0
+ − 1 <?php
+ − 2 /*
+ − 3 Plugin Name: Special user/login-related pages
23
+ − 4 Plugin URI: http://enanocms.org/
0
+ − 5 Description: Provides the pages Special:Login, Special:Logout, Special:Register, and Special:Preferences.
+ − 6 Author: Dan Fuhry
85
7c68a18a27be
AJAX comments are now paginated; plugin manager can now show system plugins; typo in installer corrected; links in oxygen/stpatty/admin footers changed to "About Enano" page; 1.0.1 release candidate
Dan
diff
changeset
+ − 7 Version: 1.0.1
23
+ − 8 Author URI: http://enanocms.org/
0
+ − 9 */
+ − 10
+ − 11 /*
+ − 12 * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
+ − 13 * Version 1.0 release candidate 2
+ − 14 * Copyright (C) 2006-2007 Dan Fuhry
+ − 15 *
+ − 16 * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
+ − 17 * as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
+ − 18 *
+ − 19 * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ − 20 * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
+ − 21 */
+ − 22
+ − 23 global $db, $session, $paths, $template, $plugins; // Common objects
+ − 24
+ − 25 $plugins->attachHook('base_classes_initted', '
+ − 26 global $paths;
+ − 27 $paths->add_page(Array(
+ − 28 \'name\'=>\'Log in\',
+ − 29 \'urlname\'=>\'Login\',
+ − 30 \'namespace\'=>\'Special\',
+ − 31 \'special\'=>0,\'visible\'=>1,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\',
+ − 32 ));
+ − 33 $paths->add_page(Array(
+ − 34 \'name\'=>\'Log out\',
+ − 35 \'urlname\'=>\'Logout\',
+ − 36 \'namespace\'=>\'Special\',
+ − 37 \'special\'=>0,\'visible\'=>1,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\',
+ − 38 ));
+ − 39 $paths->add_page(Array(
+ − 40 \'name\'=>\'Register\',
+ − 41 \'urlname\'=>\'Register\',
+ − 42 \'namespace\'=>\'Special\',
+ − 43 \'special\'=>0,\'visible\'=>1,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\',
+ − 44 ));
+ − 45 $paths->add_page(Array(
+ − 46 \'name\'=>\'Edit Profile\',
+ − 47 \'urlname\'=>\'Preferences\',
+ − 48 \'namespace\'=>\'Special\',
+ − 49 \'special\'=>0,\'visible\'=>1,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\',
+ − 50 ));
+ − 51
+ − 52 $paths->add_page(Array(
+ − 53 \'name\'=>\'Contributions\',
+ − 54 \'urlname\'=>\'Contributions\',
+ − 55 \'namespace\'=>\'Special\',
+ − 56 \'special\'=>0,\'visible\'=>1,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\',
+ − 57 ));
+ − 58
+ − 59 $paths->add_page(Array(
+ − 60 \'name\'=>\'Change style\',
+ − 61 \'urlname\'=>\'ChangeStyle\',
+ − 62 \'namespace\'=>\'Special\',
+ − 63 \'special\'=>0,\'visible\'=>1,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\',
+ − 64 ));
+ − 65
+ − 66 $paths->add_page(Array(
+ − 67 \'name\'=>\'Activate user account\',
+ − 68 \'urlname\'=>\'ActivateAccount\',
+ − 69 \'namespace\'=>\'Special\',
116
77c75179bb95
Made most special pages "visible"; fixup for non-existent special page redirect in paths.php; rewrote Special:AllPages to have pagination (WiP, Special:SpecialPages is possibly next, depending on whether paginate_array works or not)
Dan
diff
changeset
+ − 70 \'special\'=>0,\'visible\'=>1,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\',
0
+ − 71 ));
+ − 72
+ − 73 $paths->add_page(Array(
+ − 74 \'name\'=>\'Captcha\',
+ − 75 \'urlname\'=>\'Captcha\',
+ − 76 \'namespace\'=>\'Special\',
116
77c75179bb95
Made most special pages "visible"; fixup for non-existent special page redirect in paths.php; rewrote Special:AllPages to have pagination (WiP, Special:SpecialPages is possibly next, depending on whether paginate_array works or not)
Dan
diff
changeset
+ − 77 \'special\'=>0,\'visible\'=>1,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\',
0
+ − 78 ));
+ − 79
+ − 80 $paths->add_page(Array(
+ − 81 \'name\'=>\'Forgot password\',
+ − 82 \'urlname\'=>\'PasswordReset\',
+ − 83 \'namespace\'=>\'Special\',
+ − 84 \'special\'=>0,\'visible\'=>1,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\',
+ − 85 ));
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 86
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 87 $paths->add_page(Array(
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 88 \'name\'=>\'Member list\',
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 89 \'urlname\'=>\'Memberlist\',
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 90 \'namespace\'=>\'Special\',
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 91 \'special\'=>0,\'visible\'=>1,\'comments_on\'=>0,\'protected\'=>1,\'delvotes\'=>0,\'delvote_ips\'=>\'\',
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 92 ));
0
+ − 93 ');
+ − 94
+ − 95 // function names are IMPORTANT!!! The name pattern is: page_<namespace ID>_<page URLname, without namespace>
+ − 96
+ − 97 $__login_status = '';
+ − 98
+ − 99 function page_Special_Login()
+ − 100 {
+ − 101 global $db, $session, $paths, $template, $plugins; // Common objects
+ − 102 global $__login_status;
+ − 103
+ − 104 $pubkey = $session->rijndael_genkey();
+ − 105 $challenge = $session->dss_rand();
+ − 106
+ − 107 if ( isset($_GET['act']) && $_GET['act'] == 'getkey' )
+ − 108 {
60
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 109 $username = ( $session->user_logged_in ) ? $session->username : false;
0
+ − 110 $response = Array(
60
71b50f8c8f85
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
Dan
diff
changeset
+ − 111 'username' => $username,
0
+ − 112 'key' => $pubkey,
+ − 113 'challenge' => $challenge
+ − 114 );
+ − 115 $json = new Services_JSON(SERVICES_JSON_LOOSE_TYPE);
+ − 116 $response = $json->encode($response);
+ − 117 echo $response;
+ − 118 return null;
+ − 119 }
+ − 120
+ − 121 $level = ( isset($_GET['level']) && in_array($_GET['level'], array('0', '1', '2', '3', '4', '5', '6', '7', '8', '9') ) ) ? intval($_GET['level']) : USER_LEVEL_MEMBER;
+ − 122 if ( isset($_POST['login']) )
+ − 123 {
+ − 124 if ( in_array($_POST['auth_level'], array('0', '1', '2', '3', '4', '5', '6', '7', '8', '9') ) )
+ − 125 {
+ − 126 $level = intval($_POST['auth_level']);
+ − 127 }
+ − 128 }
+ − 129
+ − 130 if ( $level > USER_LEVEL_MEMBER && !$session->user_logged_in )
+ − 131 {
+ − 132 $level = USER_LEVEL_MEMBER;
+ − 133 }
93
+ − 134 if ( $level <= USER_LEVEL_MEMBER && $session->user_logged_in )
+ − 135 $paths->main_page();
0
+ − 136 $template->header();
+ − 137 echo '<form action="'.makeUrl($paths->nslist['Special'].'Login').'" method="post" name="loginform" onsubmit="runEncryption();">';
+ − 138 $header = ( $level > USER_LEVEL_MEMBER ) ? 'Please re-enter your login details' : 'Please enter your username and password to log in.';
+ − 139 if ( isset($_POST['login']) )
+ − 140 {
+ − 141 echo '<p>'.$__login_status.'</p>';
+ − 142 }
+ − 143 if ( $p = $paths->getAllParams() )
+ − 144 {
+ − 145 echo '<input type="hidden" name="return_to" value="'.$p.'" />';
+ − 146 }
+ − 147 else if ( isset($_POST['login']) && isset($_POST['return_to']) )
+ − 148 {
+ − 149 echo '<input type="hidden" name="return_to" value="'.htmlspecialchars($_POST['return_to']).'" />';
+ − 150 }
+ − 151 ?>
+ − 152 <div class="tblholder">
+ − 153 <table border="0" style="width: 100%;" cellspacing="1" cellpadding="4">
+ − 154 <tr>
+ − 155 <th colspan="3"><?php echo $header; ?></th>
+ − 156 </tr>
+ − 157 <tr>
+ − 158 <td colspan="3" class="row1">
+ − 159 <?php
+ − 160 if ( $level <= USER_LEVEL_MEMBER )
+ − 161 {
+ − 162 echo '<p>Logging in enables you to use your preferences and access member information. If you don\'t have a username and password here, you can <a href="'.makeUrl($paths->nslist['Special'].'Register').'">create an account</a>.</p>';
+ − 163 }
+ − 164 else
+ − 165 {
+ − 166 echo '<p>You are requesting that a sensitive operation be performed. To continue, please re-enter your password to confirm your identity.</p>';
+ − 167 }
+ − 168 ?>
+ − 169 </td>
+ − 170 </tr>
+ − 171 <tr>
+ − 172 <td class="row2">
+ − 173 Username:
+ − 174 </td>
+ − 175 <td class="row1">
+ − 176 <input name="username" size="25" type="text" <?php
+ − 177 if ( $level <= USER_LEVEL_MEMBER )
+ − 178 {
+ − 179 echo 'tabindex="1" ';
+ − 180 }
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 181 else
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 182 {
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 183 echo 'tabindex="3" ';
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 184 }
0
+ − 185 if ( $session->user_logged_in )
+ − 186 {
+ − 187 echo 'value="' . $session->username . '"';
+ − 188 }
+ − 189 ?> />
+ − 190 </td>
+ − 191 <?php if ( $level <= USER_LEVEL_MEMBER ) { ?>
+ − 192 <td rowspan="2" class="row3">
+ − 193 <small>Forgot your password? <a href="<?php echo makeUrlNS('Special', 'PasswordReset'); ?>">No problem.</a><br />
+ − 194 Maybe you need to <a href="<?php echo makeUrlNS('Special', 'Register'); ?>">create an account</a>.</small>
+ − 195 </td>
+ − 196 <?php } ?>
+ − 197 </tr>
+ − 198 <tr>
