Enano CMS (1.1.x): plugins/SpecialUserFuncs.php@96848f04bbba (annotated)

0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1	<?php
519 94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable. Dan parents: 517 diff changeset	2	/!info
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable. Dan parents: 517 diff changeset	3	{
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable. Dan parents: 517 diff changeset	4	"Plugin Name" : "plugin_specialuserfuncs_title",
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable. Dan parents: 517 diff changeset	5	"Plugin URI" : "http://enanocms.org/",
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable. Dan parents: 517 diff changeset	6	"Description" : "plugin_specialuserfuncs_desc",
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable. Dan parents: 517 diff changeset	7	"Author" : "Dan Fuhry",
685 17ebe24cdf85 Rebranded as 1.1.5 (Caoineag alpha 5) and fixed a couple bugs related to CDN support in template_nodb and installerUI. Updated readme. Dan parents: 684 diff changeset	8	"Version" : "1.1.5",
519 94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable. Dan parents: 517 diff changeset	9	"Author URI" : "http://enanocms.org/"
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable. Dan parents: 517 diff changeset	10	}
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable. Dan parents: 517 diff changeset	11	*!/
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	12
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	13	/*
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	14	* Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
685 17ebe24cdf85 Rebranded as 1.1.5 (Caoineag alpha 5) and fixed a couple bugs related to CDN support in template_nodb and installerUI. Updated readme. Dan parents: 684 diff changeset	15	* Version 1.1.5 (Caoineag alpha 5)
536 218a627eb53e Rebrand as 1.1.4 (Caoineag alpha 4) Dan parents: 525 diff changeset	16	* Copyright (C) 2006-2008 Dan Fuhry
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	17	*
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	18	* This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	19	* as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	20	*
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	21	* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	22	* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	23	*/
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	24
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	25	global $db, $session, $paths, $template, $plugins; // Common objects
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	26
593 4f9bec0d65c1 More optimization work. Moved special page init functions to common instead of common_post hook. Allowed paths to cache page metadata on filesystem. Phased out the redundancy in $paths->pages that paired a number with every urlname as foreach loops are allowed now (and have been for some time). Fixed missing includes for several functions. Rewrote str_replace_once to be a lot more efficient. Dan parents: 591 diff changeset	27	// $plugins->attachHook('session_started', 'SpecialUserFuncs_paths_init();');
590 03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	28
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	29	function SpecialUserFuncs_paths_init()
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	30	{
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	31	global $paths;
590 03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	32	$paths->add_page(Array(
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	33	'name'=>'specialpage_log_in',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	34	'urlname'=>'Login',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	35	'namespace'=>'Special',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	36	'special'=>0,'visible'=>1,'comments_on'=>0,'protected'=>1,'delvotes'=>0,'delvote_ips'=>'',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	37	));
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	38	$paths->add_page(Array(
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	39	'name'=>'specialpage_log_out',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	40	'urlname'=>'Logout',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	41	'namespace'=>'Special',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	42	'special'=>0,'visible'=>1,'comments_on'=>0,'protected'=>1,'delvotes'=>0,'delvote_ips'=>'',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	43	));
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	44	$paths->add_page(Array(
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	45	'name'=>'specialpage_register',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	46	'urlname'=>'Register',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	47	'namespace'=>'Special',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	48	'special'=>0,'visible'=>1,'comments_on'=>0,'protected'=>1,'delvotes'=>0,'delvote_ips'=>'',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	49	));
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	50	$paths->add_page(Array(
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	51	'name'=>'specialpage_preferences',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	52	'urlname'=>'Preferences',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	53	'namespace'=>'Special',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	54	'special'=>0,'visible'=>1,'comments_on'=>0,'protected'=>1,'delvotes'=>0,'delvote_ips'=>'',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	55	));
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	56
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	57	$paths->add_page(Array(
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	58	'name'=>'specialpage_contributions',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	59	'urlname'=>'Contributions',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	60	'namespace'=>'Special',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	61	'special'=>0,'visible'=>1,'comments_on'=>0,'protected'=>1,'delvotes'=>0,'delvote_ips'=>'',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	62	));
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	63
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	64	$paths->add_page(Array(
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	65	'name'=>'specialpage_change_theme',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	66	'urlname'=>'ChangeStyle',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	67	'namespace'=>'Special',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	68	'special'=>0,'visible'=>1,'comments_on'=>0,'protected'=>1,'delvotes'=>0,'delvote_ips'=>'',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	69	));
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	70
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	71	$paths->add_page(Array(
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	72	'name'=>'specialpage_activate_account',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	73	'urlname'=>'ActivateAccount',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	74	'namespace'=>'Special',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	75	'special'=>0,'visible'=>1,'comments_on'=>0,'protected'=>1,'delvotes'=>0,'delvote_ips'=>'',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	76	));
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	77
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	78	$paths->add_page(Array(
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	79	'name'=>'specialpage_captcha',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	80	'urlname'=>'Captcha',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	81	'namespace'=>'Special',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	82	'special'=>0,'visible'=>1,'comments_on'=>0,'protected'=>1,'delvotes'=>0,'delvote_ips'=>'',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	83	));
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	84
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	85	$paths->add_page(Array(
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	86	'name'=>'specialpage_password_reset',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	87	'urlname'=>'PasswordReset',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	88	'namespace'=>'Special',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	89	'special'=>0,'visible'=>1,'comments_on'=>0,'protected'=>1,'delvotes'=>0,'delvote_ips'=>'',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	90	));
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	91
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	92	$paths->add_page(Array(
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	93	'name'=>'specialpage_member_list',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	94	'urlname'=>'Memberlist',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	95	'namespace'=>'Special',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	96	'special'=>0,'visible'=>1,'comments_on'=>0,'protected'=>1,'delvotes'=>0,'delvote_ips'=>'',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	97	));
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	98
590 03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	99	$paths->add_page(Array(
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	100	'name'=>'specialpage_language_export',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	101	'urlname'=>'LangExportJSON',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	102	'namespace'=>'Special',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	103	'special'=>0,'visible'=>0,'comments_on'=>0,'protected'=>1,'delvotes'=>0,'delvote_ips'=>'',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	104	));
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	105
590 03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	106	$paths->add_page(Array(
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	107	'name'=>'specialpage_avatar',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	108	'urlname'=>'Avatar',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	109	'namespace'=>'Special',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	110	'special'=>0,'visible'=>0,'comments_on'=>0,'protected'=>1,'delvotes'=>0,'delvote_ips'=>'',
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	111	));
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now Dan parents: 586 diff changeset	112	}
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	113
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	114	// function names are IMPORTANT!!! The name pattern is: page_<namespace ID>_<page URLname, without namespace>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	115
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	116	$__login_status = '';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	117
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	118	function page_Special_Login()
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	119	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	120	global $db, $session, $paths, $template, $plugins; // Common objects
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	121	global $__login_status;
209 8a00247d1dee Login page mostly localized Dan parents: 193 diff changeset	122	global $lang;
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	123
684 15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	124	require_once( ENANO_ROOT . '/includes/diffiehellman.php' );
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	125	global $dh_supported, $_math;
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	126
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	127	$pubkey = $session->rijndael_genkey();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	128	$challenge = $session->dss_rand();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	129
179 36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	130	$locked_out = false;
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	131	// are we locked out?
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	132	$threshold = ( $_ = getConfig('lockout_threshold') ) ? intval($_) : 5;
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	133	$duration = ( $_ = getConfig('lockout_duration') ) ? intval($_) : 15;
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	134	// convert to minutes
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	135	$duration = $duration * 60;
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	136	$policy = ( $x = getConfig('lockout_policy') && in_array(getConfig('lockout_policy'), array('lockout', 'disable', 'captcha')) ) ? getConfig('lockout_policy') : 'lockout';
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	137	if ( $policy != 'disable' )
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	138	{
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	139	$ipaddr = $db->escape($_SERVER['REMOTE_ADDR']);
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	140	$timestamp_cutoff = time() - $duration;
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	141	$q = $session->sql('SELECT timestamp FROM '.table_prefix.'lockout WHERE timestamp > ' . $timestamp_cutoff . ' AND ipaddr = \'' . $ipaddr . '\' ORDER BY timestamp DESC;');
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	142	$fails = $db->numrows();
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	143	if ( $fails >= $threshold )
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	144	{
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	145	$row = $db->fetchrow();
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	146	$locked_out = true;
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	147	$lockdata = array(
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	148	'locked_out' => true,
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	149	'lockout_threshold' => $threshold,
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	150	'lockout_duration' => ( $duration / 60 ),
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	151	'lockout_fails' => $fails,
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	152	'lockout_policy' => $policy,
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	153	'lockout_last_time' => $row['timestamp'],
182 c69730750be3 Fixed the security hole (really, I'm a moron - used $failed > $threshold instead of $failed >= $threashold) and patched up some...erm... math issues Dan parents: 179 diff changeset	154	'time_rem' => ( $duration / 60 ) - round( ( time() - $row['timestamp'] ) / 60 ),
179 36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	155	'captcha' => ''
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	156	);
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	157	if ( $policy == 'captcha' )
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	158	{
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	159	$lockdata['captcha'] = $session->make_captcha();
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	160	}
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	161	}
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	162	$db->free_result();
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	163	}
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	164
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	165	if ( isset($_GET['act']) && $_GET['act'] == 'getkey' )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	166	{
436 242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	167	header('Content-type: text/javascript');
60 71b50f8c8f85 Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint Dan parents: 57 diff changeset	168	$username = ( $session->user_logged_in ) ? $session->username : false;
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	169	$response = Array(
60 71b50f8c8f85 Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint Dan parents: 57 diff changeset	170	'username' => $username,
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	171	'key' => $pubkey,
179 36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	172	'challenge' => $challenge,
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	173	'locked_out' => false
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	174	);
179 36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	175
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	176	if ( $locked_out )
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	177	{
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	178	foreach ( $lockdata as $x => $y )
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	179	{
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	180	$response[$x] = $y;
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	181	}
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	182	unset($x, $y);
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	183	}
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	184
436 242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	185	// 1.1.3: generate diffie hellman key
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	186	$response['dh_supported'] = $dh_supported;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	187	if ( $dh_supported )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	188	{
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	189	$dh_key_priv = dh_gen_private();
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	190	$dh_key_pub = dh_gen_public($dh_key_priv);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	191	$dh_key_priv = $_math->str($dh_key_priv);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	192	$dh_key_pub = $_math->str($dh_key_pub);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	193	$response['dh_public_key'] = $dh_key_pub;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	194	// store the keys in the DB
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	195	$q = $db->sql_query('INSERT INTO ' . table_prefix . "diffiehellman( public_key, private_key ) VALUES ( '$dh_key_pub', '$dh_key_priv' );");
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	196	if ( !$q )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	197	$db->die_json();
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	198	}
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	199
334 c72b545f1304 More localization work. Resolved major issue with JSON parser not parsing files over ~50KB. Switched JSON parser to the one from the Zend Framework (BSD licensed). Forced to split enano.json into five different files. Dan parents: 326 diff changeset	200	$response = enano_json_encode($response);
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	201	echo $response;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	202	return null;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	203	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	204
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	205	$level = ( isset($_GET['level']) && in_array($_GET['level'], array('0', '1', '2', '3', '4', '5', '6', '7', '8', '9') ) ) ? intval($_GET['level']) : USER_LEVEL_MEMBER;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	206	if ( isset($_POST['login']) )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	207	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	208	if ( in_array($_POST['auth_level'], array('0', '1', '2', '3', '4', '5', '6', '7', '8', '9') ) )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	209	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	210	$level = intval($_POST['auth_level']);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	211	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	212	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	213
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	214	if ( $level > USER_LEVEL_MEMBER && !$session->user_logged_in )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	215	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	216	$level = USER_LEVEL_MEMBER;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	217	}
93 95c4d91bd954 Redirections to the main page use the redirect() function now Dan parents: 85 diff changeset	218	if ( $level <= USER_LEVEL_MEMBER && $session->user_logged_in )
95c4d91bd954 Redirections to the main page use the redirect() function now Dan parents: 85 diff changeset	219	$paths->main_page();
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	220	$template->header();
507 586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	221	echo '<form action="'.makeUrl($paths->nslist['Special'].'Login').'" method="post" name="loginform" onsubmit="try{runEncryption();}catch(e){};">';
209 8a00247d1dee Login page mostly localized Dan parents: 193 diff changeset	222	$header = ( $level > USER_LEVEL_MEMBER ) ? $lang->get('user_login_message_short_elev') : $lang->get('user_login_message_short');
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	223	if ( isset($_POST['login']) )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	224	{
179 36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	225	$errstring = $__login_status['error'];
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	226	switch($__login_status['error'])
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	227	{
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	228	case 'key_not_found':
209 8a00247d1dee Login page mostly localized Dan parents: 193 diff changeset	229	$errstring = $lang->get('user_err_key_not_found');
179 36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	230	break;
562 75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	231	case 'ERR_DH_KEY_NOT_FOUND':
586 234ddd896555 Made encryption work in form-based logon again; modified load_component() to fetch compressed versions when possible Dan parents: 573 diff changeset	232	$errstring = $lang->get('user_err_dh_key_not_found'); // . " -- {$__login_status['debug']}";
562 75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	233	break;
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	234	case 'ERR_DH_KEY_NOT_INTEGER':
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	235	$errstring = $lang->get('user_err_dh_key_not_numeric');
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	236	break;
179 36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	237	case 'key_wrong_length':
209 8a00247d1dee Login page mostly localized Dan parents: 193 diff changeset	238	$errstring = $lang->get('user_err_key_wrong_length');
179 36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	239	break;
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	240	case 'too_big_for_britches':
209 8a00247d1dee Login page mostly localized Dan parents: 193 diff changeset	241	$errstring = $lang->get('user_err_too_big_for_britches');
179 36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	242	break;
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	243	case 'invalid_credentials':
209 8a00247d1dee Login page mostly localized Dan parents: 193 diff changeset	244	$errstring = $lang->get('user_err_invalid_credentials');
179 36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	245	if ( $__login_status['lockout_policy'] == 'lockout' )
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	246	{
507 586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	247	$errstring .= $lang->get('err_invalid_credentials_lockout', array('fails' => $__login_status['lockout_fails']));
179 36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	248	}
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	249	else if ( $__login_status['lockout_policy'] == 'captcha' )
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	250	{
507 586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	251	$errstring .= $lang->get('user_err_invalid_credentials_lockout_captcha', array('fails' => $__login_status['lockout_fails']));
179 36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	252	}
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	253	break;
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	254	case 'backend_fail':
209 8a00247d1dee Login page mostly localized Dan parents: 193 diff changeset	255	$errstring = $lang->get('user_err_backend_fail');
179 36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	256	break;
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	257	case 'locked_out':
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	258	$attempts = intval($__login_status['lockout_fails']);
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	259	if ( $attempts > $__login_status['lockout_threshold'])
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	260	$attempts = $__login_status['lockout_threshold'];
182 c69730750be3 Fixed the security hole (really, I'm a moron - used $failed > $threshold instead of $failed >= $threashold) and patched up some...erm... math issues Dan parents: 179 diff changeset	261
c69730750be3 Fixed the security hole (really, I'm a moron - used $failed > $threshold instead of $failed >= $threashold) and patched up some...erm... math issues Dan parents: 179 diff changeset	262	$server_time = time();
562 75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	263	$time_rem = ( intval(@$__login_status['lockout_last_time']) == time() ) ? $__login_status['lockout_duration'] : $__login_status['lockout_duration'] - round( ( $server_time - $__login_status['lockout_last_time'] ) / 60 );
209 8a00247d1dee Login page mostly localized Dan parents: 193 diff changeset	264	if ( $time_rem < 1 )
8a00247d1dee Login page mostly localized Dan parents: 193 diff changeset	265	$time_rem = $__login_status['lockout_duration'];
182 c69730750be3 Fixed the security hole (really, I'm a moron - used $failed > $threshold instead of $failed >= $threashold) and patched up some...erm... math issues Dan parents: 179 diff changeset	266
209 8a00247d1dee Login page mostly localized Dan parents: 193 diff changeset	267	$s = ( $time_rem == 1 ) ? '' : $lang->get('meta_plural');
8a00247d1dee Login page mostly localized Dan parents: 193 diff changeset	268
507 586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	269	$captcha_string = ( $__login_status['lockout_policy'] == 'captcha' ) ? $lang->get('user_err_locked_out_captcha_blurb') : '';
209 8a00247d1dee Login page mostly localized Dan parents: 193 diff changeset	270	$errstring = $lang->get('user_err_locked_out', array('plural' => $s, 'captcha_blurb' => $captcha_string, 'time_rem' => $time_rem));
8a00247d1dee Login page mostly localized Dan parents: 193 diff changeset	271
179 36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	272	break;
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	273	}
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	274	echo '<div class="error-box-mini">'.$errstring.'</div>';
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	275	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	276	if ( $p = $paths->getAllParams() )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	277	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	278	echo '<input type="hidden" name="return_to" value="'.$p.'" />';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	279	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	280	else if ( isset($_POST['login']) && isset($_POST['return_to']) )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	281	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	282	echo '<input type="hidden" name="return_to" value="'.htmlspecialchars($_POST['return_to']).'" />';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	283	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	284	?>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	285	<div class="tblholder">
