Changeset 502
- Timestamp:
- Dec 30, 2014 10:24:51 PM (9 years ago)
- Location:
- trunk
- Files:
-
- 37 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/bin/acl.cli.php
r484 r502 44 44 // Make sure necessary files exist. 45 45 define('COMMON_BASE', realpath('.')); 46 $db_quth_file = COMMON_BASE . '/global/db_auth.inc.php'; 47 if (!file_exists($db_quth_file)) { 48 die(sprintf("%s error: the current directory must be common site directory (i.e. the parent directory of the document root) AND the global/db_auth.inc.php file must exist.\n", $this_script)); 49 } 50 51 if (fileowner($db_quth_file) != getmyuid()) { 46 $db_auth_file = false; 47 $rii = new RecursiveIteratorIterator(new RecursiveDirectoryIterator(COMMON_BASE)); 48 $rii->setMaxDepth(2); 49 foreach ($rii as $filename => $file) { 50 if (mb_strpos($filename, 'db_auth.inc.php') !== false) { 51 $db_auth_file = $filename; 52 break; 53 } 54 } 55 if (!$db_auth_file) { 56 die(sprintf("%s error: the current directory must be common site directory (i.e. the parent directory of the document root) AND the db_auth.inc.php file must exist.\n", $this_script)); 57 } 58 if (fileowner($db_auth_file) != getmyuid()) { 52 59 die(sprintf("%s error: you must execute this script as the owner of the web files.\n", $this_script)); 53 60 } 54 61 55 62 // Set include path. 56 ini_set('include_path', get_include_path() 57 . PATH_SEPARATOR . COMMON_BASE 58 ); 63 ini_set('include_path', get_include_path() . PATH_SEPARATOR . COMMON_BASE); 59 64 60 65 /******************************************************************** … … 83 88 'log_filename' => 'site_log', 84 89 )); 85 require_once 'global/db_auth.inc.php';90 require_once $db_auth_file; 86 91 87 92 // Start application-based functionality: database, session, environment, ini setup, etc. … … 104 109 if (!$db->tableExists('acl_tbl')) { 105 110 printf("This project doesn't appear to be using ACL (there is no acl_tbl in the %s DB).\n", $app->getParam('db_name')); 111 $app->stop(); 106 112 die; 107 113 } … … 220 226 break; 221 227 } 228 229 $app->stop(); 230 die; 222 231 223 232 … … 309 318 case 'aro' : 310 319 $tbl = 'aro_tbl'; 311 printf("%- 35s %-5s %-5s %s\n", 'Request objects', 'lft', 'rgt', 'Added');320 printf("%-45s %s\n", 'Request objects', 'Added'); 312 321 break; 313 322 case 'aco' : 314 323 $tbl = 'aco_tbl'; 315 printf("%- 35s %-5s %-5s %s\n", 'Control objects', 'lft', 'rgt', 'Added');324 printf("%-45s %s\n", 'Control objects', 'Added'); 316 325 break; 317 326 case 'axo' : 318 327 $tbl = 'axo_tbl'; 319 printf("%- 35s %-5s %-5s %s\n", 'Xtra objects', 'lft', 'rgt', 'Added');328 printf("%-45s %s\n", 'Xtra objects', 'Added'); 320 329 break; 321 330 default : … … 325 334 } 326 335 327 echo "----------------------------------------------------------- \n";336 echo "---------------------------------------------------------------------\n"; 328 337 329 338 // Retrieve the left and right value of the $root node. … … 342 351 343 352 // Display indented node title. 