+ − 199 <td class="row2">Password:<br /></td><td class="row1"><input name="pass" size="25" type="password" tabindex="<?php echo ( $level <= USER_LEVEL_MEMBER ) ? '2' : '1'; ?>" /></td>
+ − 200 </tr>
+ − 201 <?php if ( $level <= USER_LEVEL_MEMBER ) { ?>
+ − 202 <tr>
+ − 203 <td class="row3" colspan="3">
+ − 204 <p><b>Important note regarding cryptography:</b> Some countries do not allow the import or use of cryptographic technology. If you live in one of the countries listed below, you should <a href="<?php if($p=$paths->getParam(0))$u='/'.$p;else $u='';echo makeUrl($paths->page.$u, 'level='.$level.'&use_crypt=0', true); ?>">log in without using encryption</a>.</p>
+ − 205 <p>This restriction applies to the following countries: Belarus, China, India, Israel, Kazakhstan, Mongolia, Pakistan, Russia, Saudi Arabia, Singapore, Tunisia, Venezuela, and Vietnam.</p>
+ − 206 </td>
+ − 207 </tr>
+ − 208 <?php } ?>
+ − 209 <tr>
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 210 <th colspan="3" style="text-align: center" class="subhead"><input type="submit" name="login" value="Log in" tabindex="<?php echo ( $level <= USER_LEVEL_MEMBER ) ? '3' : '2'; ?>" /></th>
0
+ − 211 </tr>
+ − 212 </table>
+ − 213 </div>
+ − 214 <input type="hidden" name="challenge_data" value="<?php echo $challenge; ?>" />
+ − 215 <input type="hidden" name="use_crypt" value="no" />
+ − 216 <input type="hidden" name="crypt_key" value="<?php echo $pubkey; ?>" />
+ − 217 <input type="hidden" name="crypt_data" value="" />
+ − 218 <input type="hidden" name="auth_level" value="<?php echo (string)$level; ?>" />
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 219 <?php if ( $level <= USER_LEVEL_MEMBER ): ?>
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 220 <script type="text/javascript">
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 221 document.forms.loginform.username.focus();
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 222 </script>
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 223 <?php else: ?>
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 224 <script type="text/javascript">
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 225 document.forms.loginform.pass.focus();
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 226 </script>
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 227 <?php endif; ?>
0
+ − 228 </form>
+ − 229 <?php
+ − 230 echo $session->aes_javascript('loginform', 'pass', 'use_crypt', 'crypt_key', 'crypt_data', 'challenge_data');
+ − 231 ?>
+ − 232 <?php
+ − 233 $template->footer();
+ − 234 }
+ − 235
+ − 236 function page_Special_Login_preloader() // adding _preloader to the end of the function name calls the function before $session and $paths setup routines are called
+ − 237 {
+ − 238 global $db, $session, $paths, $template, $plugins; // Common objects
+ − 239 global $__login_status;
+ − 240 if ( isset($_GET['act']) && $_GET['act'] == 'ajaxlogin' )
+ − 241 {
+ − 242 $plugins->attachHook('login_password_reset', 'SpecialLogin_SendResponse_PasswordReset($row[\'user_id\'], $row[\'temp_password\']);');
+ − 243 $json = new Services_JSON(SERVICES_JSON_LOOSE_TYPE);
+ − 244 $data = $json->decode($_POST['params']);
+ − 245 $level = ( isset($data['level']) ) ? intval($data['level']) : USER_LEVEL_MEMBER;
+ − 246 $result = $session->login_with_crypto($data['username'], $data['crypt_data'], $data['crypt_key'], $data['challenge'], $level);
+ − 247 $session->start();
+ − 248 //echo "$result\n$session->sid_super";
+ − 249 //exit;
+ − 250 if ( $result == 'success' )
+ − 251 {
+ − 252 $response = Array(
+ − 253 'result' => 'success',
+ − 254 'key' => $session->sid_super // ( ( $session->sid_super ) ? $session->sid_super : $session->sid )
+ − 255 );
+ − 256 }
+ − 257 else
+ − 258 {
+ − 259 $response = Array(
+ − 260 'result' => 'error',
+ − 261 'error' => $result
+ − 262 );
+ − 263 }
+ − 264 $response = $json->encode($response);
+ − 265 echo $response;
+ − 266 $db->close();
+ − 267 exit;
+ − 268 }
+ − 269 if(isset($_POST['login'])) {
+ − 270 if($_POST['use_crypt'] == 'yes')
+ − 271 {
+ − 272 $result = $session->login_with_crypto($_POST['username'], $_POST['crypt_data'], $_POST['crypt_key'], $_POST['challenge_data'], intval($_POST['auth_level']));
+ − 273 }
+ − 274 else
+ − 275 {
+ − 276 $result = $session->login_without_crypto($_POST['username'], $_POST['pass'], false, intval($_POST['auth_level']));
+ − 277 }
+ − 278 $session->start();
+ − 279 $paths->init();
+ − 280 if($result == 'success')
+ − 281 {
+ − 282 $template->load_theme($session->theme, $session->style);
+ − 283 if(isset($_POST['return_to']))
+ − 284 {
+ − 285 $name = ( isset($paths->pages[$_POST['return_to']]['name']) ) ? $paths->pages[$_POST['return_to']]['name'] : $_POST['return_to'];
93
+ − 286 redirect( makeUrl($_POST['return_to'], false, true), 'Login successful', 'You have successfully logged into the '.getConfig('site_name').' site as "'.$session->username.'". Redirecting to ' . $name . '...' );
0
+ − 287 }
+ − 288 else
+ − 289 {
93
+ − 290 redirect( makeUrl(getConfig('main_page'), false, true), 'Login successful', 'You have successfully logged into the '.getConfig('site_name').' site as "'.$session->username.'". Redirecting to the main page...' );
0
+ − 291 }
+ − 292 }
+ − 293 else
+ − 294 {
+ − 295 $GLOBALS['__login_status'] = $result;
+ − 296 }
+ − 297 }
+ − 298 }
+ − 299
+ − 300 function SpecialLogin_SendResponse_PasswordReset($user_id, $passkey)
+ − 301 {
+ − 302 $json = new Services_JSON(SERVICES_JSON_LOOSE_TYPE);
+ − 303
+ − 304 $response = Array(
+ − 305 'result' => 'success_reset',
+ − 306 'user_id' => $user_id,
+ − 307 'temppass' => $passkey
+ − 308 );
+ − 309
+ − 310 $response = $json->encode($response);
+ − 311 echo $response;
+ − 312
+ − 313 $db->close();
+ − 314
+ − 315 exit;
+ − 316 }
+ − 317
+ − 318 function page_Special_Logout() {
+ − 319 global $db, $session, $paths, $template, $plugins; // Common objects
93
+ − 320 if ( !$session->user_logged_in )
+ − 321 $paths->main_page();
+ − 322
0
+ − 323 $l = $session->logout();
93
+ − 324 if ( $l == 'success' )
+ − 325 {
+ − 326 redirect(makeUrl(getConfig('main_page'), false, true), 'Logged out', 'You have been successfully logged out, and all cookies have been cleared. You will now be transferred to the main page.', 4);
+ − 327 }
0
+ − 328 $template->header();
+ − 329 echo '<h3>An error occurred during the logout process.</h3><p>'.$l.'</p>';
+ − 330 $template->footer();
+ − 331 }
+ − 332
30
+ − 333 function page_Special_Register()
+ − 334 {
0
+ − 335 global $db, $session, $paths, $template, $plugins; // Common objects
+ − 336 if(getConfig('account_activation') == 'disable' && ( ( $session->user_level >= USER_LEVEL_ADMIN && !isset($_GET['IWannaPlayToo']) ) || $session->user_level < USER_LEVEL_ADMIN || !$session->user_logged_in ))
+ − 337 {
+ − 338 $s = ($session->user_level >= USER_LEVEL_ADMIN) ? '<p>Oops...it seems that you <em>are</em> the administrator...hehe...you can also <a href="'.makeUrl($paths->page, 'IWannaPlayToo', true).'">force account registration to work</a>.</p>' : '';
+ − 339 die_friendly('Registration disabled', '<p>The administrator has disabled new user registration on this site.</p>' . $s);
+ − 340 }
93
+ − 341 if ( $session->user_level < USER_LEVEL_ADMIN && $session->user_logged_in )
+ − 342 {
+ − 343 $paths->main_page();
+ − 344 }
30
+ − 345 if(isset($_POST['submit']))
+ − 346 {
+ − 347 $_GET['coppa'] = ( isset($_POST['coppa']) ) ? $_POST['coppa'] : 'x';
+ − 348
0
+ − 349 $captcharesult = $session->get_captcha($_POST['captchahash']);
+ − 350 if($captcharesult != $_POST['captchacode'])
30
+ − 351 {
0
+ − 352 $s = 'The confirmation code you entered was incorrect.';
30
+ − 353 }
0
+ − 354 else
30
+ − 355 {
+ − 356 if ( getConfig('enable_coppa') == '1' && ( !isset($_POST['coppa']) || ( isset($_POST['coppa']) && !in_array($_POST['coppa'], array('yes', 'no')) ) ) )
+ − 357 {
+ − 358 $s = 'Invalid COPPA input';
+ − 359 }
+ − 360 else
+ − 361 {
+ − 362 $coppa = ( isset($_POST['coppa']) && $_POST['coppa'] == 'yes' );
+ − 363
+ − 364 // CAPTCHA code was correct, create the account
+ − 365 $s = $session->create_user($_POST['username'], $_POST['password'], $_POST['email'], $_POST['real_name'], $coppa);
+ − 366 }
+ − 367 }
125
+ − 368 if($s == 'success' && !$coppa)
0
+ − 369 {
+ − 370 switch(getConfig('account_activation'))
+ − 371 {
+ − 372 case "none":
+ − 373 default:
+ − 374 $str = 'You may now <a href="'.makeUrlNS('Special', 'Login').'">log in</a> with the username and password that you created.';
+ − 375 break;
+ − 376 case "user":
+ − 377 $str = 'Because this site requires account activation, you have been sent an e-mail with further instructions. Please follow the instructions in that e-mail to continue your registration.';
+ − 378 break;
+ − 379 case "admin":
+ − 380 $str = 'Because this site requires administrative account activation, you cannot use your account at the moment. A notice has been sent to the site administration team that will alert them that your account has been created.';
