# HG changeset patch # User Dan # Date 1199155431 18000 # Node ID be6c5fdd9203ad74c6568df419f809cf3f0463a9 # Parent 1e3b55a591d172d89b7ee571b8f80cc20f6c4350# Parent eefe9ab7fe7c90a316cb2c50069d639ad097bfcd Merging in something from Nighthawk, can't seem to figure out what diff -r 1e3b55a591d1 -r be6c5fdd9203 includes/clientside/static/ajax.js --- a/includes/clientside/static/ajax.js Fri Dec 28 13:36:33 2007 -0500 +++ b/includes/clientside/static/ajax.js Mon Dec 31 21:43:51 2007 -0500 @@ -1227,15 +1227,15 @@ { // got var latesttag = enanotag.childNodes[i]; - for ( var i = 0; i < latesttag.childNodes.length; i++ ) + for ( var j = 0; j < latesttag.childNodes.length; j++ ) { - var node = latesttag.childNodes[i]; + var node = latesttag.childNodes[j]; if ( node.tagName == 'release' ) { var releasedata = new Object(); - for ( var i = 0; i < node.attributes.length; i++ ) + for ( var k = 0; k < node.attributes.length; k++ ) { - releasedata[node.attributes[i].nodeName] = node.attributes[i].nodeValue; + releasedata[node.attributes[k].nodeName] = node.attributes[k].nodeValue; } releases.push(releasedata); } @@ -1250,16 +1250,12 @@ } else { - if ( window.console ) - window.console.error('Invalid XML response'); return false; } var thediv = document.getElementById(targetelement); thediv.innerHTML = ''; if ( !thediv ) { - if ( window.console ) - window.console.error('Can\'t get the div'); return false; } if ( releases.length > 0 ) @@ -1284,9 +1280,9 @@ thediv.appendChild(infobox); } var table = document.createElement('table'); - table.border = '0'; - table.cellspacing = '1'; - table.cellpadding = '4'; + table.setAttribute('border', '0'); + table.setAttribute('cellspacing', '1'); + table.setAttribute('cellpadding', '4'); var tr = document.createElement('tr'); @@ -1321,7 +1317,6 @@ cls = ( cls == 'row1' ) ? 'row2' : 'row1'; var release = releases[i]; var tr = document.createElement('tr'); - window.console.debug(release); var td1 = document.createElement('td'); var td2 = document.createElement('td'); diff -r 1e3b55a591d1 -r be6c5fdd9203 includes/functions.php --- a/includes/functions.php Fri Dec 28 13:36:33 2007 -0500 +++ b/includes/functions.php Mon Dec 31 21:43:51 2007 -0500 @@ -285,7 +285,9 @@ global $db, $session, $paths, $template, $plugins; // Common objects global $lang; - if ( $timeout == 0 ) + // POST check added in 1.1.x because Firefox asks us if we want to "resend the form + // data to the new location", which can be confusing for some users. + if ( $timeout == 0 && empty($_POST) ) { header('Location: ' . $url); header('HTTP/1.1 307 Temporary Redirect'); diff -r 1e3b55a591d1 -r be6c5fdd9203 includes/pageprocess.php --- a/includes/pageprocess.php Fri Dec 28 13:36:33 2007 -0500 +++ b/includes/pageprocess.php Mon Dec 31 21:43:51 2007 -0500 @@ -247,7 +247,7 @@ $text = RenderMan::render( $text ); - echo $text; + eval( '?>' . $text ); $this->footer(); } @@ -1354,45 +1354,54 @@ $this->header(); $this->do_breadcrumbs(); - if ( $userpage ) - { - echo '

There is no page with this title yet.

-

This user has not created his or her user page yet.'; - } - else + $msg = $paths->sysmsg('Page_not_found'); + if ( $msg ) { - echo '

There is no page with this title yet.

-

You have requested a page that doesn\'t exist yet.'; - } - if ( $session->get_permissions('create_page') ) - { - echo ' You can create this page, or return to the homepage.'; + $msg = RenderMan::render($msg); + eval( '?>' . $msg ); } else { - echo ' Return to the homepage.

'; - } - if ( $session->get_permissions('history_rollback') ) - { - $e = $db->sql_query('SELECT * FROM ' . table_prefix . 'logs WHERE action=\'delete\' AND page_id=\'' . $this->page_id . '\' AND namespace=\'' . $this->namespace . '\' ORDER BY time_id DESC;'); - if ( !$e ) + if ( $userpage ) + { + echo '

There is no page with this title yet.

+

This user has not created his or her user page yet.'; + } + else { - $db->_die('The deletion log could not be selected.'); + echo '

There is no page with this title yet.

+

You have requested a page that doesn\'t exist yet.'; } - if ( $db->numrows() > 0 ) + if ( $session->get_permissions('create_page') ) + { + echo ' You can create this page, or return to the homepage.'; + } + else + { + echo ' Return to the homepage.

'; + } + if ( $session->get_permissions('history_rollback') ) { - $r = $db->fetchrow(); - echo '

This page was deleted on ' . $r['date_string'] . '. The stated reason was:

' . $r['edit_summary'] . '

You can probably roll back the deletion.

'; - if ( $session->user_level >= USER_LEVEL_ADMIN ) + $e = $db->sql_query('SELECT * FROM ' . table_prefix . 'logs WHERE action=\'delete\' AND page_id=\'' . $this->page_id . '\' AND namespace=\'' . $this->namespace . '\' ORDER BY time_id DESC;'); + if ( !$e ) { - echo '

Additional admin options: detag page

'; + $db->_die('The deletion log could not be selected.'); } + if ( $db->numrows() > 0 ) + { + $r = $db->fetchrow(); + echo '

This page was deleted on ' . $r['date_string'] . '. The stated reason was:

' . $r['edit_summary'] . '

You can probably roll back the deletion.

'; + if ( $session->user_level >= USER_LEVEL_ADMIN ) + { + echo '

Additional admin options: detag page

'; + } + } + $db->free_result(); } - $db->free_result(); + echo '

+ HTTP Error: 404 Not Found +

'; } - echo '

- HTTP Error: 404 Not Found -

'; $this->footer(); } diff -r 1e3b55a591d1 -r be6c5fdd9203 includes/paths.php --- a/includes/paths.php Fri Dec 28 13:36:33 2007 -0500 +++ b/includes/paths.php Mon Dec 31 21:43:51 2007 -0500 @@ -450,7 +450,7 @@ function sysmsg($n) { global $db, $session, $paths, $template, $plugins; // Common objects - $q = $db->sql_query('SELECT page_text, char_tag FROM '.table_prefix.'page_text WHERE page_id=\''.$db->escape($n).'\' AND namespace=\'System\''); + $q = $db->sql_query('SELECT page_text, char_tag FROM '.table_prefix.'page_text WHERE page_id=\''.$db->escape(sanitize_page_id($n)).'\' AND namespace=\'System\''); if( !$q ) { $db->_die('Error during generic selection of system page data.'); @@ -465,6 +465,7 @@ $message = $r['page_text']; $message = preg_replace('/(.*?)<\/noinclude>/is', '', $message); + $message = preg_replace('/(.*?)<\/nodisplay>/is', '\\1', $message); return $message; } diff -r 1e3b55a591d1 -r be6c5fdd9203 language/english/admin.json --- a/language/english/admin.json Fri Dec 28 13:36:33 2007 -0500 +++ b/language/english/admin.json Mon Dec 31 21:43:51 2007 -0500 @@ -17,12 +17,19 @@ var enano_lang = { categories: [ - 'adm', 'acl', 'adminusers' + 'adm', 'acl', 'adminusers', + 'acphome', 'acpgc', 'acpup', 'acpft', 'acppl', 'acppm', ], strings: { meta: { adm: 'Administration panel nav menu', acl: 'Access control list editor', + acphome: 'ACP: Home', + acpgc: 'ACP: General configuration', + acpup: 'ACP: File uploads', + acpft: 'ACP: Allowed file types', + acppl: 'ACP: Manage plugins', + acppm: 'ACP: Manage pages', adminusers: 'ACP: User management' }, adm: { @@ -114,6 +121,277 @@ btn_returnto_editor: 'Return to ACL editor', btn_returnto_userscope: 'Return to user/scope selection', }, + acphome: { + heading_main: 'Welcome to Runt, the Enano administration panel.', + welcome_line1: 'Thank you for choosing Enano as your CMS. This screen allows you to see some information about your website, plus some details about how your site is doing statistically.', + welcome_line2: 'Using the links on the left you can control every aspect of your website\'s look and feel, plus you can manage users, work with pages, and install plugins to make your Enano installation even better.', + msg_demo_title: 'Enano is running in demo mode.', + msg_demo_body: 'If you borked something up, or if you\'re done testing, you can reset this site. The site is reset automatically once every two hours. When a reset is performed, all custom modifications to the site are lost and replaced with default values.', + msg_install_files: 'NOTE: It appears that your install.php and/or schema.sql files still exist. It is HIGHLY RECOMMENDED that you delete or rename these files, to prevent getting your server hacked.', + heading_updates: 'Check for updates', + msg_updates_info: 'Periodically, new releases of Enano will be made available. Click the button below to check for updates to Enano. During this process, a request will be sent to the Enano CMS server (germantown.enanocms.org) over HTTP for an XML file containing a list of the latest releases. No information about your Enano installation will be transmitted.', + btn_check_updates: 'Check for updates', + msg_inactive_users_one: 'It appears that 1 user is awaiting account activation. You can activate the account by going to the User Manager.', + msg_inactive_users_plural: 'It appears that %num_users% users are awaiting account activation. You can activate those accounts by going to the User Manager.', + heading_top_pages: 'Most requested pages', + th_toppages_page: 'Page', + th_toppages_hits: 'Hits', + heading_seclog: 'Security log', + btn_seclog_full: 'Full security log', + }, + acpgc: { + err_avatar_dir_invalid: 'You have entered an invalid avatar directory.', + msg_save_success: 'Your changes to the site configuration have been saved.', + + // Section: global site options + heading_main: 'Global site options', + heading_submain: 'These options control the entire site.', + field_site_name: 'Site name:', + field_site_desc: 'Site description:', + field_main_page: 'Main page:', + field_copyright: 'Copyright notice shown on pages:', + field_copyright_hint: 'Hint: If you\'re using Windows, you can make a "©" symbol by holding ALT and pressing 0169 on the numeric keypad.', + field_contactemail: 'Contact e-mail', + field_contactemail_hint: 'All e-mail sent from this site will appear to have come from the address shown here.', + + // Section: wiki mode + heading_wikimode: 'Wiki mode', + field_wikimode_intro: 'Enano can also act as a wiki, meaning anyone can edit and create pages. To enable Wiki Mode, check the box to the right.', + field_wikimode_info_sanitize: 'In Wiki Mode, certain HTML tags such as <script> and <object> are disabled, and all PHP code is disabled, except if the person editing the page is an administrator.', + field_wikimode_info_history: 'Also, Enano keeps complete page history, which makes restoring vandalized pages easy. You can also protect pages so that they cannot be edited.', + field_wikimode: 'Enable Wiki Mode', + field_editnotice_title: 'Edit page notice', + field_editnotice_info: 'When Wiki Mode is enabled, anyone can edit pages. Check the box below and enter a message to display it whenever the page editor is opened. Administrators often use this field to display a legal disclaimer or a notice of what license the user agrees to submit their content under.', + field_editnotice: 'Show a message whenever pages are edited', + field_edit_require_captcha_title: 'Require visual confirmation for guests editing pages', + field_edit_require_captcha_hint: 'If this is enabled, guests will be asked to enter a visual confirmation code before saving changes to a page.', + field_edit_require_captcha: 'Require guests to complete a CAPTCHA when editing pages', + + // Section: statistics and hit counting + heading_stats: 'Statistics and hit counting', + stats_intro: 'Enano has the ability to show statistics for every page on the site. This allows you to keep very close track of who is visiting your site, and from where.', + stats_hint_privacy: 'Unfortunately, some users don\'t like being logged. For this reason, you should state clearly what is logged (usually the username or IP address, current time, page name, and referer URL) in your privacy policy. If your site is primarily geared towards children, and you are a United States citizen, you are required to have a privacy policy stating exactly what is being logged under the terms of the Childrens\' Online Privacy Protection Act.', + field_stats_enable: 'Log all page hits', + field_stats_hint: 'This excludes special and administration pages.', + + // Section: comment system + heading_comments: 'Comment system', + field_enable_comments: 'Enable the comment system', + field_approve_comments: 'Require approval before article comments can be shown', + field_comment_allow_guests: 'Allow guests to post comments', + field_comment_allow_guests_yes: 'Yes', + field_comment_allow_guests_captcha: 'Require visual confirmation', + field_comment_allow_guests_no: 'No (require login)', + + // Section: disable site + heading_disablesite: 'Disable all site access', + field_disablesite_hint: 'Disabling the site allows you to work on the site without letting non-administrators see or use it.', + field_disablesite: 'Disable this site', + field_disablesite_message: 'Message to show to users:', + + // Main section: users and communication + heading_users: 'Users and communication', + + // Section: account activation + heading_activate: 'User account activation', + activate_intro_line1: 'If you would like to require users to confirm their e-mail addresses by way of account activation, you can enable this behavior here. If this option is set to "None", users will be able to register and use this site without confirming their e-mail addresses. If this option is set to "User", users will automatically be sent e-mails upon registration with a link to activate their accounts. And lastly, if this option is set to "Admin", users\' accounts will not be active until an administrator activates the account.', + activate_intro_line2: 'You may also disable registration completely if needed.', + activate_intro_sfnet_warning: 'Note: because of abuse by project administrators, sending account activation e-mails will not work on SourceForge.net servers.', + field_activate: 'Account activation:', + field_activate_disable: 'Disable registration', + field_activate_none: 'None', + field_activate_user: 'User', + field_activate_admin: 'Admin', + + // Section: account lockouts + heading_lockout: 'Account lockouts', + lockout_intro: 'Configure Enano to prevent or restrict logins for a specified period of time if a user enters an incorrect password a specific number of times.', + field_lockout_threshold: 'Lockout threshold:', + field_lockout_threshold_hint: 'How many times can a user enter wrong credentials before a lockout goes into effect?', + field_lockout_duration: 'Lockout duration:', + field_lockout_duration_hint: 'This is how long an account lockout should last, in minutes.', + field_lockout_policy: 'Lockout policy:', + field_lockout_policy_hint: 'What should be done when a lockout goes into effect?', + field_lockout_policy_nothing: 'Don\'t do anything', + field_lockout_policy_captcha: 'Require visual confirmation', + field_lockout_policy_lockout: 'Prevent all login attempts', + + // Section: password strength + heading_passstrength: 'Password strength', + field_passstrength_title: 'Enable password strength analysis', + field_passstrength_hint: 'This should be enabled in most cases. When this is enabled, a strength meter and a numerical score will be displayed wherever a password can be changed.', + field_passstrength: 'Enabled', + field_passminimum_title: 'Minimum strength score', + field_passminimum_hint: 'This is the lowest score a password will be allowed to have. -10 will allow any password. A score of under -3 is considered weak, under 1 is fair, under 4 is good, under 10 is strong, and 10 and above are very strong. The scale is open-ended. This only has an effect if the meter is enabled above.', + + // Section: e-mail + heading_email: 'E-mail sent from the site', + field_email_method: 'E-mail sending method:', + field_email_method_hint: 'Try using the built-in e-mail method first. If that doesn\'t work, you will need to enter valid SMTP information here.', + field_email_method_builtin: 'PHP\'s built-in mail() function', + field_email_method_smtp: 'Use an external SMTP server', + field_email_smtp_hostname: 'SMTP hostname:', + field_email_smtp_hostname_hint: 'This option only applies to the external SMTP mode.', + field_email_smtp_auth: 'SMTP credentials:', + field_email_smtp_username: 'Username:', + field_email_smtp_password: 'Password:', + + // Section: avatars + heading_avatars: 'Avatars', + avatars_intro: 'Avatars are small images that users can display on their profiles and in comments.', + field_avatar_enable: 'Enable avatar support:', + field_avatar_enable_hint: 'Supported formats are JPEG, PNG, and GIF™.', + field_avatar_enable_label: 'Enabled', + field_avatar_max_filesize: 'Maximum avatar file size:', + field_avatar_max_filesize_hint: 'For smaller sites, the highest value for this should be about 50KB, 51200. Larger sites with more visitors will likely want to use something much smaller, such as 10KB.', + field_avatar_max_dimensions: 'Maximum avatar dimensions:', + field_avatar_max_dimensions_hint: 'The format is width × height. Typically you want to have this square (the same width and height). These are only maximum dimensions; users are not prevented from having smaller images.', + field_avatar_allow_anim_title: 'Allow animated avatars:', + field_avatar_allow_anim_hint: 'If this is checked, users can upload APNG and Animated GIF™ avatars. Sometimes such images can be specifically made to be distracting, like rapidly flashing images. If this is unchecked, these formats will be blocked, and only still PNGs and GIFs will be allowed.', + field_avatar_allow_anim: 'Don\'t block animated images', + field_avatar_upload_methods: 'Allowed upload methods:', + field_avatar_upload_file: 'Allow users to upload image files from their computers', + field_avatar_upload_http: 'Allow users to enter a URL to their desired avatar', + field_avatar_directory: 'Avatar storage directory:', + field_avatar_directory_hint: 'This should be relative to your Enano root and should contain only alphanumeric characters and forward slashes, even if your server runs Windows.', + + // Main section: sidebar links + heading_sidebar: 'Sidebar links', + + // Section: promote Enano + heading_promoteenano: 'Promote Enano', + field_enano_link_title: 'If you think Enano is nice, or if you want to show your support for the Enano team, you can do so by placing a link to the Enano homepage in your Links sidebar block. You absolutely don\'t have to do this, and you won\'t get degraded support if you don\'t. Because Enano is still relatively new in the CMS world, it needs all the attention it can get - and you can easily help to spread the word using this link. Note that this is different from the "Powered by Enano" link in the footer of the page - our philosophy and guidelines regarding the About Enano page and its associated link on every page are discussed on the Enano website.', + field_enano_link: 'Place a link to enanocms.org on the sidebar', + + // Section: SF.net logo + heading_sfnet_logo: 'SourceForge.net logo', + sfnet_intro: 'All projects hosted by SourceForge.net are required to display an official SourceForge.net logo on their pages. If you want to display a SourceForge.net logo on the sidebar, check the box below, enter your group ID, and select an image type.', + field_sfnet_display: 'Display the SourceForge.net logo on the right sidebar', + field_sfnet_group_id: 'Group ID:', + field_sfnet_logo_style: 'Logo style:', + field_sfnet_logo_style_1: '88x31%this.etc_unit_pixels_short%, white', + field_sfnet_logo_style_2: '125x37%this.etc_unit_pixels_short%, white', + field_sfnet_logo_style_3: '125x37%this.etc_unit_pixels_short%, black', + field_sfnet_logo_style_4: '125x37%this.etc_unit_pixels_short%, blue', + field_sfnet_logo_style_5: '210x62%this.etc_unit_pixels_short%, white', + field_sfnet_logo_style_6: '210x62%this.etc_unit_pixels_short%, black', + field_sfnet_logo_style_7: '210x62%this.etc_unit_pixels_short%, blue', + + // Section: W3C validation buttons + heading_w3clogos: 'W3C compliance logos', + w3clogos_intro: 'Enano generates (by default) Valid XHTML 1.1 code, plus valid CSS. If you want to show this off, check the appropriate boxes below.', + w3clogos_btn_html32: 'HTML 3.2', + w3clogos_btn_html40: 'HTML 4.0', + w3clogos_btn_html401: 'HTML 4.01', + w3clogos_btn_xhtml10: 'XHTML 1.0', + w3clogos_btn_xhtml11: 'XHTML 1.1', + w3clogos_btn_css: 'CSS', + + // Section Defective By Design link + heading_dbd: 'Defective By Design Anti-DRM button', + dbd_intro: 'The Enano project is strongly against Digital Restrictions Management.', + dbd_explain: 'DRM removes the freedoms that every consumer should have: to freely copy and use digital media items they legally purchased to their own devices. Showing your opposition to DRM is as easy as checking the box below to place a link to DefectiveByDesign.org on your sidebar.', + field_stopdrm: 'Help stop DRM by placing a link to DBD on the sidebar!', + + // Save button + btn_save_changes: 'Save changes' + }, + acpup: { + heading_main: 'File upload configuration', + intro: 'Enano supports the ability to upload files to your website and store the files in the database. This enables you to embed images and such into pages without manually writing the HTML. However, the upload feature can sometimes pose a risk to your site, as viruses and executable files can sometimes be uploaded.', + field_enable: 'Enable file uploads', + field_max_size: 'Maximum file size:', + info_magick: 'You can allow Enano to generate thumbnails of images automatically. This feature requires ImageMagick to work properly. If your server does not have ImageMagick on it, Enano will try to use the GD library (if available) to scale images. This can be slower, but it works on a wider range of servers. If even that does not work, Enano will simply make your users\' browsers scale the images. In most cases this is fine, but if you are uploading large (>100KB) images and embedding them inside of pages, you should try to enable ImageMagick or configure GD because transferring these large images many times can cost you quite a lot of bandwidth.', + field_magick_enable: 'Use ImageMagick to scale images', + field_magick_path: 'Path to ImageMagick:', + // Translators: for the path here, please be sure to use a double-backslash in the Windows path. Avoid translating the file paths + // anyway since they're generally the same even on non-English Windows systems. + field_magick_path_hint: 'On Linux and Unix servers, the most likely options here are /usr/bin/convert and /usr/local/bin/convert. If you server runs Windows, then ImageMagick is most likely to be C:\\Windows\\Convert.exe or C:\\Windows\\System32\\Convert.exe.', + info_cache: 'If you use ImageMagick to scale images, your server will be very busy constantly scaling images if your website is busy, and your site may experience slowdowns. You can dramatically speed up this scaling process if you use a directory to cache thumbnail images.', + info_cache_chmod: 'Please note: the cache/ directory on your server must be writable by the server. While this is not usually a problem on Windows servers, most Linux/Unix servers will require you to CHMOD the cache/ directory to 777. See your FTP client\'s user guide for more information on how to do this.', + msg_cache_not_writable: ' At present, it seems that the cache directory is not writable. The checkbox below has been disabled to maintain the stability of Enano.', + field_cache: 'Cache thumbnailed images', + info_history: 'Lastly, you can choose whether file history will be saved. If this option is turned on, you will be able to roll back any malicious changes made to uploaded files, but this requires a significant amount of filesystem storage. You should probably leave this option enabled unless you have less than 250MB of disk space on your hosting account or server.', + field_history: 'Keep a history of uploaded files', + btn_save: 'Save changes', + }, + acpft: { + // Nope. There isn't anything else. Sorry to disappoint. + heading_main: 'Allowed file types', + hint: 'Using the form below, you can decide which file types are allowed to be uploaded to this site.', + msg_saved: 'Your changes have been saved.', + msg_demo_mode: 'Hmm, enabling executables, are we? Tsk tsk. I\'d love to know what\'s in that EXE file you want to upload. OK, maybe you didn\'t enable EXEs. But nevertheless, changing allowed filetypes is disabled in the demo.', + }, + acppl: { + err_heading: 'Error disabling plugin', + err_demo_plugin: 'The demo lockdown plugin cannot be disabled in demo mode.', + err_system_plugin: 'The plugin you selected cannot be disabled because it is a system plugin.', + err_open_dir: 'The plugins/ directory could not be opened.', + err_missing_dir: 'The plugins/ directory is missing from your Enano installation.', + col_filename: 'Plugin filename', + col_name: 'Plugin name', + col_description: 'Description', + col_author: 'Author', + col_version: 'Version', + btn_enable: 'Enable', + btn_disable: 'Disable', + btn_hide_system: 'Hide system plugins', + btn_show_system: 'Show system plugins', + lbl_system_plugin: '[System]', + }, + acppm: { + heading_main: 'Edit page properties', + hint: 'This panel allows you to edit various properties of pages that aren\'t visible anywhere else. In addition to renaming pages, you can also change their URL string and options such as whether to index the page for searching or bypass Enano\'s template engine.', + err_page_not_found: 'No pages matching that search string could be found.', + msg_results_ambiguous_title: 'Ambiguous search results', + msg_results_ambiguous_body: 'Multiple pages that matched your search terms were found. Please select the page you wish to modify:', + ambig_btn_viewpage: 'View', + err_ambig_absolute: 'Your database is corrupt as it contains multiple pages with the same urlname and namespace.', + lbl_field_search: 'Search for a page title or URL string:', + heading_select_page_from_list: 'Select page from a list', + hint_select_page_from_list: 'You can also select the page you want to modify from the list below. The list is broken into sections of 100 pages, so if you have a lot of pages on your site, you can click the pagination control below to view more pages.', + + // Edit form + heading_editing: 'Editing page:', + lbl_page_name: 'Page\'s title:', + lbl_page_urlname: 'URL string:', + lbl_page_urlname_hint: 'No spaces, and don\'t enter the namespace prefix (e.g. User:). Changing this value is usually not a good idea, especially for templates and project pages, because it will invalidate the page\'s current URL.', + lbl_namespace: 'Namespace (URL prefix):', + ns_article: '[No prefix, default Article namespace]', + heading_advanced: 'Advanced options', + lbl_enable_comments_title: 'Allow comments to be posted on this page?', + lbl_enable_comments_hint: 'This option has no effect if comments are disabled globally in the administration panel. This option is enabled by default.', + lbl_enable_comments: 'Enable comments on this page', + lbl_special_title: 'Mark page as self-contained?', + lbl_special_hint: 'This option enables you to use your own HTML headers and other code. If you enable this, only the raw contents of the page will be displayed instead of Enano\'s full page formatting and styles. It is recommended that only advanced users enable this feature. As with other Enano pages, you may use PHP code in your pages (dependent on permissions), meaning you can use Enano\'s API on the page.', + lbl_special: 'Bypass the template engine for this page', + lbl_visible_title: 'Make page publicly listed?', + lbl_visible_hint: 'If you enable this option, this page will be indexed for searching and will appear in public page lists such as Special:AllPages. This option is enabled by default. Disabling this does not protect the page from unauthorized access. If you want to keep this page from being accessed without authorization, you should create abstract new ACL rule or password-protect the page.', + lbl_visible: 'Allow page to be indexed and listed', + lbl_protected_title: 'Protect page from edits?', + lbl_protected_off: 'Unprotected', + lbl_protected_on: 'Fully protected', + lbl_protected_semi: 'Semi-protected', + lbl_protected_hint: 'This option only has an effect if Wiki Mode is enabled. Selecting Unprotected means that any user (unless specifically blacklisted) can edit this page. Fully protected means that only administrators can edit the page. Semi-protected restricts editing to administrators and users that have been registered for at least four days.