344 printf("%- 35s %-5s %-5s %s\n", str_repeat(' ', sizeof($depth)) . $name, $lft, $rgt, date($app->getParam('date_format'), strtotime($added_datetime)));353 printf("%-45s %s\n", str_repeat(' ', sizeof($depth)) . $name, date($app->getParam('date_format') . ' ' . $app->getParam('time_format'), strtotime($added_datetime))); 345 354 346 355 // Add this node to the stack. … … 373 382 "); 374 383 echo "\n"; 375 printf("%-25s %-25s %-25s %-6s %-10s\n", 'Request objects', 'Control objects', 'Xtra objects', ' ', 'Added');384 printf("%-25s %-25s %-25s %-6s %-10s\n", 'Request objects', 'Control objects', 'Xtra objects', 'Grant', 'Added'); 376 385 echo "------------------------------------------------------------------------------------------------\n"; 377 386 while ($p = mysql_fetch_assoc($qid)) { -
trunk/lib/ACL.inc.php
r484 r502 37 37 require_once dirname(__FILE__) . '/Cache.inc.php'; 38 38 39 class ACL { 39 class ACL 40 { 40 41 41 42 // A place to keep an object instance for the singleton pattern. … … 49 50 // Automatically create table and verify columns. Better set to false after site launch. 50 51 'create_table' => false, 52 53 // Maximum allowed length of names. 54 // This value can be increased only if {aro,aco,axo}_tbl.name VARCHAR length is increased. 55 'name_max_length' => 32. 51 56 ); 52 57 … … 149 154 $db->query(" 150 155 CREATE TABLE IF NOT EXISTS acl_tbl ( 151 aro_id SMALLINT (11)UNSIGNED NOT NULL DEFAULT '0',152 aco_id SMALLINT (11)UNSIGNED NOT NULL DEFAULT '0',153 axo_id SMALLINT (11)UNSIGNED NOT NULL DEFAULT '0',156 aro_id SMALLINT UNSIGNED NOT NULL DEFAULT '0', 157 aco_id SMALLINT UNSIGNED NOT NULL DEFAULT '0', 158 axo_id SMALLINT UNSIGNED NOT NULL DEFAULT '0', 154 159 access ENUM('allow', 'deny') DEFAULT NULL, 155 160 added_datetime DATETIME NOT NULL DEFAULT '0000-00-00 00:00:00', … … 180 185 CREATE TABLE IF NOT EXISTS {$a_o}_tbl ( 181 186 {$a_o}_id SMALLINT UNSIGNED NOT NULL PRIMARY KEY AUTO_INCREMENT, 182 name VARCHAR( 32) NOT NULL DEFAULT '',183 lft MEDIUMINT (9)UNSIGNED NOT NULL DEFAULT '0',184 rgt MEDIUMINT (9)UNSIGNED NOT NULL DEFAULT '0',187 name VARCHAR(" . $this->getParam('name_max_length') . ") NOT NULL DEFAULT '', 188 lft MEDIUMINT UNSIGNED NOT NULL DEFAULT '0', 189 rgt MEDIUMINT UNSIGNED NOT NULL DEFAULT '0', 185 190 added_datetime DATETIME NOT NULL DEFAULT '0000-00-00 00:00:00', 186 191 UNIQUE KEY name (name(15)), … … 255 260 if ('' == trim($name) || '' == trim($parent)) { 256 261 $app->logMsg(sprintf('Cannot add node, parent (%s) or name (%s) missing.', $name, $parent), LOG_WARNING, __FILE__, __LINE__); 262 return false; 263 } 264 265 // Ensure node node name fits in the column size. 266 // This value can be increased if {aro,aco.axo}_tbl.name VARCHAR length is increased. 267 if (strlen(trim($name)) > $this->getParam('name_max_length')) { 268 $app->logMsg(sprintf('Cannot add node, %s character limit exceeded for name "%s"', $this->getParam('name_max_length'), $name, $parent), LOG_WARNING, __FILE__, __LINE__); 257 269 return false; 258 270 } … … 718 730 719 731 if (!$this->check($aro, $aco, $axo)) { 720 $message = '' == trim($message) ? sprintf(_(" You have insufficient privileges to view <em>%s %s</em>"), $aco, $axo) : $message;732 $message = '' == trim($message) ? sprintf(_("Sorry, you have insufficient privileges for <em>%s %s</em>."), $aco, $axo) : $message; 721 733 $app->raiseMsg($message, $type, $file, $line); 722 734 $app->dieBoomerangURL(); -
trunk/lib/App.inc.php
