1
+ − 1
<?php
+ − 2
+ − 3
/*
+ − 4
* Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
507
586fd7d3202d
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
diff
changeset
+ − 5
* Version 1.1.3 (Caoineag alpha 3)
1
+ − 6
* Copyright (C) 2006-2007 Dan Fuhry
+ − 7
*
+ − 8
* This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
+ − 9
* as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
+ − 10
*
+ − 11
* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ − 12
* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
+ − 13
*/
+ − 14
533
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 15
class template
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 16
{
1
+ − 17
var $tpl_strings, $tpl_bool, $theme, $style, $no_headers, $additional_headers, $sidebar_extra, $sidebar_widgets, $toolbar_menu, $theme_list, $named_theme_list, $default_theme, $default_style, $plugin_blocks, $namespace_string, $style_list, $theme_loaded;
30
+ − 18
+ − 19
/**
471
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 20
* The list of themes that are critical for Enano operation. This doesn't include oxygen which
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 21
* remains a user theme. By default this is admin and printable which have to be loaded on demand.
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 22
* @var array
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 23
*/
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 24
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 25
var $system_themes = array('admin', 'printable');
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 26
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 27
/**
30
+ − 28
* Set to true if the site is disabled and thus a message needs to be shown. This should ONLY be changed by common.php.
+ − 29
* @var bool
+ − 30
* @access private
+ − 31
*/
+ − 32
+ − 33
var $site_disabled = false;
+ − 34
53
+ − 35
/**
+ − 36
* One of the absolute best parts of Enano :-P
+ − 37
* @var string
+ − 38
*/
+ − 39
54
84b56303cab5
Bugfixes: Login system properly handles blank password situation (returns ""); fading button now works right with relative URLs
Dan
diff
changeset
+ − 40
var $fading_button = '';
53
+ − 41
1
+ − 42
function __construct()
+ − 43
{
+ − 44
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 45
$this->tpl_bool = Array();
+ − 46
$this->tpl_strings = Array();
+ − 47
$this->sidebar_extra = '';
+ − 48
$this->toolbar_menu = '';
+ − 49
$this->additional_headers = '';
+ − 50
$this->plugin_blocks = Array();
+ − 51
$this->theme_loaded = false;
+ − 52
201
+ − 53
$this->fading_button = '<div style="background-image: url('.scriptPath.'/images/about-powered-enano-hover.png); background-repeat: no-repeat; width: 88px; height: 31px; margin: 0 auto 5px auto;">
371
dc6026376919
Improved compatibility with PostgreSQL and fixed a number of installer bugs; fixed missing "meta" category declaration in language files
Dan
diff
changeset
+ − 54
<a style="background-image: none; padding-right: 0;" href="http://enanocms.org/" onclick="window.open(this.href); return false;"><img style="border-width: 0;" alt=" " src="'.scriptPath.'/images/about-powered-enano.png" onmouseover="domOpacity(this, 100, 0, 500);" onmouseout="domOpacity(this, 0, 100, 500);" /></a>
87
570f68c3fe36
Redid stupid fading button code and fixed several RC2 bugs in the upgrade schema; 1.0.1 release candidate
Dan
diff
changeset
+ − 55
</div>';
54
84b56303cab5
Bugfixes: Login system properly handles blank password situation (returns ""); fading button now works right with relative URLs
Dan
diff
changeset
+ − 56
1
+ − 57
$this->theme_list = Array();
+ − 58
$this->named_theme_list = Array();
471
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 59
488
+ − 60
if ( defined('IN_ENANO_UPGRADE') )
+ − 61
{
+ − 62
return $this->construct_compat();
+ − 63
}
+ − 64
471
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 65
$q = $db->sql_query('SELECT theme_id, theme_name, enabled, default_style, group_policy, group_list FROM ' . table_prefix . 'themes;');
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 66
if ( !$q )
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 67
$db->_die('template.php selecting theme list');
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 68
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 69
$i = 0;
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 70
while ( $row = $db->fetchrow() )
1
+ − 71
{
471
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 72
$this->theme_list[$i] = $row;
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 73
$i++;
1
+ − 74
}
471
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 75
// List out all CSS files for this theme
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 76
foreach ( $this->theme_list as $i => &$theme )
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 77
{
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 78
$theme['css'] = array();
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 79
$dir = ENANO_ROOT . "/themes/{$theme['theme_id']}/css";
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 80
if ( $dh = @opendir($dir) )
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 81
{
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 82
while ( ( $file = @readdir($dh) ) !== false )
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 83
{
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 84
if ( preg_match('/\.css$/', $file) )
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 85
$theme['css'][] = preg_replace('/\.css$/', '', $file);
1
+ − 86
}
+ − 87
closedir($dh);
+ − 88
}
471
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 89
// No CSS files? If so, nuke it.
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 90
if ( count($theme['css']) < 1 )
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 91
{
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 92
unset($this->theme_list[$i]);
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 93
}
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 94
}
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 95
$this->theme_list = array_values($this->theme_list);
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 96
// Create associative array of themes
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 97
foreach ( $this->theme_list as $i => &$theme )
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 98
$this->named_theme_list[ $theme['theme_id'] ] =& $this->theme_list[$i];
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 99
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 100
$this->default_theme = ( $_ = getConfig('theme_default') ) ? $_ : $this->theme_list[0]['theme_id'];
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 101
// Come up with the default style. If the CSS file specified in default_style exists, we're good, just
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 102
// use that. Otherwise, use the first stylesheet that comes to mind.
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 103
$df_data =& $this->named_theme_list[ $this->default_theme ];
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 104
$this->default_style = ( in_array($df_data['default_style'], $df_data['css']) ) ? $df_data['default_style'] : $df_data['css'][0];
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 105
}
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 106
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 107
/**
488
+ − 108
* Failsafe constructor for upgrades.
+ − 109
*/
+ − 110
+ − 111
function construct_compat()
+ − 112
{
+ − 113
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 114
$this->tpl_bool = Array();
+ − 115
$this->tpl_strings = Array();
+ − 116
$this->sidebar_extra = '';
+ − 117
$this->toolbar_menu = '';
+ − 118
$this->additional_headers = '';
+ − 119
$this->plugin_blocks = Array();
+ − 120
$this->theme_loaded = false;
+ − 121
+ − 122
$this->fading_button = '<div style="background-image: url('.scriptPath.'/images/about-powered-enano-hover.png); background-repeat: no-repeat; width: 88px; height: 31px; margin: 0 auto 5px auto;">
+ − 123
<a style="background-image: none; padding-right: 0;" href="http://enanocms.org/" onclick="window.open(this.href); return false;"><img style="border-width: 0;" alt=" " src="'.scriptPath.'/images/about-powered-enano.png" onmouseover="domOpacity(this, 100, 0, 500);" onmouseout="domOpacity(this, 0, 100, 500);" /></a>
+ − 124
</div>';
+ − 125
+ − 126
$this->theme_list = Array();
+ − 127
$this->named_theme_list = Array();
+ − 128
+ − 129
$q = $db->sql_query('SELECT theme_id, theme_name, enabled, default_style FROM ' . table_prefix . 'themes;');
+ − 130
if ( !$q )
+ − 131
$db->_die('template.php selecting theme list');
+ − 132
+ − 133
$i = 0;
+ − 134
while ( $row = $db->fetchrow() )
+ − 135
{
+ − 136
$this->theme_list[$i] = $row;
+ − 137
$i++;
+ − 138
}
+ − 139
// List out all CSS files for this theme
+ − 140
foreach ( $this->theme_list as $i => &$theme )
+ − 141
{
+ − 142
$theme['css'] = array();
+ − 143
$dir = ENANO_ROOT . "/themes/{$theme['theme_id']}/css";
+ − 144
if ( $dh = @opendir($dir) )
+ − 145
{
+ − 146
while ( ( $file = @readdir($dh) ) !== false )
+ − 147
{
+ − 148
if ( preg_match('/\.css$/', $file) )
+ − 149
$theme['css'][] = preg_replace('/\.css$/', '', $file);
+ − 150
}
+ − 151
closedir($dh);
+ − 152
}
+ − 153
// No CSS files? If so, nuke it.
+ − 154
if ( count($theme['css']) < 1 )
+ − 155
{
+ − 156
unset($this->theme_list[$i]);
+ − 157
}
+ − 158
}
+ − 159
$this->theme_list = array_values($this->theme_list);
+ − 160
// Create associative array of themes
+ − 161
foreach ( $this->theme_list as $i => &$theme )
+ − 162
$this->named_theme_list[ $theme['theme_id'] ] =& $this->theme_list[$i];
+ − 163
+ − 164
$this->default_theme = ( $_ = getConfig('theme_default') ) ? $_ : $this->theme_list[0]['theme_id'];
+ − 165
// Come up with the default style. If the CSS file specified in default_style exists, we're good, just
+ − 166
// use that. Otherwise, use the first stylesheet that comes to mind.
+ − 167
$df_data =& $this->named_theme_list[ $this->default_theme ];
+ − 168
$this->default_style = ( in_array($df_data['default_style'], $df_data['css']) ) ? $df_data['default_style'] : $df_data['css'][0];
+ − 169
}
+ − 170
+ − 171
/**
471
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 172
* Systematically deletes themes if they're blocked by theme security settings. Called when session->start() finishes.
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 173
*/
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 174
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 175
function process_theme_acls()
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 176
{
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 177
global $db, $session, $paths, $template, $plugins; // Common objects
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 178
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 179
// For each theme, check ACLs and delete from RAM if not authorized
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 180
foreach ( $this->theme_list as $i => $theme )
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 181
{
488
+ − 182
if ( !@$theme['group_list'] )
471
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 183
continue;
472
bc4b58034f4d
Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
Dan
diff
changeset
+ − 184
if ( $theme['theme_id'] === getConfig('theme_default') )
bc4b58034f4d
Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
Dan
diff
changeset
+ − 185
continue;
471
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 186
switch ( $theme['group_policy'] )
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 187
{
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 188
case 'allow_all':
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 189
// Unconditionally allowed
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 190
continue;
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 191
break;
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 192
case 'whitelist':
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 193
// If we're not on the list, off to the left please
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 194
$list = enano_json_decode($theme['group_list']);
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 195
$allowed = false;
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 196
foreach ( $list as $acl )
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 197
{
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 198
if ( !preg_match('/^(u|g):([0-9]+)$/', $acl, $match) )
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 199
// Invalid list entry, silently allow (maybe not a good idea but
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 200
// really, these things are checked before they're inserted)
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 201
continue 2;
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 202
$mode = $match[1];
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 203
$id = intval($match[2]);
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 204
switch ( $mode )
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 205
{
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 206
case 'u':
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 207
$allowed = ( $id == $session->user_id );
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 208
if ( $allowed )
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 209
break 2;
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 210
break;
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 211
case 'g':
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 212
$allowed = ( isset($session->groups[$id]) );
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 213
if ( $allowed )
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 214
break 2;
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 215
}
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 216
}
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 217
if ( !$allowed )
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 218
{
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 219
unset($this->theme_list[$i]);
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 220
}
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 221
break;
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 222
case 'blacklist':
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 223
// If we're ON the list, off to the left please
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 224
$list = enano_json_decode($theme['group_list']);
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 225
$allowed = true;
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 226
foreach ( $list as $acl )
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 227
{
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 228
if ( !preg_match('/^(u|g):([0-9]+)$/', $acl, $match) )
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 229
// Invalid list entry, silently allow (maybe not a good idea but
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 230
// really, these things are checked before they're inserted)
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 231
continue 2;
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 232
$mode = $match[1];
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 233
$id = intval($match[2]);
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 234
switch ( $mode )
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 235
{
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 236
case 'u':
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 237
$allowed = ( $id != $session->user_id );
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 238
if ( !$allowed )
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 239
break 2;
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 240
break;
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 241
case 'g':
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 242
$allowed = ( !isset($session->groups[$id]) );
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 243
if ( !$allowed )
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 244
break 2;
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 245
}
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 246
}
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 247
if ( !$allowed )
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 248
{
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 249
unset($this->theme_list[$i]);
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 250
}
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 251
break;
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 252
}
1
+ − 253
}
+ − 254
471
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 255
$this->theme_list = array_values($this->theme_list);
1
+ − 256
471
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 257
// Rebuild associative theme list
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 258
$this->named_theme_list = array();
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 259
foreach ( $this->theme_list as $i => &$theme )
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 260
$this->named_theme_list[ $theme['theme_id'] ] =& $this->theme_list[$i];
1
+ − 261
}
471
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 262
419
b8b4e38825db
Unsuccessful attempt at fixing "dismiss"/"close manager" buttons in ACL editor; non-breaking change to template API to allow plugins to add "normal" sidebar widgets in addition to the special "raw" block type, specified as the third parameter to $template->sidebar_widget(). Defaults to false, which is old behavior; new behavior (enabled by passing TRUE as the 3rd param) means that the content of the block is primarily block-level links.
Dan
diff
changeset
+ − 263
function sidebar_widget($t, $h, $use_normal_section = false)
1
+ − 264
{
+ − 265
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 266
if(!defined('ENANO_TEMPLATE_LOADED'))
+ − 267
{
+ − 268
$this->load_theme($session->theme, $session->style);
+ − 269
}
+ − 270
if(!$this->sidebar_widgets)
+ − 271
$this->sidebar_widgets = '';
+ − 272
$tplvars = $this->extract_vars('elements.tpl');
419
b8b4e38825db
Unsuccessful attempt at fixing "dismiss"/"close manager" buttons in ACL editor; non-breaking change to template API to allow plugins to add "normal" sidebar widgets in addition to the special "raw" block type, specified as the third parameter to $template->sidebar_widget(). Defaults to false, which is old behavior; new behavior (enabled by passing TRUE as the 3rd param) means that the content of the block is primarily block-level links.
Dan
diff
changeset
+ − 273
b8b4e38825db
Unsuccessful attempt at fixing "dismiss"/"close manager" buttons in ACL editor; non-breaking change to template API to allow plugins to add "normal" sidebar widgets in addition to the special "raw" block type, specified as the third parameter to $template->sidebar_widget(). Defaults to false, which is old behavior; new behavior (enabled by passing TRUE as the 3rd param) means that the content of the block is primarily block-level links.
Dan
diff
changeset
+ − 274
if ( $use_normal_section )
b8b4e38825db
Unsuccessful attempt at fixing "dismiss"/"close manager" buttons in ACL editor; non-breaking change to template API to allow plugins to add "normal" sidebar widgets in addition to the special "raw" block type, specified as the third parameter to $template->sidebar_widget(). Defaults to false, which is old behavior; new behavior (enabled by passing TRUE as the 3rd param) means that the content of the block is primarily block-level links.
Dan
diff
changeset
+ − 275
{
b8b4e38825db
Unsuccessful attempt at fixing "dismiss"/"close manager" buttons in ACL editor; non-breaking change to template API to allow plugins to add "normal" sidebar widgets in addition to the special "raw" block type, specified as the third parameter to $template->sidebar_widget(). Defaults to false, which is old behavior; new behavior (enabled by passing TRUE as the 3rd param) means that the content of the block is primarily block-level links.
Dan
diff
changeset
+ − 276
$parser = $this->makeParserText($tplvars['sidebar_section']);
b8b4e38825db
Unsuccessful attempt at fixing "dismiss"/"close manager" buttons in ACL editor; non-breaking change to template API to allow plugins to add "normal" sidebar widgets in addition to the special "raw" block type, specified as the third parameter to $template->sidebar_widget(). Defaults to false, which is old behavior; new behavior (enabled by passing TRUE as the 3rd param) means that the content of the block is primarily block-level links.
Dan
diff
changeset
+ − 277
}
b8b4e38825db
Unsuccessful attempt at fixing "dismiss"/"close manager" buttons in ACL editor; non-breaking change to template API to allow plugins to add "normal" sidebar widgets in addition to the special "raw" block type, specified as the third parameter to $template->sidebar_widget(). Defaults to false, which is old behavior; new behavior (enabled by passing TRUE as the 3rd param) means that the content of the block is primarily block-level links.
Dan
diff
changeset
+ − 278
else
b8b4e38825db
Unsuccessful attempt at fixing "dismiss"/"close manager" buttons in ACL editor; non-breaking change to template API to allow plugins to add "normal" sidebar widgets in addition to the special "raw" block type, specified as the third parameter to $template->sidebar_widget(). Defaults to false, which is old behavior; new behavior (enabled by passing TRUE as the 3rd param) means that the content of the block is primarily block-level links.
Dan
diff
changeset
+ − 279
{
b8b4e38825db
Unsuccessful attempt at fixing "dismiss"/"close manager" buttons in ACL editor; non-breaking change to template API to allow plugins to add "normal" sidebar widgets in addition to the special "raw" block type, specified as the third parameter to $template->sidebar_widget(). Defaults to false, which is old behavior; new behavior (enabled by passing TRUE as the 3rd param) means that the content of the block is primarily block-level links.
Dan
diff
changeset
+ − 280
$parser = $this->makeParserText($tplvars['sidebar_section_raw']);
b8b4e38825db
Unsuccessful attempt at fixing "dismiss"/"close manager" buttons in ACL editor; non-breaking change to template API to allow plugins to add "normal" sidebar widgets in addition to the special "raw" block type, specified as the third parameter to $template->sidebar_widget(). Defaults to false, which is old behavior; new behavior (enabled by passing TRUE as the 3rd param) means that the content of the block is primarily block-level links.
Dan
diff
changeset
+ − 281
}
b8b4e38825db
Unsuccessful attempt at fixing "dismiss"/"close manager" buttons in ACL editor; non-breaking change to template API to allow plugins to add "normal" sidebar widgets in addition to the special "raw" block type, specified as the third parameter to $template->sidebar_widget(). Defaults to false, which is old behavior; new behavior (enabled by passing TRUE as the 3rd param) means that the content of the block is primarily block-level links.
Dan
diff
changeset
+ − 282
b8b4e38825db
Unsuccessful attempt at fixing "dismiss"/"close manager" buttons in ACL editor; non-breaking change to template API to allow plugins to add "normal" sidebar widgets in addition to the special "raw" block type, specified as the third parameter to $template->sidebar_widget(). Defaults to false, which is old behavior; new behavior (enabled by passing TRUE as the 3rd param) means that the content of the block is primarily block-level links.
Dan
diff
changeset
+ − 283
$parser->assign_vars(Array('TITLE' => '{TITLE}','CONTENT' => $h));
b8b4e38825db
Unsuccessful attempt at fixing "dismiss"/"close manager" buttons in ACL editor; non-breaking change to template API to allow plugins to add "normal" sidebar widgets in addition to the special "raw" block type, specified as the third parameter to $template->sidebar_widget(). Defaults to false, which is old behavior; new behavior (enabled by passing TRUE as the 3rd param) means that the content of the block is primarily block-level links.
Dan
diff
changeset
+ − 284
$this->plugin_blocks[$t] = $parser->run();
1
+ − 285
$this->sidebar_widgets .= $parser->run();
+ − 286
}
+ − 287
function add_header($html)
+ − 288
{
+ − 289
$this->additional_headers .= "\n" . $html;
+ − 290
}
+ − 291
function get_css($s = false)
+ − 292
{
+ − 293
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 294
if(!defined('ENANO_TEMPLATE_LOADED'))
+ − 295
$this->load_theme($session->theme, $session->style);
+ − 296
$path = ( $s ) ? 'css/'.$s : 'css/'.$this->style.'.css';
+ − 297
if ( !file_exists(ENANO_ROOT . '/themes/' . $this->theme . '/' . $path) )
+ − 298
{
+ − 299
echo "/* WARNING: Falling back to default file because file $path does not exist */\n";
+ − 300
$path = 'css/' . $this->style_list[0] . '.css';
+ − 301
}
471
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 302
return '<enano:no-opt>' . $this->process_template($path) . '</enano:no-opt>';
1
+ − 303
}
+ − 304
function load_theme($name = false, $css = false)
+ − 305
{
+ − 306
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 307
$this->theme = ( $name ) ? $name : $session->theme;
+ − 308
$this->style = ( $css ) ? $css : $session->style;
+ − 309
if ( !$this->theme )
+ − 310
{
+ − 311
$this->theme = $this->theme_list[0]['theme_id'];
468
+ − 312
$this->style = preg_replace('/\.css$/', '', $this->theme_list[0]['default_style']);
1
+ − 313
}
471
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 314
// Make sure we're allowed to use this theme.
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 315
if ( (
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 316
// If it was removed, it's probably blocked by an ACL, or it was uninstalled
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 317
!isset($this->named_theme_list[$this->theme]) ||
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 318
// Check if the theme is disabled
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 319
( isset($this->named_theme_list[$this->theme]) && $this->named_theme_list[$this->theme]['enabled'] == 0 ) )
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 320
// Above all, if it's a system theme, don't inhibit the loading process.
