Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
authorDan
Tue, 10 Jul 2007 11:59:02 -0400
changeset 60 71b50f8c8f85
parent 59 7c4a851fb5c5
child 61 e9708657875a
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
includes/clientside/static/ajax.js
includes/clientside/static/misc.js
includes/template.php
plugins/SpecialUserFuncs.php
schema.sql
themes/oxygen/css/mint.css
upgrade.sql
--- a/includes/clientside/static/ajax.js	Tue Jul 10 03:38:19 2007 -0400
+++ b/includes/clientside/static/ajax.js	Tue Jul 10 11:59:02 2007 -0400
@@ -783,7 +783,27 @@
     return true;
   ajaxPromptAdminAuth(function(k) {
       window.location.reload();
-    }, 2);
+    }, USER_LEVEL_MEMBER);
+}
+
+function ajaxStartAdminLogin()
+{
+  // IE <6 pseudo-compatibility
+  if ( KILL_SWITCH )
+    return true;
+  if ( auth_level < USER_LEVEL_ADMIN )
+  {
+    ajaxPromptAdminAuth(function(k) {
+      ENANO_SID = k;
+      auth_level = USER_LEVEL_ADMIN;
+      var loc = makeUrlNS('Special', 'Administration');
+      if ( (ENANO_SID + ' ').length > 1 )
+        window.location = loc;
+    }, USER_LEVEL_ADMIN);
+    return false;
+  }
+  var loc = makeUrlNS('Special', 'Administration');
+  window.location = loc;
 }
 
 function ajaxAdminPage()
--- a/includes/clientside/static/misc.js	Tue Jul 10 03:38:19 2007 -0400
+++ b/includes/clientside/static/misc.js	Tue Jul 10 11:59:02 2007 -0400
@@ -300,14 +300,15 @@
     ajax_auth_prompt_cache = call_on_ok;
   }
   if ( !level )
-    level = 2;
+    level = USER_LEVEL_MEMBER;
   ajax_auth_level_cache = level;
   var loading_win = '<div align="center" style="text-align: center;"> \
       <p>Fetching an encryption key...</p> \
       <p><small>Not working? Use the <a href="'+makeUrlNS('Special', 'Login/' + title)+'">alternate login form</a>.</p> \
       <p><img alt="Please wait..." src="'+scriptPath+'/images/loading-big.gif" /></p> \
     </div>';
-  ajax_auth_mb_cache = new messagebox(MB_OKCANCEL|MB_ICONLOCK, 'Please enter your username and password to continue.', loading_win);
+  var title = ( level > USER_LEVEL_MEMBER ) ? 'You are requesting a sensitive operation.' : 'Please enter your username and password to continue.';
+  ajax_auth_mb_cache = new messagebox(MB_OKCANCEL|MB_ICONLOCK, title, loading_win);
   ajax_auth_mb_cache.onbeforeclick['OK'] = ajaxValidateLogin;
   ajaxAuthLoginInnerSetup();
 }
@@ -324,7 +325,13 @@
           return false;
         }
         response = parseJSON(response);
-        var form_html = ' \
+        var level = ajax_auth_level_cache;
+        var form_html = '';
+        if ( level > USER_LEVEL_MEMBER )
+        {
+          form_html += 'Please re-enter your login details, to verify your identity.<br /><br />';
+        }
+        form_html += ' \
           <table border="0" align="center"> \
             <tr> \
               <td>Username:</td><td><input tabindex="1" id="ajaxlogin_user" type="text"     size="25" /> \
@@ -334,9 +341,14 @@
             </tr> \
             <tr> \
               <td colspan="2" style="text-align: center;"> \
-                <br /><small>Trouble logging in? Try the <a href="'+makeUrlNS('Special', 'Login/' + title)+'">full login form</a>.<br /> \
+                <br /><small>Trouble logging in? Try the <a href="'+makeUrlNS('Special', 'Login/' + title)+'">full login form</a>.<br />';
+       if ( level <= USER_LEVEL_MEMBER )
+       {
+         form_html += ' \
                 Did you <a href="'+makeUrlNS('Special', 'PasswordReset')+'">forget your password</a>?<br /> \
-                Maybe you need to <a href="'+makeUrlNS('Special', 'Register')+'">create an account</a>.</small> \
+                Maybe you need to <a href="'+makeUrlNS('Special', 'Register')+'">create an account</a>.</small>';
+       }
+       form_html += ' \
               </td> \
             </tr> \
           </table> \
@@ -345,7 +357,15 @@
         </form>';
         ajax_auth_mb_cache.updateContent(form_html);
         $('messageBox').object.nextSibling.firstChild.tabindex = '3';
-        $('ajaxlogin_user').object.focus();
+        if ( typeof(response.username) == 'string' )
+        {
+          $('ajaxlogin_user').object.value = response.username;
+          $('ajaxlogin_pass').object.focus();
+        }
+        else
+        {
+          $('ajaxlogin_user').object.focus();
+        }
         $('ajaxlogin_pass').object.onblur = function(e) { if ( !shift ) $('messageBox').object.nextSibling.firstChild.focus(); };
         $('ajaxlogin_pass').object.onkeypress = function(e) { if ( !e && IE ) return true; if ( e.keyCode == 13 ) $('messageBox').object.nextSibling.firstChild.click(); };
       }
--- a/includes/template.php	Tue Jul 10 03:38:19 2007 -0400
+++ b/includes/template.php	Tue Jul 10 11:59:02 2007 -0400
@@ -665,6 +665,14 @@
     
