- Timestamp:
- 08/03/10 01:03:19 (22 months ago)
- Location:
- trunk
- Files:
-
- 1 removed
- 107 modified
- 9 copied
-
. (modified) (1 prop)
-
Hotaru.php (modified) (14 diffs)
-
READ_ME.txt (modified) (5 diffs)
-
content/admin_language.php (modified) (5 diffs)
-
content/admin_themes/admin_default/admin_account.php (modified) (2 diffs)
-
content/admin_themes/admin_default/admin_header.php (modified) (2 diffs)
-
content/admin_themes/admin_default/admin_home.php (modified) (2 diffs)
-
content/admin_themes/admin_default/admin_login.php (modified) (1 diff)
-
content/admin_themes/admin_default/admin_navigation.php (modified) (1 diff)
-
content/admin_themes/admin_default/admin_sidebar.php (modified) (3 diffs)
-
content/admin_themes/admin_default/blocked.php (modified) (3 diffs)
-
content/admin_themes/admin_default/css/style.css (modified) (11 diffs)
-
content/admin_themes/admin_default/images/search.png (copied) (copied from branches/1.4/content/admin_themes/admin_default/images/search.png)
-
content/admin_themes/admin_default/images/update_16.png (copied) (copied from branches/1.4/content/admin_themes/admin_default/images/update_16.png)
-
content/admin_themes/admin_default/javascript/admin_default.js (modified) (2 diffs)
-
content/admin_themes/admin_default/maintenance.php (modified) (8 diffs)
-
content/admin_themes/admin_default/plugin_management.php (modified) (9 diffs)
-
content/admin_themes/admin_default/plugin_search.php (copied) (copied from branches/1.4/content/admin_themes/admin_default/plugin_search.php)
-
content/admin_themes/admin_default/plugin_settings.php (modified) (1 diff)
-
content/admin_themes/admin_default/settings.php (modified) (3 diffs)
-
content/admin_themes/admin_default/theme_settings.php (modified) (3 diffs)
-
content/plugins (modified) (1 prop)
-
content/plugins/bookmarking/bookmarking.php (modified) (4 diffs)
-
content/plugins/bookmarking/css/bookmarking.css (modified) (1 diff)
-
content/plugins/bookmarking/libs/BookmarkingFunctions.php (modified) (2 diffs)
-
content/plugins/bookmarking/readme.txt (modified) (1 diff)
-
content/plugins/bookmarking/templates/bookmarking_sort_filter.php (modified) (2 diffs)
-
content/plugins/categories/categories.php (modified) (8 diffs)
-
content/plugins/categories/css/categories.css (modified) (3 diffs)
-
content/plugins/categories/readme.txt (modified) (1 diff)
-
content/plugins/categories/templates/category_bar.php (modified) (1 diff)
-
content/plugins/comments/comments.php (modified) (4 diffs)
-
content/plugins/comments/css/comments.css (modified) (3 diffs)
-
content/plugins/comments/languages/comments_language.php (modified) (1 diff)
-
content/plugins/comments/readme.txt (modified) (1 diff)
-
content/plugins/comments/templates/comment_form.php (modified) (1 diff)
-
content/plugins/post_manager/languages/post_manager_language.php (modified) (1 diff)
-
content/plugins/post_manager/post_manager.php (modified) (2 diffs)
-
content/plugins/post_manager/readme.txt (modified) (1 diff)
-
content/plugins/posts_widget/languages/posts_widget_language.php (modified) (1 diff)
-
content/plugins/posts_widget/posts_widget.php (modified) (5 diffs)
-
content/plugins/posts_widget/posts_widget_settings.php (copied) (copied from branches/1.4/content/plugins/posts_widget/posts_widget_settings.php)
-
content/plugins/posts_widget/readme.txt (modified) (1 diff)
-
content/plugins/search/readme.txt (modified) (1 diff)
-
content/plugins/search/search.php (modified) (4 diffs)
-
content/plugins/submit/libs/SubmitFunctions.php (modified) (3 diffs)
-
content/plugins/submit/readme.txt (modified) (1 diff)
-
content/plugins/submit/submit.php (modified) (7 diffs)
-
content/plugins/submit/templates/submit2.php (modified) (1 diff)
-
content/plugins/submit/templates/submit_edit.php (modified) (1 diff)
-
content/plugins/user_manager/languages/user_manager_language.php (modified) (1 diff)
-
content/plugins/user_manager/readme.txt (modified) (1 diff)
-
content/plugins/user_manager/user_manager.php (modified) (1 diff)
-
content/plugins/user_manager/user_manager_settings.php (modified) (1 diff)
-
content/plugins/user_signin/user_signin.php (modified) (2 diffs)
-
content/plugins/users/languages/users_language.php (modified) (1 diff)
-
content/plugins/users/readme.txt (modified) (1 diff)
-
content/plugins/users/users.php (modified) (3 diffs)
-
content/plugins/vote/css/vote.css (modified) (2 diffs)
-
content/plugins/vote/readme.txt (modified) (1 diff)
-
content/plugins/vote/vote.php (modified) (1 diff)
-
content/plugins/widgets/css/widgets.css (modified) (1 diff)
-
content/plugins/widgets/readme.txt (modified) (1 diff)
-
content/plugins/widgets/templates/widget_ordering.php (modified) (1 diff)
-
content/plugins/widgets/widgets.php (modified) (1 diff)
-
content/themes/default/css/960 (copied) (copied from branches/1.4/content/themes/default/css/960)
-
content/themes/default/css/960/960.css (copied) (copied from branches/1.4/content/themes/default/css/960/960.css)
-
content/themes/default/css/960/reset.css (copied) (copied from branches/1.4/content/themes/default/css/960/reset.css)
-
content/themes/default/css/960/text.css (copied) (copied from branches/1.4/content/themes/default/css/960/text.css)
-
content/themes/default/css/style.css (modified) (8 diffs)
-
content/themes/default/footer.php (modified) (1 diff)
-
content/themes/default/header.php (modified) (2 diffs)
-
content/themes/default/images/background.png (deleted)
-
content/themes/default/images/hotarucms.png (modified) (previous)
-
content/themes/default/index.php (modified) (2 diffs)
-
content/themes/default/navigation.php (modified) (4 diffs)
-
content/themes/default/settings.php (copied) (copied from branches/1.4/content/themes/default/settings.php)
-
content/themes/default/sidebar.php (modified) (1 diff)
-
functions/funcs.strings.php (modified) (23 diffs)
-
htaccess_default (modified) (1 diff)
-
index.php (modified) (1 diff)
-
install/index.php (modified) (10 diffs)
-
install/install-upgrade.php (modified) (3 diffs)
-
install/install_language.php (modified) (2 diffs)
-
install/install_tables.php (modified) (25 diffs)
-
javascript/hotaru.js (modified) (1 diff)
-
libs/AdminAuth.php (modified) (5 diffs)
-
libs/AdminPages.php (modified) (7 diffs)
-
libs/Announcements.php (modified) (1 diff)
-
libs/Avatar.php (modified) (6 diffs)
-
libs/Blocked.php (modified) (1 diff)
-
libs/Breadcrumbs.php (modified) (2 diffs)
-
libs/Comment.php (modified) (1 diff)
-
libs/Database.php (modified) (2 diffs)
-
libs/Debug.php (modified) (4 diffs)
-
libs/EmailFunctions.php (modified) (2 diffs)
-
libs/IncludeCssJs.php (modified) (3 diffs)
-
libs/Initialize.php (modified) (7 diffs)
-
libs/Language.php (modified) (1 diff)
-
libs/Maintenance.php (modified) (3 diffs)
-
libs/PageHandling.php (modified) (7 diffs)
-
libs/Paginator.php (modified) (2 diffs)
-
libs/PluginFunctions.php (modified) (1 diff)
-
libs/PluginManagement.php (modified) (12 diffs)
-
libs/Post.php (modified) (4 diffs)
-
libs/SystemInfo.php (modified) (2 diffs)
-
libs/Trackback.php (modified) (1 diff)
-
libs/UserActivity.php (modified) (2 diffs)
-
libs/UserAuth.php (modified) (6 diffs)
-
libs/UserInfo.php (modified) (1 diff)
-
libs/extensions/GenericPHPConfig/class.metadata.php (modified) (1 diff)
-
libs/extensions/Inspekt/Inspekt.php (modified) (2 diffs)
-
libs/extensions/SmartLoader/smartloader.class.php (modified) (1 diff)
-
libs/extensions/csrf/csrf_class.php (modified) (1 diff)
-
libs/extensions/ezSQL/mysql/ez_sql_mysql.php (modified) (4 diffs)
-
libs/extensions/htmLawed/htmLawed.php (modified) (9 diffs)
-
libs/extensions/htmLawed/htmLawed_README.txt (modified) (19 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk
- Property svn:mergeinfo changed
/branches/1.4 (added) merged: 1900,1902-2026,2028-2029,2031,2033-2079
- Property svn:mergeinfo changed
-
trunk/Hotaru.php
r1896 r2080 26 26 class Hotaru 27 27 { 28 protected $version = "1. 3.0"; // Hotaru CMS version28 protected $version = "1.4.0"; // Hotaru CMS version 29 29 protected $isDebug = false; // show db queries and page loading time 30 30 protected $isAdmin = false; // flag to tell if we are in Admin or not … … 44 44 protected $debug; // Debug object 45 45 protected $email; // Email object 46 protected $pageHandling; // PageHandling object 46 47 47 48 // page info … … 63 64 64 65 // miscellaneous 65 protected $vars = array(); // multi-purpose 66 protected $vars = array(); // multi-purpose 66 67 67 68 /** … … 78 79 define("EXTENSIONS", dirname(__FILE__).'/libs/extensions/'); 79 80 define("FUNCTIONS", dirname(__FILE__).'/functions/'); 81 define("CONTENT", dirname(__FILE__).'/content/'); 80 82 define("THEMES", dirname(__FILE__).'/content/themes/'); 81 83 define("PLUGINS", dirname(__FILE__).'/content/plugins/'); … … 89 91 90 92 $init = new Initialize($this); 91 93 92 94 $this->db = $init->db; // database object 93 95 $this->cage = $init->cage; // Inspekt cage 94 $this->isDebug = $init->isDebug; // set debug 96 $this->isDebug = $init->isDebug; // set debug 95 97 $this->currentUser = new UserAuth(); // the current user 96 98 $this->plugin = new Plugin(); // instantiate Plugin object 97 99 $this->post = new Post(); // instantiate Post object 98 100 $this->includes = new IncludeCssJs(); // instantiate Includes object 101 $this->pageHandling = new PageHandling(); // instantiate PageHandling object 99 102 100 103 $this->csrf('set'); // set a csrfToken … … 130 133 case 'admin': 131 134 $this->isAdmin = true; 132 $this->lang = $lang->includeLanguagePack($this->lang, 'admin'); 133 require_once(LIBS . 'AdminAuth.php'); // include Admin class 135 $this->lang = $lang->includeLanguagePack($this->lang, 'admin'); 134 136 $admin = new AdminAuth(); // new Admin object 135 137 $this->checkCookie(); // check cookie reads user details … … 287 289 public function setHome($home = '', $pagename = '') 288 290 { 289 $pageHandling = new PageHandling(); 290 $pageHandling->setHome($this, $home, $pagename); 291 $this->pageHandling->setHome($this, $home, $pagename); 292 } 293 294 /** 295 * Test if the current url is the *true* homepage, i.e. equal to SITEURL 296 * 297 * @return bool 298 */ 299 public function isHome() 300 { 301 return $this->pageHandling->isHome($this); 291 302 } 292 303 … … 300 311 public function getTitle($delimiter = ' « ', $raw = false) 301 312 { 302 $pageHandling = new PageHandling(); 303 return $pageHandling->getTitle($this, $delimiter, $raw); 313 return $this->pageHandling->getTitle($this, $delimiter, $raw); 304 314 } 305 315 … … 314 324 public function displayTemplate($page = '', $plugin = '', $include_once = true) 315 325 { 316 $pageHandling = new PageHandling(); 317 $pageHandling->displayTemplate($this, $page, $plugin, $include_once); 326 $this->pageHandling->displayTemplate($this, $page, $plugin, $include_once); 318 327 } 319 328 … … 326 335 public function isPage($page = '') 327 336 { 328 $pageHandling = new PageHandling(); 329 return $pageHandling->isPage($this, $page); 337 return $this->pageHandling->isPage($this, $page); 330 338 } 331 339 … … 345 353 public function isSettingsPage($folder = '') 346 354 { 347 $pageHandling = new PageHandling(); 348 return $pageHandling->isSettingsPage($this, $folder); 355 return $this->pageHandling->isSettingsPage($this, $folder); 349 356 } 350 357 … … 355 362 public function getPageName() 356 363 { 357 $pageHandling = new PageHandling(); 358 $this->pageName = $pageHandling->getPageName($this); 364 $this->pageName = $this->pageHandling->getPageName($this); 359 365 return $this->pageName; 360 366 } … … 369 375 public function friendlyToStandardUrl($friendly_url) 370 376 { 371 $pageHandling = new PageHandling(); 372 return $pageHandling->friendlyToStandardUrl($this, $friendly_url); 377 return $this->pageHandling->friendlyToStandardUrl($this, $friendly_url); 373 378 } 374 379 … … 383 388 public function url($parameters = array(), $head = 'index') 384 389 { 385 $pageHandling = new PageHandling(); 386 return $pageHandling->url($this, $parameters, $head); 390 return $this->pageHandling->url($this, $parameters, $head); 387 391 } 388 392 -
trunk/READ_ME.txt
r1896 r2080 1 1 HOTARU CMS 2 Version: 1. 3.03 Released: June 6th20102 Version: 1.4.0 3 Released: August 3rd 2010 4 4 5 5 INSTALLATION … … 12 12 Requirements 13 13 14 Hotaru CMS has been developed with PHP 5.2.6, MySQL 5.0.51a and phpMyAdmin 2.11.6. If you find it works on older versions of PHP, MySQL and phpMyAdmin, please let us know so we can update these requirements accordingly.14 Hotaru CMS has been tested using PHP 5.2.5 ~ 5.3.2 and MySQL 5.0~. 15 15 16 16 Upgrading … … 19 19 2. Download the latest version of Hotaru CMS. 20 20 3. Turn off all your plugins. 21 4. Overwrite ALL the old files. If you've made any customizations, read this first: http://hotaru cms.org/showthread.php?t=4622 5. Go to /install/upgrade.php 21 4. Overwrite ALL the old files. If you've made any customizations, read this first: http://hotarudocs.com/File_Organization 22 5. Go to /install/upgrade.php and follow the steps 23 23 6. Turn your plugins back on 24 24 7. Reactivate your widgets … … 30 30 2. Create a database called "hotaru" in phpMyAdmin (or equivalent). 31 31 3. Rename /hotaru_settings_default.php to /hotaru_settings.php. 32 4. Open /hotaru_settings.php and edit the top section with your database details and path to Hotaru, e.g. http:// www.myhotarusite.com/32 4. Open /hotaru_settings.php and edit the top section with your database details and path to Hotaru, e.g. http://example.com/ 33 33 5. Upload the contents of the "hotaru" folder to your server. 34 34 6. Files should have permissions set to 644 and folders should be set to 755, except... 35 35 7. Set /cache and its sub-folders to 777 36 8. Go to /install/install.php and step through the six steps, following the instructions in each.36 8. Go to /install/install.php and follow the steps 37 37 9. When finished, delete the install folder. 38 38 … … 40 40 41 41 1. Log into Admin and go to Admin -> Settings 42 2. Change the settings as appropriate, but leave DB_CACHE as falsefor now.42 2. Change the settings as appropriate, but leave DB_CACHE off for now. 43 43 3. Download plugins from the Plugin Downloads forum, unzip and upload them to the /content/plugins/ directory. 44 44 4. Go to Admin -> Plugin Management and install the plugins one by one. -
trunk/content/admin_language.php
r1896 r2080 60 60 /* Announcements /class.hotaru.php */ 61 61 $lang['admin_announcement_delete_install'] = "Please delete the install folder before someone deletes your database!"; 62 $lang['admin_announcement_run_install'] = "You have a new version of Hotaru but have not run the upgrade script yet."; 62 63 $lang['admin_announcement_plugins_disabled'] = "Go to Plugin Management to enable some plugins."; 63 64 $lang['admin_announcement_users_disabled'] = "Please enable the Users plugin in Plugin Management."; … … 225 226 $lang['pagination_next'] = "Next"; 226 227 228 /* header */ 229 $lang["admin_theme_header_admin"] = "ADMIN"; 230 $lang["admin_theme_header_hotarucms"] = "Hotaru CMS "; 231 $lang["admin_theme_menu_admin_home"] = "Admin Home"; 232 $lang["admin_theme_menu_site_home"] = "Site Home"; 233 $lang["admin_theme_menu_hotaru_forums"] = "Hotaru Forums"; 234 $lang["admin_theme_menu_help"] = "Documentation"; 235 $lang["admin_theme_menu_logout"] = "Logout"; 236 227 237 /* navigation */ 228 238 $lang["admin_theme_navigation_home"] = "Home"; … … 244 254 $lang["admin_theme_theme_no_settings"] = " doesn't have any settings."; 245 255 $lang["admin_theme_theme_activate"] = " Theme can be activated by clicking here."; 256 $lang["admin_theme_theme_activate_current"] = " Theme is currently active."; 246 257 $lang["admin_theme_theme_activate_success"] = " Theme was activated successfully."; 247 258 $lang["admin_theme_theme_activate_error"] = " Theme was not activated due to an error."; 259 $lang["admin_theme_theme_revert_settings"] = "Revert this theme to its default settings"; 248 260 249 261 250 262 /* footer */ 251 $lang["admin_theme_footer_having_trouble_vist_forums"] = "Having trouble? Read the <a href='http://hotarudocs.com'>Documentation</a> or ask for help in the <a href='http:// hotarucms.org/forum.php'>Forums</a>.";263 $lang["admin_theme_footer_having_trouble_vist_forums"] = "Having trouble? Read the <a href='http://hotarudocs.com'>Documentation</a> or ask for help in the <a href='http://forums.hotarucms.org'>Forums</a>."; 252 264 253 265 /* 404 */ … … 256 268 /* Account */ 257 269 $lang["admin_theme_account"] = "Account"; 258 259 260 $lang["admin_theme_header_admin"] = "ADMIN";261 $lang["admin_theme_header_hotarucms"] = "Hotaru CMS ";262 $lang["admin_theme_menu_admin_home"] = "Admin Home";263 $lang["admin_theme_menu_site_home"] = "Site Home";264 $lang["admin_theme_menu_hotaru_forums"] = "Hotaru Forums";265 $lang["admin_theme_menu_help"] = "Documentation";266 $lang["admin_theme_menu_logout"] = "Logout";267 270 268 271 /* zip files */ … … 275 278 $lang["admin_theme_filecopy_permission_error"] = "The files could not be copied due to a permissions error.<br/>You might want to ask your server admin about enabling SuExec on your server"; 276 279 277 280 /* Updating */ 278 281 $lang["admin_theme_need_cron"] = "You need the 'cron' plugin installed to use this feature"; 279 $lang["admin_theme_check_latest_plugin_versions"] = "Check for latest plugin versions."; 282 $lang["admin_theme_check_latest_plugin_versions"] = "Update"; 283 $lang["admin_theme_search"] = "Search"; 280 284 $lang["admin_theme_version_check_completed"] = "The version numbers have been updated"; 281 282 285 $lang["admin_theme_version_latest_version_installed"] = "Latest version installed"; 283 286 $lang["admin_theme_version_update_to"] = "Update to "; 284 287 288 /* Plugin search */ 289 $lang["admin_theme_plugin_search_submit"] = "Search"; 290 285 291 286 292 -
trunk/content/admin_themes/admin_default/admin_account.php
r1896 r2080 34 34 <br /> 35 35 <?php echo $h->lang["main_user_theme_account_instructions"]; ?> 36 <form name='admin_theme_update_form' action='<?php echo BASEURL; ?>admin_index.php' method='post'>36 <form name='admin_theme_update_form' action='<?php echo SITEURL; ?>admin_index.php' method='post'> 37 37 <table> 38 38 <tr> … … 58 58 59 59 <?php echo $h->lang["main_user_theme_update_password_instruct"]; ?> 60 <form name='update_form' action='<?php echo BASEURL; ?>admin_index.php' method='post'>60 <form name='update_form' action='<?php echo SITEURL; ?>admin_index.php' method='post'> 61 61 <table> 62 62 <tr> -
trunk/content/admin_themes/admin_default/admin_header.php
r1901 r2080 44 44 <!-- End --> 45 45 46 <link rel="stylesheet" href="<?php echo BASEURL . 'content/admin_themes/' . ADMIN_THEME . 'css/reset-fonts-grids.css'; ?>" type="text/css">47 <link rel="stylesheet" href="<?php echo BASEURL . 'content/admin_themes/' . ADMIN_THEME . 'css/style.css'; ?>" type="text/css">48 <!-- <link rel="shortcut icon" href="<?php echo BASEURL; ?>favicon.ico"> -->46 <link rel="stylesheet" href="<?php echo SITEURL . 'content/admin_themes/' . ADMIN_THEME . 'css/reset-fonts-grids.css'; ?>" type="text/css"> 47 <link rel="stylesheet" href="<?php echo SITEURL . 'content/admin_themes/' . ADMIN_THEME . 'css/style.css'; ?>" type="text/css"> 48 <!-- <link rel="shortcut icon" href="<?php echo SITEURL; ?>favicon.ico"> --> 49 49 50 50 <?php $h->pluginHook('admin_header_include_raw'); ?> … … 54 54 55 55 56 <div class="adm -header">57 <div class="adm -frame">58 <div class="adm -header-title">59 <img class="adm -header-logo" src="<?php echo BASEURL; ?>content/admin_themes/admin_default/images/hotaru-80px.png"/>60 <div class="adm -header-verion"><?php echo $h->lang["admin_theme_header_hotarucms"]; ?><?php echo $h->version; ?></div>61 <div class="adm -header-admin"><a href="<?php echo $h->url(array(), 'admin'); ?>"><?php echo $h->lang["admin_theme_header_admin"]; ?></a></div>56 <div class="admin-header"> 57 <div class="admin-frame"> 58 <div class="admin-header-title"> 59 <img class="admin-header-logo" src="<?php echo SITEURL; ?>content/admin_themes/admin_default/images/hotaru-80px.png"/> 60 <div class="admin-header-version"><?php echo $h->lang["admin_theme_header_hotarucms"]; ?><?php echo $h->version; ?></div> 61 <div class="admin-header-admin"><a href="<?php echo $h->url(array(), 'admin'); ?>"><?php echo $h->lang["admin_theme_header_admin"]; ?></a></div> 62 62 </div> 63 <div class="adm -top-menu">64 <div class="adm -tm-item">65 <a href="<?php echo BASEURL; ?>">66 <div class="adm -tm-item-icon">67 <img src="<?php echo BASEURL; ?>content/admin_themes/admin_default/images/home_icon.png" />63 <div class="admin-top-menu"> 64 <div class="admin-menu-item"> 65 <a href="<?php echo SITEURL; ?>"> 66 <div class="admin-menu-item-icon"> 67 <img src="<?php echo SITEURL; ?>content/admin_themes/admin_default/images/home_icon.png" /> 68 68 </div> 69 <div class="adm -tm-item-text"><?php echo $h->lang["admin_theme_menu_site_home"]; ?></div>69 <div class="admin-menu-item-text"><?php echo $h->lang["admin_theme_menu_site_home"]; ?></div> 70 70 </a> 71 71 </div> 72 <div class="adm-tm-item"> 73 <a href="<?php echo $h->url(array(), 'admin'); ?>"> 74 <div class="adm-tm-item-icon"> 75 <img src="<?php echo BASEURL; ?>content/admin_themes/admin_default/images/admin_icon.png"> 72 <?php if ($h->currentUser->getPermission('can_access_admin') == 'yes') { ?> 73 <div class="admin-menu-item"> 74 <a href="<?php echo $h->url(array(), 'admin'); ?>"> 75 <div class="admin-menu-item-icon"> 76 <img src="<?php echo SITEURL; ?>content/admin_themes/admin_default/images/admin_icon.png"> 77 </div> 78 <div class="admin-menu-item-text"><?php echo $h->lang["admin_theme_menu_admin_home"]; ?></div> 79 </a> 76 80 </div> 77 <div class="adm-tm-item-text"><?php echo $h->lang["admin_theme_menu_admin_home"]; ?></div> 81 <?php } ?> 82 <div class="admin-menu-item"> 83 <a href="http://forums.hotarucms.org"> 84 <div class="admin-menu-item-icon"> 85 <img src="<?php echo SITEURL; ?>content/admin_themes/admin_default/images/forum_icon.png "/> 86 </div> 87 <div class="admin-menu-item-text"><?php echo $h->lang["admin_theme_menu_hotaru_forums"]; ?></div> 78 88 </a> 79 89 </div> 80 < div class="adm-tm-item">81 <a href="http://hotaru cms.org/forum.php">82 <div class="adm -tm-item-icon">83 <img src=" <?php echo BASEURL; ?>content/admin_themes/admin_default/images/forum_icon.png "/>90 <!-- <div onmouseout="javascript:$(this).removeClass('admin-menu-item-active');" onmouseover="javascript:$(this).addClass('admin-menu-item-active');" class="admin-menu-item"> 91 <a href="http://hotaruplugins.com"> 92 <div class="admin-menu-item-icon"> 93 <img src="/images/icons/plugins.png"> 84 94 </div> 85 <div class="adm-tm-item-text"><?php echo $h->lang["admin_theme_menu_hotaru_forums"]; ?></div> 95 <div class="admin-menu-item-text">Plugins</div> 96 </a> 97 </div>--> 98 <div class="admin-menu-item"> 99 <a href="http://hotarudocs.com"> 100 <div class="admin-menu-item-icon"> 101 <img src="<?php echo SITEURL; ?>content/admin_themes/admin_default/images/docs_icon.png" /> 102 </div> 103 <div class="admin-menu-item-text"><?php echo $h->lang["admin_theme_menu_help"]; ?></div> 86 104 </a> 87 105 </div> 88 <!-- <div onmouseout="javascript:$(this).removeClass('adm-tm-item-active');" onmouseover="javascript:$(this).addClass('adm-tm-item-active');" class="adm-tm-item"> 89 <a href="http://hotaruplugins.com"> 90 <div class="adm-tm-item-icon"> 91 <img src="/images/icons/plugins.png"> 106 <?php if ($h->currentUser->loggedIn) { ?> 107 <div class="admin-menu-item"> 108 <a href="<?php echo $h->url(array('page'=>'logout')); ?>"> 109 <div class="admin-menu-item-icon"> 110 <img src="<?php echo SITEURL; ?>content/admin_themes/admin_default/images/logout_icon.png" /> 111 </div> 112 <div class="admin-menu-item-text"><?php echo $h->lang["admin_theme_menu_logout"]; ?></div> 113 </a> 92 114 </div> 93 <div class="adm-tm-item-text">Plugins</div> 94 </a> 95 </div>--> 96 <div class="adm-tm-item"> 97 <a href="http://hotarudocs.com"> 98 <div class="adm-tm-item-icon"> 99 <img src="<?php echo BASEURL; ?>content/admin_themes/admin_default/images/docs_icon.png" /> 100 </div> 101 <div class="adm-tm-item-text"><?php echo $h->lang["admin_theme_menu_help"]; ?></div> 102 </a> 103 </div> 104 <div class="adm-tm-item"> 105 <a href="/logout/"> 106 <div class="adm-tm-item-icon"> 107 <img src="<?php echo BASEURL; ?>content/admin_themes/admin_default/images/logout_icon.png" /> 108 </div> 109 <div class="adm-tm-item-text"><?php echo $h->lang["admin_theme_menu_logout"]; ?></div> 110 </a> 111 </div> 115 <?php } ?> 112 116 </div> 113 117 <div class="clear_both"> </div> -
trunk/content/admin_themes/admin_default/admin_home.php
r1896 r2080 36 36 <!-- TITLE FOR ADMIN NEWS --> 37 37 <h2> 38 <a href="http://feeds2.feedburner.com/hotarucms"><img src="<?php echo BASEURL; ?>content/admin_themes/<?php echo ADMIN_THEME; ?>images/rss_16.png" alt="rss" /></a>38 <a href="http://feeds2.feedburner.com/hotarucms"><img src="<?php echo SITEURL; ?>content/admin_themes/<?php echo ADMIN_THEME; ?>images/rss_16.png" alt="rss" /></a> 39 39 <?php echo $h->lang["admin_theme_main_latest"]; ?> 40 40 </h2> … … 67 67 68 68 <?php $h->pluginHook('admin_theme_main_stats_post_version'); ?> 69 <?php $h->pluginHook('admin_theme_main_stats', 'users', array('Summary' => array('total_users', 'admins', 'supermods', 'moderators'))); ?> 70 <?php $h->pluginHook('admin_theme_main_stats', 'users', array('Users' => array('approved_users', 'undermod_users', 'pending_users', 'banned_users', 'killspammed_users'))); ?> 71 <?php $h->pluginHook('admin_theme_main_stats', 'bookmarking', array('Posts' => array('total_posts', 'approved_posts', 'pending_posts', 'buried_posts', 'archived_posts'))); ?> 72 <?php $h->pluginHook('admin_theme_main_stats', 'comments', array('Comments' => array('total_comments', 'approved_comments', 'pending_comments', 'archived_comments'))); ?> 69 <?php $h->pluginHook('admin_theme_main_stats', 'users', array('users' => array('all', 'admin', 'supermod', 'moderator', 'member', 'undermod', 'pending', 'banned', 'killspammed'))); ?> 70 <?php $h->pluginHook('admin_theme_main_stats', 'post_manager', array('posts' => array('all', 'approved', 'pending', 'buried', 'archived'))); ?> 71 <?php $h->pluginHook('admin_theme_main_stats', 'comments', array('comments' => array('all', 'approved', 'pending', 'archived'))); ?> 73 72 </ul> 74 73 </td> -
trunk/content/admin_themes/admin_default/admin_login.php
r1896 r2080 31 31 <?php $h->showMessage(); ?> 32 32 33 <?php echo $h->lang["admin_theme_login_instructions"]; ?>33 <?php //echo $h->lang["admin_theme_login_instructions"]; ?> 34 34 35 <form name='login_form' action='<?php echo BASEURL; ?>admin_index.php' method='post'> 36 <table> 37 <tr> 38 <td><?php echo $h->lang["admin_theme_login_username"]; ?>: </td> 39 <td><input type='text' size=30 name='username' value='<?php echo $username_check; ?>' /></td> 40 </tr> 41 <tr> 42 <td><?php echo $h->lang["admin_theme_login_password"]; ?>: </td> 43 <td><input type='password' size=30 name='password' value='<?php echo $password_check; ?>' /></td> 44 </tr> 45 <tr> 46 <td> </td> 47 <td style='text-align:right;'><input type='submit' value='<?php echo $h->lang['admin_theme_login_form_submit']; ?>' /></td> 48 </tr> 49 </table> 50 <input type='hidden' name='login_attempted' value='true'> 51 <input type='hidden' name='page' value='admin_login'> 52 <input type='hidden' name='csrf' value='<?php echo $h->csrfToken; ?>' /> 53 </form> 35 <div id ="login_form"> 36 <form name='login_form' action='<?php echo SITEURL; ?>admin_index.php' method='post'> 54 37 55 <a href="#" class="forgot_password"><?php echo $h->lang["admin_theme_login_forgot_password"]; ?></a> 38 56 39 57 <form style="display: none;" name='forgot_password_form' action='<?php echo BASEURL; ?>admin_index.php' method='post'> 40 <table> 41 <tr> 42 <td><?php echo $h->lang["admin_theme_login_username"]; ?> </td> 43 <td><input id='admin_login_name' type='text' size=20 name='username' value='<?php echo $username_check; ?>' /></td> 44 </tr> 45 <tr> 46 <td><?php echo $h->lang["admin_theme_login_password"]; ?> </td> 47 <td><input id='admin_login_password' type='password' size=20 name='password' value='<?php echo $password_check; ?>' /></td> 48 </tr> 49 <tr> 50 <td> </td> 51 <td style='text-align:right;'><input id='admin_login_button' type='submit' value='<?php echo $h->lang['admin_theme_login_form_submit']; ?>' /></td> 52 </tr> 53 </table> 54 55 <input type='hidden' name='login_attempted' value='true'> 56 <input type='hidden' name='page' value='admin_login'> 57 <input type='hidden' name='csrf' value='<?php echo $h->csrfToken; ?>' /> 58 </form> 59 60 <a href="#" class="forgot_password"><?php echo $h->lang["admin_theme_login_forgot_password"]; ?></a> 61 </div> 62 63 <form style="display: none;" id='forgot_password_form' name='forgot_password_form' action='<?php echo SITEURL; ?>admin_index.php' method='post'> 58 64 <?php echo $h->lang['admin_theme_login_forgot_password_submit_instruct_1']; ?> 59 65 <table> -
trunk/content/admin_themes/admin_default/admin_navigation.php
r1896 r2080 37 37 } ?> 38 38 39 <li><a href="<?php echo BASEURL; ?>"><?php echo $h->lang["admin_theme_navigation_home"]; ?></a></li>39 <li><a href="<?php echo SITEURL; ?>"><?php echo $h->lang["admin_theme_navigation_home"]; ?></a></li> 40 40 <?php $h->pluginHook('navigation'); ?> 41 41 <?php -
trunk/content/admin_themes/admin_default/admin_sidebar.php
r1896 r2080 40 40 ?> 41 41 42 <a href="<?php echo BASEURL; ?>admin_index.php?page=admin_account"><?php echo $h->lang["admin_theme_account"]; ?></a></li>42 <a href="<?php echo SITEURL; ?>admin_index.php?page=admin_account"><?php echo $h->lang["admin_theme_account"]; ?></a></li> 43 43 44 <li><a href="<?php echo BASEURL; ?>admin_index.php?page=settings"><?php echo $h->lang["admin_theme_settings"]; ?></a></li>45 <li><a href="<?php echo BASEURL; ?>admin_index.php?page=maintenance"><?php echo $h->lang["admin_theme_maintenance"]; ?></a></li>46 <li><a href="<?php echo BASEURL; ?>admin_index.php?page=blocked"><?php echo $h->lang["admin_theme_blocked_list"]; ?></a></li>47 <li><a href="<?php echo BASEURL; ?>admin_index.php?page=plugin_management"><?php echo $h->lang["admin_theme_plugins"]; ?></a></li>44 <li><a href="<?php echo SITEURL; ?>admin_index.php?page=settings"><?php echo $h->lang["admin_theme_settings"]; ?></a></li> 45 <li><a href="<?php echo SITEURL; ?>admin_index.php?page=maintenance"><?php echo $h->lang["admin_theme_maintenance"]; ?></a></li> 46 <li><a href="<?php echo SITEURL; ?>admin_index.php?page=blocked"><?php echo $h->lang["admin_theme_blocked_list"]; ?></a></li> 47 <li><a href="<?php echo SITEURL; ?>admin_index.php?page=plugin_management"><?php echo $h->lang["admin_theme_plugins"]; ?></a></li> 48 48 49 49 50 50 <?php if ($h->vars['admin_sidebar_layout'] == 'horizontal') { ?> 51 <li><a href="<?php echo BASEURL; ?>admin_index.php?page=plugin_settings"><?php echo $h->lang["admin_theme_plugin_settings"]; ?></a></li>51 <li><a href="<?php echo SITEURL; ?>admin_index.php?page=plugin_settings"><?php echo $h->lang["admin_theme_plugin_settings"]; ?></a></li> 52 52 <?php } else { ?> 53 53 <li><?php echo $h->lang["admin_theme_plugin_settings"]; ?> … … 58 58 $sb_links = sksort($sb_links, $subkey="name", $type="char", true); 59 59 foreach ($sb_links as $plugin => $details) { 60 echo "<li><a href='" . BASEURL . "admin_index.php?page=plugin_settings&plugin=" . $details['plugin'] . "'>" . $details['name'] . "</a></li>\n";60 echo "<li><a href='" . SITEURL . "admin_index.php?page=plugin_settings&plugin=" . $details['plugin'] . "'>" . $details['name'] . "</a></li>\n"; 61 61 } 62 62 } … … 74 74 foreach ($themes as $theme) { 75 75 if ($theme == rtrim(THEME, '/')) { $active = ' <i><small>(current)</small></i>'; } else { $active = ''; } 76 echo "<li><a href='" . BASEURL . "admin_index.php?page=theme_settings&theme=" . $theme . "'>" . make_name($theme, '-') . "</a>" . $active . "</li>\n";76 echo "<li><a href='" . SITEURL . "admin_index.php?page=theme_settings&theme=" . $theme . "'>" . make_name($theme, '-') . "</a>" . $active . "</li>\n"; 77 77 } 78 78 } -
trunk/content/admin_themes/admin_default/blocked.php
r1896 r2080 36 36 <?php echo $h->showMessage(); ?> 37 37 38 <form name='blocked_list_new_form' action='<?php echo BASEURL; ?>admin_index.php?page=blocked' method='post'>38 <form name='blocked_list_new_form' action='<?php echo SITEURL; ?>admin_index.php?page=blocked' method='post'> 39 39 <h3><?php echo $h->lang["admin_theme_blocked_new"]; ?></h3> 40 40 <table> … … 56 56 <table><tr><td> 57 57 58 <form name='blocked_list_search_form' action='<?php echo BASEURL; ?>admin_index.php?page=blocked' method='post'>58 <form name='blocked_list_search_form' action='<?php echo SITEURL; ?>admin_index.php?page=blocked' method='post'> 59 59 <h3><?php echo $h->lang["admin_theme_blocked_search"]; ?></h3> 60 60 <table> … … 70 70 </td><td> 71 71 72 <form name='blocked_list_filter_form' action='<?php echo BASEURL; ?>admin_index.php?page=blocked' method='post'>72 <form name='blocked_list_filter_form' action='<?php echo SITEURL; ?>admin_index.php?page=blocked' method='post'> 73 73 <h3><?php echo $h->lang["admin_theme_blocked_filter"]; ?></h3> 74 74 <table> -
trunk/content/admin_themes/admin_default/css/style.css
