Changeset 22

Timestamp:

Nov 23, 2005 9:29:33 PM (18 years ago)

Author:

scdev

Message:

More bugs and shifting things about.

Location:

trunk

Files:

• bin/module_maker/form_template.cli.php (modified) (7 diffs)
• bin/module_maker/module.cli.php (modified) (5 diffs)
• bin/module_maker/skel/adm_form.ihtml (modified) (1 diff)
• bin/module_maker/skel/admin.php (modified) (6 diffs)
• css/admin.inc.css (modified) (1 diff)
• css/utilities.inc.css (modified) (5 diffs)
• lib/App.inc.php (modified) (10 diffs)
• lib/FormValidator.inc.php (modified) (1 diff)
• lib/Nav.inc.php (modified) (1 diff)
• lib/PEdit.inc.php (modified) (2 diffs)
• lib/RecordLock.inc.php (modified) (4 diffs)
• lib/Upload.inc.php (modified) (8 diffs)
• lib/Utilities.inc.php (modified) (3 diffs)
• services/admins.php (modified) (5 diffs)
• services/lock.php (modified) (2 diffs)
• services/logout.php (modified) (1 diff)
• services/logs.php (modified) (4 diffs)
• services/templates/admin_form.ihtml (modified) (7 diffs)
• services/templates/lock.ihtml (modified) (1 diff)
• services/templates/login_form.ihtml (modified) (1 diff)
• services/templates/password.ihtml (modified) (4 diffs)
• services/versions.php (modified) (1 diff)

trunk/bin/module_maker/form_template.cli.php

@@ -64 +64 @@
     <tr>
         <td class="right"><label for="$field"<\x3fphp \$fv->err('$field', ' class="error"') \x3f>><\x3fphp echo _("$title"); \x3f></label></td>
-        <td valign="top">
+        <td>
             <select name="$field" class="small">
-            <\x3fphp printSelectForm('<##>_tbl', "CONCAT(<##>_id, '&mdash;', <##>)", '$field', \$frm['$field'], true, 'ORDER BY $field DESC'); \x3f>
+            <\x3fphp printSelectForm('<##>_tbl', "CONCAT(<##>_id, '&mdash;', <##>)", '$field', \$frm['$field'], true, 'ORDER BY $field ASC'); \x3f>
             </select>
+            <span class="commandtext">
+                <span class="commanditem"><a href="<\x3fphp echo App::oHREF('<##>.php?op=add&boomerang=true'); \x3f>" onClick="javascript:return confirm('<\x3fphp echo _("Notice: You are about to leave this form page and any changes you may have made without saving will be lost."); \x3f>')"><\x3fphp echo _("Add <##>") \x3f></a></span>
+                <\x3fphp if ('' != \$frm['<##>_id']) { \x3f>
+                    <span class="commanditem"><a href="<\x3fphp echo App::oHREF('<##>.php?op=edit&boomerang=true&<##>_id=' . \$frm['<##>_id']); \x3f>" onClick="javascript:return confirm('<\x3fphp echo _("Notice: You are about to leave this form page and any changes you may have made without saving will be lost."); \x3f>')"><\x3fphp echo sprintf(_("Edit <##> <em>%s</em>"), \$frm['<##>']) \x3f></a></span>
+                <\x3fphp } \x3f>
+            </span>
         </td>
     </tr>
@@ -79 +85 @@
     <tr>
         <td class="right"><label for="$field"<\x3fphp \$fv->err('$field', ' class="error"') \x3f>><\x3fphp echo _("$title"); \x3f></label></td>
-        <td valign="top">
+        <td>
             <input type="file" name="$field" />
             <\x3fphp if ('' != \$upload->getFilenameGlob(getFormData('$primary_key_field') . '_*') && getFormData('op') == 'edit' || getFormData('op') == 'update') { \x3f>
-            <div class="help"><\x3fphp printf(_("The current file <a href=\"%s/%2\$s\"><strong>%2\$s</strong></a> will be deleted if a new file is selected for upload."), '/_db_files/<##>', \$upload->getFilenameGlob(getFormData('$primary_key_field') . '_*')) \x3f></div>
+            <div class="help"><\x3fphp printf(_("The current file <a href=\"%s/%2\\\$s\"><strong>%2\\\$s</strong></a> will be deleted if a new file is selected for upload."), '/_db_files/<##>', \$upload->getFilenameGlob(getFormData('$primary_key_field') . '_*')) \x3f></div>
             <\x3fphp } \x3f>
             <div class="help"><\x3fphp printf(_("File to upload must have one of the following file-name extensions: %s."), join(', ', \$upload->getParam('valid_file_extensions'))) \x3f></div>
@@ -96 +102 @@
     <tr>
         <td class="right"><label for="$field"<\x3fphp \$fv->err('$field', ' class="error"') \x3f>><\x3fphp echo _("$title"); \x3f></label></td>
-        <td valign="top">
+        <td>
             <input type="password" class="medium" size="50" name="$field" value="<\x3fphp echo oTxt(\$frm['$field']); \x3f>" />
         </td>
@@ -111 +117 @@
     <tr>
         <td class="right"><label for="$field"<\x3fphp \$fv->err('$field', ' class="error"') \x3f>><\x3fphp echo _("$title"); \x3f></label></td>
-        <td valign="top">
+        <td>
             <select name="$field">
             <\x3fphp printSetSelectForm('$db_tbl', '$field', \$frm['$field'], true); \x3f>
@@ -125 +131 @@
     <tr>
         <td class="right"><label for="$field"<\x3fphp \$fv->err('$field', ' class="error"') \x3f>><\x3fphp echo _("$title"); \x3f></label></td>
-        <td valign="top">
+        <td>
             <\x3fphp printSetCheckboxes('$db_tbl', '$field', \$frm['$field'], 1) \x3f>
         </td>
@@ -156 +162 @@
     <tr>
         <td class="right"><label for="$field"<\x3fphp \$fv->err('$field', ' class="error"') \x3f>><\x3fphp echo _("$title"); \x3f></label></td>
-        <td valign="top">
+        <td>
             <textarea class="large" cols="75" rows="4" name="$field"><\x3fphp echo oTxt(\$frm['$field']); \x3f></textarea>
         </td>
@@ -195 +201 @@
     <tr>
         <td class="right"><label for="$field"<\x3fphp \$fv->err('$field', ' class="error"') \x3f>><\x3fphp echo _("$title"); \x3f></label></td>
-        <td valign="top">
+        <td>
             <input type="text" class="medium" size="50" name="$field" value="<\x3fphp echo oTxt(\$frm['$field']); \x3f>" />
         </td>

trunk/bin/module_maker/module.cli.php

@@ -207 +207 @@
 $search['admin_upload_insert'] = '/%ADMIN_UPLOAD_INSERT%/';
 $replace['admin_upload_insert'] = '';
-$search['admin_upload_insert2'] = '/%ADMIN_UPLOAD_INSERT2%/';
-$replace['admin_upload_insert2'] = '';
 $search['admin_upload_update'] = '/%ADMIN_UPLOAD_UPDATE%/';
 $replace['admin_upload_update'] = '';
 
 if ($upload_file_capability) {
+    // Form arguments
     $replace['admin_form_tag_init'] = "<form enctype=\"multipart/form-data\" method=\"post\" action=\"<\x3fphp echo \$_SERVER['PHP_SELF']; \x3f>\">\n<input type=\"hidden\" name=\"MAX_FILE_SIZE\" value=\"<##>\" />";
-
+    
+    // Include statement.
     $replace['admin_upload_include'] = "require_once 'codebase/lib/Upload.inc.php';\n";
 
