/ - Diff - WB 2.08.x - Tracking

« Previous | Next »

Revision 1313

Added by Dietmar over 14 years ago

show_menu2 remove unneeded code for WB < 2.7
class.wb.php, recoding backend preference
add a language variable $MESSAGE['PREFERENCES']['INVALID_CHARS']
update theme.css & preference.htt in argos_theme & wb_theme
remove classic_theme

     ! = Update/Change
     ------------------------------------- 2.8.1 -------------------------------------
 -Apr-2010 Dietmar Woellbrink (Luisehahne)
     !	show_menu2 remove unneeded code for WB < 2.7
     !	class.wb.php, recoding backend preference
     +	add a language variable $MESSAGE['PREFERENCES']['INVALID_CHARS']
     !	update theme.css for preference.htt in argos_theme & wb_theme
     !	remove classic_theme
 -Apr-2010 Dietmar Woellbrink (Luisehahne)
     #	Ticket #971 Using $_POST in Admin - account - login.php (tks to Aldus)
     !	update class.wb.php added tokens function

branches/2.8.x/wb/admin/interface/version.php
52	52
53	53	// check if defined to avoid errors during installation (redirect to admin panel fails if PHP error/warnings are enabled)
54	54	if(!defined('VERSION')) define('VERSION', '2.8.x');
55		if(!defined('REVISION')) define('REVISION', '1312');
	55	if(!defined('REVISION')) define('REVISION', '1313');
56	56
57	57	?>

     <?php
     /****************************************************************************
     * SVN Version information:
+    *
     * $Id$
+    *
     *****************************************************************************
+    *
     *****************************************************************************
     *                          WebsiteBaker
+    *
     * WebsiteBaker Project <http://www.websitebaker2.org/>
     * Copyright (C) 2009, Website Baker Org. e.V.
     *         http://start.websitebaker2.org/impressum-datenschutz.php
     * Copyright (C) 2004-2009, Ryan Djurovich
+    *
     *                        About WebsiteBaker
+    *
     * Website Baker is a PHP-based Content Management System (CMS)
     * designed with one goal in mind: to enable its users to produce websites
     * with ease.
+    *
     *****************************************************************************
+    *
     *****************************************************************************
     *                   WebsiteBaker Extra Information (where needed)
+    *
     * @author       : Ryan Djurovich, stefan, Matthias Gallas, Manuel Lang
     * @platform     : WebsiteBaker 2.8
+    *
     *****************************************************************************
+    *
     *****************************************************************************
     *                        LICENSE INFORMATION
+    *
     * WebsiteBaker is free software; you can redistribute it and/or
     * modify it under the terms of the GNU General Public License
     * as published by the Free Software Foundation; either version 2
     * of the License, or (at your option) any later version.
+    *
     * WebsiteBaker is distributed in the hope that it will be useful,
     * but WITHOUT ANY WARRANTY; without even the implied warranty of
     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
     * See the GNU General Public License for more details.
+    *
     * You should have received a copy of the GNU General Public License
     * along with this program; if not, write to the Free Software
     * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
     *****************************************************************************/
     // Print admin header
     require('../../config.php');
     require_once(WB_PATH.'/framework/class.admin.php');
     $admin = new admin('Preferences');
     // Get entered values
     $display_name = $admin->add_slashes(strip_tags($admin->get_post('display_name')));
     $language = $admin->get_post('language');
     $timezone = $admin->get_post('timezone')*60*60;
     $date_format = $admin->get_post('date_format');
     $time_format = $admin->get_post('time_format');
     // Update the database
     $database = new database();
     $query = "UPDATE ".TABLE_PREFIX."users SET display_name = '$display_name', language = '$language', timezone = '$timezone', date_format = '$date_format', time_format = '$time_format' WHERE user_id = '".$admin->get_user_id()."'";
     $database->query($query);
     if($database->is_error()) {
     	$admin->print_error($database->get_error());
     } else {
     	$admin->print_success($MESSAGE['PREFERENCES']['DETAILS_SAVED']);
     	$_SESSION['DISPLAY_NAME'] = $display_name;
     	$_SESSION['LANGUAGE'] = $language;
     	// Update date format
     	if($date_format != '') {
     		$_SESSION['DATE_FORMAT'] = $date_format;
     		if(isset($_SESSION['USE_DEFAULT_DATE_FORMAT'])) { unset($_SESSION['USE_DEFAULT_DATE_FORMAT']); }
     	} else {
     		$_SESSION['USE_DEFAULT_DATE_FORMAT'] = true;
     		if(isset($_SESSION['DATE_FORMAT'])) { unset($_SESSION['DATE_FORMAT']); }
+    	}
     	// Update time format
     	if($time_format != '') {
     		$_SESSION['TIME_FORMAT'] = $time_format;
     		if(isset($_SESSION['USE_DEFAULT_TIME_FORMAT'])) { unset($_SESSION['USE_DEFAULT_TIME_FORMAT']); }
     	} else {
     		$_SESSION['USE_DEFAULT_TIME_FORMAT'] = true;
     		if(isset($_SESSION['TIME_FORMAT'])) { unset($_SESSION['TIME_FORMAT']); }
+    	}
     	// Update timezone
     	if($timezone != '-72000') {
     		$_SESSION['TIMEZONE'] = $timezone;
     		if(isset($_SESSION['USE_DEFAULT_TIMEZONE'])) { unset($_SESSION['USE_DEFAULT_TIMEZONE']); }
     	} else {
     		$_SESSION['USE_DEFAULT_TIMEZONE'] = true;
     		if(isset($_SESSION['TIMEZONE'])) { unset($_SESSION['TIMEZONE']); }
+    	}
+    }
     // Print admin footer
     $admin->print_footer();
     ?>