r501 r502 40 40 require_once dirname(__FILE__) . '/Utilities.inc.php'; 41 41 42 class App { 42 class App 43 { 43 44 44 45 // Minimum version of PHP required for this version of the Codebase. … … 627 628 } 628 629 629 // Make sure to log in the system's locale.630 $locale = setlocale(LC_TIME, 0);631 setlocale(LC_TIME, 'C');632 633 630 // Strip HTML tags except any with more than 7 characters because that's probably not a HTML tag, e.g. <email@address.com>. 634 631 preg_match_all('/(<[^>\s]{7,})[^>]*>/', $message, $strip_tags_allow); … … 678 675 } 679 676 677 // Make sure to log in the system's locale. 678 $locale = setlocale(LC_TIME, 0); 679 setlocale(LC_TIME, 'C'); 680 680 681 // Data to be stored for a log event. 681 682 $event = array( … … 692 693 $event_short['url'] = truncate($event_short['url'], 120); 693 694 695 // Restore original locale. 696 setlocale(LC_TIME, $locale); 694 697 695 698 // FILE ACTION … … 702 705 if (false !== $this->getParam('log_email_priority') && $priority <= $this->getParam('log_email_priority') && $send_notifications) { 703 706 $hostname = (isset($_SERVER['HTTP_HOST']) && '' != $_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : php_uname('n'); 704 $subject = sprintf('[%s %s] %s', $hostname, $event['type'], mb_substr($ message, 0, 64));707 $subject = sprintf('[%s %s] %s', $hostname, $event['type'], mb_substr($event['message'], 0, 64)); 705 708 $email_msg = sprintf("A %s log event occurred on %s\n\n", $event['type'], $hostname); 706 709 $headers = 'From: ' . $this->getParam('site_email'); … … 724 727 file_put_contents('php://stderr', "[{$event['type']}] [{$event['message']}]\n", FILE_APPEND); 725 728 } 726 727 // Restore original locale.728 setlocale(LC_TIME, $locale);729 730 unset($event, $event_short);731 729 732 730 return true; … … 850 848 * header('Location...') redirections. 851 849 * 850 * @param bool $include_csrf_token Set to true to include the csrf_token in the form. Only use this for forms with action="post" to prevent the token from being revealed in the URL. 852 851 * @return string url with attached queries and, if not using cookies, the session id 853 852 */ 854 public function url($url, $carry_args=null, $always_include_sid=false )853 public function url($url, $carry_args=null, $always_include_sid=false, $include_csrf_token=false) 855 854 { 856 855 if (!$this->running) { 857 856 $this->logMsg(sprintf('Canceled method call %s, application not running.', __FUNCTION__), LOG_NOTICE, __FILE__, __LINE__); 858 857 return false; 858 } 859 860 if ($this->getParam('csrf_token_enabled') && $include_csrf_token) { 861 // Include the csrf_token as a carried query argument. 862 // This token can be validated upon form submission with $app->verifyCSRFToken() or $app->requireValidCSRFToken() 863 $carry_args = is_array($carry_args) ? $carry_args : array(); 864 $carry_args = array_merge($carry_args, array($this->getParam('csrf_token_name') => $this->getCSRFToken())); 859 865 } 860 866 … … 938 944 * 939 945 * @access public 940 * @param string $url Input URL to parse.941 * @return string URL passed through $app->url() and then & turned to $amp;.946 * @param (see param reference for url() method) 947 * @return string URL passed through $app->url() with ampersamds transformed to $amp; 942 948 * @author Quinn Comendant <quinn@strangecode.com> 943 949 * @since 09 Dec 2005 17:58:45 944 950 */ 945 public function oHREF($url, $carry_args=null, $always_include_sid=false) 946 { 947 $url = $this->url($url, $carry_args, $always_include_sid); 948 949 // Replace any & not followed by an html or unicode entity with it's & equivalent. 