Drupal
/
drupal
mirror of https://git.drupalcode.org/project/drupal.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
drupal/account.php

539 lines
26 KiB
PHP
Raw Normal View History

Imported sources
2000-05-18 19:52:00 +00:00
<?
Over the last 2 days I redid and reorganized an afwul lot of code and made quite a lot of additions. The most remarkable addition is the diary server, which I slapped together in less then 40 minutes. Most of the other changes are however `unvisible' for the user but add much value to a better maintainability from a developer's objective. Like always, I fixed quite a number of small bugs that creeped into the code so we should have a bigger, better and more stable drop.org. Unfortunatly, some theme update _are_ required: REQUIRED THEME UPDATES: ======================= * use format_username() where usernames are used * use format_date() where timestamps/dates are used * use format_email() where e-mail addresses are displayed * use format_url() where url are displayed * replace 'formatTimestamp' with format_date * replace 'morelink_*' with 'display_morelink' [most of these functions are in function.inc or template.inc] ___PLEASE___ (<- this should get your attention ;) update your themes as soon as possible - it only takes 30 min. to get in sync with the other themes. Don't start whining about the fact you don't know what to change ... either eat the source cookie, or ask me to elaborate on a few changes. Just let me know what's puzzling you and I'll try to help you out! TODO LIST FOR NEXT WEEK ======================= * Add checks for max. text length in textarea's? Is there an HMTL attribute for this or ...? * Comment moderation + mojo * Edit/admin user accounts: block, delete, change permissions, ... * E-mail password, change password, change e-mail address -> extra checks and routines to validate such `special' changes. * Input checking - input filter: bad words, html tags, ...
2000-09-11 07:45:22 +00:00
- various updates, bugfixes and improvements
2001-02-04 22:09:38 +00:00
include_once "includes/common.inc";
Imported sources
2000-05-18 19:52:00 +00:00
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
function account_get_user($uname) {
Here we go again with a rather large commit: fixed a lot of annoying bugs and boxed whatever there was left to be boxed. * user.class.php: renamed $user->update() to $user->rehash(). * user.class.php: fixed a typical quote-bug in $user->rehash(). * functions.inc: fixed bug in displayOldHeadlines(). * functions.inc: improved several functions. * account.php: fixed major bug in showUser(). * account.php: added some extra words to the human-readable password-generator(tm). * account.php: boxed ALL functions! Fieuw! * submit.php: add some general information and guidlines on how to post submissions. * config.inc: re-thought the categories to be more generic. * submission.php: minor changes * search.pph: fixed minor bug with the author's names. Woops. I have an exam within 4 hours: back to my books. ;-) -------------------------------------------------------------------- * Anyone could check sumbit.php, sumbission.php and faq.php for typoes? * Anyone could adjust calendar.class.php to fit IE? *huh*huh* * Don't be scared to hack along (see below)! I'll be working on the submissions and comments. -------------------------------------------------------------------- Status of drop v0.10: (make the system erational' and release it.) - submissions: submission queue (75% complete) submission moderation (75% complete) - comments: comment moderation ( 0% complete) comment administration ( 0% complete) fixup timestamp mess ( 0% complete) - user system: mail password ( 0% complete) user administation (50% complete) patch admin.php ( 0% complete) account confirmation ( 0% complete) e-mail confimation upon modification of e-mail address ( 0% complete) - proper handling of forms: text2html, html2text html2txt, txt2html (10% complete) bad-word filter (80% complete) automatic link detection ( 0% complete) allowed HTML-tag checker ( 0% complete) - FAQ: cleanup, disclaimer (50% complete) - theme: box everything (100% complete)
2000-06-20 07:33:17 +00:00
$result = db_query("SELECT * FROM users WHERE userid = '$uname'");
return db_fetch_object($result);
}
amdin.php: - fixed bug in story section account.php: - removed death code, clean-up, reorganization - added "lost password?" functionality faq.php: - clean-up watchdog.inc: - improvements - end of input-limit test period error.php: - improvements, still crappy layout though
2000-11-20 10:27:35 +00:00
function account_email() {
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$output .= "<P>". t("Lost your password? Fill out your username and e-mail address, and your password will be mailed to you.") ."</P>\n";
amdin.php: - fixed bug in story section account.php: - removed death code, clean-up, reorganization - added "lost password?" functionality faq.php: - clean-up watchdog.inc: - improvements - end of input-limit test period error.php: - improvements, still crappy layout though
2000-11-20 10:27:35 +00:00
$output .= "<FORM ACTION=\"account.php\" METHOD=\"post\">\n";
- More updates on the translation support
2001-02-17 12:59:24 +00:00
$output .= "<B>". t("Username") .":</B><BR>\n";
$output .= "<INPUT NAME=\"userid\"><P>\n";
$output .= "<B>". t("E-mail address") .":</B><BR>\n";
$output .= "<INPUT NAME=\"email\"><P>\n";
$output .= "<INPUT NAME=\"op\" TYPE=\"submit\" VALUE=\"". t("E-mail new password") ."\">\n";
amdin.php: - fixed bug in story section account.php: - removed death code, clean-up, reorganization - added "lost password?" functionality faq.php: - clean-up watchdog.inc: - improvements - end of input-limit test period error.php: - improvements, still crappy layout though
2000-11-20 10:27:35 +00:00
$output .= "</FORM>\n";
return $output;
}
- locale module: added documentation (first draft) - locale module: improved administration interface - headline module: fixed small visual glitch in export function - account: small improvements
2001-02-21 08:25:21 +00:00
function account_create($error = "") {
amdin.php: - fixed bug in story section account.php: - removed death code, clean-up, reorganization - added "lost password?" functionality faq.php: - clean-up watchdog.inc: - improvements - end of input-limit test period error.php: - improvements, still crappy layout though
2000-11-20 10:27:35 +00:00
global $theme;
- locale module: added documentation (first draft) - locale module: improved administration interface - headline module: fixed small visual glitch in export function - account: small improvements
2001-02-21 08:25:21 +00:00
if ($error) {
$output .= "<P><FONT COLOR=\"red\">". t("Failed to create account: $error.") ."</FONT></P>\n";
watchdog("message", "failed to create account: $error.");
}
else {
$output .= "<P>". t("Registering allows you to comment on stories, to moderate comments and pending stories, to customize the look and feel of the site and generally helps you interact with the site more efficiently.") ."</P><P>". t("To create an account, simply fill out this form an click the 'Create account' button below. An e-mail will then be sent to you with instructions on how to validate your account.") ."</P>\n";
}
amdin.php: - fixed bug in story section account.php: - removed death code, clean-up, reorganization - added "lost password?" functionality faq.php: - clean-up watchdog.inc: - improvements - end of input-limit test period error.php: - improvements, still crappy layout though
2000-11-20 10:27:35 +00:00
$output .= "<FORM ACTION=\"account.php\" METHOD=\"post\">\n";
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$output .= "<B>". t("Username") .":</B><BR>\n";
$output .= "<INPUT NAME=\"userid\"><BR>\n";
$output .= "<SMALL><I>". t("Enter your desired username: only letters, numbers and common special characters are allowed.") ."</I></SMALL><P>\n";
$output .= "<B>". t("E-mail address") .":</B><BR>\n";
$output .= "<INPUT NAME=\"email\"><BR>\n";
- updates
2001-02-14 09:32:33 +00:00
$output .= "<SMALL><I>". t("You will be sent instructions on how to validate your account via this e-mail address: make sure it is accurate.") ."</I></SMALL><P>\n";
- More updates on the translation support
2001-02-17 12:59:24 +00:00
$output .= "<INPUT NAME=\"op\" TYPE=\"submit\" VALUE=\"". t("Create account") ."\">\n";
amdin.php: - fixed bug in story section account.php: - removed death code, clean-up, reorganization - added "lost password?" functionality faq.php: - clean-up watchdog.inc: - improvements - end of input-limit test period error.php: - improvements, still crappy layout though
2000-11-20 10:27:35 +00:00
$output .= "</FORM>\n";
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
Here we go again with a rather large commit: fixed a lot of annoying bugs and boxed whatever there was left to be boxed. * user.class.php: renamed $user->update() to $user->rehash(). * user.class.php: fixed a typical quote-bug in $user->rehash(). * functions.inc: fixed bug in displayOldHeadlines(). * functions.inc: improved several functions. * account.php: fixed major bug in showUser(). * account.php: added some extra words to the human-readable password-generator(tm). * account.php: boxed ALL functions! Fieuw! * submit.php: add some general information and guidlines on how to post submissions. * config.inc: re-thought the categories to be more generic. * submission.php: minor changes * search.pph: fixed minor bug with the author's names. Woops. I have an exam within 4 hours: back to my books. ;-) -------------------------------------------------------------------- * Anyone could check sumbit.php, sumbission.php and faq.php for typoes? * Anyone could adjust calendar.class.php to fit IE? *huh*huh* * Don't be scared to hack along (see below)! I'll be working on the submissions and comments. -------------------------------------------------------------------- Status of drop v0.10: (make the system erational' and release it.) - submissions: submission queue (75% complete) submission moderation (75% complete) - comments: comment moderation ( 0% complete) comment administration ( 0% complete) fixup timestamp mess ( 0% complete) - user system: mail password ( 0% complete) user administation (50% complete) patch admin.php ( 0% complete) account confirmation ( 0% complete) e-mail confimation upon modification of e-mail address ( 0% complete) - proper handling of forms: text2html, html2text html2txt, txt2html (10% complete) bad-word filter (80% complete) automatic link detection ( 0% complete) allowed HTML-tag checker ( 0% complete) - FAQ: cleanup, disclaimer (50% complete) - theme: box everything (100% complete)
2000-06-20 07:33:17 +00:00
return $output;
Hopefully this will not break anything *prays* ;)
2000-06-02 18:36:14 +00:00
}
Here we go again with a rather large commit: fixed a lot of annoying bugs and boxed whatever there was left to be boxed. * user.class.php: renamed $user->update() to $user->rehash(). * user.class.php: fixed a typical quote-bug in $user->rehash(). * functions.inc: fixed bug in displayOldHeadlines(). * functions.inc: improved several functions. * account.php: fixed major bug in showUser(). * account.php: added some extra words to the human-readable password-generator(tm). * account.php: boxed ALL functions! Fieuw! * submit.php: add some general information and guidlines on how to post submissions. * config.inc: re-thought the categories to be more generic. * submission.php: minor changes * search.pph: fixed minor bug with the author's names. Woops. I have an exam within 4 hours: back to my books. ;-) -------------------------------------------------------------------- * Anyone could check sumbit.php, sumbission.php and faq.php for typoes? * Anyone could adjust calendar.class.php to fit IE? *huh*huh* * Don't be scared to hack along (see below)! I'll be working on the submissions and comments. -------------------------------------------------------------------- Status of drop v0.10: (make the system erational' and release it.) - submissions: submission queue (75% complete) submission moderation (75% complete) - comments: comment moderation ( 0% complete) comment administration ( 0% complete) fixup timestamp mess ( 0% complete) - user system: mail password ( 0% complete) user administation (50% complete) patch admin.php ( 0% complete) account confirmation ( 0% complete) e-mail confimation upon modification of e-mail address ( 0% complete) - proper handling of forms: text2html, html2text html2txt, txt2html (10% complete) bad-word filter (80% complete) automatic link detection ( 0% complete) allowed HTML-tag checker ( 0% complete) - FAQ: cleanup, disclaimer (50% complete) - theme: box everything (100% complete)
2000-06-20 07:33:17 +00:00
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
function account_session_start($userid, $passwd) {
global $user;
- added fine-grained user permission system which allows us to give certain users access to specific administration sections only. Ex. a FAQ maintainer can only edit the FAQ, and members of an "editorial board" can only edit comments, diaries and stories, .. - code review => rewrote include/user.inc which is much easier now - fixed 4 small bugs
2001-02-18 15:14:56 +00:00
if ($userid && $passwd) $user = new User($userid, $passwd);
if ($user->id) session_register("user");
- fixed small translation glitch in format_interval - added a couple of missing t() functions - improved the comments module, fixed the score problem Jeroen reported earlier -> it's slicker but I hope it won't break anything
2001-03-01 21:34:09 +00:00
watchdog("message", ($user->id ? "session opened for user '$user->userid'" : "failed login for user `$userid'"));
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
}
function account_session_close() {
- fixed small typo
2001-01-25 13:33:15 +00:00
global $user;
- fixed small translation glitch in format_interval - added a couple of missing t() functions - improved the comments module, fixed the score problem Jeroen reported earlier -> it's slicker but I hope it won't break anything
2001-03-01 21:34:09 +00:00
watchdog("message", "session closed for user '$user->userid'");