Above all, no users except administrators can edit this page unless an ACL specifically allows it or Wiki Mode is enabled.', + lbl_wikimode_title: 'Enable Wiki Mode for this page?', + lbl_wikimode_on: 'Enabled', + lbl_wikimode_off: 'Disabled', + lbl_wikimode_global: 'Inherit global setting', + lbl_wikimode_hint: 'By default, all pages use the Wiki Mode setting defined in General Configuration. You can override that using this field. Be aware that there are advantages and disadvantages to Wiki Mode. For example, Wiki Mode encourages collaboration, but also permits vandalism. See the Enano Documentation article on Wiki Mode for more information.', + lbl_delete_title: 'Delete this page?', + lbl_delete_hint: 'Remember that deleting pages is always reversible unless you clear the page\'s logs after deleting it.', + lbl_delete: 'Delete this page when I click Save', + + err_invalid_page_name: 'Please enter a name for the page.', + err_invalid_url_string: 'Please enter a URL string for the page.', + err_invalid_namespace: 'The namespace you selected is, for whatever reason, not valid.', + err_invalid_protection: 'The protection level selected is invalid.', + err_invalid_wiki_mode: 'The Wiki Mode level selected is invalid.', + err_header: 'There were one or more problems that prevented the page from being saved:', + delete_reason: 'Administrative deletion from admin CP; contact webmaster for details', + + msg_save_success: 'Your changes to the page have been saved. View page »', + }, adminusers: { avatar_heading: 'Avatar settings', avatar_image_none: 'This user does not currently have an avatar.', diff -r 1e3b55a591d1 -r be6c5fdd9203 language/english/core.json --- a/language/english/core.json Fri Dec 28 13:36:33 2007 -0500 +++ b/language/english/core.json Mon Dec 31 21:43:51 2007 -0500 @@ -17,7 +17,7 @@ var enano_lang = { categories: [ - 'page', 'comment', 'onpage', 'etc', 'editor', 'history', 'catedit', 'tags', 'delvote', 'ajax', 'sidebar', 'perm' + 'page', 'comment', 'onpage', 'etc', 'editor', 'history', 'catedit', 'tags', 'delvote', 'ajax', 'sidebar', 'perm', 'plugin', ], strings: { meta: { @@ -33,6 +33,7 @@ ajax: 'On-page AJAX applets', sidebar: 'Default sidebar blocks and buttons', perm: 'Page actions (for ACLs)', + plugin: 'Plugin names and descriptions', plural: 's', enano_about_th: 'About the Enano Content Management System', enano_about_poweredby: '

This website is powered by Enano, the lightweight and open source CMS that everyone can use. Enano is copyright © 2006-2007 Dan Fuhry. For legal information, along with a list of libraries that Enano uses, please see Legal Information.

The developers and maintainers of Enano strongly believe that software should not only be free to use, but free to be modified, distributed, and used to create derivative works. For more information about Free Software, check out the Wikipedia page or the Free Software Foundation\'s homepage.

', @@ -407,6 +408,26 @@ php_in_pages: 'Embed PHP code in pages', edit_acl: 'Edit access control lists', }, + plugin: { + specialadmin_title: 'Runt - the Enano administration panel', + specialadmin_desc: 'Provides the page Special:Administration, which is the AJAX frontend to the various Admin pagelets. This plugin cannot be disabled.', + privatemessages_title: 'Private Message frontend', + privatemessages_desc: 'Provides the page Special:PrivateMessages, which is used to manage private message functions. Also handles buddy lists.', + specialcss_title: 'CSS Backend', + specialcss_desc: 'Provides the page Special:CSS, which is used in template files to reference the style sheet. Disabling or deleting this plugin will result in site instability.', + specialgroups_title: 'Group control panel', + specialgroups_desc: 'Provides group moderators and site administrators with the ability to control who is part of their groups.', + specialpagefuncs_title: 'Special page-related pages', + specialpagefuncs_desc: 'Provides the page Special:CreatePage, which can be used to create new pages. Also adds the About Enano and GNU General Public License pages.', + specialsearch_title: 'Search UI/frontend', + specialsearch_desc: 'Provides the page Special:Search, which is a frontend to the Enano search engine.', + specialupdownload_title: 'Upload/download frontend', + specialupdownload_desc: 'Provides the pages Special:UploadFile and Special:DownloadFile. UploadFile is used to upload files to the site, and DownloadFile fetches the file from the database, creates thumbnails if necessary, and sends the file to the user.', + specialuserfuncs_title: 'Special user/login-related pages', + specialuserfuncs_desc: 'Provides the pages Special:Login, Special:Logout, Special:Register, and Special:Preferences.', + specialuserprefs_title: 'User control panel', + specialuserprefs_desc: 'Provides the page Special:Preferences.', + }, etc: { redirect_title: 'Redirecting...', redirect_body: 'Please wait while you are redirected.', @@ -440,6 +461,8 @@ unit_megabytes_short: 'MB', unit_gigabytes_short: 'GB', unit_terabytes_short: 'TB', + unit_pixels: 'pixels', + unit_pixels_short: 'px', } } }; diff -r 1e3b55a591d1 -r be6c5fdd9203 language/english/user.json --- a/language/english/user.json Fri Dec 28 13:36:33 2007 -0500 +++ b/language/english/user.json Mon Dec 31 21:43:51 2007 -0500 @@ -365,6 +365,31 @@ passreset_err_failed_score: 'ERROR: Your password did not pass the complexity score requirement. You need %config.pw_strength_minimum% points to pass; your password received a score of %inp_score%. Go back', passreset_err_pass_expired: 'Your temporary password has expired. Please request another one.', + // Special:Memberlist + ml_column_username: 'Username', + ml_column_userlevel: 'Title', + ml_column_email: 'E-mail', + ml_column_regtime: 'Registered', + ml_level_guest: 'Guest', + ml_level_member: 'Member', + ml_level_mod: 'Moderator', + ml_level_admin: 'Site administrator', + ml_level_unknown: 'Unknown (level %level%)', + ml_email_nonpublic: 'Non-public', + ml_date_daysago: '%days_ago% days ago', + ml_date_today: 'Today', + ml_date_yesterday: 'Yesterday', + ml_btn_adminuser: 'Administer user', + ml_tip_userpage: 'Click to view this user\'s userpage', + ml_tip_nouserpage: 'This user hasn\'t created a userpage yet, but you can still view profile details by clicking this link.', + ml_lbl_finduser: 'Find a member:', + ml_btn_go: 'Go', + ml_tip_wildcard: 'You may use the following wildcards: * to match multiple characters, ? to match a single character.', + ml_err_nousers_find: 'Sorry - no users that matched your query could be found. Please try some different search terms.', + ml_err_nousers: 'Sorry - no users with usernames that start with that letter could be found.', + ml_msg_matches_zero: 'Search returned no matches', + ml_msg_matches_one: 'Search returned 1 match', + ml_msg_matches: 'Search returned %matches% matches', } } }; diff -r 1e3b55a591d1 -r be6c5fdd9203 plugins/PrivateMessages.php --- a/plugins/PrivateMessages.php Fri Dec 28 13:36:33 2007 -0500 +++ b/plugins/PrivateMessages.php Mon Dec 31 21:43:51 2007 -0500 @@ -1,8 +1,8 @@ ' . $lang->get('acphome_heading_main') . ''; + echo '

' . $lang->get('acphome_welcome_line1') . '

'; + echo '

' . $lang->get('acphome_welcome_line2') . '

'; // Demo mode if ( defined('ENANO_DEMO_MODE') ) { - echo '

Enano is running in demo mode.

