1
+ − 1
<?php
+ − 2
+ − 3
/*
+ − 4
* Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
387
92664d2efab8
Rebranded source code as 1.1.1; added TinyMCE ACL rule as per Vadi's request: http://forum.enanocms.org/viewtopic.php?f=7&t=54
Dan
diff
changeset
+ − 5
* Version 1.1.1 (Caoineag alpha 1)
1
+ − 6
* Copyright (C) 2006-2007 Dan Fuhry
+ − 7
*
+ − 8
* This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
+ − 9
* as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
+ − 10
*
+ − 11
* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ − 12
* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
+ − 13
*/
+ − 14
+ − 15
class template {
+ − 16
var $tpl_strings, $tpl_bool, $theme, $style, $no_headers, $additional_headers, $sidebar_extra, $sidebar_widgets, $toolbar_menu, $theme_list, $named_theme_list, $default_theme, $default_style, $plugin_blocks, $namespace_string, $style_list, $theme_loaded;
30
+ − 17
+ − 18
/**
+ − 19
* Set to true if the site is disabled and thus a message needs to be shown. This should ONLY be changed by common.php.
+ − 20
* @var bool
+ − 21
* @access private
+ − 22
*/
+ − 23
+ − 24
var $site_disabled = false;
+ − 25
53
+ − 26
/**
+ − 27
* One of the absolute best parts of Enano :-P
+ − 28
* @var string
+ − 29
*/
+ − 30
54
84b56303cab5
Bugfixes: Login system properly handles blank password situation (returns ""); fading button now works right with relative URLs
Dan
diff
changeset
+ − 31
var $fading_button = '';
53
+ − 32
1
+ − 33
function __construct()
+ − 34
{
+ − 35
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 36
$this->tpl_bool = Array();
+ − 37
$this->tpl_strings = Array();
+ − 38
$this->sidebar_extra = '';
+ − 39
$this->toolbar_menu = '';
+ − 40
$this->additional_headers = '';
+ − 41
$this->plugin_blocks = Array();
+ − 42
$this->theme_loaded = false;
+ − 43
201
+ − 44
$this->fading_button = '<div style="background-image: url('.scriptPath.'/images/about-powered-enano-hover.png); background-repeat: no-repeat; width: 88px; height: 31px; margin: 0 auto 5px auto;">
371
dc6026376919
Improved compatibility with PostgreSQL and fixed a number of installer bugs; fixed missing "meta" category declaration in language files
Dan
diff
changeset
+ − 45
<a style="background-image: none; padding-right: 0;" href="http://enanocms.org/" onclick="window.open(this.href); return false;"><img style="border-width: 0;" alt=" " src="'.scriptPath.'/images/about-powered-enano.png" onmouseover="domOpacity(this, 100, 0, 500);" onmouseout="domOpacity(this, 0, 100, 500);" /></a>
87
570f68c3fe36
Redid stupid fading button code and fixed several RC2 bugs in the upgrade schema; 1.0.1 release candidate
Dan
diff
changeset
+ − 46
</div>';
54
84b56303cab5
Bugfixes: Login system properly handles blank password situation (returns ""); fading button now works right with relative URLs
Dan
diff
changeset
+ − 47
1
+ − 48
$this->theme_list = Array();
+ − 49
$this->named_theme_list = Array();
+ − 50
$e = $db->sql_query('SELECT theme_id,theme_name,enabled,default_style FROM '.table_prefix.'themes WHERE enabled=1 ORDER BY theme_order;');
+ − 51
if(!$e) $db->_die('The list of themes could not be selected.');
+ − 52
for($i=0;$i < $db->numrows(); $i++)
+ − 53
{
+ − 54
$this->theme_list[$i] = $db->fetchrow();
+ − 55
$this->named_theme_list[$this->theme_list[$i]['theme_id']] = $this->theme_list[$i];
+ − 56
}
+ − 57
$db->free_result();
+ − 58
$this->default_theme = $this->theme_list[0]['theme_id'];
+ − 59
$dir = ENANO_ROOT.'/themes/'.$this->default_theme.'/css/';
+ − 60
$list = Array();
+ − 61
// Open a known directory, and proceed to read its contents
+ − 62
if (is_dir($dir)) {
+ − 63
if ($dh = opendir($dir)) {
+ − 64
while (($file = readdir($dh)) !== false) {
+ − 65
if(preg_match('#^(.*?)\.css$#i', $file) && $file != '_printable.css') {
+ − 66
$list[] = substr($file, 0, strlen($file)-4);
+ − 67
}
+ − 68
}
+ − 69
closedir($dh);
+ − 70
}
+ − 71
}
+ − 72
+ − 73
$def = ENANO_ROOT.'/themes/'.$this->default_theme.'/css/'.$this->named_theme_list[$this->default_theme]['default_style'];
+ − 74
if(file_exists($def))
+ − 75
{
+ − 76
$this->default_style = substr($this->named_theme_list[$this->default_theme]['default_style'], 0, strlen($this->named_theme_list[$this->default_theme]['default_style'])-4);
+ − 77
} else {
+ − 78
$this->default_style = $list[0];
+ − 79
}
+ − 80
+ − 81
$this->style_list = $list;
+ − 82
+ − 83
}
+ − 84
function sidebar_widget($t, $h)
+ − 85
{
+ − 86
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 87
if(!defined('ENANO_TEMPLATE_LOADED'))
+ − 88
{
+ − 89
$this->load_theme($session->theme, $session->style);
+ − 90
}
+ − 91
if(!$this->sidebar_widgets)
+ − 92
$this->sidebar_widgets = '';
+ − 93
$tplvars = $this->extract_vars('elements.tpl');
+ − 94
$parser = $this->makeParserText($tplvars['sidebar_section_raw']);
+ − 95
$parser->assign_vars(Array('TITLE'=>$t,'CONTENT'=>$h));
+ − 96
$this->plugin_blocks[$t] = $h;
+ − 97
$this->sidebar_widgets .= $parser->run();
+ − 98
}
+ − 99
function add_header($html)
+ − 100
{
+ − 101
$this->additional_headers .= "\n" . $html;
+ − 102
}
+ − 103
function get_css($s = false)
+ − 104
{
+ − 105
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 106
if(!defined('ENANO_TEMPLATE_LOADED'))
+ − 107
$this->load_theme($session->theme, $session->style);
+ − 108
$path = ( $s ) ? 'css/'.$s : 'css/'.$this->style.'.css';
+ − 109
if ( !file_exists(ENANO_ROOT . '/themes/' . $this->theme . '/' . $path) )
+ − 110
{
+ − 111
echo "/* WARNING: Falling back to default file because file $path does not exist */\n";
+ − 112
$path = 'css/' . $this->style_list[0] . '.css';
+ − 113
}
+ − 114
return $this->process_template($path);
+ − 115
}
+ − 116
function load_theme($name = false, $css = false)
+ − 117
{
+ − 118
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 119
$this->theme = ( $name ) ? $name : $session->theme;
+ − 120
$this->style = ( $css ) ? $css : $session->style;
+ − 121
if ( !$this->theme )
+ − 122
{
+ − 123
$this->theme = $this->theme_list[0]['theme_id'];
+ − 124
$this->style = substr($this->theme_list[0]['default_style'], 0, strlen($this->theme_list[0]['default_style'])-4);
+ − 125
}
+ − 126
$this->theme_loaded = true;
+ − 127
}
+ − 128
+ − 129
function init_vars()
+ − 130
{
+ − 131
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 132
global $email;
210
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
diff
changeset
+ − 133
global $lang;
1
+ − 134
372
5bd429428101
A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager
Dan
diff
changeset
+ − 135
profiler_log("template: starting var init");
5bd429428101
A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager
Dan
diff
changeset
+ − 136
1
+ − 137
if(!$this->theme || !$this->style)
+ − 138
{
+ − 139
$this->load_theme();
+ − 140
}
+ − 141
+ − 142
if(defined('ENANO_TEMPLATE_LOADED'))
+ − 143
{
+ − 144
die_semicritical('Illegal call', '<p>$template->load_theme was called multiple times, this is not supposed to happen. Exiting with fatal error.</p>');
+ − 145
}
+ − 146
+ − 147
define('ENANO_TEMPLATE_LOADED', '');
+ − 148
+ − 149
$tplvars = $this->extract_vars('elements.tpl');
+ − 150
+ − 151
if(isset($_SERVER['HTTP_USER_AGENT']) && strstr($_SERVER['HTTP_USER_AGENT'], 'MSIE'))
+ − 152
{
+ − 153
$this->add_header('
+ − 154
<!--[if lt IE 7]>
+ − 155
<script language="JavaScript">
+ − 156
function correctPNG() // correctly handle PNG transparency in Win IE 5.5 & 6.
+ − 157
{
86
c162ca39db8f
Finished pagination code (was incomplete in previous revision) and added a few hacks for an upcoming theme
Dan
diff
changeset
+ − 158
var arVersion = navigator.appVersion.split("MSIE");
c162ca39db8f
Finished pagination code (was incomplete in previous revision) and added a few hacks for an upcoming theme
Dan
diff
changeset
+ − 159
var version = parseFloat(arVersion[1]);
1
+ − 160
if (version >= 5.5 && typeof(document.body.filters) == "object")
+ − 161
{
+ − 162
for(var i=0; i<document.images.length; i++)
+ − 163
{
+ − 164
var img = document.images[i];
+ − 165
continue;
+ − 166
var imgName = img.src.toUpperCase();
+ − 167
if (imgName.substring(imgName.length-3, imgName.length) == "PNG")
+ − 168
{
+ − 169
var imgID = (img.id) ? "id=\'" + img.id + "\' " : "";
+ − 170
var imgClass = (img.className) ? "class=\'" + img.className + "\' " : "";
+ − 171
var imgTitle = (img.title) ? "title=\'" + img.title + "\' " : "title=\'" + img.alt + "\' ";
+ − 172
var imgStyle = "display:inline-block;" + img.style.cssText;
+ − 173
if (img.align == "left") imgStyle = "float:left;" + imgStyle;
+ − 174
if (img.align == "right") imgStyle = "float:right;" + imgStyle;
+ − 175
if (img.parentElement.href) imgStyle = "cursor:hand;" + imgStyle;
+ − 176
var strNewHTML = "<span " + imgID + imgClass + imgTitle + " style=\\"" + "width:" + img.width + "px; height:" + img.height + "px;" + imgStyle + ";" + "filter:progid:DXImageTransform.Microsoft.AlphaImageLoader" + "(src=\\\'" + img.src + "\\\', sizingMethod=\'scale\');\\"></span>";
+ − 177
img.outerHTML = strNewHTML;
+ − 178
i = i-1;
+ − 179
}
+ − 180
}
+ − 181
}
+ − 182
}
+ − 183
window.attachEvent("onload", correctPNG);
+ − 184
</script>
+ − 185
<![endif]-->
+ − 186
');
+ − 187
}
+ − 188
+ − 189
// Get the "article" button text (depends on namespace)
+ − 190
switch($paths->namespace) {
+ − 191
case "Article":
+ − 192
default:
211
+ − 193
$ns = $lang->get('onpage_lbl_page_article');
1
+ − 194
break;
+ − 195
case "Admin":
211
+ − 196
$ns = $lang->get('onpage_lbl_page_admin');
1
+ − 197
break;
+ − 198
case "System":
211
+ − 199
$ns = $lang->get('onpage_lbl_page_system');
1
+ − 200
break;
+ − 201
case "File":
211
+ − 202
$ns = $lang->get('onpage_lbl_page_file');
1
+ − 203
break;
+ − 204
case "Help":
211
+ − 205
$ns = $lang->get('onpage_lbl_page_help');
1
+ − 206
break;
+ − 207
case "User":
211
+ − 208
$ns = $lang->get('onpage_lbl_page_user');
1
+ − 209
break;
+ − 210
case "Special":
211
+ − 211
$ns = $lang->get('onpage_lbl_page_special');
1
+ − 212
break;
+ − 213
case "Template":
211
+ − 214
$ns = $lang->get('onpage_lbl_page_template');
1
+ − 215
break;
+ − 216
case "Project":
211
+ − 217
$ns = $lang->get('onpage_lbl_page_project');
1
+ − 218
break;
+ − 219
case "Category":
211
+ − 220
$ns = $lang->get('onpage_lbl_page_category');
1
+ − 221
break;
312
6c7060d36a23
Improved physical pages: they support comments and have their own dedicated namespace now. Still some consistency fixes to make.
Dan
diff
changeset
+ − 222
case "Anonymous":
6c7060d36a23
Improved physical pages: they support comments and have their own dedicated namespace now. Still some consistency fixes to make.
Dan
diff
changeset
+ − 223
$ns = 'external page';
6c7060d36a23
Improved physical pages: they support comments and have their own dedicated namespace now. Still some consistency fixes to make.
Dan
diff
changeset
+ − 224
break;
1
+ − 225
}
+ − 226
$this->namespace_string = $ns;
211
+ − 227
unset($ns);
1
+ − 228
$code = $plugins->setHook('page_type_string_set');
+ − 229
foreach ( $code as $cmd )
+ − 230
{
+ − 231
eval($cmd);
+ − 232
}
+ − 233
$ns =& $this->namespace_string;
+ − 234
+ − 235
// Initialize the toolbar
+ − 236
$tb = '';
+ − 237
+ − 238
// Create "xx page" button
+ − 239
+ − 240
$btn_selected = ( isset($tplvars['toolbar_button_selected'])) ? $tplvars['toolbar_button_selected'] : $tplvars['toolbar_button'];
+ − 241
$parser = $this->makeParserText($btn_selected);
+ − 242
312
6c7060d36a23
Improved physical pages: they support comments and have their own dedicated namespace now. Still some consistency fixes to make.
Dan
diff
changeset
+ − 243
if ( true || !$paths->anonymous_page )
311
a007145a0ff6
Deprecated debugConsole and removed all calls to it. Added a lot of comments to common.php. Added support for "anonymous pages" that are created when the Enano API is loaded from an external script. Fixed missing border-bottom on Type 2 sidebar blocks in Oxygen.
Dan
diff
changeset
+ − 244
{
a007145a0ff6
Deprecated debugConsole and removed all calls to it. Added a lot of comments to common.php. Added support for "anonymous pages" that are created when the Enano API is loaded from an external script. Fixed missing border-bottom on Type 2 sidebar blocks in Oxygen.
Dan
diff
changeset
+ − 245
$parser->assign_vars(array(
313
+ − 246
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxReset()); return false; }" title="' . $lang->get('onpage_tip_article') . '" accesskey="a"',
311
a007145a0ff6
Deprecated debugConsole and removed all calls to it. Added a lot of comments to common.php. Added support for "anonymous pages" that are created when the Enano API is loaded from an external script. Fixed missing border-bottom on Type 2 sidebar blocks in Oxygen.
Dan
diff
changeset
+ − 247
'PARENTFLAGS' => 'id="mdgToolbar_article"',
a007145a0ff6
Deprecated debugConsole and removed all calls to it. Added a lot of comments to common.php. Added support for "anonymous pages" that are created when the Enano API is loaded from an external script. Fixed missing border-bottom on Type 2 sidebar blocks in Oxygen.
Dan
diff
changeset
+ − 248
'HREF' => makeUrl($paths->page, null, true),
a007145a0ff6
Deprecated debugConsole and removed all calls to it. Added a lot of comments to common.php. Added support for "anonymous pages" that are created when the Enano API is loaded from an external script. Fixed missing border-bottom on Type 2 sidebar blocks in Oxygen.
Dan
diff
changeset
+ − 249
'TEXT' => $this->namespace_string
a007145a0ff6
Deprecated debugConsole and removed all calls to it. Added a lot of comments to common.php. Added support for "anonymous pages" that are created when the Enano API is loaded from an external script. Fixed missing border-bottom on Type 2 sidebar blocks in Oxygen.
Dan
diff
changeset
+ − 250
));
a007145a0ff6
Deprecated debugConsole and removed all calls to it. Added a lot of comments to common.php. Added support for "anonymous pages" that are created when the Enano API is loaded from an external script. Fixed missing border-bottom on Type 2 sidebar blocks in Oxygen.
Dan
diff
changeset
+ − 251
a007145a0ff6
Deprecated debugConsole and removed all calls to it. Added a lot of comments to common.php. Added support for "anonymous pages" that are created when the Enano API is loaded from an external script. Fixed missing border-bottom on Type 2 sidebar blocks in Oxygen.
Dan
diff
changeset
+ − 252
$tb .= $parser->run();
a007145a0ff6
Deprecated debugConsole and removed all calls to it. Added a lot of comments to common.php. Added support for "anonymous pages" that are created when the Enano API is loaded from an external script. Fixed missing border-bottom on Type 2 sidebar blocks in Oxygen.
