plugins/SpecialUserFuncs.php
author Dan
Mon, 30 Nov 2009 22:22:43 -0500
changeset 1140 d90e55caba3a
parent 1132 05fe0039d952
child 1158 e733f984c990
permissions -rw-r--r--
Admin Home: fixed undefined %num_users% in string acphome_msg_inactive_users_plural
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
     1
<?php
519
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents: 517
diff changeset
     2
/**!info**
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents: 517
diff changeset
     3
{
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents: 517
diff changeset
     4
  "Plugin Name"  : "plugin_specialuserfuncs_title",
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents: 517
diff changeset
     5
  "Plugin URI"   : "http://enanocms.org/",
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents: 517
diff changeset
     6
  "Description"  : "plugin_specialuserfuncs_desc",
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents: 517
diff changeset
     7
  "Author"       : "Dan Fuhry",
960
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
     8
  "Version"      : "1.1.6",
519
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents: 517
diff changeset
     9
  "Author URI"   : "http://enanocms.org/"
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents: 517
diff changeset
    10
}
94214ec0871c Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
Dan
parents: 517
diff changeset
    11
**!*/
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    12
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    13
/*
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    14
 * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
1081
745200a9cc2a Fixed some upgrade bugs; added support for choosing one's own date/time formats; rebrand as 1.1.7
Dan
parents: 1032
diff changeset
    15
 * Copyright (C) 2006-2009 Dan Fuhry
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    16
 *
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    17
 * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    18
 * as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    19
 *
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    20
 * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    21
 * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    22
 */
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    23
 
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    24
global $db, $session, $paths, $template, $plugins; // Common objects
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    25
593
4f9bec0d65c1 More optimization work. Moved special page init functions to common instead of common_post hook. Allowed paths to cache page metadata on filesystem. Phased out the redundancy in $paths->pages that paired a number with every urlname as foreach loops are allowed now (and have been for some time). Fixed missing includes for several functions. Rewrote str_replace_once to be a lot more efficient.
Dan
parents: 591
diff changeset
    26
// $plugins->attachHook('session_started', 'SpecialUserFuncs_paths_init();');
590
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now
Dan
parents: 586
diff changeset
    27
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now
Dan
parents: 586
diff changeset
    28
function SpecialUserFuncs_paths_init()
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now
Dan
parents: 586
diff changeset
    29
{
960
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
    30
  register_special_page('Login', 'specialpage_log_in');
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
    31
  register_special_page('Logout', 'specialpage_log_out');
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
    32
  register_special_page('Register', 'specialpage_register');
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
    33
  register_special_page('Preferences', 'specialpage_preferences');
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
    34
  register_special_page('Contributions', 'specialpage_contributions');
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
    35
  register_special_page('ChangeStyle', 'specialpage_change_theme');
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
    36
  register_special_page('ActivateAccount', 'specialpage_activate_account');
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
    37
  register_special_page('Captcha', 'specialpage_captcha');
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
    38
  register_special_page('PasswordReset', 'specialpage_password_reset');
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
    39
  register_special_page('Memberlist', 'specialpage_member_list');
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
    40
  register_special_page('LangExportJSON', 'specialpage_language_export', false);
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
    41
  register_special_page('Avatar', 'specialpage_avatar', false);
590
03a60844c7c5 Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now
Dan
parents: 586
diff changeset
    42
}
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    43
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    44
// function names are IMPORTANT!!! The name pattern is: page_<namespace ID>_<page URLname, without namespace>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    45
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    46
$__login_status = '';
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    47
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    48
function page_Special_Login()
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    49
{
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    50
  global $db, $session, $paths, $template, $plugins; // Common objects
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    51
  global $login_result;
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    52
  global $lang, $output;
953
323c4cd1aa37 Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
parents: 912
diff changeset
    53
  
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    54
  // Determine which level we're going up to
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    55
  $level = ( isset($_GET['level']) && in_array($_GET['level'], array('0', '1', '2', '3', '4', '5', '6', '7', '8', '9') ) ) ? intval($_GET['level']) : USER_LEVEL_MEMBER;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    56
  if ( isset($_POST['login']) )
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    57
  {
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    58
    if ( in_array($_POST['level'], array('0', '1', '2', '3', '4', '5', '6', '7', '8', '9') ) )
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    59
    {
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    60
      $level = intval($_POST['level']);
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    61
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    62
  }
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    63
  // Don't allow going from guest straight to elevated
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    64
  // FIXME do we want to allow this with a CSRF check?
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    65
  if ( $level > USER_LEVEL_MEMBER && !$session->user_logged_in )
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    66
  {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    67
    $level = USER_LEVEL_MEMBER;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    68
  }
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    69
  
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    70
  // If we're already at or above this level, redirect to the target page or, if no target
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    71
  // specified, back to the main page.
93
95c4d91bd954 Redirections to the main page use the redirect() function now
Dan
parents: 85
diff changeset
    72
  if ( $level <= USER_LEVEL_MEMBER && $session->user_logged_in )
1117
4d8ffe107a0d Login: if return-to specified and already logged in, jump to return-to instead of main page.
Dan
parents: 1109
diff changeset
    73
  {
4d8ffe107a0d Login: if return-to specified and already logged in, jump to return-to instead of main page.
Dan
parents: 1109
diff changeset
    74
    if ( $target = $paths->getAllParams() )
4d8ffe107a0d Login: if return-to specified and already logged in, jump to return-to instead of main page.
Dan
parents: 1109
diff changeset
    75
    {
4d8ffe107a0d Login: if return-to specified and already logged in, jump to return-to instead of main page.
Dan
parents: 1109
diff changeset
    76
      redirect(makeUrl($target), '', '', 0);
4d8ffe107a0d Login: if return-to specified and already logged in, jump to return-to instead of main page.
Dan
parents: 1109
diff changeset
    77
    }
93
95c4d91bd954 Redirections to the main page use the redirect() function now
Dan
parents: 85
diff changeset
    78
    $paths->main_page();
1117
4d8ffe107a0d Login: if return-to specified and already logged in, jump to return-to instead of main page.
Dan
parents: 1109
diff changeset
    79
  }
4d8ffe107a0d Login: if return-to specified and already logged in, jump to return-to instead of main page.
Dan
parents: 1109
diff changeset
    80
  
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    81
  // Lockout aliasing
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    82
  $lockout =& $login_result['lockout'];
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    83
  
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    84
  $output->header();
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    85
  echo '<form action="' . makeUrl($paths->nslist['Special'].'Login') . '" method="post" name="loginform" onsubmit="try { return runEncryption(); } catch(e) { console.error(e); };">';
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    86
  
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    87
  if ( $p = $paths->getAllParams() )
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    88
  {
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    89
    echo '<input type="hidden" name="return_to" value="' . htmlspecialchars($p) . '" />';
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    90
  }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    91
  else if ( isset($_POST['login']) && isset($_POST['return_to']) )
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    92
  {
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    93
    echo '<input type="hidden" name="return_to" value="' . htmlspecialchars($_POST['return_to']) . '" />';
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    94
  }
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    95
  
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    96
  // determine what the "remember me" checkbox should say
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    97
  $session_time = intval(getConfig('session_remember_time', '30'));
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    98
  if ( $session_time === 0 )
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
    99
  {
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   100
    // sessions are infinite
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   101
    $text_remember = $lang->get('user_login_check_remember_infinite');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   102
  }
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   103
  else
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   104
  {
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   105
    // is the number of days evenly divisible by 7? if so, use weeks
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   106
    if ( $session_time % 7 == 0 )
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   107
    {
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   108
      $session_time = $session_time / 7;
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   109
      $unit = 'week';
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   110
    }
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   111
    else
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   112
    {
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   113
      $unit = 'day';
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   114
    }
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   115
    // if it's not equal to 1, pluralize it
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   116
    if ( $session_time != 1 )
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   117
    {
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   118
      $unit .= $lang->get('meta_plural');
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   119
    }
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   120
    $text_remember = $lang->get('user_login_check_remember', array(
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   121
        'session_length' => $session_time,
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   122
        'length_units' => $lang->get("etc_unit_$unit")
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   123
      ));
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   124
  }
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   125
  
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   126
  if ( $error_text = login_get_error($login_result) )
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   127
  {
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   128
    echo '<div class="error-box-mini">' . htmlspecialchars($error_text) . '</div>';
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   129
  }
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   130
  
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   131
  //
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   132
  // START FORM
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   133
  //
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   134
  ?>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   135
    <div class="tblholder">
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   136
      <table border="0" style="width: 100%;" cellspacing="1" cellpadding="4">
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   137
        <tr>
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   138
          <th colspan="3">
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   139
            <!-- Table header: "Please enter..." -->
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   140
            <?php echo ( $level > USER_LEVEL_MEMBER ) ? $lang->get('user_login_message_short_elev') : $lang->get('user_login_message_short'); ?>
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   141
          </th>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   142
        </tr>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   143
        <tr>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   144
          <td colspan="3" class="row1">
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   145
            <!-- Introduction text -->
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   146
            <?php
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   147
            if ( $level <= USER_LEVEL_MEMBER )
209
8a00247d1dee Login page mostly localized
Dan
parents: 193
diff changeset
   148
              echo '<p>' . $lang->get('user_login_body', array('reg_link' => makeUrlNS('Special', 'Register'))) . '</p>';
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   149
            else
209
8a00247d1dee Login page mostly localized
Dan
parents: 193
diff changeset
   150
              echo '<p>' . $lang->get('user_login_body_elev') . '</p>';
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   151
            ?>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   152
          </td>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   153
        </tr>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   154
        <tr>
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   155
          <!-- Username field -->
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   156
          <td class="row2">
209
8a00247d1dee Login page mostly localized
Dan
parents: 193
diff changeset
   157
            <?php echo $lang->get('user_login_field_username'); ?>:
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   158
          </td>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   159
          <td class="row1">
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   160
            <input name="username" size="25" type="text" value="<?php echo $session->user_logged_in ? htmlspecialchars($session->username) : ''; ?>" />
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   161
          </td>
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   162
          <?php if ( $level <= USER_LEVEL_MEMBER ): ?>
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   163
          <!-- Forgot password / create account links -->
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   164
          <td rowspan="<?php echo ( ( $lockout['active'] && $lockout['policy'] == 'captcha' ) ) ? '4' : '2'; ?>" class="row3">
209
8a00247d1dee Login page mostly localized
Dan
parents: 193
diff changeset
   165
            <small><?php echo $lang->get('user_login_forgotpass_blurb', array('forgotpass_link' => makeUrlNS('Special', 'PasswordReset'))); ?><br />
8a00247d1dee Login page mostly localized
Dan
parents: 193
diff changeset
   166
            <?php echo $lang->get('user_login_createaccount_blurb', array('reg_link' => makeUrlNS('Special', 'Register'))); ?></small>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   167
          </td>
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   168
          <?php endif; ?>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   169
        </tr>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   170
        <tr>
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   171
          <!-- Password field -->
209
8a00247d1dee Login page mostly localized
Dan
parents: 193
diff changeset
   172
          <td class="row2">
8a00247d1dee Login page mostly localized
Dan
parents: 193
diff changeset
   173
            <?php echo $lang->get('user_login_field_password'); ?>:
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   174
          </td><td class="row1"><input name="password" size="25" type="password" /></td>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   175
         </tr>
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   176
         
179
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   177
         <?php
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   178
         // CAPTCHA?
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   179
         if ( $lockout['active'] && $lockout['policy'] == 'captcha' )
179
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   180
         {
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   181
           ?>
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   182
           <!-- CAPTCHA -->
179
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   183
           <tr>
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   184
             <td class="row2" rowspan="2">
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   185
               <?php echo $lang->get('user_login_field_captcha'); ?>:
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   186
               <br />
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   187
             </td>
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   188
             <td class="row1">
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   189
               <input type="hidden" name="captcha_hash" value="<?php echo $lockout['captcha']; ?>" />
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   190
               <input name="captcha_code" size="25" type="text" tabindex="<?php echo ( $level <= USER_LEVEL_MEMBER ) ? '3' : '4'; ?>" />
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   191
             </td>
179
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   192
           </tr>
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   193
           <tr>
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   194
             <td class="row3">
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   195
               <img src="<?php echo makeUrlNS('Special', 'Captcha/' . $lockout['captcha']) ?>" onclick="this.src=this.src+'/a';" style="cursor: pointer;" />
179
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   196
             </td>
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   197
           </tr>
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   198
           <?php
36b287f1d85c [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Dan
parents: 133
diff changeset
   199
         }
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   200
         
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   201
         // Run hooks
843
4415e50e4e84 Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
parents: 832
diff changeset
   202
         $code = $plugins->setHook('login_form_html');
4415e50e4e84 Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
parents: 832
diff changeset
   203
         foreach ( $code as $cmd )
4415e50e4e84 Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
parents: 832
diff changeset
   204
         {
4415e50e4e84 Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
parents: 832
diff changeset
   205
           eval($cmd);
4415e50e4e84 Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
parents: 832
diff changeset
   206
         }
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   207
         
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   208
         // level-2 only: "Remember me" switch
688
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 685
diff changeset
   209
         if ( $level <= USER_LEVEL_MEMBER )
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 685
diff changeset
   210
         {
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 685
diff changeset
   211
           ?>
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 685
diff changeset
   212
           <tr>
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 685
diff changeset
   213
             <td class="row2">
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 685
diff changeset
   214
               <?php echo $lang->get('user_login_field_remember'); ?>
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 685
diff changeset
   215
             </td>
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 685
diff changeset
   216
             <td class="row1" colspan="2">
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 685
diff changeset
   217
               <label>
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 685
diff changeset
   218
                 <input type="checkbox" name="remember" tabindex="3" />
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 685
diff changeset
   219
                 <?php echo $text_remember; ?>
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 685
diff changeset
   220
               </label>
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 685
diff changeset
   221
             </td>
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 685
diff changeset
   222
           </tr>
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   223
           
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   224
         <!-- Crypto notice -->
688
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 685
diff changeset
   225
           <?php
f2a824ce5f18 Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
Dan
parents: 685
diff changeset
   226
         }
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   227
         
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   228
         // lol DeMorgan'd
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   229
         $crypto_disable = ( isset($_GET['use_crypt']) && $_GET['use_crypt'] == '0' );
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   230
         
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   231
         // Crypto disable: crypto on, normal login
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   232
         if ( $level <= USER_LEVEL_MEMBER && !$crypto_disable )
507
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   233
         {
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   234
           echo '<tr>
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   235
             <td class="row3" colspan="3">';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   236
             