r1901 r2080 238 238 #plugin_management td.table_description { font-size: 0.8em; background-color: #fefefe; border-style:solid; border-width: 0.2em 0 0.2em 0.2em; border-color: #e0e0e0; } 239 239 #plugin_management td.table_description_close { font-size: 0.8em; background-color: #fefefe; border-style:solid; border-width: 0.2em 0.2em 0.2em 0; border-color: #e0e0e0; text-align: center; } 240 #plugin_management .plugin_management_right {float:right; font-weight:bold;} 241 #plugin_management a:hover {text-decoration: none; color: #000;} 240 242 241 243 /* ************************************* … … 346 348 .accordion .horizontal { } 347 349 348 #admin_theme_theme_activate {cursor: pointer; } 350 #admin_theme_theme_activate {cursor: pointer; margin-top: 10px; } 351 #admin_theme_theme_activate span.activate { background-color: #fbe760; padding: 0.4em; } 349 352 .power_on {padding-left: 1.5em; background-image: url(../images/power_on.png); background-repeat: no-repeat;} 350 353 .tick_on {padding-left: 1.5em; background-image: url(../images/tick_yes.png); background-repeat: no-repeat;} … … 353 356 #sidebar.vertical .home {padding-left: 1.5em; background-image: url(../images/home.png); background-repeat: no-repeat;} 354 357 358 #site_stats li a {color: #000;} 355 359 #site-stats .title {font-weight:bold; margin-left:0; margin-bottom:2px; } 356 360 #site-stats li {margin-left:4px;} … … 358 362 #admin_topright {margin: 20px; width: 160px;} 359 363 360 div.adm -header {364 div.admin-header { 361 365 /* background-image:url("../images/content-bg.jpg"); */ 362 366 background-position:0 0; … … 369 373 } 370 374 371 div.adm -header-title {375 div.admin-header-title { 372 376 color:#333333; 373 377 float:left; … … 379 383 } 380 384 381 div.adm -header-verion {385 div.admin-header-version { 382 386 font-family:Verdana; 383 387 font-size:10px; … … 390 394 } 391 395 392 div.adm -top-menu { float:right; position:relative; }393 394 div.adm -tm-item {396 div.admin-top-menu { float:right; position:relative; } 397 398 div.admin-menu-item { 395 399 float:left; 396 400 height:87px; … … 399 403 } 400 404 401 div.adm -tm-item a {405 div.admin-menu-item a { 402 406 color:#333333; 403 407 display:block; … … 409 413 } 410 414 411 div.adm -tm-item-icon {height:32px;415 div.admin-menu-item-icon {height:32px; 412 416 margin:0 auto; 413 417 padding:23px 0 5px; 414 418 width:32px;} 415 419 416 div.adm -tm-item-icon img { width:36px; height:36px; }417 div.adm -tm-item-text {font-size:11px; text-align:center;}418 419 img.adm -header-logo {height:70px;420 div.admin-menu-item-icon img { width:36px; height:36px; } 421 div.admin-menu-item-text {font-size:11px; text-align:center;} 422 423 img.admin-header-logo {height:70px; 420 424 left:30px; 421 425 position:absolute; … … 423 427 width:70px;} 424 428 425 div.adm -header-admin {429 div.admin-header-admin { 426 430 left:148px; 427 431 position:absolute; … … 429 433 width:90px;} 430 434 431 div.adm-frame {margin: 0 auto; width:75em;} 432 433 div.adm-header-admin a {color:#000;} 434 div.adm-header-admin a:hover {color:#333; text-decoration: none;} 435 div.admin-frame {margin: 0 auto; width:75em;} 436 437 div.admin-header-admin a {color:#000;} 438 div.admin-header-admin a:hover {color:#333; text-decoration: none;} 439 #settings a {color:#000;} 440 #settings a:hover {color:blue;} 441 442 /* 443 444 This breaks the layout in IE: 445 446 #login_form {-moz-border-radius:14px; background:none repeat scroll 0 0 #D4F07F; margin:30px auto; padding:20px; text-align:center; width:500px; -moz-box-shadow:0 4px 18px #C8C8C8; } 447 #login_form input {-moz-border-radius:4px; border: 1pt solid #d0d0d0;} 448 #login_form #admin_login_button {padding:4px; font-weight:bold; color:#777; background-color:#ccc;} 449 #login_form #admin_login_button:hover {color:navy; cursor:pointer;} 450 #login_form #admin_login_name {padding:4px; font-size:24px;} 451 #login_form #admin_login_password {padding:4px; font-size:24px;} 452 #login_form .forgot_password {color:#777;} 453 #login_form .forgot_password:hover {text-decoration:none; color:navy;} 454 455 #login_form td {font:14px "Lucida Grande",Verdana,Arial,"Bitstream Vera Sans",sans-serif;} 456 */ 457 458 #plugin_search_form {-moz-border-radius:14px; background:none repeat scroll 0 0 #eee640; margin:30px auto; padding:20px; text-align:center; width:500px; -moz-box-shadow:0 4px 18px #C8C8C8; } 459 #plugin_search_form input {-moz-border-radius:4px; border: 1pt solid #d0d0d0;} 460 #plugin_search_form #admin_plugin_search {padding:4px; font-size:24px;} 461 #plugin_search_form #admin_plugin_search_button {padding:4px; font-weight:bold; color:#777; background-color:#ccc;} 462 #plugin_search_form #admin_plugin_search_button:hover {color:navy; cursor:pointer;} 463 -
trunk/content/admin_themes/admin_default/javascript/admin_default.js
r1896 r2080 55 55 var theme = $(this).attr("name"); 56 56 var formdata = 'admin=theme_settings&theme=' + theme; 57 var sendurl = BASEURL + "admin_index.php?page=settings";57 var sendurl = SITEURL + "admin_index.php?page=settings"; 58 58 59 59 $.ajax( … … 63 63 data: formdata, 64 64 beforeSend: function () { 65 $('#admin_theme_theme_activate').html('<img src="' + BASEURL + "content/admin_themes/" + ADMIN_THEME + 'images/ajax-loader.gif' + '"/> Attempting to activate theme.');65 $('#admin_theme_theme_activate').html('<img src="' + SITEURL + "content/admin_themes/" + ADMIN_THEME + 'images/ajax-loader.gif' + '"/> Attempting to activate theme.'); 66 66 }, 67 67 error: function(XMLHttpRequest, textStatus, errorThrown) { -
trunk/content/admin_themes/admin_default/maintenance.php
r1896 r2080 40 40 <ul> 41 41 <?php if (SITE_OPEN == "true") { ?> 42 <li><a href="<?php echo BASEURL; ?>admin_index.php?page=maintenance&action=close">42 <li><a href="<?php echo SITEURL; ?>admin_index.php?page=maintenance&action=close"> 43 43 <?php echo $h->lang["admin_theme_maintenance_close_site"]; ?></a> - <?php echo $h->lang["admin_theme_maintenance_close_site_desc"]; ?></li> 44 44 <?php } else { ?> 45 <li><a href="<?php echo BASEURL; ?>admin_index.php?page=maintenance&action=open">45 <li><a href="<?php echo SITEURL; ?>admin_index.php?page=maintenance&action=open"> 46 46 <?php echo $h->lang["admin_theme_maintenance_open_site"]; ?></a> - <?php echo $h->lang["admin_theme_maintenance_open_site_desc"]; ?></li> 47 47 <?php } ?> … … 50 50 <?php echo $h->lang["admin_theme_maintenance_announcement"]; ?> 51 51 52 <form name='maintenance_announcement' action='<?php echo BASEURL; ?>admin_index.php' method='get'>52 <form name='maintenance_announcement' action='<?php echo SITEURL; ?>admin_index.php' method='get'> 53 53 <table> 54 54 <tr> … … 71 71 <h2><?php echo $h->lang["admin_theme_maintenance_cache"]; ?></h2> 72 72 <ul> 73 <li style="margin-bottom: 1em;"><a href="<?php echo BASEURL; ?>admin_index.php?page=maintenance&action=clear_all_cache">73 <li style="margin-bottom: 1em;"><a href="<?php echo SITEURL; ?>admin_index.php?page=maintenance&action=clear_all_cache"> 74 74 <?php echo $h->lang["admin_theme_maintenance_all_cache"]; ?></a> - <?php echo $h->lang["admin_theme_maintenance_all_cache_desc"]; ?></li> 75 <li><a href="<?php echo BASEURL; ?>admin_index.php?page=maintenance&action=clear_db_cache">75 <li><a href="<?php echo SITEURL; ?>admin_index.php?page=maintenance&action=clear_db_cache"> 76 76 <?php echo $h->lang["admin_theme_maintenance_db_cache"]; ?></a> - <?php echo $h->lang["admin_theme_maintenance_db_cache_desc"]; ?></li> 77 <li><a href="<?php echo BASEURL; ?>admin_index.php?page=maintenance&action=clear_css_js_cache">77 <li><a href="<?php echo SITEURL; ?>admin_index.php?page=maintenance&action=clear_css_js_cache"> 78 78 <?php echo $h->lang["admin_theme_maintenance_css_js_cache"]; ?></a> - <?php echo $h->lang["admin_theme_maintenance_css_js_cache_desc"]; ?></li> 79 <li><a href="<?php echo BASEURL; ?>admin_index.php?page=maintenance&action=clear_html_cache">79 <li><a href="<?php echo SITEURL; ?>admin_index.php?page=maintenance&action=clear_html_cache"> 80 80 <?php echo $h->lang["admin_theme_maintenance_html_cache"]; ?></a> - <?php echo $h->lang["admin_theme_maintenance_html_cache_desc"]; ?></li> 81 <li><a href="<?php echo BASEURL; ?>admin_index.php?page=maintenance&action=clear_lang_cache">81 <li><a href="<?php echo SITEURL; ?>admin_index.php?page=maintenance&action=clear_lang_cache"> 82 82 <?php echo $h->lang["admin_theme_maintenance_lang_cache"]; ?></a> - <?php echo $h->lang["admin_theme_maintenance_lang_cache_desc"]; ?></li> 83 <li><a href="<?php echo BASEURL; ?>admin_index.php?page=maintenance&action=clear_rss_cache">83 <li><a href="<?php echo SITEURL; ?>admin_index.php?page=maintenance&action=clear_rss_cache"> 84 84 <?php echo $h->lang["admin_theme_maintenance_rss_cache"]; ?></a> - <?php echo $h->lang["admin_theme_maintenance_rss_cache_desc"]; ?></li> 85 85 </ul> … … 89 89 <h2><?php echo $h->lang["admin_theme_maintenance_debug"]; ?></h2> 90 90 <ul> 91 <li><a href="<?php echo BASEURL; ?>admin_index.php?page=maintenance&action=delete_debugs">91 <li><a href="<?php echo SITEURL; ?>admin_index.php?page=maintenance&action=delete_debugs"> 92 92 <?php echo $h->lang["admin_theme_maintenance_debug_delete"]; ?></a></li> 93 <li style="margin-bottom: 1em;"><a href="<?php echo BASEURL; ?>admin_index.php?page=maintenance&action=system_report">93 <li style="margin-bottom: 1em;"><a href="<?php echo SITEURL; ?>admin_index.php?page=maintenance&action=system_report"> 94 94 <?php echo $h->lang["admin_theme_maintenance_system_report"]; ?></a></li> 95 <li style="margin-bottom: 1em;"><a href="<?php echo BASEURL; ?>admin_index.php?page=maintenance&action=email_report">95 <li style="margin-bottom: 1em;"><a href="<?php echo SITEURL; ?>admin_index.php?page=maintenance&action=email_report"> 96 96 <?php echo $h->lang["admin_theme_maintenance_email_system_report"]; ?></a> 97 97 <?php echo $h->lang["admin_theme_maintenance_email_system_report_note"]; ?></li> … … 101 101 echo $h->lang["admin_theme_maintenance_debug_view"] . "<br />"; 102 102 foreach ($h->vars['debug_files'] as $file) { 103 echo "<a href='" . BASEURL . "admin_index.php?page=maintenance&debug=" . $file . "'>" . $file . "</a><br />";103 echo "<a href='" . SITEURL . "admin_index.php?page=maintenance&debug=" . $file . "'>" . $file . "</a><br />"; 104 104 } 105 105 } else { … … 111 111 <h2><?php echo $h->lang["admin_theme_maintenance_optimize"]; ?></h2> 112 112 <ul> 113 <li><a href="<?php echo BASEURL; ?>admin_index.php?page=maintenance&action=optimize">113 <li><a href="<?php echo SITEURL; ?>admin_index.php?page=maintenance&action=optimize"> 114 114 <?php echo $h->lang["admin_theme_maintenance_optimize_database"]; ?></a> - <?php echo $h->lang["admin_theme_maintenance_optimize_desc"]; ?></li> 115 115 <?php $h->pluginHook('admin_maintenance_database'); ?> … … 124 124 <?php if ($plugin_settings) { ?> 125 125 <?php foreach ($plugin_settings as $settings) { ?> 126 <li><a href="<?php echo BASEURL; ?>admin_index.php?page=maintenance&action=remove_settings&settings=<?php echo $settings; ?>">126 <li><a href="<?php echo SITEURL; ?>admin_index.php?page=maintenance&action=remove_settings&settings=<?php echo $settings; ?>"> 127 127 <?php echo $h->lang["admin_theme_maintenance_remove"] . " " . make_name($settings) . " " . $h->lang["admin_theme_maintenance_settings"]; ?> </a></li> 128 128 <?php } ?> … … 139 139 <?php if($db_tables) { ?> 140 140 <?php foreach ($db_tables as $table) { ?> 141 <li><a href="<?php echo BASEURL; ?>admin_index.php?page=maintenance&action=empty&table=<?php echo $table; ?>">141 <li><a href="<?php echo SITEURL; ?>admin_index.php?page=maintenance&action=empty&table=<?php echo $table; ?>"> 142 142 <?php echo $h->lang["admin_theme_maintenance_empty"] . " " . $table; ?> </a></li> 143 143 <?php } ?> -
trunk/content/admin_themes/admin_default/plugin_management.php
r1896 r2080 40 40 <?php echo $h->lang["admin_theme_plugins_installed"]; ?> 41 41 <span class='table_key'> 42 43 <img src='<?php echo BASEURL; ?>content/admin_themes/<?php echo ADMIN_THEME; ?>images/active_16.png' alt=""> 44 <?php echo $h->lang["admin_theme_plugins_active"]; ?> 45 46 <img src='<?php echo BASEURL; ?>content/admin_themes/<?php echo ADMIN_THEME; ?>images/inactive_16.png' alt=""> 47 <?php echo $h->lang["admin_theme_plugins_inactive"]; ?> 48 49 <img src='<?php echo BASEURL; ?>content/admin_themes/<?php echo ADMIN_THEME; ?>images/up_12.png' alt=""> 50 <?php echo $h->lang["admin_theme_plugins_order_up"]; ?> 51 52 <img src='<?php echo BASEURL; ?>content/admin_themes/<?php echo ADMIN_THEME; ?>images/down_12.png' alt=""> 53 <?php echo $h->lang["admin_theme_plugins_order_down"]; ?> 54 55 <img src='<?php echo BASEURL; ?>content/admin_themes/<?php echo ADMIN_THEME; ?>images/info_16.png' alt=""> 56 <?php echo $h->lang["admin_theme_plugins_details"]; ?> 57 58 <img src='<?php echo BASEURL; ?>content/admin_themes/<?php echo ADMIN_THEME; ?>images/uninstall_16.png' alt=""> 59 <?php echo $h->lang["admin_theme_plugins_uninstall"]; ?> 42 43 <img src='<?php echo SITEURL; ?>content/admin_themes/<?php echo ADMIN_THEME; ?>images/active_16.png' alt=""> 44 <?php echo $h->lang["admin_theme_plugins_active"]; ?> 45 46 <img src='<?php echo SITEURL; ?>content/admin_themes/<?php echo ADMIN_THEME; ?>images/inactive_16.png' alt=""> 47 <?php echo $h->lang["admin_theme_plugins_inactive"]; ?> 48 49 <img src='<?php echo SITEURL; ?>content/admin_themes/<?php echo ADMIN_THEME; ?>images/up_12.png' alt=""> 50 <?php echo $h->lang["admin_theme_plugins_order_up"]; ?> 51 52 <img src='<?php echo SITEURL; ?>content/admin_themes/<?php echo ADMIN_THEME; ?>images/down_12.png' alt=""> 53 <?php echo $h->lang["admin_theme_plugins_order_down"]; ?> 54 55 <img src='<?php echo SITEURL; ?>content/admin_themes/<?php echo ADMIN_THEME; ?>images/info_16.png' alt=""> 56 <?php echo $h->lang["admin_theme_plugins_details"]; ?> 57 58 <img src='<?php echo SITEURL; ?>content/admin_themes/<?php echo ADMIN_THEME; ?>images/uninstall_16.png' alt=""> 59 <?php echo $h->lang["admin_theme_plugins_uninstall"]; ?> 60 61 62 <!-- temporarily removed until we can maintain a plugin repository 63 <div class="plugin_management_right"> 64 <a href="<?php echo SITEURL ?>admin_index.php?page=plugin_search"> 65 <img src='<?php echo SITEURL; ?>content/admin_themes/<?php echo ADMIN_THEME; ?>images/search.png' alt=""> 66 <?php echo $h->lang["admin_theme_search"]; ?> 67 </a> 68 69 <a href="<?php echo SITEURL ?>admin_index.php?page=plugin_management&action=version_check"> 70 <img src='<?php echo SITEURL; ?>content/admin_themes/<?php echo ADMIN_THEME; ?>images/update_16.png' alt=""> 71 <?php echo $h->lang["admin_theme_check_latest_plugin_versions"]; ?> 72 </a> 73 </div> 74 --> 60 75 </span> 61 76 </td></tr> … … 79 94 $info_icon = 'info_16.png'; 80 95 $update = false; 81 if (isset($plug['latestversion'])) { if ($plug['latestversion'] > $plug['version']) {$update=true; $info_icon = 'info_green_16.png'; }} 96 /* temporarily removed until we can maintain a plugin repository 97 if (isset($plug['latestversion'])) { if ($plug['latestversion'] > $plug['version']) {$update=true; $info_icon = 'info_green_16.png'; }} */ 82 98 echo "<tr class='table_tr table_row_" . $alt % 2 . "'>\n"; 83 99 echo "<td class='table_active'>" . $plug['active'] . "</td>\n"; 84 100 echo "<td class='table_installed_plugin'>"; 85 101 if ($plug['settings']) { 86 echo "<a href='" . BASEURL . "admin_index.php?page=plugin_settings&plugin=" . $plug['folder'] . "' title='" . $h->lang["admin_theme_plugins_settings"] . "'>";102 echo "<a href='" . SITEURL . "admin_index.php?page=plugin_settings&plugin=" . $plug['folder'] . "' title='" . $h->lang["admin_theme_plugins_settings"] . "'>"; 87 103 echo $plug['name'] . " " . $plug['version'] . "</a></td>\n"; 88 104 } else { … … 91 107 echo "<td class='table_order'>" . $plug['order_output'] . "</td>\n"; 92 108 echo "<td class='table_uninstall'>\n"; 93 echo "<a class='table_drop_down' href='#'><img src='" . BASEURL . "content/admin_themes/" . ADMIN_THEME . "images/". $info_icon ."'></a>\n";109 echo "<a class='table_drop_down' href='#'><img src='" . SITEURL . "content/admin_themes/" . ADMIN_THEME . "images/". $info_icon ."'></a>\n"; 94 110 echo " " . $plug['install'] . "</td>\n"; 95 111 echo "</tr>\n"; … … 107 123 if (file_exists(PLUGINS . $plug['folder'] . "/readme.txt")) { 108 124 echo "<br />" . $h->lang["admin_theme_plugins_more_info"]; 109 echo ": <a href='" . BASEURL . "content/plugins/" . $plug['folder'] . "/readme.txt' title='" . $h->lang["admin_theme_plugins_readme"] . "'>";125 echo ": <a href='" . SITEURL . "content/plugins/" . $plug['folder'] . "/readme.txt' title='" . $h->lang["admin_theme_plugins_readme"] . "'>"; 110 126 echo $h->lang["admin_theme_plugins_readmetxt"] . "</a>"; 111 127 } 112 128 113 if ($update) echo "<br/><a href='" . BASEURL . "admin_index.php?page=plugin_management&action=update&plugin=". $plug['folder'] . "&version=" . $plug['latestversion'] . "' title=''>Update this plugin</a>";129 if ($update) { echo "<br/><a href='" . SITEURL . "admin_index.php?page=plugin_management&action=update&plugin=". $plug['folder'] . "&version=" . $plug['latestversion'] . "' title=''>Update this plugin</a>"; } 114 130 echo "</td>"; 115 131 echo "<td class='table_description_close'><a class='table_hide_details' href='#'>"; … … 130 146 <tr> 131 147 <td colspan=3><small> 132 <a href="<?php echo BASEURL; ?>admin_index.php?page=plugin_management&action=deactivate_all">148 <a href="<?php echo SITEURL; ?>admin_index.php?page=plugin_management&action=deactivate_all"> 133 149 <?php echo $h->lang["admin_theme_plugins_deactivate_all"]; ?></a> 134 150 | 135 <a href="<?php echo BASEURL; ?>admin_index.php?page=plugin_management&action=activate_all">151 <a href="<?php echo SITEURL; ?>admin_index.php?page=plugin_management&action=activate_all"> 136 152 <?php echo $h->lang["admin_theme_plugins_activate_all"]; ?></a> 137 153 </small></td> 138 154 <td colspan=2 style='text-align: right;'><small> 139 <a href="<?php echo BASEURL; ?>admin_index.php?page=plugin_management&action=uninstall_all">155 <a href="<?php echo SITEURL; ?>admin_index.php?page=plugin_management&action=uninstall_all"> 140 156 <?php echo $h->lang["admin_theme_plugins_uninstall_all"]; ?></a> 141 157 </small></td> … … 149 165 <span class='table_key'> 150 166 151 <img src='<?php echo BASEURL; ?>content/admin_themes/<?php echo ADMIN_THEME; ?>images/info_16.png' alt="">167 <img src='<?php echo SITEURL; ?>content/admin_themes/<?php echo ADMIN_THEME; ?>images/info_16.png' alt=""> 152 168 <?php echo $h->lang["admin_theme_plugins_details"]; ?> 153 169 154 <img src='<?php echo BASEURL; ?>content/admin_themes/<?php echo ADMIN_THEME; ?>images/install_16.png' alt="">170 <img src='<?php echo SITEURL; ?>content/admin_themes/<?php echo ADMIN_THEME; ?>images/install_16.png' alt=""> 155 171 <?php echo $h->lang["admin_theme_plugins_install"]; ?> 156 172 </span> … … 185 201 echo rtrim($requires, ', ') . "</span></td>\n"; 186 202 echo "<td class='table_install'>\n"; 187 echo "<a class='table_drop_down' href='#'><img src='" . BASEURL . "content/admin_themes/" . ADMIN_THEME . "images/". $info_icon ."'></a>\n";203 echo "<a class='table_drop_down' href='#'><img src='" . SITEURL . "content/admin_themes/" . ADMIN_THEME . "images/". $info_icon ."'></a>\n"; 188 204 echo " " . $plug['install'] . "</td>\n"; 189 205 echo "</tr>\n"; … … 196 212 if (file_exists(PLUGINS . $plug['folder'] . "/readme.txt")) { 197 213 echo "<br />" . $h->lang["admin_theme_plugins_more_info"]; 198 echo ": <a href='" . BASEURL . "content/plugins/" . $plug['folder'] . "/readme.txt' title='" . $h->lang["admin_theme_plugins_readme"] . "'>";214 echo ": <a href='" . SITEURL . "content/plugins/" . $plug['folder'] . "/readme.txt' title='" . $h->lang["admin_theme_plugins_readme"] . "'>"; 199 215 echo $h->lang["admin_theme_plugins_readmetxt"] . "</a>"; 200 216 } 201 if ($update) echo "<br/><a href='" . BASEURL . "admin_index.php?page=plugin_management&action=update&plugin=". $plug['folder'] . "&version=" . $plug['latestversion'] . "' title=''>Update this plugin</a>";217 if ($update) echo "<br/><a href='" . SITEURL . "admin_index.php?page=plugin_management&action=update&plugin=". $plug['folder'] . "&version=" . $plug['latestversion'] . "' title=''>Update this plugin</a>"; 202 218 echo "</td>\n"; 203 219 echo "<td class='table_description_close'><a class='table_hide_details' href='#'>"; … … 228 244 </div> 229 245 230 <div > 231 <br/><a href="<?php echo BASEURL ?>admin_index.php?page=plugin_management&action=version_check"><?php echo $h->lang["admin_theme_check_latest_plugin_versions"]; ?></a> 232 </div> 246 233 247 234 248 <?php $h->pluginHook('plugins_bottom'); ?> -
trunk/content/admin_themes/admin_default/plugin_settings.php
r1896 r2080 46 46 $sb_links = $h->pluginHook('admin_sidebar_plugin_settings'); 47 47 if ($sb_links) { 48 echo "<ul>\n"; 48 49 $sb_links = sksort($sb_links, $subkey="name", $type="char", true); 49 50 foreach ($sb_links as $plugin => $details) { 50 echo "<li><a href='" . BASEURL . "admin_index.php?page=plugin_settings&plugin=" . $details['plugin'] . "'>" . $details['name'] . "</a></li>";51 echo "<li><a href='" . SITEURL . "admin_index.php?page=plugin_settings&plugin=" . $details['plugin'] . "'>" . $details['name'] . "</a></li>"; 51 52 } 53 echo "</ul>\n"; 52 54 } 53 55 } -
trunk/content/admin_themes/admin_default/settings.php
r1896 r2080 35 35 <?php $h->showMessage(); ?> 36 36 37 <form id='settings_form' name='settings_form' action='<?php echo BASEURL; ?>admin_index.php?page=settings' method='post'>37 <form id='settings_form' name='settings_form' action='<?php echo SITEURL; ?>admin_index.php?page=settings' method='post'> 38 38 39 39 <table id="settings"> … … 51 51 { 52 52 if ($ls->settings_show == 'N') { continue; } // skip this row 53 if ($ls->settings_name == 'MULTI_SITE') { continue; } // hiding multi-site until later Hotaru version 54 //if ($ls->settings_name == 'MULTI_SITE' && SITEID !=1) { continue; } // skip this row 53 55 54 56 // replace underscores with spaces and make the first character of the setting name uppercase. … … 60 62 ?> 61 63 <tr> 62 <td><?php echo $name; ?>: </td> 64 <td> 65 <?php 66 if (strpos($name, 'CACHE')) {echo "<a href='" . SITEURL . "/admin_index.php?page=maintenance'>" . $name . "</a>"; } 67 elseif ($name == 'THEME') {echo "<a href='" . SITEURL . "admin_index.php?page=theme_settings&theme=" . $ls->settings_value . "'>" . $name . "</a>"; } 68 else 69 echo $name; 70 ?>: 71 </td> 63 72 <td> 64 73 <?php -
trunk/content/admin_themes/admin_default/theme_settings.php
r1896 r2080 37 37 <?php 38 38 $result = ''; 39 if ($theme) { 40 echo '<div id="admin_theme_theme_activate" class="power_on" name="'. $theme .'">' . make_name($theme, '-') . $h->lang['admin_theme_theme_activate'] . '</div><br/>'; 41 if (file_exists(THEMES . $theme . '/settings.php')) { 42 $meta = $h->readThemeMeta($theme); 39 if ($theme) 40 { 41 if ($theme == rtrim(THEME, '/')) { 42 $span = "current"; 43 $instruct = $h->lang['admin_theme_theme_activate_current']; 44 } else { 45 $span = "activate"; 46 $instruct = $h->lang['admin_theme_theme_activate']; 47 } 48 49 echo '<div id="admin_theme_theme_activate" class="power_on" name="'. $theme .'"><span class="' . $span . '">' . make_name($theme, '-') . $instruct . '</span></div><br/>'; 50 51 $no_settings = '<i>' . make_name($theme, '-') . $h->lang['admin_theme_theme_no_settings'] . '</i>'; 52 53 $meta = $h->readThemeMeta($theme); 54 if ($meta) { 43 55 foreach ($meta as $key => $value) { 44 56 if ($key != 'author') { … … 50 62 } 51 63 echo "<br /><br />"; 52 require_once(THEMES . $theme . '/settings.php'); 64 65 if (file_exists(THEMES . $theme . '/settings.php')) { 66 require_once(THEMES . $theme . '/settings.php'); 67 } else { 68 echo $no_settings; 69 } 53 70 } else { 54 echo '<i>' . make_name($theme, '-') . $h->lang['admin_theme_theme_no_settings'] . '</i>';71 echo $no_settings; 55 72 } 56 } else { 73 } 74 else 75 { 57 76 ?> 58 77 <h3><?php echo $h->lang["admin_theme_theme_settings"]; ?></h3> … … 63 82 $themes = sksort($themes, $subkey="name", $type="char", true); 64 83 foreach ($themes as $theme) { 65 echo "<li><a href='" . BASEURL . "admin_index.php?page=theme_settings&theme=" . $theme . "'>" . $theme . "</a></li>";84 echo "<li><a href='" . SITEURL . "admin_index.php?page=theme_settings&theme=" . $theme . "'>" . $theme . "</a></li>"; 66 85 } 67 86 } -
trunk/content/plugins
- Property svn:mergeinfo changed
/branches/1.4/content/plugins merged: 2033-2035,2037-2039,2042,2049-2050,2052-2054,2056,2059,2061-2064,2066-2068,2070,2075-2076
- Property svn:mergeinfo changed
-
trunk/content/plugins/bookmarking/bookmarking.php
r2032 r2080 3 3 * name: Bookmarking 4 4 * description: Social Bookmarking base - provides "list" and "post" templates. 5 * version: 0. 25 * version: 0.4 6 6 * folder: bookmarking 7 7 * class: Bookmarking 8 8 * type: base 9 * hooks: install_plugin, theme_index_top, header_meta, header_include, navigation, breadcrumbs, theme_index_main, admin_plugin_settings, admin_sidebar_plugin_settings, user_settings_pre_save, user_settings_fill_form, user_settings_extra_settings, theme_index_pre_main, profile_navigation, post_rss_feed_items , admin_theme_main_stats9 * hooks: install_plugin, theme_index_top, header_meta, header_include, navigation, breadcrumbs, theme_index_main, admin_plugin_settings, admin_sidebar_plugin_settings, user_settings_pre_save, user_settings_fill_form, user_settings_extra_settings, theme_index_pre_main, profile_navigation, post_rss_feed_items 10 10 * author: Nick Ramsay 11 11 * authorurl: http://hotarucms.org/member.php?1-Nick … … 295 295 296 296 // display the link in the navigation bar 297 echo "<li ><a " . $status . " href='" . $h->url(array('page'=>'popular')) . "'>" . $h->lang["bookmarking_top"] . "</a></li>\n";297 echo "<li " . $status . "><a href='" . $h->url(array('page'=>'popular')) . "'>" . $h->lang["bookmarking_top"] . "</a></li>"; 298 298 } 299 299 … … 302 302 303 303 // display the link in the navigation bar 304 echo "<li ><a " . $status . " href='" . $h->url(array('page'=>'latest')) . "'>" . $h->lang["bookmarking_latest"] . "</a></li>\n";304 echo "<li " . $status . "><a href='" . $h->url(array('page'=>'latest')) . "'>" . $h->lang["bookmarking_latest"] . "</a></li>"; 305 305 } 306 306 … … 675 675 $h->vars['post_rss_item'] = $item; 676 676 } 677 678 679 /**680 * Show stats on Admin home page681 */682 public function admin_theme_main_stats($h, $vars)683 {684 echo "<li> </li>";685 foreach ($vars as $key => $value) {686 echo "<li class='title'>" . $key . "</li>";687 foreach ($value as $stat_type) {688 $posts = $h->post->stats($h, $stat_type);689 if (!$posts) { $posts = 0; }690 $lang_name = 'bookmarking_admin_stats_' . $stat_type;691 echo "<li>" . $h->lang[$lang_name] . ": " . $posts . "</li>";692 }693 }694 }695 677 } 696 678 ?> -
trunk/content/plugins/bookmarking/css/bookmarking.css
r1896 r2080 4 4 5 5 #sort_box { font-size: 0.9em; margin-bottom: 1.0em;} 6 .sort_menu li { display: inline; margin: 0 0.3em 0 0.3em; padding: 0.2em;} 7 .sort_menu li.active { background-color: #f8f8f8; } 8 .sort_menu li.active a { color: #000; font-weight: bold; } 6 .sort_menu li { display: inline; margin: 0 0.3em 0 0.3em; padding: 0;} 7 .sort_menu li a, .sort_menu li.active a { padding: 0.2em; } 8 .sort_menu li.active { font-weight: bold; background-color: #262626; padding: 0.2em; } 9 .sort_menu li.active a {color: #fff; } 10 .sort_menu li a:hover { background-color: #262626; color: #fff; padding: 0.2em; } 9 11 10 12 /* ******* POST CSS ******** */ -
trunk/content/plugins/bookmarking/libs/BookmarkingFunctions.php
r2027 r2080 99 99 100 100 // if we want to count the totals, we need to replace the select clause with COUNT, but some queries that use MATCH and relevance are a bit complicated, 101 // so we'll let those plugins (e.g. search) add COUNT to their queries themselves and skip them here (which we can do by checking for MATCH). 102 if ($return == 'count' && (strpos($h->vars['select'], "MATCH") === false)) { $h->vars['select'] = "count(post_id) AS number"; } 101 // so we'll let those plugins (e.g. search) add COUNT to their queries themselves and skip them here (which we can do by checking if select is an array). 102 103 if ($return == 'count' && (!is_array($h->vars['select']))) { $h->vars['select'] = "count(post_id) AS number"; } 103 104 if ($return == 'query') { $all = true; } // this removes the "LIMIT" parameter so we can add it later when paginating. 104 105 … … 119 120 true 120 121 ); 121 122 122 123 if ($return == 'query') { 123 124 if (isset($prepare_array[1])) { -
trunk/content/plugins/bookmarking/readme.txt
r2027 r2080 14 14 Changelog 15 15 --------- 16 v.0.4 2010/07/20 - Nick - Edits to CSS for sort/filter links 17 v.0.3 2010/07/15 - Nick - Removed admin stats (moved to Post Manager) 16 18 v.0.2 2010/06/15 - Alan - Add settings to change default main page and default type of posts to show on lists page 17 19 v.0.1 2010/06/02 - Nick - Released first version (formerly SB Base) -
trunk/content/plugins/bookmarking/templates/bookmarking_sort_filter.php
r1896 r2080 35 35 <li <?php echo $h->vars['popular_active']; ?>> 36 36 <a href="<?php echo $h->vars['popular_link']; ?>"> 37 <?php echo $h->lang["bookmarking_sort_recently_popular"]; ?></a> 38 </li> 37 <?php echo $h->lang["bookmarking_sort_recently_popular"]; ?></a></li> 39 38 40 39 <li <?php echo $h->vars['upcoming_active']; ?>> 41 40 <a href="<?php echo $h->vars['upcoming_link']; ?>"> 42 <?php echo $h->lang["bookmarking_sort_upcoming"]; ?></a> 43 </li> 41 <?php echo $h->lang["bookmarking_sort_upcoming"]; ?></a></li> 44 42 45 43 <li <?php echo $h->vars['latest_active']; ?>> 46 44 <a href="<?php echo $h->vars['latest_link']; ?>"> 47 <?php echo $h->lang["bookmarking_sort_latest"]; ?></a> 48 </li> 45 <?php echo $h->lang["bookmarking_sort_latest"]; ?></a></li> 49 46 50 47 <li <?php echo $h->vars['all_active']; ?>> 51 48 <a href="<?php echo $h->vars['all_link']; ?>"> 52 <?php echo $h->lang["bookmarking_sort_all"]; ?></a> 53 </li> 49 <?php echo $h->lang["bookmarking_sort_all"]; ?></a></li> 54 50 55 51 … … 59 55 <li <?php echo $h->vars['top_24_hours_active']; ?>> 60 56 <a href="<?php echo $h->vars['24_hours_link']; ?>"> 61 <?php echo $h->lang["bookmarking_sort_top_1_day"]; ?></a> 62 </li> 57 <?php echo $h->lang["bookmarking_sort_top_1_day"]; ?></a></li> 63 58 64 59 <!-- Doesn't fit in the default theme 65 60 <li <?php echo $h->vars['top_48_hours_active']; ?>> 66 61 <a href="<?php echo $h->vars['48_hours_link']; ?>"> 67 <?php echo $h->lang["bookmarking_sort_top_2_days"]; ?></a> 68 </li> 62 <?php echo $h->lang["bookmarking_sort_top_2_days"]; ?></a></li> 69 63 --> 70 64 71 65 <li <?php echo $h->vars['top_7_days_active']; ?>> 72 66 <a href="<?php echo $h->vars['7_days_link']; ?>"> 73 <?php echo $h->lang["bookmarking_sort_top_7_days"]; ?></a> 74 </li> 67 <?php echo $h->lang["bookmarking_sort_top_7_days"]; ?></a></li> 75 68 76 69 <li <?php echo $h->vars['top_30_days_active']; ?>> 77 70 <a href="<?php echo $h->vars['30_days_link']; ?>"> 78 <?php echo $h->lang["bookmarking_sort_top_30_days"]; ?></a> 79 </li> 71 <?php echo $h->lang["bookmarking_sort_top_30_days"]; ?></a></li> 80 72 81 73 <li <?php echo $h->vars['top_365_days_active']; ?>> 82 74 <a href="<?php echo $h->vars['365_days_link']; ?>"> 83 <?php echo $h->lang["bookmarking_sort_top_365_days"]; ?></a> 84 </li> 75 <?php echo $h->lang["bookmarking_sort_top_365_days"]; ?></a></li> 85 76 86 77 <li <?php echo $h->vars['top_all_time_active']; ?>> 87 78 <a href="<?php echo $h->vars['all_time_link']; ?>"> 88 <?php echo $h->lang["bookmarking_sort_top_all_time"]; ?></a> 89 </li> 79 <?php echo $h->lang["bookmarking_sort_top_all_time"]; ?></a></li> 90 80 91 81 </ul> -
trunk/content/plugins/categories/categories.php
r2027 r2080 3 3 * name: Categories 4 4 * description: Enables categories for posts 5 * version: 1. 75 * version: 1.9 6 6 * folder: categories 7 7 * class: Categories … … 52 52 $h->vars['category_name'] = $h->getCatName($category); 53 53 $h->vars['category_safe_name'] = $h->getCatSafeName($category); 54 $h->vars['category_parent'] = $h->getCatParent($category); 54 55 } else { 55 56 // category should be a safe name 56 57 $h->vars['category_id'] = $h->getCatId($category); 57 $h->vars['category_name'] = $h->getCatName(0, $category); 58 $h->vars['category_safe_name'] = $category; 58 $h->vars['category_name'] = $h->getCatName($h->vars['category_id']); 59 $h->vars['category_safe_name'] = $h->getCatSafeName($h->vars['category_id']); 60 $h->vars['category_parent'] = $h->getCatParent($h->vars['category_id']); 59 61 } 60 62 $h->pageTitle = $h->vars['category_name']; … … 71 73 the first one is the page name. Let's see if it's a category safe name... */ 72 74 $sql = "SELECT category_id, category_name FROM " . TABLE_CATEGORIES . " WHERE category_safe_name = %s LIMIT 1"; 73 $exists = $h->db->get_row($h->db->prepare($sql, $h->pageName));75 $exists = $h->db->get_row($h->db->prepare($sql, urlencode($h->pageName))); 74 76 if ($exists) { 75 77 $h->vars['category_id'] = $exists->category_id; … … 125 127 126 128 $sql = "SELECT category_id FROM " . TABLE_CATEGORIES . " WHERE category_safe_name = %s LIMIT 1"; 127 $exists = $h->db->get_var($h->db->prepare($sql, $key));129 $exists = $h->db->get_var($h->db->prepare($sql, urlencode($key))); 128 130 129 131 // no category? exit... … … 229 231 if ($h->subPage == 'category') // the pageType is "list" 230 232 { 231 $parent_id = $h-> getCatParent($h->vars['category_id']);233 $parent_id = $h->vars['category_parent']; 232 234 if ($parent_id > 1) { 233 235 $parent_name = $h->getCatName($parent_id); … … 244 246 elseif ($h->pageType == 'post') // the pageName is the post slug (post_url) 245 247 { 246 $parent_id = $h->getCatParent($h->post->category); 248 249 if (isset($h->vars['category_parent'])) { 250 $parent_id = $h->vars['category_parent']; // assigned to $h->vars in header_end function 251 } else { 252 $parent_id = $h->getCatParent($h->post->category); 253 } 254 255 $parent_id = $h->getCatParent($h->post->category); 247 256 if ($parent_id > 1) { 248 257 $parent_name = $h->getCatName($parent_id); … … 299 308 $h->smartCache('on', 'categories', 60, $query); // start using cache 300 309 $categories = $h->db->get_results($query); 310 311 if ($h->pageType == 'post') { 312 // for showing the category tab as active when looking at a post: 313 $h->vars['category_id'] = $h->post->category; 314 $h->vars['category_parent'] = $h->getCatParent($h->post->category); 315 } 301 316 302 317 if($categories) … … 382 397 383 398 $active = ''; 384 if (isset($h->vars['category_id']) && ($h->vars['category_id'] == $category->category_id)) { 385 $active = " class='active_cat'"; 399 400 // give active status to highest parent tab 401 if (isset($h->vars['category_id'])) 402 { 403 // is this already a parent catgeory? Make the tab active: 404 if (($h->vars['category_id'] == $category->category_id) 405 && ($category->category_parent == 1)) { 406 $active = " class='active_cat'"; 407 } 408 // is this a child category? If so, make the parent tab active: 409 elseif ($h->vars['category_parent'] == $category->category_id) { 410 $active = " class='active_cat'"; 411 } 386 412 } 387 413 -
trunk/content/plugins/categories/css/categories.css