     <?php
     // $Id$
     /*
      Website Baker Project <http://www.websitebaker.org/>
      Copyright (C) 2004-2009, Ryan Djurovich
      Website Baker is free software; you can redistribute it and/or modify
      it under the terms of the GNU General Public License as published by
      the Free Software Foundation; either version 2 of the License, or
      (at your option) any later version.
      Website Baker is distributed in the hope that it will be useful,
      but WITHOUT ANY WARRANTY; without even the implied warranty of
      MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      GNU General Public License for more details.
      You should have received a copy of the GNU General Public License
      along with Website Baker; if not, write to the Free Software
      Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
     */
     // Print admin header
     require('../../config.php');
     require_once(WB_PATH.'/framework/class.admin.php');
     $admin = new admin('Preferences');
     // Get entered values
     $password = $admin->get_post('current_password');
     $email = $admin->get_post('email');
     // Create a javascript back link
     $js_back = "javascript: history.go(-1);";
     // Get password
     $database = new database();
     $query = "SELECT user_id FROM ".TABLE_PREFIX."users WHERE user_id = '".$admin->get_user_id()."' AND password = '".md5($password)."'";
     $results = $database->query($query);
     // Validate values
     if($results->numRows() == 0) {
     	$admin->print_error($MESSAGE['PREFERENCES']['CURRENT_PASSWORD_INCORRECT']);
+    }
     if(!$admin->validate_email($email)) {
     	$admin->print_error($MESSAGE['USERS']['INVALID_EMAIL']);
+    }
     $email = $admin->add_slashes($email);
     // Update the database
     $database = new database();
     $query = "UPDATE ".TABLE_PREFIX."users SET email = '$email' WHERE user_id = '".$admin->get_user_id()."'";
     $database->query($query);
     if($database->is_error()) {
     	$admin->print_error($database->get_error);
     } else {
     	$admin->print_success($MESSAGE['PREFERENCES']['EMAIL_UPDATED']);
     	$_SESSION['EMAIL'] = $email;
+    }
     // Print admin footer
     $admin->print_footer();
     ?>

     <?php
     // $Id$
     /*
      Website Baker Project <http://www.websitebaker.org/>
      Copyright (C) 2004-2009, Ryan Djurovich
      Website Baker is free software; you can redistribute it and/or modify
      it under the terms of the GNU General Public License as published by
      the Free Software Foundation; either version 2 of the License, or
      (at your option) any later version.
      Website Baker is distributed in the hope that it will be useful,
      but WITHOUT ANY WARRANTY; without even the implied warranty of
      MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      GNU General Public License for more details.
      You should have received a copy of the GNU General Public License
      along with Website Baker; if not, write to the Free Software
      Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
     */
     // Print admin header
     require('../../config.php');
     require_once(WB_PATH.'/framework/class.admin.php');
     $admin = new admin('Preferences');
     // Get entered values
     $current_password = $admin->get_post('current_password');
     $new_password = $admin->get_post('new_password');
     $new_password2 = $admin->get_post('new_password2');
     // Create a javascript back link
     $js_back = "javascript: history.go(-1);";
     // Get existing password
     $database = new database();
     $query = "SELECT user_id FROM ".TABLE_PREFIX."users WHERE user_id = '".$admin->get_user_id()."' AND password = '".md5($current_password)."'";
     $results = $database->query($query);
     // Validate values
     if($results->numRows() == 0) {
     	$admin->print_error($MESSAGE['PREFERENCES']['CURRENT_PASSWORD_INCORRECT']);
+    }
     if(strlen($new_password) < 3) {
     	$admin->print_error($MESSAGE['USERS']['PASSWORD_TOO_SHORT'], $js_back);
+    }
     if($new_password != $new_password2) {
     	$admin->print_error($MESSAGE['USERS']['PASSWORD_MISMATCH'], $js_back);
+    }
     // MD5 the password
     $md5_password = md5($new_password);
     // Update the database
     $database = new database();
     $query = "UPDATE ".TABLE_PREFIX."users SET password = '$md5_password' WHERE user_id = '".$admin->get_user_id()."'";
     $database->query($query);
     if($database->is_error()) {
     	$admin->print_error($database->get_error);
     } else {
     	$admin->print_success($MESSAGE['PREFERENCES']['PASSWORD_CHANGED']);
+    }
     // Print admin footer
     $admin->print_footer();
     ?>

