Enano CMS (1.1.x): comparison plugins/SpecialAdmin.php

equal deleted inserted replaced

-:90b7a52bea45
+:b0a4d179be85
 Author URI: http://enanocms.org/
 */
 /*
 * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
-* Version 1.0.2 (Coblynau)
+* Version 1.1.1
 * Copyright (C) 2006-2007 Dan Fuhry
 *
 * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
 *
 // function names are IMPORTANT!!! The name pattern is: page_<namespace ID>_<page URLname, without namespace>
 function page_Admin_Home() {
 global $db, $session, $paths, $template, $plugins; // Common objects
+global $lang;
 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN )
 {
-echo '<h3>Error: Not authenticated</h3><p>It looks like your administration session is invalid or you are not authorized to access this administration page. Please <a href="' . makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true) . '">re-authenticate</a> to continue.</p>';
+$login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true);
+echo '<h3>' . $lang->get('adm_err_not_auth_title') . '</h3>';
+echo '<p>' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '</p>';
 return;
 }
 // Basic information
 echo RenderMan::render(
 }
 function page_Admin_GeneralConfig() {
 global $db, $session, $paths, $template, $plugins; // Common objects
+global $lang;
 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN )
 {
-echo '<h3>Error: Not authenticated</h3><p>It looks like your administration session is invalid or you are not authorized to access this administration page. Please <a href="' . makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true) . '">re-authenticate</a> to continue.</p>';
+$login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true);
+echo '<h3>' . $lang->get('adm_err_not_auth_title') . '</h3>';
+echo '<p>' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '</p>';
 return;
 }
 if(isset($_POST['submit']) && !defined('ENANO_DEMO_MODE') )
 {
 if ( $strength >= -10 && $strength <= 30 )
 {
 $strength = strval($strength);
 setConfig('pw_strength_minimum', $strength);
 }
+// Account lockout policy
+if ( preg_match('/^[0-9]+$/', $_POST['lockout_threshold']) )
+setConfig('lockout_threshold', $_POST['lockout_threshold']);
+if ( preg_match('/^[0-9]+$/', $_POST['lockout_duration']) )
+setConfig('lockout_duration', $_POST['lockout_duration']);
+if ( in_array($_POST['lockout_policy'], array('disable', 'captcha', 'lockout')) )
+setConfig('lockout_policy', $_POST['lockout_policy']);
 echo '<div class="info-box">Your changes to the site configuration have been saved.</div><br />';
 }
 else if ( isset($_POST['submit']) && defined('ENANO_DEMO_MODE') )
 <tr>
 <td class="row1">Account activation:</td><td class="row1">
 <?php
 echo '<label><input'; if(getConfig('account_activation') == 'disable') echo ' checked="checked"'; echo ' type="radio" name="account_activation" value="disable" /> Disable registration</label><br />';
-echo '<label><input'; if(getConfig('account_activation') != 'user' && getConfig('account_activation') != 'admin') echo ' checked="checked"'; echo ' type="radio" name="account_activation" value="none" /> None</label>';
+echo '<label><input'; if(getConfig('account_activation') != 'user' && getConfig('account_activation') != 'admin' && getConfig('account_activation') != 'disable') echo ' checked="checked"'; echo ' type="radio" name="account_activation" value="none" /> None</label>';
 echo '<label><input'; if(getConfig('account_activation') == 'user') echo ' checked="checked"'; echo ' type="radio" name="account_activation" value="user" /> User</label>';
 echo '<label><input'; if(getConfig('account_activation') == 'admin') echo ' checked="checked"'; echo ' type="radio" name="account_activation" value="admin" /> Admin</label>';
 ?>
 </td>
 </tr>
+<!-- Account lockout -->
+<tr><th colspan="2">Account lockouts</th></tr>
+<tr><td class="row3" colspan="2">Configure Enano to prevent or restrict logins for a specified period of time if a user enters an incorrect password a specific number of times.</td></tr>
+<tr>
+<td class="row2">Lockout threshold:<br />
+<small>How many times can a user enter wrong credentials before a lockout goes into effect?</small>
