Revision 1804
Added by Dietmar about 12 years ago
branches/2.8.x/CHANGELOG | ||
---|---|---|
13 | 13 |
|
14 | 14 |
|
15 | 15 |
|
16 |
02 Nov-2012 Build 1804 Dietmar Woellbrink (Luisehahne) |
|
17 |
# fixed Illegal string offset 'time' in \framework\SecureForm.mtab.php |
|
18 |
! add delete Outdated Confirmations in backend |
|
19 |
! show waiting Activations if exists in user management |
|
20 |
# fixed html validaton errors in user management |
|
21 |
! security fixes in admin/preferences/ |
|
22 |
! update form modul, change text "unknown#" to "Guest" |
|
23 |
in view_submission and emailheader email_fromname |
|
16 | 24 |
01 Nov-2012 Build 1803 Dietmar Woellbrink (Luisehahne) |
17 | 25 |
! update submission form with designer friendly css classes |
18 | 26 |
31 Oct-2012 Build 1802 Dietmar Woellbrink (Luisehahne) |
branches/2.8.x/wb/admin/start/index.php | ||
---|---|---|
3 | 3 |
* |
4 | 4 |
* @category admin |
5 | 5 |
* @package start |
6 |
* @author Ryan Djurovich, WebsiteBaker Project |
|
6 |
* @author Ryan Djurovich (2004-2009), WebsiteBaker Project
|
|
7 | 7 |
* @copyright 2009-2012, WebsiteBaker Org. e.V. |
8 | 8 |
* @link http://www.websitebaker2.org/ |
9 | 9 |
* @license http://www.gnu.org/licenses/gpl.html |
... | ... | |
19 | 19 |
//$regex = "/(pages)+[a-z]*[_]([a-z_0-9]+)[^,]/im"; |
20 | 20 |
//preg_match_all ($regex, $string, $output); |
21 | 21 |
// |
22 |
require('../../config.php'); |
|
23 |
require_once(WB_PATH.'/framework/class.admin.php'); |
|
22 |
|
|
23 |
$config_file = realpath('../../config.php'); |
|
24 |
if(file_exists($config_file) && !defined('WB_URL')) |
|
25 |
{ |
|
26 |
require_once($config_file); |
|
27 |
} |
|
28 |
|
|
29 |
if(!class_exists('admin', false)){ include(WB_PATH.'/framework/class.admin.php'); } |
|
30 |
|
|
24 | 31 |
$admin = new admin('Start','start'); |
25 | 32 |
// --------------------------------------- |
26 | 33 |
// $database = WbDatabase::getInstance(); |
... | ... | |
118 | 125 |
} |
119 | 126 |
} |
120 | 127 |
|
128 |
/** |
|
129 |
* delete Outdated Confirmations |
|
130 |
*/ |
|
131 |
$sql = 'DELETE FROM `'.TABLE_PREFIX.'users` WHERE `confirm_timeout` BETWEEN 1 AND '.time(); |
|
132 |
WbDatabase::getInstance()->query($sql); |
|
133 |
|
|
121 | 134 |
// --------------------------------------- |
122 | 135 |
// Setup template object, parse vars to it, then parse it |
123 | 136 |
// Create new template object |
branches/2.8.x/wb/admin/skel/themes/htt/users.htt | ||
---|---|---|
18 | 18 |
{FTAN} |
19 | 19 |
|
20 | 20 |
<button type="button" name="status" title="{TEXT_USERS}" style="width: 30px; background: {STATUS_ICON} no-repeat center" value="{USER_STATUS}" onclick="javascript: window.location = 'index.php?status={USER_STATUS}';" class="status {DISPLAY_MODIFY}" > </button> |
21 |
<select name="user_id" style="width: 500px;"> |
|
21 |
<select name="user_id" class="user-list" style="width: 500px;">
|
|
22 | 22 |
<!-- BEGIN list_block --> |
23 | 23 |
<option value="{VALUE}" {STATUS}>{NAME}</option> |
24 | 24 |
<!-- END list_block --> |
... | ... | |
27 | 27 |
<input type="submit" name="modify" style="width: 100px;" value="{TEXT_MODIFY}" class="{DISPLAY_MODIFY}" /> |
28 | 28 |
<input type="submit" name="delete" style="width: 100px;" value="{TEXT_DELETE}" onclick="return confirm('{CONFIRM_DELETE}');" class="{DISPLAY_DELETE}" /> |
29 | 29 |
|
30 |
<!-- BEGIN show_confirmed_activation_block --> |
|
31 |
<h3 class="bold">{DISPLAY_WAITING_ACTIVATION}</h3> |
|
32 |
<select name="user_id_activation_id" class="user-activation" style="width: 500px; margin-left: 34px;"> |
|
33 |
<!-- BEGIN list_confirmed_activation_block --> |
|
34 |
<option value="{VALUE}" {STATUS}>{NAME}</option> |
|
35 |
<!-- END list_confirmed_activation_block --> |
|
36 |
</select> |
|
37 |
<input type="submit" name="delete_outdated" style="width: 100px;" value="{TEXT_DELETE}" onclick="return confirm('{CONFIRM_DELETE}');" class="{DISPLAY_DELETE}" /> |
|
38 |
<!-- END show_confirmed_activation_block --> |
|
39 |
|
|
30 | 40 |
</form> |
31 | 41 |
|
32 |
<br /> |
|
33 |
<h2 style="margin-top: 20px;" class="{DISPLAY_ADD} left">{HEADING_ADD_USER}</h2> |
|
42 |
<h3 class="bold {DISPLAY_ADD}" style="margin-top: 20px;">{HEADING_ADD_USER}</h3> |
|
34 | 43 |
</div> |
35 | 44 |
<!-- END main_block --> |
branches/2.8.x/wb/admin/skel/themes/htt/users_form.htt | ||
---|---|---|
45 | 45 |
</td> |
46 | 46 |
</tr> |
47 | 47 |
<tr style="{DISPLAY_EXTRA}"> |
48 |
<td class="right"> </td> |
|
49 |
<td style="font-size: 10px;"> |
|
50 |
{CHANGING_PASSWORD} |
|
48 |
<td colspan="2" style=""> |
|
49 |
<div class="warning value_input" style="max-width:700px; margin-right: 20%; float: right;">{CHANGING_PASSWORD}</div> |
|