+ − 381 break;
+ − 382 }
+ − 383 die_friendly('Registration successful', '<p>Thank you for registering, your user account has been created. '.$str.'</p>');
+ − 384 }
30
+ − 385 else if ( $s == 'success' && $coppa )
+ − 386 {
+ − 387 $str = 'However, in compliance with the Childrens\' Online Privacy Protection Act, you must have your parent or legal guardian activate your account. Please ask them to check their e-mail for further information.';
+ − 388 die_friendly('Registration successful', '<p>Thank you for registering, your user account has been created. '.$str.'</p>');
+ − 389 }
0
+ − 390 }
+ − 391 $template->header();
+ − 392 echo 'A user account enables you to have greater control over your browsing experience.';
30
+ − 393
+ − 394 if ( getConfig('enable_coppa') != '1' || ( isset($_GET['coppa']) && in_array($_GET['coppa'], array('yes', 'no')) ) )
+ − 395 {
+ − 396 $coppa = ( isset($_GET['coppa']) && $_GET['coppa'] == 'yes' );
+ − 397 $session->kill_captcha();
+ − 398 $captchacode = $session->make_captcha();
+ − 399 ?>
+ − 400 <h3>Create a user account</h3>
+ − 401 <form name="regform" action="<?php echo makeUrl($paths->page); ?>" method="post">
+ − 402 <div class="tblholder">
+ − 403 <table border="0" width="100%" cellspacing="1" cellpadding="4">
+ − 404 <tr><th class="subhead" colspan="3">Please tell us a little bit about yourself.</th></tr>
101
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 405
30
+ − 406 <?php if(isset($_POST['submit'])) echo '<tr><td colspan="3" class="row2" style="color: red;">'.$s.'</td></tr>'; ?>
101
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 407
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 408 <!-- FIELD: Username -->
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 409 <tr>
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 410 <td class="row1" style="width: 50%;">
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 411 Preferred username:
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 412 <span id="e_username"></span>
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 413 </td>
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 414 <td class="row1" style="width: 50%;">
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 415 <input type="text" name="username" size="30" onkeyup="namegood = false; validateForm();" onblur="checkUsername();" />
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 416 </td>
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 417 <td class="row1" style="max-width: 24px;">
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 418 <img alt="Good/bad icon" src="<?php echo scriptPath; ?>/images/bad.gif" id="s_username" />
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 419 </td>
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 420 </tr>
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 421
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 422 <!-- FIELD: Password -->
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 423 <tr>
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 424 <td class="row3" style="width: 50%;" rowspan="2">
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 425 Password:
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 426 <span id="e_password"></span>
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 427 </td>
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 428 <td class="row3" style="width: 50%;">
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 429 <input type="password" name="password" size="30" onkeyup="validateForm();" />
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 430 </td>
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 431 <td rowspan="2" class="row3" style="max-width: 24px;">
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 432 <img alt="Good/bad icon" src="<?php echo scriptPath; ?>/images/bad.gif" id="s_password" />
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 433 </td>
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 434 </tr>
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 435
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 436 <!-- FIELD: Password confirmation -->
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 437 <tr>
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 438 <td class="row3" style="width: 50%;">
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 439 <input type="password" name="password_confirm" size="30" onkeyup="validateForm();" /> <small>Enter your password again to confirm.</small>
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 440 </td>
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 441 </tr>
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 442
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 443 <!-- FIELD: E-mail address -->
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 444 <tr>
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 445 <td class="row1" style="width: 50%;">
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 446 <?php
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 447 if ( $coppa ) echo 'Your parent or guardian\'s e';
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 448 else echo 'E';
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 449 ?>-mail address:
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 450 <?php
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 451 if ( ( $x = getConfig('account_activation') ) == 'user' )
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 452 {
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 453 echo '<br /><small>An e-mail with an account activation key will be sent to this address, so please ensure that it is correct.</small>';
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 454 }
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 455 ?>
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 456 </td>
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 457 <td class="row1" style="width: 50%;">
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 458 <input type="text" name="email" size="30" onkeyup="validateForm();" />
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 459 </td>
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 460 <td class="row1" style="max-width: 24px;">
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 461 <img alt="Good/bad icon" src="<?php echo scriptPath; ?>/images/bad.gif" id="s_email" />
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 462 </td>
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 463 </tr>
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 464
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 465 <!-- FIELD: Real name -->
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 466 <tr>
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 467 <td class="row3" style="width: 50%;">
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 468 Real name:<br />
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 469 <small>Giving your real name is totally optional. If you choose to provide your real name, it will be used to provide attribution for any edits or contributions you may make to this site.</small>
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 470 </td>
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 471 <td class="row3" style="width: 50%;">
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 472 <input type="text" name="real_name" size="30" /></td><td class="row3" style="max-width: 24px;">
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 473 </td>
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 474 </tr>
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 475
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 476 <!-- FIELD: CAPTCHA image -->
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 477 <tr>
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 478 <td class="row1" style="width: 50%;" rowspan="2">
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 479 Visual confirmation<br />
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 480 <small>
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 481 Please enter the code shown in the image to the right into the text box. This process helps to ensure that this registration is not being performed by an automated bot. If the image to the right is illegible, you can <a href="#" onclick="regenCaptcha(); return false;">generate a new image</a>.<br />
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 482 <br />
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 483 If you are visually impaired or otherwise cannot read the text shown to the right, please contact the site management and they will create an account for you.