r1896 r2080 5 5 /*Category Navigation*/ 6 6 7 #category_bar {8 /*9 background: #f4f4f4;10 border-left: 1px solid #e4e4e4;11 border-bottom: 1px solid #e4e4e4;12 */13 width: 100%;14 height: 2.7em;15 margin: 0px 0 0px;16 padding: 0px;17 }18 19 7 #category_bar, #category_bar ul { 20 8 margin: 0px; 21 9 padding: 0px; 22 list-style: none; 23 10 list-style: none; 11 z-index: 1; 24 12 } 25 13 26 14 #category_bar a, #category_bar a:visited { 27 background: #f4f4f4;28 color: #000;29 15 display: block; 30 font-weight: bold; 31 margin: 0px 0px 0px 0px; 32 padding: 0.63em 0.7em 0.63em 0.7em; 33 border-bottom: 1px solid #e4e4e4; 34 border-right: 1px solid #e4e4e4; 16 margin: 0; 17 padding: 0.3em 0.7em; 35 18 } 36 19 37 20 #category_bar a:hover { 38 background : #000;21 background-color: #262626; 39 22 color: #fff; 40 23 display: block; 41 24 text-decoration: none; 42 margin: 0px 0px 0px 0px;43 padding: 0. 63em 0.7em 0.63em 0.7em;25 margin: 0; 26 padding: 0.3em 0.7em; 44 27 } 45 28 … … 48 31 margin: 0px; 49 32 padding: 0px; 50 33 z-index: 1; 51 34 } 52 35 … … 60 43 #category_bar li li a, #category_bar li li a:link, #category_bar li li a:visited { 61 44 background: #f4f4f4; 62 color: #000;63 45 width: 160px; 64 46 float: none; 65 47 margin: 0 0 0 -1px; 66 padding: 0.63em 0.7em 0.63em 0.7em; 67 border-bottom: 1px solid #e4e4e4; 68 border-left: 1px solid #e4e4e4; 69 border-right: 1px solid #e4e4e4; 48 padding: 0.3em 0.7em; 49 border-bottom: 1px solid #fff; 50 border-right: 1px solid #fff; 70 51 } 71 52 72 53 #category_bar li li a:hover, #category_bar li li a:active { 73 background: # 000;54 background: #262626; 74 55 color: #fff; 75 56 } -
trunk/content/plugins/categories/readme.txt
r2027 r2080 13 13 Changelog 14 14 --------- 15 v.1.9 2010/07/30 - Nick - Parent category tab gets active status when viewing sub category or post. 16 v.1.8 2010/07/27 - Nick - Fix for url friendly post pages breaking with non-alphanumeric category safe names. 15 17 v.1.7 2010/06/07 - Nick - Applied htmlentities to ampersands in posts, i.e. "posted in Food & Drink" 16 18 v.1.6 2010/05/22 - Nick - Fix for home page title tags and moved Category RSS from SB Base into this plugin -
trunk/content/plugins/categories/templates/category_bar.php
r1896 r2080 28 28 29 29 <div id="category_bar"> 30 <ul> 31 <?php $h->pluginHook('category_bar_start'); ?> 32 <?php echo $h->vars['output']; ?> 33 <?php $h->pluginHook('category_bar_end'); ?> 34 </ul> 35 </div> 30 <ul> 31 <?php $h->pluginHook('category_bar_start'); ?> 32 <?php echo $h->vars['output']; ?> 33 <?php $h->pluginHook('category_bar_end'); ?> 34 </ul> 35 </div> 36 36 37 <div class="clear"></div> -
trunk/content/plugins/comments/comments.php
r2032 r2080 3 3 * name: Comments 4 4 * description: Enables logged-in users to comment on posts 5 * version: 2. 25 * version: 2.5 6 6 * folder: comments 7 7 * class: Comments … … 361 361 362 362 $this->checkCommentDetails($h); 363 364 if ($h->currentUser->getPermission('can_access_admin') == 'yes') { 365 echo "<ul id='post_comments_admin'>"; 366 if ($h->currentUser->getPermission('can_comment_manager_settings') == 'yes') { 367 echo "<li id='comment_manager_link'><a href='" . $h->url(array('page'=>'plugin_settings', 'plugin'=>'comment_manager'), 'admin') . "'>" . $h->lang['comments_access_comment_manager'] . "</a></li>"; 368 } 369 370 $h->pluginHook('comments_post_last_form'); 371 372 echo "</ul>"; 373 } 363 374 } 364 375 … … 488 499 $h->vars['subscribe'] = ($h->comment->subscribe) ? 'checked' : ''; 489 500 $h->displayTemplate('comment_form', 'comments', false); 490 491 $h->pluginHook('comments_post_last_form');492 493 if ($h->currentUser->getPermission('can_comment_manager_settings') == 'yes') {494 echo "<a id='comment_manager_link' href='" . $h->url(array('page'=>'plugin_settings', 'plugin'=>'comment_manager'), 'admin') . "'>";495 echo $h->lang['comments_access_comment_manager'] . "</a>";496 }497 501 } 498 502 … … 808 812 public function admin_theme_main_stats($h, $vars) 809 813 { 810 echo "<li> </li>"; 814 $c = new Comment(); 815 $stats = $c->stats($h); 816 $stats_archived = $c->stats($h, 'archived'); 817 818 echo "<li> </li>"; 819 if ($stats) { 820 foreach ($stats as $stat) { 821 $comments[$stat[0]] = $stat[1]; 822 } 823 } 824 825 if (isset($vars) && (!empty($vars))) { 811 826 foreach ($vars as $key => $value) { 812 echo "<li class='title'>" . $key . "</li>"; 813 foreach ($value as $stat_type) { 814 require_once(LIBS . 'Comment.php'); 815 $c = new Comment(); 816 $comments = $c->stats($h, $stat_type); 817 if (!$comments) { $comments = 0; } 818 $lang_name = 'comments_admin_stats_' . $stat_type; 819 echo "<li>" . $h->lang[$lang_name] . ": " . $comments . "</li>"; 820 } 827 $key_lang = 'comments_admin_stats_' . $key; 828 echo "<li class='title'>" . $h->lang[$key_lang] . "</li>"; 829 foreach ($value as $stat_type) { 830 if (isset($value) && !empty($value)) { 831 832 switch ($stat_type) { 833 case 'all': 834 if (isset($comments)) { $comment_count = array_sum($comments); } else { $comment_count = 0; } 835 break; 836 case 'archived': 837 if (isset($stats_archived)) { $comment_count = $stats_archived; } else { $comment_count = 0; } 838 break; 839 default: 840 if (isset($comments[$stat_type])) { $comment_count = $comments[$stat_type]; } else { $comment_count = 0; } 841 break; 842 } 843 844 if (!defined('SITEURL')) { define('SITEURL', BASEURL); } 845 846 $link = ""; 847 $dontlink = array('archived'); 848 if ($h->isActive('comment_manager')) { 849 if (!in_array($stat_type, $dontlink)) { 850 $link = SITEURL . "admin_index.php?comment_status_filter=$stat_type&plugin=comment_manager&page=plugin_settings&type=filter&csrf=" . $h->csrfToken; 851 } 852 } 853 854 $lang_name = 'comments_admin_stats_' . $stat_type; 855 echo "<li>"; 856 if ($link) { echo "<a href='" . $link . "'>"; } 857 echo $h->lang[$lang_name] . ": " . $comment_count; 858 if ($link) { echo "</a>"; } 859 echo "</li>"; 860 } 861 } 821 862 } 863 } 822 864 } 823 865 -
trunk/content/plugins/comments/css/comments.css
r1896 r2080 5 5 .comment_edit_link { padding-left: 1.9em; padding-top:0.1em; background-image: url(../../../content/plugins/comments/images/edit.png); background-repeat: no-repeat; background-position: 0 0;} 6 6 .comment_reply_wrapper a:hover { background-position: 0 -32px;} 7 8 7 9 8 .comments_wrapper h2 { … … 16 15 17 16 .comment { 18 background-color: #f afafa;17 background-color: #fff; 19 18 margin-top: 1.0em; 20 border: 2pt solid #ddd;19 border: 0; 21 20 } 22 21 23 22 .comment_reply_wrapper { 24 25 26 27 23 padding-bottom:1em; 24 padding-top: 0.8em; 25 text-align:right; 26 margin-right: 0.6em; 28 27 } 29 28 30 29 .comment_reply_link, .comment_edit_link { 31 /* padding: 0.2em 0.4em 0.2em 0.4em; */ 32 font-size: 8pt; 33 text-decoration: none; 34 color:#444444; 35 font-weight:bold; 30 font-size: 8pt; 31 text-decoration: none; 32 color:#444444; 33 font-weight:bold; 36 34 } 37 35 38 36 .comment_author { 39 37 40 38 } 41 39 … … 60 58 } 61 59 62 # comment_manager_link{60 #post_comments_admin { 63 61 float: right; 64 text-align: right; 62 text-align: right; 63 } 64 65 #post_comments_admin li { 66 padding: 0; 65 67 } 66 68 67 69 .comment_header { 68 border-bottom:solid 1pt #ddd; 69 border-top:solid 1pt #ddd; 70 padding: 0.4em; 71 background-color: #eee; 72 margin-bottom: 0.4em; 73 height:16px; 74 display:block; 70 border: 1px solid #d0d0d0; 71 padding: 0.4em; 72 background-color: #f9f9f9; 73 margin-bottom: 0.4em; 74 height:16px; 75 display:block; 75 76 } 76 77 77 78 .comment_content { 78 79 80 79 margin: 0.6em 0 0 0.8em; 80 overflow: hidden; 81 width: 96%; 81 82 } 82 83 83 84 .comment_header_left { 84 85 85 float:left; 86 width: 70%; 86 87 } 87 88 -
trunk/content/plugins/comments/languages/comments_language.php
r2032 r2080 111 111 112 112 /* Admin Stats */ 113 $lang["comments_admin_stats_total_comments"] = "Total"; 114 $lang["comments_admin_stats_approved_comments"] = "Approved"; 115 $lang["comments_admin_stats_pending_comments"] = "Pending"; 116 $lang["comments_admin_stats_archived_comments"] = "Archived"; 113 $lang["comments_admin_stats_comments"] = "Comments"; 114 $lang["comments_admin_stats_all"] = "Total"; 115 $lang["comments_admin_stats_approved"] = "Approved"; 116 $lang["comments_admin_stats_pending"] = "Pending"; 117 $lang["comments_admin_stats_archived"] = "Archived"; 117 118 118 119 /* Email to comment subscribers */ -
trunk/content/plugins/comments/readme.txt
r2027 r2080 15 15 Changelog 16 16 --------- 17 v.2.5 2010/07/24 - Nick - Moved "comments_post_last_form" plugin hook 18 v.2.4 2010/07/20 - Nick - Edits to CSS for comments 19 v.2.3 2010/07/15 - Nick - Reimplemented admin stats 17 20 v.2.2 2010/07/07 - Nick - Fix for page load continuing after displaying the RSS feed 18 21 v.2.1 2010/05/23 - Nick - Removed the requirement to have SB Base installed. -
trunk/content/plugins/comments/templates/comment_form.php
r1896 r2080 37 37 <form name='comment_form' action='<?php echo $h->url(array('page' => $h->post->id)); ?>' method='post' onsubmit="document.getElementById('comment_submit_<?php echo $h->comment->id; ?>').disabled = true; return true;"> 38 38 <textarea name="comment_content" id="comment_content_<?php echo $h->comment->id; ?>" rows="6" cols="50"></textarea><br /> 39 <div class="comment_instructions">< ?php echo $h->lang['comments_form_allowable_tags']; ?><?php echo htmlentities($h->comment->allowableTags); ?></div>39 <div class="comment_instructions"><small><?php echo $h->lang['comments_form_allowable_tags']; ?><?php echo htmlentities($h->comment->allowableTags); ?></small></div> 40 40 <div class="comment_subscribe"><input id="comment_subscribe" name="comment_subscribe" type="checkbox" <?php echo $h->vars['subscribe']; ?> /> <?php echo $h->lang['comments_form_subscribe']; ?><?php if ($h->vars['subscribe']) { echo " <small>(" . $h->lang['comments_form_unsubscribe'] . ")</small>"; } ?></div> 41 41 <div class="comment_extras"><?php echo $h->pluginHook('comment_form_extras'); ?> -
trunk/content/plugins/post_manager/languages/post_manager_language.php
r2027 r2080 74 74 $lang["post_man_flagged_reasons"] = "Posts from this user are: "; 75 75 76 76 $lang["post_man_admin_stats_posts"] = "Posts"; 77 77 $lang["post_man_admin_stats_all"] = "Total"; 78 78 $lang["post_man_admin_stats_approved"] = "Approved"; -
trunk/content/plugins/post_manager/post_manager.php
r2032 r2080 3 3 * name: Post Manager 4 4 * description: Manage posts. 5 * version: 0. 85 * version: 0.9 6 6 * folder: post_manager 7 7 * class: PostManager 8 * hooks: hotaru_header, install_plugin, admin_header_include, admin_plugin_settings, admin_sidebar_plugin_settings, user_manager_role, user_manager_details 8 * hooks: hotaru_header, install_plugin, admin_header_include, admin_plugin_settings, admin_sidebar_plugin_settings, user_manager_role, user_manager_details, admin_theme_main_stats 9 9 * author: Nick Ramsay 10 10 * authorurl: http://hotarucms.org/member.php?1-Nick … … 90 90 } 91 91 } 92 93 94 /** 95 * Show stats on Admin home page 96 */ 97 public function admin_theme_main_stats($h, $vars) 98 { 99 $stats = $h->post->stats($h); 100 $stats_archived = $h->post->stats($h, 'archived'); 101 102 echo "<li> </li>"; 103 if ($stats) { 104 foreach ($stats as $stat) { 105 $posts[$stat[0]] = $stat[1]; 106 } 107 } 108 109 if (isset($vars) && (!empty($vars))) { 110 foreach ($vars as $key => $value) { 111 $key_lang = 'post_man_admin_stats_' . $key; 112 echo "<li class='title'>" . $h->lang[$key_lang] . "</li>"; 113 foreach ($value as $stat_type) { 114 if (isset($value) && !empty($value)) { 115 116 switch ($stat_type) { 117 case 'all': 118 if(isset($posts)) { $post_count = array_sum($posts); } else { $post_count = 0; } 119 break; 120 case 'approved': 121 $post_count = 0; 122 $array = array('top', 'new'); 123 foreach ($array as $item) { 124 if (isset($posts[$item])) { $post_count += $posts[$item]; } 125 } 126 break; 127 case 'archived' : 128 if (isset($stats_archived)) { $post_count = $stats_archived; } else { $post_count = 0; } 129 break; 130 default: 131 if (isset($posts[$stat_type])) { $post_count = $posts[$stat_type]; } else { $post_count = 0; } 132 break; 133 } 134 135 if (!defined('SITEURL')) { define('SITEURL', BASEURL); } 136 137 $link = ""; 138 $dontlink = array('archived'); 139 if (!in_array($stat_type, $dontlink)) { 140 $link = SITEURL . "admin_index.php?post_status_filter=$stat_type&plugin=post_manager&page=plugin_settings&type=filter&csrf=" . $h->csrfToken; 141 } 142 143 $lang_name = 'post_man_admin_stats_' . $stat_type; 144 echo "<li>"; 145 if ($link) { echo "<a href='" . $link . "'>"; } 146 echo $h->lang[$lang_name] . ": " . $post_count; 147 if ($link) { echo "</a>"; } 148 echo "</li>"; 149 } 150 } 151 } 152 } 153 } 92 154 } 93 155 -
trunk/content/plugins/post_manager/readme.txt
r2027 r2080 14 14 Changelog 15 15 --------- 16 v.0.9 2010/07/15 - shibuya246 - Admin stats moved here from Bookmarking 16 17 v.0.8 2010/06/23 - Nick - Hid edit and source links for Journal (blog) entries because they don't apply 17 18 v.0.7 2010/05/27 - Nick - Removed need for SB Base, and added a "check all" checkbox -
trunk/content/plugins/posts_widget/languages/posts_widget_language.php
r1896 r2080 1 <?php 2 /** 3 * POSTS WIDGET LANGUAGE 4 * 5 * PHP version 5 6 * 7 * LICENSE: Hotaru CMS is free software: you can redistribute it and/or 8 * modify it under the terms of the GNU General Public License as 9 * published by the Free Software Foundation, either version 3 of 10 * the License, or (at your option) any later version. 11 * 12 * Hotaru CMS is distributed in the hope that it will be useful, but WITHOUT 13 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 14 * FITNESS FOR A PARTICULAR PURPOSE. 15 * 16 * You should have received a copy of the GNU General Public License along 17 * with Hotaru CMS. If not, see http://www.gnu.org/licenses/. 18 * 19 * @category Content Management System 20 * @package HotaruCMS 21 * @author Nick Ramsay <admin@hotarucms.org> 22 * @copyright Copyright (c) 2009, Hotaru CMS 23 * @license http://www.gnu.org/copyleft/gpl.html GNU General Public License 24 * @link http://www.hotarucms.org/ 25 */ 1 <?php /* posts widget language */ 2 3 /* Posts Widget Settings */ 4 $lang['posts_widget_settings_header'] = "Posts Widget Settings"; 5 $lang["posts_widget_settings_items"] = "Number of items to show <small>(default: 10)</small>"; 6 $lang["posts_widget_settings_length"] = "Max post title length <small>(default: 0 - not truncated)</small>"; 7 $lang["posts_widget_settings_widgets_desc"] = "Check the widgets you want available on the Widgets page:"; 26 8 27 9 /* Posts Widget Feed */ -
trunk/content/plugins/posts_widget/posts_widget.php
r1896 r2080 3 3 * name: Posts Widget 4 4 * description: Adds links in widgets to the latest posts and top stories on the site. 5 * version: 1. 35 * version: 1.5 6 6 * folder: posts_widget 7 7 * class: PostsWidget 8 8 * requires: widgets 0.6, bookmarking 0.1 9 * hooks: install_plugin, hotaru_header, header_include9 * hooks: install_plugin, admin_sidebar_plugin_settings, admin_plugin_settings, hotaru_header, header_include 10 10 * author: Nick Ramsay 11 11 * authorurl: http://hotarucms.org/member.php?1-Nick … … 40 40 public function install_plugin($h) 41 41 { 42 // Plugin settings 43 $pw_settings = $h->getSerializedSettings(); 44 if (!isset($pw_settings['items'])) { $pw_settings['items'] = 10; } 45 if (!isset($pw_settings['length'])) { $pw_settings['length'] = 0; } 46 47 // for adding or removing from the Widgets page: 48 $widgets['posts_widget_top'] = 'checked'; 49 $widgets['posts_widget_latest'] = 'checked'; 50 $widgets['posts_widget_upcoming'] = 'checked'; 51 $widgets['posts_widget_day'] = 'checked'; 52 $widgets['posts_widget_week'] = 'checked'; 53 $widgets['posts_widget_month'] = 'checked'; 54 $widgets['posts_widget_year'] = 'checked'; 55 $widgets['posts_widget_all-time'] = 'checked'; 56 57 if (!isset($pw_settings['widgets'])) { $pw_settings['widgets'] = $widgets; } 58 59 $h->updateSetting('posts_widget_settings', serialize($pw_settings)); 60 42 61 // Widgets: 43 62 // plugin name, function name, optional arguments … … 168 187 * return array $posts 169 188 */ 170 public function getPostsWidget($h, $type, $custom = true, $limit = 10) 171 { 189 public function getPostsWidget($h, $type, $custom = true, $limit = 0) 190 { 191 if (!$limit) { 192 $pw_settings = $h->getSerializedSettings('posts_widget', 'posts_widget_settings'); 193 $limit = (isset($pw_settings['items'])) ? $pw_settings['items'] : 10; 194 } 195 172 196 $h->vars['limit'] = $limit; 173 197 $posts = ''; … … 239 263 $need_cache = true; 240 264 } 241 265 266 // get max post title length 267 $pw_settings = $h->getSerializedSettings('posts_widget', 'posts_widget_settings'); 268 $length = (isset($pw_settings['length'])) ? $pw_settings['length'] : 0; 269 270 // determine if we should show vote counts before titles... 242 271 $vote_settings = $h->getSerializedSettings('vote', 'vote_settings'); 243 272 $widget_votes = $vote_settings['posts_widget']; … … 262 291 } 263 292 $item_title = stripslashes(html_entity_decode(urldecode($item->post_title), ENT_QUOTES,'UTF-8')); 293 if ($length) { 294 $item_title = truncate($item_title, $length); 295 } 264 296 $output .= "<a href='" . $h->url(array('page'=>$item->post_id)) . "' title='" . urldecode($item->post_domain) . "'>\n" . $item_title . "\n</a></div>\n"; 265 297 $output .= "</li>\n"; -
trunk/content/plugins/posts_widget/readme.txt
r1896 r2080 16 16 Changelog 17 17 --------- 18 v.1.5 2010/07/31 - Nick - Added settings for number of items, item length, and remove unwanted widgets 19 v.1.4 2010/07/24 - Nick - Set number of posts by editing $limit at the top of posts_widget.php 18 20 v.1.3 2010/05/26 - Nick - Updated for compatibility with the Bookmarking plugin 19 21 v.1.2 2010/04/14 - Nick - Top stories page name changed from "index" to "popular" -
trunk/content/plugins/search/readme.txt
r1896 r2080 21 21 Changelog 22 22 --------- 23 v.1.2 2010/07/29 - Nick - Fixes for searching non-alphanumeric phrases 23 24 v.1.1 2010/05/22 - Nick - Moved Search RSS from SB Base into this plugin 24 25 v.1.0 2010/04/24 - Nick - Set $h->pageName to "search" on search results page -
trunk/content/plugins/search/search.php
r1896 r2080 3 3 * name: Search 4 4 * description: Displays "Search!" 5 * version: 1. 15 * version: 1.2 6 6 * folder: search 7 7 * class: Search … … 127 127 128 128 $search_terms_clean = ''; 129 $full_ index = true; // Do a full index(better) search if all terms are longer than 3 characters129 $full_text = true; // Do a full text (better) search if all terms are longer than 3 characters 130 130 foreach($search_terms as $search_term) { 131 131 132 if ($this->isStopword($search_term)) { 132 133 continue; // don't include this in $search_terms_clean 133 134 } 135 134 136 if (strlen(trim($search_term)) < 4) { 135 $full_index = false; 136 } 137 if ($this->isStopword($search_term) == false) { 138 $search_terms_clean .= trim($h->db->escape($search_term)) . " "; 139 } 137 $full_text = false; 138 } 139 140 $search_term = trim($h->db->escape($search_term)); 141 142 // if the urlencoded term contains a percent sign, we can't use a full text search 143 if (strpos(urlencode($search_term), '%') !== false) { 144 $full_text = false; 145 } 146 147 $search_terms_clean .= $search_term . " "; 140 148 } 141 149 … … 147 155 $h->vars['filter']['(post_status = %s OR post_status = %s)'] = array('top', 'new'); 148 156 149 if ($full_index) { 150 if ($return == 'count') { $select = "count(*) AS number "; } else { $select = "*"; }151 $h->vars['select'] = $select . ", MATCH(post_title, post_domain, post_url, post_content, post_tags) AGAINST ('" . $search_terms_clean . "') AS relevance";157 $select = ($return == 'count') ? "count(*) AS number " : "*"; 158 if ($full_text) { 159 $h->vars['select'] = array($select . ", MATCH(post_title, post_domain, post_url, post_content, post_tags) AGAINST (%s) AS relevance" => trim($search_terms_clean)); 152 160 $h->vars['orderby'] = "relevance DESC"; 153 $h->vars['filter']["MATCH (post_title, post_domain, post_url, post_content, post_tags) AGAINST (%s IN BOOLEAN MODE)"] = $search_terms_clean;161 $h->vars['filter']["MATCH (post_title, post_domain, post_url, post_content, post_tags) AGAINST (%s IN BOOLEAN MODE)"] = trim($search_terms_clean); 154 162 } else { 155 if ($return == 'count') { $select = "count(*) AS number "; } else { $select = "*"; }156 163 $h->vars['select'] = $select; 157 164 $h->vars['orderby'] = "post_date DESC"; … … 183 190 if ($word) { 184 191 $query .= $column . " LIKE %s OR "; 185 array_push($h->vars['filter_vars'], "%" . urlencode(" " . trim($h->db->escape($word)) . " ") . "%"); 192 $search_term = urlencode(" " . trim($h->db->escape($word)) . " "); 193 // escape all percent signs for use in LIKE query: 194 $search_term = str_replace('%', '\%', $search_term); 195 array_push($h->vars['filter_vars'], "%" . $search_term . "%"); 186 196 } 187 197 } -
trunk/content/plugins/submit/libs/SubmitFunctions.php
r2027 r2080 341 341 public function checkErrors1($h, $key = '') 342 342 { 343 343 // check user is logged in 344 if (!$h->currentUser->loggedIn) { 345 // Redirect to login page 346 $url = $h->vars['submitted_data']['submit_orig_url']; 347 if ($url) { 348 $return = urlencode(BASEURL . 'index.php?page=submit&url=' . $url); 349 header("Location: " . BASEURL . 'index.php?page=login&return=' . $return); 350 } else { 351 $return = urlencode($h->url(array('page'=>'submit'))); 352 header("Location: " . $h->url(array('page'=>'login', 'return'=>$return))); 353 } 354 die(); exit; 355 } 356 344 357 if (!$key) { 345 358 // Nothing submitted … … 348 361 return true; // error found 349 362 } 350 363 351 364 // check user has permission to post 352 365 if ($h->currentUser->getPermission('can_submit') == 'no') { … … 442 455 public function checkErrors2($h, $key = '') 443 456 { 457 // check user is logged in 458 if (!$h->currentUser->loggedIn) { 459 // Redirect to login page 460 $url = $h->vars['submitted_data']['submit_orig_url']; 461 if ($url) { 462 $return = urlencode(BASEURL . 'index.php?page=submit&url=' . $url); 463 header("Location: " . BASEURL . 'index.php?page=login&return=' . $return); 464 } else { 465 $return = urlencode($h->url(array('page'=>'submit'))); 466 header("Location: " . $h->url(array('page'=>'login', 'return'=>$return))); 467 } 468 die(); exit; 469 } 470 444 471 // check user has permission to post 445 472 if ($h->currentUser->getPermission('can_submit') == 'no') { -
trunk/content/plugins/submit/readme.txt
r2027 r2080 13 13 Changelog 14 14 --------- 15 v.3.1 2010/08/01 - Nick - Fixed an undefined index error and truncated source urls to prevent sidebar overlap 16 v.3.0 2010/07/20 - Nick - Redirects logged out users to the login page and returns them to submit step 2 17 Nick - Fix for truncated titles and French accents on submit step 2 15 18 v.2.9 2010/07/10 - Nick - CSS Fixes for form item widths. 16 19 v.2.8 2010/05/22 - Nick - Removed requirement to have SB Base installed -
trunk/content/plugins/submit/submit.php
r2027 r2080 3 3 * name: Submit 4 4 * description: Social Bookmarking submit - Enables post submission 5 * version: 2.95 * version: 3.1 6 6 * folder: submit 7 7 * class: Submit … … 126 126 return false; 127 127 } 128 129 // check user has permission to post. Exit if not.128 129 // check user is logged in and has permission to post. Exit if not. 130 130 $h->vars['posting_denied'] = false; 131 if ($h->currentUser-> getPermission('can_submit') == 'no') {131 if ($h->currentUser->loggedIn && $h->currentUser->getPermission('can_submit') == 'no') { 132 132 // No permission to submit 133 133 $h->messages[$h->lang['submit_no_post_permission']] = "red"; … … 136 136 $h->vars['post_deleted'] = false; 137 137 return false; 138 }139 140 // redirect to log in page if not logged in141 if (!$h->currentUser->loggedIn) {142 $return = urlencode($h->url(array('page'=>'submit'))); // return user here after login143 header("Location: " . $h->url(array('page'=>'login', 'return'=>$return)));144 die(); exit;145 138 } 146 139 … … 503 496 504 497 // display the link in the navigation bar 505 echo "<li ><a " . $status . " href='" . $h->url(array('page'=>'submit')) . "'>" . $h->lang['submit_submit_a_story'] . "</a></li>\n";498 echo "<li " . $status . "><a href='" . $h->url(array('page'=>'submit')) . "'>" . $h->lang['submit_submit_a_story'] . "</a></li>"; 506 499 } 507 500 … … 566 559 $h->vars['submit_editorial'] = $h->vars['submitted_data']['submit_editorial']; 567 560 $h->vars['submit_orig_url'] = urldecode($h->vars['submitted_data']['submit_orig_url']); 568 $h->vars['submit_title'] = sanitize($h->vars['submitted_data']['submit_title'], 'tags');561 $h->vars['submit_title'] = htmlspecialchars(sanitize($h->vars['submitted_data']['submit_title'], 'tags'), ENT_QUOTES); 569 562 $h->vars['submit_content'] = sanitize($h->vars['submitted_data']['submit_content'], 'tags', $allowable_tags); 570 563 $h->vars['submit_post_id'] = $h->vars['submitted_data']['submit_id']; … … 573 566 574 567 // strip htmlentities before showing in the form: 568 $h->vars['submit_title'] = html_entity_decode($h->vars['submit_title']); 575 569 $h->vars['submit_content'] = html_entity_decode($h->vars['submit_content']); 576 570 $h->vars['submit_tags'] = html_entity_decode($h->vars['submit_tags']); … … 606 600 // Edit Post 607 601 case 'edit_post': 608 if ( $h->vars['post_deleted']|| !$h->vars['can_edit']) {602 if ((isset($h->vars['post_deleted']) && $h->vars['post_deleted']) || !$h->vars['can_edit']) { 609 603 $h->showMessages(); 610 604 return true; -
trunk/content/plugins/submit/templates/submit2.php
r1896 r2080 39 39 <tr> 40 40 <td><?php echo $h->lang["submit_url"]; ?> </td> 41 <td><?php echo $h->vars['submit_orig_url']; ?></td>41 <td><?php echo truncate($h->vars['submit_orig_url'], 60); ?></td> 42 42 </tr> 43 43 <?php } ?> -
trunk/content/plugins/submit/templates/submit_edit.php
r2027 r2080 39 39 <tr> 40 40 <td><?php echo $h->lang["submit_url"]; ?> </td> 41 <td><?php echo "<a target='_blank' href='" . $h->vars['submit_orig_url'] . "'>" . $h->vars['submit_orig_url']. "</a>"; ?></td>41 <td><?php echo "<a target='_blank' href='" . $h->vars['submit_orig_url'] . "'>" . truncate($h->vars['submit_orig_url'], 60) . "</a>"; ?></td> 42 42 </tr> 43 43 <tr> -
trunk/content/plugins/user_manager/languages/user_manager_language.php
r1896 r2080 38 38 $lang["user_man_user_email_validated"] = " and has validated his or her email address."; 39 39 $lang['user_man_here'] = "here"; 40 $lang['user_man_ip_address'] = "IP address:"; 40 41 $lang['user_man_email'] = "Email:"; 41 42 $lang["user_man_desc"] = "The User Manager enables you to quickly find and edit users, ordered newest first."; -
trunk/content/plugins/user_manager/readme.txt
r1896 r2080 15 15 Changelog 16 16 --------- 17 v.1.1 2010/07/30 - Nick - Added user's IP address 17 18 v.1.0 2010/05/27 - Nick - Added "check all" checkbox 18 19 v.0.9 2010/03/17 - Nick - New page for creating users, sending new passwords and email validation requests -
trunk/content/plugins/user_manager/user_manager.php
r2027 r2080 3 3 * name: User Manager 4 4 * description: Manage users. 5 * version: 1. 05 * version: 1.1 6 6 * folder: user_manager 7 7 * class: UserManager -
trunk/content/plugins/user_manager/user_manager_settings.php
r1896 r2080 363 363 $output = $h->vars['user_manager_details'][0]; // $output 364 364 $output .= "<br />"; 365 365 $output .= "<i>" . $h->lang['user_man_ip_address'] . "</i> " . $user->user_ip . "<br />"; 366 366 $output .= "<i>" . $h->lang['user_man_email'] . "</i> <a href='mailto:" . $user->user_email . "'>$user->user_email</a>"; 367 367 $output .= "</td></tr>"; -
trunk/content/plugins/user_signin/user_signin.php
r1896 r2080 147 147 148 148 if ($h->pageName == 'logout') { $status = "id='navigation_active'"; } else { $status = ""; } 149 echo "<li ><a " . $status . " href='" . $h->url(array('page'=>'logout')) . "'>" . $h->lang["user_signin_logout"] . "</a></li>\n";149 echo "<li " . $status . "><a href='" . $h->url(array('page'=>'logout')) . "'>" . $h->lang["user_signin_logout"] . "</a></li>"; 150 150 151 151 if ($h->currentUser->getPermission('can_access_admin') == 'yes') { 152 152 153 153 if ($h->pageName == 'admin') { $status = "id='navigation_active'"; } else { $status = ""; } 154 echo "<li ><a " . $status . " href='" . $h->url(array(), 'admin') . "'>" . $h->lang["user_signin_admin"] . "</a></li>\n";154 echo "<li " . $status . "><a href='" . $h->url(array(), 'admin') . "'>" . $h->lang["user_signin_admin"] . "</a></li>"; 155 155 } 156 156 } else { … … 176 176 177 177 if (!$h->isPage('login')) { 178 echo "<li ><a " . $status . " href='" . BASEURL . "index.php?page=login&return=" . $return . "'>" . $h->lang["user_signin_login"] . "</a></li>\n";178 echo "<li " . $status . "><a href='" . BASEURL . "index.php?page=login&return=" . $return . "'>" . $h->lang["user_signin_login"] . "</a></li>"; 179 179 } else { 180 echo "<li ><a " . $status . " href='" . $h->url(array('page'=>'login')) . "'>" . $h->lang["user_signin_login"] . "</a></li>\n";180 echo "<li " . $status . "><a href='" . $h->url(array('page'=>'login')) . "'>" . $h->lang["user_signin_login"] . "</a></li>"; 181 181 } 182 182 183 183 if ($h->pageName == 'register') { $status = "id='navigation_active'"; } else { $status = ""; } 184 echo "<li ><a " . $status . " href='" . $h->url(array('page'=>'register')) . "'>" . $h->lang["user_signin_register"] . "</a></li>\n";184 echo "<li " . $status . "><a href='" . $h->url(array('page'=>'register')) . "'>" . $h->lang["user_signin_register"] . "</a></li>"; 185 185 } 186 186 } -
trunk/content/plugins/users/languages/users_language.php
r2032 r2080 69 69 70 70 /* Admin Stats */ 71 $lang["users_admin_stats_total_users"] = "Total users"; 72 $lang["users_admin_stats_admins"] = "Admins"; 73 $lang["users_admin_stats_supermods"] = "Super Mods"; 74 $lang["users_admin_stats_moderators"] = "Moderators"; 75 $lang["users_admin_stats_approved_users"] = "Approved"; 76 $lang["users_admin_stats_pending_users"] = "Pending"; 77 $lang["users_admin_stats_undermod_users"] = "Under moderation"; 78 $lang["users_admin_stats_banned_users"] = "Banned"; 79 $lang["users_admin_stats_killspammed_users"] = "Killspammed"; 71 $lang["users_admin_stats_users"] = "Users"; 72 $lang["users_admin_stats_all"] = "Total users"; 73 $lang["users_admin_stats_admin"] = "Admins"; 74 $lang["users_admin_stats_supermod"] = "Super Mods"; 75 $lang["users_admin_stats_moderator"] = "Moderators"; 76 $lang["users_admin_stats_member"] = "Members"; 77 $lang["users_admin_stats_pending"] = "Pending"; 78 $lang["users_admin_stats_undermod"] = "Under moderation"; 79 $lang["users_admin_stats_banned"] = "Banned"; 80 $lang["users_admin_stats_killspammed"] = "Killspammed"; 80 81 81 82 /* UserFunctions CLASS: */ -
trunk/content/plugins/users/readme.txt
r2027 r2080 14 14 Changelog 15 15 --------- 16 v.2.2 2010/07/15 - Nick - Reimplemented admin stats 16 17 v.2.1 2010/07/10 - Nick - CSS Fixes for form item widths 17 18 v.2.0 2010/05/22 - Nick - Fix for home page title tags and moved User RSS from SB Base into this plugin -
trunk/content/plugins/users/users.php
r2032 r2080 3 3 * name: Users 4 4 * description: Provides profile, settings and permission pages 5 * version: 2. 15 * version: 2.2 6 6 * folder: users 7 7 * type: users … … 181 181 $username = $h->cage->get->testUsername('user'); 182 182 if ($username) { 183 $h->vars['filter']['post_author = %d'] = $h->getUserIdFromName($username); 183 $h->vars['filter']['post_author = %d'] = $h->getUserIdFromName($username); 184 unset($h->vars['filter']['post_archived = %s']); 184 185 } 185 186 } … … 432 433 */ 433 434 public function admin_theme_main_stats($h, $vars) 434 { 435 require_once(LIBS . 'UserInfo.php'); 435 { 436 436 $ui = new UserInfo(); 437 438 echo "<li> </li>"; 439 if (isset($vars) && (!empty($vars))) { 437 $stats = $ui->stats($h); 438 439 //var_dump($stats); 440 441 echo "<li> </li>"; 442 if ($stats) { 443 foreach ($stats as $stat) { 444 //var_dump($stat); 445 $users[$stat[0]] = $stat[1]; 446 } 447 } 448 449 if (isset($vars) && (!empty($vars))) { 440 450 foreach ($vars as $key => $value) { 441 echo "<li class='title'>" . $key . "</li>"; 442 foreach ($value as $stat_type) { 451 $key_lang = 'users_admin_stats_' . $key; 452 echo "<li class='title'>" . $h->lang[$key_lang] . "</li>"; 453 foreach ($value as $stat_type) { 443 454 if (isset($value) && !empty($value)) { 444 $users = $ui->stats($h, $stat_type); 445 if (!$users) { $users = 0; } 455 456 switch ($stat_type) { 457 case 'all': 458 $user_count = array_sum($users); 459 break; 460 default: 461 if (isset($users[$stat_type])) { $user_count = $users[$stat_type]; } else { $user_count = 0; } 462 break; 463 } 464 465 if (!defined('SITEURL')) { define('SITEURL', BASEURL); } 466 467 $link = ""; 468 $dontlink = array(''); 469 if ($h->isActive('user_manager')) { 470 if (!in_array($stat_type, $dontlink)) { 471 $link = SITEURL . "admin_index.php?user_filter=$stat_type&plugin=user_manager&page=plugin_settings&type=filter&csrf=" . $h->csrfToken; 472 } 473 } 474 446 475 $lang_name = 'users_admin_stats_' . $stat_type; 447 echo "<li>" . $h->lang[$lang_name] . ": " . $users . "</li>"; 476 echo "<li>"; 477 if ($link) { echo "<a href='" . $link . "'>"; } 478 echo $h->lang[$lang_name] . ": " . $user_count; 479 if ($link) { echo "</a>"; } 480 echo "</li>"; 448 481 } 449 482 } -
trunk/content/plugins/vote/css/vote.css
r1896 r2080 10 10 11 11 .vote_button_top { 12 line-height: 2.0em;13 font-size: 1.5em;12 line-height: 1.1em; 13 font-size: 3.0em; 14 14 width: 50px; 15 font-weight: bold;16 15 } 17 16 18 17 .vote_button_bottom { 19 20 21 background: #f2f2f2;22 18 margin-top:5px; 19 padding: 2px 0 2px 0; 20 background-color: #fff; 21 border: 1px solid #d0d0d0; 23 22 width: 50px; 24 23 } 25 24 26 25 .vote_button_bottom a { 27 color: #454545; 28 background:transparent; 26 29 27 } 30 28 31 29 .vote_button_bottom a:hover { 32 color: #454545;33 30 background:transparent; 34 31 } … … 36 33 /* colors */ 37 34 38 .vote_color_top { border: 1px solid #d0d0d0; background-color: #f 0f0f0; color: #000; }39 .vote_color_new { border: 1px solid #d0d0d0; background-color: #fff fff; color: #000; }35 .vote_color_top { border: 1px solid #d0d0d0; background-color: #fff; color: #cc0000; } 36 .vote_color_new { border: 1px solid #d0d0d0; background-color: #fff; color: #0000cc; } 40 37 41 38 .vote_color_top_clicked { background-color: #f0f0aa; } -
trunk/content/plugins/vote/readme.txt