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	286	<table border="0" style="width: 100%;" cellspacing="1" cellpadding="4">
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	287	<tr>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	288	<th colspan="3"><?php echo $header; ?></th>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	289	</tr>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	290	<tr>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	291	<td colspan="3" class="row1">
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	292	<?php
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	293	if ( $level <= USER_LEVEL_MEMBER )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	294	{
209 8a00247d1dee Login page mostly localized Dan parents: 193 diff changeset	295	echo '<p>' . $lang->get('user_login_body', array('reg_link' => makeUrlNS('Special', 'Register'))) . '</p>';
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	296	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	297	else
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	298	{
209 8a00247d1dee Login page mostly localized Dan parents: 193 diff changeset	299	echo '<p>' . $lang->get('user_login_body_elev') . '</p>';
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	300	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	301	?>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	302	</td>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	303	</tr>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	304	<tr>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	305	<td class="row2">
209 8a00247d1dee Login page mostly localized Dan parents: 193 diff changeset	306	<?php echo $lang->get('user_login_field_username'); ?>:
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	307	</td>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	308	<td class="row1">
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	309	<input name="username" size="25" type="text" <?php
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	310	if ( $level <= USER_LEVEL_MEMBER )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	311	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	312	echo 'tabindex="1" ';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	313	}
32 4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details Dan parents: 30 diff changeset	314	else
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details Dan parents: 30 diff changeset	315	{
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details Dan parents: 30 diff changeset	316	echo 'tabindex="3" ';
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details Dan parents: 30 diff changeset	317	}
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	318	if ( $session->user_logged_in )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	319	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	320	echo 'value="' . $session->username . '"';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	321	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	322	?> />
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	323	</td>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	324	<?php if ( $level <= USER_LEVEL_MEMBER ) { ?>
179 36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	325	<td rowspan="<?php echo ( ( $locked_out && $lockdata['lockout_policy'] == 'captcha' ) ) ? '4' : '2'; ?>" class="row3">
209 8a00247d1dee Login page mostly localized Dan parents: 193 diff changeset	326	<small><?php echo $lang->get('user_login_forgotpass_blurb', array('forgotpass_link' => makeUrlNS('Special', 'PasswordReset'))); ?><br />
8a00247d1dee Login page mostly localized Dan parents: 193 diff changeset	327	<?php echo $lang->get('user_login_createaccount_blurb', array('reg_link' => makeUrlNS('Special', 'Register'))); ?></small>
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	328	</td>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	329	<?php } ?>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	330	</tr>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	331	<tr>
209 8a00247d1dee Login page mostly localized Dan parents: 193 diff changeset	332	<td class="row2">
8a00247d1dee Login page mostly localized Dan parents: 193 diff changeset	333	<?php echo $lang->get('user_login_field_password'); ?>:
8a00247d1dee Login page mostly localized Dan parents: 193 diff changeset	334	</td><td class="row1"><input name="pass" size="25" type="password" tabindex="<?php echo ( $level <= USER_LEVEL_MEMBER ) ? '2' : '1'; ?>" /></td>
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	335	</tr>
179 36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	336	<?php
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	337	if ( $locked_out && $lockdata['lockout_policy'] == 'captcha' )
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	338	{
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	339	?>
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	340	<tr>
209 8a00247d1dee Login page mostly localized Dan parents: 193 diff changeset	341	<td class="row2" rowspan="2"><?php echo $lang->get('user_login_field_captcha'); ?>:<br /></td><td class="row1"><input type="hidden" name="captcha_hash" value="<?php echo $lockdata['captcha']; ?>" /><input name="captcha_code" size="25" type="text" tabindex="<?php echo ( $level <= USER_LEVEL_MEMBER ) ? '3' : '4'; ?>" /></td>
179 36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	342	</tr>
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	343	<tr>
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	344	<td class="row3">
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	345	<img src="<?php echo makeUrlNS('Special', 'Captcha/' . $lockdata['captcha']) ?>" onclick="this.src=this.src+'/a';" style="cursor: pointer;" />
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	346	</td>
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	347	</tr>
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	348	<?php
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	349	}
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	350	?>
507 586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	351	<?php
688 f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	352	if ( $level <= USER_LEVEL_MEMBER )
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	353	{
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	354	// "remember me" switch
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	355	// first order of business is to determine what the checkbox should say
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	356	$session_time = intval(getConfig('session_remember_time', '30'));
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	357	if ( $session_time === 0 )
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	358	{
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	359	// sessions are infinite
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	360	$text_remember = $lang->get('user_login_check_remember_infinite');
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	361	}
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	362	else
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	363	{
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	364	// is the number of days evenly divisible by 7? if so, use weeks
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	365	if ( $session_time % 7 == 0 )
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	366	{
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	367	$session_time = $session_time / 7;
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	368	$unit = 'week';
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	369	}
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	370	else
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	371	{
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	372	$unit = 'day';
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	373	}
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	374	// if it's not equal to 1, pluralize it
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	375	if ( $session_time != 1 )
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	376	{
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	377	$unit .= 's';
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	378	}
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	379	$text_remember = $lang->get('user_login_check_remember', array(
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	380	'session_length' => $session_time,
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	381	'length_units' => $lang->get("etc_unit_$unit")
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	382	));
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	383	}
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	384	?>
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	385	<tr>
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	386	<td class="row2">
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	387	<?php echo $lang->get('user_login_field_remember'); ?>
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	388	</td>
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	389	<td class="row1" colspan="2">
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	390	<label>
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	391	<input type="checkbox" name="remember" tabindex="3" />
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	392	<?php echo $text_remember; ?>
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	393	</label>
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	394	</td>
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	395	</tr>
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	396	<?php
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	397	}
507 586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	398	if ( $level <= USER_LEVEL_MEMBER && ( !isset($_GET['use_crypt']) \|\| ( isset($_GET['use_crypt']) && $_GET['use_crypt']!='0' ) ) )
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	399	{
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	400	echo '<tr>
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	401	<td class="row3" colspan="3">';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	402
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	403	$returnpage_link = ( $return = $paths->getAllParams() ) ? '/' . $return : '';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	404	$nocrypt_link = makeUrlNS('Special', "Login$returnpage_link", "level=$level&use_crypt=0", true);
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	405	echo '<p><b>' . $lang->get('user_login_nocrypt_title') . '</b> ' . $lang->get('user_login_nocrypt_body', array('nocrypt_link' => $nocrypt_link)) . '</p>';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	406	echo '<p>' . $lang->get('user_login_nocrypt_countrylist') . '</p>';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	407
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	408	echo ' </td>
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	409	</tr>';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	410	}
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	411	else if ( $level <= USER_LEVEL_MEMBER && ( isset($_GET['use_crypt']) && $_GET['use_crypt']=='0' ) )
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	412	{
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	413	echo '<tr>
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	414	<td class="row3" colspan="3">';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	415
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	416	$returnpage_link = ( $return = $paths->getAllParams() ) ? '/' . $return : '';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	417	$usecrypt_link = makeUrlNS('Special', "Login$returnpage_link", "level=$level&use_crypt=1", true);
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	418	echo '<p><b>' . $lang->get('user_login_usecrypt_title') . '</b> ' . $lang->get('user_login_usecrypt_body', array('usecrypt_link' => $usecrypt_link)) . '</p>';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	419	echo '<p>' . $lang->get('user_login_usecrypt_countrylist') . '</p>';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	420
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	421	echo ' </td>
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	422	</tr>';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	423	}
684 15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	424	else if ( $level > USER_LEVEL_MEMBER && !strstr($_SERVER['HTTP_USER_AGENT'], 'iPhone') && $dh_supported )
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	425	{
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	426	echo '<tr>';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	427	echo '<td class="row3" colspan="3">';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	428	echo '<p>' . $lang->get('user_login_dh_notice') . '</p>';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	429	echo '</td>';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	430	echo '</tr>';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	431	}
507 586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	432	?>
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	433
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	434	<tr>
688 f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	435	<th colspan="3" style="text-align: center" class="subhead"><input type="submit" name="login" value="Log in" tabindex="<?php echo ( $level <= USER_LEVEL_MEMBER ) ? '4' : '2'; ?>" /></th>
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	436	</tr>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	437	</table>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	438	</div>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	439	<input type="hidden" name="challenge_data" value="<?php echo $challenge; ?>" />
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	440	<input type="hidden" name="use_crypt" value="no" />
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	441	<input type="hidden" name="crypt_key" value="<?php echo $pubkey; ?>" />
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	442	<input type="hidden" name="crypt_data" value="" />
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	443	<input type="hidden" name="auth_level" value="<?php echo (string)$level; ?>" />
32 4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details Dan parents: 30 diff changeset	444	<?php if ( $level <= USER_LEVEL_MEMBER ): ?>
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details Dan parents: 30 diff changeset	445	<script type="text/javascript">
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details Dan parents: 30 diff changeset	446	document.forms.loginform.username.focus();
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details Dan parents: 30 diff changeset	447	</script>
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details Dan parents: 30 diff changeset	448	<?php else: ?>
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details Dan parents: 30 diff changeset	449	<script type="text/javascript">
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details Dan parents: 30 diff changeset	450	document.forms.loginform.pass.focus();
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details Dan parents: 30 diff changeset	451	</script>
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details Dan parents: 30 diff changeset	452	<?php endif; ?>
507 586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	453	<?php
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	454	// 1.1.4
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	455
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	456	require_once( ENANO_ROOT . '/includes/diffiehellman.php' );
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	457
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	458	global $dh_supported, $_math;
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	459	if ( $dh_supported )
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	460	{
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	461	$dh_key_priv = dh_gen_private();
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	462	$dh_key_pub = dh_gen_public($dh_key_priv);
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	463	$dh_key_priv = $_math->str($dh_key_priv);
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	464	$dh_key_pub = $_math->str($dh_key_pub);
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	465	// store the keys in the DB
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	466	$q = $db->sql_query('INSERT INTO ' . table_prefix . "diffiehellman( public_key, private_key ) VALUES ( '$dh_key_pub', '$dh_key_priv' );");
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	467	if ( !$q )
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	468	$db->_die();
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	469
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	470	echo "<input type=\"hidden\" name=\"dh_supported\" value=\"true\" />
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	471	<input type=\"hidden\" name=\"dh_public_key\" value=\"$dh_key_pub\" />
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	472	<input type=\"hidden\" name=\"dh_client_public_key\" value=\"\" />";
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	473	}
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	474	else
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	475	{
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	476	echo "<input type=\"hidden\" name=\"dh_supported\" value=\"false\" />";
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	477	}
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	478	?>
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	479	</form>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	480	<?php
507 586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	481	echo $session->aes_javascript('loginform', 'pass', 'use_crypt', 'crypt_key', 'crypt_data', 'challenge_data', 'dh_supported', 'dh_public_key', 'dh_client_public_key');
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	482	?>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	483	<?php
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	484	$template->footer();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	485	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	486
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	487	function page_Special_Login_preloader() // adding _preloader to the end of the function name calls the function before $session and $paths setup routines are called
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	488	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	489	global $db, $session, $paths, $template, $plugins; // Common objects
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	490	global $__login_status;
210 2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	491	global $lang;
604 6a90893622f0 Fixed missing require() on math.php in SpecialUserFuncs Dan parents: 593 diff changeset	492	require_once( ENANO_ROOT . '/includes/math.php' );
6a90893622f0 Fixed missing require() on math.php in SpecialUserFuncs Dan parents: 593 diff changeset	493
436 242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	494	if ( $paths->getParam(0) === 'action.json' )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	495	{
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	496	if ( !isset($_POST['r']) )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	497	die('No request.');
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	498
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	499	$request = $_POST['r'];
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	500	try
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	501	{
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	502	$request = enano_json_decode($request);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	503	}
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	504	catch ( Exception $e )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	505	{
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	506	die(enano_json_encode(array(
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	507	'mode' => 'error',
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	508	'error' => 'ERR_JSON_PARSE_FAILED'
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	509	)));
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	510	}
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	511
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	512	echo enano_json_encode($session->process_login_request($request));
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	513
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	514	$db->close();
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	515	exit;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	516	}
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	517	if ( isset($_GET['act']) && $_GET['act'] == 'ajaxlogin' )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	518	{
562 75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	519	echo 'This version of the Enano LoginAPI is deprecated. Please use the action.json method instead.';
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	520	return true;
507 586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	521	}
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	522	if(isset($_POST['login']))
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	523	{
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	524	$captcha_hash = ( isset($_POST['captcha_hash']) ) ? $_POST['captcha_hash'] : false;
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	525	$captcha_code = ( isset($_POST['captcha_code']) ) ? $_POST['captcha_code'] : false;
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	526	if ( $_POST['use_crypt'] == 'yes' )
436 242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	527	{
688 f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	528	$result = $session->login_with_crypto($_POST['username'], $_POST['crypt_data'], $_POST['crypt_key'], $_POST['challenge_data'], intval($_POST['auth_level']), $captcha_hash, $captcha_code, isset($_POST['remember']));
507 586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	529	}
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	530	else if ( $_POST['use_crypt'] == 'yes_dh' )
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	531	{
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	532	// retrieve and decrypt the password using DiffieHellman
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	533
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	534	require_once( ENANO_ROOT . '/includes/diffiehellman.php' );
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	535	global $dh_supported, $_math;
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	536
436 242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	537	if ( !$dh_supported )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	538	{
507 586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	539	die_semicritical('DiffieHellman error', 'Server does not support DiffieHellman, denying logon request');
436 242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	540	}
507 586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	541
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	542	// Fetch private key
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	543	$dh_public = $_POST['dh_public_key'];
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	544	if ( !preg_match('/^[0-9]+$/', $dh_public) )
436 242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	545	{
562 75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	546	$__login_status = array(
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	547	'success' => false,
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	548	'error' => 'ERR_DH_KEY_NOT_INTEGER',
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	549	'debug' => "public key: $dh_public"
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	550	);
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	551	return false;
436 242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	552	}
507 586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	553	$q = $db->sql_query('SELECT private_key, key_id FROM ' . table_prefix . "diffiehellman WHERE public_key = '$dh_public';");
436 242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	554	if ( !$q )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	555	$db->die_json();
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	556
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	557	if ( $db->numrows() < 1 )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	558	{
562 75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	559	$__login_status = array(
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	560	'success' => false,
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	561	'error' => 'ERR_DH_KEY_NOT_FOUND',
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	562	'debug' => "public key: $dh_public"
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	563	);
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	564	return false;
436 242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	565	}
507 586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	566
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	567	list($dh_private, $dh_key_id) = $db->fetchrow_num();
436 242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	568	$db->free_result();
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	569
507 586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	570	// We have the private key, now delete the key pair, we no longer need it
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	571	$q = $db->sql_query('DELETE FROM ' . table_prefix . "diffiehellman WHERE key_id = $dh_key_id;");
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	572	if ( !$q )
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	573	$db->die_json();
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	574
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	575	// Generate the shared secret
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	576	$dh_secret = dh_gen_shared_secret($dh_private, $_POST['dh_client_public_key']);
436 242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	577	$dh_secret = $_math->str($dh_secret);
507 586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	578
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	579	// Did we get all our math right?