51 | 50 |
</td> |
52 | 51 |
</tr> |
53 | 52 |
<tr> |
branches/2.8.x/wb/admin/interface/version.php | ||
---|---|---|
51 | 51 |
|
52 | 52 |
// check if defined to avoid errors during installation (redirect to admin panel fails if PHP error/warnings are enabled) |
53 | 53 |
if(!defined('VERSION')) define('VERSION', '2.8.3'); |
54 |
if(!defined('REVISION')) define('REVISION', '1803');
|
|
54 |
if(!defined('REVISION')) define('REVISION', '1804');
|
|
55 | 55 |
if(!defined('SP')) define('SP', ''); |
branches/2.8.x/wb/admin/users/save.php | ||
---|---|---|
15 | 15 |
* |
16 | 16 |
*/ |
17 | 17 |
|
18 |
// Print admin header |
|
19 |
require('../../config.php'); |
|
20 |
require_once(WB_PATH.'/framework/class.admin.php'); |
|
18 |
$config_file = realpath('../../config.php'); |
|
19 |
if(file_exists($config_file) && !defined('WB_URL')) |
|
20 |
{ |
|
21 |
require_once($config_file); |
|
22 |
} |
|
23 |
|
|
24 |
if(!class_exists('admin', false)){ include(WB_PATH.'/framework/class.admin.php'); } |
|
25 |
|
|
21 | 26 |
// suppress to print the header, so no new FTAN will be set |
22 | 27 |
$admin = new admin('Access', 'users_modify', false); |
23 | 28 |
|
... | ... | |
64 | 69 |
$MESSAGE['USERS_USERNAME_TOO_SHORT'], $js_back); |
65 | 70 |
} |
66 | 71 |
if($password != "") { |
67 |
if(strlen($password) < 2) {
|
|
72 |
if(strlen($password) < 6 ) {
|
|
68 | 73 |
$admin->print_error($MESSAGE['USERS_PASSWORD_TOO_SHORT'], $js_back); |
69 | 74 |
} |
70 | 75 |
if($password != $password2) { |
branches/2.8.x/wb/admin/users/users.php | ||
---|---|---|
13 | 13 |
* @filesource $HeadURL$ |
14 | 14 |
* @lastmodified $Date$ |
15 | 15 |
* |
16 |
*/ |
|
16 |
*/
|
|
17 | 17 |
|
18 | 18 |
// Include config file and admin class file |
19 |
require('../../config.php'); |
|
20 |
require_once(WB_PATH.'/framework/class.admin.php'); |
|
21 | 19 |
|
20 |
$config_file = realpath('../../config.php'); |
|
21 |
if(file_exists($config_file) && !defined('WB_URL')) |
|
22 |
{ |
|
23 |
require_once($config_file); |
|
24 |
} |
|
25 |
|
|
26 |
if(!class_exists('admin', false)){ include(WB_PATH.'/framework/class.admin.php'); } |
|
27 |
|
|
22 | 28 |
$action = 'cancel'; |
23 | 29 |
// Set parameter 'action' as alternative to javascript mechanism |
24 | 30 |
$action = (isset($_POST['modify']) ? 'modify' : $action ); |
25 | 31 |
$action = (isset($_POST['delete']) ? 'delete' : $action ); |
32 |
$action = (isset($_POST['delete_outdated']) ? 'delete_outdated' : $action ); |
|
26 | 33 |
|
27 | 34 |
switch ($action): |
28 | 35 |
case 'modify' : |
... | ... | |
51 | 58 |
$template->set_block('main_block', 'show_modify_loginname_block', 'show_modify_loginname'); |
52 | 59 |
$template->set_block('main_block', 'show_add_loginname_block', 'show_add_loginname'); |
53 | 60 |
$template->set_var( array( |
54 |
'ACTION_URL' => ADMIN_URL.'/users/save.php', |
|
55 |
'SUBMIT_TITLE' => $TEXT['SAVE'], |
|
56 |
'USER_ID' => $user['user_id'], |
|
57 |
'USERNAME' => $user['username'], |
|
58 |
'DISPLAY_NAME' => $user['display_name'], |
|
59 |
'EMAIL' => $user['email'], |
|
60 |
'ADMIN_URL' => ADMIN_URL, |
|
61 |
'WB_URL' => WB_URL, |
|
62 |
'THEME_URL' => THEME_URL |
|
63 |
) |
|
64 |
); |
|
61 |
'ACTION_URL' => ADMIN_URL.'/users/save.php', |
|
62 |
'SUBMIT_TITLE' => $TEXT['SAVE'], |
|
63 |
'USER_ID' => $user['user_id'], |
|
64 |
'DISPLAY_EXTRA' => '', |
|
65 |
'DISPLAY_HOME_FOLDERS' => '', |
|
66 |
'USERNAME' => $user['username'], |
|
67 |
'DISPLAY_NAME' => $user['display_name'], |
|
68 |
'EMAIL' => $user['email'], |
|
69 |
'ADMIN_URL' => ADMIN_URL, |
|
70 |
'WB_URL' => WB_URL, |
|
71 |
'THEME_URL' => THEME_URL |
|
72 |
) |
|
73 |
); |
|
65 | 74 |
|
66 | 75 |
$template->set_var('FTAN', $admin->getFTAN()); |
67 | 76 |
if($user['active'] == 1) { |
77 |
$template->set_var('DISABLED_CHECKED', ''); |
|
68 | 78 |
$template->set_var('ACTIVE_CHECKED', ' checked="checked"'); |
69 | 79 |
} else { |
80 |
$template->set_var('ACTIVE_CHECKED', ''); |
|
70 | 81 |
$template->set_var('DISABLED_CHECKED', ' checked="checked"'); |
71 | 82 |
} |
72 | 83 |
// Add groups to list |
... | ... | |
184 | 195 |
case 'delete' : |
185 | 196 |
// Print header |
186 | 197 |
$admin = new admin('Access', 'users_delete'); |
198 |
|
|
187 | 199 |
$user_id = intval($admin->checkIDKEY('user_id', 0, $_SERVER['REQUEST_METHOD'])); |
188 | 200 |
// Check if user id is a valid number and doesnt equal 1 |
201 |
|
|
189 | 202 |
if($user_id == 0){ |
190 | 203 |
$admin->print_error($MESSAGE['GENERIC_FORGOT_OPTIONS'] ); |
191 | 204 |
} |
... | ... | |
211 | 224 |
// Print admin footer |
212 | 225 |
$admin->print_footer(); |
213 | 226 |
break; |
227 |
case 'delete_outdated' : |
|
228 |
$admin = new admin('Access', 'users_delete'); |