+</td>
+<td class="row2">
+<input type="text" name="lockout_threshold" value="<?php echo ( $_ = getConfig('lockout_threshold') ) ? $_ : '5' ?>" />
+</td>
+</tr>
+<tr>
+<td class="row1">Lockout duration:<br />
+<small>This is how long an account lockout should last, in minutes.</small>
+</td>
+<td class="row1">
+<input type="text" name="lockout_duration" value="<?php echo ( $_ = getConfig('lockout_duration') ) ? $_ : '15' ?>" />
+</td>
+</tr>
+<tr>
+<td class="row2">Lockout policy:<br />
+<small>What should be done when a lockout goes into effect?</small>
+</td>
+<td class="row2">
+<label><input type="radio" name="lockout_policy" value="disable" <?php if ( getConfig('lockout_policy') == 'disable' ) echo 'checked="checked"'; ?> /> Don't do anything</label><br />
+<label><input type="radio" name="lockout_policy" value="captcha" <?php if ( getConfig('lockout_policy') == 'captcha' ) echo 'checked="checked"'; ?> /> Require visual confirmation</label><br />
+<label><input type="radio" name="lockout_policy" value="lockout" <?php if ( getConfig('lockout_policy') == 'lockout' || !getConfig('lockout_policy') ) echo 'checked="checked"'; ?> /> Prevent all login attempts</label>
+</td>
+</tr>
+<!-- Password strength -->
 <tr><th colspan="2">Password strength</th></tr>
 <tr>
 <td class="row2">
 }
 function page_Admin_UploadConfig()
 {
 global $db, $session, $paths, $template, $plugins; // Common objects
+global $lang;
 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN )
 {
-echo '<h3>Error: Not authenticated</h3><p>It looks like your administration session is invalid or you are not authorized to access this administration page. Please <a href="' . makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true) . '">re-authenticate</a> to continue.</p>';
+$login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true);
+echo '<h3>' . $lang->get('adm_err_not_auth_title') . '</h3>';
+echo '<p>' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '</p>';
 return;
 }
 if(isset($_POST['save']))
 {
 echo '</form>';
 }
 function page_Admin_PluginManager() {
 global $db, $session, $paths, $template, $plugins; // Common objects
+global $lang;
 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN )
 {
-echo '<h3>Error: Not authenticated</h3><p>It looks like your administration session is invalid or you are not authorized to access this administration page. Please <a href="' . makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true) . '">re-authenticate</a> to continue.</p>';
+$login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true);
+echo '<h3>' . $lang->get('adm_err_not_auth_title') . '</h3>';
+echo '<p>' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '</p>';
 return;
 }
 if(isset($_GET['action']))
 {
 }
 function page_Admin_UploadAllowedMimeTypes()
 {
 global $db, $session, $paths, $template, $plugins; // Common objects
+global $lang;
 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN )
 {
-echo '<h3>Error: Not authenticated</h3><p>It looks like your administration session is invalid or you are not authorized to access this administration page. Please <a href="' . makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true) . '">re-authenticate</a> to continue.</p>';
+$login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true);
+echo '<h3>' . $lang->get('adm_err_not_auth_title') . '</h3>';
+echo '<p>' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '</p>';
 return;
 }
 global $mime_types, $mimetype_exps, $mimetype_extlist;
 if(isset($_POST['save']) && !defined('ENANO_DEMO_MODE'))
 }
 function page_Admin_Sidebar()
 {
 global $db, $session, $paths, $template, $plugins; // Common objects
+global $lang;
 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN )
 {
-echo '<h3>Error: Not authenticated</h3><p>It looks like your administration session is invalid or you are not authorized to access this administration page. Please <a href="' . makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true) . '">re-authenticate</a> to continue.</p>';
+$login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true);
+echo '<h3>' . $lang->get('adm_err_not_auth_title') . '</h3>';