+    // Config
     $replace['admin_upload_config'] = <<<E_O_F
 
@@ -230 +231 @@
 E_O_F;
 
+    // Main init.
     $replace['admin_upload_init'] = <<<E_O_F
 
@@ -238 +240 @@
 E_O_F;
 
+    // Delete.
     $replace['admin_upload_del'] = <<<E_O_F
 
@@ -246 +249 @@
 E_O_F;
 
+    // Insert 1.
     $replace['admin_upload_insert'] = <<<E_O_F
 
-        // Upload file.
-        if (!\$new_files = \$upload->process('<##>')) {
-            // Upload failed. Reload form, displaying errors.
-            \$frm =& addRecordForm();
-            \$frm = array_merge(\$frm, getFormData());
-            \$nav->addPage(_("Add %ITEM_TITLE%"));
-            \$main_template = '%ADMIN_FORM_TEMPLATE%';
-            break;
+        // Upload files with prepended primary key.
+        \$new_file = \$upload->process('<##>',  \$%PRIMARY_KEY% . '_' . getFormData('<##>'));
+
+        // If file upload errors, redirect to edit operation for the inserted record.
+        if (\$upload->anyErrors() || false === \$new_file) {
+            App::dieURL(\$_SERVER['PHP_SELF'] . '?op=edit&%PRIMARY_KEY%=' . \$%PRIMARY_KEY%);
         }
 E_O_F;
 
-    $replace['admin_upload_insert2'] = <<<E_O_F
-
-        // Record inserted successfuly. Now we know the primary key, prepend to filename.
-        \$upload->moveFile(\$new_files[0]['name'], \$%PRIMARY_KEY% . '_' . \$new_files[0]['name']);
-E_O_F;
-
+    // Update.
     $replace['admin_upload_update'] = <<<E_O_F
 
-        // Upload new file.
+        // Upload new files.
         if (getFormData('<##>')) {
-            if (\$upload->process('<##>',  getFormData('%PRIMARY_KEY%') . '_' . getFormData('<##>'))) {
-                // Upload success. Delete old file.
-                if ('' != \$upload->getFilenameGlob(getFormData('%PRIMARY_KEY%') . '_*')) {
-                    \$upload->deleteFile(\$upload->getFilenameGlob(getFormData('%PRIMARY_KEY%') . '_*'));
-                }
-            } else {
-                // Upload failed. Reload form, displaying errors.
+            // Get old file names for deletion.
+            \$old_file = \$upload->getFilenameGlob(getFormData('%PRIMARY_KEY%') . '_*');
+            // Process new file upload with prepended primary key.
+            \$new_file = \$upload->process('<##>',  getFormData('%PRIMARY_KEY%') . '_' . getFormData('<##>'));
+            if (false === \$new_file || \$upload->anyErrors()) {
+                // Upload failed. Reload form. Display errors.
                 \$frm =& editRecordForm(getFormData('%PRIMARY_KEY%'));
                 \$frm = array_merge(\$frm, getFormData());
@@ -281 +277 @@
                 \$main_template = '%ADMIN_FORM_TEMPLATE%';
                 break;
-            }            
+            } else {
+                // Upload succeeded. Delete old files.
+                if ('' != \$old_file && \$old_file != \$new_file[0]['name']) {
+                    \$upload->deleteFile(\$old_file);
+                }
+            }
         }
 E_O_F;
-} // End if.
+} // End upload_file_capability.
 
 

trunk/bin/module_maker/skel/adm_form.ihtml

@@ -9 +9 @@
     <tr>
         <td>&nbsp;</td>
-        <td valign="top"><?php printSubmitButtons($frm['submit_buttons']); ?></td>
+        <td><?php printSubmitButtons($frm['submit_buttons']); ?></td>
     </tr>
 %ADM_FORM_TABLE_ROWS%
     <tr>
         <td>&nbsp;</td>
-        <td valign="top"><?php printSubmitButtons($frm['submit_buttons']); ?></td>
+        <td><?php printSubmitButtons($frm['submit_buttons']); ?></td>
     </tr>
 </table>

trunk/bin/module_maker/skel/admin.php

@@ -92 +92 @@
 //     $auth->requireAccessClearance(ZONE_ADMIN_%NAME_UPPER%_FUNC_ADD);
     if (getFormdata('cancel', false)) {
+        if (App::validBoomerangURL('%NAME_PLURAL%')) {
+            // Display boomerang page.
+            App::dieBoomerangURL('%NAME_PLURAL%');
+        }
+        // Display default page.
         App::dieURL($_SERVER['PHP_SELF']);
     }
@@ -100 +105 @@
         $nav->addPage(_("Add %ITEM_TITLE%"));
         $main_template = '%ADMIN_FORM_TEMPLATE%';
-    } else {%ADMIN_UPLOAD_INSERT%
-        $%PRIMARY_KEY% = insertRecord(getFormData());%ADMIN_UPLOAD_INSERT2%
+    } else {
+        $%PRIMARY_KEY% = insertRecord(getFormData());%ADMIN_UPLOAD_INSERT%
         if (getFormdata('repeat', false)) {
             // Display function again.
@@ -122 +127 @@
     if (getFormdata('cancel', false)) {
         // Remove lock
-        $lock =& RecordLock::getInstance($GLOBALS['auth']);
         $lock->select('%DB_TBL%', '%PRIMARY_KEY%', getFormData('%PRIMARY_KEY%'));
         $lock->remove();
@@ -202 +206 @@
 function &editRecordForm($id)
 {
-    $lock =& RecordLock::getInstance($GLOBALS['auth']);
+    global $lock;
+
     $lock->select('%DB_TBL%', '%PRIMARY_KEY%', $id);
     if ($lock->isLocked() && !$lock->isMine()) {
@@ -240 +245 @@
 function deleteRecord($id)
 {
-    $lock =& RecordLock::getInstance($GLOBALS['auth']);
+    global $lock;
+    
     $lock->select('%DB_TBL%', '%PRIMARY_KEY%', $id);
     if ($lock->isLocked() && !$lock->isMine()) {
@@ -291 +297 @@
 function updateRecord($frm)
 {
-    global $auth;
-    
-    $lock =& RecordLock::getInstance($GLOBALS['auth']);
+    global $auth, $lock;
+    
     $lock->select('%DB_TBL%', '%PRIMARY_KEY%', $frm['%PRIMARY_KEY%']);
     if ($lock->isLocked() && !$lock->isMine()) {

trunk/css/admin.inc.css

@@ -230 +230 @@
 {
     vertical-align: top;
-    padding: 8px 6px 0 0 ;
+    padding: 8px 6px 0 0;
 }
 

trunk/css/utilities.inc.css

@@ -10 +10 @@
 
 /* BEAU: I format my CSS using BBEdit's Markup->CSS->Format command. Would you like to use that as well so our code looks consistant? */
-
 /*_____________________ FORMS ____________________*/
 input, select, input.submit
 {
-    color: #000;
-    margin: 0 0.5em 0 0;
-    padding: 0;
+    color: #000;
+    margin: 0 0.5em 0 0;
+    padding: 0;
 }
 