Dan
diff
changeset
+ − 253
}
1
+ − 254
+ − 255
$button = $this->makeParserText($tplvars['toolbar_button']);
+ − 256
+ − 257
// Page toolbar
+ − 258
// Comments button
+ − 259
if ( $session->get_permissions('read') && getConfig('enable_comments')=='1' && $paths->namespace != 'Special' && $paths->namespace != 'Admin' && $paths->cpage['comments_on'] == 1 )
+ − 260
{
+ − 261
322
+ − 262
$e = $db->sql_query('SELECT approved FROM '.table_prefix.'comments WHERE page_id=\''.$paths->page_id.'\' AND namespace=\''.$paths->namespace.'\';');
1
+ − 263
if ( !$e )
+ − 264
{
+ − 265
$db->_die();
+ − 266
}
+ − 267
$nc = $db->numrows();
+ − 268
$nu = 0;
+ − 269
$na = 0;
+ − 270
+ − 271
while ( $r = $db->fetchrow() )
+ − 272
{
+ − 273
if ( !$r['approved'] )
+ − 274
{
+ − 275
$nu++;
+ − 276
}
+ − 277
else
+ − 278
{
+ − 279
$na++;
+ − 280
}
+ − 281
}
+ − 282
+ − 283
$db->free_result();
+ − 284
$n = ( $session->get_permissions('mod_comments') ) ? (string)$nc : (string)$na;
+ − 285
if ( $session->get_permissions('mod_comments') && $nu > 0 )
+ − 286
{
211
+ − 287
$subst = array(
+ − 288
'num_comments' => $nc,
+ − 289
'num_unapp' => $nu
+ − 290
);
+ − 291
$btn_text = $lang->get('onpage_btn_discussion_unapp', $subst);
+ − 292
}
+ − 293
else
+ − 294
{
+ − 295
$subst = array(
+ − 296
'num_comments' => $nc
+ − 297
);
+ − 298
$btn_text = $lang->get('onpage_btn_discussion', $subst);
1
+ − 299
}
+ − 300
+ − 301
$button->assign_vars(array(
265
7e0cdf71b1bb
Some (not much) progress with localizing tooltips on the pagebar. Still aways to go and committing so as to merge changes from stable
Dan
diff
changeset
+ − 302
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxComments()); return false; }" title="' . $lang->get('onpage_tip_comments') . '" accesskey="c"',
1
+ − 303
'PARENTFLAGS' => 'id="mdgToolbar_discussion"',
+ − 304
'HREF' => makeUrl($paths->page, 'do=comments', true),
211
+ − 305
'TEXT' => $btn_text,
1
+ − 306
));
+ − 307
+ − 308
$tb .= $button->run();
+ − 309
}
+ − 310
// Edit button
349
fdaf9070566c
More progress on the installer. At this point it can install and import the language, but does not rename config files. Still much work to be done, most notably localization and creation of MySQL users and databases.
Dan
diff
changeset
+ − 311
if($session->get_permissions('read') && ($paths->namespace != 'Special' && $paths->namespace != 'Admin' && $paths->namespace != 'Anonymous') && ( $session->get_permissions('edit_page') && ( ( $paths->page_protected && $session->get_permissions('even_when_protected') ) || !$paths->page_protected ) ) )
1
+ − 312
{
+ − 313
$button->assign_vars(array(
265
7e0cdf71b1bb
Some (not much) progress with localizing tooltips on the pagebar. Still aways to go and committing so as to merge changes from stable
Dan
diff
changeset
+ − 314
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxEditor()); return false; }" title="' . $lang->get('onpage_tip_edit') . '" accesskey="e"',
1
+ − 315
'PARENTFLAGS' => 'id="mdgToolbar_edit"',
+ − 316
'HREF' => makeUrl($paths->page, 'do=edit', true),
211
+ − 317
'TEXT' => $lang->get('onpage_btn_edit')
1
+ − 318
));
+ − 319
$tb .= $button->run();
+ − 320
// View source button
+ − 321
}
349
fdaf9070566c
More progress on the installer. At this point it can install and import the language, but does not rename config files. Still much work to be done, most notably localization and creation of MySQL users and databases.
Dan
diff
changeset
+ − 322
else if($session->get_permissions('view_source') && ( !$session->get_permissions('edit_page') || !$session->get_permissions('even_when_protected') && $paths->page_protected ) && $paths->namespace != 'Special' && $paths->namespace != 'Admin' && $paths->namespace != 'Anonymous')
1
+ − 323
{
+ − 324
$button->assign_vars(array(
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 325
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxEditor()); return false; }" title="' . $lang->get('onpage_tip_viewsource') . '" accesskey="e"',
1
+ − 326
'PARENTFLAGS' => 'id="mdgToolbar_edit"',
+ − 327
'HREF' => makeUrl($paths->page, 'do=viewsource', true),
211
+ − 328
'TEXT' => $lang->get('onpage_btn_viewsource')
1
+ − 329
));
+ − 330
$tb .= $button->run();
+ − 331
}
+ − 332
// History button
+ − 333
if ( $session->get_permissions('read') /* && $paths->wiki_mode */ && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' && $session->get_permissions('history_view') )
+ − 334
{
+ − 335
$button->assign_vars(array(
265
7e0cdf71b1bb
Some (not much) progress with localizing tooltips on the pagebar. Still aways to go and committing so as to merge changes from stable
Dan
diff
changeset
+ − 336
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxHistory()); return false; }" title="' . $lang->get('onpage_tip_history') . '" accesskey="h"',
1
+ − 337
'PARENTFLAGS' => 'id="mdgToolbar_history"',
+ − 338
'HREF' => makeUrl($paths->page, 'do=history', true),
211
+ − 339
'TEXT' => $lang->get('onpage_btn_history')
1
+ − 340
));
+ − 341
$tb .= $button->run();
+ − 342
}
+ − 343
+ − 344
$menubtn = $this->makeParserText($tplvars['toolbar_menu_button']);
+ − 345
+ − 346
// Additional actions menu
+ − 347
// Rename button
+ − 348
if ( $session->get_permissions('read') && $paths->page_exists && ( $session->get_permissions('rename') && ( $paths->page_protected && $session->get_permissions('even_when_protected') || !$paths->page_protected ) ) && $paths->namespace != 'Special' && $paths->namespace != 'Admin' )
+ − 349
{
+ − 350
$menubtn->assign_vars(array(
265
7e0cdf71b1bb
Some (not much) progress with localizing tooltips on the pagebar. Still aways to go and committing so as to merge changes from stable
Dan
diff
changeset
+ − 351
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxRename()); return false; }" title="' . $lang->get('onpage_tip_rename') . '" accesskey="r"',
1
+ − 352
'HREF' => makeUrl($paths->page, 'do=rename', true),
211
+ − 353
'TEXT' => $lang->get('onpage_btn_rename'),
1
+ − 354
));
+ − 355
$this->toolbar_menu .= $menubtn->run();
+ − 356
}
+ − 357
+ − 358
// Vote-to-delete button
+ − 359
if ( $paths->wiki_mode && $session->get_permissions('vote_delete') && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin')
+ − 360
{
+ − 361
$menubtn->assign_vars(array(
265
7e0cdf71b1bb
Some (not much) progress with localizing tooltips on the pagebar. Still aways to go and committing so as to merge changes from stable
Dan
diff
changeset
+ − 362
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxDelVote()); return false; }" title="' . $lang->get('onpage_tip_delvote') . '" accesskey="d"',
1
+ − 363
'HREF' => makeUrl($paths->page, 'do=delvote', true),
211
+ − 364
'TEXT' => $lang->get('onpage_btn_votedelete'),
1
+ − 365
));
+ − 366
$this->toolbar_menu .= $menubtn->run();
+ − 367
}
+ − 368
+ − 369
// Clear-votes button
+ − 370
if ( $session->get_permissions('read') && $paths->wiki_mode && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' && $session->get_permissions('vote_reset') && $paths->cpage['delvotes'] > 0)
+ − 371
{
+ − 372
$menubtn->assign_vars(array(
265
7e0cdf71b1bb
Some (not much) progress with localizing tooltips on the pagebar. Still aways to go and committing so as to merge changes from stable
Dan
diff
changeset
+ − 373
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxResetDelVotes()); return false; }" title="' . $lang->get('onpage_tip_resetvotes') . '" accesskey="y"',
1
+ − 374
'HREF' => makeUrl($paths->page, 'do=resetvotes', true),
211
+ − 375
'TEXT' => $lang->get('onpage_btn_votedelete_reset'),
1
+ − 376
));
+ − 377
$this->toolbar_menu .= $menubtn->run();
+ − 378
}
+ − 379
+ − 380
// Printable page button
+ − 381
if ( $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' )
+ − 382
{
+ − 383
$menubtn->assign_vars(array(
265
7e0cdf71b1bb
Some (not much) progress with localizing tooltips on the pagebar. Still aways to go and committing so as to merge changes from stable
Dan
diff
changeset
+ − 384
'FLAGS' => 'title="' . $lang->get('onpage_tip_printable') . '"',
1
+ − 385
'HREF' => makeUrl($paths->page, 'printable=yes', true),
211
+ − 386
'TEXT' => $lang->get('onpage_btn_printable'),
1
+ − 387
));
+ − 388
$this->toolbar_menu .= $menubtn->run();
+ − 389
}
+ − 390
+ − 391
// Protect button
+ − 392
if($session->get_permissions('read') && $paths->wiki_mode && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' && $session->get_permissions('protect'))
+ − 393
{
+ − 394
+ − 395
$label = $this->makeParserText($tplvars['toolbar_label']);
211
+ − 396
$label->assign_vars(array('TEXT' => $lang->get('onpage_lbl_protect')));
1
+ − 397
$t0 = $label->run();
+ − 398
+ − 399
$ctmp = '';
+ − 400
if ( $paths->cpage['protected'] == 1 )
+ − 401
{
+ − 402
$ctmp=' style="text-decoration: underline;"';
+ − 403
}
+ − 404
$menubtn->assign_vars(array(
265
7e0cdf71b1bb
Some (not much) progress with localizing tooltips on the pagebar. Still aways to go and committing so as to merge changes from stable
Dan
diff
changeset
+ − 405
'FLAGS' => 'accesskey="i" onclick="if ( !KILL_SWITCH ) { ajaxProtect(1); return false; }" id="protbtn_1" title="' . $lang->get('onpage_tip_protect_on') . '"'.$ctmp,
1
+ − 406
'HREF' => makeUrl($paths->page, 'do=protect&level=1', true),
211
+ − 407
'TEXT' => $lang->get('onpage_btn_protect_on')
1
+ − 408
));
+ − 409
$t1 = $menubtn->run();
+ − 410
+ − 411
$ctmp = '';
+ − 412
if ( $paths->cpage['protected'] == 0 )
+ − 413
{
+ − 414
$ctmp=' style="text-decoration: underline;"';
+ − 415
}
+ − 416
$menubtn->assign_vars(array(
265
7e0cdf71b1bb
Some (not much) progress with localizing tooltips on the pagebar. Still aways to go and committing so as to merge changes from stable
Dan
diff
changeset
+ − 417
'FLAGS' => 'accesskey="o" onclick="if ( !KILL_SWITCH ) { ajaxProtect(0); return false; }" id="protbtn_0" title="' . $lang->get('onpage_tip_protect_off') . '"'.$ctmp,
1
+ − 418
'HREF' => makeUrl($paths->page, 'do=protect&level=0', true),
211
+ − 419
'TEXT' => $lang->get('onpage_btn_protect_off')
1
+ − 420
));
+ − 421
$t2 = $menubtn->run();
+ − 422
+ − 423
$ctmp = '';
+ − 424
if ( $paths->cpage['protected'] == 2 )
+ − 425
{
+ − 426
$ctmp = ' style="text-decoration: underline;"';
+ − 427
}
+ − 428
$menubtn->assign_vars(array(
265
7e0cdf71b1bb
Some (not much) progress with localizing tooltips on the pagebar. Still aways to go and committing so as to merge changes from stable
Dan
diff
changeset
+ − 429
'FLAGS' => 'accesskey="p" onclick="if ( !KILL_SWITCH ) { ajaxProtect(2); return false; }" id="protbtn_2" title="' . $lang->get('onpage_tip_protect_semi') . '"'.$ctmp,
1
+ − 430
'HREF' => makeUrl($paths->page, 'do=protect&level=2', true),
211
+ − 431
'TEXT' => $lang->get('onpage_btn_protect_semi')
1
+ − 432
));
+ − 433
$t3 = $menubtn->run();
+ − 434
+ − 435
$this->toolbar_menu .= ' <table border="0" cellspacing="0" cellpadding="0">
+ − 436
<tr>
+ − 437
<td>'.$t0.'</td>
+ − 438
<td>'.$t1.'</td>
+ − 439
<td>'.$t2.'</td>
+ − 440
<td>'.$t3.'</td>
+ − 441
</tr>
+ − 442
</table>';
+ − 443
}
+ − 444
+ − 445
// Wiki mode button
+ − 446
if($session->get_permissions('read') && $paths->page_exists && $session->get_permissions('set_wiki_mode') && $paths->namespace != 'Special' && $paths->namespace != 'Admin')
+ − 447
{
+ − 448
// label at start
+ − 449
$label = $this->makeParserText($tplvars['toolbar_label']);
211
+ − 450
$label->assign_vars(array('TEXT' => $lang->get('onpage_lbl_wikimode')));
1
+ − 451
$t0 = $label->run();
+ − 452
+ − 453
// on button
+ − 454
$ctmp = '';
+ − 455
if ( $paths->cpage['wiki_mode'] == 1 )
+ − 456
{
+ − 457
$ctmp = ' style="text-decoration: underline;"';
+ − 458
}
+ − 459
$menubtn->assign_vars(array(
102
+ − 460
'FLAGS' => /* 'onclick="if ( !KILL_SWITCH ) { ajaxSetWikiMode(1); return false; }" id="wikibtn_1" title="Forces wiki functions to be allowed on this page."'. */ $ctmp,
1
+ − 461
'HREF' => makeUrl($paths->page, 'do=setwikimode&level=1', true),
211
+ − 462
'TEXT' => $lang->get('onpage_btn_wikimode_on')
1
+ − 463
));
+ − 464
$t1 = $menubtn->run();
+ − 465
+ − 466
// off button
+ − 467
$ctmp = '';
+ − 468
if ( $paths->cpage['wiki_mode'] == 0 )
+ − 469
{
+ − 470
$ctmp=' style="text-decoration: underline;"';
+ − 471
}
+ − 472
$menubtn->assign_vars(array(
102
+ − 473
'FLAGS' => /* 'onclick="if ( !KILL_SWITCH ) { ajaxSetWikiMode(0); return false; }" id="wikibtn_0" title="Forces wiki functions to be disabled on this page."'. */ $ctmp,
1
+ − 474
'HREF' => makeUrl($paths->page, 'do=setwikimode&level=0', true),
211
+ − 475
'TEXT' => $lang->get('onpage_btn_wikimode_off')
1
+ − 476
));
+ − 477
$t2 = $menubtn->run();
+ − 478
+ − 479
// global button
+ − 480
$ctmp = '';
+ − 481
if ( $paths->cpage['wiki_mode'] == 2 )
+ − 482
{
+ − 483
$ctmp=' style="text-decoration: underline;"';
+ − 484
}
+ − 485
$menubtn->assign_vars(array(
102
+ − 486
'FLAGS' => /* 'onclick="if ( !KILL_SWITCH ) { ajaxSetWikiMode(2); return false; }" id="wikibtn_2" title="Causes this page to use the global wiki mode setting (default)"'. */ $ctmp,
1
+ − 487
'HREF' => makeUrl($paths->page, 'do=setwikimode&level=2', true),
211
+ − 488
'TEXT' => $lang->get('onpage_btn_wikimode_global')
1
+ − 489
));
+ − 490
$t3 = $menubtn->run();
+ − 491
+ − 492
// Tack it onto the list of buttons that are already there...
+ − 493
$this->toolbar_menu .= ' <table border="0" cellspacing="0" cellpadding="0">
+ − 494
<tr>
+ − 495
<td>'.$t0.'</td>
+ − 496
<td>'.$t1.'</td>
+ − 497
<td>'.$t2.'</td>
+ − 498
<td>'.$t3.'</td>
+ − 499
</tr>
+ − 500
</table>';
+ − 501
}
+ − 502
+ − 503
// Clear logs button
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 504
if ( $session->get_permissions('read') && $session->get_permissions('clear_logs') && $paths->namespace != 'Special' && $paths->namespace != 'Admin' )
1
+ − 505
{
+ − 506
$menubtn->assign_vars(array(
265
7e0cdf71b1bb
Some (not much) progress with localizing tooltips on the pagebar. Still aways to go and committing so as to merge changes from stable
Dan
diff
changeset
+ − 507
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxClearLogs()); return false; }" title="' . $lang->get('onpage_tip_flushlogs') . '" accesskey="l"',
1
+ − 508
'HREF' => makeUrl($paths->page, 'do=flushlogs', true),
211
+ − 509
'TEXT' => $lang->get('onpage_btn_clearlogs'),
1
+ − 510
));
+ − 511
$this->toolbar_menu .= $menubtn->run();
+ − 512
}
+ − 513
+ − 514
// Delete page button
+ − 515
if ( $session->get_permissions('read') && $session->get_permissions('delete_page') && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' )
+ − 516
{
211
+ − 517
$s = $lang->get('onpage_btn_deletepage');
1
+ − 518
if ( $paths->cpage['delvotes'] == 1 )
+ − 519
{
211
+ − 520
$subst = array(
+ − 521
'num_votes' => $paths->cpage['delvotes'],
+ − 522
'plural' => ''
+ − 523
);
+ − 524
$s .= $lang->get('onpage_btn_deletepage_votes', $subst);
1
+ − 525
}
+ − 526
else if ( $paths->cpage['delvotes'] > 1 )
+ − 527
{
211
+ − 528
$subst = array(
+ − 529
'num_votes' => $paths->cpage['delvotes'],
+ − 530
'plural' => $lang->get('meta_plural')
+ − 531
);
+ − 532
$s .= $lang->get('onpage_btn_deletepage_votes', $subst);
1
+ − 533
}
+ − 534
+ − 535
$menubtn->assign_vars(array(
314
+ − 536
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxDeletePage()); return false; }" title="' . $lang->get('onpage_tip_deletepage') . '" accesskey="k"',
1
+ − 537
'HREF' => makeUrl($paths->page, 'do=deletepage', true),
+ − 538
'TEXT' => $s,
+ − 539
));
+ − 540
$this->toolbar_menu .= $menubtn->run();
+ − 541
+ − 542
}
+ − 543
+ − 544
// Password-protect button
+ − 545
if(isset($paths->cpage['password']))
+ − 546
{
+ − 547
if ( $paths->cpage['password'] == '' )
+ − 548
{
+ − 549
$a = $session->get_permissions('password_set');
+ − 550
}
+ − 551
else
+ − 552
{
+ − 553
$a = $session->get_permissions('password_reset');
+ − 554
}
+ − 555
}
+ − 556
else
+ − 557
{
+ − 558
$a = $session->get_permissions('password_set');
+ − 559
}
+ − 560
if ( $a && $session->get_permissions('read') && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' )
+ − 561
{
+ − 562
// label at start
+ − 563
$label = $this->makeParserText($tplvars['toolbar_label']);
211
+ − 564
$label->assign_vars(array('TEXT' => $lang->get('onpage_lbl_password')));
1
+ − 565
$t0 = $label->run();
+ − 566
+ − 567
$menubtn->assign_vars(array(
265
7e0cdf71b1bb
Some (not much) progress with localizing tooltips on the pagebar. Still aways to go and committing so as to merge changes from stable
Dan
diff
changeset
+ − 568
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxSetPassword()); return false; }" title="' . $lang->get('onpage_tip_password') . '"',
1
+ − 569
'HREF' => '#',
211
+ − 570
'TEXT' => $lang->get('onpage_btn_password_set'),
1
+ − 571
));
+ − 572
$t = $menubtn->run();
+ − 573
+ − 574
$this->toolbar_menu .= '<table border="0" cellspacing="0" cellpadding="0"><tr><td>'.$t0.'</td><td><input type="password" id="mdgPassSetField" size="10" /></td><td>'.$t.'</td></tr></table>';
+ − 575
}
+ − 576
+ − 577
// Manage ACLs button
311
a007145a0ff6
Deprecated debugConsole and removed all calls to it. Added a lot of comments to common.php. Added support for "anonymous pages" that are created when the Enano API is loaded from an external script. Fixed missing border-bottom on Type 2 sidebar blocks in Oxygen.
