# HG changeset patch
# User Dan
# Date 1249082148 14400
# Node ID d54e7620bd3e12d879aa66de82cea4a69908ba06
# Parent  4bcefa85649c90acde87205e9de446af9ee94a2f# Parent  5a34101dfcf9fdfe72d335dee8e559230c50a4c7
Merged development from Scribus and Charlie

diff -r 4bcefa85649c -r d54e7620bd3e includes/functions.php
--- a/includes/functions.php	Fri Jul 17 20:48:53 2009 -0400
+++ b/includes/functions.php	Fri Jul 31 19:15:48 2009 -0400
@@ -2512,7 +2512,7 @@
   // Remove character escapes
   $page_id = dirtify_page_id($page_id);
 
-  $pid_clean = preg_replace('/[\w\.\/:;\(\)@\[\]_-]/', 'X', $page_id);
+  $pid_clean = preg_replace('/[\w\.\/:;\(\)@\[\]=_-]/', 'X', $page_id);
   $pid_dirty = enano_str_split($pid_clean, 1);
   
   foreach ( $pid_dirty as $id => $char )
@@ -2577,7 +2577,7 @@
     $char = strtolower($char);
     $char = intval(hexdec($char));
     $char = chr($char);
-    if ( preg_match('/^[\w\.\/:;\(\)@\[\]_-]$/', $char) )
+    if ( preg_match('/^[\w\.\/:;\(\)@\[\]=_-]$/', $char) )
       continue;
     $page_id = str_replace($matches[0][$id], $char, $page_id);
   }
diff -r 4bcefa85649c -r d54e7620bd3e includes/namespaces/user.php
--- a/includes/namespaces/user.php	Fri Jul 17 20:48:53 2009 -0400
+++ b/includes/namespaces/user.php	Fri Jul 31 19:15:48 2009 -0400
@@ -23,7 +23,7 @@
     
     if ( ( $this->title == str_replace('_', ' ', $this->page_id) || $this->title == $paths->nslist['User'] . str_replace('_', ' ', $this->page_id) ) || !$this->exists )
     {
-      $this->title = $lang->get('userpage_page_title', array('username' => $this->page_id));
+      $this->title = $lang->get('userpage_page_title', array('username' => str_replace('_', ' ', dirtify_page_id($this->page_id))));
       $this->cdata['name'] = $this->title;
     }
     
diff -r 4bcefa85649c -r d54e7620bd3e includes/sessions.php
--- a/includes/sessions.php	Fri Jul 17 20:48:53 2009 -0400
+++ b/includes/sessions.php	Fri Jul 31 19:15:48 2009 -0400
@@ -698,11 +698,12 @@
     
     // Retrieve the real password from the database
     $username_db = $db->escape(strtolower($username));
+    $username_db_upper = $db->escape($username);
     if ( !$db->sql_query('SELECT password,password_salt,old_encryption,user_id,user_level,temp_password,temp_password_time FROM '.table_prefix."users\n"
-                       . "  WHERE " . ENANO_SQLFUNC_LOWERCASE . "(username) = '$username_db';") )
+                       . "  WHERE ( " . ENANO_SQLFUNC_LOWERCASE . "(username) = '$username_db' OR username = '$username_db_upper' );") )
     {
       $this->sql('SELECT password,\'\' AS password_salt,old_encryption,user_id,user_level,temp_password,temp_password_time FROM '.table_prefix."users\n"
-               . "  WHERE " . ENANO_SQLFUNC_LOWERCASE . "(username) = '$username_db';");
+               . "  WHERE ( " . ENANO_SQLFUNC_LOWERCASE . "(username) = '$username_db' OR username = '$username_db_upper' );");
     }
     if ( $db->numrows() < 1 )
     {
diff -r 4bcefa85649c -r d54e7620bd3e includes/template.php
--- a/includes/template.php	Fri Jul 17 20:48:53 2009 -0400
+++ b/includes/template.php	Fri Jul 31 19:15:48 2009 -0400
@@ -22,6 +22,7 @@
   var $page_id = false;
   var $namespace = false;
   var $js_preload = array();
+  var $js_append = '';
   
