Fixed some rather major bugs in the registration system, this will need a release followup
--- a/includes/clientside/static/misc.js Fri Sep 07 16:25:16 2007 -0400
+++ b/includes/clientside/static/misc.js Sat Sep 08 14:02:19 2007 -0400
@@ -584,3 +584,14 @@
}
}
+/**
+ * Validates an e-mail address.
+ * @param string E-mail address
+ * @return bool
+ */
+
+function validateEmail(email)
+{
+ return ( email.match(/^(?:[\w\d]+\.?)+@((?:(?:[\w\d]\-?)+\.)+\w{2,4}|localhost)$/) ) ? true : false;
+}
+
--- a/includes/functions.php Fri Sep 07 16:25:16 2007 -0400
+++ b/includes/functions.php Sat Sep 08 14:02:19 2007 -0400
@@ -512,8 +512,12 @@
function grinding_halt($t, $p)
{
global $db, $session, $paths, $template, $plugins; // Common objects
+
+ if ( !defined('scriptPath') )
+ require( ENANO_ROOT . '/config.php' );
- $db->close();
+ if ( is_object($db) )
+ $db->close();
if ( ob_get_status() )
ob_end_clean();
@@ -2723,6 +2727,18 @@
// kill carriage returns
$html = str_replace("\r", "", $html);
+ // Which tags to strip for JAVASCRIPT PROCESSING ONLY - you can change this if needed
+ $strip_tags = Array('enano:no-opt');
+ $strip_tags = implode('|', $strip_tags);
+
+ // Strip out the tags and replace with placeholders
+ preg_match_all("#<($strip_tags)(.*?)>(.*?)</($strip_tags)>#is", $html, $matches);
+ $seed = md5(microtime() . mt_rand()); // Random value used for placeholders
+ for ($i = 0;$i < sizeof($matches[1]); $i++)
+ {
+ $html = str_replace($matches[0][$i], "{DONT_STRIP_ME_NAKED:$seed:$i}", $html);
+ }
+
// Optimize (but don't obfuscate) Javascript
preg_match_all('/<script(.*?)>(.+?)<\/script>/is', $html, $jscript);
@@ -2786,6 +2802,12 @@
$html = str_replace($jscript[0][$i], $replacement, $html);
}
+ // Re-insert untouchable tags
+ for ($i = 0;$i < sizeof($matches[1]); $i++)
+ {
+ $html = str_replace("{DONT_STRIP_ME_NAKED:$seed:$i}", "<{$matches[1][$i]}{$matches[2][$i]}>{$matches[3][$i]}</{$matches[4][$i]}>", $html);
+ }
+
// Which tags to strip - you can change this if needed
$strip_tags = Array('pre', 'script', 'style', 'enano:no-opt');
$strip_tags = implode('|', $strip_tags);
--- a/includes/template.php Fri Sep 07 16:25:16 2007 -0400
+++ b/includes/template.php Sat Sep 08 14:02:19 2007 -0400
@@ -1629,7 +1629,7 @@
'SIDEBAR_EXTRA'=>'',
'COPYRIGHT'=>'Enano and all of its code, graphics, and more code is copyright © 2006 Dan Fuhry.<br />This program is Free Software; see the file "GPL" included with this package for details.',
'TOOLBAR_EXTRAS'=>'',
- 'REQUEST_URI'=>$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'],
+ 'REQUEST_URI'=>( isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : '' ).$_SERVER['REQUEST_URI'],
'STYLE_LINK'=>$slink,
'LOGOUT_LINK'=>'',
'THEME_LINK'=>'',
--- a/plugins/SpecialUserFuncs.php Fri Sep 07 16:25:16 2007 -0400
+++ b/plugins/SpecialUserFuncs.php Sat Sep 08 14:02:19 2007 -0400
@@ -365,7 +365,7 @@
$s = $session->create_user($_POST['username'], $_POST['password'], $_POST['email'], $_POST['real_name'], $coppa);
}
}
- if($s == 'success' && !isset($coppa))
+ if($s == 'success' && !$coppa)
{
switch(getConfig('account_activation'))
{
@@ -512,108 +512,119 @@
echo '<input type="hidden" name="coppa" value="' . $val . '" />';
?>
</form>
- <script type="text/javascript">
- // <![CDATA[
- var namegood = false;
- function validateForm()
- {
- var frm = document.forms.regform;
- failed = false;
-
- // Username
- if(!namegood)
+ <!-- Don't optimize this script, it fails when compressed -->
+ <enano:no-opt>
+ <script type="text/javascript">
+ // <![CDATA[
+ var namegood = false;
+ function validateForm()
{
- if(frm.username.value.match(/^([A-z0-9 \!@\-\(\)]+){2,}$/ig))
+ var frm = document.forms.regform;
+ failed = false;
+
+ // Username
+ if(!namegood)
{
- document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/unknown.gif';
- document.getElementById('e_username').innerHTML = ''; // '<br /><small><b>Checking availability...</b></small>';