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 321
&& !in_array($this->theme, $this->system_themes)
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 322
)
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 323
{
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 324
// No, something is preventing it - fall back to site default
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 325
$this->theme = $this->default_theme;
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 326
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 327
// Come up with the default style. If the CSS file specified in default_style exists, we're good, just
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 328
// use that. Otherwise, use the first stylesheet that comes to mind.
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 329
$df_data =& $this->named_theme_list[ $this->theme ];
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 330
$this->style = ( in_array($df_data['default_style'], $df_data['css']) ) ? $df_data['default_style'] : $df_data['css'][0];
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 331
}
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 332
// The list of styles for the currently selected theme
7906fb190fc1
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
Dan
diff
changeset
+ − 333
$this->style_list =& $this->named_theme_list[ $this->theme ]['css'];
1
+ − 334
$this->theme_loaded = true;
+ − 335
}
+ − 336
+ − 337
function init_vars()
+ − 338
{
+ − 339
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 340
global $email;
210
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
diff
changeset
+ − 341
global $lang;
1
+ − 342
372
5bd429428101
A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager
Dan
diff
changeset
+ − 343
profiler_log("template: starting var init");
1
+ − 344
+ − 345
if(!$this->theme || !$this->style)
+ − 346
{
+ − 347
$this->load_theme();
+ − 348
}
+ − 349
+ − 350
if(defined('ENANO_TEMPLATE_LOADED'))
+ − 351
{
+ − 352
die_semicritical('Illegal call', '<p>$template->load_theme was called multiple times, this is not supposed to happen. Exiting with fatal error.</p>');
+ − 353
}
+ − 354
+ − 355
define('ENANO_TEMPLATE_LOADED', '');
+ − 356
+ − 357
$tplvars = $this->extract_vars('elements.tpl');
+ − 358
+ − 359
if(isset($_SERVER['HTTP_USER_AGENT']) && strstr($_SERVER['HTTP_USER_AGENT'], 'MSIE'))
+ − 360
{
+ − 361
$this->add_header('
+ − 362
<!--[if lt IE 7]>
+ − 363
<script language="JavaScript">
+ − 364
function correctPNG() // correctly handle PNG transparency in Win IE 5.5 & 6.
+ − 365
{
86
c162ca39db8f
Finished pagination code (was incomplete in previous revision) and added a few hacks for an upcoming theme
Dan
diff
changeset
+ − 366
var arVersion = navigator.appVersion.split("MSIE");
c162ca39db8f
Finished pagination code (was incomplete in previous revision) and added a few hacks for an upcoming theme
Dan
diff
changeset
+ − 367
var version = parseFloat(arVersion[1]);
1
+ − 368
if (version >= 5.5 && typeof(document.body.filters) == "object")
+ − 369
{
+ − 370
for(var i=0; i<document.images.length; i++)
+ − 371
{
+ − 372
var img = document.images[i];
+ − 373
continue;
+ − 374
var imgName = img.src.toUpperCase();
+ − 375
if (imgName.substring(imgName.length-3, imgName.length) == "PNG")
+ − 376
{
+ − 377
var imgID = (img.id) ? "id=\'" + img.id + "\' " : "";
+ − 378
var imgClass = (img.className) ? "class=\'" + img.className + "\' " : "";
+ − 379
var imgTitle = (img.title) ? "title=\'" + img.title + "\' " : "title=\'" + img.alt + "\' ";
+ − 380
var imgStyle = "display:inline-block;" + img.style.cssText;
+ − 381
if (img.align == "left") imgStyle = "float:left;" + imgStyle;
+ − 382
if (img.align == "right") imgStyle = "float:right;" + imgStyle;
+ − 383
if (img.parentElement.href) imgStyle = "cursor:hand;" + imgStyle;
+ − 384
var strNewHTML = "<span " + imgID + imgClass + imgTitle + " style=\\"" + "width:" + img.width + "px; height:" + img.height + "px;" + imgStyle + ";" + "filter:progid:DXImageTransform.Microsoft.AlphaImageLoader" + "(src=\\\'" + img.src + "\\\', sizingMethod=\'scale\');\\"></span>";
+ − 385
img.outerHTML = strNewHTML;
+ − 386
i = i-1;
+ − 387
}
+ − 388
}
+ − 389
}
+ − 390
}
+ − 391
window.attachEvent("onload", correctPNG);
+ − 392
</script>
+ − 393
<![endif]-->
+ − 394
');
+ − 395
}
+ − 396
+ − 397
// Get the "article" button text (depends on namespace)
+ − 398
switch($paths->namespace) {
+ − 399
case "Article":
+ − 400
default:
211
+ − 401
$ns = $lang->get('onpage_lbl_page_article');
1
+ − 402
break;
+ − 403
case "Admin":
211
+ − 404
$ns = $lang->get('onpage_lbl_page_admin');
1
+ − 405
break;
+ − 406
case "System":
211
+ − 407
$ns = $lang->get('onpage_lbl_page_system');
1
+ − 408
break;
+ − 409
case "File":
211
+ − 410
$ns = $lang->get('onpage_lbl_page_file');
1
+ − 411
break;
+ − 412
case "Help":
211
+ − 413
$ns = $lang->get('onpage_lbl_page_help');
1
+ − 414
break;
+ − 415
case "User":
211
+ − 416
$ns = $lang->get('onpage_lbl_page_user');
1
+ − 417
break;
+ − 418
case "Special":
211
+ − 419
$ns = $lang->get('onpage_lbl_page_special');
1
+ − 420
break;
+ − 421
case "Template":
211
+ − 422
$ns = $lang->get('onpage_lbl_page_template');
1
+ − 423
break;
+ − 424
case "Project":
211
+ − 425
$ns = $lang->get('onpage_lbl_page_project');
1
+ − 426
break;
+ − 427
case "Category":
211
+ − 428
$ns = $lang->get('onpage_lbl_page_category');
1
+ − 429
break;
312
6c7060d36a23
Improved physical pages: they support comments and have their own dedicated namespace now. Still some consistency fixes to make.
Dan
diff
changeset
+ − 430
case "Anonymous":
6c7060d36a23
Improved physical pages: they support comments and have their own dedicated namespace now. Still some consistency fixes to make.
Dan
diff
changeset
+ − 431
$ns = 'external page';
6c7060d36a23
Improved physical pages: they support comments and have their own dedicated namespace now. Still some consistency fixes to make.
Dan
diff
changeset
+ − 432
break;
1
+ − 433
}
+ − 434
$this->namespace_string = $ns;
211
+ − 435
unset($ns);
1
+ − 436
$code = $plugins->setHook('page_type_string_set');
+ − 437
foreach ( $code as $cmd )
+ − 438
{
+ − 439
eval($cmd);
+ − 440
}
+ − 441
$ns =& $this->namespace_string;
+ − 442
+ − 443
// Initialize the toolbar
+ − 444
$tb = '';
+ − 445
+ − 446
// Create "xx page" button
+ − 447
+ − 448
$btn_selected = ( isset($tplvars['toolbar_button_selected'])) ? $tplvars['toolbar_button_selected'] : $tplvars['toolbar_button'];
+ − 449
$parser = $this->makeParserText($btn_selected);
+ − 450
312
6c7060d36a23
Improved physical pages: they support comments and have their own dedicated namespace now. Still some consistency fixes to make.
Dan
diff
changeset
+ − 451
if ( true || !$paths->anonymous_page )
311
a007145a0ff6
Deprecated debugConsole and removed all calls to it. Added a lot of comments to common.php. Added support for "anonymous pages" that are created when the Enano API is loaded from an external script. Fixed missing border-bottom on Type 2 sidebar blocks in Oxygen.
Dan
diff
changeset
+ − 452
{
a007145a0ff6
Deprecated debugConsole and removed all calls to it. Added a lot of comments to common.php. Added support for "anonymous pages" that are created when the Enano API is loaded from an external script. Fixed missing border-bottom on Type 2 sidebar blocks in Oxygen.
Dan
diff
changeset
+ − 453
$parser->assign_vars(array(
313
+ − 454
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxReset()); return false; }" title="' . $lang->get('onpage_tip_article') . '" accesskey="a"',
311
a007145a0ff6
Deprecated debugConsole and removed all calls to it. Added a lot of comments to common.php. Added support for "anonymous pages" that are created when the Enano API is loaded from an external script. Fixed missing border-bottom on Type 2 sidebar blocks in Oxygen.
Dan
diff
changeset
+ − 455
'PARENTFLAGS' => 'id="mdgToolbar_article"',
a007145a0ff6
Deprecated debugConsole and removed all calls to it. Added a lot of comments to common.php. Added support for "anonymous pages" that are created when the Enano API is loaded from an external script. Fixed missing border-bottom on Type 2 sidebar blocks in Oxygen.
Dan
diff
changeset
+ − 456
'HREF' => makeUrl($paths->page, null, true),
a007145a0ff6
Deprecated debugConsole and removed all calls to it. Added a lot of comments to common.php. Added support for "anonymous pages" that are created when the Enano API is loaded from an external script. Fixed missing border-bottom on Type 2 sidebar blocks in Oxygen.
Dan
diff
changeset
+ − 457
'TEXT' => $this->namespace_string
a007145a0ff6
Deprecated debugConsole and removed all calls to it. Added a lot of comments to common.php. Added support for "anonymous pages" that are created when the Enano API is loaded from an external script. Fixed missing border-bottom on Type 2 sidebar blocks in Oxygen.
Dan
diff
changeset
+ − 458
));
a007145a0ff6
Deprecated debugConsole and removed all calls to it. Added a lot of comments to common.php. Added support for "anonymous pages" that are created when the Enano API is loaded from an external script. Fixed missing border-bottom on Type 2 sidebar blocks in Oxygen.
Dan
diff
changeset
+ − 459
a007145a0ff6
Deprecated debugConsole and removed all calls to it. Added a lot of comments to common.php. Added support for "anonymous pages" that are created when the Enano API is loaded from an external script. Fixed missing border-bottom on Type 2 sidebar blocks in Oxygen.
Dan
diff
changeset
+ − 460
$tb .= $parser->run();
a007145a0ff6
Deprecated debugConsole and removed all calls to it. Added a lot of comments to common.php. Added support for "anonymous pages" that are created when the Enano API is loaded from an external script. Fixed missing border-bottom on Type 2 sidebar blocks in Oxygen.
Dan
diff
changeset
+ − 461
}
1
+ − 462
+ − 463
$button = $this->makeParserText($tplvars['toolbar_button']);
+ − 464
+ − 465
// Page toolbar
+ − 466
// Comments button
+ − 467
if ( $session->get_permissions('read') && getConfig('enable_comments')=='1' && $paths->namespace != 'Special' && $paths->namespace != 'Admin' && $paths->cpage['comments_on'] == 1 )
+ − 468
{
+ − 469
322
+ − 470
$e = $db->sql_query('SELECT approved FROM '.table_prefix.'comments WHERE page_id=\''.$paths->page_id.'\' AND namespace=\''.$paths->namespace.'\';');
1
+ − 471
if ( !$e )
+ − 472
{
+ − 473
$db->_die();
+ − 474
}
+ − 475
$nc = $db->numrows();
+ − 476
$nu = 0;
+ − 477
$na = 0;
+ − 478
+ − 479
while ( $r = $db->fetchrow() )
+ − 480
{
+ − 481
if ( !$r['approved'] )
+ − 482
{
+ − 483
$nu++;
+ − 484
}
+ − 485
else
+ − 486
{
+ − 487
$na++;
+ − 488
}
+ − 489
}
+ − 490
+ − 491
$db->free_result();
+ − 492
$n = ( $session->get_permissions('mod_comments') ) ? (string)$nc : (string)$na;
+ − 493
if ( $session->get_permissions('mod_comments') && $nu > 0 )
+ − 494
{
211
+ − 495
$subst = array(
+ − 496
'num_comments' => $nc,
+ − 497
'num_unapp' => $nu
+ − 498
);
+ − 499
$btn_text = $lang->get('onpage_btn_discussion_unapp', $subst);
+ − 500
}
+ − 501
else
+ − 502
{
+ − 503
$subst = array(
+ − 504
'num_comments' => $nc
+ − 505
);
+ − 506
$btn_text = $lang->get('onpage_btn_discussion', $subst);
1
+ − 507
}
+ − 508
+ − 509
$button->assign_vars(array(
265
7e0cdf71b1bb
Some (not much) progress with localizing tooltips on the pagebar. Still aways to go and committing so as to merge changes from stable
Dan
diff
changeset
+ − 510
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxComments()); return false; }" title="' . $lang->get('onpage_tip_comments') . '" accesskey="c"',
1
+ − 511
'PARENTFLAGS' => 'id="mdgToolbar_discussion"',
+ − 512
'HREF' => makeUrl($paths->page, 'do=comments', true),
211
+ − 513
'TEXT' => $btn_text,
1
+ − 514
));
+ − 515
+ − 516
$tb .= $button->run();
+ − 517
}
+ − 518
// Edit button
446
27f5ac58992c
Removed all PostgreSQL support from the installer as per http://enanocms.org/News:1200114064; installer support for Postgres is available in the 1.1 branch now
Dan
diff
changeset
+ − 519
if($session->get_permissions('read') && ($paths->namespace != 'Special' && $paths->namespace != 'Admin' && $paths->namespace != 'Anonymous') && ( $session->get_permissions('edit_page') && ( ( $paths->page_protected && $session->get_permissions('even_when_protected') ) || !$paths->page_protected ) ) )
1
+ − 520
{
+ − 521
$button->assign_vars(array(
265
7e0cdf71b1bb
Some (not much) progress with localizing tooltips on the pagebar. Still aways to go and committing so as to merge changes from stable
Dan
diff
changeset
+ − 522
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxEditor()); return false; }" title="' . $lang->get('onpage_tip_edit') . '" accesskey="e"',
1
+ − 523
'PARENTFLAGS' => 'id="mdgToolbar_edit"',
+ − 524
'HREF' => makeUrl($paths->page, 'do=edit', true),
211
+ − 525
'TEXT' => $lang->get('onpage_btn_edit')
1
+ − 526
));
+ − 527
$tb .= $button->run();
+ − 528
// View source button
+ − 529
}
349
fdaf9070566c
More progress on the installer. At this point it can install and import the language, but does not rename config files. Still much work to be done, most notably localization and creation of MySQL users and databases.
Dan
diff
changeset
+ − 530
else if($session->get_permissions('view_source') && ( !$session->get_permissions('edit_page') || !$session->get_permissions('even_when_protected') && $paths->page_protected ) && $paths->namespace != 'Special' && $paths->namespace != 'Admin' && $paths->namespace != 'Anonymous')
1
+ − 531
{
+ − 532
$button->assign_vars(array(
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 533
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxEditor()); return false; }" title="' . $lang->get('onpage_tip_viewsource') . '" accesskey="e"',
1
+ − 534
'PARENTFLAGS' => 'id="mdgToolbar_edit"',
+ − 535
'HREF' => makeUrl($paths->page, 'do=viewsource', true),
211
+ − 536
'TEXT' => $lang->get('onpage_btn_viewsource')
1
+ − 537
));
+ − 538
$tb .= $button->run();
+ − 539
}
+ − 540
// History button
+ − 541
if ( $session->get_permissions('read') /* && $paths->wiki_mode */ && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' && $session->get_permissions('history_view') )
+ − 542
{
+ − 543
$button->assign_vars(array(
265
7e0cdf71b1bb
Some (not much) progress with localizing tooltips on the pagebar. Still aways to go and committing so as to merge changes from stable
Dan
diff
changeset
+ − 544
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxHistory()); return false; }" title="' . $lang->get('onpage_tip_history') . '" accesskey="h"',
1
+ − 545
'PARENTFLAGS' => 'id="mdgToolbar_history"',
+ − 546
'HREF' => makeUrl($paths->page, 'do=history', true),
211
+ − 547
'TEXT' => $lang->get('onpage_btn_history')
1
+ − 548
));
+ − 549
$tb .= $button->run();
+ − 550
}
+ − 551
+ − 552
$menubtn = $this->makeParserText($tplvars['toolbar_menu_button']);
+ − 553
+ − 554
// Additional actions menu
+ − 555
// Rename button
+ − 556
if ( $session->get_permissions('read') && $paths->page_exists && ( $session->get_permissions('rename') && ( $paths->page_protected && $session->get_permissions('even_when_protected') || !$paths->page_protected ) ) && $paths->namespace != 'Special' && $paths->namespace != 'Admin' )
+ − 557
{
+ − 558
$menubtn->assign_vars(array(
265
7e0cdf71b1bb
Some (not much) progress with localizing tooltips on the pagebar. Still aways to go and committing so as to merge changes from stable
Dan
diff
changeset
+ − 559
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxRename()); return false; }" title="' . $lang->get('onpage_tip_rename') . '" accesskey="r"',
1
+ − 560
'HREF' => makeUrl($paths->page, 'do=rename', true),
211
+ − 561
'TEXT' => $lang->get('onpage_btn_rename'),
1
+ − 562
));
+ − 563
$this->toolbar_menu .= $menubtn->run();
+ − 564
}
+ − 565
+ − 566
// Vote-to-delete button
+ − 567
if ( $paths->wiki_mode && $session->get_permissions('vote_delete') && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin')
+ − 568
{
+ − 569
$menubtn->assign_vars(array(
265
7e0cdf71b1bb
Some (not much) progress with localizing tooltips on the pagebar. Still aways to go and committing so as to merge changes from stable
Dan
diff
changeset
+ − 570
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxDelVote()); return false; }" title="' . $lang->get('onpage_tip_delvote') . '" accesskey="d"',
1
+ − 571
'HREF' => makeUrl($paths->page, 'do=delvote', true),
211
+ − 572
'TEXT' => $lang->get('onpage_btn_votedelete'),
1
+ − 573
));
+ − 574
$this->toolbar_menu .= $menubtn->run();
+ − 575
}
+ − 576
+ − 577
// Clear-votes button
+ − 578
if ( $session->get_permissions('read') && $paths->wiki_mode && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' && $session->get_permissions('vote_reset') && $paths->cpage['delvotes'] > 0)
+ − 579
{
+ − 580
$menubtn->assign_vars(array(
265
7e0cdf71b1bb
Some (not much) progress with localizing tooltips on the pagebar. Still aways to go and committing so as to merge changes from stable
Dan
diff
changeset
+ − 581
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxResetDelVotes()); return false; }" title="' . $lang->get('onpage_tip_resetvotes') . '" accesskey="y"',
1
+ − 582
'HREF' => makeUrl($paths->page, 'do=resetvotes', true),
211
+ − 583
'TEXT' => $lang->get('onpage_btn_votedelete_reset'),
1
+ − 584
));
+ − 585
$this->toolbar_menu .= $menubtn->run();
+ − 586
}
+ − 587
+ − 588
// Printable page button
+ − 589
if ( $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' )
+ − 590
{
+ − 591
$menubtn->assign_vars(array(
265
7e0cdf71b1bb
Some (not much) progress with localizing tooltips on the pagebar. Still aways to go and committing so as to merge changes from stable
Dan
diff
changeset
+ − 592
'FLAGS' => 'title="' . $lang->get('onpage_tip_printable') . '"',
1
+ − 593
'HREF' => makeUrl($paths->page, 'printable=yes', true),
211
+ − 594
'TEXT' => $lang->get('onpage_btn_printable'),
1
+ − 595
));
+ − 596
$this->toolbar_menu .= $menubtn->run();
+ − 597
}
+ − 598
+ − 599
// Protect button
+ − 600
if($session->get_permissions('read') && $paths->wiki_mode && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' && $session->get_permissions('protect'))
+ − 601
{
+ − 602
+ − 603
$label = $this->makeParserText($tplvars['toolbar_label']);
211
+ − 604
$label->assign_vars(array('TEXT' => $lang->get('onpage_lbl_protect')));
1
+ − 605
$t0 = $label->run();
+ − 606
+ − 607
$ctmp = '';
+ − 608
if ( $paths->cpage['protected'] == 1 )
+ − 609
{
+ − 610
$ctmp=' style="text-decoration: underline;"';
+ − 611
}
+ − 612
$menubtn->assign_vars(array(
265
7e0cdf71b1bb
Some (not much) progress with localizing tooltips on the pagebar. Still aways to go and committing so as to merge changes from stable
Dan
diff
changeset
+ − 613
'FLAGS' => 'accesskey="i" onclick="if ( !KILL_SWITCH ) { ajaxProtect(1); return false; }" id="protbtn_1" title="' . $lang->get('onpage_tip_protect_on') . '"'.$ctmp,
1
+ − 614
'HREF' => makeUrl($paths->page, 'do=protect&level=1', true),
211
+ − 615
'TEXT' => $lang->get('onpage_btn_protect_on')
1
+ − 616
));
+ − 617
$t1 = $menubtn->run();
+ − 618
+ − 619
$ctmp = '';
+ − 620
if ( $paths->cpage['protected'] == 0 )
+ − 621
{
+ − 622
$ctmp=' style="text-decoration: underline;"';
+ − 623
}
+ − 624
$menubtn->assign_vars(array(
265
7e0cdf71b1bb
Some (not much) progress with localizing tooltips on the pagebar. Still aways to go and committing so as to merge changes from stable
Dan
diff
changeset
+ − 625
'FLAGS' => 'accesskey="o" onclick="if ( !KILL_SWITCH ) { ajaxProtect(0); return false; }" id="protbtn_0" title="' . $lang->get('onpage_tip_protect_off') . '"'.$ctmp,
1
+ − 626
'HREF' => makeUrl($paths->page, 'do=protect&level=0', true),
211
+ − 627
'TEXT' => $lang->get('onpage_btn_protect_off')
1
+ − 628
));
+ − 629
$t2 = $menubtn->run();
+ − 630
+ − 631
$ctmp = '';
+ − 632
if ( $paths->cpage['protected'] == 2 )
+ − 633
{
+ − 634
$ctmp = ' style="text-decoration: underline;"';
+ − 635
}
+ − 636
$menubtn->assign_vars(array(
265
7e0cdf71b1bb
Some (not much) progress with localizing tooltips on the pagebar. Still aways to go and committing so as to merge changes from stable
Dan
diff
changeset
+ − 637
'FLAGS' => 'accesskey="p" onclick="if ( !KILL_SWITCH ) { ajaxProtect(2); return false; }" id="protbtn_2" title="' . $lang->get('onpage_tip_protect_semi') . '"'.$ctmp,
1
+ − 638
'HREF' => makeUrl($paths->page, 'do=protect&level=2', true),
211
+ − 639
'TEXT' => $lang->get('onpage_btn_protect_semi')
1
+ − 640
));
+ − 641
$t3 = $menubtn->run();
+ − 642
+ − 643
$this->toolbar_menu .= ' <table border="0" cellspacing="0" cellpadding="0">
+ − 644
<tr>
+ − 645
<td>'.$t0.'</td>
+ − 646
<td>'.$t1.'</td>
+ − 647
<td>'.$t2.'</td>
+ − 648
<td>'.$t3.'</td>
+ − 649
</tr>
+ − 650
</table>';
+ − 651
}
+ − 652
+ − 653
// Wiki mode button
+ − 654
if($session->get_permissions('read') && $paths->page_exists && $session->get_permissions('set_wiki_mode') && $paths->namespace != 'Special' && $paths->namespace != 'Admin')
+ − 655
{
+ − 656
// label at start
+ − 657
$label = $this->makeParserText($tplvars['toolbar_label']);
211
+ − 658
$label->assign_vars(array('TEXT' => $lang->get('onpage_lbl_wikimode')));
1
+ − 659
$t0 = $label->run();
+ − 660
+ − 661
// on button
+ − 662
$ctmp = '';
+ − 663
if ( $paths->cpage['wiki_mode'] == 1 )
+ − 664
{
+ − 665
$ctmp = ' style="text-decoration: underline;"';
+ − 666
}
+ − 667
$menubtn->assign_vars(array(
102
+ − 668
'FLAGS' => /* 'onclick="if ( !KILL_SWITCH ) { ajaxSetWikiMode(1); return false; }" id="wikibtn_1" title="Forces wiki functions to be allowed on this page."'. */ $ctmp,
1
+ − 669
'HREF' => makeUrl($paths->page, 'do=setwikimode&level=1', true),
211
+ − 670
'TEXT' => $lang->get('onpage_btn_wikimode_on')
1
+ − 671
));
+ − 672
$t1 = $menubtn->run();
+ − 673
+ − 674
// off button
+ − 675
$ctmp = '';
+ − 676
if ( $paths->cpage['wiki_mode'] == 0 )
+ − 677
{
+ − 678
$ctmp=' style="text-decoration: underline;"';
+ − 679
}
+ − 680
$menubtn->assign_vars(array(
102
+ − 681
'FLAGS' => /* 'onclick="if ( !KILL_SWITCH ) { ajaxSetWikiMode(0); return false; }" id="wikibtn_0" title="Forces wiki functions to be disabled on this page."'. */ $ctmp,
1
+ − 682
'HREF' => makeUrl($paths->page, 'do=setwikimode&level=0', true),
211
+ − 683
'TEXT' => $lang->get('onpage_btn_wikimode_off')
1
+ − 684
));
+ − 685
$t2 = $menubtn->run();
+ − 686
+ − 687
// global button
+ − 688
$ctmp = '';
+ − 689
if ( $paths->cpage['wiki_mode'] == 2 )
+ − 690
{
+ − 691
$ctmp=' style="text-decoration: underline;"';
+ − 692
}
+ − 693
$menubtn->assign_vars(array(
102
+ − 694
'FLAGS' => /* 'onclick="if ( !KILL_SWITCH ) { ajaxSetWikiMode(2); return false; }" id="wikibtn_2" title="Causes this page to use the global wiki mode setting (default)"'. */ $ctmp,
1
+ − 695
'HREF' => makeUrl($paths->page, 'do=setwikimode&level=2', true),
211
+ − 696
'TEXT' => $lang->get('onpage_btn_wikimode_global')
1
+ − 697
));
+ − 698
$t3 = $menubtn->run();
+ − 699
+ − 700
// Tack it onto the list of buttons that are already there...