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 484 </small>
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 485 </td>
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 486 <td colspan="2" class="row1">
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 487 <img id="captchaimg" alt="CAPTCHA image" src="<?php echo makeUrlNS('Special', 'Captcha/'.$captchacode); ?>" />
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 488 <span id="b_username"></span>
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 489 </td>
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 490 </tr>
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 491
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 492 <!-- FIELD: CAPTCHA input field -->
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 493 <tr>
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 494 <td class="row1" colspan="2">
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 495 Code:
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 496 <input name="captchacode" type="text" size="10" />
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 497 <input type="hidden" name="captchahash" value="<?php echo $captchacode; ?>" />
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 498 </td>
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 499 </tr>
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 500
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 501 <!-- FIELD: submit button -->
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 502 <tr>
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 503 <th class="subhead" colspan="3" style="text-align: center;">
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 504 <input type="submit" name="submit" value="Create my account" />
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 505 </td>
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 506 </tr>
bb4e677a4da9
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
diff
changeset
+ − 507
30
+ − 508 </table>
+ − 509 </div>
+ − 510 <?php
+ − 511 $val = ( $coppa ) ? 'yes' : 'no';
+ − 512 echo '<input type="hidden" name="coppa" value="' . $val . '" />';
+ − 513 ?>
+ − 514 </form>
125
+ − 515 <!-- Don't optimize this script, it fails when compressed -->
+ − 516 <enano:no-opt>
+ − 517 <script type="text/javascript">
+ − 518 // <![CDATA[
+ − 519 var namegood = false;
+ − 520 function validateForm()
0
+ − 521 {
125
+ − 522 var frm = document.forms.regform;
+ − 523 failed = false;
+ − 524
+ − 525 // Username
+ − 526 if(!namegood)
30
+ − 527 {
125
+ − 528 if(frm.username.value.match(/^([A-z0-9 \!@\-\(\)]+){2,}$/ig))
+ − 529 {
+ − 530 document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/unknown.gif';
+ − 531 document.getElementById('e_username').innerHTML = ''; // '<br /><small><b>Checking availability...</b></small>';
+ − 532 } else {
+ − 533 failed = true;
+ − 534 document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/bad.gif';
+ − 535 document.getElementById('e_username').innerHTML = '<br /><small>Your username must be at least two characters in length and may contain only alphanumeric characters (A-Z and 0-9), spaces, and the following characters: :, !, @, #, *.</small>';
+ − 536 }
+ − 537 }
+ − 538 document.getElementById('b_username').innerHTML = '';
+ − 539 if(hex_md5(frm.real_name.value) == '5a397df72678128cf0e8147a2befd5f1')
+ − 540 {
+ − 541 document.getElementById('b_username').innerHTML = '<br /><br />Hey...I know you!<br /><img alt="" src="http://upload.wikimedia.org/wikipedia/commons/thumb/7/7f/Bill_Gates_2004_cr.jpg/220px-Bill_Gates_2004_cr.jpg" />';
+ − 542 }
+ − 543
+ − 544 // Password
+ − 545 if(frm.password.value.match(/^(.+){6,}$/ig) && frm.password_confirm.value.match(/^(.+){6,}$/ig) && frm.password.value == frm.password_confirm.value)
+ − 546 {
+ − 547 document.getElementById('s_password').src='<?php echo scriptPath; ?>/images/good.gif';
+ − 548 document.getElementById('e_password').innerHTML = '<br /><small>The password you entered is valid.</small>';
30
+ − 549 } else {
+ − 550 failed = true;
125
+ − 551 if(frm.password.value.length < 6)
+ − 552 {
+ − 553 document.getElementById('e_password').innerHTML = '<br /><small>Your password must be at least six characters in length.</small>';
+ − 554 }
+ − 555 else if(frm.password.value != frm.password_confirm.value)
+ − 556 {
+ − 557 document.getElementById('e_password').innerHTML = '<br /><small>The passwords you entered do not match.</small>';
+ − 558 }
+ − 559 else
+ − 560 {
+ − 561 document.getElementById('e_password').innerHTML = '';
+ − 562 }
+ − 563 document.getElementById('s_password').src='<?php echo scriptPath; ?>/images/bad.gif';
+ − 564 }
+ − 565
+ − 566 // E-mail address
+ − 567
+ − 568 // workaround for idiot jEdit bug
+ − 569 if ( validateEmail(frm.email.value) )
+ − 570 {
+ − 571 document.getElementById('s_email').src='<?php echo scriptPath; ?>/images/good.gif';
+ − 572 } else {
+ − 573 failed = true;
+ − 574 document.getElementById('s_email').src='<?php echo scriptPath; ?>/images/bad.gif';
+ − 575 }
+ − 576 if(failed)
+ − 577 {
+ − 578 frm.submit.disabled = 'disabled';
+ − 579 } else {
+ − 580 frm.submit.disabled = false;
30
+ − 581 }
+ − 582 }
125
+ − 583 function checkUsername()
30
+ − 584 {
125
+ − 585 var frm = document.forms.regform;
+ − 586
+ − 587 if(!namegood)
+ − 588 {
+ − 589 if(frm.username.value.match(/^([A-z0-9 \.:\!@\#\*]+){2,}$/ig))
+ − 590 {
+ − 591 document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/unknown.gif';
+ − 592 document.getElementById('e_username').innerHTML = '';
+ − 593 } else {
+ − 594 document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/bad.gif';
+ − 595 document.getElementById('e_username').innerHTML = '<br /><small>Your username must be at least two characters in length and may contain only alphanumeric characters (A-Z and 0-9), spaces, and the following characters: :, !, @, #, *.</small>';
+ − 596 return false;
+ − 597 }
+ − 598 }
+ − 599
+ − 600 document.getElementById('e_username').innerHTML = '<br /><small><b>Checking availability...</b></small>';
+ − 601 ajaxGet('<?php echo scriptPath; ?>/ajax.php?title=null&_mode=checkusername&name='+escape(frm.username.value), function() {
+ − 602 if(ajax.readyState == 4)
+ − 603 if(ajax.responseText == 'good')
+ − 604 {
+ − 605 document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/good.gif';
+ − 606 document.getElementById('e_username').innerHTML = '<br /><small><b>This username is available.</b></small>';
+ − 607 namegood = true;
+ − 608 } else if(ajax.responseText == 'bad') {
+ − 609 document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/bad.gif';
+ − 610 document.getElementById('e_username').innerHTML = '<br /><small><b>Error: that username is already taken.</b></small>';
+ − 611 namegood = false;
+ − 612 } else {
+ − 613 document.getElementById('e_username').innerHTML = ajax.responseText;
+ − 614 }
+ − 615 });
0
+ − 616 }
125
+ − 617 function regenCaptcha()
30
+ − 618 {
125
+ − 619 var frm = document.forms.regform;
+ − 620 document.getElementById('captchaimg').src = '<?php echo makeUrlNS("Special", "Captcha/"); ?>'+frm.captchahash.value+'/'+Math.floor(Math.random() * 100000);
+ − 621 return false;
30
+ − 622 }
125
+ − 623 validateForm();
+ − 624 setTimeout('checkUsername();', 1000);
+ − 625 // ]]>
+ − 626 </script>
+ − 627 </enano:no-opt>
30
+ − 628 <?php
+ − 629 }
+ − 630 else
+ − 631 {
+ − 632 $year = intval( date('Y') );
+ − 633 $year = $year - 13;
+ − 634 $month = date('F');
+ − 635 $day = date('d');
+ − 636
+ − 637 $yo13_date = "$month $day, $year";
+ − 638 $link_coppa_yes = makeUrlNS('Special', 'Register', 'coppa=yes', true);
+ − 639 $link_coppa_no = makeUrlNS('Special', 'Register', 'coppa=no', true);
+ − 640
+ − 641 // COPPA enabled, ask age
+ − 642 echo '<div class="tblholder">';
+ − 643 echo '<table border="0" cellspacing="1" cellpadding="4">';
+ − 644 echo '<tr>
+ − 645 <td class="row1">
+ − 646 Before you can register, please tell us your age.
+ − 647 </td>
+ − 648 </tr>
+ − 649 <tr>
+ − 650 <td class="row3">
+ − 651 <a href="' . $link_coppa_no . '">I was born <b>on or before</b> ' . $yo13_date . ' and am <b>at least</b> 13 years of age</a><br />
+ − 652 <a href="' . $link_coppa_yes . '">I was born <b>after</b> ' . $yo13_date . ' and am <b>less than</b> 13 years of age</a>
+ − 653 </td>
+ − 654 </tr>';
+ − 655 echo '</table>';
+ − 656 echo '</div>';
+ − 657 }
0
+ − 658 $template->footer();
+ − 659 }
+ − 660
+ − 661 /*
+ − 662 If you want the old preferences page back, be my guest.