Dan
diff
changeset
+ − 578
if ( !$paths->anonymous_page && ( $session->get_permissions('edit_acl') || $session->user_level >= USER_LEVEL_ADMIN ) )
1
+ − 579
{
+ − 580
$menubtn->assign_vars(array(
265
7e0cdf71b1bb
Some (not much) progress with localizing tooltips on the pagebar. Still aways to go and committing so as to merge changes from stable
Dan
diff
changeset
+ − 581
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { return ajaxOpenACLManager(); }" title="' . $lang->get('onpage_tip_aclmanager') . '" accesskey="m"',
1
+ − 582
'HREF' => makeUrl($paths->page, 'do=aclmanager', true),
211
+ − 583
'TEXT' => $lang->get('onpage_btn_acl'),
1
+ − 584
));
+ − 585
$this->toolbar_menu .= $menubtn->run();
+ − 586
}
+ − 587
+ − 588
// Administer page button
+ − 589
if ( $session->user_level >= USER_LEVEL_ADMIN && $paths->page_exists && $paths->namespace != 'Special' && $paths->namespace != 'Admin' )
+ − 590
{
+ − 591
$menubtn->assign_vars(array(
314
+ − 592
'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxAdminPage()); return false; }" title="' . $lang->get('onpage_tip_adminoptions') . '" accesskey="g"',
1
+ − 593
'HREF' => makeUrlNS('Special', 'Administration', 'module='.$paths->nslist['Admin'].'PageManager', true),
211
+ − 594
'TEXT' => $lang->get('onpage_btn_admin'),
1
+ − 595
));
+ − 596
$this->toolbar_menu .= $menubtn->run();
+ − 597
}
+ − 598
+ − 599
if ( strlen($this->toolbar_menu) > 0 )
+ − 600
{
+ − 601
$button->assign_vars(array(
314
+ − 602
'FLAGS' => 'id="mdgToolbar_moreoptions" onclick="if ( !KILL_SWITCH ) { return false; }" title="' . $lang->get('onpage_tip_moreoptions') . '"',
1
+ − 603
'PARENTFLAGS' => '',
+ − 604
'HREF' => makeUrl($paths->page, 'do=moreoptions', true),
211
+ − 605
'TEXT' => $lang->get('onpage_btn_moreoptions')
1
+ − 606
));
+ − 607
$tb .= $button->run();
+ − 608
}
+ − 609
+ − 610
$is_opera = (isset($_SERVER['HTTP_USER_AGENT']) && strstr($_SERVER['HTTP_USER_AGENT'], 'Opera')) ? true : false;
+ − 611
+ − 612
$this->tpl_bool = Array(
+ − 613
'auth_admin'=>$session->user_level >= USER_LEVEL_ADMIN ? true : false,
+ − 614
'user_logged_in'=>$session->user_logged_in,
+ − 615
'opera'=>$is_opera,
+ − 616
);
+ − 617
+ − 618
if($session->sid_super) { $ash = '&auth='.$session->sid_super; $asq = "?auth=".$session->sid_super; $asa = "&auth=".$session->sid_super; $as2 = htmlspecialchars(urlSeparator).'auth='.$session->sid_super; }
+ − 619
else { $asq=''; $asa=''; $as2 = ''; $ash = ''; }
+ − 620
+ − 621
$code = $plugins->setHook('compile_template');
+ − 622
foreach ( $code as $cmd )
+ − 623
{
+ − 624
eval($cmd);
+ − 625
}
+ − 626
+ − 627
// Some additional sidebar processing
+ − 628
if($this->sidebar_extra != '') {
+ − 629
$se = $this->sidebar_extra;
+ − 630
$parser = $this->makeParserText($tplvars['sidebar_section_raw']);
+ − 631
$parser->assign_vars(Array('TITLE'=>'Links','CONTENT'=>$se));
+ − 632
$this->sidebar_extra = $parser->run();
+ − 633
}
+ − 634
+ − 635
$this->sidebar_extra = $this->sidebar_extra.$this->sidebar_widgets;
+ − 636
+ − 637
$this->tpl_bool['fixed_menus'] = false;
+ − 638
/* if($this->sidebar_extra == '') $this->tpl_bool['right_sidebar'] = false;
+ − 639
else */ $this->tpl_bool['right_sidebar'] = true;
+ − 640
+ − 641
$this->tpl_bool['auth_rename'] = ( $paths->page_exists && ( $session->get_permissions('rename') && ( $paths->page_protected && $session->get_permissions('even_when_protected') || !$paths->page_protected ) ) && $paths->namespace != 'Special' && $paths->namespace != 'Admin');
+ − 642
+ − 643
$this->tpl_bool['enable_uploads'] = ( getConfig('enable_uploads') == '1' && $session->get_permissions('upload_files') ) ? true : false;
+ − 644
+ − 645
$this->tpl_bool['stupid_mode'] = false;
+ − 646
322
+ − 647
$this->tpl_bool['in_admin'] = ( ( $paths->page_id == 'Administration' && $paths->namespace == 'Special' ) || $paths->namespace == 'Admin' );
1
+ − 648
+ − 649
$p = ( isset($_GET['printable']) ) ? '/printable' : '';
+ − 650
+ − 651
// Add the e-mail address client code to the header
+ − 652
$this->add_header($email->jscode());
+ − 653
210
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
diff
changeset
+ − 654
// Add language file
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
diff
changeset
+ − 655
$lang_uri = makeUrlNS('Special', 'LangExportJSON/' . $lang->lang_id, false, true);
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
diff
changeset
+ − 656
$this->add_header("<script type=\"text/javascript\" src=\"$lang_uri\"></script>");
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
diff
changeset
+ − 657
1
+ − 658
// Generate the code for the Log out and Change theme sidebar buttons
+ − 659
// Once again, the new template parsing system can be used here
+ − 660
+ − 661
$parser = $this->makeParserText($tplvars['sidebar_button']);
+ − 662
+ − 663
$parser->assign_vars(Array(
+ − 664
'HREF'=>makeUrlNS('Special', 'Logout'),
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 665
'FLAGS'=>'onclick="if ( !KILL_SWITCH ) { mb_logout(); return false; }"',
215
+ − 666
'TEXT'=>$lang->get('sidebar_btn_logout'),
1
+ − 667
));
+ − 668
+ − 669
$logout_link = $parser->run();
+ − 670
+ − 671
$parser->assign_vars(Array(
+ − 672
'HREF'=>makeUrlNS('Special', 'Login/' . $paths->page),
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 673
'FLAGS'=>'onclick="if ( !KILL_SWITCH ) { ajaxStartLogin(); return false; }"',
215
+ − 674
'TEXT'=>$lang->get('sidebar_btn_login'),
1
+ − 675
));
+ − 676
+ − 677
$login_link = $parser->run();
+ − 678
+ − 679
$parser->assign_vars(Array(
+ − 680
'HREF'=>makeUrlNS('Special', 'ChangeStyle/'.$paths->page),
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 681
'FLAGS'=>'onclick="if ( !KILL_SWITCH ) { ajaxChangeStyle(); return false; }"',
215
+ − 682
'TEXT'=>$lang->get('sidebar_btn_changestyle'),
1
+ − 683
));
+ − 684
+ − 685
$theme_link = $parser->run();
+ − 686
60
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 687
$parser->assign_vars(Array(
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 688
'HREF'=>makeUrlNS('Special', 'Administration'),
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 689
'FLAGS'=>'onclick="if ( !KILL_SWITCH ) { void(ajaxStartAdminLogin()); return false; }"',
215
+ − 690
'TEXT'=>$lang->get('sidebar_btn_administration'),
60
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 691
));
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 692
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 693
$admin_link = $parser->run();
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 694
1
+ − 695
$SID = ($session->sid_super) ? $session->sid_super : '';
+ − 696
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 697
$urlname_clean = str_replace('\'', '\\\'', str_replace('\\', '\\\\', dirtify_page_id($paths->fullpage)));
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 698
$urlname_clean = strtr( $urlname_clean, array( '<' => '<', '>' => '>' ) );
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 699
22
+ − 700
$urlname_jssafe = sanitize_page_id($paths->fullpage);
+ − 701
1
+ − 702
// Generate the dynamic javascript vars
+ − 703
$js_dynamic = ' <script type="text/javascript">// <![CDATA[
+ − 704
// This section defines some basic and very important variables that are used later in the static Javascript library.
+ − 705
// SKIN DEVELOPERS: The template variable for this code block is {JS_DYNAMIC_VARS}. This MUST be inserted BEFORE the tag that links to the main Javascript lib.
22
+ − 706
var title=\''. $urlname_jssafe .'\';
1
+ − 707
var page_exists='. ( ( $paths->page_exists) ? 'true' : 'false' ) .';
+ − 708
var scriptPath=\''. scriptPath .'\';
+ − 709
var contentPath=\''.contentPath.'\';
+ − 710
var ENANO_SID =\'' . $SID . '\';
+ − 711
var auth_level=' . $session->auth_level . ';
+ − 712
var USER_LEVEL_GUEST = ' . USER_LEVEL_GUEST . ';
+ − 713
var USER_LEVEL_MEMBER = ' . USER_LEVEL_MEMBER . ';
+ − 714
var USER_LEVEL_CHPREF = ' . USER_LEVEL_CHPREF . ';
+ − 715
var USER_LEVEL_MOD = ' . USER_LEVEL_MOD . ';
+ − 716
var USER_LEVEL_ADMIN = ' . USER_LEVEL_ADMIN . ';
+ − 717
var editNotice = \'' . ( (getConfig('wiki_edit_notice')=='1') ? str_replace("\n", "\\\n", RenderMan::render(getConfig('wiki_edit_notice_text'))) : '' ) . '\';
+ − 718
var prot = ' . ( ($paths->page_protected && !$session->get_permissions('even_when_protected')) ? 'true' : 'false' ) .'; // No, hacking this var won\'t work, it\'s re-checked on the server
+ − 719
var ENANO_SPECIAL_CREATEPAGE = \''. makeUrl($paths->nslist['Special'].'CreatePage') .'\';
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 720
var ENANO_CREATEPAGE_PARAMS = \'_do=&pagename='. $urlname_clean .'&namespace=' . $paths->namespace . '\';
1
+ − 721
var ENANO_SPECIAL_CHANGESTYLE = \''. makeUrlNS('Special', 'ChangeStyle') .'\';
+ − 722
var namespace_list = new Array();
+ − 723
var AES_BITS = '.AES_BITS.';
+ − 724
var AES_BLOCKSIZE = '.AES_BLOCKSIZE.';
+ − 725
var pagepass = \''. ( ( isset($_REQUEST['pagepass']) ) ? sha1($_REQUEST['pagepass']) : '' ) .'\';
+ − 726
var ENANO_THEME_LIST = \'';
+ − 727
foreach($this->theme_list as $t) {
+ − 728
if($t['enabled'])
+ − 729
{
+ − 730
$js_dynamic .= '<option value="'.$t['theme_id'].'"';
29
e5484a9e0818
Rewrote change theme dialog; a few minor stability fixes here and there; fixed IE + St Patty background image
Dan
diff
changeset
+ − 731
// if($t['theme_id'] == $session->theme) $js_dynamic .= ' selected="selected"';
1
+ − 732
$js_dynamic .= '>'.$t['theme_name'].'</option>';
+ − 733
}
+ − 734
}
+ − 735
$js_dynamic .= '\';
210
2b283402e4e4
Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
diff
changeset
+ − 736
var ENANO_CURRENT_THEME = \''. $session->theme .'\';
212
30b857a6b811
Reworked comment system to not use HACKISH FIXES; AJAX comment framework is completely localized now
Dan
diff
changeset
+ − 737
var ENANO_LANG_ID = ' . $lang->lang_id . ';
30b857a6b811
Reworked comment system to not use HACKISH FIXES; AJAX comment framework is completely localized now
Dan
diff
changeset
+ − 738
var ENANO_PAGE_TYPE = "' . addslashes($this->namespace_string) . '";';
1
+ − 739
foreach($paths->nslist as $k => $c)
+ − 740
{
+ − 741
$js_dynamic .= "namespace_list['{$k}'] = '$c';";
+ − 742
}
+ − 743
$js_dynamic .= "\n //]]>\n </script>";
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 744
1
+ − 745
$tpl_strings = Array(
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 746
'PAGE_NAME'=>htmlspecialchars($paths->cpage['name']),
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 747
'PAGE_URLNAME'=> $urlname_clean,
40
+ − 748
'SITE_NAME'=>htmlspecialchars(getConfig('site_name')),
1
+ − 749
'USERNAME'=>$session->username,
40
+ − 750
'SITE_DESC'=>htmlspecialchars(getConfig('site_desc')),
1
+ − 751
'TOOLBAR'=>$tb,
+ − 752
'SCRIPTPATH'=>scriptPath,
+ − 753
'CONTENTPATH'=>contentPath,
+ − 754
'ADMIN_SID_QUES'=>$asq,
+ − 755
'ADMIN_SID_AMP'=>$asa,
+ − 756
'ADMIN_SID_AMP_HTML'=>$ash,
+ − 757
'ADMIN_SID_AUTO'=>$as2,
114
47393c6619ea
Nothing special, just syncing to Scribus, several bugs have been found with GET forms and a fix is in the works
Dan
diff
changeset
+ − 758
'ADMIN_SID_RAW'=> ( is_string($session->sid_super) ? $session->sid_super : '' ),
1
+ − 759
'ADDITIONAL_HEADERS'=>$this->additional_headers,
91
+ − 760
'COPYRIGHT'=>RenderMan::parse_internal_links(getConfig('copyright_notice')),
1
+ − 761
'TOOLBAR_EXTRAS'=>$this->toolbar_menu,
+ − 762
'REQUEST_URI'=>$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'],
+ − 763
'STYLE_LINK'=>makeUrlNS('Special', 'CSS'.$p, null, true), //contentPath.$paths->nslist['Special'].'CSS' . $p,
+ − 764
'LOGIN_LINK'=>$login_link,
+ − 765
'LOGOUT_LINK'=>$logout_link,
60
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 766
'ADMIN_LINK'=>$admin_link,
1
+ − 767
'THEME_LINK'=>$theme_link,
115
261f367623af
Fixed the obnoxious issue with forms using GET and index.php?title=Foo URL scheme (this works a whole lot better than MediaWiki now
Dan
diff
changeset
+ − 768
'SEARCH_ACTION'=>makeUrlNS('Special', 'Search'),
322
+ − 769
'INPUT_TITLE'=>( urlSeparator == '&' ? '<input type="hidden" name="title" value="' . htmlspecialchars( $paths->nslist[$paths->namespace] . $paths->page_id ) . '" />' : ''),
115
261f367623af
Fixed the obnoxious issue with forms using GET and index.php?title=Foo URL scheme (this works a whole lot better than MediaWiki now
Dan
diff
changeset
+ − 770
'INPUT_AUTH'=>( $session->sid_super ? '<input type="hidden" name="auth" value="' . $session->sid_super . '" />' : ''),
1
+ − 771
'TEMPLATE_DIR'=>scriptPath.'/themes/'.$this->theme,
+ − 772
'THEME_ID'=>$this->theme,
+ − 773
'STYLE_ID'=>$this->style,
+ − 774
'JS_DYNAMIC_VARS'=>$js_dynamic,
85
7c68a18a27be
AJAX comments are now paginated; plugin manager can now show system plugins; typo in installer corrected; links in oxygen/stpatty/admin footers changed to "About Enano" page; 1.0.1 release candidate
Dan
diff
changeset
+ − 775
'UNREAD_PMS'=>$session->unread_pms,
286
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 776
'URL_ABOUT_ENANO' => makeUrlNS('Special', 'About_Enano', '', true),
315
f49e3c8b638c
Fixed focus of AJAX login form fields in IE; removed stale/unused call to $template->makeParserText() in paginate_array(); added hook page_create_request to possibly help control creation of pages of certain namespaces from plugins; fixed critical bug in user CP that prevented plugins from adding custom CP modules
Dan
diff
changeset
+ − 777
'REPORT_URI' => makeUrl($paths->fullpage, 'do=sql_report', true)
1
+ − 778
);
+ − 779
+ − 780
foreach ( $paths->nslist as $ns_id => $ns_prefix )
+ − 781
{
+ − 782
$tpl_strings[ 'NS_' . strtoupper($ns_id) ] = $ns_prefix;
+ − 783
}
+ − 784
+ − 785
$this->tpl_strings = array_merge($tpl_strings, $this->tpl_strings);
+ − 786
list($this->tpl_strings['SIDEBAR_LEFT'], $this->tpl_strings['SIDEBAR_RIGHT'], $min) = $this->fetch_sidebar();
+ − 787
$this->tpl_bool['sidebar_left'] = ( $this->tpl_strings['SIDEBAR_LEFT'] != $min) ? true : false;
+ − 788
$this->tpl_bool['sidebar_right'] = ( $this->tpl_strings['SIDEBAR_RIGHT'] != $min) ? true : false;
+ − 789
$this->tpl_bool['right_sidebar'] = $this->tpl_bool['sidebar_right']; // backward compatibility
118
0c5efda996bf
Added keep-alive function to admin panel (had been planned for some time) and a new hook, template_var_init_end
Dan
diff
changeset
+ − 790
0c5efda996bf
Added keep-alive function to admin panel (had been planned for some time) and a new hook, template_var_init_end
Dan
diff
changeset
+ − 791
$code = $plugins->setHook('template_var_init_end');
0c5efda996bf
Added keep-alive function to admin panel (had been planned for some time) and a new hook, template_var_init_end
Dan
diff
changeset
+ − 792
foreach ( $code as $cmd )
0c5efda996bf
Added keep-alive function to admin panel (had been planned for some time) and a new hook, template_var_init_end
Dan
diff
changeset
+ − 793
{
0c5efda996bf
Added keep-alive function to admin panel (had been planned for some time) and a new hook, template_var_init_end
Dan
diff
changeset
+ − 794
eval($cmd);
0c5efda996bf
Added keep-alive function to admin panel (had been planned for some time) and a new hook, template_var_init_end
Dan
diff
changeset
+ − 795
}
372
5bd429428101
A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager
Dan
diff
changeset
+ − 796
5bd429428101
A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager
Dan
diff
changeset
+ − 797
profiler_log("template: finished var init");
1
+ − 798
}
+ − 799
+ − 800
function header($simple = false)
+ − 801
{
+ − 802
global $db, $session, $paths, $template, $plugins; // Common objects
215
+ − 803
global $lang;
+ − 804
1
+ − 805
ob_start();
+ − 806
+ − 807
if(!$this->theme_loaded)
+ − 808
{
+ − 809
$this->load_theme($session->theme, $session->style);
+ − 810
}
+ − 811
+ − 812
$headers_sent = true;
+ − 813
if(!defined('ENANO_HEADERS_SENT'))
+ − 814
define('ENANO_HEADERS_SENT', '');
174
4c5c2b66a34d
SECURITY: remove debug message in session manager; implemented alternate MediaWiki syntax for template embedding; added Adobe Spry for "shake" effect on unsuccessful login
Dan
diff
changeset
+ − 815
if ( !$this->no_headers )
4c5c2b66a34d
SECURITY: remove debug message in session manager; implemented alternate MediaWiki syntax for template embedding; added Adobe Spry for "shake" effect on unsuccessful login
Dan
diff
changeset
+ − 816
{
4c5c2b66a34d
SECURITY: remove debug message in session manager; implemented alternate MediaWiki syntax for template embedding; added Adobe Spry for "shake" effect on unsuccessful login
Dan
diff
changeset
+ − 817
$header = ( $simple ) ?