-

If you borked something up, or if you\'re done testing, you can reset this site. The site is reset automatically once every two hours. When a reset is performed, all custom modifications to the site are lost and replaced with default values.

'; + echo '

' . $lang->get('acphome_msg_demo_title') . '

+

' . $lang->get('acphome_msg_demo_body', array('reset_url' => makeUrlNS('Special', 'DemoReset', false, true))) . '

'; } // Check for the installer scripts if( ( file_exists(ENANO_ROOT.'/install.php') || file_exists(ENANO_ROOT.'/schema.sql') ) && !defined('ENANO_DEMO_MODE') ) { - echo '
NOTE: It appears that your install.php and/or schema.sql files still exist. It is HIGHLY RECOMMENDED that you delete or rename these files, to prevent getting your server hacked.
'; + echo '
+ ' . $lang->get('acphome_msg_install_files') . ' +
'; } - echo '

Check for updates

'; - echo '

Periodically, new releases of Enano will be made available. Click the button below to check for updates to Enano. During this process, a request will be sent to the Enano CMS server (germantown.enanocms.org) over HTTP for an XML file containing a list of the latest releases. No information about your Enano installation will be transmitted.

'; - echo '
'; + echo '

' . $lang->get('acphome_heading_updates') . '

'; + echo '

' . $lang->get('acphome_msg_updates_info', array('updates_url' => 'http://germantown.enanocms.org/meta/updates.xml')) . '

'; + echo '
'; // Inactive users - $q = $db->sql_query('SELECT * FROM '.table_prefix.'logs WHERE log_type=\'admin\' AND action=\'activ_req\';'); - if($q) - if($db->numrows() > 0) + $q = $db->sql_query('SELECT time_id FROM '.table_prefix.'logs WHERE log_type=\'admin\' AND action=\'activ_req\';'); + if ( $q ) + { + if ( $db->numrows() > 0 ) { $n = $db->numrows(); - if($n == 1) $s = $n . ' user is'; - else $s = $n . ' users are'; - echo '
It appears that '.$s.' awaiting account activation. You can activate those accounts by going to the User Manager.
'; + $um_flags = 'href="#" onclick="ajaxPage(\''.$paths->nslist['Admin'].'UserManager\'); return false;"'; + if ( $n == 1 ) + $s = $lang->get('acphome_msg_inactive_users_one', array('um_flags' => $um_flags)); + else + $s = $lang->get('acphome_msg_inactive_users_plural', array('um_flags' => $um_flags)); + echo '
+ ' . $s . ' +
'; } + } $db->free_result(); // Stats if(getConfig('log_hits') == '1') @@ -132,23 +139,32 @@ //die('
'.print_r($stats,true).'
'); $c = 0; $cls = 'row2'; - echo '

Most requested pages

'; + echo '

' . $lang->get('acphome_heading_top_pages') . '

+
+
PageHits
+ + + + '; foreach($stats as $data) { - echo ''; + echo ''; $cls = ( $cls == 'row1' ) ? 'row2' : 'row1'; - echo ''; - echo ''; + echo ''; + echo ''; } - echo '
' . $lang->get('acphome_th_toppages_page') . '' . $lang->get('acphome_th_toppages_hits') . '
'.$data['page_title'].''.$data['num_hits'].'
+ '.$data['page_title'].''.$data['num_hits'] + . '
'; + echo ' + '; } // Security log - echo '

Security log

'; + echo '

' . $lang->get('acphome_heading_seclog') . '

'; $seclog = get_security_log(5); echo $seclog; - echo '

Full security log

'; + echo '

' . $lang->get('acphome_btn_seclog_full') . '

'; } @@ -278,15 +294,15 @@ } else { - echo '
You have entered an invalid avatar directory.
'; + echo '
' . $lang->get('acpgc_err_avatar_dir_invalid') . '
'; } } else { - echo '
You have entered an invalid avatar directory.
'; + echo '
' . $lang->get('acpgc_err_avatar_dir_invalid') . '
'; } - echo '
Your changes to the site configuration have been saved.

'; + echo '
' . $lang->get('acpgc_msg_save_success') . '

'; } else if ( isset($_POST['submit']) && defined('ENANO_DEMO_MODE') ) @@ -300,28 +316,28 @@ - Global site options - These options control the entire site. + get('acpgc_heading_main'); ?> + get('acpgc_heading_submain'); ?> - Site name: - Site description: - Main page: pagename_field('main_page', htmlspecialchars(str_replace('_', ' ', getConfig('main_page')))); ?> - Copyright notice shown on pages: - Hint: If you're using Windows, you can make a "©" symbol by holding ALT and pressing 0169 on the numeric keypad. - Contact e-mail
All e-mail sent from this site will appear to have come from the address shown here. + get('acpgc_field_site_name'); ?> + get('acpgc_field_site_desc'); ?> + get('acpgc_field_main_page'); ?> pagename_field('main_page', htmlspecialchars(str_replace('_', ' ', getConfig('main_page')))); ?> + get('acpgc_field_copyright'); ?> + get('acpgc_field_copyright_hint'); ?> + get('acpgc_field_contactemail'); ?>
get('acpgc_field_contactemail_hint'); ?> - Wiki mode + get('acpgc_heading_wikimode'); ?> - Enano can also act as a wiki, meaning anyone can edit and create pages. To enable Wiki Mode, check the box to the right.

- In Wiki Mode, certain HTML tags such as <script> and <object> are disabled, and all PHP code is disabled, except if the person editing the page is an administrator.

- Also, Enano keeps complete page history, which makes restoring vandalized pages easy. You can also protect pages so that they cannot be edited. + get('acpgc_field_wikimode_intro'); ?>

+ get('acpgc_field_wikimode_info_sanitize'); ?>

+ get('acpgc_field_wikimode_info_history'); ?> - /> + /> @@ -329,11 +345,12 @@ - Edit page notice
- When Wiki Mode is enabled, anyone can edit pages. Check the box below and enter a message to display it whenever the page editor is opened. + get('acpgc_field_editnotice_title'); ?>
+ get('acpgc_field_editnotice_info'); ?> - /> + /> + @@ -345,34 +362,86 @@ - Require visual confirmation for guests editing pages
- If this is enabled, guests will be asked to enter a visual confirmation code before saving changes to a page. + get('acpgc_field_edit_require_captcha_title'); ?>
+ get('acpgc_field_edit_require_captcha_hint'); ?> - Statistics and hit counting + get('acpgc_heading_stats'); ?> - Enano has the ability to show statistics for every page on the site. This allows you to keep very close track of who is visiting your site, and from where.

Unfortunately, some users don't like being logged. For this reason, you should state clearly what is logged (usually the username or IP address, current time, page name, and referer URL) in your privacy policy. If your site is primarily geared towards children, and you are a United States citizen, you are required to have a privacy policy stating exactly what is being logged under the terms of the Childrens' Online Privacy Protection Act. -
This excludes special and administration pages. + + get('acpgc_stats_intro'); ?>

+ get('acpgc_stats_hint_privacy'); ?> + + +
+ get('acpgc_field_stats_hint'); ?> + - Comment system - /> - /> - Guest comment posting allowed - - + + + get('acpgc_heading_comments'); ?> + + + + + + + + + /> + + + + + + + + + /> + + + + + + get('acpgc_field_comment_allow_guests'); ?> + + + + + + + + + - Disable all site access + get('acpgc_heading_disablesite'); ?> - Disabling the site allows you to work on the site without letting non-administrators see or use it. - + + get('acpgc_field_disablesite_hint'); ?> + + + + @@ -412,41 +488,41 @@ - + - + - - + - + - - - - + - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + + + '; @@ -1678,8 +1678,16 @@ if ( !empty($finduser_url) ) { - $s = ( $num_rows == 1 ) ? '' : 'es'; - echo "

Search returned $num_rows match$s

"; + switch ( $num_rows ) + { + case 0: + $str = $lang->get('userfuncs_ml_msg_matches_zero'); break; + case 1: + $str = $lang->get('userfuncs_ml_msg_matches_one'); break; + default: + $str = $lang->get('userfuncs_ml_msg_matches', array('matches' => $num_rows)); break; + } + echo "

$str

"; } // main selector @@ -1718,14 +1726,16 @@ ' . ( urlSeparator == '&' ? '' : '' ) . ( $session->sid_super ? '' : '') - . '

Find a member: ' . $template->username_field('finduser') . '
You may use the following wildcards: * to match multiple characters, ? to match a single character.

' + . '

' . $lang->get('userfuncs_ml_lbl_finduser') . ' ' . $template->username_field('finduser') . '
+ ' . $lang->get('userfuncs_ml_tip_wildcard') . '

' . '' // Footer (printed after rows) ); if ( $num_rows < 1 ) { - echo ( isset($_GET['finduser']) ) ? '

Sorry - no users that matched your query could be found. Please try some different search terms.

' : '

Sorry - no users with usernames that start with that letter could be found.

'; + echo ( isset($_GET['finduser']) ) ? '

' . $lang->get('userfuncs_ml_err_nousers_find') . '

' : + '

' . $lang->get('userfuncs_ml_err_nousers') . '

'; } else { @@ -1745,37 +1755,41 @@ function username($username, $row) { global $db, $session, $paths, $template, $plugins; // Common objects + global $lang; + $userpage = $paths->nslist['User'] . sanitize_page_id($username); - $class = ( isPage($userpage) ) ? ' title="Click to view this user\'s userpage"' : ' class="wikilink-nonexistent" title="This user hasn\'t created a userpage yet, but you can still view profile details by clicking this link."'; + $class = ( isPage($userpage) ) ? ' title="' . $lang->get('userfuncs_ml_tip_userpage') . '"' : ' class="wikilink-nonexistent" title="' . $lang->get('userfuncs_ml_tip_nouserpage') . '"'; $anchor = '' . htmlspecialchars($username) . ''; if ( $session->user_level >= USER_LEVEL_ADMIN ) { $anchor .= ' - Administer user'; + onclick="ajaxAdminUser(\'' . addslashes(htmlspecialchars($username)) . '\'); return false;">' . $lang->get('userfuncs_ml_btn_adminuser') . ''; } return $anchor; } function user_level($level, $row) { global $db, $session, $paths, $template, $plugins; // Common objects + global $lang; switch ( $level ) { case USER_LEVEL_GUEST: - $s_level = 'Guest'; break; + $s_level = $lang->get('userfuncs_ml_level_guest'); break; case USER_LEVEL_MEMBER: case USER_LEVEL_CHPREF: - $s_level = 'Member'; break; + $s_level = $lang->get('userfuncs_ml_level_member'); break; case USER_LEVEL_MOD: - $s_level = 'Moderator'; break; + $s_level = $lang->get('userfuncs_ml_level_mod'); break; case USER_LEVEL_ADMIN: - $s_level = 'Site administrator'; break; + $s_level = $lang->get('userfuncs_ml_level_admin'); break; default: - $s_level = 'Unknown (level ' . $level . ')'; + $s_level = $lang->get('userfuncs_ml_level_unknown', array( 'level' => $level )); } return $s_level; } function email($addy, $row) { + global $lang; if ( $row['email_public'] == '1' ) { global $email; @@ -1784,7 +1798,7 @@ } else { - return '<Non-public>'; + return '<' . $lang->get('userfuncs_ml_email_nonpublic') . '>'; } } /** @@ -1795,6 +1809,7 @@ function format_date($time) { + global $lang; // Our formattting string to pass to date() // This should not include minute/second info, only today's date in whatever format suits your fancy $formatstring = 'F j, Y'; @@ -1814,16 +1829,16 @@ if ( $then == $days_ago ) { // yes, return $i - return "$i days ago"; + return $lang->get('userfuncs_ml_date_daysago', array('days_ago' => $i)); } } // either yesterday, today, or before 6 days ago switch($then) { case $today: - return 'Today'; + return $lang->get('userfuncs_ml_date_today'); case $yesterday: - return 'Yesterday'; + return $lang->get('userfuncs_ml_date_yesterday'); default: return $then; } diff -r 1e3b55a591d1 -r be6c5fdd9203 plugins/SpecialUserPrefs.php --- a/plugins/SpecialUserPrefs.php Fri Dec 28 13:36:33 2007 -0500 +++ b/plugins/SpecialUserPrefs.php Mon Dec 31 21:43:51 2007 -0500 @@ -1,8 +1,8 @@ auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) + { + $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true); + echo '

' . $lang->get('adm_err_not_auth_title') . '

'; + echo '

' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '

'; + return; + } + + echo '

' . $lang->get('acppm_heading_main') . '

'; + $show_select = true; + + if ( isset($_REQUEST['action']) || isset($_REQUEST['source']) ) + { + if ( isset($_REQUEST['action']) ) + { + $act =& $_REQUEST['action']; + $act = strtolower($act); + } + else if ( isset($_REQUEST['source']) && $_REQUEST['source'] == 'ajax' ) + { + $act = 'select'; + } + switch ( $act ) + { + case 'save': + case 'select': + // First step is to determine the page ID and namespace + + if ( isset($_REQUEST['pid_search']) ) + { + list($page_id, $namespace) = RenderMan::strToPageID($_REQUEST['page_id']); + $name = $db->escape(dirtify_page_id($page_id)); + $page_id = $db->escape(sanitize_page_id($page_id)); + $namespace = $db->escape($namespace); + $name = strtolower($name); + $page_id = strtolower($page_id); + $sql = "SELECT * FROM " . table_prefix . "pages WHERE ( " . ENANO_SQLFUNC_LOWERCASE . "(urlname) LIKE '%$page_id%' OR " . ENANO_SQLFUNC_LOWERCASE . "(name) LIKE '%$name%' ) ORDER BY name ASC;"; + } + else + { + // pid_search was not set, assume absolute page ID + list($page_id, $namespace) = RenderMan::strToPageID($_REQUEST['page_id']); + $page_id = $db->escape(sanitize_page_id($page_id)); + $namespace = $db->escape($namespace); + + $sql = "SELECT * FROM " . table_prefix . "pages WHERE urlname = '$page_id' AND namespace = '$namespace';"; + } + + if ( !($q = $db->sql_query($sql)) ) + { + $db->_die('PageManager selecting dataset for page'); + } + + if ( $db->numrows() < 1 ) + { + echo '
+ ' . $lang->get('acppm_err_page_not_found') . ' +
'; + break; + } + + if ( $db->numrows() > 1 ) + { + // Ambiguous results + if ( isset($_REQUEST['pid_search']) ) + { + echo '

' . $lang->get('acppm_msg_results_ambiguous_title') . '

'; + echo '

' . $lang->get('acppm_msg_results_ambiguous_body') . '

'; + echo '
    '; + while ( $row = $db->fetchrow($q) ) + { + echo '
  • '; + $pathskey = $paths->nslist[$row['namespace']] . $row['urlname']; + $edit_url = makeUrlNS('Special', 'Administration', "module={$paths->nslist['Admin']}PageManager&action=select&page_id=$pathskey", true); + $view_url = makeUrlNS($row['namespace'], $row['urlname']); + $page_name = htmlspecialchars(get_page_title_ns( $row['urlname'], $row['namespace'] )); + $view_link = $lang->get('acppm_ambig_btn_viewpage'); + echo "$page_name ($view_link)"; + echo '
  • '; + } + echo '
'; + $show_select = false; + break; + } + else + { + echo '

' . $lang->get('acppm_err_ambig_absolute') . '