r2027 r2080 15 15 Changelog 16 16 --------- 17 v.2.2 2010/07/20 - Nick - Edits to CSS for vote button 17 18 v.2.1 2010/06/16 - Alan - Include option for anonymous voting 18 19 v.2.0 2010/05/23 - Nick - Removed the requirement to have SB Base installed. -
trunk/content/plugins/vote/vote.php
r2027 r2080 3 3 * name: Vote 4 4 * description: Adds voting ability to posted stories. 5 * version: 2. 15 * version: 2.2 6 6 * folder: vote 7 7 * class: Vote -
trunk/content/plugins/widgets/css/widgets.css
r1896 r2080 1 1 /* widgets */ 2 2 3 td.widgets_ active, td.widgets_order {3 td.widgets_order { 4 4 width: 6.0em; 5 5 } 6 6 7 .widget_head { margin-top: 0.4em; } 8 .widget_body { margin-bottom: 2.5em; overflow: hidden; width: 100%; } 7 td.widgets_active { 8 width: 1em; 9 } 10 11 #table_list td.widgets_name { 12 text-align: left !important; 13 font-weight: normal; 14 } 15 16 div.widget_onoff{ 17 cursor: pointer; 18 cursor: hand; 19 } 20 21 .widget_head { 22 margin-top: 0.4em; 23 } 24 .widget_body { 25 margin-bottom: 2.5em; 26 overflow: hidden; 27 width: 100%; 28 } -
trunk/content/plugins/widgets/readme.txt
r1896 r2080 13 13 Changelog 14 14 --------- 15 v.1.0 2010/07/30 - petsagouris - Style edits for widgets page 15 16 v.0.9 2010/04/14 - Nick - singleWidget function for calling individual widgets 16 17 v.0.8 2010/03/04 - Nick - Wrapped "widget_head" and "widget_body" in a "widget" div -
trunk/content/plugins/widgets/templates/widget_ordering.php
r1896 r2080 70 70 echo "<tr id='table_tr' class='table_row_" . $alt % 2 . "'>\n"; 71 71 echo "<td class='plugins_active widgets_active'>" . $enabled_output . "</td>\n"; 72 echo "<td class='table_text '>" . make_name($widget) . " </td>\n";72 echo "<td class='table_text widgets_name'>" . make_name($widget) . " </td>\n"; 73 73 echo "<td class='plugins_order widgets_order'>" . $order_output . "</td>\n"; 74 74 echo "</tr>\n"; -
trunk/content/plugins/widgets/widgets.php
r1896 r2080 3 3 * name: Widgets 4 4 * description: Manages the contents of the widget blocks 5 * version: 0.95 * version: 1.0 6 6 * folder: widgets 7 7 * class: Widgets -
trunk/content/themes/default/css/style.css
r1896 r2080 4 4 5 5 /* BODY */ 6 html, body { color: #666; font-family: Helvetica, Arial, 'Liberation Sans', FreeSans, sans-serif; } 6 body { 7 color: #262626; 8 } 7 9 8 10 /* DEFAULTS */ 9 11 10 h1, h2, h3 { padding: 0em 0 0.5em 0; color: #666; } 11 h1 { font-size: 1.6em; } 12 h2 { font-size: 1.5em; } 13 h3 { font-weight: bold; } 14 p { padding: 0.5em 0 0.5em 0; } 15 li { padding: 0.5em 0 0.5em 0; } 12 h1, h2, h3, h4 { 13 margin-bottom: 0.5em; 14 font-weight:normal; 15 } 16 p { 17 padding: 0.5em 0 0.5em 0; 18 margin-bottom: 0.6em; 19 } 20 21 ul { list-style-type: none; margin-bottom: 0.3em; } 22 li { padding: 0.5em 0 0.5em 0; margin-left: 0; } 16 23 a { text-decoration: none; color: #666; } 17 a:hover { color: # 000; background-color: #f8f8f8; }24 a:hover { color: #262626; background-color: #f8f8f8; } 18 25 form { padding: 1.0em; } 19 26 td { padding: 0.5em; } … … 23 30 /* LAYOUT */ 24 31 25 .clear { clear: both; margin: 0; line-height: 0em;} /* need line-height for IE */ 26 27 /* YAHOO USER INTERFACE (YUI) : http://developer.yahoo.com/yui/grids/ */ 28 29 .yui-t7 { } /* Template 7 - complete frame*/ 30 .yui-gc { padding: 1.0em; } /* Grid C: 66% + 33% - container around content and sidebar*/ 31 .yui-g { } /* Grid: 100% - container around content when sidebar disabled */ 32 .yui-u, .first { } /* Units - the content (first) and sidebar */ 32 .clear { clear: both; margin: 0; line-height: 0em; height: 0; } /* need line-height for IE */ 33 33 34 34 /* ANNOUNCEMENTS */ … … 36 36 #announcement { 37 37 background-color: #f8f8f8; 38 border-bottom: 1px solid # 000;38 border-bottom: 1px solid #262626; 39 39 padding: 0.4em; 40 40 text-align: center; … … 43 43 /* HEADER */ 44 44 45 #hd { margin: 0.4em 0 0.4em 0;} /* wraps the title and ad blocks */ 45 #header { margin: 0.8em; } 46 #hd_title { float: left; } 47 #hd_title h1 { display: inline; font-size: 3.0em; margin-right: 0.5em; } /* Site title */ 48 #hd_title h1 a { color: #262626; } 49 #hd_title h1 a:hover { color: #262626; } 50 #hd_title h3 { display: inline; font-size: 1.8em; font-weight: normal; } 46 51 47 #hd_title { float: left; height: 60px; width:468px; background-color: #f4f4f4; border: 1px solid #d0d0d0; } 48 #hd_title h1 { font-size: 2.2em; font-weight: bold; padding: 0.5em 0.4em 0.4em 0.4em;} /* Site title */ 49 #hd_title h1 a { color: #666; } 50 #hd_title h1 a:hover { color: #000; } 51 52 #hd_block2 { float: right; height: 60px; width:468px; background-color: #f4f4f4; border: 1px solid #d0d0d0; } 53 54 #nav { margin: 0.4em 0 0.4em 0; } /* wraps the navigation bar */ 55 ul.navigation { float: left; list-style: none; } 56 ul.navigation li { display: inline; font-size: 1.2em; font-weight: bold; } 57 ul.navigation li a { color: #666; padding: 0.2em 0.4em 0.2em 0.4em; } 58 ul.navigation li a:hover { color: #000; } 52 #navigation { margin-top: 0; padding: 0.3em 0 0.3em 0; background-color: #262626; } /* wraps the navigation bar */ 53 ul.navigation { float: left; list-style: none; margin: 0 0 0 0.4em; text-transform: uppercase; } 54 ul.navigation li { display: inline; font-size: 1.1em; font-weight: bold; } 55 ul.navigation li a { color: #b0b0b0; padding: 0 0.6em 0 0.6em; } 56 ul.navigation li a:hover { background-color: #262626; color: #fff; } 59 57 ul.navigation li a img { vertical-align: middle; } 60 li a#navigation_active { background-color: #f8f8f8; color: #000; }58 li#navigation_active a { color: #fff; } 61 59 ul.nav_right { display: inline; float: right; } 62 60 #rss_icon { margin-top: -0.2em; } 63 61 64 #post_header { background-color: #f8f8f8; } /* wraps the categories bar, etc. */ 62 #header_end { /* wraps the categories bar, etc. */ 63 border-bottom: 1px solid #d0d0d0; 64 padding-bottom: 1.0em; 65 margin-bottom: 1.0em; 66 } 65 67 66 68 /* BODY */ 67 69 68 #bd { background-color: #fff;} 70 #main { 71 padding-right: 2.0em; 72 border-right: 1px solid #d0d0d0; 73 } 69 74 70 75 .message { … … 84 89 /* SITE CLOSED MESSAGE */ 85 90 86 #site_closed { background-color: #fff; border-top: 2px solid # 000; border-bottom: 2px solid #000;91 #site_closed { background-color: #fff; border-top: 2px solid #262626; border-bottom: 2px solid #262626; 87 92 text-align: center; margin-top: 4em; font-size: 1.6em; line-height: 1.8em; } 88 93 … … 92 97 93 98 #breadcrumbs { 99 font-size: 0.86em; 94 100 margin-bottom: 1.0em; 95 101 } … … 111 117 #pagination .pagi_current { 112 118 color: #fff; 113 background-color: # 000;119 background-color: #262626; 114 120 font-weight: bold; 115 121 padding: 0.3em 0.7em 0.3em 0.7em; … … 131 137 /* SIDEBAR */ 132 138 133 #sidebar { padding: 1.0em; background-color: #f8f8f8;}134 #sidebar ul li { padding: 0. 1em; border-bottom: solid 1px #eee; }139 #sidebar { padding: 1.0em; } 140 #sidebar ul li { padding: 0.5em; border-bottom: solid 1px #f0f0f0; } 135 141 136 142 /* FOOTER */ -
trunk/content/themes/default/footer.php
r1896 r2080 29 29 ?> 30 30 31 <div id="ft"> 32 <?php 33 $h->pluginHook('footer'); 34 35 // Link to forums... 36 echo "<p><a href='http://hotarucms.org' title='" . $h->lang["main_theme_footer_hotaru_link"] . "'><img src='" . BASEURL . "content/themes/" . THEME . "images/hotarucms.png' "; 37 echo "alt='" . $h->lang["main_theme_footer_hotaru_link"] . "' /></a></p>"; 38 39 $h->showQueriesAndTime(); 40 ?> 41 </div> <!-- close "ft" --> 42 </div> <!-- close "yui-t7 first" --> 31 <?php $h->pluginHook('footer'); ?> 43 32 44 < ?php $h->pluginHook('pre_close_body'); ?>33 <p><a href='http://hotarucms.org' title='<?php echo $h->lang["main_theme_footer_hotaru_link"]; ?>'><img src='<?php echo SITEURL; ?>content/themes/<?php echo THEME; ?>images/hotarucms.png' alt='<?php echo $h->lang["main_theme_footer_hotaru_link"]; ?>' /></a></p> 45 34 46 </body> 47 </html> 35 <?php $h->showQueriesAndTime(); ?> -
trunk/content/themes/default/header.php
r1896 r2080 45 45 46 46 <script type='text/javascript' src='http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js?ver=1.4.2'></script> 47 <script type='text/javascript' src='http://ajax.googleapis.com/ajax/libs/jqueryui/1.8.0/jquery-ui.min.js?ver=1.8.0'></script>48 47 49 <link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/2.8.0r4/build/reset-fonts-grids/reset-fonts-grids.css" /> 48 <!-- include 960 CSS framework --> 49 <?php $css = SITEURL . "content/themes/" . THEME . "css/"; ?> 50 <link rel="stylesheet" href="<?php echo $css; ?>960/reset.css" type="text/css" /> 51 <link rel="stylesheet" href="<?php echo $css; ?>960/960.css" type="text/css" /> 52 <link rel="stylesheet" href="<?php echo $css; ?>960/text.css" type="text/css" /> 50 53 51 54 <!-- Include merged files for all the plugin css and javascript (if any) --> … … 53 56 <!-- End --> 54 57 55 <link rel="stylesheet" href="<?php echo BASEURL . 'content/themes/' . THEME . 'css/style.css'; ?>" type="text/css" />56 <!-- <link rel="shortcut icon" href="<?php echo BASEURL; ?>favicon.ico" /> -->58 <link rel="stylesheet" href="<?php echo $css; ?>style.css" type="text/css" /> 59 <!-- <link rel="shortcut icon" href="<?php echo SITEURL; ?>favicon.ico" /> --> 57 60 58 61 <?php $h->pluginHook('header_include_raw'); ?> 59 62 60 63 </head> 61 <body>62 <?php $h->pluginHook('post_open_body'); ?>63 64 <?php if ($announcements = $h->checkAnnouncements()) { ?>65 <div id="announcement">66 <?php $h->pluginHook('announcement_first'); ?>67 <?php foreach ($announcements as $announcement) { echo $announcement . "<br />"; } ?>68 <?php $h->pluginHook('announcement_last'); ?>69 </div>70 <?php } ?>71 72 <div id="doc2" class="yui-t7">73 <div id="nav">74 <!-- NAVIGATION -->75 <?php echo $h->displayTemplate('navigation'); ?>76 </div>77 <div class="clear"> </div>78 79 <div id="hd">80 <!-- TITLE & AD BLOCKS -->81 <div id="hd_title">82 <h1><a href="<?php echo BASEURL; ?>"><?php echo SITE_NAME; ?></a></h1>83 </div>84 <div id="hd_block2">85 </div>86 </div>87 <div class="clear"> </div>88 89 <div id="header_end">90 <!-- CATEGORIES, ETC -->91 <?php $h->pluginHook('header_end'); ?>92 </div> -
trunk/content/themes/default/index.php
r1896 r2080 1 1 <?php 2 2 /** 3 * Theme name: default 4 * Template name: index.php 5 * Template author: Nick Ramsay 3 * name: Default 4 * description: Default theme for Hotaru CMS 5 * version: 0.2 6 * author: Nick Ramsay 7 * authorurl: http://hotarucms.org/member.php?1-Nick 6 8 * 7 9 * PHP version 5 … … 33 35 $h->includeThemeLanguage(); 34 36 35 // plugin hook 36 $result = $h->pluginHook('theme_index_top'); 37 if (!$result) { 37 // get settings: 38 $h->vars['theme_settings'] = $h->getThemeSettings(); 39 40 // plugins work here before anything is displayed. Return if overriding. 41 if ($h->pluginHook('theme_index_top')) { return false; }; 42 43 // display header if not overriden by a plugin 44 if (!$h->pluginHook('theme_index_header')) { $h->displayTemplate('header'); } 38 45 ?> 39 <?php 40 // plugin hook 41 $result = $h->pluginHook('theme_index_header'); 42 if (!$result) { 43 $h->displayTemplate('header'); 44 } 45 ?> 46 47 <body> 48 49 <?php $h->pluginHook('post_open_body'); ?> 50 <?php if ($announcements = $h->checkAnnouncements()) { ?> 51 <div id="announcement"> 52 <?php $h->pluginHook('announcement_first'); ?> 53 <?php foreach ($announcements as $announcement) { echo $announcement . "<br />"; } ?> 54 <?php $h->pluginHook('announcement_last'); ?> 55 </div> 56 <?php } ?> 57 58 <div class="container_12"> 59 60 <div id="navigation" class="grid_12"> 61 <!-- NAVIGATION --> 62 <?php echo $h->displayTemplate('navigation'); ?> 63 </div> 46 64 47 <div id="bd"> 48 <div id="yui-main"> 49 <?php if ($h->sidebars) { // determines whether to show the sidebar or not ?> 50 <div class='yui-gc'> 51 <div class="yui-u first"> 52 <?php } else { ?> 53 <div class='yui-g'> 54 <div class="yui-u first" style='width: 100%;'> 55 <?php } ?> 56 <!-- BREADCRUMBS --> 57 <div id='breadcrumbs'> 58 <?php echo $h->breadcrumbs(); ?> 59 </div> 60 61 <!-- POST BREADCRUMBS --> 62 <?php 63 // plugin hook 64 $result = $h->pluginHook('theme_index_post_breadcrumbs'); 65 ?> 66 67 <!-- FILTER TABS --> 68 <?php 69 // plugin hook 70 $result = $h->pluginHook('theme_index_pre_main'); 71 ?> 72 73 <!-- MAIN --> 74 <?php 75 // plugin hook 76 $result = $h->pluginHook('theme_index_main'); 77 if (!$result) { 78 $h->displayTemplate($h->pageName); 79 } 80 ?> 81 </div> <!-- close "yui-u first" --> 82 <?php if ($h->sidebars) { ?> 83 <div class="yui-u"> 65 <div id="header" class="grid_12"> 66 <!-- TITLE & AD BLOCKS --> 67 <div id="hd_title"> 68 <h1><a href="<?php echo SITEURL; ?>"><?php echo SITE_NAME; ?></a></h1> 69 <h3 class="subtitle"><?php echo $h->vars['theme_settings']['tagline']; ?></h3> 70 </div> 71 <div class="clear"></div> 72 </div> 73 74 <div id="header_end" class="grid_12"> 75 <!-- CATEGORIES, ETC --> 76 <?php $h->pluginHook('header_end'); ?> 77 </div> 78 79 <div id="content"> 80 81 <?php $width = ($h->sidebars) ? '8' : '12'; ?> 82 <div id="main_container" class="grid_<?php echo $width; ?>"> 83 <div id="main"> 84 85 <!-- BREADCRUMBS --> 86 <div id='breadcrumbs'> 87 <?php echo $h->breadcrumbs(); ?> 88 </div> 84 89 85 <!-- SIDEBAR --> 86 <?php 87 // plugin hook 88 $result = $h->pluginHook('theme_index_sidebar'); 89 if (!$result) { 90 $h->displayTemplate('sidebar'); 91 } 92 ?> 93 </div> <!-- close "yui-u" --> 94 <?php } ?> 95 </div> <!-- close "yui-gc" or "yui-g" --> 96 </div> <!-- close "yui-main" --> 97 </div> <!-- close "bd" --> 90 <!-- POST BREADCRUMBS --> 91 <?php $h->pluginHook('theme_index_post_breadcrumbs'); ?> 92 93 <!-- FILTER TABS --> 94 <?php $h->pluginHook('theme_index_pre_main'); ?> 95 96 <!-- MAIN --> 97 <?php if (!$h->pluginHook('theme_index_main')) { $h->displayTemplate($h->pageName); } ?> 98 99 <div class="clear"></div> 100 </div> 101 </div> 102 103 <!-- SIDEBAR --> 104 <?php if ($h->sidebars) { ?> 105 <div id="sidebar_container" class="grid_4"> 106 <div id="sidebar"> 107 <?php if (!$h->pluginHook('theme_index_sidebar')) { $h->displayTemplate('sidebar'); } ?> 108 </div> 109 </div> 110 <?php } ?> 111 112 </div> <!-- close "content" --> 113 114 98 115 <!-- FOOTER --> 99 <?php 100 // plugin hook 101 $result = $h->pluginHook('theme_index_footer'); 102 if (!$result) { 103 $h->displayTemplate('footer'); 104 } 105 ?> 106 <?php } ?> 116 <div id="footer" class="grid_16"> 117 <?php if (!$h->pluginHook('theme_index_footer')) { $h->displayTemplate('footer'); } ?> 118 </div> 119 120 </div> <!-- close "container_12" --> 121 122 <?php $h->pluginHook('pre_close_body'); ?> 123 124 </body> 125 </html> -
trunk/content/themes/default/navigation.php
r1896 r2080 4 4 * Template name: navigation.php 5 5 * Template author: Nick Ramsay 6 * 7 * This file looks a bit ugly because whitespace between LI tags 8 * renders as spaces, so I had to squash all the lines together 6 9 * 7 10 * PHP version 5 … … 36 39 } 37 40 } ?> 38 39 <?php if ($h->pageName == $h->home) { $status = "id='navigation_active'"; } else { $status = ""; } ?> 40 <li><a <?php echo $status; ?> href="<?php echo BASEURL; ?>"><?php echo $h->lang["main_theme_navigation_home"]; ?></a></li> 41 <?php $h->pluginHook('navigation'); ?> 42 <?php 41 <?php if ($h->pageName == $h->home) { $status = "id='navigation_active'"; } else { $status = ""; } ?> 42 <li <?php echo $status; ?>><a href="<?php echo SITEURL; ?>"><?php echo $h->lang["main_theme_navigation_home"]; ?></a></li><?php $h->pluginHook('navigation'); ?><?php 43 43 if (!$h->isActive('signin')) { 44 44 … … 46 46 47 47 if ($h->isAdmin) { $status = "id='navigation_active'"; } else { $status = ""; } 48 echo "<li ><a " . $status . " href='" . $h->url(array(), 'admin') . "'>" . $h->lang["main_theme_navigation_admin"] . "</a></li>";48 echo "<li " . $status . "><a href='" . $h->url(array(), 'admin') . "'>" . $h->lang["main_theme_navigation_admin"] . "</a></li>"; 49 49 50 50 if ($h->pageName == 'logout') { $status = "id='navigation_active'"; } else { $status = ""; } 51 echo "<li ><a " . $status . "href='" . $h->url(array('page'=>'admin_logout'), 'admin') . "'>" . $h->lang["main_theme_navigation_logout"] . "</a></li>";51 echo "<li " . $status . "><a href='" . $h->url(array('page'=>'admin_logout'), 'admin') . "'>" . $h->lang["main_theme_navigation_logout"] . "</a></li>"; 52 52 } else { 53 53 if ($h->pageName == 'login') { $status = "id='navigation_active'"; } else { $status = ""; } 54 echo "<li ><a " . $status . " href='" . $h->url(array(), 'admin') . "'>" . $h->lang["main_theme_navigation_login"] . "</a></li>";54 echo "<li " . $status . "><a href='" . $h->url(array(), 'admin') . "'>" . $h->lang["main_theme_navigation_login"] . "</a></li>"; 55 55 } 56 56 } else { … … 65 65 <li> 66 66 <a href="<?php echo $h->url(array('page'=>'rss')); ?>">RSS 67 <img id="rss_icon" src="<?php echo BASEURL; ?>content/themes/<?php echo THEME; ?>images/rss_16.png" alt="RSS" />67 <img id="rss_icon" src="<?php echo SITEURL; ?>content/themes/<?php echo THEME; ?>images/rss_16.png" alt="RSS" /> 68 68 </a> 69 69 </li> 70 70 <?php } ?> 71 71 </ul> 72 73 <div class="clear"></div> -
trunk/content/themes/default/sidebar.php
r1896 r2080 29 29 ?> 30 30 31 <div id="sidebar"> 32 33 <?php $h->pluginHook('widget_block', '', array(1)); ?> 34 35 </div> 31 <?php $h->pluginHook('widget_block', '', array(1)); ?> -
trunk/functions/funcs.strings.php
r1896 r2080 25 25 */ 26 26 27 // We need to set the default internal encoding for the functions to operate properly. 28 mb_internal_encoding("UTF-8"); 29 27 30 /** 28 31 * Truncate a string … … 35 38 function truncate($string, $chars=0, $dot=true) 36 39 { 37 $length = strlen($string); 38 $truncated = substr(strip_tags($string), 0, $chars); // strips tags to prevent broken tags 39 if ($dot && ($length >= $chars)) { 40 $length = mb_strlen($string); 41 $truncated = mb_substr(strip_tags($string), 0, $chars); // strips tags to prevent broken tags 42 43 if( $dot && ($length >= $chars) ) { 40 44 $truncated .= '...'; 41 45 } 46 42 47 return $truncated; 43 48 } … … 53 58 function rstrtrim($str, $remove=null) 54 59 { 55 $str = (string)$str;56 $remove = (string) $remove;57 58 if (empty($remove)) {60 $str = (string) $str; 61 $remove = (string) $remove; 62 63 if( empty($remove) ) { 59 64 return rtrim($str); 60 65 } 61 66 62 $len = strlen($remove); 63 $offset = strlen($str)-$len; 64 65 while($offset > 0 && $offset == strpos($str, $remove, $offset)) 66 { 67 $str = substr($str, 0, $offset); 68 $offset = strlen($str)-$len; 67 $len = mb_strlen($remove); 68 $offset = mb_strlen($str) - $len; 69 70 while( $offset > 0 && $offset == mb_strpos($str, $remove, $offset) ) { 71 $str = mb_substr($str, 0, $offset); 72 $offset = mb_strlen($str) - $len; 69 73 } 70 74 71 75 return rtrim($str); 72 76 } 73 74 77 75 78 /** … … 82 85 function make_name($string, $delim = '_', $caps = true) 83 86 { 84 $dep_array = array();85 $dep_array 86 if ($caps) {87 $dep_array 88 $string 87 $dep_array = array( ); 88 $dep_array = explode($delim, trim($string)); 89 if( $caps ) { 90 $dep_array = array_map('ucfirst', $dep_array); 91 $string = implode(' ', $dep_array); 89 92 } else { 90 $string 93 $string = ucfirst(implode(' ', $dep_array)); 91 94 } 92 95 … … 106 109 $chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxwz0123456789"; 107 110 $string = ''; 108 for( $i = 0; $i < $length; $i++){111 for( $i = 0; $i < $length; $i++ ) { 109 112 $rand_key = mt_rand(0, strlen($chars)); 110 113 $string .= substr($chars, $rand_key, 1); … … 127 130 { 128 131 // htmlentities & Strip tags 129 if ($santype == 'all') {130 if (!get_magic_quotes_gpc()) {131 return htmlentities(strip_tags($var, $allowable_tags), ENT_QUOTES,'UTF-8');132 if( $santype == 'all' ) { 133 if( !get_magic_quotes_gpc() ) { 134 return htmlentities(strip_tags($var, $allowable_tags), ENT_QUOTES, 'UTF-8'); 132 135 } 133 else { 134 return stripslashes(htmlentities(strip_tags($var, $allowable_tags),ENT_QUOTES,'UTF-8')); 135 } 136 return false; 136 return stripslashes(htmlentities(strip_tags($var, $allowable_tags), ENT_QUOTES, 'UTF-8')); 137 137 } 138 138 139 139 // Strip tags 140 if ($santype == 'tags') {141 if (!get_magic_quotes_gpc()) {140 if( $santype == 'tags' ) { 141 if( !get_magic_quotes_gpc() ) { 142 142 return strip_tags($var, $allowable_tags); 143 143 } 144 else { 145 return stripslashes(strip_tags($var, $allowable_tags)); 144 return stripslashes(strip_tags($var, $allowable_tags)); 145 } 146 147 // htmlentities 148 if( $santype == 'ents' ) { 149 if( !get_magic_quotes_gpc() ) { 150 return htmlentities($var, ENT_QUOTES, 'UTF-8'); 146 151 } 147 return false; 148 } 149 150 // htmlentities 151 if ($santype == 'ents') { 152 if (!get_magic_quotes_gpc()) { 153 return htmlentities($var,ENT_QUOTES,'UTF-8'); 154 } 155 else { 156 return stripslashes(htmlentities($var,ENT_QUOTES,'UTF-8')); 157 } 158 return false; 159 } 152 return stripslashes(htmlentities($var, ENT_QUOTES, 'UTF-8')); 153 } 154 155 return false; 160 156 } 161 157 … … 173 169 $output = replace_symbols($input); 174 170 $output = mb_substr($output, 0, 240); 175 $output = mb_strtolower($output, "UTF-8");171 $output = mb_strtolower($output, 'UTF-8'); 176 172 $output = trim($output); 177 173 //From Wordpress and http://www.bernzilla.com/item.php?id=1007 … … 179 175 $output = urldecode($output); 180 176 181 if ($output) { return $output; } else { return false; } 182 } 183 177 if( $output ) { 178 return $output; 179 } 180 181 return false; 182 } 184 183 185 184 /** … … 195 194 // FOR THIS TO WORK, THIS FUNCS.STRINGS.PHP FILE MUST BE SAVED 196 195 // IN UTF-8 CHARACTER ENCODING !!! 197 198 196 // Replace spaces with hyphens 199 $output = preg_replace('/\s+/' , '-' , $input);197 $output = preg_replace('/\s+/', '-', $input); 200 198 201 199 // Replace other characters … … 271 269 $title = remove_accents($title); 272 270 273 if (seems_utf8($title)) { 274 if (function_exists('mb_strtolower')) { 275 $title = mb_strtolower($title, 'UTF-8'); 276 } 271 $title = mb_strtolower($title, 'UTF-8'); 272 273 if( seems_utf8($title) ) { 277 274 $title = utf8_uri_encode($title, 200); 278 275 } 279 276 280 $title = strtolower($title);281 277 $title = preg_replace('/&.+?;/', '', $title); // kill entities 282 278 $title = preg_replace('/[^%a-z0-9 _-]/', '', $title); … … 299 295 function remove_accents($string) 300 296 { 301 if 297 if( !preg_match('/[\x80-\xff]/', $string) ) { 302 298 return $string; 303 299 } 304 300 305 if (seems_utf8($string)) {301 if( seems_utf8($string) ) { 306 302 $chars = array( 307 303 // Decompositions for Latin-1 Supplement … … 360 356 chr(196).chr(174) => 'I', chr(196).chr(175) => 'i', 361 357 chr(196).chr(176) => 'I', chr(196).chr(177) => 'i', 362 chr(196).chr(178) => 'IJ', chr(196).chr(179) => 'ij',358 chr(196).chr(178) => 'IJ', chr(196).chr(179) => 'ij', 363 359 chr(196).chr(180) => 'J', chr(196).chr(181) => 'j', 364 360 chr(196).chr(182) => 'K', chr(196).chr(183) => 'k', … … 376 372 chr(197).chr(142) => 'O', chr(197).chr(143) => 'o', 377 373 chr(197).chr(144) => 'O', chr(197).chr(145) => 'o', 378 chr(197).chr(146) => 'OE', chr(197).chr(147) => 'oe',379 chr(197).chr(148) => 'R', chr(197).chr(149) => 'r',380 chr(197).chr(150) => 'R', chr(197).chr(151) => 'r',381 chr(197).chr(152) => 'R', chr(197).chr(153) => 'r',382 chr(197).chr(154) => 'S', chr(197).chr(155) => 's',383 chr(197).chr(156) => 'S', chr(197).chr(157) => 's',384 chr(197).chr(158) => 'S', chr(197).chr(159) => 's',374 chr(197).chr(146) => 'OE', chr(197).chr(147) => 'oe', 375 chr(197).chr(148) => 'R', chr(197).chr(149) => 'r', 376 chr(197).chr(150) => 'R', chr(197).chr(151) => 'r', 377 chr(197).chr(152) => 'R', chr(197).chr(153) => 'r', 378 chr(197).chr(154) => 'S', chr(197).chr(155) => 's', 379 chr(197).chr(156) => 'S', chr(197).chr(157) => 's', 380 chr(197).chr(158) => 'S', chr(197).chr(159) => 's', 385 381 chr(197).chr(160) => 'S', chr(197).chr(161) => 's', 386 382 chr(197).chr(162) => 'T', chr(197).chr(163) => 't', … … 402 398 chr(226).chr(130).chr(172) => 'E', 403 399 // GBP (Pound) Sign 404 chr(194).chr(163) => '' );400 chr(194).chr(163) => '' ); 405 401 406 402 $string = strtr($string, $chars); 407 } else { 403 } 404 else { 408 405 // Assume ISO-8859-1 if not UTF-8 409 406 $chars['in'] = chr(128).chr(131).chr(138).chr(142).chr(154).chr(158) … … 421 418 422 419 $string = strtr($string, $chars['in'], $chars['out']); 423 $double_chars['in'] = array( chr(140), chr(156), chr(198), chr(208), chr(222), chr(223), chr(230), chr(240), chr(254));424 $double_chars['out'] = array( 'OE', 'oe', 'AE', 'DH', 'TH', 'ss', 'ae', 'dh', 'th');420 $double_chars['in'] = array( chr(140), chr(156), chr(198), chr(208), chr(222), chr(223), chr(230), chr(240), chr(254) ); 421 $double_chars['out'] = array( 'OE', 'oe', 'AE', 'DH', 'TH', 'ss', 'ae', 'dh', 'th' ); 425 422 $string = str_replace($double_chars['in'], $double_chars['out'], $string); 426 423 } … … 441 438 { 442 439 $length = strlen($str); 443 for ($i=0; $i < $length; $i++) 444 { 445 if (ord($str[$i]) < 0x80) { 440 for( $i = 0; $i < $length; $i++ ) { 441 if( ord($str[$i]) < 0x80 ) { 446 442 continue; // 0bbbbbbb 447 448 } elseif ((ord($str[$i]) & 0xE0) == 0xC0) { 449 $n=1; // 110bbbbb 450 451 } elseif ((ord($str[$i]) & 0xF0) == 0xE0) { 452 $n=2; // 1110bbbb 453 454 } elseif ((ord($str[$i]) & 0xF8) == 0xF0) { 455 $n=3; // 11110bbb 456 457 } elseif ((ord($str[$i]) & 0xFC) == 0xF8) { 458 $n=4; // 111110bb 459 460 } elseif ((ord($str[$i]) & 0xFE) == 0xFC) { 461 $n=5; // 1111110b 462 463 } else { 443 } elseif( (ord($str[$i]) & 0xE0) == 0xC0 ) { 444 $n = 1; // 110bbbbb 445 } elseif( (ord($str[$i]) & 0xF0) == 0xE0 ) { 446 $n = 2; // 1110bbbb 447 } elseif( (ord($str[$i]) & 0xF8) == 0xF0 ) { 448 $n = 3; // 11110bbb 449 } elseif( (ord($str[$i]) & 0xFC) == 0xF8 ) { 450 $n = 4; // 111110bb 451 } elseif( (ord($str[$i]) & 0xFE) == 0xFC ) { 452 $n = 5; // 1111110b 453 } else { 464 454 return false; // Does not match any model 465 455 } 466 456 467 for ($j=0; $j<$n; $j++) 468 { 457 for( $j = 0; $j < $n; $j++ ) { 469 458 // n bytes matching 10bbbbbb follow ? 470 if ((++$i == $length) || ((ord($str[$i]) & 0xC0) != 0x80)) {459 if( (++$i == $length) || ((ord($str[$i]) & 0xC0) != 0x80) ) { 471 460 return false; 472 461 } … … 486 475 * Note: Borrowed from Wordpress 487 476 */ 488 function utf8_uri_encode( $utf8_string, $length = 0)489 { 490 $unicode 491 $values = array();492 $num_octets 477 function utf8_uri_encode($utf8_string, $length = 0) 478 { 479 $unicode = ''; 480 $values = array( ); 481 $num_octets = 1; 493 482 $unicode_length = 0; 494 483 495 $string_length = strlen( $utf8_string ); 496 for ($i = 0; $i < $string_length; $i++ ) 497 { 498 $value = ord( $utf8_string[ $i ] ); 484 $string_length = strlen($utf8_string); 485 for( $i = 0; $i < $string_length; $i++ ) { 486 $value = ord($utf8_string[$i]); 499 487 500 if ( $value < 128 ) 501 { 502 if ($length && ( $unicode_length >= $length )) { 488 if( $value < 128 ) { 489 if( $length && ( $unicode_length >= $length ) ) { 503 490 break; 504 491 } 505 492 $unicode .= chr($value); 506 493 $unicode_length++; 507 } 508 else 509 { 510 if (count( $values ) == 0) { 494 } else { 495 if( count($values) == 0 ) { 511 496 $num_octets = ( $value < 224 ) ? 2 : 3; 512 497 } … … 514 499 $values[] = $value; 515 500 516 if ($length && ($unicode_length + ($num_octets * 3)) > $length) {501 if( $length && ($unicode_length + ($num_octets * 3)) > $length ) { 517 502 break; 518 503 } 519 504 520 if (count($values) == $num_octets) 521 { 522 if ($num_octets == 3) { 523 $unicode .= '%' . dechex($values[0]) . '%' . dechex($values[1]) . '%' . dechex($values[2]); 505 if( count($values) == $num_octets ) { 506 if( $num_octets == 3 ) { 507 $unicode .= '%'.dechex($values[0]).'%'.dechex($values[1]).'%'.dechex($values[2]); 524 508 $unicode_length += 9; 525 509 } else { 526 $unicode .= '%' . dechex($values[0]) . '%' .dechex($values[1]);510 $unicode .= '%'.dechex($values[0]).'%'.dechex($values[1]); 527 511 $unicode_length += 6; 528 512 } 529 513 530 $values = array();514 $values = array( ); 531 515 $num_octets = 1; 532 516 } … … 547 531 { 548 532 $parsed = parse_url($url); 549 if (isset($parsed['scheme'])){550 $domain = $parsed['scheme'] . "://" . $parsed['host'];533 if( isset($parsed['scheme']) ) { 534 $domain = $parsed['scheme']."://".$parsed['host']; 551 535 return $domain; 552 536 } … … 555 539 } 556 540 557 558 if(!function_exists("iconv")) 559 { 541 if( !function_exists("iconv") ) { 542 560 543 /** 561 544 * Convert string to requested character encoding if iconv library not installed … … 573 556 return $converted; 574 557 } 575 } 576 558 559 } 577 560 578 561 /** … … 590 573 return $href + $url; 591 574 } 592 593 575 594 576 /** … … 608 590 } 609 591 610 611 592 /** 612 593 * Strip foreign characters from latin1/utf8 database yuckiness -
trunk/htaccess_default
r1896 r2080 23 23 24 24 ##### GENERIC RULES ##### 25 RewriteRule \.(css|php|png|jpg|gif|ico|js|inc|txt|gz|xml|html)$ - [ L]25 RewriteRule \.(css|php|png|jpg|gif|ico|js|inc|txt|gz|xml|html)$ - [NC,L] 26 26 RewriteRule ^([^/]*)/?$ index.php?page=$1 [L] 27 27 RewriteRule ^([^/]*)/([^/]*)/?$ index.php?$1=$2 [L] -
trunk/index.php
r1896 r2080 36 36 if (file_exists('install/index.php')) { 37 37 echo 'Hotaru is having trouble starting. You may need to install the system before you can proceed further.<br/><br/>'; 38 echo ' More help at <a href="hotarucms.org/forum.php"> Hotaru Forums</a>';38 echo 'Help is available in the <a href="http://forums.hotarucms.org/">Hotaru CMS Forums</a>.'; 39 39 } 40 40 else { -
trunk/install/index.php
r1896 r2080 46 46 "BASE" => "/../", 47 47 "ADMIN" => "/../admin/", 48 "CACHE" => "/../cache/",49 48 "INSTALL" => "/", 49 "CACHE" => "/../cache/1/", 50 50 "LIBS" => "/../libs/", 51 51 "EXTENSIONS" => "/../libs/extensions/", … … 318 318 // Check whether database and tables exist on this server 319 319 $db->show_errors = false; 320 $database_exists = $db->quick_connect($dbuser_name, $dbpassword_name, $dbname_name, $dbhost_name); 320 $database_exists = $db->quick_connect($dbuser_name, $dbpassword_name, $dbname_name, $dbhost_name); 321 321 if (!$database_exists) { 322 322 $h->messages[$lang['install_step1_no_db_exists_failure']] = 'red'; 323 323 } else { 324 $show_next = true; 325 $table_exists = $db->table_exists( DBPREFIX . 'miscdata');324 $show_next = true; 325 $table_exists = $db->table_exists('miscdata'); 326 326 } 327 327 … … 483 483 // Step title 484 484 echo "<h2>" . $lang['install_step2'] . "</h2>\n"; 485 485 486 $table_exists = $db->table_exists('miscdata'); 486 487 if ($table_exists && $delete != 'DELETE') { 487 488 // Warning message … … 509 510 $db->selectDB(DB_NAME); 510 511 512 513 514 // Used as test to check whether we have tables yet 515 // $sql = "SELECT * FROM `" . DB_PREFIX . "miscdata`"; 516 // var_dump($db->get_results($sql)); die; 517 511 518 if ($db->get_col("SHOW TABLES",0)) { 519 echo $lang['install_step2_checking_tables']; 512 520 foreach ( $db->get_col("SHOW TABLES",0) as $table_name ) 513 521 { 522 print $table_name . ', '; 514 523 drop_table($table_name); // table name 515 524 } 516 echo $lang['install_step2_deleting_table'] . "'...<br /><br />\n"; 517 } 518 525 echo '<br /><br />' . $lang['install_step2_deleting_table'] . "'...<br /><br />\n"; 526 } else { 527 echo $lang['install_step2_no_tables'] . "<br/><br />\n"; 528 } 529 530 531 $create_tables_problem = false; 519 532 //create tables 520 533 foreach ($tables as $table_name) { 534 $error = ''; 521 535 create_table($table_name); 536 $error = mysql_error(); 537 if ($error) { 538 echo $error . ' '; 539 $create_tables_problem = true; 540 } 522 541 } 523 542 524 543 // Step content 525 echo "<div class='install_content'>" . $lang['install_step2_success'] . "</div>\n"; 544 if (!$create_tables_problem) { 545 echo "<div class='install_content'>" . $lang['install_step2_success'] . "</div>\n"; 546 } else { 547 echo "<div class='install_content'>" . $lang['install_step2_fail'] . "</div>\n"; 548 } 526 549 527 550 $show_next = true; … … 548 571 { 549 572 global $lang; //already included so Hotaru can't re-include it 550 global $db; 573 global $db; 574 575 // Make sure that the cache folders have been created before we call $h for the first time 576 // Since we have defined CACHE in install script, the normal Initialize script will think folders are already present 577 $dirs = array('', 'debug_logs/' , 'db_cache/', 'css_js_cache/', 'html_cache/', 'rss_cache/', 'lang_cache/'); // first array item is needed to create the SITEID base folder 578 579 foreach ($dirs as $dir) { 580 //print "checking where dir exists at " . CACHE . $dir . '<br/>'; 581 if (!is_dir(CACHE . $dir)) { 582 //print "trying to create " . CACHE . $dir . '<br/>'; 583 mkdir(CACHE . $dir); 584 } 585 } 551 586 552 587 $h = new Hotaru(); // overwrites current global with fully initialized Hotaru object 588 553 589 554 590 echo html_header(); … … 748 784 $php_module_not_found = false; 749 785 750 $required = array('bcmath' => 'http://php.net/manual/en/book.bc.php', 751 'mysql'=>'http://php.net/manual/en/book.mysql.php', 752 'filter'=>'http://php.net/manual/en/book.filter.php'); 786 $required = array('mysql'=>'http://php.net/manual/en/book.mysql.php', 787 'filter'=>'http://php.net/manual/en/book.filter.php', 788 'mbstring'=>'http://www.php.net/manual/en/book.mbstring.php'); 789 790 /* No longer required: 'bcmath' => 'http://php.net/manual/en/book.bc.php' */ 753 791 754 792 foreach ($required as $module => $url) { … … 791 829 // Previous/Next buttons 792 830 echo "<div class='back button''><a href='index.php?step=3'>" . $lang['install_back'] . "</a></div>\n"; 793 echo "<div class='next button''><a href='" . BASEURL . " '>" . $lang['install_home'] . "</a></div>\n";831 echo "<div class='next button''><a href='" . BASEURL . "admin_index.php'>" . $lang['install_home'] . "</a></div>\n"; 794 832 795 833 echo html_footer(); … … 851 889 ?> 852 890 853 /* Configuration file for Hotaru CMS. */891 /* Configuration file for Hotaru CMS. */ 854 892 855 893 // Paths 856 define( 'BASEURL', "<?php echo $baseurl_name; ?>"); // e.g. http://www.mysite.com/ Needs trailing slash (/)894 define("BASEURL", '<?php echo $baseurl_name; ?>'); // e.g. http://www.mysite.com/ Needs trailing slash (/) 857 895 858 896 // Database details 859 define("DB_USER", '<?php echo $dbuser_name; ?>'); 897 define("DB_USER", '<?php echo $dbuser_name; ?>'); // Add your own database details 860 898 define("DB_PASSWORD", '<?php echo $dbpassword_name; ?>'); 861 899 define("DB_NAME", '<?php echo $dbname_name; ?>'); … … 863 901 864 902 // You probably don't need to change these 865 define("DB_PREFIX", '<?php echo $dbprefix_name; ?>'); 903 define("DB_PREFIX", '<?php echo $dbprefix_name; ?>'); // Database prefix, e.g. "hotaru_" 866 904 define("DB_LANG", 'en'); // Database language, e.g. "en" 867 define("DB_ENGINE", 'MyISAM'); 868 define('DB_CHARSET', 'utf8'); 905 define("DB_ENGINE", 'MyISAM'); // Database Engine, e.g. "MyISAM" 906 define('DB_CHARSET', 'utf8'); // Database Character Set (UTF8 is Recommended), e.g. "utf8" 869 907 define("DB_COLLATE", 'utf8_unicode_ci'); // Database Collation (UTF8 is Recommended), e.g. "utf8_unicode_ci" 870 908 … … 872 910 $page = "<?php" . ob_get_contents(); 873 911 ob_end_clean(); 874 $page = str_replace("\n", "", $page);912 //$page = str_replace("\n", "", $page); 875 913 $cwd = getcwd(); 876 914 $file = $cwd . "/../hotaru_settings.php"; -
