plugins/SpecialUserFuncs.php
author Dan Fuhry <dan@enanocms.org>
Thu, 01 Jul 2010 18:24:11 -0400
branch1.1.7-maintenance
changeset 1257 7365c9bf2106
parent 1158 e733f984c990
permissions -rw-r--r--
Integrated XSS patch for 1.1.7 maintenance branch
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
     1
<?php
519
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents: 517
diff changeset
     2
/**!info**
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents: 517
diff changeset
     3
{
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents: 517
diff changeset
     4
  "Plugin Name"  : "plugin_specialuserfuncs_title",
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents: 517
diff changeset
     5
  "Plugin URI"   : "http://enanocms.org/",
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents: 517
diff changeset
     6
  "Description"  : "plugin_specialuserfuncs_desc",
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents: 517
diff changeset
     7
  "Author"       : "Dan Fuhry",
960
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
     8
  "Version"      : "1.1.6",
519
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents: 517
diff changeset
     9
  "Author URI"   : "http://enanocms.org/"
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents: 517
diff changeset
    10
}
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents: 517
diff changeset
    11
**!*/
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    12
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    13
/*
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    14
 * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
1081
745200a9cc2a Fixed some upgrade bugs; added support for choosing one's own date/time formats; rebrand as 1.1.7
Dan
parents: 1032
diff changeset
    15
 * Copyright (C) 2006-2009 Dan Fuhry
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    16
 *
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    17
 * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    18
 * as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    19
 *
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    20
 * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    21
 * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    22
 */
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    23
 
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    24
global $db, $session, $paths, $template, $plugins; // Common objects
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    25
593
4f9bec0d65c1 More optimization work. Moved special page init functions to common instead of common_post hook. Allowed paths to cache page metadata on filesystem. Phased out the redundancy in $paths->pages that paired a number with every urlname as foreach loops are allowed now (and have been for some time). Fixed missing includes for several functions. Rewrote str_replace_once to be a lot more efficient.
Dan
parents: 591
diff changeset
    26
// $plugins->attachHook('session_started', 'SpecialUserFuncs_paths_init();');
590
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now
Dan
parents: 586
diff changeset
    27
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now
Dan
parents: 586
diff changeset
    28
function SpecialUserFuncs_paths_init()
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now
Dan
parents: 586
diff changeset
    29
{
960
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
    30
  register_special_page('Login', 'specialpage_log_in');
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
    31
  register_special_page('Logout', 'specialpage_log_out');
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
    32
  register_special_page('Register', 'specialpage_register');
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
    33
  register_special_page('Preferences', 'specialpage_preferences');
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
    34
  register_special_page('Contributions', 'specialpage_contributions');
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
    35
  register_special_page('ChangeStyle', 'specialpage_change_theme');
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
    36
  register_special_page('ActivateAccount', 'specialpage_activate_account');
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
    37
  register_special_page('Captcha', 'specialpage_captcha');
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
    38
  register_special_page('PasswordReset', 'specialpage_password_reset');
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
    39
  register_special_page('Memberlist', 'specialpage_member_list');
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
    40
  register_special_page('LangExportJSON', 'specialpage_language_export', false);
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
    41
  register_special_page('Avatar', 'specialpage_avatar', false);
590
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now
Dan
parents: 586
diff changeset
    42
}
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    43
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    44
// function names are IMPORTANT!!! The name pattern is: page_<namespace ID>_<page URLname, without namespace>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    45
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    46
$__login_status = '';
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    47
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    48
function page_Special_Login()
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    49
{
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    50
  global $db, $session, $paths, $template, $plugins; // Common objects
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    51
  global $login_result;
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    52
  global $lang, $output;
953
323c4cd1aa37 Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
parents: 912
diff changeset
    53
  
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    54
  // Determine which level we're going up to
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    55
  $level = ( isset($_GET['level']) && in_array($_GET['level'], array('0', '1', '2', '3', '4', '5', '6', '7', '8', '9') ) ) ? intval($_GET['level']) : USER_LEVEL_MEMBER;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    56
  if ( isset($_POST['login']) )
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    57
  {
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    58
    if ( in_array($_POST['level'], array('0', '1', '2', '3', '4', '5', '6', '7', '8', '9') ) )
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    59
    {
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    60
      $level = intval($_POST['level']);
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    61
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    62
  }
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    63
  // Don't allow going from guest straight to elevated
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    64
  // FIXME do we want to allow this with a CSRF check?
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    65
  if ( $level > USER_LEVEL_MEMBER && !$session->user_logged_in )
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    66
  {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    67
    $level = USER_LEVEL_MEMBER;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    68
  }
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    69
  
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    70
  // If we're already at or above this level, redirect to the target page or, if no target
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    71
  // specified, back to the main page.
93
95c4d91bd954 Redirections to the main page use the redirect() function now
Dan
parents: 85
diff changeset
    72
  if ( $level <= USER_LEVEL_MEMBER && $session->user_logged_in )
1117
4d8ffe107a0d Login: if return-to specified and already logged in, jump to return-to instead of main page.
Dan
parents: 1109
diff changeset
    73
  {
4d8ffe107a0d Login: if return-to specified and already logged in, jump to return-to instead of main page.
Dan
parents: 1109
diff changeset
    74
    if ( $target = $paths->getAllParams() )
4d8ffe107a0d Login: if return-to specified and already logged in, jump to return-to instead of main page.
Dan
parents: 1109
diff changeset
    75
    {
4d8ffe107a0d Login: if return-to specified and already logged in, jump to return-to instead of main page.
Dan
parents: 1109
diff changeset
    76
      redirect(makeUrl($target), '', '', 0);
4d8ffe107a0d Login: if return-to specified and already logged in, jump to return-to instead of main page.
Dan
parents: 1109
diff changeset
    77
    }
93
95c4d91bd954 Redirections to the main page use the redirect() function now
Dan
parents: 85
diff changeset
    78
    $paths->main_page();
1117
4d8ffe107a0d Login: if return-to specified and already logged in, jump to return-to instead of main page.
Dan
parents: 1109
diff changeset
    79
  }
4d8ffe107a0d Login: if return-to specified and already logged in, jump to return-to instead of main page.
Dan
parents: 1109
diff changeset
    80
  
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    81
  // Lockout aliasing
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    82
  $lockout =& $login_result['lockout'];
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    83
  
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    84
  $output->header();
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    85
  echo '<form action="' . makeUrl($paths->nslist['Special'].'Login') . '" method="post" name="loginform" onsubmit="try { return runEncryption(); } catch(e) { console.error(e); };">';
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    86
  
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    87
  if ( $p = $paths->getAllParams() )
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    88
  {
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    89
    echo '<input type="hidden" name="return_to" value="' . htmlspecialchars($p) . '" />';
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    90
  }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    91
  else if ( isset($_POST['login']) && isset($_POST['return_to']) )
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    92
  {
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    93
    echo '<input type="hidden" name="return_to" value="' . htmlspecialchars($_POST['return_to']) . '" />';
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    94
  }
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    95
  
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    96
  // determine what the "remember me" checkbox should say
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    97
  $session_time = intval(getConfig('session_remember_time', '30'));
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    98
  if ( $session_time === 0 )
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    99
  {
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   100
    // sessions are infinite
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   101
    $text_remember = $lang->get('user_login_check_remember_infinite');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   102
  }
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   103
  else
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   104
  {
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   105
    // is the number of days evenly divisible by 7? if so, use weeks
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   106
    if ( $session_time % 7 == 0 )
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   107
    {
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   108
      $session_time = $session_time / 7;
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   109
      $unit = 'week';
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   110
    }
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   111
    else
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   112
    {
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   113
      $unit = 'day';
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   114
    }
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   115
    // if it's not equal to 1, pluralize it
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   116
    if ( $session_time != 1 )
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   117
    {
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   118
      $unit .= $lang->get('meta_plural');
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   119
    }
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   120
    $text_remember = $lang->get('user_login_check_remember', array(
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   121
        'session_length' => $session_time,
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   122
        'length_units' => $lang->get("etc_unit_$unit")
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   123
      ));
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   124
  }
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   125
  
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   126
  if ( $error_text = login_get_error($login_result) )
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   127
  {
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   128
    echo '<div class="error-box-mini">' . htmlspecialchars($error_text) . '</div>';
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   129
  }
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   130
  
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   131
  //
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   132
  // START FORM
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   133
  //
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   134
  ?>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   135
    <div class="tblholder">
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   136
      <table border="0" style="width: 100%;" cellspacing="1" cellpadding="4">
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   137
        <tr>
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   138
          <th colspan="3">
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   139
            <!-- Table header: "Please enter..." -->
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   140
            <?php echo ( $level > USER_LEVEL_MEMBER ) ? $lang->get('user_login_message_short_elev') : $lang->get('user_login_message_short'); ?>
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   141
          </th>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   142
        </tr>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   143
        <tr>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   144
          <td colspan="3" class="row1">
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   145
            <!-- Introduction text -->
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   146
            <?php
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   147
            if ( $level <= USER_LEVEL_MEMBER )
209
8a00247d1dee Login page mostly localized
Dan
parents: 193
diff changeset
   148
              echo '<p>' . $lang->get('user_login_body', array('reg_link' => makeUrlNS('Special', 'Register'))) . '</p>';
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   149
            else
209
8a00247d1dee Login page mostly localized
Dan
parents: 193
diff changeset
   150
              echo '<p>' . $lang->get('user_login_body_elev') . '</p>';
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   151
            ?>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   152
          </td>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   153
        </tr>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   154
        <tr>
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   155
          <!-- Username field -->
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   156
          <td class="row2">
209
8a00247d1dee Login page mostly localized
Dan
parents: 193
diff changeset
   157
            <?php echo $lang->get('user_login_field_username'); ?>:
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   158
          </td>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   159
          <td class="row1">
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   160
            <input name="username" size="25" type="text" value="<?php echo $session->user_logged_in ? htmlspecialchars($session->username) : ''; ?>" />
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   161
          </td>
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   162
          <?php if ( $level <= USER_LEVEL_MEMBER ): ?>
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   163
          <!-- Forgot password / create account links -->
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   164
          <td rowspan="<?php echo ( ( $lockout['active'] && $lockout['policy'] == 'captcha' ) ) ? '4' : '2'; ?>" class="row3">
209
8a00247d1dee Login page mostly localized
Dan
parents: 193
diff changeset
   165
            <small><?php echo $lang->get('user_login_forgotpass_blurb', array('forgotpass_link' => makeUrlNS('Special', 'PasswordReset'))); ?><br />
8a00247d1dee Login page mostly localized
Dan
parents: 193
diff changeset
   166
            <?php echo $lang->get('user_login_createaccount_blurb', array('reg_link' => makeUrlNS('Special', 'Register'))); ?></small>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   167
          </td>
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   168
          <?php endif; ?>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   169
        </tr>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   170
        <tr>
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   171
          <!-- Password field -->
209
8a00247d1dee Login page mostly localized
Dan
parents: 193
diff changeset
   172
          <td class="row2">
8a00247d1dee Login page mostly localized
Dan
parents: 193
diff changeset
   173
            <?php echo $lang->get('user_login_field_password'); ?>:
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   174
          </td><td class="row1"><input name="password" size="25" type="password" /></td>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   175
         </tr>
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   176
         
179
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   177
         <?php
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   178
         // CAPTCHA?
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   179
         if ( $lockout['active'] && $lockout['policy'] == 'captcha' )
179
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   180
         {
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   181
           ?>
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   182
           <!-- CAPTCHA -->
179
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   183
           <tr>
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   184
             <td class="row2" rowspan="2">
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   185
               <?php echo $lang->get('user_login_field_captcha'); ?>:
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   186
               <br />
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   187
             </td>
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   188
             <td class="row1">
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   189
               <input type="hidden" name="captcha_hash" value="<?php echo $lockout['captcha']; ?>" />
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   190
               <input name="captcha_code" size="25" type="text" tabindex="<?php echo ( $level <= USER_LEVEL_MEMBER ) ? '3' : '4'; ?>" />
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   191
             </td>
179
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   192
           </tr>
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   193
           <tr>
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   194
             <td class="row3">
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   195
               <img src="<?php echo makeUrlNS('Special', 'Captcha/' . $lockout['captcha']) ?>" onclick="this.src=this.src+'/a';" style="cursor: pointer;" />
179
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   196
             </td>
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   197
           </tr>
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   198
           <?php
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   199
         }
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   200
         
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   201
         // Run hooks
843
4415e50e4e84 Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
parents: 832
diff changeset
   202
         $code = $plugins->setHook('login_form_html');
4415e50e4e84 Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
parents: 832
diff changeset
   203
         foreach ( $code as $cmd )
4415e50e4e84 Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
parents: 832
diff changeset
   204
         {
4415e50e4e84 Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
parents: 832
diff changeset
   205
           eval($cmd);
4415e50e4e84 Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
parents: 832
diff changeset
   206
         }
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   207
         
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   208
         // level-2 only: "Remember me" switch
688
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 685
diff changeset
   209
         if ( $level <= USER_LEVEL_MEMBER )
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 685
diff changeset
   210
         {
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 685
diff changeset
   211
           ?>
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 685
diff changeset
   212
           <tr>
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 685
diff changeset
   213
             <td class="row2">
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 685
diff changeset
   214
               <?php echo $lang->get('user_login_field_remember'); ?>
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 685
diff changeset
   215
             </td>
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 685
diff changeset
   216
             <td class="row1" colspan="2">
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 685
diff changeset
   217
               <label>
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 685
diff changeset
   218
                 <input type="checkbox" name="remember" tabindex="3" />
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 685
diff changeset
   219
                 <?php echo $text_remember; ?>
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 685
diff changeset
   220
               </label>
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 685
diff changeset
   221
             </td>
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 685
diff changeset
   222
           </tr>
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   223
           
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   224
         <!-- Crypto notice -->
688
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 685
diff changeset
   225
           <?php
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 685
diff changeset
   226
         }
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   227
         
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   228
         // lol DeMorgan'd
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   229
         $crypto_disable = ( isset($_GET['use_crypt']) && $_GET['use_crypt'] == '0' );
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   230
         
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   231
         // Crypto disable: crypto on, normal login
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   232
         if ( $level <= USER_LEVEL_MEMBER && !$crypto_disable )
507
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   233
         {
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   234
           echo '<tr>
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   235
             <td class="row3" colspan="3">';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   236
             
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   237
           $returnpage_link = ( $return = $paths->getAllParams() ) ? '/' . $return : '';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   238
           $nocrypt_link = makeUrlNS('Special', "Login$returnpage_link", "level=$level&use_crypt=0", true);
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   239
           echo '<p><b>' . $lang->get('user_login_nocrypt_title') . '</b> ' . $lang->get('user_login_nocrypt_body', array('nocrypt_link' => $nocrypt_link)) . '</p>';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   240
           echo '<p>' . $lang->get('user_login_nocrypt_countrylist') . '</p>';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   241
           
