Changeset 93
- Timestamp:
- 2007-12-10 18:28:54 (1 year ago)
- Files:
-
- branches/5.0/admin/classes/pages/Editmember.php (modified) (1 diff)
- branches/5.0/classes/misc/Authcode.php (modified) (1 diff)
- branches/5.0/classes/misc/Member.php (modified) (4 diffs)
- branches/5.0/classes/misc/Post.php (modified) (1 diff)
- branches/5.0/classes/misc/Table.php (modified) (2 diffs)
- branches/5.0/classes/pages/Forum.php (modified) (1 diff)
- branches/5.0/classes/pages/Members.php (modified) (1 diff)
- branches/5.0/classes/pages/Moderate.php (modified) (2 diffs)
- branches/5.0/classes/pages/Newpoll.php (modified) (1 diff)
- branches/5.0/classes/pages/Newtopic.php (modified) (1 diff)
- branches/5.0/classes/pages/Reply.php (modified) (3 diffs)
- branches/5.0/includes/checklogin.php (modified) (1 diff)
- branches/5.0/includes/config/bots.php (modified) (1 diff)
- branches/5.0/includes/config/version.php (modified) (1 diff)
- branches/5.0/includes/lang/de.php (modified) (2 diffs)
- branches/5.0/includes/lang/en.php (modified) (1 diff)
- branches/5.0/includes/login.php (modified) (1 diff)
- branches/5.0/includes/session.php (modified) (4 diffs)
- branches/5.0/includes/styles/default.css (modified) (6 diffs)
- branches/5.0/redirectors/logout.php (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
branches/5.0/admin/classes/pages/Editmember.php
r58 r93 466 466 } else { 467 467 // choose member 468 $_sel = '<select name="id">';468 $_sel = new XMLElement('<select name="id"></select>'); 469 469 foreach ($C->query('SELECT memberid, membername FROM ' . $SETTINGS['dbtableprefix'] . 'members ORDER BY membername ASC') as $row) { 470 $_sel .= '<option value="' . $row['memberid'] . '">' . $row['membername'] . '</option>'; 470 $_opt = $_sel->addChild('option', $row['membername']); 471 $_opt->addAttribute('value', $row['memberid']); 471 472 } 472 $_sel .= '</select>'; 473 $form->addRawTableRow(Array('<td colspan="2" align="center">' . $_sel . '</td>')); 473 $div = $form->addChild('div'); 474 $div->addAttribute('align', 'center'); 475 $div->addElement($_sel); 474 476 $form->addRawTableRow(Array('<td colspan="2" align="center"><input type="reset" name="reset" value="' . $LANG['Reset'] . '" /> <input type="submit" name="submit" value="' . $LANG['Edit'] . '" /> <input type="submit" name="submit" value="' . $LANG['Delete'] . '" /> <input type="submit" name="submit" value="' . $LANG['User_Groups'] . '" /></td>')); 475 477 } branches/5.0/classes/misc/Authcode.php
r35 r93 24 24 **/ 25 25 26 class Authcode extends Page{26 class Authcode { 27 27 28 28 /** branches/5.0/classes/misc/Member.php
r58 r93 331 331 global $STATUS; 332 332 if ($translated) { 333 // use user's language 334 $_status = "STATUS['" . str_replace(' ', '_', $this->status) . "']"; 335 if ($$_status != '') { $_s = $$_status; } 336 else { $_s = $this->status; } 333 if ($STATUS[str_replace(' ', '_', $this->status)] != '') { 334 $_s = $STATUS[str_replace(' ', '_', $this->status)]; 335 } else { $_s = $this->status; } 337 336 return $_s; 338 337 } else { … … 382 381 $table->addRow(Array($LANG['Homepage'] . ':', '-')); 383 382 } 384 $table->addRow(Array($LANG['Posts'] . ':', $this->posts)); 383 // number of days since registration 384 $today = new DateTime('now', new DateTimeZone('UTC')); 385 $diff = strtotime($today->format('Y-m-d')) - strtotime($this->registration); 386 $days = max(1, $diff) / (60 * 60 * 24); 387 $table->addRow(Array($LANG['Posts'] . ':', $this->posts . ' (' . round($this->posts / $days , 1) . ' ' . $LANG['per_day'] . ')')); 