951 public function oHREF($url, $carry_args=null, $always_include_sid=false, $include_csrf_token=false) 952 { 953 // Process the URL. 954 $url = $this->url($url, $carry_args, $always_include_sid, $include_csrf_token); 955 956 // Replace any & not followed by an html or unicode entity with its & equivalent. 950 957 $url = preg_replace('/&(?![\w\d#]{1,10};)/', '&', $url); 951 958 … … 1093 1100 return false; 1094 1101 } 1095 $this->logMsg(sprintf('Verified CSRF token %s is in %s', $user_submitted_csrf_token, $csrf_token), LOG_DEBUG, __FILE__, __LINE__);1102 $this->logMsg(sprintf('Verified CSRF token %s', $user_submitted_csrf_token), LOG_DEBUG, __FILE__, __LINE__); 1096 1103 return true; 1097 1104 } … … 1142 1149 } 1143 1150 1144 if ( '' ==$url) {1151 if (!$url) { 1145 1152 // If URL is not specified, use the redirect_home_url. 1146 1153 $url = $this->getParam('redirect_home_url'); … … 1295 1302 } 1296 1303 1297 $this->logMsg(sprintf('deleteBoomerangURL(%s): %s', $id, $this->getBoomerangURL($id)), LOG_DEBUG, __FILE__, __LINE__);1298 1299 1304 if (isset($id) && isset($_SESSION['_app'][$this->_ns]['boomerang']['url'][$id])) { 1305 $url = $this->getBoomerangURL($id); 1300 1306 unset($_SESSION['_app'][$this->_ns]['boomerang']['url'][$id]); 1301 1307 } else if (is_array($_SESSION['_app'][$this->_ns]['boomerang']['url'])) { 1302 array_pop($_SESSION['_app'][$this->_ns]['boomerang']['url']); 1303 } 1308 $url = array_pop($_SESSION['_app'][$this->_ns]['boomerang']['url']); 1309 } 1310 $this->logMsg(sprintf('deleteBoomerangURL(%s): %s', $id, $url), LOG_DEBUG, __FILE__, __LINE__); 1304 1311 } 1305 1312 -
trunk/lib/Auth_File.inc.php
r484 r502 40 40 // )); 41 41 42 class Auth_File { 42 class Auth_File 43 { 43 44 44 45 // Available encryption types for class Auth_File. -
trunk/lib/Auth_SQL.inc.php
r501 r502 30 30 require_once dirname(__FILE__) . '/Email.inc.php'; 31 31 32 class Auth_SQL { 32 class Auth_SQL 33 { 33 34 34 35 // Available hash types for class Auth_SQL. … … 181 182 userpass VARCHAR(255) NOT NULL DEFAULT '', 182 183 userpass_hashtype TINYINT UNSIGNED NOT NULL DEFAULT '0', 183 first_name VARCHAR( 255) NOT NULL DEFAULT '',184 last_name VARCHAR( 255) NOT NULL DEFAULT '',184 first_name VARCHAR(50) NOT NULL DEFAULT '', 185 last_name VARCHAR(50) NOT NULL DEFAULT '', 185 186 email VARCHAR(255) NOT NULL DEFAULT '', 186 login_abuse_exempt ENUM(' TRUE') DEFAULT NULL,187 blocked ENUM(' TRUE') DEFAULT NULL,187 login_abuse_exempt ENUM('true') DEFAULT NULL, 188 blocked ENUM('true') DEFAULT NULL, 188 189 blocked_reason VARCHAR(255) NOT NULL DEFAULT '', 189 abuse_warning_level TINYINT (4)NOT NULL DEFAULT '0',190 seconds_online INT (11)NOT NULL DEFAULT '0',190 abuse_warning_level TINYINT NOT NULL DEFAULT '0', 191 seconds_online INT NOT NULL DEFAULT '0', 191 192 last_login_datetime DATETIME NOT NULL DEFAULT '0000-00-00 00:00:00', 192 193 last_access_datetime DATETIME NOT NULL DEFAULT '0000-00-00 00:00:00', 193 last_login_ip VARCHAR( 255) NOT NULL DEFAULT '0.0.0.0',194 added_by_user_id SMALLINT (11)DEFAULT NULL,195 modified_by_user_id SMALLINT (11)DEFAULT NULL,194 last_login_ip