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	580	$dh_secret_check = sha1($dh_secret);
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	581	$dh_hash = $_POST['crypt_key'];
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	582	if ( $dh_secret_check !== $dh_hash )
436 242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	583	{
562 75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	584	$__login_status = array(
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	585	'success' => false,
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	586	'error' => 'ERR_DH_HASH_NO_MATCH',
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	587	'debug' => "dh_secret_check = $dh_secret_check\ndh_hash_input = $dh_hash"
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	588	);
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	589	return false;
436 242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	590	}
507 586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	591
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	592	// All good! Generate the AES key
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	593	$aes_key = substr(sha256($dh_secret), 0, ( AES_BITS / 4 ));
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	594
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	595	// decrypt user info
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	596	$aes_key = hexdecode($aes_key);
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	597	$aes = AESCrypt::singleton(AES_BITS, AES_BLOCKSIZE);
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	598	$password = $aes->decrypt($_POST['crypt_data'], $aes_key, ENC_HEX);
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE Dan parents: 504 diff changeset	599
688 f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	600	$result = $session->login_without_crypto($_POST['username'], $password, false, intval($_POST['auth_level']), $captcha_hash, $captcha_code, isset($_POST['remember']));
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	601	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	602	else
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	603	{
688 f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary) Dan parents: 685 diff changeset	604	$result = $session->login_without_crypto($_POST['username'], $_POST['pass'], false, intval($_POST['auth_level']), $captcha_hash, $captcha_code, isset($_POST['remember']));
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	605	}
372 5bd429428101 A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager Dan parents: 371 diff changeset	606
179 36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period. Dan parents: 133 diff changeset	607	if($result['success'])
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	608	{
372 5bd429428101 A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager Dan parents: 371 diff changeset	609	$session->start();
5bd429428101 A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager Dan parents: 371 diff changeset	610
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	611	$template->load_theme($session->theme, $session->style);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	612	if(isset($_POST['return_to']))
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	613	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	614	$name = ( isset($paths->pages[$_POST['return_to']]['name']) ) ? $paths->pages[$_POST['return_to']]['name'] : $_POST['return_to'];
210 2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	615	$subst = array(
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	616	'username' => $session->username,
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	617	'redir_target' => $name
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	618	);
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	619	redirect( makeUrl($_POST['return_to'], false, true), $lang->get('user_login_success_title'), $lang->get('user_login_success_body', $subst) );
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	620	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	621	else
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	622	{
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	623	$subst = array(
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	624	'username' => $session->username,
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	625	'redir_target' => $lang->get('user_login_success_body_mainpage')
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	626	);
741 a216e412c439 Added ability to have alternate main page for members Dan parents: 701 diff changeset	627	redirect( makeUrl(get_main_page(), false, true), $lang->get('user_login_success_title'), $lang->get('user_login_success_body', $subst) );
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	628	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	629	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	630	else
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	631	{
521 d264784355e5 Implemented the password-reset redirect _properly_ instead of the hackish direct header() call in sessions.php Dan parents: 517 diff changeset	632	if ( $result['error'] === 'valid_reset' )
d264784355e5 Implemented the password-reset redirect _properly_ instead of the hackish direct header() call in sessions.php Dan parents: 517 diff changeset	633	{
d264784355e5 Implemented the password-reset redirect _properly_ instead of the hackish direct header() call in sessions.php Dan parents: 517 diff changeset	634	header('HTTP/1.1 302 Temporary Redirect');
d264784355e5 Implemented the password-reset redirect _properly_ instead of the hackish direct header() call in sessions.php Dan parents: 517 diff changeset	635	header('Location: ' . $result['redirect_url']);
d264784355e5 Implemented the password-reset redirect _properly_ instead of the hackish direct header() call in sessions.php Dan parents: 517 diff changeset	636
d264784355e5 Implemented the password-reset redirect _properly_ instead of the hackish direct header() call in sessions.php Dan parents: 517 diff changeset	637	$db->close();
d264784355e5 Implemented the password-reset redirect _properly_ instead of the hackish direct header() call in sessions.php Dan parents: 517 diff changeset	638	exit();
d264784355e5 Implemented the password-reset redirect _properly_ instead of the hackish direct header() call in sessions.php Dan parents: 517 diff changeset	639	}
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	640	$GLOBALS['__login_status'] = $result;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	641	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	642	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	643	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	644
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	645	function SpecialLogin_SendResponse_PasswordReset($user_id, $passkey)
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	646	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	647	$response = Array(
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	648	'result' => 'success_reset',
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	649	'user_id' => $user_id,
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	650	'temppass' => $passkey
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	651	);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	652
334 c72b545f1304 More localization work. Resolved major issue with JSON parser not parsing files over ~50KB. Switched JSON parser to the one from the Zend Framework (BSD licensed). Forced to split enano.json into five different files. Dan parents: 326 diff changeset	653	$response = enano_json_encode($response);
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	654	echo $response;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	655
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	656	$db->close();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	657	exit;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	658	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	659
562 75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	660	function page_Special_Logout()
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	661	{
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	662	global $db, $session, $paths, $template, $plugins; // Common objects
210 2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	663	global $lang;
562 75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	664
93 95c4d91bd954 Redirections to the main page use the redirect() function now Dan parents: 85 diff changeset	665	if ( !$session->user_logged_in )
95c4d91bd954 Redirections to the main page use the redirect() function now Dan parents: 85 diff changeset	666	$paths->main_page();
95c4d91bd954 Redirections to the main page use the redirect() function now Dan parents: 85 diff changeset	667
562 75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	668	$token = $paths->getParam(0);
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	669	if ( $token !== $session->csrf_token )
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	670	{
573 43e7254afdb4 Renamed some functions (that were new in this release anyway) due to compatibility broken with PunBB bridge Dan parents: 562 diff changeset	671	csrf_request_confirm();
562 75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	672	}
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	673
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	674	$l = $session->logout();
93 95c4d91bd954 Redirections to the main page use the redirect() function now Dan parents: 85 diff changeset	675	if ( $l == 'success' )
95c4d91bd954 Redirections to the main page use the redirect() function now Dan parents: 85 diff changeset	676	{
741 a216e412c439 Added ability to have alternate main page for members Dan parents: 701 diff changeset	677	$url = makeUrl(get_main_page(), false, true);
562 75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	678	if ( $paths->getParam(1) )
436 242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	679	{
562 75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	680	$pi = explode('/', $paths->getAllParams());
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	681	$pi = implode('/', array_values(array_slice($pi, 1)));
436 242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	682	list($pid, $ns) = RenderMan::strToPageID($pi);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	683	$perms = $session->fetch_page_acl($pid, $ns);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	684	if ( $perms->get_permissions('read') )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	685	{
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	686	$url = makeUrl($pi, false, true);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	687	}
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t! Dan parents: 430 diff changeset	688	}
562 75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	689	redirect($url, $lang->get('user_logout_success_title'), $lang->get('user_logout_success_body'), 3);
93 95c4d91bd954 Redirections to the main page use the redirect() function now Dan parents: 85 diff changeset	690	}
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	691	$template->header();
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	692	echo '<h3>' . $lang->get('user_logout_err_title') . '</h3>';
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	693	echo '<p>' . $l . '</p>';
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	694	$template->footer();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	695	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	696
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	697	function page_Special_Register()
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	698	{
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	699	global $db, $session, $paths, $template, $plugins; // Common objects
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	700	global $lang;
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	701
701 dd80cde96a6c Autocomplete further stabilized. Made Special:PasswordReset and Special:Register prevent use if logged in. Dan parents: 688 diff changeset	702	if ( $session->user_logged_in )
dd80cde96a6c Autocomplete further stabilized. Made Special:PasswordReset and Special:Register prevent use if logged in. Dan parents: 688 diff changeset	703	{
dd80cde96a6c Autocomplete further stabilized. Made Special:PasswordReset and Special:Register prevent use if logged in. Dan parents: 688 diff changeset	704	$paths->main_page();
dd80cde96a6c Autocomplete further stabilized. Made Special:PasswordReset and Special:Register prevent use if logged in. Dan parents: 688 diff changeset	705	}
dd80cde96a6c Autocomplete further stabilized. Made Special:PasswordReset and Special:Register prevent use if logged in. Dan parents: 688 diff changeset	706
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	707	// form field trackers
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	708	$username = '';
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	709	$email = '';
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	710	$realname = '';
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	711
348 87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	712	$terms = getConfig('register_tou');
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	713
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	714	if(getConfig('account_activation') == 'disable' && ( ( $session->user_level >= USER_LEVEL_ADMIN && !isset($_GET['IWannaPlayToo']) ) \|\| $session->user_level < USER_LEVEL_ADMIN \|\| !$session->user_logged_in ))
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	715	{
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	716	$s = ($session->user_level >= USER_LEVEL_ADMIN) ? '<p>' . $lang->get('user_reg_err_disabled_body_adminblurb', array( 'reg_link' => makeUrl($paths->page, 'IWannaPlayToo&coppa=no', true) )) . '</p>' : '';
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	717	die_friendly($lang->get('user_reg_err_disabled_title'), '<p>' . $lang->get('user_reg_err_disabled_body') . '</p>' . $s);
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	718	}
684 15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	719	// are we locked out from logging in? if so, also lock out registration
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	720	if ( getConfig('lockout_policy') === 'lockout' )
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	721	{
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	722	$ip = $db->escape($_SERVER['REMOTE_ADDR']);
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	723	$threshold = time() - ( 60 * intval(getConfig('lockout_duration')) );
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	724	$limit = intval(getConfig('lockout_threshold'));
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	725	$q = $db->sql_query('SELECT * FROM ' . table_prefix . "lockout WHERE timestamp >= $threshold ORDER BY timestamp DESC;");
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	726	if ( !$q )
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	727	$db->_die();
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	728	if ( $db->numrows() >= $limit )
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	729	{
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	730	$row = $db->fetchrow();
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	731	$db->free_result();
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	732	$time_rem = intval(getConfig('lockout_duration')) - round((time() - $row['timestamp']) / 60);
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	733	die_friendly($lang->get('user_reg_err_disabled_title'), '<p>' . $lang->get('user_reg_err_locked_out', array('time' => $time_rem)) . '</p>');
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	734	}
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	735	$db->free_result();
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	736	}
93 95c4d91bd954 Redirections to the main page use the redirect() function now Dan parents: 85 diff changeset	737	if ( $session->user_level < USER_LEVEL_ADMIN && $session->user_logged_in )
95c4d91bd954 Redirections to the main page use the redirect() function now Dan parents: 85 diff changeset	738	{
95c4d91bd954 Redirections to the main page use the redirect() function now Dan parents: 85 diff changeset	739	$paths->main_page();
95c4d91bd954 Redirections to the main page use the redirect() function now Dan parents: 85 diff changeset	740	}
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	741	if(isset($_POST['submit']))
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	742	{
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	743	$_GET['coppa'] = ( isset($_POST['coppa']) ) ? $_POST['coppa'] : 'x';
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	744
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	745	$captcharesult = $session->get_captcha($_POST['captchahash']);
263 d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true Dan parents: 192 diff changeset	746	$session->kill_captcha();
345 4ccdfeee9a11 WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite Dan parents: 343 diff changeset	747	if ( strtolower($captcharesult) != strtolower($_POST['captchacode']) )
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	748	{
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	749	$s = $lang->get('user_reg_err_captcha');
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	750	}
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	751	else
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	752	{
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	753	if ( getConfig('enable_coppa') == '1' && ( !isset($_POST['coppa']) \|\| ( isset($_POST['coppa']) && !in_array($_POST['coppa'], array('yes', 'no')) ) ) )
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	754	{
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	755	$s = 'Invalid COPPA input';
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	756	}
348 87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	757	else if ( !empty($terms) && !isset($_POST['tou_agreed']) )
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	758	{
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	759	$s = $lang->get('user_reg_err_accept_tou');
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	760	}
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	761	else
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	762	{
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	763	$coppa = ( isset($_POST['coppa']) && $_POST['coppa'] == 'yes' );
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	764	$s = false;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	765
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	766	// decrypt password
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	767	// as with the change pass form, we aren't going to bother checking the confirmation code because if the passwords didn't match
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	768	// and yet the password got encrypted, that means the user screwed with the code, and if the user screwed with the code and thus
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	769	// forgot his password, that's his problem.