+ − 701
$this->toolbar_menu .= ' <table border="0" cellspacing="0" cellpadding="0">
+ − 702
<tr>
+ − 703
<td>'.$t0.'</td>
+ − 704
<td>'.$t1.'</td>
+ − 705
<td>'.$t2.'</td>
+ − 706
<td>'.$t3.'</td>
+ − 707
</tr>
+ − 708
</table>';
+ − 709
}
+ − 710
+ − 711
// Clear logs button
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 712
if ( $session->get_permissions('read') && $session->get_permissions('clear_logs') && $paths->namespace != 'Special' && $paths->namespace != 'Admin' )
1
+ − 713
{
+ − 714
$menubtn->assign_vars(array(
265
7e0cdf71b1bb
Some (not much) progress with localizing tooltips on the pagebar. Still aways to go and committing so as to merge changes from stable
Dan
diff
changeset
+ − 715
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxClearLogs()); return false; }" title="' . $lang->get('onpage_tip_flushlogs') . '" accesskey="l"',
1
+ − 716
'HREF' => makeUrl($paths->page, 'do=flushlogs', true),
211
+ − 717
'TEXT' => $lang->get('onpage_btn_clearlogs'),
1
+ − 718
));
+ − 719
$this->toolbar_menu .= $menubtn->run();
+ − 720
}
+ − 721
+ − 722
// Delete page button
+ − 723
if ( $session->get_permissions('read') && $session->get_permissions('delete_page') && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' )
+ − 724
{
211
+ − 725
$s = $lang->get('onpage_btn_deletepage');
1
+ − 726
if ( $paths->cpage['delvotes'] == 1 )
+ − 727
{
211
+ − 728
$subst = array(
+ − 729
'num_votes' => $paths->cpage['delvotes'],
+ − 730
'plural' => ''
+ − 731
);
+ − 732
$s .= $lang->get('onpage_btn_deletepage_votes', $subst);
1
+ − 733
}
+ − 734
else if ( $paths->cpage['delvotes'] > 1 )
+ − 735
{
211
+ − 736
$subst = array(
+ − 737
'num_votes' => $paths->cpage['delvotes'],
+ − 738
'plural' => $lang->get('meta_plural')
+ − 739
);
+ − 740
$s .= $lang->get('onpage_btn_deletepage_votes', $subst);
1
+ − 741
}
+ − 742
+ − 743
$menubtn->assign_vars(array(
314
+ − 744
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxDeletePage()); return false; }" title="' . $lang->get('onpage_tip_deletepage') . '" accesskey="k"',
1
+ − 745
'HREF' => makeUrl($paths->page, 'do=deletepage', true),
+ − 746
'TEXT' => $s,
+ − 747
));
+ − 748
$this->toolbar_menu .= $menubtn->run();
+ − 749
+ − 750
}
+ − 751
+ − 752
// Password-protect button
+ − 753
if(isset($paths->cpage['password']))
+ − 754
{
+ − 755
if ( $paths->cpage['password'] == '' )
+ − 756
{
+ − 757
$a = $session->get_permissions('password_set');
+ − 758
}
+ − 759
else
+ − 760
{
+ − 761
$a = $session->get_permissions('password_reset');
+ − 762
}
+ − 763
}
+ − 764
else
+ − 765
{
+ − 766
$a = $session->get_permissions('password_set');
+ − 767
}
+ − 768
if ( $a && $session->get_permissions('read') && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' )
+ − 769
{
+ − 770
// label at start
+ − 771
$label = $this->makeParserText($tplvars['toolbar_label']);
211
+ − 772
$label->assign_vars(array('TEXT' => $lang->get('onpage_lbl_password')));
1
+ − 773
$t0 = $label->run();
+ − 774
+ − 775
$menubtn->assign_vars(array(
265
7e0cdf71b1bb
Some (not much) progress with localizing tooltips on the pagebar. Still aways to go and committing so as to merge changes from stable
Dan
diff
changeset
+ − 776
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxSetPassword()); return false; }" title="' . $lang->get('onpage_tip_password') . '"',
1
+ − 777
'HREF' => '#',
211
+ − 778
'TEXT' => $lang->get('onpage_btn_password_set'),
1
+ − 779
));
+ − 780
$t = $menubtn->run();
+ − 781
+ − 782
$this->toolbar_menu .= '<table border="0" cellspacing="0" cellpadding="0"><tr><td>'.$t0.'</td><td><input type="password" id="mdgPassSetField" size="10" /></td><td>'.$t.'</td></tr></table>';
+ − 783
}
+ − 784
+ − 785
// Manage ACLs button
511
f88c8c79d784
Made some improvements to ACL system including: warning on setting Deny for Everyone on the entire site, added ACL_ALWAYS_ALLOW_ADMIN_EDIT_ACL, and changed behavior as noted in the docs so that Deny for Everyone is no longer able to be overridden
Dan
diff
changeset
+ − 786
if ( !$paths->anonymous_page && ( $session->get_permissions('edit_acl') || ( defined('ACL_ALWAYS_ALLOW_ADMIN_EDIT_ACL') && $session->user_level >= USER_LEVEL_ADMIN ) ) )
1
+ − 787
{
+ − 788
$menubtn->assign_vars(array(
265
7e0cdf71b1bb
Some (not much) progress with localizing tooltips on the pagebar. Still aways to go and committing so as to merge changes from stable
Dan
diff
changeset
+ − 789
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { return ajaxOpenACLManager(); }" title="' . $lang->get('onpage_tip_aclmanager') . '" accesskey="m"',
1
+ − 790
'HREF' => makeUrl($paths->page, 'do=aclmanager', true),
211
+ − 791
'TEXT' => $lang->get('onpage_btn_acl'),
1
+ − 792
));
+ − 793
$this->toolbar_menu .= $menubtn->run();
+ − 794
}
+ − 795
+ − 796
// Administer page button
+ − 797
if ( $session->user_level >= USER_LEVEL_ADMIN && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' )
+ − 798
{
+ − 799
$menubtn->assign_vars(array(
314
+ − 800
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxAdminPage()); return false; }" title="' . $lang->get('onpage_tip_adminoptions') . '" accesskey="g"',
1
+ − 801
'HREF' => makeUrlNS('Special', 'Administration', 'module='.$paths->nslist['Admin'].'PageManager', true),
211
+ − 802
'TEXT' => $lang->get('onpage_btn_admin'),
1
+ − 803
));
+ − 804
$this->toolbar_menu .= $menubtn->run();
+ − 805
}
+ − 806
+ − 807
if ( strlen($this->toolbar_menu) > 0 )
+ − 808
{
+ − 809
$button->assign_vars(array(
314
+ − 810
'FLAGS' => 'id="mdgToolbar_moreoptions" onclick="if ( !KILL_SWITCH ) { return false; }" title="' . $lang->get('onpage_tip_moreoptions') . '"',
1
+ − 811
'PARENTFLAGS' => '',
+ − 812
'HREF' => makeUrl($paths->page, 'do=moreoptions', true),
211
+ − 813
'TEXT' => $lang->get('onpage_btn_moreoptions')
1
+ − 814
));
+ − 815
$tb .= $button->run();
+ − 816
}
+ − 817
+ − 818
$is_opera = (isset($_SERVER['HTTP_USER_AGENT']) && strstr($_SERVER['HTTP_USER_AGENT'], 'Opera')) ? true : false;
+ − 819
+ − 820
$this->tpl_bool = Array(
+ − 821
'auth_admin'=>$session->user_level >= USER_LEVEL_ADMIN ? true : false,
+ − 822
'user_logged_in'=>$session->user_logged_in,
+ − 823
'opera'=>$is_opera,
+ − 824
);
+ − 825
+ − 826
if($session->sid_super) { $ash = '&auth='.$session->sid_super; $asq = "?auth=".$session->sid_super; $asa = "&auth=".$session->sid_super; $as2 = htmlspecialchars(urlSeparator).'auth='.$session->sid_super; }
+ − 827
else { $asq=''; $asa=''; $as2 = ''; $ash = ''; }
+ − 828
+ − 829
$code = $plugins->setHook('compile_template');
+ − 830
foreach ( $code as $cmd )
+ − 831
{
+ − 832
eval($cmd);
+ − 833
}
+ − 834
+ − 835
// Some additional sidebar processing
+ − 836
if($this->sidebar_extra != '') {
+ − 837
$se = $this->sidebar_extra;
+ − 838
$parser = $this->makeParserText($tplvars['sidebar_section_raw']);
+ − 839
$parser->assign_vars(Array('TITLE'=>'Links','CONTENT'=>$se));
+ − 840
$this->sidebar_extra = $parser->run();
+ − 841
}
+ − 842
+ − 843
$this->sidebar_extra = $this->sidebar_extra.$this->sidebar_widgets;
+ − 844
+ − 845
$this->tpl_bool['fixed_menus'] = false;
+ − 846
/* if($this->sidebar_extra == '') $this->tpl_bool['right_sidebar'] = false;
+ − 847
else */ $this->tpl_bool['right_sidebar'] = true;
+ − 848
+ − 849
$this->tpl_bool['auth_rename'] = ( $paths->page_exists && ( $session->get_permissions('rename') && ( $paths->page_protected && $session->get_permissions('even_when_protected') || !$paths->page_protected ) ) && $paths->namespace != 'Special' && $paths->namespace != 'Admin');
+ − 850
+ − 851
$this->tpl_bool['enable_uploads'] = ( getConfig('enable_uploads') == '1' && $session->get_permissions('upload_files') ) ? true : false;
+ − 852
+ − 853
$this->tpl_bool['stupid_mode'] = false;
+ − 854
322
+ − 855
$this->tpl_bool['in_admin'] = ( ( $paths->page_id == 'Administration' && $paths->namespace == 'Special' ) || $paths->namespace == 'Admin' );
1
+ − 856
+ − 857
$p = ( isset($_GET['printable']) ) ? '/printable' : '';
+ − 858
+ − 859
// Add the e-mail address client code to the header
+ − 860
$this->add_header($email->jscode());
+ − 861
210
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
diff
changeset
+ − 862
// Add language file
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
diff
changeset
+ − 863
$lang_uri = makeUrlNS('Special', 'LangExportJSON/' . $lang->lang_id, false, true);
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
diff
changeset
+ − 864
$this->add_header("<script type=\"text/javascript\" src=\"$lang_uri\"></script>");
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
diff
changeset
+ − 865
1
+ − 866
// Generate the code for the Log out and Change theme sidebar buttons
+ − 867
// Once again, the new template parsing system can be used here
+ − 868
+ − 869
$parser = $this->makeParserText($tplvars['sidebar_button']);
+ − 870
+ − 871
$parser->assign_vars(Array(
+ − 872
'HREF'=>makeUrlNS('Special', 'Logout'),
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 873
'FLAGS'=>'onclick="if ( !KILL_SWITCH ) { mb_logout(); return false; }"',
215
+ − 874
'TEXT'=>$lang->get('sidebar_btn_logout'),
1
+ − 875
));
+ − 876
+ − 877
$logout_link = $parser->run();
+ − 878
+ − 879
$parser->assign_vars(Array(
+ − 880
'HREF'=>makeUrlNS('Special', 'Login/' . $paths->page),
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 881
'FLAGS'=>'onclick="if ( !KILL_SWITCH ) { ajaxStartLogin(); return false; }"',
215
+ − 882
'TEXT'=>$lang->get('sidebar_btn_login'),
1
+ − 883
));
+ − 884
+ − 885
$login_link = $parser->run();
+ − 886
+ − 887
$parser->assign_vars(Array(
+ − 888
'HREF'=>makeUrlNS('Special', 'ChangeStyle/'.$paths->page),
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 889
'FLAGS'=>'onclick="if ( !KILL_SWITCH ) { ajaxChangeStyle(); return false; }"',
215
+ − 890
'TEXT'=>$lang->get('sidebar_btn_changestyle'),
1
+ − 891
));
+ − 892
+ − 893
$theme_link = $parser->run();
+ − 894
60
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 895
$parser->assign_vars(Array(
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 896
'HREF'=>makeUrlNS('Special', 'Administration'),
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 897
'FLAGS'=>'onclick="if ( !KILL_SWITCH ) { void(ajaxStartAdminLogin()); return false; }"',
215
+ − 898
'TEXT'=>$lang->get('sidebar_btn_administration'),
60
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 899
));
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 900
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 901
$admin_link = $parser->run();
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 902
1
+ − 903
$SID = ($session->sid_super) ? $session->sid_super : '';
+ − 904
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 905
$urlname_clean = str_replace('\'', '\\\'', str_replace('\\', '\\\\', dirtify_page_id($paths->fullpage)));
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 906
$urlname_clean = strtr( $urlname_clean, array( '<' => '<', '>' => '>' ) );
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 907
22
+ − 908
$urlname_jssafe = sanitize_page_id($paths->fullpage);
+ − 909
1
+ − 910
// Generate the dynamic javascript vars
+ − 911
$js_dynamic = ' <script type="text/javascript">// <![CDATA[
+ − 912
// This section defines some basic and very important variables that are used later in the static Javascript library.
+ − 913
// SKIN DEVELOPERS: The template variable for this code block is {JS_DYNAMIC_VARS}. This MUST be inserted BEFORE the tag that links to the main Javascript lib.