VARCHAR(45) NOT NULL DEFAULT '0.0.0.0', 195 added_by_user_id SMALLINT DEFAULT NULL, 196 modified_by_user_id SMALLINT DEFAULT NULL, 196 197 added_datetime DATETIME NOT NULL DEFAULT '0000-00-00 00:00:00', 197 198 modified_datetime DATETIME NOT NULL DEFAULT '0000-00-00 00:00:00', 198 199 KEY " . $this->getParam('db_username_column') . " (" . $this->getParam('db_username_column') . "), 199 200 KEY userpass (userpass), 200 KEY email (email) 201 KEY email (email), 202 KEY last_login_datetime (last_login_datetime), 203 KEY last_access_datetime (last_access_datetime) 201 204 )"); 202 205 … … 327 330 $db->query(" 328 331 UPDATE " . $this->_params['db_table'] . " SET 329 seconds_online = seconds_online + (UNIX_TIMESTAMP() - UNIX_TIMESTAMP(last_access_datetime)),332 seconds_online = seconds_online + ABS(UNIX_TIMESTAMP() - UNIX_TIMESTAMP(last_access_datetime)), 330 333 last_login_datetime = '0000-00-00 00:00:00' 331 334 WHERE " . $this->_params['db_primary_key'] . " = '" . $this->get('user_id') . "' … … 635 638 $db->query(" 636 639 UPDATE " . $this->_params['db_table'] . " SET 637 seconds_online = seconds_online + (UNIX_TIMESTAMP() - UNIX_TIMESTAMP(last_access_datetime)) + 1,640 seconds_online = seconds_online + ABS(UNIX_TIMESTAMP() - UNIX_TIMESTAMP(last_access_datetime)) + 1, 638 641 last_access_datetime = '" . $this->get('last_access_datetime') . "' 639 642 WHERE " . $this->_params['db_primary_key'] . " = '" . $this->get('user_id') . "' … … 981 984 // Issue the password change query. 982 985 $db->query(" 983 UPDATE " . $this->_params['db_table'] . " 984 SET userpass = '" . $db->escapeString($this->encryptPassword($password, null, $hash_type)) . "' 985 $userpass_hashtype_clause 986 UPDATE " . $this->_params['db_table'] . " SET 987 userpass = '" . $db->escapeString($this->encryptPassword($password, null, $hash_type)) . "', 988 modified_datetime = NOW(), 989 modified_by_user_id = '" . $db->escapeString($user_id) . "' 990 $userpass_hashtype_clause 986 991 WHERE " . $this->_params['db_primary_key'] . " = '" . $db->escapeString($user_id) . "' 987 992 "); -
trunk/lib/AuthorizeNet.inc.php
r484 r502 59 59 // } 60 60 61 class AuthorizeNet { 61 class AuthorizeNet 62 { 62 63 63 64 public $post_url = ''; // The URL to post data to. -
trunk/lib/CSS.inc.php
r484 r502 29 29 * @version 1.2 30 30 */ 31 class CSS { 31 class CSS 32 { 32 33 33 34 // Include these style sheets. -
trunk/lib/Cache.inc.php
r484 r502 32 32 */ 33 33 34 class Cache { 34 class Cache 35 { 35 36 36 37 // A place to keep object instances for the singleton pattern. -
trunk/lib/Captcha.inc.php
r479 r502 52 52 ------------------------------------------------------------------------------------- 53 53 */ 54 class Captcha { 54 class Captcha 55 { 55 56 56 57 public $secret_key = 'some random seed text for the md5'; -
trunk/lib/Cart.inc.php
r484 r502 68 68 --------------------------------------------------------------------- 69 69 */ 70 class Cart { 70 class Cart 71 { 71 72 72 73 // Namespace of this instance. -
trunk/lib/Currency.inc.php
r500 r502 38 38 */ 39 39 40 class Currency { 40 class Currency 41 { 41 42 42 43 // Configuration parameters for this object. -
trunk/lib/DB.inc.php
r497 r502 30 30 */ 31 31 32 class DB { 32 class DB 33 { 33 34 34 35 // A place to keep an object instance for the singleton pattern. -