trunk/install/install-upgrade.php
r1896 r2080 82 82 echo "<div class='install_content'>" . $lang['upgrade_step1_old_version'] . $old_version . "</div>\n"; 83 83 else 84 echo "<div class='install_content'>" . $lang['upgrade_step1_ no_old_version'] . "</div>\n";84 echo "<div class='install_content'>" . $lang['upgrade_step1_old_no_version'] . "</div>\n"; 85 85 86 86 if ($h->version > $old_version) … … 639 639 $old_version = "1.3.0"; 640 640 } 641 642 //$h->version ="1.2.0"; 641 642 // 1.3.0 to 1.4.0 643 if ($old_version == "1.3.0") { 644 645 // Version Info Auto Update 646 $sql = "UPDATE " . TABLE_SETTINGS . " SET settings_note = %s, settings_name = %s WHERE settings_name = %s"; 647 $h->db->query($h->db->prepare($sql, 'Hotaru updates', 'SYS_UPDATES', 'SYS_FEEDBACK')); 648 649 // RELATES TABLE 650 if (!$exists = $h->db->table_exists('relates')) { 651 //echo "table doesn't exist. Stopping before creation."; exit; 652 $sql = "CREATE TABLE `" . DB_PREFIX . "relates` ( 653 `relates_id` int(20) NOT NULL AUTO_INCREMENT PRIMARY KEY, 654 `relates_user_id` int(20) NOT NULL default '0', 655 `relates_post_id` int(20) NOT NULL default '0', 656 `relates_type` varchar(64) default '', 657 `relates_updatedts` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, 658 INDEX (`relates_user_id`), 659 INDEX (`relates_post_id`), 660 INDEX (`relates_type`) 661 ) ENGINE=" . DB_ENGINE . " DEFAULT CHARSET=" . DB_CHARSET . " COLLATE=" . DB_COLLATE . " COMMENT='Relates';"; 662 $h->db->query($sql); 663 } 664 665 // Version Info Auto Update 666 $sql = "UPDATE " . TABLE_SETTINGS . " SET settings_note = %s, settings_name = %s WHERE settings_name = %s"; 667 $h->db->query($h->db->prepare($sql, 'Hotaru updates', 'SYS_UPDATES', 'SYS_FEEDBACK')); 668 669 // MULTI_SITE for SETTINGS table for siteid=1 only (admin) 670 $sql = "SELECT settings_siteid FROM " . TABLE_SETTINGS . " WHERE settings_name = %s AND settings_siteid = %d"; 671 $result = $h->db->get_var($h->db->prepare($sql, 'MULTI_SITE', 1)); 672 673 if (!$result) { 674 $sql = "INSERT INTO " . TABLE_SETTINGS . " (settings_name, settings_value, settings_default, settings_note) VALUES (%s, %s, %s, %s)"; 675 $h->db->query($h->db->prepare($sql, 'MULTI_SITE', 'false', 'false', 'Multiple sites')); 676 } 677 678 // Add siteid to pluginhooks table 679 if (!$exists = $h->db->column_exists('pluginhooks', 'pluginhooks_siteid')) { 680 // Create a column for index first 681 $sql = "ALTER TABLE " . TABLE_PLUGINHOOKS . " ADD pluginhooks_siteid INT NOT NULL DEFAULT 1"; 682 $h->db->query($sql); 683 } 684 685 // Add index for siteid on pluginhooks table 686 $sql = "SHOW INDEX FROM `" . TABLE_PLUGINHOOKS . "` WHERE KEY_NAME = 'pluginhooks_siteid'"; 687 $result = $h->db->query($sql); 688 if (!$result) { 689 $sql = "ALTER TABLE `" . TABLE_PLUGINHOOKS . "` ADD INDEX (pluginhooks_siteid)"; 690 $h->db->query($sql); 691 } 692 693 // Change post_title column from `post_title` varchar(255) NULL, to `post_title` text NULL, 694 $exists = $h->db->column_exists('posts', 'post_title'); 695 if (!$exists) { 696 $sql = "ALTER TABLE " . TABLE_POSTS . " MODIFY post_title text NULL"; 697 $h->db->query($h->db->prepare($sql)); 698 } 699 700 // Drop token_id column from the tokens table 701 if ($h->db->column_exists('tokens', 'token_id')) { 702 $h->db->query("ALTER TABLE " . DB_PREFIX . "tokens DROP token_id"); 703 } 704 705 // update "old version" for next set of upgrades 706 $old_version = "1.4.0"; 707 } 708 709 643 710 // Update Hotaru version number to the database (referred to when upgrading) 644 711 $sql = "UPDATE " . TABLE_MISCDATA . " SET miscdata_key = %s, miscdata_value = %s, miscdata_default = %s WHERE miscdata_key = %s"; … … 646 713 } 647 714 715 716 717 718 // // loop through all sites to insert this setting into each one's SETTING TABLE 719 // $sql = "SELECT site_id FROM " . TABLE_SITE; 720 // $sites = $h->db->get_results($h->db->prepare($sql)); 721 // 722 // $sql = "SELECT settings_siteid FROM " . TABLE_SETTINGS . " WHERE settings_name = %s"; 723 // $result = $h->db->get_results($h->db->prepare($sql, 'MULTI_SITE'), ARRAY_N); 724 // if (!$result) { $result = array(); } 725 // //var_dump($result); 726 // if ($sites) { 727 // foreach ($sites as $site) { 728 // if (in_array($site->site_id, $result)) { 729 // $sql = "UPDATE " . TABLE_SETTINGS . " SET settings_value = %s WHERE settings_name = %s"; 730 // $h->db->query($h->db->prepare($sql, '', '')); 731 // } else { 732 // $sql = "INSERT INTO " . TABLE_SETTINGS . " (settings_name, settings_value, settings_default, settings_note) VALUES (%s, %s, %s, %s)"; 733 // $h->db->query($h->db->prepare($sql, '', '', '', '')); 734 // } 735 // } 736 // } 737 648 738 ?> -
trunk/install/install_language.php
r1896 r2080 100 100 /* Install Step 3 */ 101 101 $lang["install_step2"] = "Step 2/4: Create Database Tables"; 102 $lang["install_step2_checking_tables"] = "Checking for existing tables in database: "; 103 $lang["install_step2_no_tables"] = "No existing tables were found in the database"; 102 104 $lang["install_step2_creating_table"] = "Creating table"; 105 $lang["install_step2_adding_data"] = "Adding data to"; 103 106 $lang["install_step2_deleting_table"] = "Deleting existing tables"; 104 107 $lang["install_step2_already_exists"] = "It seems there are already tables for Hotaru CMS in the database."; … … 107 110 $lang["install_step2_rebuild_link"] = "delete and rebuild the database tables"; 108 111 $lang["install_step2_success"] = "Database tables created successfully. Click \"Next\" to configure Hotaru CMS."; 112 $lang["install_step2_fail"] = "There were some errors in creating database tables. Not all tables may have been created correctly."; 109 113 $lang["install_step2_existing_db"] = "You already have an existing installation of Hotaru CMS.<br/><br/>If you continue, this installation will DELETE all your existing tables and settings, including posts, users and plugin data."; 110 114 $lang["install_step2_existing_confirm"] = "Confirm you wish to continue this install by typing 'DELETE' in the box and press the button"; -
trunk/install/install_tables.php
r1896 r2080 56 56 INDEX (`blocked_type`) 57 57 ) ENGINE=" . DB_ENGINE . " DEFAULT CHARSET=" . DB_CHARSET . " COLLATE=" . DB_COLLATE . " COMMENT='Blocked IPs, users, emails, etc';"; 58 echo $lang['install_step2_creating_table'] . ": '" . $table_name . "'...<br />\n"; 59 $db->query($sql); 58 echo $lang['install_step2_creating_table'] . ": '" . DB_PREFIX . $table_name . "'...<br />\n"; 59 $db->query($sql); 60 60 61 } 61 62 … … 81 82 UNIQUE KEY `key` (`category_name`, `category_siteid`) 82 83 ) ENGINE=" . DB_ENGINE . " DEFAULT CHARSET=" . DB_CHARSET . " COLLATE=" . DB_COLLATE . " COMMENT='Categories';"; 83 echo $lang['install_step2_creating_table'] . ": '" . $table_name . "'...<br />\n";84 echo $lang['install_step2_creating_table'] . ": '" . DB_PREFIX . $table_name . "'...<br />\n"; 84 85 $db->query($sql); 85 86 … … 114 115 INDEX (`comment_status`) 115 116 ) ENGINE=" . DB_ENGINE . " DEFAULT CHARSET=" . DB_CHARSET . " COLLATE=" . DB_COLLATE . " COMMENT='Post Comments';"; 116 echo $lang['install_step2_creating_table'] . ": '" . $table_name . "'...<br />\n";117 echo $lang['install_step2_creating_table'] . ": '" . DB_PREFIX . $table_name . "'...<br />\n"; 117 118 $db->query($sql); 118 119 } … … 135 136 `cvote_updateby` int(20) NOT NULL DEFAULT 0 136 137 ) ENGINE=" . DB_ENGINE . " DEFAULT CHARSET=" . DB_CHARSET . " COLLATE=" . DB_COLLATE . " COMMENT='Comment Votes';"; 137 echo $lang['install_step2_creating_table'] . ": '" . $table_name . "'...<br />\n";138 echo $lang['install_step2_creating_table'] . ": '" . DB_PREFIX . $table_name . "'...<br />\n"; 138 139 $db->query($sql); 139 140 } … … 150 151 PRIMARY KEY (follower_user_id, following_user_id) 151 152 ) ENGINE=" . DB_ENGINE . " DEFAULT CHARSET=" . DB_CHARSET . " COLLATE=" . DB_COLLATE . " COMMENT='Friends';"; 152 echo $lang['install_step2_creating_table'] . ": '" . $table_name . "'...<br />\n";153 echo $lang['install_step2_creating_table'] . ": '" . DB_PREFIX . $table_name . "'...<br />\n"; 153 154 $db->query($sql); 154 155 } … … 174 175 INDEX (`message_archived`) 175 176 ) ENGINE=" . DB_ENGINE . " DEFAULT CHARSET=" . DB_CHARSET . " COLLATE=" . DB_COLLATE . " COMMENT='Messaging';"; 176 echo $lang['install_step2_creating_table'] . ": '" . $table_name . "'...<br />\n";177 echo $lang['install_step2_creating_table'] . ": '" . DB_PREFIX . $table_name . "'...<br />\n"; 177 178 $db->query($sql); 178 179 } … … 192 193 INDEX (`miscdata_siteid`) 193 194 ) ENGINE=" . DB_ENGINE . " DEFAULT CHARSET=" . DB_CHARSET . " COLLATE=" . DB_COLLATE . " COMMENT='Miscellaneous Data';"; 194 echo $lang['install_step2_creating_table'] . ": '" . $table_name . "'...<br />\n";195 echo $lang['install_step2_creating_table'] . ": '" . DB_PREFIX . $table_name . "'...<br />\n"; 195 196 $db->query($sql); 196 197 … … 244 245 UNIQUE KEY `key` (`plugin_folder`, `plugin_siteid`) 245 246 ) ENGINE=" . DB_ENGINE . " DEFAULT CHARSET=" . DB_CHARSET . " COLLATE=" . DB_COLLATE . " COMMENT='Application Plugins';"; 246 echo $lang['install_step2_creating_table'] . ": '" . $table_name . "'...<br />\n";247 echo $lang['install_step2_creating_table'] . ": '" . DB_PREFIX . $table_name . "'...<br />\n"; 247 248 $db->query($sql); 248 249 } … … 257 258 `plugin_updatedts` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, 258 259 `plugin_updateby` int(20) NOT NULL DEFAULT 0, 259 INDEX (`plugin_folder`) 260 `pluginhooks_siteid` int(20) NOT NULL DEFAULT 1, 261 INDEX (`plugin_folder`), 262 INDEX (`pluginhooks_siteid`) 260 263 ) ENGINE=" . DB_ENGINE . " DEFAULT CHARSET=" . DB_CHARSET . " COLLATE=" . DB_COLLATE . " COMMENT='Plugins Hooks';"; 261 echo $lang['install_step2_creating_table'] . ": '" . $table_name . "'...<br />\n";264 echo $lang['install_step2_creating_table'] . ": '" . DB_PREFIX . $table_name . "'...<br />\n"; 262 265 $db->query($sql); 263 266 } … … 277 280 INDEX (`plugin_folder`) 278 281 ) ENGINE=" . DB_ENGINE . " DEFAULT CHARSET=" . DB_CHARSET . " COLLATE=" . DB_COLLATE . " COMMENT='Plugins Settings';"; 279 echo $lang['install_step2_creating_table'] . ": '" . $table_name . "'...<br />\n";282 echo $lang['install_step2_creating_table'] . ": '" . DB_PREFIX . $table_name . "'...<br />\n"; 280 283 $db->query($sql); 281 284 } … … 297 300 `post_category` int(20) NOT NULL DEFAULT 1, 298 301 `post_tags` text NULL, 299 `post_title` varchar(255) NULL,302 `post_title` text NULL, 300 303 `post_orig_url` varchar(255) NULL, 301 304 `post_domain` varchar(255) NULL, … … 314 317 INDEX (`post_type`) 315 318 ) ENGINE=" . DB_ENGINE . " DEFAULT CHARSET=" . DB_CHARSET . " COLLATE=" . DB_COLLATE . " COMMENT='Story Posts';"; 316 echo $lang['install_step2_creating_table'] . ": '" . $table_name . "'...<br />\n";319 echo $lang['install_step2_creating_table'] . ": '" . DB_PREFIX . $table_name . "'...<br />\n"; 317 320 $db->query($sql); 318 321 } … … 333 336 INDEX (`postmeta_postid`) 334 337 ) ENGINE=" . DB_ENGINE . " DEFAULT CHARSET=" . DB_CHARSET . " COLLATE=" . DB_COLLATE . " COMMENT='Post Meta';"; 335 echo $lang['install_step2_creating_table'] . ": '" . $table_name . "'...<br />\n";338 echo $lang['install_step2_creating_table'] . ": '" . DB_PREFIX . $table_name . "'...<br />\n"; 336 339 $db->query($sql); 337 340 } … … 355 358 INDEX (`vote_post_id`) 356 359 ) ENGINE=" . DB_ENGINE . " DEFAULT CHARSET=" . DB_CHARSET . " COLLATE=" . DB_COLLATE . " COMMENT='Post Votes';"; 357 echo $lang['install_step2_creating_table'] . ": '" . $table_name . "'...<br />\n";360 echo $lang['install_step2_creating_table'] . ": '" . DB_PREFIX . $table_name . "'...<br />\n"; 358 361 $db->query($sql); 359 362 } 360 363 364 365 // RELATES TABLE 366 367 if ($table_name == "relates") { 368 //echo "table doesn't exist. Stopping before creation."; exit; 369 $sql = "CREATE TABLE `" . DB_PREFIX . $table_name . "` ( 370 `relates_id` int(20) NOT NULL AUTO_INCREMENT PRIMARY KEY, 371 `relates_user_id` int(20) NOT NULL default '0', 372 `relates_post_id` int(20) NOT NULL default '0', 373 `relates_type` varchar(64) default '', 374 `relates_updatedts` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, 375 INDEX (`relates_user_id`), 376 INDEX (`relates_post_id`), 377 INDEX (`relates_type`) 378 ) ENGINE=" . DB_ENGINE . " DEFAULT CHARSET=" . DB_CHARSET . " COLLATE=" . DB_COLLATE . " COMMENT='Relates';"; 379 echo $lang['install_step2_creating_table'] . ": '" . DB_PREFIX . $table_name . "'...<br />\n"; 380 $db->query($sql); 381 } 382 383 361 384 362 385 // SETTINGS TABLE … … 376 399 INDEX (`settings_siteid`) 377 400 ) ENGINE=" . DB_ENGINE . " DEFAULT CHARSET=" . DB_CHARSET . " COLLATE=" . DB_COLLATE . " COMMENT='Application Settings';"; 378 echo $lang['install_step2_creating_table'] . ": '" . $table_name . "'...<br />\n";401 echo $lang['install_step2_creating_table'] . ": '" . DB_PREFIX . $table_name . "'...<br />\n"; 379 402 $db->query($sql); 380 403 … … 457 480 $db->query($db->prepare($sql, 'SMTP_PASSWORD', '', '', '')); 458 481 459 // Sys Feedback 460 $sql = "INSERT INTO " . DB_PREFIX . $table_name . " (settings_name, settings_value, settings_default, settings_note) VALUES (%s, %s, %s, %s)"; 461 $db->query($db->prepare($sql, 'SYS_FEEDBACK', 'true', 'true', 'send system report')); 482 // Sys Feedback 483 $sql = "INSERT INTO " . DB_PREFIX . $table_name . " (settings_name, settings_value, settings_default, settings_note) VALUES (%s, %s, %s, %s)"; 484 $db->query($db->prepare($sql, 'SYS_UPDATES', 'true', 'true', 'Hotaru updates')); 485 486 // Multiple Sites 487 $sql = "INSERT INTO " . DB_PREFIX . $table_name . " (settings_name, settings_value, settings_default, settings_note) VALUES (%s, %s, %s, %s)"; 488 $db->query($db->prepare($sql, 'MULTI_SITE', 'false', 'false', 'Multiple sites')); 489 490 echo $lang['install_step2_adding_data'] . ": '" . DB_PREFIX . $table_name . "'...<br />\n"; 491 462 492 } 463 493 … … 473 503 `site_updateby` int(20) NOT NULL DEFAULT 0 474 504 ) ENGINE=" . DB_ENGINE . " DEFAULT CHARSET=" . DB_CHARSET . " COLLATE=" . DB_COLLATE . " COMMENT='Site Table';"; 475 echo $lang['install_step2_creating_table'] . ": '" . $table_name . "'...<br />\n";505 echo $lang['install_step2_creating_table'] . ": '" . DB_PREFIX . $table_name . "'...<br />\n"; 476 506 $db->query($sql); 477 507 } … … 494 524 INDEX (`tags_archived`) 495 525 ) ENGINE=" . DB_ENGINE . " DEFAULT CHARSET=" . DB_CHARSET . " COLLATE=" . DB_COLLATE . " COMMENT='Post Tags';"; 496 echo $lang['install_step2_creating_table'] . ": '" . $table_name . "'...<br />\n";526 echo $lang['install_step2_creating_table'] . ": '" . DB_PREFIX . $table_name . "'...<br />\n"; 497 527 $db->query($sql); 498 528 } … … 510 540 `tempdata_updateby` int(20) NOT NULL DEFAULT 0 511 541 ) ENGINE=" . DB_ENGINE . " DEFAULT CHARSET=" . DB_CHARSET . " COLLATE=" . DB_COLLATE . " COMMENT='Temporary Data';"; 512 echo $lang['install_step2_creating_table'] . ": '" . $table_name . "'...<br />\n";542 echo $lang['install_step2_creating_table'] . ": '" . DB_PREFIX . $table_name . "'...<br />\n"; 513 543 $db->query($sql); 514 544 } … … 519 549 if ($table_name == "tokens") { 520 550 $sql = "CREATE TABLE `" . DB_PREFIX . $table_name . "` ( 521 `token_id` INT(11) unsigned NOT NULL AUTO_INCREMENT PRIMARY KEY,522 551 `token_sid` varchar(32) NOT NULL, 523 552 `token_key` CHAR(32) NOT NULL, … … 526 555 INDEX (`token_key`) 527 556 ) ENGINE=" . DB_ENGINE . " DEFAULT CHARSET=" . DB_CHARSET . " COLLATE=" . DB_COLLATE . " COMMENT='Tokens for CSRF protection';"; 528 echo $lang['install_step2_creating_table'] . ": '" . $table_name . "'...<br />\n";557 echo $lang['install_step2_creating_table'] . ": '" . DB_PREFIX . $table_name . "'...<br />\n"; 529 558 $db->query($sql); 530 559 } … … 555 584 KEY `user_email` (`user_email`) 556 585 ) ENGINE=" . DB_ENGINE . " DEFAULT CHARSET=" . DB_CHARSET . " COLLATE=" . DB_COLLATE . " COMMENT='Users and Roles';"; 557 echo $lang['install_step2_creating_table'] . ": '" . $table_name . "'...<br />\n";586 echo $lang['install_step2_creating_table'] . ": '" . DB_PREFIX . $table_name . "'...<br />\n"; 558 587 $db->query($sql); 559 588 } … … 574 603 INDEX (`usermeta_key`) 575 604 ) ENGINE=" . DB_ENGINE . " DEFAULT CHARSET=" . DB_CHARSET . " COLLATE=" . DB_COLLATE . " COMMENT='User Meta';"; 576 echo $lang['install_step2_creating_table'] . ": '" . $table_name . "'...<br />\n";605 echo $lang['install_step2_creating_table'] . ": '" . DB_PREFIX . $table_name . "'...<br />\n"; 577 606 $db->query($sql); 578 607 } … … 597 626 INDEX (`useract_userid`) 598 627 ) ENGINE=" . DB_ENGINE . " DEFAULT CHARSET=" . DB_CHARSET . " COLLATE=" . DB_COLLATE . " COMMENT='User Activity';"; 599 echo $lang['install_step2_creating_table'] . ": '" . $table_name . "'...<br />\n";628 echo $lang['install_step2_creating_table'] . ": '" . DB_PREFIX . $table_name . "'...<br />\n"; 600 629 $db->query($sql); 601 630 } … … 616 645 INDEX (`widget_siteid`) 617 646 ) ENGINE=" . DB_ENGINE . " DEFAULT CHARSET=" . DB_CHARSET . " COLLATE=" . DB_COLLATE . " COMMENT='Widgets';"; 618 echo $lang['install_step2_creating_table'] . ": '" . $table_name . "'...<br />\n";647 echo $lang['install_step2_creating_table'] . ": '" . DB_PREFIX . $table_name . "'...<br />\n"; 619 648 $db->query($sql); 620 649 } -
trunk/javascript/hotaru.js
r1896 r2080 100 100 // Show/Hide forgot password form 101 101 $(".forgot_password").click(function () { 102 var target = $( this).next("form");102 var target = $("#forgot_password_form"); 103 103 target.fadeToggle(); 104 104 return false; -
trunk/libs/AdminAuth.php
r1896 r2080 36 36 if (($h->pageName != 'admin_login') && !$this->isAdminCookie($h)) 37 37 { 38 header('Location: ' . BASEURL . 'admin_index.php?page=admin_login');38 header('Location: ' . SITEURL . 'admin_index.php?page=admin_login'); 39 39 die; exit; 40 40 } … … 48 48 if (($h->currentUser->name == "") && $h->isActive('signin')) 49 49 { 50 header('Location: ' . BASEURL . 'index.php?page=login');50 header('Location: ' . SITEURL . 'index.php?page=login'); 51 51 die; exit; 52 52 } … … 231 231 $strCookie=base64_encode( 232 232 join(':', array($h->currentUser->name, 233 $h->currentUser->generateHash($h->currentUser->name, md5( BASEURL)),233 $h->currentUser->generateHash($h->currentUser->name, md5(SITEURL)), 234 234 md5($h->currentUser->password))) 235 235 ); … … 238 238 $month = 2592000 + time(); 239 239 240 if (strpos( BASEURL, "localhost") !== false) {240 if (strpos(SITEURL, "localhost") !== false) { 241 241 setcookie("hotaru_user", $h->currentUser->name, $month, "/"); 242 242 setcookie("hotaru_key", $strCookie, $month, "/"); 243 243 } else { 244 $parsed = parse_url( BASEURL);244 $parsed = parse_url(SITEURL); 245 245 246 246 // now we need a dot in front of that so cookies work across subdomains: … … 278 278 { 279 279 $h->currentUser->destroyCookieAndSession(); 280 header("Location: " . BASEURL);280 header("Location: " . SITEURL); 281 281 return true; 282 282 } -
trunk/libs/AdminPages.php
r1896 r2080 62 62 $this->adminPlugins($h); 63 63 break; 64 case "plugin_search": 65 $h->sidebars = false; 66 $h->vars['admin_sidebar_layout'] = 'horizontal'; 67 //$this->adminPluginSearch($h); 68 break; 64 69 case "plugin_settings": 65 70 $h->vars['settings_plugin'] = $h->cage->get->testAlnumLines('plugin'); // get plugin name from url … … 146 151 } else { 147 152 // values that are allowed to be empty: 148 $exempt = array('SMTP_USERNAME', 'SMTP_PASSWORD'); 153 // multi-site added here because the feature is hidden in settings template. Remove from below when visible. 154 $exempt = array('SMTP_USERNAME', 'SMTP_PASSWORD', 'MULTI_SITE'); 149 155 if ($setting_name->settings_show == 'N') { array_push($exempt, $setting_name->settings_name); } 150 156 if (!in_array($setting_name->settings_name, $exempt)) { … … 155 161 } 156 162 157 // cron hook to include SYS_ FEEDBACKjob158 if ($h->cage->post->keyExists('SYS_ FEEDBACK') == 'true' ) {163 // cron hook to include SYS_UPDATES job 164 if ($h->cage->post->keyExists('SYS_UPDATES') == 'true' ) { 159 165 $timestamp = time(); 160 166 $recurrence = "daily"; … … 162 168 $cron_data = array('timestamp'=>$timestamp, 'recurrence'=>$recurrence, 'hook'=>$hook); 163 169 $h->pluginHook('cron_update_job', 'cron', $cron_data); 170 171 $hook = "SystemInfo:hotaru_version"; 172 $cron_data = array('timestamp'=>$timestamp, 'recurrence'=>$recurrence, 'hook'=>$hook); 173 $h->pluginHook('cron_update_job', 'cron', $cron_data); 174 175 $hook = "SystemInfo:plugin_version_getAll"; 176 $cron_data = array('timestamp'=>$timestamp, 'recurrence'=>$recurrence, 'hook'=>$hook); 177 $h->pluginHook('cron_update_job', 'cron', $cron_data); 164 178 } 165 179 else { 166 180 $hook = "SystemInfo:hotaru_feedback"; 181 $cron_data = array('hook'=>$hook); 182 $h->pluginHook('cron_delete_job', 'cron', $cron_data); 183 184 $hook = "SystemInfo:hotaru_version"; 185 $cron_data = array('hook'=>$hook); 186 $h->pluginHook('cron_delete_job', 'cron', $cron_data); 187 188 $hook = "SystemInfo:plugin_version_getAll"; 167 189 $cron_data = array('hook'=>$hook); 168 190 $h->pluginHook('cron_delete_job', 'cron', $cron_data); … … 204 226 public function getAllAdminSettings($db) 205 227 { 206 $sql = "SELECT settings_name, settings_value, settings_default, settings_note, settings_show FROM " . TABLE_SETTINGS; 228 $sql = "SELECT settings_name, settings_value, settings_default, settings_note, settings_show FROM " . TABLE_SETTINGS; 207 229 $results = $db->get_results($db->prepare($sql)); 208 230 if ($results) { return $results; } else { return false; } … … 401 423 * 402 424 * *********************************************************** */ 403 404 425 426 405 427 /** 406 428 * Call functions based on user actions in Plugin Management … … 413 435 $action = $h->cage->get->testAlnumLines('action'); 414 436 $order = $h->cage->get->testAlnumLines('order'); 415 416 require_once(LIBS . 'PluginManagement.php'); 437 417 438 $plugman = new PluginManagement(); 418 439 -
trunk/libs/Announcements.php
r1896 r2080 87 87 88 88 $announcements = array(); 89 90 // Check if install file has been deleted 91 $filename = INSTALL . 'install.php'; 92 if (file_exists($filename)) { 93 array_push($announcements, $h->lang['admin_announcement_delete_install']); 94 } 89 90 if (SITEID == 1) { 91 // Check if install file has been deleted 92 $filename = INSTALL . 'install.php'; 93 if (file_exists($filename)) { 94 array_push($announcements, $h->lang['admin_announcement_delete_install']); 95 } 96 97 // Check if install file has not been run 98 $sql = "SELECT miscdata_value FROM " . TABLE_MISCDATA . " WHERE miscdata_key = %s"; 99 $hotaru_version = $h->db->get_var($h->db->prepare($sql, 'hotaru_version')); 100 if (version_compare($h->version, $hotaru_version, '>')) { 101 array_push($announcements, $h->lang['admin_announcement_run_install']); 102 } 103 } 95 104 96 105 // Site is currently undergoing maintenance -
trunk/libs/Avatar.php
r1896 r2080 138 138 if (!$this->user_id) { return false; } 139 139 140 $output = "<a href='" . $h->url(array('user' => $this->user_name)) . "' title='" . $this->user_name . "'> \n";140 $output = "<a href='" . $h->url(array('user' => $this->user_name)) . "' title='" . $this->user_name . "'>"; 141 141 $result = $h->pluginHook('avatar_get_avatar'); 142 142 if ($result) { … … 146 146 $output .= $avatar; // uses the last avatar sent to this hook 147 147 } 148 $output .= "</a> \n";148 $output .= "</a>"; 149 149 return $output; 150 150 } … … 159 159 160 160 $output = "<div class='avatar_wrapper'>"; 161 $output .= "<a href='" . $h->url(array('user' => $this->user_name)) . "' title='" . $this->user_name . "'> \n";161 $output .= "<a href='" . $h->url(array('user' => $this->user_name)) . "' title='" . $this->user_name . "'>"; 162 162 $result = $h->pluginHook('avatar_get_avatar'); 163 163 if ($result) { … … 167 167 $output .= $avatar; // uses the last avatar sent to this hook 168 168 } 169 $output .= "</a> \n";170 $output .= "</div> \n";169 $output .= "</a>"; 170 $output .= "</div>"; 171 171 return $output; 172 172 } … … 180 180 if (!$this->user_id) { return false; } 181 181 182 $output = "<a href='" . $h->url(array('user' => $this->user_name)) . "' title='" . $this->user_name . "'> \n";182 $output = "<a href='" . $h->url(array('user' => $this->user_name)) . "' title='" . $this->user_name . "'>"; 183 183 $output .= $avatar_image; // avatar in img tags 184 $output .= "</a> \n";184 $output .= "</a>"; 185 185 return $output; 186 186 } … … 195 195 196 196 $output = "<div class='avatar_wrapper'>"; 197 $output .= "<a href='" . $h->url(array('user' => $this->user_name)) . "' title='" . $this->user_name . "'> \n";197 $output .= "<a href='" . $h->url(array('user' => $this->user_name)) . "' title='" . $this->user_name . "'>"; 198 198 $output .= $avatar_image; // avatar in img tags 199 $output .= "</a> \n";200 $output .= "</div> \n";199 $output .= "</a>"; 200 $output .= "</div>"; 201 201 return $output; 202 202 } -
trunk/libs/Blocked.php
r1896 r2080 131 131 $output .= "<td>" . $block->blocked_value . "</td>\n"; 132 132 $output .= "<td>" . "<a class='table_drop_down' href='#'>\n"; 133 $output .= "<img src='" . BASEURL . "content/admin_themes/" . ADMIN_THEME . "images/edit.png'>" . "</a></td>\n";134 $output .= "<td>" . "<a href='" . BASEURL . "admin_index.php?page=blocked&action=remove&id=" . $block->blocked_id . "'>\n";135 $output .= "<img src='" . BASEURL . "content/admin_themes/" . ADMIN_THEME . "images/delete.png'>" . "</a></td>\n";133 $output .= "<img src='" . SITEURL . "content/admin_themes/" . ADMIN_THEME . "images/edit.png'>" . "</a></td>\n"; 134 $output .= "<td>" . "<a href='" . SITEURL . "admin_index.php?page=blocked&action=remove&id=" . $block->blocked_id . "'>\n"; 135 $output .= "<img src='" . SITEURL . "content/admin_themes/" . ADMIN_THEME . "images/delete.png'>" . "</a></td>\n"; 136 136 $output .= "</tr>\n"; 137 137 $output .= "<tr class='table_tr_details' style='display:none;'>\n"; 138 138 $output .= "<td colspan=3 class='table_description'>\n"; 139 $output .= "<form name='blocked_list_edit_form' action='" . BASEURL . "admin_index.php' method='post'>\n";139 $output .= "<form name='blocked_list_edit_form' action='" . SITEURL . "admin_index.php' method='post'>\n"; 140 140 $output .= "<table><tr><td><select name='blocked_type'>\n"; 141 141 -
trunk/libs/Breadcrumbs.php
r1896 r2080 35 35 // Admin only: 36 36 if ($h->isAdmin) { 37 $output .= "<a href='" . BASEURL . "'>" . SITE_NAME . " (" . $h->lang['main_theme_breadcrumbs_home'] . ")</a>\n";37 $output .= "<a href='" . SITEURL . "'>" . SITE_NAME . " (" . $h->lang['main_theme_breadcrumbs_home'] . ")</a>\n"; 38 38 39 39 $output .= " » <a href='" . $h->url(array(), 'admin') . "'>"; 40 40 $output .= $h->lang['admin_theme_main_admin_cp'] . "</a>\n"; 41 41 } else { 42 $output .= "<a href='" . BASEURL . "'>" . $h->lang['main_theme_breadcrumbs_home'] . "</a>\n";42 $output .= "<a href='" . SITEURL . "'>" . $h->lang['main_theme_breadcrumbs_home'] . "</a>\n"; 43 43 } 44 44 … … 80 80 } 81 81 $rss = "<a href='" . $h->url($url_array) . "'>"; 82 $rss .= " <img src='" . BASEURL . "content/themes/" . THEME . "images/rss_10.png' alt='" . $h->pageTitle . " RSS' /></a>";82 $rss .= " <img src='" . SITEURL . "content/themes/" . THEME . "images/rss_10.png' alt='" . $h->pageTitle . " RSS' /></a>"; 83 83 return $rss; 84 84 } -
trunk/libs/Comment.php
r1896 r2080 612 612 */ 613 613 public function stats($h, $stat_type = '') 614 { 614 { 615 615 switch ($stat_type) { 616 case 'total_comments': 617 $query = "SELECT count(comment_id) FROM " . TABLE_COMMENTS; 618 $h->smartCache('on', 'comments', 60, $query); // start using cache 619 $comments = $h->db->get_var($query); 620 break; 621 case 'approved_comments': 622 $sql = "SELECT count(comment_id) FROM " . TABLE_COMMENTS . " WHERE comment_status = %s"; 623 $query = $h->db->prepare($sql, 'approved'); 624 $h->smartCache('on', 'comments', 60, $query); // start using cache 625 $comments = $h->db->get_var($query); 626 break; 627 case 'pending_comments': 628 $sql = "SELECT count(comment_id) FROM " . TABLE_COMMENTS . " WHERE comment_status = %s"; 629 $query = $h->db->prepare($sql, 'pending'); 630 $h->smartCache('on', 'comments', 60, $query); // start using cache 631 $comments = $h->db->get_var($query); 632 break; 633 case 'archived_comments': 634 $sql = "SELECT count(comment_id) FROM " . TABLE_COMMENTS . " WHERE comment_archived = %s"; 635 $query = $h->db->prepare($sql, 'Y'); 636 $h->smartCache('on', 'comments', 60, $query); // start using cache 637 $comments = $h->db->get_var($query); 638 break; 639 default: 640 $comments = ''; 641 } 642 $h->smartCache('off'); // stop using cache 643 616 default: 617 $sql = "SELECT comment_status, count(comment_id) FROM " . TABLE_COMMENTS . " GROUP BY comment_status"; 618 $query = $h->db->prepare($sql); 619 $h->smartCache('on', 'comments', 60, $query); // start using cache 620 $comments = $h->db->get_results($query, ARRAY_N); 621 break; 622 case 'archived': 623 $sql = "SELECT count(comment_id) FROM " . TABLE_COMMENTS . " WHERE comment_archived = %s"; 624 $query = $h->db->prepare($sql, 'Y'); 625 $h->smartCache('on', 'comments', 60, $query); // start using cache 626 $comments = $h->db->get_var($query); 627 break; 628 } 629 630 $h->smartCache('off'); // stop using cache 631 644 632 return $comments; 633 645 634 } 646 635 } -
trunk/libs/Database.php
r1896 r2080 116 116 117 117 // set SELECT: 118 $select = ($this->select) ? implode(', ', $this->select) : '';118 $select = ($this->select) ? $this->buildSelect() : ''; 119 119 120 120 // set TABLE: … … 147 147 148 148 149 /** 150 * Build the SELECT string 151 * 152 * @return string 153 */ 154 public function buildSelect() 155 { 156 if (!$this->select) { return ''; } 157 158 $select = ""; // the new select string we make from the $this->select array 159 160 foreach ($this->select as $key => $value) { 161 // e.g. 162 // $select[0] = 'post_id'; 163 // $select[1] = array('blah %s blah'=>'value for %s'); 164 165 // Push the values of %s and %d into the prepare_array 166 if (is_array($value)) { 167 foreach ($value as $k => $v) { 168 $select .= $k . ', '; 169 array_push($this->prepare_array, $v); 170 } 171 } else { 172 // otherwise add the single value to the select string 173 $select .= $value . ', '; 174 } 175 176 } 177 $select = rstrtrim($select, ", "); // strip off trailing AND 178 179 return $select; 180 } 181 182 149 183 /** 150 184 * Build the WHERE string -
trunk/libs/Debug.php