22
+ − 914
var title=\''. $urlname_jssafe .'\';
1
+ − 915
var page_exists='. ( ( $paths->page_exists) ? 'true' : 'false' ) .';
+ − 916
var scriptPath=\''. scriptPath .'\';
+ − 917
var contentPath=\''.contentPath.'\';
+ − 918
var ENANO_SID =\'' . $SID . '\';
436
+ − 919
var user_level=' . $session->user_level . ';
1
+ − 920
var auth_level=' . $session->auth_level . ';
+ − 921
var USER_LEVEL_GUEST = ' . USER_LEVEL_GUEST . ';
+ − 922
var USER_LEVEL_MEMBER = ' . USER_LEVEL_MEMBER . ';
+ − 923
var USER_LEVEL_CHPREF = ' . USER_LEVEL_CHPREF . ';
+ − 924
var USER_LEVEL_MOD = ' . USER_LEVEL_MOD . ';
+ − 925
var USER_LEVEL_ADMIN = ' . USER_LEVEL_ADMIN . ';
+ − 926
var editNotice = \'' . ( (getConfig('wiki_edit_notice')=='1') ? str_replace("\n", "\\\n", RenderMan::render(getConfig('wiki_edit_notice_text'))) : '' ) . '\';
+ − 927
var prot = ' . ( ($paths->page_protected && !$session->get_permissions('even_when_protected')) ? 'true' : 'false' ) .'; // No, hacking this var won\'t work, it\'s re-checked on the server
+ − 928
var ENANO_SPECIAL_CREATEPAGE = \''. makeUrl($paths->nslist['Special'].'CreatePage') .'\';
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 929
var ENANO_CREATEPAGE_PARAMS = \'_do=&pagename='. $urlname_clean .'&namespace=' . $paths->namespace . '\';
1
+ − 930
var ENANO_SPECIAL_CHANGESTYLE = \''. makeUrlNS('Special', 'ChangeStyle') .'\';
+ − 931
var namespace_list = new Array();
+ − 932
var AES_BITS = '.AES_BITS.';
+ − 933
var AES_BLOCKSIZE = '.AES_BLOCKSIZE.';
+ − 934
var pagepass = \''. ( ( isset($_REQUEST['pagepass']) ) ? sha1($_REQUEST['pagepass']) : '' ) .'\';
+ − 935
var ENANO_THEME_LIST = \'';
+ − 936
foreach($this->theme_list as $t) {
+ − 937
if($t['enabled'])
+ − 938
{
+ − 939
$js_dynamic .= '<option value="'.$t['theme_id'].'"';
29
e5484a9e0818
Rewrote change theme dialog; a few minor stability fixes here and there; fixed IE + St Patty background image
Dan
diff
changeset
+ − 940
// if($t['theme_id'] == $session->theme) $js_dynamic .= ' selected="selected"';
1
+ − 941
$js_dynamic .= '>'.$t['theme_name'].'</option>';
+ − 942
}
+ − 943
}
+ − 944
$js_dynamic .= '\';
210
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
diff
changeset
+ − 945
var ENANO_CURRENT_THEME = \''. $session->theme .'\';
212
30b857a6b811
Reworked comment system to not use HACKISH FIXES; AJAX comment framework is completely localized now
Dan
diff
changeset
+ − 946
var ENANO_LANG_ID = ' . $lang->lang_id . ';
30b857a6b811
Reworked comment system to not use HACKISH FIXES; AJAX comment framework is completely localized now
Dan
diff
changeset
+ − 947
var ENANO_PAGE_TYPE = "' . addslashes($this->namespace_string) . '";';
1
+ − 948
foreach($paths->nslist as $k => $c)
+ − 949
{
+ − 950
$js_dynamic .= "namespace_list['{$k}'] = '$c';";
+ − 951
}
+ − 952
$js_dynamic .= "\n //]]>\n </script>";
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 953
1
+ − 954
$tpl_strings = Array(
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 955
'PAGE_NAME'=>htmlspecialchars($paths->cpage['name']),
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 956
'PAGE_URLNAME'=> $urlname_clean,
40
+ − 957
'SITE_NAME'=>htmlspecialchars(getConfig('site_name')),
1
+ − 958
'USERNAME'=>$session->username,
40
+ − 959
'SITE_DESC'=>htmlspecialchars(getConfig('site_desc')),
1
+ − 960
'TOOLBAR'=>$tb,
+ − 961
'SCRIPTPATH'=>scriptPath,
+ − 962
'CONTENTPATH'=>contentPath,
+ − 963
'ADMIN_SID_QUES'=>$asq,
+ − 964
'ADMIN_SID_AMP'=>$asa,
+ − 965
'ADMIN_SID_AMP_HTML'=>$ash,
+ − 966
'ADMIN_SID_AUTO'=>$as2,
114
47393c6619ea
Nothing special, just syncing to Scribus, several bugs have been found with GET forms and a fix is in the works
Dan
diff
changeset
+ − 967
'ADMIN_SID_RAW'=> ( is_string($session->sid_super) ? $session->sid_super : '' ),
1
+ − 968
'ADDITIONAL_HEADERS'=>$this->additional_headers,
91
+ − 969
'COPYRIGHT'=>RenderMan::parse_internal_links(getConfig('copyright_notice')),
1
+ − 970
'TOOLBAR_EXTRAS'=>$this->toolbar_menu,
+ − 971
'REQUEST_URI'=>$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'],
+ − 972
'STYLE_LINK'=>makeUrlNS('Special', 'CSS'.$p, null, true), //contentPath.$paths->nslist['Special'].'CSS' . $p,
+ − 973
'LOGIN_LINK'=>$login_link,
+ − 974
'LOGOUT_LINK'=>$logout_link,
60
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 975
'ADMIN_LINK'=>$admin_link,
1
+ − 976
'THEME_LINK'=>$theme_link,
115
261f367623af
Fixed the obnoxious issue with forms using GET and index.php?title=Foo URL scheme (this works a whole lot better than MediaWiki now
Dan
diff
changeset
+ − 977
'SEARCH_ACTION'=>makeUrlNS('Special', 'Search'),
322
+ − 978
'INPUT_TITLE'=>( urlSeparator == '&' ? '<input type="hidden" name="title" value="' . htmlspecialchars( $paths->nslist[$paths->namespace] . $paths->page_id ) . '" />' : ''),
115
261f367623af
Fixed the obnoxious issue with forms using GET and index.php?title=Foo URL scheme (this works a whole lot better than MediaWiki now
Dan
diff
changeset
+ − 979
'INPUT_AUTH'=>( $session->sid_super ? '<input type="hidden" name="auth" value="' . $session->sid_super . '" />' : ''),
1
+ − 980
'TEMPLATE_DIR'=>scriptPath.'/themes/'.$this->theme,
+ − 981
'THEME_ID'=>$this->theme,
+ − 982
'STYLE_ID'=>$this->style,
+ − 983
'JS_DYNAMIC_VARS'=>$js_dynamic,
85
7c68a18a27be
AJAX comments are now paginated; plugin manager can now show system plugins; typo in installer corrected; links in oxygen/stpatty/admin footers changed to "About Enano" page; 1.0.1 release candidate
Dan
diff
changeset
+ − 984
'UNREAD_PMS'=>$session->unread_pms,
286
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 985
'URL_ABOUT_ENANO' => makeUrlNS('Special', 'About_Enano', '', true),
315
f49e3c8b638c
Fixed focus of AJAX login form fields in IE; removed stale/unused call to $template->makeParserText() in paginate_array(); added hook page_create_request to possibly help control creation of pages of certain namespaces from plugins; fixed critical bug in user CP that prevented plugins from adding custom CP modules
Dan
diff
changeset
+ − 986
'REPORT_URI' => makeUrl($paths->fullpage, 'do=sql_report', true)
1
+ − 987
);
+ − 988
+ − 989
foreach ( $paths->nslist as $ns_id => $ns_prefix )
+ − 990
{
+ − 991
$tpl_strings[ 'NS_' . strtoupper($ns_id) ] = $ns_prefix;
+ − 992
}
+ − 993
+ − 994
$this->tpl_strings = array_merge($tpl_strings, $this->tpl_strings);
+ − 995
list($this->tpl_strings['SIDEBAR_LEFT'], $this->tpl_strings['SIDEBAR_RIGHT'], $min) = $this->fetch_sidebar();
+ − 996
$this->tpl_bool['sidebar_left'] = ( $this->tpl_strings['SIDEBAR_LEFT'] != $min) ? true : false;
+ − 997
$this->tpl_bool['sidebar_right'] = ( $this->tpl_strings['SIDEBAR_RIGHT'] != $min) ? true : false;
+ − 998
$this->tpl_bool['right_sidebar'] = $this->tpl_bool['sidebar_right']; // backward compatibility
118
0c5efda996bf
Added keep-alive function to admin panel (had been planned for some time) and a new hook, template_var_init_end
Dan
diff
changeset
+ − 999
0c5efda996bf
Added keep-alive function to admin panel (had been planned for some time) and a new hook, template_var_init_end
Dan
diff
changeset
+ − 1000
$code = $plugins->setHook('template_var_init_end');
0c5efda996bf
Added keep-alive function to admin panel (had been planned for some time) and a new hook, template_var_init_end
Dan
diff
changeset
+ − 1001
foreach ( $code as $cmd )
0c5efda996bf
Added keep-alive function to admin panel (had been planned for some time) and a new hook, template_var_init_end
Dan
diff
changeset
+ − 1002
{
0c5efda996bf
Added keep-alive function to admin panel (had been planned for some time) and a new hook, template_var_init_end
Dan
diff
changeset
+ − 1003
eval($cmd);
0c5efda996bf
Added keep-alive function to admin panel (had been planned for some time) and a new hook, template_var_init_end
Dan
diff
changeset
+ − 1004
}
372
5bd429428101
A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager
Dan
diff
changeset
+ − 1005
5bd429428101
A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager
Dan
diff
changeset
+ − 1006
profiler_log("template: finished var init");
1
+ − 1007
}
+ − 1008
+ − 1009
function header($simple = false)
+ − 1010
{
+ − 1011
global $db, $session, $paths, $template, $plugins; // Common objects
215
+ − 1012
global $lang;
+ − 1013
1
+ − 1014
ob_start();
+ − 1015
+ − 1016
if(!$this->theme_loaded)
+ − 1017
{
+ − 1018
$this->load_theme($session->theme, $session->style);
+ − 1019
}
+ − 1020
526
b2fb50d572c7
New plugin manager half-implemented. Most of the UI/frontend code is done. Moved sql_parse.php to /includes/ to allow use after installation - TODO: check installer, etc. for breakage
Dan
diff
changeset
+ − 1021
// I feel awful doing this.
b2fb50d572c7
New plugin manager half-implemented. Most of the UI/frontend code is done. Moved sql_parse.php to /includes/ to allow use after installation - TODO: check installer, etc. for breakage
Dan
diff
changeset
+ − 1022
if ( preg_match('/^W3C_Validator/', @$_SERVER['HTTP_USER_AGENT']) )
b2fb50d572c7
New plugin manager half-implemented. Most of the UI/frontend code is done. Moved sql_parse.php to /includes/ to allow use after installation - TODO: check installer, etc. for breakage
Dan
diff
changeset
+ − 1023
{
b2fb50d572c7
New plugin manager half-implemented. Most of the UI/frontend code is done. Moved sql_parse.php to /includes/ to allow use after installation - TODO: check installer, etc. for breakage
Dan
diff
changeset
+ − 1024
header('Content-type: application/xhtml+xml');
b2fb50d572c7
New plugin manager half-implemented. Most of the UI/frontend code is done. Moved sql_parse.php to /includes/ to allow use after installation - TODO: check installer, etc. for breakage
Dan
diff
changeset
+ − 1025
}
b2fb50d572c7
New plugin manager half-implemented. Most of the UI/frontend code is done. Moved sql_parse.php to /includes/ to allow use after installation - TODO: check installer, etc. for breakage
Dan
diff
changeset
+ − 1026
1
+ − 1027
$headers_sent = true;
+ − 1028
if(!defined('ENANO_HEADERS_SENT'))
+ − 1029
define('ENANO_HEADERS_SENT', '');
174
4c5c2b66a34d
SECURITY: remove debug message in session manager; implemented alternate MediaWiki syntax for template embedding; added Adobe Spry for "shake" effect on unsuccessful login
Dan
diff
changeset
+ − 1030
if ( !$this->no_headers )
4c5c2b66a34d
SECURITY: remove debug message in session manager; implemented alternate MediaWiki syntax for template embedding; added Adobe Spry for "shake" effect on unsuccessful login
Dan
diff
changeset
+ − 1031
{
4c5c2b66a34d
SECURITY: remove debug message in session manager; implemented alternate MediaWiki syntax for template embedding; added Adobe Spry for "shake" effect on unsuccessful login
Dan
diff
changeset
+ − 1032
$header = ( $simple ) ?
4c5c2b66a34d
SECURITY: remove debug message in session manager; implemented alternate MediaWiki syntax for template embedding; added Adobe Spry for "shake" effect on unsuccessful login
Dan
diff
changeset
+ − 1033
$this->process_template('simple-header.tpl') :
4c5c2b66a34d
SECURITY: remove debug message in session manager; implemented alternate MediaWiki syntax for template embedding; added Adobe Spry for "shake" effect on unsuccessful login
Dan
diff
changeset
+ − 1034
$this->process_template('header.tpl');
4c5c2b66a34d
SECURITY: remove debug message in session manager; implemented alternate MediaWiki syntax for template embedding; added Adobe Spry for "shake" effect on unsuccessful login
Dan
diff
changeset
+ − 1035
echo $header;
4c5c2b66a34d
SECURITY: remove debug message in session manager; implemented alternate MediaWiki syntax for template embedding; added Adobe Spry for "shake" effect on unsuccessful login
Dan
diff
changeset
+ − 1036
}
1
+ − 1037
if ( !$simple && $session->user_logged_in && $session->unread_pms > 0 )
+ − 1038
{
+ − 1039
echo $this->notify_unread_pms();
+ − 1040
}
+ − 1041
if ( !$simple && $session->sw_timed_out )
+ − 1042
{
+ − 1043
$login_link = makeUrlNS('Special', 'Login/' . $paths->fullpage, 'level=' . $session->user_level, true);
+ − 1044
echo '<div class="usermessage">';
215
+ − 1045
echo $lang->get('user_msg_elev_timed_out', array( 'login_link' => $login_link ));
1
+ − 1046
echo '</div>';
+ − 1047
}
30
+ − 1048
if ( $this->site_disabled && $session->user_level >= USER_LEVEL_ADMIN && ( $paths->page != $paths->nslist['Special'] . 'Administration' ) )
+ − 1049
{
+ − 1050
$admin_link = makeUrlNS('Special', 'Administration', 'module=' . $paths->nslist['Admin'] . 'GeneralConfig', true);
391
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 1051
echo '<div class="usermessage"><b>' . $lang->get('page_sitedisabled_admin_msg_title') . '</b><br />
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 1052
' . $lang->get('page_sitedisabled_admin_msg_body', array('admin_link' => $admin_link)) . '
30
+ − 1053
</div>';
+ − 1054
}
1
+ − 1055
}
372
5bd429428101
A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager
Dan
diff
changeset
+ − 1056
1
+ − 1057
function footer($simple = false)
+ − 1058
{
396
3289e4dcb4b8
Fixed some stray undefined-variable problems revealed as a result of testing on Windows Server '03, IIS6, PHP/FastCGI, and PostgreSQL 8.2.5.
Dan
diff
changeset
+ − 1059
echo $this->getFooter($simple);
391
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 1060
ob_end_flush();
1
+ − 1061
}
372
5bd429428101
A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager
Dan
diff
changeset
+ − 1062
1
+ − 1063
function getHeader()
+ − 1064
{
+ − 1065
$headers_sent = true;
+ − 1066
if(!defined('ENANO_HEADERS_SENT'))
+ − 1067
define('ENANO_HEADERS_SENT', '');
+ − 1068
if(!$this->no_headers) return $this->process_template('header.tpl');
+ − 1069
}
396
3289e4dcb4b8
Fixed some stray undefined-variable problems revealed as a result of testing on Windows Server '03, IIS6, PHP/FastCGI, and PostgreSQL 8.2.5.
Dan
diff
changeset
+ − 1070
function getFooter($simple = false)
1
+ − 1071
{
+ − 1072
global $db, $session, $paths, $template, $plugins; // Common objects
391
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 1073
global $lang;
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 1074
if ( !$this->no_headers )
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 1075
{
1
+ − 1076
+ − 1077
if(!defined('ENANO_HEADERS_SENT'))
+ − 1078
$this->header();
+ − 1079
+ − 1080
global $_starttime;
+ − 1081
if(isset($_GET['sqldbg']) && $session->get_permissions('mod_misc'))
+ − 1082
{
391
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 1083
echo '<h3>' . $lang->get('page_heading_sql_list') . '</h3><pre style="margin-left: 1em">';
272
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
diff
changeset
+ − 1084
echo htmlspecialchars($db->sql_backtrace());
1
+ − 1085
echo '</pre>';
+ − 1086
}
+ − 1087
+ − 1088
$t = ( $simple ) ? $this->process_template('simple-footer.tpl') : $this->process_template('footer.tpl');
+ − 1089
+ − 1090
$f = microtime_float();
+ − 1091
$f = $f - $_starttime;
413
6607cd646d6d
Added autosave functionality and resurrected the old toolbar code that was added about a year ago but never uesd.
Dan
diff
changeset
+ − 1092
$f = round($f, 2);
391
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 1093
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 1094
$t_loc = $lang->get('page_msg_stats_gentime_short', array('time' => $f));
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 1095
$t_loc_long = $lang->get('page_msg_stats_gentime_long', array('time' => $f));
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 1096
$q_loc = '<a href="' . $this->tpl_strings['REPORT_URI'] . '">' . $lang->get('page_msg_stats_sql', array('nq' => $db->num_queries)) . '</a>';
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 1097
$dbg = $t_loc;
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 1098
$dbg_long = $t_loc_long;
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 1099
if ( $session->user_level >= USER_LEVEL_ADMIN )
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 1100
{
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 1101
$dbg .= " | $q_loc";
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 1102
$dbg_long .= " | $q_loc";
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 1103
}
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 1104
1
+ − 1105
$t = str_replace('[[Stats]]', $dbg, $t);
391
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 1106
$t = str_replace('[[StatsLong]]', $dbg_long, $t);
1
+ − 1107
$t = str_replace('[[NumQueries]]', (string)$db->num_queries, $t);
+ − 1108
$t = str_replace('[[GenTime]]', (string)$f, $t);
391
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 1109
$t = str_replace('[[NumQueriesLoc]]', $q_loc, $t);
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 1110
$t = str_replace('[[GenTimeLoc]]', $t_loc, $t);
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 1111
$t = str_replace('[[EnanoPoweredLink]]', $lang->get('page_enano_powered', array('about_uri' => $this->tpl_strings['URL_ABOUT_ENANO'])), $t);
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 1112
$t = str_replace('[[EnanoPoweredLinkLong]]', $lang->get('page_enano_powered_long', array('about_uri' => $this->tpl_strings['URL_ABOUT_ENANO'])), $t);
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 1113
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 1114
if ( defined('ENANO_DEBUG') )
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 1115
$t = str_replace('</body>', '<div id="profile" style="margin: 10px;">' . profiler_make_html() . '</div></body>', $t);
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 1116
1
+ − 1117
return $t;
+ − 1118
}
391
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 1119
else
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 1120
{
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 1121
return '';
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 1122
}
1
+ − 1123
}
+ − 1124
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1125
/**
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1126
* Compiles and executes a template based on the current variables and booleans. Loads
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1127
* the theme and initializes variables if needed. This mostly just calls child functions.
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1128
* @param string File to process
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1129
* @return string
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1130
*/
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1131
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1132
function process_template($file)
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1133
{
1
+ − 1134
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1135
if(!defined('ENANO_TEMPLATE_LOADED'))
+ − 1136
{
+ − 1137
$this->load_theme();
+ − 1138
$this->init_vars();
+ − 1139
}
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1140
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1141
$compiled = $this->compile_template($file);
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1142
return eval($compiled);
1
+ − 1143
}
+ − 1144
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1145
/**
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1146
* Loads variables from the specified template file. Returns an associative array containing the variables.
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1147
* @param string Template file to process (elements.tpl)
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1148
* @return array
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1149
*/
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1150
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1151
function extract_vars($file)
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1152
{
1
+ − 1153
global $db, $session, $paths, $template, $plugins; // Common objects
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1154
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1155
// Sometimes this function gets called before the theme is loaded
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1156
// This is a bad coding practice so this function will always be picky.
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1157
if ( !$this->theme )
1
+ − 1158
{
+ − 1159
die('$template->extract_vars(): theme not yet loaded, so we can\'t open template files yet...this is a bug and should be reported.<br /><br />Backtrace, most recent call first:<pre>'.enano_debug_print_backtrace(true).'</pre>');
+ − 1160
}
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1161
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1162
// Full pathname of template file
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1163
$tpl_file_fullpath = ENANO_ROOT . '/themes/' . $this->theme . '/' . $file;
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1164
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1165
// Make sure the template even exists
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1166
if ( !is_file($tpl_file_fullpath) )
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1167
{
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1168
die_semicritical('Cannot find template file',
472
bc4b58034f4d
Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
Dan
diff
changeset
+ − 1169
'<p>The template parser was asked to load the file "' . htmlspecialchars($tpl_file_fullpath) . '", but that file couldn\'t be found in the directory for
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1170
the current theme.</p>
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1171
<p>Additional debugging information:<br />
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1172
<b>Theme currently in use: </b>' . $this->theme . '<br />
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1173
<b>Requested file: </b>' . $file . '
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1174
</p>');
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1175
}
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1176
// Retrieve file contents
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1177
$text = file_get_contents($tpl_file_fullpath);
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1178
if ( !$text )
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1179
{
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1180
return false;
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1181
}
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1182
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1183
// Get variables, regular expressions FTW
1
+ − 1184
preg_match_all('#<\!-- VAR ([A-z0-9_-]*) -->(.*?)<\!-- ENDVAR \\1 -->#is', $text, $matches);
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1185
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1186
// Initialize return values
1
+ − 1187
$tplvars = Array();
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1188
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1189
// Loop through each match, setting $tplvars[ $first_subpattern ] to $second_subpattern
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1190
for ( $i = 0; $i < sizeof($matches[1]); $i++ )
1
+ − 1191
{
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1192
$tplvars[ $matches[1][$i] ] = $matches[2][$i];
1
+ − 1193
}
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1194
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1195
// All done!