trunk/lib/DBSessionHandler.inc.php
r484 r502 30 30 */ 31 31 32 class DBSessionHandler { 32 class DBSessionHandler 33 { 33 34 34 35 public $db; // DB object. -
trunk/lib/Email.inc.php
r500 r502 53 53 */ 54 54 55 class Email { 55 class Email 56 { 56 57 57 58 // Default parameters, to be overwritten by setParam() and read with getParam() … … 244 245 } 245 246 247 /* 248 * Returns the body of the current email. This can be used to store the message that is being sent. 249 * It will use the original template, or the replaced template if it has been processed. 250 * 251 * @access public 252 * @return string Message body. 253 * @author Quinn Comendant <quinn@strangecode.com> 254 * @version 1.0 255 * @since 18 Nov 2014 21:15:19 256 */ 257 public function getBody() 258 { 259 $final_body = isset($this->_template_replaced) ? $this->_template_replaced : $this->_template; 260 // Ensure all placeholders have been replaced. Find anything with {...} characters. 261 if (preg_match('/({[^}]+})/', $final_body, $unreplaced_match)) { 262 unset($unreplaced_match[0]); 263 $app->logMsg(sprintf('Cannot get email body. Unreplaced variables in template: %s', getDump($unreplaced_match)), LOG_ERR, __FILE__, __LINE__); 264 return false; 265 } 266 return $final_body; 267 } 268 246 269 /** 247 270 * Send email using PHP's mail() function. … … 295 318 // Ensure all placeholders have been replaced. Find anything with {...} characters. 296 319 if (preg_match('/({[^}]+})/', $final_body, $unreplaced_match)) { 297 $app->logMsg(sprintf('Cannot send email. At least one variable left unreplaced in template: %s', (isset($unreplaced_match[1]) ? $unreplaced_match[1] : '')), LOG_ERR, __FILE__, __LINE__); 320 unset($unreplaced_match[0]); 321 $app->logMsg(sprintf('Cannot send email. Unreplaced variables in template: %s', getDump($unreplaced_match)), LOG_ERR, __FILE__, __LINE__); 298 322 return false; 299 323 } -
trunk/lib/FormValidator.inc.php
r497 r502 58 58 require_once 'codebase/lib/Validator.inc.php'; 59 59 60 class FormValidator { 60 class FormValidator 61 { 61 62 62 63 // Class parameters. -
trunk/lib/HTML.inc.php
r500 r502 38 38 */ 39 39 40 class HTML { 40 class HTML 41 { 41 42 42 43 // Browsers add names and ids of form controls as properties to the FORM. This results in the properties of the form being replaced. -
trunk/lib/Hierarchy.inc.php
r479 r502 42 42 */ 43 43 44 class Hierarchy { 44 class Hierarchy 45 { 45 46 46 47 /** -
trunk/lib/Image.inc.php
r484 r502 28 28 * @since 14 Apr 2006 20:07:29 29 29 */ 30 class Image { 30 class Image 31 { 31 32 32 33 // Object parameters. -
trunk/lib/ImageThumb.inc.php
r484 r502 40 40 define('IMAGETHUMB_METHOD_GD', 7); 41 41 42 class ImageThumb { 42 class ImageThumb 43 { 43 44 44 45 // General object parameters. -
trunk/lib/JS.inc.php
r484 r502 29 29 * @version 1.2 30 30 */ 31 class JS { 31 class JS 32 { 32 33 33 34 // Include these style sheets. -
trunk/lib/Lock.inc.php
r497 r502 29 29 * @version 2.1 30 30 */ 31 class Lock { 31 class Lock 32 { 32 33 33 34 // A place to keep an object instance for the singleton pattern. -
trunk/lib/Navigation.inc.php
r497 r502 34 34 * @version 2.0 35 35 */ 36 class Navigation { 36 class Navigation 37 { 37 38 38 39 // Configuration parameters for this object. -
trunk/lib/PEdit.inc.php