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   237
           $returnpage_link = ( $return = $paths->getAllParams() ) ? '/' . $return : '';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   238
           $nocrypt_link = makeUrlNS('Special', "Login$returnpage_link", "level=$level&use_crypt=0", true);
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   239
           echo '<p><b>' . $lang->get('user_login_nocrypt_title') . '</b> ' . $lang->get('user_login_nocrypt_body', array('nocrypt_link' => $nocrypt_link)) . '</p>';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   240
           echo '<p>' . $lang->get('user_login_nocrypt_countrylist') . '</p>';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   241
           
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   242
           echo '  </td>
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   243
           </tr>';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   244
         }
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   245
         // Crypto disable: crypto OFF, normal login
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   246
         else if ( $level <= USER_LEVEL_MEMBER && $crypto_disable )
507
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   247
         {
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   248
           echo '<tr>
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   249
             <td class="row3" colspan="3">';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   250
             
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   251
           $returnpage_link = ( $return = $paths->getAllParams() ) ? '/' . $return : '';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   252
           $usecrypt_link = makeUrlNS('Special', "Login$returnpage_link", "level=$level&use_crypt=1", true);
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   253
           echo '<p><b>' . $lang->get('user_login_usecrypt_title') . '</b> ' . $lang->get('user_login_usecrypt_body', array('usecrypt_link' => $usecrypt_link)) . '</p>';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   254
           echo '<p>' . $lang->get('user_login_usecrypt_countrylist') . '</p>';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   255
           
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   256
           echo '  </td>
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   257
           </tr>';
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   258
         }
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   259
         // Crypto disable: crypto on, ELEV login
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   260
         else if ( $level > USER_LEVEL_MEMBER && $GLOBALS['dh_supported'] )
684
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   261
         {
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   262
           echo '<tr>';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   263
           echo '<td class="row3" colspan="3">';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   264
           echo '<p>' . $lang->get('user_login_dh_notice') . '</p>';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   265
           echo '</td>';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   266
           echo '</tr>';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   267
         }
507
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   268
         ?>
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   269
         
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   270
         <!-- Submit button -->
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   271
         <tr>
1119
2e045975fc65 HTML login: fixed bad submit under IE
Dan
parents: 1117
diff changeset
   272
           <th colspan="3" style="text-align: center" class="subhead">
2e045975fc65 HTML login: fixed bad submit under IE
Dan
parents: 1117
diff changeset
   273
             <input type="hidden" name="login" value="true" />
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   274
             <input type="submit" value="<?php echo $lang->get('user_login_btn_log_in'); ?>" />
1119
2e045975fc65 HTML login: fixed bad submit under IE
Dan
parents: 1117
diff changeset
   275
           </th>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   276
         </tr>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   277
      </table>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   278
    </div>
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   279
    
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   280
      <input type="hidden" name="level" value="<?php echo (string)$level; ?>" />
32
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 30
diff changeset
   281
      <?php if ( $level <= USER_LEVEL_MEMBER ): ?>
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 30
diff changeset
   282
      <script type="text/javascript">
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 30
diff changeset
   283
        document.forms.loginform.username.focus();
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 30
diff changeset
   284
      </script>
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 30
diff changeset
   285
      <?php else: ?>
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 30
diff changeset
   286
      <script type="text/javascript">
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 30
diff changeset
   287
        document.forms.loginform.pass.focus();
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 30
diff changeset
   288
      </script>
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 30
diff changeset
   289
      <?php endif; ?>
507
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   290
      <?php
801
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
   291
      echo $session->generate_aes_form();
907
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   292
      
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   293
      // Any additional parameters that need to be passed back?
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   294
      if ( $p = $paths->getAllParams() )
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   295
      {
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   296
        // ... only if we have a return_to destination.
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   297
        $get_fwd = $_GET;
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   298
        unset($get_fwd['do']);
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   299
        if ( isset($get_fwd['target_do']) )
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   300
        {
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   301
          $get_fwd['do'] = $get_fwd['target_do'];
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   302
          unset($get_fwd['target_do']);
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   303
        }
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   304
        if ( isset($get_fwd['level']) )
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   305
          unset($get_fwd['level']);
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   306
        if ( isset($get_fwd['title']) )
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   307
          unset($get_fwd['title']);
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   308
        
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   309
        if ( !empty($get_fwd) )
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   310
        {
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   311
          $get_string = htmlspecialchars(enano_json_encode($get_fwd));
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   312
          echo '<input type="hidden" name="get_fwd" value="' . $get_string . '" />';
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   313
        }
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   314
      }
1101
30d8bb88572d Sessions: Improved inactive account UX; shuffled around a bit of code so that whitelist checks are shared; fixed a bunch of bugs related to ban code and IPv6 addresses
Dan
parents: 1081
diff changeset
   315
      else if ( isset($_POST['get_fwd']) )
30d8bb88572d Sessions: Improved inactive account UX; shuffled around a bit of code so that whitelist checks are shared; fixed a bunch of bugs related to ban code and IPv6 addresses
Dan
parents: 1081
diff changeset
   316
      {
30d8bb88572d Sessions: Improved inactive account UX; shuffled around a bit of code so that whitelist checks are shared; fixed a bunch of bugs related to ban code and IPv6 addresses
Dan
parents: 1081
diff changeset
   317
        echo '<input type="hidden" name="get_fwd" value="' . htmlspecialchars($_POST['get_fwd']) . '" />';
30d8bb88572d Sessions: Improved inactive account UX; shuffled around a bit of code so that whitelist checks are shared; fixed a bunch of bugs related to ban code and IPv6 addresses
Dan
parents: 1081
diff changeset
   318
      }
507
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   319
      ?>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   320
    </form>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   321
    <?php
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   322
      if ( !$crypto_disable )
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   323
        echo $session->aes_javascript('loginform', 'password');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   324
    ?>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   325
  <?php
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   326
  $output->footer();
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   327
}
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   328
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   329
function page_Special_Login_preloader() // adding _preloader to the end of the function name calls the function before $session and $paths setup routines are called
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   330
{
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   331
  global $db, $session, $paths, $template, $plugins; // Common objects
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   332
  global $login_result;
210
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
   333
  global $lang;
604
6a90893622f0 Fixed missing require() on math.php in SpecialUserFuncs
Dan
parents: 593
diff changeset
   334
  
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   335
  // Are we calling the JSON interface?
1109
c424a15a1656 Common: renamed global $title to $urlname (it broke the API from non-plugin Enano scripts)
Dan
parents: 1101
diff changeset
   336
  $paths->fullpage = $GLOBALS['urlname'];
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   337
  if ( $paths->getParam(0) === 'action.json' )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   338
  {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   339
    if ( !isset($_POST['r']) )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   340
      die('No request.');
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   341
    
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   342
    $request = $_POST['r'];
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   343
    try
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   344
    {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   345
      $request = enano_json_decode($request);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   346
    }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   347
    catch ( Exception $e )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   348
    {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   349
      die(enano_json_encode(array(
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   350
          'mode' => 'error',
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   351
          'error' => 'ERR_JSON_PARSE_FAILED'
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   352
        )));
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   353
    }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   354
    
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   355
    echo enano_json_encode($session->process_login_request($request));
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   356
    
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   357
    $db->close();
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   358
    exit;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   359
  }
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   360
  
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   361
  // No. Process incoming results from the HTML version.
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   362
  if ( isset($_POST['login']) )
507
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 504
diff changeset
   363
  {
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   364
    $_POST['password'] = $session->get_aes_post();
843
4415e50e4e84 Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
parents: 832
diff changeset
   365
    
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   366
    $result = $session->process_login_request(array(
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   367
        'mode' => 'login_pt',
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   368
        'userinfo' => $_POST,
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   369
        'level' => $_POST['level'],
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   370
        'captcha_hash' => isset($_POST['captcha_hash']) ? $_POST['captcha_hash'] : false,
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   371
        'captcha_code' => isset($_POST['captcha_code']) ? $_POST['captcha_code'] : false
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   372
      ));
843
4415e50e4e84 Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
parents: 832
diff changeset
   373
    
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   374
    if ( $result['mode'] === 'login_success' )
843
4415e50e4e84 Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan
parents: 832
diff changeset
   375
    {
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   376
      //
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   377
      // LOGIN SUCCESS.
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   378
      // Redirect as necessary.
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   379
      //
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   380
      
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   381
      // Load our preferences
372
5bd429428101 A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager
Dan
parents: 371
diff changeset
   382
      $session->start();
5bd429428101 A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager
Dan
parents: 371
diff changeset
   383
      
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   384
      // Decode get_add
907
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   385
      $get_add = false;
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   386
      if ( isset($_POST['get_fwd']) )
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   387
      {
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   388
        try
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   389
        {
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   390
          $get_fwd = enano_json_decode($_POST['get_fwd']);
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   391
          $get_add = '';
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   392
          foreach ( $get_fwd as $key => $value )
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   393
          {
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   394
            $get_add .= "&{$key}=" . urlencode($value);
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   395
          }
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   396
          $get_add = ltrim($get_add, '&');
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   397
        }
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   398
        catch ( Exception $e )
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   399
        {
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   400
        }
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   401
      }
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   402
      
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   403
      // Going to a user-specified page?
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   404
      if ( isset($_POST['return_to']) )
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   405
      {
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   406
        // yea
953
323c4cd1aa37 Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
parents: 912
diff changeset
   407
        $name = get_page_title($_POST['return_to']);
210
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
   408
        $subst = array(
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
   409
            'username' => $session->username,
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
   410
            'redir_target' => $name
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
   411
          );
907
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   412
        redirect( makeUrl($_POST['return_to'], $get_add), $lang->get('user_login_success_title'), $lang->get('user_login_success_body', $subst) );
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   413
      }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   414
      else
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   415
      {
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   416
        // No, redirect them to the main page
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   417
        $subst = array(
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   418
            'username' => $session->username,
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   419
            'redir_target' => $lang->get('user_login_success_body_mainpage')
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   420
          );
907
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 845
diff changeset
   421
        redirect( makeUrl(get_main_page(), $get_add), $lang->get('user_login_success_title'), $lang->get('user_login_success_body', $subst) );
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   422
      }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   423
    }
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   424
    else if ( $result['mode'] === 'login_success_reset' )
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   425
    {
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   426
      // They logged in with a temporary password; send them to the reset form
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   427
      redirect($result['redirect_url'], '', '', 0);
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   428
    }
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   429
    // Otherwise, the result is likely an error.
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   430
    $login_result = $result;
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   431
  }
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   432
  else
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   433
  {
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   434
    $login_result = $session->process_login_request(array(
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   435
        'mode' => 'getkey'
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   436
      ));
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   437
  }
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   438
  
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   439
  // This is a bit of a hack. The login form generates AES and DiffieHellman keys on its
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   440
  // own, so we need to clean up the ones from the login request API.
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   441
  if ( !empty($login_result['crypto']) )
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   442
  {
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   443
    $session->process_login_request(array(
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   444
        'mode' => 'clean_key',
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   445
        'key_aes' => $login_result['crypto']['aes_key'],
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   446
        'key_dh' => $login_result['crypto']['dh_public_key'],
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   447
      ));
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   448
  }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   449
}
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   450
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   451
/**
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   452
 * Given a Login API response, find the appropriate error text, if any.
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   453
 * @param array LoginAPI response
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   454
 * @return mixed Error string, or bool(false) if no error.
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   455
 */
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   456
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   457
function login_get_error($response)
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   458
{
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   459
  global $lang;
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   460
  
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   461
  if ( !empty($response['lockout']) )
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   462
  {
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   463
    // set this pluralality thing
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   464
    $response['lockout']['plural'] = $response['lockout']['time_rem'] == 1 ? '' : $lang->get('meta_plural');
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   465
  }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   466
  
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   467
  if ( $response['mode'] == 'initial' )
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   468
  {
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   469
    // Just showing the box for the first time. If there's an error now, it's based on a preexisting lockout.
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   470
    if ( $response['lockout']['active'] )
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   471
    {
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   472
      return $lang->get('user_err_locked_out_initial_' . $response['lockout']['policy'], $response['lockout']);
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   473
    }
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   474
    return false;
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   475
  }
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   476
  else
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   477
  {
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   478
    // An attempt was made.
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   479
    switch($response['mode'])
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   480
    {
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   481
      case 'login_failure':
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   482
        // Generic login user error.
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   483
        $error = '';
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   484
        if ( ($x = $lang->get($response['error'])) != $response['error'] )
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   485
          $error = $x;
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   486
        else
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   487
          $error = $lang->get('user_err_' . $response['error']);
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   488
        if ( $response['lockout']['active'] && $response['lockout']['policy'] == 'lockout' )
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   489
        {
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   490
          // Lockout enforcement was just activated.
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   491
          return $lang->get('user_err_locked_out_initial_' . $response['lockout']['policy'], $response['lockout']);
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   492
        }
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   493
        else if ( $response['lockout']['policy'] != 'disable' && !$response['lockout']['active'] && $response['lockout']['fails'] > 0 )
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   494
        {
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   495
          // Lockout is in a warning state.
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   496
          $error .= ' ' . $lang->get('user_err_invalid_credentials_' . $response['lockout']['policy'], $response['lockout']);
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   497
        }
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   498
        return $error;
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   499
        break;
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   500
      case 'api_error':
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   501
        // Error in the API.
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   502
        return $lang->get('user_err_login_generic_title') + ': ' + $lang->get('user_' . strtolower($response['error']));
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   503
        break;
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   504
    }
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   505
  }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   506
  
1132
05fe0039d952 Logins: reorganized data structures a bit. WiP - needs test routine done.
Dan
parents: 1119
diff changeset
   507
  return is_string($response['error']) ? $response['error'] : false;
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   508
}
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   509
562
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php
Dan
parents: 555
diff changeset
   510
function page_Special_Logout()
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php
Dan
parents: 555
diff changeset
   511
{
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   512
  global $db, $session, $paths, $template, $plugins; // Common objects
210
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
   513
  global $lang;
562
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php
Dan
parents: 555
diff changeset
   514
  
93
95c4d91bd954 Redirections to the main page use the redirect() function now
Dan
parents: 85
diff changeset
   515
  if ( !$session->user_logged_in )
95c4d91bd954 Redirections to the main page use the redirect() function now
Dan
parents: 85
diff changeset
   516
    $paths->main_page();
95c4d91bd954 Redirections to the main page use the redirect() function now
Dan
parents: 85
diff changeset
   517
  