+echo '<p>' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '</p>';
 return;
 }
 ?>
 <h2>Editing and managing the Enano sidebar</h2>
 }
 /*
 function page_Admin_UserManager() {
 global $db, $session, $paths, $template, $plugins; // Common objects
+global $lang;
 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN )
 {
-echo '<h3>Error: Not authenticated</h3><p>It looks like your administration session is invalid or you are not authorized to access this administration page. Please <a href="' . makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true) . '">re-authenticate</a> to continue.</p>';
+$login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true);
+echo '<h3>' . $lang->get('adm_err_not_auth_title') . '</h3>';
+echo '<p>' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '</p>';
 return;
 }
 if ( isset($_GET['src']) && $_GET['src'] == 'get' && !empty($_GET['user']) )
 {
 */
 function page_Admin_GroupManager()
 {
 global $db, $session, $paths, $template, $plugins; // Common objects
+global $lang;
 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN )
 {
-echo '<h3>Error: Not authenticated</h3><p>It looks like your administration session is invalid or you are not authorized to access this administration page. Please <a href="' . makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true) . '">re-authenticate</a> to continue.</p>';
+$login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true);
+echo '<h3>' . $lang->get('adm_err_not_auth_title') . '</h3>';
+echo '<p>' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '</p>';
 return;
 }
 if(isset($_POST['do_create_stage1']))
 {
 }
 function page_Admin_COPPA()
 {
 global $db, $session, $paths, $template, $plugins; // Common objects
+global $lang;
 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN )
 {
-echo '<h3>Error: Not authenticated</h3><p>It looks like your administration session is invalid or you are not authorized to access this administration page. Please <a href="' . makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true) . '">re-authenticate</a> to continue.</p>';
+$login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true);
+echo '<h3>' . $lang->get('adm_err_not_auth_title') . '</h3>';
+echo '<p>' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '</p>';
 return;
 }
 echo '<h2>Background information</h2>';
 echo '<p>
 }
 function page_Admin_PageManager()
 {
 global $db, $session, $paths, $template, $plugins; // Common objects
+global $lang;
 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN )
 {
-echo '<h3>Error: Not authenticated</h3><p>It looks like your administration session is invalid or you are not authorized to access this administration page. Please <a href="' . makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true) . '">re-authenticate</a> to continue.</p>';
+$login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true);
+echo '<h3>' . $lang->get('adm_err_not_auth_title') . '</h3>';
+echo '<p>' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '</p>';
 return;
 }
 echo '<h2>Page management</h2>';
 }
 function page_Admin_PageEditor()
 {
 global $db, $session, $paths, $template, $plugins; // Common objects
+global $lang;
 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN )
 {
-echo '<h3>Error: Not authenticated</h3><p>It looks like your administration session is invalid or you are not authorized to access this administration page. Please <a href="' . makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true) . '">re-authenticate</a> to continue.</p>';
+$login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true);
+echo '<h3>' . $lang->get('adm_err_not_auth_title') . '</h3>';
+echo '<p>' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '</p>';
 return;
 }
 echo '<h2>Edit page content</h2>';
 function page_Admin_ThemeManager()
 {
 global $db, $session, $paths, $template, $plugins; // Common objects
+global $lang;
 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN )
 {
-echo '<h3>Error: Not authenticated</h3><p>It looks like your administration session is invalid or you are not authorized to access this administration page. Please <a href="' . makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true) . '">re-authenticate</a> to continue.</p>';