385 388 $table->addRow(Array($LANG['Stage'] . ':', $this->stage)); 386 389 $table->addRow(Array($LANG['Registration'] . ':', $F->datetime($this->registration, TRUE, FALSE))); … … 485 488 if ($_fail == 1) { 486 489 // login failed -> log in cookie and session 487 $newlogins1 = $_COOKIE['sb_login '] + 1;490 $newlogins1 = $_COOKIE['sb_logins'] + 1; 488 491 $newlogins2 = $_SESSION['loginattempts'] + 1; 489 492 // check which value is higher … … 649 652 return $_permit; 650 653 } elseif ($page == 'Reply' || $page == 'Newtopic' || $page == 'Newpoll') { 654 // for replying, $id is given as topic id, but forum id needed 651 655 if ($page == 'Reply') { 652 // $id is given as topic id, but forum id is required 653 $q2 = $C->prepare('SELECT forum FROM ' . $SETTINGS['dbtableprefix'] . 'topics WHERE topicid=:id'); 654 $q2->bindParam(':id', $id, PDO::PARAM_INT, 12); 655 $q2->execute(); 656 $row = $q2->fetchObject(); 657 $q2 = NULL; 658 $id = $row->forum; 656 $q = $C->prepare('SELECT forum FROM ' . $SETTINGS['dbtableprefix'] . 'topics WHERE topicid = :id'); 657 $q->bindParam(':id', $id, PDO::PARAM_INT, 12); 658 $q->execute(); 659 // redeclare $id as forum id 660 $id = $q->fetchColumn(); 661 $q = NULL; 659 662 } 660 663 // check for each of the user's groups branches/5.0/classes/misc/Post.php
r58 r93 92 92 } 93 93 // add this post 94 $table->addRow(Array('<td valign="top" width="' . ($SETTINGS['maxavatarsize'] + 10) . '">' . $_member->getPostside() . '</td>', '<td valign="top">' . $_post . '</td>') );94 $table->addRow(Array('<td valign="top" width="' . ($SETTINGS['maxavatarsize'] + 10) . '">' . $_member->getPostside() . '</td>', '<td valign="top">' . $_post . '</td>'), FALSE, TRUE); 95 95 // post footer 96 96 $table->addRow(Array(''), Array('colspan'=>'2', 'class'=>'postfooter')); branches/5.0/classes/misc/Table.php
r1 r93 76 76 * $attr - Array containing key=>value attributes common 77 77 * to all columns 78 * $decode - decode entities? 78 79 * Returns: - 79 80 **/ 80 public function addRow($cols, $attr = FALSE ) {81 public function addRow($cols, $attr = FALSE, $decode = FALSE) { 81 82 $tr = $this->table->addChild('tr'); 82 83 if ($attr) { … … 90 91 // add the columns 91 92 while ($cols[$i] !== NULL) { 92 if ($xml = @simplexml_load_string($cols[$i], 'XMLElement')) { 93 if ($decode) { 94 $xml = @simplexml_load_string(html_entity_decode($cols[$i], ENT_NOQUOTES, 'UTF-8'), 'XMLELement'); 95 } else { 96 $xml = @simplexml_load_string($cols[$i], 'XMLELement'); 97 } 93 98 // contents for this column given as XML tree 94 99 $tr->addElement($xml); branches/5.0/classes/pages/Forum.php
r24 r93 135 135 } 136 136 // add all the previously compiled topic information to table 137 $table->addRow(Array($_mark, '<td><h3>' . $_prefix . '<a href="' . $F->link('topic') . 'id=' . $row2['topicid'] . '">' . $row2['topictitle'] . '</a></h3>' . $_multipages . '</td>', '<td align="center">' . $row2['posts'] . '</td>', '<td align="center">' . $row2['views'] . '</td>', '<td><div>' . $LANG['by'] . ' ' . $_poster1->getProfileLink() . '</div><div>' . $LANG['at'] . ' ' . $F->datetime($row3->posttime, FALSE, TRUE) . '</div><div>' . $LANG['on'] . ' ' . $F->datetime($row3->posttime, TRUE, FALSE) . '</div></td>', '<td><div>' . $LANG['by'] . ' ' . $_poster2->getProfileLink() . '</div><div>' . $LANG['at'] . ' ' . $F->datetime($row4->posttime, FALSE, TRUE) . '</div><div>' . $LANG['on'] . ' ' . $F->datetime($row4->posttime, TRUE, FALSE) . '</div></td>'));137 $table->addRow(Array($_mark, '<td><h3>' . $_prefix . '<a href="' . $F->link('topic') . 