@@ -22 +21 @@
 input.submit
 {
-    font-weight: bold;
-    margin: 0.5em;
+    font-weight: bold;
+    margin: 0.5em;
 }
 
 input
 {
-    margin: 0.5em 0.5em 0 0;
+    margin: 0.5em 0.5em 0 0;
 }
 
 form table select, form table input
 {
-    margin-top: 0;
+    margin-top: 0;
 }
 
@@ -39 +38 @@
 BEAU: I want more text box widths! I find need for boxes that fit 5em, 10em, 20em, and 40em widths. These should be in EMs so text can resize and still fit. Since it is useful to apply a width to other form elements to have them similar sizes (not always a text box, such as <select multiple>) I propose renaming them to "input.tiny", "input.small", "input.medium", "input.large", and "input.half" (not sure how you would do "half" in EMs however.
 */
-input.tiny, textarea.tiny
+
+input.tiny, textarea.tiny, select.tiny
 {
     width: 4.75em;
 }
 
-input.small, textarea.small
+input.small, textarea.small, select.small
 {
     width: 10em;
 }
 
-input.medium, textarea.medium
+input.medium, textarea.medium, select.medium
 {
     width: 20.5em;
 }
 
-input.large, textarea.large
+input.large, textarea.large, select.large
 {
     width: 41.5em;
 }
 
-textarea
+textarea.twolines, select.twolines
 {
-    height: 8em;
+    height: 3em;
 }
 
-textarea.twolines
+textarea.short, select.short
 {
-    height: 3em;
+    height: 8em;
 }
 
-textarea.short
+textarea.tall, select.tall
 {
-    height: 8em;
+    height: 25em;
 }
 
-textarea.tall
+textarea.fullscreen, select.fullscreen
 {
-    height: 25em;
-}
-
-textarea.fullscreen
-{
-    height: 40em;
+    height: 40em;
 }
 
@@ -97 +92 @@
 form label
 {
-    padding: 7px 0px 0px 0px;
-    font-weight: bold;
+    padding: 7px 0px 0px 0px;
+    font-weight: bold;
 }
 
 /* BEAU: We need a .formtext substitute...something like a label tag but not bold! */
-
 /*_____________________ COMMANDS ____________________*/
 #commandbox
 {
-    padding: 5px;
-    margin: 0 0 .5em 0;
-    border: black 1px dotted;
-    background-color: #DDD;
+    padding: 5px;
+    margin: 0 0 .5em 0;
+    border: black 1px dotted;
+    background-color: #DDD;
 }
 
 .commanditem
 {
-    margin: 0 10px 0 0;
-    white-space: nowrap;
+    margin: 0 10px 0 0;
+    white-space: nowrap;
 }
 
 .commandtext
 {
-    padding-right: 1em;
+    padding-right: 1em;
 }
 
 .command_left
 {
-    float:left;  
-    white-space: nowrap;
+    float: left;
+    white-space: nowrap;
 }
 
 .command_right
 {
-    position: relative;
-    visibility: visible;
-    white-space: nowrap;
-    float:right;  
+    position: relative;
+    visibility: visible;
+    white-space: nowrap;
+    float: right;
 }
 
@@ -140 +134 @@
 .nowrap
 {
-    white-space: nowrap;
+    white-space: nowrap;
 }
 
 .clearboth
 {
-    clear: both;
+    clear: both;
 }
 
 .center
 {
-    text-align: center;
+    text-align: center;
 }
 
 .right
 {
-    text-align: right;
+    text-align: right;
 }
 
 .padright
 {
-    padding: 0 10px 0 0;
+    padding: 0 10px 0 0;
 }
 
 .padleft
 {
-    padding: 0 0 0 10px;
+    padding: 0 0 0 10px;
 }
 
 .help
 {
-    color: #999;
-    font-weight: normal;
+    color: #666;
+    font-weight: normal;
 }
 
 .monospaced
 {
-    font-family: monaco, courier;
-    font-weight: normal;
+    font-family: monaco, courier;
+    font-weight: normal;
 }

trunk/lib/App.inc.php

@@ -152 +152 @@
         }
         
-        if (!isset($_SESSION[$this->app])) {
-            $_SESSION[$this->app] = array();
-        }
-
         // Initialize default parameters.
         $this->_params = array_merge($this->_params, $this->_param_defaults);
@@ -296 +292 @@
             session_name($this->getParam('session_name'));
             
-            // Start the session. Access session data using: $_SESSION['...']
+            // Start the session.
             session_start();
+            
+            if (!isset($_SESSION[$this->app])) {
+                // Access session data using: $_SESSION['...'].
+                // Initialize here _after_ session has started.
+                $_SESSION[$this->app] = array(
+                    'messages' => array(),
+                    'boomerang' => array('url'),
+                );
+            }
         }
         
@@ -374 +379 @@
         
         if (!in_array($type, array(MSG_NOTICE, MSG_SUCCESS, MSG_WARNING, MSG_ERR))) {
-            App::logMsg(sprintf('Invalid MSG_* type: %s', $type), LOG_DEBUG, __FILE__, __LINE__);
+            $this->logMsg(sprintf('Invalid MSG_* type: %s', $type), LOG_DEBUG, __FILE__, __LINE__);
         }
     }
@@ -752 +757 @@
         if (preg_match('!^/!', $url)) {
             // If relative URL is given, prepend correct local hostname.
-            $my_url = parse_url($_SERVER['SCRIPT_URI']);
-            $url = sprintf('%s://%s%s', $my_url['scheme'], $my_url['host'], $url);
-        }
-    
+            $scheme = 'on' == getenv('HTTPS') ? 'https' : 'http';
+            $host = getenv('HTTP_HOST');
+            $url = sprintf('%s://%s%s', $scheme, $host, $url);
+        }
+
         $url = $this->oHREF($url, $carry_args, $always_include_sid);
         
@@ -787 +793 @@
             if (isset($id) && isset($_SESSION[$this->app]['boomerang']['url'][$id])) {
                 $url = $_SESSION[$this->app]['boomerang']['url'][$id];
+                $this->logMsg(sprintf('dieBoomerangURL(%s) found: %s', $id, $url), LOG_DEBUG, __FILE__, __LINE__);
             } else {
                 $url = end($_SESSION[$this->app]['boomerang']['url']);
-            }
-        } else if (!refererIsMe() && !preg_match('/admin_common/', getenv('SCRIPT_NAME'))) {
+                $this->logMsg(sprintf('dieBoomerangURL(%s) using: %s', $id, $url), LOG_DEBUG, __FILE__, __LINE__);
+            }
+            // Delete stored boomerang.
+            $this->deleteBoomerangURL($id);
+        } else if (!refererIsMe()) {
             // Ensure that the redirecting page is not also the referrer.
-            // admin_common is an alias of 'admin', which confuses this function. Just here for local testing.
             $url = getenv('HTTP_REFERER');
+            $this->logMsg(sprintf('dieBoomerangURL(%s) using referrer: %s', $id, $url), LOG_DEBUG, __FILE__, __LINE__);
         } else {
-            $url = '';
-        }
-    
-        $this->logMsg(sprintf('dieBoomerangURL: %s', $url), LOG_DEBUG, __FILE__, __LINE__);
-    
-        // Delete stored boomerang.
-        $this->deleteBoomerangURL($id);
+            // If URL is not specified, use the redirect_home_url.
+            $url = $this->getParam('redirect_home_url');
+            $this->logMsg(sprintf('dieBoomerangURL(%s) not found, using redirect_home_url: %s', $id, $url), LOG_DEBUG, __FILE__, __LINE__);
+        }
+    
             
         // A redirection will never happen immediatly twice.
@@ -825 +833 @@
             return false;
         }
-        
         // A redirection will never happen immediatly after setting the boomerangURL.
         // Set the time so ensure this doesn't happen. See App::validBoomerangURL for more.
     