4c5c2b66a34d
SECURITY: remove debug message in session manager; implemented alternate MediaWiki syntax for template embedding; added Adobe Spry for "shake" effect on unsuccessful login
Dan
diff
changeset
+ − 818
$this->process_template('simple-header.tpl') :
4c5c2b66a34d
SECURITY: remove debug message in session manager; implemented alternate MediaWiki syntax for template embedding; added Adobe Spry for "shake" effect on unsuccessful login
Dan
diff
changeset
+ − 819
$this->process_template('header.tpl');
4c5c2b66a34d
SECURITY: remove debug message in session manager; implemented alternate MediaWiki syntax for template embedding; added Adobe Spry for "shake" effect on unsuccessful login
Dan
diff
changeset
+ − 820
echo $header;
4c5c2b66a34d
SECURITY: remove debug message in session manager; implemented alternate MediaWiki syntax for template embedding; added Adobe Spry for "shake" effect on unsuccessful login
Dan
diff
changeset
+ − 821
}
1
+ − 822
if ( !$simple && $session->user_logged_in && $session->unread_pms > 0 )
+ − 823
{
+ − 824
echo $this->notify_unread_pms();
+ − 825
}
+ − 826
if ( !$simple && $session->sw_timed_out )
+ − 827
{
+ − 828
$login_link = makeUrlNS('Special', 'Login/' . $paths->fullpage, 'level=' . $session->user_level, true);
+ − 829
echo '<div class="usermessage">';
215
+ − 830
echo $lang->get('user_msg_elev_timed_out', array( 'login_link' => $login_link ));
1
+ − 831
echo '</div>';
+ − 832
}
30
+ − 833
if ( $this->site_disabled && $session->user_level >= USER_LEVEL_ADMIN && ( $paths->page != $paths->nslist['Special'] . 'Administration' ) )
+ − 834
{
+ − 835
$admin_link = makeUrlNS('Special', 'Administration', 'module=' . $paths->nslist['Admin'] . 'GeneralConfig', true);
391
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 836
echo '<div class="usermessage"><b>' . $lang->get('page_sitedisabled_admin_msg_title') . '</b><br />
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 837
' . $lang->get('page_sitedisabled_admin_msg_body', array('admin_link' => $admin_link)) . '
30
+ − 838
</div>';
+ − 839
}
1
+ − 840
}
372
5bd429428101
A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager
Dan
diff
changeset
+ − 841
1
+ − 842
function footer($simple = false)
+ − 843
{
391
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 844
echo $this->getFooter();
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 845
ob_end_flush();
1
+ − 846
}
372
5bd429428101
A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager
Dan
diff
changeset
+ − 847
1
+ − 848
function getHeader()
+ − 849
{
+ − 850
$headers_sent = true;
+ − 851
if(!defined('ENANO_HEADERS_SENT'))
+ − 852
define('ENANO_HEADERS_SENT', '');
+ − 853
if(!$this->no_headers) return $this->process_template('header.tpl');
+ − 854
}
+ − 855
function getFooter()
+ − 856
{
+ − 857
global $db, $session, $paths, $template, $plugins; // Common objects
391
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 858
global $lang;
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 859
if ( !$this->no_headers )
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 860
{
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 861
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 862
if(!defined('ENANO_HEADERS_SENT'))
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 863
$this->header();
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 864
1
+ − 865
global $_starttime;
+ − 866
if(isset($_GET['sqldbg']) && $session->get_permissions('mod_misc'))
+ − 867
{
391
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 868
echo '<h3>' . $lang->get('page_heading_sql_list') . '</h3><pre style="margin-left: 1em">';
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 869
echo htmlspecialchars($db->sql_backtrace());
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 870
echo '</pre>';
1
+ − 871
}
+ − 872
391
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 873
$t = ( $simple ) ? $this->process_template('simple-footer.tpl') : $this->process_template('footer.tpl');
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 874
1
+ − 875
$f = microtime_float();
+ − 876
$f = $f - $_starttime;
+ − 877
$f = round($f, 4);
391
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 878
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 879
$t_loc = $lang->get('page_msg_stats_gentime_short', array('time' => $f));
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 880
$t_loc_long = $lang->get('page_msg_stats_gentime_long', array('time' => $f));
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 881
$q_loc = '<a href="' . $this->tpl_strings['REPORT_URI'] . '">' . $lang->get('page_msg_stats_sql', array('nq' => $db->num_queries)) . '</a>';
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 882
$dbg = $t_loc;
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 883
$dbg_long = $t_loc_long;
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 884
if ( $session->user_level >= USER_LEVEL_ADMIN )
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 885
{
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 886
$dbg .= " | $q_loc";
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 887
$dbg_long .= " | $q_loc";
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 888
}
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 889
1
+ − 890
$t = str_replace('[[Stats]]', $dbg, $t);
391
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 891
$t = str_replace('[[StatsLong]]', $dbg_long, $t);
1
+ − 892
$t = str_replace('[[NumQueries]]', (string)$db->num_queries, $t);
+ − 893
$t = str_replace('[[GenTime]]', (string)$f, $t);
391
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 894
$t = str_replace('[[NumQueriesLoc]]', $q_loc, $t);
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 895
$t = str_replace('[[GenTimeLoc]]', $t_loc, $t);
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 896
$t = str_replace('[[EnanoPoweredLink]]', $lang->get('page_enano_powered', array('about_uri' => $this->tpl_strings['URL_ABOUT_ENANO'])), $t);
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 897
$t = str_replace('[[EnanoPoweredLinkLong]]', $lang->get('page_enano_powered_long', array('about_uri' => $this->tpl_strings['URL_ABOUT_ENANO'])), $t);
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 898
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 899
if ( defined('ENANO_DEBUG') )
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 900
$t = str_replace('</body>', '<div id="profile" style="margin: 10px;">' . profiler_make_html() . '</div></body>', $t);
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 901
1
+ − 902
return $t;
+ − 903
}
391
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 904
else
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 905
{
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 906
return '';
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 907
}
1
+ − 908
}
+ − 909
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 910
/**
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 911
* Compiles and executes a template based on the current variables and booleans. Loads
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 912
* the theme and initializes variables if needed. This mostly just calls child functions.
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 913
* @param string File to process
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 914
* @return string
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 915
*/
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 916
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 917
function process_template($file)
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 918
{
1
+ − 919
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 920
if(!defined('ENANO_TEMPLATE_LOADED'))
+ − 921
{
+ − 922
$this->load_theme();
+ − 923
$this->init_vars();
+ − 924
}
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 925
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 926
$compiled = $this->compile_template($file);
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 927
return eval($compiled);
1
+ − 928
}
+ − 929
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 930
/**
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 931
* Loads variables from the specified template file. Returns an associative array containing the variables.
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 932
* @param string Template file to process (elements.tpl)
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 933
* @return array
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 934
*/
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 935
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 936
function extract_vars($file)
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 937
{
1
+ − 938
global $db, $session, $paths, $template, $plugins; // Common objects
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 939
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 940
// Sometimes this function gets called before the theme is loaded
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 941
// This is a bad coding practice so this function will always be picky.
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 942
if ( !$this->theme )
1
+ − 943
{
+ − 944
die('$template->extract_vars(): theme not yet loaded, so we can\'t open template files yet...this is a bug and should be reported.<br /><br />Backtrace, most recent call first:<pre>'.enano_debug_print_backtrace(true).'</pre>');
+ − 945
}
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 946
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 947
// Full pathname of template file
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 948
$tpl_file_fullpath = ENANO_ROOT . '/themes/' . $this->theme . '/' . $file;
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 949
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 950
// Make sure the template even exists
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 951
if ( !is_file($tpl_file_fullpath) )
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 952
{
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 953
die_semicritical('Cannot find template file',
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 954
'<p>The template parser was asked to load the file "' . htmlspecialchars($filename) . '", but that file couldn\'t be found in the directory for
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 955
the current theme.</p>
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 956
<p>Additional debugging information:<br />
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 957
<b>Theme currently in use: </b>' . $this->theme . '<br />
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 958
<b>Requested file: </b>' . $file . '
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 959
</p>');
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 960
}
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 961
// Retrieve file contents
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 962
$text = file_get_contents($tpl_file_fullpath);
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 963
if ( !$text )
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 964
{
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 965
return false;
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 966
}
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 967
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 968
// Get variables, regular expressions FTW
1
+ − 969
preg_match_all('#<\!-- VAR ([A-z0-9_-]*) -->(.*?)<\!-- ENDVAR \\1 -->#is', $text, $matches);
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 970
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 971
// Initialize return values
1
+ − 972
$tplvars = Array();
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 973
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 974
// Loop through each match, setting $tplvars[ $first_subpattern ] to $second_subpattern
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 975
for ( $i = 0; $i < sizeof($matches[1]); $i++ )
1
+ − 976
{
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 977
$tplvars[ $matches[1][$i] ] = $matches[2][$i];
1
+ − 978
}
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 979
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 980
// All done!
1
+ − 981
return $tplvars;
+ − 982
}
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 983
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 984
/**
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 985
* Compiles a block of template code.
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 986
* @param string The text to process
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 987
* @return string
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 988
*/
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 989
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 990
function compile_tpl_code($text)
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 991
{
189
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 992
global $db, $session, $paths, $template, $plugins; // Common objects
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 993
// A random seed used to salt tags
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 994
$seed = md5 ( microtime() . mt_rand() );
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 995
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 996
// Strip out PHP sections
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 997
preg_match_all('/<\?php(.+?)\?>/is', $text, $php_matches);
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 998
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 999
foreach ( $php_matches[0] as $i => $match )
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1000
{
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1001
// Substitute the PHP section with a random tag
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1002
$tag = "{PHP:$i:$seed}";
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1003
$text = str_replace_once($match, $tag, $text);
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1004
}
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1005
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1006
// Escape slashes and single quotes in template code
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1007
$text = str_replace('\\', '\\\\', $text);
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1008
$text = str_replace('\'', '\\\'', $text);
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1009
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1010
// Initialize the PHP compiled code
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1011
$text = 'ob_start(); echo \''.$text.'\'; $tpl_code = ob_get_contents(); ob_end_clean(); return $tpl_code;';
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1012
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1013
##
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1014
## Main rules
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1015
##
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1016
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1017
//
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1018
// Conditionals
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1019
//
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1020
189
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1021
$keywords = array('BEGIN', 'BEGINNOT', 'IFSET', 'IFPLUGIN');
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1022
$code = $plugins->setHook('template_compile_logic_keyword');
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1023
foreach ( $code as $cmd )
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1024
{
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1025
eval($cmd);
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1026
}
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1027
189
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1028
$keywords = implode('|', $keywords);
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1029
189
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1030
// Matches
391
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 1031
// 1 2 3 4 56 7 8
189
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1032
$regexp = '/(<!-- ('. $keywords .') ([A-z0-9_-]+) -->)(.*)((<!-- BEGINELSE \\3 -->)(.*))?(<!-- END \\3 -->)/isU';
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1033
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1034
/*
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1035
The way this works is: match all blocks using the standard form with a different keyword in the block each time,
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1036
and replace them with appropriate PHP logic. Plugin-extensible now. :-)
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1037
189
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1038
The while-loop is to bypass what is apparently a PCRE bug. It's hackish but it works. Properly written plugins should only need
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1039
to compile templates (using this method) once for each time the template file is changed.
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1040
*/
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1041
while ( preg_match($regexp, $text) )
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1042
{
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1043
preg_match_all($regexp, $text, $matches);
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1044
for ( $i = 0; $i < count($matches[0]); $i++ )
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1045
{
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1046
$start_tag =& $matches[1][$i];
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1047
$type =& $matches[2][$i];
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1048
$test =& $matches[3][$i];
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1049
$particle_true =& $matches[4][$i];
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1050
$else_tag =& $matches[6][$i];
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1051
$particle_else =& $matches[7][$i];
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1052
$end_tag =& $matches[8][$i];
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1053
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1054
switch($type)
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1055
{
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1056
case 'BEGIN':
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1057
$cond = "isset(\$this->tpl_bool['$test']) && \$this->tpl_bool['$test']";
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1058
break;
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1059
case 'BEGINNOT':
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1060
$cond = "!isset(\$this->tpl_bool['$test']) || ( isset(\$this->tpl_bool['$test']) && !\$this->tpl_bool['$test'] )";
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1061
break;
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1062
case 'IFPLUGIN':
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1063
$cond = "getConfig('plugin_$test') == '1'";
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1064
break;
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1065
case 'IFSET':
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1066
$cond = "isset(\$this->tpl_strings['$test'])";
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1067
break;
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1068
default:
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1069
$code = $plugins->setHook('template_compile_logic_cond');
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1070
foreach ( $code as $cmd )
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1071
{
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1072
eval($cmd);
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1073
}
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1074
break;
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1075
}
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1076
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1077
if ( !isset($cond) || ( isset($cond) && !is_string($cond) ) )
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1078
continue;
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1079
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1080
$tag_complete = <<<TPLCODE
286
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 1081
';
189
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1082
/* START OF CONDITION: $type ($test) */
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1083
if ( $cond )
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1084
{
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1085
echo '$particle_true';
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1086
/* ELSE OF CONDITION: $type ($test) */
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1087
}
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1088
else
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1089
{
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1090
echo '$particle_else';
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1091
/* END OF CONDITION: $type ($test) */
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1092
}
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1093
echo '
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1094
TPLCODE;
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1095
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1096
$text = str_replace_once($matches[0][$i], $tag_complete, $text);
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1097
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1098
}
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1099
}
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1100
189
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1101
// For debugging ;-)
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1102
// die("<pre><?php\n" . htmlspecialchars($text."\n\n".print_r($matches,true)) . "\n\n?></pre>");
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1103
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1104
//
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1105
// Data substitution/variables
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1106
//
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1107
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1108
// System messages
383
1030864dc319
Fixed SYSMSG tag in templates causing problems; commented out ENANO_DEBUG; fixed bad table prefix in installer payload logic
Dan
diff
changeset
+ − 1109
$text = preg_replace('/<!-- SYSMSG ([A-z0-9\._-]+?) -->/is', '\' . $template->tplWikiFormat($paths->sysMsg(\'\\1\')) . \'', $text);
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1110
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1111
// Template variables
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1112
$text = preg_replace('/\{([A-z0-9_-]+?)\}/is', '\' . $this->tpl_strings[\'\\1\'] . \'', $text);
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1113
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1114
// Reinsert PHP
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1115
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1116
foreach ( $php_matches[1] as $i => $match )
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1117
{
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1118
// Substitute the random tag with the "real" PHP code
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1119
$tag = "{PHP:$i:$seed}";
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1120
$text = str_replace_once($tag, "'; $match echo '", $text);
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1121
}
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1122
189
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1123
// echo('<pre>' . htmlspecialchars($text) . '</pre>');
fd0e9c7a7b28
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan
diff
changeset
+ − 1124
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1125
return $text;
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1126
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1127
}
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1128
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1129
/**
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1130
* Compiles the contents of a given template file, possibly using a cached copy, and returns the compiled code.