     $theme_link = $parser->run();
     
+    $parser->assign_vars(Array(
+        'HREF'=>makeUrlNS('Special', 'Administration'),
+        'FLAGS'=>'onclick="if ( !KILL_SWITCH ) { void(ajaxStartAdminLogin()); return false; }"',
+        'TEXT'=>'Administration',
+      ));
+    
+    $admin_link = $parser->run();
+    
     $SID = ($session->sid_super) ? $session->sid_super : '';
     
     $urlname_clean = str_replace('\'', '\\\'', str_replace('\\', '\\\\', dirtify_page_id($paths->fullpage)));
@@ -733,6 +741,7 @@
       'STYLE_LINK'=>makeUrlNS('Special', 'CSS'.$p, null, true), //contentPath.$paths->nslist['Special'].'CSS' . $p,
       'LOGIN_LINK'=>$login_link,
       'LOGOUT_LINK'=>$logout_link,
+      'ADMIN_LINK'=>$admin_link,
       'THEME_LINK'=>$theme_link,
       'TEMPLATE_DIR'=>scriptPath.'/themes/'.$this->theme,
       'THEME_ID'=>$this->theme,
@@ -1176,7 +1185,7 @@
     $parser1 = $this->makeParserText($tplvars['sidebar_section']);
     $parser2 = $this->makeParserText($tplvars['sidebar_section_raw']);
                             
-    preg_match_all('#\{slider(2|)=(.*?)\}(.*?)\{\/slider(2|)\}#is',  $message, $sb);
+    preg_match_all('#\{slider(2|)=([^\}]*?)\}(.*?)\{\/slider(2|)\}#is',  $message, $sb);
     
     // Modified to support the sweet new template var system
     for($i=0;$i<sizeof($sb[1]);$i++)
--- a/plugins/SpecialUserFuncs.php	Tue Jul 10 03:38:19 2007 -0400
+++ b/plugins/SpecialUserFuncs.php	Tue Jul 10 11:59:02 2007 -0400
@@ -99,7 +99,9 @@
   
   if ( isset($_GET['act']) && $_GET['act'] == 'getkey' )
   {
+    $username = ( $session->user_logged_in ) ? $session->username : false;
     $response = Array(
+      'username' => $username,
       'key' => $pubkey,
       'challenge' => $challenge
       );
--- a/schema.sql	Tue Jul 10 03:38:19 2007 -0400
+++ b/schema.sql	Tue Jul 10 11:59:02 2007 -0400
@@ -279,7 +279,7 @@
 