r1896 r2080 111 111 public function generateReport($h, $type = 'log') 112 112 { 113 $report = $this->getSystemData($h); 113 $sysinfo = new SystemInfo(); 114 $sysinfo->plugin_version_getAll($h); 115 116 $report = $sysinfo->getSystemData($h); 114 117 115 118 if ($type == 'object') { return $report; } … … 118 121 $to = "admin@hotarucms.org"; // do not change! 119 122 $subject = "System Report from " . SITE_NAME; 120 $body = $ this->logSystemReport($h, $report);123 $body = $sysinfo->logSystemReport($h, $report); 121 124 $h->email($to, $subject, $body); 122 125 $h->message = $h->lang['admin_maintenance_system_report_emailed']; … … 128 131 129 132 // convert object to text 130 $output = $ this->logSystemReport($h, $report);133 $output = $sysinfo->logSystemReport($h, $report); 131 134 if ($output) { 132 135 $h->writeLog('system_report', $output); … … 142 145 } 143 146 } 144 145 /**146 * Get system data147 *148 * @param string $type 'log' or 'object'149 * @return object150 */151 public function getSystemData($h)152 {153 // essentials:154 155 $report['hotaru_site_name'] = SITE_NAME;156 $report['hotaru_baseurl'] = BASEURL;157 158 $report['php_version'] = phpversion();159 $report['mysql_version'] = $h->db->get_var("SELECT VERSION() AS VE");160 $report['hotaru_version'] = $h->version;161 $report['php_extensions'] = get_loaded_extensions();162 163 $sql = "SELECT miscdata_value FROM " . TABLE_MISCDATA . " WHERE miscdata_key = %s";164 $report['hotaru_version_db'] = $h->db->get_var($h->db->prepare($sql, 'hotaru_version'));165 166 // default permissions167 168 $sql = "SELECT miscdata_value FROM " . TABLE_MISCDATA . " WHERE miscdata_key = %s";169 $report['hotaru_permissions'] = $h->db->get_var($h->db->prepare($sql, 'permissions'));170 171 // default user settings172 173 $sql = "SELECT miscdata_value FROM " . TABLE_MISCDATA . " WHERE miscdata_key = %s";174 $report['hotaru_user_settings'] = $h->db->get_var($h->db->prepare($sql, 'user_settings'));175 176 // plugins: folder, enabled, version, order177 178 $sql = "SELECT plugin_folder, plugin_enabled, plugin_version, plugin_order FROM " . TABLE_PLUGINS . " ORDER BY plugin_order";179 $plugins = $h->db->get_results($h->db->prepare($sql));180 if ($plugins) {181 foreach ($plugins as $plugin) {182 $report['hotaru_plugins'][$plugin->plugin_folder]['enabled'] = $plugin->plugin_enabled;183 $report['hotaru_plugins'][$plugin->plugin_folder]['version'] = $plugin->plugin_version;184 $report['hotaru_plugins'][$plugin->plugin_folder]['order'] = $plugin->plugin_order;185 }186 }187 188 // plugin hooks: id, folder, hook name189 190 $sql = "SELECT phook_id, plugin_folder, plugin_hook FROM " . TABLE_PLUGINHOOKS;191 $plugins = $h->db->get_results($h->db->prepare($sql));192 if ($plugins) {193 foreach ($plugins as $plugin) {194 $report['hotaru_plugin_hooks'][$plugin->phook_id]['folder'] = $plugin->plugin_folder;195 $report['hotaru_plugin_hooks'][$plugin->phook_id]['hook'] = $plugin->plugin_hook;196 }197 }198 199 // plugin settings: folder, setting (can't use value because might include passwords)200 201 $sql = "SELECT plugin_folder, plugin_setting, plugin_value FROM " . TABLE_PLUGINSETTINGS;202 $plugins = $h->db->get_results($h->db->prepare($sql));203 if ($plugins) {204 foreach ($plugins as $plugin) {205 if (is_serialized($plugin->plugin_value)) { $plugin->plugin_value = unserialize($plugin->plugin_value); }206 $report['hotaru_plugin_settings'][$plugin->plugin_folder][$plugin->plugin_setting] = $this->applyMaskToArrays($h, $plugin->plugin_value);207 }208 }209 210 // Settings: Name, value (excluding SMTP PASSWORD)211 212 $sql = "SELECT settings_name, settings_value FROM " . TABLE_SETTINGS;213 $settings = $h->db->get_results($h->db->prepare($sql));214 if ($settings) {215 foreach ($settings as $setting) {216 // mask sensitive data217 switch ($setting->settings_name) {218 case 'SITE_EMAIL':219 case 'SMTP_HOST':220 case 'SMTP_PORT':221 case 'SMTP_USERNAME':222 case 'SMTP_PASSWORD':223 $setting->settings_value = preg_replace("/[a-zA-Z0-9]/", "*", $setting->settings_value);224 break;225 }226 $report['hotaru_settings'][$setting->settings_name] = $setting->settings_value;227 }228 }229 230 // Widgets: plugin, function, args231 232 $sql = "SELECT widget_plugin, widget_function, widget_args FROM " . TABLE_WIDGETS;233 $widgets = $h->db->get_results($h->db->prepare($sql));234 if ($widgets) {235 foreach ($widgets as $widget) {236 $report['hotaru_widgets'][$widget->widget_plugin]['function'] = $widget->widget_function;237 $report['hotaru_widgets'][$widget->widget_plugin]['args'] = $widget->widget_args;238 }239 }240 241 // Counts for all tables242 243 foreach ( $h->db->get_col("SHOW TABLES",0) as $table_name )244 {245 $report['hotaru_table_count'][$table_name] = $h->db->get_var("SELECT COUNT(*) FROM " . $table_name);246 }247 248 return $report;249 }250 251 252 /**253 * Recurse through arrays, applying * mask to all values, but not keys254 *255 * @param array $array256 * @return array257 */258 public function applyMaskToArrays($h, $array)259 {260 //echo "<pre>"; print_r($array); echo "</pre>"; exit;261 if (!is_array($array) && !is_object($array)) { return false; }262 263 foreach ($array as $key => $value) {264 if (is_array($value) || is_object($value)) {265 $array[$key] = $this->applyMaskToArrays($h, $value);266 } else {267 $array[$key] = preg_replace("/[a-zA-Z0-9]/", "*", $value);268 }269 }270 return $array;271 }272 273 274 /**275 * Convert report object to text for logging to file276 *277 * @param object $report278 */279 public function logSystemReport($h, $report = NULL)280 {281 $output = "\n\n";282 283 $output .= "Name: " . $report['hotaru_site_name'] . "\n";284 $output .= "URL: " . $report['hotaru_baseurl'] . "\n";285 $output .= "Hotaru version: " . $report['hotaru_version'] . "\n";286 $output .= "Hotaru version in database: " . $report['hotaru_version_db'] . "\n";287 $output .= "PHP version: " . $report['php_version'] . "\n";288 $output .= "MySQL version: " . $report['mysql_version'] . "\n";289 $output .= "PHP extensions: " . implode(', ', $report['php_extensions']) . "\n";290 291 $output .= "\n";292 293 $output .= "Default site permissions: \n";294 $perms = unserialize($report['hotaru_permissions']);295 unset($perms['options']); // don't need to display these296 foreach ($perms as $key => $value) {297 $output .= $key . " => (";298 foreach ($value as $k => $v) {299 $output .= $k . ": " . $v . ", ";300 }301 $output = rtrim($output, ", ");302 $output .= ")\n";303 }304 305 $output .= "\n";306 307 $output .= "Default user settings: \n";308 $user_settings = unserialize($report['hotaru_user_settings']);309 foreach ($user_settings as $key => $value) {310 $output .= $key . " => " . $value . "\n";311 }312 313 $output .= "\n";314 315 $output .= "Plugins: \n";316 if (isset($report['hotaru_plugins'])) {317 foreach ($report['hotaru_plugins'] as $key => $value) {318 $output .= $value['order'] . ". " . $key . " v." . $value['version'] . " ";319 if ($value['enabled']) { $output .= "[enabled] \n"; } else { $output .= "[disabled] \n"; }320 }321 }322 323 $output .= "\n";324 325 $output .= "Plugin Hooks: \n";326 if (isset($report['hotaru_plugin_hooks'])) {327 foreach ($report['hotaru_plugin_hooks'] as $key => $value) {328 $output .= $key . ". " . $value['folder'] . " => " . $value['hook'] . " \n";329 }330 }331 332 $output .= "\n";333 334 $output .= "Plugin Settings: \n";335 if (isset($report['hotaru_plugin_settings'])) {336 foreach ($report['hotaru_plugin_settings'] as $key => $value) {337 foreach ($value as $k => $v) {338 if (!is_array($v)) {339 $output .= "\nPlugin settings for " . $key . ":\n...." . $k . " = " . $v . " \n";340 } else {341 $output .= "\nPlugin settings for " . $key . ":\n";342 $output = $this->outputArrays($h, $v, $output);343 }344 }345 }346 }347 348 $output .= "\n";349 350 $output .= "Hotaru Settings: \n";351 if (isset($report['hotaru_settings'])) {352 foreach ($report['hotaru_settings'] as $key => $value) {353 $output .= $key . " => " . $value . " \n";354 }355 }356 357 $output .= "\n";358 359 $output .= "Widgets: \n";360 if (isset($report['hotaru_widgets'])) {361 foreach ($report['hotaru_widgets'] as $key => $value) {362 $output .= $key . " => " . $value['function'];363 if ($value['args']) { $output .= " (args: " . $value['args'] . ")"; }364 $output .= "\n";365 }366 }367 368 $output .= "\n";369 370 $output .= "Number of rows in each table: \n";371 if (isset($report['hotaru_table_count'])) {372 foreach ($report['hotaru_table_count'] as $key => $value) {373 $output .= $key . " => " . $value . " \n";374 }375 }376 377 return $output;378 }379 380 381 /**382 * Recurse through arrays, adding them to $output for display383 *384 * @param array $array385 * @return array386 */387 public function outputArrays($h, $array = array(), $output = '')388 {389 if (!is_array($array) && !is_object($array)) { return $output; }390 391 foreach ($array as $key => $value) {392 if (is_array($value) || is_object($array)) {393 $output .= "..... " . $key . ":\n";394 $output = $this->outputArrays($h, $value, $output);395 } else {396 $output .= "..... " . $key . ": " . $value . " \n";397 }398 }399 return $output;400 }401 147 } 402 148 ?> -
trunk/libs/EmailFunctions.php
r1896 r2080 64 64 if (!$this->from) { $this->from = SITE_NAME . ' <' . SITE_EMAIL . '>'; } 65 65 66 if (SMTP == 'true') { 66 if (SMTP == 'true') 67 { 67 68 if (is_array($this->to)) { $to = $this->to['To']; } else { $to = $this->to; } 68 69 if (!$this->headers) { … … 71 72 $this->headers['To'] = $to; 72 73 } 73 } else { 74 75 // set content type to work with French accents, etc. 76 if (!isset($this->headers['Content-Type'])) { 77 $this->headers['Content-Type'] = 'text/plain; charset=UTF-8'; 78 } 79 } 80 else 81 { 74 82 // if not using SMTP and no headers passed to this function, use default 75 83 if (!$this->headers) { 76 84 $this->headers = "From: " . $this->from . "\r\nReply-To: " . SITE_EMAIL . "\r\nX-Priority: 3\r\n"; 85 } 86 87 // set content type to work with French accents, etc. 88 if (stripos($this->headers, 'content-type') === false) { 89 $this->headers .= 'Content-Type: text/plain; charset="UTF-8"'. "\r\n"; 77 90 } 78 91 } -
trunk/libs/IncludeCssJs.php
r1896 r2080 49 49 foreach ($files as $file) { 50 50 if (file_exists(THEMES . THEME . 'css/' . $file . '.css')) { 51 echo "<link rel='stylesheet' href='" . BASEURL . "content/themes/" . THEME . "css/" . $file . ".css' type='text/css' />\n";51 echo "<link rel='stylesheet' href='" . SITEURL . "content/themes/" . THEME . "css/" . $file . ".css' type='text/css' />\n"; 52 52 } else { 53 echo "<link rel='stylesheet' href='" . BASEURL . "content/plugins/" . $folder . "/css/" . $file . ".css' type='text/css' />\n";53 echo "<link rel='stylesheet' href='" . SITEURL . "content/plugins/" . $folder . "/css/" . $file . ".css' type='text/css' />\n"; 54 54 } 55 55 } … … 75 75 foreach ($files as $file) { 76 76 if (file_exists(THEMES . THEME . 'javascript/' . $file . '.js')) { 77 echo "<script src='" . BASEURL . "content/themes/" . THEME . "javascript/" . $file . ".js' type='text/javascript' language='javascript'></script>\n";77 echo "<script src='" . SITEURL . "content/themes/" . THEME . "javascript/" . $file . ".js' type='text/javascript' language='javascript'></script>\n"; 78 78 } else { 79 echo "<script src='" . BASEURL . "content/plugins/" . $folder . "/javascript/" . $file . ".js' type='text/javascript' language='javascript'></script>\n";79 echo "<script src='" . SITEURL . "content/plugins/" . $folder . "/javascript/" . $file . ".js' type='text/javascript' language='javascript'></script>\n"; 80 80 } 81 81 } … … 383 383 384 384 if ($version_js > 0) { 385 echo "<script type='text/javascript' src='" . BASEURL . "cache/" . SITEID . "/css_js_cache/" . $prefix . "js_" . $version_js . ".js'></script>\n";385 echo "<script type='text/javascript' src='" . SITEURL . "cache/" . SITEID . "/css_js_cache/" . $prefix . "js_" . $version_js . ".js'></script>\n"; 386 386 } 387 387 388 388 if ($version_css > 0) { 389 echo "<link rel='stylesheet' href='" . BASEURL . "cache/" . SITEID . "/css_js_cache/" . $prefix . "css_" . $version_css . ".css' type='text/css' />\n";389 echo "<link rel='stylesheet' href='" . SITEURL . "cache/" . SITEID . "/css_js_cache/" . $prefix . "css_" . $version_css . ".css' type='text/css' />\n"; 390 390 } 391 391 -
trunk/libs/Initialize.php
r1896 r2080 36 36 public function __construct($h) 37 37 { 38 38 39 39 // session to be used by CSRF, etc. 40 40 if (!isset($_SESSION['HotaruCMS'])) { … … 42 42 $_SESSION['HotaruCMS'] = time(); 43 43 } 44 44 45 45 // The order here is important! 46 46 $this->setDefaultTimezone(); 47 47 $this->setTableConstants(); 48 48 49 49 $this->getFiles(); 50 50 $this->cage = $this->initInspektCage(); … … 53 53 $this->getCurrentSiteID(); 54 54 $this->errorReporting(); 55 55 56 56 $this->readSettings(); 57 57 $this->setUpDatabaseCache(); … … 153 153 public function getCurrentSiteID() 154 154 { 155 // if isActive($result) { 156 // $url = $this->cage->server->getRaw('HTTP_HOST'); // wanted to use sanitizeTags 157 // $sql = "SELECT site_id, site_adminuser_id FROM " . TABLE_SITE . " WHERE site_url = %s"; 158 // $settings = $this->db->get_row($this->db->prepare($sql, $url)); 159 // var_dump( $settings); 160 // 161 // if ($settings) { 162 // $siteid = $settings->site_id; 163 // } else { 164 // $siteid = 1; 165 // } 166 // } else { 155 // read settings for default siteid=1 first to check whether MULTISITE is TRUE 156 $sql = "SELECT settings_value FROM " . TABLE_SETTINGS . " WHERE settings_name = %s AND settings_siteid = %d"; 157 $multi_site = $this->db->get_var($this->db->prepare($sql, 'MULTI_SITE', 1)); 158 if (!defined('MULTI_SITE')) { define ('MULTI_SITE', $multi_site); } 159 160 if (MULTI_SITE == 'true') { 161 $url = $this->cage->server->getRaw('HTTP_HOST'); // wanted to use sanitizeTags 162 $sql = "SELECT site_id, site_adminuser_id FROM " . TABLE_SITE . " WHERE site_url = %s"; 163 $settings = $this->db->get_row($this->db->prepare($sql, $url)); 164 165 if ($settings) { 166 $siteid = $settings->site_id; 167 $siteurl = "http://" . $url . "/"; 168 } else { 169 $siteid = 1; 170 $siteurl = BASEURL; 171 } 172 173 174 if (!defined('MS_TABLES')) { 175 $ms_tables = array(); 176 //get $h->$ms_tables 177 foreach ( $this->db->get_col("SHOW TABLES",0) as $table_name ) 178 { 179 $sql = "SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.Columns where TABLE_NAME = %s AND RIGHT(COLUMN_NAME,7) = %s"; 180 $columns = $this->db->get_row($this->db->prepare($sql, $table_name, '_siteid')); 181 //var_dump($columns); 182 $array1 = explode(DB_PREFIX, $table_name); 183 $tablename = $array1[1]; 184 if ($columns) { 185 $array2 = explode('_siteid', $columns->COLUMN_NAME); 186 $ms_tables[$tablename] = $array2[0]; 187 } 188 } 189 //define('MS_TABLES','return ' . var_export($ms_tables, 1) . ';'); 190 define('MS_TABLES',serialize($ms_tables)); 191 } 192 193 194 } else { 167 195 $siteid = 1; 168 // } 169 if (!defined('SITEID')) { 170 define('SITEID', $siteid); 171 if (!defined('CACHE')) { define("CACHE", BASE . "cache/" . $siteid . "/"); } 196 $siteurl = BASEURL; 197 } 198 199 if (!defined('SITEID')) { define('SITEID', $siteid); } 200 if (!defined('SITEURL')) { define("SITEURL", $siteurl); } 201 202 if (!defined('CACHE')) { 203 204 define("CACHE", BASE . "cache/" . $siteid . "/"); 172 205 173 206 $dirs = array('', 'debug_logs/' , 'db_cache/', 'css_js_cache/', 'html_cache/', 'rss_cache/', 'lang_cache/'); // first array item is needed to create the SITEID base folder … … 178 211 } 179 212 } 213 180 214 } 181 215 … … 256 290 /** 257 291 * Returns all site settings 258 * @param int $multisite - site id 259 * 260 * @return bool 261 */ 262 public function readSettings($multisite = 0) 263 { 264 if (!$multisite) { 265 $sql = "SELECT settings_name, settings_value FROM " . TABLE_SETTINGS; 266 $settings = $this->db->get_results($this->db->prepare($sql)); 267 } else { 268 $sql = "SELECT settings_name, settings_value FROM " . TABLE_SETTINGS . " WHERE settings_siteid = %d"; 269 $settings = $this->db->get_results($this->db->prepare($sql, $multisite)); 270 } 271 272 if(!$settings) { return false; } 273 292 * @param <int> $siteid 293 * 294 * @return <bool> 295 */ 296 public function readSettings() { 297 $sql = "SELECT settings_name, settings_value FROM " . TABLE_SETTINGS; 298 $settings = $this->db->get_results($this->db->prepare($sql)); 299 300 if(!$settings) { return false; } 301 274 302 // Make Hotaru settings global constants 275 303 foreach ($settings as $setting) 276 304 { 277 if (!defined($setting->settings_name)) { 278 define($setting->settings_name, $setting->settings_value);305 if (!defined($setting->settings_name)) { 306 if ($setting->settings_name != 'MULTI_SITE') { define($setting->settings_name, $setting->settings_value); } 279 307 } 280 308 } 281 309 282 310 return true; 283 311 } … … 332 360 { 333 361 // Start timer if debugging 334 $global_js_var = "jQuery('document').ready(function($) {BASE URL = '". BASEURL ."'; ADMIN_THEME = '" . ADMIN_THEME . "'; THEME = '" . THEME . "';});";362 $global_js_var = "jQuery('document').ready(function($) {BASE = '" . BASE . "'; BASEURL = '". SITEURL ."'; SITEURL = '". SITEURL ."'; ADMIN_THEME = '" . ADMIN_THEME . "'; THEME = '" . THEME . "';});"; 335 363 $JsConstantsFile = "css_js_cache/JavascriptConstants.js"; 336 364 -
trunk/libs/Language.php
r1896 r2080 125 125 } 126 126 127 // Look in the current theme for a language file... 128 $file = THEMES . THEME . 'languages/' . $filename . '_language.php'; 129 130 // check if this language is already cached 131 if ($this->checkLanguageCached($h, $file)) { 132 return true; 133 } 134 135 if (file_exists($file)) { 136 $this->addLanguageFile($h, $file); 137 } 127 // check the current theme for a language file, then the default theme... 128 129 $files = array( 130 THEMES . THEME . 'languages/' . $filename . '_language.php', 131 THEMES . $h->pageHandling->default . 'languages/' . $filename . '_language.php' 132 ); 133 134 foreach ($files as $file) 135 { 136 // check if this language is already cached 137 if ($this->checkLanguageCached($h, $file)) { 138 return true; 139 } 140 141 if (file_exists($file)) { 142 $this->addLanguageFile($h, $file); 143 return true; 144 } 145 } 138 146 } 139 147 -
trunk/libs/Maintenance.php
r1896 r2080 165 165 public function emptyTable($h, $table_name, $msg = true) 166 166 { 167 $h->db->query(" TRUNCATE TABLE" . $table_name);167 $h->db->query("DELETE FROM " . $table_name); 168 168 169 169 if ($msg) { … … 222 222 { 223 223 // site closed and access not granted 224 echo "<HTML>\n<HEAD>\n"; 225 echo "<link rel='stylesheet' href='" . BASEURL . "content/themes/" . THEME . "css/style.css' type='text/css'>\n"; 224 echo "<HTML id='site_closed_body'>\n<HEAD>\n"; 225 226 // include current theme style and default style 227 if (file_exists(BASE . 'content/themes/' . $h->pageHandling->default . 'css/style.css')) { 228 echo "<link rel='stylesheet' href='" . SITEURL . "content/themes/" . $h->pageHandling->default . "css/style.css' type='text/css'>\n"; 229 } 230 if (file_exists(BASE . 'content/themes/' . THEME . 'css/style.css')) { 231 echo "<link rel='stylesheet' href='" . SITEURL . "content/themes/" . THEME . "css/style.css' type='text/css'>\n"; 232 } 226 233 echo "</HEAD>\n<BODY>\n"; 227 234 echo "<div id='site_closed'>\n"; … … 236 243 // show default maintenance page: 237 244 echo $lang['main_hotaru_site_closed']; 238 echo "<br /><span id='site_closed_admin_link'>[<a href='" . BASEURL . "admin_index.php?page=admin_login'>Admin Login</a>]</span>";245 echo "<br /><span id='site_closed_admin_link'>[<a href='" . SITEURL . "admin_index.php?page=admin_login'>Admin Login</a>]</span>"; 239 246 } 240 247 -
trunk/libs/PageHandling.php
r1896 r2080 26 26 class PageHandling 27 27 { 28 protected $default = 'default/'; 29 protected $adminDefault = 'admin_default/'; 30 31 32 /** 33 * Access modifier to set protected properties 34 */ 35 public function __set($var, $val) 36 { 37 $this->$var = $val; 38 } 39 40 41 /** 42 * Access modifier to get protected properties 43 * The & is necessary (http://bugs.php.net/bug.php?id=39449) 44 */ 45 public function &__get($var) 46 { 47 return $this->$var; 48 } 49 50 28 51 /** 29 52 * Set the homepage (and set page name) … … 39 62 if (!$h->pageName) { 40 63 $h->pageName = $pagename; // force pageName (optional) 64 } 65 } 66 67 68 /** 69 * Test if the current url is the *true* homepage, i.e. equal to SITEURL 70 * 71 * @return bool 72 */ 73 public function isHome($h) 74 { 75 if ($h->pageName != $h->home) { return false; } 76 77 /* Sometimes $h->home is not unique. E.g. if $h->home is "popular", then 78 a category page filtered to popular will match $h->home. We need to test 79 for the true home page. If it's the true homepage, the current url will 80 match either SITEURL, or SITEURL + index.php */ 81 82 // get full url from address bar 83 $host = $h->cage->server->sanitizeTags('HTTP_HOST'); 84 $uri = $h->cage->server->sanitizeTags('REQUEST_URI'); 85 $path = "http://" . $host . $uri; 86 87 switch ($path) { 88 case BASEURL: 89 case BASEURL . 'index.php': 90 return true; 91 break; 92 default: 93 return false; 41 94 } 42 95 } … … 192 245 193 246 if ($h->isAdmin) { 194 $themes = ADMIN_THEMES; $theme = ADMIN_THEME; 247 $themes = ADMIN_THEMES; 248 $theme = ADMIN_THEME; 249 $default = $this->adminDefault; 195 250 } else { 196 $themes = THEMES; $theme = THEME; 251 $themes = THEMES; 252 $theme = THEME; 253 $default = $this->default; 197 254 } 198 255 … … 215 272 } 216 273 } 217 elseif (file_exists($themes . 'default/'. $page))274 elseif (file_exists($themes . $default . $page)) 218 275 { 219 276 if (!$include_once) { 220 277 // Special case, do not restrict to include once. 221 include($themes . 'default/'. $page);222 } else { 223 include_once($themes . 'default/'. $page);278 include($themes . $default . $page); 279 } else { 280 include_once($themes . $default . $page); 224 281 } 225 282 } … … 258 315 259 316 if ($head == 'index') { 260 $url = BASEURL . 'index.php?';317 $url = SITEURL . 'index.php?'; 261 318 } elseif ($head == 'admin') { 262 $url = BASEURL . 'admin_index.php?';319 $url = SITEURL . 'admin_index.php?'; 263 320 } else { 264 321 // Error. $head must be index or admin … … 280 337 281 338 if ($head == 'index') { 282 $url = BASEURL;339 $url = SITEURL; 283 340 } elseif ($head == 'admin') { 284 $url = BASEURL . 'admin/';285 } else { 286 $url = BASEURL . $head . '/';341 $url = SITEURL . 'admin/'; 342 } else { 343 $url = SITEURL . $head . '/'; 287 344 } 288 345 … … 361 418 the one we have because it's already standard. */ 362 419 363 if ($path == BASEURL || strrpos($path, $head)) { return $path; }364 365 // strip off BASEURL and trailing slash366 $url = str_replace( BASEURL, '', $friendly_url);420 if ($path == SITEURL || strrpos($path, $head)) { return $path; } 421 422 // strip off SITEURL and trailing slash 423 $url = str_replace(SITEURL, '', $friendly_url); 367 424 $url = rtrim($url, '/'); 368 425 369 426 // start the standard url 370 $standard_url = BASEURL . $head;427 $standard_url = SITEURL . $head; 371 428 372 429 // parts will hold the query vars -
trunk/libs/Paginator.php
r1896 r2080 102 102 103 103 // if it doesn't contain $head, then it must be a friendly url 104 if ($path != BASEURL && !strrpos($path, $head)) {104 if ($path != SITEURL && !strrpos($path, $head)) { 105 105 $path = $this->friendlyToStandardUrl($path, $head, $h); 106 106 } 107 107 108 108 // add the head if we're on the top page (which doesn't have index.php attached) 109 if ($path == BASEURL) { $path = BASEURL . $head; }109 if ($path == SITEURL) { $path = SITEURL . $head; } 110 110 111 111 // But, for pagination, we can't just add pg=8 etc to the url because there's … … 208 208 public function friendlyToStandardUrl($url, $head, $h) 209 209 { 210 // strip off BASEURL and trailing slash211 $url = str_replace( BASEURL, '', $url);210 // strip off SITEURL and trailing slash 211 $url = str_replace(SITEURL, '', $url); 212 212 $url = rtrim($url, '/'); 213 213 214 214 // start the standard url 215 $standard_url = BASEURL . $head;215 $standard_url = SITEURL . $head; 216 216 217 217 // parts will hold the query vars -
trunk/libs/PluginFunctions.php
r1896 r2080 343 343 344 344 if (!isset($h->vars['all_plugin_hooks'])) { 345 $sql = "SELECT plugin_folder, plugin_hook FROM " . TABLE_PLUGINHOOKS ;346 $h->vars['all_plugin_hooks'] = $h->db->get_results($h->db->prepare($sql ));345 $sql = "SELECT plugin_folder, plugin_hook FROM " . TABLE_PLUGINHOOKS . " WHERE plugin_hook = %s"; 346 $h->vars['all_plugin_hooks'] = $h->db->get_results($h->db->prepare($sql, 'admin_plugin_settings')); 347 347 } 348 349 foreach ($h->vars['all_plugin_hooks'] as $item => $key) {350 if (($key->plugin_folder == $folder)351 && $key->plugin_hook == 'admin_plugin_settings') {352 return true;353 } 354 }355 348 349 if ($h->vars['all_plugin_hooks']) { 350 foreach ($h->vars['all_plugin_hooks'] as $item => $key) { 351 if (($key->plugin_folder == $folder) && $key->plugin_hook == 'admin_plugin_settings') { 352 return true; 353 } 354 } 355 } 356 356 return false; 357 357 } -
trunk/libs/PluginManagement.php
r1896 r2080 37 37 */ 38 38 public function getPlugins($h) 39 { 39 { 40 40 $plugins_array = $this->getPluginsMeta(); 41 41 $count = 0; … … 100 100 // Conditions for "active"... 101 101 if (($allplugins[$count]['status'] == 'active') && ($allplugins[$count]['install'] == 'install')) { 102 $allplugins[$count]['active'] = "<img src='" . BASEURL . "content/admin_themes/" . ADMIN_THEME . "images/active_16.png'></a>";102 $allplugins[$count]['active'] = "<img src='" . SITEURL . "content/admin_themes/" . ADMIN_THEME . "images/active_16.png'></a>"; 103 103 } elseif (($allplugins[$count]['status'] == 'inactive') && ($allplugins[$count]['install'] == 'install')) { 104 $allplugins[$count]['active'] = "<img src='" . BASEURL . "content/admin_themes/" . ADMIN_THEME . "images/inactive_16.png'></a>";104 $allplugins[$count]['active'] = "<img src='" . SITEURL . "content/admin_themes/" . ADMIN_THEME . "images/inactive_16.png'></a>"; 105 105 } elseif ($allplugins[$count]['status'] == 'active') { 106 $allplugins[$count]['active'] = "<a href='" . BASEURL;106 $allplugins[$count]['active'] = "<a href='" . SITEURL; 107 107 $allplugins[$count]['active'] .= "admin_index.php?page=plugin_management&action=deactivate&plugin="; 108 108 $allplugins[$count]['active'] .= $allplugins[$count]['folder'] . "'>"; 109 $allplugins[$count]['active'] .= "<img src='" . BASEURL . "content/admin_themes/" . ADMIN_THEME . "images/active_16.png'></a>";109 $allplugins[$count]['active'] .= "<img src='" . SITEURL . "content/admin_themes/" . ADMIN_THEME . "images/active_16.png'></a>"; 110 110 } else { 111 $allplugins[$count]['active'] = "<a href='" . BASEURL;111 $allplugins[$count]['active'] = "<a href='" . SITEURL; 112 112 $allplugins[$count]['active'] .= "admin_index.php?page=plugin_management&action=activate&plugin="; 113 113 $allplugins[$count]['active'] .= $allplugins[$count]['folder'] . "'>"; 114 $allplugins[$count]['active'] .= "<img src='" . BASEURL . "content/admin_themes/" . ADMIN_THEME . "images/inactive_16.png'></a>";114 $allplugins[$count]['active'] .= "<img src='" . SITEURL . "content/admin_themes/" . ADMIN_THEME . "images/inactive_16.png'></a>"; 115 115 } 116 116 … … 118 118 // Conditions for "install"... 119 119 if ($allplugins[$count]['install'] == 'install') { 120 $allplugins[$count]['install'] = "<a href='" . BASEURL . "admin_index.php?page=plugin_management&action=install&plugin=". $allplugins[$count]['folder'] . "'><img src='" . BASEURL . "content/admin_themes/" . ADMIN_THEME . "images/install_16.png'></a>";120 $allplugins[$count]['install'] = "<a href='" . SITEURL . "admin_index.php?page=plugin_management&action=install&plugin=". $allplugins[$count]['folder'] . "'><img src='" . SITEURL . "content/admin_themes/" . ADMIN_THEME . "images/install_16.png'></a>"; 121 121 } else { 122 $allplugins[$count]['install'] = "<a href='" . BASEURL . "admin_index.php?page=plugin_management&action=uninstall&plugin=". $allplugins[$count]['folder'] . "'><img src='" . BASEURL . "content/admin_themes/" . ADMIN_THEME . "images/uninstall_16.png'></a>";122 $allplugins[$count]['install'] = "<a href='" . SITEURL . "admin_index.php?page=plugin_management&action=uninstall&plugin=". $allplugins[$count]['folder'] . "'><img src='" . SITEURL . "content/admin_themes/" . ADMIN_THEME . "images/uninstall_16.png'></a>"; 123 123 } 124 124 … … 146 146 if ($allplugins[$count]['order'] != 0) { 147 147 $order = $allplugins[$count]['order']; 148 $allplugins[$count]['order_output'] = "<a href='" . BASEURL;148 $allplugins[$count]['order_output'] = "<a href='" . SITEURL; 149 149 $allplugins[$count]['order_output'] .= "admin_index.php?page=plugin_management&"; 150 150 $allplugins[$count]['order_output'] .= "action=orderup&plugin=". $allplugins[$count]['folder']; 151 151 $allplugins[$count]['order_output'] .= "&order=" . $order . "'>"; 152 $allplugins[$count]['order_output'] .= "<img src='" . BASEURL . "content/admin_themes/" . ADMIN_THEME . "images/up_12.png'>";153 $allplugins[$count]['order_output'] .= "</a> \n <a href='" . BASEURL;152 $allplugins[$count]['order_output'] .= "<img src='" . SITEURL . "content/admin_themes/" . ADMIN_THEME . "images/up_12.png'>"; 153 $allplugins[$count]['order_output'] .= "</a> \n <a href='" . SITEURL; 154 154 $allplugins[$count]['order_output'] .= "admin_index.php?page=plugin_management&"; 155 155 $allplugins[$count]['order_output'] .= "action=orderdown&plugin=". $allplugins[$count]['folder']; 156 156 $allplugins[$count]['order_output'] .= "&order=" . $order . "'>"; 157 $allplugins[$count]['order_output'] .= "<img src='" . BASEURL . "content/admin_themes/" . ADMIN_THEME . "images/down_12.png'>";157 $allplugins[$count]['order_output'] .= "<img src='" . SITEURL . "content/admin_themes/" . ADMIN_THEME . "images/down_12.png'>"; 158 158 $allplugins[$count]['order_output'] .= "</a>\n"; 159 159 } else { … … 373 373 */ 374 374 public function addPluginHooks($h) 375 { 375 { 376 376 $values = ''; 377 377 $pvalues = array(); 378 378 $pvalues[0] = "temp"; // will be filled with $sql 379 379 380 380 foreach ($h->plugin->hooks as $hook) 381 381 { … … 428 428 $h->clearCache('lang_cache', false); 429 429 430 $h->db->query(" TRUNCATE TABLE" . TABLE_PLUGINS);431 $h->db->query(" TRUNCATE TABLE" . TABLE_PLUGINHOOKS);430 $h->db->query("DELETE FROM " . TABLE_PLUGINS); 431 $h->db->query("DELETE FROM " . TABLE_PLUGINHOOKS); 432 432 433 433 $h->messages[$h->lang["admin_plugins_uninstall_all_done"]] = 'green'; … … 523 523 public function sortPluginHooks($h) 524 524 { 525 $sql = "SELECT p.plugin_folder, p.plugin_order, p.plugin_id, h.* FROM " . TABLE_PLUGINHOOKS . " h, " . TABLE_PLUGINS . " p WHERE p.plugin_folder = h.plugin_folder ORDER BY p.plugin_order ASC"; 526 $rows = $h->db->get_results($h->db->prepare($sql)); 527 528 // Drop and recreate the pluginhooks table, i.e. empty it. 529 $h->db->query($h->db->prepare("TRUNCATE TABLE " . TABLE_PLUGINHOOKS)); 525 $sql = "SELECT p.plugin_folder, p.plugin_order, p.plugin_id, h.* FROM " . TABLE_PLUGINHOOKS . " h LEFT OUTER JOIN " . TABLE_PLUGINS. " p ON h.plugin_folder= p.plugin_folder AND p.plugin_siteid = %d WHERE h.pluginhooks_siteid = %d ORDER BY p.plugin_order ASC"; 526 $rows = $h->db->get_results($h->db->prepare($sql, SITEID, SITEID)); 527 528 // check if we need to truncate the table because the phook_id is dangerously big 529 if ($rows[0]->phook_id > 999999999999999) { //15 digits although the column is int(20) 530 $this->rebuildPluginHooksTable($h); 531 return true; 532 } 533 534 // Remove all hooks for this site 535 $h->db->query($h->db->prepare("DELETE FROM " . TABLE_PLUGINHOOKS)); 530 536 531 537 $values = ''; … … 549 555 } 550 556 557 558 /** 559 * Get all pluginhooks, truncate the table and refill it, therefore refreshing phook_ids 560 */ 561 public function rebuildPluginHooksTable($h) 562 { 563 $sql = "SELECT p.plugin_folder, p.plugin_order, p.plugin_id, h.* FROM " . TABLE_PLUGINHOOKS . " h LEFT OUTER JOIN " . TABLE_PLUGINS. " p ON h.plugin_folder = p.plugin_folder AND p.plugin_siteid = h.pluginhooks_siteid ORDER BY p.plugin_order ASC"; 564 $rows = $h->db->get_results($h->db->prepare($sql)); 565 566 // Drop and recreate the pluginhooks table, i.e. empty it. 567 $h->db->query($h->db->prepare("TRUNCATE TABLE " . TABLE_PLUGINHOOKS)); 568 569 $values = ''; 570 $pvalues = array(); 571 $pvalues[0] = "temp"; // will be filled with $sql 572 573 // Add plugin hooks back into the hooks table 574 if ($rows) { 575 foreach ($rows as $row) 576 { 577 $values .= "(%s, %s, %d, %d), "; 578 array_push($pvalues, $row->plugin_folder); 579 array_push($pvalues, $row->plugin_hook); 580 array_push($pvalues, $h->currentUser->id); 581 array_push($pvalues, $row->pluginhooks_siteid); 582 } 583 584 $values = rstrtrim($values, ", "); // strip off trailing comma 585 $pvalues[0] = "INSERT INTO " . TABLE_PLUGINHOOKS . " (plugin_folder, plugin_hook, plugin_updateby, pluginhooks_siteid) VALUES " . $values; 586 $h->db->query($h->db->prepare($pvalues)); 587 } 588 } 551 589 552 590 /** … … 575 613 * 576 614 * @param <type> $h 577 * @param <type> $folder578 * @param <type> $version579 615 */ 580 616 public function update($h) 581 617 { 618 $url = "http://hotaruplugins.com/zip/"; 582 619 $folder = $h->plugin->folder; 583 620 $version= $h->cage->get->getHtmLawed('version'); 584 585 //$folder = str_replace('_', '-', $folder);586 621 $findfolder = str_replace('_', '-', $folder); 587 588 $version = str_replace('.', '-', $version); 589 $url = "http://hotaruplugins.com/zip/"; 622 $version = str_replace('.', '-', $version); 590 623 $copydir = PLUGINS . $folder . "/"; 591 624 $file = $findfolder . "-" . $version . ".zip"; 592 593 // create a new CURL resource 625 //print "findfolder: ". $findfolder . '<br/>'; 626 //print "$file: ". $file . '<br/>'; 627 628 // get ftpsettings 629 $ftpserver = "api.hotarucms.org"; 630 $ftppath = "/public_html/api/content/"; 631 $ftpuser = "hotarorg"; 632 $ftppass = "pJp!AQ8&Y<Ge"; 633 634 635 $ftp_url = "ftp://" . $ftpuser . ":" . stripslashes($ftppass) . "@" . $ftpserver . $ftppath . $folder . "/" ; 636 637 // check that we can access the remote plugin repo site via curl 638 if ($this->fileCheckCurlConnection($url, $file) == 200) { 639 if ($write = is_writeable($copydir)) { 640 //print "we can use PHP<br/>"; 641 $this->filePhpWrite($h, $url, $file, $findfolder, $copydir); 642 } else { 643 //print "we will use FTP<br/>"; 644 $this->fileFtpWrite($h, $url, $ftp_url, $file, $findfolder, $copydir); 645 } 646 } else { 647 $h->messages[$h->lang['admin_theme_filecopy_permission_error']] = 'red'; 648 //$h->messages[$file . $h->lang['admin_theme_fileexist_error']] = 'red'; 649 } 650 651 // unzip 652 //print "checking if file exists " . PLUGINS . $folder . '/' . $file . '<br/>'; 653 if (file_exists( PLUGINS . $folder . '/' . $file)) { 654 //print "starting the unzip<br/>"; 655 if (!$write) { $this->fileFtpChmod($h, $ftp_url, $folder, '777'); } 656 657 658 // Should we rename old files first and then bring in new ? 659 660 661 $this->fileUnzip($h, $file, $copydir); 662 if (!$write) { $this->fileFtpChmod($h, $ftp_url, $folder, '755'); } 663 // delete zip file 664 if ($write) { 665 //print "we can use PHP<br/>"; 666 $this->filePhpDelete($h, $file, $copydir); 667 } else { 668 //print "we will use FTP<br/>"; 669 $this->fileFtpDelete($h, $ftp_url, $file, $copydir); 670 } 671 } else { 672 $h->messages[$h->lang['admin_theme_filecopy_error'] . $file] = 'red'; 673 } 674 } 675 676 677 public function fileCheckCurlConnection($url, $file) 678 { 679 // create a new CURL resource 594 680 $ch = curl_init(); 595 681 … … 600 686 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); 601 687 688 set_time_limit(30); # 30 seconds for PHP 689 curl_setopt($ch, CURLOPT_TIMEOUT, 30); # and also for CURL 690 691 //don't fetch the actual page, you only want to check the connection is ok 692 curl_setopt($ch, CURLOPT_NOBODY, true); 693 694 $zipfile = curl_exec($ch); 695 $statusCode = curl_getinfo($ch, CURLINFO_HTTP_CODE); 696 curl_close($ch); 697 698 //print 'checking directory is accesible: ' . $statusCode . '<br/>'; 699 700 return $statusCode; 701 } 702 703 704 public function filePhpWrite($h, $url, $file, $findfolder, $copydir ) 705 { 706 // create a new CURL resource 707 $ch = curl_init(); 708 709 // set URL and other appropriate options 710 curl_setopt($ch, CURLOPT_URL, $url . $file); 711 curl_setopt($ch, CURLOPT_HEADER, false); 712 curl_setopt($ch, CURLOPT_BINARYTRANSFER, true); 713 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); 714 602 715 set_time_limit(300); # 5 minutes for PHP 603 716 curl_setopt($ch, CURLOPT_TIMEOUT, 300); # and also for CURL … … 608 721 $zipfile = curl_exec($ch); 609 722 $statusCode = curl_getinfo($ch, CURLINFO_HTTP_CODE); 610 723 611 724 if ($statusCode == 200) { 612 725 613 726 if (is_writeable($copydir)) { 614 615 727 //reset this from above 616 728 curl_setopt($ch, CURLOPT_NOBODY, false); 617 729 $outfile = @fopen($copydir . $file, 'wb'); 618 730 curl_setopt($ch, CURLOPT_FILE, $outfile); 619 $handle =base64_encode(curl_exec ($ch)); 731 $handle =base64_encode(curl_exec ($ch)); 620 732 fclose($outfile); 621 622 733 if ($handle) { 623 734 $h->messages[$file . $h->lang['admin_theme_filecopy_success']] = 'green'; 624 625 require_once(EXTENSIONS . 