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   242
           echo '  </td>
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   243
           </tr>';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   244
         }
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   245
         // Crypto disable: crypto OFF, normal login
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   246
         else if ( $level <= USER_LEVEL_MEMBER && $crypto_disable )
507
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   247
         {
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   248
           echo '<tr>
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   249
             <td class="row3" colspan="3">';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   250
             
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   251
           $returnpage_link = ( $return = $paths->getAllParams() ) ? '/' . $return : '';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   252
           $usecrypt_link = makeUrlNS('Special', "Login$returnpage_link", "level=$level&use_crypt=1", true);
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   253
           echo '<p><b>' . $lang->get('user_login_usecrypt_title') . '</b> ' . $lang->get('user_login_usecrypt_body', array('usecrypt_link' => $usecrypt_link)) . '</p>';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   254
           echo '<p>' . $lang->get('user_login_usecrypt_countrylist') . '</p>';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   255
           
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   256
           echo '  </td>
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   257
           </tr>';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   258
         }
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   259
         // Crypto disable: crypto on, ELEV login
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   260
         else if ( $level > USER_LEVEL_MEMBER && $GLOBALS['dh_supported'] )
684
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   261
         {
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   262
           echo '<tr>';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   263
           echo '<td class="row3" colspan="3">';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   264
           echo '<p>' . $lang->get('user_login_dh_notice') . '</p>';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   265
           echo '</td>';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   266
           echo '</tr>';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   267
         }
507
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   268
         ?>
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   269
         
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   270
         <!-- Submit button -->
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   271
         <tr>
1119
2e045975fc65 HTML login: fixed bad submit under IE
Dan
parents: 1117
diff changeset
   272
           <th colspan="3" style="text-align: center" class="subhead">
2e045975fc65 HTML login: fixed bad submit under IE
Dan
parents: 1117
diff changeset
   273
             <input type="hidden" name="login" value="true" />
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   274
             <input type="submit" value="<?php echo $lang->get('user_login_btn_log_in'); ?>" />
1119
2e045975fc65 HTML login: fixed bad submit under IE
Dan
parents: 1117
diff changeset
   275
           </th>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   276
         </tr>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   277
      </table>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   278
    </div>
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   279
    
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   280
      <input type="hidden" name="level" value="<?php echo (string)$level; ?>" />
32
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 30
diff changeset
   281
      <?php if ( $level <= USER_LEVEL_MEMBER ): ?>
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 30
diff changeset
   282
      <script type="text/javascript">
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 30
diff changeset
   283
        document.forms.loginform.username.focus();
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 30
diff changeset
   284
      </script>
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 30
diff changeset
   285
      <?php else: ?>
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 30
diff changeset
   286
      <script type="text/javascript">
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 30
diff changeset
   287
        document.forms.loginform.pass.focus();
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 30
diff changeset
   288
      </script>
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 30
diff changeset
   289
      <?php endif; ?>
507
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   290
      <?php
801
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
   291
      echo $session->generate_aes_form();
907
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   292
      
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   293
      // Any additional parameters that need to be passed back?
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   294
      if ( $p = $paths->getAllParams() )
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   295
      {
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   296
        // ... only if we have a return_to destination.
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   297
        $get_fwd = $_GET;
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   298
        unset($get_fwd['do']);
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   299
        if ( isset($get_fwd['target_do']) )
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   300
        {
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   301
          $get_fwd['do'] = $get_fwd['target_do'];
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   302
          unset($get_fwd['target_do']);
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   303
        }
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   304
        if ( isset($get_fwd['level']) )
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   305
          unset($get_fwd['level']);
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   306
        if ( isset($get_fwd['title']) )
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   307
          unset($get_fwd['title']);
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   308
        
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   309
        if ( !empty($get_fwd) )
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   310
        {
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   311
          $get_string = htmlspecialchars(enano_json_encode($get_fwd));
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   312
          echo '<input type="hidden" name="get_fwd" value="' . $get_string . '" />';
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   313
        }
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   314
      }
1101
30d8bb88572d Sessions: Improved inactive account UX; shuffled around a bit of code so that whitelist checks are shared; fixed a bunch of bugs related to ban code and IPv6 addresses
Dan
parents: 1081
diff changeset
   315
      else if ( isset($_POST['get_fwd']) )
30d8bb88572d Sessions: Improved inactive account UX; shuffled around a bit of code so that whitelist checks are shared; fixed a bunch of bugs related to ban code and IPv6 addresses
Dan
parents: 1081
diff changeset
   316
      {
30d8bb88572d Sessions: Improved inactive account UX; shuffled around a bit of code so that whitelist checks are shared; fixed a bunch of bugs related to ban code and IPv6 addresses
Dan
parents: 1081
diff changeset
   317
        echo '<input type="hidden" name="get_fwd" value="' . htmlspecialchars($_POST['get_fwd']) . '" />';
30d8bb88572d Sessions: Improved inactive account UX; shuffled around a bit of code so that whitelist checks are shared; fixed a bunch of bugs related to ban code and IPv6 addresses
Dan
parents: 1081
diff changeset
   318
      }
507
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   319
      ?>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   320
    </form>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   321
    <?php
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   322
      if ( !$crypto_disable )
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   323
        echo $session->aes_javascript('loginform', 'password');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   324
    ?>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   325
  <?php
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   326
  $output->footer();
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   327
}
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   328
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   329
function page_Special_Login_preloader() // adding _preloader to the end of the function name calls the function before $session and $paths setup routines are called
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   330
{
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   331
  global $db, $session, $paths, $template, $plugins; // Common objects
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   332
  global $login_result;
210
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
   333
  global $lang;
604
6a90893622f0 Fixed missing require() on math.php in SpecialUserFuncs
Dan
parents: 593
diff changeset
   334
  
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   335
  // Are we calling the JSON interface?
1109
c424a15a1656 Common: renamed global $title to $urlname (it broke the API from non-plugin Enano scripts)
Dan
parents: 1101
diff changeset
   336
  $paths->fullpage = $GLOBALS['urlname'];
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   337
  if ( $paths->getParam(0) === 'action.json' )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   338
  {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   339
    if ( !isset($_POST['r']) )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   340
      die('No request.');
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   341
    
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   342
    $request = $_POST['r'];
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   343
    try
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   344
    {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   345
      $request = enano_json_decode($request);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   346
    }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   347
    catch ( Exception $e )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   348
    {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   349
      die(enano_json_encode(array(
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   350
          'mode' => 'error',
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   351
          'error' => 'ERR_JSON_PARSE_FAILED'
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   352
        )));
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   353
    }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   354
    
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   355
    echo enano_json_encode($session->process_login_request($request));
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   356
    
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   357
    $db->close();
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   358
    exit;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   359
  }
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   360
  
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   361
  // No. Process incoming results from the HTML version.
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   362
  if ( isset($_POST['login']) )
507
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   363
  {
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   364
    $_POST['password'] = $session->get_aes_post();
843
4415e50e4e84 Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
parents: 832
diff changeset
   365
    
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   366
    $result = $session->process_login_request(array(
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   367
        'mode' => 'login_pt',
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   368
        'userinfo' => $_POST,
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   369
        'level' => $_POST['level'],
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   370
        'captcha_hash' => isset($_POST['captcha_hash']) ? $_POST['captcha_hash'] : false,
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   371
        'captcha_code' => isset($_POST['captcha_code']) ? $_POST['captcha_code'] : false
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   372
      ));
843
4415e50e4e84 Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
parents: 832
diff changeset
   373
    
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   374
    if ( $result['mode'] === 'login_success' )
843
4415e50e4e84 Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
parents: 832
diff changeset
   375
    {
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   376
      //
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   377
      // LOGIN SUCCESS.
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   378
      // Redirect as necessary.
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   379
      //
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   380
      
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   381
      // Load our preferences
372
5bd429428101 A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager
Dan
parents: 371
diff changeset
   382
      $session->start();
5bd429428101 A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager
Dan
parents: 371
diff changeset
   383
      
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   384
      // Decode get_add
907
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   385
      $get_add = false;
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   386
      if ( isset($_POST['get_fwd']) )
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   387
      {
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   388
        try
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   389
        {
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   390
          $get_fwd = enano_json_decode($_POST['get_fwd']);
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   391
          $get_add = '';
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   392
          foreach ( $get_fwd as $key => $value )
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   393
          {
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   394
            $get_add .= "&{$key}=" . urlencode($value);
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   395
          }
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   396
          $get_add = ltrim($get_add, '&');
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   397
        }
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   398
        catch ( Exception $e )
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   399
        {
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   400
        }
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   401
      }
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   402
      
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   403
      // Going to a user-specified page?
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   404
      if ( isset($_POST['return_to']) )
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   405
      {
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   406
        // yea
953
323c4cd1aa37 Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
parents: 912
diff changeset
   407
        $name = get_page_title($_POST['return_to']);
210
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
   408
        $subst = array(
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
   409
            'username' => $session->username,
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
   410
            'redir_target' => $name
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
   411
          );
907
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   412
        redirect( makeUrl($_POST['return_to'], $get_add), $lang->get('user_login_success_title'), $lang->get('user_login_success_body', $subst) );
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   413
      }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   414
      else
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   415
      {
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   416
        // No, redirect them to the main page
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   417
        $subst = array(
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   418
            'username' => $session->username,
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   419
            'redir_target' => $lang->get('user_login_success_body_mainpage')
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   420
          );
907
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   421
        redirect( makeUrl(get_main_page(), $get_add), $lang->get('user_login_success_title'), $lang->get('user_login_success_body', $subst) );
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   422
      }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   423
    }
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   424
    else if ( $result['mode'] === 'login_success_reset' )
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   425
    {
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   426
      // They logged in with a temporary password; send them to the reset form
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   427
      redirect($result['redirect_url'], '', '', 0);
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   428
    }
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   429
    // Otherwise, the result is likely an error.
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   430
    $login_result = $result;
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   431
  }
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   432
  else
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   433
  {
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   434
    $login_result = $session->process_login_request(array(
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   435
        'mode' => 'getkey'
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   436
      ));
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   437
  }
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   438
  
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   439
  // This is a bit of a hack. The login form generates AES and DiffieHellman keys on its
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   440
  // own, so we need to clean up the ones from the login request API.
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   441
  if ( !empty($login_result['crypto']) )
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   442
  {
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   443
    $session->process_login_request(array(
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   444
        'mode' => 'clean_key',
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   445
        'key_aes' => $login_result['crypto']['aes_key'],
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   446
        'key_dh' => $login_result['crypto']['dh_public_key'],
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   447
      ));
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   448
  }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   449
}
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   450
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   451
/**
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   452
 * Given a Login API response, find the appropriate error text, if any.
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   453
 * @param array LoginAPI response
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   454
 * @return mixed Error string, or bool(false) if no error.
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   455
 */
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   456
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   457
function login_get_error($response)
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   458
{
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   459
  global $lang;
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   460
  
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   461
  if ( !empty($response['lockout']) )
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   462
  {
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   463
    // set this pluralality thing
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   464
    $response['lockout']['plural'] = $response['lockout']['time_rem'] == 1 ? '' : $lang->get('meta_plural');
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   465
  }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   466
  
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   467
  if ( $response['mode'] == 'initial' )
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   468
  {
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   469
    // Just showing the box for the first time. If there's an error now, it's based on a preexisting lockout.
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   470
    if ( $response['lockout']['active'] )
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   471
    {
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   472
      return $lang->get('user_err_locked_out_initial_' . $response['lockout']['policy'], $response['lockout']);
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   473
    }
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   474
    return false;
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   475
  }
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   476
  else
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   477
  {
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   478
    // An attempt was made.
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   479
    switch($response['mode'])
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   480
    {
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   481
      case 'login_failure':
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   482
        // Generic login user error.
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   483
        $error = '';
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   484
        if ( ($x = $lang->get($response['error'])) != $response['error'] )
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   485
          $error = $x;
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   486
        else
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   487
          $error = $lang->get('user_err_' . $response['error']);
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   488
        if ( $response['lockout']['active'] && $response['lockout']['policy'] == 'lockout' )
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   489
        {
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   490
          // Lockout enforcement was just activated.
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   491
          return $lang->get('user_err_locked_out_initial_' . $response['lockout']['policy'], $response['lockout']);
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   492
        }
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   493
        else if ( $response['lockout']['policy'] != 'disable' && !$response['lockout']['active'] && $response['lockout']['fails'] > 0 )
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   494
        {
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   495
          // Lockout is in a warning state.
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   496
          $error .= ' ' . $lang->get('user_err_invalid_credentials_' . $response['lockout']['policy'], $response['lockout']);
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   497
        }
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   498
        return $error;
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   499
        break;
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   500
      case 'api_error':
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   501
        // Error in the API.
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   502
        return $lang->get('user_err_login_generic_title') + ': ' + $lang->get('user_' . strtolower($response['error']));
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   503
        break;
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   504
    }
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   505
  }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   506
  
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   507
  return is_string($response['error']) ? $response['error'] : false;
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   508
}
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   509
562
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php
Dan
parents: 555
diff changeset
   510
function page_Special_Logout()
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php
Dan
parents: 555
diff changeset
   511
{
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   512
  global $db, $session, $paths, $template, $plugins; // Common objects
210
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
   513
  global $lang;
562
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php
Dan
parents: 555
diff changeset
   514
  
93
95c4d91bd954 Redirections to the main page use the redirect() function now
Dan
parents: 85
diff changeset
   515
  if ( !$session->user_logged_in )
95c4d91bd954 Redirections to the main page use the redirect() function now
Dan
parents: 85
diff changeset
   516
    $paths->main_page();
95c4d91bd954 Redirections to the main page use the redirect() function now
Dan
parents: 85
diff changeset
   517
  
562
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php
Dan
parents: 555
diff changeset
   518
  $token = $paths->getParam(0);
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php
Dan
parents: 555
diff changeset
   519
  if ( $token !== $session->csrf_token )
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php
Dan
parents: 555
diff changeset
   520
  {
573
43e7254afdb4 Renamed some functions (that were new in this release anyway) due to compatibility broken with PunBB bridge
Dan
parents: 562
diff changeset
   521
    csrf_request_confirm();
562
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php
Dan
parents: 555
diff changeset
   522
  }
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php
Dan
parents: 555
diff changeset
   523
  