 INSERT INTO {{TABLE_PREFIX}}sidebar(item_id, item_order, sidebar_id, block_name, block_type, block_content) VALUES
   (1, 1, 1, 'Navigation', 1, '[[Main Page|Home]]'),
-  (2, 2, 1, 'Tools', 1, '[[$NS_SPECIAL$CreatePage|Create a page]]\n[[$NS_SPECIAL$UploadFile|Upload file]]\n[[$NS_SPECIAL$SpecialPages|Special pages]]\n{if auth_admin}\n[[$NS_SPECIAL$EditSidebar|Edit the sidebar]]\n[[$NS_SPECIAL$Administration|Administration]]\n{/if}'),
+  (2, 2, 1, 'Tools', 1, '[[$NS_SPECIAL$CreatePage|Create a page]]\n[[$NS_SPECIAL$UploadFile|Upload file]]\n[[$NS_SPECIAL$SpecialPages|Special pages]]\n{if auth_admin}\n[[$NS_SPECIAL$EditSidebar|Edit the sidebar]]\n$ADMIN_LINK$\n{/if}'),
   (3, 3, 1, '$USERNAME$', 1, '[[$NS_USER$$USERNAME$|User page]]\n[[$NS_SPECIAL$Contributions/$USERNAME$|My Contributions]]\n{if user_logged_in}\n[[$NS_SPECIAL$Preferences|Preferences]]\n[[$NS_SPECIAL$PrivateMessages|Private messages]]\n[[$NS_SPECIAL$Usergroups|Group control panel]]\n$THEME_LINK$\n{/if}\n{if user_logged_in}\n$LOGOUT_LINK$\n{else}\n[[$NS_SPECIAL$Register|Create an account]]\n$LOGIN_LINK$\n[[$NS_SPECIAL$Login/$NS_SPECIAL$PrivateMessages|Private messages]]\n{/if}'),
   (4, 4, 1, 'Search', 1, '<div class="slideblock2" style="padding: 0px;"><form action="$SCRIPTPATH$/$NS_SPECIAL$Search" method="get" style="padding: 0; margin: 0;"><p><input name="q" alt="Search box" type="text" size="10" style="width: 70%" /> <input type="submit" value="Go" style="width: 20%" /></p></form></div>'),
   (5, 2, 2, 'Links', 4, 'Links');
--- a/themes/oxygen/css/mint.css	Tue Jul 10 03:38:19 2007 -0400
+++ b/themes/oxygen/css/mint.css	Tue Jul 10 11:59:02 2007 -0400
@@ -90,6 +90,9 @@
   font-size: 7pt;
   border-width: 0;
 }
+.menu_bg {
+  background-color: #B0F0D0;
+}
 div.menu a, div.menu div.label {
   padding: 2.5pt 5px;
   margin-right: 3px;
@@ -103,6 +106,7 @@
   margin-right: 3px;
   text-decoration: none;
   display: block;
+  float: left;
   color: #408060;
 }
 div.menu div.label, div.menu_nojs div.label {
@@ -128,7 +132,7 @@
 div.menu input[type ^="text"], div.menu input[type ^="password"], div.menu_nojs input[type ^="text"], div.menu_nojs input[type ^="password"] {
   border-width: 0;
   font-size: 9pt;
-  padding: 4px 5px;
+  padding: 2px 5px 3px 5px;
   max-width: 70px;
   background-color: #D0FFF0;
 }
@@ -148,7 +152,7 @@
   color: #004000;
   background-color: #FFFFFF;
 }
-div.menu ul {
+div.menu ul, div.menu_nojs ul {
   display: none;
   position: absolute;
   padding: 0;
@@ -157,6 +161,7 @@
   border-width: 0;
   min-width: 120px;
 }
+/*
 div.menu_nojs ul {
   display: block;
   padding: 0;
@@ -165,6 +170,7 @@
   border-width: 0;
   min-width: 120px;
 }
+*/
 div.menu ul li, div.menu_nojs ul li {
   list-style: none;
 }
@@ -231,11 +237,11 @@
 .catCheck:hover                   { padding: 3px; background-color: #F0F0F0; }
 
 /* Information, warning, question, error, and wait boxes */
-div.error-box                     { background-image: url(../../../images/error.png);    background-repeat: no-repeat; background-color: #FFF4F4; border: 1px dashed #408060; padding: 10px 10px 10px 50px; margin: 1em 0 0 1em; min-height: 25px; }
-div.info-box                      { background-image: url(../../../images/info.png);     background-repeat: no-repeat; background-color: #F4FFF4; border: 1px dashed #408060; padding: 10px 10px 10px 50px; margin: 1em 0 0 1em; min-height: 25px; }
-div.warning-box                   { background-image: url(../../../images/warning.png);  background-repeat: no-repeat; background-color: #FFF4FF; border: 1px dashed #408060; padding: 10px 10px 10px 50px; margin: 1em 0 0 1em; min-height: 25px; }
-div.question-box                  { background-image: url(../../../images/question.png); background-repeat: no-repeat; background-color: #F4F4FF; border: 1px dashed #408060; padding: 10px 10px 10px 50px; margin: 1em 0 0 1em; min-height: 25px; }
-div.wait-box                      { background-image: url(../../../images/wait.png);     background-repeat: no-repeat; background-color: #FFFFF4; border: 1px dashed #408060; padding: 10px 10px 10px 50px; margin: 1em 0 0 1em; min-height: 25px; }
+div.error-box                     { background-image: url(../../../images/error.png);    background-position: 8px 8px; background-repeat: no-repeat; background-color: #FFF4F4; border: 1px dashed #408060; padding: 10px 10px 10px 50px; margin: 1em 0 0 1em; min-height: 25px; }
+div.info-box                      { background-image: url(../../../images/info.png);     background-position: 8px 8px; background-repeat: no-repeat; background-color: #F4FFF4; border: 1px dashed #408060; padding: 10px 10px 10px 50px; margin: 1em 0 0 1em; min-height: 25px; }
+div.warning-box                   { background-image: url(../../../images/warning.png);  background-position: 8px 8px; background-repeat: no-repeat; background-color: #FFF4FF; border: 1px dashed #408060; padding: 10px 10px 10px 50px; margin: 1em 0 0 1em; min-height: 25px; }
+div.question-box                  { background-image: url(../../../images/question.png); background-position: 8px 8px; background-repeat: no-repeat; background-color: #F4F4FF; border: 1px dashed #408060; padding: 10px 10px 10px 50px; margin: 1em 0 0 1em; min-height: 25px; }
+div.wait-box                      { background-image: url(../../../images/wait.png);     background-position: 8px 8px; background-repeat: no-repeat; background-color: #FFFFF4; border: 1px dashed #408060; padding: 10px 10px 10px 50px; margin: 1em 0 0 1em; min-height: 25px; }
 