|
229 |
|
|
230 |
$user_id = intval($admin->checkIDKEY('user_id_activation_id', 0, $_SERVER['REQUEST_METHOD'])); |
|
231 |
// Check if user id is a valid number and doesnt equal 1 |
|
232 |
if($user_id == 0){ |
|
233 |
$admin->print_error($MESSAGE['GENERIC_FORGOT_OPTIONS'] ); |
|
234 |
} |
|
235 |
if( ($user_id < 2 ) ) |
|
236 |
{ |
|
237 |
// if($admin_header) { $admin->print_header(); } |
|
238 |
$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'] ); |
|
239 |
} |
|
240 |
$database->query("DELETE FROM `".TABLE_PREFIX."users` WHERE `user_id` = ".$user_id); |
|
241 |
if($database->is_error()) { |
|
242 |
$admin->print_error($database->get_error()); |
|
243 |
} else { |
|
244 |
$admin->print_success($MESSAGE['USERS_DELETED']); |
|
245 |
} |
|
246 |
// Print admin footer |
|
247 |
$admin->print_footer(); |
|
248 |
|
|
249 |
|
|
250 |
break; |
|
214 | 251 |
default: |
215 | 252 |
break; |
216 | 253 |
endswitch; |
branches/2.8.x/wb/admin/users/index.php | ||
---|---|---|
13 | 13 |
* @filesource $HeadURL$ |
14 | 14 |
* @lastmodified $Date$ |
15 | 15 |
* |
16 |
*/ |
|
16 |
*/
|
|
17 | 17 |
|
18 |
require('../../config.php'); |
|
19 |
require_once(WB_PATH.'/framework/class.admin.php'); |
|
18 |
$config_file = realpath('../../config.php'); |
|
19 |
if(file_exists($config_file) && !defined('WB_URL')) |
|
20 |
{ |
|
21 |
require_once($config_file); |
|
22 |
} |
|
23 |
|
|
24 |
if(!class_exists('admin', false)){ include(WB_PATH.'/framework/class.admin.php'); } |
|
25 |
|
|
20 | 26 |
$admin = new admin('Access', 'users'); |
21 | 27 |
|
22 | 28 |
$iUserStatus = 1; |
... | ... | |
34 | 40 |
$template->set_var('ADMIN_URL', ADMIN_URL); |
35 | 41 |
$template->set_var('FTAN', $admin->getFTAN()); |
36 | 42 |
$template->set_var('USER_STATUS', $iUserStatus ); |
43 |
$template->set_var('DISPLAY_ADD', ''); |
|
44 |
$template->set_var('DISPLAY_MODIFY', ''); |
|
45 |
$template->set_var('DISABLED_CHECKED', ''); |
|
46 |
$template->set_var('HEADING_MODIFY_USER', ''); |
|
47 |
$template->set_var('DISPLAY_HOME_FOLDERS', ''); |
|
37 | 48 |
|
38 | 49 |
$UserStatusActive = 'url('.THEME_URL.'/images/user.png)'; |
39 | 50 |
$UserStatusInactive = 'url('.THEME_URL.'/images/user_red.png)'; |
... | ... | |
105 | 116 |
); |
106 | 117 |
// Insert language text and messages |
107 | 118 |
$template->set_var(array( |
119 |
'DISPLAY_WAITING_ACTIVATION' => '', |
|
108 | 120 |
'TEXT_MODIFY' => $TEXT['MODIFY'], |
109 | 121 |
'TEXT_DELETE' => $TEXT['DELETE'], |
110 | 122 |
'TEXT_MANAGE_GROUPS' => ( $admin->get_permission('groups') == true ) ? $TEXT['MANAGE_GROUPS'] : "**", |
111 | 123 |
'CONFIRM_DELETE' => (($iUserStatus == 1) ? $TEXT['ARE_YOU_SURE'] : $MESSAGE['USERS_CONFIRM_DELETE']) |
112 | 124 |
) |
113 | 125 |
); |
126 |
|
|
127 |
$template->set_block('main_block', 'show_confirmed_activation_block', 'show_confirmed_activation'); |
|
128 |
if($admin->ami_group_member('1')) { |
|
129 |
$template->set_block('show_confirmed_activation_block', 'list_confirmed_activation_block', 'list_confirmed_activation'); |
|
130 |
$template->set_var('DISPLAY_WAITING_ACTIVATION', 'Users waiting for activation'); |
|
131 |
$sql = 'SELECT * FROM `'.TABLE_PREFIX.'users` '; |
|
132 |
$sql .= 'WHERE `confirm_timeout` != 0 '; |
|
133 |
$sql .= 'AND `active` = 0 '; |
|
134 |
$sql .= 'AND `user_id` != 1 '; |
|
135 |
if( ($oRes = $database->query($sql)) ) { |
|
136 |
$template->set_var('DISPLAY_DELETE', ''); |
|
137 |
// $template->set_var('NAME', 'User waiting for activation'); |
|
138 |
// $template->set_var('STATUS', '' ); |
|
139 |
// Loop through users |
|
140 |
if($nNumRows = $oRes->numRows()) { |
|
141 |
while($aUser = $oRes->fetchRow(MYSQL_ASSOC)) { |
|
142 |
$template->set_var('VALUE',$admin->getIDKEY($aUser['user_id'])); |
|
143 |
$template->set_var('STATUS', '') ; |
|
144 |
$template->set_var('NAME', $aUser['display_name'].' ('.$aUser['username'].')'); |
|
145 |
$template->parse('list_confirmed_activation', 'list_confirmed_activation_block', true); |
|
146 |
} |
|
147 |
$template->parse('show_confirmed_activation', 'show_confirmed_activation_block',true); |
|
148 |
} |
|
149 |
} else { $nNumRows = 0; } |
|
150 |
|
|
151 |
} |
|
152 |
|
|
153 |
if ( $nNumRows == 0){ |
|
154 |
$template->parse('show_confirmed_activation', ''); |
|
155 |
} |
|
156 |
|
|
114 | 157 |
if ( $admin->get_permission('groups') == true ) $template->parse("groups", "manage_groups_block", true); |
115 | 158 |
// Parse template object |
116 | 159 |
$template->parse('main', 'main_block', false); |
... | ... | |
126 | 169 |
$template->set_block('main_block', 'show_add_loginname_block', 'show_add_loginname'); |
127 | 170 |
$template->set_var('DISPLAY_EXTRA', 'display:none;'); |
128 | 171 |