-        if (isset($url) && is_string($url)) {
+        if ('' != $url && is_string($url)) {
             // Delete any boomerang request keys in the query string.
             $url = preg_replace('/boomerang=[\w]+/', '', $url);
             
-            if (is_array($_SESSION[$this->app]['boomerang']['url']) && !empty($_SESSION[$this->app]['boomerang']['url'])) {
+            if (isset($_SESSION[$this->app]['boomerang']['url']) && is_array($_SESSION[$this->app]['boomerang']['url']) && !empty($_SESSION[$this->app]['boomerang']['url'])) {
                 // If the URL currently exists in the boomerang array, delete.
                 while ($existing_key = array_search($url, $_SESSION[$this->app]['boomerang']['url'])) {
@@ -845 +852 @@
                 $_SESSION[$this->app]['boomerang']['url'][] = $url;
             }
-            $this->logMsg(sprintf('setBoomerangURL: %s', $url), LOG_DEBUG, __FILE__, __LINE__);
+            $this->logMsg(sprintf('setBoomerangURL(%s): %s', $id, $url), LOG_DEBUG, __FILE__, __LINE__);
             return true;
         } else {
+            $this->logMsg(sprintf('setBoomerangURL(%s) is empty!', $id, $url), LOG_NOTICE, __FILE__, __LINE__);
             return false;
         }
@@ -895 +903 @@
         }
         
+        $this->logMsg(sprintf('deleteBoomerangURL(%s): %s', $id, $this->getBoomerangURL($id)), LOG_DEBUG, __FILE__, __LINE__);
+
         if (isset($id) && isset($_SESSION[$this->app]['boomerang']['url'][$id])) {
             unset($_SESSION[$this->app]['boomerang']['url'][$id]);
@@ -927 +937 @@
         $boomerang_time = isset($_SESSION[$this->app]['boomerang']['time']) ? $_SESSION[$this->app]['boomerang']['time'] : 0;
         
+        $url = '';
         if (isset($id) && isset($_SESSION[$this->app]['boomerang']['url'][$id])) {
             $url = $_SESSION[$this->app]['boomerang']['url'][$id];
@@ -934 +945 @@
         }
     
-        $this->logMsg(sprintf('validBoomerangURL testing url: %s', $url), LOG_DEBUG, __FILE__, __LINE__);
-        if (empty($url)) {
+        $this->logMsg(sprintf('validBoomerangURL(%s) testing: %s', $id, $url), LOG_DEBUG, __FILE__, __LINE__);
+
+        if ('' == $url) {
+            $this->logMsg(sprintf('validBoomerangURL(%s) not valid, empty!', $id), LOG_NOTICE, __FILE__, __LINE__);
             return false;
         }
         if ($url == absoluteMe()) {
             // The URL we are directing to is the current page.
-            $this->logMsg(sprintf('Boomerang URL not valid, same as absoluteMe: %s', $url), LOG_WARNING, __FILE__, __LINE__);
+            $this->logMsg(sprintf('validBoomerangURL(%s) not valid, same as absoluteMe: %s', $id, $url), LOG_NOTICE, __FILE__, __LINE__);
             return false;
         }
         if ($boomerang_time >= (time() - 2)) {
             // Last boomerang direction was more than 2 seconds ago.
-            $this->logMsg(sprintf('Boomerang URL not valid, boomerang_time too short: %s', time() - $boomerang_time), LOG_WARNING, __FILE__, __LINE__);
-            return false;
-        }
-        
-        $this->logMsg(sprintf('validBoomerangURL found: %s', $url), LOG_DEBUG, __FILE__, __LINE__);
+            $this->logMsg(sprintf('validBoomerangURL(%s) not valid, boomerang_time too short: %s', $id, time() - $boomerang_time), LOG_NOTICE, __FILE__, __LINE__);
+            return false;
+        }
+        
+        $this->logMsg(sprintf('validBoomerangURL(%s) is valid: %s', $id, $url), LOG_DEBUG, __FILE__, __LINE__);
         return true;
     }

trunk/lib/FormValidator.inc.php

@@ -433 +433 @@
         $phone = getFormData($form_name);
         
-        $this->checkRegex($form_name, '/^[0-9 +().-]*$/', true, sprintf(_("The phone number <strong>%s</strong> is not valid."), $phone));
-        $this->stringLength($form_name, 0, 25, sprintf(_("The phone number <strong>%s</strong> is too long"), $phone));
+        return $this->checkRegex($form_name, '/^[0-9 +().-]*$/', true, sprintf(_("The phone number <strong>%s</strong> is not valid."), $phone))
+        && $this->stringLength($form_name, 0, 25, sprintf(_("The phone number <strong>%s</strong> is too long"), $phone));
     }
 

trunk/lib/Nav.inc.php

@@ -148 +148 @@
         
         if ($this->getFeature('title', $page_id)) {
-            return oTxt($this->pages[$page_id]['title'], true);
+            return oTxt($this->pages[$page_id]['title']);
         } else {
             return false;