 /* This stuff is mostly unused, left in for compatibility */
 div#ajaxEditContainer table       { border: 0px solid #FFFFFF; }
@@ -243,13 +249,6 @@
 /* div#ajaxEditContainer             { overflow: auto; } /* Makes ajaxEditContainer scroll horizontally in firefox if the content is too wide - prevents that ugly clipping effect */
 div#ajaxEditContainer pre         { margin-left: 1em; background-color: #F8F8F8; border: 1px dashed #90D0B0; padding: 10px; overflow: auto; max-height: 150px; }
 
-/* Tables where diffs are shown */
-table.diff, td.diff-otitle, td.diff-ntitle { background-color: white; }
-td.diff-addedline { background: #cfc; font-size: smaller; }
-td.diff-deletedline { background: #ffa; font-size: smaller; }
-td.diff-context { background: #eee; font-size: smaller; }
-span.diffchange { color: red; font-weight: bold; }
-
 /* toolbar */
 div.toolbar {
   border-bottom: 1px solid #909090;
--- a/upgrade.sql	Tue Jul 10 03:38:19 2007 -0400
+++ b/upgrade.sql	Tue Jul 10 11:59:02 2007 -0400
@@ -6,6 +6,7 @@
 INSERT INTO {{TABLE_PREFIX}}config (config_name, config_value) VALUES( 'enano_version', '1.0' );
 ---BEGIN 1.0RC3---
 ALTER TABLE {{TABLE_PREFIX}}users ADD COLUMN user_coppa tinyint(1) NOT NULL DEFAULT 0;
+UPDATE {{TABLE_PREFIX}}sidebar SET block_content='[[$NS_SPECIAL$CreatePage|Create a page]]\n[[$NS_SPECIAL$UploadFile|Upload file]]\n[[$NS_SPECIAL$SpecialPages|Special pages]]\n{if auth_admin}\n[[$NS_SPECIAL$EditSidebar|Edit the sidebar]]\n$ADMIN_LINK$\n{/if}' WHERE block_id=2;
 UPDATE {{TABLE_PREFIX}}sidebar SET block_content='[[User:$USERNAME$|User page]]\n[[Special:Contributions/$USERNAME$|My Contributions]]\n{if user_logged_in}\n[[$NS_SPECIAL$Preferences|Preferences]]\n[[Special:PrivateMessages|Private messages ($UNREAD_PMS$)]]\n[[Special:Usergroups|Group control panel]]\n$THEME_LINK$\n{/if}\n{if user_logged_in}\n$LOGOUT_LINK$\n{else}\n[[Special:Register|Create an account]]\n$LOGIN_LINK$\n[[Special:Login/Special:PrivateMessages|Private messages]]\n{/if}' WHERE item_id=3;
 -- Updated PHP-ized search box
 -- block_type=3: 3 = BLOCK_PHP
@@ -19,6 +20,8 @@
 UPDATE {{TABLE_PREFIX}}groups SET system_group=1 WHERE group_id=1 OR group_id=2;
 INSERT INTO {{TABLE_PREFIX}}groups(group_id,group_name,group_type,system_group) VALUES(3, 'Moderators', 3, 1);
 ALTER TABLE {{TABLE_PREFIX}}privmsgs ADD COLUMN message_read tinyint(1) NOT NULL DEFAULT 0;
+-- Reset default user's theme to Oxygen, to emphasize stable release
+UPDATE {{TABLE_PREFIX}}users SET theme='oxygen',style='bleu' WHERE user_id=1 OR user_id=2;
 -- ...and add the associated ACL rule
 INSERT INTO {{TABLE_PREFIX}}acl(target_type,target_id,page_id,namespace,rules) VALUES(1,3,NULL,NULL,'read=4;post_comments=4;edit_comments=4;edit_page=4;view_source=4;mod_comments=4;history_view=4;history_rollback=4;history_rollback_extra=4;protect=4;rename=3;clear_logs=2;vote_delete=4;vote_reset=4;delete_page=4;set_wiki_mode=2;password_set=2;password_reset=2;mod_misc=2;edit_cat=4;even_when_protected=4;upload_files=2;upload_new_version=3;create_page=3;php_in_pages=2;edit_acl=2;');
 -- Create table with extra user information