$template->set_var('ACTIVE_CHECKED', ' checked="checked"'); |
172 |
|
|
173 |
$template->set_var('DISPLAY_ADD', ''); |
|
174 |
$template->set_var('DISPLAY_MODIFY', ''); |
|
175 |
$template->set_var('DISABLED_CHECKED', ''); |
|
176 |
$template->set_var('HEADING_MODIFY_USER', ''); |
|
177 |
$template->set_var('DISPLAY_HOME_FOLDERS', ''); |
|
129 | 178 |
$template->set_var('ACTION_URL', ADMIN_URL.'/users/add.php'); |
130 | 179 |
$template->set_var('SUBMIT_TITLE', $TEXT['ADD']); |
131 | 180 |
$template->set_var('FTAN', $admin->getFTAN()); |
branches/2.8.x/wb/admin/preferences/save.php | ||
---|---|---|
15 | 15 |
* |
16 | 16 |
*/ |
17 | 17 |
|
18 |
|
|
19 |
// Print admin header |
|
20 |
require('../../config.php'); |
|
21 |
require_once(WB_PATH.'/framework/class.admin.php'); |
|
22 |
// suppress to print the header, so no new FTAN will be set |
|
23 |
$admin = new admin('Preferences','start', false); |
|
24 |
|
|
25 | 18 |
function save_preferences( &$admin, &$database) |
26 | 19 |
{ |
27 | 20 |
global $MESSAGE; |
28 | 21 |
$err_msg = array(); |
29 | 22 |
$iMinPassLength = 6; |
23 |
$bPassRequest = false; |
|
24 |
$bMailHasChanged = false; |
|
30 | 25 |
// first check form-tan |
31 |
if(!$admin->checkFTAN()){ $err_msg[] = $MESSAGE['GENERIC_SECURITY_ACCESS']; } |
|
26 |
if(!$admin->checkFTAN()){ |
|
27 |
$err_msg[] = $MESSAGE['GENERIC_SECURITY_ACCESS']; |
|
28 |
} else { |
|
32 | 29 |
// Get entered values and validate all |
33 | 30 |
// remove any dangerouse chars from display_name |
34 |
$display_name = $admin->add_slashes(strip_tags(trim($admin->get_post('display_name'))));
|
|
35 |
$display_name = ( $display_name == '' ? $admin->get_display_name() : $display_name );
|
|
36 |
// check that display_name is unique in whoole system (prevents from User-faking)
|
|
37 |
$sql = 'SELECT COUNT(*) FROM `'.TABLE_PREFIX.'users` '; |
|
38 |
$sql .= 'WHERE `user_id` <> '.(int)$admin->get_user_id().' AND `display_name` LIKE "'.$display_name.'"'; |
|
39 |
if( $database->get_one($sql) > 0 ){ $err_msg[] = $MESSAGE['USERS_USERNAME_TAKEN']; } |
|
31 |
$display_name = $admin->add_slashes(strip_tags($admin->StripCodeFromText($admin->get_post('display_name'),true)));
|
|
32 |
$display_name = ( $display_name == '' ? $admin->get_display_name() : $display_name );
|
|
33 |
// check that display_name is unique in whoole system (prevents from User-faking) |
|
34 |
$sql = 'SELECT COUNT(*) FROM `'.TABLE_PREFIX.'users` ';
|
|
35 |
$sql .= 'WHERE `user_id` <> '.(int)$admin->get_user_id().' AND `display_name` LIKE "'.$display_name.'"';
|
|
36 |
if( $database->get_one($sql) > 0 ){ $err_msg[] = $MESSAGE['USERS_USERNAME_TAKEN']; }
|
|
40 | 37 |
// language must be 2 upercase letters only |
41 |
$language = strtoupper($admin->get_post('language')); |
|
42 |
$language = (preg_match('/^[A-Z]{2}$/', $language) ? $language : DEFAULT_LANGUAGE); |
|
38 |
$language = strtoupper($admin->get_post('language'));
|
|
39 |
$language = (preg_match('/^[A-Z]{2}$/', $language) ? $language : DEFAULT_LANGUAGE);
|
|
43 | 40 |
// timezone must be between -12 and +13 or -20 as system_default |
44 |
$timezone = $admin->get_post('timezone'); |
|
45 |
$timezone = (is_numeric($timezone) ? $timezone : -20); |
|
46 |
$timezone = ( ($timezone >= -12 && $timezone <= 13) ? $timezone : -20 ) * 3600; |
|
41 |
$timezone = $admin->get_post('timezone');
|
|
42 |
$timezone = (is_numeric($timezone) ? $timezone : -20);
|
|
43 |
$timezone = ( ($timezone >= -12 && $timezone <= 13) ? $timezone : -20 ) * 3600;
|
|
47 | 44 |
// date_format must be a key from /interface/date_formats |
48 |
$date_format = $admin->get_post('date_format'); |
|
49 |
$date_format_key = str_replace(' ', '|', $date_format); |
|
50 |
$user_time = true; |
|
51 |
include( ADMIN_PATH.'/interface/date_formats.php' ); |
|
52 |
$date_format = (array_key_exists($date_format_key, $DATE_FORMATS) ? $date_format : 'system_default'); |
|
53 |
$date_format = ($date_format == 'system_default' ? '' : $date_format); |
|
54 |
unset($DATE_FORMATS); |
|
45 |
$date_format = $admin->get_post('date_format');
|
|
46 |
$date_format_key = str_replace(' ', '|', $date_format);
|
|
47 |
$user_time = true;
|
|
48 |
include( ADMIN_PATH.'/interface/date_formats.php' );
|
|
49 |
$date_format = (array_key_exists($date_format_key, $DATE_FORMATS) ? $date_format : 'system_default');
|
|
50 |
$date_format = ($date_format == 'system_default' ? '' : $date_format);
|
|
51 |
unset($DATE_FORMATS);
|
|
55 | 52 |
// time_format must be a key from /interface/time_formats |
56 |
$time_format = $admin->get_post('time_format'); |
|
57 |
$time_format_key = str_replace(' ', '|', $time_format); |
|
58 |
$user_time = true; |
|
59 |
include( ADMIN_PATH.'/interface/time_formats.php' ); |