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	770
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	771	if ( $_POST['use_crypt'] == 'yes' )
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	772	{
286 b2f985e4cef3 Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added Dan parents: 270 diff changeset	773	$aes = AESCrypt::singleton(AES_BITS, AES_BLOCKSIZE);
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	774	$crypt_key = $session->fetch_public_key($_POST['crypt_key']);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	775	if ( !$crypt_key )
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	776	{
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	777	$s = $lang->get('user_reg_err_missing_key');
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	778	}
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	779	else
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	780	{
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	781	$data = $_POST['crypt_data'];
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	782	$bin_key = hexdecode($crypt_key);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	783	//die("Decrypting with params: key $crypt_key, data $data");
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	784	$password = $aes->decrypt($data, $bin_key, ENC_HEX);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	785	}
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	786	}
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	787	else
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	788	{
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	789	$password = $_POST['password'];
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	790	}
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	791
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	792	// CAPTCHA code was correct, create the account
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	793	// ... and check for errors returned from the crypto API
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	794	if ( !$s )
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	795	$s = $session->create_user($_POST['username'], $password, $_POST['email'], $_POST['real_name'], $coppa);
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	796	}
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	797	}
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	798	if($s == 'success' && !$coppa)
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	799	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	800	switch(getConfig('account_activation'))
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	801	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	802	case "none":
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	803	default:
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	804	$str = $lang->get('user_reg_msg_success_activ_none', array('login_link' => makeUrlNS('Special', 'Login', false, true)));
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	805	break;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	806	case "user":
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	807	$str = $lang->get('user_reg_msg_success_activ_user');
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	808	break;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	809	case "admin":
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	810	$str = $lang->get('user_reg_msg_success_activ_admin');
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	811	break;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	812	}
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	813	die_friendly($lang->get('user_reg_msg_success_title'), '<p>' . $lang->get('user_reg_msg_success_body') . ' ' . $str . '</p>');
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	814	}
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	815	else if ( $s == 'success' && $coppa )
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	816	{
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	817	$str = $lang->get('user_reg_msg_success_activ_coppa');
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	818	die_friendly($lang->get('user_reg_msg_success_title'), '<p>' . $lang->get('user_reg_msg_success_body') . ' ' . $str . '</p>');
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	819	}
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	820	$username = htmlspecialchars($_POST['username']);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	821	$email = htmlspecialchars($_POST['email']);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	822	$realname = htmlspecialchars($_POST['real_name']);
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	823	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	824	$template->header();
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	825	echo $lang->get('user_reg_msg_greatercontrol');
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	826
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	827	if ( getConfig('enable_coppa') != '1' \|\| ( isset($_GET['coppa']) && in_array($_GET['coppa'], array('yes', 'no')) ) )
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	828	{
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	829	$coppa = ( isset($_GET['coppa']) && $_GET['coppa'] == 'yes' );
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	830	$session->kill_captcha();
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	831	$captchacode = $session->make_captcha();
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	832
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	833	$pubkey = $session->rijndael_genkey();
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	834	$challenge = $session->dss_rand();
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	835
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	836	?>
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	837	<h3><?php echo $lang->get('user_reg_msg_table_title'); ?></h3>
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	838	<form name="regform" action="<?php echo makeUrl($paths->page); ?>" method="post" onsubmit="return runEncryption();">
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	839	<div class="tblholder">
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	840	<table border="0" width="100%" cellspacing="1" cellpadding="4">
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	841	<tr><th class="subhead" colspan="3"><?php echo $lang->get('user_reg_msg_table_subtitle'); ?></th></tr>
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	842
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	843	<?php if(isset($_POST['submit'])) echo '<tr><td colspan="3" class="row2" style="color: red;">'.$s.'</td></tr>'; ?>
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	844
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	845	<!-- FIELD: Username -->
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	846	<tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	847	<td class="row1" style="width: 50%;">
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	848	<?php echo $lang->get('user_reg_lbl_field_username'); ?>
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	849	<span id="e_username"></span>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	850	</td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	851	<td class="row1" style="width: 50%;">
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	852	<input tabindex="1" type="text" name="username" size="30" value="<?php echo $username; ?>" onkeyup="namegood = false; validateForm(this);" onblur="checkUsername();" />
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	853	</td>
404 fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list. Dan parents: 402 diff changeset	854	<td class="row1" style="width: 1px;">
fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list. Dan parents: 402 diff changeset	855	<img alt="Good/bad icon" src="<?php echo scriptPath; ?>/images/checkbad.png" id="s_username" />
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	856	</td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	857	</tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	858
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	859	<!-- FIELD: Password -->
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	860	<tr>
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	861	<td class="row3" style="width: 50%;" rowspan="<?php echo ( getConfig('pw_strength_enable') == '1' ) ? '3' : '2'; ?>">
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	862	<?php echo $lang->get('user_reg_lbl_field_password'); ?>
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	863	<span id="e_password"></span>
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	864	<?php if ( getConfig('pw_strength_enable') == '1' && getConfig('pw_strength_minimum') > -10 ): ?>
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	865	<small><?php echo $lang->get('user_reg_msg_password_score'); ?></small>
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	866	<?php endif; ?>
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	867	</td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	868	<td class="row3" style="width: 50%;">
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	869	<input tabindex="2" type="password" name="password" size="15" onkeyup="<?php if ( getConfig('pw_strength_enable') == '1' ): ?>password_score_field(this); <?php endif; ?>validateForm(this);" /><?php if ( getConfig('pw_strength_enable') == '1' ): ?><span class="password-checker" style="font-weight: bold; color: #aaaaaa;"> Loading...</span><?php endif; ?>
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	870	</td>
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	871	<td rowspan="<?php echo ( getConfig('pw_strength_enable') == '1' ) ? '3' : '2'; ?>" class="row3" style="max-width: 24px;">
404 fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list. Dan parents: 402 diff changeset	872	<img alt="Good/bad icon" src="<?php echo scriptPath; ?>/images/checkbad.png" id="s_password" />
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	873	</td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	874	</tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	875
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	876	<!-- FIELD: Password confirmation -->
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	877	<tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	878	<td class="row3" style="width: 50%;">
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	879	<input tabindex="3" type="password" name="password_confirm" size="15" onkeyup="validateForm(this);" /> <small><?php echo $lang->get('user_reg_lbl_field_password_confirm'); ?></small>
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	880	</td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	881	</tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	882
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	883	<!-- FIELD: Password strength meter -->
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	884
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	885	<?php if ( getConfig('pw_strength_enable') == '1' ): ?>
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	886	<tr>
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	887	<td class="row3" style="width: 50%;">
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	888	<div id="pwmeter"></div>
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	889	</td>
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	890	</tr>
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	891	<?php endif; ?>
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	892
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	893	<!-- FIELD: E-mail address -->
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	894	<tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	895	<td class="row1" style="width: 50%;">
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	896	<?php
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	897	if ( $coppa )
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	898	{
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	899	echo $lang->get('user_reg_lbl_field_email_coppa');
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	900	}
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	901	else
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	902	{
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	903	echo $lang->get('user_reg_lbl_field_email');
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	904	}
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	905	?>
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	906	<?php
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	907	if ( ( $x = getConfig('account_activation') ) == 'user' )
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	908	{
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	909	echo '<br /><small>' . $lang->get('user_reg_msg_email_activuser') . '</small>';
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	910	}
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	911	?>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	912	</td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	913	<td class="row1" style="width: 50%;">
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	914	<input tabindex="4" type="text" name="email" size="30" value="<?php echo $email; ?>" onkeyup="validateForm(this);" />
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	915	</td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	916	<td class="row1" style="max-width: 24px;">
404 fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list. Dan parents: 402 diff changeset	917	<img alt="Good/bad icon" src="<?php echo scriptPath; ?>/images/checkbad.png" id="s_email" />
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	918	</td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	919	</tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	920
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	921	<!-- FIELD: Real name -->
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	922	<tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	923	<td class="row3" style="width: 50%;">
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	924	<?php echo $lang->get('user_reg_lbl_field_realname'); ?><br />
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	925	<small><?php echo $lang->get('user_reg_msg_realname_optional'); ?></small>
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	926	</td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	927	<td class="row3" style="width: 50%;">
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	928	<input tabindex="5" type="text" name="real_name" size="30" value="<?php echo $realname; ?>" /></td><td class="row3" style="max-width: 24px;">
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	929	</td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	930	</tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	931
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	932	<!-- FIELD: CAPTCHA image -->
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	933	<tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	934	<td class="row1" style="width: 50%;" rowspan="2">
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	935	<?php echo $lang->get('user_reg_lbl_field_captcha'); ?><br />
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	936	<small>
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	937	<?php echo $lang->get('user_reg_msg_captcha_pleaseenter', array('regen_flags' => 'href="#" onclick="regenCaptcha(); return false;"')); ?><br />
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	938	<br />
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	939	<?php echo $lang->get('user_reg_msg_captcha_blind'); ?>
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	940	</small>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	941	</td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	942	<td colspan="2" class="row1">
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	943	<img id="captchaimg" alt="CAPTCHA image" src="<?php echo makeUrlNS('Special', 'Captcha/'.$captchacode); ?>" />
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	944	<span id="b_username"></span>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	945	</td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	946	</tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	947
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	948	<!-- FIELD: CAPTCHA input field -->
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	949	<tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	950	<td class="row1" colspan="2">
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	951	<?php echo $lang->get('user_reg_lbl_field_captcha_code'); ?>
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	952	<input tabindex="6" name="captchacode" type="text" size="10" />
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	953	<input type="hidden" name="captchahash" value="<?php echo $captchacode; ?>" />
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	954	</td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	955	</tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	956
348 87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	957	<!-- FIELD: TOU -->
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	958
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	959	<?php
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	960	if ( !empty($terms) ):
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	961	?>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	962
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	963	<tr>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	964	<td class="row1" colspan="3">
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	965	<?php
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	966	echo $lang->get('user_reg_msg_please_read_tou');
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	967	?>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	968	</td>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	969	</tr>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	970
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	971	<tr>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	972	<td class="row3" colspan="3">
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	973	<div style="border: 1px solid #000000; height: 75px; width: 60%; clip: rect(0px,auto,auto,0px); overflow: auto; background-color: #FFF; margin: 0 auto; padding: 4px;">
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	974	<?php
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	975	echo RenderMan::render($terms);
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	976	?>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	977	</div>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	978	<p style="text-align: center;">
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	979	<label>
371 dc6026376919 Improved compatibility with PostgreSQL and fixed a number of installer bugs; fixed missing "meta" category declaration in language files Dan parents: 359 diff changeset	980	<input tabindex="7" type="checkbox" name="tou_agreed" />
348 87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	981	<b><?php echo $lang->get('user_reg_lbl_field_tou'); ?></b>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	982	</label>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	983	</p>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	984	</td>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	985	</tr>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	986
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	987	<?php
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	988	endif;
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	989	?>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there. Dan parents: 345 diff changeset	990
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	991	<!-- FIELD: submit button -->
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	992	<tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	993	<th class="subhead" colspan="3" style="text-align: center;">
371 dc6026376919 Improved compatibility with PostgreSQL and fixed a number of installer bugs; fixed missing "meta" category declaration in language files Dan parents: 359 diff changeset	994	<input tabindex="8" type="submit" name="submit" value="<?php echo $lang->get('user_reg_btn_create_account'); ?>" />
101 bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	995	</td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	996	</tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe Dan parents: 93 diff changeset	997
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	998	</table>
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	999	</div>
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1000	<?php
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1001	$val = ( $coppa ) ? 'yes' : 'no';
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1002	echo '<input type="hidden" name="coppa" value="' . $val . '" />';
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1003	?>
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1004	<input type="hidden" name="challenge_data" value="<?php echo $challenge; ?>" />
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1005	<input type="hidden" name="use_crypt" value="no" />
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1006	<input type="hidden" name="crypt_key" value="<?php echo $pubkey; ?>" />
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1007	<input type="hidden" name="crypt_data" value="" />
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1008	<script type="text/javascript">
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1009	// ENCRYPTION CODE
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1010	function runEncryption()
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1011	{
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1012	var frm = document.forms.regform;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1013	if ( frm.password.value.length < 1 )
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1014	return true;
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1015	pass1 = frm.password.value;
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1016	pass2 = frm.password_confirm.value;
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1017	if ( pass1 != pass2 )
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1018	{
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1019	alert($lang.get('user_reg_err_alert_password_nomatch'));
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1020	return false;
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1021	}
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1022	if ( pass1.length < 6 && pass1.length > 0 )
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1023	{
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1024	alert($lang.get('user_reg_err_alert_password_tooshort'));
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1025	return false;
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1026	}
614 78d1e71dc720 Got user registration working with the new componentized JS framework Dan parents: 604 diff changeset	1027	if(aes_self_test())
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1028	{
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1029	frm.use_crypt.value = 'yes';
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1030	var cryptkey = frm.crypt_key.value;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1031	frm.crypt_key.value = hex_md5(cryptkey);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1032	cryptkey = hexToByteArray(cryptkey);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1033	if(!cryptkey \|\| ( ( typeof cryptkey == 'string' \|\| typeof cryptkey == 'object' ) ) && cryptkey.length != keySizeInBits / 8 )
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1034	{
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1035	frm.submit.disabled = true;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1036	len = ( typeof cryptkey == 'string' \|\| typeof cryptkey == 'object' ) ? '\nLen: '+cryptkey.length : '';
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1037	alert('The key is messed up\nType: '+typeof(cryptkey)+len);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1038	}
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1039	pass = frm.password.value;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1040	pass = stringToByteArray(pass);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1041	cryptstring = rijndaelEncrypt(pass, cryptkey, 'ECB');
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1042	if(!cryptstring)
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1043	{
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1044	return false;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1045	}
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1046	cryptstring = byteArrayToHex(cryptstring);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1047	frm.crypt_data.value = cryptstring;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1048	frm.password.value = "";
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1049	frm.password_confirm.value = "";
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1050	}
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1051	return true;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1052	}
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1053	</script>
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1054	</form>
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1055	<!-- Don't optimize this script, it fails when compressed -->
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1056	<enano:no-opt>
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1057	<script type="text/javascript">
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1058	// <![CDATA[
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1059	var namegood = false;
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1060	function validateForm(field)
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1061	{
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1062	if ( typeof(field) != 'object' )
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1063	{
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1064	field = {
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1065	name: '_nil',
459 31c23016ab62 Upgraded tinyMCE to 3.0.1 in hopes of fixing IE race conditions. Fixed a couple minor syntax errors in Javascript objects declared in various places. Dan parents: 458 diff changeset	1066	value: '_nil'
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1067	}
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1068	}
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1069	// wait until $lang is initted
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1070	if ( typeof($lang) != 'object' )
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1071	{
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1072	setTimeout('validateForm();', 200);
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1073	return false;
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1074	}
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1075	var frm = document.forms.regform;
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1076	failed = false;
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1077
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1078	// Username
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1079	if(!namegood && ( field.name == 'username' \|\| field.name == '_nil' ) )
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1080	{
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1081	//if(frm.username.value.match(/^([A-z0-9 \!@\-]+){2,}$/ig))
270 5bcdee999015 Major fixes to the ban system - large IP match lists don't slow down the server miserably anymore. Dan parents: 263 diff changeset	1082	var regex = new RegExp('^([^<>&\?]+){2,}$', 'ig');
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1083	if ( frm.username.value.match(regex) )
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1084	{
404 fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list. Dan parents: 402 diff changeset	1085	document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/checkunk.png';
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1086	document.getElementById('e_username').innerHTML = ' ';
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1087	} else {
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1088	failed = true;
404 fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list. Dan parents: 402 diff changeset	1089	document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/checkbad.png';