'pclZip/pclzip.lib.php'); 626 $archive = new PclZip($copydir . $file); 627 628 if (($v_result_list = $archive->extract(PCLZIP_OPT_PATH, PLUGINS)) == 0) { 629 //die("Error : ".$archive->errorInfo(true)); 630 $h->messages[$h->lang['admin_theme_unzip_error'] . $file] = 'red'; 631 } else { 632 $h->messages[$file . $h->lang['admin_theme_unzip_success']] = 'green'; 633 } 634 635 @chmod($copydir . $file,666); 636 $deleted = @unlink($copydir . $file); 637 if (!$deleted) { 638 $h->messages[$file . $h->lang['admin_theme_zipdelete_error']] = 'yellow'; 639 } 640 641 } else { 642 $h->messages[$h->lang['admin_theme_filecopy_error'] . $file] = 'red'; 643 } 644 645 @chmod($copydir . $file,666); 646 $deleted = @unlink($copydir . $file); 647 if (!$deleted) { 648 //$h->messages[$file . $h->lang['admin_theme_zipdelete_error']] = 'yellow'; 649 } 650 735 } 651 736 } else { 652 $h->messages[$h->lang['admin_theme_filecopy_ permission_error']] = 'red';737 $h->messages[$h->lang['admin_theme_filecopy_error'] . $file] = 'red'; 653 738 } 739 } else { 740 $h->messages[$h->lang['admin_theme_fileexist_error'] . $file] = 'red'; 741 } 742 curl_close($ch); 743 } 744 745 public function fileUnzip($h, $file, $copydir) 746 { 747 $h->messages[$file . $h->lang['admin_theme_filecopy_success']] = 'green'; 748 749 require_once(EXTENSIONS . 'pclZip/pclzip.lib.php'); 750 $archive = new PclZip($copydir . $file); 751 752 if (($v_result_list = $archive->extract(PCLZIP_OPT_PATH, PLUGINS)) == 0) { 753 $h->messages[$h->lang['admin_theme_unzip_error'] . $file] = 'red'; 754 } else { 755 $h->messages[$file . $h->lang['admin_theme_unzip_success']] = 'green'; 756 } 757 } 758 759 public function filePhpDelete($h, $file, $copydir) 760 { 761 @chmod($copydir . $file,666); 762 $deleted = @unlink($copydir . $file); 763 if (!$deleted) { 764 $h->messages[$file . $h->lang['admin_theme_zipdelete_error']] = 'yellow'; 765 } 766 } 767 768 public function fileFtpChmod($h, $ftp_url, $folder, $permission) 769 {// print "start chmod for " . $ftp_url; 770 $ch = curl_init(); 771 curl_setopt($ch, CURLOPT_URL, $ftp_url); 772 curl_setopt($ch, CURLOPT_RETURNTRANSFER, false); 773 curl_setopt($ch, CURLOPT_POSTQUOTE, array("CHMOD " . $permission . ' ' . $folder)); 774 775 curl_exec($ch); 776 if ($error = curl_error($ch)) { 777 // write this to error log 778 echo "<br/>Error: $error<br />\n"; 779 } 780 $statusCode = curl_getinfo($ch, CURLINFO_HTTP_CODE); 781 782 // 250 comes from FTP error code saying action completed ok 783 if (!$statusCode == 250) { 784 print "problem"; 785 } 786 787 curl_close($ch); 788 } 789 790 public function fileFtpDelete($h, $ftp_url, $file, $copydir) 791 { 792 $ch = curl_init(); 793 curl_setopt($ch, CURLOPT_URL, $ftp_url . 'plugins/'); 794 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); 795 curl_setopt($ch, CURLOPT_POSTQUOTE, array("DELE " . $file)); 796 797 curl_exec($ch); 798 // if ($error = curl_error($ch)) { 799 // // write this to error log 800 // echo "<br/>Error: $error<br />\n"; 801 // } 802 $statusCode = curl_getinfo($ch, CURLINFO_HTTP_CODE); 803 804 // 250 comes from FTP error code saying action completed ok 805 if (!$statusCode == 250) { 806 $h->messages[$file . $h->lang['admin_theme_zipdelete_error']] = 'yellow'; 807 } 808 809 curl_close($ch); 810 } 811 812 public function fileFtpWrite($h, $url, $ftp_url, $file, $folder, $copydir) 813 { 814 $BUFF=""; 815 $ch = curl_init(); 816 817 print "Checking FTP at " . $url . " to get file " . $file. "<br/>"; 818 819 curl_setopt($ch, CURLOPT_URL, $url . $file); 820 // Set callback function for body 821 curl_setopt($ch, CURLOPT_WRITEFUNCTION, array($this, 'read_body')); 822 curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10); 823 824 curl_exec($ch); 825 $statusCode = curl_getinfo($ch, CURLINFO_HTTP_CODE); 826 827 if ($error = curl_error($ch)) { 828 $h->messages[$h->lang['admin_theme_filecopy_permission_error']] = 'red'; 829 echo "Error: $error<br />\n"; 830 } 831 832 print "<br/><br/>Trying to upload to: " .$ftp_url . 'plugins/' . $file; 833 834 curl_setopt($ch, CURLOPT_URL, $ftp_url . 'plugins/' .$file); 835 curl_setopt($ch, CURLOPT_UPLOAD, 1); 836 #curl_setopt($ch, CURLOPT_INFILE, 0); 837 curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5); 838 #curl_setopt($ch, CURLOPT_VERBOSE, 1); 839 curl_setopt ($ch, CURLOPT_READFUNCTION, array($this, 'write_function')); 840 841 // set size of the image, which isn't _mandatory_ but helps libcurl to do 842 // extra error checking on the upload. 843 #curl_setopt($ch, CURLOPT_INFILESIZE, filesize($localfile)); 844 845 curl_exec($ch); 846 $statusCode = curl_getinfo($ch, CURLINFO_HTTP_CODE); 847 848 if ($error = curl_error($ch)) { 849 $h->messages[$h->lang['admin_theme_filecopy_permission_error']] = 'red'; 850 echo "Error: $error<br />\n"; 851 } 852 853 curl_close($ch); 854 855 return $error; 856 } 857 858 public function write_function($handle, $fd, $length) 859 { 860 global $BUF; 861 $l = strlen($BUF); 862 if ( $l > $length ) { 863 $part = substr($BUF, 0, $length); 864 $BUF = substr($BUF, $length); 654 865 } else { 655 $h->messages[$file . $h->lang['admin_theme_fileexist_error']] = 'red'; 866 $part = $BUF; 867 $BUF = ""; 656 868 } 657 curl_close($ch); 869 870 echo "<br/>Sent $l bytes<br/>\n"; 871 return $part; 872 } 873 874 public function read_body($ch, $string) 875 { 876 global $BUF; 877 $length = strlen($string); 878 echo "Received $length bytes<br />\n"; 879 $BUF=$BUF.$string; 880 return $length; 658 881 } 659 882 … … 710 933 { // 0 = deactivate, 1 = activate 711 934 712 // if you want to activate, find all the inactive plugins and vice-versa: 713 if ($enabled == 0) { $active_plugins = $this->activePlugins($h->db, '*', 1); } 935 // if you want to deactivate, just go ahead and do it: 936 if ($enabled == 0) { 937 $sql = "UPDATE " . TABLE_PLUGINS . " SET plugin_enabled = %d, plugin_updateby = %d"; 938 $h->db->query($h->db->prepare($sql, $enabled, $h->currentUser->id)); 939 return false; 940 //$active_plugins = $this->activePlugins($h->db, '*', 1); 941 } 942 943 // if you want to activate, find all the inactive plugins 714 944 if ($enabled == 1) { $active_plugins = $this->activePlugins($h->db, '*', 0); } 715 945 -
trunk/libs/Post.php
r1896 r2080 39 39 protected $origUrl = ''; // original url for the submitted post 40 40 protected $domain = ''; // the domain of the submitted url 41 protected $url = ''; // post slug (needs BASEURL and category attached)41 protected $url = ''; // post slug (needs SITEURL and category attached) 42 42 protected $content = ''; // post description 43 43 protected $contentLength = 50; // default min characters for content … … 188 188 public function updatePost($h) 189 189 { 190 if ( strstr($this->origUrl, BASEURL)) {190 if (!$this->origUrl || strstr($this->origUrl, SITEURL)) { 191 191 // original url contains our base url, so it must be an "editorial" post. 192 192 // Therefore, it's essential we rebuild this source url to match the updated post title to avoid errors: 193 $this->origUrl = $h->url(array('page'=>$this->id)); // update the url with the real one 193 $this->origUrl = $h->url(array('page'=>$this->id)); // update the url with the real one 194 194 } 195 195 … … 203 203 $h->post->id = $this->id; // a small hack to get the id for use in plugins. 204 204 205 // Update tags in the Tags table: 206 require_once(LIBS . 'Tags.php'); 205 // Update tags in the Tags table: 207 206 $tags = new TagFunctions(); 208 207 $tags->deleteTags($h, $this->id); // delete existing tags … … 459 458 * Post stats 460 459 * 461 * @param string $stat_type 462 * @return int 460 * @return array 463 461 */ 464 462 public function stats($h, $stat_type = '') 465 463 { 466 464 switch ($stat_type) { 467 case 'total_posts': 468 $query = "SELECT count(post_id) FROM " . TABLE_POSTS; 469 $h->smartCache('on', 'posts', 60, $query); // start using cache 470 $posts = $h->db->get_var($query); 471 break; 472 case 'approved_posts': 473 $sql = "SELECT count(post_id) FROM " . TABLE_POSTS . " WHERE post_status = %s OR post_status = %s"; 474 $query = $h->db->prepare($sql, 'top', 'new'); 475 $h->smartCache('on', 'posts', 60, $query); // start using cache 476 $posts = $h->db->get_var($query); 477 break; 478 case 'pending_posts': 479 $sql = "SELECT count(post_id) FROM " . TABLE_POSTS . " WHERE post_status = %s"; 480 $query = $h->db->prepare($sql, 'pending'); 481 $h->smartCache('on', 'posts', 60, $query); // start using cache 482 $posts = $h->db->get_var($query); 483 break; 484 case 'buried_posts': 485 $sql = "SELECT count(post_id) FROM " . TABLE_POSTS . " WHERE post_status = %s"; 486 $query = $h->db->prepare($sql, 'buried'); 487 $h->smartCache('on', 'posts', 60, $query); // start using cache 488 $posts = $h->db->get_var($query); 489 break; 490 case 'archived_posts': 491 $sql = "SELECT count(post_id) FROM " . TABLE_POSTS . " WHERE post_archived = %s"; 492 $query = $h->db->prepare($sql, 'Y'); 493 $h->smartCache('on', 'posts', 60, $query); // start using cache 494 $posts = $h->db->get_var($query); 495 break; 496 default: 497 $posts = 0; 498 } 465 default: 466 $sql = "SELECT post_status, count(post_id) FROM " . TABLE_POSTS . " GROUP BY post_status"; 467 $query = $h->db->prepare($sql); 468 $h->smartCache('on', 'posts', 60, $query); // start using cache 469 $posts = $h->db->get_results($query, ARRAY_N); 470 break; 471 case 'archived': 472 $sql = "SELECT count(post_id) FROM " . TABLE_POSTS . " WHERE post_archived = %s"; 473 $query = $h->db->prepare($sql, 'Y'); 474 $h->smartCache('on', 'posts', 60, $query); // start using cache 475 $posts = $h->db->get_var($query); 476 break; 477 } 478 499 479 $h->smartCache('off'); // stop using cache 500 480 501 481 return $posts; 502 482 } -
trunk/libs/SystemInfo.php
r1896 r2080 119 119 120 120 121 /** 122 * 123 * @param <type> $search 124 */ 125 public function pluginSearch($h, $search) 126 { 127 $query_vals = array( 128 'api_key' => '', 129 'format' => 'json', 130 'method' => 'hotaru.plugin.search', 131 'args' => $search 132 ); 133 134 $plugins = $this->sendApiRequest($h, $query_vals, 'http://hotaruplugins.com/index.php?page=api'); 135 136 return $plugins; 137 } 138 139 /** 140 * 141 */ 142 public function pluginTagCloud($h, $number = 20) 143 { 144 $query_vals = array( 145 'api_key' => '', 146 'format' => 'json', 147 'method' => 'hotaru.plugin.tagcloud', 148 'args' => $number 149 ); 150 151 $result = $this->sendApiRequest($h, $query_vals, 'http://hotaruplugins.com/index.php?page=api'); 152 153 return $result; 154 } 155 156 157 /** 158 * 159 * @param <type> $query_vals 160 * @param <type> $url 161 * @return <type> 162 */ 121 163 public function sendApiRequest($h, $query_vals, $url) 122 164 { … … 138 180 return json_decode($response, true); 139 181 } 182 183 184 /** 185 * Get system data 186 * 187 * @param string $type 'log' or 'object' 188 * @return object 189 */ 190 public function getSystemData($h) 191 { 192 // essentials: 193 194 $report['hotaru_site_name'] = SITE_NAME; 195 $report['hotaru_SITEURL'] = SITEURL; 196 197 $report['php_version'] = phpversion(); 198 $report['mysql_version'] = $h->db->get_var("SELECT VERSION() AS VE"); 199 $report['hotaru_version'] = $h->version; 200 $report['php_extensions'] = get_loaded_extensions(); 201 202 $sql = "SELECT miscdata_value FROM " . TABLE_MISCDATA . " WHERE miscdata_key = %s"; 203 $report['hotaru_version_db'] = $h->db->get_var($h->db->prepare($sql, 'hotaru_version')); 204 205 // default permissions 206 207 $sql = "SELECT miscdata_value FROM " . TABLE_MISCDATA . " WHERE miscdata_key = %s"; 208 $report['hotaru_permissions'] = $h->db->get_var($h->db->prepare($sql, 'permissions')); 209 210 // default user settings 211 212 $sql = "SELECT miscdata_value FROM " . TABLE_MISCDATA . " WHERE miscdata_key = %s"; 213 $report['hotaru_user_settings'] = $h->db->get_var($h->db->prepare($sql, 'user_settings')); 214 215 // plugins: folder, enabled, version, order 216 217 $sql = "SELECT plugin_folder, plugin_enabled, plugin_version, plugin_order, plugin_latestversion FROM " . TABLE_PLUGINS . " ORDER BY plugin_order"; 218 $plugins = $h->db->get_results($h->db->prepare($sql)); 219 if ($plugins) { 220 foreach ($plugins as $plugin) { 221 $report['hotaru_plugins'][$plugin->plugin_folder]['enabled'] = $plugin->plugin_enabled; 222 $report['hotaru_plugins'][$plugin->plugin_folder]['version'] = $plugin->plugin_version; 223 $report['hotaru_plugins'][$plugin->plugin_folder]['order'] = $plugin->plugin_order; 224 $report['hotaru_plugins'][$plugin->plugin_folder]['plugin_latestversion'] = $plugin->plugin_latestversion; 225 } 226 } 227 228 // plugin hooks: id, folder, hook name 229 230 $sql = "SELECT phook_id, plugin_folder, plugin_hook FROM " . TABLE_PLUGINHOOKS; 231 $plugins = $h->db->get_results($h->db->prepare($sql)); 232 if ($plugins) { 233 foreach ($plugins as $plugin) { 234 $report['hotaru_plugin_hooks'][$plugin->phook_id]['folder'] = $plugin->plugin_folder; 235 $report['hotaru_plugin_hooks'][$plugin->phook_id]['hook'] = $plugin->plugin_hook; 236 } 237 } 238 239 // plugin settings: folder, setting (can't use value because might include passwords) 240 241 $sql = "SELECT plugin_folder, plugin_setting, plugin_value FROM " . TABLE_PLUGINSETTINGS; 242 $plugins = $h->db->get_results($h->db->prepare($sql)); 243 if ($plugins) { 244 foreach ($plugins as $plugin) { 245 if (is_serialized($plugin->plugin_value)) { $plugin->plugin_value = unserialize($plugin->plugin_value); } 246 $report['hotaru_plugin_settings'][$plugin->plugin_folder][$plugin->plugin_setting] = $this->applyMaskToArrays($h, $plugin->plugin_value); 247 } 248 } 249 250 // Settings: Name, value (excluding SMTP PASSWORD) 251 252 $sql = "SELECT settings_name, settings_value FROM " . TABLE_SETTINGS; 253 $settings = $h->db->get_results($h->db->prepare($sql)); 254 if ($settings) { 255 foreach ($settings as $setting) { 256 // mask sensitive data 257 switch ($setting->settings_name) { 258 case 'SITE_EMAIL': 259 case 'SMTP_HOST': 260 case 'SMTP_PORT': 261 case 'SMTP_USERNAME': 262 case 'SMTP_PASSWORD': 263 $setting->settings_value = preg_replace("/[a-zA-Z0-9]/", "*", $setting->settings_value); 264 break; 265 } 266 $report['hotaru_settings'][$setting->settings_name] = $setting->settings_value; 267 } 268 } 269 270 // Widgets: plugin, function, args 271 272 $sql = "SELECT widget_plugin, widget_function, widget_args FROM " . TABLE_WIDGETS; 273 $widgets = $h->db->get_results($h->db->prepare($sql)); 274 if ($widgets) { 275 foreach ($widgets as $widget) { 276 $report['hotaru_widgets'][$widget->widget_plugin]['function'] = $widget->widget_function; 277 $report['hotaru_widgets'][$widget->widget_plugin]['args'] = $widget->widget_args; 278 } 279 } 280 281 // Counts for all tables 282 283 foreach ( $h->db->get_col("SHOW TABLES",0) as $table_name ) 284 { 285 $report['hotaru_table_count'][$table_name] = $h->db->get_var("SELECT COUNT(*) FROM " . $table_name); 286 } 287 288 return $report; 289 } 290 291 292 /** 293 * Recurse through arrays, applying * mask to all values, but not keys 294 * 295 * @param array $array 296 * @return array 297 */ 298 public function applyMaskToArrays($h, $array) 299 { 300 //echo "<pre>"; print_r($array); echo "</pre>"; exit; 301 if (!is_array($array) && !is_object($array)) { return false; } 302 303 foreach ($array as $key => $value) { 304 if (is_array($value) || is_object($value)) { 305 $array[$key] = $this->applyMaskToArrays($h, $value); 306 } else { 307 $array[$key] = preg_replace("/[a-zA-Z0-9]/", "*", $value); 308 } 309 } 310 return $array; 311 } 312 313 314 /** 315 * Convert report object to text for logging to file 316 * 317 * @param object $report 318 */ 319 public function logSystemReport($h, $report = NULL) 320 { 321 $output = "\n\n"; 322 323 $output .= "Name: " . $report['hotaru_site_name'] . "\n"; 324 $output .= "URL: " . $report['hotaru_SITEURL'] . "\n"; 325 $output .= "Hotaru version: " . $report['hotaru_version'] . "\n"; 326 $output .= "Hotaru version in database: " . $report['hotaru_version_db'] . "\n"; 327 $output .= "PHP version: " . $report['php_version'] . "\n"; 328 $output .= "MySQL version: " . $report['mysql_version'] . "\n"; 329 $output .= "PHP extensions: " . implode(', ', $report['php_extensions']) . "\n"; 330 331 $output .= "\n"; 332 333 $output .= "Default site permissions: \n"; 334 $perms = unserialize($report['hotaru_permissions']); 335 unset($perms['options']); // don't need to display these 336 foreach ($perms as $key => $value) { 337 $output .= $key . " => ("; 338 foreach ($value as $k => $v) { 339 $output .= $k . ": " . $v . ", "; 340 } 341 $output = rtrim($output, ", "); 342 $output .= ")\n"; 343 } 344 345 $output .= "\n"; 346 347 $output .= "Default user settings: \n"; 348 $user_settings = unserialize($report['hotaru_user_settings']); 349 foreach ($user_settings as $key => $value) { 350 $output .= $key . " => " . $value . "\n"; 351 } 352 353 $output .= "\n"; 354 355 $output .= "Plugins: \n"; 356 if (isset($report['hotaru_plugins'])) { 357 foreach ($report['hotaru_plugins'] as $key => $value) { 358 $output .= $value['order'] . ". " . $key . " v." . $value['version'] . " "; 359 $output .= " (" . $value['plugin_latestversion'] .") "; 360 if ($value['enabled']) { $output .= "[enabled] \n"; } else { $output .= "[disabled] \n"; } 361 } 362 } 363 $output .= "\n(Number in brackets above denotes latest versions available at HotaruCMS.org)\n"; 364 365 $output .= "\n"; 366 367 $output .= "Plugin Hooks: \n"; 368 if (isset($report['hotaru_plugin_hooks'])) { 369 foreach ($report['hotaru_plugin_hooks'] as $key => $value) { 370 $output .= $key . ". " . $value['folder'] . " => " . $value['hook'] . " \n"; 371 } 372 } 373 374 $output .= "\n"; 375 376 $output .= "Plugin Settings: \n"; 377 if (isset($report['hotaru_plugin_settings'])) { 378 foreach ($report['hotaru_plugin_settings'] as $key => $value) { 379 foreach ($value as $k => $v) { 380 if (!is_array($v)) { 381 $output .= "\nPlugin settings for " . $key . ":\n...." . $k . " = " . $v . " \n"; 382 } else { 383 $output .= "\nPlugin settings for " . $key . ":\n"; 384 $output = $this->outputArrays($h, $v, $output); 385 } 386 } 387 } 388 } 389 390 $output .= "\n"; 391 392 $output .= "Hotaru Settings: \n"; 393 if (isset($report['hotaru_settings'])) { 394 foreach ($report['hotaru_settings'] as $key => $value) { 395 $output .= $key . " => " . $value . " \n"; 396 } 397 } 398 399 $output .= "\n"; 400 401 $output .= "Widgets: \n"; 402 if (isset($report['hotaru_widgets'])) { 403 foreach ($report['hotaru_widgets'] as $key => $value) { 404 $output .= $key . " => " . $value['function']; 405 if ($value['args']) { $output .= " (args: " . $value['args'] . ")"; } 406 $output .= "\n"; 407 } 408 } 409 410 $output .= "\n"; 411 412 $output .= "Number of rows in each table: \n"; 413 if (isset($report['hotaru_table_count'])) { 414 foreach ($report['hotaru_table_count'] as $key => $value) { 415 $output .= $key . " => " . $value . " \n"; 416 } 417 } 418 419 return $output; 420 } 421 422 423 /** 424 * Recurse through arrays, adding them to $output for display 425 * 426 * @param array $array 427 * @return array 428 */ 429 public function outputArrays($h, $array = array(), $output = '') 430 { 431 if (!is_array($array) && !is_object($array)) { return $output; } 432 433 foreach ($array as $key => $value) { 434 if (is_array($value) || is_object($array)) { 435 $output .= "..... " . $key . ":\n"; 436 $output = $this->outputArrays($h, $value, $output); 437 } else { 438 $output .= "..... " . $key . ": " . $value . " \n"; 439 } 440 } 441 return $output; 442 } 140 443 } 141 444 ?> -
trunk/libs/Trackback.php
r1896 r2080 46 46 // we don't want friendly urls in case the title or category is edited after submission, thus 47 47 // changing and therefore breaking the trackback link posted on other sites. So... 48 $url = BASEURL . 'index.php?page=' . $h->post->id;48 $url = SITEURL . 'index.php?page=' . $h->post->id; 49 49 50 50 if ($this->ping($h, $trackback, $url, $title, $excerpt)) { -
trunk/libs/UserActivity.php
r1896 r2080 45 45 $sql = "SELECT " . $select . " FROM " . TABLE_USERACTIVITY . " WHERE useract_archived = %s AND useract_status = %s ORDER BY useract_date DESC " . $limit; 46 46 $query = $h->db->prepare($sql, 'N', 'show'); 47 if ($type == 'query') { return $query; } 47 48 $result = ($type == 'count') ? $h->db->get_var($query) : $h->db->get_results($query); 48 49 } … … 51 52 $sql = "SELECT " . $select . " FROM " . TABLE_USERACTIVITY . " WHERE useract_archived = %s AND useract_status = %s AND useract_userid = %d ORDER BY useract_date DESC " . $limit; 52 53 $query = $h->db->prepare($sql, 'N', 'show', $userid); 54 if ($type == 'query') { return $query; } 53 55 $result = ($type == 'count') ? $h->db->get_var($query) : $h->db->get_results($query); 54 56 } 55 56 if ($type == 'query') { return $query; }57 57 58 58 if ($result) { return $result; } else { return false; } -
trunk/libs/UserAuth.php
r1896 r2080 43 43 $user_info=explode(":", base64_decode($h->cage->cookie->getRaw('hotaru_key'))); 44 44 45 if (($h_user != $user_info[0]) || ($h->currentUser->generateHash($h_user, md5( BASEURL)) != $user_info[1])) {45 if (($h_user != $user_info[0]) || ($h->currentUser->generateHash($h_user, md5(SITEURL)) != $user_info[1])) { 46 46 $this->setLoggedOutUser($h); 47 47 return false; … … 207 207 $strCookie=base64_encode( 208 208 join(':', array($this->name, 209 $h->currentUser->generateHash($this->name, md5( BASEURL)),209 $h->currentUser->generateHash($this->name, md5(SITEURL)), 210 210 md5($this->password))) 211 211 ); … … 218 218 } 219 219 220 if (strpos( BASEURL, "localhost") !== false) {220 if (strpos(SITEURL, "localhost") !== false) { 221 221 setcookie("hotaru_user", $this->name, $month, "/"); 222 222 setcookie("hotaru_key", $strCookie, $month, "/"); 223 223 } else { 224 $parsed = parse_url( BASEURL);224 $parsed = parse_url(SITEURL); 225 225 226 226 // now we need a dot in front of that so cookies work across subdomains: … … 240 240 // setting a cookie with a negative time expires it 241 241 242 if (strpos( BASEURL, "localhost") !== false) {242 if (strpos(SITEURL, "localhost") !== false) { 243 243 setcookie("hotaru_user", "", time()-3600, "/"); 244 244 setcookie("hotaru_key", "", time()-3600, "/"); 245 245 } else { 246 $parsed = parse_url( BASEURL);246 $parsed = parse_url(SITEURL); 247 247 248 248 // now we need a dot in front of that so cookies are cleared across subdomains: … … 485 485 486 486 if ($h->isActive('signin')) { 487 $url = BASEURL . 'index.php?page=login&plugin=user_signin&userid=' . $userid . '&passconf=' . $pass_conf;487 $url = SITEURL . 'index.php?page=login&plugin=user_signin&userid=' . $userid . '&passconf=' . $pass_conf; 488 488 } else { 489 $url = BASEURL . 'admin_index.php?page=admin_login&userid=' . $userid . '&passconf=' . $pass_conf;489 $url = SITEURL . 'admin_index.php?page=admin_login&userid=' . $userid . '&passconf=' . $pass_conf; 490 490 } 491 491 … … 535 535 536 536 if ($h->isActive('signin')) { 537 $url = BASEURL . 'index.php?page=login&plugin=user_signin';537 $url = SITEURL . 'index.php?page=login&plugin=user_signin'; 538 538 } else { 539 $url = BASEURL . 'admin_index.php?page=admin_login';539 $url = SITEURL . 'admin_index.php?page=admin_login'; 540 540 } 541 541 -
trunk/libs/UserInfo.php
r1896 r2080 312 312 * @return int 313 313 */ 314 public function stats($h, $stat_type = '') 315 { 316 switch ($stat_type) { 317 case 'admins': 318 $sql = "SELECT count(user_id) FROM " . TABLE_USERS . " WHERE user_role = %s"; 319 $query = $h->db->prepare($sql, 'admin'); 320 $h->smartCache('on', 'users', 60, $query); // start using cache 321 $users = $h->db->get_var($query); 322 break; 323 case 'supermods': 324 $sql = "SELECT count(user_id) FROM " . TABLE_USERS . " WHERE user_role = %s"; 325 $query = $h->db->prepare($sql, 'supermod'); 326 $h->smartCache('on', 'users', 60, $query); // start using cache 327 $users = $h->db->get_var($query); 328 break; 329 case 'moderators': 330 $sql = "SELECT count(user_id) FROM " . TABLE_USERS . " WHERE user_role = %s"; 331 $query = $h->db->prepare($sql, 'moderator'); 332 $h->smartCache('on', 'users', 60, $query); // start using cache 333 $users = $h->db->get_var($query); 334 break; 335 case 'members': 336 $sql = "SELECT count(user_id) FROM " . TABLE_USERS . " WHERE user_role = %s"; 337 $query = $h->db->prepare($sql, 'member'); 338 $h->smartCache('on', 'users', 60, $query); // start using cache 339 $users = $h->db->get_var($query); 340 break; 341 case 'total_users': 342 $query = "SELECT count(user_id) FROM " . TABLE_USERS; 343 $h->smartCache('on', 'users', 60, $query); // start using cache 344 $users = $h->db->get_var($query); 345 break; 346 case 'approved_users': 347 $sql = "SELECT count(user_id) FROM " . TABLE_USERS . " WHERE user_role = %s OR user_role = %s OR user_role = %s OR user_role = %s"; 348 $query = $h->db->prepare($sql, 'admin', 'supermod', 'moderator', 'member'); 349 $h->smartCache('on', 'users', 60, $query); // start using cache 350 $users = $h->db->get_var($query); 351 break; 352 case 'pending_users': 353 $sql = "SELECT count(user_id) FROM " . TABLE_USERS . " WHERE user_role = %s"; 354 $query = $h->db->prepare($sql, 'pending'); 355 $h->smartCache('on', 'users', 60, $query); // start using cache 356 $users = $h->db->get_var($query); 357 break; 358 case 'undermod_users': 359 $sql = "SELECT count(user_id) FROM " . TABLE_USERS . " WHERE user_role = %s"; 360 $query = $h->db->prepare($sql, 'undermod'); 361 $h->smartCache('on', 'users', 60, $query); // start using cache 362 $users = $h->db->get_var($query); 363 break; 364 case 'banned_users': 365 $sql = "SELECT count(user_id) FROM " . TABLE_USERS . " WHERE user_role = %s"; 366 $query = $h->db->prepare($sql, 'banned'); 367 $h->smartCache('on', 'users', 60, $query); // start using cache 368 $users = $h->db->get_var($query); 369 break; 370 case 'killspammed_users': 371 $sql = "SELECT count(user_id) FROM " . TABLE_USERS . " WHERE user_role = %s"; 372 $query = $h->db->prepare($sql, 'killspammed'); 373 $h->smartCache('on', 'users', 60, $query); // start using cache 374 $users = $h->db->get_var($query); 375 break; 376 default: 377 $users = 0; 378 } 314 public function stats($h) 315 { 316 $sql = "SELECT user_role, count(user_id) FROM " . TABLE_USERS . " GROUP BY user_role"; 317 $query = $h->db->prepare($sql); 318 $h->smartCache('on', 'users', 60, $query); // start using cache 319 $users = $h->db->get_results($query, ARRAY_N); 379 320 $h->smartCache('off'); // stop using cache 380 321 -
trunk/libs/extensions/GenericPHPConfig/class.metadata.php
r1896 r2080 200 200 # pattern, but allow shortened lines (missing spaces after # or *) 201 201 preg_match("_^([*#/ ]+)\w+( \w+)?:_m", $src, $uu); 202 $n = strlen($uu[1]); 203 $src = preg_replace("_^[*#/ ]{0,$n}_m", "", $src); 204 205 return($src); 202 if ($uu) { 203 $n = strlen($uu[1]); 204 $src = preg_replace("_^[*#/ ]{0,$n}_m", "", $src); 205 return($src); 206 } 207 return false; 206 208 } 207 209 -
trunk/libs/extensions/Inspekt/Inspekt.php
r1896 r2080 866 866 $value = str_replace($locale['decimal_point'], '.', $value); 867 867 $value = str_replace($locale['thousands_sep'], '', $value); 868 868 869 /* 869 870 $is_valid = ( 870 871 is_numeric($value) // Must be able to be converted to a number … … 872 873 && bccomp($value, "-9223372036854775807") >= 0 // Must be greater than than min of 64-bit 873 874 && bccomp($value, "9223372036854775807") <= 0 // Must be less than max of 64-bit 875 );*/ 876 877 /* remove Hotaru's dependency on BC Math */ 878 $is_valid = ( 879 is_numeric($value) // Must be able to be converted to a number 880 && preg_replace("/^-?([0-9]+)$/", "", $value) == "" // Must be an integer (no floats or e-powers) 881 && ($value >= -9223372036854775807) // Must be greater than than min of 64-bit 882 && ($value <= 9223372036854775807) // Must be less than max of 64-bit 874 883 ); 884 875 885 if (!$is_valid) { 876 886 return false; -
trunk/libs/extensions/SmartLoader/smartloader.class.php
r1896 r2080 267 267 /* Allow ftp users to access/modify/delete cache file, suppress chmod errors here */ 268 268 @chmod($this->cacheFilename, 0664); 269 } else { 270 print "Can not write to the cache folder. You may need to change the permissions to this folder and files within it, before Hotaru can start."; 269 271 } 270 272 } -
trunk/libs/extensions/csrf/csrf_class.php
r1896 r2080 58 58 } 59 59 if (isset($valid)) { 60 $sql = "DELETE FROM " . $this->table . " WHERE token_sid = %s ";61 $h->db->query($h->db->prepare($sql, $valid ));60 $sql = "DELETE FROM " . $this->table . " WHERE token_sid = %s AND token_key = %s"; 61 $h->db->query($h->db->prepare($sql, $valid, $cleanKey)); 62 62 return true; 63 63 } -
trunk/libs/extensions/ezSQL/mysql/ez_sql_mysql.php
r1896 r2080 166 166 167 167 /********************************************************************** 168 * Perform mySQL query and try to det irminresult value168 * Perform mySQL query and try to determine result value 169 169 */ 170 170 … … 215 215 $this->selectDB($this->dbname); 216 216 } 217 218 // Decide whether need for multisite siteid string to be added to query 219 if (defined('MULTI_SITE') && MULTI_SITE == 'true' && !strpos($query, '_siteid')) { 220 $query = $this->whereMultiSite($query); 221 } else { 222 // print "missing query" . $query . '<br/>'; 223 } 217 224 218 225 // Perform the query via std mysql_query function.. … … 329 336 330 337 function table_exists($table2check) { 331 foreach ( $this->get_col("SHOW TABLES",0) as $table_name ) { 332 if($table_name == DB_PREFIX . $table2check) { 333 return true; 334 } 335 } 338 $tables = $this->get_col("SHOW TABLES",0); 339 if (in_array(DB_PREFIX . $table2check, $tables)) { return true; } 340 336 341 return false; 337 342 } … … 376 381 } 377 382 383 384 function whereMultisite($query) 385 { 386 $siteidtables = array('blocked'=>'blocked', 'posts'=>'post', 'comments'=>'comment', 'categories'=>'category', 'users'=>'user', 387 'plugins'=>'plugin', 'pluginsettings'=>'plugin', 'tags'=>'tags', 'settings'=>'settings', 'miscdata'=>'miscdata', 388 'widgets'=>'widget', 'pluginhooks'=>'pluginhooks'); 389 390 //$const = eval(MS_TABLES); 391 $const = unserialize(MS_TABLES); 392 if ($const) { $siteidtables = $const;} else { } 393 394 $before ="before: " . $query . "<br/><br/>"; 395 $after = "no"; 396 397 // Note, must be case sensitive to avoid text being inserted as from and then being picked up 398 if (strpos($query, ' FROM ') !== false) { 399 $array = explode('FROM ',$query); 400 401 if ($array[0] != 'SHOW COLUMNS ') { 402 403 if (!isset($array[1])) { var_dump($array); } 404 $array2 = explode(' ', $array[1]); 405 if ($array2[0] == '') { $table = $array2[1]; } else { $table = $array2[0]; } 406 407 $array3 = explode(DB_PREFIX , $table); 408 409 $tablename = $array3[1]; 410 $tablename = str_replace(',', '', $tablename); 411 412 if (array_key_exists($tablename, $siteidtables)) { 413 if (stripos($query, $table)) { 414 if (stripos($query, 'WHERE') !== false) { 415 $array = explode('WHERE ', $query); 416 $query = $array[0] . ' WHERE ' . $siteidtables[$tablename] . '_siteid = ' . SITEID . " AND " . $array[1]; 417 } else { 418 $array = $array = explode('FROM ' . $table ,$query); 419 $query = $array[0] . ' FROM ' . $table . ' WHERE ' . $siteidtables[$tablename] . '_siteid = ' . SITEID . $array[1]; 420 } 421 422 $after = "<span style='color:red; font-weight:bold;'>AFTER</span>: " . $query . "<br/><br/>"; 423 } 424 } 425 } 426 } 427 428 429 if (stripos($query, 'UPDATE ') !== false) { 430 $pattern = '/^UPDATE(.*?)\SET/'; 431 preg_match($pattern, $query, $matches); 432 if ($matches) { $tablename = trim($matches[1]); } else { 433 434 } 435 $tablename = str_ireplace(DB_PREFIX, '', $tablename); 436 437 if (array_key_exists($tablename, $siteidtables)) { 438 if (stripos($query, 'WHERE') !== false) { 439 $array = explode('WHERE ', $query); 440 $query = $array[0] . ' WHERE ' . $siteidtables[$tablename] . '_siteid = ' . SITEID . " AND " . $array[1]; 441 } else { 442 $query = $query . ' WHERE ' . $siteidtables[$tablename] . '_siteid = ' . SITEID; 443 } 444 445 $after = "<br/><span style='color:red; font-weight:bold;'>AFTER</span>: " . $query . "<br/><br/>"; 446 } 447 } 448 449 if (stripos($query, 'INSERT INTO ') !== false) { 450 $pattern = '/^INSERT INTO(.*?)\SET/'; 451 preg_match($pattern, $query, $matches); 452 if ($matches) { $tablename = trim($matches[1]); } else { 453 $pattern = '/^INSERT INTO(.*?)\(/'; 454 preg_match($pattern, $query, $matches); 455 if ($matches) { $tablename = trim($matches[1]); } 456 } 457 458 $tablename = str_ireplace(DB_PREFIX, '', $tablename); 459 460 if (array_key_exists($tablename, $siteidtables)) { 461 if (stripos($query, 'VALUES') !== false) { 462 $array = explode('INTO ' . DB_PREFIX . $tablename . ' (', $query); 463 $query = 'INSERT INTO ' . DB_PREFIX . $tablename . ' (' . $siteidtables[$tablename] . '_siteid, ' . $array[1]; 464 465 // $array = explode('VALUES', $query); 466 // $values = $array[1]; 467 // $pattern = '/\(.*?\)/'; 468 // preg_match_all($pattern, $values, $matches); 469 470 $array = explode('VALUES', $query); 471 if (!$array[1]) { print 'no 2nd part of array'; $array = explode('VALUES(', $query);} 472 $right_side = str_replace("(", "(" . SITEID . ",", $array[1]); 473 $query = $array[0] . " VALUES " . $right_side; 474 } 475 else { 476 $array = explode('SET ', $query); 477 $query = $array[0] . " SET " . $siteidtables[$tablename] . "_siteid = " . SITEID . ", " . $array[1]; 478 } 479 480 $after = "<br/><span style='color:red; font-weight:bold;'>AFTER</span>: " . $query . "<br/><br/>"; 481 } 482 } 483 484 if (stripos($query, 'REPLACE INTO ') !== false) { 485 $pattern = '/^REPLACE INTO(.*?)\(/'; 486 preg_match($pattern, $query, $matches); 487 if ($matches) { $tablename = trim($matches[1]); } 488 489 $tablename = str_ireplace(DB_PREFIX, '', $tablename); 490 491 if (array_key_exists($tablename, $siteidtables)) { 492 if (stripos($query, 'VALUES') !== false) { 493 $array = explode('INTO ' . DB_PREFIX . $tablename . ' (', $query); 494 $query = 'REPLACE INTO ' . DB_PREFIX . $tablename . ' (' . $siteidtables[$tablename] . '_siteid, ' . $array[1]; 495 $array = explode('VALUES (', $query); 496 $query = $array[0] . ' VALUES (' . SITEID . ", " . $array[1]; 497 } 498 } 499 500 $after = "<br/><span style='color:red; font-weight:bold;'>AFTER</span>: " . $query . "<br/><br/>"; 501 } 502 503 // if (stripos($query, 'DELETE') !== false) { 504 //print ">>>>>>DELETE>>>>>>>>" . $tablename . '<<<<<<<<<<<<<<<<<<br/>'; 505 // print $before; 506 // 507 // if (array_key_exists($tablename, $siteidtables)) { 508 // if (stripos($query, $table)) { 509 // print $query; 510 // if (stripos($query, 'WHERE') !== false) { 511 // print "here"; 512 // $array = explode('WHERE ', $query); 513 // $query = $array[0] . ' WHERE ' . $siteidtables[$tablename] . '_siteid = ' . SITEID . " AND " . $array[1]; 514 // } else { 515 // print "next"; 516 // $array = explode('FROM ' . $table ,$query); 517 // $query = $array[0] . ' FROM ' . $table . ' WHERE ' . $siteidtables[$tablename] . '_siteid = ' . SITEID . $array[1]; 518 // } 519 // 520 // $after = "<span style='color:red; font-weight:bold;'>AFTER</span>: " . $query . "<br/><br/>"; 521 //print $after; 522 // } 523 // } 524 // } 525 526 if (stripos($query, 'TRUNCATE') !== false) { 527 528 } 529 530 531 //if ($after == 'no') { print $before; } 532 // print $before; 533 // print $after; 534 return $query; 535 } 378 536 } 379 537 -