'; + break; + } + } + + // From this point on we can assume that exactly one matching page was found. + $dataset = $db->fetchrow(); + $page_id = $dataset['urlname']; + $namespace = $dataset['namespace']; + + // This is used to re-determine the page ID after submit. + $pathskey = $paths->nslist[$namespace] . sanitize_page_id($page_id); + + // The extra switch allows us to break out of the save routine if needed + switch ( $act ) + { + case 'save': + + $errors = array(); + $page_id_changed = false; + $namespace_changed = false; + + // Backup the dataset to avoid redundantly updating values + $dataset_backup = $dataset; + + // We've elected to save the page. The angle of attack here is to validate each form field, + // and if the field validates successfully, change the value in $dataset accordingly. + + // Field: page name + $page_name = $_POST['page_name']; + $page_name = trim($page_name); + if ( empty($page_name) ) + { + $errors[] = $lang->get('acppm_err_invalid_page_name'); + } + else + { + $dataset['name'] = $page_name; + } + + // Field: page URL string + $page_urlname = $_POST['page_urlname']; + $page_urlname = trim($_POST['page_urlname']); + if ( empty($page_urlname) && getConfig('main_page') !== '' ) + { + $errors[] = $lang->get('acppm_err_invalid_url_string'); + } + else + { + $page_id_changed = ( $_POST['page_urlname'] !== $dataset['urlname'] ); + $dataset['urlname'] = sanitize_page_id($page_urlname); + } + + // Field: namespace + $namespace = $_POST['page_namespace']; + if ( !isset($paths->nslist[ $namespace ]) ) + { + $errors[] = $lang->get('acppm_err_invalid_namespace'); + } + else + { + $namespace_changed = ( $_POST['page_namespace'] !== $dataset['namespace'] ); + $dataset['namespace'] = $namespace; + } + + // Field: comments enabled + $dataset['comments_on'] = ( isset($_POST['comments_on']) ) ? 1 : 0; + + // Field: page visible + $dataset['visible'] = ( isset($_POST['visible']) ) ? 1 : 0; + + // Field: standalone page + $dataset['special'] = ( isset($_POST['special']) ) ? 1 : 0; + + // Field: page protection + $protect_level = $_POST['protected']; + if ( !in_array($protect_level, array('0', '1', '2')) ) + { + $errors[] = $lang->get('acppm_err_invalid_protection'); + } + else + { + $dataset['protected'] = intval($protect_level); + } + + // Field: wiki mode + $wiki_mode = $_POST['wikimode']; + if ( !in_array($wiki_mode, array('0', '1', '2')) ) + { + $errors[] = $lang->get('acppm_err_invalid_wiki_mode'); + } + else + { + $dataset['wiki_mode'] = intval($wiki_mode); + } + + if ( count($errors) < 1 ) + { + // We're free of errors. Build a SQL query to update the page table. + $particles = array(); + + foreach ( $dataset as $key => $value ) + { + if ( $value === $dataset_backup[$key] || ( is_int($value) && $value === intval($dataset_backup[$key]) ) ) + continue; + if ( is_int($value) ) + { + $particle = "$key = $value"; + } + else + { + $value = $db->escape($value); + $particle = "$key = '$value'"; + } + $particles[] = $particle; + unset($particle); + } + + $page_id_new = $db->escape($dataset['urlname']); + $namespace_new = $db->escape($dataset['namespace']); + + // Only run the update query if at least one field was changed. + if ( count($particles) > 0 ) + { + $particles = implode(', ', $particles); + $page_id_db = $db->escape($page_id); + $namespace_db = $db->escape($namespace); + $sql = 'UPDATE ' . table_prefix . "pages SET $particles WHERE urlname = '$page_id_db' AND namespace = '$namespace_db';"; + + if ( !$db->sql_query($sql) ) + $db->_die('PageManager running primary update query'); + + // Did we change the page ID or namespace? If so we need to also change logs, comments, tags, etc. + if ( $page_id_changed || $namespace_changed ) + { + $sql = array( + 'UPDATE ' . table_prefix . "logs SET page_id = '$page_id_new', namespace = '$namespace_new' WHERE page_id = '$page_id_db' AND namespace = '$namespace_db';", + 'UPDATE ' . table_prefix . "tags SET page_id = '$page_id_new', namespace = '$namespace_new' WHERE page_id = '$page_id_db' AND namespace = '$namespace_db';", + 'UPDATE ' . table_prefix . "comments SET page_id = '$page_id_new', namespace = '$namespace_new' WHERE page_id = '$page_id_db' AND namespace = '$namespace_db';", + 'UPDATE ' . table_prefix . "page_text SET page_id = '$page_id_new', namespace = '$namespace_new' WHERE page_id = '$page_id_db' AND namespace = '$namespace_db';", + 'UPDATE ' . table_prefix . "categories SET page_id = '$page_id_new', namespace = '$namespace_new' WHERE page_id = '$page_id_db' AND namespace = '$namespace_db';" + ); + foreach ( $sql as $q ) + { + if ( !$db->sql_query($q) ) + $db->_die('PageManager running slave update query after page ID/namespace change'); + } + } + + // Did we change the name of the page? If so, make PageUtils log it + if ( $dataset_backup['name'] != $dataset['name'] ) + { + PageUtils::rename($page_id_new, $namespace_new, $dataset['name']); + } + } + + // Did the user ask to delete the page? + if ( isset($_POST['delete']) ) + { + PageUtils::deletepage($page_id_new, $namespace_new, $lang->get('acppm_delete_reason')); + } + + echo '
' . $lang->get('acppm_msg_save_success', array( 'viewpage_url' => makeUrlNS($dataset['namespace'], $dataset['urlname']) )) . '
'; + break 2; + } + + break; + } + $tpl_code = << +
Users and communicationget('acpgc_heading_users'); ?>
User account activation
get('acpgc_heading_activate'); ?>
- If you would like to require users to confirm their e-mail addresses by way of account activation, you can enable this behavior here. If this option is set to "None", users will be able to register and use this site without confirming their e-mail addresses. If this option is set to "User", users will automatically be sent e-mails upon registration with a link to activate their accounts. And lastly, if this option is set to "Admin", users' accounts will not be active until an administrator activates the account.

- You may also disable registration completely if needed.

- Note: because of abuse by project administrators, sending account activation e-mails will not work on SourceForge.net servers. + get('acpgc_activate_intro_line1'); ?>

+ get('acpgc_activate_intro_line2'); ?>

+ get('acpgc_activate_intro_sfnet_warning'); ?>
Account activation: + get('acpgc_field_activate'); ?> Disable registration
'; - echo ''; - echo ''; - echo ''; + echo '
'; + echo ''; + echo ''; + echo ''; ?>
Account lockouts
get('acpgc_heading_lockout'); ?>
Configure Enano to prevent or restrict logins for a specified period of time if a user enters an incorrect password a specific number of times.
get('acpgc_lockout_intro'); ?>
Lockout threshold:
- How many times can a user enter wrong credentials before a lockout goes into effect? +
get('acpgc_field_lockout_threshold'); ?>
+ get('acpgc_field_lockout_threshold_hint'); ?>
@@ -454,8 +530,8 @@
Lockout duration:
- This is how long an account lockout should last, in minutes. +
get('acpgc_field_lockout_duration'); ?>
+ get('acpgc_field_lockout_duration_hint'); ?>
@@ -463,34 +539,34 @@
Lockout policy:
- What should be done when a lockout goes into effect? +
get('acpgc_field_lockout_policy'); ?>
+ get('acpgc_field_lockout_policy_hint'); ?>
-
-
- +
+
+
Password strength
get('acpgc_heading_passstrength'); ?>
- Enable password strength analysis
- This should be enabled in most cases. When this is enabled, a strength meter and a numerical score will be displayed wherever a password can be changed. + get('acpgc_field_passstrength_title'); ?>
+ get('acpgc_field_passstrength_hint'); ?>
- +
- Minimum strength score
- This is the lowest score a password will be allowed to have. -10 will allow any password. A score of under -3 is considered weak, under 1 is fair, under 4 is good, under 10 is strong, and 10 and above are very strong. The scale is open-ended. This only has an effect if the meter is enabled above. + get('acpgc_field_passminimum_title'); ?>
+ get('acpgc_field_passminimum_hint'); ?>
@@ -499,87 +575,130 @@ -
E-mail sent from the site
E-mail sending method:
Try using the built-in e-mail method first. If that doesn't work, you will need to enter valid SMTP information here.

-
SMTP hostname:
This option only applies to the external SMTP mode.
SMTP credentials:
This option only applies to the external SMTP mode.
Username:
- Password:
Avatars
- Avatars are small images that users can display on their profiles and in comments. + + get('acpgc_heading_email'); ?>
- Enable avatar support:
- Supported formats are JPEG, PNG, and GIF™. + get('acpgc_field_email_method'); ?>
+ get('acpgc_field_email_method_hint'); ?>
- + + +
+ +
- Maximum avatar file size:
- For smaller sites, the highest value for this should be about 50KB, 51200. Larger sites with more visitors will likely want to use something much smaller, such as 10KB. + get('acpgc_field_email_smtp_hostname'); ?>
+ get('acpgc_field_email_smtp_hostname_hint'); ?>
- /> bytes +
- Maximum avatar dimensions:
- The format is width × height. Typically you want to have this square (the same width and height). These are only maximum dimensions; users are not prevented from having smaller images. + get('acpgc_field_email_smtp_auth'); ?>
+ get('acpgc_field_email_smtp_hostname_hint'); ?>
- /> × - /> pixels + get('acpgc_field_email_smtp_username'); ?>
+ get('acpgc_field_email_smtp_password'); ?> +
get('acpgc_heading_avatars'); ?>
+ get('acpgc_avatars_intro'); ?> + +
+ get('acpgc_field_avatar_enable'); ?>
+ get('acpgc_field_avatar_enable_hint'); ?> +
+
- Allow animated avatars:
- If this is checked, users can upload APNG and Animated GIF™ avatars. Sometimes such images can be specifically made to be distracting, like rapidly flashing images. If this is unchecked, these formats will be blocked, and only still PNGs and GIFs will be allowed. + get('acpgc_field_avatar_max_filesize'); ?>
+ get('acpgc_field_avatar_max_filesize_hint'); ?>
- + /> get('etc_unit_bytes'); ?>
- Allowed upload methods:
- + get('acpgc_field_avatar_max_dimensions'); ?>
+ get('acpgc_field_avatar_max_dimensions_hint'); ?>
-
- + /> × + /> get('etc_unit_pixels'); ?>
- Avatar storage directory:
- This should be relative to your Enano root and should contain only alphanumeric characters and forward slashes, even if your server runs Windows. + get('acpgc_field_avatar_allow_anim_title'); ?>
+ get('acpgc_field_avatar_allow_anim_hint'); ?> +
+ +
+ get('acpgc_field_avatar_upload_methods'); ?>
+ +
+ + +
+ + +
+ get('acpgc_field_avatar_directory'); ?>
+ get('acpgc_field_avatar_directory_hint'); ?>
/> @@ -593,90 +712,114 @@ - + - - + + - - + - + - + - + - - + + - - - - - - + + + + + + - - - + + + + + + + + + + + + @@ -686,7 +829,7 @@
Sidebar linksget('acpgc_heading_sidebar'); ?>
Promote Enano
get('acpgc_heading_promoteenano'); ?>
- If you think Enano is nice, or if you want to show your support for the Enano team, you can do so by placing a link to the Enano - homepage in your Links sidebar block. You absolutely don't have to do this, and you won't get degraded support if you don't. Because - Enano is still relatively new in the CMS world, it needs all the attention it can get - and you can easily help to spread the word - using this link. + + get('acpgc_field_enano_link_title'); ?>
SourceForge.net logo
get('acpgc_heading_sfnet_logo'); ?>
- All projects hosted by SourceForge.net are required to display an official SourceForge.net logo on their pages. If you want - to display a SourceForge.net logo on the sidebar, check the box below, enter your group ID, and select an image type. + get('acpgc_sfnet_intro'); ?>
Display the SourceForge.net logo on the right sidebarget('acpgc_field_sfnet_display'); ?> />
Group ID:get('acpgc_field_sfnet_group_id'); ?>
Logo style:get('acpgc_field_sfnet_logo_style'); ?>
W3C compliance logos
Enano generates (by default) Valid XHTML 1.1 code, plus valid CSS. If you want to show this off, check the appropriate boxes below.
get('acpgc_heading_w3clogos'); ?>
get('acpgc_w3clogos_intro'); ?>
id="w3c-vh32" name="w3c-vh32" />
id="w3c-vh40" name="w3c-vh40" />
id="w3c-vh401" name="w3c-vh401" />
id="w3c-vxhtml10" name="w3c-vxhtml10" />
id="w3c-vxhtml11" name="w3c-vxhtml11" />
id="w3c-vcss" name="w3c-vcss" />
id="w3c-vh32" name="w3c-vh32" />
id="w3c-vh40" name="w3c-vh40" />
id="w3c-vh401" name="w3c-vh401" />
id="w3c-vxhtml10" name="w3c-vxhtml10" />
id="w3c-vxhtml11" name="w3c-vxhtml11" />
id="w3c-vcss" name="w3c-vcss" />
Defective By Design Anti-DRM button
The Enano project is strongly against Digital Restrictions Management. DRM removes the freedoms that every consumer should have: to freely copy and use digital media items they legally purchased to their own devices. Showing your opposition to DRM is as easy as checking the box below to place a link to DefectiveByDesign.org on your sidebar.
/>
+ get('acpgc_heading_dbd'); ?> +
+ get('acpgc_dbd_intro'); ?> + get('acpgc_dbd_explain'); ?> +
+ + + /> +
- +
@@ -783,39 +926,138 @@ } echo '
'; ?> -

File upload configuration

-

Enano supports the ability to upload files to your website and store the files in the database. This enables you to embed images - and such into pages without manually writing the HTML. However, the upload feature can sometimes pose a risk to your site, as viruses - and executable files can sometimes be uploaded.

-

-

Maximum file size:

-

You can allow Enano to generate thumbnails of images automatically. This feature requires ImageMagick to work properly. If your server - does not have ImageMagick on it, Enano will simply make your users' browsers scale the images. In most cases this is fine, but if you - are uploading large (>100KB) images and embedding them inside of pages, you should try to enable ImageMagick because transferring these - large images many times can cost you quite a lot of bandwidth.

-


- Path to ImageMagick:
- On Linux and Unix servers, the most likely options here are /usr/bin/convert and /usr/local/bin/convert. If you server runs Windows, then - ImageMagick is most likely to be C:\Windows\Convert.exe or C:\Windows\System32\Convert.exe. -

-

If you use ImageMagick to scale images, your server will be very busy constantly scaling images if your website is busy, and your site - may experience slowdowns. You can dramatically speed up this scaling process if you use a directory to cache thumbnail images.

-

Please note: the cache/ directory on your server must be writable by the server. While this is not usually a problem on - Windows servers, most Linux/Unix servers will require you to CHMOD the cache/ directory to 777. See your FTP client's user guide for - more information on how to do this.At present, it seems that the cache directory - is not writable. The checkbox below has been disabled to maintain the stability of Enano.'; ?>

-

-

Lastly, you can choose whether file history will be saved. If this option is turned on, you will be able to roll back any malicious - changes made to uploaded files, but this requires a significant amount of database storage. You should probably leave this option - enabled unless you have less than 250MB of MySQL database space.

-

+

get('acpup_heading_main'); ?>

+ +

+ get('acpup_intro'); ?> +

+

+ +

+

+ get('acpup_field_max_size'); ?> + + +

+ +

get('acpup_info_magick'); ?>

+

+ +
+ get('acpup_field_magick_path'); ?>
+ get('acpup_field_magick_path_hint'); ?> +

+ +

get('acpup_info_cache'); ?>

+

+ get('acpup_info_cache_chmod'); ?> + + get('acpup_msg_cache_not_writable'); + ?> +

+ +

+ +

+ +

get('acpup_info_history'); ?>

+

+ +

+
-

+

'; } -function page_Admin_PluginManager() { +function page_Admin_UploadAllowedMimeTypes() +{ + global $db, $session, $paths, $template, $plugins; // Common objects + global $lang; + if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) + { + $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true); + echo '

' . $lang->get('adm_err_not_auth_title') . '

'; + echo '

' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '

'; + return; + } + + global $mime_types, $mimetype_exps, $mimetype_extlist; + if(isset($_POST['save']) && !defined('ENANO_DEMO_MODE')) + { + $bits = ''; + $keys = array_keys($mime_types); + foreach($keys as $i => $k) + { + if(isset($_POST['ext_'.$k])) $bits .= '1'; + else $bits .= '0'; + } + $bits = compress_bitfield($bits); + setConfig('allowed_mime_types', $bits); + echo '
' . $lang->get('acpft_msg_saved') . '
'; + } + else if ( isset($_POST['save']) && defined('ENANO_DEMO_MODE') ) + { + echo '
' . $lang->get('acpft_msg_demo_mode') . '
'; + } + $allowed = fetch_allowed_extensions(); + ?> +

get('acpft_heading_main'); ?>

+

get('acpft_hint'); ?>

+ nslist['Special'].'Administration', (( isset($_GET['sqldbg'])) ? 'sqldbg&' : '') .'module='.$paths->cpage['module']).'" method="post">'; + $c = -1; + $t = -1; + $cl = 'row1'; + echo "\n".'
'."\n".' '."\n".' '."\n "; + ksort($mime_types); + foreach($mime_types as $e => $m) + { + $c++; + $t++; + if($c == 3) + { + $c = 0; + $cl = ( $cl == 'row1' ) ? 'row2' : 'row1'; + echo ''."\n".' '."\n "; + } + $seed = "extchkbx_{$e}_".md5(microtime() . mt_rand()); + $chk = (!empty($allowed[$e])) ? ' checked="checked"' : ''; + echo " \n "; + } + while($c < 2) + { + $c++; + echo " \n "; + } + echo ''; + echo ''."\n".'
\n \n
'."\n".'
'; + echo '
'; + ?> + auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) @@ -828,32 +1070,46 @@ if(isset($_GET['action'])) { - switch($_GET['action']) + if ( !isset($_GET['plugin']) ) + { + echo '
No plugin specified.
'; + } + else if ( !preg_match('/^[A-z0-9_-]+\.php$/', $_GET['plugin']) ) { - case "enable": - $q = $db->sql_query('INSERT INTO '.table_prefix.'logs(log_type,action,time_id,edit_summary,author,page_text) VALUES(\'security\',\'plugin_enable\',' . time() . ',\'' . $db->escape($_SERVER['REMOTE_ADDR']) . '\',"' . $db->escape($session->username) . '","' . $db->escape($_GET['plugin']) . '");'); - if ( !$q ) - $db->_die(); - setConfig('plugin_'.$_GET['plugin'], '1'); - break; - case "disable": - if ( defined('ENANO_DEMO_MODE') && strstr($_GET['plugin'], 'Demo') ) - { - echo('

Error disabling plugin

The demo lockdown plugin cannot be disabled in demo mode.