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   524
  $l = $session->logout();
93
95c4d91bd954 Redirections to the main page use the redirect() function now
Dan
parents: 85
diff changeset
   525
  if ( $l == 'success' )
95c4d91bd954 Redirections to the main page use the redirect() function now
Dan
parents: 85
diff changeset
   526
  {
741
a216e412c439 Added ability to have alternate main page for members
Dan
parents: 701
diff changeset
   527
    $url = makeUrl(get_main_page(), false, true);
562
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php
Dan
parents: 555
diff changeset
   528
    if ( $paths->getParam(1) )
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   529
    {
562
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php
Dan
parents: 555
diff changeset
   530
      $pi = explode('/', $paths->getAllParams());
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php
Dan
parents: 555
diff changeset
   531
      $pi = implode('/', array_values(array_slice($pi, 1)));
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   532
      list($pid, $ns) = RenderMan::strToPageID($pi);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   533
      $perms = $session->fetch_page_acl($pid, $ns);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   534
      if ( $perms->get_permissions('read') )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   535
      {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   536
        $url = makeUrl($pi, false, true);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   537
      }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   538
    }
562
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php
Dan
parents: 555
diff changeset
   539
    redirect($url, $lang->get('user_logout_success_title'), $lang->get('user_logout_success_body'), 3);
93
95c4d91bd954 Redirections to the main page use the redirect() function now
Dan
parents: 85
diff changeset
   540
  }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   541
  $template->header();
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   542
  echo '<h3>' . $lang->get('user_logout_err_title') . '</h3>';
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   543
  echo '<p>' . $l . '</p>';
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   544
  $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   545
}
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   546
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   547
function page_Special_Register()
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   548
{
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   549
  global $db, $session, $paths, $template, $plugins; // Common objects
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   550
  global $lang;
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   551
  
832
7152ca0a0ce9 Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
parents: 801
diff changeset
   552
  if ( $session->user_level < USER_LEVEL_ADMIN && $session->user_logged_in )
701
dd80cde96a6c Autocomplete further stabilized. Made Special:PasswordReset and Special:Register prevent use if logged in.
Dan
parents: 688
diff changeset
   553
  {
dd80cde96a6c Autocomplete further stabilized. Made Special:PasswordReset and Special:Register prevent use if logged in.
Dan
parents: 688
diff changeset
   554
    $paths->main_page();
dd80cde96a6c Autocomplete further stabilized. Made Special:PasswordReset and Special:Register prevent use if logged in.
Dan
parents: 688
diff changeset
   555
  }
dd80cde96a6c Autocomplete further stabilized. Made Special:PasswordReset and Special:Register prevent use if logged in.
Dan
parents: 688
diff changeset
   556
  
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   557
  // form field trackers
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   558
  $username = '';
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   559
  $email = '';
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   560
  $realname = '';
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   561
  
348
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   562
  $terms = getConfig('register_tou');
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   563
  
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   564
  if(getConfig('account_activation') == 'disable' && ( ( $session->user_level >= USER_LEVEL_ADMIN && !isset($_GET['IWannaPlayToo']) ) || $session->user_level < USER_LEVEL_ADMIN || !$session->user_logged_in ))
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   565
  {
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   566
    $s = ($session->user_level >= USER_LEVEL_ADMIN) ? '<p>' . $lang->get('user_reg_err_disabled_body_adminblurb', array( 'reg_link' => makeUrl($paths->page, 'IWannaPlayToo&coppa=no', true) )) . '</p>' : '';
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   567
    die_friendly($lang->get('user_reg_err_disabled_title'), '<p>' . $lang->get('user_reg_err_disabled_body') . '</p>' . $s);
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   568
  }
684
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   569
  // are we locked out from logging in? if so, also lock out registration
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   570
  if ( getConfig('lockout_policy') === 'lockout' )
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   571
  {
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   572
    $ip = $db->escape($_SERVER['REMOTE_ADDR']);
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   573
    $threshold = time() - ( 60 * intval(getConfig('lockout_duration')) );
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   574
    $limit = intval(getConfig('lockout_threshold'));
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   575
    $q = $db->sql_query('SELECT * FROM ' . table_prefix . "lockout WHERE timestamp >= $threshold ORDER BY timestamp DESC;");
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   576
    if ( !$q )
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   577
      $db->_die();
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   578
    if ( $db->numrows() >= $limit )
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   579
    {
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   580
      $row = $db->fetchrow();
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   581
      $db->free_result();
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   582
      $time_rem = intval(getConfig('lockout_duration')) - round((time() - $row['timestamp']) / 60);
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   583
      die_friendly($lang->get('user_reg_err_disabled_title'), '<p>' . $lang->get('user_reg_err_locked_out', array('time' => $time_rem)) . '</p>');
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   584
    }
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   585
    $db->free_result();
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   586
  }
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   587
  if(isset($_POST['submit'])) 
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   588
  {
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   589
    $_GET['coppa'] = ( isset($_POST['coppa']) ) ? $_POST['coppa'] : 'x';
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   590
    
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   591
    $captcharesult = $session->get_captcha($_POST['captchahash']);
263
d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
Dan
parents: 192
diff changeset
   592
    $session->kill_captcha();
832
7152ca0a0ce9 Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
parents: 801
diff changeset
   593
    // bypass captcha if logged in (at this point, if logged in, we're admin)
7152ca0a0ce9 Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
parents: 801
diff changeset
   594
    if ( !$session->user_logged_in && strtolower($captcharesult) != strtolower($_POST['captchacode']) )
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   595
    {
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   596
      $s = $lang->get('user_reg_err_captcha');
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   597
    }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   598
    else
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   599
    {
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   600
      if ( getConfig('enable_coppa') == '1' && ( !isset($_POST['coppa']) || ( isset($_POST['coppa']) && !in_array($_POST['coppa'], array('yes', 'no')) ) ) )
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   601
      {
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   602
        $s = 'Invalid COPPA input';
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   603
      }
832
7152ca0a0ce9 Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
parents: 801
diff changeset
   604
      else if ( !$session->user_logged_in && !empty($terms) && !isset($_POST['tou_agreed']) )
348
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   605
      {
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   606
        $s = $lang->get('user_reg_err_accept_tou');
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   607
      }
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   608
      else
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   609
      {
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   610
        $coppa = ( isset($_POST['coppa']) && $_POST['coppa'] == 'yes' );
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   611
        $s = false;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   612
        
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   613
        // decrypt password
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   614
        // as with the change pass form, we aren't going to bother checking the confirmation code because if the passwords didn't match
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   615
        // and yet the password got encrypted, that means the user screwed with the code, and if the user screwed with the code and thus
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   616
        // forgot his password, that's his problem.
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   617
        
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   618
        if ( $_POST['use_crypt'] == 'yes' )
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   619
        {
286
b2f985e4cef3 Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents: 270
diff changeset
   620
          $aes = AESCrypt::singleton(AES_BITS, AES_BLOCKSIZE);
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   621
          $crypt_key = $session->fetch_public_key($_POST['crypt_key']);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   622
          if ( !$crypt_key )
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   623
          {
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   624
            $s = $lang->get('user_reg_err_missing_key');
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   625
          }
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   626
          else
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   627
          {
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   628
            $data = $_POST['crypt_data'];
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   629
            $bin_key = hexdecode($crypt_key);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   630
            //die("Decrypting with params: key $crypt_key, data $data");
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   631
            $password = $aes->decrypt($data, $bin_key, ENC_HEX);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   632
          }
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   633
        }
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   634
        else
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   635
        {
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   636
          $password = $_POST['password'];
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   637
        }
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   638
        
799
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   639
        $error =& $s;
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   640
        
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   641
        /**
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   642
         * Validation of POST data coming from registration. Put an error message in the variable $error to stop registration.
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   643
         * @hook ucp_register_validate
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   644
         */
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   645
        
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   646
        $code = $plugins->setHook('ucp_register_validate');
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   647
        foreach ( $code as $cmd )
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   648
        {
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   649
          eval($cmd);
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   650
        }
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   651
        
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   652
        // All things verified, create account
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   653
        if ( !$s )
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   654
          $s = $session->create_user($_POST['username'], $password, $_POST['email'], $_POST['real_name'], $coppa);
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   655
      }
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   656
    }
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   657
    if($s == 'success' && !$coppa)
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   658
    {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   659
      switch(getConfig('account_activation'))
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   660
      {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   661
        case "none":
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   662
        default:
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   663
          $str = $lang->get('user_reg_msg_success_activ_none', array('login_link' => makeUrlNS('Special', 'Login', false, true)));
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   664
          break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   665
        case "user":
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   666
          $str = $lang->get('user_reg_msg_success_activ_user');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   667
          break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   668
        case "admin":
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   669
          $str = $lang->get('user_reg_msg_success_activ_admin');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   670
          break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   671
      }
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   672
      die_friendly($lang->get('user_reg_msg_success_title'), '<p>' . $lang->get('user_reg_msg_success_body') . ' ' . $str . '</p>');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   673
    }
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   674
    else if ( $s == 'success' && $coppa )
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   675
    {
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   676
      $str = $lang->get('user_reg_msg_success_activ_coppa');
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   677
      die_friendly($lang->get('user_reg_msg_success_title'), '<p>' . $lang->get('user_reg_msg_success_body') . ' ' . $str . '</p>');
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   678
    }
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   679
    $username = htmlspecialchars($_POST['username']);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   680
    $email    = htmlspecialchars($_POST['email']);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   681
    $realname = htmlspecialchars($_POST['real_name']);
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   682
  }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   683
  $template->header();
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   684
  echo $lang->get('user_reg_msg_greatercontrol');
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   685
  
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   686
  if ( getConfig('enable_coppa') != '1' || ( isset($_GET['coppa']) && in_array($_GET['coppa'], array('yes', 'no')) ) )
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   687
  {
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   688
    $coppa = ( isset($_GET['coppa']) && $_GET['coppa'] == 'yes' );
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   689
    $session->kill_captcha();
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   690
    $captchacode = $session->make_captcha();
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   691
    
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   692
    $pubkey = $session->rijndael_genkey();
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   693
    $challenge = $session->dss_rand();
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   694
    
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   695
    ?>
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   696
      <h3><?php echo $lang->get('user_reg_msg_table_title'); ?></h3>
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   697
      <form name="regform" action="<?php echo makeUrl($paths->page); ?>" method="post" onsubmit="return runEncryption();">
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   698
        <div class="tblholder">
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   699
          <table border="0" width="100%" cellspacing="1" cellpadding="4">
832
7152ca0a0ce9 Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
parents: 801
diff changeset
   700
            <tr><th colspan="3"><?php echo $lang->get('user_reg_msg_table_subtitle'); ?></th></tr>
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   701
            
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   702
            <?php if(isset($_POST['submit'])) echo '<tr><td colspan="3" class="row2" style="color: red;">'.$s.'</td></tr>'; ?>
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   703
            
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   704
            <!-- FIELD: Username -->
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   705
            <tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   706
              <td class="row1" style="width: 50%;">
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   707
                <?php echo $lang->get('user_reg_lbl_field_username'); ?>
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   708
                <span id="e_username"></span>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   709
              </td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   710
              <td class="row1" style="width: 50%;">
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   711
                <input tabindex="1" type="text" name="username" size="30" value="<?php echo $username; ?>" onkeyup="namegood = false; validateForm(this);" onblur="checkUsername();" />
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   712
              </td>
404
fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents: 402
diff changeset
   713
              <td class="row1" style="width: 1px;">
fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents: 402
diff changeset
   714
                <img alt="Good/bad icon" src="<?php echo scriptPath; ?>/images/checkbad.png" id="s_username" />
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   715
              </td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   716
            </tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   717
            
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   718
            <!-- FIELD: Password -->
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   719
            <tr>
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   720
              <td class="row3" style="width: 50%;" rowspan="<?php echo ( getConfig('pw_strength_enable') == '1' ) ? '3' : '2'; ?>">
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   721
                <?php echo $lang->get('user_reg_lbl_field_password'); ?>
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   722
                <span id="e_password"></span>
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   723
                <?php if ( getConfig('pw_strength_enable') == '1' && getConfig('pw_strength_minimum') > -10 ): ?>
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   724
                <small><?php echo $lang->get('user_reg_msg_password_score'); ?></small>
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   725
                <?php endif; ?>
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   726
              </td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   727
              <td class="row3" style="width: 50%;">
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   728
                <input tabindex="2" type="password" name="password" size="15" onkeyup="<?php if ( getConfig('pw_strength_enable') == '1' ): ?>password_score_field(this); <?php endif; ?>validateForm(this);" /><?php if ( getConfig('pw_strength_enable') == '1' ): ?><span class="password-checker" style="font-weight: bold; color: #aaaaaa;"> Loading...</span><?php endif; ?>
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   729
              </td>
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   730
              <td rowspan="<?php echo ( getConfig('pw_strength_enable') == '1' ) ? '3' : '2'; ?>" class="row3" style="max-width: 24px;">
404
fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents: 402
diff changeset
   731
                <img alt="Good/bad icon" src="<?php echo scriptPath; ?>/images/checkbad.png" id="s_password" />
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   732
              </td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   733
            </tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   734
            
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   735
            <!-- FIELD: Password confirmation -->
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   736
            <tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   737
              <td class="row3" style="width: 50%;">
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   738
                <input tabindex="3" type="password" name="password_confirm" size="15" onkeyup="validateForm(this);" /> <small><?php echo $lang->get('user_reg_lbl_field_password_confirm'); ?></small>
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   739
              </td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   740
            </tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   741
            
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   742
            <!-- FIELD: Password strength meter -->
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   743
            
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   744
            <?php if ( getConfig('pw_strength_enable') == '1' ): ?>
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   745
            <tr>
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   746
              <td class="row3" style="width: 50%;">
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   747
                <div id="pwmeter"></div>
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   748
              </td>
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   749
            </tr>
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   750
            <?php endif; ?>
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   751
            
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   752
            <!-- FIELD: E-mail address -->
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   753
            <tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   754
              <td class="row1" style="width: 50%;">
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   755
                <?php
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   756
                  if ( $coppa )
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   757
                  {
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   758
                    echo $lang->get('user_reg_lbl_field_email_coppa');
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   759
                  }
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   760
                  else
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   761
                  {
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   762
                    echo $lang->get('user_reg_lbl_field_email');
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   763
                  }
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   764
                ?>
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   765
                <?php
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   766
                  if ( ( $x = getConfig('account_activation') ) == 'user' )
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   767
                  {
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   768
                    echo '<br /><small>' . $lang->get('user_reg_msg_email_activuser') . '</small>';
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   769
                  }
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   770
                ?>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   771
              </td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   772
              <td class="row1" style="width: 50%;">
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   773
                <input tabindex="4" type="text" name="email" size="30" value="<?php echo $email; ?>" onkeyup="validateForm(this);" />
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   774
              </td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   775
              <td class="row1" style="max-width: 24px;">
404
fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents: 402
diff changeset
   776
                <img alt="Good/bad icon" src="<?php echo scriptPath; ?>/images/checkbad.png" id="s_email" />
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   777
              </td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   778
            </tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   779
            