+ if(frm.username.value.match(/^([A-z0-9 \!@\-\(\)]+){2,}$/ig))
+ {
+ document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/unknown.gif';
+ document.getElementById('e_username').innerHTML = ''; // '<br /><small><b>Checking availability...</b></small>';
+ } else {
+ failed = true;
+ document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/bad.gif';
+ document.getElementById('e_username').innerHTML = '<br /><small>Your username must be at least two characters in length and may contain only alphanumeric characters (A-Z and 0-9), spaces, and the following characters: :, !, @, #, *.</small>';
+ }
+ }
+ document.getElementById('b_username').innerHTML = '';
+ if(hex_md5(frm.real_name.value) == '5a397df72678128cf0e8147a2befd5f1')
+ {
+ document.getElementById('b_username').innerHTML = '<br /><br />Hey...I know you!<br /><img alt="" src="http://upload.wikimedia.org/wikipedia/commons/thumb/7/7f/Bill_Gates_2004_cr.jpg/220px-Bill_Gates_2004_cr.jpg" />';
+ }
+
+ // Password
+ if(frm.password.value.match(/^(.+){6,}$/ig) && frm.password_confirm.value.match(/^(.+){6,}$/ig) && frm.password.value == frm.password_confirm.value)
+ {
+ document.getElementById('s_password').src='<?php echo scriptPath; ?>/images/good.gif';
+ document.getElementById('e_password').innerHTML = '<br /><small>The password you entered is valid.</small>';
} else {
failed = true;
- document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/bad.gif';
- document.getElementById('e_username').innerHTML = '<br /><small>Your username must be at least two characters in length and may contain only alphanumeric characters (A-Z and 0-9), spaces, and the following characters: :, !, @, #, *.</small>';
+ if(frm.password.value.length < 6)
+ {
+ document.getElementById('e_password').innerHTML = '<br /><small>Your password must be at least six characters in length.</small>';
+ }
+ else if(frm.password.value != frm.password_confirm.value)
+ {
+ document.getElementById('e_password').innerHTML = '<br /><small>The passwords you entered do not match.</small>';
+ }
+ else
+ {
+ document.getElementById('e_password').innerHTML = '';
+ }
+ document.getElementById('s_password').src='<?php echo scriptPath; ?>/images/bad.gif';
+ }
+
+ // E-mail address
+
+ // workaround for idiot jEdit bug
+ if ( validateEmail(frm.email.value) )
+ {
+ document.getElementById('s_email').src='<?php echo scriptPath; ?>/images/good.gif';
+ } else {
+ failed = true;
+ document.getElementById('s_email').src='<?php echo scriptPath; ?>/images/bad.gif';
+ }
+ if(failed)
+ {
+ frm.submit.disabled = 'disabled';
+ } else {
+ frm.submit.disabled = false;
}
}
- document.getElementById('b_username').innerHTML = '';
- if(hex_md5(frm.real_name.value) == '5a397df72678128cf0e8147a2befd5f1')
- {
- document.getElementById('b_username').innerHTML = '<br /><br />Hey...I know you!<br /><img alt="" src="http://upload.wikimedia.org/wikipedia/commons/thumb/7/7f/Bill_Gates_2004_cr.jpg/220px-Bill_Gates_2004_cr.jpg" />';
- }
-
- // Password
- if(frm.password.value.match(/^(.+){6,}$/ig) && frm.password_confirm.value.match(/^(.+){6,}$/ig) && frm.password.value == frm.password_confirm.value)
+ function checkUsername()
{
- document.getElementById('s_password').src='<?php echo scriptPath; ?>/images/good.gif';
- document.getElementById('e_password').innerHTML = '<br /><small>The password you entered is valid.</small>';
- } else {
- failed = true;
- if(frm.password.value.length < 6)
- document.getElementById('e_password').innerHTML = '<br /><small>Your password must be at least six characters in length.</small>';
- else if(frm.password.value != frm.password_confirm.value)
- document.getElementById('e_password').innerHTML = '<br /><small>The passwords you entered do not match.</small>';
- else
- document.getElementById('e_password').innerHTML = '';
- document.getElementById('s_password').src='<?php echo scriptPath; ?>/images/bad.gif';
- }
-
- // E-mail address
- if(frm.email.value.match(/^(?:[\w\d]+\.?)+@(?:(?:[\w\d]\-?)+\.)+\w{2,4}$/))