562
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php
Dan
parents: 555
diff changeset
   518
  $token = $paths->getParam(0);
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php
Dan
parents: 555
diff changeset
   519
  if ( $token !== $session->csrf_token )
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php
Dan
parents: 555
diff changeset
   520
  {
573
43e7254afdb4 Renamed some functions (that were new in this release anyway) due to compatibility broken with PunBB bridge
Dan
parents: 562
diff changeset
   521
    csrf_request_confirm();
562
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php
Dan
parents: 555
diff changeset
   522
  }
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php
Dan
parents: 555
diff changeset
   523
  
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   524
  $l = $session->logout();
93
95c4d91bd954 Redirections to the main page use the redirect() function now
Dan
parents: 85
diff changeset
   525
  if ( $l == 'success' )
95c4d91bd954 Redirections to the main page use the redirect() function now
Dan
parents: 85
diff changeset
   526
  {
741
a216e412c439 Added ability to have alternate main page for members
Dan
parents: 701
diff changeset
   527
    $url = makeUrl(get_main_page(), false, true);
562
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php
Dan
parents: 555
diff changeset
   528
    if ( $paths->getParam(1) )
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   529
    {
562
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php
Dan
parents: 555
diff changeset
   530
      $pi = explode('/', $paths->getAllParams());
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php
Dan
parents: 555
diff changeset
   531
      $pi = implode('/', array_values(array_slice($pi, 1)));
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   532
      list($pid, $ns) = RenderMan::strToPageID($pi);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   533
      $perms = $session->fetch_page_acl($pid, $ns);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   534
      if ( $perms->get_permissions('read') )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   535
      {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   536
        $url = makeUrl($pi, false, true);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   537
      }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents: 430
diff changeset
   538
    }
562
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php
Dan
parents: 555
diff changeset
   539
    redirect($url, $lang->get('user_logout_success_title'), $lang->get('user_logout_success_body'), 3);
93
95c4d91bd954 Redirections to the main page use the redirect() function now
Dan
parents: 85
diff changeset
   540
  }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   541
  $template->header();
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   542
  echo '<h3>' . $lang->get('user_logout_err_title') . '</h3>';
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   543
  echo '<p>' . $l . '</p>';
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   544
  $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   545
}
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   546
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   547
function page_Special_Register()
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   548
{
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   549
  global $db, $session, $paths, $template, $plugins; // Common objects
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   550
  global $lang;
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   551
  
832
7152ca0a0ce9 Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
parents: 801
diff changeset
   552
  if ( $session->user_level < USER_LEVEL_ADMIN && $session->user_logged_in )
701
dd80cde96a6c Autocomplete further stabilized. Made Special:PasswordReset and Special:Register prevent use if logged in.
Dan
parents: 688
diff changeset
   553
  {
dd80cde96a6c Autocomplete further stabilized. Made Special:PasswordReset and Special:Register prevent use if logged in.
Dan
parents: 688
diff changeset
   554
    $paths->main_page();
dd80cde96a6c Autocomplete further stabilized. Made Special:PasswordReset and Special:Register prevent use if logged in.
Dan
parents: 688
diff changeset
   555
  }
dd80cde96a6c Autocomplete further stabilized. Made Special:PasswordReset and Special:Register prevent use if logged in.
Dan
parents: 688
diff changeset
   556
  
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   557
  // form field trackers
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   558
  $username = '';
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   559
  $email = '';
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   560
  $realname = '';
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   561
  
348
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   562
  $terms = getConfig('register_tou');
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   563
  
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   564
  if(getConfig('account_activation') == 'disable' && ( ( $session->user_level >= USER_LEVEL_ADMIN && !isset($_GET['IWannaPlayToo']) ) || $session->user_level < USER_LEVEL_ADMIN || !$session->user_logged_in ))
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   565
  {
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   566
    $s = ($session->user_level >= USER_LEVEL_ADMIN) ? '<p>' . $lang->get('user_reg_err_disabled_body_adminblurb', array( 'reg_link' => makeUrl($paths->page, 'IWannaPlayToo&coppa=no', true) )) . '</p>' : '';
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   567
    die_friendly($lang->get('user_reg_err_disabled_title'), '<p>' . $lang->get('user_reg_err_disabled_body') . '</p>' . $s);
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   568
  }
684
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   569
  // are we locked out from logging in? if so, also lock out registration
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   570
  if ( getConfig('lockout_policy') === 'lockout' )
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   571
  {
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   572
    $ip = $db->escape($_SERVER['REMOTE_ADDR']);
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   573
    $threshold = time() - ( 60 * intval(getConfig('lockout_duration')) );
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   574
    $limit = intval(getConfig('lockout_threshold'));
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   575
    $q = $db->sql_query('SELECT * FROM ' . table_prefix . "lockout WHERE timestamp >= $threshold ORDER BY timestamp DESC;");
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   576
    if ( !$q )
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   577
      $db->_die();
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   578
    if ( $db->numrows() >= $limit )
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   579
    {
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   580
      $row = $db->fetchrow();
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   581
      $db->free_result();
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   582
      $time_rem = intval(getConfig('lockout_duration')) - round((time() - $row['timestamp']) / 60);
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   583
      die_friendly($lang->get('user_reg_err_disabled_title'), '<p>' . $lang->get('user_reg_err_locked_out', array('time' => $time_rem)) . '</p>');
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   584
    }
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   585
    $db->free_result();
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
   586
  }
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   587
  if(isset($_POST['submit'])) 
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   588
  {
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   589
    $_GET['coppa'] = ( isset($_POST['coppa']) ) ? $_POST['coppa'] : 'x';
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   590
    
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   591
    $captcharesult = $session->get_captcha($_POST['captchahash']);
263
d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
Dan
parents: 192
diff changeset
   592
    $session->kill_captcha();
832
7152ca0a0ce9 Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
parents: 801
diff changeset
   593
    // bypass captcha if logged in (at this point, if logged in, we're admin)
7152ca0a0ce9 Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
parents: 801
diff changeset
   594
    if ( !$session->user_logged_in && strtolower($captcharesult) != strtolower($_POST['captchacode']) )
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   595
    {
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   596
      $s = $lang->get('user_reg_err_captcha');
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   597
    }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   598
    else
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   599
    {
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   600
      if ( getConfig('enable_coppa') == '1' && ( !isset($_POST['coppa']) || ( isset($_POST['coppa']) && !in_array($_POST['coppa'], array('yes', 'no')) ) ) )
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   601
      {
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   602
        $s = 'Invalid COPPA input';
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   603
      }
832
7152ca0a0ce9 Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
parents: 801
diff changeset
   604
      else if ( !$session->user_logged_in && !empty($terms) && !isset($_POST['tou_agreed']) )
348
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   605
      {
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   606
        $s = $lang->get('user_reg_err_accept_tou');
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   607
      }
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   608
      else
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   609
      {
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   610
        $coppa = ( isset($_POST['coppa']) && $_POST['coppa'] == 'yes' );
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   611
        $s = false;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   612
        
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   613
        // decrypt password
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   614
        // as with the change pass form, we aren't going to bother checking the confirmation code because if the passwords didn't match
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   615
        // and yet the password got encrypted, that means the user screwed with the code, and if the user screwed with the code and thus
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   616
        // forgot his password, that's his problem.
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   617
        
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   618
        if ( $_POST['use_crypt'] == 'yes' )
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   619
        {
286
b2f985e4cef3 Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents: 270
diff changeset
   620
          $aes = AESCrypt::singleton(AES_BITS, AES_BLOCKSIZE);
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   621
          $crypt_key = $session->fetch_public_key($_POST['crypt_key']);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   622
          if ( !$crypt_key )
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   623
          {
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   624
            $s = $lang->get('user_reg_err_missing_key');
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   625
          }
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   626
          else
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   627
          {
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   628
            $data = $_POST['crypt_data'];
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   629
            $bin_key = hexdecode($crypt_key);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   630
            //die("Decrypting with params: key $crypt_key, data $data");
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   631
            $password = $aes->decrypt($data, $bin_key, ENC_HEX);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   632
          }
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   633
        }
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   634
        else
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   635
        {
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   636
          $password = $_POST['password'];
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   637
        }
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   638
        
799
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   639
        $error =& $s;
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   640
        
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   641
        /**
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   642
         * Validation of POST data coming from registration. Put an error message in the variable $error to stop registration.
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   643
         * @hook ucp_register_validate
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   644
         */
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   645
        
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   646
        $code = $plugins->setHook('ucp_register_validate');
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   647
        foreach ( $code as $cmd )
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   648
        {
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   649
          eval($cmd);
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   650
        }
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   651
        
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   652
        // All things verified, create account
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   653
        if ( !$s )
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   654
          $s = $session->create_user($_POST['username'], $password, $_POST['email'], $_POST['real_name'], $coppa);
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   655
      }
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   656
    }
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   657
    if($s == 'success' && !$coppa)
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   658
    {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   659
      switch(getConfig('account_activation'))
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   660
      {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   661
        case "none":
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   662
        default:
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   663
          $str = $lang->get('user_reg_msg_success_activ_none', array('login_link' => makeUrlNS('Special', 'Login', false, true)));
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   664
          break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   665
        case "user":
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   666
          $str = $lang->get('user_reg_msg_success_activ_user');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   667
          break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   668
        case "admin":
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   669
          $str = $lang->get('user_reg_msg_success_activ_admin');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   670
          break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   671
      }
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   672
      die_friendly($lang->get('user_reg_msg_success_title'), '<p>' . $lang->get('user_reg_msg_success_body') . ' ' . $str . '</p>');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   673
    }
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   674
    else if ( $s == 'success' && $coppa )
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   675
    {
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   676
      $str = $lang->get('user_reg_msg_success_activ_coppa');
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   677
      die_friendly($lang->get('user_reg_msg_success_title'), '<p>' . $lang->get('user_reg_msg_success_body') . ' ' . $str . '</p>');
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   678
    }
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   679
    $username = htmlspecialchars($_POST['username']);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   680
    $email    = htmlspecialchars($_POST['email']);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   681
    $realname = htmlspecialchars($_POST['real_name']);
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   682
  }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   683
  $template->header();
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   684
  echo $lang->get('user_reg_msg_greatercontrol');
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   685
  
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   686
  if ( getConfig('enable_coppa') != '1' || ( isset($_GET['coppa']) && in_array($_GET['coppa'], array('yes', 'no')) ) )
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   687
  {
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   688
    $coppa = ( isset($_GET['coppa']) && $_GET['coppa'] == 'yes' );
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   689
    $session->kill_captcha();
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   690
    $captchacode = $session->make_captcha();
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   691
    
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   692
    $pubkey = $session->rijndael_genkey();
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   693
    $challenge = $session->dss_rand();
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   694
    
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   695
    ?>
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   696
      <h3><?php echo $lang->get('user_reg_msg_table_title'); ?></h3>
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   697
      <form name="regform" action="<?php echo makeUrl($paths->page); ?>" method="post" onsubmit="return runEncryption();">
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   698
        <div class="tblholder">
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   699
          <table border="0" width="100%" cellspacing="1" cellpadding="4">
832
7152ca0a0ce9 Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
parents: 801
diff changeset
   700
            <tr><th colspan="3"><?php echo $lang->get('user_reg_msg_table_subtitle'); ?></th></tr>
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   701
            
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   702
            <?php if(isset($_POST['submit'])) echo '<tr><td colspan="3" class="row2" style="color: red;">'.$s.'</td></tr>'; ?>
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   703
            
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   704
            <!-- FIELD: Username -->
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   705
            <tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   706
              <td class="row1" style="width: 50%;">
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   707
                <?php echo $lang->get('user_reg_lbl_field_username'); ?>
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   708
                <span id="e_username"></span>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   709
              </td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   710
              <td class="row1" style="width: 50%;">
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   711
                <input tabindex="1" type="text" name="username" size="30" value="<?php echo $username; ?>" onkeyup="namegood = false; validateForm(this);" onblur="checkUsername();" />
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   712
              </td>
404
fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents: 402
diff changeset
   713
              <td class="row1" style="width: 1px;">
fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents: 402
diff changeset
   714
                <img alt="Good/bad icon" src="<?php echo scriptPath; ?>/images/checkbad.png" id="s_username" />
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   715
              </td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   716
            </tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   717
            
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   718
            <!-- FIELD: Password -->
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   719
            <tr>
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   720
              <td class="row3" style="width: 50%;" rowspan="<?php echo ( getConfig('pw_strength_enable') == '1' ) ? '3' : '2'; ?>">
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   721
                <?php echo $lang->get('user_reg_lbl_field_password'); ?>
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   722
                <span id="e_password"></span>
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   723
                <?php if ( getConfig('pw_strength_enable') == '1' && getConfig('pw_strength_minimum') > -10 ): ?>
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   724
                <small><?php echo $lang->get('user_reg_msg_password_score'); ?></small>
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   725
                <?php endif; ?>
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   726
              </td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   727
              <td class="row3" style="width: 50%;">
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   728
                <input tabindex="2" type="password" name="password" size="15" onkeyup="<?php if ( getConfig('pw_strength_enable') == '1' ): ?>password_score_field(this); <?php endif; ?>validateForm(this);" /><?php if ( getConfig('pw_strength_enable') == '1' ): ?><span class="password-checker" style="font-weight: bold; color: #aaaaaa;"> Loading...</span><?php endif; ?>
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   729
              </td>
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   730
              <td rowspan="<?php echo ( getConfig('pw_strength_enable') == '1' ) ? '3' : '2'; ?>" class="row3" style="max-width: 24px;">
404
fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents: 402
diff changeset
   731
                <img alt="Good/bad icon" src="<?php echo scriptPath; ?>/images/checkbad.png" id="s_password" />
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   732
              </td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   733
            </tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   734
            
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   735
            <!-- FIELD: Password confirmation -->
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   736
            <tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   737
              <td class="row3" style="width: 50%;">
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   738
                <input tabindex="3" type="password" name="password_confirm" size="15" onkeyup="validateForm(this);" /> <small><?php echo $lang->get('user_reg_lbl_field_password_confirm'); ?></small>
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   739
              </td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   740
            </tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   741
            
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   742
            <!-- FIELD: Password strength meter -->
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   743
            
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   744
            <?php if ( getConfig('pw_strength_enable') == '1' ): ?>
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   745
            <tr>
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   746
              <td class="row3" style="width: 50%;">
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   747
                <div id="pwmeter"></div>
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   748
              </td>
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   749
            </tr>
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   750
            <?php endif; ?>
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   751
            