1
+ − 1196
return $tplvars;
+ − 1197
}
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1198
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1199
/**
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1200
* Compiles a block of template code.
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1201
* @param string The text to process
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1202
* @return string
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1203
*/
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1204
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1205
function compile_tpl_code($text)
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1206
{
533
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1207
return template_compiler_core($text);
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1208
}
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1209
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1210
/**
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1211
* Compiles the contents of a given template file, possibly using a cached copy, and returns the compiled code.
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1212
* @param string Filename of template (header.tpl)
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1213
* @return string
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1214
*/
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1215
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1216
function compile_template($filename)
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1217
{
1
+ − 1218
global $db, $session, $paths, $template, $plugins; // Common objects
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1219
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1220
// Full path to template file
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1221
$tpl_file_fullpath = ENANO_ROOT . '/themes/' . $this->theme . '/' . $filename;
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1222
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1223
// Make sure the file exists
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1224
if ( !is_file($tpl_file_fullpath) )
1
+ − 1225
{
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1226
die_semicritical('Cannot find template file',
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1227
'<p>The template parser was asked to load the file "' . htmlspecialchars($filename) . '", but that file couldn\'t be found in the directory for
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1228
the current theme.</p>
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1229
<p>Additional debugging information:<br />
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1230
<b>Theme currently in use: </b>' . $this->theme . '<br />
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1231
<b>Requested file: </b>' . $file . '
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1232
</p>');
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1233
}
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1234
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1235
// Check for cached copy
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1236
// This will make filenames in the pattern of theme-file.tpl.php
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1237
$cache_file = ENANO_ROOT . '/cache/' . $this->theme . '-' . str_replace('/', '-', $filename) . '.php';
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1238
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1239
// Only use cached copy if caching is enabled
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1240
// (it is enabled by default I think)
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1241
if ( file_exists($cache_file) && getConfig('cache_thumbs') == '1' )
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1242
{
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1243
// Cache files are auto-generated, but otherwise are normal PHP files
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1244
include($cache_file);
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1245
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1246
// Fetch content of the ORIGINAL
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1247
$text = file_get_contents($tpl_file_fullpath);
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1248
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1249
// $md5 will be set by the cached file
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1250
// This makes sure that a cached copy of the template is used only if its MD5
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1251
// matches the MD5 of the file that the compiled file was compiled from.
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1252
if ( isset($md5) && $md5 == md5($text) )
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1253
{
211
+ − 1254
return $this->compile_template_text_post(str_replace('\\"', '"', $tpl_text));
1
+ − 1255
}
+ − 1256
}
+ − 1257
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1258
// We won't use the cached copy here
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1259
$text = file_get_contents($tpl_file_fullpath);
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1260
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1261
// This will be used later when writing the cached file
1
+ − 1262
$md5 = md5($text);
+ − 1263
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1264
// Preprocessing and checks complete - compile the code
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1265
$text = $this->compile_tpl_code($text);
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1266
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1267
// Perhaps caching is enabled and the admin has changed the template?
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1268
if ( is_writable( ENANO_ROOT . '/cache/' ) && getConfig('cache_thumbs') == '1' )
1
+ − 1269
{
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1270
$h = fopen($cache_file, 'w');
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1271
if ( !$h )
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1272
{
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1273
// Couldn't open the file - silently ignore and return
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1274
return $text;
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1275
}
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1276
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1277
// Escape the compiled code so it can be eval'ed
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1278
$text_escaped = addslashes($text);
128
01955bf53f96
Improved ban control page and allowed multiple entries/IP ranges; changed some parameters on jBox; user level changes are logged now
Dan
diff
changeset
+ − 1279
$notice = <<<EOF
01955bf53f96
Improved ban control page and allowed multiple entries/IP ranges; changed some parameters on jBox; user level changes are logged now
Dan
diff
changeset
+ − 1280
01955bf53f96
Improved ban control page and allowed multiple entries/IP ranges; changed some parameters on jBox; user level changes are logged now
Dan
diff
changeset
+ − 1281
/*
01955bf53f96
Improved ban control page and allowed multiple entries/IP ranges; changed some parameters on jBox; user level changes are logged now
Dan
diff
changeset
+ − 1282
* NOTE: This file was automatically generated by Enano and is based on compiled code. Do not edit this file.
01955bf53f96
Improved ban control page and allowed multiple entries/IP ranges; changed some parameters on jBox; user level changes are logged now
Dan
diff
changeset
+ − 1283
* If you edit this file, any changes you make will be lost the next time the associated source template file is edited.
01955bf53f96
Improved ban control page and allowed multiple entries/IP ranges; changed some parameters on jBox; user level changes are logged now
Dan
diff
changeset
+ − 1284
*/
01955bf53f96
Improved ban control page and allowed multiple entries/IP ranges; changed some parameters on jBox; user level changes are logged now
Dan
diff
changeset
+ − 1285
01955bf53f96
Improved ban control page and allowed multiple entries/IP ranges; changed some parameters on jBox; user level changes are logged now
Dan
diff
changeset
+ − 1286
EOF;
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1287
// This is really just a normal PHP file that sets a variable or two and exits.
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1288
// $tpl_text actually will contain the compiled code
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1289
fwrite($h, '<?php ' . $notice . ' $md5 = \'' . $md5 . '\'; $tpl_text = \'' . $text_escaped . '\'; ?>');
1
+ − 1290
fclose($h);
+ − 1291
}
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1292
211
+ − 1293
return $this->compile_template_text_post($text); //('<pre>'.htmlspecialchars($text).'</pre>');
1
+ − 1294
}
+ − 1295
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1296
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1297
/**
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1298
* Compiles (parses) some template code with the current master set of variables and booleans.
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1299
* @param string Text to process
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1300
* @return string
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1301
*/
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1302
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1303
function compile_template_text($text)
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1304
{
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1305
// this might do something else in the future, possibly cache large templates
211
+ − 1306
return $this->compile_template_text_post($this->compile_tpl_code($text));
1
+ − 1307
}
+ − 1308
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1309
/**
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1310
* For convenience - compiles AND parses some template code.
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1311
* @param string Text to process
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1312
* @return string
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1313
*/
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1314
1
+ − 1315
function parse($text)
+ − 1316
{
+ − 1317
$text = $this->compile_template_text($text);
211
+ − 1318
$text = $this->compile_template_text_post($text);
1
+ − 1319
return eval($text);
+ − 1320
}
+ − 1321
211
+ − 1322
/**
+ − 1323
* Post-processor for template code. Basically what this does is it localizes {lang:foo} blocks.
+ − 1324
* @param string Mostly-processed TPL code
+ − 1325
* @return string
+ − 1326
*/
+ − 1327
+ − 1328
function compile_template_text_post($text)
+ − 1329
{
+ − 1330
global $lang;
+ − 1331
preg_match_all('/\{lang:([a-z0-9]+_[a-z0-9_]+)\}/', $text, $matches);
+ − 1332
foreach ( $matches[1] as $i => $string_id )
+ − 1333
{
+ − 1334
$string = $lang->get($string_id);
+ − 1335
$string = str_replace('\\', '\\\\', $string);
+ − 1336
$string = str_replace('\'', '\\\'', $string);
+ − 1337
$text = str_replace_once($matches[0][$i], $string, $text);
+ − 1338
}
+ − 1339
return $text;
+ − 1340
}
+ − 1341
1
+ − 1342
// Steps to turn this:
+ − 1343
// [[Project:Community Portal]]
+ − 1344
// into this:
+ − 1345
// <a href="/Project:Community_Portal">Community Portal</a>
+ − 1346
// Must be done WITHOUT creating eval'ed code!!!
+ − 1347
+ − 1348
// 1. preg_replace \[\[([a-zA-Z0-9 -_:]*?)\]\] with <a href="'.contentPath.'\\1">\\1</a>
+ − 1349
// 2. preg_match_all <a href="'.preg_quote(contentPath).'([a-zA-Z0-9 -_:]*?)">
+ − 1350
// 3. For each match, replace matches with identifiers
+ − 1351
// 4. For each match, str_replace ' ' with '_'
+ − 1352
// 5. For each match, str_replace match_id:random_val with $matches[$match_id]
+ − 1353
+ − 1354
// The template language is really a miniature programming language; with variables, conditionals, everything!
+ − 1355
// So you can implement custom logic into your sidebar if you wish.
+ − 1356
// "Real" PHP support coming soon :-D
+ − 1357
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1358
/**
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1359
* Takes a blob of HTML with the specially formatted template-oriented wikitext and formats it. Does not use eval().
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1360
* This function butchers every coding standard in Enano and should eventually be rewritten. The fact is that the
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1361
* code _works_ and does a good job of checking for errors and cleanly complaining about them.
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1362
* @param string Text to process
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1363
* @param bool Ignored for backwards compatibility
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1364
* @param string File to get variables for sidebar data from
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1365
* @return string
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1366
*/
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1367
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1368
function tplWikiFormat($message, $filter_links = false, $filename = 'elements.tpl')
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1369
{
1
+ − 1370
global $db, $session, $paths, $template, $plugins; // Common objects
215
+ − 1371
global $lang;
+ − 1372
1
+ − 1373
$filter_links = false;
+ − 1374
$tplvars = $this->extract_vars($filename);
+ − 1375
if($session->sid_super) $as = htmlspecialchars(urlSeparator).'auth='.$session->sid_super;
+ − 1376
else $as = '';
+ − 1377
error_reporting(E_ALL);
+ − 1378
$random_id = sha1(microtime().''); // A temp value
+ − 1379
+ − 1380
/*
+ − 1381
* PREPROCESSOR
+ − 1382
*/
+ − 1383
+ − 1384
// Variables
+ − 1385
+ − 1386
preg_match_all('#\$([A-Z_-]+)\$#', $message, $links);
+ − 1387
$links = $links[1];
+ − 1388
+ − 1389
for($i=0;$i<sizeof($links);$i++)
+ − 1390
{
+ − 1391
$message = str_replace('$'.$links[$i].'$', $this->tpl_strings[$links[$i]], $message);
+ − 1392
}
+ − 1393
+ − 1394
// Conditionals
+ − 1395
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1396
preg_match_all('#\{if ([A-Za-z0-9_ \(\)&\|\!-]*)\}(.*?)\{\/if\}#is', $message, $links);
1
+ − 1397
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1398
// Temporary exception from coding standards - using tab length of 4 here for clarity
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1399
for ( $i = 0; $i < sizeof($links[1]); $i++ )
1
+ − 1400
{
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1401
$condition =& $links[1][$i];
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1402
$message = str_replace('{if '.$condition.'}'.$links[2][$i].'{/if}', '{CONDITIONAL:'.$i.':'.$random_id.'}', $message);
1
+ − 1403
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1404
// Time for some manual parsing...
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1405
$chk = false;
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1406
$current_id = '';
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1407
$prn_level = 0;
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1408
// Used to keep track of where we are in the conditional
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1409
// Object of the game: turn {if this && ( that OR !something_else )} ... {/if} into if( ( isset($this->tpl_bool['that']) && $this->tpl_bool['that'] ) && ...
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1410
// Method of attack: escape all variables, ignore all else. Non-valid code is filtered out by a regex above.
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1411
$in_var_now = true;
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1412
$in_var_last = false;
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1413
$current_var = '';
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1414
$current_var_start_pos = 0;
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1415
$current_var_end_pos = 0;
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1416
$j = -1;
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1417
$condition = $condition . ' ';
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1418
$d = strlen($condition);
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1419
while($j < $d)
1
+ − 1420
{
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1421
$j++;
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1422
$in_var_last = $in_var_now;
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1423
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1424
$char = substr($condition, $j, 1);
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1425
$in_var_now = ( preg_match('#^([A-z0-9_]*){1}$#', $char) ) ? true : false;
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1426
if(!$in_var_last && $in_var_now)
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1427
{
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1428
$current_var_start_pos = $j;
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1429
}
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1430
if($in_var_last && !$in_var_now)
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1431
{
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1432
$current_var_end_pos = $j;
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1433
}
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1434
if($in_var_now)
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1435
{
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1436
$current_var .= $char;
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1437
continue;
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1438
}
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1439
// OK we are not inside of a variable. That means that we JUST hit the end because the counter ($j) will be advanced to the beginning of the next variable once processing here is complete.
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1440
if($char != ' ' && $char != '(' && $char != ')' && $char != 'A' && $char != 'N' && $char != 'D' && $char != 'O' && $char != 'R' && $char != '&' && $char != '|' && $char != '!' && $char != '<' && $char != '>' && $char != '0' && $char != '1' && $char != '2' && $char != '3' && $char != '4' && $char != '5' && $char != '6' && $char != '7' && $char != '8' && $char != '9')
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1441
{
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1442
// XSS attack! Bail out
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1443
$errmsg = '<p><b>Error:</b> Syntax error (possibly XSS attack) caught in template code:</p>';
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1444
$errmsg .= '<pre>';
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1445
$errmsg .= '{if '.htmlspecialchars($condition).'}';
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1446
$errmsg .= "\n ";
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1447
for ( $k = 0; $k < $j; $k++ )
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1448
{
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1449
$errmsg .= " ";
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1450
}
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1451
// Show position of error
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1452
$errmsg .= '<span style="color: red;">^</span>';
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1453
$errmsg .= '</pre>';
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1454
$message = str_replace('{CONDITIONAL:'.$i.':'.$random_id.'}', $errmsg, $message);
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1455
continue 2;
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1456
}
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1457
if($current_var != '')
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1458
{
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1459
$cd = '( isset($this->tpl_bool[\''.$current_var.'\']) && $this->tpl_bool[\''.$current_var.'\'] )';
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1460
$cvt = substr($condition, 0, $current_var_start_pos) . $cd . substr($condition, $current_var_end_pos, strlen($condition));
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1461
$j = $j + strlen($cd) - strlen($current_var);
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1462
$current_var = '';
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1463
$condition = $cvt;
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1464
$d = strlen($condition);
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1465
}
1
+ − 1466
}
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1467
$condition = substr($condition, 0, strlen($condition)-1);
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1468
$condition = '$chk = ( '.$condition.' ) ? true : false;';
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1469
eval($condition);
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1470
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1471
if($chk)
1
+ − 1472
{
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1473
if(strstr($links[2][$i], '{else}')) $c = substr($links[2][$i], 0, strpos($links[2][$i], '{else}'));
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1474
else $c = $links[2][$i];
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1475
$message = str_replace('{CONDITIONAL:'.$i.':'.$random_id.'}', $c, $message);
1
+ − 1476
}
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1477
else
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1478
{
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1479
if(strstr($links[2][$i], '{else}')) $c = substr($links[2][$i], strpos($links[2][$i], '{else}')+6, strlen($links[2][$i]));
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1480
else $c = '';
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1481
$message = str_replace('{CONDITIONAL:'.$i.':'.$random_id.'}', $c, $message);
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1482
}
1
+ − 1483
}
+ − 1484
+ − 1485
preg_match_all('#\{!if ([A-Za-z_-]*)\}(.*?)\{\/if\}#is', $message, $links);
+ − 1486
+ − 1487
for($i=0;$i<sizeof($links[1]);$i++)
+ − 1488
{
+ − 1489
$message = str_replace('{!if '.$links[1][$i].'}'.$links[2][$i].'{/if}', '{CONDITIONAL:'.$i.':'.$random_id.'}', $message);
+ − 1490
if(isset($this->tpl_bool[$links[1][$i]]) && $this->tpl_bool[$links[1][$i]]) {
+ − 1491
if(strstr($links[2][$i], '{else}')) $c = substr($links[2][$i], strpos($links[2][$i], '{else}')+6, strlen($links[2][$i]));
+ − 1492
else $c = '';
+ − 1493
$message = str_replace('{CONDITIONAL:'.$i.':'.$random_id.'}', $c, $message);
+ − 1494
} else {
+ − 1495
if(strstr($links[2][$i], '{else}')) $c = substr($links[2][$i], 0, strpos($links[2][$i], '{else}'));
+ − 1496
else $c = $links[2][$i];
+ − 1497
$message = str_replace('{CONDITIONAL:'.$i.':'.$random_id.'}', $c, $message);
+ − 1498
}
+ − 1499
}
+ − 1500
215
+ − 1501
preg_match_all('/\{lang:([a-z0-9]+_[a-z0-9_]+)\}/', $message, $matches);
+ − 1502
foreach ( $matches[1] as $i => $string_id )
+ − 1503
{
+ − 1504
$string = $lang->get($string_id);
+ − 1505
$string = str_replace('\\', '\\\\', $string);
+ − 1506
$string = str_replace('\'', '\\\'', $string);
+ − 1507
$message = str_replace_once($matches[0][$i], $string, $message);
+ − 1508
}
+ − 1509
1
+ − 1510
/*
+ − 1511
* HTML RENDERER
+ − 1512
*/
+ − 1513
+ − 1514
// Images
+ − 1515
$j = preg_match_all('#\[\[:'.$paths->nslist['File'].'([\w\s0-9_\(\)!@%\^\+\|\.-]+?)\]\]#is', $message, $matchlist);
+ − 1516
$matches = Array();
+ − 1517
$matches['images'] = $matchlist[1];
+ − 1518
for($i=0;$i<sizeof($matchlist[1]);$i++)
+ − 1519
{
+ − 1520
if(isPage($paths->nslist['File'].$matches['images'][$i]))
+ − 1521
{
+ − 1522
$message = str_replace('[[:'.$paths->nslist['File'].$matches['images'][$i].']]',
+ − 1523
'<img alt="'.$matches['images'][$i].'" style="border: 0" src="'.makeUrlNS('Special', 'DownloadFile/'.$matches['images'][$i]).'" />',
+ − 1524
$message);
+ − 1525
}
+ − 1526
}
+ − 1527
+ − 1528
// Internal links
+ − 1529
+ − 1530
$text_parser = $this->makeParserText($tplvars['sidebar_button']);
+ − 1531
133
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
diff
changeset
+ − 1532
preg_match_all("#\[\[([^\|\]\n\a\r\t]*?)\]\]#is", $message, $il);
1
+ − 1533
for($i=0;$i<sizeof($il[1]);$i++)
+ − 1534
{
+ − 1535
$href = makeUrl(str_replace(' ', '_', $il[1][$i]), null, true);
59
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1536
$text_parser->assign_vars(Array(
1
+ − 1537
'HREF' => $href,
+ − 1538
'FLAGS' => '',
+ − 1539
'TEXT' => $il[1][$i]
+ − 1540
));
+ − 1541
$message = str_replace("[[{$il[1][$i]}]]", $text_parser->run(), $message);
+ − 1542
}
+ − 1543
133
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
diff
changeset
+ − 1544
preg_match_all('#\[\[([^\|\]\n\a\r\t]*?)\|([^\]\r\n\a\t]*?)\]\]#is', $message, $il);
1
+ − 1545
for($i=0;$i<sizeof($il[1]);$i++)
+ − 1546
{
+ − 1547
$href = makeUrl(str_replace(' ', '_', $il[1][$i]), null, true);
+ − 1548
$text_parser->assign_vars(Array(
+ − 1549
'HREF' => $href,
+ − 1550
'FLAGS' => '',
+ − 1551
'TEXT' => $il[2][$i]
+ − 1552
));
+ − 1553
$message = str_replace("[[{$il[1][$i]}|{$il[2][$i]}]]", $text_parser->run(), $message);
+ − 1554
}
+ − 1555
+ − 1556
// External links
59
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1557
// $message = preg_replace('#\[(http|ftp|irc):\/\/([a-z0-9\/:_\.\?&%\#@_\\\\-]+?) ([^\]]+)\\]#', '<a href="\\1://\\2">\\3</a><br style="display: none;" />', $message);
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1558
// $message = preg_replace('#\[(http|ftp|irc):\/\/([a-z0-9\/:_\.\?&%\#@_\\\\-]+?)\\]#', '<a href="\\1://\\2">\\1://\\2</a><br style="display: none;" />', $message);
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1559
230
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 1560
preg_match_all('/\[((https?|ftp|irc):\/\/([^@\s\]"\':]+)?((([a-z0-9-]+\.)*)[a-z0-9-]+)(\/[A-z0-9_%\|~`!\!@#\$\^&\*\(\):;\.,\/-]*(\?(([a-z0-9_-]+)(=[A-z0-9_%\|~`\!@#\$\^&\*\(\):;\.,\/-\[\]]+)?((&([a-z0-9_-]+)(=[A-z0-9_%\|~`!\!@#\$\^&\*\(\):;\.,\/-]+)?)*))?)?)?) ([^\]]+)\]/is', $message, $ext_link);
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 1561
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 1562
// die('<pre>' . htmlspecialchars( print_r($ext_link, true) ) . '</pre>');
59
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1563
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1564
for ( $i = 0; $i < count($ext_link[0]); $i++ )
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1565
{
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1566
$text_parser->assign_vars(Array(
165
+ − 1567
'HREF' => $ext_link[1][$i],
59
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1568
'FLAGS' => '',
165
+ − 1569
'TEXT' => $ext_link[16][$i]
59
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1570
));
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1571
$message = str_replace($ext_link[0][$i], $text_parser->run(), $message);
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1572
}
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1573
230
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 1574
preg_match_all('/\[((https?|ftp|irc):\/\/([^@\s\]"\':]+)?((([a-z0-9-]+\.)*)[a-z0-9-]+)(\/[A-z0-9_%\|~`!\!@#\$\^&\*\(\):;\.,\/-]*(\?(([a-z0-9_-]+)(=[A-z0-9_%\|~`\!@#\$\^&\*\(\):;\.,\/-\[\]]+)?((&([a-z0-9_-]+)(=[A-z0-9_%\|~`!\!@#\$\^&\*\(\):;\.,\/-]+)?)*))?)?)?)\]/is', $message, $ext_link);
59
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1575
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1576
for ( $i = 0; $i < count($ext_link[0]); $i++ )
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1577
{
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1578
$text_parser->assign_vars(Array(
165
+ − 1579
'HREF' => $ext_link[1][$i],
59
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1580
'FLAGS' => '',
165
+ − 1581
'TEXT' => htmlspecialchars($ext_link[1][$i])
59
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1582
));
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1583
$message = str_replace($ext_link[0][$i], $text_parser->run(), $message);
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1584
}
1
+ − 1585
+ − 1586
$parser1 = $this->makeParserText($tplvars['sidebar_section']);
+ − 1587
$parser2 = $this->makeParserText($tplvars['sidebar_section_raw']);
+ − 1588
60
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 1589
preg_match_all('#\{slider(2|)=([^\}]*?)\}(.*?)\{\/slider(2|)\}#is', $message, $sb);
1
+ − 1590
+ − 1591
// Modified to support the sweet new template var system
+ − 1592
for($i=0;$i<sizeof($sb[1]);$i++)
+ − 1593
{
+ − 1594
$p = ($sb[1][$i] == '2') ? $parser2 : $parser1;
+ − 1595
$p->assign_vars(Array('TITLE'=>$sb[2][$i],'CONTENT'=>$sb[3][$i]));
+ − 1596
$message = str_replace("{slider{$sb[1][$i]}={$sb[2][$i]}}{$sb[3][$i]}{/slider{$sb[4][$i]}}", $p->run(), $message);
+ − 1597
}
+ − 1598
+ − 1599
/*
+ − 1600
Extras ;-)
+ − 1601
$message = preg_replace('##is', '', $message);
+ − 1602
$message = preg_replace('##is', '', $message);
+ − 1603
$message = preg_replace('##is', '', $message);
+ − 1604
$message = preg_replace('##is', '', $message);
+ − 1605
$message = preg_replace('##is', '', $message);
+ − 1606
*/
+ − 1607
+ − 1608
//die('<pre>'.htmlspecialchars($message).'</pre>');
+ − 1609
//eval($message); exit;
+ − 1610
return $message;
+ − 1611
}
+ − 1612
+ − 1613
/**
+ − 1614
* Print a text field that auto-completes a username entered into it.