     <?php
     /**
+     *
      * @category        admin
      * @package         preferences
      * @author          WebsiteBaker Project
      * @copyright       2004-2009, Ryan Djurovich
      * @copyright       2009-2010, Website Baker Org. e.V.
      * @link			http://www.websitebaker2.org/
      * @license         http://www.gnu.org/licenses/gpl.html
      * @platform        WebsiteBaker 2.8.x
      * @requirements    PHP 4.4.9 and higher
      * @version         $Id$
      * @filesource		$HeadURL$
      * @lastmodified    $Date$
+     *
      */
     // Print admin header
     require('../../config.php');
     require_once(WB_PATH.'/framework/class.admin.php');
     $admin = new admin('Preferences');
     $js_back = "javascript: history.go(-1);"; // Create a javascript back link
     function save_preferences( &$admin, &$database)
+    {
     	global $MESSAGE;
     	$err_msg = array();
     	$min_pass_length = 6;
     // first check form-tan
     	if(!$admin->checkFTAN()){ $err_msg[] = $MESSAGE['PAGES']['NOT_SAVED']; }
     // Get entered values and validate all
     	// remove any dangerouse chars from display_name
     	$display_name     = $admin->add_slashes(strip_tags(trim($admin->get_post('display_name'))));
     	$display_name     = ( $display_name == '' ? $admin->get_display_name() : $display_name );
     	// check that display_name is unique in whoole system (prevents from User-faking)
     	$sql  = 'SELECT COUNT(*) FROM `'.TABLE_PREFIX.'users` ';
     	$sql .= 'WHERE `user_id` <> '.(int)$admin->get_user_id().' AND `display_name` LIKE "'.$display_name.'"';
     	if( $database->get_one($sql) > 0 ){ $err_msg[] = $MESSAGE['USERS']['USERNAME_TAKEN']; }
     // language must be 2 upercase letters only
     	$language         = strtoupper($admin->get_post('language'));
     	$language         = (preg_match('/^[A-Z]{2}$/', $language) ? $language : DEFAULT_LANGUAGE);
     // timezone must be between -12 and +13  or -20 as system_default
     	$timezone         = $admin->get_post('timezone');
     	$timezone         = (is_numeric($timezone) ? $timezone : -20);
     	$timezone         = ( ($timezone >= -12 && $timezone <= 13) ? $timezone : -20 ) * 3600;
     // date_format must be a key from /interface/date_formats
     	$date_format      = $admin->get_post('date_format');
     	$user_time = true;
     	include( ADMIN_PATH.'/interface/date_formats.php' );
     	$date_format = (array_key_exists($date_format, $DATE_FORMATS) ? $date_format :	$DATE_FORMATS['system_default']);
     	$date_format = ($DATE_FORMATS['system_default'] == $date_format ? '' : $date_format);
     	unset($DATE_FORMATS);
     // time_format must be a key from /interface/time_formats
     	$time_format      = $admin->get_post('time_format');
     	$user_time = true;
     	include( ADMIN_PATH.'/interface/time_formats.php' );
     	$time_format = (array_key_exists($time_format, $TIME_FORMATS) ? $time_format :	$TIME_FORMATS['system_default']);
     	$time_format = ($TIME_FORMATS['system_default'] == $time_format ? '' : $time_format);
     	unset($TIME_FORMATS);
     // email should be validatet by core
     	$email            = ( $admin->get_post('email') == null ? '' : $admin->get_post('email') );
     	if( !$admin->validate_email($email) )
+    	{
     		$email = '';
     		$err_msg[] = $MESSAGE['USERS']['INVALID_EMAIL'];
     	}else {
     	// check that email is unique in whoole system
     		$email = $admin->add_slashes($email);
     		$sql  = 'SELECT COUNT(*) FROM `'.TABLE_PREFIX.'users` ';
     		$sql .= 'WHERE `user_id` <> '.(int)$admin->get_user_id().' AND `email` LIKE "'.$email.'"';
     		if( $database->get_one($sql) > 0 ){ $err_msg[] = $MESSAGE['USERS']['EMAIL_TAKEN']; }
+    	}
     // receive password vars and calculate needed action
     	$current_password = $admin->get_post('current_password');
     	$current_password = ($current_password == null ? '' : $current_password);
     	$new_password_1   = $admin->get_post('new_password_1');
     	$new_password_1   = (($new_password_1 == null || $new_password_1 == '') ? '' : $new_password_1);