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   752
            <!-- FIELD: E-mail address -->
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   753
            <tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   754
              <td class="row1" style="width: 50%;">
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   755
                <?php
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   756
                  if ( $coppa )
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   757
                  {
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   758
                    echo $lang->get('user_reg_lbl_field_email_coppa');
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   759
                  }
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   760
                  else
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   761
                  {
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   762
                    echo $lang->get('user_reg_lbl_field_email');
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   763
                  }
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   764
                ?>
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   765
                <?php
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   766
                  if ( ( $x = getConfig('account_activation') ) == 'user' )
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   767
                  {
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   768
                    echo '<br /><small>' . $lang->get('user_reg_msg_email_activuser') . '</small>';
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   769
                  }
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   770
                ?>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   771
              </td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   772
              <td class="row1" style="width: 50%;">
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   773
                <input tabindex="4" type="text" name="email" size="30" value="<?php echo $email; ?>" onkeyup="validateForm(this);" />
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   774
              </td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   775
              <td class="row1" style="max-width: 24px;">
404
fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents: 402
diff changeset
   776
                <img alt="Good/bad icon" src="<?php echo scriptPath; ?>/images/checkbad.png" id="s_email" />
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   777
              </td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   778
            </tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   779
            
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   780
            <!-- FIELD: Real name -->
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   781
            <tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   782
              <td class="row3" style="width: 50%;">
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   783
                <?php echo $lang->get('user_reg_lbl_field_realname'); ?><br />
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   784
                <small><?php echo $lang->get('user_reg_msg_realname_optional'); ?></small>
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   785
              </td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   786
              <td class="row3" style="width: 50%;">
799
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   787
                <input tabindex="5" type="text" name="real_name" size="30" value="<?php echo $realname; ?>" />
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   788
              </td>
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   789
              <td class="row3" style="max-width: 24px;">
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   790
              </td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   791
            </tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   792
            
799
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   793
            <?php
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   794
            /**
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   795
             * Allows adding fields to the user registration form. Form is built with Enano tables, 3 columns. (Rightmost can be left empty or if you're using Javascript validation an image you can update with your own Javascript code)
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   796
             * @hook ucp_register_form
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   797
             */
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   798
            
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   799
            $code = $plugins->setHook('ucp_register_form');
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   800
            foreach ( $code as $cmd )
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   801
            {
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   802
              eval($cmd);
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   803
            }
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   804
            ?>
4629ad98ee88 Added a couple of hooks for the registration form.
Dan
parents: 782
diff changeset
   805
            
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   806
            <!-- FIELD: CAPTCHA image -->
832
7152ca0a0ce9 Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
parents: 801
diff changeset
   807
            <?php
7152ca0a0ce9 Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
parents: 801
diff changeset
   808
            if ( !$session->user_logged_in ):
7152ca0a0ce9 Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
parents: 801
diff changeset
   809
            ?>
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   810
            <tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   811
              <td class="row1" style="width: 50%;" rowspan="2">
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   812
                <?php echo $lang->get('user_reg_lbl_field_captcha'); ?><br />
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   813
                <small>
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   814
                  <?php echo $lang->get('user_reg_msg_captcha_pleaseenter', array('regen_flags' => 'href="#" onclick="regenCaptcha(); return false;"')); ?><br />
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   815
                  <br />
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   816
                  <?php echo $lang->get('user_reg_msg_captcha_blind'); ?>
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   817
                </small>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   818
              </td>
832
7152ca0a0ce9 Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
parents: 801
diff changeset
   819
              <td class="row1">
7152ca0a0ce9 Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
parents: 801
diff changeset
   820
                <img id="captchaimg" alt="CAPTCHA image" src="<?php echo makeUrlNS('Special', 'Captcha/'.$captchacode); ?>" /><br />
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   821
                <span id="b_username"></span>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   822
              </td>
832
7152ca0a0ce9 Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
parents: 801
diff changeset
   823
              <td class="row1">
7152ca0a0ce9 Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
parents: 801
diff changeset
   824
              </td>
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   825
            </tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   826
            
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   827
            <!-- FIELD: CAPTCHA input field -->
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   828
            <tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   829
              <td class="row1" colspan="2">
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   830
                <?php echo $lang->get('user_reg_lbl_field_captcha_code'); ?>
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   831
                <input tabindex="6" name="captchacode" type="text" size="10" />
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   832
                <input type="hidden" name="captchahash" value="<?php echo $captchacode; ?>" />
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   833
              </td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   834
            </tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   835
            
348
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   836
            <!-- FIELD: TOU -->
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   837
            
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   838
            <?php
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   839
            if ( !empty($terms) ):
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   840
            ?>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   841
            
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   842
            <tr>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   843
              <td class="row1" colspan="3">
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   844
                <?php
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   845
                echo $lang->get('user_reg_msg_please_read_tou');
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   846
                ?>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   847
              </td>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   848
            </tr>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   849
            
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   850
            <tr>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   851
              <td class="row3" colspan="3">
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   852
                <div style="border: 1px solid #000000; height: 75px; width: 60%; clip: rect(0px,auto,auto,0px); overflow: auto; background-color: #FFF; margin: 0 auto; padding: 4px;">
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   853
                  <?php
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   854
                  echo RenderMan::render($terms);
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   855
                  ?>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   856
                </div>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   857
                <p style="text-align: center;">
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   858
                  <label>
371
dc6026376919 Improved compatibility with PostgreSQL and fixed a number of installer bugs; fixed missing "meta" category declaration in language files
Dan
parents: 359
diff changeset
   859
                    <input tabindex="7" type="checkbox" name="tou_agreed" />
348
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   860
                    <b><?php echo $lang->get('user_reg_lbl_field_tou'); ?></b>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   861
                  </label>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   862
                </p>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   863
              </td>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   864
            </tr>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   865
            
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   866
            <?php
832
7152ca0a0ce9 Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
parents: 801
diff changeset
   867
            endif; // !empty($terms)
7152ca0a0ce9 Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
parents: 801
diff changeset
   868
            endif; // $session->user_logged_in
348
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   869
            ?>
87e08a6e4fec Welcome to the new Enano installer. Much distance still to be covered but the basics are there.
Dan
parents: 345
diff changeset
   870
            
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   871
            <!-- FIELD: submit button -->
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   872
            <tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   873
              <th class="subhead" colspan="3" style="text-align: center;">
371
dc6026376919 Improved compatibility with PostgreSQL and fixed a number of installer bugs; fixed missing "meta" category declaration in language files
Dan
parents: 359
diff changeset
   874
                <input tabindex="8" type="submit" name="submit" value="<?php echo $lang->get('user_reg_btn_create_account'); ?>" />
101
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   875
              </td>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   876
            </tr>
bb4e677a4da9 Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan
parents: 93
diff changeset
   877
            
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   878
          </table>
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   879
        </div>
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   880
        <?php
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   881
          $val = ( $coppa ) ? 'yes' : 'no';
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   882
          echo '<input type="hidden" name="coppa" value="' . $val . '" />';
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   883
        ?>
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   884
        <input type="hidden" name="challenge_data" value="<?php echo $challenge; ?>" />
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   885
        <input type="hidden" name="use_crypt" value="no" />
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   886
        <input type="hidden" name="crypt_key" value="<?php echo $pubkey; ?>" />
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   887
        <input type="hidden" name="crypt_data" value="" />
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   888
      <script type="text/javascript">
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   889
        // ENCRYPTION CODE
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   890
        function runEncryption()
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   891
        {
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   892
          var frm = document.forms.regform;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   893
          if ( frm.password.value.length < 1 )
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   894
            return true;
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   895
          pass1 = frm.password.value;
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   896
          pass2 = frm.password_confirm.value;
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   897
          if ( pass1 != pass2 )
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   898
          {
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   899
            alert($lang.get('user_reg_err_alert_password_nomatch'));
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   900
            return false;
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   901
          }
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   902
          if ( pass1.length < 6 && pass1.length > 0 )
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   903
          {
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   904
            alert($lang.get('user_reg_err_alert_password_tooshort'));
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   905
            return false;
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   906
          }
614
78d1e71dc720 Got user registration working with the new componentized JS framework
Dan
parents: 604
diff changeset
   907
          if(aes_self_test())
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   908
          {
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   909
            frm.use_crypt.value = 'yes';
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   910
            var cryptkey = frm.crypt_key.value;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   911
            frm.crypt_key.value = hex_md5(cryptkey);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   912
            cryptkey = hexToByteArray(cryptkey);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   913
            if(!cryptkey || ( ( typeof cryptkey == 'string' || typeof cryptkey == 'object' ) ) && cryptkey.length != keySizeInBits / 8 )
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   914
            {
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   915
              frm.submit.disabled = true;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   916
              len = ( typeof cryptkey == 'string' || typeof cryptkey == 'object' ) ? '\nLen: '+cryptkey.length : '';
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   917
              alert('The key is messed up\nType: '+typeof(cryptkey)+len);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   918
            }
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   919
            pass = frm.password.value;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   920
            pass = stringToByteArray(pass);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   921
            cryptstring = rijndaelEncrypt(pass, cryptkey, 'ECB');
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   922
            if(!cryptstring)
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   923
            {
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   924
              return false;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   925
            }
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   926
            cryptstring = byteArrayToHex(cryptstring);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   927
            frm.crypt_data.value = cryptstring;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   928
            frm.password.value = "";
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   929
            frm.password_confirm.value = "";
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   930
          }
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   931
          return true;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   932
        }
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   933
        </script>
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   934
      </form>
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   935
      <!-- Don't optimize this script, it fails when compressed -->
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   936
      <enano:no-opt>
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   937
        <script type="text/javascript">
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   938
          // <![CDATA[
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   939
          var namegood = false;
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   940
          function validateForm(field)
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   941
          {
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   942
            if ( typeof(field) != 'object' )
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   943
            {
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   944
              field = {
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   945
                name: '_nil',
459
31c23016ab62 Upgraded tinyMCE to 3.0.1 in hopes of fixing IE race conditions. Fixed a couple minor syntax errors in Javascript objects declared in various places.
Dan
parents: 458
diff changeset
   946
                value: '_nil'
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   947
              }
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   948
            }
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   949
            // wait until $lang is initted
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   950
            if ( typeof($lang) != 'object' )
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   951
            {
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   952
              setTimeout('validateForm();', 200);
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   953
              return false;
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   954
            }
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   955
            var frm = document.forms.regform;
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   956
            failed = false;
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   957
            
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   958
            // Username
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   959
            if(!namegood && ( field.name == 'username' || field.name == '_nil' ) ) 
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
   960
            {
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   961
              //if(frm.username.value.match(/^([A-z0-9 \!@\-\(\)]+){2,}$/ig))
270
5bcdee999015 Major fixes to the ban system - large IP match lists don't slow down the server miserably anymore.
Dan
parents: 263
diff changeset
   962
              var regex = new RegExp('^([^<>&\?]+){2,}$', 'ig');
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
   963
              if ( frm.username.value.match(regex) )
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   964
              {
404
fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents: 402
diff changeset
   965
                document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/checkunk.png';
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   966
                document.getElementById('e_username').innerHTML = '&nbsp;';
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   967
              } else {
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   968
                failed = true;
404
fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents: 402
diff changeset
   969
                document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/checkbad.png';
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   970
                document.getElementById('e_username').innerHTML = '<br /><small>' + $lang.get('user_reg_err_username_invalid') + '</small>';
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   971
              }
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   972
            }
832
7152ca0a0ce9 Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
parents: 801
diff changeset
   973
            if ( document.getElementById('b_username') )
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   974
            {
832
7152ca0a0ce9 Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
parents: 801
diff changeset
   975
              document.getElementById('b_username').innerHTML = '';
7152ca0a0ce9 Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
parents: 801
diff changeset
   976
              if(hex_md5(frm.real_name.value) == '5a397df72678128cf0e8147a2befd5f1')
7152ca0a0ce9 Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
parents: 801
diff changeset
   977
              {
7152ca0a0ce9 Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
parents: 801
diff changeset
   978
                document.getElementById('b_username').innerHTML = '<br /><br />Hey...I know you!<br /><img alt="" src="http://upload.wikimedia.org/wikipedia/commons/thumb/7/7f/Bill_Gates_2004_cr.jpg/220px-Bill_Gates_2004_cr.jpg" />';
7152ca0a0ce9 Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
parents: 801
diff changeset
   979
              }
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   980
            }
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   981
            
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   982
            // Password
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   983
            if ( field.name == 'password' || field.name == 'password_confirm' || field.name == '_nil' )
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   984
            {
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   985
              if(frm.password.value.match(/^(.+){6,}$/ig) && frm.password_confirm.value.match(/^(.+){6,}$/ig) && frm.password.value == frm.password_confirm.value )
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
   986
              {
404
fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents: 402
diff changeset
   987
                document.getElementById('s_password').src='<?php echo scriptPath; ?>/images/check.png';
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   988
                document.getElementById('e_password').innerHTML = '<br /><small>' + $lang.get('user_reg_err_password_good') + '</small>';
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   989
              } else {
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   990
                failed = true;
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   991
                if(frm.password.value.length < 6)
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   992
                {
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   993
                  document.getElementById('e_password').innerHTML = '<br /><small>' + $lang.get('user_reg_msg_password_length') + '</small>';
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   994
                }
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   995
                else if(frm.password.value != frm.password_confirm.value)
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   996
                {
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   997
                  document.getElementById('e_password').innerHTML = '<br /><small>' + $lang.get('user_reg_msg_password_needmatch') + '</small>';
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   998
                }
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
   999
                else
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1000
                {
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1001
                  document.getElementById('e_password').innerHTML = '';
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1002
                }
404
fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents: 402
diff changeset
  1003
                document.getElementById('s_password').src='<?php echo scriptPath; ?>/images/checkbad.png';
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1004
              }
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1005
            }
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1006
            
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1007
            // E-mail address
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1008
            
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1009
            // workaround for idiot jEdit bug
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1010
            if ( validateEmail(frm.email.value) && ( field.name == 'email' || field.name == '_nil' ) )
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1011
            {
404
fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents: 402
diff changeset
  1012
              document.getElementById('s_email').src='<?php echo scriptPath; ?>/images/check.png';
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1013
            } else {
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1014
              failed = true;
404
fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents: 402
diff changeset
  1015
              document.getElementById('s_email').src='<?php echo scriptPath; ?>/images/checkbad.png';
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1016
            }
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1017
            if(failed)
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1018
            {
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1019
              frm.submit.disabled = 'disabled';
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1020
            } else {
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1021
              frm.submit.disabled = false;
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1022
            }
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1023
          }
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1024
          function checkUsername()
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1025
          {
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1026
            var frm = document.forms.regform;
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1027
            