trunk/libs/extensions/htmLawed/htmLawed.php
r1896 r2080 2 2 3 3 /* 4 htmLawed 1.1. 8.1, 16 July 20094 htmLawed 1.1.9.4, 3 July 2010 5 5 Copyright Santosh Patnaik 6 GPL v3 license6 LGPL v3 license 7 7 A PHP Labware internal utility; www.bioinformatics.org/phplabware/internal_utilities/htmLawed 8 8 … … 52 52 } 53 53 if(!isset($C['schemes']['*'])){$C['schemes']['*'] = array('file'=>1, 'http'=>1, 'https'=>1,);} 54 if(!empty($C['safe']) && empty($C['schemes']['style'])){$C['schemes']['style'] = array(' nil'=>1);}54 if(!empty($C['safe']) && empty($C['schemes']['style'])){$C['schemes']['style'] = array('!'=>1);} 55 55 $C['abs_url'] = isset($C['abs_url']) ? $C['abs_url'] : 0; 56 56 if(!isset($C['base_url']) or !preg_match('`^[a-zA-Z\d.+\-]+://[^/]+/(.+?/)?$`', $C['base_url'])){ … … 155 155 // block/inline type; ins & del both type; #pcdata: text 156 156 $eB = array('address'=>1, 'blockquote'=>1, 'center'=>1, 'del'=>1, 'dir'=>1, 'dl'=>1, 'div'=>1, 'fieldset'=>1, 'form'=>1, 'ins'=>1, 'h1'=>1, 'h2'=>1, 'h3'=>1, 'h4'=>1, 'h5'=>1, 'h6'=>1, 'hr'=>1, 'isindex'=>1, 'menu'=>1, 'noscript'=>1, 'ol'=>1, 'p'=>1, 'pre'=>1, 'table'=>1, 'ul'=>1); 157 $eI = array('#pcdata'=>1, 'a'=>1, 'abbr'=>1, 'acronym'=>1, 'applet'=>1, 'b'=>1, 'bdo'=>1, 'big'=>1, 'br'=>1, 'button'=>1, 'cite'=>1, 'code'=>1, 'del'=>1, 'dfn'=>1, 'em'=>1, 'embed'=>1, 'font'=>1, 'i'=>1, 'iframe'=>1, 'img'=>1, 'input'=>1, 'ins'=>1, 'kbd'=>1, 'label'=>1, 'map'=>1, 'object'=>1, ' param'=>1, 'q'=>1, 'ruby'=>1, 's'=>1, 'samp'=>1, 'select'=>1, 'script'=>1, 'small'=>1, 'span'=>1, 'strike'=>1, 'strong'=>1, 'sub'=>1, 'sup'=>1, 'textarea'=>1, 'tt'=>1, 'u'=>1, 'var'=>1);157 $eI = array('#pcdata'=>1, 'a'=>1, 'abbr'=>1, 'acronym'=>1, 'applet'=>1, 'b'=>1, 'bdo'=>1, 'big'=>1, 'br'=>1, 'button'=>1, 'cite'=>1, 'code'=>1, 'del'=>1, 'dfn'=>1, 'em'=>1, 'embed'=>1, 'font'=>1, 'i'=>1, 'iframe'=>1, 'img'=>1, 'input'=>1, 'ins'=>1, 'kbd'=>1, 'label'=>1, 'map'=>1, 'object'=>1, 'q'=>1, 'ruby'=>1, 's'=>1, 'samp'=>1, 'select'=>1, 'script'=>1, 'small'=>1, 'span'=>1, 'strike'=>1, 'strong'=>1, 'sub'=>1, 'sup'=>1, 'textarea'=>1, 'tt'=>1, 'u'=>1, 'var'=>1); 158 158 $eN = array('a'=>1, 'big'=>1, 'button'=>1, 'fieldset'=>1, 'font'=>1, 'form'=>1, 'iframe'=>1, 'img'=>1, 'input'=>1, 'label'=>1, 'object'=>1, 'ruby'=>1, 'script'=>1, 'select'=>1, 'small'=>1, 'sub'=>1, 'sup'=>1, 'textarea'=>1); // Exclude from specific ele; $cN values 159 $eO = array('area'=>1, 'caption'=>1, 'col'=>1, 'colgroup'=>1, 'dd'=>1, 'dt'=>1, 'legend'=>1, 'li'=>1, 'optgroup'=>1, 'option'=>1, ' rb'=>1, 'rbc'=>1, 'rp'=>1, 'rt'=>1, 'rtc'=>1, 'script'=>1, 'tbody'=>1, 'td'=>1, 'tfoot'=>1, 'thead'=>1, 'th'=>1, 'tr'=>1); // Missing in $eB & $eI159 $eO = array('area'=>1, 'caption'=>1, 'col'=>1, 'colgroup'=>1, 'dd'=>1, 'dt'=>1, 'legend'=>1, 'li'=>1, 'optgroup'=>1, 'option'=>1, 'param'=>1, 'rb'=>1, 'rbc'=>1, 'rp'=>1, 'rt'=>1, 'rtc'=>1, 'script'=>1, 'tbody'=>1, 'td'=>1, 'tfoot'=>1, 'thead'=>1, 'th'=>1, 'tr'=>1); // Missing in $eB & $eI 160 160 $eF = $eB + $eI; 161 161 … … 296 296 $t = $t[0]; 297 297 global $C; 298 if( $t[3] == '-'){299 if(!$C['comment']){return $t;}300 if($C['comment'] == 1){return '';} 298 if(!($v = $C[$n = $t[3] == '-' ? 'comment' : 'cdata'])){return $t;} 299 if($v == 1){return '';} 300 if($n == 'comment'){ 301 301 if(substr(($t = preg_replace('`--+`', '-', substr($t, 4, -3))), -1) != ' '){$t .= ' ';} 302 $t = $C['comment'] == 2 ? str_replace(array('&', '<', '>'), array('&', '<', '>'), $t) : $t; 303 $t = "\x01\x02\x04!--$t--\x05\x02\x01"; 304 }else{ // CDATA 305 if(!$C['cdata']){return $t;} 306 if($C['cdata'] == 1){return '';} 307 $t = substr($t, 1, -1); 308 $t = $C['cdata'] == 2 ? str_replace(array('&', '<', '>'), array('&', '<', '>'), $t) : $t; 309 $t = "\x01\x01\x04$t\x05\x01\x01"; 310 } 311 return str_replace(array('&', '<', '>'), array("\x03", "\x04", "\x05"), $t); 302 } 303 else{$t = substr($t, 1, -1);} 304 $t = $v == 2 ? str_replace(array('&', '<', '>'), array('&', '<', '>'), $t) : $t; 305 return str_replace(array('&', '<', '>'), array("\x03", "\x04", "\x05"), ($n == 'comment' ? "\x01\x02\x04!--$t--\x05\x02\x01" : "\x01\x01\x04$t\x05\x01\x01")); 312 306 // eof 313 307 } … … 335 329 if($c == null){$c = 'style'; $b = $p[1]; $a = $p[3]; $p = trim($p[2]);} 336 330 $c = isset($C['schemes'][$c]) ? $C['schemes'][$c] : $C['schemes']['*']; 337 if(isset($c['*']) or !strcspn($p, '#?;')){return "{$b}{$p}{$a}";} // All ok, frag, query, param 331 static $d = 'denied:'; 332 if(isset($c['!']) && substr($p, 0, 7) != $d){$p = "$d$p";} 333 if(isset($c['*']) or !strcspn($p, '#?;') or (substr($p, 0, 7) == $d)){return "{$b}{$p}{$a}";} // All ok, frag, query, param 338 334 if(preg_match('`^([a-z\d\-+.&#; ]+?)(:|&#(58|x3a);|%3a|\\\\0{0,4}3a).`i', $p, $m) && !isset($c[strtolower($m[1])])){ // Denied prot 339 return "{$b} denied:{$p}{$a}";335 return "{$b}{$d}{$p}{$a}"; 340 336 } 341 337 if($C['abs_url']){ … … 420 416 } 421 417 // attr string 422 $a = str_replace(array("\xad", "\n", "\r", "\t"), ' ', trim($m[3])); 423 if(strpos($a, '&') !== false){ 424 str_replace(array('­', '­', '­'), ' ', $a); 425 } 418 $a = str_replace(array("\n", "\r", "\t"), ' ', trim($m[3])); 426 419 // tag transform 427 420 static $eD = array('applet'=>1, 'center'=>1, 'dir'=>1, 'embed'=>1, 'font'=>1, 'isindex'=>1, 'menu'=>1, 's'=>1, 'strike'=>1, 'u'=>1); // Deprecated … … 437 430 438 431 // open tag & attr 439 static $aN = array('abbr'=>array('td'=>1, 'th'=>1), 'accept-charset'=>array('form'=>1), 'accept'=>array('form'=>1, 'input'=>1), 'accesskey'=>array('a'=>1, 'area'=>1, 'button'=>1, 'input'=>1, 'label'=>1, 'legend'=>1, 'textarea'=>1), 'action'=>array('form'=>1), 'align'=>array('caption'=>1, 'embed'=>1, 'applet'=>1, 'iframe'=>1, 'img'=>1, 'input'=>1, 'object'=>1, 'legend'=>1, 'table'=>1, 'hr'=>1, 'div'=>1, 'h1'=>1, 'h2'=>1, 'h3'=>1, 'h4'=>1, 'h5'=>1, 'h6'=>1, 'p'=>1, 'col'=>1, 'colgroup'=>1, 'tbody'=>1, 'td'=>1, 'tfoot'=>1, 'th'=>1, 'thead'=>1, 'tr'=>1), 'alt'=>array('applet'=>1, 'area'=>1, 'img'=>1, 'input'=>1), 'archive'=>array('applet'=>1, 'object'=>1), 'axis'=>array('td'=>1, 'th'=>1), 'bgcolor'=>array('embed'=>1, 'table'=>1, 'tr'=>1, 'td'=>1, 'th'=>1), 'border'=>array('table'=>1, 'img'=>1, 'object'=>1), 'bordercolor'=>array('table'=>1, 'td'=>1, 'tr'=>1), 'cellpadding'=>array('table'=>1), 'cellspacing'=>array('table'=>1), 'char'=>array('col'=>1, 'colgroup'=>1, 'tbody'=>1, 'td'=>1, 'tfoot'=>1, 'th'=>1, 'thead'=>1, 'tr'=>1), 'charoff'=>array('col'=>1, 'colgroup'=>1, 'tbody'=>1, 'td'=>1, 'tfoot'=>1, 'th'=>1, 'thead'=>1, 'tr'=>1), 'charset'=>array('a'=>1, 'script'=>1), 'checked'=>array('input'=>1), 'cite'=>array('blockquote'=>1, 'q'=>1, 'del'=>1, 'ins'=>1), 'classid'=>array('object'=>1), 'clear'=>array('br'=>1), 'code'=>array('applet'=>1), 'codebase'=>array('object'=>1, 'applet'=>1), 'codetype'=>array('object'=>1), 'color'=>array('font'=>1), 'cols'=>array('textarea'=>1), 'colspan'=>array('td'=>1, 'th'=>1), 'compact'=>array('dir'=>1, 'dl'=>1, 'menu'=>1, 'ol'=>1, 'ul'=>1), 'coords'=>array('area'=>1, 'a'=>1), 'data'=>array('object'=>1), 'datetime'=>array('del'=>1, 'ins'=>1), 'declare'=>array('object'=>1), 'defer'=>array('script'=>1), 'dir'=>array('bdo'=>1), 'disabled'=>array('button'=>1, 'input'=>1, 'optgroup'=>1, 'option'=>1, 'select'=>1, 'textarea'=>1), 'enctype'=>array('form'=>1), 'face'=>array('font'=>1), 'f or'=>array('label'=>1), 'frame'=>array('table'=>1), 'frameborder'=>array('iframe'=>1), 'headers'=>array('td'=>1, 'th'=>1), 'height'=>array('embed'=>1, 'iframe'=>1, 'td'=>1, 'th'=>1, 'img'=>1, 'object'=>1, 'applet'=>1), 'href'=>array('a'=>1, 'area'=>1), 'hreflang'=>array('a'=>1), 'hspace'=>array('applet'=>1, 'img'=>1, 'object'=>1), 'ismap'=>array('img'=>1, 'input'=>1), 'label'=>array('option'=>1, 'optgroup'=>1), 'language'=>array('script'=>1), 'longdesc'=>array('img'=>1, 'iframe'=>1), 'marginheight'=>array('iframe'=>1), 'marginwidth'=>array('iframe'=>1), 'maxlength'=>array('input'=>1), 'method'=>array('form'=>1), 'model'=>array('embed'=>1), 'multiple'=>array('select'=>1), 'name'=>array('button'=>1, 'embed'=>1, 'textarea'=>1, 'applet'=>1, 'select'=>1, 'form'=>1, 'iframe'=>1, 'img'=>1, 'a'=>1, 'input'=>1, 'object'=>1, 'map'=>1, 'param'=>1), 'nohref'=>array('area'=>1), 'noshade'=>array('hr'=>1), 'nowrap'=>array('td'=>1, 'th'=>1), 'object'=>array('applet'=>1), 'onblur'=>array('a'=>1, 'area'=>1, 'button'=>1, 'input'=>1, 'label'=>1, 'select'=>1, 'textarea'=>1), 'onchange'=>array('input'=>1, 'select'=>1, 'textarea'=>1), 'onfocus'=>array('a'=>1, 'area'=>1, 'button'=>1, 'input'=>1, 'label'=>1, 'select'=>1, 'textarea'=>1), 'onreset'=>array('form'=>1), 'onselect'=>array('input'=>1, 'textarea'=>1), 'onsubmit'=>array('form'=>1), 'pluginspage'=>array('embed'=>1), 'pluginurl'=>array('embed'=>1), 'prompt'=>array('isindex'=>1), 'readonly'=>array('textarea'=>1, 'input'=>1), 'rel'=>array('a'=>1), 'rev'=>array('a'=>1), 'rows'=>array('textarea'=>1), 'rowspan'=>array('td'=>1, 'th'=>1), 'rules'=>array('table'=>1), 'scope'=>array('td'=>1, 'th'=>1), 'scrolling'=>array('iframe'=>1), 'selected'=>array('option'=>1), 'shape'=>array('area'=>1, 'a'=>1), 'size'=>array('hr'=>1, 'font'=>1, 'input'=>1, 'select'=>1), 'span'=>array('col'=>1, 'colgroup'=>1), 'src'=>array('embed'=>1, 'script'=>1, 'input'=>1, 'iframe'=>1, 'img'=>1), 'standby'=>array('object'=>1), 'start'=>array('ol'=>1), 'summary'=>array('table'=>1), 'tabindex'=>array('a'=>1, 'area'=>1, 'button'=>1, 'input'=>1, 'object'=>1, 'select'=>1, 'textarea'=>1), 'target'=>array('a'=>1, 'area'=>1, 'form'=>1), 'type'=>array('a'=>1, 'embed'=>1, 'object'=>1, 'param'=>1, 'script'=>1, 'input'=>1, 'li'=>1, 'ol'=>1, 'ul'=>1, 'button'=>1), 'usemap'=>array('img'=>1, 'input'=>1, 'object'=>1), 'valign'=>array('col'=>1, 'colgroup'=>1, 'tbody'=>1, 'td'=>1, 'tfoot'=>1, 'th'=>1, 'thead'=>1, 'tr'=>1), 'value'=>array('input'=>1, 'option'=>1, 'param'=>1, 'button'=>1, 'li'=>1), 'valuetype'=>array('param'=>1), 'vspace'=>array('applet'=>1, 'img'=>1, 'object'=>1), 'width'=>array('embed'=>1, 'hr'=>1, 'iframe'=>1, 'img'=>1, 'object'=>1, 'table'=>1, 'td'=>1, 'th'=>1, 'applet'=>1, 'col'=>1, 'colgroup'=>1, 'pre'=>1), 'wmode'=>array('embed'=>1), 'xml:space'=>array('pre'=>1, 'script'=>1, 'style'=>1)); // Ele-specific432 static $aN = array('abbr'=>array('td'=>1, 'th'=>1), 'accept-charset'=>array('form'=>1), 'accept'=>array('form'=>1, 'input'=>1), 'accesskey'=>array('a'=>1, 'area'=>1, 'button'=>1, 'input'=>1, 'label'=>1, 'legend'=>1, 'textarea'=>1), 'action'=>array('form'=>1), 'align'=>array('caption'=>1, 'embed'=>1, 'applet'=>1, 'iframe'=>1, 'img'=>1, 'input'=>1, 'object'=>1, 'legend'=>1, 'table'=>1, 'hr'=>1, 'div'=>1, 'h1'=>1, 'h2'=>1, 'h3'=>1, 'h4'=>1, 'h5'=>1, 'h6'=>1, 'p'=>1, 'col'=>1, 'colgroup'=>1, 'tbody'=>1, 'td'=>1, 'tfoot'=>1, 'th'=>1, 'thead'=>1, 'tr'=>1), 'alt'=>array('applet'=>1, 'area'=>1, 'img'=>1, 'input'=>1), 'archive'=>array('applet'=>1, 'object'=>1), 'axis'=>array('td'=>1, 'th'=>1), 'bgcolor'=>array('embed'=>1, 'table'=>1, 'tr'=>1, 'td'=>1, 'th'=>1), 'border'=>array('table'=>1, 'img'=>1, 'object'=>1), 'bordercolor'=>array('table'=>1, 'td'=>1, 'tr'=>1), 'cellpadding'=>array('table'=>1), 'cellspacing'=>array('table'=>1), 'char'=>array('col'=>1, 'colgroup'=>1, 'tbody'=>1, 'td'=>1, 'tfoot'=>1, 'th'=>1, 'thead'=>1, 'tr'=>1), 'charoff'=>array('col'=>1, 'colgroup'=>1, 'tbody'=>1, 'td'=>1, 'tfoot'=>1, 'th'=>1, 'thead'=>1, 'tr'=>1), 'charset'=>array('a'=>1, 'script'=>1), 'checked'=>array('input'=>1), 'cite'=>array('blockquote'=>1, 'q'=>1, 'del'=>1, 'ins'=>1), 'classid'=>array('object'=>1), 'clear'=>array('br'=>1), 'code'=>array('applet'=>1), 'codebase'=>array('object'=>1, 'applet'=>1), 'codetype'=>array('object'=>1), 'color'=>array('font'=>1), 'cols'=>array('textarea'=>1), 'colspan'=>array('td'=>1, 'th'=>1), 'compact'=>array('dir'=>1, 'dl'=>1, 'menu'=>1, 'ol'=>1, 'ul'=>1), 'coords'=>array('area'=>1, 'a'=>1), 'data'=>array('object'=>1), 'datetime'=>array('del'=>1, 'ins'=>1), 'declare'=>array('object'=>1), 'defer'=>array('script'=>1), 'dir'=>array('bdo'=>1), 'disabled'=>array('button'=>1, 'input'=>1, 'optgroup'=>1, 'option'=>1, 'select'=>1, 'textarea'=>1), 'enctype'=>array('form'=>1), 'face'=>array('font'=>1), 'flashvars'=>array('embed'=>1), 'for'=>array('label'=>1), 'frame'=>array('table'=>1), 'frameborder'=>array('iframe'=>1), 'headers'=>array('td'=>1, 'th'=>1), 'height'=>array('embed'=>1, 'iframe'=>1, 'td'=>1, 'th'=>1, 'img'=>1, 'object'=>1, 'applet'=>1), 'href'=>array('a'=>1, 'area'=>1), 'hreflang'=>array('a'=>1), 'hspace'=>array('applet'=>1, 'img'=>1, 'object'=>1), 'ismap'=>array('img'=>1, 'input'=>1), 'label'=>array('option'=>1, 'optgroup'=>1), 'language'=>array('script'=>1), 'longdesc'=>array('img'=>1, 'iframe'=>1), 'marginheight'=>array('iframe'=>1), 'marginwidth'=>array('iframe'=>1), 'maxlength'=>array('input'=>1), 'method'=>array('form'=>1), 'model'=>array('embed'=>1), 'multiple'=>array('select'=>1), 'name'=>array('button'=>1, 'embed'=>1, 'textarea'=>1, 'applet'=>1, 'select'=>1, 'form'=>1, 'iframe'=>1, 'img'=>1, 'a'=>1, 'input'=>1, 'object'=>1, 'map'=>1, 'param'=>1), 'nohref'=>array('area'=>1), 'noshade'=>array('hr'=>1), 'nowrap'=>array('td'=>1, 'th'=>1), 'object'=>array('applet'=>1), 'onblur'=>array('a'=>1, 'area'=>1, 'button'=>1, 'input'=>1, 'label'=>1, 'select'=>1, 'textarea'=>1), 'onchange'=>array('input'=>1, 'select'=>1, 'textarea'=>1), 'onfocus'=>array('a'=>1, 'area'=>1, 'button'=>1, 'input'=>1, 'label'=>1, 'select'=>1, 'textarea'=>1), 'onreset'=>array('form'=>1), 'onselect'=>array('input'=>1, 'textarea'=>1), 'onsubmit'=>array('form'=>1), 'pluginspage'=>array('embed'=>1), 'pluginurl'=>array('embed'=>1), 'prompt'=>array('isindex'=>1), 'readonly'=>array('textarea'=>1, 'input'=>1), 'rel'=>array('a'=>1), 'rev'=>array('a'=>1), 'rows'=>array('textarea'=>1), 'rowspan'=>array('td'=>1, 'th'=>1), 'rules'=>array('table'=>1), 'scope'=>array('td'=>1, 'th'=>1), 'scrolling'=>array('iframe'=>1), 'selected'=>array('option'=>1), 'shape'=>array('area'=>1, 'a'=>1), 'size'=>array('hr'=>1, 'font'=>1, 'input'=>1, 'select'=>1), 'span'=>array('col'=>1, 'colgroup'=>1), 'src'=>array('embed'=>1, 'script'=>1, 'input'=>1, 'iframe'=>1, 'img'=>1), 'standby'=>array('object'=>1), 'start'=>array('ol'=>1), 'summary'=>array('table'=>1), 'tabindex'=>array('a'=>1, 'area'=>1, 'button'=>1, 'input'=>1, 'object'=>1, 'select'=>1, 'textarea'=>1), 'target'=>array('a'=>1, 'area'=>1, 'form'=>1), 'type'=>array('a'=>1, 'embed'=>1, 'object'=>1, 'param'=>1, 'script'=>1, 'input'=>1, 'li'=>1, 'ol'=>1, 'ul'=>1, 'button'=>1), 'usemap'=>array('img'=>1, 'input'=>1, 'object'=>1), 'valign'=>array('col'=>1, 'colgroup'=>1, 'tbody'=>1, 'td'=>1, 'tfoot'=>1, 'th'=>1, 'thead'=>1, 'tr'=>1), 'value'=>array('input'=>1, 'option'=>1, 'param'=>1, 'button'=>1, 'li'=>1), 'valuetype'=>array('param'=>1), 'vspace'=>array('applet'=>1, 'img'=>1, 'object'=>1), 'width'=>array('embed'=>1, 'hr'=>1, 'iframe'=>1, 'img'=>1, 'object'=>1, 'table'=>1, 'td'=>1, 'th'=>1, 'applet'=>1, 'col'=>1, 'colgroup'=>1, 'pre'=>1), 'wmode'=>array('embed'=>1), 'xml:space'=>array('pre'=>1, 'script'=>1, 'style'=>1)); // Ele-specific 440 433 static $aNE = array('checked'=>1, 'compact'=>1, 'declare'=>1, 'defer'=>1, 'disabled'=>1, 'ismap'=>1, 'multiple'=>1, 'nohref'=>1, 'noresize'=>1, 'noshade'=>1, 'nowrap'=>1, 'readonly'=>1, 'selected'=>1); // Empty 441 434 static $aNP = array('action'=>1, 'cite'=>1, 'classid'=>1, 'codebase'=>1, 'data'=>1, 'href'=>1, 'longdesc'=>1, 'model'=>1, 'pluginspage'=>1, 'pluginurl'=>1, 'usemap'=>1); // Need scheme check; excludes style, on* & src … … 504 497 $v = strtr($v, $sC); 505 498 } 506 $v = preg_replace_callback('`(url(?:\()(?: )*(?:\'|"|&(?:quot|apos);)?)(.+ )((?:\'|"|&(?:quot|apos);)?(?: )*(?:\)))`iS', 'hl_prot', $v);499 $v = preg_replace_callback('`(url(?:\()(?: )*(?:\'|"|&(?:quot|apos);)?)(.+?)((?:\'|"|&(?:quot|apos);)?(?: )*(?:\)))`iS', 'hl_prot', $v); 507 500 $v = !$C['css_expression'] ? preg_replace('`expression`i', ' ', preg_replace('`\\\\\S|(/|(%2f))(\*|(%2a))`i', ' ', $v)) : $v; 508 501 }elseif(isset($aNP[$k]) or strpos($k, 'src') !== false or $k[0] == 'o'){ 502 $v = str_replace("\xad", ' ', (strpos($v, '&') !== false ? str_replace(array('­', '­', '­'), ' ', $v) : $v)); 509 503 $v = hl_prot($v, $k); 510 504 if($k == 'href'){ // X-spam … … 691 685 function hl_version(){ 692 686 // rel 693 return '1.1. 8.1';687 return '1.1.9.4'; 694 688 // eof 695 689 } -
trunk/libs/extensions/htmLawed/htmLawed_README.txt
r1896 r2080 1 1 /* 2 htmLawed_README.txt, 16 July 20093 htmLawed 1.1. 8.1, 16 July 20092 htmLawed_README.txt, 3 July 2010 3 htmLawed 1.1.9.4, 3 July 2010 4 4 Copyright Santosh Patnaik 5 GPL v3 license5 LGPL v3 license 6 6 A PHP Labware internal utility - http://www.bioinformatics.org/phplabware/internal_utilities/htmLawed 7 7 */ … … 26 26 2.7 Tolerance for ill-written HTML 27 27 2.8 Limitations & work-arounds 28 2.9 Examples 28 2.9 Examples of usage 29 29 3 Details 30 30 3.1 Invalid/dangerous characters … … 132 132 * remove *null* characters * 133 133 * neutralize potentially dangerous proprietary Netscape *Javascript entities* * 134 * replace potentially dangerous *soft-hyphen* character in attribute values with spaces *134 * replace potentially dangerous *soft-hyphen* character in URL-accepting attribute values with spaces * 135 135 136 136 * remove common *invalid characters* not allowed in HTML or XML ^` … … 172 172 173 173 174 htmLawed is free and open-source software licensed under GPL license version 3:- http://www.gnu.org/licenses/gpl-3.0.txt, and copyrighted by Santosh Patnaik, MD, PhD.174 htmLawed is free and open-source software licensed under LGPL license version 3:- http://www.gnu.org/licenses/lgpl-3.0.txt, and copyrighted by Santosh Patnaik, MD, PhD. 175 175 176 176 … … 204 204 205 205 To easily *test* htmLawed using a form-based interface, use the provided demo:- htmLawedTest.php ('htmLawed.php' and 'htmLawedTest.php' should be in the same directory on the web-server). 206 207 *Note*: For code for usage of the htmLawed class (for htmLawed in OOP), please refer to the htmLawed:- http://www.bioinformatics.org/phplabware/internal_utilities/htmLawed website; the filtering itself can be configured, etc., as described here. 206 208 207 209 … … 377 379 378 380 *schemes* 379 Array of attribute-specific, comma-separated, lower-cased list of schemes (protocols) allowed in attributes accepting URLs ; '*' covers all unspecified attributes; see section:- #3.4.3381 Array of attribute-specific, comma-separated, lower-cased list of schemes (protocols) allowed in attributes accepting URLs (or '!' to `deny` any URL); '*' covers all unspecified attributes; see section:- #3.4.3 380 382 381 383 'href: aim, feed, file, ftp, gopher, http, https, irc, mailto, news, nntp, sftp, ssh, telnet; *:file, http, https' * 382 384 '*: ftp, gopher, http, https, mailto, news, nntp, telnet' ^ 383 'href: aim, feed, file, ftp, gopher, http, https, irc, mailto, news, nntp, sftp, ssh, telnet; style: nil; *:file, http, https' "385 'href: aim, feed, file, ftp, gopher, http, https, irc, mailto, news, nntp, sftp, ssh, telnet; style: !; *:file, http, https' " 384 386 385 387 *show_setting* … … 492 494 493 495 494 When setting the parameters/arguments (like those to allow certain HTML elements) for use with htmLawed, one should bear in mind that the setting may let through potentially `dangerous` HTML code . (This may not be a problem if the authors are trusted.)495 496 For example, following increase security risks:496 When setting the parameters/arguments (like those to allow certain HTML elements) for use with htmLawed, one should bear in mind that the setting may let through potentially `dangerous` HTML code which is meant to steal user-data, deface a website, render a page non-functional, etc. 497 498 Unless end-users, either people or software, supplying the content are completely trusted, security issues arising from the degree of HTML usage permission has to be kept in mind. For example, following increase security risks: 497 499 498 500 * Allowing 'script', 'applet', 'embed', 'iframe' or 'object' elements, or certain of their attributes like 'allowscriptaccess' … … 501 503 502 504 * Allowing dynamic CSS expressions (a feature of the IE browser) 503 504 `Unsafe` HTML can be removed by setting '$config' appropriately. E.g., '$config["elements"] = "* -script"' (section:- #3.3), '$config["safe"] = 1' (section:- #3.6), etc. 505 506 * Allowing the 'style' attribute 507 508 To remove `unsecure` HTML, code-developers using htmLawed must set '$config' appropriately. E.g., '$config["elements"] = "* -script"' to deny the 'script' element (section:- #3.3), '$config["safe"] = 1' to auto-configure ceratin htmLawed parameters for maximizing security (section:- #3.6), etc. 509 510 Permitting the '*style*' attribute brings in risks of `click-jacking`, `phishing`, web-page overlays, etc., `even` when the 'safe' parameter is enabled (see section:- #3.6). Except for URLs and a few other things like CSS dynamic expressions, htmLawed currently does not check every CSS style property. It does provide ways for the code-developer implementing htmLawed to do such checks through htmLawed's '$spec' argument, and through the 'hook_tag' parameter (see section:- #3.4.8 for more). Disallowing 'style' completely and relying on CSS classes and stylesheet files is recommended. 511 512 htmLawed does not check or correct the character *encoding* of the input it receives. In conjunction with permitting circumstances such as when the character encoding is left undefined through HTTP headers or HTML 'meta' tags, this can permit an exploit (like Google's UTF-7/XSS vulnerability of the past). 505 513 506 514 … … 615 623 616 624 * Because of poor Unicode support in PHP, htmLawed does not remove the `high value` HTML-invalid characters with multi-byte code-points. Such characters however are extremely unlikely to be in the input. (see section:- #3.1). 625 626 * htmLawed does not check or correct the character encoding of the input it receives. In conjunction with permitting circumstances such as when the character encoding is left undefined through HTTP headers or HTML 'meta' tags, this can permit an exploit (like Google's UTF-7/XSS vulnerability of the past). 617 627 618 628 * Like any script using PHP's PCRE regex functions, PHP setup-specific low PCRE limit values can cause htmLawed to at least partially fail with very long input texts. 619 629 620 630 621 -- 2.9 Examples ---------------------------------------------------o 622 631 -- 2.9 Examples of usage -------------------------------------------o 632 633 634 Safest, allowing only `safe` HTML markup -- 635 636 $config = array('safe'=>1); 637 $out = htmLawed($in); 638 639 Simplest, allowing all valid HTML markup except 'javascript:' -- 640 641 $out = htmLawed($in); 642 643 Allowing all valid HTML markup including 'javascript:' -- 644 645 $config = array('schemes'=>'*:*'); 646 $out = htmLawed($in, $config); 647 648 Allowing only 'safe' HTML and the elements 'a', 'em', and 'strong' -- 649 650 $config = array('safe'=>1, 'elements'=>'a, em, strong'); 651 $out = htmLawed($in, $config); 652 653 Not allowing elements 'script' and 'object' -- 654 655 $config = array('elements'=>'* -script -object'); 656 $out = htmLawed($in, $config); 657 658 Not allowing attributes 'id' and 'style' -- 659 660 $config = array('deny_attribute'=>'id, style'); 661 $out = htmLawed($in, $config); 662 663 Permitting only attributes 'title' and 'href' -- 664 665 $config = array('deny_attribute'=>'* -title -href'); 666 $out = htmLawed($in, $config); 667 668 Remove bad/disallowed tags altogether instead of converting them to entities -- 669 670 $config = array('keep_bad'=>0); 671 $out = htmLawed($in, $config); 672 673 Allowing attribute 'title' only in 'a' and not allowing attributes 'id', 'style', or scriptable `on*` attributes like 'onclick' -- 674 675 $config = array('deny_attribute'=>'title, id, style, on*'); 676 $spec = 'a=title'; 677 $out = htmLawed($in, $config, $spec); 678 679 Some case-studies are presented below. 623 680 624 681 *1.* A blog administrator wants to allow only 'a', 'em', 'strike', 'strong' and 'u' in comments, but needs 'strike' and 'u' transformed to 'span' for better XHTML 1-strict compliance, and, he wants the 'a' links to be to 'http' or 'https' resources: … … 657 714 The character values are replaced with entities/characters and not character values referred to by the entities/characters to keep this task independent of the character-encoding of input text. 658 715 659 The '$config["clean_ms_char"]' parameter need not be used if authors do not copy-paste Microsoft-created text or if the input text is not believed to use the 'Windows 1252' or a similar encoding. Further, the input form and the web-pages displaying it or its content should have the character encoding appropriately marked-up.716 The '$config["clean_ms_char"]' parameter should not be used if authors do not copy-paste Microsoft-created text, or if the input text is not believed to use the 'Windows 1252' ('Cp-1252') or a similar encoding like 'Cp-1251'. Further, the input form and the web-pages displaying it or its content should have the character encoding appropriately marked-up. 660 717 661 718 … … 663 720 664 721 665 Valid character entities take the form '&*;' where '*' is '#x' followed by a hexadecimal number (hexadecimal numeric entity; like ' ' for non-breaking space), or alphanumeric like 'gt' (external or named entity; like ' ' for non-breaking space), or '#' followed by a number (decimal numeric entity; like ' ' for non-breaking space). Character entities referring to the soft-hyphen character (the '­' or '\xad' character; hexadecimal code-point 'ad' [decimal '173']) in attribute values are always replaced with spaces; soft-hyphens in attribute values introduce vulnerabilities in some older versions of the Opera and Mozilla [Firefox] browsers.722 Valid character entities take the form '&*;' where '*' is '#x' followed by a hexadecimal number (hexadecimal numeric entity; like ' ' for non-breaking space), or alphanumeric like 'gt' (external or named entity; like ' ' for non-breaking space), or '#' followed by a number (decimal numeric entity; like ' ' for non-breaking space). Character entities referring to the soft-hyphen character (the '­' or '\xad' character; hexadecimal code-point 'ad' [decimal '173']) in URL-accepting attribute values are always replaced with spaces; soft-hyphens in attribute values introduce vulnerabilities in some older versions of the Opera and Mozilla [Firefox] browsers. 666 723 667 724 htmLawed (function 'hl_ent()'): … … 974 1031 975 1032 As a side-note, one may find 'style: *' useful as URLs in 'style' attributes can be specified in a variety of ways, and the patterns that htmLawed uses to identify URLs may mistakenly identify non-URL text. 1033 1034 '!' can be put in the list of schemes to disallow all protocols as well as `local` URLs. Thus, with 'href: http, style: !', '<a href="http://cnn.com" style="background-image: url('local.jpg');">CNN</a>' will become '<a href="http://cnn.com" style="background-image: url('denied:local.jpg');">CNN</a>'. 976 1035 977 1036 *Note*: If URL-accepting attributes other than those listed above are being allowed, then the scheme will not be checked unless the attribute name contains the string 'src' (e.g., 'dynsrc') or starts with 'o' (e.g., 'onbeforecopy'). … … 1103 1162 1104 1163 1105 htmLawed can check URL schemes and dynamic expressions (to guard against Javascript, etc., script-based insecurities) in inline CSS style property values in the 'style' attributes. (CSS properties like 'background-image' that accept URLs in their values are noted in section:- #5.3.) Dynamic CSS expressions that allow scripting in the IE browser, and can be a vulnerability, can be removed from property values by setting '$config["css_expression"]' to '1' (default setting). 1164 htmLawed can check URL schemes and dynamic expressions (to guard against Javascript, etc., script-based insecurities) in inline CSS style property values in the 'style' attributes. (CSS properties like 'background-image' that accept URLs in their values are noted in section:- #5.3.) Dynamic CSS expressions that allow scripting in the IE browser, and can be a vulnerability, can be removed from property values by setting '$config["css_expression"]' to '1' (default setting). Note that when '$config["css_expression"]' is set to '1', htmLawed will remove '/*' from the 'style' values. 1106 1165 1107 1166 *Note*: Because of the various ways of representing characters in attribute values (URL-escapement, entitification, etc.), htmLawed might alter the values of the 'style' attribute values, and may even falsely identify dynamic CSS expressions and URL schemes in them. If this is an important issue, checking of URLs and dynamic expressions can be turned off ('$config["schemes"] = "...style:*..."', see section:- #3.4.3, and '$config["css_expression"] = 0'). Alternately, admins can use their own custom function for finer handling of 'style' values through the 'hook_tag' parameter (see section:- #3.4.9). … … 1167 1226 htmLawed allows an admin to use '$config["safe"]' to auto-adjust multiple '$config' parameters (such as 'elements' which declares the allowed element-set), which otherwise would have to be manually set. The relevant parameters are indicated by '"' in section:- #2.2). Thus, one can pass the '$config' argument with a simpler value. 1168 1227 1169 With the value of '1', htmLawed considers 'CDATA' sections and HTML comments as plain text, and prohibits the 'applet', 'embed', 'iframe', 'object' and 'script' elements, and the 'on*' attributes like 'onclick'. ( There are '$config' parameters like 'css_expression' that are not affected by the value set for 'safe' but whose default values still contribute towards a more `safe` output.) Further, URLs with schemes (see section:- #3.4.3) are neutralized so that, e.g., 'style="moz-binding:url(http://danger)"' becomes 'style="moz-binding:url(denied:http://danger)"' while 'style="moz-binding:url(ok)"' remains intact.1228 With the value of '1', htmLawed considers 'CDATA' sections and HTML comments as plain text, and prohibits the 'applet', 'embed', 'iframe', 'object' and 'script' elements, and the 'on*' attributes like 'onclick'. ( There are '$config' parameters like 'css_expression' that are not affected by the value set for 'safe' but whose default values still contribute towards a more `safe` output.) Further, URLs with schemes (see section:- #3.4.3) are neutralized so that, e.g., 'style="moz-binding:url(http://danger)"' becomes 'style="moz-binding:url(denied:http://danger)"'. 1170 1229 1171 1230 Admins, however, may still want to completely deny the 'style' attribute, e.g., with code like … … 1173 1232 $processed = htmLawed($text, array('safe'=>1, 'deny_attribute'=>'style')); 1174 1233 1234 Permitting the 'style' attribute brings in risks of `click-jacking`, etc. CSS property values can render a page non-functional or be used to deface it. Except for URLs, dynamic expressions, and some other things, htmLawed does not completely check 'style' values. It does provide ways for the code-developer implementing htmLawed to do such checks through the '$spec' argument, and through the 'hook_tag' parameter (see section:- #3.4.8 for more). Disallowing style completely and relying on CSS classes and stylesheet files is recommended. 1235 1175 1236 If a value for a parameter auto-set through 'safe' is still manually provided, then that value can over-ride the auto-set value. E.g., with '$config["safe"] = 1' and '$config["elements"] = "*+script"', 'script', but not 'applet', is allowed. 1176 1237 … … 1241 1302 1242 1303 `Version number - Release date. Notes` 1304 1305 1.1.9.4 - 3 July 2010. Parameter 'schemes' now accepts '!' so any URL, even a local one, can be `denied`. An issue in which a second URL value in 'style' properties was not checked was fixed. 1306 1307 1.1.9.3 - 17 May 2010. Checks for correct nesting of 'param' 1308 1309 1.1.9.2 - 26 April 2010. Minor fix regarding rendering of denied URL schemes 1310 1311 1.1.9.1 - 26 February 2010. htmLawed now uses the LGPL version 3 license; support for 'flashvars' attribute for 'embed' 1312 1313 1.1.9 - 22 December 2009. Soft-hyphens are now removed only from URL-accepting attribute values 1243 1314 1244 1315 1.1.8.1 - 16 July 2009. Minor code-change to fix a PHP error notice … … 1294 1365 1295 1366 1296 The HTMLPurifier PHP library by Edward Yang is a very good HTML filtering script that uses object oriented PHP code. Compared to htmLawed, it :1367 The HTMLPurifier PHP library by Edward Yang is a very good HTML filtering script that uses object oriented PHP code. Compared to htmLawed, it (as of mid-2009): 1297 1368 1298 1369 * does not support PHP versions older than 5.0 (HTMLPurifier dropped PHP 4 support after version 2) … … 1334 1405 1335 1406 1336 Bryan Blakey, Ulf Harnhammer, Gareth Heyes, Lukasz Pilorz, Shelley Powers, Edward Yang, and many anonymous users.1407 Bryan Blakey, Pádraic Brady, Ulf Harnhammer, Gareth Heyes, Lukasz Pilorz, Shelley Powers, Edward Yang, and many anonymous users. 1337 1408 1338 1409 Thank you! … … 1398 1469 enctype - form 1399 1470 face - font 1471 flashvars* - embed 1400 1472 for - label 1401 1473 frame - table