+$login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true);
+echo '<h3>' . $lang->get('adm_err_not_auth_title') . '</h3>';
+echo '<p>' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '</p>';
 return;
 }
 // Get the list of styles in the themes/ dir
 }
 function page_Admin_BanControl()
 {
 global $db, $session, $paths, $template, $plugins; // Common objects
+global $lang;
 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN )
 {
-echo '<h3>Error: Not authenticated</h3><p>It looks like your administration session is invalid or you are not authorized to access this administration page. Please <a href="' . makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true) . '">re-authenticate</a> to continue.</p>';
+$login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true);
+echo '<h3>' . $lang->get('adm_err_not_auth_title') . '</h3>';
+echo '<p>' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '</p>';
 return;
 }
 if(isset($_GET['action']) && $_GET['action'] == 'delete' && isset($_GET['id']) && $_GET['id'] != '')
 {
-$e = $db->sql_query('DELETE FROM '.table_prefix.'banlist WHERE ban_id=' . $db->escape($_GET['id']) . '');
+$e = $db->sql_query('DELETE FROM '.table_prefix.'banlist WHERE ban_id=' . intval($_GET['id']) . '');
 if(!$e) $db->_die('The ban list entry was not deleted.');
 }
 if(isset($_POST['create']) && !defined('ENANO_DEMO_MODE'))
 {
 $type = intval($_POST['type']);
 }
 function page_Admin_MassEmail()
 {
 global $db, $session, $paths, $template, $plugins; // Common objects
+global $lang;
 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN )
 {
-echo '<h3>Error: Not authenticated</h3><p>It looks like your administration session is invalid or you are not authorized to access this administration page. Please <a href="' . makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true) . '">re-authenticate</a> to continue.</p>';
+$login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true);
+echo '<h3>' . $lang->get('adm_err_not_auth_title') . '</h3>';
+echo '<p>' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '</p>';
 return;
 }
 global $enano_config;
 if ( isset($_POST['do_send']) && !defined('ENANO_DEMO_MODE') )
 }
 function page_Admin_DBBackup()
 {
 global $db, $session, $paths, $template, $plugins; // Common objects
+global $lang;
 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN )
 {
-echo '<h3>Error: Not authenticated</h3><p>It looks like your administration session is invalid or you are not authorized to access this administration page. Please <a href="' . makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true) . '">re-authenticate</a> to continue.</p>';
+$login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true);
+echo '<h3>' . $lang->get('adm_err_not_auth_title') . '</h3>';
+echo '<p>' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '</p>';
 return;
 }
 if(isset($_GET['submitting']) && $_GET['submitting'] == 'yes' && defined('ENANO_DEMO_MODE') )
 {
 }
 function page_Admin_AdminLogout()
 {
 global $db, $session, $paths, $template, $plugins; // Common objects
+global $lang;
 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN )
 {
-echo '<h3>Error: Not authenticated</h3><p>It looks like your administration session is invalid or you are not authorized to access this administration page. Please <a href="' . makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true) . '">re-authenticate</a> to continue.</p>';
+$login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true);
+echo '<h3>' . $lang->get('adm_err_not_auth_title') . '</h3>';
+echo '<p>' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '</p>';
 return;
 }
 $session->logout(USER_LEVEL_ADMIN);
 echo '<h3>You have now been logged out of the administration panel.</h3><p>You will continue to be logged into the website, but you will need to re-authenticate before you can access the administration panel again.</p><p>Return to the <a href="'.makeUrl(getConfig('main_page')).'">Main Page</a>.</p>';
 }
 function page_Special_Administration()
 {
 global $db, $session, $paths, $template, $plugins; // Common objects
+global $lang;