     	$new_password_2   = $admin->get_post('new_password_2');
     	$new_password_2   = (($new_password_2 == null || $new_password_2 == '') ? '' : $new_password_2);
     	if($current_password == '')
+    	{
     		$err_msg[] = $MESSAGE['PREFERENCES']['CURRENT_PASSWORD_INCORRECT'];
     	}else {
     	// if new_password is empty, still let current one
     		if( $new_password_1 == '' )
+    		{
     			$new_password_1 = $current_password;
     			$new_password_2 = $current_password;
+    		}
     	// is password lenght matching min_pass_lenght ?
     		if( $new_password_1 != $current_password )
+    		{
     			if( strlen($new_password_1) < $min_pass_length )
+    			{
     				$err_msg[] = $MESSAGE['USERS']['PASSWORD_TOO_SHORT'];
+    			}
     			$pattern = '/[^'.$admin->password_chars.']/';
     			if( preg_match($pattern, $new_password_1) )
+    			{
     				$err_msg[] = $MESSAGE['PREFERENCES']['INVALID_CHARS'];
+    			}
+    		}
     	// is password lenght matching min_pass_lenght ?
     		if( $new_password_1 != $current_password && strlen($new_password_1) < $min_pass_length )
+    		{
     			$err_msg[] = $MESSAGE['USERS']['PASSWORD_TOO_SHORT'];
+    		}
     	// password_1 matching password_2 ?
     		if( $new_password_1 != $new_password_2 )
+    		{
     			$err_msg[] = $MESSAGE['USERS']['PASSWORD_MISMATCH'];
+    		}
+    	}
     	$current_password = md5($current_password);
     	$new_password_1   = md5($new_password_1);
     	$new_password_2   = md5($new_password_2);
     // if no validation errors, try to update the database, otherwise return errormessages
     	if(sizeof($err_msg) == 0)
+    	{
     		$sql  = 'UPDATE `'.TABLE_PREFIX.'users` ';
     		$sql .= 'SET `display_name` = "'.$display_name.'", ';
     		$sql .=     '`password` = "'.$new_password_1.'", ';
     		$sql .=     '`email` = "'.$email.'", ';
     		$sql .=     '`language` = "'.$language.'", ';
     		$sql .=     '`timezone` = "'.$timezone.'", ';
     		$sql .=     '`date_format` = "'.$date_format.'", ';
     		$sql .=     '`time_format` = "'.$time_format.'" ';
     		$sql .= 'WHERE `user_id` = '.(int)$admin->get_user_id().' AND `password` = "'.$current_password.'"';
     		if( $database->query($sql) )
+    		{
     			$sql_info = mysql_info($database->db_handle);
     			if(preg_match('/matched: *([1-9][0-9]*)/i', $sql_info) != 1)
     			{  // if the user_id and password dosn't match
     				$err_msg[] = $MESSAGE['PREFERENCES']['CURRENT_PASSWORD_INCORRECT'];
     			}else {
     				// update successfull, takeover values into the session
     				$_SESSION['DISPLAY_NAME'] = $display_name;
     				$_SESSION['LANGUAGE'] = $language;
     				$_SESSION['TIMEZONE'] = $timezone;
     				$_SESSION['EMAIL'] = $email;
     				// Update date format
     				if($date_format != '') {
     					$_SESSION['DATE_FORMAT'] = $date_format;
     					if(isset($_SESSION['USE_DEFAULT_DATE_FORMAT'])) { unset($_SESSION['USE_DEFAULT_DATE_FORMAT']); }
     				} else {
     					$_SESSION['USE_DEFAULT_DATE_FORMAT'] = true;
     					if(isset($_SESSION['DATE_FORMAT'])) { unset($_SESSION['DATE_FORMAT']); }
+    				}
     				// Update time format
     				if($time_format != '') {
     					$_SESSION['TIME_FORMAT'] = $time_format;
     					if(isset($_SESSION['USE_DEFAULT_TIME_FORMAT'])) { unset($_SESSION['USE_DEFAULT_TIME_FORMAT']); }
     				} else {
     					$_SESSION['USE_DEFAULT_TIME_FORMAT'] = true;
     					if(isset($_SESSION['TIME_FORMAT'])) { unset($_SESSION['TIME_FORMAT']); }
+    				}
+    			}
     		}else {
     			$err_msg[] = 'invalid database UPDATE call in '.__FILE__.'::'.__FUNCTION__.'before line '.__LINE__;
+    		}
+    	}
     	return ( (sizeof($err_msg) > 0) ? implode('<br />', $err_msg) : '' );
+    }
     $retval = save_preferences($admin, $database);
     if( $retval == '')
+    {
     	$admin->print_success($MESSAGE['PREFERENCES']['DETAILS_SAVED']);
     	$admin->print_footer();
     }else {
     	$admin->print_error($retval, $js_back);
+    }
     ?>