+ − 663 function page_Special_Preferences() {
+ − 664 global $db, $session, $paths, $template, $plugins; // Common objects
+ − 665 $template->header();
+ − 666 if(isset($_POST['submit'])) {
+ − 667 $data = $session->update_user($session->user_id, $_POST['username'], $_POST['current_pass'], $_POST['new_pass'], $_POST['email'], $_POST['real_name'], $_POST['sig']);
+ − 668 if($data == 'success') echo '<h3>Information</h3><p>Your profile has been updated. <a href="'.scriptPath.'/">Return to the index page</a>.</p>';
+ − 669 else echo $data;
+ − 670 } else {
+ − 671 echo '
+ − 672 <h3>Edit your profile</h3>
+ − 673 <form action="'.makeUrl($paths->nslist['Special'].'Preferences').'" method="post">
+ − 674 <table border="0" style="margin-left: 0.2in;">
+ − 675 <tr><td>Username:</td><td><input type="text" name="username" value="'.$session->username.'" /></td></tr>
+ − 676 <tr><td>Current Password:</td><td><input type="password" name="current_pass" /></td></tr>
+ − 677 <tr><td colspan="2"><small>You only need to enter your current password if you are changing your e-mail address or changing your password.</small></td></tr>
+ − 678 <tr><td>New Password:</td><td><input type="password" name="new_pass" /></td></tr>
+ − 679 <tr><td>E-mail:</td><td><input type="text" name="email" value="'.$session->email.'" /></td></tr>
+ − 680 <tr><td>Real Name:</td><td><input type="text" name="real_name" value="'.$session->real_name.'" /></td></tr>
+ − 681 <tr><td>Signature:<br /><small>Your signature appears<br />below your comment posts.</small></td><td><textarea rows="10" cols="40" name="sig">'.$session->signature.'</textarea></td></tr>
+ − 682 <tr><td colspan="2">
+ − 683 <input type="submit" name="submit" value="Save Changes" /></td></tr>
+ − 684 </table>
+ − 685 </form>
+ − 686 ';
+ − 687 }
+ − 688 $template->footer();
+ − 689 }
+ − 690 */
+ − 691
+ − 692 function page_Special_Contributions() {
+ − 693 global $db, $session, $paths, $template, $plugins; // Common objects
+ − 694 $template->header();
+ − 695 $user = $paths->getParam();
+ − 696 if(!$user && isset($_GET['user']))
+ − 697 {
+ − 698 $user = $_GET['user'];
+ − 699 }
+ − 700 elseif(!$user && !isset($_GET['user']))
+ − 701 {
+ − 702 echo 'No user selected!';
+ − 703 $template->footer();
81
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 704 return;
0
+ − 705 }
+ − 706
+ − 707 $user = $db->escape($user);
+ − 708
+ − 709 $q = 'SELECT time_id,date_string,page_id,namespace,author,edit_summary,minor_edit,page_id,namespace FROM '.table_prefix.'logs WHERE author=\''.$user.'\' AND action=\'edit\' ORDER BY time_id DESC;';
+ − 710 if(!$db->sql_query($q)) $db->_die('The history data for the page "'.$paths->cpage['name'].'" could not be selected.');
+ − 711 echo 'History of edits and actions<h3>Edits:</h3>';
+ − 712 if($db->numrows() < 1) echo 'No history entries in this category.';
81
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 713 while($r = $db->fetchrow())
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 714 {
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 715 $title = get_page_title($r['page_id'], $r['namespace']);
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 716 echo '<a href="' . makeUrlNS($r['namespace'], $r['page_id'], "oldid={$r['time_id']}", true) . '" onclick="ajaxHistView(\''.$r['time_id'].'\', \''.$paths->nslist[$r['namespace']].$r['page_id'].'\'); return false;"><i>'.$r['date_string'].'</i></a> (<a href="#" onclick="ajaxRollback(\''.$r['time_id'].'\'); return false;">revert to</a>) <a href="'.makeUrl($paths->nslist[$r['namespace']].$r['page_id']).'">'.htmlspecialchars($title).'</a>: '.$r['edit_summary'];
0
+ − 717 if($r['minor_edit']) echo '<b> - minor edit</b>';
+ − 718 echo '<br />';
+ − 719 }
+ − 720 $db->free_result();
+ − 721 echo '<h3>Other changes:</h3>';
+ − 722 $q = 'SELECT log_type,time_id,action,date_string,page_id,namespace,author,edit_summary,minor_edit,page_id,namespace FROM '.table_prefix.'logs WHERE author=\''.$user.'\' AND action!=\'edit\' ORDER BY time_id DESC;';
+ − 723 if(!$db->sql_query($q)) $db->_die('The history data for the page "'.$paths->cpage['name'].'" could not be selected.');
+ − 724 if($db->numrows() < 1) echo 'No history entries in this category.';
81
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 725 while($r = $db->fetchrow())
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 726 {
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 727 if ( $r['log_type'] == 'page' )
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 728 {
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 729 $title = get_page_title($r['page_id'], $r['namespace']);
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 730 echo '(<a href="#" onclick="ajaxRollback(\''.$r['time_id'].'\'); return false;">rollback</a>) <i>'.$r['date_string'].'</i> <a href="'.makeUrl($paths->nslist[$r['namespace']].$r['page_id']).'">'.htmlspecialchars($title).'</a>: ';
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 731 if ( $r['action'] == 'prot' ) echo 'Protected page; reason: '.$r['edit_summary'];
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 732 else if ( $r['action'] == 'unprot' ) echo 'Unprotected page; reason: '.$r['edit_summary'];
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 733 else if ( $r['action'] == 'rename' ) echo 'Renamed page; old title was: '.htmlspecialchars($r['edit_summary']);
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 734 else if ( $r['action'] == 'create' ) echo 'Created page';
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 735 else if ( $r['action'] == 'delete' ) echo 'Deleted page';
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 736 if ( $r['minor_edit'] ) echo '<b> - minor edit</b>';
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 737 echo '<br />';
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 738 }
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 739 else if($r['log_type']=='security')
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 740 {
0
+ − 741 // Not implemented, and when it is, it won't be public
+ − 742 }
+ − 743 }
+ − 744 $db->free_result();
+ − 745 $template->footer();
+ − 746 }
+ − 747
+ − 748 function page_Special_ChangeStyle()
+ − 749 {
+ − 750 global $db, $session, $paths, $template, $plugins; // Common objects
+ − 751 if(!$session->user_logged_in) die_friendly('Access denied', '<p>You must be logged in to change your style. Spoofer.</p>');
+ − 752 if(isset($_POST['theme']) && isset($_POST['style']) && isset($_POST['return_to']))
+ − 753 {
81
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 754 if ( !preg_match('/^([a-z0-9_-]+)$/i', $_POST['theme']) )
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 755 die('Hacking attempt');
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 756 if ( !preg_match('/^([a-z0-9_-]+)$/i', $_POST['style']) )
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 757 die('Hacking attempt');
0
+ − 758 $d = ENANO_ROOT . '/themes/' . $_POST['theme'];
+ − 759 $f = ENANO_ROOT . '/themes/' . $_POST['theme'] . '/css/' . $_POST['style'] . '.css';
+ − 760 if(!file_exists($d) || !is_dir($d)) die('The directory "'.$d.'" does not exist.');
+ − 761 if(!file_exists($f)) die('The file "'.$f.'" does not exist.');
+ − 762 $d = $db->escape($_POST['theme']);
+ − 763 $f = $db->escape($_POST['style']);
+ − 764 $q = 'UPDATE '.table_prefix.'users SET theme=\''.$d.'\',style=\''.$f.'\' WHERE username=\''.$session->username.'\'';
+ − 765 if(!$db->sql_query($q))
+ − 766 {
+ − 767 $db->_die('Your theme/style preferences were not updated.');
+ − 768 }
+ − 769 else
+ − 770 {
+ − 771 redirect(makeUrl($_POST['return_to']), '', '', 0);
+ − 772 }
+ − 773 }
+ − 774 else
+ − 775 {
+ − 776 $template->header();
+ − 777 $ret = ( isset($_POST['return_to']) ) ? $_POST['return_to'] : $paths->getParam(0);
+ − 778 if(!$ret) $ret = getConfig('main_page');
+ − 779 ?>
+ − 780 <form action="<?php echo makeUrl($paths->page); ?>" method="post">
+ − 781 <?php if(!isset($_POST['themeselected'])) { ?>
+ − 782 <h3>Please select a new theme:</h3>
+ − 783 <p>
+ − 784 <select name="theme">
+ − 785 <?php
+ − 786 foreach($template->theme_list as $t) {
+ − 787 if($t['enabled'])
+ − 788 {
+ − 789 echo '<option value="'.$t['theme_id'].'"';
+ − 790 if($t['theme_id'] == $session->theme) echo ' selected="selected"';
+ − 791 echo '>'.$t['theme_name'].'</option>';
+ − 792 }
+ − 793 }
+ − 794 ?>
+ − 795 </select>
+ − 796 </p>
+ − 797 <p><input type="hidden" name="return_to" value="<?php echo $ret; ?>" />
+ − 798 <input type="submit" name="themeselected" value="Continue" /></p>
+ − 799 <?php } else {
+ − 800 $theme = $_POST['theme'];
+ − 801 if ( !preg_match('/^([0-9A-z_-]+)$/i', $theme ) )
+ − 802 die('Hacking attempt');
+ − 803 ?>
+ − 804 <h3>Please select a stylesheet:</h3>
+ − 805 <p>
+ − 806 <select name="style">
+ − 807 <?php
+ − 808 $dir = './themes/'.$theme.'/css/';
+ − 809 $list = Array();
+ − 810 // Open a known directory, and proceed to read its contents
+ − 811 if (is_dir($dir)) {
+ − 812 if ($dh = opendir($dir)) {
+ − 813 while (($file = readdir($dh)) !== false) {
+ − 814 if(preg_match('#^(.*?)\.css$#is', $file) && $file != '_printable.css') {
+ − 815 $list[] = substr($file, 0, strlen($file)-4);
+ − 816 }
+ − 817 }
+ − 818 closedir($dh);
+ − 819 }
+ − 820 } else die($dir.' is not a dir');
+ − 821 foreach ( $list as $l )
+ − 822 {
+ − 823 echo '<option value="'.$l.'">'.capitalize_first_letter($l).'</option>';
+ − 824 }
+ − 825 ?>
+ − 826 </select>
+ − 827 </p>
+ − 828 <p><input type="hidden" name="return_to" value="<?php echo $ret; ?>" />
+ − 829 <input type="hidden" name="theme" value="<?php echo $theme; ?>" />
+ − 830 <input type="submit" name="allclear" value="Change style" /></p>
+ − 831 <?php } ?>
+ − 832 </form>
+ − 833 <?php
+ − 834 $template->footer();
+ − 835 }
+ − 836 }
+ − 837
+ − 838 function page_Special_ActivateAccount()