|
60 |
$time_format = (array_key_exists($time_format_key, $TIME_FORMATS) ? $time_format : 'system_default'); |
|
61 |
$time_format = ($time_format == 'system_default' ? '' : $time_format); |
|
62 |
unset($TIME_FORMATS); |
|
53 |
$time_format = $admin->get_post('time_format');
|
|
54 |
$time_format_key = str_replace(' ', '|', $time_format);
|
|
55 |
$user_time = true;
|
|
56 |
include( ADMIN_PATH.'/interface/time_formats.php' );
|
|
57 |
$time_format = (array_key_exists($time_format_key, $TIME_FORMATS) ? $time_format : 'system_default');
|
|
58 |
$time_format = ($time_format == 'system_default' ? '' : $time_format);
|
|
59 |
unset($TIME_FORMATS);
|
|
63 | 60 |
// email should be validatet by core |
64 |
$email = trim( $admin->get_post('email') == null ? '' : $admin->get_post('email') ); |
|
65 |
if( !$admin->validate_email($email) ) |
|
66 |
{ |
|
67 |
$email = ''; |
|
68 |
$err_msg[] = $MESSAGE['USERS_INVALID_EMAIL']; |
|
69 |
}else { |
|
70 |
if($email != '') { |
|
71 |
// check that email is unique in whoole system |
|
72 |
$email = $admin->add_slashes($email); |
|
73 |
$sql = 'SELECT COUNT(*) FROM `'.TABLE_PREFIX.'users` '; |
|
74 |
$sql .= 'WHERE `user_id` <> '.(int)$admin->get_user_id().' AND `email` LIKE "'.$email.'"'; |
|
75 |
if( $database->get_one($sql) > 0 ){ $err_msg[] = $MESSAGE['USERS_EMAIL_TAKEN']; } |
|
76 |
} |
|
77 |
} |
|
61 |
|
|
62 |
// $email = trim( $admin->get_post('email') == null ? '' : $admin->get_post('email') ); |
|
63 |
$email = $admin->add_slashes(strip_tags($admin->StripCodeFromText($admin->get_post('email'),true))); |
|
64 |
if( !$admin->validate_email($email) ) |
|
65 |
{ |
|
66 |
$email = ''; |
|
67 |
$err_msg[] = $MESSAGE['USERS_INVALID_EMAIL']; |
|
68 |
} else { |
|
69 |
if($email != '') { |
|
70 |
// check that email is unique in whoole system |
|
71 |
$sql = 'SELECT `email` FROM `'.TABLE_PREFIX.'users` '; |
|
72 |
$sql .= 'WHERE `user_id` = '.(int)$admin->get_user_id().' AND `email` LIKE "'.$email.'"'; |
|
73 |
$IsOldMail = $database->get_one($sql); |
|
74 |
// check that email is unique in whoole system |
|
75 |
$email = $admin->add_slashes($email); |
|
76 |
$sql = 'SELECT `email` FROM `'.TABLE_PREFIX.'users` '; |
|
77 |
$sql .= 'WHERE `user_id` <> '.(int)$admin->get_user_id().' AND `email` LIKE "'.$email.'"'; |
|
78 |
$checkMail = $database->get_one($sql); |
|
79 |
|
|
80 |
if( $checkMail == $email ){ $err_msg[] = $MESSAGE['USERS_EMAIL_TAKEN']; } |
|
81 |
$bMailHasChanged = ($email != $IsOldMail); |
|
82 |
} |
|
83 |
} |
|
84 |
|
|
78 | 85 |
// receive password vars and calculate needed action |
79 |
$sCurrentPassword = $admin->get_post('current_password'); |
|
80 |
$sCurrentPassword = (is_null($sCurrentPassword) ? '' : $sCurrentPassword); |
|
81 |
$sNewPassword = $admin->get_post('new_password_1'); |
|
82 |
$sNewPassword = (is_null($sNewPassword) ? '' : $sNewPassword); |
|
83 |
$sNewPasswordRetyped = $admin->get_post('new_password_2'); |
|
84 |
$sNewPasswordRetyped= (is_null($sNewPasswordRetyped) ? '' : $sNewPasswordRetyped); |
|
85 |
// Check existing password |
|
86 |
$sql = 'SELECT `password` '; |
|
87 |
$sql .= 'FROM `'.TABLE_PREFIX.'users` '; |
|
88 |
$sql .= 'WHERE `user_id` = '.$admin->get_user_id(); |
|
89 |
if (md5($sCurrentPassword) != $database->get_one($sql)) { |
|
90 |
// access denied |
|
91 |
$err_msg[] = $MESSAGE['PREFERENCES_CURRENT_PASSWORD_INCORRECT']; |
|
92 |
}else { |
|
93 |
// validate new password |
|
94 |
$sPwHashNew = false; |
|
95 |
if($sNewPassword != '') { |
|
96 |
if(strlen($sNewPassword) < $iMinPassLength) { |
|
97 |
$err_msg[] = $MESSAGE['USERS_PASSWORD_TOO_SHORT']; |
|
98 |
}else { |
|
99 |
if($sNewPassword != $sNewPasswordRetyped) { |
|
100 |
$err_msg[] = $MESSAGE['USERS_PASSWORD_MISMATCH']; |
|
101 |
}else { |
|
102 |
$pattern = '/[^'.$admin->password_chars.']/'; |
|
103 |
if (preg_match($pattern, $sNewPassword)) { |
|
104 |
$err_msg[] = $MESSAGE['PREFERENCES_INVALID_CHARS']; |
|
105 |
}else { |
|
106 |
$sPwHashNew = md5($sNewPassword); |
|
107 |
} |
|
108 |
} |
|
109 |
} |
|
110 |
} |
|
111 |
// if no validation errors, try to update the database, otherwise return errormessages |
|
112 |
if(sizeof($err_msg) == 0) |
|
113 |
{ |
|
114 |
$sql = 'UPDATE `'.TABLE_PREFIX.'users` '; |
|
115 |
$sql .= 'SET `display_name`=\''.$display_name.'\', '; |
|
116 |
if($sPwHashNew) { |
|
117 |
$sql .= '`password`=\''.$sPwHashNew.'\', '; |
|
118 |
} |
|
119 |
if($email != '') { |
|
120 |
$sql .= '`email`=\''.$email.'\', '; |
|
121 |
} |
|
122 |
$sql .= '`language`=\''.$language.'\', '; |
|
123 |
$sql .= '`timezone`=\''.$timezone.'\', '; |
|
124 |
$sql .= '`date_format`=\''.$date_format.'\', '; |
|
125 |
$sql .= '`time_format`=\''.$time_format.'\' '; |