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   780
            <!-- FIELD: Real name -->
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   781
            <tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   782
              <td class="row3" style="width: 50%;">
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   783
                <?php echo $lang->get('user_reg_lbl_field_realname'); ?><br />
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   784
                <small><?php echo $lang->get('user_reg_msg_realname_optional'); ?></small>
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   785
              </td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   786
              <td class="row3" style="width: 50%;">
799
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   787
                <input tabindex="5" type="text" name="real_name" size="30" value="<?php echo $realname; ?>" />
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   788
              </td>
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   789
              <td class="row3" style="max-width: 24px;">
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   790
              </td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   791
            </tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   792
            
799
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   793
            <?php
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   794
            /**
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   795
             * Allows adding fields to the user registration form. Form is built with Enano tables, 3 columns. (Rightmost can be left empty or if you're using Javascript validation an image you can update with your own Javascript code)
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   796
             * @hook ucp_register_form
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   797
             */
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   798
            
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   799
            $code = $plugins->setHook('ucp_register_form');
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   800
            foreach ( $code as $cmd )
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   801
            {
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   802
              eval($cmd);
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   803
            }
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   804
            ?>
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   805
            
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   806
            <!-- FIELD: CAPTCHA image -->
832
7152ca0a0ce9 Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
parents: 801
diff changeset
   807
            <?php
7152ca0a0ce9 Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
parents: 801
diff changeset
   808
            if ( !$session->user_logged_in ):
7152ca0a0ce9 Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
parents: 801
diff changeset
   809
            ?>
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   810
            <tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   811
              <td class="row1" style="width: 50%;" rowspan="2">
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   812
                <?php echo $lang->get('user_reg_lbl_field_captcha'); ?><br />
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   813
                <small>
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   814
                  <?php echo $lang->get('user_reg_msg_captcha_pleaseenter', array('regen_flags' => 'href="#" onclick="regenCaptcha(); return false;"')); ?><br />
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   815
                  <br />
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   816
                  <?php echo $lang->get('user_reg_msg_captcha_blind'); ?>
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   817
                </small>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   818
              </td>
832
7152ca0a0ce9 Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
parents: 801
diff changeset
   819
              <td class="row1">
1158
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
   820
                <img id="captchaimg" alt="CAPTCHA image" src="<?php echo makeUrlNS('Special', 'Captcha/'.$captchacode); ?>" style="cursor: pointer;" onclick="regenCaptcha(); return false;" />
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   821
              </td>
832
7152ca0a0ce9 Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
parents: 801
diff changeset
   822
              <td class="row1">
1158
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
   823
                <img alt="Good/bad icon" src="<?php echo scriptPath; ?>/images/checkbad.png" id="s_captcha" />
832
7152ca0a0ce9 Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
parents: 801
diff changeset
   824
              </td>
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   825
            </tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   826
            
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   827
            <!-- FIELD: CAPTCHA input field -->
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   828
            <tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   829
              <td class="row1" colspan="2">
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   830
                <?php echo $lang->get('user_reg_lbl_field_captcha_code'); ?>
1158
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
   831
                <input tabindex="6" name="captchacode" type="text" size="10" onkeyup="validateCaptcha(this);" />
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
   832
                <img id="captchaajax" width="16" height="16" src="<?php echo cdnPath; ?>/images/spacer.gif" />
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   833
                <input type="hidden" name="captchahash" value="<?php echo $captchacode; ?>" />
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   834
              </td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   835
            </tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   836
            
348
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   837
            <!-- FIELD: TOU -->
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   838
            
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   839
            <?php
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   840
            if ( !empty($terms) ):
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   841
            ?>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   842
            
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   843
            <tr>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   844
              <td class="row1" colspan="3">
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   845
                <?php
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   846
                echo $lang->get('user_reg_msg_please_read_tou');
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   847
                ?>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   848
              </td>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   849
            </tr>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   850
            
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   851
            <tr>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   852
              <td class="row3" colspan="3">
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   853
                <div style="border: 1px solid #000000; height: 75px; width: 60%; clip: rect(0px,auto,auto,0px); overflow: auto; background-color: #FFF; margin: 0 auto; padding: 4px;">
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   854
                  <?php
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   855
                  echo RenderMan::render($terms);
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   856
                  ?>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   857
                </div>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   858
                <p style="text-align: center;">
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   859
                  <label>
371
dc6026376919 Improved compatibility with PostgreSQL and fixed a number of installer bugs; fixed missing "meta" category declaration in language files
Dan
parents: 359
diff changeset
   860
                    <input tabindex="7" type="checkbox" name="tou_agreed" />
348
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   861
                    <b><?php echo $lang->get('user_reg_lbl_field_tou'); ?></b>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   862
                  </label>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   863
                </p>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   864
              </td>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   865
            </tr>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   866
            
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   867
            <?php
832
7152ca0a0ce9 Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
parents: 801
diff changeset
   868
            endif; // !empty($terms)
7152ca0a0ce9 Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
parents: 801
diff changeset
   869
            endif; // $session->user_logged_in
348
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   870
            ?>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   871
            
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   872
            <!-- FIELD: submit button -->
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   873
            <tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   874
              <th class="subhead" colspan="3" style="text-align: center;">
371
dc6026376919 Improved compatibility with PostgreSQL and fixed a number of installer bugs; fixed missing "meta" category declaration in language files
Dan
parents: 359
diff changeset
   875
                <input tabindex="8" type="submit" name="submit" value="<?php echo $lang->get('user_reg_btn_create_account'); ?>" />
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   876
              </td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   877
            </tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   878
            
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   879
          </table>
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   880
        </div>
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   881
        <?php
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   882
          $val = ( $coppa ) ? 'yes' : 'no';
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   883
          echo '<input type="hidden" name="coppa" value="' . $val . '" />';
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   884
        ?>
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   885
        <input type="hidden" name="challenge_data" value="<?php echo $challenge; ?>" />
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   886
        <input type="hidden" name="use_crypt" value="no" />
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   887
        <input type="hidden" name="crypt_key" value="<?php echo $pubkey; ?>" />
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   888
        <input type="hidden" name="crypt_data" value="" />
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   889
      <script type="text/javascript">
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   890
        // ENCRYPTION CODE
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   891
        function runEncryption()
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   892
        {
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   893
          var frm = document.forms.regform;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   894
          if ( frm.password.value.length < 1 )
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   895
            return true;
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   896
          pass1 = frm.password.value;
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   897
          pass2 = frm.password_confirm.value;
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   898
          if ( pass1 != pass2 )
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   899
          {
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   900
            alert($lang.get('user_reg_err_alert_password_nomatch'));
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   901
            return false;
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   902
          }
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   903
          if ( pass1.length < 6 && pass1.length > 0 )
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   904
          {
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   905
            alert($lang.get('user_reg_err_alert_password_tooshort'));
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   906
            return false;
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   907
          }
614
78d1e71dc720 Got user registration working with the new componentized JS framework
Dan
parents: 604
diff changeset
   908
          if(aes_self_test())
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   909
          {
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   910
            frm.use_crypt.value = 'yes';
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   911
            var cryptkey = frm.crypt_key.value;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   912
            frm.crypt_key.value = hex_md5(cryptkey);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   913
            cryptkey = hexToByteArray(cryptkey);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   914
            if(!cryptkey || ( ( typeof cryptkey == 'string' || typeof cryptkey == 'object' ) ) && cryptkey.length != keySizeInBits / 8 )
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   915
            {
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   916
              frm.submit.disabled = true;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   917
              len = ( typeof cryptkey == 'string' || typeof cryptkey == 'object' ) ? '\nLen: '+cryptkey.length : '';
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   918
              alert('The key is messed up\nType: '+typeof(cryptkey)+len);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   919
            }
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   920
            pass = frm.password.value;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   921
            pass = stringToByteArray(pass);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   922
            cryptstring = rijndaelEncrypt(pass, cryptkey, 'ECB');
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   923
            if(!cryptstring)
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   924
            {
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   925
              return false;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   926
            }
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   927
            cryptstring = byteArrayToHex(cryptstring);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   928
            frm.crypt_data.value = cryptstring;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   929
            frm.password.value = "";
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   930
            frm.password_confirm.value = "";
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   931
          }
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   932
          return true;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   933
        }
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   934
        </script>
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   935
      </form>
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   936
      <!-- Don't optimize this script, it fails when compressed -->
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   937
      <enano:no-opt>
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   938
        <script type="text/javascript">
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   939
          // <![CDATA[
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   940
          var namegood = false;
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   941
          function validateForm(field)
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   942
          {
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   943
            if ( typeof(field) != 'object' )
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   944
            {
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   945
              field = {
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   946
                name: '_nil',
459
31c23016ab62 Upgraded tinyMCE to 3.0.1 in hopes of fixing IE race conditions. Fixed a couple minor syntax errors in Javascript objects declared in various places.
Dan
parents: 458
diff changeset
   947
                value: '_nil'
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   948
              }
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   949
            }
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   950
            // wait until $lang is initted
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   951
            if ( typeof($lang) != 'object' )
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   952
            {
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   953
              setTimeout('validateForm();', 200);
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   954
              return false;
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   955
            }
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   956
            var frm = document.forms.regform;
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   957
            failed = false;
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   958
            
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   959
            // Username
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   960
            if(!namegood && ( field.name == 'username' || field.name == '_nil' ) ) 
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   961
            {
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   962
              //if(frm.username.value.match(/^([A-z0-9 \!@\-\(\)]+){2,}$/ig))
270
5bcdee999015 Major fixes to the ban system - large IP match lists don't slow down the server miserably anymore.
Dan
parents: 263
diff changeset
   963
              var regex = new RegExp('^([^<>&\?]+){2,}$', 'ig');
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   964
              if ( frm.username.value.match(regex) )
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   965
              {
404
fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents: 402
diff changeset
   966
                document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/checkunk.png';
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   967
                document.getElementById('e_username').innerHTML = '&nbsp;';
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   968
              } else {
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   969
                failed = true;
404
fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents: 402
diff changeset
   970
                document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/checkbad.png';
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   971
                document.getElementById('e_username').innerHTML = '<br /><small>' + $lang.get('user_reg_err_username_invalid') + '</small>';
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   972
              }
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   973
            }
832
7152ca0a0ce9 Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
parents: 801
diff changeset
   974
            if ( document.getElementById('b_username') )
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   975
            {
832
7152ca0a0ce9 Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
parents: 801
diff changeset
   976
              document.getElementById('b_username').innerHTML = '';
7152ca0a0ce9 Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
parents: 801
diff changeset
   977
              if(hex_md5(frm.real_name.value) == '5a397df72678128cf0e8147a2befd5f1')
7152ca0a0ce9 Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
parents: 801
diff changeset
   978
              {
7152ca0a0ce9 Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
parents: 801
diff changeset
   979
                document.getElementById('b_username').innerHTML = '<br /><br />Hey...I know you!<br /><img alt="" src="http://upload.wikimedia.org/wikipedia/commons/thumb/7/7f/Bill_Gates_2004_cr.jpg/220px-Bill_Gates_2004_cr.jpg" />';
7152ca0a0ce9 Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
parents: 801
diff changeset
   980
              }
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   981
            }
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   982
            
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   983
            // Password
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   984
            if ( field.name == 'password' || field.name == 'password_confirm' || field.name == '_nil' )
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   985
            {
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   986
              if(frm.password.value.match(/^(.+){6,}$/ig) && frm.password_confirm.value.match(/^(.+){6,}$/ig) && frm.password.value == frm.password_confirm.value )
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   987
              {
404
fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents: 402
diff changeset
   988
                document.getElementById('s_password').src='<?php echo scriptPath; ?>/images/check.png';
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   989
                document.getElementById('e_password').innerHTML = '<br /><small>' + $lang.get('user_reg_err_password_good') + '</small>';
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   990
              } else {
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   991
                failed = true;
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   992
                if(frm.password.value.length < 6)
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   993
                {
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   994
                  document.getElementById('e_password').innerHTML = '<br /><small>' + $lang.get('user_reg_msg_password_length') + '</small>';
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   995
                }
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   996
                else if(frm.password.value != frm.password_confirm.value)
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   997
                {
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   998
                  document.getElementById('e_password').innerHTML = '<br /><small>' + $lang.get('user_reg_msg_password_needmatch') + '</small>';
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   999
                }
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1000
                else
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1001
                {
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1002
                  document.getElementById('e_password').innerHTML = '';
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1003
                }
404
fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents: 402
diff changeset
  1004
                document.getElementById('s_password').src='<?php echo scriptPath; ?>/images/checkbad.png';
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1005
              }
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1006
            }
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1007
            
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1008
            // E-mail address
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1009
            
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1010
            // workaround for idiot jEdit bug
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1011
            if ( validateEmail(frm.email.value) && ( field.name == 'email' || field.name == '_nil' ) )
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1012
            {
404
fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents: 402
diff changeset
  1013
              document.getElementById('s_email').src='<?php echo scriptPath; ?>/images/check.png';
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1014
            } else {
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1015
              failed = true;
404
fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents: 402
diff changeset
  1016
              document.getElementById('s_email').src='<?php echo scriptPath; ?>/images/checkbad.png';
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1017
            }
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1018
            if(failed)
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1019
            {
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1020
              frm.submit.disabled = 'disabled';
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1021
            } else {
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1022
              frm.submit.disabled = false;
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1023
            }
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1024
          }
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1025
          function checkUsername()
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1026
          {
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1027
            var frm = document.forms.regform;
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1028
            
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1029
            if(!namegood)
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1030
            {
270
5bcdee999015 Major fixes to the ban system - large IP match lists don't slow down the server miserably anymore.
Dan
parents: 263
diff changeset
  1031
              var regex = new RegExp('^([^<>&\?]+){2,}$', 'ig');
5bcdee999015 Major fixes to the ban system - large IP match lists don't slow down the server miserably anymore.
Dan
parents: 263
diff changeset
  1032
              if ( frm.username.value.match(regex) )
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1033
              {
404
fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents: 402
diff changeset
  1034
                document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/checkunk.png';
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1035
                document.getElementById('e_username').innerHTML = '&nbsp;';
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1036
              } else {
404
fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents: 402
diff changeset
  1037
                document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/checkbad.png';
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1038
                document.getElementById('e_username').innerHTML = '<br /><small>' + $lang.get('user_reg_err_username_invalid') + '</small>';
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1039
                return false;
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1040
              }
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1041
            }
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1042
            