+ − 839 {
+ − 840 global $db, $session, $paths, $template, $plugins; // Common objects
+ − 841 $user = $paths->getParam(0);
116
77c75179bb95
Made most special pages "visible"; fixup for non-existent special page redirect in paths.php; rewrote Special:AllPages to have pagination (WiP, Special:SpecialPages is possibly next, depending on whether paginate_array works or not)
Dan
diff
changeset
+ − 842 if(!$user) die_friendly('Account activation error', '<p>This page can only be accessed using links sent to users via e-mail.</p>');
0
+ − 843 $key = $paths->getParam(1);
116
77c75179bb95
Made most special pages "visible"; fixup for non-existent special page redirect in paths.php; rewrote Special:AllPages to have pagination (WiP, Special:SpecialPages is possibly next, depending on whether paginate_array works or not)
Dan
diff
changeset
+ − 844 if(!$key) die_friendly('Account activation error', '<p>This page can only be accessed using links sent to users via e-mail.</p>');
0
+ − 845 $s = $session->activate_account(str_replace('_', ' ', $user), $key);
+ − 846 if($s > 0) die_friendly('Activation successful', '<p>Your account is now active. Thank you for registering.</p>');
+ − 847 else die_friendly('Activation failed', '<p>The activation key was probably incorrect.</p>');
+ − 848 }
+ − 849
+ − 850 function page_Special_Captcha()
+ − 851 {
+ − 852 global $db, $session, $paths, $template, $plugins; // Common objects
+ − 853 if($paths->getParam(0) == 'make')
+ − 854 {
+ − 855 $session->kill_captcha();
+ − 856 echo $session->make_captcha();
+ − 857 return;
+ − 858 }
+ − 859 $hash = $paths->getParam(0);
+ − 860 if(!$hash || !preg_match('#^([0-9a-f]*){32,32}$#i', $hash)) $paths->main_page();
+ − 861 $code = $session->get_captcha($hash);
+ − 862 if(!$code) die('Invalid hash or IP address incorrect.');
+ − 863 require(ENANO_ROOT.'/includes/captcha.php');
+ − 864 $captcha = new captcha($code);
+ − 865 //header('Content-disposition: attachment; filename=autocaptcha.png');
+ − 866 $captcha->make_image();
+ − 867 exit;
+ − 868 }
+ − 869
+ − 870 function page_Special_PasswordReset()
+ − 871 {
+ − 872 global $db, $session, $paths, $template, $plugins; // Common objects
+ − 873 $template->header();
+ − 874 if($paths->getParam(0) == 'stage2')
+ − 875 {
+ − 876 $user_id = intval($paths->getParam(1));
+ − 877 $encpass = $paths->getParam(2);
+ − 878 if ( $user_id < 2 )
+ − 879 {
+ − 880 echo '<p>Hacking attempt</p>';
+ − 881 $template->footer();
+ − 882 return false;
+ − 883 }
+ − 884 if(!preg_match('#^([a-f0-9]+)$#i', $encpass))
+ − 885 {
+ − 886 echo '<p>Hacking attempt</p>';
+ − 887 $template->footer();
+ − 888 return false;
+ − 889 }
+ − 890
+ − 891 $q = $db->sql_query('SELECT username,temp_password_time FROM '.table_prefix.'users WHERE user_id='.$user_id.' AND temp_password=\'' . $encpass . '\';');
+ − 892 if($db->numrows() < 1)
+ − 893 {
+ − 894 echo '<p>Invalid credentials</p>';
+ − 895 $template->footer();
+ − 896 return false;
+ − 897 }
+ − 898 $row = $db->fetchrow();
+ − 899 $db->free_result();
+ − 900
+ − 901 if ( ( intval($row['temp_password_time']) + 3600 * 24 ) < time() )
+ − 902 {
+ − 903 echo '<p>Password has expired</p>';
+ − 904 $template->footer();
+ − 905 return false;
+ − 906 }
+ − 907
+ − 908 if ( isset($_POST['do_stage2']) )
+ − 909 {
+ − 910 $aes = new AESCrypt(AES_BITS, AES_BLOCKSIZE);
+ − 911 if($_POST['use_crypt'] == 'yes')
+ − 912 {
+ − 913 $crypt_key = $session->fetch_public_key($_POST['crypt_key']);
+ − 914 if(!$crypt_key)
+ − 915 {
+ − 916 echo 'ERROR: Couldn\'t look up public key for decryption.';
+ − 917 $template->footer();
+ − 918 return false;
+ − 919 }
+ − 920 $crypt_key = hexdecode($crypt_key);
+ − 921 $data = $aes->decrypt($_POST['crypt_data'], $crypt_key, ENC_HEX);
+ − 922 if(strlen($data) < 6)
+ − 923 {
+ − 924 echo 'ERROR: Your password must be six characters or greater in length.';
+ − 925 $template->footer();
+ − 926 return false;
+ − 927 }
+ − 928 }
+ − 929 else
+ − 930 {
+ − 931 $data = $_POST['pass'];
+ − 932 $conf = $_POST['pass_confirm'];
+ − 933 if($data != $conf)
+ − 934 {
+ − 935 echo 'ERROR: The passwords you entered do not match.';
+ − 936 $template->footer();
+ − 937 return false;
+ − 938 }
+ − 939 if(strlen($data) < 6)
+ − 940 {
+ − 941 echo 'ERROR: Your password must be six characters or greater in length.';
+ − 942 $template->footer();
+ − 943 return false;
+ − 944 }
+ − 945 }
+ − 946 if(empty($data))
+ − 947 {
+ − 948 echo 'ERROR: Sanity check failed!';
+ − 949 $template->footer();
+ − 950 return false;
+ − 951 }
+ − 952 $encpass = $aes->encrypt($data, $session->private_key, ENC_HEX);
+ − 953 $q = $db->sql_query('UPDATE '.table_prefix.'users SET password=\'' . $encpass . '\',temp_password=\'\',temp_password_time=0 WHERE user_id='.$user_id.';');
+ − 954
+ − 955 if($q)
+ − 956 {
+ − 957 $session->login_without_crypto($row['username'], $data);
+ − 958 echo '<p>Your password has been reset. Return to the <a href="' . makeUrl(getConfig('main_page')) . '">main page</a>.</p>';
+ − 959 }
+ − 960 else
+ − 961 {
+ − 962 echo $db->get_error();
+ − 963 }
+ − 964
+ − 965 $template->footer();
+ − 966 return false;
+ − 967 }
+ − 968
+ − 969 // Password reset form
+ − 970 $pubkey = $session->rijndael_genkey();
+ − 971
+ − 972 ?>
+ − 973 <form action="<?php echo makeUrl($paths->fullpage); ?>" method="post" name="resetform" onsubmit="return runEncryption();">
+ − 974 <br />
+ − 975 <div class="tblholder">
+ − 976 <table border="0" style="width: 100%;" cellspacing="1" cellpadding="4">
+ − 977 <tr><th colspan="2">Reset password</th></tr>
+ − 978 <tr><td class="row1">Password:</td><td class="row1"><input name="pass" type="password" /></td></tr>
+ − 979 <tr><td class="row2">Confirm: </td><td class="row2"><input name="pass_confirm" type="password" /></td></tr>
+ − 980 <tr>
+ − 981 <td colspan="2" class="row1" style="text-align: center;">
+ − 982 <input type="hidden" name="use_crypt" value="no" />
+ − 983 <input type="hidden" name="crypt_key" value="<?php echo $pubkey; ?>" />
+ − 984 <input type="hidden" name="crypt_data" value="" />
+ − 985 <input type="submit" name="do_stage2" value="Reset password" />
+ − 986 </td>
+ − 987 </tr>
+ − 988 </table>
+ − 989 </div>
+ − 990 </form>
+ − 991 <script type="text/javascript">
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 992 if ( !KILL_SWITCH )
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 993 {
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 994 disableJSONExts();
0
+ − 995 str = '';
+ − 996 for(i=0;i<keySizeInBits/4;i++) str+='0';
+ − 997 var key = hexToByteArray(str);
+ − 998 var pt = hexToByteArray(str);
+ − 999 var ct = rijndaelEncrypt(pt, key, "ECB");
+ − 1000 var ct = byteArrayToHex(ct);
+ − 1001 switch(keySizeInBits)
+ − 1002 {
+ − 1003 case 128:
+ − 1004 v = '66e94bd4ef8a2c3b884cfa59ca342b2e';
+ − 1005 break;
+ − 1006 case 192:
+ − 1007 v = 'aae06992acbf52a3e8f4a96ec9300bd7aae06992acbf52a3e8f4a96ec9300bd7';
+ − 1008 break;
+ − 1009 case 256:
+ − 1010 v = 'dc95c078a2408989ad48a21492842087dc95c078a2408989ad48a21492842087';
+ − 1011 break;
+ − 1012 }
+ − 1013 var testpassed = ( ct == v && md5_vm_test() );
+ − 1014 var frm = document.forms.resetform;
+ − 1015 if(testpassed)
+ − 1016 {
+ − 1017 frm.use_crypt.value = 'yes';
+ − 1018 var cryptkey = frm.crypt_key.value;
+ − 1019 frm.crypt_key.value = hex_md5(cryptkey);
+ − 1020 cryptkey = hexToByteArray(cryptkey);
+ − 1021 if(!cryptkey || ( ( typeof cryptkey == 'string' || typeof cryptkey == 'object' ) ) && cryptkey.length != keySizeInBits / 8 )
+ − 1022 {
+ − 1023 frm._login.disabled = true;
+ − 1024 len = ( typeof cryptkey == 'string' || typeof cryptkey == 'object' ) ? '\nLen: '+cryptkey.length : '';
+ − 1025 alert('The key is messed up\nType: '+typeof(cryptkey)+len);
+ − 1026 }
+ − 1027 }
+ − 1028 function runEncryption()
+ − 1029 {
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 1030 var frm = document.forms.resetform;
0
+ − 1031 pass1 = frm.pass.value;
+ − 1032 pass2 = frm.pass_confirm.value;
+ − 1033 if ( pass1 != pass2 )
+ − 1034 {
+ − 1035 alert('The passwords you entered do not match.');
+ − 1036 return false;
+ − 1037 }
+ − 1038 if ( pass1.length < 6 )
+ − 1039 {
+ − 1040 alert('The new password must be 6 characters or greater in length.');
+ − 1041 return false;
+ − 1042 }
+ − 1043 if(testpassed)
+ − 1044 {
+ − 1045 pass = frm.pass.value;
+ − 1046 pass = stringToByteArray(pass);
+ − 1047 cryptstring = rijndaelEncrypt(pass, cryptkey, 'ECB');
+ − 1048 if(!cryptstring)
+ − 1049 {
+ − 1050 return false;
+ − 1051 }
+ − 1052 cryptstring = byteArrayToHex(cryptstring);
+ − 1053 frm.crypt_data.value = cryptstring;
+ − 1054 frm.pass.value = "";
+ − 1055 frm.pass_confirm.value = "";
+ − 1056 }
+ − 1057 return true;
+ − 1058 }
57
b354deeaa4c4
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
Dan
diff
changeset
+ − 1059 }
0
+ − 1060 </script>
+ − 1061 <?php
+ − 1062 $template->footer();
+ − 1063 return true;
+ − 1064 }
+ − 1065 if(isset($_POST['do_reset']))
+ − 1066 {
+ − 1067 if($session->mail_password_reset($_POST['username']))
+ − 1068 {
+ − 1069 echo '<p>An e-mail has been sent to the e-mail address on file for your username with a new password in it. Please check your e-mail for further instructions.</p>';
+ − 1070 }
+ − 1071 else
+ − 1072 {
+ − 1073 echo '<p>Error occured, your new password was not sent.</p>';
+ − 1074 }
+ − 1075 $template->footer();
+ − 1076 return true;
+ − 1077 }
+ − 1078 echo '<p>Don\'t worry, it happens to the best of us.</p>
+ − 1079 <p>To reset your password, just enter your username below, and a new password will be e-mailed to you.</p>
+ − 1080 <form action="'.makeUrl($paths->page).'" method="post" onsubmit="if(!submitAuthorized) return false;">
+ − 1081 <p>Username: '.$template->username_field('username').'</p>
+ − 1082 <p><input type="submit" name="do_reset" value="Mail new password" /></p>
+ − 1083 </form>';