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1090	document.getElementById('e_username').innerHTML = '<br /><small>' + $lang.get('user_reg_err_username_invalid') + '</small>';
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1091	}
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1092	}
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1093	document.getElementById('b_username').innerHTML = '';
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1094	if(hex_md5(frm.real_name.value) == '5a397df72678128cf0e8147a2befd5f1')
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1095	{
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1096	document.getElementById('b_username').innerHTML = '<br /><br />Hey...I know you!<br /><img alt="" src="http://upload.wikimedia.org/wikipedia/commons/thumb/7/7f/Bill_Gates_2004_cr.jpg/220px-Bill_Gates_2004_cr.jpg" />';
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1097	}
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1098
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1099	// Password
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1100	if ( field.name == 'password' \|\| field.name == 'password_confirm' \|\| field.name == '_nil' )
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1101	{
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1102	if(frm.password.value.match(/^(.+){6,}$/ig) && frm.password_confirm.value.match(/^(.+){6,}$/ig) && frm.password.value == frm.password_confirm.value )
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1103	{
404 fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list. Dan parents: 402 diff changeset	1104	document.getElementById('s_password').src='<?php echo scriptPath; ?>/images/check.png';
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1105	document.getElementById('e_password').innerHTML = '<br /><small>' + $lang.get('user_reg_err_password_good') + '</small>';
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1106	} else {
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1107	failed = true;
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1108	if(frm.password.value.length < 6)
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1109	{
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1110	document.getElementById('e_password').innerHTML = '<br /><small>' + $lang.get('user_reg_msg_password_length') + '</small>';
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1111	}
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1112	else if(frm.password.value != frm.password_confirm.value)
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1113	{
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1114	document.getElementById('e_password').innerHTML = '<br /><small>' + $lang.get('user_reg_msg_password_needmatch') + '</small>';
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1115	}
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1116	else
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1117	{
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1118	document.getElementById('e_password').innerHTML = '';
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1119	}
404 fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list. Dan parents: 402 diff changeset	1120	document.getElementById('s_password').src='<?php echo scriptPath; ?>/images/checkbad.png';
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1121	}
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1122	}
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1123
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1124	// E-mail address
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1126	// workaround for idiot jEdit bug
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1127	if ( validateEmail(frm.email.value) && ( field.name == 'email' \|\| field.name == '_nil' ) )
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1128	{
404 fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list. Dan parents: 402 diff changeset	1129	document.getElementById('s_email').src='<?php echo scriptPath; ?>/images/check.png';
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1130	} else {
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1131	failed = true;
404 fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list. Dan parents: 402 diff changeset	1132	document.getElementById('s_email').src='<?php echo scriptPath; ?>/images/checkbad.png';
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1133	}
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1134	if(failed)
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1135	{
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1136	frm.submit.disabled = 'disabled';
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1137	} else {
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1138	frm.submit.disabled = false;
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1139	}
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1140	}
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1141	function checkUsername()
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1142	{
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1143	var frm = document.forms.regform;
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1144
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1145	if(!namegood)
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1146	{
270 5bcdee999015 Major fixes to the ban system - large IP match lists don't slow down the server miserably anymore. Dan parents: 263 diff changeset	1147	var regex = new RegExp('^([^<>&\?]+){2,}$', 'ig');
5bcdee999015 Major fixes to the ban system - large IP match lists don't slow down the server miserably anymore. Dan parents: 263 diff changeset	1148	if ( frm.username.value.match(regex) )
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1149	{
404 fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list. Dan parents: 402 diff changeset	1150	document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/checkunk.png';
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1151	document.getElementById('e_username').innerHTML = ' ';
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1152	} else {
404 fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list. Dan parents: 402 diff changeset	1153	document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/checkbad.png';
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1154	document.getElementById('e_username').innerHTML = '<br /><small>' + $lang.get('user_reg_err_username_invalid') + '</small>';
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1155	return false;
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1156	}
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1157	}
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1158
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1159	document.getElementById('e_username').innerHTML = '<br /><small><b>' + $lang.get('user_reg_msg_username_checking') + '</b></small>';
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1160	ajaxGet('<?php echo scriptPath; ?>/ajax.php?title=null&_mode=checkusername&name='+escape(frm.username.value), function() {
407 35d94240a197 Mass-fixed all AJAX functions to also check the HTTP status code before parsing the response Dan parents: 404 diff changeset	1161	if ( ajax.readyState == 4 && ajax.status == 200 )
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1162	if(ajax.responseText == 'good')
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1163	{
404 fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list. Dan parents: 402 diff changeset	1164	document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/check.png';
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1165	document.getElementById('e_username').innerHTML = '<br /><small><b>' + $lang.get('user_reg_msg_username_available') + '</b></small>';
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1166	namegood = true;
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1167	} else if(ajax.responseText == 'bad') {
404 fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list. Dan parents: 402 diff changeset	1168	document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/checkbad.png';
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1169	document.getElementById('e_username').innerHTML = '<br /><small><b>' + $lang.get('user_reg_msg_username_unavailable') + '</b></small>';
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1170	namegood = false;
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1171	} else {
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1172	document.getElementById('e_username').innerHTML = ajax.responseText;
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1173	}
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1174	});
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1175	}
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1176	function regenCaptcha()
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1177	{
448 f725a16e4a20 Fixed broken regenCaptcha() in Special:Register Dan parents: 324 diff changeset	1178	var frm = document.forms.regform;
517 c6118b9e13bd Fixed bad captcha refresh code on registration page Dan parents: 507 diff changeset	1179	document.getElementById('captchaimg').src = '<?php echo makeUrlNS("Special", "Captcha/$captchacode"); ?>/'+Math.floor(Math.random() * 100000);
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1180	return false;
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1181	}
614 78d1e71dc720 Got user registration working with the new componentized JS framework Dan parents: 604 diff changeset	1182	addOnloadHook(function()
78d1e71dc720 Got user registration working with the new componentized JS framework Dan parents: 604 diff changeset	1183	{
78d1e71dc720 Got user registration working with the new componentized JS framework Dan parents: 604 diff changeset	1184	<?php if ( getConfig('pw_strength_enable') == '1' ): ?>
78d1e71dc720 Got user registration working with the new componentized JS framework Dan parents: 604 diff changeset	1185	var frm = document.forms.regform;
78d1e71dc720 Got user registration working with the new componentized JS framework Dan parents: 604 diff changeset	1186	load_component('pwstrength');
78d1e71dc720 Got user registration working with the new componentized JS framework Dan parents: 604 diff changeset	1187	password_score_field(frm.password);
78d1e71dc720 Got user registration working with the new componentized JS framework Dan parents: 604 diff changeset	1188	<?php endif; ?>
78d1e71dc720 Got user registration working with the new componentized JS framework Dan parents: 604 diff changeset	1189	load_component('crypto');
78d1e71dc720 Got user registration working with the new componentized JS framework Dan parents: 604 diff changeset	1190	validateForm();
78d1e71dc720 Got user registration working with the new componentized JS framework Dan parents: 604 diff changeset	1191	setTimeout('checkUsername();', 1000);
78d1e71dc720 Got user registration working with the new componentized JS framework Dan parents: 604 diff changeset	1192	});
125 fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1193	// ]]>
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1194	</script>
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup Dan parents: 116 diff changeset	1195	</enano:no-opt>
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1196	<?php
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1197	}
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1198	else
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1199	{
345 4ccdfeee9a11 WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite Dan parents: 343 diff changeset	1200	$year = intval( enano_date('Y') );
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1201	$year = $year - 13;
345 4ccdfeee9a11 WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite Dan parents: 343 diff changeset	1202	$month = enano_date('F');
4ccdfeee9a11 WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite Dan parents: 343 diff changeset	1203	$day = enano_date('d');
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1204
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1205	$yo13_date = "$month $day, $year";
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1206	$link_coppa_yes = makeUrlNS('Special', 'Register', 'coppa=yes', true);
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1207	$link_coppa_no = makeUrlNS('Special', 'Register', 'coppa=no', true);
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1208
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1209	// COPPA enabled, ask age
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1210	echo '<div class="tblholder">';
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1211	echo '<table border="0" cellspacing="1" cellpadding="4">';
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1212	echo '<tr>
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1213	<td class="row1">
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1214	' . $lang->get('user_reg_coppa_title') . '
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1215	</td>
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1216	</tr>
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1217	<tr>
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1218	<td class="row3">
221 e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1219	<a href="' . $link_coppa_no . '">' . $lang->get('user_reg_coppa_link_atleast13', array( 'yo13_date' => $yo13_date )) . '</a><br />
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things. Dan parents: 210 diff changeset	1220	<a href="' . $link_coppa_yes . '">' . $lang->get('user_reg_coppa_link_not13', array( 'yo13_date' => $yo13_date )) . '</a>
30 7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1221	</td>
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1222	</tr>';
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1223	echo '</table>';
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1224	echo '</div>';
7e8fd44b36b0 COPPA support added Dan parents: 23 diff changeset	1225	}
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1226	$template->footer();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1227	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1228
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1229	function page_Special_Contributions() {
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1230	global $db, $session, $paths, $template, $plugins; // Common objects
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1231	global $lang;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1232
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1233	// This is a vast improvement over the old Special:Contributions in 1.0.x.
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1234
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1235	$template->header();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1236	$user = $paths->getParam();
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1237	if ( !$user && isset($_GET['user']) )
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1238	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1239	$user = $_GET['user'];
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1240	}
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1241	else if ( !$user && !isset($_GET['user']) )
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1242	{
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1243	echo '<p>' . $lang->get('userfuncs_contribs_err_no_user') . '</p>';
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1244	$template->footer();
81 d7fc25acd3f3 Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate Dan parents: 60 diff changeset	1245	return;
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1246	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1247
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1248	$user = $db->escape($user);
414 818b4cd12b8b Added "is_draft != 1" where appropriate in SQL queries to prevent drafts from being treated as real revisions. Dan parents: 411 diff changeset	1249	$q = 'SELECT log_type, time_id, action, date_string, page_id, namespace, author, edit_summary, minor_edit, page_id, namespace, ( action = \'edit\' ) AS is_edit FROM '.table_prefix.'logs WHERE author=\''.$user.'\' AND log_type=\'page\' AND is_draft != 1 ORDER BY is_edit DESC, time_id DESC;';
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1250	$q = $db->sql_query($q);
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1251	if ( !$q )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1252	$db->_die('SpecialUserFuncs selecting contribution data');
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1253
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1254	echo '<h3>' . $lang->get('userfuncs_contribs_heading_edits') . '</h3>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1255
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1256	$cnt_edits = 0;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1257	$cnt_other = 0;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1258	$current = 'cnt_edits';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1259	$cls = 'row2';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1260
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1261	while ( $row = $db->fetchrow($q) )
81 d7fc25acd3f3 Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate Dan parents: 60 diff changeset	1262	{
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1263	if ( $current == 'cnt_edits' && $row['is_edit'] != 1 )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1264	{
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1265	// No longer processing page edits - split the table
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1266	if ( $cnt_edits == 0 )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1267	{
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1268	echo '<p>' . $lang->get('userfuncs_contribs_msg_no_edits') . '</p>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1269	}
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1270	else
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1271	{
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1272	echo '</table></div>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1273	echo '<h3>' . $lang->get('userfuncs_contribs_heading_other') . '</h3>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1274	}
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1275	$current = 'cnt_other';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1276	$cls = 'row2';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1277	}
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1278	if ( $$current == 0 )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1279	{
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1280	echo '<div class="tblholder">
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1281	<table border="0" cellspacing="1" cellpadding="4">';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1282	echo ' <tr>
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1283	<th>' . $lang->get('history_col_datetime') . '</th>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1284	echo ' <th>' . $lang->get('history_col_page') . '</th>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1285	if ( $current == 'cnt_edits' )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1286	{
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1287	echo ' <th>' . $lang->get('history_col_summary') . '</th>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1288	}
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1289	echo ' <th>' . $lang->get('history_col_minor') . '</th>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1290	if ( $current == 'cnt_other' )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1291	{
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1292	echo ' <th>' . $lang->get('history_col_action_taken') . '</th>
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1293	<th>' . $lang->get('history_col_extra') . '</th>
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1294	';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1295	}
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1296	echo ' <th>' . $lang->get('history_col_actions') . '</th>
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1297	</tr>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1298	}
377 bb3e6c3bd4f4 Removed stray debugging info from ACL editor success notification; added ability for guests to set language on URI (?lang=eng); added html_in_pages ACL type and separated from php_in_pages so HTML can be embedded but not PHP; rewote portions of the path manager to better abstract URL input; added Zend Framework into list of BSD-licensed libraries; localized some remaining strings; got the migration script working, but just barely; fixed display bug in Special:Contributions; localized Main Page button in admin panel Dan parents: 372 diff changeset	1299	$$current++;
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1300	$cls = ( $cls == 'row1' ) ? 'row2' : 'row1';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1301
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1302	echo '<tr>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1303
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1304	// date & time
345 4ccdfeee9a11 WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite Dan parents: 343 diff changeset	1305	echo ' <td class="' . $cls . '">' . enano_date('d M Y h:i a', $row['time_id']) . '</td>';
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1306
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1307	// page & link to said page
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1308	echo ' <td class="' . $cls . '"><a href="' . makeUrlNS($row['namespace'], $row['page_id']) . '">' . get_page_title_ns($row['page_id'], $row['namespace']) . '</a></td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1309
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1310	switch ( $row['action'] )
81 d7fc25acd3f3 Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate Dan parents: 60 diff changeset	1311	{
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1312	case 'edit':
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1313	if ( $row['edit_summary'] == 'Automatic backup created when logs were purged' )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1314	{
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1315	$row['edit_summary'] = $lang->get('history_summary_clearlogs');
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1316	}
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1317	else if ( empty($row['edit_summary']) )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1318	{
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1319	$row['edit_summary'] = '<span style="color: #808080">' . $lang->get('history_summary_none_given') . '</span>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1320	}
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1321	echo ' <td class="' . $cls . '">' . $row['edit_summary'] . '</td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1322	if ( $row['minor_edit'] == 1 )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1323	{
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1324	echo '<td class="' . $cls . '"><b>M</b></td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1325	}
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1326	else
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1327	{
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1328	echo '<td class="' . $cls . '"></td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1329	}
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1330	break;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1331	case 'prot':
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1332	echo ' <td class="' . $cls . '"></td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1333	echo ' <td class="' . $cls . '">' . $lang->get('history_log_protect') . '</td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1334	echo ' <td class="' . $cls . '">' . $lang->get('history_extra_reason') . ' ' . $row['edit_summary'] . '</td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1335	break;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1336	case 'unprot':
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1337	echo ' <td class="' . $cls . '"></td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1338	echo ' <td class="' . $cls . '">' . $lang->get('history_log_unprotect') . '</td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1339	echo ' <td class="' . $cls . '">' . $lang->get('history_extra_reason') . ' ' . $row['edit_summary'] . '</td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1340	break;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1341	case 'semiprot':
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1342	echo ' <td class="' . $cls . '"></td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1343	echo ' <td class="' . $cls . '">' . $lang->get('history_log_semiprotect') . '</td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1344	echo ' <td class="' . $cls . '">' . $lang->get('history_extra_reason') . ' ' . $row['edit_summary'] . '</td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1345	break;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1346	case 'rename':
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1347	echo ' <td class="' . $cls . '"></td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1348	echo ' <td class="' . $cls . '">' . $lang->get('history_log_rename') . '</td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1349	echo ' <td class="' . $cls . '">' . $lang->get('history_extra_oldtitle') . ' ' . htmlspecialchars($row['edit_summary']) . '</td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1350	break;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1351	case 'create':
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1352	echo ' <td class="' . $cls . '"></td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1353	echo ' <td class="' . $cls . '">' . $lang->get('history_log_create') . '</td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1354	echo ' <td class="' . $cls . '"></td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1355	break;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1356	case 'delete':
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1357	echo ' <td class="' . $cls . '"></td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1358	echo ' <td class="' . $cls . '">' . $lang->get('history_log_delete') . '</td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1359	echo ' <td class="' . $cls . '">' . $lang->get('history_extra_reason') . ' ' . $row['edit_summary'] . '</td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1360	break;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1361	case 'reupload':
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1362	echo ' <td class="' . $cls . '"></td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1363	echo ' <td class="' . $cls . '">' . $lang->get('history_log_uploadnew') . '</td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1364	echo ' <td class="' . $cls . '">' . $lang->get('history_extra_reason') . ' ' . $row['edit_summary'] . '</td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1365	break;
81 d7fc25acd3f3 Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate Dan parents: 60 diff changeset	1366	}
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1367
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1368	// actions column
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1369	echo ' <td class="' . $cls . '" style="text-align: center;">';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1370	if ( $row['is_edit'] == 1 )
81 d7fc25acd3f3 Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate Dan parents: 60 diff changeset	1371	{
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1372	echo ' <a href="' . makeUrlNS($row['namespace'], $row['page_id'], "oldid={$row['time_id']}", true) . '">' . $lang->get('history_action_view') . '</a> \| ';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1373	echo ' <a href="' . makeUrlNS($row['namespace'], $row['page_id'], "do=rollback&id={$row['time_id']}", true) . '">' . $lang->get('history_action_restore') . '</a>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1374	}
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1375	else
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1376	{
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1377	echo ' <a href="' . makeUrlNS($row['namespace'], $row['page_id'], "do=rollback&id={$row['time_id']}", true) . '">' . $lang->get('history_action_revert') . '</a>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1378	}