'id=' . $row2['topicid'] . '">' . htmlentities($row2['topictitle']) . '</a></h3>' . str_replace('&', '&amp;', $_multipages) . '</td>', '<td align="center">' . $row2['posts'] . '</td>', '<td align="center">' . $row2['views'] . '</td>', '<td><div>' . $LANG['by'] . ' ' . $_poster1->getProfileLink() . '</div><div>' . $LANG['at'] . ' ' . $F->datetime($row3->posttime, FALSE, TRUE) . '</div><div>' . $LANG['on'] . ' ' . $F->datetime($row3->posttime, TRUE, FALSE) . '</div></td>', '<td><div>' . $LANG['by'] . ' ' . $_poster2->getProfileLink() . '</div><div>' . $LANG['at'] . ' ' . $F->datetime($row4->posttime, FALSE, TRUE) . '</div><div>' . $LANG['on'] . ' ' . $F->datetime($row4->posttime, TRUE, FALSE) . '</div></td>'), FALSE, TRUE); 138 138 } 139 139 // add finished table to parent HTML element branches/5.0/classes/pages/Members.php
r33 r93 64 64 break; 65 65 } 66 $q = $C->prepare('SELECT memberid FROM ' . $SETTINGS['dbtableprefix'] . 'members ORDER BY ' . $orderdb . ', membername ASC LIMIT :start, :perpage'); 67 $q->bindParam(':start', $start, PDO::PARAM_INT); 68 $q->bindParam(':perpage', $SETTINGS['topicsperpage'], PDO::PARAM_INT); 66 $q = $C->prepare('SELECT memberid FROM ' . $SETTINGS['dbtableprefix'] . 'members ORDER BY ' . $orderdb . ', membername ASC LIMIT ' . $start . ', ' . $SETTINGS['topicsperpage']); 69 67 $s = $q->execute(); 70 68 // put all the results into an array branches/5.0/classes/pages/Moderate.php
r33 r93 340 340 $_form->addInput('hidden', 'commit', 'y'); 341 341 $_form->createTable('postform'); 342 $_sel = '<select name="topic">';342 $_sel = new XMLElement('<select name="topic"></select>'); 343 343 // order topics of this forum the same way they appear on the forum overview page, i.e. by last activity 344 344 $q = $C->prepare('SELECT t.topicid AS topicid, t.topictitle AS topictitle, MAX(p.posttime) AS lastpost FROM ' . $SETTINGS['dbtableprefix'] . 'topics AS t, ' . $SETTINGS['dbtableprefix'] . 'posts AS p WHERE t.forum=:forum AND p.topic=t.topicid AND t.topicid!=:id GROUP BY t.topicid ORDER BY lastpost DESC'); … … 347 347 $q->execute(); 348 348 while ($_row_sel = $q->fetchObject()) { 349 $_sel .= '<option value="' . $_row_sel->topicid . '">' . $F->htmlentities($_row_sel->topictitle, TRUE) . '</option>'; 350 } 351 $q2 = NULL; 352 $_sel .= '</select>'; 353 $_form->addRawTableRow(Array($LANG['Topic'] . ':', '<td>' . $_sel . '</td>')); 349 $_opt = $_sel->addChild('option', $F->htmlentities($_row_sel->topictitle, TRUE)); 350 $_opt->addAttribute('value', $_row_sel->topicid); 351 } 352 $q = NULL; 353 $div = $_form->addChild('div', $LANG['Topic'] . ': '); 354 $div->addAttribute('class', 'liketr'); 355 $div->addElement($_sel); 354 356 $_form->addTableEnd(); 355 357 $_form->addTable(); branches/5.0/classes/pages/Newpoll.php
r19 r93 33 33 global $LANG, $F, $C, $SETTINGS; 34 34 global $id, $forum, $commit; 35 // after submit, the forum id is called $forum 36 if (isset($commit) && $commit == 'y') { 37 $id = $forum; 38 } 35 39 // define title and location 36 40 $this->index = 0; branches/5.0/classes/pages/Newtopic.php
r19 r93 33 33 global $LANG, $F, $C, $SETTINGS; 34 34 global $id, $forum, $commit; 35 // after submit, the forum id is called $forum 36 if (isset($commit) && $commit == 'y') { 37 $id = $forum; 38 } 35 39 // define title and location 36 40 $this->index = 0; branches/5.0/classes/pages/Reply.php