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
session_unset();
session_destroy();
unset($user);
}
function account_user_edit() {
- fixed small bug in account.php - added documentation
2000-12-30 16:35:41 +00:00
global $allowed_html, $theme, $user;
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
if ($user->id) {
- here a bunch of changes to make "drupal" (for now) work with PHP 4.0.4 - tidied up some of the code and mainly working on the documentation
2000-12-30 11:58:14 +00:00
// Generate output/content:
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
$output .= "<FORM ACTION=\"account.php\" METHOD=\"post\">\n";
- More updates on the translation support
2001-02-17 12:59:24 +00:00
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$output .= "<B>". t("Username") .":</B><BR>\n";
- fixed small translation glitch in format_interval - added a couple of missing t() functions - improved the comments module, fixed the score problem Jeroen reported earlier -> it's slicker but I hope it won't break anything
2001-03-01 21:34:09 +00:00
$output .= "$user->userid<P>\n";
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$output .= "<I>". t("Required, unique, and can not be changed.") ."</I><P>\n";
- More updates on the translation support
2001-02-17 12:59:24 +00:00
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$output .= "<B>". t("Real name") .":</B><BR>\n";
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
$output .= "<INPUT NAME=\"edit[name]\" MAXLENGTH=\"55\" SIZE=\"30\" VALUE=\"$user->name\"><BR>\n";
- More updates on the translation support
2001-02-17 12:59:24 +00:00
$output .= "<I>". t("Optional") .".</I><P>\n";
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$output .= "<B>". t("Real e-mail address") .":</B><BR>\n";
- fixed small translation glitch in format_interval - added a couple of missing t() functions - improved the comments module, fixed the score problem Jeroen reported earlier -> it's slicker but I hope it won't break anything
2001-03-01 21:34:09 +00:00
$output .= "$user->real_email<P>\n";
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$output .= "<I>". t("Required, unique, can not be changed.") ." ". t("Your real e-mail address is never displayed publicly: only needed in case you lose your password.") ."</I><P>\n";
- More updates on the translation support
2001-02-17 12:59:24 +00:00
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$output .= "<B>". t("Fake e-mail address") .":</B><BR>\n";
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
$output .= "<INPUT NAME=\"edit[fake_email]\" MAXLENGTH=\"55\" SIZE=\"30\" VALUE=\"$user->fake_email\"><BR>\n";
- More updates on the translation support
2001-02-17 12:59:24 +00:00
$output .= "<I>". t("Optional") .". ". t("Displayed publicly so you may spam proof your real e-mail address if you want.") ."</I><P>\n";
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$output .= "<B>". t("Homepage") .":</B><BR>\n";
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
$output .= "<INPUT NAME=\"edit[url]\" MAXLENGTH=\"55\" SIZE=\"30\" VALUE=\"$user->url\"><BR>\n";
- More updates on the translation support
2001-02-17 12:59:24 +00:00
$output .= "<I>". t("Optional") .". ". t("Make sure you enter fully qualified URLs only. That is, remember to include \"http://\".") ."</I><P>\n";
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$output .= "<B>". t("Bio") .":</B> (". t("maximal 255 characters") .")<BR>\n";
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
$output .= "<TEXTAREA NAME=\"edit[bio]\" COLS=\"35\" ROWS=\"5\" WRAP=\"virtual\">$user->bio</TEXTAREA><BR>\n";
- More updates on the translation support
2001-02-17 12:59:24 +00:00
$output .= "<I>". t("Optional") .". ". t("This biographical information is publicly displayed on your user page.") ."<BR>". t("Allowed HTML tags") .": ". htmlspecialchars($allowed_html) .".</I><P>\n";
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$output .= "<B>". t("Signature") .":</B> (". t("maximal 255 characters") .")<BR>\n";
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
$output .= "<TEXTAREA NAME=\"edit[signature]\" COLS=\"35\" ROWS=\"5\" WRAP=\"virtual\">$user->signature</TEXTAREA><BR>\n";
- More updates on the translation support
2001-02-17 12:59:24 +00:00
$output .= "<I>". t("Optional") .". ". t("This information will be publicly displayed at the end of your comments.") ."<BR>". t("Allowed HTML tags") .": ". htmlspecialchars($allowed_html) .".</I><P>\n";
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$output .= "<B>". t("Password") .":</B><BR>\n";
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
$output .= "<INPUT TYPE=\"password\" NAME=\"edit[pass1]\" SIZE=\"10\" MAXLENGTH=\"20\"> <INPUT TYPE=\"password\" NAME=\"edit[pass2]\" SIZE=\"10\" MAXLENGTH=\"20\"><BR>\n";
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$output .= "<I>". t("Enter your new password twice if you want to change your current password or leave it blank if you are happy with your current password.") ."</I><P>\n";
- More updates on the translation support
2001-02-17 12:59:24 +00:00
$output .= "<INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"". t("Save user information") ."\"><BR>\n";
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
$output .= "</FORM>\n";
- here a bunch of changes to make "drupal" (for now) work with PHP 4.0.4 - tidied up some of the code and mainly working on the documentation
2000-12-30 11:58:14 +00:00
// Display output/content:
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
$theme->header();
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$theme->box(t("Edit user information"), $output);
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
$theme->footer();
}
else {
$theme->header();
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$theme->box(t("Create user account"), account_create());
$theme->box(t("E-mail new password"), account_email());
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
$theme->footer();
}
}
function account_user_save($edit) {
global $user;
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
if ($user->id) {
- added fine-grained user permission system which allows us to give certain users access to specific administration sections only. Ex. a FAQ maintainer can only edit the FAQ, and members of an "editorial board" can only edit comments, diaries and stories, .. - code review => rewrote include/user.inc which is much easier now - fixed 4 small bugs
2001-02-18 15:14:56 +00:00
$user = user_save($user, array("name" => $edit[name], "fake_email" => $edit[fake_email], "url" => $edit[url], "bio" => $edit[bio], "signature" => $edit[signature]));
if ($edit[pass1] && $edit[pass1] == $edit[pass2]) $user = user_save($user, array("passwd" => $edit[pass1]));
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
}
}
Yet another large batch of updates: - I rearranged some of the code and clean-up some of the mess. - Added "blocks" which can be user defined/controlled: check to see. The positioning of blocks is rather basic for the moment, so I'm all open for input on that.
2000-12-23 23:25:28 +00:00
function account_site_edit() {
- More updates on the translation support
2001-02-17 12:59:24 +00:00
global $cmodes, $corder, $theme, $themes, $languages, $user;
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
if ($user->id) {
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
$output .= "<FORM ACTION=\"account.php\" METHOD=\"post\">\n";
- More updates on the translation support
2001-02-17 12:59:24 +00:00
- fixed small translation glitch in format_interval - added a couple of missing t() functions - improved the comments module, fixed the score problem Jeroen reported earlier -> it's slicker but I hope it won't break anything
2001-03-01 21:34:09 +00:00
$output .= "<B>". t("Theme") .":</B><BR>\n";
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
foreach ($themes as $key=>$value) $options1 .= " <OPTION VALUE=\"$key\"". (($user->theme == $key) ? " SELECTED" : "") .">$key - $value[1]</OPTION>\n";
- fixed a bug in check_input: html stripping was not 100% correct. - fixed a bug in account.php: the confirmation url is now correct. - improved error checking + security in diary.php. - fixed a bug in the html code of theme zaphod. - improved the date handling: always call format_date(). - expanded account information in administration pages. - added a new variable $siteurl to ./includes/config.inc. - added comment moderation to theme zaphod. - "alter table users add timezone varchar(8);" - !!! added new timezone feature !!! :o)
2000-10-30 16:18:39 +00:00
$output .= "<SELECT NAME=\"edit[theme]\">\n$options1</SELECT><BR>\n";
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$output .= "<I>". t("Selecting a different theme will change the look and feel of the site.") ."</I><P>\n";
- More updates on the translation support
2001-02-17 12:59:24 +00:00
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$output .= "<B>". t("Timezone") .":</B><BR>\n";
- fixed a bug in check_input: html stripping was not 100% correct. - fixed a bug in account.php: the confirmation url is now correct. - improved error checking + security in diary.php. - fixed a bug in the html code of theme zaphod. - improved the date handling: always call format_date(). - expanded account information in administration pages. - added a new variable $siteurl to ./includes/config.inc. - added comment moderation to theme zaphod. - "alter table users add timezone varchar(8);" - !!! added new timezone feature !!! :o)
2000-10-30 16:18:39 +00:00
$date = time() - date("Z");
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
for ($zone = -43200; $zone <= 46800; $zone += 3600) $options2 .= " <OPTION VALUE=\"$zone\"". (($user->timezone == $zone) ? " SELECTED" : "") .">". date("l, F dS, Y - h:i A", $date + $zone) ." (GMT ". $zone / 3600 .")</OPTION>\n";
- fixed a bug in check_input: html stripping was not 100% correct. - fixed a bug in account.php: the confirmation url is now correct. - improved error checking + security in diary.php. - fixed a bug in the html code of theme zaphod. - improved the date handling: always call format_date(). - expanded account information in administration pages. - added a new variable $siteurl to ./includes/config.inc. - added comment moderation to theme zaphod. - "alter table users add timezone varchar(8);" - !!! added new timezone feature !!! :o)
2000-10-30 16:18:39 +00:00
$output .= "<SELECT NAME=\"edit[timezone]\">\n$options2</SELECT><BR>\n";
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$output .= "<I>". t("Select what time you currently have and your timezone settings will be set appropriate.") ."</I><P>\n";
- More updates on the translation support
2001-02-17 12:59:24 +00:00
$output .= "<B>". t("Language" ) .":</B><BR>\n";
foreach ($languages as $key=>$value) $options3 .= " <OPTION VALUE=\"$key\"". (($user->language == $key) ? " SELECTED" : "") .">$value - $key</OPTION>\n";
$output .= "<SELECT NAME=\"edit[language]\">\n$options3</SELECT><BR>\n";
$output .= "<I>". t("Selecting a different language will change the language the site.") ."</I><P>\n";
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$output .= "<B>". t("Maximum number of stories to display") .":</B><BR>\n";
- More updates on the translation support
2001-02-17 12:59:24 +00:00
for ($stories = 10; $stories <= 30; $stories += 5) $options4 .= "<OPTION VALUE=\"$stories\"". (($user->stories == $stories) ? " SELECTED" : "") .">$stories</OPTION>\n";
$output .= "<SELECT NAME=\"edit[stories]\">\n$options4</SELECT><BR>\n";
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$output .= "<I>". t("The maximum number of stories that will be displayed on the main page.") ."</I><P>\n";
- More updates on the translation support
2001-02-17 12:59:24 +00:00
foreach ($cmodes as $key=>$value) $options5 .= "<OPTION VALUE=\"$key\"". ($user->mode == $key ? " SELECTED" : "") .">$value</OPTION>\n";
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$output .= "<B>". t("Comment display mode") .":</B><BR>\n";
- More updates on the translation support
2001-02-17 12:59:24 +00:00
$output .= "<SELECT NAME=\"edit[mode]\">$options5</SELECT><P>\n";
foreach ($corder as $key=>$value) $options6 .= "<OPTION VALUE=\"$key\"". ($user->sort == $key ? " SELECTED" : "") .">$value</OPTION>\n";
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$output .= "<B>". t("Comment sort order") .":</B><BR>\n";
- More updates on the translation support
2001-02-17 12:59:24 +00:00
$output .= "<SELECT NAME=\"edit[sort]\">$options6</SELECT><P>\n";
for ($i = -1; $i < 6; $i++) $options7 .= " <OPTION VALUE=\"$i\"". ($user->threshold == $i ? " SELECTED" : "") .">Filter - $i</OPTION>";
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$output .= "<B>". t("Comment filter") .":</B><BR>\n";
- More updates on the translation support
2001-02-17 12:59:24 +00:00
$output .= "<SELECT NAME=\"edit[threshold]\">$options7</SELECT><BR>\n";
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$output .= "<I>". t("Comments that scored less than this threshold setting will be ignored. Anonymous comments start at 0, comments of people logged on start at 1 and moderators can add and subtract points.") ."</I><P>\n";
- More updates on the translation support
2001-02-17 12:59:24 +00:00
$output .= "<INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"". t("Save site settings") ."\"><BR>\n";
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
$output .= "</FORM>\n";
$theme->header();
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$theme->box(t("Edit your preferences"), $output);
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
$theme->footer();
}
else {
$theme->header();
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$theme->box(t("Create user account"), account_create());
$theme->box(t("E-mail new password"), account_email());
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
$theme->footer();
}
}
Yet another large batch of updates: - I rearranged some of the code and clean-up some of the mess. - Added "blocks" which can be user defined/controlled: check to see. The positioning of blocks is rather basic for the moment, so I'm all open for input on that.