     <?php
     /****************************************************************************
     * SVN Version information:
+    *
     * $Id$
+    *
     *****************************************************************************
+    *
     *****************************************************************************
     *                          WebsiteBaker
+    *
     * WebsiteBaker Project <http://www.websitebaker2.org/>
     * Copyright (C) 2009, Website Baker Org. e.V.
     *         http://start.websitebaker2.org/impressum-datenschutz.php
     * Copyright (C) 2004-2009, Ryan Djurovich
+    *
     *                        About WebsiteBaker
+    *
     * Website Baker is a PHP-based Content Management System (CMS)
     * designed with one goal in mind: to enable its users to produce websites
     * with ease.
+    *
     *****************************************************************************
+    *
     *****************************************************************************
     *                   WebsiteBaker Extra Information
+    *
     * @author       : Ryan Djurovich, stefan, Matthias Gallas, thorn, Manuel Lang
     * @platform     : WebsiteBaker 2.8
+    *
     *****************************************************************************
+    *
     *****************************************************************************
     *                        LICENSE INFORMATION
+    *
     * WebsiteBaker is free software; you can redistribute it and/or
     * modify it under the terms of the GNU General Public License
     * as published by the Free Software Foundation; either version 2
     * of the License, or (at your option) any later version.
+    *
     * WebsiteBaker is distributed in the hope that it will be useful,
     * but WITHOUT ANY WARRANTY; without even the implied warranty of
     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
     * See the GNU General Public License for more details.
+    *
     * You should have received a copy of the GNU General Public License
     * along with this program; if not, write to the Free Software
     * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
     *****************************************************************************/
     require('../../config.php');
     require_once(WB_PATH.'/framework/class.admin.php');
     $admin = new admin('Preferences');
     require_once(WB_PATH.'/framework/functions-utf8.php');
     // Create new template object for the preferences form
     $template = new Template(THEME_PATH.'/templates');
     $template->set_file('page', 'preferences.htt');
     $template->set_block('page', 'main_block', 'main');
     // Get existing value from database
     $database = new database();
     $query = "SELECT display_name,email FROM ".TABLE_PREFIX."users WHERE user_id = '".$admin->get_user_id()."'";
     $results = $database->query($query);
     if($database->is_error()) {
     	$admin->print_error($database->get_error(), 'index.php');
+    }
     $details = $results->fetchRow();
     // Insert values into form
     $template->set_var('DISPLAY_NAME', $details['display_name']);
     $template->set_var('EMAIL', $details['email']);
     // Insert language values
     $template->set_block('main_block', 'language_list_block', 'language_list');
     $result = $database->query("SELECT * FROM ".TABLE_PREFIX."addons WHERE type = 'language' order by name");
     if($result->numRows() > 0) {
     	while($addon = $result->fetchRow()) {
     		$l_codes[$addon['name']] = $addon['directory'];
     		$l_names[$addon['name']] = entities_to_7bit($addon['name']); // sorting-problem workaround
+    	}
     	asort($l_names);
     	foreach($l_names as $l_name=>$v) {
     		// Insert code and name
     		$template->set_var(array(
     								'CODE' => $l_codes[$l_name],
     								'NAME' => $l_name,
     								'FLAG' => THEME_URL.'/images/flags/'.strtolower($l_codes[$l_name]),
     								));
     		// Check if it is selected
     		if(LANGUAGE == $l_codes[$l_name]) {
     			$template->set_var('SELECTED', ' selected="selected"');
     		} else {
     			$template->set_var('SELECTED', '');
+    		}
     		$template->parse('language_list', 'language_list_block', true);
+    	}
+    }
     // Insert default timezone values
     require(ADMIN_PATH.'/interface/timezones.php');
     $template->set_block('main_block', 'timezone_list_block', 'timezone_list');
     foreach($TIMEZONES AS $hour_offset => $title) {
     	$template->set_var('VALUE', $hour_offset);
     	$template->set_var('NAME', $title);
     	if($admin->get_timezone() == $hour_offset*60*60) {
     		$template->set_var('SELECTED', ' selected="selected"');
     	} else {
     		$template->set_var('SELECTED', '');
+    	}
     	$template->parse('timezone_list', 'timezone_list_block', true);
+    }
     // Insert date format list
     $user_time = true;
     require(ADMIN_PATH.'/interface/date_formats.php');
     $template->set_block('main_block', 'date_format_list_block', 'date_format_list');
     foreach($DATE_FORMATS AS $format => $title) {
     	$format = str_replace('|', ' ', $format); // Add's white-spaces (not able to be stored in array key)
     	if($format != 'system_default') {
     		$template->set_var('VALUE', $format);