+ − 1084 $template->footer();
+ − 1085 }
+ − 1086
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1087 function page_Special_Memberlist()
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1088 {
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1089 global $db, $session, $paths, $template, $plugins; // Common objects
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1090 $template->header();
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1091
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1092 $startletters = 'abcdefghijklmnopqrstuvwxyz';
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1093 $startletters = enano_str_split($startletters);
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1094 $startletter = ( isset($_GET['letter']) ) ? strtolower($_GET['letter']) : '';
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1095 if ( !in_array($startletter, $startletters) && $startletter != 'chr' )
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1096 {
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1097 $startletter = '';
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1098 }
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1099
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1100 $startletter_sql = $startletter;
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1101 if ( $startletter == 'chr' )
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1102 {
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1103 $startletter_sql = '([^a-z])';
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1104 }
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1105
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1106 // offset
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1107 $offset = ( isset($_GET['offset']) && strval(intval($_GET['offset'])) === $_GET['offset']) ? intval($_GET['offset']) : 0;
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1108
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1109 // sort order
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1110 $sortkeys = array(
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1111 'uid' => 'u.user_id',
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1112 'username' => 'u.username',
111
+ − 1113 'email' => 'u.email',
+ − 1114 'regist' => 'u.reg_time'
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1115 );
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1116
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1117 $sortby = ( isset($_GET['sort']) && isset($sortkeys[$_GET['sort']]) ) ? $_GET['sort'] : 'username';
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1118 $sort_sqllet = $sortkeys[$sortby];
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1119
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1120 $target_order = ( isset($_GET['orderby']) && in_array($_GET['orderby'], array('ASC', 'DESC')) )? $_GET['orderby'] : 'ASC';
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1121
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1122 $sortorders = array();
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1123 foreach ( $sortkeys as $k => $_unused )
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1124 {
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1125 $sortorders[$k] = ( $sortby == $k ) ? ( $target_order == 'ASC' ? 'DESC' : 'ASC' ) : 'ASC';
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1126 }
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1127
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1128 // Why 3.3714%? 100 percent / 28 cells, minus a little (0.2% / cell) to account for cell spacing
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1129
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1130 echo '<div class="tblholder">
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1131 <table border="0" cellspacing="1" cellpadding="4" style="text-align: center;">
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1132 <tr>';
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1133 echo '<td class="row1" style="width: 3.3714%;"><a href="' . makeUrlNS('Special', 'Memberlist', 'letter=&sort=' . $sortby . '&orderby=' . $target_order, true) . '">All</a></td>';
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1134 echo '<td class="row1" style="width: 3.3714%;"><a href="' . makeUrlNS('Special', 'Memberlist', 'letter=chr&sort=' . $sortby . '&orderby=' . $target_order, true) . '">#</a></td>';
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1135 foreach ( $startletters as $letter )
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1136 {
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1137 echo '<td class="row1" style="width: 3.3714%;"><a href="' . makeUrlNS('Special', 'Memberlist', 'letter=' . $letter . '&sort=' . $sortby . '&orderby=' . $target_order, true) . '">' . strtoupper($letter) . '</a></td>';
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1138 }
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1139 echo ' </tr>
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1140 </table>
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1141 </div>';
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1142
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1143 // formatter parameters
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1144 $formatter = new MemberlistFormatter();
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1145 $formatters = array(
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1146 'username' => array($formatter, 'username'),
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1147 'user_level' => array($formatter, 'user_level'),
111
+ − 1148 'email' => array($formatter, 'email'),
+ − 1149 'reg_time' => array($formatter, 'reg_time')
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1150 );
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1151
105
+ − 1152 // User search
+ − 1153 if ( isset($_GET['finduser']) )
+ − 1154 {
+ − 1155 $finduser = str_replace(array( '%', '_'),
+ − 1156 array('\\%', '\\_'),
+ − 1157 $_GET['finduser']);
+ − 1158 $finduser = str_replace(array('*', '?'),
+ − 1159 array('%', '_'),
+ − 1160 $finduser);
+ − 1161 $finduser = $db->escape($finduser);
+ − 1162 $username_where = 'u.username LIKE "' . $finduser . '"';
+ − 1163 $finduser_url = 'finduser=' . rawurlencode($_GET['finduser']) . '&';
+ − 1164 }
+ − 1165 else
+ − 1166 {
+ − 1167 $username_where = 'u.username REGEXP "^' . $startletter_sql . '"';
+ − 1168 $finduser_url = '';
+ − 1169 }
+ − 1170
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1171 // Column markers
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1172 $headings = '<tr>
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1173 <th style="max-width: 50px;">
105
+ − 1174 <a href="' . makeUrlNS('Special', 'Memberlist', $finduser_url . 'letter=' . $startletter . '&sort=uid&orderby=' . $sortorders['uid'], true) . '">#</a>
+ − 1175 </th>
+ − 1176 <th>
+ − 1177 <a href="' . makeUrlNS('Special', 'Memberlist', $finduser_url . 'letter=' . $startletter . '&sort=username&orderby=' . $sortorders['username'], true) . '">Username</a>
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1178 </th>
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1179 <th>
111
+ − 1180 Title
+ − 1181 </th>
+ − 1182 <th>
105
+ − 1183 <a href="' . makeUrlNS('Special', 'Memberlist', $finduser_url . 'letter=' . $startletter . '&sort=email&orderby=' . $sortorders['email'], true) . '">E-mail</a>
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1184 </th>
111
+ − 1185 <th>
+ − 1186 <a href="' . makeUrlNS('Special', 'Memberlist', $finduser_url . 'letter=' . $startletter . '&sort=regist&orderby=' . $sortorders['regist'], true) . '">Registered</a>
+ − 1187 </th>
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1188 </tr>';
105
+ − 1189
+ − 1190 // determine number of rows
+ − 1191 $q = $db->sql_query('SELECT u.user_id FROM '.table_prefix.'users AS u WHERE ' . $username_where . ' AND u.username != "Anonymous";');
+ − 1192 if ( !$q )
+ − 1193 $db->_die();
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1194
105
+ − 1195 $num_rows = $db->numrows();
+ − 1196 $db->free_result();
+ − 1197
+ − 1198 if ( !empty($finduser_url) )
+ − 1199 {
+ − 1200 $s = ( $num_rows == 1 ) ? '' : 'es';
+ − 1201 echo "<h3 style='float: left;'>Search returned $num_rows match$s</h3>";
+ − 1202 }
+ − 1203
+ − 1204 // main selector
111
+ − 1205 $q = $db->sql_unbuffered_query('SELECT u.user_id, u.username, u.reg_time, u.email, u.user_level, u.reg_time, x.email_public FROM '.table_prefix.'users AS u
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1206 LEFT JOIN '.table_prefix.'users_extra AS x
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1207 ON ( u.user_id = x.user_id )
105
+ − 1208 WHERE ' . $username_where . ' AND u.username != "Anonymous"
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1209 ORDER BY ' . $sort_sqllet . ' ' . $target_order . ';');
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1210 if ( !$q )
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1211 $db->_die();
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1212
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1213 $html = paginate(
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1214 $q, // MySQL result resource
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1215 '<tr>
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1216 <td class="{_css_class}">{user_id}</td>
111
+ − 1217 <td class="{_css_class}" style="text-align: left;">{username}</td>
+ − 1218 <td class="{_css_class}">{user_level}</td>
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1219 <td class="{_css_class}">{email}</small></td>
111
+ − 1220 <td class="{_css_class}">{reg_time}</td>
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1221 </tr>