2000-12-23 23:25:28 +00:00
function account_site_save($edit) {
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
global $user;
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
if ($user->id) {
- added fine-grained user permission system which allows us to give certain users access to specific administration sections only. Ex. a FAQ maintainer can only edit the FAQ, and members of an "editorial board" can only edit comments, diaries and stories, .. - code review => rewrote include/user.inc which is much easier now - fixed 4 small bugs
2001-02-18 15:14:56 +00:00
$user = user_save($user, array("theme" => $edit[theme], "timezone" => $edit[timezone], "language" => $edit[language], "stories" => $edit[stories], "mode" => $edit[mode], "sort" => $edit[sort], "threshold" => $edit[threshold]));
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
}
Hopefully this will not break anything *prays* ;)
2000-06-02 18:36:14 +00:00
}
Here we go again with a rather large commit: fixed a lot of annoying bugs and boxed whatever there was left to be boxed. * user.class.php: renamed $user->update() to $user->rehash(). * user.class.php: fixed a typical quote-bug in $user->rehash(). * functions.inc: fixed bug in displayOldHeadlines(). * functions.inc: improved several functions. * account.php: fixed major bug in showUser(). * account.php: added some extra words to the human-readable password-generator(tm). * account.php: boxed ALL functions! Fieuw! * submit.php: add some general information and guidlines on how to post submissions. * config.inc: re-thought the categories to be more generic. * submission.php: minor changes * search.pph: fixed minor bug with the author's names. Woops. I have an exam within 4 hours: back to my books. ;-) -------------------------------------------------------------------- * Anyone could check sumbit.php, sumbission.php and faq.php for typoes? * Anyone could adjust calendar.class.php to fit IE? *huh*huh* * Don't be scared to hack along (see below)! I'll be working on the submissions and comments. -------------------------------------------------------------------- Status of drop v0.10: (make the system erational' and release it.) - submissions: submission queue (75% complete) submission moderation (75% complete) - comments: comment moderation ( 0% complete) comment administration ( 0% complete) fixup timestamp mess ( 0% complete) - user system: mail password ( 0% complete) user administation (50% complete) patch admin.php ( 0% complete) account confirmation ( 0% complete) e-mail confimation upon modification of e-mail address ( 0% complete) - proper handling of forms: text2html, html2text html2txt, txt2html (10% complete) bad-word filter (80% complete) automatic link detection ( 0% complete) allowed HTML-tag checker ( 0% complete) - FAQ: cleanup, disclaimer (50% complete) - theme: box everything (100% complete)
2000-06-20 07:33:17 +00:00
- some improvements and code polishing - added a few extra blocks to choose from
2000-12-24 15:44:29 +00:00
function account_content_edit() {
Yet another large batch of updates: - I rearranged some of the code and clean-up some of the mess. - Added "blocks" which can be user defined/controlled: check to see. The positioning of blocks is rather basic for the moment, so I'm all open for input on that.
2000-12-23 23:25:28 +00:00
global $theme, $user;
if ($user->id) {
$output .= "<FORM ACTION=\"account.php\" METHOD=\"post\">\n";
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$output .= "<B>". t("Blocks in side bars") .":</B><BR>\n";
- some improvements and code polishing - added a few extra blocks to choose from
2000-12-24 15:44:29 +00:00
$result = db_query("SELECT * FROM blocks WHERE status = 1 ORDER BY module");
Yet another large batch of updates: - I rearranged some of the code and clean-up some of the mess. - Added "blocks" which can be user defined/controlled: check to see. The positioning of blocks is rather basic for the moment, so I'm all open for input on that.
2000-12-23 23:25:28 +00:00
while ($block = db_fetch_object($result)) {
$entry = db_fetch_object(db_query("SELECT * FROM layout WHERE block = '$block->name' AND user = '$user->id'"));
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$output .= "<INPUT TYPE=\"checkbox\" NAME=\"edit[$block->name]\"". ($entry->user ? " CHECKED" : "") ."> ". t($block->name) ."<BR>\n";
- fixed small typo
2001-01-25 13:33:15 +00:00
}
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$output .= "<P><I>". t("Enable the blocks you would like to see displayed in the side bars.") ."</I></P>\n";
- More updates on the translation support
2001-02-17 12:59:24 +00:00
$output .= "<INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"". t("Save content settings") ."\">\n";
Yet another large batch of updates: - I rearranged some of the code and clean-up some of the mess. - Added "blocks" which can be user defined/controlled: check to see. The positioning of blocks is rather basic for the moment, so I'm all open for input on that.
2000-12-23 23:25:28 +00:00
$output .= "</FORM>\n";
$theme->header();
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$theme->box(t("Edit your content"), $output);
Yet another large batch of updates: - I rearranged some of the code and clean-up some of the mess. - Added "blocks" which can be user defined/controlled: check to see. The positioning of blocks is rather basic for the moment, so I'm all open for input on that.
2000-12-23 23:25:28 +00:00
$theme->footer();
}
else {
$theme->header();
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$theme->box(t("Create user account"), account_create());
$theme->box(t("E-mail new password"), account_email());
Yet another large batch of updates: - I rearranged some of the code and clean-up some of the mess. - Added "blocks" which can be user defined/controlled: check to see. The positioning of blocks is rather basic for the moment, so I'm all open for input on that.
2000-12-23 23:25:28 +00:00
$theme->footer();
}
}
- some improvements and code polishing - added a few extra blocks to choose from
2000-12-24 15:44:29 +00:00
function account_content_save($edit) {
Yet another large batch of updates: - I rearranged some of the code and clean-up some of the mess. - Added "blocks" which can be user defined/controlled: check to see. The positioning of blocks is rather basic for the moment, so I'm all open for input on that.
2000-12-23 23:25:28 +00:00
global $user;
if ($user->id) {
A rather large and important update: revised most of the SQL queries and tried to make drupal as secure as possible (while trying to avoid redundant/duplicate checks). For drupal's sake, try to screw something up. See the mail about PHPNuke being hacked appr. 6 days ago. The one who finds a problem is rewarded a beer (and I'm willing to ship it to Norway if required). I beg you to be evil. Try dumping a table a la "http://localhost/index.php?date=77778;DROP TABLE users" or something. ;)
2001-03-07 21:29:40 +00:00
db_query("DELETE FROM layout WHERE user = '$user->id'");
- rewrote the block placement stuff and updated the themes. IMPORTANT: you have to drop 2 tables "blocks" and "layout" and you have to recreate them again with those in database/database.mysql - integrated the documentation written by UnConeD
2001-01-13 16:33:19 +00:00
foreach (($edit ? $edit : array()) as $block=>$weight) {
A rather large and important update: revised most of the SQL queries and tried to make drupal as secure as possible (while trying to avoid redundant/duplicate checks). For drupal's sake, try to screw something up. See the mail about PHPNuke being hacked appr. 6 days ago. The one who finds a problem is rewarded a beer (and I'm willing to ship it to Norway if required). I beg you to be evil. Try dumping a table a la "http://localhost/index.php?date=77778;DROP TABLE users" or something. ;)
2001-03-07 21:29:40 +00:00
db_query("INSERT INTO layout (user, block) VALUES ('$user->id', '". check_input($block) ."')");
Yet another large batch of updates: - I rearranged some of the code and clean-up some of the mess. - Added "blocks" which can be user defined/controlled: check to see. The positioning of blocks is rather basic for the moment, so I'm all open for input on that.
2000-12-23 23:25:28 +00:00
}
}
}
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
function account_user($uname) {
Over the last 2 days I redid and reorganized an afwul lot of code and made quite a lot of additions. The most remarkable addition is the diary server, which I slapped together in less then 40 minutes. Most of the other changes are however `unvisible' for the user but add much value to a better maintainability from a developer's objective. Like always, I fixed quite a number of small bugs that creeped into the code so we should have a bigger, better and more stable drop.org. Unfortunatly, some theme update _are_ required: REQUIRED THEME UPDATES: ======================= * use format_username() where usernames are used * use format_date() where timestamps/dates are used * use format_email() where e-mail addresses are displayed * use format_url() where url are displayed * replace 'formatTimestamp' with format_date * replace 'morelink_*' with 'display_morelink' [most of these functions are in function.inc or template.inc] ___PLEASE___ (<- this should get your attention ;) update your themes as soon as possible - it only takes 30 min. to get in sync with the other themes. Don't start whining about the fact you don't know what to change ... either eat the source cookie, or ask me to elaborate on a few changes. Just let me know what's puzzling you and I'll try to help you out! TODO LIST FOR NEXT WEEK ======================= * Add checks for max. text length in textarea's? Is there an HMTL attribute for this or ...? * Comment moderation + mojo * Edit/admin user accounts: block, delete, change permissions, ... * E-mail password, change password, change e-mail address -> extra checks and routines to validate such `special' changes. * Input checking - input filter: bad words, html tags, ...