     	} else {
     		$template->set_var('VALUE', '');
+    	}
     	$template->set_var('NAME', $title);
     	if(DATE_FORMAT == $format AND !isset($_SESSION['USE_DEFAULT_DATE_FORMAT'])) {
     		$template->set_var('SELECTED', ' selected="selected"');
     	} elseif($format == 'system_default' AND isset($_SESSION['USE_DEFAULT_DATE_FORMAT'])) {
     		$template->set_var('SELECTED', ' selected="selected"');
     	} else {
     		$template->set_var('SELECTED', '');
+    	}
     	$template->parse('date_format_list', 'date_format_list_block', true);
+    }
     // Insert time format list
     require(ADMIN_PATH.'/interface/time_formats.php');
     $template->set_block('main_block', 'time_format_list_block', 'time_format_list');
     foreach($TIME_FORMATS AS $format => $title) {
     	$format = str_replace('|', ' ', $format); // Add's white-spaces (not able to be stored in array key)
     	if($format != 'system_default') {
     		$template->set_var('VALUE', $format);
     	} else {
     		$template->set_var('VALUE', '');
+    	}
     	$template->set_var('NAME', $title);
     	if(TIME_FORMAT == $format AND !isset($_SESSION['USE_DEFAULT_TIME_FORMAT'])) {
     		$template->set_var('SELECTED', ' selected="selected"');
     	} elseif($format == 'system_default' AND isset($_SESSION['USE_DEFAULT_TIME_FORMAT'])) {
     		$template->set_var('SELECTED', ' selected="selected"');
     	} else {
     		$template->set_var('SELECTED', '');
+    	}
     	$template->parse('time_format_list', 'time_format_list_block', true);
+    }
     // Insert language headings
     $template->set_var(array(
     								'HEADING_MY_SETTINGS' => $HEADING['MY_SETTINGS'],
     								'HEADING_MY_EMAIL' => $HEADING['MY_EMAIL'],
     								'HEADING_MY_PASSWORD' => $HEADING['MY_PASSWORD']
+    								)
     						);
     // insert urls
     $template->set_var(array(
     								'ADMIN_URL' => ADMIN_URL,
     								'WB_URL' => WB_URL,
     								'WB_PATH' => WB_PATH,
     								'THEME_URL' => THEME_URL
+    								)
     						);
     // Insert language text and messages
     $template->set_var(array(
     								'TEXT_SAVE' => $TEXT['SAVE'],
     								'TEXT_RESET' => $TEXT['RESET'],
     								'TEXT_DISPLAY_NAME' => $TEXT['DISPLAY_NAME'],
     								'TEXT_EMAIL' => $TEXT['EMAIL'],
     								'TEXT_LANGUAGE' => $TEXT['LANGUAGE'],
     								'TEXT_TIMEZONE' => $TEXT['TIMEZONE'],
     								'TEXT_DATE_FORMAT' => $TEXT['DATE_FORMAT'],
     								'TEXT_TIME_FORMAT' => $TEXT['TIME_FORMAT'],
     								'TEXT_CURRENT_PASSWORD' => $TEXT['CURRENT_PASSWORD'],
     								'TEXT_NEW_PASSWORD' => $TEXT['NEW_PASSWORD'],
     								'TEXT_RETYPE_NEW_PASSWORD' => $TEXT['RETYPE_NEW_PASSWORD'],
     								'TEXT_PLEASE_SELECT' => $TEXT['PLEASE_SELECT']
+    								)
     						);
     // Parse template for preferences form
     $template->parse('main', 'main_block', false);
     $template->pparse('output', 'page');
     $admin->print_footer();
     <?php
     /**
+     *
      * @category        admin
      * @package         preferences
      * @author          WebsiteBaker Project
      * @copyright       2004-2009, Ryan Djurovich
      * @copyright       2009-2010, Website Baker Org. e.V.
      * @link			http://www.websitebaker2.org/
      * @license         http://www.gnu.org/licenses/gpl.html
      * @platform        WebsiteBaker 2.8.x
      * @requirements    PHP 4.4.9 and higher
      * @version         $Id$
      * @filesource		$HeadURL$
      * @lastmodified    $Date$
+     *
      */
     // prevent this file from being accessed directly
     //if(defined('WB_PATH') == false) { exit("Cannot access this file directly"); }
     //Workaround if this is first page (WBAdmin in use)
     // put all inside a function to prevent global vars
     function build_page( &$admin, &$database )
+    {
     	include_once(WB_PATH.'/framework/functions-utf8.php');
     // Create new template object, assign template file, start main-block
     	$template = new Template( THEME_PATH.'/templates' );
     	$template->set_file( 'page', 'preferences.htt' );
     	$template->set_block( 'page', 'main_block', 'main' );
     // read user-info from table users and assign it to template
     	$sql  = 'SELECT `display_name`, `username`, `email` FROM `'.TABLE_PREFIX.'users` ';
     	$sql .= 'WHERE `user_id` = '.(int)$admin->get_user_id();
     	if( $res_user = $database->query($sql) )
+    	{
     		if( $rec_user = $res_user->fetchRow() )
+    		{
     			$template->set_var('DISPLAY_NAME', $rec_user['display_name']);
     			$template->set_var('USERNAME',     $rec_user['username']);
     			$template->set_var('EMAIL',        $rec_user['email']);
     			$template->set_var('ADMIN_URL',    ADMIN_URL);
+    		}
+    	}
     // read available languages from table addons and assign it to the template
     	$sql  = 'SELECT * FROM `'.TABLE_PREFIX.'addons` ';
     	$sql .= 'WHERE `type` = "language" ORDER BY `directory`';
     	if( $res_lang = $database->query($sql) )
+    	{
     		$template->set_block('main_block', 'language_list_block', 'language_list');
     		while( $rec_lang = $res_lang->fetchRow() )
+    		{
     			$template->set_var('CODE',        $rec_lang['directory']);
     			$template->set_var('NAME',        $rec_lang['name']);