'); - break; - } - if ( !in_array($_GET['plugin'], $plugins->system_plugins) ) - { - $q = $db->sql_query('INSERT INTO '.table_prefix.'logs(log_type,action,time_id,edit_summary,author,page_text) VALUES(\'security\',\'plugin_disable\',' . time() . ',\'' . $db->escape($_SERVER['REMOTE_ADDR']) . '\',"' . $db->escape($session->username) . '","' . $db->escape($_GET['plugin']) . '");'); + echo '
Hacking attempt
'; + } + else + { + $plugin =& $_GET['plugin']; + switch($_GET['action']) + { + case "enable": + $q = $db->sql_query('INSERT INTO '.table_prefix.'logs(log_type,action,time_id,edit_summary,author,page_text) VALUES(\'security\',\'plugin_enable\',' . time() . ',\'' . $db->escape($_SERVER['REMOTE_ADDR']) . '\',"' . $db->escape($session->username) . '","' . $db->escape($_GET['plugin']) . '");'); if ( !$q ) $db->_die(); - setConfig('plugin_'.$_GET['plugin'], '0'); - } - else - { - echo('

Error disabling plugin

The plugin you selected cannot be disabled because it is a system plugin.

'); - } - break; + setConfig("plugin_$plugin", '1'); + break; + case "disable": + if ( defined('ENANO_DEMO_MODE') && strstr($_GET['plugin'], 'Demo') ) + { + echo('

' . $lang->get('acppl_err_heading') . '

+

' . $lang->get('acppl_err_demo_plugin') . '

'); + break; + } + if ( !in_array($plugin, $plugins->system_plugins) ) + { + $q = $db->sql_query('INSERT INTO '.table_prefix.'logs(log_type,action,time_id,edit_summary,author,page_text) VALUES(\'security\',\'plugin_disable\',' . time() . ',\'' . $db->escape($_SERVER['REMOTE_ADDR']) . '\',"' . $db->escape($session->username) . '","' . $db->escape($_GET['plugin']) . '");'); + if ( !$q ) + $db->_die(); + setConfig("plugin_$plugin", '0'); + } + else + { + echo '

' . $lang->get('acppl_err_heading') . '

+

' . $lang->get('acppl_err_system_plugin') . '

'; + } + break; + } } } $dir = './plugins/'; @@ -896,23 +1152,37 @@ $thelist[$file]['auth'] = $f[3]; $thelist[$file]['vers'] = $f[4]; $thelist[$file]['aweb'] = $f[5]; + + if ( preg_match('/^[a-z0-9]+_[a-z0-9_]+$/', $thelist[$file]['name']) ) + $thelist[$file]['name'] = $lang->get($thelist[$file]['name']); + + if ( preg_match('/^[a-z0-9]+_[a-z0-9_]+$/', $thelist[$file]['desc']) ) + $thelist[$file]['desc'] = $lang->get($thelist[$file]['desc']); + } } closedir($dh); } else { - echo '
The plugins/ directory could not be opened.
'; + echo '
' . $lang->get('acppl_err_open_dir') . '
'; return; } } else { - echo '
The plugins/ directory is missing from your Enano installation.
'; + echo '
' . $lang->get('acppl_err_missing_dir') . '
'; return; } echo('
- '); + + + + + + + + '); $plugin_files_1 = array_keys($plugin_list); $plugin_files_2 = array_keys($system); $plugin_files = array_values(array_merge($plugin_files_1, $plugin_files_2)); @@ -938,27 +1208,343 @@ { if ( getConfig('plugin_'.$plugin_files[$i]) == '1' ) { - echo 'Disable'; + echo '' . $lang->get('acppl_btn_disable') . ''; } else { - echo 'Enable'; + echo '' . $lang->get('acppl_btn_enable') . ''; } } else { - echo '[System]'; + echo $lang->get('acppl_lbl_system_plugin'); } echo ''; } $showhide_link = ( $show_system ) ? - 'Hide system plugins' : - 'Show system plugins' ; + '' . $lang->get('acppl_btn_hide_system') . '' : + '' . $lang->get('acppl_btn_show_system') . '' ; echo ''; echo '
Plugin filenamePlugin nameDescriptionAuthorVersion
' . $lang->get('acppl_col_filename') . '' . $lang->get('acppl_col_name') . '' . $lang->get('acppl_col_description') . '' . $lang->get('acppl_col_author') . '' . $lang->get('acppl_col_version') . '
'.$showhide_link.'
'; } -function page_Admin_UploadAllowedMimeTypes() +/* +function page_Admin_PageManager() +{ + global $db, $session, $paths, $template, $plugins; // Common objects + global $lang; + if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) + { + $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true); + echo '

' . $lang->get('adm_err_not_auth_title') . '

'; + echo '

' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '

'; + return; + } + + echo '

Page management

'; + + if ( isset($_POST['search']) || isset($_POST['select']) || ( isset($_GET['source']) && $_GET['source'] == 'ajax' ) ) + { + // The object of the game: using only the text a user entered, guess the page ID and namespace. *sigh* I HATE writing search algorithms... + $source = ( isset($_GET['source']) ) ? $_GET['source'] : false; + if ( $source == 'ajax' ) + { + $_POST['search'] = true; + $_POST['page_url'] = $_GET['page_id']; + } + if ( isset($_POST['search']) ) + { + $pid = $_POST['page_url']; + } + elseif ( isset($_POST['select']) ) + { + $pid = $_POST['page_force_url']; + } + else + { + echo 'Internal error selecting page search terms'; + return false; + } + // Look for a namespace prefix in the urlname, and assign a different namespace, if necessary + $k = array_keys($paths->nslist); + for ( $i = 0; $i < sizeof($paths->nslist); $i++ ) + { + $ln = strlen($paths->nslist[$k[$i]]); + if(substr($pid, 0, $ln) == $paths->nslist[$k[$i]]) + { + $ns = $k[$i]; + $page_id = substr($pid, $ln, strlen($pid)); + } + } + // The namespace is in $ns and the page name or ID (we don't know which yet) is in $page_id + // Now, iterate through $paths->pages searching for a page with this name or ID + for ( $i = 0; $i < sizeof($paths->pages) / 2; $i++ ) + { + if ( !isset($final_pid) ) + { + if ( $paths->pages[$i]['urlname_nons'] == str_replace(' ', '_', $page_id) ) + { + $final_pid = str_replace(' ', '_', $page_id); + } + else if ( $paths->pages[$i]['name'] == $page_id ) + { + $final_pid = $paths->pages[$i]['urlname_nons']; + } + else if ( strtolower($paths->pages[$i]['urlname_nons']) == strtolower(str_replace(' ', '_', $page_id)) ) + { + $final_pid = $paths->pages[$i]['urlname_nons']; + } + else if ( strtolower($paths->pages[$i]['name']) == strtolower(str_replace('_', ' ', $page_id)) ) + { + $final_pid = $paths->pages[$i]['urlname_nons']; + } + if ( isset($final_pid) ) + { + $_POST['name'] = $paths->pages[$i]['name']; + $_POST['urlname'] = $paths->pages[$i]['urlname_nons']; + } + } + } + if ( !isset($final_pid) ) + { + echo 'The page you searched for cannot be found. Back'; + return false; + } + $_POST['namespace'] = $ns; + $_POST['old_namespace'] = $ns; + $_POST['page_id'] = $final_pid; + $_POST['old_page_id'] = $final_pid; + if ( !isset($paths->pages[$paths->nslist[$_POST['namespace']].$_POST['urlname']]) ) + { + echo 'The page you searched for cannot be found. Back'; + return false; + } + } + + if ( isset($_POST['page_id']) && isset($_POST['namespace']) && !isset($_POST['cancel']) ) + { + $cpage = $paths->pages[$paths->nslist[$_POST['old_namespace']].$_POST['old_page_id']]; + if(isset($_POST['submit'])) + { + switch(true) + { + case true: + // Create a list of things to update + $page_info = Array( + 'name'=>$_POST['name'], + 'urlname'=>sanitize_page_id($_POST['page_id']), + 'namespace'=>$_POST['namespace'], + 'special'=>isset($_POST['special']) ? '1' : '0', + 'visible'=>isset($_POST['visible']) ? '1' : '0', + 'comments_on'=>isset($_POST['comments_on']) ? '1' : '0', + 'protected'=>isset($_POST['protected']) ? '1' : '0' + ); + + $updating_urlname_or_namespace = ( $page_info['namespace'] != $cpage['namespace'] || $page_info['urlname'] != $cpage['urlname_nons'] ); + + if ( !isset($paths->nslist[ $page_info['namespace'] ]) ) + { + echo '
The namespace you selected is not properly registered.
'; + break; + } + if ( isset($paths->pages[ $paths->nslist[$page_info['namespace']] . $page_info[ 'urlname' ] ]) && $updating_urlname_or_namespace ) + { + echo '
There is already a page that exists with that URL string and namespace.
'; + break; + } + // Build the query + $q = 'UPDATE '.table_prefix.'pages SET '; + $k = array_keys($page_info); + foreach($k as $c) + { + $q .= $c.'=\''.$db->escape($page_info[$c]).'\','; + } + $q = substr($q, 0, strlen($q)-1); + // Build the WHERE statements + $q .= ' WHERE '; + $k = array_keys($cpage); + if ( !isset($cpage) ) + die('[internal] no cpage'); + foreach($k as $c) + { + if($c != 'urlname_nons' && $c != 'urlname' && $c != 'really_protected') + { + $q .= $c.'=\''.$db->escape($cpage[$c]).'\' AND '; + } + else if($c == 'urlname') + { + $q .= $c.'=\''.$db->escape($cpage['urlname_nons']).'\' AND '; + } + } + // Trim off the last " AND " and append a semicolon + $q = substr($q, 0, strlen($q)-5) . ';'; + // Send the completed query to MySQL + $e = $db->sql_query($q); + if(!$e) $db->_die('The page data could not be updated.'); + // Update any additional tables + $q = Array( + 'UPDATE '.table_prefix.'categories SET page_id=\''.$page_info['urlname'].'\',namespace=\''.$page_info['namespace'].'\' WHERE page_id=\'' . $db->escape($_POST['old_page_id']) . '\' AND namespace=\'' . $db->escape($_POST['old_namespace']) . '\';', + 'UPDATE '.table_prefix.'comments SET page_id=\''.$page_info['urlname'].'\',namespace=\''.$page_info['namespace'].'\' WHERE page_id=\'' . $db->escape($_POST['old_page_id']) . '\' AND namespace=\'' . $db->escape($_POST['old_namespace']) . '\';', + 'UPDATE '.table_prefix.'logs SET page_id=\''.$page_info['urlname'].'\',namespace=\''.$page_info['namespace'].'\' WHERE page_id=\'' . $db->escape($_POST['old_page_id']) . '\' AND namespace=\'' . $db->escape($_POST['old_namespace']) . '\';', + 'UPDATE '.table_prefix.'page_text SET page_id=\''.$page_info['urlname'].'\',namespace=\''.$page_info['namespace'].'\' WHERE page_id=\'' . $db->escape($_POST['old_page_id']) . '\' AND namespace=\'' . $db->escape($_POST['old_namespace']) . '\';', + 'UPDATE '.table_prefix.'acl SET page_id=\''.$page_info['urlname'].'\',namespace=\''.$page_info['namespace'].'\' WHERE page_id=\'' . $db->escape($_POST['old_page_id']) . '\' AND namespace=\'' . $db->escape($_POST['old_namespace']) . '\';' + ); + foreach($q as $cq) + { + $e = $db->sql_query($cq); + if(!$e) $db->_die('Some of the additional tables containing page information could not be updated.'); + } + // Update $cpage + $cpage = $page_info; + $cpage['urlname_nons'] = $cpage['urlname']; + $cpage['urlname'] = $paths->nslist[$cpage['namespace']].$cpage['urlname']; + $_POST['old_page_id'] = $page_info['urlname']; + $_POST['old_namespace'] = $page_info['namespace']; + echo '
Your changes have been saved.
'; + break; + } + } elseif(isset($_POST['delete'])) { + $q = Array( + 'DELETE FROM '.table_prefix.'categories WHERE page_id=\'' . $db->escape($_POST['old_page_id']) . '\' AND namespace=\'' . $db->escape($_POST['old_namespace']) . '\';', + 'DELETE FROM '.table_prefix.'comments WHERE page_id=\'' . $db->escape($_POST['old_page_id']) . '\' AND namespace=\'' . $db->escape($_POST['old_namespace']) . '\';', + 'DELETE FROM '.table_prefix.'logs WHERE page_id=\'' . $db->escape($_POST['old_page_id']) . '\' AND namespace=\'' . $db->escape($_POST['old_namespace']) . '\';', + 'DELETE FROM '.table_prefix.'page_text WHERE page_id=\'' . $db->escape($_POST['old_page_id']) . '\' AND namespace=\'' . $db->escape($_POST['old_namespace']) . '\';', + ); + foreach($q as $cq) + { + $e = $db->sql_query($cq); + if(!$e) $db->_die('Some of the additional tables containing page information could not be updated.'); + } + + if(!$db->sql_query( + 'DELETE FROM '.table_prefix.'pages WHERE urlname="'.$db->escape($_POST['old_page_id']).'" AND namespace="'.$db->escape($_POST['old_namespace']).'";' + )) $db->_die('The page could not be deleted.'); + echo '
This page has been deleted.

Return to Page manager
Admin home

'; + return; + } + $url = makeUrlNS('Special', 'Administration', 'module='.$paths->cpage['module'], true); + echo '
'; + ?> +

Modify page:

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Namespace: + +
+ Page title: + + +
+ Page URL string:
+ No spaces, and don't enter the namespace prefix (e.g. User:).
+ Changing this value is usually not a good idea, especially for templates and project pages.
+
+ +
+ name="comments_on" type="checkbox" id="cmt" /> + +
+ name="special" type="checkbox" id="spc" /> +
+ This option enables you to use your own HTML headers and other code. It is recommended that only advanced users enable this feature. As with other Enano pages, you may use PHP code in your pages, meaning you can use Enano's API on the page. +
+ name="visible" type="checkbox" id="vis" /> +
+ Unchecking this checkbox prevents the page for being indexed for searching. The index is rebuilt each time a page is saved, and you can force an index rebuild by going to the page nslist['Special']; ?>SearchRebuild. +
+ name="protected" type="checkbox" id="prt" /> +
+ This option only has an effect when Wiki Mode is enabled. +
+ +
+
+
+ + + + +
+ '; + } + else + { + echo '

Please select a page

'; + echo ''; + ?> +

Search for page title (remember prefixes like User: and File:) pagename_field('page_url'); ?>

+

Select page title from a list:

+ '; + + } +} +*/ + +function page_Admin_PageEditor() { global $db, $session, $paths, $template, $plugins; // Common objects global $lang; @@ -970,63 +1556,99 @@ return; } - global $mime_types, $mimetype_exps, $mimetype_extlist; - if(isset($_POST['save']) && !defined('ENANO_DEMO_MODE')) - { - $bits = ''; - $keys = array_keys($mime_types); - foreach($keys as $i => $k) + + echo '

Edit page content

'; + + if(isset($_POST['search']) || isset($_POST['select'])) { + // The object of the game: using only the text a user entered, guess the page ID and namespace. *sigh* I HATE writing search algorithms... + if(isset($_POST['search'])) $pid = $_POST['page_url']; + elseif(isset($_POST['select'])) $pid = $_POST['page_force_url']; + else { echo 'Internal error selecting page search terms'; return false; } + // Look for a namespace prefix in the urlname, and assign a different namespace, if necessary + $k = array_keys($paths->nslist); + for($i=0;$inslist);$i++) { - if(isset($_POST['ext_'.$k])) $bits .= '1'; - else $bits .= '0'; + $ln = strlen($paths->nslist[$k[$i]]); + if(substr($pid, 0, $ln) == $paths->nslist[$k[$i]]) + { + $ns = $k[$i]; + $page_id = substr($pid, $ln, strlen($pid)); + } } - $bits = compress_bitfield($bits); - setConfig('allowed_mime_types', $bits); - echo '
Your changes have been saved.
'; - } - else if ( isset($_POST['save']) && defined('ENANO_DEMO_MODE') ) - { - echo '
Hmm, enabling executables, are we? Tsk tsk. I\'d love to know what\'s in that EXE file you want to upload. OK, maybe you didn\'t enable EXEs. But nevertheless, changing allowed filetypes is disabled in the demo.
'; + // The namespace is in $ns and the page name or ID (we don't know which yet) is in $page_id + // Now, iterate through $paths->pages searching for a page with this name or ID + for($i=0;$ipages)/2;$i++) + { + if(!isset($final_pid)) + { + if ($paths->pages[$i]['urlname_nons'] == str_replace(' ', '_', $page_id)) $final_pid = str_replace(' ', '_', $page_id); + elseif($paths->pages[$i]['name'] == $page_id) $final_pid = $paths->pages[$i]['urlname_nons']; + elseif(strtolower($paths->pages[$i]['urlname_nons']) == strtolower(str_replace(' ', '_', $page_id))) $final_pid = $paths->pages[$i]['urlname_nons']; + elseif(strtolower($paths->pages[$i]['name']) == strtolower(str_replace('_', ' ', $page_id))) $final_pid = $paths->pages[$i]['urlname_nons']; + if(isset($final_pid)) { $_POST['name'] = $paths->pages[$i]['name']; $_POST['urlname'] = $paths->pages[$i]['urlname_nons']; } + } + } + if(!isset($final_pid)) { echo 'The page you searched for cannot be found. Back'; return false; } + $_POST['namespace'] = $ns; + $_POST['page_id'] = $final_pid; + if(!isset($paths->pages[$paths->nslist[$_POST['namespace']].$_POST['urlname']])) { echo 'The page you searched for cannot be found. Back'; return false; } } - $allowed = fetch_allowed_extensions(); - ?> -

Allowed file types

-

Using the form below, you can decide which file types are allowed to be uploaded to this site.