- {
- document.getElementById('s_email').src='<?php echo scriptPath; ?>/images/good.gif';
- } else {
- failed = true;
- document.getElementById('s_email').src='<?php echo scriptPath; ?>/images/bad.gif';
- }
- if(failed)
- {
- frm.submit.disabled = 'disabled';
- } else {
- frm.submit.disabled = false;
+ var frm = document.forms.regform;
+
+ if(!namegood)
+ {
+ if(frm.username.value.match(/^([A-z0-9 \.:\!@\#\*]+){2,}$/ig))
+ {
+ document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/unknown.gif';
+ document.getElementById('e_username').innerHTML = '';
+ } else {
+ document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/bad.gif';
+ document.getElementById('e_username').innerHTML = '<br /><small>Your username must be at least two characters in length and may contain only alphanumeric characters (A-Z and 0-9), spaces, and the following characters: :, !, @, #, *.</small>';
+ return false;
+ }
+ }
+
+ document.getElementById('e_username').innerHTML = '<br /><small><b>Checking availability...</b></small>';
+ ajaxGet('<?php echo scriptPath; ?>/ajax.php?title=null&_mode=checkusername&name='+escape(frm.username.value), function() {
+ if(ajax.readyState == 4)
+ if(ajax.responseText == 'good')
+ {
+ document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/good.gif';
+ document.getElementById('e_username').innerHTML = '<br /><small><b>This username is available.</b></small>';
+ namegood = true;
+ } else if(ajax.responseText == 'bad') {
+ document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/bad.gif';
+ document.getElementById('e_username').innerHTML = '<br /><small><b>Error: that username is already taken.</b></small>';
+ namegood = false;
+ } else {
+ document.getElementById('e_username').innerHTML = ajax.responseText;
+ }
+ });
}
- }
- function checkUsername()
- {
- var frm = document.forms.regform;
-
- if(!namegood)
+ function regenCaptcha()
{
- if(frm.username.value.match(/^([A-z0-9 \.:\!@\#\*]+){2,}$/ig))
- {
- document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/unknown.gif';
- document.getElementById('e_username').innerHTML = '';
- } else {
- document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/bad.gif';
- document.getElementById('e_username').innerHTML = '<br /><small>Your username must be at least two characters in length and may contain only alphanumeric characters (A-Z and 0-9), spaces, and the following characters: :, !, @, #, *.</small>';
- return false;
- }
+ var frm = document.forms.regform;
+ document.getElementById('captchaimg').src = '<?php echo makeUrlNS("Special", "Captcha/"); ?>'+frm.captchahash.value+'/'+Math.floor(Math.random() * 100000);
+ return false;
}
-
- document.getElementById('e_username').innerHTML = '<br /><small><b>Checking availability...</b></small>';
- ajaxGet('<?php echo scriptPath; ?>/ajax.php?title=null&_mode=checkusername&name='+escape(frm.username.value), function() {
- if(ajax.readyState == 4)
- if(ajax.responseText == 'good')
- {
- document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/good.gif';
- document.getElementById('e_username').innerHTML = '<br /><small><b>This username is available.</b></small>';
- namegood = true;
- } else if(ajax.responseText == 'bad') {
- document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/bad.gif';
- document.getElementById('e_username').innerHTML = '<br /><small><b>Error: that username is already taken.</b></small>';
- namegood = false;
- } else {
- document.getElementById('e_username').innerHTML = ajax.responseText;
- }
- });
- }
- function regenCaptcha()
- {
- var frm = document.forms.regform;
- document.getElementById('captchaimg').src = '<?php echo makeUrlNS("Special", "Captcha/"); ?>'+frm.captchahash.value+'/'+Math.floor(Math.random() * 100000);
- return false;
- }
- validateForm();
- setTimeout('checkUsername();', 1000);
- // ]]>
- </script>
+ validateForm();
+ setTimeout('checkUsername();', 1000);
+ // ]]>
+ </script>
+ </enano:no-opt>
<?php
}
else