     			$template->set_var('FLAG',        THEME_URL.'/images/flags/'.strtolower($rec_lang['directory']));
     			$template->set_var('SELECTED',    (LANGUAGE == $rec_lang['directory'] ? ' selected="selected"' : '') );
     			$template->parse('language_list', 'language_list_block', true);
+    		}
+    	}
     // Insert default timezone values
     	include_once( ADMIN_PATH.'/interface/timezones.php' );
     	$template->set_block('main_block', 'timezone_list_block', 'timezone_list');
     	foreach( $TIMEZONES AS $hour_offset => $title )
+    	{
     		$template->set_var('VALUE',    $hour_offset);
     		$template->set_var('NAME',     $title);
     		$template->set_var('SELECTED', ($admin->get_timezone() == ($hour_offset * 3600) ? ' selected="selected"' : '') );
     		$template->parse('timezone_list', 'timezone_list_block', true);
+    	}
     // Insert date format list
     	$user_time = true;
     	include_once( ADMIN_PATH.'/interface/date_formats.php' );
     	$template->set_block('main_block', 'date_format_list_block', 'date_format_list');
     	foreach( $DATE_FORMATS AS $format => $title )
+    	{
     		$format = str_replace('|', ' ', $format); // Add's white-spaces (not able to be stored in array key)
     		$template->set_var( 'VALUE', ($format != 'system_default' ? $format : 'system_default') );
     		$template->set_var( 'NAME',  $title );
     		if( (DATE_FORMAT == $format AND !isset($_SESSION['USE_DEFAULT_DATE_FORMAT'])) OR
     			('system_default' == $format AND isset($_SESSION['USE_DEFAULT_DATE_FORMAT'])) )
+    		{
     			$template->set_var('SELECTED', ' selected="selected"');
     		}else {
     			$template->set_var('SELECTED', '');
+    		}
     		$template->parse('date_format_list', 'date_format_list_block', true);
+    	}
     // Insert time format list
     	include_once( ADMIN_PATH.'/interface/time_formats.php' );
     	$template->set_block('main_block', 'time_format_list_block', 'time_format_list');
     	foreach( $TIME_FORMATS AS $format => $title )
+    	{
     		$format = str_replace('|', ' ', $format); // Add's white-spaces (not able to be stored in array key)
     		$template->set_var('VALUE', $format != 'system_default' ? $format : '' );
     		$template->set_var('NAME',  $title);
     		if( (TIME_FORMAT == $format AND !isset($_SESSION['USE_DEFAULT_TIME_FORMAT'])) OR
     		    ('system_default' == $format AND isset($_SESSION['USE_DEFAULT_TIME_FORMAT'])) )
+    		{
     			$template->set_var('SELECTED', ' selected="selected"');
     		} else {
     			$template->set_var('SELECTED', '');
+    		}
     		$template->parse('time_format_list', 'time_format_list_block', true);
+    	}
     // assign systemvars to template
     	$template->set_var(array( 'ADMIN_URL'  => ADMIN_URL,
     	                          'WB_URL'     => WB_URL,
                                   'WB_PATH'    => WB_PATH,
                                   'THEME_URL'  => THEME_URL,
     		                      'ACTION_URL' => ADMIN_URL.'/preferences/save.php'
+                                )
                           );
     	$template->set_var('FTAN', $admin->getFTAN());
     	$template->set_var('FORM_NAME', 'preferences_save');
     // assign language vars
     	global $HEADING, $TEXT;
     	$template->set_var(array( 'HEADING_MY_SETTINGS'      => $HEADING['MY_SETTINGS'],
                                   'HEADING_MY_EMAIL'         => $HEADING['MY_EMAIL'],
                                   'HEADING_MY_PASSWORD'      => $HEADING['MY_PASSWORD'],
                                   'TEXT_SAVE'                => $TEXT['SAVE'],
                                   'TEXT_RESET'               => $TEXT['RESET'],
                                   'TEXT_DISPLAY_NAME'        => $TEXT['DISPLAY_NAME'],
                                   'TEXT_USERNAME'            => $TEXT['USERNAME'],
                                   'TEXT_EMAIL'               => $TEXT['EMAIL'],
                                   'TEXT_LANGUAGE'            => $TEXT['LANGUAGE'],
                                   'TEXT_TIMEZONE'            => $TEXT['TIMEZONE'],
                                   'TEXT_DATE_FORMAT'         => $TEXT['DATE_FORMAT'],
                                   'TEXT_TIME_FORMAT'         => $TEXT['TIME_FORMAT'],
                                   'TEXT_CURRENT_PASSWORD'    => $TEXT['CURRENT_PASSWORD'],
                                   'TEXT_NEW_PASSWORD'        => $TEXT['NEW_PASSWORD'],
                                   'TEXT_RETYPE_NEW_PASSWORD' => $TEXT['RETYPE_NEW_PASSWORD'],
     	                          'EMPTY_STRING'             => ''
+                                )
                           );
     // Parse template for preferences form
     	$template->parse('main', 'main_block', false);
     	$output = $template->finish($template->parse('output', 'page'));
     	return $output;
+    }
     // test if valid $admin-object already exists (bit complicated about PHP4 Compatibility)
     if( !(isset($admin) && is_object($admin) && (get_class($admin) == 'admin')) )
+    {
         require( '../../config.php' );
     	require_once( WB_PATH.'/framework/class.admin.php' );
     	$admin = new admin('Preferences');
+    }
     echo build_page($admin, $database);
     $admin->print_footer();
     ?>