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1043
            document.getElementById('e_username').innerHTML = '<br /><small><b>' + $lang.get('user_reg_msg_username_checking') + '</b></small>';
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1044
            ajaxGet('<?php echo scriptPath; ?>/ajax.php?title=null&_mode=checkusername&name='+escape(frm.username.value), function() {
407
35d94240a197 Mass-fixed all AJAX functions to also check the HTTP status code before parsing the response
Dan
parents: 404
diff changeset
  1045
              if ( ajax.readyState == 4 && ajax.status == 200 )
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1046
                if(ajax.responseText == 'good')
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1047
                {
404
fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents: 402
diff changeset
  1048
                  document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/check.png';
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1049
                  document.getElementById('e_username').innerHTML = '<br /><small><b>' + $lang.get('user_reg_msg_username_available') + '</b></small>';
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1050
                  namegood = true;
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1051
                } else if(ajax.responseText == 'bad') {
404
fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents: 402
diff changeset
  1052
                  document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/checkbad.png';
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1053
                  document.getElementById('e_username').innerHTML = '<br /><small><b>' + $lang.get('user_reg_msg_username_unavailable') + '</b></small>';
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1054
                  namegood = false;
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1055
                } else {
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1056
                  document.getElementById('e_username').innerHTML = ajax.responseText;
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1057
                }
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1058
            });
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1059
          }
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1060
          function regenCaptcha()
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1061
          {
448
f725a16e4a20 Fixed broken regenCaptcha() in Special:Register
Dan
parents: 324
diff changeset
  1062
            var frm = document.forms.regform;
517
c6118b9e13bd Fixed bad captcha refresh code on registration page
Dan
parents: 507
diff changeset
  1063
            document.getElementById('captchaimg').src = '<?php echo makeUrlNS("Special", "Captcha/$captchacode"); ?>/'+Math.floor(Math.random() * 100000);
1158
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1064
            frm.captchacode.value = '';
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1065
            return false;
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1066
          }
1158
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1067
          function validateCaptcha(input)
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1068
          {
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1069
            var frm = document.forms.regform;
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1070
            if ( input.value.length < 7 )
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1071
            {
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1072
              return false;
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1073
            }
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1074
            var valid_field = document.getElementById('s_captcha');
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1075
            var loader_img = document.getElementById('captchaajax');
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1076
            loader_img.src = cdnPath + '/images/loading.gif';
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1077
            ajaxGet(makeUrlNS('Special', 'Captcha/' + frm.captchahash.value + '/validate=' + input.value), function(ajax)
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1078
              {
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1079
                if ( ajax.readyState == 4 && ajax.status == 200 )
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1080
                {
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1081
                  var response = String(ajax.responseText + '');
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1082
                  if ( !check_json_response(response) )
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1083
                  {
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1084
                    handle_invalid_json(response);
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1085
                    return false;
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1086
                  }
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1087
                  response = parseJSON(response);
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1088
                  if ( response.valid )
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1089
                  {
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1090
                    loader_img.src = cdnPath + '/images/spacer.gif';
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1091
                    valid_field.src = cdnPath + '/images/check.png';
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1092
                  }
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1093
                  else
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1094
                  {
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1095
                    valid_field.src = cdnPath + '/images/checkbad.png';
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1096
                    regenCaptcha();
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1097
                    document.getElementById('captchaimg').onload = function()
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1098
                    {
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1099
                      document.getElementById('captchaajax').src = cdnPath + '/images/spacer.gif';
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1100
                      input.focus();
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1101
                    };
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1102
                    input.value = '';
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1103
                  }
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1104
                }
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1105
              });
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1106
          }
614
78d1e71dc720 Got user registration working with the new componentized JS framework
Dan
parents: 604
diff changeset
  1107
          addOnloadHook(function()
78d1e71dc720 Got user registration working with the new componentized JS framework
Dan
parents: 604
diff changeset
  1108
            {
78d1e71dc720 Got user registration working with the new componentized JS framework
Dan
parents: 604
diff changeset
  1109
              <?php if ( getConfig('pw_strength_enable') == '1' ): ?>
78d1e71dc720 Got user registration working with the new componentized JS framework
Dan
parents: 604
diff changeset
  1110
              var frm = document.forms.regform;
78d1e71dc720 Got user registration working with the new componentized JS framework
Dan
parents: 604
diff changeset
  1111
              load_component('pwstrength');
78d1e71dc720 Got user registration working with the new componentized JS framework
Dan
parents: 604
diff changeset
  1112
              password_score_field(frm.password);
78d1e71dc720 Got user registration working with the new componentized JS framework
Dan
parents: 604
diff changeset
  1113
              <?php endif; ?>
78d1e71dc720 Got user registration working with the new componentized JS framework
Dan
parents: 604
diff changeset
  1114
              load_component('crypto');
78d1e71dc720 Got user registration working with the new componentized JS framework
Dan
parents: 604
diff changeset
  1115
              validateForm();
78d1e71dc720 Got user registration working with the new componentized JS framework
Dan
parents: 604
diff changeset
  1116
              setTimeout('checkUsername();', 1000);
78d1e71dc720 Got user registration working with the new componentized JS framework
Dan
parents: 604
diff changeset
  1117
            });
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1118
          // ]]>
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1119
        </script>
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1120
      </enano:no-opt>
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1121
    <?php
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1122
  }
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1123
  else
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1124
  {
345
4ccdfeee9a11 WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents: 343
diff changeset
  1125
    $year = intval( enano_date('Y') );
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1126
    $year = $year - 13;
345
4ccdfeee9a11 WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents: 343
diff changeset
  1127
    $month = enano_date('F');
4ccdfeee9a11 WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents: 343
diff changeset
  1128
    $day = enano_date('d');
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1129
    
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1130
    $yo13_date = "$month $day, $year";
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1131
    $link_coppa_yes = makeUrlNS('Special', 'Register', 'coppa=yes', true);
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1132
    $link_coppa_no  = makeUrlNS('Special', 'Register', 'coppa=no',  true);
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1133
    
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1134
    // COPPA enabled, ask age
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1135
    echo '<div class="tblholder">';
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1136
    echo '<table border="0" cellspacing="1" cellpadding="4">';
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1137
    echo '<tr>
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1138
            <td class="row1">
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1139
              ' . $lang->get('user_reg_coppa_title') . '
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1140
            </td>
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1141
          </tr>
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1142
          <tr>
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1143
            <td class="row3">
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1144
              <a href="' . $link_coppa_no  . '">' . $lang->get('user_reg_coppa_link_atleast13', array( 'yo13_date' => $yo13_date )) . '</a><br />
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1145
              <a href="' . $link_coppa_yes . '">' . $lang->get('user_reg_coppa_link_not13', array( 'yo13_date' => $yo13_date )) . '</a>
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1146
            </td>
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1147
          </tr>';
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1148
    echo '</table>';
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1149
    echo '</div>';
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1150
  }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1151
  $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1152
}
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1153
909
94c1ff984286 Finished core of log display interface including filter management. There is still a bit of a to-do list, especially regarding rollbacks and reuploads.
Dan
parents: 908
diff changeset
  1154
function page_Special_Contributions()
94c1ff984286 Finished core of log display interface including filter management. There is still a bit of a to-do list, especially regarding rollbacks and reuploads.
Dan
parents: 908
diff changeset
  1155
{
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1156
  global $db, $session, $paths, $template, $plugins; // Common objects
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1157
  global $lang;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1158
  
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1159
  // This is a vast improvement over the old Special:Contributions in 1.0.x.
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1160
  
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1161
  $template->header();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1162
  $user = $paths->getParam();
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1163
  if ( !$user && isset($_GET['user']) )
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1164
  {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1165
    $user = $_GET['user'];
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1166
  }
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1167
  else if ( !$user && !isset($_GET['user']) )
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1168
  {
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1169
    echo '<p>' . $lang->get('userfuncs_contribs_err_no_user') . '</p>';
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1170
    $template->footer();
81
d7fc25acd3f3 Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
parents: 60
diff changeset
  1171
    return;
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1172
  }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1173
  
909
94c1ff984286 Finished core of log display interface including filter management. There is still a bit of a to-do list, especially regarding rollbacks and reuploads.
Dan
parents: 908
diff changeset
  1174
  $url = makeUrlNS("Special", "Log/user={$user}");
94c1ff984286 Finished core of log display interface including filter management. There is still a bit of a to-do list, especially regarding rollbacks and reuploads.
Dan
parents: 908
diff changeset
  1175
  redirect($url, '', '', 0);
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1176
}
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1177
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1178
function page_Special_ChangeStyle()
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1179
{
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1180
  global $db, $session, $paths, $template, $plugins; // Common objects
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1181
  global $lang;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1182
  
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1183
  if ( !$session->user_logged_in )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1184
  {
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1185
    die_friendly('Access denied', '<p>You must be logged in to change your style. Spoofer.</p>');
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1186
  }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1187
  if(isset($_POST['theme']) && isset($_POST['style']) && isset($_POST['return_to']))
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1188
  {
81
d7fc25acd3f3 Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
parents: 60
diff changeset
  1189
    if ( !preg_match('/^([a-z0-9_-]+)$/i', $_POST['theme']) )
d7fc25acd3f3 Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
parents: 60
diff changeset
  1190
      die('Hacking attempt');
d7fc25acd3f3 Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
parents: 60
diff changeset
  1191
    if ( !preg_match('/^([a-z0-9_-]+)$/i', $_POST['style']) )
d7fc25acd3f3 Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
parents: 60
diff changeset
  1192
      die('Hacking attempt');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1193
    $d = ENANO_ROOT . '/themes/' . $_POST['theme'];
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1194
    $f = ENANO_ROOT . '/themes/' . $_POST['theme'] . '/css/' . $_POST['style'] . '.css';
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1195
    if ( !file_exists($d) || !is_dir($d) )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1196
    {
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1197
      die('The directory "'.$d.'" does not exist.');
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1198
    }
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1199
    if ( !file_exists($f) )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1200
    {
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1201
      die('The file "'.$f.'" does not exist.');
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1202
    }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1203
    $d = $db->escape($_POST['theme']);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1204
    $f = $db->escape($_POST['style']);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1205
    $q = 'UPDATE '.table_prefix.'users SET theme=\''.$d.'\',style=\''.$f.'\' WHERE username=\''.$session->username.'\'';
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1206
    if ( !$db->sql_query($q) )
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1207
    {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1208
      $db->_die('Your theme/style preferences were not updated.');
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1209
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1210
    else
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1211
    {
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1212
      redirect(makeUrl($_POST['return_to']), $lang->get('userfuncs_changetheme_success_title'), $lang->get('userfuncs_changetheme_success_body'), 3);
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1213
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1214
  }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1215
  else
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1216
  {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1217
    $template->header();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1218
      $ret = ( isset($_POST['return_to']) ) ? $_POST['return_to'] : $paths->getParam(0);
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1219
      if ( !$ret )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1220
      {
741
a216e412c439 Added ability to have alternate main page for members
Dan
parents: 701
diff changeset
  1221
        $ret = get_main_page();
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1222
      }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1223
      ?>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1224
        <form action="<?php echo makeUrl($paths->page); ?>" method="post">
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1225
          <?php if ( !isset($_POST['themeselected']) ) { ?>
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1226
            <h3><?php echo $lang->get('userfuncs_changetheme_heading_theme'); ?></h3>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1227
            <p>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1228
              <select name="theme">
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1229
               <?php
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1230
                foreach ( $template->theme_list as $t )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1231
                {
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1232
                  if ( $t['enabled'] )
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1233
                  {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1234
                    echo '<option value="'.$t['theme_id'].'"';
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1235
                    if ( $t['theme_id'] == $session->theme )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1236
                    {
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1237
                      echo ' selected="selected"';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1238
                    }
1257
7365c9bf2106 Integrated XSS patch for 1.1.7 maintenance branch
Dan Fuhry <dan@enanocms.org>
parents: 1158
diff changeset
  1239
                    echo '>' . htmlspecialchars($t['theme_name']) . '</option>';
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1240
                  }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1241
                }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1242
               ?>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1243
              </select>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1244
            </p>
1257
7365c9bf2106 Integrated XSS patch for 1.1.7 maintenance branch
Dan Fuhry <dan@enanocms.org>
parents: 1158
diff changeset
  1245
            <p><input type="hidden" name="return_to" value="<?php echo htmlspecialchars($ret); ?>" />
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1246
               <input type="submit" name="themeselected" value="<?php echo $lang->get('userfuncs_changetheme_btn_continue'); ?>" /></p>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1247
          <?php } else { 
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1248
            $theme = $_POST['theme'];
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1249
            if ( !preg_match('/^([0-9A-z_-]+)$/i', $theme ) )
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1250
              die('Hacking attempt');
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1251
            ?>
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1252
            <h3><?php echo $lang->get('userfuncs_changetheme_heading_style'); ?></h3>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1253
            <p>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1254
              <select name="style">
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1255
                <?php
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1256
                  $dir = './themes/'.$theme.'/css/';
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1257
                  $list = Array();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1258
                  // Open a known directory, and proceed to read its contents
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1259
                  if (is_dir($dir)) {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1260
                    if ($dh = opendir($dir)) {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1261
                      while (($file = readdir($dh)) !== false) {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1262
                        if(preg_match('#^(.*?)\.css$#is', $file) && $file != '_printable.css') {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1263
                          $list[] = substr($file, 0, strlen($file)-4);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1264
                        }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1265
                      }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1266
                      closedir($dh);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1267
                    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1268
                  } else die($dir.' is not a dir');
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1269
                  foreach ( $list as $l )
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1270
                  {
1257
7365c9bf2106 Integrated XSS patch for 1.1.7 maintenance branch
Dan Fuhry <dan@enanocms.org>
parents: 1158
diff changeset
  1271
                    echo '<option value="'.$l.'">'.ucfirst($l).'</option>';
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1272
                  }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1273
                ?>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1274
              </select>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1275
            </p>
1257
7365c9bf2106 Integrated XSS patch for 1.1.7 maintenance branch
Dan Fuhry <dan@enanocms.org>
parents: 1158
diff changeset
  1276
            <p><input type="hidden" name="return_to" value="<?php echo htmlspecialchars($ret); ?>" />
7365c9bf2106 Integrated XSS patch for 1.1.7 maintenance branch
Dan Fuhry <dan@enanocms.org>
parents: 1158
diff changeset
  1277
               <input type="hidden" name="theme" value="<?php echo htmlspecialchars($theme); ?>" />
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1278
               <input type="submit" name="allclear" value="<?php echo $lang->get('userfuncs_changetheme_btn_allclear'); ?>" /></p>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1279
          <?php } ?>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1280
        </form>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1281
      <?php
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1282
    $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1283
  }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1284
}
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1285
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1286
function page_Special_ActivateAccount()
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1287
{
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1288
  global $db, $session, $paths, $template, $plugins; // Common objects
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1289
  global $lang;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1290
  