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1131
* @param string Filename of template (header.tpl)
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1132
* @return string
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1133
*/
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1134
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1135
function compile_template($filename)
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1136
{
1
+ − 1137
global $db, $session, $paths, $template, $plugins; // Common objects
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1138
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1139
// Full path to template file
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1140
$tpl_file_fullpath = ENANO_ROOT . '/themes/' . $this->theme . '/' . $filename;
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1141
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1142
// Make sure the file exists
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1143
if ( !is_file($tpl_file_fullpath) )
1
+ − 1144
{
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1145
die_semicritical('Cannot find template file',
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1146
'<p>The template parser was asked to load the file "' . htmlspecialchars($filename) . '", but that file couldn\'t be found in the directory for
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1147
the current theme.</p>
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1148
<p>Additional debugging information:<br />
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1149
<b>Theme currently in use: </b>' . $this->theme . '<br />
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1150
<b>Requested file: </b>' . $file . '
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1151
</p>');
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1152
}
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1153
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1154
// Check for cached copy
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1155
// This will make filenames in the pattern of theme-file.tpl.php
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1156
$cache_file = ENANO_ROOT . '/cache/' . $this->theme . '-' . str_replace('/', '-', $filename) . '.php';
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1157
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1158
// Only use cached copy if caching is enabled
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1159
// (it is enabled by default I think)
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1160
if ( file_exists($cache_file) && getConfig('cache_thumbs') == '1' )
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1161
{
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1162
// Cache files are auto-generated, but otherwise are normal PHP files
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1163
include($cache_file);
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1164
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1165
// Fetch content of the ORIGINAL
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1166
$text = file_get_contents($tpl_file_fullpath);
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1167
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1168
// $md5 will be set by the cached file
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1169
// This makes sure that a cached copy of the template is used only if its MD5
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1170
// matches the MD5 of the file that the compiled file was compiled from.
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1171
if ( isset($md5) && $md5 == md5($text) )
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1172
{
211
+ − 1173
return $this->compile_template_text_post(str_replace('\\"', '"', $tpl_text));
1
+ − 1174
}
+ − 1175
}
+ − 1176
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1177
// We won't use the cached copy here
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1178
$text = file_get_contents($tpl_file_fullpath);
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1179
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1180
// This will be used later when writing the cached file
1
+ − 1181
$md5 = md5($text);
+ − 1182
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1183
// Preprocessing and checks complete - compile the code
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1184
$text = $this->compile_tpl_code($text);
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1185
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1186
// Perhaps caching is enabled and the admin has changed the template?
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1187
if ( is_writable( ENANO_ROOT . '/cache/' ) && getConfig('cache_thumbs') == '1' )
1
+ − 1188
{
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1189
$h = fopen($cache_file, 'w');
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1190
if ( !$h )
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1191
{
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1192
// Couldn't open the file - silently ignore and return
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1193
return $text;
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1194
}
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1195
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1196
// Escape the compiled code so it can be eval'ed
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1197
$text_escaped = addslashes($text);
128
01955bf53f96
Improved ban control page and allowed multiple entries/IP ranges; changed some parameters on jBox; user level changes are logged now
Dan
diff
changeset
+ − 1198
$notice = <<<EOF
01955bf53f96
Improved ban control page and allowed multiple entries/IP ranges; changed some parameters on jBox; user level changes are logged now
Dan
diff
changeset
+ − 1199
01955bf53f96
Improved ban control page and allowed multiple entries/IP ranges; changed some parameters on jBox; user level changes are logged now
Dan
diff
changeset
+ − 1200
/*
01955bf53f96
Improved ban control page and allowed multiple entries/IP ranges; changed some parameters on jBox; user level changes are logged now
Dan
diff
changeset
+ − 1201
* NOTE: This file was automatically generated by Enano and is based on compiled code. Do not edit this file.
01955bf53f96
Improved ban control page and allowed multiple entries/IP ranges; changed some parameters on jBox; user level changes are logged now
Dan
diff
changeset
+ − 1202
* If you edit this file, any changes you make will be lost the next time the associated source template file is edited.
01955bf53f96
Improved ban control page and allowed multiple entries/IP ranges; changed some parameters on jBox; user level changes are logged now
Dan
diff
changeset
+ − 1203
*/
01955bf53f96
Improved ban control page and allowed multiple entries/IP ranges; changed some parameters on jBox; user level changes are logged now
Dan
diff
changeset
+ − 1204
01955bf53f96
Improved ban control page and allowed multiple entries/IP ranges; changed some parameters on jBox; user level changes are logged now
Dan
diff
changeset
+ − 1205
EOF;
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1206
// This is really just a normal PHP file that sets a variable or two and exits.
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1207
// $tpl_text actually will contain the compiled code
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1208
fwrite($h, '<?php ' . $notice . ' $md5 = \'' . $md5 . '\'; $tpl_text = \'' . $text_escaped . '\'; ?>');
1
+ − 1209
fclose($h);
+ − 1210
}
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1211
211
+ − 1212
return $this->compile_template_text_post($text); //('<pre>'.htmlspecialchars($text).'</pre>');
1
+ − 1213
}
+ − 1214
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1215
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1216
/**
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1217
* Compiles (parses) some template code with the current master set of variables and booleans.
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1218
* @param string Text to process
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1219
* @return string
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1220
*/
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1221
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1222
function compile_template_text($text)
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1223
{
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1224
// this might do something else in the future, possibly cache large templates
211
+ − 1225
return $this->compile_template_text_post($this->compile_tpl_code($text));
1
+ − 1226
}
+ − 1227
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1228
/**
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1229
* For convenience - compiles AND parses some template code.
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1230
* @param string Text to process
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1231
* @return string
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1232
*/
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1233
1
+ − 1234
function parse($text)
+ − 1235
{
+ − 1236
$text = $this->compile_template_text($text);
211
+ − 1237
$text = $this->compile_template_text_post($text);
1
+ − 1238
return eval($text);
+ − 1239
}
+ − 1240
211
+ − 1241
/**
+ − 1242
* Post-processor for template code. Basically what this does is it localizes {lang:foo} blocks.
+ − 1243
* @param string Mostly-processed TPL code
+ − 1244
* @return string
+ − 1245
*/
+ − 1246
+ − 1247
function compile_template_text_post($text)
+ − 1248
{
+ − 1249
global $lang;
+ − 1250
preg_match_all('/\{lang:([a-z0-9]+_[a-z0-9_]+)\}/', $text, $matches);
+ − 1251
foreach ( $matches[1] as $i => $string_id )
+ − 1252
{
+ − 1253
$string = $lang->get($string_id);
+ − 1254
$string = str_replace('\\', '\\\\', $string);
+ − 1255
$string = str_replace('\'', '\\\'', $string);
+ − 1256
$text = str_replace_once($matches[0][$i], $string, $text);
+ − 1257
}
+ − 1258
return $text;
+ − 1259
}
+ − 1260
1
+ − 1261
// Steps to turn this:
+ − 1262
// [[Project:Community Portal]]
+ − 1263
// into this:
+ − 1264
// <a href="/Project:Community_Portal">Community Portal</a>
+ − 1265
// Must be done WITHOUT creating eval'ed code!!!
+ − 1266
+ − 1267
// 1. preg_replace \[\[([a-zA-Z0-9 -_:]*?)\]\] with <a href="'.contentPath.'\\1">\\1</a>
+ − 1268
// 2. preg_match_all <a href="'.preg_quote(contentPath).'([a-zA-Z0-9 -_:]*?)">
+ − 1269
// 3. For each match, replace matches with identifiers
+ − 1270
// 4. For each match, str_replace ' ' with '_'
+ − 1271
// 5. For each match, str_replace match_id:random_val with $matches[$match_id]
+ − 1272
+ − 1273
// The template language is really a miniature programming language; with variables, conditionals, everything!
+ − 1274
// So you can implement custom logic into your sidebar if you wish.
+ − 1275
// "Real" PHP support coming soon :-D
+ − 1276
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1277
/**
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1278
* Takes a blob of HTML with the specially formatted template-oriented wikitext and formats it. Does not use eval().
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1279
* This function butchers every coding standard in Enano and should eventually be rewritten. The fact is that the
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1280
* code _works_ and does a good job of checking for errors and cleanly complaining about them.
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1281
* @param string Text to process
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1282
* @param bool Ignored for backwards compatibility
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1283
* @param string File to get variables for sidebar data from
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1284
* @return string
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1285
*/
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1286
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1287
function tplWikiFormat($message, $filter_links = false, $filename = 'elements.tpl')
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1288
{
1
+ − 1289
global $db, $session, $paths, $template, $plugins; // Common objects
215
+ − 1290
global $lang;
+ − 1291
1
+ − 1292
$filter_links = false;
+ − 1293
$tplvars = $this->extract_vars($filename);
+ − 1294
if($session->sid_super) $as = htmlspecialchars(urlSeparator).'auth='.$session->sid_super;
+ − 1295
else $as = '';
+ − 1296
error_reporting(E_ALL);
+ − 1297
$random_id = sha1(microtime().''); // A temp value
+ − 1298
+ − 1299
/*
+ − 1300
* PREPROCESSOR
+ − 1301
*/
+ − 1302
+ − 1303
// Variables
+ − 1304
+ − 1305
preg_match_all('#\$([A-Z_-]+)\$#', $message, $links);
+ − 1306
$links = $links[1];
+ − 1307
+ − 1308
for($i=0;$i<sizeof($links);$i++)
+ − 1309
{
+ − 1310
$message = str_replace('$'.$links[$i].'$', $this->tpl_strings[$links[$i]], $message);
+ − 1311
}
+ − 1312
+ − 1313
// Conditionals
+ − 1314
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1315
preg_match_all('#\{if ([A-Za-z0-9_ \(\)&\|\!-]*)\}(.*?)\{\/if\}#is', $message, $links);
1
+ − 1316
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1317
// Temporary exception from coding standards - using tab length of 4 here for clarity
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1318
for ( $i = 0; $i < sizeof($links[1]); $i++ )
1
+ − 1319
{
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1320
$condition =& $links[1][$i];
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1321
$message = str_replace('{if '.$condition.'}'.$links[2][$i].'{/if}', '{CONDITIONAL:'.$i.':'.$random_id.'}', $message);
1
+ − 1322
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1323
// Time for some manual parsing...
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1324
$chk = false;
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1325
$current_id = '';
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1326
$prn_level = 0;
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1327
// Used to keep track of where we are in the conditional
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1328
// Object of the game: turn {if this && ( that OR !something_else )} ... {/if} into if( ( isset($this->tpl_bool['that']) && $this->tpl_bool['that'] ) && ...
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1329
// Method of attack: escape all variables, ignore all else. Non-valid code is filtered out by a regex above.
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1330
$in_var_now = true;
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1331
$in_var_last = false;
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1332
$current_var = '';
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1333
$current_var_start_pos = 0;
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1334
$current_var_end_pos = 0;
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1335
$j = -1;
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1336
$condition = $condition . ' ';
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1337
$d = strlen($condition);
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1338
while($j < $d)
1
+ − 1339
{
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1340
$j++;
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1341
$in_var_last = $in_var_now;
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1342
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1343
$char = substr($condition, $j, 1);
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1344
$in_var_now = ( preg_match('#^([A-z0-9_]*){1}$#', $char) ) ? true : false;
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1345
if(!$in_var_last && $in_var_now)
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1346
{
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1347
$current_var_start_pos = $j;
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1348
}
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1349
if($in_var_last && !$in_var_now)
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1350
{
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1351
$current_var_end_pos = $j;
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1352
}
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1353
if($in_var_now)
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1354
{
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1355
$current_var .= $char;
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1356
continue;
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1357
}
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1358
// OK we are not inside of a variable. That means that we JUST hit the end because the counter ($j) will be advanced to the beginning of the next variable once processing here is complete.
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1359
if($char != ' ' && $char != '(' && $char != ')' && $char != 'A' && $char != 'N' && $char != 'D' && $char != 'O' && $char != 'R' && $char != '&' && $char != '|' && $char != '!' && $char != '<' && $char != '>' && $char != '0' && $char != '1' && $char != '2' && $char != '3' && $char != '4' && $char != '5' && $char != '6' && $char != '7' && $char != '8' && $char != '9')
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1360
{
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1361
// XSS attack! Bail out
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1362
$errmsg = '<p><b>Error:</b> Syntax error (possibly XSS attack) caught in template code:</p>';
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1363
$errmsg .= '<pre>';
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1364
$errmsg .= '{if '.htmlspecialchars($condition).'}';
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1365
$errmsg .= "\n ";
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1366
for ( $k = 0; $k < $j; $k++ )
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1367
{
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1368
$errmsg .= " ";
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1369
}
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1370
// Show position of error
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1371
$errmsg .= '<span style="color: red;">^</span>';
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1372
$errmsg .= '</pre>';
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1373
$message = str_replace('{CONDITIONAL:'.$i.':'.$random_id.'}', $errmsg, $message);
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1374
continue 2;
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1375
}
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1376
if($current_var != '')
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1377
{
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1378
$cd = '( isset($this->tpl_bool[\''.$current_var.'\']) && $this->tpl_bool[\''.$current_var.'\'] )';
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1379
$cvt = substr($condition, 0, $current_var_start_pos) . $cd . substr($condition, $current_var_end_pos, strlen($condition));
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1380
$j = $j + strlen($cd) - strlen($current_var);
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1381
$current_var = '';
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1382
$condition = $cvt;
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1383
$d = strlen($condition);
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1384
}
1
+ − 1385
}
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1386
$condition = substr($condition, 0, strlen($condition)-1);
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1387
$condition = '$chk = ( '.$condition.' ) ? true : false;';
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1388
eval($condition);
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1389
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1390
if($chk)
1
+ − 1391
{
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1392
if(strstr($links[2][$i], '{else}')) $c = substr($links[2][$i], 0, strpos($links[2][$i], '{else}'));
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1393
else $c = $links[2][$i];
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1394
$message = str_replace('{CONDITIONAL:'.$i.':'.$random_id.'}', $c, $message);
1
+ − 1395
}
162