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1379	echo ' </td>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1380
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1381	if ( $current == 'cnt_other' && $cnt_edits + $cnt_other >= $db->numrows($q) )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1382	{
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1383	echo '</table></div>';
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1384	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1385	}
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1386
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1387	if ( $current == 'cnt_edits' )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1388	{
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1389	// no "other" edits, close the table
377 bb3e6c3bd4f4 Removed stray debugging info from ACL editor success notification; added ability for guests to set language on URI (?lang=eng); added html_in_pages ACL type and separated from php_in_pages so HTML can be embedded but not PHP; rewote portions of the path manager to better abstract URL input; added Zend Framework into list of BSD-licensed libraries; localized some remaining strings; got the migration script working, but just barely; fixed display bug in Special:Contributions; localized Main Page button in admin panel Dan parents: 372 diff changeset	1390	if ( $cnt_edits > 0 )
bb3e6c3bd4f4 Removed stray debugging info from ACL editor success notification; added ability for guests to set language on URI (?lang=eng); added html_in_pages ACL type and separated from php_in_pages so HTML can be embedded but not PHP; rewote portions of the path manager to better abstract URL input; added Zend Framework into list of BSD-licensed libraries; localized some remaining strings; got the migration script working, but just barely; fixed display bug in Special:Contributions; localized Main Page button in admin panel Dan parents: 372 diff changeset	1391	echo '</table></div>';
bb3e6c3bd4f4 Removed stray debugging info from ACL editor success notification; added ability for guests to set language on URI (?lang=eng); added html_in_pages ACL type and separated from php_in_pages so HTML can be embedded but not PHP; rewote portions of the path manager to better abstract URL input; added Zend Framework into list of BSD-licensed libraries; localized some remaining strings; got the migration script working, but just barely; fixed display bug in Special:Contributions; localized Main Page button in admin panel Dan parents: 372 diff changeset	1392	else
bb3e6c3bd4f4 Removed stray debugging info from ACL editor success notification; added ability for guests to set language on URI (?lang=eng); added html_in_pages ACL type and separated from php_in_pages so HTML can be embedded but not PHP; rewote portions of the path manager to better abstract URL input; added Zend Framework into list of BSD-licensed libraries; localized some remaining strings; got the migration script working, but just barely; fixed display bug in Special:Contributions; localized Main Page button in admin panel Dan parents: 372 diff changeset	1393	echo '<p>' . $lang->get('userfuncs_contribs_msg_no_edits') . '</p>';
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1394	echo '<h3>' . $lang->get('userfuncs_contribs_heading_other') . '</h3>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1395	echo '<p>' . $lang->get('userfuncs_contribs_msg_no_other') . '</p>';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1396	}
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1397
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1398	$db->free_result();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1399	$template->footer();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1400	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1401
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1402	function page_Special_ChangeStyle()
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1403	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1404	global $db, $session, $paths, $template, $plugins; // Common objects
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1405	global $lang;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1406
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1407	if ( !$session->user_logged_in )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1408	{
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1409	die_friendly('Access denied', '<p>You must be logged in to change your style. Spoofer.</p>');
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1410	}
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1411	if(isset($_POST['theme']) && isset($_POST['style']) && isset($_POST['return_to']))
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1412	{
81 d7fc25acd3f3 Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate Dan parents: 60 diff changeset	1413	if ( !preg_match('/^([a-z0-9_-]+)$/i', $_POST['theme']) )
d7fc25acd3f3 Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate Dan parents: 60 diff changeset	1414	die('Hacking attempt');
d7fc25acd3f3 Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate Dan parents: 60 diff changeset	1415	if ( !preg_match('/^([a-z0-9_-]+)$/i', $_POST['style']) )
d7fc25acd3f3 Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate Dan parents: 60 diff changeset	1416	die('Hacking attempt');
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1417	$d = ENANO_ROOT . '/themes/' . $_POST['theme'];
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1418	$f = ENANO_ROOT . '/themes/' . $_POST['theme'] . '/css/' . $_POST['style'] . '.css';
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1419	if ( !file_exists($d) \|\| !is_dir($d) )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1420	{
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1421	die('The directory "'.$d.'" does not exist.');
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1422	}
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1423	if ( !file_exists($f) )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1424	{
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1425	die('The file "'.$f.'" does not exist.');
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1426	}
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1427	$d = $db->escape($_POST['theme']);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1428	$f = $db->escape($_POST['style']);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1429	$q = 'UPDATE '.table_prefix.'users SET theme=\''.$d.'\',style=\''.$f.'\' WHERE username=\''.$session->username.'\'';
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1430	if ( !$db->sql_query($q) )
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1431	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1432	$db->_die('Your theme/style preferences were not updated.');
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1433	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1434	else
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1435	{
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1436	redirect(makeUrl($_POST['return_to']), $lang->get('userfuncs_changetheme_success_title'), $lang->get('userfuncs_changetheme_success_body'), 3);
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1437	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1438	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1439	else
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1440	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1441	$template->header();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1442	$ret = ( isset($_POST['return_to']) ) ? $_POST['return_to'] : $paths->getParam(0);
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1443	if ( !$ret )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1444	{
741 a216e412c439 Added ability to have alternate main page for members Dan parents: 701 diff changeset	1445	$ret = get_main_page();
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1446	}
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1447	?>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1448	<form action="<?php echo makeUrl($paths->page); ?>" method="post">
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1449	<?php if ( !isset($_POST['themeselected']) ) { ?>
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1450	<h3><?php echo $lang->get('userfuncs_changetheme_heading_theme'); ?></h3>
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1451	<p>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1452	<select name="theme">
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1453	<?php
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1454	foreach ( $template->theme_list as $t )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1455	{
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1456	if ( $t['enabled'] )
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1457	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1458	echo '<option value="'.$t['theme_id'].'"';
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1459	if ( $t['theme_id'] == $session->theme )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1460	{
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1461	echo ' selected="selected"';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1462	}
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1463	echo '>' . $t['theme_name'] . '</option>';
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1464	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1465	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1466	?>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1467	</select>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1468	</p>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1469	<p><input type="hidden" name="return_to" value="<?php echo $ret; ?>" />
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1470	<input type="submit" name="themeselected" value="<?php echo $lang->get('userfuncs_changetheme_btn_continue'); ?>" /></p>
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1471	<?php } else {
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1472	$theme = $_POST['theme'];
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1473	if ( !preg_match('/^([0-9A-z_-]+)$/i', $theme ) )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1474	die('Hacking attempt');
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1475	?>
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1476	<h3><?php echo $lang->get('userfuncs_changetheme_heading_style'); ?></h3>
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1477	<p>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1478	<select name="style">
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1479	<?php
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1480	$dir = './themes/'.$theme.'/css/';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1481	$list = Array();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1482	// Open a known directory, and proceed to read its contents
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1483	if (is_dir($dir)) {
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1484	if ($dh = opendir($dir)) {
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1485	while (($file = readdir($dh)) !== false) {
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1486	if(preg_match('#^(.*?)\.css$#is', $file) && $file != '_printable.css') {
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1487	$list[] = substr($file, 0, strlen($file)-4);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1488	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1489	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1490	closedir($dh);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1491	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1492	} else die($dir.' is not a dir');
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1493	foreach ( $list as $l )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1494	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1495	echo '<option value="'.$l.'">'.capitalize_first_letter($l).'</option>';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1496	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1497	?>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1498	</select>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1499	</p>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1500	<p><input type="hidden" name="return_to" value="<?php echo $ret; ?>" />
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1501	<input type="hidden" name="theme" value="<?php echo $theme; ?>" />
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1502	<input type="submit" name="allclear" value="<?php echo $lang->get('userfuncs_changetheme_btn_allclear'); ?>" /></p>
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1503	<?php } ?>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1504	</form>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1505	<?php
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1506	$template->footer();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1507	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1508	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1509
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1510	function page_Special_ActivateAccount()
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1511	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1512	global $db, $session, $paths, $template, $plugins; // Common objects
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1513	global $lang;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1514
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1515	$user = $paths->getParam(0);
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1516	if ( !$user )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1517	{
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1518	die_friendly($lang->get('userfuncs_activate_err_badlink_title'), '<p>' . $lang->get('userfuncs_activate_err_badlink_body') . '</p>');
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1519	}
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1520	$key = $paths->getParam(1);
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1521	if ( !$key )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1522	{
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1523	die_friendly($lang->get('userfuncs_activate_err_badlink_title'), '<p>' . $lang->get('userfuncs_activate_err_badlink_body') . '</p>');
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1524	}
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1525	$s = $session->activate_account(str_replace('_', ' ', $user), $key);
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1526	if ( $s > 0 )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1527	{
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1528	die_friendly($lang->get('userfuncs_activate_success_title'), '<p>' . $lang->get('userfuncs_activate_success_body') . '</p>');
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1529	}
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1530	else
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1531	{
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1532	die_friendly($lang->get('userfuncs_activate_err_badlink_title'), '<p>' . $lang->get('userfuncs_activate_err_bad_key') . '</p>');
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1533	}
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1534	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1535
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1536	function page_Special_Captcha()
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1537	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1538	global $db, $session, $paths, $template, $plugins; // Common objects
263 d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true Dan parents: 192 diff changeset	1539	if ( $paths->getParam(0) == 'make' )
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1540	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1541	$session->kill_captcha();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1542	echo $session->make_captcha();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1543	return;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1544	}
263 d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true Dan parents: 192 diff changeset	1545
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1546	$hash = $paths->getParam(0);
401 6ae6e387a0e3 Implemented a new CAPTCHA API; the frontend ($session->{make,get}_captcha) is API-compatible but the backend (the captcha class) is deprecated. Dan parents: 387 diff changeset	1547	if ( !$hash \|\| !preg_match('#^([0-9a-f]*){32,40}$#i', $hash) )
263 d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true Dan parents: 192 diff changeset	1548	{
d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true Dan parents: 192 diff changeset	1549	$paths->main_page();
d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true Dan parents: 192 diff changeset	1550	}
402 d907601ccad2 Fixed some captcha bugs and made all captcha fields case-insensitive Dan parents: 401 diff changeset	1551
d907601ccad2 Fixed some captcha bugs and made all captcha fields case-insensitive Dan parents: 401 diff changeset	1552	$session->make_captcha(7, $hash);
401 6ae6e387a0e3 Implemented a new CAPTCHA API; the frontend ($session->{make,get}_captcha) is API-compatible but the backend (the captcha class) is deprecated. Dan parents: 387 diff changeset	1553	$code = $session->generate_captcha_code();
6ae6e387a0e3 Implemented a new CAPTCHA API; the frontend ($session->{make,get}_captcha) is API-compatible but the backend (the captcha class) is deprecated. Dan parents: 387 diff changeset	1554	$q = $db->sql_query('UPDATE ' . table_prefix . "captcha SET code = '$code' WHERE session_id = '$hash';");
263 d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true Dan parents: 192 diff changeset	1555	if ( !$q )
401 6ae6e387a0e3 Implemented a new CAPTCHA API; the frontend ($session->{make,get}_captcha) is API-compatible but the backend (the captcha class) is deprecated. Dan parents: 387 diff changeset	1556	$db->_die();
263 d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true Dan parents: 192 diff changeset	1557
d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true Dan parents: 192 diff changeset	1558	require ( ENANO_ROOT.'/includes/captcha.php' );
401 6ae6e387a0e3 Implemented a new CAPTCHA API; the frontend ($session->{make,get}_captcha) is API-compatible but the backend (the captcha class) is deprecated. Dan parents: 387 diff changeset	1559	$captcha = captcha_object($hash, 'freecap');
472 bc4b58034f4d Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug Dan parents: 459 diff changeset	1560	// $captcha->debug = true;
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1561	$captcha->make_image();
401 6ae6e387a0e3 Implemented a new CAPTCHA API; the frontend ($session->{make,get}_captcha) is API-compatible but the backend (the captcha class) is deprecated. Dan parents: 387 diff changeset	1562
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1563	exit;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1564	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1565
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1566	function page_Special_PasswordReset()
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1567	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1568	global $db, $session, $paths, $template, $plugins; // Common objects
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1569	global $lang;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1570
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1571	$template->header();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1572	if($paths->getParam(0) == 'stage2')
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1573	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1574	$user_id = intval($paths->getParam(1));
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1575	$encpass = $paths->getParam(2);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1576	if ( $user_id < 2 )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1577	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1578	echo '<p>Hacking attempt</p>';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1579	$template->footer();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1580	return false;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1581	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1582	if(!preg_match('#^([a-f0-9]+)$#i', $encpass))
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1583	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1584	echo '<p>Hacking attempt</p>';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1585	$template->footer();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1586	return false;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1587	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1588
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1589	$q = $db->sql_query('SELECT username,temp_password_time FROM '.table_prefix.'users WHERE user_id='.$user_id.' AND temp_password=\'' . $encpass . '\';');
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1590	if($db->numrows() < 1)
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1591	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1592	echo '<p>Invalid credentials</p>';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1593	$template->footer();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1594	return false;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1595	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1596	$row = $db->fetchrow();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1597	$db->free_result();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1598
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1599	if ( ( intval($row['temp_password_time']) + ( 3600 * 24 ) ) < time() )
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1600	{
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1601	echo '<p>' . $lang->get('userfuncs_passreset_err_pass_expired', array('reset_url' => makeUrlNS('Special', 'PasswordReset'))) . '</p>';
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1602	$template->footer();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1603	return false;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1604	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1605
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1606	if ( isset($_POST['do_stage2']) )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1607	{
286 b2f985e4cef3 Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added Dan parents: 270 diff changeset	1608	$aes = AESCrypt::singleton(AES_BITS, AES_BLOCKSIZE);
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1609	if($_POST['use_crypt'] == 'yes')
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1610	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1611	$crypt_key = $session->fetch_public_key($_POST['crypt_key']);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1612	if(!$crypt_key)
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1613	{
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1614	echo $lang->get('user_err_key_not_found');
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1615	$template->footer();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1616	return false;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1617	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1618	$crypt_key = hexdecode($crypt_key);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1619	$data = $aes->decrypt($_POST['crypt_data'], $crypt_key, ENC_HEX);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1620	if(strlen($data) < 6)
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1621	{
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1622	echo $lang->get('userfuncs_passreset_err_too_short');
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1623	$template->footer();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1624	return false;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1625	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1626	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1627	else
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1628	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1629	$data = $_POST['pass'];
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1630	$conf = $_POST['pass_confirm'];
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1631	if($data != $conf)
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1632	{
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1633	echo $lang->get('userfuncs_passreset_err_no_match');
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1634	$template->footer();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1635	return false;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1636	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1637	if(strlen($data) < 6)
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1638	{
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1639	echo $lang->get('userfuncs_passreset_err_too_short');
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1640	$template->footer();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1641	return false;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1642	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1643	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1644	if(empty($data))
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1645	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1646	echo 'ERROR: Sanity check failed!';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1647	$template->footer();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1648	return false;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1649	}
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1650	if ( getConfig('pw_strength_enable') == '1' )
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1651	{
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1652	$min_score = intval(getConfig('pw_strength_minimum'));
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1653	$inp_score = password_score($data);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1654	if ( $inp_score < $min_score )
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1655	{
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1656	$url = makeUrl($paths->fullpage);
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1657	echo "<p>" . $lang->get('userfuncs_passreset_err_failed_score', array('inp_score' => $inp_score, 'url' => $url)) . "</p>";
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1658	$template->footer();
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1659	return false;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1660	}
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1661	}
591 2529833a7731 Made $session->private_key protected and added pk_{en,de}crypt methods for encrypting and decrypting data using the private key Dan parents: 590 diff changeset	1662	$encpass = $session->pk_encrypt($data, ENC_HEX);
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1663	$q = $db->sql_query('UPDATE '.table_prefix.'users SET password=\'' . $encpass . '\',temp_password=\'\',temp_password_time=0 WHERE user_id='.$user_id.';');
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1664
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1665	if($q)
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1666	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1667	$session->login_without_crypto($row['username'], $data);
741 a216e412c439 Added ability to have alternate main page for members Dan parents: 701 diff changeset	1668	echo '<p>' . $lang->get('userfuncs_passreset_stage2_success', array('url_mainpage' => makeUrl(get_main_page()))) . '</p>';
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1669	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1670	else
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1671	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1672	echo $db->get_error();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1673	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1674
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1675	$template->footer();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1676	return false;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1677	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1678
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1679	// Password reset form
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1680	$pubkey = $session->rijndael_genkey();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1681