|
126 |
$sql .= 'WHERE `user_id`='.(int)$admin->get_user_id(); |
|
127 |
if( $database->query($sql) ) |
|
128 |
{ |
|
129 |
// update successfull, takeover values into the session |
|
130 |
$_SESSION['DISPLAY_NAME'] = $display_name; |
|
131 |
$_SESSION['LANGUAGE'] = $language; |
|
132 |
$_SESSION['TIMEZONE'] = $timezone; |
|
133 |
$_SESSION['EMAIL'] = $email; |
|
134 |
// Update date format |
|
135 |
if($date_format != '') { |
|
136 |
$_SESSION['DATE_FORMAT'] = $date_format; |
|
137 |
if(isset($_SESSION['USE_DEFAULT_DATE_FORMAT'])) { unset($_SESSION['USE_DEFAULT_DATE_FORMAT']); } |
|
138 |
} else { |
|
139 |
$_SESSION['USE_DEFAULT_DATE_FORMAT'] = true; |
|
140 |
if(isset($_SESSION['DATE_FORMAT'])) { unset($_SESSION['DATE_FORMAT']); } |
|
141 |
} |
|
142 |
// Update time format |
|
143 |
if($time_format != '') { |
|
144 |
$_SESSION['TIME_FORMAT'] = $time_format; |
|
145 |
if(isset($_SESSION['USE_DEFAULT_TIME_FORMAT'])) { unset($_SESSION['USE_DEFAULT_TIME_FORMAT']); } |
|
146 |
} else { |
|
147 |
$_SESSION['USE_DEFAULT_TIME_FORMAT'] = true; |
|
148 |
if(isset($_SESSION['TIME_FORMAT'])) { unset($_SESSION['TIME_FORMAT']); } |
|
149 |
} |
|
150 |
}else { |
|
151 |
$err_msg[] = 'invalid database UPDATE call in '.__FILE__.'::'.__FUNCTION__.'before line '.__LINE__; |
|
152 |
} |
|
153 |
} |
|
154 |
} |
|
86 |
$sCurrentPassword = $admin->add_slashes($admin->StripCodeFromText($admin->get_post('current_password'),true)); |
|
87 |
$sNewPassword = $admin->add_slashes($admin->StripCodeFromText($admin->get_post('new_password_1'),true)); |
|
88 |
$sNewPasswordRetyped = $admin->add_slashes($admin->StripCodeFromText($admin->get_post('new_password_2'),true)); |
|
89 |
|
|
90 |
if($bMailHasChanged == true) |
|
91 |
{ |
|
92 |
$bPassRequest = $bMailHasChanged; |
|
93 |
} else { |
|
94 |
$bPassRequest = ( ( $sCurrentPassword != '') || ($sNewPassword != '') || ($sNewPasswordRetyped != '') ) ? true : false; |
|
95 |
} |
|
96 |
// Check existing password |
|
97 |
$sql = 'SELECT `password` '; |
|
98 |
$sql .= 'FROM `'.TABLE_PREFIX.'users` '; |
|
99 |
$sql .= 'WHERE `user_id` = '.$admin->get_user_id(); |
|
100 |
if ( $bPassRequest && md5($sCurrentPassword) != $database->get_one($sql) ) { |
|
101 |
// access denied |
|
102 |
$err_msg[] = $MESSAGE['PREFERENCES_CURRENT_PASSWORD_INCORRECT']; |
|
103 |
} else { |
|
104 |
// validate new password |
|
105 |
$sPwHashNew = false; |
|
106 |
if( ($sNewPassword != '') || ($sNewPasswordRetyped != '') ) { |
|
107 |
if(strlen($sNewPassword) < $iMinPassLength) { |
|
108 |
$err_msg[] = $MESSAGE['USERS_PASSWORD_TOO_SHORT']; |
|
109 |
} else { |
|
110 |
if($sNewPassword != $sNewPasswordRetyped) { |
|
111 |
$err_msg[] = $MESSAGE['USERS_PASSWORD_MISMATCH']; |
|
112 |
} else { |
|
113 |
$pattern = '/[^'.$admin->password_chars.']/'; |
|
114 |
if (preg_match($pattern, $sNewPassword)) { |
|
115 |
$err_msg[] = $MESSAGE['PREFERENCES_INVALID_CHARS']; |
|
116 |
} else { |
|
117 |
$sPwHashNew = md5($sNewPassword); |
|
118 |
} |
|
119 |
} |
|
120 |
} |
|
121 |
} |
|
122 |
|
|
123 |
// if no validation errors, try to update the database, otherwise return errormessages |
|
124 |
if(sizeof($err_msg) == 0) |
|
125 |
{ |
|
126 |
$sql = 'UPDATE `'.TABLE_PREFIX.'users` '; |
|
127 |
$sql .= 'SET `display_name`=\''.$display_name.'\', '; |
|
128 |
if($sPwHashNew) { |
|
129 |
$sql .= '`password`=\''.$sPwHashNew.'\', '; |
|
130 |
} |
|
131 |
if($email != '') { |
|
132 |
$sql .= '`email`=\''.$email.'\', '; |
|
133 |
} |
|
134 |
$sql .= '`language`=\''.$language.'\', '; |
|
135 |
$sql .= '`timezone`=\''.$timezone.'\', '; |
|
136 |
$sql .= '`date_format`=\''.$date_format.'\', '; |
|
137 |
$sql .= '`time_format`=\''.$time_format.'\' '; |
|
138 |
$sql .= 'WHERE `user_id`='.(int)$admin->get_user_id(); |
|
139 |
if( $database->query($sql) ) |
|
140 |
{ |
|
141 |
// update successfull, takeover values into the session |
|
142 |
$_SESSION['DISPLAY_NAME'] = $display_name; |
|
143 |
$_SESSION['LANGUAGE'] = $language; |
|
144 |
$_SESSION['TIMEZONE'] = $timezone; |
|
145 |
$_SESSION['EMAIL'] = $email; |
|
146 |
// Update date format |
|
147 |
if($date_format != '') { |
|
148 |
$_SESSION['DATE_FORMAT'] = $date_format; |
|
149 |
if(isset($_SESSION['USE_DEFAULT_DATE_FORMAT'])) { unset($_SESSION['USE_DEFAULT_DATE_FORMAT']); } |
|
150 |
} else { |
|
151 |
$_SESSION['USE_DEFAULT_DATE_FORMAT'] = true; |
|
152 |
if(isset($_SESSION['DATE_FORMAT'])) { unset($_SESSION['DATE_FORMAT']); } |
|
153 |
} |
|
154 |
// Update time format |
|
155 |
if($time_format != '') { |
|
156 |
$_SESSION['TIME_FORMAT'] = $time_format; |
|
157 |
if(isset($_SESSION['USE_DEFAULT_TIME_FORMAT'])) { unset($_SESSION['USE_DEFAULT_TIME_FORMAT']); } |
|
158 |