trunk/lib/PEdit.inc.php

@@ -163 +163 @@
                     ?>
                     <tr>
-                    <td valign="top" nowrap="nowrap"><p><?php echo date('r', $v['unixtime']); ?></p></td>
-                    <td valign="top" nowrap="nowrap"><p>&nbsp;&nbsp;&nbsp;<?php printf(_("%s bytes"), $v['filesize']); ?></p></td>
-                    <td valign="top" nowrap="nowrap"><p>&nbsp;&nbsp;&nbsp;[<a href="<?php echo App::oHREF(dirname($_SERVER['PHP_SELF']) . (preg_match('!/$!', dirname($_SERVER['PHP_SELF'])) ? '' : '/') . $v['filename']); ?>" target="_blank"><?php echo _("view"); ?></a>]</p></td>
-                    <td valign="top" nowrap="nowrap"><p>&nbsp;&nbsp;&nbsp;[<a href="<?php echo App::oHREF($_SERVER['PHP_SELF'] . '?op=Restore&with_file=' . $v['filename'] . '&file_hash=' . md5('frog_guts' . $this->_filename)); ?>"><?php echo _("restore"); ?></a>]</p></td>
+                    <td nowrap="nowrap"><p><?php echo date('r', $v['unixtime']); ?></p></td>
+                    <td nowrap="nowrap"><p>&nbsp;&nbsp;&nbsp;<?php printf(_("%s bytes"), $v['filesize']); ?></p></td>
+                    <td nowrap="nowrap"><p>&nbsp;&nbsp;&nbsp;[<a href="<?php echo App::oHREF(dirname($_SERVER['PHP_SELF']) . (preg_match('!/$!', dirname($_SERVER['PHP_SELF'])) ? '' : '/') . $v['filename']); ?>" target="_blank"><?php echo _("view"); ?></a>]</p></td>
+                    <td nowrap="nowrap"><p>&nbsp;&nbsp;&nbsp;[<a href="<?php echo App::oHREF($_SERVER['PHP_SELF'] . '?op=Restore&with_file=' . $v['filename'] . '&file_hash=' . md5('frog_guts' . $this->_filename)); ?>"><?php echo _("restore"); ?></a>]</p></td>
                     </tr>
                     <?php   
@@ -237 +237 @@
                 ?>
                 <table border="0" cellspacing="0" cellpadding="2"><tr>
-                <td valign="top"><input type="hidden" name="data[<?php echo $name; ?>]" value="off" /><input type="checkbox" name="data[<?php echo $name; ?>]" <?php echo $checked; ?>/></td>
-                <td valign="top"><?php echo oTxt($this->_data[$name]['corresponding_text']); ?></td>
+                <td><input type="hidden" name="data[<?php echo $name; ?>]" value="off" /><input type="checkbox" name="data[<?php echo $name; ?>]" <?php echo $checked; ?>/></td>
+                <td><?php echo oTxt($this->_data[$name]['corresponding_text']); ?></td>
                 </tr></table>
                 <?php

trunk/lib/RecordLock.inc.php

@@ -33 +33 @@
     {
         static $instances = array();
-
-        if (!is_a($auth_object, 'Auth_SQL')) {
-            trigger_error('Constructor not provided a valid Auth_SQL object.', E_USER_ERROR);
-        }
                 
         if (!isset($instances[$auth_object->getVal('auth_name')])) {
@@ -52 +48 @@
     function RecordLock($auth_object)
     {
+        if (!is_a($auth_object, 'Auth_SQL')) {
+            trigger_error('Constructor not provided a valid Auth_SQL object.', E_USER_ERROR);
+        }
+
         $this->_auth = $auth_object;
         
@@ -168 +168 @@
         }
         if ($this->data = mysql_fetch_assoc($qid)) {
-            App::logMsg(sprintf('Found locked record: %s %s %s', $record_table_or_lock_id, $record_key, $record_val), LOG_DEBUG, __FILE__, __LINE__);
+            App::logMsg(sprintf('Selecting %slocked record: %s %s %s', ($this->data['set_by_admin_id'] == $this->_auth->getVal('user_id') ? 'self-' : ''), $record_table_or_lock_id, $record_key, $record_val), LOG_DEBUG, __FILE__, __LINE__);
+            /// FIX ME: What if admin set lock, but public user is current lock user?
             $this->data['editor'] = $this->_auth->getUsername($this->data['set_by_admin_id']);
             return true;
@@ -275 +276 @@
             WHERE lock_id = '" . addslashes($this->data['lock_id']) . "'
         ");
+        
+        App::logMsg(sprintf('Removing lock: %s', $this->data['lock_id']), LOG_DEBUG, __FILE__, __LINE__);
     }
 

trunk/lib/Upload.inc.php

@@ -30 +30 @@
         'dest_file_perms' => 0600,
 
-        // Require file to have one of the following file extentions.
+        // Require file to have one of the following file name extentions.
         'valid_file_extensions' => array('jpg', 'jpeg', 'gif', 'png', 'pdf', 'txt', 'text', 'html', 'htm'),
     );
@@ -37 +37 @@
     var $errors = array();
 
-    // Array of file extensions and corresponding mime-types.
+    // Array of file name extensions and corresponding mime-types.
     var $mime_extension_map = array(
         'Z'       => 'application/x-compress',
@@ -278 +278 @@
         }
         
+        // Ensure the file form element specified actually exists.
         if (!isset($_FILES[$form_name])) {
-            App::logMsg(sprintf(_("Form element %s not posted."), $form_name), LOG_ERR, __FILE__, __LINE__);
-            $this->raiseMsg(_("There was a problem with the file upload. Please try again."), MSG_ERR, __FILE__, __LINE__);
+            App::logMsg(sprintf(_("Form element %s does not exist."), $form_name), LOG_ERR, __FILE__, __LINE__);
+            $this->raiseMsg(_("There was a problem with the file upload. Please try again later."), MSG_ERR, __FILE__, __LINE__);
             return false;
         }
@@ -314 +315 @@
             }
             