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1291
  $user = $paths->getParam(0);
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1292
  if ( !$user )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1293
  {
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1294
    die_friendly($lang->get('userfuncs_activate_err_badlink_title'), '<p>' . $lang->get('userfuncs_activate_err_badlink_body') . '</p>');
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1295
  }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1296
  $key = $paths->getParam(1);
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1297
  if ( !$key )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1298
  {
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1299
    die_friendly($lang->get('userfuncs_activate_err_badlink_title'), '<p>' . $lang->get('userfuncs_activate_err_badlink_body') . '</p>');
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1300
  }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1301
  $s = $session->activate_account(str_replace('_', ' ', $user), $key);
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1302
  if ( $s > 0 )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1303
  {
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1304
    die_friendly($lang->get('userfuncs_activate_success_title'), '<p>' . $lang->get('userfuncs_activate_success_body') . '</p>');
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1305
  }
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1306
  else
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1307
  {
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1308
    die_friendly($lang->get('userfuncs_activate_err_badlink_title'), '<p>' . $lang->get('userfuncs_activate_err_bad_key') . '</p>');
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1309
  }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1310
}
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1311
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1312
function page_Special_Captcha()
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1313
{
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1314
  global $db, $session, $paths, $template, $plugins; // Common objects
263
d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
Dan
parents: 192
diff changeset
  1315
  if ( $paths->getParam(0) == 'make' )
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1316
  {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1317
    $session->kill_captcha();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1318
    echo $session->make_captcha();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1319
    return;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1320
  }
263
d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
Dan
parents: 192
diff changeset
  1321
  
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1322
  $hash = $paths->getParam(0);
401
6ae6e387a0e3 Implemented a new CAPTCHA API; the frontend ($session->{make,get}_captcha) is API-compatible but the backend (the captcha class) is deprecated.
Dan
parents: 387
diff changeset
  1323
  if ( !$hash || !preg_match('#^([0-9a-f]*){32,40}$#i', $hash) )
263
d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
Dan
parents: 192
diff changeset
  1324
  {
d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
Dan
parents: 192
diff changeset
  1325
    $paths->main_page();
d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
Dan
parents: 192
diff changeset
  1326
  }
1158
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1327
  
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1328
  if ( $validate_code = $paths->getParam(1) )
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1329
  {
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1330
    if ( preg_match('/^validate=(.+)$/', $validate_code, $match) )
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1331
    {
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1332
      header('Content-type: text/javascript');
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1333
      $code = $session->get_captcha($hash, true);
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1334
      $valid = strtolower($code) === strtolower($match[1]);
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1335
      if ( !$valid )
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1336
      {
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1337
        $session->make_captcha(7, $hash);
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1338
      }
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1339
      echo enano_json_encode(array(
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1340
        'valid' => $valid
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1341
        ));
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1342
      exit;
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1343
    }
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1344
  }
402
d907601ccad2 Fixed some captcha bugs and made all captcha fields case-insensitive
Dan
parents: 401
diff changeset
  1345
987
b13a42ebaefb Added protection against obscene words in CAPTCHAs
Dan
parents: 969
diff changeset
  1346
  $session->make_captcha(7, $hash);
401
6ae6e387a0e3 Implemented a new CAPTCHA API; the frontend ($session->{make,get}_captcha) is API-compatible but the backend (the captcha class) is deprecated.
Dan
parents: 387
diff changeset
  1347
  $code = $session->generate_captcha_code();
987
b13a42ebaefb Added protection against obscene words in CAPTCHAs
Dan
parents: 969
diff changeset
  1348
  // Avoid letting our captchas end up on failblog.org
b13a42ebaefb Added protection against obscene words in CAPTCHAs
Dan
parents: 969
diff changeset
  1349
  // BTW, the last one was a real-life encounter: http://files.ha.xx0r.info/murder.png
989
79d558a94798 Added another word to the CAPTCHA blacklist (thanks Neal).
Dan
parents: 987
diff changeset
  1350
  foreach ( array('shit', 'cock', 'fuck', 'nazi', 'cunt', 'clit', 'pussy', 'penis', 'piss', 'tits', 'murder') as $word )
987
b13a42ebaefb Added protection against obscene words in CAPTCHAs
Dan
parents: 969
diff changeset
  1351
  {
b13a42ebaefb Added protection against obscene words in CAPTCHAs
Dan
parents: 969
diff changeset
  1352
    if ( stristr($code, $word) )
b13a42ebaefb Added protection against obscene words in CAPTCHAs
Dan
parents: 969
diff changeset
  1353
    {
b13a42ebaefb Added protection against obscene words in CAPTCHAs
Dan
parents: 969
diff changeset
  1354
      // but don't put too much effort into this (will only correct this once)
1158
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1355
      // I mean, face it. If it generates one of those words twice in a row, either the local root has had
e733f984c990 CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Dan
parents: 1132
diff changeset
  1356
      // way too much fun with his /dev/random, or this server is just plain gutter-minded.
987
b13a42ebaefb Added protection against obscene words in CAPTCHAs
Dan
parents: 969
diff changeset
  1357
      $code = $session->generate_captcha_code();
b13a42ebaefb Added protection against obscene words in CAPTCHAs
Dan
parents: 969
diff changeset
  1358
      break;
b13a42ebaefb Added protection against obscene words in CAPTCHAs
Dan
parents: 969
diff changeset
  1359
    }
b13a42ebaefb Added protection against obscene words in CAPTCHAs
Dan
parents: 969
diff changeset
  1360
  }
401
6ae6e387a0e3 Implemented a new CAPTCHA API; the frontend ($session->{make,get}_captcha) is API-compatible but the backend (the captcha class) is deprecated.
Dan
parents: 387
diff changeset
  1361
  $q = $db->sql_query('UPDATE ' . table_prefix . "captcha SET code = '$code' WHERE session_id = '$hash';");
263
d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
Dan
parents: 192
diff changeset
  1362
  if ( !$q )
401
6ae6e387a0e3 Implemented a new CAPTCHA API; the frontend ($session->{make,get}_captcha) is API-compatible but the backend (the captcha class) is deprecated.
Dan
parents: 387
diff changeset
  1363
    $db->_die();
263
d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
Dan
parents: 192
diff changeset
  1364
  
d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
Dan
parents: 192
diff changeset
  1365
  require ( ENANO_ROOT.'/includes/captcha.php' );
401
6ae6e387a0e3 Implemented a new CAPTCHA API; the frontend ($session->{make,get}_captcha) is API-compatible but the backend (the captcha class) is deprecated.
Dan
parents: 387
diff changeset
  1366
  $captcha = captcha_object($hash, 'freecap');
472
bc4b58034f4d Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
Dan
parents: 459
diff changeset
  1367
  // $captcha->debug = true;
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1368
  $captcha->make_image();
401
6ae6e387a0e3 Implemented a new CAPTCHA API; the frontend ($session->{make,get}_captcha) is API-compatible but the backend (the captcha class) is deprecated.
Dan
parents: 387
diff changeset
  1369
  
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1370
  exit;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1371
}
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1372
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1373
function page_Special_PasswordReset()
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1374
{
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1375
  global $db, $session, $paths, $template, $plugins; // Common objects
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1376
  global $lang;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1377
  
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1378
  $template->header();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1379
  if($paths->getParam(0) == 'stage2')
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1380
  {
801
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1381
    require_once(ENANO_ROOT . '/includes/math.php');
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1382
    require_once(ENANO_ROOT . '/includes/diffiehellman.php');
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1383
    
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1384
    $user_id = intval($paths->getParam(1));
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1385
    $encpass = $paths->getParam(2);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1386
    if ( $user_id < 2 )
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1387
    {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1388
      echo '<p>Hacking attempt</p>';
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1389
      $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1390
      return false;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1391
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1392
    if(!preg_match('#^([a-f0-9]+)$#i', $encpass))
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1393
    {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1394
      echo '<p>Hacking attempt</p>';
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1395
      $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1396
      return false;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1397
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1398
    
801
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1399
    $q = $db->sql_query('SELECT username,temp_password_time,temp_password,password_salt FROM '.table_prefix.'users WHERE user_id='.$user_id.';');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1400
    if($db->numrows() < 1)
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1401
    {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1402
      echo '<p>Invalid credentials</p>';
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1403
      $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1404
      return false;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1405
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1406
    $row = $db->fetchrow();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1407
    $db->free_result();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1408
    
801
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1409
    $temp_pass = $session->pk_decrypt($encpass);
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1410
    $temp_hmac = hmac_sha1($temp_pass, $row['password_salt']);
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1411
    
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1412
    if ( $temp_hmac !== $row['temp_password'] )
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1413
    {
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1414
      echo '<p>Invalid credentials</p>';
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1415
      $template->footer();
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1416
      return false;
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1417
    }
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1418
    
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1419
    if ( ( intval($row['temp_password_time']) + ( 3600 * 24 ) ) < time() )
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1420
    {
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1421
      echo '<p>' . $lang->get('userfuncs_passreset_err_pass_expired', array('reset_url' => makeUrlNS('Special', 'PasswordReset'))) . '</p>';
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1422
      $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1423
      return false;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1424
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1425
    
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1426
    if ( isset($_POST['do_stage2']) )
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1427
    {
801
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1428
      $data = $session->get_aes_post('pass');
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1429
      
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1430
      if(empty($data))
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1431
      {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1432
        echo 'ERROR: Sanity check failed!';
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1433
        $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1434
        return false;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1435
      }
801
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1436
      if ( strlen($data) < 6 )
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1437
      {
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1438
        echo '<p>' . $lang->get('userfuncs_passreset_err_too_short') . '</p>';
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1439
        $template->footer();
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1440
        return false;
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1441
      }
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1442
      if ( $_POST['use_crypt'] == 'no' )
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1443
      {
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1444
        if ( $_POST['pass'] !== $_POST['pass_confirm'] )
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1445
        {
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1446
          echo '<p>' . $lang->get('userfuncs_passreset_err_no_match') . '</p>';
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1447
          $template->footer();
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1448
          return false;
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1449
        }
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1450
      }
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1451
      if ( getConfig('pw_strength_enable') == '1' )
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1452
      {
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1453
        $min_score = intval(getConfig('pw_strength_minimum'));
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1454
        $inp_score = password_score($data);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1455
        if ( $inp_score < $min_score )
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1456
        {
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1457
          $url = makeUrl($paths->fullpage);
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1458
          echo "<p>" . $lang->get('userfuncs_passreset_err_failed_score', array('inp_score' => $inp_score, 'url' => $url)) . "</p>";
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1459
          $template->footer();
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1460
          return false;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1461
        }
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1462
      }
801
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1463
      
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1464
      $session->set_password($user_id, $data);
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1465
      
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1466
      $q = $db->sql_query('UPDATE '.table_prefix.'users SET temp_password=\'\',temp_password_time=0 WHERE user_id = '.$user_id.';');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1467
      
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1468
      if($q)
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1469
      {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1470
        $session->login_without_crypto($row['username'], $data);
741
a216e412c439 Added ability to have alternate main page for members
Dan
parents: 701
diff changeset
  1471
        echo '<p>' . $lang->get('userfuncs_passreset_stage2_success', array('url_mainpage' => makeUrl(get_main_page()))) . '</p>';
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1472
      }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1473
      else
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1474
      {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1475
        echo $db->get_error();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1476
      }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1477
      
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1478
      $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1479
      return false;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1480
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1481
    
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1482
    // Password reset form
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1483
    $evt_get_score = ( getConfig('pw_strength_enable') == '1' ) ? 'onkeyup="password_score_field(this);" ' : '';
801
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1484
    $pw_meter =      ( getConfig('pw_strength_enable') == '1' ) ? '<tr><td class="row1">' . $lang->get('userfuncs_passreset_stage2_lbl_strength') . '</td><td class="row1"><div id="pwmeter"></div></td></tr>' : '';
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1485
    $pw_blurb =      ( getConfig('pw_strength_enable') == '1' && intval(getConfig('pw_strength_minimum')) > -10 ) ? '<br /><small>' . $lang->get('userfuncs_passreset_stage2_blurb_strength') . '</small>' : '';
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1486
    
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1487
    ?>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1488
    <form action="<?php echo makeUrl($paths->fullpage); ?>" method="post" name="resetform" onsubmit="return runEncryption();">
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1489
      <br />
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1490
      <div class="tblholder">
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1491
        <table border="0" style="width: 100%;" cellspacing="1" cellpadding="4">
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1492
          <tr><th colspan="2"><?php echo $lang->get('userfuncs_passreset_stage2_th'); ?></th></tr>
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1493
          <tr><td class="row1"><?php echo $lang->get('userfuncs_passreset_stage2_lbl_password'); ?> <?php echo $pw_blurb; ?></td><td class="row1"><input name="pass" type="password" <?php echo $evt_get_score; ?>/></td></tr>
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1494
          <tr><td class="row2"><?php echo $lang->get('userfuncs_passreset_stage2_lbl_confirm'); ?> </td><td class="row2"><input name="pass_confirm" type="password" /></td></tr>
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1495
          <?php echo $pw_meter; ?>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1496
          <tr>
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1497
            <td colspan="2" class="row3" style="text-align: center;">
801
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1498
              
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1499
              <input type="submit" name="do_stage2" value="<?php echo $lang->get('userfuncs_passreset_stage2_btn_submit'); ?>" />
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1500
            </td>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1501
          </tr>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1502
        </table>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1503
      </div>
801
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1504
      <?php echo $session->generate_aes_form(); ?>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1505
    </form>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1506
    <script type="text/javascript">
801
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1507
    addOnloadHook(function()
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1508
      {
801
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1509
        load_component('pwstrength');
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1510
        password_score_field(document.forms.resetform.pass);
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1511
      });
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1512
    </script>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1513
    <?php
801
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1514
    echo $session->aes_javascript('resetform', 'pass', 'use_crypt', 'crypt_key', 'crypt_data', 'challenge_data', 'dh_supported', 'dh_public_key', 'dh_client_public_key');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1515
    $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1516
    return true;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1517
  }
701
dd80cde96a6c Autocomplete further stabilized. Made Special:PasswordReset and Special:Register prevent use if logged in.
Dan
parents: 688
diff changeset
  1518
  if ( $session->user_logged_in )
dd80cde96a6c Autocomplete further stabilized. Made Special:PasswordReset and Special:Register prevent use if logged in.
Dan
parents: 688
diff changeset
  1519
  {
dd80cde96a6c Autocomplete further stabilized. Made Special:PasswordReset and Special:Register prevent use if logged in.
Dan
parents: 688
diff changeset
  1520
    $paths->main_page();
dd80cde96a6c Autocomplete further stabilized. Made Special:PasswordReset and Special:Register prevent use if logged in.
Dan
parents: 688
diff changeset
  1521
  }
dd80cde96a6c Autocomplete further stabilized. Made Special:PasswordReset and Special:Register prevent use if logged in.
Dan
parents: 688
diff changeset
  1522
  