+ − 1615
* @param string $name - the name of the form field
+ − 1616
* @return string
+ − 1617
*/
+ − 1618
+ − 1619
function username_field($name, $value = false)
+ − 1620
{
+ − 1621
$randomid = md5( time() . microtime() . mt_rand() );
184
+ − 1622
$text = '<input name="'.$name.'" onkeyup="new AutofillUsername(this);" autocomplete="off" type="text" size="30" id="userfield_'.$randomid.'"';
1
+ − 1623
if($value) $text .= ' value="'.$value.'"';
+ − 1624
$text .= ' />';
+ − 1625
return $text;
+ − 1626
}
+ − 1627
+ − 1628
/**
+ − 1629
* Print a text field that auto-completes a page name entered into it.
+ − 1630
* @param string $name - the name of the form field
+ − 1631
* @return string
+ − 1632
*/
+ − 1633
+ − 1634
function pagename_field($name, $value = false)
+ − 1635
{
+ − 1636
$randomid = md5( time() . microtime() . mt_rand() );
+ − 1637
$text = '<input name="'.$name.'" onkeyup="ajaxPageNameComplete(this)" type="text" size="30" id="pagefield_'.$randomid.'"';
+ − 1638
if($value) $text .= ' value="'.$value.'"';
+ − 1639
$text .= ' />';
+ − 1640
$text .= '<script type="text/javascript">
+ − 1641
var inp = document.getElementById(\'pagefield_' . $randomid . '\');
+ − 1642
var f = get_parent_form(inp);
+ − 1643
if ( f )
+ − 1644
{
+ − 1645
if ( typeof(f.onsubmit) != \'function\' )
+ − 1646
{
+ − 1647
f.onsubmit = function() {
+ − 1648
if ( !submitAuthorized )
+ − 1649
{
+ − 1650
return false;
+ − 1651
}
+ − 1652
}
+ − 1653
}
+ − 1654
}</script>';
+ − 1655
return $text;
+ − 1656
}
+ − 1657
+ − 1658
/**
+ − 1659
* Sends a textarea that can be converted to and from a TinyMCE widget on the fly.
+ − 1660
* @param string The name of the form element
+ − 1661
* @param string The initial content. Optional, defaults to blank
+ − 1662
* @param int Rows in textarea
+ − 1663
* @param int Columns in textarea
+ − 1664
* @return string HTML and Javascript code.
+ − 1665
*/
+ − 1666
+ − 1667
function tinymce_textarea($name, $content = '', $rows = 20, $cols = 60)
+ − 1668
{
370
+ − 1669
global $lang;
1
+ − 1670
$randomid = md5(microtime() . mt_rand());
+ − 1671
$html = '';
+ − 1672
$html .= '<textarea name="' . $name . '" rows="'.$rows.'" cols="'.$cols.'" style="width: 100%;" id="toggleMCEroot_'.$randomid.'">' . $content . '</textarea>';
370
+ − 1673
$html .= '<div style="float: right; display: table;" id="mceSwitchAgent_' . $randomid . '">' . $lang->get('etc_tinymce_btn_text') . ' | <a href="#" onclick="if ( !KILL_SWITCH ) { toggleMCE_'.$randomid.'(); return false; }">' . $lang->get('etc_tinymce_btn_graphical') . '</a></div>';
1
+ − 1674
$html .= '<script type="text/javascript">
+ − 1675
// <![CDATA[
+ − 1676
function toggleMCE_'.$randomid.'()
+ − 1677
{
+ − 1678
var the_obj = document.getElementById(\'toggleMCEroot_' . $randomid . '\');
+ − 1679
var panel = document.getElementById(\'mceSwitchAgent_' . $randomid . '\');
370
+ − 1680
var text_editor = $lang.get("etc_tinymce_btn_text");
+ − 1681
var graphical_editor = $lang.get("etc_tinymce_btn_graphical");
1
+ − 1682
if ( the_obj.dnIsMCE == "yes" )
+ − 1683
{
+ − 1684
$dynano(the_obj).destroyMCE();
370
+ − 1685
panel.innerHTML = text_editor + \' | <a href="#" onclick="if ( !KILL_SWITCH ) { toggleMCE_'.$randomid.'(); return false; }">\' + graphical_editor + \'</a>\';
1
+ − 1686
}
+ − 1687
else
+ − 1688
{
+ − 1689
$dynano(the_obj).switchToMCE();
370
+ − 1690
panel.innerHTML = \'<a href="#" onclick="if ( !KILL_SWITCH ) { toggleMCE_'.$randomid.'(); return false; }">\' + text_editor + \'</a> | \' + graphical_editor;
1
+ − 1691
}
+ − 1692
}
+ − 1693
// ]]>
+ − 1694
</script>';
+ − 1695
return $html;
+ − 1696
}
+ − 1697
+ − 1698
/**
+ − 1699
* Allows individual parsing of template files. Similar to phpBB but follows the spirit of object-oriented programming ;)
+ − 1700
* Returns on object of class templateIndividual. Usage instructions can be found in the inline docs for that class.
+ − 1701
* @param $filename the filename of the template to be parsed
+ − 1702
* @return object
+ − 1703
*/
+ − 1704
+ − 1705
function makeParser($filename)
+ − 1706
{
+ − 1707
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1708
$filename = ENANO_ROOT.'/themes/'.$template->theme.'/'.$filename;
+ − 1709
if(!file_exists($filename)) die('templateIndividual: file '.$filename.' does not exist');
+ − 1710
$code = file_get_contents($filename);
+ − 1711
$parser = new templateIndividual($code);
+ − 1712
return $parser;
+ − 1713
}
+ − 1714
+ − 1715
/**
+ − 1716
* Same as $template->makeParser(), but takes a string instead of a filename.
+ − 1717
* @param $text the text to parse
+ − 1718
* @return object
+ − 1719
*/
+ − 1720
+ − 1721
function makeParserText($code)
+ − 1722
{
+ − 1723
$parser = new templateIndividual($code);
+ − 1724
return $parser;
+ − 1725
}
+ − 1726
+ − 1727
/**
+ − 1728
* Fetch the HTML for a plugin-added sidebar block
+ − 1729
* @param $name the plugin name
+ − 1730
* @return string
+ − 1731
*/
+ − 1732
+ − 1733
function fetch_block($id)
+ − 1734
{
+ − 1735
if(isset($this->plugin_blocks[$id])) return $this->plugin_blocks[$id];
+ − 1736
else return false;
+ − 1737
}
+ − 1738
+ − 1739
/**
+ − 1740
* Fetches the contents of both sidebars.
+ − 1741
* @return array - key 0 is left, key 1 is right
+ − 1742
* @example list($left, $right) = $template->fetch_sidebar();
+ − 1743
*/
+ − 1744
+ − 1745
function fetch_sidebar()
+ − 1746
{
+ − 1747
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1748
+ − 1749
$left = '';
+ − 1750
$right = '';
+ − 1751
+ − 1752
if ( !$this->fetch_block('Links') )
+ − 1753
$this->initLinksWidget();
+ − 1754
286
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 1755
$q = $db->sql_query('SELECT item_id,sidebar_id,block_name,block_type,block_content FROM '.table_prefix.'sidebar' . "\n"
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 1756
. ' WHERE item_enabled=1 ORDER BY sidebar_id ASC, item_order ASC;');
1
+ − 1757
if(!$q) $db->_die('The sidebar text data could not be selected.');
+ − 1758
+ − 1759
$vars = $this->extract_vars('elements.tpl');
+ − 1760
+ − 1761
if(isset($vars['sidebar_top']))
+ − 1762
{
+ − 1763
$left .= $this->parse($vars['sidebar_top']);
+ − 1764
$right .= $this->parse($vars['sidebar_top']);
+ − 1765
}
+ − 1766
while($row = $db->fetchrow())
+ − 1767
{
+ − 1768
switch($row['block_type'])
+ − 1769
{
+ − 1770
case BLOCK_WIKIFORMAT:
+ − 1771
default:
+ − 1772
$parser = $this->makeParserText($vars['sidebar_section']);
+ − 1773
$c = RenderMan::render($row['block_content']);
+ − 1774
break;
+ − 1775
case BLOCK_TEMPLATEFORMAT:
+ − 1776
$parser = $this->makeParserText($vars['sidebar_section']);
+ − 1777
$c = $this->tplWikiFormat($row['block_content']);
+ − 1778
break;
+ − 1779
case BLOCK_HTML:
+ − 1780
$parser = $this->makeParserText($vars['sidebar_section_raw']);
+ − 1781
$c = $row['block_content'];
+ − 1782
break;
+ − 1783
case BLOCK_PHP:
+ − 1784
$parser = $this->makeParserText($vars['sidebar_section_raw']);
+ − 1785
ob_start();
+ − 1786
@eval($row['block_content']);
+ − 1787
$c = ob_get_contents();
+ − 1788
ob_end_clean();
+ − 1789
break;
+ − 1790
case BLOCK_PLUGIN:
419
b8b4e38825db
Unsuccessful attempt at fixing "dismiss"/"close manager" buttons in ACL editor; non-breaking change to template API to allow plugins to add "normal" sidebar widgets in addition to the special "raw" block type, specified as the third parameter to $template->sidebar_widget(). Defaults to false, which is old behavior; new behavior (enabled by passing TRUE as the 3rd param) means that the content of the block is primarily block-level links.
Dan
diff
changeset
+ − 1791
$parser = $this->makeParserText('{CONTENT}');
472
bc4b58034f4d
Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
Dan
diff
changeset
+ − 1792
$c = (gettype($this->fetch_block($row['block_content'])) == 'string') ? $this->fetch_block($row['block_content']) : /* This used to say "can't find plugin block" but I think it's more friendly to just silently hide it. */ '';
1
+ − 1793
break;
+ − 1794
}
+ − 1795
$parser->assign_vars(Array( 'TITLE'=>$this->tplWikiFormat($row['block_name']), 'CONTENT'=>$c ));
419
b8b4e38825db
Unsuccessful attempt at fixing "dismiss"/"close manager" buttons in ACL editor; non-breaking change to template API to allow plugins to add "normal" sidebar widgets in addition to the special "raw" block type, specified as the third parameter to $template->sidebar_widget(). Defaults to false, which is old behavior; new behavior (enabled by passing TRUE as the 3rd param) means that the content of the block is primarily block-level links.
Dan
diff
changeset
+ − 1796
$run = $parser->run();
b8b4e38825db
Unsuccessful attempt at fixing "dismiss"/"close manager" buttons in ACL editor; non-breaking change to template API to allow plugins to add "normal" sidebar widgets in addition to the special "raw" block type, specified as the third parameter to $template->sidebar_widget(). Defaults to false, which is old behavior; new behavior (enabled by passing TRUE as the 3rd param) means that the content of the block is primarily block-level links.
Dan
diff
changeset
+ − 1797
if ( $row['block_type'] == BLOCK_PLUGIN )
b8b4e38825db
Unsuccessful attempt at fixing "dismiss"/"close manager" buttons in ACL editor; non-breaking change to template API to allow plugins to add "normal" sidebar widgets in addition to the special "raw" block type, specified as the third parameter to $template->sidebar_widget(). Defaults to false, which is old behavior; new behavior (enabled by passing TRUE as the 3rd param) means that the content of the block is primarily block-level links.
Dan
diff
changeset
+ − 1798
{
b8b4e38825db
Unsuccessful attempt at fixing "dismiss"/"close manager" buttons in ACL editor; non-breaking change to template API to allow plugins to add "normal" sidebar widgets in addition to the special "raw" block type, specified as the third parameter to $template->sidebar_widget(). Defaults to false, which is old behavior; new behavior (enabled by passing TRUE as the 3rd param) means that the content of the block is primarily block-level links.
Dan
diff
changeset
+ − 1799
$run = str_replace('{TITLE}', $this->tplWikiFormat($row['block_name']), $run);
b8b4e38825db
Unsuccessful attempt at fixing "dismiss"/"close manager" buttons in ACL editor; non-breaking change to template API to allow plugins to add "normal" sidebar widgets in addition to the special "raw" block type, specified as the third parameter to $template->sidebar_widget(). Defaults to false, which is old behavior; new behavior (enabled by passing TRUE as the 3rd param) means that the content of the block is primarily block-level links.
Dan
diff
changeset
+ − 1800
}
b8b4e38825db
Unsuccessful attempt at fixing "dismiss"/"close manager" buttons in ACL editor; non-breaking change to template API to allow plugins to add "normal" sidebar widgets in addition to the special "raw" block type, specified as the third parameter to $template->sidebar_widget(). Defaults to false, which is old behavior; new behavior (enabled by passing TRUE as the 3rd param) means that the content of the block is primarily block-level links.
Dan
diff
changeset
+ − 1801
if ($row['sidebar_id'] == SIDEBAR_LEFT ) $left .= $run;
b8b4e38825db
Unsuccessful attempt at fixing "dismiss"/"close manager" buttons in ACL editor; non-breaking change to template API to allow plugins to add "normal" sidebar widgets in addition to the special "raw" block type, specified as the third parameter to $template->sidebar_widget(). Defaults to false, which is old behavior; new behavior (enabled by passing TRUE as the 3rd param) means that the content of the block is primarily block-level links.
Dan
diff
changeset
+ − 1802
elseif($row['sidebar_id'] == SIDEBAR_RIGHT) $right .= $run;
1
+ − 1803
unset($parser);
+ − 1804
}
+ − 1805
$db->free_result();
+ − 1806
if(isset($vars['sidebar_bottom']))
+ − 1807
{
+ − 1808
$left .= $this->parse($vars['sidebar_bottom']);
+ − 1809
$right .= $this->parse($vars['sidebar_bottom']);
+ − 1810
}
+ − 1811
$min = '';
+ − 1812
if(isset($vars['sidebar_top']))
+ − 1813
{
+ − 1814
$min .= $this->parse($vars['sidebar_top']);
+ − 1815
}
+ − 1816
if(isset($vars['sidebar_bottom']))
+ − 1817
{
+ − 1818
$min .= $this->parse($vars['sidebar_bottom']);
+ − 1819
}
+ − 1820
return Array($left, $right, $min);
+ − 1821
}
+ − 1822
+ − 1823
function initLinksWidget()
+ − 1824
{
+ − 1825
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1826
// SourceForge/W3C buttons
+ − 1827
$ob = Array();
27
dd659f6ba891
Converting all tables on new installations to UTF-8; this may break MySQL 4.0 compatibility; several minor cosmetic fixes; set Powered button under Links to "on" by default
Dan
diff
changeset
+ − 1828
$admintitle = ( $session->user_level >= USER_LEVEL_ADMIN ) ? 'title="You may disable this button in the admin panel under General Configuration."' : '';
1
+ − 1829
if(getConfig('sflogo_enabled')=='1')
+ − 1830
{
203
+ − 1831
$sflogo_secure = ( isset($_SERVER['HTTPS']) ) ? 'https' : 'http';
+ − 1832
$ob[] = '<a style="text-align: center;" href="http://sourceforge.net/" onclick="if ( !KILL_SWITCH ) { window.open(this.href);return false; }"><img style="border-width: 0px;" alt="SourceForge.net Logo" src="' . $sflogo_secure . '://sflogo.sourceforge.net/sflogo.php?group_id='.getConfig('sflogo_groupid').'&type='.getConfig('sflogo_type').'" /></a>';
1
+ − 1833
}
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 1834
if(getConfig('w3c_v32') =='1') $ob[] = '<a style="text-align: center;" href="http://validator.w3.org/check?uri=referer" onclick="if ( !KILL_SWITCH ) { window.open(this.href);return false; }"><img style="border: 0px solid #FFFFFF;" alt="Valid HTML 3.2" src="http://www.w3.org/Icons/valid-html32" /></a>';
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 1835
if(getConfig('w3c_v40') =='1') $ob[] = '<a style="text-align: center;" href="http://validator.w3.org/check?uri=referer" onclick="if ( !KILL_SWITCH ) { window.open(this.href);return false; }"><img style="border: 0px solid #FFFFFF;" alt="Valid HTML 4.0" src="http://www.w3.org/Icons/valid-html40" /></a>';
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 1836
if(getConfig('w3c_v401') =='1') $ob[] = '<a style="text-align: center;" href="http://validator.w3.org/check?uri=referer" onclick="if ( !KILL_SWITCH ) { window.open(this.href);return false; }"><img style="border: 0px solid #FFFFFF;" alt="Valid HTML 4.01" src="http://www.w3.org/Icons/valid-html401" /></a>';
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 1837
if(getConfig('w3c_vxhtml10')=='1') $ob[] = '<a style="text-align: center;" href="http://validator.w3.org/check?uri=referer" onclick="if ( !KILL_SWITCH ) { window.open(this.href);return false; }"><img style="border: 0px solid #FFFFFF;" alt="Valid XHTML 1.0" src="http://www.w3.org/Icons/valid-xhtml10" /></a>';
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 1838
if(getConfig('w3c_vxhtml11')=='1') $ob[] = '<a style="text-align: center;" href="http://validator.w3.org/check?uri=referer" onclick="if ( !KILL_SWITCH ) { window.open(this.href);return false; }"><img style="border: 0px solid #FFFFFF;" alt="Valid XHTML 1.1" src="http://www.w3.org/Icons/valid-xhtml11" /></a>';
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 1839
if(getConfig('w3c_vcss') =='1') $ob[] = '<a style="text-align: center;" href="http://validator.w3.org/check?uri=referer" onclick="if ( !KILL_SWITCH ) { window.open(this.href);return false; }"><img style="border: 0px solid #FFFFFF;" alt="Valid CSS" src="http://www.w3.org/Icons/valid-css" /></a>';
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 1840
if(getConfig('dbd_button') =='1') $ob[] = '<a style="text-align: center;" href="http://www.defectivebydesign.org/join/button" onclick="if ( !KILL_SWITCH ) { window.open(this.href);return false; }"><img style="border: 0px solid #FFFFFF;" alt="DRM technology restricts what you can do with your computer" src="http://defectivebydesign.org/sites/nodrm.civicactions.net/files/images/dbd_sm_btn.gif" /><br /><small>Protect your freedom >></small></a>';
1
+ − 1841
+ − 1842
$code = $plugins->setHook('links_widget');
+ − 1843
foreach ( $code as $cmd )
+ − 1844
{
+ − 1845
eval($cmd);
+ − 1846
}
+ − 1847
71
+ − 1848
if(count($ob) > 0 || getConfig('powered_btn') == '1') $sb_links = '<div style="text-align: center; padding: 5px 0;">'. ( ( getConfig('powered_btn') == '1' ) ? $this->fading_button : '' ) . implode('<br />', $ob).'</div>';
1
+ − 1849
else $sb_links = '';
+ − 1850
+ − 1851
$this->sidebar_widget('Links', $sb_links);
+ − 1852
}
+ − 1853
+ − 1854
/**
+ − 1855
* Builds a box showing unread private messages.