2000-09-11 07:45:22 +00:00
global $user, $theme;
* fixed the login problem
2000-10-25 11:23:29 +00:00
A batch of preparations for release candidate 2: - expanded documentation (written by Jeroen) - fixed bug in includes/module.inc - fixed bug in modules/backend.class - renamed some of the SQL tables (!) - started making the diary.module truly modular (not finished yet) - renamed "admin_blocks" to "boxes" - added new functionality to "boxes": apart from PHP boxes, you can now create ASCII boxes as well as HTML boxes for those who are not confident with PHP. (requested by stalor) - added drupal-site module to keep track of known drupal sites - added small Perl script to generate encrypted CVS passwords
2001-01-03 21:23:58 +00:00
function module($name, $module, $username) {
global $theme;
if ($module["user"] && $block = $module["user"]($username, "user", "view")) {
if ($block["content"]) $theme->box($block["subject"], $block["content"]);
}
}
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
if ($user->id && $user->userid == $uname) {
Changelog --------- - improved the user information page. - improved the story submission page. - fixed comments score bug: '.00' --> 'x.00' - tried fixing the calendar wrapping - UnConeD, is it fixed now? - provided a link back to the submission queue after having voted for a story. - fixed comment subject bug (and security flaw) by replacing quotes by &quot;. - updated theme 'zaphod': fixed 2 bugs. - updated theme 'marvin': fixed 1 bug and improved the layout so things wrap (hopefully) better in Windows. - comments have by default no subject pre-set - if no subject is provided, the user is warned and when a comment eventually got submitted without a subject, a subject is composed using the x first characters of the comment's body. - improved comments on submit.php - corrected a typo in the FAQ. UnConeD ------- - replace 'article.php' by 'discussion.php' - comment() still uses old references to account.php: the parameters you supply to account.php does no longer hold. You have to update those links to the new syntax. - commentcontrol() is outdated - copy paste the one of theme 'marvin' and adjust it to your likings.
2000-10-02 07:32:17 +00:00
$output .= "<TABLE BORDER=\"0\" CELLPADDING=\"2\" CELLSPACING=\"2\">\n";
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$output .= " <TR><TD ALIGN=\"right\"><B>". t("Username") .":</B></TD><TD>$user->userid</TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\"><B>". t("E-mail") .":</B></TD><TD>". format_email($user->fake_email) ."</A></TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\"><B>". t("Homepage") .":</B></TD><TD>". format_url($user->url) ."</TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\" VALIGN=\"top\"><B>". t("Bio") .":</B></TD><TD>". check_output($user->bio) ."</TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\" VALIGN=\"top\"><B>". t("Signature") .":</B></TD><TD>". check_output($user->signature) ."</TD></TR>\n";
Here we go again with a rather large commit: fixed a lot of annoying bugs and boxed whatever there was left to be boxed. * user.class.php: renamed $user->update() to $user->rehash(). * user.class.php: fixed a typical quote-bug in $user->rehash(). * functions.inc: fixed bug in displayOldHeadlines(). * functions.inc: improved several functions. * account.php: fixed major bug in showUser(). * account.php: added some extra words to the human-readable password-generator(tm). * account.php: boxed ALL functions! Fieuw! * submit.php: add some general information and guidlines on how to post submissions. * config.inc: re-thought the categories to be more generic. * submission.php: minor changes * search.pph: fixed minor bug with the author's names. Woops. I have an exam within 4 hours: back to my books. ;-) -------------------------------------------------------------------- * Anyone could check sumbit.php, sumbission.php and faq.php for typoes? * Anyone could adjust calendar.class.php to fit IE? *huh*huh* * Don't be scared to hack along (see below)! I'll be working on the submissions and comments. -------------------------------------------------------------------- Status of drop v0.10: (make the system erational' and release it.) - submissions: submission queue (75% complete) submission moderation (75% complete) - comments: comment moderation ( 0% complete) comment administration ( 0% complete) fixup timestamp mess ( 0% complete) - user system: mail password ( 0% complete) user administation (50% complete) patch admin.php ( 0% complete) account confirmation ( 0% complete) e-mail confimation upon modification of e-mail address ( 0% complete) - proper handling of forms: text2html, html2text html2txt, txt2html (10% complete) bad-word filter (80% complete) automatic link detection ( 0% complete) allowed HTML-tag checker ( 0% complete) - FAQ: cleanup, disclaimer (50% complete) - theme: box everything (100% complete)
2000-06-20 07:33:17 +00:00
$output .= "</TABLE>\n";
* Update: improved error checking/handling.
2000-07-02 15:00:42 +00:00
- here a bunch of changes to make "drupal" (for now) work with PHP 4.0.4 - tidied up some of the code and mainly working on the documentation
2000-12-30 11:58:14 +00:00
// Display account information:
Here we go again with a rather large commit: fixed a lot of annoying bugs and boxed whatever there was left to be boxed. * user.class.php: renamed $user->update() to $user->rehash(). * user.class.php: fixed a typical quote-bug in $user->rehash(). * functions.inc: fixed bug in displayOldHeadlines(). * functions.inc: improved several functions. * account.php: fixed major bug in showUser(). * account.php: added some extra words to the human-readable password-generator(tm). * account.php: boxed ALL functions! Fieuw! * submit.php: add some general information and guidlines on how to post submissions. * config.inc: re-thought the categories to be more generic. * submission.php: minor changes * search.pph: fixed minor bug with the author's names. Woops. I have an exam within 4 hours: back to my books. ;-) -------------------------------------------------------------------- * Anyone could check sumbit.php, sumbission.php and faq.php for typoes? * Anyone could adjust calendar.class.php to fit IE? *huh*huh* * Don't be scared to hack along (see below)! I'll be working on the submissions and comments. -------------------------------------------------------------------- Status of drop v0.10: (make the system erational' and release it.) - submissions: submission queue (75% complete) submission moderation (75% complete) - comments: comment moderation ( 0% complete) comment administration ( 0% complete) fixup timestamp mess ( 0% complete) - user system: mail password ( 0% complete) user administation (50% complete) patch admin.php ( 0% complete) account confirmation ( 0% complete) e-mail confimation upon modification of e-mail address ( 0% complete) - proper handling of forms: text2html, html2text html2txt, txt2html (10% complete) bad-word filter (80% complete) automatic link detection ( 0% complete) allowed HTML-tag checker ( 0% complete) - FAQ: cleanup, disclaimer (50% complete) - theme: box everything (100% complete)
2000-06-20 07:33:17 +00:00
$theme->header();
- More updates on the translation support
2001-02-17 12:59:24 +00:00
$theme->box(t("Personal information"), $output);
Here we go again with a rather large commit: fixed a lot of annoying bugs and boxed whatever there was left to be boxed. * user.class.php: renamed $user->update() to $user->rehash(). * user.class.php: fixed a typical quote-bug in $user->rehash(). * functions.inc: fixed bug in displayOldHeadlines(). * functions.inc: improved several functions. * account.php: fixed major bug in showUser(). * account.php: added some extra words to the human-readable password-generator(tm). * account.php: boxed ALL functions! Fieuw! * submit.php: add some general information and guidlines on how to post submissions. * config.inc: re-thought the categories to be more generic. * submission.php: minor changes * search.pph: fixed minor bug with the author's names. Woops. I have an exam within 4 hours: back to my books. ;-) -------------------------------------------------------------------- * Anyone could check sumbit.php, sumbission.php and faq.php for typoes? * Anyone could adjust calendar.class.php to fit IE? *huh*huh* * Don't be scared to hack along (see below)! I'll be working on the submissions and comments. -------------------------------------------------------------------- Status of drop v0.10: (make the system erational' and release it.) - submissions: submission queue (75% complete) submission moderation (75% complete) - comments: comment moderation ( 0% complete) comment administration ( 0% complete) fixup timestamp mess ( 0% complete) - user system: mail password ( 0% complete) user administation (50% complete) patch admin.php ( 0% complete) account confirmation ( 0% complete) e-mail confimation upon modification of e-mail address ( 0% complete) - proper handling of forms: text2html, html2text html2txt, txt2html (10% complete) bad-word filter (80% complete) automatic link detection ( 0% complete) allowed HTML-tag checker ( 0% complete) - FAQ: cleanup, disclaimer (50% complete) - theme: box everything (100% complete)
2000-06-20 07:33:17 +00:00
$theme->footer();
}
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
elseif ($uname && $account = account_get_user($uname)) {
- fixed PHP4.0.4 problem in discussion.php. - some improvements to account.php and theme.inc. - updated the documentation (again, again and again) - added INSTALL file - removed redundant files
2000-12-31 08:24:16 +00:00
$block1 .= "<TABLE BORDER=\"0\" CELLPADDING=\"1\" CELLSPACING=\"1\">\n";
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$block1 .= " <TR><TD ALIGN=\"right\"><B>". t("Username") .":</B></TD><TD>$account->userid</TD></TR>\n";
$block1 .= " <TR><TD ALIGN=\"right\"><B>". t("E-mail") .":</B></TD><TD>". format_email($account->fake_email) ."</TD></TR>\n";
$block1 .= " <TR><TD ALIGN=\"right\"><B>". t("Homepage") .":</B></TD><TD>". format_url($account->url) ."</TD></TR>\n";
$block1 .= " <TR><TD ALIGN=\"right\"><B>". t("Bio") .":</B></TD><TD>". check_output($account->bio) ."</TD></TR>\n";
- fixed PHP4.0.4 problem in discussion.php. - some improvements to account.php and theme.inc. - updated the documentation (again, again and again) - added INSTALL file - removed redundant files
2000-12-31 08:24:16 +00:00
$block1 .= "</TABLE>\n";
* A set of misc. updates and improvements. * On a side note: Jeroen: I'm feeling somewhat better at the moment so normally it should be OK if you'd stop by tonight (after 19:30h). Give me some feedback on this. ;-)
2000-09-27 07:14:32 +00:00
- fixed MySQL bug in account.php
2001-01-20 16:10:43 +00:00
$result = db_query("SELECT c.cid, c.pid, c.lid, c.subject, c.timestamp, s.subject AS story FROM comments c LEFT JOIN users u ON u.id = c.author LEFT JOIN stories s ON s.id = c.lid WHERE u.userid = '$uname' AND s.status = 2 AND c.link = 'story' AND s.timestamp > ". (time() - 1209600) ." ORDER BY cid DESC LIMIT 10");
* A set of misc. updates and improvements. * On a side note: Jeroen: I'm feeling somewhat better at the moment so normally it should be OK if you'd stop by tonight (after 19:30h). Give me some feedback on this. ;-)
2000-09-27 07:14:32 +00:00
while ($comment = db_fetch_object($result)) {
- fixed PHP4.0.4 problem in discussion.php. - some improvements to account.php and theme.inc. - updated the documentation (again, again and again) - added INSTALL file - removed redundant files
2000-12-31 08:24:16 +00:00
$block2 .= "<TABLE BORDER=\"0\" CELLPADDING=\"1\" CELLSPACING=\"1\">\n";
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$block2 .= " <TR><TD ALIGN=\"right\"><B>". t("Comment") .":</B></TD><TD><A HREF=\"story.php?id=$comment->lid&cid=$comment->cid&pid=$comment->pid#$comment->cid\">". check_output($comment->subject) ."</A></TD></TR>\n";
$block2 .= " <TR><TD ALIGN=\"right\"><B>". t("Date") .":</B></TD><TD>". format_date($comment->timestamp) ."</TD></TR>\n";
$block2 .= " <TR><TD ALIGN=\"right\"><B>". t("Story") .":</B></TD><TD><A HREF=\"story.php?id=$comment->lid\">". check_output($comment->story) ."</A></TD></TR>\n";
- fixed PHP4.0.4 problem in discussion.php. - some improvements to account.php and theme.inc. - updated the documentation (again, again and again) - added INSTALL file - removed redundant files
2000-12-31 08:24:16 +00:00
$block2 .= "</TABLE>\n";
$block2 .= "<P>\n";
* A set of misc. updates and improvements. * On a side note: Jeroen: I'm feeling somewhat better at the moment so normally it should be OK if you'd stop by tonight (after 19:30h). Give me some feedback on this. ;-)
2000-09-27 07:14:32 +00:00
$comments++;
}