     class wb
+    {
     	public $password_chars = 'a-zA-Z0-9\_\-\!\#\*\+';
     	// General initialization function
     	// performed when frontend or backend is loaded.
     	function wb() {
+    	}
     	// Check whether a page is visible or not.
     	// This will check page-visibility and user- and group-rights.
     	/* page_is_visible() returns
-...
+     *
      * requirements: an active session must be available
      */
     	public function getFTAN( $asTAG = true)
     	public function getFTAN( $as_tag = true)
+    	{
     		if(function_exists('microtime'))
+    		{
     			list($usec, $sec) = explode(" ", microtime());
     			$time = ((float)$usec + (float)$sec);
     			$time = (string)((float)$usec + (float)$sec);
     		}else{
     			$time = time();
     			$time = (string)time();
+    		}
     		$ftan = md5(((string)$time).$_SERVER['SERVER_ADDR']);
     		$salt  = ( isset($_SERVER['HTTP_ACCEPT']) ? $_SERVER['HTTP_ACCEPT'] : '');
     		$salt .= ( isset($_SERVER['HTTP_ACCEPT_CHARSET']) ? $_SERVER['HTTP_ACCEPT_CHARSET'] : '');
     		$salt .= ( isset($_SERVER['HTTP_ACCEPT_ENCODING']) ? $_SERVER['HTTP_ACCEPT_ENCODING'] : '');
     		$salt .= ( isset($_SERVER['HTTP_ACCEPT_LANGUAGE']) ? $_SERVER['HTTP_ACCEPT_LANGUAGE'] : '');
     		$salt .= ( isset($_SERVER['HTTP_CONNECTION']) ? $_SERVER['HTTP_CONNECTION'] : '');
     		$salt .= ( isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '');
     		$salt .= ( isset($_SERVER['SERVER_ADDR']) ? $_SERVER['SERVER_ADDR'] : '');
     		$salt  = ( $salt !== '' ) ? $salt : 'eXtremelyHotTomatoJuice';
     		$ftan = md5($time.$salt);
     		$_SESSION['FTAN'] = $ftan;
     		$ftan0 = 'a'.substr($ftan, -(10 + hexdec(substr($ftan, 1))), 10);
     		$ftan1 = 'a'.substr($ftan, hexdec(substr($ftan, -1)), 10);
     		if($asTAG == true)
     		if($as_tag == true)
+    		{
     			return '<input type="hidden" name="'.$ftan0.'" value="'.$ftan1.'" title="" />';
     		}else{

... This diff was truncated because it exceeds the maximum size that can be displayed.

Also available in: Unified diff

Project

General

Profile

WB 2.08.x

Revision 1313

Added by Dietmar over 14 years ago