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1028
            if(!namegood)
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1029
            {
270
5bcdee999015 Major fixes to the ban system - large IP match lists don't slow down the server miserably anymore.
Dan
parents: 263
diff changeset
  1030
              var regex = new RegExp('^([^<>&\?]+){2,}$', 'ig');
5bcdee999015 Major fixes to the ban system - large IP match lists don't slow down the server miserably anymore.
Dan
parents: 263
diff changeset
  1031
              if ( frm.username.value.match(regex) )
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1032
              {
404
fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents: 402
diff changeset
  1033
                document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/checkunk.png';
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1034
                document.getElementById('e_username').innerHTML = '&nbsp;';
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1035
              } else {
404
fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents: 402
diff changeset
  1036
                document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/checkbad.png';
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1037
                document.getElementById('e_username').innerHTML = '<br /><small>' + $lang.get('user_reg_err_username_invalid') + '</small>';
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1038
                return false;
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1039
              }
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1040
            }
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1041
            
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1042
            document.getElementById('e_username').innerHTML = '<br /><small><b>' + $lang.get('user_reg_msg_username_checking') + '</b></small>';
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1043
            ajaxGet('<?php echo scriptPath; ?>/ajax.php?title=null&_mode=checkusername&name='+escape(frm.username.value), function() {
407
35d94240a197 Mass-fixed all AJAX functions to also check the HTTP status code before parsing the response
Dan
parents: 404
diff changeset
  1044
              if ( ajax.readyState == 4 && ajax.status == 200 )
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1045
                if(ajax.responseText == 'good')
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1046
                {
404
fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents: 402
diff changeset
  1047
                  document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/check.png';
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1048
                  document.getElementById('e_username').innerHTML = '<br /><small><b>' + $lang.get('user_reg_msg_username_available') + '</b></small>';
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1049
                  namegood = true;
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1050
                } else if(ajax.responseText == 'bad') {
404
fb4f9e6f378f Made the form validation icons (check/X/?) more visually appealing. IE-friendliness is still on the TODO list.
Dan
parents: 402
diff changeset
  1051
                  document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/checkbad.png';
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1052
                  document.getElementById('e_username').innerHTML = '<br /><small><b>' + $lang.get('user_reg_msg_username_unavailable') + '</b></small>';
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1053
                  namegood = false;
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1054
                } else {
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1055
                  document.getElementById('e_username').innerHTML = ajax.responseText;
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1056
                }
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1057
            });
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1058
          }
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1059
          function regenCaptcha()
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1060
          {
448
f725a16e4a20 Fixed broken regenCaptcha() in Special:Register
Dan
parents: 324
diff changeset
  1061
            var frm = document.forms.regform;
517
c6118b9e13bd Fixed bad captcha refresh code on registration page
Dan
parents: 507
diff changeset
  1062
            document.getElementById('captchaimg').src = '<?php echo makeUrlNS("Special", "Captcha/$captchacode"); ?>/'+Math.floor(Math.random() * 100000);
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1063
            return false;
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1064
          }
614
78d1e71dc720 Got user registration working with the new componentized JS framework
Dan
parents: 604
diff changeset
  1065
          addOnloadHook(function()
78d1e71dc720 Got user registration working with the new componentized JS framework
Dan
parents: 604
diff changeset
  1066
            {
78d1e71dc720 Got user registration working with the new componentized JS framework
Dan
parents: 604
diff changeset
  1067
              <?php if ( getConfig('pw_strength_enable') == '1' ): ?>
78d1e71dc720 Got user registration working with the new componentized JS framework
Dan
parents: 604
diff changeset
  1068
              var frm = document.forms.regform;
78d1e71dc720 Got user registration working with the new componentized JS framework
Dan
parents: 604
diff changeset
  1069
              load_component('pwstrength');
78d1e71dc720 Got user registration working with the new componentized JS framework
Dan
parents: 604
diff changeset
  1070
              password_score_field(frm.password);
78d1e71dc720 Got user registration working with the new componentized JS framework
Dan
parents: 604
diff changeset
  1071
              <?php endif; ?>
78d1e71dc720 Got user registration working with the new componentized JS framework
Dan
parents: 604
diff changeset
  1072
              load_component('crypto');
78d1e71dc720 Got user registration working with the new componentized JS framework
Dan
parents: 604
diff changeset
  1073
              validateForm();
78d1e71dc720 Got user registration working with the new componentized JS framework
Dan
parents: 604
diff changeset
  1074
              setTimeout('checkUsername();', 1000);
78d1e71dc720 Got user registration working with the new componentized JS framework
Dan
parents: 604
diff changeset
  1075
            });
125
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1076
          // ]]>
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1077
        </script>
fb31c951d3a2 Fixed some rather major bugs in the registration system, this will need a release followup
Dan
parents: 116
diff changeset
  1078
      </enano:no-opt>
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1079
    <?php
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1080
  }
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1081
  else
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1082
  {
345
4ccdfeee9a11 WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents: 343
diff changeset
  1083
    $year = intval( enano_date('Y') );
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1084
    $year = $year - 13;
345
4ccdfeee9a11 WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents: 343
diff changeset
  1085
    $month = enano_date('F');
4ccdfeee9a11 WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents: 343
diff changeset
  1086
    $day = enano_date('d');
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1087
    
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1088
    $yo13_date = "$month $day, $year";
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1089
    $link_coppa_yes = makeUrlNS('Special', 'Register', 'coppa=yes', true);
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1090
    $link_coppa_no  = makeUrlNS('Special', 'Register', 'coppa=no',  true);
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1091
    
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1092
    // COPPA enabled, ask age
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1093
    echo '<div class="tblholder">';
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1094
    echo '<table border="0" cellspacing="1" cellpadding="4">';
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1095
    echo '<tr>
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1096
            <td class="row1">
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1097
              ' . $lang->get('user_reg_coppa_title') . '
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1098
            </td>
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1099
          </tr>
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1100
          <tr>
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1101
            <td class="row3">
221
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1102
              <a href="' . $link_coppa_no  . '">' . $lang->get('user_reg_coppa_link_atleast13', array( 'yo13_date' => $yo13_date )) . '</a><br />
e5302cb1945c Localized a good part, if not all, of the registration page and a couple other things.
Dan
parents: 210
diff changeset
  1103
              <a href="' . $link_coppa_yes . '">' . $lang->get('user_reg_coppa_link_not13', array( 'yo13_date' => $yo13_date )) . '</a>
30
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1104
            </td>
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1105
          </tr>';
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1106
    echo '</table>';
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1107
    echo '</div>';
7e8fd44b36b0 COPPA support added
Dan
parents: 23
diff changeset
  1108
  }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1109
  $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1110
}
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1111
909
94c1ff984286 Finished core of log display interface including filter management. There is still a bit of a to-do list, especially regarding rollbacks and reuploads.
Dan
parents: 908
diff changeset
  1112
function page_Special_Contributions()
94c1ff984286 Finished core of log display interface including filter management. There is still a bit of a to-do list, especially regarding rollbacks and reuploads.
Dan
parents: 908
diff changeset
  1113
{
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1114
  global $db, $session, $paths, $template, $plugins; // Common objects
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1115
  global $lang;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1116
  
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1117
  // This is a vast improvement over the old Special:Contributions in 1.0.x.
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1118
  
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1119
  $template->header();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1120
  $user = $paths->getParam();
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1121
  if ( !$user && isset($_GET['user']) )
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1122
  {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1123
    $user = $_GET['user'];
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1124
  }
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1125
  else if ( !$user && !isset($_GET['user']) )
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1126
  {
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1127
    echo '<p>' . $lang->get('userfuncs_contribs_err_no_user') . '</p>';
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1128
    $template->footer();
81
d7fc25acd3f3 Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
parents: 60
diff changeset
  1129
    return;
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1130
  }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1131
  
909
94c1ff984286 Finished core of log display interface including filter management. There is still a bit of a to-do list, especially regarding rollbacks and reuploads.
Dan
parents: 908
diff changeset
  1132
  $url = makeUrlNS("Special", "Log/user={$user}");
94c1ff984286 Finished core of log display interface including filter management. There is still a bit of a to-do list, especially regarding rollbacks and reuploads.
Dan
parents: 908
diff changeset
  1133
  redirect($url, '', '', 0);
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1134
}
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1135
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1136
function page_Special_ChangeStyle()
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1137
{
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1138
  global $db, $session, $paths, $template, $plugins; // Common objects
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1139
  global $lang;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1140
  
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1141
  if ( !$session->user_logged_in )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1142
  {
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1143
    die_friendly('Access denied', '<p>You must be logged in to change your style. Spoofer.</p>');
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1144
  }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1145
  if(isset($_POST['theme']) && isset($_POST['style']) && isset($_POST['return_to']))
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1146
  {
81
d7fc25acd3f3 Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
parents: 60
diff changeset
  1147
    if ( !preg_match('/^([a-z0-9_-]+)$/i', $_POST['theme']) )
d7fc25acd3f3 Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
parents: 60
diff changeset
  1148
      die('Hacking attempt');
d7fc25acd3f3 Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
parents: 60
diff changeset
  1149
    if ( !preg_match('/^([a-z0-9_-]+)$/i', $_POST['style']) )
d7fc25acd3f3 Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
parents: 60
diff changeset
  1150
      die('Hacking attempt');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1151
    $d = ENANO_ROOT . '/themes/' . $_POST['theme'];
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1152
    $f = ENANO_ROOT . '/themes/' . $_POST['theme'] . '/css/' . $_POST['style'] . '.css';
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1153
    if ( !file_exists($d) || !is_dir($d) )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1154
    {
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1155
      die('The directory "'.$d.'" does not exist.');
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1156
    }
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1157
    if ( !file_exists($f) )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1158
    {
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1159
      die('The file "'.$f.'" does not exist.');
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1160
    }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1161
    $d = $db->escape($_POST['theme']);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1162
    $f = $db->escape($_POST['style']);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1163
    $q = 'UPDATE '.table_prefix.'users SET theme=\''.$d.'\',style=\''.$f.'\' WHERE username=\''.$session->username.'\'';
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1164
    if ( !$db->sql_query($q) )
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1165
    {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1166
      $db->_die('Your theme/style preferences were not updated.');
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1167
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1168
    else
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1169
    {
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1170
      redirect(makeUrl($_POST['return_to']), $lang->get('userfuncs_changetheme_success_title'), $lang->get('userfuncs_changetheme_success_body'), 3);
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1171
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1172
  }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1173
  else
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1174
  {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1175
    $template->header();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1176
      $ret = ( isset($_POST['return_to']) ) ? $_POST['return_to'] : $paths->getParam(0);
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1177
      if ( !$ret )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1178
      {
741
a216e412c439 Added ability to have alternate main page for members
Dan
parents: 701
diff changeset
  1179
        $ret = get_main_page();
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1180
      }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1181
      ?>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1182
        <form action="<?php echo makeUrl($paths->page); ?>" method="post">
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1183
          <?php if ( !isset($_POST['themeselected']) ) { ?>
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1184
            <h3><?php echo $lang->get('userfuncs_changetheme_heading_theme'); ?></h3>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1185
            <p>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1186
              <select name="theme">
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1187
               <?php
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1188
                foreach ( $template->theme_list as $t )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1189
                {
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1190
                  if ( $t['enabled'] )
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1191
                  {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1192
                    echo '<option value="'.$t['theme_id'].'"';
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1193
                    if ( $t['theme_id'] == $session->theme )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1194
                    {
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1195
                      echo ' selected="selected"';
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1196
                    }
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1197
                    echo '>' . $t['theme_name'] . '</option>';
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1198
                  }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1199
                }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1200
               ?>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1201
              </select>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1202
            </p>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1203
            <p><input type="hidden" name="return_to" value="<?php echo $ret; ?>" />
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1204
               <input type="submit" name="themeselected" value="<?php echo $lang->get('userfuncs_changetheme_btn_continue'); ?>" /></p>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1205
          <?php } else { 
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1206
            $theme = $_POST['theme'];
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1207
            if ( !preg_match('/^([0-9A-z_-]+)$/i', $theme ) )
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1208
              die('Hacking attempt');
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1209
            ?>
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1210
            <h3><?php echo $lang->get('userfuncs_changetheme_heading_style'); ?></h3>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1211
            <p>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1212
              <select name="style">
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1213
                <?php
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1214
                  $dir = './themes/'.$theme.'/css/';
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1215
                  $list = Array();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1216
                  // Open a known directory, and proceed to read its contents
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1217
                  if (is_dir($dir)) {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1218
                    if ($dh = opendir($dir)) {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1219
                      while (($file = readdir($dh)) !== false) {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1220
                        if(preg_match('#^(.*?)\.css$#is', $file) && $file != '_printable.css') {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1221
                          $list[] = substr($file, 0, strlen($file)-4);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1222
                        }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1223
                      }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1224
                      closedir($dh);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1225
                    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1226
                  } else die($dir.' is not a dir');
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1227
                  foreach ( $list as $l )
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1228
                  {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1229
                    echo '<option value="'.$l.'">'.capitalize_first_letter($l).'</option>';
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1230
                  }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1231
                ?>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1232
              </select>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1233
            </p>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1234
            <p><input type="hidden" name="return_to" value="<?php echo $ret; ?>" />
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1235
               <input type="hidden" name="theme" value="<?php echo $theme; ?>" />
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1236
               <input type="submit" name="allclear" value="<?php echo $lang->get('userfuncs_changetheme_btn_allclear'); ?>" /></p>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1237
          <?php } ?>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1238
        </form>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1239
      <?php
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1240
    $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1241
  }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1242
}
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1243
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1244
function page_Special_ActivateAccount()
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1245
{
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1246
  global $db, $session, $paths, $template, $plugins; // Common objects
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1247
  global $lang;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1248
  