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1396
else
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1397
{
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1398
if(strstr($links[2][$i], '{else}')) $c = substr($links[2][$i], strpos($links[2][$i], '{else}')+6, strlen($links[2][$i]));
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1399
else $c = '';
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1400
$message = str_replace('{CONDITIONAL:'.$i.':'.$random_id.'}', $c, $message);
e1a22031b5bd
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan
diff
changeset
+ − 1401
}
1
+ − 1402
}
+ − 1403
+ − 1404
preg_match_all('#\{!if ([A-Za-z_-]*)\}(.*?)\{\/if\}#is', $message, $links);
+ − 1405
+ − 1406
for($i=0;$i<sizeof($links[1]);$i++)
+ − 1407
{
+ − 1408
$message = str_replace('{!if '.$links[1][$i].'}'.$links[2][$i].'{/if}', '{CONDITIONAL:'.$i.':'.$random_id.'}', $message);
+ − 1409
if(isset($this->tpl_bool[$links[1][$i]]) && $this->tpl_bool[$links[1][$i]]) {
+ − 1410
if(strstr($links[2][$i], '{else}')) $c = substr($links[2][$i], strpos($links[2][$i], '{else}')+6, strlen($links[2][$i]));
+ − 1411
else $c = '';
+ − 1412
$message = str_replace('{CONDITIONAL:'.$i.':'.$random_id.'}', $c, $message);
+ − 1413
} else {
+ − 1414
if(strstr($links[2][$i], '{else}')) $c = substr($links[2][$i], 0, strpos($links[2][$i], '{else}'));
+ − 1415
else $c = $links[2][$i];
+ − 1416
$message = str_replace('{CONDITIONAL:'.$i.':'.$random_id.'}', $c, $message);
+ − 1417
}
+ − 1418
}
+ − 1419
215
+ − 1420
preg_match_all('/\{lang:([a-z0-9]+_[a-z0-9_]+)\}/', $message, $matches);
+ − 1421
foreach ( $matches[1] as $i => $string_id )
+ − 1422
{
+ − 1423
$string = $lang->get($string_id);
+ − 1424
$string = str_replace('\\', '\\\\', $string);
+ − 1425
$string = str_replace('\'', '\\\'', $string);
+ − 1426
$message = str_replace_once($matches[0][$i], $string, $message);
+ − 1427
}
+ − 1428
1
+ − 1429
/*
+ − 1430
* HTML RENDERER
+ − 1431
*/
+ − 1432
+ − 1433
// Images
+ − 1434
$j = preg_match_all('#\[\[:'.$paths->nslist['File'].'([\w\s0-9_\(\)!@%\^\+\|\.-]+?)\]\]#is', $message, $matchlist);
+ − 1435
$matches = Array();
+ − 1436
$matches['images'] = $matchlist[1];
+ − 1437
for($i=0;$i<sizeof($matchlist[1]);$i++)
+ − 1438
{
+ − 1439
if(isPage($paths->nslist['File'].$matches['images'][$i]))
+ − 1440
{
+ − 1441
$message = str_replace('[[:'.$paths->nslist['File'].$matches['images'][$i].']]',
+ − 1442
'<img alt="'.$matches['images'][$i].'" style="border: 0" src="'.makeUrlNS('Special', 'DownloadFile/'.$matches['images'][$i]).'" />',
+ − 1443
$message);
+ − 1444
}
+ − 1445
}
+ − 1446
+ − 1447
// Internal links
+ − 1448
+ − 1449
$text_parser = $this->makeParserText($tplvars['sidebar_button']);
+ − 1450
133
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
diff
changeset
+ − 1451
preg_match_all("#\[\[([^\|\]\n\a\r\t]*?)\]\]#is", $message, $il);
1
+ − 1452
for($i=0;$i<sizeof($il[1]);$i++)
+ − 1453
{
+ − 1454
$href = makeUrl(str_replace(' ', '_', $il[1][$i]), null, true);
59
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1455
$text_parser->assign_vars(Array(
1
+ − 1456
'HREF' => $href,
+ − 1457
'FLAGS' => '',
+ − 1458
'TEXT' => $il[1][$i]
+ − 1459
));
+ − 1460
$message = str_replace("[[{$il[1][$i]}]]", $text_parser->run(), $message);
+ − 1461
}
+ − 1462
133
af0f6ec48de3
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
diff
changeset
+ − 1463
preg_match_all('#\[\[([^\|\]\n\a\r\t]*?)\|([^\]\r\n\a\t]*?)\]\]#is', $message, $il);
1
+ − 1464
for($i=0;$i<sizeof($il[1]);$i++)
+ − 1465
{
+ − 1466
$href = makeUrl(str_replace(' ', '_', $il[1][$i]), null, true);
+ − 1467
$text_parser->assign_vars(Array(
+ − 1468
'HREF' => $href,
+ − 1469
'FLAGS' => '',
+ − 1470
'TEXT' => $il[2][$i]
+ − 1471
));
+ − 1472
$message = str_replace("[[{$il[1][$i]}|{$il[2][$i]}]]", $text_parser->run(), $message);
+ − 1473
}
+ − 1474
+ − 1475
// External links
59
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1476
// $message = preg_replace('#\[(http|ftp|irc):\/\/([a-z0-9\/:_\.\?&%\#@_\\\\-]+?) ([^\]]+)\\]#', '<a href="\\1://\\2">\\3</a><br style="display: none;" />', $message);
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1477
// $message = preg_replace('#\[(http|ftp|irc):\/\/([a-z0-9\/:_\.\?&%\#@_\\\\-]+?)\\]#', '<a href="\\1://\\2">\\1://\\2</a><br style="display: none;" />', $message);
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1478
230
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 1479
preg_match_all('/\[((https?|ftp|irc):\/\/([^@\s\]"\':]+)?((([a-z0-9-]+\.)*)[a-z0-9-]+)(\/[A-z0-9_%\|~`!\!@#\$\^&\*\(\):;\.,\/-]*(\?(([a-z0-9_-]+)(=[A-z0-9_%\|~`\!@#\$\^&\*\(\):;\.,\/-\[\]]+)?((&([a-z0-9_-]+)(=[A-z0-9_%\|~`!\!@#\$\^&\*\(\):;\.,\/-]+)?)*))?)?)?) ([^\]]+)\]/is', $message, $ext_link);
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 1480
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 1481
// die('<pre>' . htmlspecialchars( print_r($ext_link, true) ) . '</pre>');
59
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1482
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1483
for ( $i = 0; $i < count($ext_link[0]); $i++ )
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1484
{
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1485
$text_parser->assign_vars(Array(
165
+ − 1486
'HREF' => $ext_link[1][$i],
59
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1487
'FLAGS' => '',
165
+ − 1488
'TEXT' => $ext_link[16][$i]
59
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1489
));
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1490
$message = str_replace($ext_link[0][$i], $text_parser->run(), $message);
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1491
}
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1492
230
3daa715e0f69
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan
diff
changeset
+ − 1493
preg_match_all('/\[((https?|ftp|irc):\/\/([^@\s\]"\':]+)?((([a-z0-9-]+\.)*)[a-z0-9-]+)(\/[A-z0-9_%\|~`!\!@#\$\^&\*\(\):;\.,\/-]*(\?(([a-z0-9_-]+)(=[A-z0-9_%\|~`\!@#\$\^&\*\(\):;\.,\/-\[\]]+)?((&([a-z0-9_-]+)(=[A-z0-9_%\|~`!\!@#\$\^&\*\(\):;\.,\/-]+)?)*))?)?)?)\]/is', $message, $ext_link);
59
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1494
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1495
for ( $i = 0; $i < count($ext_link[0]); $i++ )
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1496
{
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1497
$text_parser->assign_vars(Array(
165
+ − 1498
'HREF' => $ext_link[1][$i],
59
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1499
'FLAGS' => '',
165
+ − 1500
'TEXT' => htmlspecialchars($ext_link[1][$i])
59
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1501
));
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1502
$message = str_replace($ext_link[0][$i], $text_parser->run(), $message);
7c4a851fb5c5
Minor IE4 compatibility fix; template parser now properly handles external links in the sidebar
Dan
diff
changeset
+ − 1503
}
1
+ − 1504
+ − 1505
$parser1 = $this->makeParserText($tplvars['sidebar_section']);
+ − 1506
$parser2 = $this->makeParserText($tplvars['sidebar_section_raw']);
+ − 1507
60
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 1508
preg_match_all('#\{slider(2|)=([^\}]*?)\}(.*?)\{\/slider(2|)\}#is', $message, $sb);
1
+ − 1509
+ − 1510
// Modified to support the sweet new template var system
+ − 1511
for($i=0;$i<sizeof($sb[1]);$i++)
+ − 1512
{
+ − 1513
$p = ($sb[1][$i] == '2') ? $parser2 : $parser1;
+ − 1514
$p->assign_vars(Array('TITLE'=>$sb[2][$i],'CONTENT'=>$sb[3][$i]));
+ − 1515
$message = str_replace("{slider{$sb[1][$i]}={$sb[2][$i]}}{$sb[3][$i]}{/slider{$sb[4][$i]}}", $p->run(), $message);
+ − 1516
}
+ − 1517
+ − 1518
/*
+ − 1519
Extras ;-)
+ − 1520
$message = preg_replace('##is', '', $message);
+ − 1521
$message = preg_replace('##is', '', $message);
+ − 1522
$message = preg_replace('##is', '', $message);
+ − 1523
$message = preg_replace('##is', '', $message);
+ − 1524
$message = preg_replace('##is', '', $message);
+ − 1525
*/
+ − 1526
+ − 1527
//die('<pre>'.htmlspecialchars($message).'</pre>');
+ − 1528
//eval($message); exit;
+ − 1529
return $message;
+ − 1530
}
+ − 1531
+ − 1532
/**
+ − 1533
* Print a text field that auto-completes a username entered into it.
+ − 1534
* @param string $name - the name of the form field
+ − 1535
* @return string
+ − 1536
*/
+ − 1537
+ − 1538
function username_field($name, $value = false)
+ − 1539
{
+ − 1540
$randomid = md5( time() . microtime() . mt_rand() );
184
+ − 1541
$text = '<input name="'.$name.'" onkeyup="new AutofillUsername(this);" autocomplete="off" type="text" size="30" id="userfield_'.$randomid.'"';
1
+ − 1542
if($value) $text .= ' value="'.$value.'"';
+ − 1543
$text .= ' />';
+ − 1544
return $text;
+ − 1545
}
+ − 1546
+ − 1547
/**
+ − 1548
* Print a text field that auto-completes a page name entered into it.
+ − 1549
* @param string $name - the name of the form field
+ − 1550
* @return string
+ − 1551
*/
+ − 1552
+ − 1553
function pagename_field($name, $value = false)
+ − 1554
{
+ − 1555
$randomid = md5( time() . microtime() . mt_rand() );
+ − 1556
$text = '<input name="'.$name.'" onkeyup="ajaxPageNameComplete(this)" type="text" size="30" id="pagefield_'.$randomid.'"';
+ − 1557
if($value) $text .= ' value="'.$value.'"';
+ − 1558
$text .= ' />';
+ − 1559
$text .= '<script type="text/javascript">
+ − 1560
var inp = document.getElementById(\'pagefield_' . $randomid . '\');
+ − 1561
var f = get_parent_form(inp);
+ − 1562
if ( f )
+ − 1563
{
+ − 1564
if ( typeof(f.onsubmit) != \'function\' )
+ − 1565
{
+ − 1566
f.onsubmit = function() {
+ − 1567
if ( !submitAuthorized )
+ − 1568
{
+ − 1569
return false;
+ − 1570
}
+ − 1571
}
+ − 1572
}
+ − 1573
}</script>';
+ − 1574
return $text;
+ − 1575
}
+ − 1576
+ − 1577
/**
+ − 1578
* Sends a textarea that can be converted to and from a TinyMCE widget on the fly.
+ − 1579
* @param string The name of the form element
+ − 1580
* @param string The initial content. Optional, defaults to blank
+ − 1581
* @param int Rows in textarea
+ − 1582
* @param int Columns in textarea
+ − 1583
* @return string HTML and Javascript code.
+ − 1584
*/
+ − 1585
+ − 1586
function tinymce_textarea($name, $content = '', $rows = 20, $cols = 60)
+ − 1587
{
370
+ − 1588
global $lang;
1
+ − 1589
$randomid = md5(microtime() . mt_rand());
+ − 1590
$html = '';
+ − 1591
$html .= '<textarea name="' . $name . '" rows="'.$rows.'" cols="'.$cols.'" style="width: 100%;" id="toggleMCEroot_'.$randomid.'">' . $content . '</textarea>';
370
+ − 1592
$html .= '<div style="float: right; display: table;" id="mceSwitchAgent_' . $randomid . '">' . $lang->get('etc_tinymce_btn_text') . ' | <a href="#" onclick="if ( !KILL_SWITCH ) { toggleMCE_'.$randomid.'(); return false; }">' . $lang->get('etc_tinymce_btn_graphical') . '</a></div>';
1
+ − 1593
$html .= '<script type="text/javascript">
+ − 1594
// <![CDATA[
+ − 1595
function toggleMCE_'.$randomid.'()
+ − 1596
{
+ − 1597
var the_obj = document.getElementById(\'toggleMCEroot_' . $randomid . '\');
+ − 1598
var panel = document.getElementById(\'mceSwitchAgent_' . $randomid . '\');
370
+ − 1599
var text_editor = $lang.get("etc_tinymce_btn_text");
+ − 1600
var graphical_editor = $lang.get("etc_tinymce_btn_graphical");
1
+ − 1601
if ( the_obj.dnIsMCE == "yes" )
+ − 1602
{
+ − 1603
$dynano(the_obj).destroyMCE();
370
+ − 1604
panel.innerHTML = text_editor + \' | <a href="#" onclick="if ( !KILL_SWITCH ) { toggleMCE_'.$randomid.'(); return false; }">\' + graphical_editor + \'</a>\';
1
+ − 1605
}
+ − 1606
else
+ − 1607
{
+ − 1608
$dynano(the_obj).switchToMCE();
370
+ − 1609
panel.innerHTML = \'<a href="#" onclick="if ( !KILL_SWITCH ) { toggleMCE_'.$randomid.'(); return false; }">\' + text_editor + \'</a> | \' + graphical_editor;
1
+ − 1610
}
+ − 1611
}
+ − 1612
// ]]>
+ − 1613
</script>';
+ − 1614
return $html;
+ − 1615
}
+ − 1616
+ − 1617
/**
+ − 1618
* Allows individual parsing of template files. Similar to phpBB but follows the spirit of object-oriented programming ;)
+ − 1619
* Returns on object of class templateIndividual. Usage instructions can be found in the inline docs for that class.
+ − 1620
* @param $filename the filename of the template to be parsed
+ − 1621
* @return object
+ − 1622
*/
+ − 1623
+ − 1624
function makeParser($filename)
+ − 1625
{
+ − 1626
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1627
$filename = ENANO_ROOT.'/themes/'.$template->theme.'/'.$filename;
+ − 1628
if(!file_exists($filename)) die('templateIndividual: file '.$filename.' does not exist');
+ − 1629
$code = file_get_contents($filename);
+ − 1630
$parser = new templateIndividual($code);
+ − 1631
return $parser;
+ − 1632
}
+ − 1633
+ − 1634
/**
+ − 1635
* Same as $template->makeParser(), but takes a string instead of a filename.
+ − 1636
* @param $text the text to parse
+ − 1637
* @return object
+ − 1638
*/
+ − 1639
+ − 1640
function makeParserText($code)
+ − 1641
{
+ − 1642
$parser = new templateIndividual($code);
+ − 1643
return $parser;
+ − 1644
}
+ − 1645
+ − 1646
/**
+ − 1647
* Fetch the HTML for a plugin-added sidebar block
+ − 1648
* @param $name the plugin name
+ − 1649
* @return string
+ − 1650
*/
+ − 1651
+ − 1652
function fetch_block($id)
+ − 1653
{
+ − 1654
if(isset($this->plugin_blocks[$id])) return $this->plugin_blocks[$id];
+ − 1655
else return false;
+ − 1656
}
+ − 1657
+ − 1658
/**
+ − 1659
* Fetches the contents of both sidebars.
+ − 1660
* @return array - key 0 is left, key 1 is right
+ − 1661
* @example list($left, $right) = $template->fetch_sidebar();
+ − 1662
*/
+ − 1663
+ − 1664
function fetch_sidebar()
+ − 1665
{
+ − 1666
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1667
+ − 1668
$left = '';
+ − 1669
$right = '';
+ − 1670
+ − 1671
if ( !$this->fetch_block('Links') )
+ − 1672
$this->initLinksWidget();
+ − 1673
286
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 1674
$q = $db->sql_query('SELECT item_id,sidebar_id,block_name,block_type,block_content FROM '.table_prefix.'sidebar' . "\n"
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 1675
. ' WHERE item_enabled=1 ORDER BY sidebar_id ASC, item_order ASC;');
1
+ − 1676
if(!$q) $db->_die('The sidebar text data could not be selected.');
+ − 1677
+ − 1678
$vars = $this->extract_vars('elements.tpl');
+ − 1679
+ − 1680
if(isset($vars['sidebar_top']))
+ − 1681
{
+ − 1682
$left .= $this->parse($vars['sidebar_top']);
+ − 1683
$right .= $this->parse($vars['sidebar_top']);
+ − 1684
}
+ − 1685
while($row = $db->fetchrow())
+ − 1686
{
+ − 1687
switch($row['block_type'])
+ − 1688
{
+ − 1689
case BLOCK_WIKIFORMAT:
+ − 1690
default:
+ − 1691
$parser = $this->makeParserText($vars['sidebar_section']);
+ − 1692
$c = RenderMan::render($row['block_content']);
+ − 1693
break;
+ − 1694
case BLOCK_TEMPLATEFORMAT:
+ − 1695
$parser = $this->makeParserText($vars['sidebar_section']);
+ − 1696
$c = $this->tplWikiFormat($row['block_content']);
+ − 1697
break;
+ − 1698
case BLOCK_HTML:
+ − 1699
$parser = $this->makeParserText($vars['sidebar_section_raw']);
+ − 1700
$c = $row['block_content'];
+ − 1701
break;
+ − 1702
case BLOCK_PHP:
+ − 1703
$parser = $this->makeParserText($vars['sidebar_section_raw']);
+ − 1704
ob_start();
+ − 1705
@eval($row['block_content']);
+ − 1706
$c = ob_get_contents();
+ − 1707
ob_end_clean();
+ − 1708
break;
+ − 1709
case BLOCK_PLUGIN:
+ − 1710
$parser = $this->makeParserText($vars['sidebar_section_raw']);
+ − 1711
$c = (gettype($this->fetch_block($row['block_content'])) == 'string') ? $this->fetch_block($row['block_content']) : 'Can\'t find plugin block';
+ − 1712
break;
+ − 1713
}
+ − 1714
$parser->assign_vars(Array( 'TITLE'=>$this->tplWikiFormat($row['block_name']), 'CONTENT'=>$c ));
+ − 1715
if ($row['sidebar_id'] == SIDEBAR_LEFT ) $left .= $parser->run();
+ − 1716
elseif($row['sidebar_id'] == SIDEBAR_RIGHT) $right .= $parser->run();
+ − 1717
unset($parser);
+ − 1718
}
+ − 1719
$db->free_result();
+ − 1720
if(isset($vars['sidebar_bottom']))
+ − 1721
{
+ − 1722
$left .= $this->parse($vars['sidebar_bottom']);
+ − 1723
$right .= $this->parse($vars['sidebar_bottom']);
+ − 1724
}
+ − 1725
$min = '';
+ − 1726
if(isset($vars['sidebar_top']))
+ − 1727
{
+ − 1728
$min .= $this->parse($vars['sidebar_top']);
+ − 1729
}
+ − 1730
if(isset($vars['sidebar_bottom']))
+ − 1731
{
+ − 1732
$min .= $this->parse($vars['sidebar_bottom']);
+ − 1733
}
+ − 1734
return Array($left, $right, $min);
+ − 1735
}
+ − 1736
+ − 1737
function initLinksWidget()
+ − 1738
{
+ − 1739
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1740
// SourceForge/W3C buttons
+ − 1741
$ob = Array();
27
dd659f6ba891
Converting all tables on new installations to UTF-8; this may break MySQL 4.0 compatibility; several minor cosmetic fixes; set Powered button under Links to "on" by default
Dan
diff
changeset
+ − 1742
$admintitle = ( $session->user_level >= USER_LEVEL_ADMIN ) ? 'title="You may disable this button in the admin panel under General Configuration."' : '';
1
+ − 1743
if(getConfig('sflogo_enabled')=='1')
+ − 1744
{
203
+ − 1745
$sflogo_secure = ( isset($_SERVER['HTTPS']) ) ? 'https' : 'http';
+ − 1746
$ob[] = '<a style="text-align: center;" href="http://sourceforge.net/" onclick="if ( !KILL_SWITCH ) { window.open(this.href);return false; }"><img style="border-width: 0px;" alt="SourceForge.net Logo" src="' . $sflogo_secure . '://sflogo.sourceforge.net/sflogo.php?group_id='.getConfig('sflogo_groupid').'&type='.getConfig('sflogo_type').'" /></a>';
1
+ − 1747
}
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 1748
if(getConfig('w3c_v32') =='1') $ob[] = '<a style="text-align: center;" href="http://validator.w3.org/check?uri=referer" onclick="if ( !KILL_SWITCH ) { window.open(this.href);return false; }"><img style="border: 0px solid #FFFFFF;" alt="Valid HTML 3.2" src="http://www.w3.org/Icons/valid-html32" /></a>';
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 1749
if(getConfig('w3c_v40') =='1') $ob[] = '<a style="text-align: center;" href="http://validator.w3.org/check?uri=referer" onclick="if ( !KILL_SWITCH ) { window.open(this.href);return false; }"><img style="border: 0px solid #FFFFFF;" alt="Valid HTML 4.0" src="http://www.w3.org/Icons/valid-html40" /></a>';
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 1750
if(getConfig('w3c_v401') =='1') $ob[] = '<a style="text-align: center;" href="http://validator.w3.org/check?uri=referer" onclick="if ( !KILL_SWITCH ) { window.open(this.href);return false; }"><img style="border: 0px solid #FFFFFF;" alt="Valid HTML 4.01" src="http://www.w3.org/Icons/valid-html401" /></a>';
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 1751
if(getConfig('w3c_vxhtml10')=='1') $ob[] = '<a style="text-align: center;" href="http://validator.w3.org/check?uri=referer" onclick="if ( !KILL_SWITCH ) { window.open(this.href);return false; }"><img style="border: 0px solid #FFFFFF;" alt="Valid XHTML 1.0" src="http://www.w3.org/Icons/valid-xhtml10" /></a>';
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 1752
if(getConfig('w3c_vxhtml11')=='1') $ob[] = '<a style="text-align: center;" href="http://validator.w3.org/check?uri=referer" onclick="if ( !KILL_SWITCH ) { window.open(this.href);return false; }"><img style="border: 0px solid #FFFFFF;" alt="Valid XHTML 1.1" src="http://www.w3.org/Icons/valid-xhtml11" /></a>';
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 1753
if(getConfig('w3c_vcss') =='1') $ob[] = '<a style="text-align: center;" href="http://validator.w3.org/check?uri=referer" onclick="if ( !KILL_SWITCH ) { window.open(this.href);return false; }"><img style="border: 0px solid #FFFFFF;" alt="Valid CSS" src="http://www.w3.org/Icons/valid-css" /></a>';
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 1754
if(getConfig('dbd_button') =='1') $ob[] = '<a style="text-align: center;" href="http://www.defectivebydesign.org/join/button" onclick="if ( !KILL_SWITCH ) { window.open(this.href);return false; }"><img style="border: 0px solid #FFFFFF;" alt="DRM technology restricts what you can do with your computer" src="http://defectivebydesign.org/sites/nodrm.civicactions.net/files/images/dbd_sm_btn.gif" /><br /><small>Protect your freedom >></small></a>';
1
+ − 1755
+ − 1756
$code = $plugins->setHook('links_widget');
+ − 1757
foreach ( $code as $cmd )
+ − 1758
{
+ − 1759
eval($cmd);
+ − 1760
}
+ − 1761
71
+ − 1762
if(count($ob) > 0 || getConfig('powered_btn') == '1') $sb_links = '<div style="text-align: center; padding: 5px 0;">'. ( ( getConfig('powered_btn') == '1' ) ? $this->fading_button : '' ) . implode('<br />', $ob).'</div>';
1
+ − 1763
else $sb_links = '';
+ − 1764
+ − 1765
$this->sidebar_widget('Links', $sb_links);
+ − 1766
}
+ − 1767
+ − 1768
/**
+ − 1769
* Builds a box showing unread private messages.