Here we go again with a rather large commit: fixed a lot of annoying bugs and boxed whatever there was left to be boxed. * user.class.php: renamed $user->update() to $user->rehash(). * user.class.php: fixed a typical quote-bug in $user->rehash(). * functions.inc: fixed bug in displayOldHeadlines(). * functions.inc: improved several functions. * account.php: fixed major bug in showUser(). * account.php: added some extra words to the human-readable password-generator(tm). * account.php: boxed ALL functions! Fieuw! * submit.php: add some general information and guidlines on how to post submissions. * config.inc: re-thought the categories to be more generic. * submission.php: minor changes * search.pph: fixed minor bug with the author's names. Woops. I have an exam within 4 hours: back to my books. ;-) -------------------------------------------------------------------- * Anyone could check sumbit.php, sumbission.php and faq.php for typoes? * Anyone could adjust calendar.class.php to fit IE? *huh*huh* * Don't be scared to hack along (see below)! I'll be working on the submissions and comments. -------------------------------------------------------------------- Status of drop v0.10: (make the system erational' and release it.) - submissions: submission queue (75% complete) submission moderation (75% complete) - comments: comment moderation ( 0% complete) comment administration ( 0% complete) fixup timestamp mess ( 0% complete) - user system: mail password ( 0% complete) user administation (50% complete) patch admin.php ( 0% complete) account confirmation ( 0% complete) e-mail confimation upon modification of e-mail address ( 0% complete) - proper handling of forms: text2html, html2text html2txt, txt2html (10% complete) bad-word filter (80% complete) automatic link detection ( 0% complete) allowed HTML-tag checker ( 0% complete) - FAQ: cleanup, disclaimer (50% complete) - theme: box everything (100% complete)
2000-06-20 07:33:17 +00:00
- here a bunch of changes to make "drupal" (for now) work with PHP 4.0.4 - tidied up some of the code and mainly working on the documentation
2000-12-30 11:58:14 +00:00
// Display account information:
Here we go again with a rather large commit: fixed a lot of annoying bugs and boxed whatever there was left to be boxed. * user.class.php: renamed $user->update() to $user->rehash(). * user.class.php: fixed a typical quote-bug in $user->rehash(). * functions.inc: fixed bug in displayOldHeadlines(). * functions.inc: improved several functions. * account.php: fixed major bug in showUser(). * account.php: added some extra words to the human-readable password-generator(tm). * account.php: boxed ALL functions! Fieuw! * submit.php: add some general information and guidlines on how to post submissions. * config.inc: re-thought the categories to be more generic. * submission.php: minor changes * search.pph: fixed minor bug with the author's names. Woops. I have an exam within 4 hours: back to my books. ;-) -------------------------------------------------------------------- * Anyone could check sumbit.php, sumbission.php and faq.php for typoes? * Anyone could adjust calendar.class.php to fit IE? *huh*huh* * Don't be scared to hack along (see below)! I'll be working on the submissions and comments. -------------------------------------------------------------------- Status of drop v0.10: (make the system erational' and release it.) - submissions: submission queue (75% complete) submission moderation (75% complete) - comments: comment moderation ( 0% complete) comment administration ( 0% complete) fixup timestamp mess ( 0% complete) - user system: mail password ( 0% complete) user administation (50% complete) patch admin.php ( 0% complete) account confirmation ( 0% complete) e-mail confimation upon modification of e-mail address ( 0% complete) - proper handling of forms: text2html, html2text html2txt, txt2html (10% complete) bad-word filter (80% complete) automatic link detection ( 0% complete) allowed HTML-tag checker ( 0% complete) - FAQ: cleanup, disclaimer (50% complete) - theme: box everything (100% complete)
2000-06-20 07:33:17 +00:00
$theme->header();
- updates
2001-02-14 09:32:33 +00:00
if ($block1) $theme->box(strtr(t("%a's user information"), array("%a" => $uname)), $block1);
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
if ($block2) $theme->box(strtr(t("%a has posted %b recently"), array("%a" => $uname, "%b" => format_plural($comments, "comment", "comments"))), $block2);
A batch of preparations for release candidate 2: - expanded documentation (written by Jeroen) - fixed bug in includes/module.inc - fixed bug in modules/backend.class - renamed some of the SQL tables (!) - started making the diary.module truly modular (not finished yet) - renamed "admin_blocks" to "boxes" - added new functionality to "boxes": apart from PHP boxes, you can now create ASCII boxes as well as HTML boxes for those who are not confident with PHP. (requested by stalor) - added drupal-site module to keep track of known drupal sites - added small Perl script to generate encrypted CVS passwords
2001-01-03 21:23:58 +00:00
module_iterate("module", $uname);
Here we go again with a rather large commit: fixed a lot of annoying bugs and boxed whatever there was left to be boxed. * user.class.php: renamed $user->update() to $user->rehash(). * user.class.php: fixed a typical quote-bug in $user->rehash(). * functions.inc: fixed bug in displayOldHeadlines(). * functions.inc: improved several functions. * account.php: fixed major bug in showUser(). * account.php: added some extra words to the human-readable password-generator(tm). * account.php: boxed ALL functions! Fieuw! * submit.php: add some general information and guidlines on how to post submissions. * config.inc: re-thought the categories to be more generic. * submission.php: minor changes * search.pph: fixed minor bug with the author's names. Woops. I have an exam within 4 hours: back to my books. ;-) -------------------------------------------------------------------- * Anyone could check sumbit.php, sumbission.php and faq.php for typoes? * Anyone could adjust calendar.class.php to fit IE? *huh*huh* * Don't be scared to hack along (see below)! I'll be working on the submissions and comments. -------------------------------------------------------------------- Status of drop v0.10: (make the system erational' and release it.) - submissions: submission queue (75% complete) submission moderation (75% complete) - comments: comment moderation ( 0% complete) comment administration ( 0% complete) fixup timestamp mess ( 0% complete) - user system: mail password ( 0% complete) user administation (50% complete) patch admin.php ( 0% complete) account confirmation ( 0% complete) e-mail confimation upon modification of e-mail address ( 0% complete) - proper handling of forms: text2html, html2text html2txt, txt2html (10% complete) bad-word filter (80% complete) automatic link detection ( 0% complete) allowed HTML-tag checker ( 0% complete) - FAQ: cleanup, disclaimer (50% complete) - theme: box everything (100% complete)
2000-06-20 07:33:17 +00:00
$theme->footer();
}
- fixed small typo
2001-01-25 13:33:15 +00:00
else {
- here a bunch of changes to make "drupal" (for now) work with PHP 4.0.4 - tidied up some of the code and mainly working on the documentation
2000-12-30 11:58:14 +00:00
// Display login form:
Here we go again with a rather large commit: fixed a lot of annoying bugs and boxed whatever there was left to be boxed. * user.class.php: renamed $user->update() to $user->rehash(). * user.class.php: fixed a typical quote-bug in $user->rehash(). * functions.inc: fixed bug in displayOldHeadlines(). * functions.inc: improved several functions. * account.php: fixed major bug in showUser(). * account.php: added some extra words to the human-readable password-generator(tm). * account.php: boxed ALL functions! Fieuw! * submit.php: add some general information and guidlines on how to post submissions. * config.inc: re-thought the categories to be more generic. * submission.php: minor changes * search.pph: fixed minor bug with the author's names. Woops. I have an exam within 4 hours: back to my books. ;-) -------------------------------------------------------------------- * Anyone could check sumbit.php, sumbission.php and faq.php for typoes? * Anyone could adjust calendar.class.php to fit IE? *huh*huh* * Don't be scared to hack along (see below)! I'll be working on the submissions and comments. -------------------------------------------------------------------- Status of drop v0.10: (make the system erational' and release it.) - submissions: submission queue (75% complete) submission moderation (75% complete) - comments: comment moderation ( 0% complete) comment administration ( 0% complete) fixup timestamp mess ( 0% complete) - user system: mail password ( 0% complete) user administation (50% complete) patch admin.php ( 0% complete) account confirmation ( 0% complete) e-mail confimation upon modification of e-mail address ( 0% complete) - proper handling of forms: text2html, html2text html2txt, txt2html (10% complete) bad-word filter (80% complete) automatic link detection ( 0% complete) allowed HTML-tag checker ( 0% complete) - FAQ: cleanup, disclaimer (50% complete) - theme: box everything (100% complete)
2000-06-20 07:33:17 +00:00
$theme->header();
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$theme->box(t("Create user account"), account_create());
$theme->box(t("E-mail new password"), account_email());
Here we go again with a rather large commit: fixed a lot of annoying bugs and boxed whatever there was left to be boxed. * user.class.php: renamed $user->update() to $user->rehash(). * user.class.php: fixed a typical quote-bug in $user->rehash(). * functions.inc: fixed bug in displayOldHeadlines(). * functions.inc: improved several functions. * account.php: fixed major bug in showUser(). * account.php: added some extra words to the human-readable password-generator(tm). * account.php: boxed ALL functions! Fieuw! * submit.php: add some general information and guidlines on how to post submissions. * config.inc: re-thought the categories to be more generic. * submission.php: minor changes * search.pph: fixed minor bug with the author's names. Woops. I have an exam within 4 hours: back to my books. ;-) -------------------------------------------------------------------- * Anyone could check sumbit.php, sumbission.php and faq.php for typoes? * Anyone could adjust calendar.class.php to fit IE? *huh*huh* * Don't be scared to hack along (see below)! I'll be working on the submissions and comments. -------------------------------------------------------------------- Status of drop v0.10: (make the system erational' and release it.) - submissions: submission queue (75% complete) submission moderation (75% complete) - comments: comment moderation ( 0% complete) comment administration ( 0% complete) fixup timestamp mess ( 0% complete) - user system: mail password ( 0% complete) user administation (50% complete) patch admin.php ( 0% complete) account confirmation ( 0% complete) e-mail confimation upon modification of e-mail address ( 0% complete) - proper handling of forms: text2html, html2text html2txt, txt2html (10% complete) bad-word filter (80% complete) automatic link detection ( 0% complete) allowed HTML-tag checker ( 0% complete) - FAQ: cleanup, disclaimer (50% complete) - theme: box everything (100% complete)
2000-06-20 07:33:17 +00:00
$theme->footer();
Imported sources
2000-05-18 19:52:00 +00:00
}
}
Here we go again with a rather large commit: fixed a lot of annoying bugs and boxed whatever there was left to be boxed. * user.class.php: renamed $user->update() to $user->rehash(). * user.class.php: fixed a typical quote-bug in $user->rehash(). * functions.inc: fixed bug in displayOldHeadlines(). * functions.inc: improved several functions. * account.php: fixed major bug in showUser(). * account.php: added some extra words to the human-readable password-generator(tm). * account.php: boxed ALL functions! Fieuw! * submit.php: add some general information and guidlines on how to post submissions. * config.inc: re-thought the categories to be more generic. * submission.php: minor changes * search.pph: fixed minor bug with the author's names. Woops. I have an exam within 4 hours: back to my books. ;-) -------------------------------------------------------------------- * Anyone could check sumbit.php, sumbission.php and faq.php for typoes? * Anyone could adjust calendar.class.php to fit IE? *huh*huh* * Don't be scared to hack along (see below)! I'll be working on the submissions and comments. -------------------------------------------------------------------- Status of drop v0.10: (make the system erational' and release it.) - submissions: submission queue (75% complete) submission moderation (75% complete) - comments: comment moderation ( 0% complete) comment administration ( 0% complete) fixup timestamp mess ( 0% complete) - user system: mail password ( 0% complete) user administation (50% complete) patch admin.php ( 0% complete) account confirmation ( 0% complete) e-mail confimation upon modification of e-mail address ( 0% complete) - proper handling of forms: text2html, html2text html2txt, txt2html (10% complete) bad-word filter (80% complete) automatic link detection ( 0% complete) allowed HTML-tag checker ( 0% complete) - FAQ: cleanup, disclaimer (50% complete) - theme: box everything (100% complete)
2000-06-20 07:33:17 +00:00
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
function account_validate($user) {
- Fixed bug in account.php. - Updated the documentation (again): I spent most of the day writing documentation which might well be considered plain boring.