- nslist['Special'].'Administration', (( isset($_GET['sqldbg'])) ? 'sqldbg&' : '') .'module='.$paths->cpage['module']).'" method="post">'; - $c = -1; - $t = -1; - $cl = 'row1'; - echo "\n".'
'."\n".' '."\n".' '."\n "; - ksort($mime_types); - foreach($mime_types as $e => $m) + + if(isset($_POST['page_id']) && !isset($_POST['cancel'])) + { + echo ''; + if(!isset($_POST['content']) || isset($_POST['revert'])) $content = RenderMan::getPage($_POST['page_id'], $_POST['namespace'], 0, false, false, false, false); + else $content = $_POST['content']; + if(isset($_POST['save'])) { - $c++; - $t++; - if($c == 3) - { - $c = 0; - $cl = ( $cl == 'row1' ) ? 'row2' : 'row1'; - echo ''."\n".' '."\n "; - } - $seed = "extchkbx_{$e}_".md5(microtime() . mt_rand()); - $chk = (!empty($allowed[$e])) ? ' checked="checked"' : ''; - echo " \n "; + $data = $content; + $id = md5( microtime() . mt_rand() ); + + $minor = isset($_POST['minor']) ? 'true' : 'false'; + $q='INSERT INTO '.table_prefix.'logs(log_type,action,time_id,date_string,page_id,namespace,page_text,char_tag,author,edit_summary,minor_edit) VALUES(\'page\', \'edit\', '.time().', \''.date('d M Y h:i a').'\', \'' . $db->escape($_POST['page_id']) . '\', \'' . $db->escape($_POST['namespace']) . '\', \''.$db->escape($data).'\', \''.$id.'\', \''.$session->username.'\', \''.$db->escape(htmlspecialchars($_POST['summary'])).'\', '.$minor.');'; + if(!$db->sql_query($q)) $db->_die('The history (log) entry could not be inserted into the logs table.'); + + $query = 'UPDATE '.table_prefix.'page_text SET page_text=\''.$db->escape($data).'\',char_tag=\''.$id.'\' WHERE page_id=\'' . $db->escape($_POST['page_id']) . '\' AND namespace=\'' . $db->escape($_POST['namespace']) . '\';'; + $e = $db->sql_query($query); + if(!$e) echo '
The page data could not be saved. MySQL said: '.mysql_error().'

Query:
'.$query.'
'; + else echo '
Your page has been saved. View page...
'; + } elseif(isset($_POST['preview'])) { + echo '

Preview

Reminder: This is only a preview; your changes to this page have not yet been saved.

'.RenderMan::render($content).'
'; } - while($c < 2) - { - $c++; - echo " \n "; - } - echo ''; - echo ''."\n".'
\n \n
'."\n".'
'; + ?> +

+
+ Edit summary:
+ +

+

+ + +        +

+ '; - ?> - Please select a page'; + echo ''; + ?> +

Search for page title (remember prefixes like User: and File:) pagename_field('page_url'); ?>

+

Select page title from a list:

+ '; + } } -function page_Admin_Sidebar() +function page_Admin_ThemeManager() { + global $db, $session, $paths, $template, $plugins; // Common objects global $lang; if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) @@ -1037,52 +1659,258 @@ return; } - ?> -

Editing and managing the Enano sidebar

-

The Enano sidebar is a versatile tool when scripted correctly. You don't have to be a programmer to enjoy the features the Sidebar - provides; however, editing the sidebar requires a small bit of programming knowledge and an understanding of Enano's system message - markup language. + + // Get the list of styles in the themes/ dir + $h = opendir('./themes'); + $l = Array(); + if(!$h) die('Error opening directory "./themes" for reading.'); + while(false !== ($n = readdir($h))) { + if($n != '.' && $n != '..' && is_dir('./themes/'.$n)) + $l[] = $n; + } + closedir($h); + echo(' +

Theme Management

+

Install, uninstall, and manage Enano themes.

+ '); + if(isset($_POST['disenable'])) { + $q = 'SELECT enabled FROM '.table_prefix.'themes WHERE theme_id=\'' . $db->escape($_POST['theme_id']) . '\''; + $s = $db->sql_query($q); + if(!$s) die('Error selecting enabled/disabled state value: '.mysql_error().'
SQL:
'.$q); + $r = $db->fetchrow_num($s); + $db->free_result(); + if($r[0] == 1) $e = 0; + else $e = 1; + $s=true; + if($e==0) + { + $c = $db->sql_query('SELECT * FROM '.table_prefix.'themes WHERE enabled=1'); + if(!$c) $db->_die('The backup check for having at least on theme enabled failed.'); + if($db->numrows() <= 1) { echo '
You cannot disable the last remaining theme.
'; $s=false; } + } + $db->free_result(); + if($s) { + $q = 'UPDATE '.table_prefix.'themes SET enabled='.$e.' WHERE theme_id=\'' . $db->escape($_POST['theme_id']) . '\''; + $a = $db->sql_query($q); + if(!$a) die('Error updating enabled/disabled state value: '.mysql_error().'
SQL:
'.$q); + else echo('
The theme "'.$_POST['theme_id'].'" has been '. ( ( $e == '1' ) ? 'enabled' : 'disabled' ).'.
'); + } + } + elseif(isset($_POST['edit'])) { + + $dir = './themes/'.$_POST['theme_id'].'/css/'; + $list = Array(); + // Open a known directory, and proceed to read its contents + if (is_dir($dir)) { + if ($dh = opendir($dir)) { + while (($file = readdir($dh)) !== false) { + if(preg_match('#^(.*?)\.css$#is', $file) && $file != '_printable.css') { + $list[$file] = capitalize_first_letter(substr($file, 0, strlen($file)-4)); + } + } + closedir($dh); + } + } + $lk = array_keys($list); + + $q = 'SELECT theme_name,default_style FROM '.table_prefix.'themes WHERE theme_id=\''.$db->escape($_POST['theme_id']).'\''; + $s = $db->sql_query($q); + if(!$s) die('Error selecting name value: '.mysql_error().'
SQL:
'.$q); + $r = $db->fetchrow_num($s); + $db->free_result(); + echo(''); + echo('
+ Theme name displayed to users:

+ Default stylesheet:

+ +
'); + echo(''); + } + elseif(isset($_POST['editsave'])) { + $q = 'UPDATE '.table_prefix.'themes SET theme_name=\'' . $db->escape($_POST['name']) . '\',default_style=\''.$db->escape($_POST['defaultcss']).'\' WHERE theme_id=\'' . $db->escape($_POST['theme_id']) . '\''; + $s = $db->sql_query($q); + if(!$s) die('Error updating name value: '.mysql_error().'
SQL:
'.$q); + else echo('
Theme data updated.
'); + } + elseif(isset($_POST['up'])) { + // If there is only one theme or if the selected theme is already at the top, do nothing + $q = 'SELECT theme_order FROM '.table_prefix.'themes ORDER BY theme_order;'; + $s = $db->sql_query($q); + if(!$s) die('Error selecting order information: '.mysql_error().'
SQL:
'.$q); + $q = 'SELECT theme_order FROM '.table_prefix.'themes WHERE theme_id=\''.$db->escape($_POST['theme_id']).'\''; + $sn = $db->sql_query($q); + if(!$sn) die('Error selecting order information: '.mysql_error().'
SQL:
'.$q); + $r = $db->fetchrow_num($sn); + if( /* check for only one theme... */ $db->numrows($s) < 2 || $r[0] == 1 /* ...and check if this theme is already at the top */ ) { echo('
This theme is already at the top of the list, or there is only one theme installed.
'); } else { + // Get the order IDs of the selected theme and the theme before it + $q = 'SELECT theme_order FROM '.table_prefix.'themes WHERE theme_id=\'' . $db->escape($_POST['theme_id']) . '\''; + $s = $db->sql_query($q); + if(!$s) die('Error selecting order information: '.mysql_error().'
SQL:
'.$q); + $r = $db->fetchrow_num($s); + $r = $r[0]; + $rb = $r - 1; + // Thank God for jEdit's rectangular selection and the ablity to edit multiple lines at the same time ;) + $q = 'UPDATE '.table_prefix.'themes SET theme_order=0 WHERE theme_order='.$rb.''; /* Check for errors... */ $s = $db->sql_query($q); if(!$s) die('Error updating order information: '.mysql_error().'
SQL:
'.$q); + $q = 'UPDATE '.table_prefix.'themes SET theme_order='.$rb.' WHERE theme_order='.$r.''; /* Check for errors... */ $s = $db->sql_query($q); if(!$s) die('Error updating order information: '.mysql_error().'
SQL:
'.$q); + $q = 'UPDATE '.table_prefix.'themes SET theme_order='.$r.' WHERE theme_order=0'; /* Check for errors... */ $s = $db->sql_query($q); if(!$s) die('Error updating order information: '.mysql_error().'
SQL:
'.$q); + echo('
Theme moved up.
'); + } + $db->free_result($s); + $db->free_result($sn); + } + elseif(isset($_POST['down'])) { + // If there is only one theme or if the selected theme is already at the top, do nothing + $q = 'SELECT theme_order FROM '.table_prefix.'themes ORDER BY theme_order;'; + $s = $db->sql_query($q); + if(!$s) die('Error selecting order information: '.mysql_error().'
SQL:
'.$q); + $r = $db->fetchrow_num($s); + if( /* check for only one theme... */ $db->numrows($s) < 2 || $r[0] == $db->numrows($s) /* ...and check if this theme is already at the bottom */ ) { echo('
This theme is already at the bottom of the list, or there is only one theme installed.
'); } else { + // Get the order IDs of the selected theme and the theme before it + $q = 'SELECT theme_order FROM '.table_prefix.'themes WHERE theme_id=\''.$db->escape($_POST['theme_id']).'\''; + $s = $db->sql_query($q); + if(!$s) die('Error selecting order information: '.mysql_error().'
SQL:
'.$q); + $r = $db->fetchrow_num($s); + $r = $r[0]; + $rb = $r + 1; + // Thank God for jEdit's rectangular selection and the ablity to edit multiple lines at the same time ;) + $q = 'UPDATE '.table_prefix.'themes SET theme_order=0 WHERE theme_order='.$rb.''; /* Check for errors... */ $s = $db->sql_query($q); if(!$s) die('Error updating order information: '.mysql_error().'
SQL:
'.$q); + $q = 'UPDATE '.table_prefix.'themes SET theme_order='.$rb.' WHERE theme_order='.$r.''; /* Check for errors... */ $s = $db->sql_query($q); if(!$s) die('Error updating order information: '.mysql_error().'
SQL:
'.$q); + $q = 'UPDATE '.table_prefix.'themes SET theme_order='.$r.' WHERE theme_order=0'; /* Check for errors... */ $s = $db->sql_query($q); if(!$s) die('Error updating order information: '.mysql_error().'
SQL:
'.$q); + echo('
Theme moved down.
'); + } + } + else if(isset($_POST['uninstall'])) + { + $q = 'SELECT * FROM '.table_prefix.'themes;'; + $s = $db->sql_query($q); + if ( !$s ) + { + die('Error getting theme count: '.mysql_error().'
SQL:
'.$q); + } + $n = $db->numrows($s); + $db->free_result(); + + if ( $_POST['theme_id'] == 'oxygen' ) + { + echo '
The Oxygen theme is used by Enano for installation, upgrades, and error messages, and cannot be uninstalled.
'; + } + else + { + if($n < 2) + { + echo '
The theme could not be uninstalled because it is the only theme left.
'; + } + else + { + $q = 'DELETE FROM '.table_prefix.'themes WHERE theme_id=\''.$db->escape($_POST['theme_id']).'\' LIMIT 1;'; + $s = $db->sql_query($q); + if ( !$s ) + { + die('Error deleting theme data: '.mysql_error().'
SQL:
'.$q); + } + else + { + echo('
Theme uninstalled.
'); + } + } + } + } + elseif(isset($_POST['install'])) { + $q = 'SELECT theme_id FROM '.table_prefix.'themes;'; + $s = $db->sql_query($q); + if(!$s) die('Error getting theme count: '.mysql_error().'
SQL:
'.$q); + $n = $db->numrows($s); + $n++; + $theme_id = $_POST['theme_id']; + $theme = Array(); + include('./themes/'.$theme_id.'/theme.cfg'); + if ( !isset($theme['theme_id']) ) + { + echo '
Could not load theme.cfg (theme metadata file)
'; + } + else + { + $default_style = false; + if ( $dh = opendir('./themes/' . $theme_id . '/css') ) + { + while ( $file = readdir($dh) ) + { + if ( $file != '_printable.css' && preg_match('/\.css$/i', $file) ) + { + $default_style = $file; + break; + } + } + closedir($dh); + } + else + { + die('The /css subdirectory could not be located in the theme\'s directory'); + } + + if ( $default_style ) + { + $q = 'INSERT INTO '.table_prefix.'themes(theme_id,theme_name,theme_order,enabled,default_style) VALUES(\''.$db->escape($theme['theme_id']).'\', \''.$db->escape($theme['theme_name']).'\', '.$n.', 1, \'' . $db->escape($default_style) . '\')'; + $s = $db->sql_query($q); + if(!$s) die('Error inserting theme data: '.mysql_error().'
SQL:
'.$q); + else echo('
Theme "'.$theme['theme_name'].'" installed.
'); + } + else + { + echo '
Could not determine the default style for the theme.
'; + } + } + } + echo(' +

Currently installed themes

+
+

+

-

The Enano system markup language is somewhat similar to HTML, in that it uses tags (<example>like this</example>) for the - main syntax. However, Enano uses curly brackets ({ and }) as opposed to less-than and greater-than signs (< and >).

-

Programming the Enano sidebar requires the use of two tags: {slider} and {if}. The {slider} tag is used to create a new heading - on the sidebar, and all text enclosed in that tag will be collapsed when the heading is clicked. To specify the text on the heading, - use an equals sign (=) after the "slider" text. Then insert any links (they should be wiki-formatted) to internal Enano pages and - external sites.

-

So here is what the language for the default sidebar's "Navigation" heading looks like:

-
{slider=Navigation}
-  [[Main Page|Home]]
-  [[Enano:Sidebar|Edit the sidebar]]
-{/slider}
-

Pretty simple, huh? Good, now we're going to learn another common aspect of Enano programming: conditionals. The {if} tag allows you - to decide whether a portion of the sidebar will be displayed based on a template variable. Currently the only available conditions are - "user_logged_in" and "auth_admin", but more will be added soon. To use a conditional, enter {if conditional_name}, and then the - wiki-formatted text that you want to be under that condition, and then close the tag with {/if}. In the same way, you can reverse the - effect with {!if}. With {!if}, the closing tag is still {/if}, so keep that in mind. An {else} tag will be supported soon.