+ − 1770
*/
+ − 1771
+ − 1772
function notify_unread_pms()
+ − 1773
{
+ − 1774
global $db, $session, $paths, $template, $plugins; // Common objects
322
+ − 1775
if ( ( $paths->page_id == 'PrivateMessages' || $paths->page_id == 'Preferences' ) && $paths->namespace == 'Special' )
1
+ − 1776
{
+ − 1777
return '';
+ − 1778
}
+ − 1779
$ob = '<div class="usermessage">'."\n";
+ − 1780
$s = ( $session->unread_pms == 1 ) ? '' : 's';
+ − 1781
$ob .= " <b>You have $session->unread_pms <a href=" . '"' . makeUrlNS('Special', 'PrivateMessages' ) . '"' . ">unread private message$s</a>.</b><br />\n Messages: ";
+ − 1782
$q = $db->sql_query('SELECT message_id,message_from,subject,date FROM '.table_prefix.'privmsgs WHERE message_to=\'' . $session->username . '\' AND message_read=0 ORDER BY date DESC;');
+ − 1783
if ( !$q )
+ − 1784
$db->_die();
+ − 1785
$messages = array();
+ − 1786
while ( $row = $db->fetchrow() )
+ − 1787
{
345
4ccdfeee9a11
WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
diff
changeset
+ − 1788
$messages[] = '<a href="' . makeUrlNS('Special', 'PrivateMessages/View/' . $row['message_id']) . '" title="Sent ' . enano_date('F d, Y h:i a', $row['date']) . ' by ' . $row['message_from'] . '">' . $row['subject'] . '</a>';
1
+ − 1789
}
+ − 1790
$ob .= implode(",\n " , $messages)."\n";
+ − 1791
$ob .= '</div>'."\n";
+ − 1792
return $ob;
+ − 1793
}
+ − 1794
+ − 1795
} // class template
+ − 1796
+ − 1797
/**
+ − 1798
* Handles parsing of an individual template file. Instances should only be created through $template->makeParser(). To use:
+ − 1799
* - Call $template->makeParser(template file name) - file name should be something.tpl, css/whatever.css, etc.
+ − 1800
* - Make an array of strings you want the template to access. $array['STRING'] would be referenced in the template like {STRING}
+ − 1801
* - Make an array of boolean values. These can be used for conditionals in the template (<!-- IF something --> whatever <!-- ENDIF something -->)
+ − 1802
* - Call assign_vars() to pass the strings to the template parser. Same thing with assign_bool().
+ − 1803
* - Call run() to parse the template and get your fully compiled HTML.
+ − 1804
* @access private
+ − 1805
*/
+ − 1806
+ − 1807
class templateIndividual extends template {
+ − 1808
var $tpl_strings, $tpl_bool, $tpl_code;
+ − 1809
var $compiled = false;
+ − 1810
/**
+ − 1811
* Constructor.
+ − 1812
*/
+ − 1813
function __construct($text)
+ − 1814
{
+ − 1815
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1816
$this->tpl_code = $text;
+ − 1817
$this->tpl_strings = $template->tpl_strings;
+ − 1818
$this->tpl_bool = $template->tpl_bool;
+ − 1819
}
+ − 1820
/**
345
4ccdfeee9a11
WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
diff
changeset
+ − 1821
* PHP 4 constructor. Deprecated in 1.1.x.
1
+ − 1822
*/
345
4ccdfeee9a11
WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
diff
changeset
+ − 1823
/*
1
+ − 1824
function templateIndividual($text)
+ − 1825
{
+ − 1826
$this->__construct($text);
+ − 1827
}
345
4ccdfeee9a11
WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
diff
changeset
+ − 1828
*/
1
+ − 1829
/**
+ − 1830
* Assigns an array of string values to the template. Strings can be accessed from the template by inserting {KEY_NAME} in the template file.
+ − 1831
* @param $vars array
+ − 1832
*/
+ − 1833
function assign_vars($vars)
+ − 1834
{
+ − 1835
$this->tpl_strings = array_merge($this->tpl_strings, $vars);
+ − 1836
}
+ − 1837
/**
+ − 1838
* Assigns an array of boolean values to the template. These can be used for <!-- IF ... --> statements.
+ − 1839
* @param $vars array
+ − 1840
*/
+ − 1841
function assign_bool($vars)
+ − 1842
{
+ − 1843
$this->tpl_bool = array_merge($this->tpl_bool, $vars);
+ − 1844
}
+ − 1845
/**
+ − 1846
* Compiles and executes the template code.
+ − 1847
* @return string
+ − 1848
*/
+ − 1849
function run()
+ − 1850
{
+ − 1851
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1852
if(!$this->compiled)
+ − 1853
{
+ − 1854
$this->tpl_code = $this->compile_template_text($this->tpl_code);
+ − 1855
$this->compiled = true;
+ − 1856
}
+ − 1857
return eval($this->tpl_code);
+ − 1858
}
+ − 1859
}
+ − 1860
+ − 1861
/**
+ − 1862
* A version of the template compiler that does not rely at all on the other parts of Enano. Used during installation and for showing
+ − 1863
* "critical error" messages. ** REQUIRES ** the Oxygen theme.
+ − 1864
*/
+ − 1865
286
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 1866
class template_nodb
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 1867
{
276
acfdccf7a2bf
Re-sync Oxygen and Mint and Oxygen simple with Oxygen main; a couple improvements to the redirect-on-no-config code
Dan
diff
changeset
+ − 1868
var $fading_button, $tpl_strings, $tpl_bool, $theme, $style, $no_headers, $additional_headers, $sidebar_extra, $sidebar_widgets, $toolbar_menu, $theme_list;
1
+ − 1869
function __construct() {
+ − 1870
+ − 1871
$this->tpl_bool = Array();
+ − 1872
$this->tpl_strings = Array();
+ − 1873
$this->sidebar_extra = '';
+ − 1874
$this->sidebar_widgets = '';
+ − 1875
$this->toolbar_menu = '';
272
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
diff
changeset
+ − 1876
$this->additional_headers = '<style type="text/css">div.pagenav { border-top: 1px solid #CCC; padding-top: 7px; margin-top: 10px; }</style>';
1
+ − 1877
276
acfdccf7a2bf
Re-sync Oxygen and Mint and Oxygen simple with Oxygen main; a couple improvements to the redirect-on-no-config code
Dan
diff
changeset
+ − 1878
$this->fading_button = '<div style="background-image: url('.scriptPath.'/images/about-powered-enano-hover.png); background-repeat: no-repeat; width: 88px; height: 31px; margin: 0 auto 5px auto;">
acfdccf7a2bf
Re-sync Oxygen and Mint and Oxygen simple with Oxygen main; a couple improvements to the redirect-on-no-config code
Dan
diff
changeset
+ − 1879
<a href="http://enanocms.org/" onclick="window.open(this.href); return false;"><img style="border-width: 0;" alt=" " src="'.scriptPath.'/images/about-powered-enano.png" onmouseover="domOpacity(this, 100, 0, 500);" onmouseout="domOpacity(this, 0, 100, 500);" /></a>
acfdccf7a2bf
Re-sync Oxygen and Mint and Oxygen simple with Oxygen main; a couple improvements to the redirect-on-no-config code
Dan
diff
changeset
+ − 1880
</div>';
acfdccf7a2bf
Re-sync Oxygen and Mint and Oxygen simple with Oxygen main; a couple improvements to the redirect-on-no-config code
Dan
diff
changeset
+ − 1881
1
+ − 1882
$this->theme_list = Array(Array(
+ − 1883
'theme_id'=>'oxygen',
+ − 1884
'theme_name'=>'Oxygen',
+ − 1885
'theme_order'=>1,
+ − 1886
'enabled'=>1,
+ − 1887
));
+ − 1888
}
+ − 1889
function template() {
+ − 1890
$this->__construct();
+ − 1891
}
+ − 1892
function get_css($s = false) {
+ − 1893
if($s)
+ − 1894
return $this->process_template('css/'.$s);
+ − 1895
else
+ − 1896
return $this->process_template('css/'.$this->style.'.css');
+ − 1897
}
+ − 1898
function load_theme($name, $css, $auto_init = true) {
+ − 1899
$this->theme = $name;
+ − 1900
$this->style = $css;
+ − 1901
+ − 1902
$this->tpl_strings['SCRIPTPATH'] = scriptPath;
+ − 1903
if ( $auto_init )
+ − 1904
$this->init_vars();
+ − 1905
}
272
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
diff
changeset
+ − 1906
function add_header($html)
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
diff
changeset
+ − 1907
{
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
diff
changeset
+ − 1908
$this->additional_headers .= "\n<!-- ----------------------------------------------------------- -->\n\n " . $html;
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
diff
changeset
+ − 1909
}
1
+ − 1910
function init_vars()
+ − 1911
{
+ − 1912
global $sideinfo;
+ − 1913
global $this_page;
243
+ − 1914
global $lang;
1
+ − 1915
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1916
$tplvars = $this->extract_vars('elements.tpl');
+ − 1917
$tb = '';
+ − 1918
// Get the "article" button text (depends on namespace)
355
+ − 1919
if(defined('IN_ENANO_INSTALL') && is_object($lang)) $ns = $lang->get('meta_btn_article');
1
+ − 1920
else $ns = 'system error page';
243
+ − 1921
$t = str_replace('{FLAGS}', 'onclick="return false;" title="Hey! A button that doesn\'t do anything. Clever..." accesskey="a"', $tplvars['toolbar_button']);
1
+ − 1922
$t = str_replace('{HREF}', '#', $t);
+ − 1923
$t = str_replace('{TEXT}', $ns, $t);
+ − 1924
$tb .= $t;
+ − 1925
+ − 1926
// Page toolbar
+ − 1927
+ − 1928
$this->tpl_bool = Array(
+ − 1929
'auth_admin'=>true,
+ − 1930
'user_logged_in'=>true,
+ − 1931
'right_sidebar'=>false,
+ − 1932
);
+ − 1933
$this->tpl_bool['in_sidebar_admin'] = false;
+ − 1934
+ − 1935
$this->tpl_bool['auth_rename'] = false;
+ − 1936
+ − 1937
$asq = $asa = '';
+ − 1938
+ − 1939
$this->tpl_bool['fixed_menus'] = false;
+ − 1940
$slink = defined('IN_ENANO_INSTALL') ? scriptPath.'/install.php?mode=css' : makeUrlNS('Special', 'CSS');
+ − 1941
+ − 1942
$title = ( is_object($paths) ) ? $paths->page : 'Critical error';
+ − 1943
243
+ − 1944
$headers = '<style type="text/css">div.pagenav { border-top: 1px solid #CCC; padding-top: 7px; margin-top: 10px; }</style>';
244
+ − 1945
+ − 1946
$js_dynamic = '';
243
+ − 1947
if ( defined('IN_ENANO_INSTALL') )
+ − 1948
{
244
+ − 1949
$js_dynamic .= '<script type="text/javascript" src="install.php?mode=langjs"></script>';
243
+ − 1950
}
244
+ − 1951
$js_dynamic .= '<script type="text/javascript">var title="'. $title .'"; var scriptPath="'.scriptPath.'"; var ENANO_SID=""; var AES_BITS='.AES_BITS.'; var AES_BLOCKSIZE=' . AES_BLOCKSIZE . '; var pagepass=\'\'; var ENANO_LANG_ID = 1;</script>';
243
+ − 1952
1
+ − 1953
// The rewritten template engine will process all required vars during the load_template stage instead of (cough) re-processing everything each time around.