+ − 1856
*/
+ − 1857
+ − 1858
function notify_unread_pms()
+ − 1859
{
+ − 1860
global $db, $session, $paths, $template, $plugins; // Common objects
322
+ − 1861
if ( ( $paths->page_id == 'PrivateMessages' || $paths->page_id == 'Preferences' ) && $paths->namespace == 'Special' )
1
+ − 1862
{
+ − 1863
return '';
+ − 1864
}
+ − 1865
$ob = '<div class="usermessage">'."\n";
+ − 1866
$s = ( $session->unread_pms == 1 ) ? '' : 's';
+ − 1867
$ob .= " <b>You have $session->unread_pms <a href=" . '"' . makeUrlNS('Special', 'PrivateMessages' ) . '"' . ">unread private message$s</a>.</b><br />\n Messages: ";
+ − 1868
$q = $db->sql_query('SELECT message_id,message_from,subject,date FROM '.table_prefix.'privmsgs WHERE message_to=\'' . $session->username . '\' AND message_read=0 ORDER BY date DESC;');
+ − 1869
if ( !$q )
+ − 1870
$db->_die();
+ − 1871
$messages = array();
+ − 1872
while ( $row = $db->fetchrow() )
+ − 1873
{
345
4ccdfeee9a11
WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
diff
changeset
+ − 1874
$messages[] = '<a href="' . makeUrlNS('Special', 'PrivateMessages/View/' . $row['message_id']) . '" title="Sent ' . enano_date('F d, Y h:i a', $row['date']) . ' by ' . $row['message_from'] . '">' . $row['subject'] . '</a>';
1
+ − 1875
}
+ − 1876
$ob .= implode(",\n " , $messages)."\n";
+ − 1877
$ob .= '</div>'."\n";
+ − 1878
return $ob;
+ − 1879
}
+ − 1880
+ − 1881
} // class template
+ − 1882
+ − 1883
/**
533
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1884
* The core of the template compilation engine. Independent from the Enano API for failsafe operation.
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1885
* @param string text to process
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1886
* @return string Compiled PHP code
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1887
* @access private
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1888
*/
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1889
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1890
function template_compiler_core($text)
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1891
{
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1892
global $db, $session, $paths, $template, $plugins; // Common objects
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1893
// A random seed used to salt tags
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1894
$seed = md5 ( microtime() . mt_rand() );
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1895
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1896
// Strip out PHP sections
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1897
preg_match_all('/<\?php(.+?)\?>/is', $text, $php_matches);
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1898
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1899
foreach ( $php_matches[0] as $i => $match )
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1900
{
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1901
// Substitute the PHP section with a random tag
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1902
$tag = "{PHP:$i:$seed}";
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1903
$text = str_replace_once($match, $tag, $text);
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1904
}
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1905
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1906
// Escape slashes and single quotes in template code
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1907
$text = str_replace('\\', '\\\\', $text);
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1908
$text = str_replace('\'', '\\\'', $text);
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1909
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1910
// Initialize the PHP compiled code
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1911
$text = 'ob_start(); echo \''.$text.'\'; $tpl_code = ob_get_contents(); ob_end_clean(); return $tpl_code;';
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1912
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1913
##
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1914
## Main rules
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1915
##
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1916
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1917
//
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1918
// Conditionals
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1919
//
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1920
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1921
$keywords = array('BEGIN', 'BEGINNOT', 'IFSET', 'IFPLUGIN');
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1922
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1923
// only do this if the plugins API is loaded
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1924
if ( is_object(@$plugins) )
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1925
{
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1926
$code = $plugins->setHook('template_compile_logic_keyword');
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1927
foreach ( $code as $cmd )
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1928
{
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1929
eval($cmd);
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1930
}
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1931
}
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1932
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1933
$keywords = implode('|', $keywords);
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1934
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1935
// Matches
534
+ − 1936
// 1 2 3 4 56 7 8 9
+ − 1937
$regexp = '/(<!-- ('. $keywords .') ([A-z0-9_-]+) -->)(.*)((<!-- BEGINELSE \\3 -->)(.*))?(<!-- END(IF)? \\3 -->)/isU';
533
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1938
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1939
/*
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1940
The way this works is: match all blocks using the standard form with a different keyword in the block each time,
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1941
and replace them with appropriate PHP logic. Plugin-extensible now. :-)
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1942
*/
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1943
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1944
profiler_log("[template] compiler matchout start");
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1945
preg_match_all($regexp, $text, $matches);
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1946
profiler_log("[template] compiler core loop start");
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1947
for ( $i = 0; $i < count($matches[0]); $i++ )
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1948
{
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1949
$start_tag =& $matches[1][$i];
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1950
$type =& $matches[2][$i];
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1951
$test =& $matches[3][$i];
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1952
$particle_true =& $matches[4][$i];
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1953
$else_tag =& $matches[6][$i];
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1954
$particle_else =& $matches[7][$i];
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1955
$end_tag =& $matches[8][$i];
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1956
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1957
switch($type)
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1958
{
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1959
case 'BEGIN':
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1960
$cond = "isset(\$this->tpl_bool['$test']) && \$this->tpl_bool['$test']";
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1961
break;
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1962
case 'BEGINNOT':
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1963
$cond = "!isset(\$this->tpl_bool['$test']) || ( isset(\$this->tpl_bool['$test']) && !\$this->tpl_bool['$test'] )";
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1964
break;
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1965
case 'IFPLUGIN':
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1966
$cond = "getConfig('plugin_$test') == '1'";
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1967
break;
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1968
case 'IFSET':
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1969
$cond = "isset(\$this->tpl_strings['$test'])";
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1970
break;
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1971
default:
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1972
// only do this if the plugins API is loaded
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1973
if ( is_object(@$plugins) )
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1974
{
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1975
$code = $plugins->setHook('template_compile_logic_cond');
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1976
foreach ( $code as $cmd )
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1977
{
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1978
eval($cmd);
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1979
}
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1980
}
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1981
break;
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1982
}
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1983
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1984
if ( !isset($cond) || ( isset($cond) && !is_string($cond) ) )
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1985
continue;
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1986
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1987
$tag_complete = <<<TPLCODE
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1988
';
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1989
/* START OF CONDITION: $type ($test) */
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1990
if ( $cond )
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1991
{
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1992
echo '$particle_true';
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1993
/* ELSE OF CONDITION: $type ($test) */
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1994
}
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1995
else
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1996
{
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1997
echo '$particle_else';
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1998
/* END OF CONDITION: $type ($test) */
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 1999
}
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2000
echo '
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2001
TPLCODE;
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2002
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2003
$text = str_replace_once($matches[0][$i], $tag_complete, $text);
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2004
}
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2005
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2006
profiler_log("[template] compiler core loop end");
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2007
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2008
// For debugging ;-)
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2009
// die("<pre><?php\n" . htmlspecialchars($text."\n\n".print_r($matches,true)) . "\n\n?></pre>");
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2010
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2011
//
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2012
// Data substitution/variables
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2013
//
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2014
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2015
// System messages
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2016
$text = preg_replace('/<!-- SYSMSG ([A-z0-9\._-]+?) -->/is', '\' . $template->tplWikiFormat($paths->sysMsg(\'\\1\')) . \'', $text);
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2017
534
+ − 2018
// only do this if the plugins API is loaded
+ − 2019
if ( is_object(@$plugins) )
+ − 2020
{
+ − 2021
$code = $plugins->setHook('template_compile_subst');
+ − 2022
foreach ( $code as $cmd )
+ − 2023
{
+ − 2024
eval($cmd);
+ − 2025
}
+ − 2026
}
+ − 2027
533
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2028
// Template variables
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2029
$text = preg_replace('/\{([A-z0-9_-]+?)\}/is', '\' . $this->tpl_strings[\'\\1\'] . \'', $text);
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2030
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2031
// Reinsert PHP
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2032
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2033
foreach ( $php_matches[1] as $i => $match )
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2034
{
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2035
// Substitute the random tag with the "real" PHP code
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2036
$tag = "{PHP:$i:$seed}";
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2037
$text = str_replace_once($tag, "'; $match echo '", $text);
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2038
}
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2039
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2040
// echo('<pre>' . htmlspecialchars($text) . '</pre>');
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2041
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2042
profiler_log("[template] compiler subst end");
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2043
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2044
return $text;
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2045
}
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2046
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2047
/**
1
+ − 2048
* Handles parsing of an individual template file. Instances should only be created through $template->makeParser(). To use:
+ − 2049
* - Call $template->makeParser(template file name) - file name should be something.tpl, css/whatever.css, etc.
+ − 2050
* - Make an array of strings you want the template to access. $array['STRING'] would be referenced in the template like {STRING}
+ − 2051
* - Make an array of boolean values. These can be used for conditionals in the template (<!-- IF something --> whatever <!-- ENDIF something -->)
+ − 2052
* - Call assign_vars() to pass the strings to the template parser. Same thing with assign_bool().
+ − 2053
* - Call run() to parse the template and get your fully compiled HTML.
+ − 2054
* @access private
+ − 2055
*/
+ − 2056
533
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2057
class templateIndividual extends template
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2058
{
1
+ − 2059
var $tpl_strings, $tpl_bool, $tpl_code;
+ − 2060
var $compiled = false;
+ − 2061
/**
+ − 2062
* Constructor.
+ − 2063
*/
+ − 2064
function __construct($text)
+ − 2065
{
+ − 2066
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 2067
$this->tpl_code = $text;
+ − 2068
$this->tpl_strings = $template->tpl_strings;
+ − 2069
$this->tpl_bool = $template->tpl_bool;
+ − 2070
}
+ − 2071
/**
345
4ccdfeee9a11
WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
diff
changeset
+ − 2072
* PHP 4 constructor. Deprecated in 1.1.x.
1
+ − 2073
*/
345
4ccdfeee9a11
WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
diff
changeset
+ − 2074
/*
1
+ − 2075
function templateIndividual($text)
+ − 2076
{
+ − 2077
$this->__construct($text);
+ − 2078
}
345
4ccdfeee9a11
WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
diff
changeset
+ − 2079
*/
1
+ − 2080
/**
+ − 2081
* Assigns an array of string values to the template. Strings can be accessed from the template by inserting {KEY_NAME} in the template file.
+ − 2082
* @param $vars array
+ − 2083
*/
+ − 2084
function assign_vars($vars)
+ − 2085
{
+ − 2086
$this->tpl_strings = array_merge($this->tpl_strings, $vars);
+ − 2087
}
+ − 2088
/**
+ − 2089
* Assigns an array of boolean values to the template. These can be used for <!-- IF ... --> statements.
+ − 2090
* @param $vars array
+ − 2091
*/
+ − 2092
function assign_bool($vars)
+ − 2093
{
+ − 2094
$this->tpl_bool = array_merge($this->tpl_bool, $vars);
+ − 2095
}
+ − 2096
/**
+ − 2097
* Compiles and executes the template code.
+ − 2098
* @return string
+ − 2099
*/
+ − 2100
function run()
+ − 2101
{
+ − 2102
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 2103
if(!$this->compiled)
+ − 2104
{
+ − 2105
$this->tpl_code = $this->compile_template_text($this->tpl_code);
+ − 2106
$this->compiled = true;
+ − 2107
}
+ − 2108
return eval($this->tpl_code);
+ − 2109
}
+ − 2110
}
+ − 2111
+ − 2112
/**
+ − 2113
* A version of the template compiler that does not rely at all on the other parts of Enano. Used during installation and for showing
+ − 2114
* "critical error" messages. ** REQUIRES ** the Oxygen theme.
+ − 2115
*/
+ − 2116
286
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 2117
class template_nodb
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 2118
{
533
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2119
var $fading_button, $tpl_strings, $tpl_bool, $theme, $style, $no_headers, $additional_headers, $sidebar_extra, $sidebar_widgets, $toolbar_menu, $theme_list, $named_theme_list;
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2120
function __construct()
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2121
{
1
+ − 2122
$this->tpl_bool = Array();
+ − 2123
$this->tpl_strings = Array();
+ − 2124
$this->sidebar_extra = '';
+ − 2125
$this->sidebar_widgets = '';
+ − 2126
$this->toolbar_menu = '';
272
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
diff
changeset
+ − 2127
$this->additional_headers = '<style type="text/css">div.pagenav { border-top: 1px solid #CCC; padding-top: 7px; margin-top: 10px; }</style>';
1
+ − 2128
276
acfdccf7a2bf
Re-sync Oxygen and Mint and Oxygen simple with Oxygen main; a couple improvements to the redirect-on-no-config code
Dan
diff
changeset
+ − 2129
$this->fading_button = '<div style="background-image: url('.scriptPath.'/images/about-powered-enano-hover.png); background-repeat: no-repeat; width: 88px; height: 31px; margin: 0 auto 5px auto;">
acfdccf7a2bf
Re-sync Oxygen and Mint and Oxygen simple with Oxygen main; a couple improvements to the redirect-on-no-config code
Dan
diff
changeset
+ − 2130
<a href="http://enanocms.org/" onclick="window.open(this.href); return false;"><img style="border-width: 0;" alt=" " src="'.scriptPath.'/images/about-powered-enano.png" onmouseover="domOpacity(this, 100, 0, 500);" onmouseout="domOpacity(this, 0, 100, 500);" /></a>
acfdccf7a2bf
Re-sync Oxygen and Mint and Oxygen simple with Oxygen main; a couple improvements to the redirect-on-no-config code
Dan
diff
changeset
+ − 2131
</div>';
acfdccf7a2bf
Re-sync Oxygen and Mint and Oxygen simple with Oxygen main; a couple improvements to the redirect-on-no-config code
Dan
diff
changeset
+ − 2132
533
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2133
// get list of themes
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2134
$this->theme_list = array();
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2135
$this->named_theme_list = array();
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2136
$order = 0;
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2137
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2138
if ( $dir = @opendir( ENANO_ROOT . '/themes' ) )
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2139
{
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2140
while ( $dh = @readdir($dir) )
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2141
{
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2142
if ( $dh == '.' || $dh == '..' || !is_dir( ENANO_ROOT . "/themes/$dh" ) )
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2143
continue;
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2144
$theme_dir = ENANO_ROOT . "/themes/$dh";
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2145
if ( !file_exists("$theme_dir/theme.cfg") )
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2146
continue;
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2147
$data = array(
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2148
'theme_id' => $dh,
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2149
'theme_name' => ucwords($dh),
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2150
'enabled' => 1,
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2151
'theme_order' => ++$order,
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2152
'default_style' => $this->get_default_style($dh)
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2153
);
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2154
$this->named_theme_list[$dh] = $data;
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2155
$this->theme_list[] =& $this->named_theme_list[$dh];
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2156
}
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2157
@closedir($dir);
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2158
}
1
+ − 2159
}
+ − 2160
function template() {
+ − 2161
$this->__construct();
+ − 2162
}
533
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2163
function get_default_style($theme_id)
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2164
{
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2165
if ( !is_dir( ENANO_ROOT . "/themes/$theme_id/css" ) )
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2166
return false;
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2167
$ds = false;
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2168
if ( $dh = @opendir( ENANO_ROOT . "/themes/$theme_id/css" ) )
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2169
{
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2170
while ( $dir = @readdir($dh) )
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2171
{
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2172
if ( !preg_match('/\.css$/', $dir) )
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2173
continue;
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2174
if ( $dir == '_printable.css' )
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2175
continue;
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2176
$ds = preg_replace('/\.css$/', '', $dir);
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2177
break;
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2178
}
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2179
closedir($dh);
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2180
}
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2181
else
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2182
{
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2183
return false;
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2184
}
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2185
return $ds;
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2186
}
1
+ − 2187
function get_css($s = false) {
+ − 2188
if($s)
+ − 2189
return $this->process_template('css/'.$s);
+ − 2190
else
+ − 2191
return $this->process_template('css/'.$this->style.'.css');
+ − 2192
}
533
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2193
function load_theme($name, $css, $auto_init = true)
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2194
{
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2195
if ( !isset($this->named_theme_list[$name]) )
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2196
$name = $this->theme_list[0]['theme_id'];
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2197
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2198
if ( !file_exists(ENANO_ROOT . "/themes/$name/css/$css.css") )
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2199
$css = $this->named_theme_list[$name]['default_style'];
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2200
1
+ − 2201
$this->theme = $name;
+ − 2202
$this->style = $css;
+ − 2203
+ − 2204
$this->tpl_strings['SCRIPTPATH'] = scriptPath;
+ − 2205
if ( $auto_init )
+ − 2206
$this->init_vars();
+ − 2207
}
272
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
diff
changeset
+ − 2208
function add_header($html)
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
diff
changeset
+ − 2209
{
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
diff
changeset
+ − 2210
$this->additional_headers .= "\n<!-- ----------------------------------------------------------- -->\n\n " . $html;
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
diff
changeset
+ − 2211
}
1
+ − 2212
function init_vars()
+ − 2213
{
+ − 2214
global $sideinfo;
+ − 2215
global $this_page;
243
+ − 2216
global $lang;
1
+ − 2217
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 2218
$tplvars = $this->extract_vars('elements.tpl');
+ − 2219
$tb = '';
+ − 2220
// Get the "article" button text (depends on namespace)
355
+ − 2221
if(defined('IN_ENANO_INSTALL') && is_object($lang)) $ns = $lang->get('meta_btn_article');
1
+ − 2222
else $ns = 'system error page';
243
+ − 2223
$t = str_replace('{FLAGS}', 'onclick="return false;" title="Hey! A button that doesn\'t do anything. Clever..." accesskey="a"', $tplvars['toolbar_button']);
1
+ − 2224
$t = str_replace('{HREF}', '#', $t);
+ − 2225
$t = str_replace('{TEXT}', $ns, $t);
+ − 2226
$tb .= $t;
+ − 2227
+ − 2228
// Page toolbar
+ − 2229
+ − 2230
$this->tpl_bool = Array(
+ − 2231
'auth_admin'=>true,
+ − 2232
'user_logged_in'=>true,
+ − 2233
'right_sidebar'=>false,
+ − 2234
);
+ − 2235
$this->tpl_bool['in_sidebar_admin'] = false;
+ − 2236
+ − 2237
$this->tpl_bool['auth_rename'] = false;
+ − 2238
+ − 2239
$asq = $asa = '';
+ − 2240
+ − 2241
$this->tpl_bool['fixed_menus'] = false;
+ − 2242
$slink = defined('IN_ENANO_INSTALL') ? scriptPath.'/install.php?mode=css' : makeUrlNS('Special', 'CSS');
+ − 2243
+ − 2244
$title = ( is_object($paths) ) ? $paths->page : 'Critical error';
+ − 2245
243
+ − 2246
$headers = '<style type="text/css">div.pagenav { border-top: 1px solid #CCC; padding-top: 7px; margin-top: 10px; }</style>';
244
+ − 2247
+ − 2248
$js_dynamic = '';
243
+ − 2249
if ( defined('IN_ENANO_INSTALL') )
+ − 2250
{
244
+ − 2251
$js_dynamic .= '<script type="text/javascript" src="install.php?mode=langjs"></script>';
243
+ − 2252
}
244
+ − 2253
$js_dynamic .= '<script type="text/javascript">var title="'. $title .'"; var scriptPath="'.scriptPath.'"; var ENANO_SID=""; var AES_BITS='.AES_BITS.'; var AES_BLOCKSIZE=' . AES_BLOCKSIZE . '; var pagepass=\'\'; var ENANO_LANG_ID = 1;</script>';
243
+ − 2254
533
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2255
global $site_name, $site_desc;
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2256
$site_default_name = ( !empty($site_name) ) ? $site_name : 'Critical error';
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2257
$site_default_desc = ( !empty($site_desc) ) ? $site_desc : 'This site is experiencing a problem and cannot load.';
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2258
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2259
$site_name_final = ( defined('IN_ENANO_INSTALL') && is_object($lang) ) ? $lang->get('meta_site_name') : $site_default_name;
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2260
$site_desc_final = ( defined('IN_ENANO_INSTALL') && is_object($lang) ) ? $lang->get('meta_site_desc') : $site_default_desc;
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2261
1
+ − 2262
// The rewritten template engine will process all required vars during the load_template stage instead of (cough) re-processing everything each time around.