r19 r93 33 33 global $LANG, $F, $C, $SETTINGS; 34 34 global $id, $page, $quote, $commit; 35 // after commit, the topic id is called 'reply' 36 if (isset($commit) && $commit == 'y') { 37 $id = $reply; 38 } 35 39 // define title and location 36 40 $this->index = 0; … … 60 64 // show reply form 61 65 // check if user has permission; required: read; dependent on id 62 if (Member::checkRights('Reply', 'r', $ row->forum)) {66 if (Member::checkRights('Reply', 'r', $id)) { 63 67 // permission granted 64 68 // get text to quote (if needed) … … 88 92 // add form to XML tree 89 93 $this->html->body->addElement($_form->get()); 94 // header of 'thread reminder' (including a link to the full topic) 95 $h2 = $this->html->body->addChild('h2'); 96 $this->html->body->addElement(new XMLElement('<h2>' . str_replace('%n%', $SETTINGS['postsperpage'], $LANG['Last_x_Posts']) . ' (<a href="' . $F->link('topic') . 'id=' . $id . '" target="_blank">' . $LANG['View_All'] . '</a>)</h2>')); 97 // get posts from database (last $SETTINGS['postsperpage'] in reversed order) 98 $q2 = $C->prepare('SELECT postid FROM ' . $SETTINGS['dbtableprefix'] . 'posts WHERE topic=:topic ORDER BY posttime DESC LIMIT 0, ' . $SETTINGS['postsperpage']); 99 $q2->bindParam(':topic', $id, PDO::PARAM_INT, 12); 100 $q2->execute(); 101 $rows2 = $q2->fetchAll(); 102 $q2 = NULL; 103 // list posts in a table 104 $table = new Table(); 105 foreach ($rows2 as $row2) { 106 $p = new Post($row2['postid']); 107 $p->add($table); 108 } 109 $_table = $table->get(); 110 // add whole table to the XML tree representing the page 111 $this->html->body->addElement($_table); 90 112 } else { 91 113 // not allowed -> log in branches/5.0/includes/checklogin.php
r71 r93 54 54 // blocked - copy information to cookie 55 55 $exp = time() + $SETTINGS['expire'] * 24 * 60 * 60; 56 setcookie('sb_logins', $SETTINGS['loginattempts'], $exp, '/');56 setcookie('sb_logins', $SETTINGS['loginattempts'], $exp, $SETTINGS['webpath']); 57 57 } 58 58 } branches/5.0/includes/config/bots.php
r39 r93 17 17 $BOTS[] = 'jeeves'; 18 18 $BOTS[] = 'spider'; 19 $BOTS[] = 'robot'; 20 $BOTS[] = 'krawl'; 21 $BOTS[] = 'curl'; 22 $BOTS[] = 'wget'; 23 $BOTS[] = 'libwww-perl'; 24 $BOTS[] = 'metager'; 25 $BOTS[] = 'grub'; 26 $BOTS[] = 'netcraft'; 27 $BOTS[] = 'urllib'; 28 $BOTS[] = 'robozilla'; 19 29 20 30 ?> branches/5.0/includes/config/version.php
r71 r93 28 28 * Also good: Spam Board Viking Edition 1.0 (then, you can do your own version numbering from there) */ 29 29 30 $VERSION = '5.0 RC 3';30 $VERSION = '5.0 RC4'; 31 31 32 32 ?> branches/5.0/includes/lang/de.php
r71 r93 244 244 $LANG['Unpin_Topic'] = 'Thema losmachen'; 245 245 $LANG['Split_Topic'] = 'Thema aufsplitten'; 246 $LANG['Merge_Topic'] = 'Them n zusammenfügen';246 $LANG['Merge_Topic'] = 'Themen zusammenfügen'; 247 247 $LANG['Delete_Post'] = 'Beitrag löschen'; 248 248 $LANG['Edit_Post'] = 'Beitrag bearbeiten'; … … 307 307 $LANG['IP_Logging'] = 'IP-Logging'; 308 308 $LANG['Login_Attempts'] = 'Erlaubte Loginversuche (0 = unendlich)'; 309 $LANG['Last_x_Posts'] = 'Die letzten %n% Beiträge'; 310 $LANG['View_All'] = 'Alle ansehen'; 311 $LANG['per_day'] = 'pro Tag'; 309 312 310 313 /* actual sentences */ branches/5.0/includes/lang/en.php
r71 r93 308 308 $LANG['IP_Logging'] = 'IP Logging'; 309 309 $LANG['Login_Attempts'] = 'Allowed Login Attempts (0 = infinite)'; 310 $LANG['Last_x_Posts'] = 'Last %n% Posts'; 311 $LANG['View_All'] = 'View All'; 312 $LANG['per_day'] = 'per day'; 310 313 311 314 /* actual sentences */ branches/5.0/includes/login.php