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1682	$evt_get_score = ( getConfig('pw_strength_enable') == '1' ) ? 'onkeyup="password_score_field(this);" ' : '';
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1683	$pw_meter = ( getConfig('pw_strength_enable') == '1' ) ? '<tr><td class="row1">' . $lang->get('userfuncs_passreset_stage2_lbl_strength') . '</td><td class="row1"><div id="pwmeter"></div><script type="text/javascript">password_score_field(document.forms.resetform.pass);</script></td></tr>' : '';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1684	$pw_blurb = ( getConfig('pw_strength_enable') == '1' && intval(getConfig('pw_strength_minimum')) > -10 ) ? '<br /><small>' . $lang->get('userfuncs_passreset_stage2_blurb_strength') . '</small>' : '';
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1685
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1686	?>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1687	<form action="<?php echo makeUrl($paths->fullpage); ?>" method="post" name="resetform" onsubmit="return runEncryption();">
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1688	<br />
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1689	<div class="tblholder">
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1690	<table border="0" style="width: 100%;" cellspacing="1" cellpadding="4">
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1691	<tr><th colspan="2"><?php echo $lang->get('userfuncs_passreset_stage2_th'); ?></th></tr>
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1692	<tr><td class="row1"><?php echo $lang->get('userfuncs_passreset_stage2_lbl_password'); ?> <?php echo $pw_blurb; ?></td><td class="row1"><input name="pass" type="password" <?php echo $evt_get_score; ?>/></td></tr>
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1693	<tr><td class="row2"><?php echo $lang->get('userfuncs_passreset_stage2_lbl_confirm'); ?> </td><td class="row2"><input name="pass_confirm" type="password" /></td></tr>
133 af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working Dan parents: 126 diff changeset	1694	<?php echo $pw_meter; ?>
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1695	<tr>
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1696	<td colspan="2" class="row3" style="text-align: center;">
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1697	<input type="hidden" name="use_crypt" value="no" />
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1698	<input type="hidden" name="crypt_key" value="<?php echo $pubkey; ?>" />
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1699	<input type="hidden" name="crypt_data" value="" />
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1700	<input type="submit" name="do_stage2" value="<?php echo $lang->get('userfuncs_passreset_stage2_btn_submit'); ?>" />
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1701	</td>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1702	</tr>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1703	</table>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1704	</div>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1705	</form>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1706	<script type="text/javascript">
57 b354deeaa4c4 Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions Dan parents: 32 diff changeset	1707	if ( !KILL_SWITCH )
b354deeaa4c4 Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions Dan parents: 32 diff changeset	1708	{
b354deeaa4c4 Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions Dan parents: 32 diff changeset	1709	disableJSONExts();
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1710	str = '';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1711	for(i=0;i<keySizeInBits/4;i++) str+='0';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1712	var key = hexToByteArray(str);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1713	var pt = hexToByteArray(str);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1714	var ct = rijndaelEncrypt(pt, key, "ECB");
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1715	var ct = byteArrayToHex(ct);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1716	switch(keySizeInBits)
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1717	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1718	case 128:
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1719	v = '66e94bd4ef8a2c3b884cfa59ca342b2e';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1720	break;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1721	case 192:
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1722	v = 'aae06992acbf52a3e8f4a96ec9300bd7aae06992acbf52a3e8f4a96ec9300bd7';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1723	break;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1724	case 256:
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1725	v = 'dc95c078a2408989ad48a21492842087dc95c078a2408989ad48a21492842087';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1726	break;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1727	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1728	var testpassed = ( ct == v && md5_vm_test() );
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1729	var frm = document.forms.resetform;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1730	if(testpassed)
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1731	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1732	frm.use_crypt.value = 'yes';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1733	var cryptkey = frm.crypt_key.value;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1734	frm.crypt_key.value = hex_md5(cryptkey);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1735	cryptkey = hexToByteArray(cryptkey);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1736	if(!cryptkey \|\| ( ( typeof cryptkey == 'string' \|\| typeof cryptkey == 'object' ) ) && cryptkey.length != keySizeInBits / 8 )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1737	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1738	frm._login.disabled = true;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1739	len = ( typeof cryptkey == 'string' \|\| typeof cryptkey == 'object' ) ? '\nLen: '+cryptkey.length : '';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1740	alert('The key is messed up\nType: '+typeof(cryptkey)+len);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1741	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1742	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1743	function runEncryption()
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1744	{
57 b354deeaa4c4 Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions Dan parents: 32 diff changeset	1745	var frm = document.forms.resetform;
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1746	pass1 = frm.pass.value;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1747	pass2 = frm.pass_confirm.value;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1748	if ( pass1 != pass2 )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1749	{
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1750	alert($lang.get('userfuncs_passreset_err_no_match'));
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1751	return false;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1752	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1753	if ( pass1.length < 6 )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1754	{
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1755	alert($lang.get('userfuncs_passreset_err_too_short'));
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1756	return false;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1757	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1758	if(testpassed)
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1759	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1760	pass = frm.pass.value;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1761	pass = stringToByteArray(pass);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1762	cryptstring = rijndaelEncrypt(pass, cryptkey, 'ECB');
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1763	if(!cryptstring)
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1764	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1765	return false;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1766	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1767	cryptstring = byteArrayToHex(cryptstring);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1768	frm.crypt_data.value = cryptstring;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1769	frm.pass.value = "";
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1770	frm.pass_confirm.value = "";
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1771	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1772	return true;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1773	}
57 b354deeaa4c4 Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions Dan parents: 32 diff changeset	1774	}
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1775	</script>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1776	<?php
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1777	$template->footer();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1778	return true;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1779	}
701 dd80cde96a6c Autocomplete further stabilized. Made Special:PasswordReset and Special:Register prevent use if logged in. Dan parents: 688 diff changeset	1780	if ( $session->user_logged_in )
dd80cde96a6c Autocomplete further stabilized. Made Special:PasswordReset and Special:Register prevent use if logged in. Dan parents: 688 diff changeset	1781	{
dd80cde96a6c Autocomplete further stabilized. Made Special:PasswordReset and Special:Register prevent use if logged in. Dan parents: 688 diff changeset	1782	$paths->main_page();
dd80cde96a6c Autocomplete further stabilized. Made Special:PasswordReset and Special:Register prevent use if logged in. Dan parents: 688 diff changeset	1783	}
dd80cde96a6c Autocomplete further stabilized. Made Special:PasswordReset and Special:Register prevent use if logged in. Dan parents: 688 diff changeset	1784
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1785	if(isset($_POST['do_reset']))
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1786	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1787	if($session->mail_password_reset($_POST['username']))
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1788	{
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1789	echo '<p>' . $lang->get('userfuncs_passreset_stage1_success') . '</p>';
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1790	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1791	else
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1792	{
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1793	echo '<p>' . $lang->get('userfuncs_passreset_stage1_error') . '</p>';
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1794	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1795	$template->footer();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1796	return true;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1797	}
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1798	echo '<p>' . $lang->get('userfuncs_passreset_blurb_line1') . '</p>
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1799	<p>' . $lang->get('userfuncs_passreset_blurb_line2') . '</p>
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1800	<form action="'.makeUrl($paths->page).'" method="post" onsubmit="if(!submitAuthorized) return false;">
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1801	<p>' . $lang->get('userfuncs_passreset_lbl_username') . ' '.$template->username_field('username').'</p>
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1802	<p><input type="submit" name="do_reset" value="' . $lang->get('userfuncs_passreset_btn_mailpasswd') . '" /></p>
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1803	</form>';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1804	$template->footer();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1805	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1806
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1807	function page_Special_Memberlist()
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1808	{
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1809	global $db, $session, $paths, $template, $plugins; // Common objects
335 67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1810	global $lang;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up. Dan parents: 334 diff changeset	1811
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1812	$template->header();
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1813
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1814	$startletters = 'abcdefghijklmnopqrstuvwxyz';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1815	$startletters = enano_str_split($startletters);
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1816	$startletter = ( isset($_GET['letter']) ) ? strtolower($_GET['letter']) : '';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1817	if ( !in_array($startletter, $startletters) && $startletter != 'chr' )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1818	{
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1819	$startletter = '';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1820	}
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1821
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1822	$startletter_sql = $startletter;
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1823	if ( $startletter == 'chr' )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1824	{
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1825	$startletter_sql = '([^a-z])';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1826	}
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1827
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1828	// offset
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1829	$offset = ( isset($_GET['offset']) && strval(intval($_GET['offset'])) === $_GET['offset']) ? intval($_GET['offset']) : 0;
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1830
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1831	// sort order
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1832	$sortkeys = array(
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1833	'uid' => 'u.user_id',
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1834	'username' => 'u.username',
111 b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	1835	'email' => 'u.email',
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	1836	'regist' => 'u.reg_time'
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1837	);
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1838
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1839	$sortby = ( isset($_GET['sort']) && isset($sortkeys[$_GET['sort']]) ) ? $_GET['sort'] : 'username';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1840	$sort_sqllet = $sortkeys[$sortby];
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1841
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1842	$target_order = ( isset($_GET['orderby']) && in_array($_GET['orderby'], array('ASC', 'DESC')) )? $_GET['orderby'] : 'ASC';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1843
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1844	$sortorders = array();
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1845	foreach ( $sortkeys as $k => $_unused )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1846	{
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1847	$sortorders[$k] = ( $sortby == $k ) ? ( $target_order == 'ASC' ? 'DESC' : 'ASC' ) : 'ASC';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1848	}
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1849
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1850	// Why 3.3714%? 100 percent / 28 cells, minus a little (0.2% / cell) to account for cell spacing
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1851
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1852	echo '<div class="tblholder">
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1853	<table border="0" cellspacing="1" cellpadding="4" style="text-align: center;">
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1854	<tr>';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1855	echo '<td class="row1" style="width: 3.3714%;"><a href="' . makeUrlNS('Special', 'Memberlist', 'letter=&sort=' . $sortby . '&orderby=' . $target_order, true) . '">All</a></td>';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1856	echo '<td class="row1" style="width: 3.3714%;"><a href="' . makeUrlNS('Special', 'Memberlist', 'letter=chr&sort=' . $sortby . '&orderby=' . $target_order, true) . '">#</a></td>';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1857	foreach ( $startletters as $letter )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1858	{
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1859	echo '<td class="row1" style="width: 3.3714%;"><a href="' . makeUrlNS('Special', 'Memberlist', 'letter=' . $letter . '&sort=' . $sortby . '&orderby=' . $target_order, true) . '">' . strtoupper($letter) . '</a></td>';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1860	}
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1861	echo ' </tr>
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1862	</table>
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1863	</div>';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1864
105 f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1865	// User search
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1866	if ( isset($_GET['finduser']) )
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1867	{
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1868	$finduser = str_replace(array( '%', '_'),
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1869	array('\\%', '\\_'),
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1870	$_GET['finduser']);
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1871	$finduser = str_replace(array('*', '?'),
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1872	array('%', '_'),
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1873	$finduser);
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1874	$finduser = $db->escape($finduser);
322 5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time. Dan parents: 317 diff changeset	1875	$username_where = ENANO_SQLFUNC_LOWERCASE . '(u.username) LIKE \'%' . strtolower($finduser) . '%\'';
105 f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1876	$finduser_url = 'finduser=' . rawurlencode($_GET['finduser']) . '&';
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1877	}
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1878	else
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1879	{
322 5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time. Dan parents: 317 diff changeset	1880	if ( ENANO_DBLAYER == 'MYSQL' )
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time. Dan parents: 317 diff changeset	1881	$username_where = 'lcase(u.username) REGEXP lcase("^' . $startletter_sql . '")';
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time. Dan parents: 317 diff changeset	1882	else if ( ENANO_DBLAYER == 'PGSQL' )
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time. Dan parents: 317 diff changeset	1883	$username_where = 'lower(u.username) ~ lower(\'^' . $startletter_sql . '\')';
105 f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1884	$finduser_url = '';
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1885	}
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1886
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1887	// Column markers
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1888	$headings = '<tr>
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1889	<th style="max-width: 50px;">
105 f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1890	<a href="' . makeUrlNS('Special', 'Memberlist', $finduser_url . 'letter=' . $startletter . '&sort=uid&orderby=' . $sortorders['uid'], true) . '">#</a>
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1891	</th>
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1892	<th>
342 ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	1893	<a href="' . makeUrlNS('Special', 'Memberlist', $finduser_url . 'letter=' . $startletter . '&sort=username&orderby=' . $sortorders['username'], true) . '">' . $lang->get('userfuncs_ml_column_username') . '</a>
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1894	</th>
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1895	<th>
342 ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	1896	' . $lang->get('userfuncs_ml_column_userlevel') . '
111 b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	1897	</th>
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	1898	<th>
342 ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	1899	<a href="' . makeUrlNS('Special', 'Memberlist', $finduser_url . 'letter=' . $startletter . '&sort=email&orderby=' . $sortorders['email'], true) . '">' . $lang->get('userfuncs_ml_column_email') . '</a>
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1900	</th>
111 b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	1901	<th>
342 ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	1902	<a href="' . makeUrlNS('Special', 'Memberlist', $finduser_url . 'letter=' . $startletter . '&sort=regist&orderby=' . $sortorders['regist'], true) . '">' . $lang->get('userfuncs_ml_column_regtime') . '</a>
111 b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	1903	</th>
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1904	</tr>';
105 f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1905
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1906	// determine number of rows
322 5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time. Dan parents: 317 diff changeset	1907	$q = $db->sql_query('SELECT u.user_id FROM '.table_prefix.'users AS u WHERE ' . $username_where . ' AND u.username != \'Anonymous\';');
105 f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1908	if ( !$q )
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1909	$db->_die();
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1910
105 f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1911	$num_rows = $db->numrows();
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1912	$db->free_result();
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1913
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1914	if ( !empty($finduser_url) )
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1915	{
342 ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	1916	switch ( $num_rows )
ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	1917	{
ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	1918	case 0:
ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	1919	$str = $lang->get('userfuncs_ml_msg_matches_zero'); break;
ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	1920	case 1:
ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	1921	$str = $lang->get('userfuncs_ml_msg_matches_one'); break;
ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	1922	default:
ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	1923	$str = $lang->get('userfuncs_ml_msg_matches', array('matches' => $num_rows)); break;
ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	1924	}
ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	1925	echo "<h3>$str</h3>";
105 f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1926	}
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1927
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1928	// main selector
684 15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	1929	$pgsql_additional_group_by = ( ENANO_DBLAYER == 'PGSQL' ) ? ', u.username, u.reg_time, u.email, u.user_level, u.user_has_avatar, u.avatar_type, x.email_public' : '';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	1930	$q = $db->sql_unbuffered_query('SELECT \'\' AS infobit, u.user_id, u.username, u.reg_time, u.email, u.user_level, u.user_has_avatar, u.avatar_type, x.email_public, COUNT(c.comment_id) AS num_comments FROM '.table_prefix.'users AS u
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1931	LEFT JOIN '.table_prefix.'users_extra AS x
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1932	ON ( u.user_id = x.user_id )
684 15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	1933	LEFT JOIN ' . table_prefix . 'comments AS c
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	1934	ON ( u.user_id = c.user_id )
322 5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time. Dan parents: 317 diff changeset	1935	WHERE ' . $username_where . ' AND u.username != \'Anonymous\'
684 15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	1936	GROUP BY u.user_id' . $pgsql_additional_group_by . '
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1937	ORDER BY ' . $sort_sqllet . ' ' . $target_order . ';');
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1938	if ( !$q )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1939	$db->_die();
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1940
684 15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	1941	// formatter parameters
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	1942	$formatter = new MemberlistFormatter();
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	1943	$formatters = array(
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	1944	'username' => array($formatter, 'username'),
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	1945	'user_level' => array($formatter, 'user_level'),
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	1946	'email' => array($formatter, 'email'),
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	1947	'reg_time' => array($formatter, 'reg_time'),
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	1948	'infobit' => array($formatter, 'infobit')
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	1949	);
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	1950
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1951	$html = paginate(
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1952	$q, // MySQL result resource
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1953	'<tr>
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1954	<td class="{_css_class}">{user_id}</td>
111 b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	1955	<td class="{_css_class}" style="text-align: left;">{username}</td>
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	1956	<td class="{_css_class}">{user_level}</td>
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1957	<td class="{_css_class}">{email}</small></td>
111 b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	1958	<td class="{_css_class}">{reg_time}</td>
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1959	</tr>
684 15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	1960	<tr>
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	1961	<td colspan="5" class="row3" style="text-align: left;">
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	1962	<div id="ml_moreinfo_{user_id}" style="display: none;">
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	1963	{infobit}
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	1964	</div>
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	1965	</td>
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	1966	</tr>
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1967	', // TPL code for rows
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1968	$num_rows, // Number of results
105 f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1969	makeUrlNS('Special', 'Memberlist', ( str_replace('%', '%%', $finduser_url) ) . 'letter=' . $startletter . '&offset=%s&sort=' . $sortby . '&orderby=' . $target_order ), // Result URL
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1970	$offset, // Start at this number
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1971	25, // Results per page
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1972	$formatters, // Formatting hooks
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1973	'<div class="tblholder">
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1974	<table border="0" cellspacing="1" cellpadding="4" style="text-align: center;">
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1975	' . $headings . '
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1976	', // Header (printed before rows)
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1977	' ' . $headings . '
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1978	</table>
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1979	</div>
105 f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1980	' .