+ − 2263
$tpl_strings = Array(
+ − 2264
'PAGE_NAME'=>$this_page,
+ − 2265
'PAGE_URLNAME'=>'Null',
533
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2266
'SITE_NAME' => $site_name_final,
1
+ − 2267
'USERNAME'=>'admin',
533
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2268
'SITE_DESC' => $site_desc_final,
1
+ − 2269
'TOOLBAR'=>$tb,
+ − 2270
'SCRIPTPATH'=>scriptPath,
+ − 2271
'CONTENTPATH'=>contentPath,
+ − 2272
'ADMIN_SID_QUES'=>$asq,
+ − 2273
'ADMIN_SID_AMP'=>$asa,
+ − 2274
'ADMIN_SID_AMP_HTML'=>'',
272
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
diff
changeset
+ − 2275
'ADDITIONAL_HEADERS'=>$this->additional_headers,
1
+ − 2276
'SIDEBAR_EXTRA'=>'',
355
+ − 2277
'COPYRIGHT'=>( defined('IN_ENANO_INSTALL') && is_object($lang) ) ? $lang->get('meta_enano_copyright') : ( defined('ENANO_CONFIG_FETCHED') ? getConfig('copyright_notice') : '' ),
1
+ − 2278
'TOOLBAR_EXTRAS'=>'',
125
+ − 2279
'REQUEST_URI'=>( isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : '' ).$_SERVER['REQUEST_URI'],
1
+ − 2280
'STYLE_LINK'=>$slink,
+ − 2281
'LOGOUT_LINK'=>'',
+ − 2282
'THEME_LINK'=>'',
+ − 2283
'TEMPLATE_DIR'=>scriptPath.'/themes/'.$this->theme,
+ − 2284
'THEME_ID'=>$this->theme,
+ − 2285
'STYLE_ID'=>$this->style,
244
+ − 2286
'JS_DYNAMIC_VARS'=>$js_dynamic,
1
+ − 2287
'SIDEBAR_RIGHT'=>'',
377
bb3e6c3bd4f4
Removed stray debugging info from ACL editor success notification; added ability for guests to set language on URI (?lang=eng); added html_in_pages ACL type and separated from php_in_pages so HTML can be embedded but not PHP; rewote portions of the path manager to better abstract URL input; added Zend Framework into list of BSD-licensed libraries; localized some remaining strings; got the migration script working, but just barely; fixed display bug in Special:Contributions; localized Main Page button in admin panel
Dan
diff
changeset
+ − 2288
'REPORT_URI' => '',
bb3e6c3bd4f4
Removed stray debugging info from ACL editor success notification; added ability for guests to set language on URI (?lang=eng); added html_in_pages ACL type and separated from php_in_pages so HTML can be embedded but not PHP; rewote portions of the path manager to better abstract URL input; added Zend Framework into list of BSD-licensed libraries; localized some remaining strings; got the migration script working, but just barely; fixed display bug in Special:Contributions; localized Main Page button in admin panel
Dan
diff
changeset
+ − 2289
'URL_ABOUT_ENANO' => 'http://enanocms.org/'
1
+ − 2290
);
+ − 2291
$this->tpl_strings = array_merge($tpl_strings, $this->tpl_strings);
+ − 2292
533
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2293
$sidebar = ( is_array(@$sideinfo) ) ? $sideinfo : '';
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2294
if ( $sidebar != '' )
1
+ − 2295
{
533
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2296
if ( isset($tplvars['sidebar_top']) )
1
+ − 2297
{
+ − 2298
$text = $this->makeParserText($tplvars['sidebar_top']);
+ − 2299
$top = $text->run();
533
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2300
}
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2301
else
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2302
{
1
+ − 2303
$top = '';
+ − 2304
}
533
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2305
1
+ − 2306
$p = $this->makeParserText($tplvars['sidebar_section']);
533
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2307
$b = $this->makeParserText($tplvars['sidebar_button']);
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2308
$sidebar_text = '';
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2309
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2310
foreach ( $sidebar as $title => $links )
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2311
{
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2312
$p->assign_vars(array(
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2313
'TITLE' => $title
1
+ − 2314
));
533
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2315
// build content
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2316
$content = '';
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2317
foreach ( $links as $link_text => $url )
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2318
{
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2319
$b->assign_vars(array(
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2320
'HREF' => htmlspecialchars($url),
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2321
'FLAGS' => '',
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2322
'TEXT' => $link_text
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2323
));
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2324
$content .= $b->run();
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2325
}
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2326
$p->assign_vars(array(
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2327
'CONTENT' => $content
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2328
));
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2329
$sidebar_text .= $p->run();
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2330
}
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2331
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2332
if ( isset($tplvars['sidebar_bottom']) )
1
+ − 2333
{
+ − 2334
$text = $this->makeParserText($tplvars['sidebar_bottom']);
+ − 2335
$bottom = $text->run();
533
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2336
}
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2337
else
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2338
{
1
+ − 2339
$bottom = '';
+ − 2340
}
533
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2341
$sidebar = $top . $sidebar_text . $bottom;
1
+ − 2342
}
+ − 2343
$this->tpl_strings['SIDEBAR_LEFT'] = $sidebar;
+ − 2344
+ − 2345
$this->tpl_bool['sidebar_left'] = ( $this->tpl_strings['SIDEBAR_LEFT'] != '') ? true : false;
+ − 2346
$this->tpl_bool['sidebar_right'] = ( $this->tpl_strings['SIDEBAR_RIGHT'] != '') ? true : false;
+ − 2347
$this->tpl_bool['right_sidebar'] = $this->tpl_bool['sidebar_right']; // backward compatibility
+ − 2348
$this->tpl_bool['stupid_mode'] = true;
+ − 2349
}
272
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
diff
changeset
+ − 2350
function header($simple = false)
1
+ − 2351
{
272
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
diff
changeset
+ − 2352
$filename = ( $simple ) ? 'simple-header.tpl' : 'header.tpl';
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
diff
changeset
+ − 2353
if ( !$this->no_headers )
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
diff
changeset
+ − 2354
{
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
diff
changeset
+ − 2355
echo $this->process_template($filename);
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
diff
changeset
+ − 2356
}
1
+ − 2357
}
272
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
diff
changeset
+ − 2358
function footer($simple = false)
1
+ − 2359
{
+ − 2360
global $db, $session, $paths, $template, $plugins; // Common objects
391
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2361
global $lang;
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2362
1
+ − 2363
if(!$this->no_headers) {
+ − 2364
global $_starttime;
91
+ − 2365
391
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2366
$filename = ( $simple ) ? 'simple-footer.tpl' : 'footer.tpl';
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2367
$t = $this->process_template($filename);
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2368
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2369
$f = microtime_float();
1
+ − 2370
$f = $f - $_starttime;
+ − 2371
$f = round($f, 4);
391
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2372
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2373
if ( is_object($lang) )
98
6457a9b983c6
Fixed non-object reference in databaseless template, added locking for Javascript paginator, made comments on AES key size more clear in constants, and disallowed "anonymous" and IP addresses for admin username in install.php; Loch Ness release candidate
Dan
diff
changeset
+ − 2374
{
391
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2375
$t_loc = $lang->get('page_msg_stats_gentime_short', array('time' => $f));
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2376
$t_loc_long = $lang->get('page_msg_stats_gentime_long', array('time' => $f));
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2377
$q_loc = '<a href="' . $this->tpl_strings['REPORT_URI'] . '">' . $lang->get('page_msg_stats_sql', array('nq' => ( is_object($db) ? $db->num_queries : 'N/A' ))) . '</a>';
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2378
$dbg = $t_loc;
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2379
$dbg_long = $t_loc_long;
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2380
if ( $session->user_level >= USER_LEVEL_ADMIN )
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2381
{
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2382
$dbg .= " | $q_loc";
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2383
$dbg_long .= " | $q_loc";
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2384
}
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2385
$t = str_replace('[[EnanoPoweredLink]]', $lang->get('page_enano_powered', array('about_uri' => $this->tpl_strings['URL_ABOUT_ENANO'])), $t);
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2386
$t = str_replace('[[EnanoPoweredLinkLong]]', $lang->get('page_enano_powered_long', array('about_uri' => $this->tpl_strings['URL_ABOUT_ENANO'])), $t);
98
6457a9b983c6
Fixed non-object reference in databaseless template, added locking for Javascript paginator, made comments on AES key size more clear in constants, and disallowed "anonymous" and IP addresses for admin username in install.php; Loch Ness release candidate
Dan
diff
changeset
+ − 2387
}
6457a9b983c6
Fixed non-object reference in databaseless template, added locking for Javascript paginator, made comments on AES key size more clear in constants, and disallowed "anonymous" and IP addresses for admin username in install.php; Loch Ness release candidate
Dan
diff
changeset
+ − 2388
else
6457a9b983c6
Fixed non-object reference in databaseless template, added locking for Javascript paginator, made comments on AES key size more clear in constants, and disallowed "anonymous" and IP addresses for admin username in install.php; Loch Ness release candidate
Dan
diff
changeset
+ − 2389
{
391
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2390
$t_loc = "Time: {$f}s";
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2391
$t_loc_long = "Generated in {$f}sec";
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2392
$q_loc = '<a href="' . $this->tpl_strings['REPORT_URI'] . '">' . ( is_object($db) ? "{$db->num_queries} SQL" : 'Queries: N/A' ) . '</a>';
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2393
$dbg = $t_loc;
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2394
$dbg_long = $t_loc_long;
484
+ − 2395
if ( is_object($session) )
391
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2396
{
484
+ − 2397
if ( $session->user_level >= USER_LEVEL_ADMIN )
+ − 2398
{
+ − 2399
$dbg .= " | $q_loc";
+ − 2400
$dbg_long .= " | $q_loc";
+ − 2401
}
391
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2402
}
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2403
$t = str_replace('[[EnanoPoweredLink]]', 'Powered by <a href="http://enanocms.org/" onclick="window.open(this.href); return false;">Enano</a>', $t);
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2404
$t = str_replace('[[EnanoPoweredLinkLong]]', 'Website engine powered by <a href="http://enanocms.org/" onclick="window.open(this.href); return false;">Enano</a>', $t);
98
6457a9b983c6
Fixed non-object reference in databaseless template, added locking for Javascript paginator, made comments on AES key size more clear in constants, and disallowed "anonymous" and IP addresses for admin username in install.php; Loch Ness release candidate
Dan
diff
changeset
+ − 2405
}
391
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2406
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2407
$t = str_replace('[[Stats]]', $dbg, $t);
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2408
$t = str_replace('[[StatsLong]]', $dbg_long, $t);
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2409
$t = str_replace('[[NumQueries]]', ( is_object($db) ? (string)$db->num_queries : '0' ), $t);
91
+ − 2410
$t = str_replace('[[GenTime]]', (string)$f, $t);
391
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2411
$t = str_replace('[[NumQueriesLoc]]', $q_loc, $t);
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2412
$t = str_replace('[[GenTimeLoc]]', $t_loc, $t);
91
+ − 2413
533
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2414
if ( defined('ENANO_DEBUG') )
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2415
$t = str_replace('</body>', '<div id="profile" style="margin: 10px;">' . profiler_make_html() . '</div></body>', $t);
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2416
1
+ − 2417
echo $t;
+ − 2418
}
+ − 2419
else return '';
+ − 2420
}
+ − 2421
function getHeader()
+ − 2422
{
+ − 2423
if(!$this->no_headers) return $this->process_template('header.tpl');
+ − 2424
else return '';
+ − 2425
}
+ − 2426
function getFooter()
+ − 2427
{
+ − 2428
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 2429
if(!$this->no_headers) {
+ − 2430
global $_starttime;
+ − 2431
$f = microtime(true);
+ − 2432
$f = $f - $_starttime;
+ − 2433
$f = round($f, 4);
+ − 2434
if(defined('IN_ENANO_INSTALL')) $nq = 'N/A';
+ − 2435
else $nq = $db->num_queries;
+ − 2436
if($nq == 0) $nq = 'N/A';
+ − 2437
$dbg = 'Time: '.$f.'s | Queries: '.$nq;
+ − 2438
if($nq == 0) $nq = 'N/A';
+ − 2439
$t = $this->process_template('footer.tpl');
+ − 2440
$t = str_replace('[[Stats]]', $dbg, $t);
+ − 2441
return $t;
+ − 2442
}
+ − 2443
else return '';
+ − 2444
}
+ − 2445
533
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2446
function process_template($file)
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2447
{
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2448
profiler_log("[template_nodb] STARTED eval of file $file");
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2449
$compiled = $this->compile_template($file);
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2450
profiler_log("[template_nodb] COMPILED file $file");
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2451
$result = eval($compiled);
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2452
profiler_log("[template_nodb] FINISHED eval of file $file");
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2453
return $result;
1
+ − 2454
}
+ − 2455
+ − 2456
function extract_vars($file) {
+ − 2457
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 2458
if(!is_file(ENANO_ROOT . '/themes/'.$this->theme.'/'.$file)) die('Cannot find '.$file.' file for style "'.$this->theme.'", exiting');
+ − 2459
$text = file_get_contents(ENANO_ROOT . '/themes/'.$this->theme.'/'.$file);
+ − 2460
preg_match_all('#<\!-- VAR ([A-z0-9_-]*) -->(.*?)<\!-- ENDVAR \\1 -->#is', $text, $matches);
+ − 2461
$tplvars = Array();
+ − 2462
for($i=0;$i<sizeof($matches[1]);$i++)
+ − 2463
{
+ − 2464
$tplvars[$matches[1][$i]] = $matches[2][$i];
+ − 2465
}
+ − 2466
return $tplvars;
+ − 2467
}
533
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2468
function compile_template($text)
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2469
{
1
+ − 2470
$text = file_get_contents(ENANO_ROOT . '/themes/'.$this->theme.'/'.$text);
533
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2471
return $this->compile_template_text_post(template_compiler_core($text));
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2472
}
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2473
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2474
function compile_template_text($text)
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2475
{
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2476
return $this->compile_template_text_post(template_compiler_core($text));
1
+ − 2477
}
+ − 2478
533
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2479
/**
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2480
* Post-processor for template code. Basically what this does is it localizes {lang:foo} blocks.
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2481
* @param string Mostly-processed TPL code
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2482
* @return string
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2483
*/
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2484
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2485
function compile_template_text_post($text)
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2486
{
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2487
global $lang;
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2488
preg_match_all('/\{lang:([a-z0-9]+_[a-z0-9_]+)\}/', $text, $matches);
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2489
foreach ( $matches[1] as $i => $string_id )
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2490
{
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2491
if ( is_object(@$lang) )
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2492
{
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2493
$string = $lang->get($string_id);
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2494
}
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2495
else
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2496
{
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2497
$string = '[language not loaded]';
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2498
}
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2499
$string = str_replace('\\', '\\\\', $string);
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2500
$string = str_replace('\'', '\\\'', $string);
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2501
$text = str_replace_once($matches[0][$i], $string, $text);
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2502
}
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2503
return $text;
1
+ − 2504
}
+ − 2505
+ − 2506
/**
+ − 2507
* Allows individual parsing of template files. Similar to phpBB but follows the spirit of object-oriented programming ;)
+ − 2508
* Returns on object of class templateIndividual. Usage instructions can be found in the inline docs for that class.
+ − 2509
* @param $filename the filename of the template to be parsed
+ − 2510
* @return object
+ − 2511
*/
+ − 2512
+ − 2513
function makeParser($filename)
+ − 2514
{
+ − 2515
$filename = ENANO_ROOT.'/themes/'.$this->theme.'/'.$filename;
+ − 2516
if(!file_exists($filename)) die('templateIndividual: file '.$filename.' does not exist');
+ − 2517
$code = file_get_contents($filename);
+ − 2518
$parser = new templateIndividualSafe($code, $this);
+ − 2519
return $parser;
+ − 2520
}
+ − 2521
+ − 2522
/**
+ − 2523
* Same as $template->makeParser(), but takes a string instead of a filename.
+ − 2524
* @param $text the text to parse
+ − 2525
* @return object
+ − 2526
*/
+ − 2527
+ − 2528
function makeParserText($code)
+ − 2529
{
+ − 2530
$parser = new templateIndividualSafe($code, $this);
+ − 2531
return $parser;
+ − 2532
}
533
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2533
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2534
/**
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2535
* Assigns an array of string values to the template. Strings can be accessed from the template by inserting {KEY_NAME} in the template file.
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2536
* @param $vars array
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2537
*/
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2538
function assign_vars($vars)
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2539
{
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2540
if(is_array($this->tpl_strings))
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2541
$this->tpl_strings = array_merge($this->tpl_strings, $vars);
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2542
else
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2543
$this->tpl_strings = $vars;
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2544
}
1
+ − 2545
+ − 2546
} // class template_nodb
+ − 2547
+ − 2548
/**
+ − 2549
* Identical to templateIndividual, except extends template_nodb instead of template
+ − 2550
* @see class template
+ − 2551
*/
+ − 2552
533
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2553
class templateIndividualSafe extends template_nodb
698a8f04957c
Huge improvements to the template_nodb class and surrounding code; moved template compiler core to its own non-classed function to allow code re-use
Dan
diff
changeset
+ − 2554
{
1
+ − 2555
var $tpl_strings, $tpl_bool, $tpl_code;
+ − 2556
var $compiled = false;
+ − 2557
/**
+ − 2558
* Constructor.
+ − 2559
*/
+ − 2560
function __construct($text, $parent)
+ − 2561
{
+ − 2562
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 2563
$this->tpl_code = $text;
+ − 2564
$this->tpl_strings = $parent->tpl_strings;
+ − 2565
$this->tpl_bool = $parent->tpl_bool;
+ − 2566
}
+ − 2567
/**
+ − 2568
* PHP 4 constructor.
+ − 2569
*/
+ − 2570
function templateIndividual($text)
+ − 2571
{
+ − 2572
$this->__construct($text);
+ − 2573
}
+ − 2574
/**
+ − 2575
* Assigns an array of string values to the template. Strings can be accessed from the template by inserting {KEY_NAME} in the template file.
+ − 2576
* @param $vars array
+ − 2577
*/
+ − 2578
function assign_vars($vars)
+ − 2579
{
+ − 2580
if(is_array($this->tpl_strings))
+ − 2581
$this->tpl_strings = array_merge($this->tpl_strings, $vars);
+ − 2582
else
+ − 2583
$this->tpl_strings = $vars;
+ − 2584
}
+ − 2585
/**
+ − 2586
* Assigns an array of boolean values to the template. These can be used for <!-- IF ... --> statements.
+ − 2587
* @param $vars array
+ − 2588
*/
+ − 2589
function assign_bool($vars)
+ − 2590
{
+ − 2591
$this->tpl_bool = array_merge($this->tpl_bool, $vars);
+ − 2592
}
+ − 2593
/**
+ − 2594
* Compiles and executes the template code.
+ − 2595
* @return string
+ − 2596
*/
+ − 2597
function run()
+ − 2598
{
+ − 2599
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 2600
if(!$this->compiled)
+ − 2601
{
+ − 2602
$this->tpl_code = $this->compile_template_text($this->tpl_code);
+ − 2603
$this->compiled = true;
+ − 2604
}
+ − 2605
return eval($this->tpl_code);
+ − 2606
}
+ − 2607
}
+ − 2608
+ − 2609
?>