   /**
    * Page action conditions
@@ -470,6 +471,16 @@
   }
   
   /**
+   * Queue some HTML to be inserted after the Javascript runtime.
+   * @param string HTML glob
+   */
+  
+  function add_header_js($html)
+  {
+    $this->js_append .= "$html\n    ";
+  }
+  
+  /**
    * Global, only-called-once init. Goes to all themes.
    */
   
@@ -557,6 +568,7 @@
         window.onload = function(e) {  };
       }
     </script>
+    $this->js_append
 JSEOF;
     }
     else
@@ -604,6 +616,7 @@
         window.onload = function(e) {  };
       }
     //]]></script>
+    $this->js_append
 JSEOF;
     }
   
@@ -1757,7 +1770,7 @@
         $params = false;
       $escape = !empty($escape);
       
-      $result = makeUrlNS($namespace, $page_id, $params, $escape);
+      $result = makeUrlNS($namespace, sanitize_page_id($page_id), $params, $escape);
       
       if ( !$post_eval )
       {
diff -r 4bcefa85649c -r d54e7620bd3e language/english/user.json
--- a/language/english/user.json	Fri Jul 17 20:48:53 2009 -0400
+++ b/language/english/user.json	Fri Jul 31 19:15:48 2009 -0400
@@ -271,10 +271,7 @@
       
       // CP home
       intro_heading_main: '%username%, welcome to your control panel',
-      intro_para1: 'Here you can make changes to your profile, view statistics on yourself on this site, and set your preferences.',
-      intro_para2: 'Your <a href="%userpage_link%">user page</a> <sup>(<a href="%userpage_link%#do:comments">comments</a>)</sup> is your free writing space. You can use it to tell the other members of this site a little bit about yourself. If you haven\'t already made a user page, why not <a href="%userpage_link%#do:edit">make one now</a>?',
-      intro_para3: 'Use the menu at the top to navigate around. If you have any questions, you may contact the %admin_contact_link%.',
-      intro_para3_admin_link: 'administrator',
+      intro: '<p>Your User Control Panel lets you change settings on the site.</p><p>If you haven\'t created a <a href="%userpage_link%">user page</a> yet, consider doing so - it\'s your free writing space. It\'s also where information you put on this page can be viewed by others. People can also leave <a href="%userpage_link%#do:comments">comments</a> on your user page.</p>',
       
       // E-mail / password change form
       emailpassword_title: 'Change E-mail Address or Password',
diff -r 4bcefa85649c -r d54e7620bd3e plugins/SpecialUpdownload.php
--- a/plugins/SpecialUpdownload.php	Fri Jul 17 20:48:53 2009 -0400
+++ b/plugins/SpecialUpdownload.php	Fri Jul 31 19:15:48 2009 -0400
@@ -196,9 +196,9 @@
   global $db, $session, $paths, $template, $plugins; // Common objects
   global $lang;
   global $do_gzip;
-  $filename = rawurldecode($paths->getParam(0));
+  $filename = $paths->getParam(0);
   $timeid = $paths->getParam(1);
-  if ( $timeid && preg_match('#^([0-9]+)$#', (string)$timeid) )
+  if ( $timeid && ctype_digit((string)$timeid) )
   {
     $tid = ' AND time_id='.$timeid;
   }
@@ -243,7 +243,13 @@
     // Determine appropriate width and height
     $width  = ( isset($_GET['width'])  ) ? intval($_GET['width'] ) : 320;
     $height = ( isset($_GET['height']) ) ? intval($_GET['height']) : 320;
-    $cache_filename = ENANO_ROOT . "/cache/{$filename}-{$row['time_id']}-{$width}x{$height}{$row['file_extension']}";
+    
+    // 1.1.7: allow different format output
+    $extension = $row['file_extension'];
+    if ( isset($_GET['fmt']) && in_array($_GET['fmt'], array('png', 'jpg')) )
+      $extension = ".{$_GET['fmt']}";
+    
+    $cache_filename = ENANO_ROOT . "/cache/{$filename}-{$row['time_id']}-{$width}x{$height}$extension";
     if ( file_exists($cache_filename) )
     {
       $fname = $cache_filename;
diff -r 4bcefa85649c -r d54e7620bd3e plugins/SpecialUserPrefs.php
--- a/plugins/SpecialUserPrefs.php	Fri Jul 17 20:48:53 2009 -0400
+++ b/plugins/SpecialUserPrefs.php	Fri Jul 31 19:15:48 2009 -0400
@@ -116,7 +116,7 @@
   
