )
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2307	{
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2308	echo $fd;
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2309	}
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2310	fclose($fh);
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2311
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2312	}
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2313	return true;
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2314	}
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2315
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	2316	?>

author	Dan
	Sat, 03 Jan 2009 17:54:26 -0500
changeset 799	4629ad98ee88
parent 782	96848f04bbba
child 801	eb8b23f11744
permissions	-rw-r--r--