} else { |
|
159 |
$_SESSION['USE_DEFAULT_TIME_FORMAT'] = true; |
|
160 |
if(isset($_SESSION['TIME_FORMAT'])) { unset($_SESSION['TIME_FORMAT']); } |
|
161 |
} |
|
162 |
} else { |
|
163 |
$err_msg[] = 'invalid database UPDATE call in '.__FILE__.'::'.__FUNCTION__.'before line '.__LINE__; |
|
164 |
} |
|
165 |
} |
|
166 |
} |
|
167 |
|
|
168 |
} |
|
169 |
|
|
155 | 170 |
return ( (sizeof($err_msg) > 0) ? implode('<br />', $err_msg) : '' ); |
156 | 171 |
} |
172 |
|
|
173 |
$config_file = realpath('../../config.php'); |
|
174 |
if(file_exists($config_file) && !defined('WB_URL')) |
|
175 |
{ |
|
176 |
require_once($config_file); |
|
177 |
} |
|
178 |
|
|
179 |
if(!class_exists('admin', false)){ include(WB_PATH.'/framework/class.admin.php'); } |
|
180 |
|
|
181 |
// suppress to print the header, so no new FTAN will be set |
|
182 |
$admin = new admin('Preferences','start', false); |
|
183 |
|
|
157 | 184 |
$retval = save_preferences($admin, $database); |
158 | 185 |
if( $retval == '') |
159 | 186 |
{ |
... | ... | |
161 | 188 |
$admin->print_header(); |
162 | 189 |
$admin->print_success($MESSAGE['PREFERENCES_DETAILS_SAVED']); |
163 | 190 |
$admin->print_footer(); |
164 |
}else { |
|
191 |
} else {
|
|
165 | 192 |
// print the header |
166 | 193 |
$admin->print_header(); |
167 | 194 |
$admin->print_error($retval); |
branches/2.8.x/wb/framework/SecureForm.mtab.php | ||
---|---|---|
369 | 369 |
} |
370 | 370 |
|
371 | 371 |
private function _timedout( $var ) { |
372 |
if(!isset($var['time'])) { return false; } |
|
372 | 373 |
if ($var['time'] < time()-$this->_timeout) return false; |
373 | 374 |
return true; |
374 | 375 |
} |
branches/2.8.x/wb/modules/form/htt/submessage.htt | ||
---|---|---|
13 | 13 |
</tr> |
14 | 14 |
</thead> |
15 | 15 |
<tbody class="frm-tbody"> |
16 |
<tr class="frm-warning"> |
|
17 |
<td colspan="2"><p class="{NIX_HIER}">{SUCCESS_PRINT}</p></td>
|
|
16 |
<tr class="frm-warning {NIX_HIER}">
|
|
17 |
<td colspan="2"><p>{SUCCESS_PRINT}</p></td> |
|
18 | 18 |
</tr> |
19 | 19 |
|
20 | 20 |
<tr class="frm-submission_submission_id"> |
... | ... | |
26 | 26 |
<td>{submission_submitted_when}</td> |
27 | 27 |
</tr> |
28 | 28 |
<tr class="frm-user_display_name"> |
29 |
<td>{TEXT_USER}:</td> |
|
29 |
<td>{TEXT_USER} ({TEXT_USERNAME}):</td>
|
|
30 | 30 |
<td>{user_display_name} ({user_username})</td> |
31 | 31 |
</tr> |
32 | 32 |
<tr class="frm-hr"> |
branches/2.8.x/wb/modules/form/view.php | ||
---|---|---|
344 | 344 |
$mail_replyto = $success_email_to = htmlspecialchars($wb->add_slashes($_POST[$success_email_to])); |
345 | 345 |
} |
346 | 346 |
$success_email_to = ''; |
347 |
$email_fromname = $TEXT['UNKNOWN'];
|
|
347 |
$email_fromname = $TEXT['GUEST'];
|
|
348 | 348 |
// $success_email_fromname = $TEXT['UNKNOWN']; |
349 | 349 |
// $email_from = $TEXT['UNKNOWN']; |
350 | 350 |
} |
... | ... | |
649 | 649 |
'submission_submitted_when' => gmdate( DATE_FORMAT .', '.TIME_FORMAT, $submission['submitted_when']+TIMEZONE ), |
650 | 650 |
'NIX_HIER' => $NixHier, |
651 | 651 |
'TEXT_USER' => $TEXT['USER'], |
652 |
'TEXT_USERNAME' => $TEXT['USERNAME'], |
|
652 | 653 |
'TEXT_PRINT_PAGE' => $TEXT['PRINT_PAGE'], |
653 | 654 |
'TEXT_REQUIRED_JS' => $TEXT['REQUIRED_JS'], |
654 | 655 |
'user_display_name' => $user['display_name'], |
branches/2.8.x/wb/modules/form/languages/NL.php | ||
---|---|---|
58 | 58 |
$MOD_FORM['SPAM'] = 'Caution! Answering an unchecked email can be perceived as spamming and entail the risk of receiving a cease-and-desist letter! '; |
59 | 59 |
|
60 | 60 |
$TEXT['GUEST'] = 'Guest'; |
61 |
$TEXT['UNKNOWN'] = 'unkown'; |
|
61 | 62 |
$TEXT['PRINT_PAGE'] = 'Print page'; |
62 | 63 |
$TEXT['REQUIRED_JS'] = 'Required Javascript'; |
63 | 64 |
$TEXT['SUBMISSIONS_PERPAGE'] = 'Show submissions rows per page'; |
64 |
$TEXT['UNKNOWN'] = 'Unknown'; |
branches/2.8.x/wb/modules/form/languages/NO.php | ||
---|---|---|
58 | 58 |
$MOD_FORM['SPAM'] = 'Caution! Answering an unchecked email can be perceived as spamming and entail the risk of receiving a cease-and-desist letter! '; |
59 | 59 |
|
60 | 60 |
$TEXT['GUEST'] = 'Guest'; |
61 |
$TEXT['UNKNOWN'] = 'unkown'; |
|
61 | 62 |
$TEXT['PRINT_PAGE'] = 'Print page'; |
62 | 63 |
$TEXT['REQUIRED_JS'] = 'Required Javascript'; |
63 | 64 |
$TEXT['SUBMISSIONS_PERPAGE'] = 'Show submissions rows per page'; |
64 |
$TEXT['UNKNOWN'] = 'Unknown'; |
branches/2.8.x/wb/modules/form/languages/EN.php | ||
---|---|---|
58 | 58 |
$MOD_FORM['SPAM'] = 'Caution! Answering an unchecked email can be perceived as spamming and entail the risk of receiving a cease-and-desist letter! '; |
59 | 59 |
|
60 | 60 |
$TEXT['GUEST'] = 'Guest'; |
61 |
$TEXT['UNKNOWN'] = 'unkown'; |
|
61 | 62 |