-            // Check The php upload error messages.
-            if (UPLOAD_ERR_INI_SIZE === $files['error'][$i]) {
-                if ($this->getParam('display_messages')) {
-                $this->raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading: it exceeds the maximum allowed upload file size of %s."), $files['name'][$i], ini_get('upload_max_filesize')), MSG_ERR, __FILE__, __LINE__);
-                }
-                App::logMsg(sprintf(_("The file %s failed uploading with PHP error %s UPLOAD_ERR_INI_SIZE (currently %s)."), $files['error'][$i], $files['name'][$i], ini_get('upload_max_filesize')), LOG_ERR, __FILE__, __LINE__);
-                $this->errors[] = $files['name'][$i];
-                continue;
-            }
-            if (UPLOAD_ERR_FORM_SIZE === $files['error'][$i]) {
-                $this->raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading: it exceeds the maximum allowed upload file size of %s."), $files['name'][$i], $_POST['MAX_FILE_SIZE']), MSG_ERR, __FILE__, __LINE__);
-                App::logMsg(sprintf(_("The file %s failed uploading with PHP error %s UPLOAD_ERR_FORM_SIZE (currently %s)."), $files['error'][$i], $files['name'][$i], $_POST['MAX_FILE_SIZE']), LOG_ERR, __FILE__, __LINE__);
-                $this->errors[] = $files['name'][$i];
-                continue;
-            }
-            if (UPLOAD_ERR_PARTIAL === $files['error'][$i]) {
-                $this->raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading: it was only partially uploaded."), $files['name'][$i]), MSG_ERR, __FILE__, __LINE__);
-                App::logMsg(sprintf(_("The file %s failed uploading with PHP error %s UPLOAD_ERR_PARTIAL."), $files['error'][$i], $files['name'][$i]), LOG_ERR, __FILE__, __LINE__);
-                $this->errors[] = $files['name'][$i];
-                continue;
-            }
-            if (UPLOAD_ERR_NO_FILE === $files['error'][$i]) {
-                $this->raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading: no file was uploaded."), $files['name'][$i]), MSG_ERR, __FILE__, __LINE__);
-                App::logMsg(sprintf(_("The file %s failed uploading with PHP error %s UPLOAD_ERR_NO_FILE."), $files['error'][$i], $files['name'][$i]), LOG_ERR, __FILE__, __LINE__);
-                $this->errors[] = $files['name'][$i];
-                continue;
-            }
-            if (UPLOAD_ERR_NO_TMP_DIR === $files['error'][$i]) {
-                $this->raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading: temporary upload directory missing."), $files['name'][$i]), MSG_ERR, __FILE__, __LINE__);
-                App::logMsg(sprintf(_("The file %s failed uploading with PHP error %s UPLOAD_ERR_NO_TMP_DIR."), $files['error'][$i], $files['name'][$i]), LOG_ERR, __FILE__, __LINE__);
-                $this->errors[] = $files['name'][$i];
-                continue;
-            }
-            
-            // Check to be sure it's an uploaded file.
-            if (!is_uploaded_file($files['tmp_name'][$i])) {
-                $this->raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading."), $files['name'][$i]), MSG_ERR, __FILE__, __LINE__);
-                App::logMsg(sprintf(_("The file %s failed is_uploaded_file."), $files['name'][$i]), LOG_ERR, __FILE__, __LINE__);
-                $this->errors[] = $files['name'][$i];
-                continue;
-            }
-            
-            // Check to be sure the file is not empty.
-            if ($files['size'][$i] < 1) {
-                $this->raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading: it contains zero bytes."), $files['name'][$i]), MSG_ERR, __FILE__, __LINE__);
-                App::logMsg(sprintf(_("The uploaded file %s contains zero bytes."), $files['name'][$i]), LOG_ERR, __FILE__, __LINE__);
-                $this->errors[] = $files['name'][$i];
-                continue;
-            }
-            
-            // Check to be sure the file has a valid file extension.
-            if (!in_array(strtolower($this->getFilenameExtension($files['name'][$i])), $this->getParam('valid_file_extensions'))) {
-                $this->raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading: it is an unrecognized type. Files must have one of the following file extensions: %s."), $files['name'][$i], join(', ', $this->getParam('valid_file_extensions'))), MSG_ERR, __FILE__, __LINE__);
-                App::logMsg(sprintf(_("The uploaded file %s has an unrecognized file extension."), $files['name'][$i]), LOG_WARNING, __FILE__, __LINE__);
-                $this->errors[] = $files['name'][$i];
-                continue;
-            }
-            
-            // Check to be sure the file has a unique file name.
-            if (!$this->getParam('allow_overwriting') && $this->exists($files['name'][$i])) {
-                $this->raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading: a file with that name already exists."), $files['name'][$i]), MSG_ERR, __FILE__, __LINE__);
-                App::logMsg(sprintf(_("The uploaded file %s doesn't have a unique filename."), $files['name'][$i]), LOG_WARNING, __FILE__, __LINE__);
-                $this->errors[] = $files['name'][$i];
-                continue;
-            }
-            
-            // Determine file name.
+            // Determine final file name.
             if ($num == 1) {
                 // Single upload.
@@ -420 +355 @@
             $file_path_name = $this->getParam('upload_path') . '/' . $file_name;
             
+            
+            // Check The php upload error messages.
+            if (UPLOAD_ERR_INI_SIZE === $files['error'][$i]) {
+                if ($this->getParam('display_messages')) {
+                $this->raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading: it exceeds the maximum allowed upload file size of %s."), $file_name, ini_get('upload_max_filesize')), MSG_ERR, __FILE__, __LINE__);
+                }
+                App::logMsg(sprintf(_("The file %s failed uploading with PHP error %s UPLOAD_ERR_INI_SIZE (currently %s)."), $files['error'][$i], $file_name, ini_get('upload_max_filesize')), LOG_ERR, __FILE__, __LINE__);
+                $this->errors[] = $file_name;
+                continue;
+            }
+            if (UPLOAD_ERR_FORM_SIZE === $files['error'][$i]) {
+                $this->raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading: it exceeds the maximum allowed upload file size of %s."), $file_name, $_POST['MAX_FILE_SIZE']), MSG_ERR, __FILE__, __LINE__);
+                App::logMsg(sprintf(_("The file %s failed uploading with PHP error %s UPLOAD_ERR_FORM_SIZE (currently %s)."), $files['error'][$i], $file_name, $_POST['MAX_FILE_SIZE']), LOG_ERR, __FILE__, __LINE__);
+                $this->errors[] = $file_name;
+                continue;
+            }
+            if (UPLOAD_ERR_PARTIAL === $files['error'][$i]) {
+                $this->raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading: it was only partially uploaded."), $file_name), MSG_ERR, __FILE__, __LINE__);
+                App::logMsg(sprintf(_("The file %s failed uploading with PHP error %s UPLOAD_ERR_PARTIAL."), $files['error'][$i], $file_name), LOG_ERR, __FILE__, __LINE__);
+                $this->errors[] = $file_name;
+                continue;
+            }
+            if (UPLOAD_ERR_NO_FILE === $files['error'][$i]) {
+                $this->raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading: no file was uploaded."), $file_name), MSG_ERR, __FILE__, __LINE__);
+                App::logMsg(sprintf(_("The file %s failed uploading with PHP error %s UPLOAD_ERR_NO_FILE."), $files['error'][$i], $file_name), LOG_ERR, __FILE__, __LINE__);
+                $this->errors[] = $file_name;
+                continue;
+            }
+            if (UPLOAD_ERR_NO_TMP_DIR === $files['error'][$i]) {
+                $this->raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading: temporary upload directory missing."), $file_name), MSG_ERR, __FILE__, __LINE__);
+                App::logMsg(sprintf(_("The file %s failed uploading with PHP error %s UPLOAD_ERR_NO_TMP_DIR."), $files['error'][$i], $file_name), LOG_ERR, __FILE__, __LINE__);
+                $this->errors[] = $file_name;
+                continue;
+            }
+            
+            // Check to be sure it's an uploaded file.
+            if (!is_uploaded_file($files['tmp_name'][$i])) {
+                $this->raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading."), $file_name), MSG_ERR, __FILE__, __LINE__);
+                App::logMsg(sprintf(_("The file %s failed is_uploaded_file."), $file_name), LOG_ERR, __FILE__, __LINE__);
+                $this->errors[] = $file_name;
+                continue;
+            }
+            
+            // Check to be sure the file is not empty.
+            if ($files['size'][$i] < 1) {
+                $this->raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading: it contains zero bytes."), $file_name), MSG_ERR, __FILE__, __LINE__);
+                App::logMsg(sprintf(_("The uploaded file %s contains zero bytes."), $file_name), LOG_ERR, __FILE__, __LINE__);
+                $this->errors[] = $file_name;
+                continue;
+            }
+            
+            // Check to be sure the file has a valid file name extension.
+            if (!in_array(strtolower($this->getFilenameExtension($file_name)), $this->getParam('valid_file_extensions'))) {
+                $this->raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading: it is an unrecognized type. Files must have one of the following file name extensions: %s."), $file_name, join(', ', $this->getParam('valid_file_extensions'))), MSG_ERR, __FILE__, __LINE__);
+                App::logMsg(sprintf(_("The uploaded file %s has an unrecognized file name extension."), $file_name), LOG_WARNING, __FILE__, __LINE__);
+                $this->errors[] = $file_name;
+                continue;
+            }
+            
+            // Check to be sure the file has a unique file name.
+            if (!$this->getParam('allow_overwriting') && $this->exists($file_name)) {
+                $this->raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading: a file with that name already exists."), $file_name), MSG_ERR, __FILE__, __LINE__);
+                App::logMsg(sprintf(_("The uploaded file %s doesn't have a unique filename."), $file_name), LOG_WARNING, __FILE__, __LINE__);
+                $this->errors[] = $file_name;
+                continue;
+            }
+            
             // Move the file to the final place.
             if (move_uploaded_file($files['tmp_name'][$i], $file_path_name)) {
                 chmod($file_path_name, $this->getParam('dest_file_perms'));
-                $this->raiseMsg(sprintf(_("The file <strong>%s</strong> uploaded successfully."), $files['name'][$i]), MSG_SUCCESS, __FILE__, __LINE__);
+                $this->raiseMsg(sprintf(_("The file <strong>%s</strong> uploaded successfully."), $file_name), MSG_SUCCESS, __FILE__, __LINE__);
                 if (!isset($custom_file_name) && $files['name'][$i] != $file_name) {
                     // Notify user if uploaded file name was modified (unless a custom file name will be used anyways).
@@ -435 +437 @@
                 continue;
             } else {
-                $this->raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading."), $files['name'][$i]), MSG_ERR, __FILE__, __LINE__);
+                $this->raiseMsg(sprintf(_("The file <strong>%s</strong> failed uploading."), $file_name), MSG_ERR, __FILE__, __LINE__);
                 App::logMsg(sprintf(_("Moving file failed: %s -> %s"), $files['tmp_name'][$i], $file_path_name), LOG_ALERT, __FILE__, __LINE__);
-                $this->errors[] = $files['name'][$i];
-                continue;
-            }
-        }
-        return (sizeof($new_file_names) > 0) ? $new_file_names : false;
+                $this->errors[] = $file_name;
+                continue;
+            }
+        }
+        
+        // Return names of files uploaded (or empty array when none processed).
+        return $new_file_names;
     }
     