r484 r502 67 67 68 68 */ 69 class PEdit { 69 class PEdit 70 { 70 71 71 72 // PEdit object parameters. -
trunk/lib/PageNumbers.inc.php
r484 r502 37 37 require_once dirname(__FILE__) . '/Prefs.inc.php'; 38 38 39 class PageNumbers { 39 class PageNumbers 40 { 40 41 41 42 public $total_items; // Total quantity of items. -
trunk/lib/PayPal.inc.php
r484 r502 30 30 * @version 1.0 31 31 */ 32 class PayPal { 32 class PayPal 33 { 33 34 34 35 // General object parameters. -
trunk/lib/Prefs.inc.php
r484 r502 52 52 --------------------------------------------------------------------- 53 53 */ 54 class Prefs { 54 class Prefs 55 { 55 56 56 57 // Namespace of this instance of Prefs. -
trunk/lib/ScriptTimer.inc.php
r484 r502 24 24 * ScriptTimer.inc.php 25 25 */ 26 class ScriptTimer { 26 class ScriptTimer 27 { 27 28 28 29 public $time_format = '%.3f'; -
trunk/lib/SortOrder.inc.php
r497 r502 35 35 require_once dirname(__FILE__) . '/Prefs.inc.php'; 36 36 37 class SortOrder { 37 class SortOrder 38 { 38 39 39 40 protected $_columns; -
trunk/lib/SpellCheck.inc.php
r484 r502 59 59 */ 60 60 61 class SpellCheck { 61 class SpellCheck 62 { 62 63 63 64 protected $_params = array( -
trunk/lib/Upload.inc.php
r488 r502 38 38 define('UPLOAD_USER_ERR_MOVE_FAILED', 104); 39 39 40 class Upload { 40 class Upload 41 { 41 42 42 43 // General object parameters. -
trunk/lib/Utilities.inc.php
r500 r502 941 941 /** 942 942 * Signs a value using md5 and a simple text key. In order for this 943 * function to be useful (i.e. secure) the keymust be kept secret, which943 * function to be useful (i.e. secure) the salt must be kept secret, which 944 944 * means keeping it as safe as database credentials. Putting it into an 945 945 * environment variable set in httpd.conf is a good place. 946 *947 * TODO: consider using more bits-per-character, such as done with:948 * http://www.php.net/manual/en/function.sha1.php#86239949 * http://blog.kevburnsjr.com/php-unique-hash950 946 * 951 947 * @access public … … 999 995 * @param string $signed_val A value with appended signature. 1000 996 * @param string $salt (Optional) A text key to use for computing the signature. 997 * @param string $length (Optional) The length of the added signature. 1001 998 * @return bool True if the signature matches the var. 1002 999 */ -
trunk/lib/Validator.inc.php
r500 r502 31 31 */ 32 32 33 class Validator { 33 class Validator 34 { 34 35 35 36 // Known credit card types. -
trunk/lib/Version.inc.php
r497 r502 37 37 * @version 2.1 38 38 */ 39 class Version { 39 class Version 40 { 40 41 41 42 // A place to keep an object instance for the singleton pattern. … … 290 291 } 291 292 292 // Replace current record with specified versioned record. 293 // Disable foreign_key_checks to prevent ON DELETE triggers or restrictions. 294 $db->query("SET SESSION foreign_key_checks = 0"); 295 // Replace current record with specified versioned record. Consider converting this SQL to use INSERT ⊠ON DUPLICATE KEY UPDATE ⊠293 296 $db->query(" 294 297 REPLACE INTO " . $record['record_table'] . " ( 295 298 $replace_keys 296 299 ) VALUES ( 297 300 $replace_values 298 ) 299 "); 301 ); 302 "); 303 // Re-enable foreign_key_checks. 304 $db->query("SET SESSION foreign_key_checks = 1"); 300 305 301 306 return $record; … … 468 473 { 469 474 $db =& DB::getInstance(); 470 471 $this->initDB(); 475 $app =& App::getInstance(); 476 477 $this->initDB(); 478 479 if (!$record_table || !$record_key || !$record_val) { 480 $app->logMsg(sprintf('Invalid current version args: %s, %s, %s.', $record_table, $record_key, $record_val), LOG_ERR, __FILE__, __LINE__); 481 return false; 482 } 472 483 473 484 $qid = $db->query(" -