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1222 ', // TPL code for rows
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1223 $num_rows, // Number of results
105
+ − 1224 makeUrlNS('Special', 'Memberlist', ( str_replace('%', '%%', $finduser_url) ) . 'letter=' . $startletter . '&offset=%s&sort=' . $sortby . '&orderby=' . $target_order ), // Result URL
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1225 $offset, // Start at this number
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1226 25, // Results per page
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1227 $formatters, // Formatting hooks
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1228 '<div class="tblholder">
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1229 <table border="0" cellspacing="1" cellpadding="4" style="text-align: center;">
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1230 ' . $headings . '
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1231 ', // Header (printed before rows)
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1232 ' ' . $headings . '
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1233 </table>
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1234 </div>
105
+ − 1235 ' .
+ − 1236 '<div style="float: left;">
+ − 1237 <form action="' . makeUrlNS('Special', 'Memberlist') . '" method="get" onsubmit="if ( !submitAuthorized ) return false;">'
115
261f367623af
Fixed the obnoxious issue with forms using GET and index.php?title=Foo URL scheme (this works a whole lot better than MediaWiki now
Dan
diff
changeset
+ − 1238 . ( urlSeparator == '&' ? '<input type="hidden" name="title" value="' . htmlspecialchars( $paths->nslist[$paths->namespace] . $paths->cpage['urlname_nons'] ) . '" />' : '' )
261f367623af
Fixed the obnoxious issue with forms using GET and index.php?title=Foo URL scheme (this works a whole lot better than MediaWiki now
Dan
diff
changeset
+ − 1239 . ( $session->sid_super ? '<input type="hidden" name="auth" value="' . $session->sid_super . '" />' : '')
105
+ − 1240 . '<p>Find a member: ' . $template->username_field('finduser') . ' <input type="submit" value="Go" /><br /><small>You may use the following wildcards: * to match multiple characters, ? to match a single character.</small></p>'
+ − 1241 . '</form>
+ − 1242 </div>' // Footer (printed after rows)
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1243 );
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1244
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1245 if ( $num_rows < 1 )
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1246 {
105
+ − 1247 echo ( isset($_GET['finduser']) ) ? '<p>Sorry - no users that matched your query could be found. Please try some different search terms.</p>' : '<p>Sorry - no users with usernames that start with that letter could be found.</p>';
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1248 }
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1249 else
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1250 {
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1251 echo $html;
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1252 }
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1253
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1254 $template->footer();
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1255 }
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1256
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1257 /**
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1258 * Class for formatting results for the memberlist.
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1259 * @access private
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1260 */
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1261
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1262 class MemberlistFormatter
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1263 {
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1264 function username($username, $row)
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1265 {
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1266 global $db, $session, $paths, $template, $plugins; // Common objects
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1267 $userpage = $paths->nslist['User'] . sanitize_page_id($username);
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1268 $class = ( isPage($userpage) ) ? ' title="Click to view this user\'s userpage"' : ' class="wikilink-nonexistent" title="This user hasn\'t created a userpage yet, but you can still view profile details by clicking this link."';
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1269 $anchor = '<a href="' . makeUrlNS('User', sanitize_page_id($username)) . '"' . $class . '>' . htmlspecialchars($username) . '</a>';
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1270 if ( $session->user_level >= USER_LEVEL_ADMIN )
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1271 {
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1272 $anchor .= ' <small>- <a href="' . makeUrlNS('Special', 'Administration', 'module=' . $paths->nslist['Admin'] . 'UserManager&src=get&username=' . urlencode($username), true) . '"
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1273 onclick="ajaxAdminUser(\'' . addslashes(htmlspecialchars($username)) . '\'); return false;">Administer user</a></small>';
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1274 }
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1275 return $anchor;
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1276 }
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1277 function user_level($level, $row)
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1278 {
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1279 global $db, $session, $paths, $template, $plugins; // Common objects
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1280 switch ( $level )
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1281 {
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1282 case USER_LEVEL_GUEST:
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1283 $s_level = 'Guest'; break;
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1284 case USER_LEVEL_MEMBER:
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1285 case USER_LEVEL_CHPREF:
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1286 $s_level = 'Member'; break;
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1287 case USER_LEVEL_MOD:
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1288 $s_level = 'Moderator'; break;
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1289 case USER_LEVEL_ADMIN:
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1290 $s_level = 'Site administrator'; break;
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1291 default:
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1292 $s_level = 'Unknown (level ' . $level . ')';
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1293 }
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1294 return $s_level;
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1295 }
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1296 function email($addy, $row)
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1297 {
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1298 if ( $row['email_public'] == '1' )
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1299 {
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1300 global $email;
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1301 $addy = $email->encryptEmail($addy);
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1302 return $addy;
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1303 }
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1304 else
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1305 {
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1306 return '<small><Non-public></small>';
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1307 }
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1308 }
111
+ − 1309 /**
+ − 1310 * Format a time as a reference to a day, with user-friendly "X days ago"/"Today"/"Yesterday" returned when relevant.
+ − 1311 * @param int UNIX timestamp
+ − 1312 * @return string
+ − 1313 */
+ − 1314
+ − 1315 function format_date($time)
+ − 1316 {
+ − 1317 // Our formattting string to pass to date()
+ − 1318 // This should not include minute/second info, only today's date in whatever format suits your fancy
+ − 1319 $formatstring = 'F j, Y';
+ − 1320 // Today's date
+ − 1321 $today = date($formatstring);
+ − 1322 // Yesterday's date
+ − 1323 $yesterday = date($formatstring, (time() - (24*60*60)));
+ − 1324 // Date on the input
+ − 1325 $then = date($formatstring, $time);
+ − 1326 // "X days ago" logic
+ − 1327 for ( $i = 2; $i <= 6; $i++ )
+ − 1328 {
+ − 1329 // hours_in_day * minutes_in_hour * seconds_in_minute * num_days
+ − 1330 $offset = 24 * 60 * 60 * $i;
+ − 1331 $days_ago = date($formatstring, (time() - $offset));
+ − 1332 // so does the input timestamp match the date from $i days ago?
+ − 1333 if ( $then == $days_ago )
+ − 1334 {
+ − 1335 // yes, return $i
+ − 1336 return "$i days ago";
+ − 1337 }
+ − 1338 }
+ − 1339 // either yesterday, today, or before 6 days ago
+ − 1340 switch($then)
+ − 1341 {
+ − 1342 case $today:
+ − 1343 return 'Today';
+ − 1344 case $yesterday:
+ − 1345 return 'Yesterday';
+ − 1346 default:
+ − 1347 return $then;
+ − 1348 }
+ − 1349 // .--.
+ − 1350 // |o_o |
+ − 1351 // |!_/ |
+ − 1352 // // \ \
+ − 1353 // (| | )
+ − 1354 // /'\_ _/`\
+ − 1355 // \___)=(___/
+ − 1356 return 'Linux rocks!';
+ − 1357 }
+ − 1358 function reg_time($time, $row)
+ − 1359 {
+ − 1360 return $this->format_date($time);
+ − 1361 }
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1362 }
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1363
0
+ − 1364 ?>