r19 r93 65 65 } 66 66 // delete potential number of failed logins from cookie 67 setcookie('sb_logins', '0', '-1', '/');67 setcookie('sb_logins', '0', '-1', $SETTINGS['webpath']); 68 68 // set special admin flag if necessary 69 69 if ($admin) { branches/5.0/includes/session.php
r39 r93 24 24 25 25 // ignore well-known bots 26 if (in_array(strtolower($_SERVER['HTTP_USER_AGENT']), $BOTS) === FALSE) { 26 $is_bot = 0; 27 foreach ($BOTS as $bot) { 28 if (strpos(strtolower($_SERVER['HTTP_USER_AGENT']), $bot) !== FALSE) { 29 $is_bot = 1; 30 } 31 } 32 if ($is_bot === 0) { 27 33 // save session info in subdirectory instead of system-wide /tmp/ 28 34 ini_set('session.save_path', $SETTINGS['fspath'] . 'sessions'); … … 168 174 } 169 175 // don't list well-known bots in online table 170 if (isset($_SESSION['secdata']['useragent']) && in_array(strtolower($_SERVER['HTTP_USER_AGENT']), $BOTS) === FALSE) {176 if (isset($_SESSION['secdata']['useragent']) && $is_bot === 0) { 171 177 // new entry to table 172 178 $q = $C->prepare('INSERT INTO ' . $SETTINGS['dbtableprefix'] . 'online (onlinememberid, onlinetime, onlinesession) VALUES (:memberid, :time, :session)'); 173 $q->bindParam(':memberid', $_SESSION['memberid']); 179 if (isset($_SESSION['memberid']) && is_numeric($_SESSION['memberid'])) { 180 $q->bindParam(':memberid', $_SESSION['memberid'], PDO::PARAM_INT); 181 } else { 182 $q->bindValue(':memberid', 0, PDO::PARAM_INT); 183 } 174 184 $q->bindParam(':time', time(), PDO::PARAM_INT, 12); 175 185 $q->bindParam(':session', session_id(), PDO::PARAM_STR, 40); … … 211 221 } 212 222 // check for duplicate entries of members 213 if ($row ->onlinememberid> 0) {223 if ($row['onlinememberid'] > 0) { 214 224 $q2 = $C->prepare('SELECT onlinetime FROM ' . $SETTINGS['dbtableprefix'] . 'online WHERE onlinememberid=:memberid ORDER BY onlinetime DESC'); 215 225 $q2->bindParam(':memberid', $row['onlinememberid'], PDO::PARAM_INT, 12); … … 220 230 $q = $C->prepare('DELETE FROM ' . $SETTINGS['dbtableprefix'] . 'online WHERE onlinememberid=:memberid AND onlinetime<:time'); 221 231 $q->bindParam(':memberid', $row['onlinememberid'], PDO::PARAM_INT, 12); 222 $q->bindParam(':time', $row2 ['onlinetime'], PDO::PARAM_INT, 12);232 $q->bindParam(':time', $row2->onlinetime, PDO::PARAM_INT, 12); 223 233 $q->execute(); 224 234 $q = NULL; branches/5.0/includes/styles/default.css
r71 r93 24 24 padding:0px; 25 25 margin:0px; 26 color:#555555; 26 27 } 27 28 … … 29 30 font-family:sans-serif; 30 31 font-size:0.7em; 31 color:#555555;32 32 background:#f2f2f2; 33 33 margin:0px; … … 39 39 40 40 h1 { 41 font-size:1.5em; 41 42 position:relative; 42 43 top:0.5em; … … 60 61 color:#000000; 61 62 font-weight:bold; 63 font-size:1.5em; 62 64 } 63 65 … … 70 72 margin:0px; 71 73 padding:0px; 74 font-size:1.2em; 72 75 } 73 76 … … 252 255 padding:0.2em; 253 256 vertical-align:top; 257 } 258 259 .liketr { 260 background:#cccccc; 261 vertical-align:top; 262 text-align:center; 263 width:90%; 264 margin:0px; 265 position:relative; 266 left:5%; 267 border-left:1px solid #83be83; 268 border-right:1px solid #83be83; 254 269 } 255 270 branches/5.0/redirectors/logout.php
r39 r93 66 66 session_start(); 67 67 // update in database 68 $q = $C->prepare('UPDATE ' . $SETTINGS['dbtableprefix'] . 'online SET onlinememberid=0 WHERE onlinesession=:session'); 68 $q = $C->prepare('UPDATE ' . $SETTINGS['dbtableprefix'] . 'online SET onlinememberid = :zero WHERE onlinesession=:session'); 69 $q->bindValue(':zero', 0, PDO::PARAM_INT); 69 70 $q->bindParam(':session', session_id(), PDO::PARAM_STR, 40); 70 71 $q->execute();