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1523
  if(isset($_POST['do_reset']))
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1524
  {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1525
    if($session->mail_password_reset($_POST['username']))
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1526
    {
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1527
      echo '<p>' . $lang->get('userfuncs_passreset_stage1_success') . '</p>';
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1528
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1529
    else
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1530
    {
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1531
      echo '<p>' . $lang->get('userfuncs_passreset_stage1_error') . '</p>';
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1532
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1533
    $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1534
    return true;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1535
  }
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1536
  echo '<p>' . $lang->get('userfuncs_passreset_blurb_line1') . '</p>
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1537
        <p>' . $lang->get('userfuncs_passreset_blurb_line2') . '</p>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1538
        <form action="'.makeUrl($paths->page).'" method="post" onsubmit="if(!submitAuthorized) return false;">
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1539
          <p>' . $lang->get('userfuncs_passreset_lbl_username') . '  '.$template->username_field('username').'</p>
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1540
          <p><input type="submit" name="do_reset" value="' . $lang->get('userfuncs_passreset_btn_mailpasswd') . '" /></p>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1541
        </form>';
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1542
  $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1543
}
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1544
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1545
function page_Special_Memberlist()
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1546
{
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1547
  global $db, $session, $paths, $template, $plugins; // Common objects
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1548
  global $lang;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1549
  
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1550
  $template->header();
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1551
  
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1552
  $startletters = 'abcdefghijklmnopqrstuvwxyz';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1553
  $startletters = enano_str_split($startletters);
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1554
  $startletter = ( isset($_GET['letter']) ) ? strtolower($_GET['letter']) : '';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1555
  if ( !in_array($startletter, $startletters) && $startletter != 'chr' )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1556
  {
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1557
    $startletter = '';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1558
  }
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1559
  
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1560
  $startletter_sql = $startletter;
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1561
  if ( $startletter == 'chr' )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1562
  {
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1563
    $startletter_sql = '([^a-z])';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1564
  }
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1565
  
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1566
  // offset
960
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1567
  $perpage = 25;
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1568
  $page = (( isset($_GET['offset']) && strval(intval($_GET['offset'])) === $_GET['offset']) ? intval($_GET['offset']) : 1) - 1;
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1569
  $offset = $page * $perpage;
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1570
  
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1571
  // sort order
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1572
  $sortkeys = array(
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1573
      'uid' => 'u.user_id',
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1574
      'username' => 'u.username',
111
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1575
      'email' => 'u.email',
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1576
      'regist' => 'u.reg_time'
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1577
    );
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1578
  
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1579
  $sortby = ( isset($_GET['sort']) && isset($sortkeys[$_GET['sort']]) ) ? $_GET['sort'] : 'username';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1580
  $sort_sqllet = $sortkeys[$sortby];
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1581
  
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1582
  $target_order = ( isset($_GET['orderby']) && in_array($_GET['orderby'], array('ASC', 'DESC')) )? $_GET['orderby'] : 'ASC';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1583
  
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1584
  $sortorders = array();
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1585
  foreach ( $sortkeys as $k => $_unused )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1586
  {
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1587
    $sortorders[$k] = ( $sortby == $k ) ? ( $target_order == 'ASC' ? 'DESC' : 'ASC' ) : 'ASC';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1588
  }
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1589
  
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1590
  // Why 3.3714%? 100 percent / 28 cells, minus a little (0.2% / cell) to account for cell spacing
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1591
  
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1592
  echo '<div class="tblholder">
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1593
          <table border="0" cellspacing="1" cellpadding="4" style="text-align: center;">
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1594
            <tr>';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1595
  echo '<td class="row1" style="width: 3.3714%;"><a href="' . makeUrlNS('Special', 'Memberlist', 'letter=&sort=' . $sortby . '&orderby=' . $target_order, true) . '">All</a></td>';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1596
  echo '<td class="row1" style="width: 3.3714%;"><a href="' . makeUrlNS('Special', 'Memberlist', 'letter=chr&sort=' . $sortby . '&orderby=' . $target_order, true) . '">#</a></td>';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1597
  foreach ( $startletters as $letter )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1598
  {
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1599
    echo '<td class="row1" style="width: 3.3714%;"><a href="' . makeUrlNS('Special', 'Memberlist', 'letter=' . $letter . '&sort=' . $sortby . '&orderby=' . $target_order, true) . '">' . strtoupper($letter) . '</a></td>';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1600
  }
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1601
  echo '    </tr>
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1602
          </table>
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1603
        </div>';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1604
  
105
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1605
  // User search             
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1606
  if ( isset($_GET['finduser']) )
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1607
  {
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1608
    $finduser = str_replace(array(  '%',   '_'),
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1609
                            array('\\%', '\\_'),
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1610
                            $_GET['finduser']);
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1611
    $finduser = str_replace(array('*', '?'),
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1612
                            array('%', '_'),
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1613
                            $finduser);
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1614
    $finduser = $db->escape($finduser);
322
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 317
diff changeset
  1615
    $username_where = ENANO_SQLFUNC_LOWERCASE . '(u.username) LIKE \'%' . strtolower($finduser) . '%\'';
105
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1616
    $finduser_url = 'finduser=' . rawurlencode($_GET['finduser']) . '&';
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1617
  }
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1618
  else
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1619
  {
322
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 317
diff changeset
  1620
    if ( ENANO_DBLAYER == 'MYSQL' )
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 317
diff changeset
  1621
      $username_where = 'lcase(u.username) REGEXP lcase("^' . $startletter_sql . '")';
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 317
diff changeset
  1622
    else if ( ENANO_DBLAYER == 'PGSQL' )
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 317
diff changeset
  1623
      $username_where = 'lower(u.username) ~ lower(\'^' . $startletter_sql . '\')';
105
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1624
    $finduser_url = '';
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1625
  }
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1626
  
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1627
  // Column markers
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1628
  $headings = '<tr>
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1629
                 <th style="max-width: 50px;">
105
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1630
                   <a href="' . makeUrlNS('Special', 'Memberlist', $finduser_url . 'letter=' . $startletter . '&sort=uid&orderby=' . $sortorders['uid'], true) . '">#</a>
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1631
                 </th>
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1632
                 <th>
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1633
                   <a href="' . makeUrlNS('Special', 'Memberlist', $finduser_url . 'letter=' . $startletter . '&sort=username&orderby=' . $sortorders['username'], true) . '">' . $lang->get('userfuncs_ml_column_username') . '</a>
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1634
                 </th>
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1635
                 <th>
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1636
                   ' . $lang->get('userfuncs_ml_column_userlevel') . '
111
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1637
                 </th>
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1638
                 <th>
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1639
                   <a href="' . makeUrlNS('Special', 'Memberlist', $finduser_url . 'letter=' . $startletter . '&sort=email&orderby=' . $sortorders['email'], true) . '">' . $lang->get('userfuncs_ml_column_email') . '</a>
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1640
                 </th>
111
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1641
                 <th>
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1642
                   <a href="' . makeUrlNS('Special', 'Memberlist', $finduser_url . 'letter=' . $startletter . '&sort=regist&orderby=' . $sortorders['regist'], true) . '">' . $lang->get('userfuncs_ml_column_regtime') . '</a>
111
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1643
                 </th>
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1644
               </tr>';
105
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1645
               
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1646
  // determine number of rows
960
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1647
  $q = $db->sql_query('SELECT COUNT(u.user_id) FROM '.table_prefix.'users AS u WHERE ' . $username_where . ' AND u.username != \'Anonymous\';');
105
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1648
  if ( !$q )
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1649
    $db->_die();
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1650
  
960
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1651
  list($num_rows) = $db->fetchrow_num();
105
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1652
  $db->free_result();
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1653
  
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1654
  if ( !empty($finduser_url) )
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1655
  {
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1656
    switch ( $num_rows )
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1657
    {
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1658
      case 0:
960
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1659
        $str = ''; /* $lang->get('userfuncs_ml_msg_matches_zero'); */ break;
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1660
      case 1:
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1661
        $str = $lang->get('userfuncs_ml_msg_matches_one'); break;
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1662
      default:
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1663
        $str = $lang->get('userfuncs_ml_msg_matches', array('matches' => $num_rows)); break;
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1664
    }
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1665
    echo "<h3>$str</h3>";
105
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1666
  }
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1667
  
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1668
  // main selector
684
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1669
  $pgsql_additional_group_by = ( ENANO_DBLAYER == 'PGSQL' ) ? ', u.username, u.reg_time, u.email, u.user_level, u.user_has_avatar, u.avatar_type, x.email_public' : '';
960
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1670
  $q = $db->sql_query('SELECT \'\' AS infobit, u.user_id, u.username, u.reg_time, u.email, u.user_level, u.user_has_avatar, u.avatar_type, x.email_public, COUNT(c.comment_id) AS num_comments FROM '.table_prefix.'users AS u
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1671
                                    LEFT JOIN '.table_prefix.'users_extra AS x
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1672
                                      ON ( u.user_id = x.user_id )
684
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1673
                                    LEFT JOIN ' . table_prefix . 'comments AS c
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1674
                                      ON ( u.user_id = c.user_id )
322
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 317
diff changeset
  1675
                                    WHERE ' . $username_where . ' AND u.username != \'Anonymous\'
684
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1676
                                    GROUP BY u.user_id' . $pgsql_additional_group_by . '
960
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1677
                                    ORDER BY ' . $sort_sqllet . ' ' . $target_order . '
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1678
                                    LIMIT ' . $perpage . ' OFFSET ' . $offset . ';');
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1679
  if ( !$q )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1680
    $db->_die();
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1681
  
684
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1682
  // formatter parameters
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1683
  $formatter = new MemberlistFormatter();
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1684
  $formatters = array(
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1685
    'username' => array($formatter, 'username'),
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1686
    'user_level' => array($formatter, 'user_level'),
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1687
    'email' => array($formatter, 'email'),
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1688
    'reg_time' => array($formatter, 'reg_time'),
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1689
    'infobit' => array($formatter, 'infobit')
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1690
    );
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1691
  
960
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1692
  $result_url = makeUrlNS('Special', 'Memberlist', ( str_replace('%', '%%', $finduser_url) ) . 'letter=' . $startletter . '&offset=%s&sort=' . $sortby . '&orderby=' . $target_order );
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1693
  $paginator = generate_paginator($page, ceil($num_rows / $perpage), $result_url);
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1694
  
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1695
  if ( $num_rows > 0 )
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1696
  {
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1697
    if ( $num_rows > $perpage )
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1698
      echo $paginator;
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1699
    
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1700
    echo '<div class="tblholder">
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1701
                <table border="0" cellspacing="1" cellpadding="4" style="text-align: center;">
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1702
                  ' . $headings;
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1703
                  
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1704
    $i = 0;
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1705
    while ( $row = $db->fetchrow($q) )
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1706
    {
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1707
      $i++;
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1708
      $cls = ( $i % 2 == 0 ) ? 'row2' : 'row1';
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1709
      echo '<tr>';
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1710
      echo '<td class="' . $cls . '">' . $row['user_id'] . '</td>';
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1711
      echo '<td class="' . $cls . '" style="text-align: left;">' . $formatter->username($row['username'], $row) . '</td>';
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1712
      echo '<td class="' . $cls . '">' . $formatter->user_level($row['user_level'], $row) . '</td>';
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1713
      echo '<td class="' . $cls . '">' . $formatter->email($row['email'], $row) . '</td>';
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1714
      echo '<td class="' . $cls . '">' . $formatter->reg_time($row['reg_time'], $row) . '</td>';
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1715
      echo '</tr>';
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1716
      echo '<tr>';
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1717
      echo '<td colspan="5" class="row3" style="text-align: left;">
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1718
                 <div id="ml_moreinfo_' . $row['user_id'] . '" style="display: none;">
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1719
                   ' . $formatter->infobit(true, $row) . '
684
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1720
                 </div>
960
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1721
               </td>';
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1722
      echo '</tr>';
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1723
    }
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1724
    
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1725
    echo '  ' . $headings . '
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1726
                 </table>
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1727
              </div>
960
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1728
              ';
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1729
    
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1730
    if ( $num_rows > $perpage )
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1731
      echo $paginator;
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1732
  }
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1733
  else
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1734
  {
960
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1735
    echo '<h2 class="emptymessage">' . $lang->get('log_msg_no_results') . '</h2>';
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1736
  }
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1737
  
960
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1738
  echo '<div style="float: left;">
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1739
          <form action="' . makeUrlNS('Special', 'Memberlist') . '" method="get" onsubmit="if ( !submitAuthorized ) return false;">'
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1740
         . ( urlSeparator == '&' ? '<input type="hidden" name="title" value="' . htmlspecialchars( $paths->page ) . '" />' : '' )
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1741
         . ( $session->sid_super ? '<input type="hidden" name="auth"  value="' . $session->sid_super . '" />' : '')
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1742
         . '<p>' . $lang->get('userfuncs_ml_lbl_finduser') . ' ' . $template->username_field('finduser') . ' <input type="submit" value="' . $lang->get('userfuncs_ml_btn_go') . '" /><br />
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1743
            <small>' . $lang->get('userfuncs_ml_tip_wildcard') . '</small></p>'
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1744
         . '</form>
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1745
         </div>';
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1746
  
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1747
  $template->footer();
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1748
}
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1749
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1750
/**
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1751
 * Class for formatting results for the memberlist.
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1752
 * @access private
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1753
 */
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1754
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1755
class MemberlistFormatter
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1756
{
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1757
  function username($username, $row)
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1758
  {
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1759
    global $db, $session, $paths, $template, $plugins; // Common objects
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1760
    global $lang;
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1761
    