@@ -543 +547 @@
      *
      */
+    function anyErrors()
+    {
+        return sizeof($this->errors) > 0;
+    }
+
+    /**
+     *
+     */
     function cleanFileName($file_name)
     {
@@ -560 +572 @@
     {
         preg_match('/.*?\.(\w+)$/i', $file_name, $ext);
-        return $ext[1];
+        return isset($ext[1]) ? $ext[1] : '';
     }
     

trunk/lib/Utilities.inc.php

@@ -532 +532 @@
  * @access  public
  * @param   string  $val    The string to sign.
- * @param   string  $key    (Optional) A text key to use for computing the signature.
+ * @param   string  $seed_key   (Optional) A text key to use for computing the signature.
  * @return  string  The original value with a signature appended.
  */
-function addSignature($val, $key=null)
+function addSignature($val, $seed_key=null)
 {
     if ('' == $val) {
@@ -541 +541 @@
     }
     
-    if (!isset($key)) {
-        $key = App::getParam('signing_key');
-    }
-
-    return $val . '-' . substr(md5($val . $key), 0, 18);
+    if (!isset($seed_key)) {
+        $seed_key = App::getParam('signing_key');
+    }
+
+    return $val . '-' . substr(md5($val . $seed_key), 0, 18);
 }
 
@@ -566 +566 @@
  * @access  public
  * @param   string  $signed_val A value with appended signature.
- * @param   string  $key        (Optional) A text key to use for computing the signature.
+ * @param   string  $seed_key       (Optional) A text key to use for computing the signature.
  * @return  bool    True if the signature matches the var.
  */
-function verifySignature($signed_val, $key=null)
+function verifySignature($signed_val, $seed_key=null)
 {
     // Strip the value from the signed value.
-    $val = substr($signed_val, 0, strrpos($signed_val, '-'));
+    $val = removeSignature($signed_val);
     // If the signed value matches the original signed value we consider the value safe.
-    if ($signed_val == addSignature($val, $key)) {
+    if ($signed_val == addSignature($val, $seed_key)) {
         // Signature verified.
         return true;

trunk/services/admins.php

@@ -101 +101 @@
 case 'insert' :
     if (getFormdata('cancel', false)) {
+        if (App::validBoomerangURL('admins')) {
+            // Display boomerang page.
+            App::dieBoomerangURL('admins');
+        }
+        // Display default page.
         App::dieURL($_SERVER['PHP_SELF']);
     }
@@ -130 +135 @@
     if (getFormdata('cancel', false)) {
         // Remove lock
-        $lock =& RecordLock::getInstance($GLOBALS['auth']);
         $lock->select('admin_tbl', 'admin_id', getFormData('admin_id'));
         $lock->remove();
@@ -252 +256 @@
 function &editRecordForm($id)
 {
-    $lock =& RecordLock::getInstance($GLOBALS['auth']);
+    global $lock;
+
     $lock->select('admin_tbl', 'admin_id', $id);
     if ($lock->isLocked() && !$lock->isMine()) {
@@ -305 +310 @@
 function deleteRecord($id)
 {
-    global $auth;
-    
-    $lock =& RecordLock::getInstance($GLOBALS['auth']);
+    global $auth, $lock;
+    
     $lock->select('admin_tbl', 'admin_id', $id);
     if ($lock->isLocked() && !$lock->isMine()) {
@@ -392 +396 @@
 function updateRecord($frm)
 {
-    global $auth;
-    
-    $lock =& RecordLock::getInstance($GLOBALS['auth']);
+    global $auth, $lock;
+    
     $lock->select('admin_tbl', 'admin_id', $frm['admin_id']);
     if ($lock->isLocked() && !$lock->isMine()) {

trunk/services/lock.php

@@ -11 +11 @@
 App::sslOn();
 
-if (getFormData('boomerang', false) && isset($_SERVER['HTTP_REFERER'])) {
+if (getFormData('boomerang', false)) {
     // We remember which page we came from so we can go back there.
     $boom_url = strpos(getFormData('boomerang'), '/') !== false ? getFormData('boomerang') : $_SERVER['HTTP_REFERER'];
     App::setBoomerangURL($boom_url, 'lock');
+    App::setBoomerangURL($_SERVER['HTTP_REFERER'], 'cancel-lock');
 }
 
-$lock =& RecordLock::getInstance($GLOBALS['auth']);
+if (!isset($lock) || !is_a($lock, 'RecordLock')) {
+    $lock =& RecordLock::getInstance($auth);
+}
 $lock->select(getFormData('lock_id'));
 
@@ -31 +34 @@
     App::dieBoomerangURL('lock');
 } else if (getFormData('cancel', false)) {
-    App::dieBoomerangURL('lock');
+    // Since the boomerang URL will go back to the locked record, and the record was not unlocked, we must delete the boomerang URL otherwise we'll come back here.
+    App::deleteBoomerangURL('lock');
+    App::dieBoomerangURL('cancel-lock');
 }
 

trunk/services/logout.php

@@ -8 +8 @@
 
 // Delete this admin's record locks.
-$lock =& RecordLock::getInstance($GLOBALS['auth']);
+if (!isset($lock) || !is_a($lock, 'RecordLock')) {
+    $lock =& RecordLock::getInstance($auth);
+}
 $lock->removeAll($auth->getVal('user_id'));
 

trunk/services/logs.php

@@ -8 +8 @@
 
 $auth->requireLogin();
-$auth->requireAccessClearance(ZONE_ADMIN_APPLOG);
+// $auth->requireAccessClearance(ZONE_ADMIN_APPLOG);
 App::sslOn();
 