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1981	'<div style="float: left;">
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1982	<form action="' . makeUrlNS('Special', 'Memberlist') . '" method="get" onsubmit="if ( !submitAuthorized ) return false;">'
322 5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time. Dan parents: 317 diff changeset	1983	. ( urlSeparator == '&' ? '<input type="hidden" name="title" value="' . htmlspecialchars( $paths->page ) . '" />' : '' )
115 261f367623af Fixed the obnoxious issue with forms using GET and index.php?title=Foo URL scheme (this works a whole lot better than MediaWiki now Dan parents: 111 diff changeset	1984	. ( $session->sid_super ? '<input type="hidden" name="auth" value="' . $session->sid_super . '" />' : '')
342 ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	1985	. '<p>' . $lang->get('userfuncs_ml_lbl_finduser') . ' ' . $template->username_field('finduser') . ' <input type="submit" value="' . $lang->get('userfuncs_ml_btn_go') . '" /><br />
ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	1986	<small>' . $lang->get('userfuncs_ml_tip_wildcard') . '</small></p>'
105 f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1987	. '</form>
f7750e454168 Added search function for memberlist Dan parents: 103 diff changeset	1988	</div>' // Footer (printed after rows)
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1989	);
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1990
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1991	if ( $num_rows < 1 )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1992	{
342 ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	1993	echo ( isset($_GET['finduser']) ) ? '<p>' . $lang->get('userfuncs_ml_err_nousers_find') . '</p>' :
ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	1994	'<p>' . $lang->get('userfuncs_ml_err_nousers') . '</p>';
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1995	}
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1996	else
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1997	{
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1998	echo $html;
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	1999	}
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2000
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2001	$template->footer();
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2002	}
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2003
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2004	/**
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2005	* Class for formatting results for the memberlist.
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2006	* @access private
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2007	*/
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2008
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2009	class MemberlistFormatter
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2010	{
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2011	function username($username, $row)
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2012	{
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2013	global $db, $session, $paths, $template, $plugins; // Common objects
342 ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	2014	global $lang;
ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	2015
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2016	$userpage = $paths->nslist['User'] . sanitize_page_id($username);
684 15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2017	$class = ( isPage($userpage) ) ? '' : ' class="wikilink-nonexistent"';
743 0acb5d0f8328 Fixed: Special:Memberlist still used SpryEffects Dan parents: 741 diff changeset	2018	$anchor = '<a href="' . makeUrlNS('User', sanitize_page_id($username)) . '"' . $class . ' onclick="load_component(\'jquery\'); load_component(\'jquery-ui\'); var el = document.getElementById(\'ml_moreinfo_' . $row['user_id'] . '\'); $(el).toggle(\'blind\'); return false;">' . htmlspecialchars($username) . '</a>';
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2019	if ( $session->user_level >= USER_LEVEL_ADMIN )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2020	{
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2021	$anchor .= ' <small>- <a href="' . makeUrlNS('Special', 'Administration', 'module=' . $paths->nslist['Admin'] . 'UserManager&src=get&username=' . urlencode($username), true) . '"
342 ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	2022	onclick="ajaxAdminUser(\'' . addslashes(htmlspecialchars($username)) . '\'); return false;">' . $lang->get('userfuncs_ml_btn_adminuser') . '</a></small>';
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2023	}
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2024	return $anchor;
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2025	}
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2026	function user_level($level, $row)
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2027	{
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2028	global $db, $session, $paths, $template, $plugins; // Common objects
342 ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	2029	global $lang;
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2030	switch ( $level )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2031	{
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2032	case USER_LEVEL_GUEST:
342 ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	2033	$s_level = $lang->get('userfuncs_ml_level_guest'); break;
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2034	case USER_LEVEL_MEMBER:
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2035	case USER_LEVEL_CHPREF:
342 ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	2036	$s_level = $lang->get('userfuncs_ml_level_member'); break;
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2037	case USER_LEVEL_MOD:
342 ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	2038	$s_level = $lang->get('userfuncs_ml_level_mod'); break;
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2039	case USER_LEVEL_ADMIN:
342 ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	2040	$s_level = $lang->get('userfuncs_ml_level_admin'); break;
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2041	default:
342 ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	2042	$s_level = $lang->get('userfuncs_ml_level_unknown', array( 'level' => $level ));
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2043	}
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2044	return $s_level;
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2045	}
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2046	function email($addy, $row)
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2047	{
342 ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	2048	global $lang;
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2049	if ( $row['email_public'] == '1' )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2050	{
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2051	global $email;
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2052	$addy = $email->encryptEmail($addy);
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2053	return $addy;
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2054	}
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2055	else
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2056	{
342 ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	2057	return '<small><' . $lang->get('userfuncs_ml_email_nonpublic') . '></small>';
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2058	}
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2059	}
111 b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2060	/**
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2061	* Format a time as a reference to a day, with user-friendly "X days ago"/"Today"/"Yesterday" returned when relevant.
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2062	* @param int UNIX timestamp
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2063	* @return string
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2064	*/
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2065
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2066	function format_date($time)
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2067	{
342 ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	2068	global $lang;
345 4ccdfeee9a11 WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite Dan parents: 343 diff changeset	2069	// Our formattting string to pass to enano_date()
111 b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2070	// This should not include minute/second info, only today's date in whatever format suits your fancy
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2071	$formatstring = 'F j, Y';
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2072	// Today's date
345 4ccdfeee9a11 WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite Dan parents: 343 diff changeset	2073	$today = enano_date($formatstring);
111 b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2074	// Yesterday's date
345 4ccdfeee9a11 WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite Dan parents: 343 diff changeset	2075	$yesterday = enano_date($formatstring, (time() - (246060)));
111 b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2076	// Date on the input
345 4ccdfeee9a11 WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite Dan parents: 343 diff changeset	2077	$then = enano_date($formatstring, $time);
111 b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2078	// "X days ago" logic
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2079	for ( $i = 2; $i <= 6; $i++ )
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2080	{
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2081	// hours_in_day * minutes_in_hour * seconds_in_minute * num_days
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2082	$offset = 24 * 60 * 60 * $i;
345 4ccdfeee9a11 WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite Dan parents: 343 diff changeset	2083	$days_ago = enano_date($formatstring, (time() - $offset));
111 b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2084	// so does the input timestamp match the date from $i days ago?
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2085	if ( $then == $days_ago )
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2086	{
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2087	// yes, return $i
342 ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	2088	return $lang->get('userfuncs_ml_date_daysago', array('days_ago' => $i));
111 b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2089	}
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2090	}
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2091	// either yesterday, today, or before 6 days ago
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2092	switch($then)
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2093	{
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2094	case $today:
342 ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	2095	return $lang->get('userfuncs_ml_date_today');
111 b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2096	case $yesterday:
342 ac34de920762 Finished localization of SpecialUserFuncs Dan parents: 335 diff changeset	2097	return $lang->get('userfuncs_ml_date_yesterday');
111 b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2098	default:
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2099	return $then;
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2100	}
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2101	// .--.
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2102	// \|o_o \|
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2103	// \|!_/ \|
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2104	// // \ \
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2105	// (\| \| )
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2106	// /'\_ _/`\
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2107	// \___)=(___/
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2108	return 'Linux rocks!';
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2109	}
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2110	function reg_time($time, $row)
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2111	{
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2112	return $this->format_date($time);
b348ace50bc7 Added registration date column to members list Dan parents: 105 diff changeset	2113	}
684 15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2114	function infobit($_, $row)
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2115	{
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2116	global $db, $session, $paths, $template, $plugins; // Common objects
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2117	global $lang;
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2118
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2119	$bit = '';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2120	if ( $row['user_has_avatar'] == 1 )
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2121	{
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2122	$bit .= '<div style="float: left; margin-right: 10px;">
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2123	<img alt=" " src="' . make_avatar_url(intval($row['user_id']), $row['avatar_type'], $row['email']) . '" />
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2124	</div>';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2125	}
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2126	$rank_data = $session->get_user_rank(intval($row['user_id']));
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2127	$userpage = $paths->nslist['User'] . sanitize_page_id($row['username']);
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2128	$title = ( isPage($userpage) ) ? ' title="' . $lang->get('userfuncs_ml_tip_userpage') . '"' : ' title="' . $lang->get('userfuncs_ml_tip_nouserpage') . '"';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2129	$bit .= '<a' . $title . ' href="' . makeUrlNS('User', $row['username'], false, true) . '" style="font-size: x-large; ' . $rank_data['rank_style'] . '">' . htmlspecialchars($row['username']) . '</a><br />';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2130	if ( $rank_data['user_title'] )
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2131	$bit .= htmlspecialchars($rank_data['user_title']) . '<br />';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2132	if ( $rank_data['rank_title'] )
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2133	$bit .= '<small>' . htmlspecialchars($lang->get($rank_data['rank_title'])) . '</small><br />';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2134
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2135	$bit .= '<div style="text-align: right;">
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2136	<a href="' . makeUrlNS('Special', "PrivateMessages/Compose/To/{$row['username']}", false, true) . '" class="abutton abutton_blue"><img alt=" " src="' . cdnPath . '/images/icons/send_pm.png" /> ' . $lang->get('comment_btn_send_privmsg') . '</a>
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2137	<a href="' . makeUrlNS('Special', "PrivateMessages/FriendList/Add/{$row['username']}", false, true) . '" class="abutton abutton_green"><img alt=" " src="' . cdnPath . '/images/icons/add_buddy.png" /> ' . $lang->get('comment_btn_add_buddy') . '</a>
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2138	</div>';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2139
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2140	return $bit;
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2141	}
103 a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2142	}
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged. Dan parents: 101 diff changeset	2143
210 2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2144	function page_Special_LangExportJSON()
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2145	{
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2146	global $db, $session, $paths, $template, $plugins; // Common objects
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2147	global $lang;
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2148
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2149	$lang_id = ( $x = $paths->getParam(0) ) ? intval($x) : $lang->lang_id;
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2150
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2151	if ( $lang->lang_id == $lang_id )
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2152	$lang_local =& $lang;
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2153	else
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2154	$lang_local = new Language($lang_id);
782 96848f04bbba Corrected a few issues with languages and client-side code Dan parents: 743 diff changeset	2155
96848f04bbba Corrected a few issues with languages and client-side code Dan parents: 743 diff changeset	2156	$lang_local->get('meta_meta');
210 2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2157
542 5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit. Dan parents: 541 diff changeset	2158	$lang_strings = enano_json_encode($lang_local->strings);
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit. Dan parents: 541 diff changeset	2159	$etag = substr(sha1($lang_strings), 0, 20) . '-' . dechex($lang_local->lang_timestamp);
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit. Dan parents: 541 diff changeset	2160
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit. Dan parents: 541 diff changeset	2161	if ( isset($_SERVER['HTTP_IF_NONE_MATCH']) )
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit. Dan parents: 541 diff changeset	2162	{
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit. Dan parents: 541 diff changeset	2163	if ( "\"$etag\"" == $_SERVER['HTTP_IF_NONE_MATCH'] )
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit. Dan parents: 541 diff changeset	2164	{
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit. Dan parents: 541 diff changeset	2165	header('HTTP/1.1 304 Not Modified');
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit. Dan parents: 541 diff changeset	2166	exit();
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit. Dan parents: 541 diff changeset	2167	}
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit. Dan parents: 541 diff changeset	2168	}
210 2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2169
345 4ccdfeee9a11 WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite Dan parents: 343 diff changeset	2170	$timestamp = enano_date('D, j M Y H:i:s T', $lang_local->lang_timestamp);
562 75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	2171	// generate expires header
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	2172	$expires = date('r', mktime(-1, -1, -1, -1, -1, intval(date('y'))+1));
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	2173
210 2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2174	header("Last-Modified: $timestamp");
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2175	header("Date: $timestamp");
542 5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit. Dan parents: 541 diff changeset	2176	header("ETag: \"$etag\"");
210 2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2177	header('Content-type: text/javascript');
562 75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php Dan parents: 555 diff changeset	2178	header("Expires: $expires");
210 2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2179
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2180	$lang_local->fetch();
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2181	echo "if ( typeof(enano_lang) != 'object' )
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2182	var enano_lang = new Object();
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2183
782 96848f04bbba Corrected a few issues with languages and client-side code Dan parents: 743 diff changeset	2184	enano_lang[{$lang_local->lang_id}] = " . $lang_strings . ";";
555 ac4c6a7f01d8 Added user preference for disabling visual effects in Javascript applets; added re-import button to installed plugins Dan parents: 542 diff changeset	2185
ac4c6a7f01d8 Added user preference for disabling visual effects in Javascript applets; added re-import button to installed plugins Dan parents: 542 diff changeset	2186	gzip_output();
210 2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2187
542 5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit. Dan parents: 541 diff changeset	2188	exit(0);
210 2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2189	}
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface. Dan parents: 209 diff changeset	2190
541 acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2191	/**
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2192	* Fetches and displays an avatar from the filesystem. Avatar fetching is abstracted as of 1.1.4.
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2193	*/
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2194
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2195	function page_Special_Avatar()
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2196	{
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2197	global $db, $session, $paths, $template, $plugins; // Common objects
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2198	global $aggressive_optimize_html;
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2199	$aggressive_optimize_html = false;
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2200
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2201	$img_types = array(
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2202	IMAGE_TYPE_PNG => 'png',
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2203	IMAGE_TYPE_GIF => 'gif',
621 68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2204	IMAGE_TYPE_JPG => 'jpg',
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2205	IMAGE_TYPE_GRV => 'grv'
541 acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2206	);
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2207
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2208	$avi_id = $paths->getParam(0);
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2209	if ( !$avi_id \|\| !@preg_match('/^[a-f0-9]+$/', $avi_id) )
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2210	{
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2211	echo 'Doesn\'t match the regexp';
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2212	return true;
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2213	}
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2214
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2215	$avi_id_dec = hexdecode($avi_id);
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2216	$avi_id_dec = @unpack('Vdate/Vuid/vimg_type', $avi_id_dec);
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2217	if ( !$avi_id_dec )
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2218	{
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2219	echo 'Bad unpack';
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2220	return true;
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2221	}
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2222
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2223	// check parameters
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2224	if ( !isset($img_types[$avi_id_dec['img_type']]) )
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2225	{
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2226	echo 'Invalid image type';
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2227	return true;
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2228	}
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2229
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2230	// build file path
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2231	$avi_type = $img_types[$avi_id_dec['img_type']];
621 68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2232
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2233	// is this a gravatar?
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2234	if ( $avi_type == 'grv' )
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2235	{
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2236	// yes, we'll have to redirect
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2237	// sanitize UID
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2238	$uid = intval($avi_id_dec['uid']);
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2239
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2240	// fetch email
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2241	$q = $db->sql_query('SELECT email FROM ' . table_prefix . "users WHERE user_id = $uid;");
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2242	if ( !$q )
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2243	$db->_die();
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2244	if ( $db->numrows() < 1 )
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2245	return false;
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2246
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2247	list($email) = $db->fetchrow_num();
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2248	$db->free_result();
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2249
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2250	$url = make_gravatar_url($url);
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2251
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2252	// ship out the redirect
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2253	header('HTTP/1.1 302 Permanent Redirect');
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2254	header("Location: $url");
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2255	}
68f8a9cc0a18 Added Gravatar support! And it's really configurable too. Dan parents: 614 diff changeset	2256
541 acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2257	$avi_path = ENANO_ROOT . '/' . getConfig('avatar_directory') . '/' . $avi_id_dec['uid'] . '.' . $avi_type;
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2258	if ( file_exists($avi_path) )
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2259	{
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2260	$avi_mod_time = @filemtime($avi_path);
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2261	$avi_mod_time = date('r', $avi_mod_time);
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2262	$avi_size = @filesize($avi_path);
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2263	header("Last-Modified: $avi_mod_time");
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2264	header("Content-Length: $avi_size");
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2265	header("Content-Type: image/$avi_type");
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2266	// http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2267	header("Cache-Control: public");
684 15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2268	// expire it 30 days from now
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2269	$expiry_time = time() + ( 86400 * 30 );
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental). Dan parents: 621 diff changeset	2270	header("Expires: " . date('r', $expiry_time));
541 acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2271
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2272	$fh = @fopen($avi_path, 'r');
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2273	if ( !$fh )
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2274	{
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2275	echo 'Could not open file';
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2276	return true;
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2277	}
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2278
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2279	while ( $fd = @fread($fh, 1024) )
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2280	{
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2281	echo $fd;
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2282	}
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2283	fclose($fh);
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2284
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2285	}
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2286	return true;
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2287	}
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons. Dan parents: 536 diff changeset	2288
0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	2289	?>

author	Dan
	Sun, 21 Dec 2008 17:25:28 -0500
changeset 782	96848f04bbba
parent 743	0acb5d0f8328
child 799	4629ad98ee88
permissions	-rw-r--r--