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1249
  $user = $paths->getParam(0);
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1250
  if ( !$user )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1251
  {
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1252
    die_friendly($lang->get('userfuncs_activate_err_badlink_title'), '<p>' . $lang->get('userfuncs_activate_err_badlink_body') . '</p>');
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1253
  }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1254
  $key = $paths->getParam(1);
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1255
  if ( !$key )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1256
  {
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1257
    die_friendly($lang->get('userfuncs_activate_err_badlink_title'), '<p>' . $lang->get('userfuncs_activate_err_badlink_body') . '</p>');
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1258
  }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1259
  $s = $session->activate_account(str_replace('_', ' ', $user), $key);
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1260
  if ( $s > 0 )
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1261
  {
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1262
    die_friendly($lang->get('userfuncs_activate_success_title'), '<p>' . $lang->get('userfuncs_activate_success_body') . '</p>');
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1263
  }
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1264
  else
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1265
  {
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1266
    die_friendly($lang->get('userfuncs_activate_err_badlink_title'), '<p>' . $lang->get('userfuncs_activate_err_bad_key') . '</p>');
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1267
  }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1268
}
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1269
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1270
function page_Special_Captcha()
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1271
{
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1272
  global $db, $session, $paths, $template, $plugins; // Common objects
263
d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
Dan
parents: 192
diff changeset
  1273
  if ( $paths->getParam(0) == 'make' )
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1274
  {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1275
    $session->kill_captcha();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1276
    echo $session->make_captcha();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1277
    return;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1278
  }
263
d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
Dan
parents: 192
diff changeset
  1279
  
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1280
  $hash = $paths->getParam(0);
401
6ae6e387a0e3 Implemented a new CAPTCHA API; the frontend ($session->{make,get}_captcha) is API-compatible but the backend (the captcha class) is deprecated.
Dan
parents: 387
diff changeset
  1281
  if ( !$hash || !preg_match('#^([0-9a-f]*){32,40}$#i', $hash) )
263
d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
Dan
parents: 192
diff changeset
  1282
  {
d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
Dan
parents: 192
diff changeset
  1283
    $paths->main_page();
d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
Dan
parents: 192
diff changeset
  1284
  }
402
d907601ccad2 Fixed some captcha bugs and made all captcha fields case-insensitive
Dan
parents: 401
diff changeset
  1285
987
b13a42ebaefb Added protection against obscene words in CAPTCHAs
Dan
parents: 969
diff changeset
  1286
  $session->make_captcha(7, $hash);
401
6ae6e387a0e3 Implemented a new CAPTCHA API; the frontend ($session->{make,get}_captcha) is API-compatible but the backend (the captcha class) is deprecated.
Dan
parents: 387
diff changeset
  1287
  $code = $session->generate_captcha_code();
987
b13a42ebaefb Added protection against obscene words in CAPTCHAs
Dan
parents: 969
diff changeset
  1288
  // Avoid letting our captchas end up on failblog.org
b13a42ebaefb Added protection against obscene words in CAPTCHAs
Dan
parents: 969
diff changeset
  1289
  // BTW, the last one was a real-life encounter: http://files.ha.xx0r.info/murder.png
989
79d558a94798 Added another word to the CAPTCHA blacklist (thanks Neal).
Dan
parents: 987
diff changeset
  1290
  foreach ( array('shit', 'cock', 'fuck', 'nazi', 'cunt', 'clit', 'pussy', 'penis', 'piss', 'tits', 'murder') as $word )
987
b13a42ebaefb Added protection against obscene words in CAPTCHAs
Dan
parents: 969
diff changeset
  1291
  {
b13a42ebaefb Added protection against obscene words in CAPTCHAs
Dan
parents: 969
diff changeset
  1292
    if ( stristr($code, $word) )
b13a42ebaefb Added protection against obscene words in CAPTCHAs
Dan
parents: 969
diff changeset
  1293
    {
b13a42ebaefb Added protection against obscene words in CAPTCHAs
Dan
parents: 969
diff changeset
  1294
      // but don't put too much effort into this (will only correct this once)
b13a42ebaefb Added protection against obscene words in CAPTCHAs
Dan
parents: 969
diff changeset
  1295
      $code = $session->generate_captcha_code();
b13a42ebaefb Added protection against obscene words in CAPTCHAs
Dan
parents: 969
diff changeset
  1296
      break;
b13a42ebaefb Added protection against obscene words in CAPTCHAs
Dan
parents: 969
diff changeset
  1297
    }
b13a42ebaefb Added protection against obscene words in CAPTCHAs
Dan
parents: 969
diff changeset
  1298
  }
401
6ae6e387a0e3 Implemented a new CAPTCHA API; the frontend ($session->{make,get}_captcha) is API-compatible but the backend (the captcha class) is deprecated.
Dan
parents: 387
diff changeset
  1299
  $q = $db->sql_query('UPDATE ' . table_prefix . "captcha SET code = '$code' WHERE session_id = '$hash';");
263
d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
Dan
parents: 192
diff changeset
  1300
  if ( !$q )
401
6ae6e387a0e3 Implemented a new CAPTCHA API; the frontend ($session->{make,get}_captcha) is API-compatible but the backend (the captcha class) is deprecated.
Dan
parents: 387
diff changeset
  1301
    $db->_die();
263
d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
Dan
parents: 192
diff changeset
  1302
  
d57af0b0302e Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
Dan
parents: 192
diff changeset
  1303
  require ( ENANO_ROOT.'/includes/captcha.php' );
401
6ae6e387a0e3 Implemented a new CAPTCHA API; the frontend ($session->{make,get}_captcha) is API-compatible but the backend (the captcha class) is deprecated.
Dan
parents: 387
diff changeset
  1304
  $captcha = captcha_object($hash, 'freecap');
472
bc4b58034f4d Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
Dan
parents: 459
diff changeset
  1305
  // $captcha->debug = true;
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1306
  $captcha->make_image();
401
6ae6e387a0e3 Implemented a new CAPTCHA API; the frontend ($session->{make,get}_captcha) is API-compatible but the backend (the captcha class) is deprecated.
Dan
parents: 387
diff changeset
  1307
  
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1308
  exit;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1309
}
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1310
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1311
function page_Special_PasswordReset()
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1312
{
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1313
  global $db, $session, $paths, $template, $plugins; // Common objects
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1314
  global $lang;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1315
  
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1316
  $template->header();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1317
  if($paths->getParam(0) == 'stage2')
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1318
  {
801
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1319
    require_once(ENANO_ROOT . '/includes/math.php');
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1320
    require_once(ENANO_ROOT . '/includes/diffiehellman.php');
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1321
    
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1322
    $user_id = intval($paths->getParam(1));
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1323
    $encpass = $paths->getParam(2);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1324
    if ( $user_id < 2 )
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1325
    {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1326
      echo '<p>Hacking attempt</p>';
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1327
      $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1328
      return false;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1329
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1330
    if(!preg_match('#^([a-f0-9]+)$#i', $encpass))
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1331
    {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1332
      echo '<p>Hacking attempt</p>';
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1333
      $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1334
      return false;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1335
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1336
    
801
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1337
    $q = $db->sql_query('SELECT username,temp_password_time,temp_password,password_salt FROM '.table_prefix.'users WHERE user_id='.$user_id.';');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1338
    if($db->numrows() < 1)
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1339
    {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1340
      echo '<p>Invalid credentials</p>';
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1341
      $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1342
      return false;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1343
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1344
    $row = $db->fetchrow();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1345
    $db->free_result();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1346
    
801
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1347
    $temp_pass = $session->pk_decrypt($encpass);
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1348
    $temp_hmac = hmac_sha1($temp_pass, $row['password_salt']);
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1349
    
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1350
    if ( $temp_hmac !== $row['temp_password'] )
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1351
    {
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1352
      echo '<p>Invalid credentials</p>';
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1353
      $template->footer();
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1354
      return false;
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1355
    }
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1356
    
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1357
    if ( ( intval($row['temp_password_time']) + ( 3600 * 24 ) ) < time() )
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1358
    {
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1359
      echo '<p>' . $lang->get('userfuncs_passreset_err_pass_expired', array('reset_url' => makeUrlNS('Special', 'PasswordReset'))) . '</p>';
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1360
      $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1361
      return false;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1362
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1363
    
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1364
    if ( isset($_POST['do_stage2']) )
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1365
    {
801
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1366
      $data = $session->get_aes_post('pass');
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1367
      
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1368
      if(empty($data))
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1369
      {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1370
        echo 'ERROR: Sanity check failed!';
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1371
        $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1372
        return false;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1373
      }
801
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1374
      if ( strlen($data) < 6 )
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1375
      {
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1376
        echo '<p>' . $lang->get('userfuncs_passreset_err_too_short') . '</p>';
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1377
        $template->footer();
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1378
        return false;
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1379
      }
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1380
      if ( $_POST['use_crypt'] == 'no' )
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1381
      {
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1382
        if ( $_POST['pass'] !== $_POST['pass_confirm'] )
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1383
        {
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1384
          echo '<p>' . $lang->get('userfuncs_passreset_err_no_match') . '</p>';
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1385
          $template->footer();
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1386
          return false;
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1387
        }
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1388
      }
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1389
      if ( getConfig('pw_strength_enable') == '1' )
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1390
      {
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1391
        $min_score = intval(getConfig('pw_strength_minimum'));
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1392
        $inp_score = password_score($data);
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1393
        if ( $inp_score < $min_score )
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1394
        {
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1395
          $url = makeUrl($paths->fullpage);
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1396
          echo "<p>" . $lang->get('userfuncs_passreset_err_failed_score', array('inp_score' => $inp_score, 'url' => $url)) . "</p>";
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1397
          $template->footer();
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1398
          return false;
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1399
        }
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1400
      }
801
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1401
      
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1402
      $session->set_password($user_id, $data);
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1403
      
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1404
      $q = $db->sql_query('UPDATE '.table_prefix.'users SET temp_password=\'\',temp_password_time=0 WHERE user_id = '.$user_id.';');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1405
      
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1406
      if($q)
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1407
      {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1408
        $session->login_without_crypto($row['username'], $data);
741
a216e412c439 Added ability to have alternate main page for members
Dan
parents: 701
diff changeset
  1409
        echo '<p>' . $lang->get('userfuncs_passreset_stage2_success', array('url_mainpage' => makeUrl(get_main_page()))) . '</p>';
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1410
      }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1411
      else
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1412
      {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1413
        echo $db->get_error();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1414
      }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1415
      
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1416
      $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1417
      return false;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1418
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1419
    
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1420
    // Password reset form
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1421
    $evt_get_score = ( getConfig('pw_strength_enable') == '1' ) ? 'onkeyup="password_score_field(this);" ' : '';
801
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1422
    $pw_meter =      ( getConfig('pw_strength_enable') == '1' ) ? '<tr><td class="row1">' . $lang->get('userfuncs_passreset_stage2_lbl_strength') . '</td><td class="row1"><div id="pwmeter"></div></td></tr>' : '';
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1423
    $pw_blurb =      ( getConfig('pw_strength_enable') == '1' && intval(getConfig('pw_strength_minimum')) > -10 ) ? '<br /><small>' . $lang->get('userfuncs_passreset_stage2_blurb_strength') . '</small>' : '';
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1424
    
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1425
    ?>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1426
    <form action="<?php echo makeUrl($paths->fullpage); ?>" method="post" name="resetform" onsubmit="return runEncryption();">
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1427
      <br />
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1428
      <div class="tblholder">
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1429
        <table border="0" style="width: 100%;" cellspacing="1" cellpadding="4">
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1430
          <tr><th colspan="2"><?php echo $lang->get('userfuncs_passreset_stage2_th'); ?></th></tr>
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1431
          <tr><td class="row1"><?php echo $lang->get('userfuncs_passreset_stage2_lbl_password'); ?> <?php echo $pw_blurb; ?></td><td class="row1"><input name="pass" type="password" <?php echo $evt_get_score; ?>/></td></tr>
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1432
          <tr><td class="row2"><?php echo $lang->get('userfuncs_passreset_stage2_lbl_confirm'); ?> </td><td class="row2"><input name="pass_confirm" type="password" /></td></tr>
133
af0f6ec48de3 Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan
parents: 126
diff changeset
  1433
          <?php echo $pw_meter; ?>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1434
          <tr>
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1435
            <td colspan="2" class="row3" style="text-align: center;">
801
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1436
              
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1437
              <input type="submit" name="do_stage2" value="<?php echo $lang->get('userfuncs_passreset_stage2_btn_submit'); ?>" />
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1438
            </td>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1439
          </tr>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1440
        </table>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1441
      </div>
801
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1442
      <?php echo $session->generate_aes_form(); ?>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1443
    </form>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1444
    <script type="text/javascript">
801
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1445
    addOnloadHook(function()
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1446
      {
801
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1447
        load_component('pwstrength');
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1448
        password_score_field(document.forms.resetform.pass);
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1449
      });
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1450
    </script>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1451
    <?php
801
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 799
diff changeset
  1452
    echo $session->aes_javascript('resetform', 'pass', 'use_crypt', 'crypt_key', 'crypt_data', 'challenge_data', 'dh_supported', 'dh_public_key', 'dh_client_public_key');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1453
    $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1454
    return true;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1455
  }
701
dd80cde96a6c Autocomplete further stabilized. Made Special:PasswordReset and Special:Register prevent use if logged in.
Dan
parents: 688
diff changeset
  1456
  if ( $session->user_logged_in )
dd80cde96a6c Autocomplete further stabilized. Made Special:PasswordReset and Special:Register prevent use if logged in.
Dan
parents: 688
diff changeset
  1457
  {
dd80cde96a6c Autocomplete further stabilized. Made Special:PasswordReset and Special:Register prevent use if logged in.
Dan
parents: 688
diff changeset
  1458
    $paths->main_page();
dd80cde96a6c Autocomplete further stabilized. Made Special:PasswordReset and Special:Register prevent use if logged in.
Dan
parents: 688
diff changeset
  1459
  }
dd80cde96a6c Autocomplete further stabilized. Made Special:PasswordReset and Special:Register prevent use if logged in.
Dan
parents: 688
diff changeset
  1460
  
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1461
  if(isset($_POST['do_reset']))
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1462
  {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1463
    if($session->mail_password_reset($_POST['username']))
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1464
    {
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1465
      echo '<p>' . $lang->get('userfuncs_passreset_stage1_success') . '</p>';
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1466
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1467
    else
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1468
    {
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1469
      echo '<p>' . $lang->get('userfuncs_passreset_stage1_error') . '</p>';
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1470
    }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1471
    $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1472
    return true;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1473
  }
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1474
  echo '<p>' . $lang->get('userfuncs_passreset_blurb_line1') . '</p>
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1475
        <p>' . $lang->get('userfuncs_passreset_blurb_line2') . '</p>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1476
        <form action="'.makeUrl($paths->page).'" method="post" onsubmit="if(!submitAuthorized) return false;">
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1477
          <p>' . $lang->get('userfuncs_passreset_lbl_username') . '  '.$template->username_field('username').'</p>
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1478
          <p><input type="submit" name="do_reset" value="' . $lang->get('userfuncs_passreset_btn_mailpasswd') . '" /></p>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1479
        </form>';
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1480
  $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1481
}
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1482
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1483
function page_Special_Memberlist()
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1484
{
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1485
  global $db, $session, $paths, $template, $plugins; // Common objects
335
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1486
  global $lang;
67bd3121a12e Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents: 334
diff changeset
  1487
  