   userprefs_menu_add('usercp_sec_profile', 'usercp_sec_profile_emailpassword', makeUrlNS('Special', 'Preferences/EmailPassword') . '" onclick="ajaxLoginNavTo(\'Special\', \'Preferences/EmailPassword\', '.USER_LEVEL_CHPREF.'); return false;');
   userprefs_menu_add('usercp_sec_profile', 'usercp_sec_profile_signature', makeUrlNS('Special', 'Preferences/Signature'));
-  userprefs_menu_add('usercp_sec_profile', 'usercp_sec_profile_publicinfo', makeUrlNS('Special', 'Preferences/Profile'));
+  // userprefs_menu_add('usercp_sec_profile', 'usercp_sec_profile_publicinfo', makeUrlNS('Special', 'Preferences/Profile'));
   userprefs_menu_add('usercp_sec_profile', 'usercp_sec_profile_usergroups', makeUrlNS('Special', 'Usergroups'));
   if ( getConfig('avatar_enable') == '1' )
   {
@@ -299,19 +299,6 @@
   
   switch ( $section )
   {
-    case 'Home':
-      global $email;
-      $userpage_id = $paths->nslist['User'] . sanitize_page_id($session->username);
-      $userpage_exists = ( isPage($userpage_id) ) ? '' : ' class="wikilink-nonexistent"';
-      $user_page = makeUrlNS('User', sanitize_page_id($session->username));
-      $site_admin = $email->encryptEmail(getConfig('contact_email'), '', '', $lang->get('usercp_intro_para3_admin_link'));
-      
-      echo '<h3 style="margin-top: 0;">' . $lang->get('usercp_intro_heading_main', array('username' => $session->username)) . '</h3>';
-      
-      echo '<p>' . $lang->get('usercp_intro_para1') . '</p>
-            <p>' . $lang->get('usercp_intro_para2', array('userpage_link' => $user_page)) . '</p>
-            <p>' . $lang->get('usercp_intro_para3', array('admin_contact_link' => $site_admin)) . '</p>';
-      break;
     case 'EmailPassword':
       
       $errors = trim($errors);
@@ -380,6 +367,18 @@
       echo '</form>';
       break;
     case "Profile":
+    case 'Home':
+      
+      global $email;
+      $userpage_id = $paths->nslist['User'] . sanitize_page_id($session->username);
+      $userpage_exists = ( isPage($userpage_id) ) ? '' : ' class="wikilink-nonexistent"';
+      $user_page = makeUrlNS('User', sanitize_page_id($session->username));
+      $site_admin = $email->encryptEmail(getConfig('contact_email'), '', '', $lang->get('usercp_intro_para3_admin_link'));
+      
+      echo '<h3 style="margin-top: 0;">' . $lang->get('usercp_intro_heading_main', array('username' => $session->username)) . '</h3>';
+      
+      echo  $lang->get('usercp_intro', array('userpage_link' => $user_page));
+      
       $available_ranks = $session->get_user_possible_ranks($session->user_id);
       $current_rank = $session->get_user_rank($session->user_id);