+ − 1954
$tpl_strings = Array(
+ − 1955
'PAGE_NAME'=>$this_page,
+ − 1956
'PAGE_URLNAME'=>'Null',
355
+ − 1957
'SITE_NAME'=> ( defined('IN_ENANO_INSTALL') && is_object($lang) ) ? $lang->get('meta_site_name') : 'Critical error',
1
+ − 1958
'USERNAME'=>'admin',
355
+ − 1959
'SITE_DESC'=>( defined('IN_ENANO_INSTALL') && is_object($lang) ) ? $lang->get('meta_site_desc') : 'This site is experiencing a problem and cannot load.',
1
+ − 1960
'TOOLBAR'=>$tb,
+ − 1961
'SCRIPTPATH'=>scriptPath,
+ − 1962
'CONTENTPATH'=>contentPath,
+ − 1963
'ADMIN_SID_QUES'=>$asq,
+ − 1964
'ADMIN_SID_AMP'=>$asa,
+ − 1965
'ADMIN_SID_AMP_HTML'=>'',
272
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
diff
changeset
+ − 1966
'ADDITIONAL_HEADERS'=>$this->additional_headers,
1
+ − 1967
'SIDEBAR_EXTRA'=>'',
355
+ − 1968
'COPYRIGHT'=>( defined('IN_ENANO_INSTALL') && is_object($lang) ) ? $lang->get('meta_enano_copyright') : ( defined('ENANO_CONFIG_FETCHED') ? getConfig('copyright_notice') : '' ),
1
+ − 1969
'TOOLBAR_EXTRAS'=>'',
125
+ − 1970
'REQUEST_URI'=>( isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : '' ).$_SERVER['REQUEST_URI'],
1
+ − 1971
'STYLE_LINK'=>$slink,
+ − 1972
'LOGOUT_LINK'=>'',
+ − 1973
'THEME_LINK'=>'',
+ − 1974
'TEMPLATE_DIR'=>scriptPath.'/themes/'.$this->theme,
+ − 1975
'THEME_ID'=>$this->theme,
+ − 1976
'STYLE_ID'=>$this->style,
244
+ − 1977
'JS_DYNAMIC_VARS'=>$js_dynamic,
1
+ − 1978
'SIDEBAR_RIGHT'=>'',
377
bb3e6c3bd4f4
Removed stray debugging info from ACL editor success notification; added ability for guests to set language on URI (?lang=eng); added html_in_pages ACL type and separated from php_in_pages so HTML can be embedded but not PHP; rewote portions of the path manager to better abstract URL input; added Zend Framework into list of BSD-licensed libraries; localized some remaining strings; got the migration script working, but just barely; fixed display bug in Special:Contributions; localized Main Page button in admin panel
Dan
diff
changeset
+ − 1979
'REPORT_URI' => '',
bb3e6c3bd4f4
Removed stray debugging info from ACL editor success notification; added ability for guests to set language on URI (?lang=eng); added html_in_pages ACL type and separated from php_in_pages so HTML can be embedded but not PHP; rewote portions of the path manager to better abstract URL input; added Zend Framework into list of BSD-licensed libraries; localized some remaining strings; got the migration script working, but just barely; fixed display bug in Special:Contributions; localized Main Page button in admin panel
Dan
diff
changeset
+ − 1980
'URL_ABOUT_ENANO' => 'http://enanocms.org/'
1
+ − 1981
);
+ − 1982
$this->tpl_strings = array_merge($tpl_strings, $this->tpl_strings);
+ − 1983
+ − 1984
$sidebar = ( gettype($sideinfo) == 'string' ) ? $sideinfo : '';
+ − 1985
if($sidebar != '')
+ − 1986
{
+ − 1987
if(isset($tplvars['sidebar_top']))
+ − 1988
{
+ − 1989
$text = $this->makeParserText($tplvars['sidebar_top']);
+ − 1990
$top = $text->run();
+ − 1991
} else {
+ − 1992
$top = '';
+ − 1993
}
+ − 1994
$p = $this->makeParserText($tplvars['sidebar_section']);
+ − 1995
$p->assign_vars(Array(
243
+ − 1996
'TITLE'=>$lang->get('meta_sidebar_heading'),
1
+ − 1997
'CONTENT'=>$sidebar,
+ − 1998
));
+ − 1999
$sidebar = $p->run();
+ − 2000
if(isset($tplvars['sidebar_bottom']))
+ − 2001
{
+ − 2002
$text = $this->makeParserText($tplvars['sidebar_bottom']);
+ − 2003
$bottom = $text->run();
+ − 2004
} else {
+ − 2005
$bottom = '';
+ − 2006
}
+ − 2007
$sidebar = $top . $sidebar . $bottom;
+ − 2008
}
+ − 2009
$this->tpl_strings['SIDEBAR_LEFT'] = $sidebar;
+ − 2010
+ − 2011
$this->tpl_bool['sidebar_left'] = ( $this->tpl_strings['SIDEBAR_LEFT'] != '') ? true : false;
+ − 2012
$this->tpl_bool['sidebar_right'] = ( $this->tpl_strings['SIDEBAR_RIGHT'] != '') ? true : false;
+ − 2013
$this->tpl_bool['right_sidebar'] = $this->tpl_bool['sidebar_right']; // backward compatibility
+ − 2014
$this->tpl_bool['stupid_mode'] = true;
+ − 2015
}
272
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
diff
changeset
+ − 2016
function header($simple = false)
1
+ − 2017
{
272
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
diff
changeset
+ − 2018
$filename = ( $simple ) ? 'simple-header.tpl' : 'header.tpl';
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
diff
changeset
+ − 2019
if ( !$this->no_headers )
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
diff
changeset
+ − 2020
{
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
diff
changeset
+ − 2021
echo $this->process_template($filename);
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
diff
changeset
+ − 2022
}
1
+ − 2023
}
272
e0ec986c0af3
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan
diff
changeset
+ − 2024
function footer($simple = false)
1
+ − 2025
{
+ − 2026
global $db, $session, $paths, $template, $plugins; // Common objects
391
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2027
global $lang;
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2028
1
+ − 2029
if(!$this->no_headers) {
+ − 2030
global $_starttime;
91
+ − 2031
391
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2032
$filename = ( $simple ) ? 'simple-footer.tpl' : 'footer.tpl';
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2033
$t = $this->process_template($filename);
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2034
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2035
$f = microtime_float();
1
+ − 2036
$f = $f - $_starttime;
+ − 2037
$f = round($f, 4);
391
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2038
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2039
if ( is_object($lang) )
98
6457a9b983c6
Fixed non-object reference in databaseless template, added locking for Javascript paginator, made comments on AES key size more clear in constants, and disallowed "anonymous" and IP addresses for admin username in install.php; Loch Ness release candidate
Dan
diff
changeset
+ − 2040
{
391
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2041
$t_loc = $lang->get('page_msg_stats_gentime_short', array('time' => $f));
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2042
$t_loc_long = $lang->get('page_msg_stats_gentime_long', array('time' => $f));
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2043
$q_loc = '<a href="' . $this->tpl_strings['REPORT_URI'] . '">' . $lang->get('page_msg_stats_sql', array('nq' => ( is_object($db) ? $db->num_queries : 'N/A' ))) . '</a>';
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2044
$dbg = $t_loc;
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2045
$dbg_long = $t_loc_long;
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2046
if ( $session->user_level >= USER_LEVEL_ADMIN )
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2047
{
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2048
$dbg .= " | $q_loc";
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2049
$dbg_long .= " | $q_loc";
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2050
}
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2051
$t = str_replace('[[EnanoPoweredLink]]', $lang->get('page_enano_powered', array('about_uri' => $this->tpl_strings['URL_ABOUT_ENANO'])), $t);
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2052
$t = str_replace('[[EnanoPoweredLinkLong]]', $lang->get('page_enano_powered_long', array('about_uri' => $this->tpl_strings['URL_ABOUT_ENANO'])), $t);
98
6457a9b983c6
Fixed non-object reference in databaseless template, added locking for Javascript paginator, made comments on AES key size more clear in constants, and disallowed "anonymous" and IP addresses for admin username in install.php; Loch Ness release candidate
Dan
diff
changeset
+ − 2053
}
6457a9b983c6
Fixed non-object reference in databaseless template, added locking for Javascript paginator, made comments on AES key size more clear in constants, and disallowed "anonymous" and IP addresses for admin username in install.php; Loch Ness release candidate
Dan
diff
changeset
+ − 2054
else
6457a9b983c6
Fixed non-object reference in databaseless template, added locking for Javascript paginator, made comments on AES key size more clear in constants, and disallowed "anonymous" and IP addresses for admin username in install.php; Loch Ness release candidate
Dan
diff
changeset
+ − 2055
{
391
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2056
$t_loc = "Time: {$f}s";
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2057
$t_loc_long = "Generated in {$f}sec";
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2058
$q_loc = '<a href="' . $this->tpl_strings['REPORT_URI'] . '">' . ( is_object($db) ? "{$db->num_queries} SQL" : 'Queries: N/A' ) . '</a>';
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2059
$dbg = $t_loc;
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2060
$dbg_long = $t_loc_long;
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2061
if ( $session->user_level >= USER_LEVEL_ADMIN )
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2062
{
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2063
$dbg .= " | $q_loc";
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2064
$dbg_long .= " | $q_loc";
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2065
}
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2066
$t = str_replace('[[EnanoPoweredLink]]', 'Powered by <a href="http://enanocms.org/" onclick="window.open(this.href); return false;">Enano</a>', $t);
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2067
$t = str_replace('[[EnanoPoweredLinkLong]]', 'Website engine powered by <a href="http://enanocms.org/" onclick="window.open(this.href); return false;">Enano</a>', $t);
98
6457a9b983c6
Fixed non-object reference in databaseless template, added locking for Javascript paginator, made comments on AES key size more clear in constants, and disallowed "anonymous" and IP addresses for admin username in install.php; Loch Ness release candidate
Dan
diff
changeset
+ − 2068
}
391
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2069
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2070
$t = str_replace('[[Stats]]', $dbg, $t);
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2071
$t = str_replace('[[StatsLong]]', $dbg_long, $t);
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2072
$t = str_replace('[[NumQueries]]', ( is_object($db) ? (string)$db->num_queries : '0' ), $t);
91
+ − 2073
$t = str_replace('[[GenTime]]', (string)$f, $t);
391
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2074
$t = str_replace('[[NumQueriesLoc]]', $q_loc, $t);
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 2075
$t = str_replace('[[GenTimeLoc]]', $t_loc, $t);
91
+ − 2076
1
+ − 2077
echo $t;
+ − 2078
}
+ − 2079
else return '';
+ − 2080
}
+ − 2081
function getHeader()
+ − 2082
{
+ − 2083
if(!$this->no_headers) return $this->process_template('header.tpl');
+ − 2084
else return '';
+ − 2085
}
+ − 2086
function getFooter()
+ − 2087
{
+ − 2088
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 2089
if(!$this->no_headers) {
+ − 2090
global $_starttime;
+ − 2091
$f = microtime(true);
+ − 2092
$f = $f - $_starttime;
+ − 2093
$f = round($f, 4);
+ − 2094
if(defined('IN_ENANO_INSTALL')) $nq = 'N/A';
+ − 2095
else $nq = $db->num_queries;
+ − 2096
if($nq == 0) $nq = 'N/A';
+ − 2097
$dbg = 'Time: '.$f.'s | Queries: '.$nq;
+ − 2098
if($nq == 0) $nq = 'N/A';
+ − 2099
$t = $this->process_template('footer.tpl');
+ − 2100
$t = str_replace('[[Stats]]', $dbg, $t);
+ − 2101
return $t;
+ − 2102
}
+ − 2103
else return '';
+ − 2104
}
+ − 2105
+ − 2106
function process_template($file) {
+ − 2107
+ − 2108
eval($this->compile_template($file));
+ − 2109
return $tpl_code;
+ − 2110
}
+ − 2111
+ − 2112
function extract_vars($file) {
+ − 2113
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 2114
if(!is_file(ENANO_ROOT . '/themes/'.$this->theme.'/'.$file)) die('Cannot find '.$file.' file for style "'.$this->theme.'", exiting');
+ − 2115
$text = file_get_contents(ENANO_ROOT . '/themes/'.$this->theme.'/'.$file);
+ − 2116
preg_match_all('#<\!-- VAR ([A-z0-9_-]*) -->(.*?)<\!-- ENDVAR \\1 -->#is', $text, $matches);
+ − 2117
$tplvars = Array();
+ − 2118
for($i=0;$i<sizeof($matches[1]);$i++)
+ − 2119
{
+ − 2120
$tplvars[$matches[1][$i]] = $matches[2][$i];
+ − 2121
}
+ − 2122
return $tplvars;
+ − 2123
}
+ − 2124
function compile_template($text) {
+ − 2125
global $sideinfo;
+ − 2126
$text = file_get_contents(ENANO_ROOT . '/themes/'.$this->theme.'/'.$text);
+ − 2127
$text = str_replace('<script type="text/javascript" src="{SCRIPTPATH}/ajax.php?title={PAGE_URLNAME}&_mode=jsres"></script>', '', $text); // Remove the AJAX code - we don't need it, and it requires a database connection
+ − 2128
$text = '$tpl_code = \''.str_replace('\'', '\\\'', $text).'\'; return $tpl_code;';
+ − 2129
$text = preg_replace('#<!-- BEGIN (.*?) -->#is', '\'; if($this->tpl_bool[\'\\1\']) { $tpl_code .= \'', $text);
+ − 2130
$text = preg_replace('#<!-- IFPLUGIN (.*?) -->#is', '\'; if(getConfig(\'plugin_\\1\')==\'1\') { $tpl_code .= \'', $text);
+ − 2131
if(defined('IN_ENANO_INSTALL')) $text = str_replace('<!-- SYSMSG Sidebar -->', '<div class="slider"><div class="heading"><a class="head">Installation progress</a></div><div class="slideblock">'.$sideinfo.'</div></div>', $text);
+ − 2132
else $text = str_replace('<!-- SYSMSG Sidebar -->', '<div class="slider"><div class="heading"><a class="head">System error</a></div><div class="slideblock"><a href="#" onclick="return false;">Enano critical error page</a></div></div>', $text);
+ − 2133
$text = preg_replace('#<!-- SYSMSG (.*?) -->#is', '', $text);
+ − 2134
$text = preg_replace('#<!-- BEGINNOT (.*?) -->#is', '\'; if(!$this->tpl_bool[\'\\1\']) { $tpl_code .= \'', $text);
+ − 2135
$text = preg_replace('#<!-- BEGINELSE (.*?) -->#is', '\'; } else { $tpl_code .= \'', $text);
+ − 2136
$text = preg_replace('#<!-- END (.*?) -->#is', '\'; } $tpl_code .= \'', $text);
+ − 2137
$text = preg_replace('#{([A-z0-9]*)}#is', '\'.$this->tpl_strings[\'\\1\'].\'', $text);
+ − 2138
return $text; //('<pre>'.htmlspecialchars($text).'</pre>');
+ − 2139
}
+ − 2140
+ − 2141
function compile_template_text($text) {
+ − 2142
global $sideinfo;
+ − 2143
$text = str_replace('<script type="text/javascript" src="{SCRIPTPATH}/ajax.php?title={PAGE_URLNAME}&_mode=jsres"></script>', '', $text); // Remove the AJAX code - we don't need it, and it requires a database connection
+ − 2144
$text = '$tpl_code = \''.str_replace('\'', '\\\'', $text).'\'; return $tpl_code;';
+ − 2145
$text = preg_replace('#<!-- BEGIN (.*?) -->#is', '\'; if($this->tpl_bool[\'\\1\']) { $tpl_code .= \'', $text);
+ − 2146
$text = preg_replace('#<!-- IFPLUGIN (.*?) -->#is', '\'; if(getConfig(\'plugin_\\1\')==\'1\') { $tpl_code .= \'', $text);
+ − 2147
if(defined('IN_ENANO_INSTALL')) $text = str_replace('<!-- SYSMSG Sidebar -->', '<div class="slider"><div class="heading"><a class="head">Installation progress</a></div><div class="slideblock">'.$sideinfo.'</div></div>', $text);
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 2148
else $text = str_replace('<!-- SYSMSG Sidebar -->', '<div class="slider"><div class="heading"><a class="head">System error</a></div><div class="slideblock"><a href="#" onclick="return false;>Enano critical error page</a></div></div>', $text);
1
+ − 2149
$text = preg_replace('#<!-- SYSMSG (.*?) -->#is', '', $text);
+ − 2150
$text = preg_replace('#<!-- BEGINNOT (.*?) -->#is', '\'; if(!$this->tpl_bool[\'\\1\']) { $tpl_code .= \'', $text);
+ − 2151
$text = preg_replace('#<!-- BEGINELSE (.*?) -->#is', '\'; } else { $tpl_code .= \'', $text);
+ − 2152
$text = preg_replace('#<!-- END (.*?) -->#is', '\'; } $tpl_code .= \'', $text);
+ − 2153
$text = preg_replace('#{([A-z0-9]*)}#is', '\'.$this->tpl_strings[\'\\1\'].\'', $text);
+ − 2154
return $text; //('<pre>'.htmlspecialchars($text).'</pre>');
+ − 2155
}
+ − 2156
+ − 2157
/**
+ − 2158
* Allows individual parsing of template files. Similar to phpBB but follows the spirit of object-oriented programming ;)
+ − 2159
* Returns on object of class templateIndividual. Usage instructions can be found in the inline docs for that class.
+ − 2160
* @param $filename the filename of the template to be parsed
+ − 2161
* @return object
+ − 2162
*/
+ − 2163
+ − 2164
function makeParser($filename)
+ − 2165
{
+ − 2166
$filename = ENANO_ROOT.'/themes/'.$this->theme.'/'.$filename;
+ − 2167
if(!file_exists($filename)) die('templateIndividual: file '.$filename.' does not exist');
+ − 2168
$code = file_get_contents($filename);
+ − 2169
$parser = new templateIndividualSafe($code, $this);
+ − 2170
return $parser;
+ − 2171
}
+ − 2172
+ − 2173
/**
+ − 2174
* Same as $template->makeParser(), but takes a string instead of a filename.
+ − 2175
* @param $text the text to parse
+ − 2176
* @return object
+ − 2177
*/
+ − 2178
+ − 2179
function makeParserText($code)
+ − 2180
{
+ − 2181
$parser = new templateIndividualSafe($code, $this);
+ − 2182
return $parser;
+ − 2183
}
+ − 2184
+ − 2185
} // class template_nodb
+ − 2186
+ − 2187
/**
+ − 2188
* Identical to templateIndividual, except extends template_nodb instead of template
+ − 2189
* @see class template
+ − 2190
*/
+ − 2191
+ − 2192
class templateIndividualSafe extends template_nodb {
+ − 2193
var $tpl_strings, $tpl_bool, $tpl_code;
+ − 2194
var $compiled = false;
+ − 2195
/**
+ − 2196
* Constructor.
+ − 2197
*/
+ − 2198
function __construct($text, $parent)
+ − 2199
{
+ − 2200
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 2201
$this->tpl_code = $text;
+ − 2202
$this->tpl_strings = $parent->tpl_strings;
+ − 2203
$this->tpl_bool = $parent->tpl_bool;
+ − 2204
}
+ − 2205
/**
+ − 2206
* PHP 4 constructor.
+ − 2207
*/
+ − 2208
function templateIndividual($text)
+ − 2209
{
+ − 2210
$this->__construct($text);
+ − 2211
}
+ − 2212
/**
+ − 2213
* Assigns an array of string values to the template. Strings can be accessed from the template by inserting {KEY_NAME} in the template file.
+ − 2214
* @param $vars array
+ − 2215
*/
+ − 2216
function assign_vars($vars)
+ − 2217
{
+ − 2218
if(is_array($this->tpl_strings))
+ − 2219
$this->tpl_strings = array_merge($this->tpl_strings, $vars);
+ − 2220
else
+ − 2221
$this->tpl_strings = $vars;
+ − 2222
}
+ − 2223
/**
+ − 2224
* Assigns an array of boolean values to the template. These can be used for <!-- IF ... --> statements.
+ − 2225
* @param $vars array
+ − 2226
*/
+ − 2227
function assign_bool($vars)
+ − 2228
{
+ − 2229
$this->tpl_bool = array_merge($this->tpl_bool, $vars);
+ − 2230
}
+ − 2231
/**
+ − 2232
* Compiles and executes the template code.
+ − 2233
* @return string
+ − 2234
*/
+ − 2235
function run()
+ − 2236
{
+ − 2237
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 2238
if(!$this->compiled)
+ − 2239
{
+ − 2240
$this->tpl_code = $this->compile_template_text($this->tpl_code);
+ − 2241
$this->compiled = true;
+ − 2242
}
+ − 2243
return eval($this->tpl_code);
+ − 2244
}
+ − 2245
}
+ − 2246
+ − 2247
?>