2000-12-30 21:13:54 +00:00
global $type2index;
- here a bunch of changes to make "drupal" (for now) work with PHP 4.0.4 - tidied up some of the code and mainly working on the documentation
2000-12-30 11:58:14 +00:00
// Verify username and e-mail address:
- More updates on the translation support
2001-02-17 12:59:24 +00:00
if (empty($user[real_email]) || (!eregi("^[_\.0-9a-z-]+@([0-9a-z][0-9a-z-]+\.)+[a-z]{2,3}$", $user[real_email]))) $error = t("the specified e-mail address is not valid");
if (empty($user[userid]) || (ereg("[^a-zA-Z0-9_-]", $user[userid]))) $error = t("the specified username is not valid");
if (strlen($user[userid]) > 15) $error = t("the specified username is too long: it must be less than 15 characters");
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
- here a bunch of changes to make "drupal" (for now) work with PHP 4.0.4 - tidied up some of the code and mainly working on the documentation
2000-12-30 11:58:14 +00:00
// Check to see whether the username or e-mail address are banned:
- More updates on the translation support
2001-02-17 12:59:24 +00:00
if ($ban = ban_match($user[userid], $type2index[usernames])) $error = t("the specified username is banned") .": <I>$ban->reason</I>";
- removed one redundant "."
2001-02-22 16:46:01 +00:00
if ($ban = ban_match($user[real_email], $type2index[addresses])) $error = t("the specified e-mail address is banned") .": <I>$ban->reason</I>";
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
- here a bunch of changes to make "drupal" (for now) work with PHP 4.0.4 - tidied up some of the code and mainly working on the documentation
2000-12-30 11:58:14 +00:00
// Verify whether username and e-mail address are unique:
- More updates on the translation support
2001-02-17 12:59:24 +00:00
if (db_num_rows(db_query("SELECT userid FROM users WHERE LOWER(userid) = LOWER('$user[userid]')")) > 0) $error = t("the specified username is already taken");
A rather large and important update: revised most of the SQL queries and tried to make drupal as secure as possible (while trying to avoid redundant/duplicate checks). For drupal's sake, try to screw something up. See the mail about PHPNuke being hacked appr. 6 days ago. The one who finds a problem is rewarded a beer (and I'm willing to ship it to Norway if required). I beg you to be evil. Try dumping a table a la "http://localhost/index.php?date=77778;DROP TABLE users" or something. ;)
2001-03-07 21:29:40 +00:00
if (db_num_rows(db_query("SELECT real_email FROM users WHERE LOWER(real_email) = LOWER('$user[real_email]')")) > 0) $error = t("the specified e-mail address is already in use by another account");
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
return $error;
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
}
amdin.php: - fixed bug in story section account.php: - removed death code, clean-up, reorganization - added "lost password?" functionality faq.php: - clean-up watchdog.inc: - improvements - end of input-limit test period error.php: - improvements, still crappy layout though
2000-11-20 10:27:35 +00:00
function account_email_submit($userid, $email) {
- fixed small typo
2001-01-25 13:33:15 +00:00
global $theme, $site_name, $site_url;
* fixed theme bug reported by Philippe Verbeeck.
2000-09-11 13:09:06 +00:00
A rather large and important update: revised most of the SQL queries and tried to make drupal as secure as possible (while trying to avoid redundant/duplicate checks). For drupal's sake, try to screw something up. See the mail about PHPNuke being hacked appr. 6 days ago. The one who finds a problem is rewarded a beer (and I'm willing to ship it to Norway if required). I beg you to be evil. Try dumping a table a la "http://localhost/index.php?date=77778;DROP TABLE users" or something. ;)
2001-03-07 21:29:40 +00:00
$result = db_query("SELECT id FROM users WHERE userid = '$userid' AND real_email = '$email'");
- fixed small typo
2001-01-25 13:33:15 +00:00
amdin.php: - fixed bug in story section account.php: - removed death code, clean-up, reorganization - added "lost password?" functionality faq.php: - clean-up watchdog.inc: - improvements - end of input-limit test period error.php: - improvements, still crappy layout though
2000-11-20 10:27:35 +00:00
if ($account = db_fetch_object($result)) {
- Redid most of account.php and fixed quite some bugs! Check out your new user account stuff and give me some feedback.
2000-11-25 12:56:04 +00:00
$passwd = account_password();
$hash = substr(md5("$userid. ". time() .""), 0, 12);
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$status = 1;
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
- Redid most of account.php and fixed quite some bugs! Check out your new user account stuff and give me some feedback.
2000-11-25 12:56:04 +00:00
db_query("UPDATE users SET passwd = PASSWORD('$passwd'), hash = '$hash', status = '$status' WHERE userid = '$userid'");
amdin.php: - fixed bug in story section account.php: - removed death code, clean-up, reorganization - added "lost password?" functionality faq.php: - clean-up watchdog.inc: - improvements - end of input-limit test period error.php: - improvements, still crappy layout though
2000-11-20 10:27:35 +00:00
- Redid most of account.php and fixed quite some bugs! Check out your new user account stuff and give me some feedback.
2000-11-25 12:56:04 +00:00
$link = $site_url ."account.php?op=confirm&name=$userid&hash=$hash";
- updates
2001-02-14 09:32:33 +00:00
$subject = strtr(t("Account details for %a"), array("%a" => $site_name));
$message = strtr(t("%a,\n\n\nyou requested us to e-mail you a new password for your account at %b. You will need to re-confirm your account or you will not be able to login. To confirm your account updates visit the URL below:\n\n %c\n\nOnce confirmed you can login using the following username and password:\n\n username: %a\n password: %d\n\n\n-- %b team"), array("%a" => $userid, "%b" => $site_name, "%c" => $link, "%d" => $passwd));
amdin.php: - fixed bug in story section account.php: - removed death code, clean-up, reorganization - added "lost password?" functionality faq.php: - clean-up watchdog.inc: - improvements - end of input-limit test period error.php: - improvements, still crappy layout though
2000-11-20 10:27:35 +00:00
watchdog("message", "new password: `$userid' &lt;$email&gt;");
- updates
2001-02-14 09:32:33 +00:00
mail($email, $subject, $message, "From: noreply");
amdin.php: - fixed bug in story section account.php: - removed death code, clean-up, reorganization - added "lost password?" functionality faq.php: - clean-up watchdog.inc: - improvements - end of input-limit test period error.php: - improvements, still crappy layout though
2000-11-20 10:27:35 +00:00
- fixed small translation glitch in format_interval - added a couple of missing t() functions - improved the comments module, fixed the score problem Jeroen reported earlier -> it's slicker but I hope it won't break anything
2001-03-01 21:34:09 +00:00
$output = t("Your password and further instructions have been sent to your e-mail address.");
amdin.php: - fixed bug in story section account.php: - removed death code, clean-up, reorganization - added "lost password?" functionality faq.php: - clean-up watchdog.inc: - improvements - end of input-limit test period error.php: - improvements, still crappy layout though
2000-11-20 10:27:35 +00:00
}
else {
watchdog("warning", "new password: '$userid' and &lt;$email&gt; do not match");
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$output = t("Could not sent password: no match for the specified username and e-mail address.");
amdin.php: - fixed bug in story section account.php: - removed death code, clean-up, reorganization - added "lost password?" functionality faq.php: - clean-up watchdog.inc: - improvements - end of input-limit test period error.php: - improvements, still crappy layout though
2000-11-20 10:27:35 +00:00
}
Here we go again with a rather large commit: fixed a lot of annoying bugs and boxed whatever there was left to be boxed. * user.class.php: renamed $user->update() to $user->rehash(). * user.class.php: fixed a typical quote-bug in $user->rehash(). * functions.inc: fixed bug in displayOldHeadlines(). * functions.inc: improved several functions. * account.php: fixed major bug in showUser(). * account.php: added some extra words to the human-readable password-generator(tm). * account.php: boxed ALL functions! Fieuw! * submit.php: add some general information and guidlines on how to post submissions. * config.inc: re-thought the categories to be more generic. * submission.php: minor changes * search.pph: fixed minor bug with the author's names. Woops. I have an exam within 4 hours: back to my books. ;-) -------------------------------------------------------------------- * Anyone could check sumbit.php, sumbission.php and faq.php for typoes? * Anyone could adjust calendar.class.php to fit IE? *huh*huh* * Don't be scared to hack along (see below)! I'll be working on the submissions and comments. -------------------------------------------------------------------- Status of drop v0.10: (make the system erational' and release it.) - submissions: submission queue (75% complete) submission moderation (75% complete) - comments: comment moderation ( 0% complete) comment administration ( 0% complete) fixup timestamp mess ( 0% complete) - user system: mail password ( 0% complete) user administation (50% complete) patch admin.php ( 0% complete) account confirmation ( 0% complete) e-mail confimation upon modification of e-mail address ( 0% complete) - proper handling of forms: text2html, html2text html2txt, txt2html (10% complete) bad-word filter (80% complete) automatic link detection ( 0% complete) allowed HTML-tag checker ( 0% complete) - FAQ: cleanup, disclaimer (50% complete) - theme: box everything (100% complete)
2000-06-20 07:33:17 +00:00
Imported sources
2000-05-18 19:52:00 +00:00
$theme->header();
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$theme->box(t("E-mail new password"), $output);
Imported sources
2000-05-18 19:52:00 +00:00
$theme->footer();
}
Here we go again with a rather large commit: fixed a lot of annoying bugs and boxed whatever there was left to be boxed. * user.class.php: renamed $user->update() to $user->rehash(). * user.class.php: fixed a typical quote-bug in $user->rehash(). * functions.inc: fixed bug in displayOldHeadlines(). * functions.inc: improved several functions. * account.php: fixed major bug in showUser(). * account.php: added some extra words to the human-readable password-generator(tm). * account.php: boxed ALL functions! Fieuw! * submit.php: add some general information and guidlines on how to post submissions. * config.inc: re-thought the categories to be more generic. * submission.php: minor changes * search.pph: fixed minor bug with the author's names. Woops. I have an exam within 4 hours: back to my books. ;-) -------------------------------------------------------------------- * Anyone could check sumbit.php, sumbission.php and faq.php for typoes? * Anyone could adjust calendar.class.php to fit IE? *huh*huh* * Don't be scared to hack along (see below)! I'll be working on the submissions and comments. -------------------------------------------------------------------- Status of drop v0.10: (make the system erational' and release it.) - submissions: submission queue (75% complete) submission moderation (75% complete) - comments: comment moderation ( 0% complete) comment administration ( 0% complete) fixup timestamp mess ( 0% complete) - user system: mail password ( 0% complete) user administation (50% complete) patch admin.php ( 0% complete) account confirmation ( 0% complete) e-mail confimation upon modification of e-mail address ( 0% complete) - proper handling of forms: text2html, html2text html2txt, txt2html (10% complete) bad-word filter (80% complete) automatic link detection ( 0% complete) allowed HTML-tag checker ( 0% complete) - FAQ: cleanup, disclaimer (50% complete) - theme: box everything (100% complete)
2000-06-20 07:33:17 +00:00
amdin.php: - fixed bug in story section account.php: - removed death code, clean-up, reorganization - added "lost password?" functionality faq.php: - clean-up watchdog.inc: - improvements - end of input-limit test period error.php: - improvements, still crappy layout though