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1762
    $userpage = $paths->nslist['User'] . sanitize_page_id($username);
684
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1763
    $class = ( isPage($userpage) ) ? '' : ' class="wikilink-nonexistent"';
743
0acb5d0f8328 Fixed: Special:Memberlist still used SpryEffects
Dan
parents: 741
diff changeset
  1764
    $anchor = '<a href="' . makeUrlNS('User', sanitize_page_id($username)) . '"' . $class . ' onclick="load_component(\'jquery\'); load_component(\'jquery-ui\'); var el = document.getElementById(\'ml_moreinfo_' . $row['user_id'] . '\'); $(el).toggle(\'blind\'); return false;">' . htmlspecialchars($username) . '</a>';
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1765
    if ( $session->user_level >= USER_LEVEL_ADMIN )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1766
    {
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1767
      $anchor .= ' <small>- <a href="' . makeUrlNS('Special', 'Administration', 'module=' . $paths->nslist['Admin'] . 'UserManager&src=get&username=' . urlencode($username), true) . '"
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1768
                               onclick="ajaxAdminUser(\'' . addslashes(htmlspecialchars($username)) . '\'); return false;">' . $lang->get('userfuncs_ml_btn_adminuser') . '</a></small>';
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1769
    }
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1770
    return $anchor;
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1771
  }
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1772
  function user_level($level, $row)
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1773
  {
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1774
    global $db, $session, $paths, $template, $plugins; // Common objects
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1775
    global $lang;
908
44302dd20d62 Memberlist now shows rank instead of user level in "Title" column. (thanks mm3)
Dan
parents: 907
diff changeset
  1776
    /*
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1777
    switch ( $level )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1778
    {
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1779
      case USER_LEVEL_GUEST:
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1780
        $s_level = $lang->get('userfuncs_ml_level_guest'); break;
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1781
      case USER_LEVEL_MEMBER:
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1782
      case USER_LEVEL_CHPREF:
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1783
        $s_level = $lang->get('userfuncs_ml_level_member'); break;
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1784
      case USER_LEVEL_MOD:
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1785
        $s_level = $lang->get('userfuncs_ml_level_mod'); break;
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1786
      case USER_LEVEL_ADMIN:
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1787
        $s_level = $lang->get('userfuncs_ml_level_admin'); break;
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1788
      default:
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1789
        $s_level = $lang->get('userfuncs_ml_level_unknown', array( 'level' => $level ));
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1790
    }
908
44302dd20d62 Memberlist now shows rank instead of user level in "Title" column. (thanks mm3)
Dan
parents: 907
diff changeset
  1791
    */
44302dd20d62 Memberlist now shows rank instead of user level in "Title" column. (thanks mm3)
Dan
parents: 907
diff changeset
  1792
    
44302dd20d62 Memberlist now shows rank instead of user level in "Title" column. (thanks mm3)
Dan
parents: 907
diff changeset
  1793
    // TODO: Requested by mm3. Is this too CPU-intensive? Optimize?
44302dd20d62 Memberlist now shows rank instead of user level in "Title" column. (thanks mm3)
Dan
parents: 907
diff changeset
  1794
    //       Performance yield =/= about the same (but only 4 users under testing conditions)
44302dd20d62 Memberlist now shows rank instead of user level in "Title" column. (thanks mm3)
Dan
parents: 907
diff changeset
  1795
    $rankdata = $session->get_user_rank($row['user_id']);
44302dd20d62 Memberlist now shows rank instead of user level in "Title" column. (thanks mm3)
Dan
parents: 907
diff changeset
  1796
    $s_level = '<span style="' . $rankdata['rank_style'] . '">' . $lang->get($rankdata['rank_title']) . '</span>';
44302dd20d62 Memberlist now shows rank instead of user level in "Title" column. (thanks mm3)
Dan
parents: 907
diff changeset
  1797
    
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1798
    return $s_level;
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1799
  }
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1800
  function email($addy, $row)
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1801
  {
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1802
    global $lang;
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1803
    if ( $row['email_public'] == '1' )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1804
    {
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1805
      global $email;
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1806
      $addy = $email->encryptEmail($addy);
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1807
      return $addy;
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1808
    }
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1809
    else
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1810
    {
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1811
      return '<small>&lt;' . $lang->get('userfuncs_ml_email_nonpublic') . '&gt;</small>';
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1812
    }
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1813
  }
111
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1814
  /**
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1815
   * Format a time as a reference to a day, with user-friendly "X days ago"/"Today"/"Yesterday" returned when relevant.
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1816
   * @param int UNIX timestamp
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1817
   * @return string
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1818
   */
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1819
  
912
95d0d8596c87 File rollbacks should be all up to date now.
Dan
parents: 909
diff changeset
  1820
  public static function format_date($time)
111
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1821
  {
1081
745200a9cc2a Fixed some upgrade bugs; added support for choosing one's own date/time formats; rebrand as 1.1.7
Dan
parents: 1032
diff changeset
  1822
    // merged into enano_date() :)
745200a9cc2a Fixed some upgrade bugs; added support for choosing one's own date/time formats; rebrand as 1.1.7
Dan
parents: 1032
diff changeset
  1823
    return enano_date(ED_DATE, $time);
111
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1824
  }
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1825
  function reg_time($time, $row)
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1826
  {
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1827
    return $this->format_date($time);
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1828
  }
684
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1829
  function infobit($_, $row)
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1830
  {
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1831
    global $db, $session, $paths, $template, $plugins; // Common objects
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1832
    global $lang;
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1833
    
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1834
    $bit = '';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1835
    if ( $row['user_has_avatar'] == 1 )
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1836
    {
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1837
      $bit .= '<div style="float: left; margin-right: 10px;">
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1838
        <img alt=" " src="' . make_avatar_url(intval($row['user_id']), $row['avatar_type'], $row['email']) . '" />
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1839
      </div>';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1840
    }
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1841
    $rank_data = $session->get_user_rank(intval($row['user_id']));
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1842
    $userpage = $paths->nslist['User'] . sanitize_page_id($row['username']);
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1843
    $title = ( isPage($userpage) ) ? ' title="' . $lang->get('userfuncs_ml_tip_userpage') . '"' : ' title="' . $lang->get('userfuncs_ml_tip_nouserpage') . '"';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1844
    $bit .= '<a' . $title . ' href="' . makeUrlNS('User', $row['username'], false, true) . '" style="font-size: x-large; ' . $rank_data['rank_style'] . '">' . htmlspecialchars($row['username']) . '</a><br />';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1845
    if ( $rank_data['user_title'] )
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1846
      $bit .= htmlspecialchars($rank_data['user_title']) . '<br />';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1847
    if ( $rank_data['rank_title'] )
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1848
      $bit .= '<small>' . htmlspecialchars($lang->get($rank_data['rank_title'])) . '</small><br />';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1849
    
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1850
    $bit .= '<div style="text-align: right;">
969
0506adb8eb6c Comment UI / Special:Memberlist: UI consistency for Send PM/Add Buddy links in Memberlist and comment display UI
Dan
parents: 960
diff changeset
  1851
               <a href="' . makeUrlNS('Special', "PrivateMessages/Compose/To/{$row['username']}", false, true) . '" class="abutton icon abutton_blue" style="background-image: url(' . cdnPath . '/images/icons/send_pm.png);">' . $lang->get('comment_btn_send_privmsg') . '</a>
0506adb8eb6c Comment UI / Special:Memberlist: UI consistency for Send PM/Add Buddy links in Memberlist and comment display UI
Dan
parents: 960
diff changeset
  1852
               <a href="' . makeUrlNS('Special', "PrivateMessages/FriendList/Add/{$row['username']}", false, true) . '" class="abutton icon abutton_green" style="background-image: url(' . cdnPath . '/images/icons/add_buddy.png);">' . $lang->get('comment_btn_add_buddy') . '</a>
684
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1853
             </div>';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1854
    
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1855
    return $bit;
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1856
  }
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1857
}
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1858
210
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1859
function page_Special_LangExportJSON()
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1860
{
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1861
  global $db, $session, $paths, $template, $plugins; // Common objects
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1862
  global $lang;
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1863
  
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1864
  $lang_id = ( $x = $paths->getParam(0) ) ? intval($x) : $lang->lang_id;
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1865
  
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1866
  if ( $lang->lang_id == $lang_id )
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1867
    $lang_local =& $lang;
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1868
  else
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1869
    $lang_local = new Language($lang_id);
782
96848f04bbba Corrected a few issues with languages and client-side code
Dan
parents: 743
diff changeset
  1870
    
96848f04bbba Corrected a few issues with languages and client-side code
Dan
parents: 743
diff changeset
  1871
  $lang_local->get('meta_meta');
210
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1872
  
542
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit.
Dan
parents: 541
diff changeset
  1873
  $lang_strings = enano_json_encode($lang_local->strings);
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit.
Dan
parents: 541
diff changeset
  1874
  $etag = substr(sha1($lang_strings), 0, 20) . '-' . dechex($lang_local->lang_timestamp);
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit.
Dan
parents: 541
diff changeset
  1875
  
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit.
Dan
parents: 541
diff changeset
  1876
  if ( isset($_SERVER['HTTP_IF_NONE_MATCH']) )
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit.
Dan
parents: 541
diff changeset
  1877
  {
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit.
Dan
parents: 541
diff changeset
  1878
    if ( "\"$etag\"" == $_SERVER['HTTP_IF_NONE_MATCH'] )
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit.
Dan
parents: 541
diff changeset
  1879
    {
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit.
Dan
parents: 541
diff changeset
  1880
      header('HTTP/1.1 304 Not Modified');
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit.
Dan
parents: 541
diff changeset
  1881
      exit();
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit.
Dan
parents: 541
diff changeset
  1882
    }
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit.
Dan
parents: 541
diff changeset
  1883
  }
210
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1884
  
345
4ccdfeee9a11 WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents: 343
diff changeset
  1885
  $timestamp = enano_date('D, j M Y H:i:s T', $lang_local->lang_timestamp);
562
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php
Dan
parents: 555
diff changeset
  1886
  // generate expires header
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php
Dan
parents: 555
diff changeset
  1887
  $expires = date('r', mktime(-1, -1, -1, -1, -1, intval(date('y'))+1));
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php
Dan
parents: 555
diff changeset
  1888
210
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1889
  header("Last-Modified: $timestamp");
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1890
  header("Date: $timestamp");
542
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit.
Dan
parents: 541
diff changeset
  1891
  header("ETag: \"$etag\"");
210
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1892
  header('Content-type: text/javascript');
562
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php
Dan
parents: 555
diff changeset
  1893
  header("Expires: $expires");
210
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1894
  
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1895
  $lang_local->fetch();
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1896
  echo "if ( typeof(enano_lang) != 'object' )
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1897
  var enano_lang = new Object();
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1898
782
96848f04bbba Corrected a few issues with languages and client-side code
Dan
parents: 743
diff changeset
  1899
enano_lang[{$lang_local->lang_id}] = " . $lang_strings . ";";
555
ac4c6a7f01d8 Added user preference for disabling visual effects in Javascript applets; added re-import button to installed plugins
Dan
parents: 542
diff changeset
  1900
ac4c6a7f01d8 Added user preference for disabling visual effects in Javascript applets; added re-import button to installed plugins
Dan
parents: 542
diff changeset
  1901
  gzip_output();
210
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1902
  
542
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit.
Dan
parents: 541
diff changeset
  1903
  exit(0);
210
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1904
}
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1905
541
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1906
/**
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1907
 * Fetches and displays an avatar from the filesystem. Avatar fetching is abstracted as of 1.1.4.
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1908
 */
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1909
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1910
function page_Special_Avatar()
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1911
{
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1912
  global $db, $session, $paths, $template, $plugins; // Common objects
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1913
  global $aggressive_optimize_html;
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1914
  $aggressive_optimize_html = false;
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1915
  
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1916
  $img_types = array(
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1917
      IMAGE_TYPE_PNG => 'png',
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1918
      IMAGE_TYPE_GIF => 'gif',
621
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1919
      IMAGE_TYPE_JPG => 'jpg',
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1920
      IMAGE_TYPE_GRV => 'grv'
541
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1921
    );
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1922
  
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1923
  $avi_id = $paths->getParam(0);
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1924
  if ( !$avi_id || !@preg_match('/^[a-f0-9]+$/', $avi_id) )
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1925
  {
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1926
    echo 'Doesn\'t match the regexp';
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1927
    return true;
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1928
  }
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1929
  
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1930
  $avi_id_dec = hexdecode($avi_id);
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1931
  $avi_id_dec = @unpack('Vdate/Vuid/vimg_type', $avi_id_dec);
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1932
  if ( !$avi_id_dec )
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1933
  {
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1934
    echo 'Bad unpack';
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1935
    return true;
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1936
  }
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1937
  
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1938
  // check parameters
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1939
  if ( !isset($img_types[$avi_id_dec['img_type']]) )
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1940
  {
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1941
    echo 'Invalid image type';
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1942
    return true;
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1943
  }
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1944
  
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1945
  // build file path
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1946
  $avi_type = $img_types[$avi_id_dec['img_type']];
621
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1947
  
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1948
  // is this a gravatar?
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1949
  if ( $avi_type == 'grv' )
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1950
  {
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1951
    // yes, we'll have to redirect
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1952
    // sanitize UID
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1953
    $uid = intval($avi_id_dec['uid']);
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1954
    
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1955
    // fetch email
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1956
    $q = $db->sql_query('SELECT email FROM ' . table_prefix . "users WHERE user_id = $uid;");
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1957
    if ( !$q )
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1958
      $db->_die();
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1959
    if ( $db->numrows() < 1 )
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1960
      return false;
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1961
    
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1962
    list($email) = $db->fetchrow_num();
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1963
    $db->free_result();
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1964
    
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1965
    $url = make_gravatar_url($url);
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1966
    
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1967
    // ship out the redirect
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1968
    header('HTTP/1.1 302 Permanent Redirect');
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1969
    header("Location: $url");
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1970
  }
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1971
  
541
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1972
  $avi_path = ENANO_ROOT . '/' . getConfig('avatar_directory') . '/' . $avi_id_dec['uid'] . '.' . $avi_type;
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1973
  if ( file_exists($avi_path) )
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1974
  {
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1975
    $avi_mod_time = @filemtime($avi_path);
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1976
    $avi_mod_time = date('r', $avi_mod_time);
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1977
    $avi_size = @filesize($avi_path);
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1978
    header("Last-Modified: $avi_mod_time");
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1979
    header("Content-Length: $avi_size");
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1980
    header("Content-Type: image/$avi_type");
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1981
    // http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1982
    header("Cache-Control: public");
684
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1983
    // expire it 30 days from now
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1984
    $expiry_time = time() + ( 86400 * 30 );
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1985
    header("Expires: " . date('r', $expiry_time));
541
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1986
    
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1987
    $fh = @fopen($avi_path, 'r');
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1988
    if ( !$fh )
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1989
    {
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1990
      echo 'Could not open file';
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1991
      return true;
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1992
    }
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1993
    
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1994
    while ( $fd = @fread($fh, 1024) )
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1995
    {
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1996
      echo $fd;
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1997
    }
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1998
    fclose($fh);
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1999
    
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  2000
  }
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  2001
  return true;
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  2002
}
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  2003
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  2004
?>