 if($session->auth_level < USER_LEVEL_ADMIN) {
 redirect(makeUrlNS('Special', 'Login/'.$paths->page, 'level='.USER_LEVEL_ADMIN), 'Not authorized', 'You need an authorization level of '.USER_LEVEL_ADMIN.' to use this page, your auth level is: ' . $session->auth_level, 0);
 exit;
 }
 document.getElementById('ajaxPageContainer').innerHTML = '<div class="error-box">Because of the lack of AJAX support, support for Internet Explorer versions less than 6.0 has been disabled in Runt. You can download and use Mozilla Firefox (or Seamonkey under Windows 95); both have an up-to-date standards-compliant rendering engine that has been tested thoroughly with Enano.</div>';
 return false;
 }
 if ( t == namespace_list.Admin + 'AdminLogout' )
 {
-var mb = new messagebox(MB_YESNO|MB_ICONQUESTION, 'Are you sure you want to de-authenticate?', 'If you de-authenticate, you will no longer be able to use the administration panel until you re-authenticate again. You may do so at any time using the Administration button on the sidebar.');
+var mb = new messagebox(MB_YESNO|MB_ICONQUESTION, $lang.get('user_logout_confirm_title_elev'), $lang.get('user_logout_confirm_body_elev'));
 mb.onclick['Yes'] = function() {
 var tigraentry = document.getElementById('i_div0_0').parentNode;
 var tigraobj = $(tigraentry);
 var div = document.createElement('div');
 div.style.backgroundColor = '#FFFFFF';
 eval($fname.'();');
 }
 }
 else
 {
-echo '<div class="wait-box">Please wait while the administration panel loads. You need to be using a recent browser with AJAX support in order to use Runt.</div>';
+echo '<script type="text/javascript">document.write(\'<div class="wait-box">Please wait while the administration panel loads. You need to be using a recent browser with AJAX support in order to use Runt.</div>\');</script><noscript><div class="error-box">It looks like Javascript isn\'t enabled in your browser. Please enable Javascript or use a different browser to continue.</div></noscript>';
 }
 ?>
 </div>
 <script type="text/javascript">
 if ( KILL_SWITCH )
 }
 function page_Special_EditSidebar()
 {
 global $db, $session, $paths, $template, $plugins; // Common objects
+global $lang;
 if($session->auth_level < USER_LEVEL_ADMIN)
 {
 redirect(makeUrlNS('Special', 'Login/'.$paths->page, 'level='.USER_LEVEL_ADMIN), '', '', false);
 exit;
 case BLOCK_PLUGIN:
 $parser = $template->makeParserText($vars['sidebar_section_raw']);
 $c = ($template->fetch_block($row['block_content'])) ? $template->fetch_block($row['block_content']) : 'Can\'t find plugin block';
 break;
 }
-$t = '<span title="Double-click to rename this block" id="sbrename_' . $row['item_id'] . '" ondblclick="ajaxRenameSidebarStage1(this, \''.$row['item_id'].'\'); return false;">' . $template->tplWikiFormat($row['block_name']) . '</span>';
+$block_name = $row['block_name']; // $template->tplWikiFormat($row['block_name']);
+if ( empty($block_name) )
+$block_name = '&lt;Unnamed&gt;';
+$t = '<span title="Double-click to rename this block" id="sbrename_' . $row['item_id'] . '" ondblclick="ajaxRenameSidebarStage1(this, \''.$row['item_id'].'\'); return false;">' . $block_name . '</span>';
 if($row['item_enabled'] == 0) $t .= ' <span id="disabled_'.$row['item_id'].'" style="color: red;">(disabled)</span>';
 else           $t .= ' <span id="disabled_'.$row['item_id'].'" style="color: red; display: none;">(disabled)</span>';
 $side = ( $row['sidebar_id'] == SIDEBAR_LEFT ) ? SIDEBAR_RIGHT : SIDEBAR_LEFT;
 $tb = '<a title="Enable or disable this block"    href="'.makeUrl($paths->page, 'action=disenable&id='.$row['item_id'].''       , true).'" onclick="ajaxDisenableBlock(\''.$row['item_id'].'\'); return false;"   ><img alt="Enable/disable this block" style="border-width: 0;" src="'.scriptPath.'/images/disenable.png" /></a>
 <a title="Edit the contents of this block" href="'.makeUrl($paths->page, 'action=edit&id='.$row['item_id'].''            , true).'" onclick="ajaxEditBlock(\''.$row['item_id'].'\', this); return false;"><img alt="Edit this block" style="border-width: 0;" src="'.scriptPath.'/images/edit.png" /></a>

changeset 228	b0a4d179be85
parent 195	eec079676fe7
parent 227	0eca1498a77b
child 266	917dcc6c4ceb