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1488
  $template->header();
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1489
  
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1490
  $startletters = 'abcdefghijklmnopqrstuvwxyz';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1491
  $startletters = enano_str_split($startletters);
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1492
  $startletter = ( isset($_GET['letter']) ) ? strtolower($_GET['letter']) : '';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1493
  if ( !in_array($startletter, $startletters) && $startletter != 'chr' )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1494
  {
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1495
    $startletter = '';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1496
  }
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1497
  
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1498
  $startletter_sql = $startletter;
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1499
  if ( $startletter == 'chr' )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1500
  {
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1501
    $startletter_sql = '([^a-z])';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1502
  }
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1503
  
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1504
  // offset
960
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1505
  $perpage = 25;
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1506
  $page = (( isset($_GET['offset']) && strval(intval($_GET['offset'])) === $_GET['offset']) ? intval($_GET['offset']) : 1) - 1;
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1507
  $offset = $page * $perpage;
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1508
  
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1509
  // sort order
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1510
  $sortkeys = array(
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1511
      'uid' => 'u.user_id',
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1512
      'username' => 'u.username',
111
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1513
      'email' => 'u.email',
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1514
      'regist' => 'u.reg_time'
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1515
    );
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1516
  
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1517
  $sortby = ( isset($_GET['sort']) && isset($sortkeys[$_GET['sort']]) ) ? $_GET['sort'] : 'username';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1518
  $sort_sqllet = $sortkeys[$sortby];
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1519
  
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1520
  $target_order = ( isset($_GET['orderby']) && in_array($_GET['orderby'], array('ASC', 'DESC')) )? $_GET['orderby'] : 'ASC';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1521
  
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1522
  $sortorders = array();
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1523
  foreach ( $sortkeys as $k => $_unused )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1524
  {
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1525
    $sortorders[$k] = ( $sortby == $k ) ? ( $target_order == 'ASC' ? 'DESC' : 'ASC' ) : 'ASC';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1526
  }
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1527
  
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1528
  // Why 3.3714%? 100 percent / 28 cells, minus a little (0.2% / cell) to account for cell spacing
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1529
  
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1530
  echo '<div class="tblholder">
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1531
          <table border="0" cellspacing="1" cellpadding="4" style="text-align: center;">
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1532
            <tr>';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1533
  echo '<td class="row1" style="width: 3.3714%;"><a href="' . makeUrlNS('Special', 'Memberlist', 'letter=&sort=' . $sortby . '&orderby=' . $target_order, true) . '">All</a></td>';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1534
  echo '<td class="row1" style="width: 3.3714%;"><a href="' . makeUrlNS('Special', 'Memberlist', 'letter=chr&sort=' . $sortby . '&orderby=' . $target_order, true) . '">#</a></td>';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1535
  foreach ( $startletters as $letter )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1536
  {
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1537
    echo '<td class="row1" style="width: 3.3714%;"><a href="' . makeUrlNS('Special', 'Memberlist', 'letter=' . $letter . '&sort=' . $sortby . '&orderby=' . $target_order, true) . '">' . strtoupper($letter) . '</a></td>';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1538
  }
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1539
  echo '    </tr>
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1540
          </table>
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1541
        </div>';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1542
  
105
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1543
  // User search             
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1544
  if ( isset($_GET['finduser']) )
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1545
  {
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1546
    $finduser = str_replace(array(  '%',   '_'),
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1547
                            array('\\%', '\\_'),
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1548
                            $_GET['finduser']);
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1549
    $finduser = str_replace(array('*', '?'),
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1550
                            array('%', '_'),
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1551
                            $finduser);
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1552
    $finduser = $db->escape($finduser);
322
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 317
diff changeset
  1553
    $username_where = ENANO_SQLFUNC_LOWERCASE . '(u.username) LIKE \'%' . strtolower($finduser) . '%\'';
105
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1554
    $finduser_url = 'finduser=' . rawurlencode($_GET['finduser']) . '&';
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1555
  }
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1556
  else
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1557
  {
322
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 317
diff changeset
  1558
    if ( ENANO_DBLAYER == 'MYSQL' )
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 317
diff changeset
  1559
      $username_where = 'lcase(u.username) REGEXP lcase("^' . $startletter_sql . '")';
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 317
diff changeset
  1560
    else if ( ENANO_DBLAYER == 'PGSQL' )
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 317
diff changeset
  1561
      $username_where = 'lower(u.username) ~ lower(\'^' . $startletter_sql . '\')';
105
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1562
    $finduser_url = '';
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1563
  }
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1564
  
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1565
  // Column markers
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1566
  $headings = '<tr>
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1567
                 <th style="max-width: 50px;">
105
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1568
                   <a href="' . makeUrlNS('Special', 'Memberlist', $finduser_url . 'letter=' . $startletter . '&sort=uid&orderby=' . $sortorders['uid'], true) . '">#</a>
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1569
                 </th>
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1570
                 <th>
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1571
                   <a href="' . makeUrlNS('Special', 'Memberlist', $finduser_url . 'letter=' . $startletter . '&sort=username&orderby=' . $sortorders['username'], true) . '">' . $lang->get('userfuncs_ml_column_username') . '</a>
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1572
                 </th>
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1573
                 <th>
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1574
                   ' . $lang->get('userfuncs_ml_column_userlevel') . '
111
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1575
                 </th>
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1576
                 <th>
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1577
                   <a href="' . makeUrlNS('Special', 'Memberlist', $finduser_url . 'letter=' . $startletter . '&sort=email&orderby=' . $sortorders['email'], true) . '">' . $lang->get('userfuncs_ml_column_email') . '</a>
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1578
                 </th>
111
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1579
                 <th>
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1580
                   <a href="' . makeUrlNS('Special', 'Memberlist', $finduser_url . 'letter=' . $startletter . '&sort=regist&orderby=' . $sortorders['regist'], true) . '">' . $lang->get('userfuncs_ml_column_regtime') . '</a>
111
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1581
                 </th>
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1582
               </tr>';
105
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1583
               
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1584
  // determine number of rows
960
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1585
  $q = $db->sql_query('SELECT COUNT(u.user_id) FROM '.table_prefix.'users AS u WHERE ' . $username_where . ' AND u.username != \'Anonymous\';');
105
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1586
  if ( !$q )
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1587
    $db->_die();
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1588
  
960
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1589
  list($num_rows) = $db->fetchrow_num();
105
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1590
  $db->free_result();
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1591
  
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1592
  if ( !empty($finduser_url) )
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1593
  {
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1594
    switch ( $num_rows )
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1595
    {
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1596
      case 0:
960
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1597
        $str = ''; /* $lang->get('userfuncs_ml_msg_matches_zero'); */ break;
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1598
      case 1:
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1599
        $str = $lang->get('userfuncs_ml_msg_matches_one'); break;
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1600
      default:
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1601
        $str = $lang->get('userfuncs_ml_msg_matches', array('matches' => $num_rows)); break;
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1602
    }
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1603
    echo "<h3>$str</h3>";
105
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1604
  }
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1605
  
f7750e454168 Added search function for memberlist
Dan
parents: 103
diff changeset
  1606
  // main selector
684
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1607
  $pgsql_additional_group_by = ( ENANO_DBLAYER == 'PGSQL' ) ? ', u.username, u.reg_time, u.email, u.user_level, u.user_has_avatar, u.avatar_type, x.email_public' : '';
960
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1608
  $q = $db->sql_query('SELECT \'\' AS infobit, u.user_id, u.username, u.reg_time, u.email, u.user_level, u.user_has_avatar, u.avatar_type, x.email_public, COUNT(c.comment_id) AS num_comments FROM '.table_prefix.'users AS u
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1609
                                    LEFT JOIN '.table_prefix.'users_extra AS x
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1610
                                      ON ( u.user_id = x.user_id )
684
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1611
                                    LEFT JOIN ' . table_prefix . 'comments AS c
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1612
                                      ON ( u.user_id = c.user_id )
322
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 317
diff changeset
  1613
                                    WHERE ' . $username_where . ' AND u.username != \'Anonymous\'
684
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1614
                                    GROUP BY u.user_id' . $pgsql_additional_group_by . '
960
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1615
                                    ORDER BY ' . $sort_sqllet . ' ' . $target_order . '
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1616
                                    LIMIT ' . $perpage . ' OFFSET ' . $offset . ';');
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1617
  if ( !$q )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1618
    $db->_die();
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1619
  
684
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1620
  // formatter parameters
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1621
  $formatter = new MemberlistFormatter();
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1622
  $formatters = array(
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1623
    'username' => array($formatter, 'username'),
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1624
    'user_level' => array($formatter, 'user_level'),
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1625
    'email' => array($formatter, 'email'),
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1626
    'reg_time' => array($formatter, 'reg_time'),
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1627
    'infobit' => array($formatter, 'infobit')
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1628
    );
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1629
  
960
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1630
  $result_url = makeUrlNS('Special', 'Memberlist', ( str_replace('%', '%%', $finduser_url) ) . 'letter=' . $startletter . '&offset=%s&sort=' . $sortby . '&orderby=' . $target_order );
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1631
  $paginator = generate_paginator($page, ceil($num_rows / $perpage), $result_url);
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1632
  
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1633
  if ( $num_rows > 0 )
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1634
  {
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1635
    if ( $num_rows > $perpage )
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1636
      echo $paginator;
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1637
    
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1638
    echo '<div class="tblholder">
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1639
                <table border="0" cellspacing="1" cellpadding="4" style="text-align: center;">
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1640
                  ' . $headings;
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1641
                  
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1642
    $i = 0;
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1643
    while ( $row = $db->fetchrow($q) )
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1644
    {
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1645
      $i++;
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1646
      $cls = ( $i % 2 == 0 ) ? 'row2' : 'row1';
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1647
      echo '<tr>';
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1648
      echo '<td class="' . $cls . '">' . $row['user_id'] . '</td>';
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1649
      echo '<td class="' . $cls . '" style="text-align: left;">' . $formatter->username($row['username'], $row) . '</td>';
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1650
      echo '<td class="' . $cls . '">' . $formatter->user_level($row['user_level'], $row) . '</td>';
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1651
      echo '<td class="' . $cls . '">' . $formatter->email($row['email'], $row) . '</td>';
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1652
      echo '<td class="' . $cls . '">' . $formatter->reg_time($row['reg_time'], $row) . '</td>';
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1653
      echo '</tr>';
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1654
      echo '<tr>';
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1655
      echo '<td colspan="5" class="row3" style="text-align: left;">
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1656
                 <div id="ml_moreinfo_' . $row['user_id'] . '" style="display: none;">
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1657
                   ' . $formatter->infobit(true, $row) . '
684
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1658
                 </div>
960
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1659
               </td>';
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1660
      echo '</tr>';
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1661
    }
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1662
    
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1663
    echo '  ' . $headings . '
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1664
                 </table>
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1665
              </div>
960
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1666
              ';
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1667
    
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1668
    if ( $num_rows > $perpage )
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1669
      echo $paginator;
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1670
  }
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1671
  else
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1672
  {
960
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1673
    echo '<h2 class="emptymessage">' . $lang->get('log_msg_no_results') . '</h2>';
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1674
  }
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1675
  
960
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1676
  echo '<div style="float: left;">
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1677
          <form action="' . makeUrlNS('Special', 'Memberlist') . '" method="get" onsubmit="if ( !submitAuthorized ) return false;">'
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1678
         . ( urlSeparator == '&' ? '<input type="hidden" name="title" value="' . htmlspecialchars( $paths->page ) . '" />' : '' )
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1679
         . ( $session->sid_super ? '<input type="hidden" name="auth"  value="' . $session->sid_super . '" />' : '')
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1680
         . '<p>' . $lang->get('userfuncs_ml_lbl_finduser') . ' ' . $template->username_field('finduser') . ' <input type="submit" value="' . $lang->get('userfuncs_ml_btn_go') . '" /><br />
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1681
            <small>' . $lang->get('userfuncs_ml_tip_wildcard') . '</small></p>'
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1682
         . '</form>
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1683
         </div>';
e74741b8360b Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Dan
parents: 953
diff changeset
  1684
  
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1685
  $template->footer();
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1686
}
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1687
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1688
/**
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1689
 * Class for formatting results for the memberlist.
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1690
 * @access private
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1691
 */
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1692
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1693
class MemberlistFormatter
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1694
{
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1695
  function username($username, $row)
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1696
  {
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1697
    global $db, $session, $paths, $template, $plugins; // Common objects
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1698
    global $lang;
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1699
    
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1700
    $userpage = $paths->nslist['User'] . sanitize_page_id($username);
684
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1701
    $class = ( isPage($userpage) ) ? '' : ' class="wikilink-nonexistent"';
743
0acb5d0f8328 Fixed: Special:Memberlist still used SpryEffects
Dan
parents: 741
diff changeset
  1702
    $anchor = '<a href="' . makeUrlNS('User', sanitize_page_id($username)) . '"' . $class . ' onclick="load_component(\'jquery\'); load_component(\'jquery-ui\'); var el = document.getElementById(\'ml_moreinfo_' . $row['user_id'] . '\'); $(el).toggle(\'blind\'); return false;">' . htmlspecialchars($username) . '</a>';
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1703
    if ( $session->user_level >= USER_LEVEL_ADMIN )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1704
    {
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1705
      $anchor .= ' <small>- <a href="' . makeUrlNS('Special', 'Administration', 'module=' . $paths->nslist['Admin'] . 'UserManager&src=get&username=' . urlencode($username), true) . '"
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1706
                               onclick="ajaxAdminUser(\'' . addslashes(htmlspecialchars($username)) . '\'); return false;">' . $lang->get('userfuncs_ml_btn_adminuser') . '</a></small>';
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1707
    }
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1708
    return $anchor;
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1709
  }
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1710
  function user_level($level, $row)
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1711
  {
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1712
    global $db, $session, $paths, $template, $plugins; // Common objects
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1713
    global $lang;
908
44302dd20d62 Memberlist now shows rank instead of user level in "Title" column. (thanks mm3)
Dan
parents: 907
diff changeset
  1714
    /*
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1715
    switch ( $level )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1716
    {
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1717
      case USER_LEVEL_GUEST:
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1718
        $s_level = $lang->get('userfuncs_ml_level_guest'); break;
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1719
      case USER_LEVEL_MEMBER:
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1720
      case USER_LEVEL_CHPREF:
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1721
        $s_level = $lang->get('userfuncs_ml_level_member'); break;
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1722
      case USER_LEVEL_MOD:
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1723
        $s_level = $lang->get('userfuncs_ml_level_mod'); break;
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1724
      case USER_LEVEL_ADMIN:
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1725
        $s_level = $lang->get('userfuncs_ml_level_admin'); break;
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1726
      default:
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1727
        $s_level = $lang->get('userfuncs_ml_level_unknown', array( 'level' => $level ));
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1728
    }
908
44302dd20d62 Memberlist now shows rank instead of user level in "Title" column. (thanks mm3)
Dan
parents: 907
diff changeset
  1729
    */
44302dd20d62 Memberlist now shows rank instead of user level in "Title" column. (thanks mm3)
Dan
parents: 907
diff changeset
  1730
    