$TEXT['PRINT_PAGE'] = 'Print page'; |
62 | 63 |
$TEXT['REQUIRED_JS'] = 'Required Javascript'; |
63 | 64 |
$TEXT['SUBMISSIONS_PERPAGE'] = 'Show submissions rows per page'; |
64 |
$TEXT['UNKNOWN'] = 'Unknown'; |
branches/2.8.x/wb/modules/form/languages/DA.php | ||
---|---|---|
58 | 58 |
$MOD_FORM['SPAM'] = 'Caution! Answering an unchecked email can be perceived as spamming and entail the risk of receiving a cease-and-desist letter! '; |
59 | 59 |
|
60 | 60 |
$TEXT['GUEST'] = 'Guest'; |
61 |
$TEXT['UNKNOWN'] = 'unkown'; |
|
61 | 62 |
$TEXT['PRINT_PAGE'] = 'Print page'; |
62 | 63 |
$TEXT['REQUIRED_JS'] = 'Required Javascript'; |
63 | 64 |
$TEXT['SUBMISSIONS_PERPAGE'] = 'Show submissions rows per page'; |
64 |
$TEXT['UNKNOWN'] = 'Unknown'; |
branches/2.8.x/wb/modules/form/languages/RU.php | ||
---|---|---|
57 | 57 |
$MOD_FORM['SPAM'] = 'Caution! Answering an unchecked email can be perceived as spamming and entail the risk of receiving a cease-and-desist letter! '; |
58 | 58 |
|
59 | 59 |
$TEXT['GUEST'] = 'Guest'; |
60 |
$TEXT['UNKNOWN'] = 'unkown'; |
|
60 | 61 |
$TEXT['PRINT_PAGE'] = 'Print page'; |
61 | 62 |
$TEXT['REQUIRED_JS'] = 'Required Javascript'; |
62 | 63 |
$TEXT['SUBMISSIONS_PERPAGE'] = 'Show submissions rows per page'; |
63 |
$TEXT['UNKNOWN'] = 'Unknown'; |
branches/2.8.x/wb/modules/form/languages/FR.php | ||
---|---|---|
58 | 58 |
$MOD_FORM['SPAM'] = 'Caution! Answering an unchecked email can be perceived as spamming and entail the risk of receiving a cease-and-desist letter! '; |
59 | 59 |
|
60 | 60 |
$TEXT['GUEST'] = 'Guest'; |
61 |
$TEXT['UNKNOWN'] = 'unkown'; |
|
61 | 62 |
$TEXT['PRINT_PAGE'] = 'Print page'; |
62 | 63 |
$TEXT['REQUIRED_JS'] = 'Required Javascript'; |
63 | 64 |
$TEXT['SUBMISSIONS_PERPAGE'] = 'Show submissions rows per page'; |
64 |
$TEXT['UNKNOWN'] = 'Unknown'; |
branches/2.8.x/wb/modules/form/languages/DE.php | ||
---|---|---|
15 | 15 |
* @description |
16 | 16 |
*/ |
17 | 17 |
|
18 |
// Must include code to stop this file being accessed directly
|
|
18 |
// Must include code to stop this file being access directly |
|
19 | 19 |
if(!defined('WB_URL')) { |
20 | 20 |
require_once(dirname(dirname(dirname(dirname(__FILE__)))).'/framework/globalExceptionHandler.php'); |
21 |
// Stop this file being access directly
|
|
21 |
throw new IllegalFileException();
|
|
22 | 22 |
} |
23 | 23 |
/* -------------------------------------------------------- */ |
24 | 24 |
|
... | ... | |
59 | 59 |
$MOD_FORM['SPAM'] = 'ACHTUNG! Beantworten einer ungeprüften E-Mail kann als Spam abgemahnt werden! '; |
60 | 60 |
|
61 | 61 |
$TEXT['GUEST'] = 'Gast'; |
62 |
$TEXT['UNKNOWN'] = 'unbekannt'; |
|
62 | 63 |
$TEXT['PRINT_PAGE'] = 'Seite drucken'; |
63 | 64 |
$TEXT['REQUIRED_JS'] = 'Javascript erforderlich'; |
64 | 65 |
$TEXT['SUBMISSIONS_PERPAGE'] = 'Anzeige gespeicherte Einträge pro Seite'; |
65 |
$TEXT['UNKNOWN'] = 'Unbekannt'; |
branches/2.8.x/wb/modules/form/view_submission.php | ||
---|---|---|
19 | 19 |
|
20 | 20 |
// Include WB admin wrapper script |
21 | 21 |
require(WB_PATH.'/modules/admin.php'); |
22 |
// load module language file |
|
23 |
$lang = (dirname(__FILE__)) . '/languages/' . LANGUAGE . '.php'; |
|
24 |
require_once(!file_exists($lang) ? (dirname(__FILE__)) . '/languages/EN.php' : $lang ); |
|
22 | 25 |
/* */ |
26 |
|
|
23 | 27 |
include_once (WB_PATH.'/framework/functions.php'); |
28 |
|
|
24 | 29 |
// Get page |
25 | 30 |
$requestMethod = '_'.strtoupper($_SERVER['REQUEST_METHOD']); |
26 | 31 |
$page = intval(isset(${$requestMethod}['page'])) ? ${$requestMethod}['page'] : 1; |
... | ... | |
49 | 54 |
if($get_user->numRows() != 0) { |
50 | 55 |
$user = $get_user->fetchRow(MYSQL_ASSOC); |
51 | 56 |
} else { |
52 |
$user['display_name'] = 'Unknown';
|
|
53 |
$user['username'] = 'unknown';
|
|
57 |
$user['display_name'] = $TEXT['GUEST'];
|
|
58 |
$user['username'] = $TEXT['UNKNOWN'];
|
|
54 | 59 |
} |
55 | 60 |
} |
56 | 61 |
//$sec_anchor = (defined( 'SEC_ANCHOR' ) && ( SEC_ANCHOR != '' ) ? '#'.SEC_ANCHOR.$section['section_id'] : '' ); |
... | ... | |
66 | 71 |
<td><?php echo gmdate(DATE_FORMAT .', '.TIME_FORMAT, $submission['submitted_when']+TIMEZONE); ?></td> |
67 | 72 |
</tr> |
68 | 73 |
<tr> |
69 |
<td><?php echo $TEXT['USER']; ?>:</td> |
|
74 |
<td><?php echo $TEXT['USER'].' ('.$TEXT['USERNAME'].')'; ?>:</td>
|
|
70 | 75 |
<td><?php echo $user['display_name'].' ('.$user['username'].')'; ?></td> |
71 | 76 |
</tr> |
72 | 77 |
<tr> |
Also available in: Unified diff
! add delete Outdated Confirmations in backend
! show waiting Activations if exists in user management
! security fixes in admin/preferences/
! update form modul, change text "unknown#" to "Guest"
in view_submission and emailheader email_fromname