2000-11-20 10:27:35 +00:00
function account_create_submit($userid, $email) {
global $theme, $site_name, $site_url;
- fixed small typo
2001-01-25 13:33:15 +00:00
- fixed PHP4.0.4 problem in discussion.php. - some improvements to account.php and theme.inc. - updated the documentation (again, again and again) - added INSTALL file - removed redundant files
2000-12-31 08:24:16 +00:00
$new[userid] = trim($userid);
$new[real_email] = trim($email);
- fixed small typo
2001-01-25 13:33:15 +00:00
if ($error = account_validate($new)) {
amdin.php: - fixed bug in story section account.php: - removed death code, clean-up, reorganization - added "lost password?" functionality faq.php: - clean-up watchdog.inc: - improvements - end of input-limit test period error.php: - improvements, still crappy layout though
2000-11-20 10:27:35 +00:00
$theme->header();
- locale module: added documentation (first draft) - locale module: improved administration interface - headline module: fixed small visual glitch in export function - account: small improvements
2001-02-21 08:25:21 +00:00
$theme->box(t("Create user account"), account_create($error));
amdin.php: - fixed bug in story section account.php: - removed death code, clean-up, reorganization - added "lost password?" functionality faq.php: - clean-up watchdog.inc: - improvements - end of input-limit test period error.php: - improvements, still crappy layout though
2000-11-20 10:27:35 +00:00
$theme->footer();
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
}
else {
$new[passwd] = account_password();
- added fine-grained user permission system which allows us to give certain users access to specific administration sections only. Ex. a FAQ maintainer can only edit the FAQ, and members of an "editorial board" can only edit comments, diaries and stories, .. - code review => rewrote include/user.inc which is much easier now - fixed 4 small bugs
2001-02-18 15:14:56 +00:00
$new[hash] = substr(md5("$new[userid]. ". time()), 0, 12);
* Implemented ban-capabilities, a first step towards an admin-friendly user system: - you can add and remove wild-carded e-mails from the banlist. - you can add and remove wild-carded hostnames from the banlist. - you can add and remove wild-carded usernames from the banlist. - you can add and remove wild-carded profanity from the banlist. - you can browse all bans according to their category: see ban.php.
2000-06-10 18:58:41 +00:00
- added fine-grained user permission system which allows us to give certain users access to specific administration sections only. Ex. a FAQ maintainer can only edit the FAQ, and members of an "editorial board" can only edit comments, diaries and stories, .. - code review => rewrote include/user.inc which is much easier now - fixed 4 small bugs
2001-02-18 15:14:56 +00:00
$user = user_save("", array("userid" => $new[userid], "real_email" => $new[real_email], "passwd" => $new[passwd], "status" => 1, "hash" => $new[hash]));
Imported sources
2000-05-18 19:52:00 +00:00
Another batch with a lot of internal updates, yet no visual changes to the site: - watchdog (rewrite): + the collected information provides more details and insights for post-mortem research + input limitation - database abstraction layer: + mysql errors are now verbose and is no longer displayed in a browser - fixes a possible security risk - admin.php: + updated watchdog page + fixed security flaw - diary.php: + fixed nl2br problem - themes: + fixed comment bug in all 3 themes. - misc: + renamed some global variables for sake of consistency: $sitename --> $site_name $siteurl --> $site_url + added input check where (a) exploitable and (b) possible + added input size check + various small improvements + fixed various typoes ... and much, much more in fact.
2000-11-13 08:17:45 +00:00
$link = $site_url ."account.php?op=confirm&name=$new[userid]&hash=$new[hash]";
- updates
2001-02-14 09:32:33 +00:00
$subject = strtr(t("Account details for %a"), array("%a" => $site_name));
$message = strtr(t("%a,\n\n\nsomeone signed up for a user account on %b and supplied this e-mail address as their contact. If it wasn't you, don't get your panties in a knot and simply ignore this mail. If this was you, you will have to confirm your account first or you will not be able to login. To confirm your account visit the URL below:\n\n %c\n\nOnce confirmed you can login using the following username and password:\n\n username: %a\n password: %d\n\n\n-- %b team\n"), array("%a" => $new[userid], "%b" => $site_name, "%c" => $link, "%d" => $new[passwd]));
A bunch of internal changes: - better organisation of include files - renamed a few function to make more sense - small bugfix in the user account registration - ...
2000-10-21 13:59:27 +00:00
amdin.php: - fixed bug in story section account.php: - removed death code, clean-up, reorganization - added "lost password?" functionality faq.php: - clean-up watchdog.inc: - improvements - end of input-limit test period error.php: - improvements, still crappy layout though
2000-11-20 10:27:35 +00:00
watchdog("message", "new account: `$new[userid]' &lt;$new[real_email]&gt;");
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
- updates
2001-02-14 09:32:33 +00:00
mail($new[real_email], $subject, $message, "From: noreply");
* Update: improved error checking/handling.
2000-07-02 15:00:42 +00:00
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
$theme->header();
- updates
2001-02-14 09:32:33 +00:00
$theme->box(t("Create user account"), t("Congratulations! Your member account has been successfully created and further instructions on how to confirm your account have been sent to your e-mail address. You have to confirm your account first or you will not be able to login."));
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
$theme->footer();
}
}
amdin.php: - fixed bug in story section account.php: - removed death code, clean-up, reorganization - added "lost password?" functionality faq.php: - clean-up watchdog.inc: - improvements - end of input-limit test period error.php: - improvements, still crappy layout though
2000-11-20 10:27:35 +00:00
function account_create_confirm($name, $hash) {
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
global $theme;
$result = db_query("SELECT userid, hash, status FROM users WHERE userid = '$name'");
if ($account = db_fetch_object($result)) {
if ($account->status == 1) {
if ($account->hash == $hash) {
A rather large and important update: revised most of the SQL queries and tried to make drupal as secure as possible (while trying to avoid redundant/duplicate checks). For drupal's sake, try to screw something up. See the mail about PHPNuke being hacked appr. 6 days ago. The one who finds a problem is rewarded a beer (and I'm willing to ship it to Norway if required). I beg you to be evil. Try dumping a table a la "http://localhost/index.php?date=77778;DROP TABLE users" or something. ;)
2001-03-07 21:29:40 +00:00
db_query("UPDATE users SET status = '2', hash = '' WHERE userid = '$name'");
- fixed small translation glitch in format_interval - added a couple of missing t() functions - improved the comments module, fixed the score problem Jeroen reported earlier -> it's slicker but I hope it won't break anything
2001-03-01 21:34:09 +00:00
$output = t("Your account has been successfully confirmed.");
- fixed small bug in account.php - added documentation
2000-12-30 16:35:41 +00:00
watchdog("message", "$name: account confirmation successful");
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
}
else {
- fixed small translation glitch in format_interval - added a couple of missing t() functions - improved the comments module, fixed the score problem Jeroen reported earlier -> it's slicker but I hope it won't break anything
2001-03-01 21:34:09 +00:00
$output = t("Confirmation failed: invalid confirmation hash.");
amdin.php: - fixed bug in story section account.php: - removed death code, clean-up, reorganization - added "lost password?" functionality faq.php: - clean-up watchdog.inc: - improvements - end of input-limit test period error.php: - improvements, still crappy layout though
2000-11-20 10:27:35 +00:00
watchdog("warning", "$name: invalid confirmation hash");
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
}
}
else {
- fixed small translation glitch in format_interval - added a couple of missing t() functions - improved the comments module, fixed the score problem Jeroen reported earlier -> it's slicker but I hope it won't break anything
2001-03-01 21:34:09 +00:00
$output = t("Confirmation failed: your account has already been confirmed.");
amdin.php: - fixed bug in story section account.php: - removed death code, clean-up, reorganization - added "lost password?" functionality faq.php: - clean-up watchdog.inc: - improvements - end of input-limit test period error.php: - improvements, still crappy layout though
2000-11-20 10:27:35 +00:00
watchdog("warning", "$name: attempt to re-confirm account");
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
}
}
else {
- fixed small translation glitch in format_interval - added a couple of missing t() functions - improved the comments module, fixed the score problem Jeroen reported earlier -> it's slicker but I hope it won't break anything
2001-03-01 21:34:09 +00:00
$output = t("Confirmation failed: non-existing account.");
amdin.php: - fixed bug in story section account.php: - removed death code, clean-up, reorganization - added "lost password?" functionality faq.php: - clean-up watchdog.inc: - improvements - end of input-limit test period error.php: - improvements, still crappy layout though
2000-11-20 10:27:35 +00:00
watchdog("warning", "$name: attempt to confirm non-existing account");
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
}
$theme->header();
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$theme->box(t("Create user account"), $output);
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
$theme->footer();
Imported sources
2000-05-18 19:52:00 +00:00
}
Here we go again with a rather large commit: fixed a lot of annoying bugs and boxed whatever there was left to be boxed. * user.class.php: renamed $user->update() to $user->rehash(). * user.class.php: fixed a typical quote-bug in $user->rehash(). * functions.inc: fixed bug in displayOldHeadlines(). * functions.inc: improved several functions. * account.php: fixed major bug in showUser(). * account.php: added some extra words to the human-readable password-generator(tm). * account.php: boxed ALL functions! Fieuw! * submit.php: add some general information and guidlines on how to post submissions. * config.inc: re-thought the categories to be more generic. * submission.php: minor changes * search.pph: fixed minor bug with the author's names. Woops. I have an exam within 4 hours: back to my books. ;-) -------------------------------------------------------------------- * Anyone could check sumbit.php, sumbission.php and faq.php for typoes? * Anyone could adjust calendar.class.php to fit IE? *huh*huh* * Don't be scared to hack along (see below)! I'll be working on the submissions and comments. -------------------------------------------------------------------- Status of drop v0.10: (make the system erational' and release it.) - submissions: submission queue (75% complete) submission moderation (75% complete) - comments: comment moderation ( 0% complete) comment administration ( 0% complete) fixup timestamp mess ( 0% complete) - user system: mail password ( 0% complete) user administation (50% complete) patch admin.php ( 0% complete) account confirmation ( 0% complete) e-mail confimation upon modification of e-mail address ( 0% complete) - proper handling of forms: text2html, html2text html2txt, txt2html (10% complete) bad-word filter (80% complete) automatic link detection ( 0% complete) allowed HTML-tag checker ( 0% complete) - FAQ: cleanup, disclaimer (50% complete) - theme: box everything (100% complete)
2000-06-20 07:33:17 +00:00
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
function account_password($min_length=6) {
Hopefully this will not break anything *prays* ;)
2000-06-02 18:36:14 +00:00
mt_srand((double)microtime() * 1000000);
* Update: improved error checking/handling.