44302dd20d62 Memberlist now shows rank instead of user level in "Title" column. (thanks mm3)
Dan
parents: 907
diff changeset
  1731
    // TODO: Requested by mm3. Is this too CPU-intensive? Optimize?
44302dd20d62 Memberlist now shows rank instead of user level in "Title" column. (thanks mm3)
Dan
parents: 907
diff changeset
  1732
    //       Performance yield =/= about the same (but only 4 users under testing conditions)
44302dd20d62 Memberlist now shows rank instead of user level in "Title" column. (thanks mm3)
Dan
parents: 907
diff changeset
  1733
    $rankdata = $session->get_user_rank($row['user_id']);
44302dd20d62 Memberlist now shows rank instead of user level in "Title" column. (thanks mm3)
Dan
parents: 907
diff changeset
  1734
    $s_level = '<span style="' . $rankdata['rank_style'] . '">' . $lang->get($rankdata['rank_title']) . '</span>';
44302dd20d62 Memberlist now shows rank instead of user level in "Title" column. (thanks mm3)
Dan
parents: 907
diff changeset
  1735
    
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1736
    return $s_level;
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1737
  }
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1738
  function email($addy, $row)
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1739
  {
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1740
    global $lang;
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1741
    if ( $row['email_public'] == '1' )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1742
    {
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1743
      global $email;
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1744
      $addy = $email->encryptEmail($addy);
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1745
      return $addy;
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1746
    }
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1747
    else
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1748
    {
342
ac34de920762 Finished localization of SpecialUserFuncs
Dan
parents: 335
diff changeset
  1749
      return '<small>&lt;' . $lang->get('userfuncs_ml_email_nonpublic') . '&gt;</small>';
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1750
    }
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1751
  }
111
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1752
  /**
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1753
   * Format a time as a reference to a day, with user-friendly "X days ago"/"Today"/"Yesterday" returned when relevant.
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1754
   * @param int UNIX timestamp
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1755
   * @return string
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1756
   */
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1757
  
912
95d0d8596c87 File rollbacks should be all up to date now.
Dan
parents: 909
diff changeset
  1758
  public static function format_date($time)
111
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1759
  {
1081
745200a9cc2a Fixed some upgrade bugs; added support for choosing one's own date/time formats; rebrand as 1.1.7
Dan
parents: 1032
diff changeset
  1760
    // merged into enano_date() :)
745200a9cc2a Fixed some upgrade bugs; added support for choosing one's own date/time formats; rebrand as 1.1.7
Dan
parents: 1032
diff changeset
  1761
    return enano_date(ED_DATE, $time);
111
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1762
  }
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1763
  function reg_time($time, $row)
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1764
  {
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1765
    return $this->format_date($time);
b348ace50bc7 Added registration date column to members list
Dan
parents: 105
diff changeset
  1766
  }
684
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1767
  function infobit($_, $row)
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1768
  {
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1769
    global $db, $session, $paths, $template, $plugins; // Common objects
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1770
    global $lang;
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1771
    
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1772
    $bit = '';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1773
    if ( $row['user_has_avatar'] == 1 )
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1774
    {
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1775
      $bit .= '<div style="float: left; margin-right: 10px;">
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1776
        <img alt=" " src="' . make_avatar_url(intval($row['user_id']), $row['avatar_type'], $row['email']) . '" />
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1777
      </div>';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1778
    }
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1779
    $rank_data = $session->get_user_rank(intval($row['user_id']));
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1780
    $userpage = $paths->nslist['User'] . sanitize_page_id($row['username']);
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1781
    $title = ( isPage($userpage) ) ? ' title="' . $lang->get('userfuncs_ml_tip_userpage') . '"' : ' title="' . $lang->get('userfuncs_ml_tip_nouserpage') . '"';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1782
    $bit .= '<a' . $title . ' href="' . makeUrlNS('User', $row['username'], false, true) . '" style="font-size: x-large; ' . $rank_data['rank_style'] . '">' . htmlspecialchars($row['username']) . '</a><br />';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1783
    if ( $rank_data['user_title'] )
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1784
      $bit .= htmlspecialchars($rank_data['user_title']) . '<br />';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1785
    if ( $rank_data['rank_title'] )
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1786
      $bit .= '<small>' . htmlspecialchars($lang->get($rank_data['rank_title'])) . '</small><br />';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1787
    
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1788
    $bit .= '<div style="text-align: right;">
969
0506adb8eb6c Comment UI / Special:Memberlist: UI consistency for Send PM/Add Buddy links in Memberlist and comment display UI
Dan
parents: 960
diff changeset
  1789
               <a href="' . makeUrlNS('Special', "PrivateMessages/Compose/To/{$row['username']}", false, true) . '" class="abutton icon abutton_blue" style="background-image: url(' . cdnPath . '/images/icons/send_pm.png);">' . $lang->get('comment_btn_send_privmsg') . '</a>
0506adb8eb6c Comment UI / Special:Memberlist: UI consistency for Send PM/Add Buddy links in Memberlist and comment display UI
Dan
parents: 960
diff changeset
  1790
               <a href="' . makeUrlNS('Special', "PrivateMessages/FriendList/Add/{$row['username']}", false, true) . '" class="abutton icon abutton_green" style="background-image: url(' . cdnPath . '/images/icons/add_buddy.png);">' . $lang->get('comment_btn_add_buddy') . '</a>
684
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1791
             </div>';
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1792
    
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1793
    return $bit;
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1794
  }
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1795
}
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 101
diff changeset
  1796
210
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1797
function page_Special_LangExportJSON()
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1798
{
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1799
  global $db, $session, $paths, $template, $plugins; // Common objects
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1800
  global $lang;
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1801
  
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1802
  $lang_id = ( $x = $paths->getParam(0) ) ? intval($x) : $lang->lang_id;
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1803
  
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1804
  if ( $lang->lang_id == $lang_id )
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1805
    $lang_local =& $lang;
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1806
  else
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1807
    $lang_local = new Language($lang_id);
782
96848f04bbba Corrected a few issues with languages and client-side code
Dan
parents: 743
diff changeset
  1808
    
96848f04bbba Corrected a few issues with languages and client-side code
Dan
parents: 743
diff changeset
  1809
  $lang_local->get('meta_meta');
210
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1810
  
542
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit.
Dan
parents: 541
diff changeset
  1811
  $lang_strings = enano_json_encode($lang_local->strings);
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit.
Dan
parents: 541
diff changeset
  1812
  $etag = substr(sha1($lang_strings), 0, 20) . '-' . dechex($lang_local->lang_timestamp);
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit.
Dan
parents: 541
diff changeset
  1813
  
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit.
Dan
parents: 541
diff changeset
  1814
  if ( isset($_SERVER['HTTP_IF_NONE_MATCH']) )
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit.
Dan
parents: 541
diff changeset
  1815
  {
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit.
Dan
parents: 541
diff changeset
  1816
    if ( "\"$etag\"" == $_SERVER['HTTP_IF_NONE_MATCH'] )
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit.
Dan
parents: 541
diff changeset
  1817
    {
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit.
Dan
parents: 541
diff changeset
  1818
      header('HTTP/1.1 304 Not Modified');
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit.
Dan
parents: 541
diff changeset
  1819
      exit();
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit.
Dan
parents: 541
diff changeset
  1820
    }
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit.
Dan
parents: 541
diff changeset
  1821
  }
210
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1822
  
345
4ccdfeee9a11 WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents: 343
diff changeset
  1823
  $timestamp = enano_date('D, j M Y H:i:s T', $lang_local->lang_timestamp);
562
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php
Dan
parents: 555
diff changeset
  1824
  // generate expires header
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php
Dan
parents: 555
diff changeset
  1825
  $expires = date('r', mktime(-1, -1, -1, -1, -1, intval(date('y'))+1));
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php
Dan
parents: 555
diff changeset
  1826
210
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1827
  header("Last-Modified: $timestamp");
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1828
  header("Date: $timestamp");
542
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit.
Dan
parents: 541
diff changeset
  1829
  header("ETag: \"$etag\"");
210
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1830
  header('Content-type: text/javascript');
562
75df0b2c596c Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php
Dan
parents: 555
diff changeset
  1831
  header("Expires: $expires");
210
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1832
  
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1833
  $lang_local->fetch();
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1834
  echo "if ( typeof(enano_lang) != 'object' )
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1835
  var enano_lang = new Object();
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1836
782
96848f04bbba Corrected a few issues with languages and client-side code
Dan
parents: 743
diff changeset
  1837
enano_lang[{$lang_local->lang_id}] = " . $lang_strings . ";";
555
ac4c6a7f01d8 Added user preference for disabling visual effects in Javascript applets; added re-import button to installed plugins
Dan
parents: 542
diff changeset
  1838
ac4c6a7f01d8 Added user preference for disabling visual effects in Javascript applets; added re-import button to installed plugins
Dan
parents: 542
diff changeset
  1839
  gzip_output();
210
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1840
  
542
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit.
Dan
parents: 541
diff changeset
  1841
  exit(0);
210
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1842
}
2b283402e4e4 Added language export to JSON page and localization for Javascript using $lang.get(). Localized AJAX login interface.
Dan
parents: 209
diff changeset
  1843
541
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1844
/**
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1845
 * Fetches and displays an avatar from the filesystem. Avatar fetching is abstracted as of 1.1.4.
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1846
 */
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1847
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1848
function page_Special_Avatar()
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1849
{
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1850
  global $db, $session, $paths, $template, $plugins; // Common objects
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1851
  global $aggressive_optimize_html;
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1852
  $aggressive_optimize_html = false;
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1853
  
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1854
  $img_types = array(
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1855
      IMAGE_TYPE_PNG => 'png',
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1856
      IMAGE_TYPE_GIF => 'gif',
621
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1857
      IMAGE_TYPE_JPG => 'jpg',
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1858
      IMAGE_TYPE_GRV => 'grv'
541
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1859
    );
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1860
  
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1861
  $avi_id = $paths->getParam(0);
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1862
  if ( !$avi_id || !@preg_match('/^[a-f0-9]+$/', $avi_id) )
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1863
  {
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1864
    echo 'Doesn\'t match the regexp';
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1865
    return true;
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1866
  }
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1867
  
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1868
  $avi_id_dec = hexdecode($avi_id);
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1869
  $avi_id_dec = @unpack('Vdate/Vuid/vimg_type', $avi_id_dec);
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1870
  if ( !$avi_id_dec )
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1871
  {
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1872
    echo 'Bad unpack';
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1873
    return true;
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1874
  }
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1875
  
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1876
  // check parameters
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1877
  if ( !isset($img_types[$avi_id_dec['img_type']]) )
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1878
  {
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1879
    echo 'Invalid image type';
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1880
    return true;
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1881
  }
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1882
  
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1883
  // build file path
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1884
  $avi_type = $img_types[$avi_id_dec['img_type']];
621
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1885
  
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1886
  // is this a gravatar?
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1887
  if ( $avi_type == 'grv' )
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1888
  {
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1889
    // yes, we'll have to redirect
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1890
    // sanitize UID
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1891
    $uid = intval($avi_id_dec['uid']);
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1892
    
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1893
    // fetch email
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1894
    $q = $db->sql_query('SELECT email FROM ' . table_prefix . "users WHERE user_id = $uid;");
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1895
    if ( !$q )
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1896
      $db->_die();
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1897
    if ( $db->numrows() < 1 )
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1898
      return false;
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1899
    
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1900
    list($email) = $db->fetchrow_num();
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1901
    $db->free_result();
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1902
    
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1903
    $url = make_gravatar_url($url);
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1904
    
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1905
    // ship out the redirect
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1906
    header('HTTP/1.1 302 Permanent Redirect');
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1907
    header("Location: $url");
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1908
  }
68f8a9cc0a18 Added Gravatar support! And it's really configurable too.
Dan
parents: 614
diff changeset
  1909
  
541
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1910
  $avi_path = ENANO_ROOT . '/' . getConfig('avatar_directory') . '/' . $avi_id_dec['uid'] . '.' . $avi_type;
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1911
  if ( file_exists($avi_path) )
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1912
  {
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1913
    $avi_mod_time = @filemtime($avi_path);
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1914
    $avi_mod_time = date('r', $avi_mod_time);
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1915
    $avi_size = @filesize($avi_path);
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1916
    header("Last-Modified: $avi_mod_time");
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1917
    header("Content-Length: $avi_size");
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1918
    header("Content-Type: image/$avi_type");
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1919
    // http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1920
    header("Cache-Control: public");
684
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1921
    // expire it 30 days from now
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1922
    $expiry_time = time() + ( 86400 * 30 );
15dbbe7e7674 A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
Dan
parents: 621
diff changeset
  1923
    header("Expires: " . date('r', $expiry_time));
541
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1924
    
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1925
    $fh = @fopen($avi_path, 'r');
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1926
    if ( !$fh )
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1927
    {
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1928
      echo 'Could not open file';
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1929
      return true;
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1930
    }
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1931
    
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1932
    while ( $fd = @fread($fh, 1024) )
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1933
    {
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1934
      echo $fd;
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1935
    }
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1936
    fclose($fh);
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1937
    
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1938
  }
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1939
  return true;
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1940
}
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
  1941
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1942
?>