-

Now it's time for some real fun: variables. All template variables can be accessed from the sidebar. A variable is simply the - variable name, prefixed by a dollar sign ($). Some of the most common variables are $USERNAME, $SITE_NAME, $SITE_DESC, and $PAGE_NAME. - The sidebar also has some special variables that it uses for some of its links. The logout link can be added with $LOGOUT_LINK, and - the "change theme" button can be added with $STYLE_LINK.

-

So here is the Enano markup for the portion of the sidebar that contains the user tools:

-
{slider=$USERNAME}
-  [[User:$USERNAME|User page]]
-  [[Special:Contributions?user=$USERNAME|My Contributions]]
-  {if user_logged_in}
-    [[Special:Preferences|Preferences]]
-    $THEME_LINK
-  {/if}
-  {if auth_admin}
-    [[Special:Administration|Administration]]
-  {/if}
-  {if user_logged_in}
-    $LOGOUT_LINK
-  {/if}
-  {!if user_logged_in}
-    Create an account
-    Log in
-  {/if}
-{/slider}
- +

Install a new theme

+ '); + $theme = Array(); + $obb = ''; + for($i=0;$isql_query($q); + if(!$s) die('Error selecting list of currently installed themes: '.mysql_error().'
Attempted SQL:
'.$q); + if($db->numrows($s) < 1) { + $obb .= ''; + } + $db->free_result(); + } + } + if($obb != '') { + echo('

'); + echo(''); + echo(' + +

'); + } else echo('

All themes are currently installed.

'); } function page_Admin_GroupManager() @@ -1523,574 +2351,6 @@ } -function page_Admin_PageManager() -{ - global $db, $session, $paths, $template, $plugins; // Common objects - global $lang; - if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) - { - $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true); - echo '

' . $lang->get('adm_err_not_auth_title') . '

'; - echo '

' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '

'; - return; - } - - - echo '

Page management

'; - - if(isset($_POST['search']) || isset($_POST['select']) || ( isset($_GET['source']) && $_GET['source'] == 'ajax' )) { - // The object of the game: using only the text a user entered, guess the page ID and namespace. *sigh* I HATE writing search algorithms... - $source = ( isset($_GET['source']) ) ? $_GET['source'] : false; - if ( $source == 'ajax' ) - { - $_POST['search'] = true; - $_POST['page_url'] = $_GET['page_id']; - } - if(isset($_POST['search'])) $pid = $_POST['page_url']; - elseif(isset($_POST['select'])) $pid = $_POST['page_force_url']; - else { echo 'Internal error selecting page search terms'; return false; } - // Look for a namespace prefix in the urlname, and assign a different namespace, if necessary - $k = array_keys($paths->nslist); - for($i=0;$inslist);$i++) - { - $ln = strlen($paths->nslist[$k[$i]]); - if(substr($pid, 0, $ln) == $paths->nslist[$k[$i]]) - { - $ns = $k[$i]; - $page_id = substr($pid, $ln, strlen($pid)); - } - } - // The namespace is in $ns and the page name or ID (we don't know which yet) is in $page_id - // Now, iterate through $paths->pages searching for a page with this name or ID - for($i=0;$ipages)/2;$i++) - { - if(!isset($final_pid)) - { - if ($paths->pages[$i]['urlname_nons'] == str_replace(' ', '_', $page_id)) $final_pid = str_replace(' ', '_', $page_id); - elseif($paths->pages[$i]['name'] == $page_id) $final_pid = $paths->pages[$i]['urlname_nons']; - elseif(strtolower($paths->pages[$i]['urlname_nons']) == strtolower(str_replace(' ', '_', $page_id))) $final_pid = $paths->pages[$i]['urlname_nons']; - elseif(strtolower($paths->pages[$i]['name']) == strtolower(str_replace('_', ' ', $page_id))) $final_pid = $paths->pages[$i]['urlname_nons']; - if(isset($final_pid)) { $_POST['name'] = $paths->pages[$i]['name']; $_POST['urlname'] = $paths->pages[$i]['urlname_nons']; } - } - } - if(!isset($final_pid)) { echo 'The page you searched for cannot be found. Back'; return false; } - $_POST['namespace'] = $ns; - $_POST['old_namespace'] = $ns; - $_POST['page_id'] = $final_pid; - $_POST['old_page_id'] = $final_pid; - if(!isset($paths->pages[$paths->nslist[$_POST['namespace']].$_POST['urlname']])) { echo 'The page you searched for cannot be found. Back'; return false; } - } - - if(isset($_POST['page_id']) && isset($_POST['namespace']) && !isset($_POST['cancel'])) - { - $cpage = $paths->pages[$paths->nslist[$_POST['old_namespace']].$_POST['old_page_id']]; - if(isset($_POST['submit'])) - { - switch(true) - { - case true: - // Create a list of things to update - $page_info = Array( - 'name'=>$_POST['name'], - 'urlname'=>sanitize_page_id($_POST['page_id']), - 'namespace'=>$_POST['namespace'], - 'special'=>isset($_POST['special']) ? '1' : '0', - 'visible'=>isset($_POST['visible']) ? '1' : '0', - 'comments_on'=>isset($_POST['comments_on']) ? '1' : '0', - 'protected'=>isset($_POST['protected']) ? '1' : '0' - ); - - $updating_urlname_or_namespace = ( $page_info['namespace'] != $cpage['namespace'] || $page_info['urlname'] != $cpage['urlname_nons'] ); - - if ( !isset($paths->nslist[ $page_info['namespace'] ]) ) - { - echo '
The namespace you selected is not properly registered.
'; - break; - } - if ( isset($paths->pages[ $paths->nslist[$page_info['namespace']] . $page_info[ 'urlname' ] ]) && $updating_urlname_or_namespace ) - { - echo '
There is already a page that exists with that URL string and namespace.
'; - break; - } - // Build the query - $q = 'UPDATE '.table_prefix.'pages SET '; - $k = array_keys($page_info); - foreach($k as $c) - { - $q .= $c.'=\''.$db->escape($page_info[$c]).'\','; - } - $q = substr($q, 0, strlen($q)-1); - // Build the WHERE statements - $q .= ' WHERE '; - $k = array_keys($cpage); - if ( !isset($cpage) ) - die('[internal] no cpage'); - foreach($k as $c) - { - if($c != 'urlname_nons' && $c != 'urlname' && $c != 'really_protected') - { - $q .= $c.'=\''.$db->escape($cpage[$c]).'\' AND '; - } - else if($c == 'urlname') - { - $q .= $c.'=\''.$db->escape($cpage['urlname_nons']).'\' AND '; - } - } - // Trim off the last " AND " and append a semicolon - $q = substr($q, 0, strlen($q)-5) . ';'; - // Send the completed query to MySQL - $e = $db->sql_query($q); - if(!$e) $db->_die('The page data could not be updated.'); - // Update any additional tables - $q = Array( - 'UPDATE '.table_prefix.'categories SET page_id=\''.$page_info['urlname'].'\',namespace=\''.$page_info['namespace'].'\' WHERE page_id=\'' . $db->escape($_POST['old_page_id']) . '\' AND namespace=\'' . $db->escape($_POST['old_namespace']) . '\';', - 'UPDATE '.table_prefix.'comments SET page_id=\''.$page_info['urlname'].'\',namespace=\''.$page_info['namespace'].'\' WHERE page_id=\'' . $db->escape($_POST['old_page_id']) . '\' AND namespace=\'' . $db->escape($_POST['old_namespace']) . '\';', - 'UPDATE '.table_prefix.'logs SET page_id=\''.$page_info['urlname'].'\',namespace=\''.$page_info['namespace'].'\' WHERE page_id=\'' . $db->escape($_POST['old_page_id']) . '\' AND namespace=\'' . $db->escape($_POST['old_namespace']) . '\';', - 'UPDATE '.table_prefix.'page_text SET page_id=\''.$page_info['urlname'].'\',namespace=\''.$page_info['namespace'].'\' WHERE page_id=\'' . $db->escape($_POST['old_page_id']) . '\' AND namespace=\'' . $db->escape($_POST['old_namespace']) . '\';', - 'UPDATE '.table_prefix.'acl SET page_id=\''.$page_info['urlname'].'\',namespace=\''.$page_info['namespace'].'\' WHERE page_id=\'' . $db->escape($_POST['old_page_id']) . '\' AND namespace=\'' . $db->escape($_POST['old_namespace']) . '\';' - ); - foreach($q as $cq) - { - $e = $db->sql_query($cq); - if(!$e) $db->_die('Some of the additional tables containing page information could not be updated.'); - } - // Update $cpage - $cpage = $page_info; - $cpage['urlname_nons'] = $cpage['urlname']; - $cpage['urlname'] = $paths->nslist[$cpage['namespace']].$cpage['urlname']; - $_POST['old_page_id'] = $page_info['urlname']; - $_POST['old_namespace'] = $page_info['namespace']; - echo '
Your changes have been saved.
'; - break; - } - } elseif(isset($_POST['delete'])) { - $q = Array( - 'DELETE FROM '.table_prefix.'categories WHERE page_id=\'' . $db->escape($_POST['old_page_id']) . '\' AND namespace=\'' . $db->escape($_POST['old_namespace']) . '\';', - 'DELETE FROM '.table_prefix.'comments WHERE page_id=\'' . $db->escape($_POST['old_page_id']) . '\' AND namespace=\'' . $db->escape($_POST['old_namespace']) . '\';', - 'DELETE FROM '.table_prefix.'logs WHERE page_id=\'' . $db->escape($_POST['old_page_id']) . '\' AND namespace=\'' . $db->escape($_POST['old_namespace']) . '\';', - 'DELETE FROM '.table_prefix.'page_text WHERE page_id=\'' . $db->escape($_POST['old_page_id']) . '\' AND namespace=\'' . $db->escape($_POST['old_namespace']) . '\';', - ); - foreach($q as $cq) - { - $e = $db->sql_query($cq); - if(!$e) $db->_die('Some of the additional tables containing page information could not be updated.'); - } - - if(!$db->sql_query( - 'DELETE FROM '.table_prefix.'pages WHERE urlname="'.$db->escape($_POST['old_page_id']).'" AND namespace="'.$db->escape($_POST['old_namespace']).'";' - )) $db->_die('The page could not be deleted.'); - echo '
This page has been deleted.

Return to Page manager
Admin home

'; - return; - } - $url = makeUrlNS('Special', 'Administration', 'module='.$paths->cpage['module'], true); - echo '
'; - ?> -

Modify page:

- - - - - - - - - - - -
Namespace:
Page title:
Page URL string:
No spaces, and don't enter the namespace prefix (e.g. User:).
Changing this value is usually not a good idea, especially for templates and project pages.
name="comments_on" type="checkbox" id="cmt" />
name="special" type="checkbox" id="spc" />
This option enables you to use your own HTML headers and other code. It is recommended that only advanced users enable this feature. As with other Enano pages, you may use PHP code in your pages, meaning you can use Enano's API on the page.
name="visible" type="checkbox" id="vis" />
Unchecking this checkbox prevents the page for being indexed for searching. The index is rebuilt each time a page is saved, and you can force an index rebuild by going to the page nslist['Special']; ?>SearchRebuild.
name="protected" type="checkbox" id="prt" />
This option only has an effect when Wiki Mode is enabled.

- - -
- '; - } else { - echo '

Please select a page

'; - echo ''; - ?> -

Search for page title (remember prefixes like User: and File:) pagename_field('page_url'); ?>

-

Select page title from a list:

- '; - - } -} - -function page_Admin_PageEditor() -{ - global $db, $session, $paths, $template, $plugins; // Common objects - global $lang; - if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) - { - $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true); - echo '

' . $lang->get('adm_err_not_auth_title') . '

'; - echo '

' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '

'; - return; - } - - - echo '

Edit page content

'; - - if(isset($_POST['search']) || isset($_POST['select'])) { - // The object of the game: using only the text a user entered, guess the page ID and namespace. *sigh* I HATE writing search algorithms... - if(isset($_POST['search'])) $pid = $_POST['page_url']; - elseif(isset($_POST['select'])) $pid = $_POST['page_force_url']; - else { echo 'Internal error selecting page search terms'; return false; } - // Look for a namespace prefix in the urlname, and assign a different namespace, if necessary - $k = array_keys($paths->nslist); - for($i=0;$inslist);$i++) - { - $ln = strlen($paths->nslist[$k[$i]]); - if(substr($pid, 0, $ln) == $paths->nslist[$k[$i]]) - { - $ns = $k[$i]; - $page_id = substr($pid, $ln, strlen($pid)); - } - } - // The namespace is in $ns and the page name or ID (we don't know which yet) is in $page_id - // Now, iterate through $paths->pages searching for a page with this name or ID - for($i=0;$ipages)/2;$i++) - { - if(!isset($final_pid)) - { - if ($paths->pages[$i]['urlname_nons'] == str_replace(' ', '_', $page_id)) $final_pid = str_replace(' ', '_', $page_id); - elseif($paths->pages[$i]['name'] == $page_id) $final_pid = $paths->pages[$i]['urlname_nons']; - elseif(strtolower($paths->pages[$i]['urlname_nons']) == strtolower(str_replace(' ', '_', $page_id))) $final_pid = $paths->pages[$i]['urlname_nons']; - elseif(strtolower($paths->pages[$i]['name']) == strtolower(str_replace('_', ' ', $page_id))) $final_pid = $paths->pages[$i]['urlname_nons']; - if(isset($final_pid)) { $_POST['name'] = $paths->pages[$i]['name']; $_POST['urlname'] = $paths->pages[$i]['urlname_nons']; } - } - } - if(!isset($final_pid)) { echo 'The page you searched for cannot be found. Back'; return false; } - $_POST['namespace'] = $ns; - $_POST['page_id'] = $final_pid; - if(!isset($paths->pages[$paths->nslist[$_POST['namespace']].$_POST['urlname']])) { echo 'The page you searched for cannot be found. Back'; return false; } - } - - if(isset($_POST['page_id']) && !isset($_POST['cancel'])) - { - echo ''; - if(!isset($_POST['content']) || isset($_POST['revert'])) $content = RenderMan::getPage($_POST['page_id'], $_POST['namespace'], 0, false, false, false, false); - else $content = $_POST['content']; - if(isset($_POST['save'])) - { - $data = $content; - $id = md5( microtime() . mt_rand() ); - - $minor = isset($_POST['minor']) ? 'true' : 'false'; - $q='INSERT INTO '.table_prefix.'logs(log_type,action,time_id,date_string,page_id,namespace,page_text,char_tag,author,edit_summary,minor_edit) VALUES(\'page\', \'edit\', '.time().', \''.date('d M Y h:i a').'\', \'' . $db->escape($_POST['page_id']) . '\', \'' . $db->escape($_POST['namespace']) . '\', \''.$db->escape($data).'\', \''.$id.'\', \''.$session->username.'\', \''.$db->escape(htmlspecialchars($_POST['summary'])).'\', '.$minor.');'; - if(!$db->sql_query($q)) $db->_die('The history (log) entry could not be inserted into the logs table.'); - - $query = 'UPDATE '.table_prefix.'page_text SET page_text=\''.$db->escape($data).'\',char_tag=\''.$id.'\' WHERE page_id=\'' . $db->escape($_POST['page_id']) . '\' AND namespace=\'' . $db->escape($_POST['namespace']) . '\';'; - $e = $db->sql_query($query); - if(!$e) echo '
The page data could not be saved. MySQL said: '.mysql_error().'

Query:
'.$query.'
'; - else echo '
Your page has been saved. View page...
'; - } elseif(isset($_POST['preview'])) { - echo '

Preview

Reminder: This is only a preview; your changes to this page have not yet been saved.

'.RenderMan::render($content).'
'; - } - ?> -

-
- Edit summary:
- -

-

- - -        -

- '; - } else { - echo '

Please select a page

'; - echo ''; - ?> -

Search for page title (remember prefixes like User: and File:) pagename_field('page_url'); ?>

-

Select page title from a list:

- '; - } -} - -function page_Admin_ThemeManager() -{ - - global $db, $session, $paths, $template, $plugins; // Common objects - global $lang; - if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) - { - $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true); - echo '

' . $lang->get('adm_err_not_auth_title') . '

'; - echo '

' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '

'; - return; - } - - - // Get the list of styles in the themes/ dir - $h = opendir('./themes'); - $l = Array(); - if(!$h) die('Error opening directory "./themes" for reading.'); - while(false !== ($n = readdir($h))) { - if($n != '.' && $n != '..' && is_dir('./themes/'.$n)) - $l[] = $n; - } - closedir($h); - echo(' -

Theme Management

-

Install, uninstall, and manage Enano themes.