@@ -55 +55 @@
 switch (getFormData('op')) {
 case 'delete' :
-    $auth->requireAccessClearance(ZONE_ADMIN_APPLOG_FUNC_RESET);
+//     $auth->requireAccessClearance(ZONE_ADMIN_APPLOG_FUNC_RESET);
     deleteLog(Prefs::getValue('log_file', 'logs_module'));
     Prefs::setValue('log_file', App::getParam('log_filename'), 'logs_module');
@@ -67 +67 @@
     
 case 'clear' :
-    $auth->requireAccessClearance(ZONE_ADMIN_APPLOG_FUNC_RESET);
+//     $auth->requireAccessClearance(ZONE_ADMIN_APPLOG_FUNC_RESET);
     clearLog(Prefs::getValue('log_file', 'logs_module'));
     if (App::validBoomerangURL('app_log')) {
@@ -78 +78 @@
     
 case 'archive' :
-    $auth->requireAccessClearance(ZONE_ADMIN_APPLOG_FUNC_RESET);
+//     $auth->requireAccessClearance(ZONE_ADMIN_APPLOG_FUNC_RESET);
     if (archiveLog(Prefs::getValue('log_file', 'logs_module'))) {
         // Now flush current log.

trunk/services/templates/admin_form.ihtml

@@ -10 +10 @@
     <tr>
         <td>&nbsp;</td>
-        <td valign="top"><?php printSubmitButtons($frm['submit_buttons']); ?></td>
+        <td><?php printSubmitButtons($frm['submit_buttons']); ?></td>
     </tr>
     <tr>
         <td class="right"><label for="username"<?php $fv->err('username', ' class="error"') ?>><?php echo _("Username"); ?></label></td>
-        <td valign="top">
+        <td>
             <input type="text" class="small" size="50" name="username" value="<?php echo oTxt($frm['username']); ?>" />
         </td>
@@ -20 +20 @@
     <tr>
         <td class="right"><label for="userpass"<?php $fv->err('userpass', ' class="error"') ?>><?php echo _("Password"); ?></label></td>
-        <td valign="top">
+        <td>
             <input type="password" class="small" size="50" name="userpass" value="<?php echo oTxt($frm['userpass']); ?>" />
         </td>
@@ -26 +26 @@
     <tr>
         <td class="right"><label for="first_name"<?php $fv->err('first_name', ' class="error"') ?>><?php echo _("First name"); ?></label></td>
-        <td valign="top">
+        <td>
             <input type="text" class="small" size="50" name="first_name" value="<?php echo oTxt($frm['first_name']); ?>" />
         </td>
@@ -32 +32 @@
     <tr>
         <td class="right"><label for="last_name"<?php $fv->err('last_name', ' class="error"') ?>><?php echo _("Last name"); ?></label></td>
-        <td valign="top">
+        <td>
             <input type="text" class="small" size="50" name="last_name" value="<?php echo oTxt($frm['last_name']); ?>" />
         </td>
@@ -38 +38 @@
     <tr>
         <td class="right"><label for="email"<?php $fv->err('email', ' class="error"') ?>><?php echo _("Email"); ?></label></td>
-        <td valign="top">
+        <td>
             <input type="text" class="medium" size="50" name="email" value="<?php echo oTxt($frm['email']); ?>" />
         </td>
@@ -44 +44 @@
     <tr>
         <td class="right"><label for="user_type"<?php $fv->err('user_type', ' class="error"') ?>><?php echo _("User type"); ?></label></td>
-        <td valign="top">
+        <td>
             <select name="user_type" class="small">
             <?php printSetSelectForm('admin_tbl', 'user_type', $frm['user_type'], true); ?>
@@ -52 +52 @@
     <tr>
         <td>&nbsp;</td>
-        <td valign="top"><?php printSubmitButtons($frm['submit_buttons']); ?></td>
+        <td><?php printSubmitButtons($frm['submit_buttons']); ?></td>
     </tr>
 </table>

trunk/services/templates/lock.ihtml

@@ -1 +1 @@
 <?php 
-if (!is_a($lock)) {
+if (!is_a($lock, 'RecordLock')) {
     return null;
 }

trunk/services/templates/login_form.ihtml

@@ -4 +4 @@
     <tr>
         <td class="right"><label for="username"><?php echo _("Username"); ?></label></td>
-        <td valign="top">
-            <input type="text" class="medium" size="20" name="username" value="<?php echo oTxt($frm['username']); ?>" />
+        <td>
+            <input type="text" class="small" size="20" name="username" value="<?php echo oTxt($frm['username']); ?>" />
         </td>
     </tr>
     <tr>
         <td class="right"><label for="password"><?php echo _("Password"); ?></label></td>
-        <td valign="top">
-            <input type="password" class="medium" size="20" name="password" value="<?php echo oTxt($frm['password']); ?>" />
+        <td>
+            <input type="password" class="small" size="20" name="password" value="<?php echo oTxt($frm['password']); ?>" />
         </td>
     </tr>
     <tr>
         <td>&nbsp;</td>
-        <td valign="top"><input type="submit" value="<?php echo _("Login"); ?>" /></td>
+        <td><input type="submit" value="<?php echo _("Login"); ?>" /></td>
     </tr>
 </table>

trunk/services/templates/password.ihtml

@@ -7 +7 @@
     <tr>
         <td class="right"><label for="oldpassword"<?php $fv->err('oldpassword', ' class="error"') ?>><?php echo _("Old password"); ?></label></td>
-        <td valign="top">
+        <td>
             <input type="text" class="medium" size="50" name="oldpassword" />
         </td>
@@ -13 +13 @@
     <tr>
         <td class="right"><label for="newpassword"<?php $fv->err('newpassword', ' class="error"') ?>><?php echo _("New password"); ?></label></td>
-        <td valign="top">
+        <td>
             <input type="password" class="medium" size="50" name="newpassword" />
         </td>
@@ -19 +19 @@
     <tr>
         <td class="right"><label for="newpassword2"<?php $fv->err('newpassword2', ' class="error"') ?>><?php echo _("New password again"); ?></label></td>
-        <td valign="top">
+        <td>
             <input type="password" class="medium" size="50" name="newpassword2" />
         </td>
@@ -25 +25 @@
     <tr>
         <td>&nbsp;</td>
-        <td valign="top"><input type="submit" value="<?php echo _("Change password"); ?>" /></td>
+        <td><input type="submit" value="<?php echo _("Change password"); ?>" /></td>
     </tr>
 </table>

trunk/services/versions.php

@@ -75 +75 @@
 
 case 'restore' :
-    $lock =& RecordLock::getInstance($GLOBALS['auth']);
+    if (!isset($lock) || !is_a($lock, 'RecordLock')) {
+        $lock =& RecordLock::getInstance($auth);
+    }
     $lock->select($record_table, $record_key, $record_val);
     if ($lock->isLocked() && !$lock->isMine()) {