trunk/services/templates/versions_diff.ihtml
r497 r502 45 45 $action_links = array(); 46 46 if (!getFormData('current', false)) { 47 $action_links[] = array('href' => $app->oHREF( $_SERVER['PHP_SELF'] .'?op=restore', array('version_id', 'version_title')), 'value' => _("Restore this saved version"), 'class' => 'small button alert', 'accesskey' => 'r');47 $action_links[] = array('href' => $app->oHREF('?op=restore', array('version_id', 'version_title')), 'value' => _("Restore this saved version"), 'class' => 'small button alert', 'accesskey' => 'r'); 48 48 } 49 $action_links[] = array('href' => $app->ohref( oTxt($_SERVER['PHP_SELF'])), 'value' => _("Cancel"), 'class' => 'small button secondary', 'accesskey' => 'b');49 $action_links[] = array('href' => $app->ohref('?op=cancel'), 'value' => _("Cancel"), 'class' => 'small button secondary', 'accesskey' => 'c'); 50 50 HTML::printButtons($action_links); 51 51 ?> -
trunk/services/templates/versions_list.ihtml
r497 r502 50 50 <div class="sc-help"><?php printf(_("When there are more than %s versions, those over %s days old are deleted."), $version->getParam('min_qty'), $version->getParam('min_days')); ?></div> 51 51 <?php 52 HTML::printButtons(array( 53 array('name' => 'op', 'value' => _("Cancel"), 'class' => 'small button secondary', 'accesskey' => 'c'), 54 )); 52 // Buttons. 53 $action_links = array(); 54 $action_links[] = array('href' => $app->ohref('?op=cancel'), 'value' => _("Cancel"), 'class' => 'small button secondary', 'accesskey' => 'c'); 55 HTML::printButtons($action_links); 55 56 ?> 56 57 </div> -
trunk/services/templates/versions_view.ihtml
r497 r502 28 28 $action_links = array(); 29 29 if (!getFormData('current', false)) { 30 $action_links[] = array('href' => $app->oHREF( $_SERVER['PHP_SELF'] .'?op=restore', array('version_id', 'version_title')), 'value' => _("Restore this saved version"), 'class' => 'small button alert', 'accesskey' => 'r');30 $action_links[] = array('href' => $app->oHREF('?op=restore', array('version_id', 'version_title')), 'value' => _("Restore this saved version"), 'class' => 'small button alert', 'accesskey' => 'r'); 31 31 } 32 $action_links[] = array('href' => $app->ohref( oTxt($_SERVER['PHP_SELF'])), 'value' => _("Cancel"), 'class' => 'small button secondary', 'accesskey' => 'b');32 $action_links[] = array('href' => $app->ohref('?op=cancel'), 'value' => _("Cancel"), 'class' => 'small button secondary', 'accesskey' => 'c'); 33 33 HTML::printButtons($action_links); 34 34 ?> -
trunk/services/versions.php
r497 r502 78 78 switch (getFormData('op')) { 79 79 80 case _("Cancel") : 81 $app->dieBoomerangURL('versions', false); 80 case 'cancel' : 81 if ($app->validBoomerangURL('version')) { 82 // Display boomerang page. 83 $app->dieBoomerangURL('version'); 84 } 85 // Display default page. 86 $app->dieURL(false, false); 82 87 break; 83 88
Note: See TracChangeset
for help on using the changeset viewer.