- '); - if(isset($_POST['disenable'])) { - $q = 'SELECT enabled FROM '.table_prefix.'themes WHERE theme_id=\'' . $db->escape($_POST['theme_id']) . '\''; - $s = $db->sql_query($q); - if(!$s) die('Error selecting enabled/disabled state value: '.mysql_error().'
SQL:
'.$q); - $r = $db->fetchrow_num($s); - $db->free_result(); - if($r[0] == 1) $e = 0; - else $e = 1; - $s=true; - if($e==0) - { - $c = $db->sql_query('SELECT * FROM '.table_prefix.'themes WHERE enabled=1'); - if(!$c) $db->_die('The backup check for having at least on theme enabled failed.'); - if($db->numrows() <= 1) { echo '
You cannot disable the last remaining theme.
'; $s=false; } - } - $db->free_result(); - if($s) { - $q = 'UPDATE '.table_prefix.'themes SET enabled='.$e.' WHERE theme_id=\'' . $db->escape($_POST['theme_id']) . '\''; - $a = $db->sql_query($q); - if(!$a) die('Error updating enabled/disabled state value: '.mysql_error().'
SQL:
'.$q); - else echo('
The theme "'.$_POST['theme_id'].'" has been '. ( ( $e == '1' ) ? 'enabled' : 'disabled' ).'.
'); - } - } - elseif(isset($_POST['edit'])) { - - $dir = './themes/'.$_POST['theme_id'].'/css/'; - $list = Array(); - // Open a known directory, and proceed to read its contents - if (is_dir($dir)) { - if ($dh = opendir($dir)) { - while (($file = readdir($dh)) !== false) { - if(preg_match('#^(.*?)\.css$#is', $file) && $file != '_printable.css') { - $list[$file] = capitalize_first_letter(substr($file, 0, strlen($file)-4)); - } - } - closedir($dh); - } - } - $lk = array_keys($list); - - $q = 'SELECT theme_name,default_style FROM '.table_prefix.'themes WHERE theme_id=\''.$db->escape($_POST['theme_id']).'\''; - $s = $db->sql_query($q); - if(!$s) die('Error selecting name value: '.mysql_error().'
SQL:
'.$q); - $r = $db->fetchrow_num($s); - $db->free_result(); - echo(''); - echo('
- Theme name displayed to users:

- Default stylesheet:

- -
'); - echo(''); - } - elseif(isset($_POST['editsave'])) { - $q = 'UPDATE '.table_prefix.'themes SET theme_name=\'' . $db->escape($_POST['name']) . '\',default_style=\''.$db->escape($_POST['defaultcss']).'\' WHERE theme_id=\'' . $db->escape($_POST['theme_id']) . '\''; - $s = $db->sql_query($q); - if(!$s) die('Error updating name value: '.mysql_error().'
SQL:
'.$q); - else echo('
Theme data updated.
'); - } - elseif(isset($_POST['up'])) { - // If there is only one theme or if the selected theme is already at the top, do nothing - $q = 'SELECT theme_order FROM '.table_prefix.'themes ORDER BY theme_order;'; - $s = $db->sql_query($q); - if(!$s) die('Error selecting order information: '.mysql_error().'
SQL:
'.$q); - $q = 'SELECT theme_order FROM '.table_prefix.'themes WHERE theme_id=\''.$db->escape($_POST['theme_id']).'\''; - $sn = $db->sql_query($q); - if(!$sn) die('Error selecting order information: '.mysql_error().'
SQL:
'.$q); - $r = $db->fetchrow_num($sn); - if( /* check for only one theme... */ $db->numrows($s) < 2 || $r[0] == 1 /* ...and check if this theme is already at the top */ ) { echo('
This theme is already at the top of the list, or there is only one theme installed.
'); } else { - // Get the order IDs of the selected theme and the theme before it - $q = 'SELECT theme_order FROM '.table_prefix.'themes WHERE theme_id=\'' . $db->escape($_POST['theme_id']) . '\''; - $s = $db->sql_query($q); - if(!$s) die('Error selecting order information: '.mysql_error().'
SQL:
'.$q); - $r = $db->fetchrow_num($s); - $r = $r[0]; - $rb = $r - 1; - // Thank God for jEdit's rectangular selection and the ablity to edit multiple lines at the same time ;) - $q = 'UPDATE '.table_prefix.'themes SET theme_order=0 WHERE theme_order='.$rb.''; /* Check for errors... */ $s = $db->sql_query($q); if(!$s) die('Error updating order information: '.mysql_error().'
SQL:
'.$q); - $q = 'UPDATE '.table_prefix.'themes SET theme_order='.$rb.' WHERE theme_order='.$r.''; /* Check for errors... */ $s = $db->sql_query($q); if(!$s) die('Error updating order information: '.mysql_error().'
SQL:
'.$q); - $q = 'UPDATE '.table_prefix.'themes SET theme_order='.$r.' WHERE theme_order=0'; /* Check for errors... */ $s = $db->sql_query($q); if(!$s) die('Error updating order information: '.mysql_error().'
SQL:
'.$q); - echo('
Theme moved up.
'); - } - $db->free_result($s); - $db->free_result($sn); - } - elseif(isset($_POST['down'])) { - // If there is only one theme or if the selected theme is already at the top, do nothing - $q = 'SELECT theme_order FROM '.table_prefix.'themes ORDER BY theme_order;'; - $s = $db->sql_query($q); - if(!$s) die('Error selecting order information: '.mysql_error().'
SQL:
'.$q); - $r = $db->fetchrow_num($s); - if( /* check for only one theme... */ $db->numrows($s) < 2 || $r[0] == $db->numrows($s) /* ...and check if this theme is already at the bottom */ ) { echo('
This theme is already at the bottom of the list, or there is only one theme installed.
'); } else { - // Get the order IDs of the selected theme and the theme before it - $q = 'SELECT theme_order FROM '.table_prefix.'themes WHERE theme_id=\''.$db->escape($_POST['theme_id']).'\''; - $s = $db->sql_query($q); - if(!$s) die('Error selecting order information: '.mysql_error().'
SQL:
'.$q); - $r = $db->fetchrow_num($s); - $r = $r[0]; - $rb = $r + 1; - // Thank God for jEdit's rectangular selection and the ablity to edit multiple lines at the same time ;) - $q = 'UPDATE '.table_prefix.'themes SET theme_order=0 WHERE theme_order='.$rb.''; /* Check for errors... */ $s = $db->sql_query($q); if(!$s) die('Error updating order information: '.mysql_error().'
SQL:
'.$q); - $q = 'UPDATE '.table_prefix.'themes SET theme_order='.$rb.' WHERE theme_order='.$r.''; /* Check for errors... */ $s = $db->sql_query($q); if(!$s) die('Error updating order information: '.mysql_error().'
SQL:
'.$q); - $q = 'UPDATE '.table_prefix.'themes SET theme_order='.$r.' WHERE theme_order=0'; /* Check for errors... */ $s = $db->sql_query($q); if(!$s) die('Error updating order information: '.mysql_error().'
SQL:
'.$q); - echo('
Theme moved down.
'); - } - } - else if(isset($_POST['uninstall'])) - { - $q = 'SELECT * FROM '.table_prefix.'themes;'; - $s = $db->sql_query($q); - if ( !$s ) - { - die('Error getting theme count: '.mysql_error().'
SQL:
'.$q); - } - $n = $db->numrows($s); - $db->free_result(); - - if ( $_POST['theme_id'] == 'oxygen' ) - { - echo '
The Oxygen theme is used by Enano for installation, upgrades, and error messages, and cannot be uninstalled.
'; - } - else - { - if($n < 2) - { - echo '
The theme could not be uninstalled because it is the only theme left.
'; - } - else - { - $q = 'DELETE FROM '.table_prefix.'themes WHERE theme_id=\''.$db->escape($_POST['theme_id']).'\' LIMIT 1;'; - $s = $db->sql_query($q); - if ( !$s ) - { - die('Error deleting theme data: '.mysql_error().'
SQL:
'.$q); - } - else - { - echo('
Theme uninstalled.
'); - } - } - } - } - elseif(isset($_POST['install'])) { - $q = 'SELECT theme_id FROM '.table_prefix.'themes;'; - $s = $db->sql_query($q); - if(!$s) die('Error getting theme count: '.mysql_error().'
SQL:
'.$q); - $n = $db->numrows($s); - $n++; - $theme_id = $_POST['theme_id']; - $theme = Array(); - include('./themes/'.$theme_id.'/theme.cfg'); - if ( !isset($theme['theme_id']) ) - { - echo '
Could not load theme.cfg (theme metadata file)
'; - } - else - { - $default_style = false; - if ( $dh = opendir('./themes/' . $theme_id . '/css') ) - { - while ( $file = readdir($dh) ) - { - if ( $file != '_printable.css' && preg_match('/\.css$/i', $file) ) - { - $default_style = $file; - break; - } - } - closedir($dh); - } - else - { - die('The /css subdirectory could not be located in the theme\'s directory'); - } - - if ( $default_style ) - { - $q = 'INSERT INTO '.table_prefix.'themes(theme_id,theme_name,theme_order,enabled,default_style) VALUES(\''.$db->escape($theme['theme_id']).'\', \''.$db->escape($theme['theme_name']).'\', '.$n.', 1, \'' . $db->escape($default_style) . '\')'; - $s = $db->sql_query($q); - if(!$s) die('Error inserting theme data: '.mysql_error().'
SQL:
'.$q); - else echo('
Theme "'.$theme['theme_name'].'" installed.
'); - } - else - { - echo '
Could not determine the default style for the theme.
'; - } - } - } - echo(' -

Currently installed themes

-
-

- -

-
-

Install a new theme

- '); - $theme = Array(); - $obb = ''; - for($i=0;$isql_query($q); - if(!$s) die('Error selecting list of currently installed themes: '.mysql_error().'
Attempted SQL:
'.$q); - if($db->numrows($s) < 1) { - $obb .= ''; - } - $db->free_result(); - } - } - if($obb != '') { - echo('

'); - echo(''); - echo(' - -

'); - } else echo('

All themes are currently installed.

'); -} - function page_Admin_BanControl() { global $db, $session, $paths, $template, $plugins; // Common objects diff -r 1e3b55a591d1 -r be6c5fdd9203 plugins/SpecialCSS.php --- a/plugins/SpecialCSS.php Fri Dec 28 13:36:33 2007 -0500 +++ b/plugins/SpecialCSS.php Mon Dec 31 21:43:51 2007 -0500 @@ -1,8 +1,8 @@ #
- Username + ' . $lang->get('userfuncs_ml_column_username') . ' - Title + ' . $lang->get('userfuncs_ml_column_userlevel') . ' - E-mail + ' . $lang->get('userfuncs_ml_column_email') . ' - Registered + ' . $lang->get('userfuncs_ml_column_regtime') . '
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ {lang:acppm_heading_editing} "{PAGE_NAME}" +
+ {lang:acppm_lbl_page_name} + + +
+ {lang:acppm_lbl_page_urlname}
+ {lang:acppm_lbl_page_urlname_hint} +
+ +
+ {lang:acppm_lbl_namespace} + + +
+ {lang:acppm_heading_advanced} +
+ {lang:acppm_lbl_enable_comments_title} + + +
+ {lang:acppm_lbl_enable_comments_hint} +
+ {lang:acppm_lbl_special_title} + + +
+ {lang:acppm_lbl_special_hint} +
+ {lang:acppm_lbl_visible_title} + + +
+ {lang:acppm_lbl_visible_hint} +
+ {lang:acppm_lbl_protected_title} + + +
+ +
+ +
+ {lang:acppm_lbl_protected_hint} +
+ {lang:acppm_lbl_wikimode_title} + + +
+ +
+ +
+ {lang:acppm_lbl_wikimode_hint} +
+ {lang:acppm_lbl_delete_title} + + +
+ {lang:acppm_lbl_delete_hint} +
+ + +
+ + + +TPLCODE; + $parser = $template->makeParserText($tpl_code); + + $ns_list = ''; + foreach ( $paths->nslist as $ns => $prefix ) + { + // FIXME: Plugins need to specify whether they want Enano's regular PageProcessor + // to handle these pages, and whether such pages from namespaces created by plugins + // can be stored in the database or not. + if ( $ns == 'Special' || $ns == 'Admin' || $ns == 'Anonymous' ) + continue; + $ns = htmlspecialchars($ns); + $prefix = htmlspecialchars($prefix); + if ( empty($prefix) ) + $prefix = $lang->get('acppm_ns_article'); + $sel = ( $dataset['namespace'] == $ns ) ? ' selected="selected"' : ''; + $ns_list .= " \n "; + } + + $parser->assign_vars(array( + 'PAGE_NAME' => htmlspecialchars($dataset['name']), + 'PAGE_URLNAME' => htmlspecialchars($dataset['urlname']), + 'NAMESPACE_LIST' => $ns_list, + 'PATHS_KEY' => $pathskey + )); + + $parser->assign_bool(array( + 'comments_enabled' => ( $dataset['comments_on'] == 1 ), + 'special' => ( $dataset['special'] == 1 ), + 'visible' => ( $dataset['visible'] == 1 ), + 'protected_off' => ( $dataset['protected'] == 0 ), + 'protected_on' => ( $dataset['protected'] == 1 ), + 'protected_semi' => ( $dataset['protected'] == 2 ), + 'wikimode_off' => ( $dataset['wiki_mode'] == 0 ), + 'wikimode_on' => ( $dataset['wiki_mode'] == 1 ), + 'wikimode_global' => ( $dataset['wiki_mode'] == 2 ) + )); + + if ( isset($errors) ) + { + echo '
'; + echo $lang->get('acppm_err_header'); + echo '
    '; + echo '
  • ' . implode('
  • ', $errors) . '
  • '; + echo '
'; + echo '
'; + } + + $form_action = makeUrlNS('Special', 'Administration', "module={$paths->nslist['Admin']}PageManager", true); + + echo "
"; + echo $parser->run(); + echo "
"; + + $show_select = false; + break; + } + } + + if ( $show_select ) + { + echo '

' . $lang->get('acppm_hint') . '

'; + + // Show the search form + + $form_action = makeUrlNS('Special', 'Administration', "module={$paths->nslist['Admin']}PageManager", true); + echo "
"; + echo $lang->get('acppm_lbl_field_search') . ' '; + echo $template->pagename_field('page_id') . ' '; + echo ''; + echo ''; + echo "
"; + + // Grab all pages from the database and show a list of pages on the site + + echo '

' . $lang->get('acppm_heading_select_page_from_list') . '

'; + echo '

' . $lang->get('acppm_hint_select_page_from_list') . '

'; + + $q = $db->sql_query('SELECT COUNT(name) AS num_pages FROM ' . table_prefix . 'pages;'); + if ( !$q ) + $db->_die('PageManager doing initial page count'); + list($num_pages) = $db->fetchrow_num(); + $db->free_result(); + + $pg_start = ( isset($_GET['offset']) ) ? intval($_GET['offset']) : 0; + + $q = $db->sql_unbuffered_query('SELECT urlname, name, namespace, ' . $num_pages . ' AS num_pages, ' . $pg_start . ' AS offset FROM ' . table_prefix . 'pages ORDER BY name ASC;'); + if ( !$q ) + $db->_die('PageManager doing main select query for page list'); + + // Paginate results + $html = paginate( + $q, + '{urlname}', + $num_pages, + makeUrlNS('Special', 'Administration', "module={$paths->nslist['Admin']}PageManager&offset=%s", false), + $pg_start, + 99, + array('urlname' => 'admin_pagemanager_format_listing'), + '
+ ', + '
+
' + ); + echo $html; + } + +} + +function admin_pagemanager_format_listing($_, $row) +{ + global $db, $session, $paths, $template, $plugins; // Common objects + + static $cell_count = 0; + static $td_class = 'row1'; + static $run_count = 0; + static $num_pages_floor = false; + if ( !$num_pages_floor ) + { + $num_pages_floor = $row['num_pages']; + while ( $num_pages_floor % 99 > 0 ) + $num_pages_floor--; + } + $return = ''; + $run_count++; + + $last_page = ( $row['offset'] == $num_pages_floor ); + $last_run = ( ( $last_page && $run_count == $row['num_pages'] % 99 ) || $run_count == 99 ); + if ( $cell_count == 0 ) + { + $return .= "\n"; + } + $title = get_page_title_ns($row['urlname'], $row['namespace']); + $pathskey = $paths->nslist[$row['namespace']] . $row['urlname']; + $url = makeUrlNS('Special', 'Administration', "module={$paths->nslist['Admin']}PageManager&action=select&page_id=$pathskey", true); + $url = '' . htmlspecialchars($title) . ''; + $return .= ' ' . $url . '' . "\n"; + $cell_count++; + if ( $cell_count == 3 && !$last_run ) + { + $cell_count = 0; + $td_class = ( $td_class == 'row2' ) ? 'row1' : 'row2'; + $return .= "\n"; + } + else if ( $last_run ) + { + while ( $cell_count < 3 ) + { + $return .= " \n"; + $cell_count++; + } + $return .= "\n"; + } + return $return; +} + +?>