2000-07-02 15:00:42 +00:00
$words = array("foo","bar","guy","neo","tux","moo","sun","asm","dot","god","axe","geek","nerd","fish","hack","star","mice","warp","moon","hero","cola","girl","fish","java","perl","boss","dark","sith","jedi","drop","mojo");
* Implemented ban-capabilities, a first step towards an admin-friendly user system: - you can add and remove wild-carded e-mails from the banlist. - you can add and remove wild-carded hostnames from the banlist. - you can add and remove wild-carded usernames from the banlist. - you can add and remove wild-carded profanity from the banlist. - you can browse all bans according to their category: see ban.php.
2000-06-10 18:58:41 +00:00
while(strlen($password) < $min_length) $password .= $words[mt_rand(0, count($words))];
Hopefully this will not break anything *prays* ;)
2000-06-02 18:36:14 +00:00
return $password;
Imported sources
2000-05-18 19:52:00 +00:00
}
- Redid most of account.php and fixed quite some bugs! Check out your new user account stuff and give me some feedback.
2000-11-25 12:56:04 +00:00
function account_track_comments() {
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
global $theme, $user;
A really BIG, BIG UPDATE, after two straight days of nothing but code and sleep, new stuff is finally in drop.org. This is a quite large and wide-ranging update, which affects almost all of the system files in one way or another. I fixed quite a lot of bugs and added quite a lot of new features, mostly administrative tools as these were really lacking. It's far from finished but it's a start ...
2000-09-04 16:14:46 +00:00
A rather large and important update: revised most of the SQL queries and tried to make drupal as secure as possible (while trying to avoid redundant/duplicate checks). For drupal's sake, try to screw something up. See the mail about PHPNuke being hacked appr. 6 days ago. The one who finds a problem is rewarded a beer (and I'm willing to ship it to Norway if required). I beg you to be evil. Try dumping a table a la "http://localhost/index.php?date=77778;DROP TABLE users" or something. ;)
2001-03-07 21:29:40 +00:00
$sresult = db_query("SELECT s.id, s.subject, COUNT(s.id) AS count FROM comments c LEFT JOIN stories s ON c.lid = s.id WHERE c.author = '$user->id' GROUP BY s.id DESC LIMIT 5");
- fixed small typo
2001-01-25 13:33:15 +00:00
A really BIG, BIG UPDATE, after two straight days of nothing but code and sleep, new stuff is finally in drop.org. This is a quite large and wide-ranging update, which affects almost all of the system files in one way or another. I fixed quite a lot of bugs and added quite a lot of new features, mostly administrative tools as these were really lacking. It's far from finished but it's a start ...
2000-09-04 16:14:46 +00:00
while ($story = db_fetch_object($sresult)) {
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$output .= "<LI>". format_plural($story->count, "comment", "comments") ." ". t("attached to story") ." `<A HREF=\"story.php?id=$story->id\">". check_output($story->subject) ."</A>`:</LI>\n";
A really BIG, BIG UPDATE, after two straight days of nothing but code and sleep, new stuff is finally in drop.org. This is a quite large and wide-ranging update, which affects almost all of the system files in one way or another. I fixed quite a lot of bugs and added quite a lot of new features, mostly administrative tools as these were really lacking. It's far from finished but it's a start ...
2000-09-04 16:14:46 +00:00
$output .= " <UL>\n";
- fixed small typo
2001-01-25 13:33:15 +00:00
A rather large and important update: revised most of the SQL queries and tried to make drupal as secure as possible (while trying to avoid redundant/duplicate checks). For drupal's sake, try to screw something up. See the mail about PHPNuke being hacked appr. 6 days ago. The one who finds a problem is rewarded a beer (and I'm willing to ship it to Norway if required). I beg you to be evil. Try dumping a table a la "http://localhost/index.php?date=77778;DROP TABLE users" or something. ;)
2001-03-07 21:29:40 +00:00
$cresult = db_query("SELECT * FROM comments WHERE author = '$user->id' AND lid = '$story->id'");
A really BIG, BIG UPDATE, after two straight days of nothing but code and sleep, new stuff is finally in drop.org. This is a quite large and wide-ranging update, which affects almost all of the system files in one way or another. I fixed quite a lot of bugs and added quite a lot of new features, mostly administrative tools as these were really lacking. It's far from finished but it's a start ...
2000-09-04 16:14:46 +00:00
while ($comment = db_fetch_object($cresult)) {
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$output .= " <LI><A HREF=\"story.php?id=$story->id&cid=$comment->cid&pid=$comment->pid#$comment->cid\">". check_output($comment->subject) ."</A> - ". t("replies") .": ". comment_num_replies($comment->cid) ." - ". t("score") .": ". comment_score($comment) ."</LI>\n";
A really BIG, BIG UPDATE, after two straight days of nothing but code and sleep, new stuff is finally in drop.org. This is a quite large and wide-ranging update, which affects almost all of the system files in one way or another. I fixed quite a lot of bugs and added quite a lot of new features, mostly administrative tools as these were really lacking. It's far from finished but it's a start ...
2000-09-04 16:14:46 +00:00
}
$output .= " </UL>\n";
}
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
$theme->header();
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$theme->box(t("Track your comments"), ($output ? $output : t("You have not posted any comments recently.")));
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
$theme->footer();
A really BIG, BIG UPDATE, after two straight days of nothing but code and sleep, new stuff is finally in drop.org. This is a quite large and wide-ranging update, which affects almost all of the system files in one way or another. I fixed quite a lot of bugs and added quite a lot of new features, mostly administrative tools as these were really lacking. It's far from finished but it's a start ...
2000-09-04 16:14:46 +00:00
}
- Redid most of account.php and fixed quite some bugs! Check out your new user account stuff and give me some feedback.
2000-11-25 12:56:04 +00:00
function account_track_stories() {
global $theme, $user;
A rather large and important update: revised most of the SQL queries and tried to make drupal as secure as possible (while trying to avoid redundant/duplicate checks). For drupal's sake, try to screw something up. See the mail about PHPNuke being hacked appr. 6 days ago. The one who finds a problem is rewarded a beer (and I'm willing to ship it to Norway if required). I beg you to be evil. Try dumping a table a la "http://localhost/index.php?date=77778;DROP TABLE users" or something. ;)
2001-03-07 21:29:40 +00:00
$result = db_query("SELECT s.id, s.subject, s.timestamp, s.section, COUNT(c.cid) AS count FROM stories s LEFT JOIN comments c ON c.lid = s.id WHERE s.status = '2' AND s.author = '$user->id' GROUP BY s.id DESC");
- fixed small typo
2001-01-25 13:33:15 +00:00
- Redid most of account.php and fixed quite some bugs! Check out your new user account stuff and give me some feedback.
2000-11-25 12:56:04 +00:00
while ($story = db_fetch_object($result)) {
$output .= "<TABLE BORDER=\"0\" CELLPADDING=\"1\" CELLSPACING=\"1\">\n";
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$output .= " <TR><TD ALIGN=\"right\"><B>". t("Subject") .":</B></TD><TD><A HREF=\"story.php?id=$story->id\">". check_output($story->subject) ."</A> (". format_plural($story->count, "comment", "comments") .")</TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\"><B>". t("Section") .":</B></TD><TD><A HREF=\"search.php?section=". urlencode($story->section) ."\">". check_output($story->section) ."</A></TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\"><B>". t("Date") .":</B></TD><TD>". format_date($story->timestamp) ."</TD></TR>\n";
- Redid most of account.php and fixed quite some bugs! Check out your new user account stuff and give me some feedback.
2000-11-25 12:56:04 +00:00
$output .= "</TABLE>\n";
$output .= "<P>\n";
}
$theme->header();
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$theme->box(t("Track your stories"), ($output ? $output : t("You have not posted any stories.")));
- Redid most of account.php and fixed quite some bugs! Check out your new user account stuff and give me some feedback.
2000-11-25 12:56:04 +00:00
$theme->footer();
}
function account_track_site() {
global $theme, $user, $site_name;
- a 2nd batch of various updates
2001-02-10 14:36:49 +00:00
$period = 259200; // 3 days
- Redid most of account.php and fixed quite some bugs! Check out your new user account stuff and give me some feedback.
2000-11-25 12:56:04 +00:00
A rather large and important update: revised most of the SQL queries and tried to make drupal as secure as possible (while trying to avoid redundant/duplicate checks). For drupal's sake, try to screw something up. See the mail about PHPNuke being hacked appr. 6 days ago. The one who finds a problem is rewarded a beer (and I'm willing to ship it to Norway if required). I beg you to be evil. Try dumping a table a la "http://localhost/index.php?date=77778;DROP TABLE users" or something. ;)
2001-03-07 21:29:40 +00:00
$sresult = db_query("SELECT s.subject, s.id, COUNT(c.lid) AS count FROM comments c LEFT JOIN stories s ON c.lid = s.id WHERE s.status = '2' AND c.link = 'story' AND ". time() ." - c.timestamp < $period GROUP BY c.lid ORDER BY s.timestamp DESC LIMIT 10");
- a 2nd batch of various updates
2001-02-10 14:36:49 +00:00
while ($story = db_fetch_object($sresult)) {
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$output .= "<LI>". format_plural($story->count, "comment", "comments") ." ". t("attached to story") ." '<A HREF=\"story.php?id=$story->id\">". check_output($story->subject) ."</A>':</LI>";
- fixed small typo
2001-01-25 13:33:15 +00:00
A rather large and important update: revised most of the SQL queries and tried to make drupal as secure as possible (while trying to avoid redundant/duplicate checks). For drupal's sake, try to screw something up. See the mail about PHPNuke being hacked appr. 6 days ago. The one who finds a problem is rewarded a beer (and I'm willing to ship it to Norway if required). I beg you to be evil. Try dumping a table a la "http://localhost/index.php?date=77778;DROP TABLE users" or something. ;)
2001-03-07 21:29:40 +00:00
$cresult = db_query("SELECT c.subject, c.cid, c.pid, u.userid FROM comments c LEFT JOIN users u ON u.id = c.author WHERE c.lid = '$story->id' AND c.link = 'story' ORDER BY timestamp DESC LIMIT $story->count");
- a 2nd batch of various updates
2001-02-10 14:36:49 +00:00
$output .= "<UL>\n";
while ($comment = db_fetch_object($cresult)) {
- initial import of the preliminary translation code. - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
2001-02-12 20:40:43 +00:00
$output .= " <LI>'<A HREF=\"story.php?id=$story->id&cid=$comment->cid&pid=$comment->pid#$comment->cid\">". check_output($comment->subject) ."</A>' ". t("by") ." ". format_username($comment->userid) ."</LI>\n";
- a 2nd batch of various updates
2001-02-10 14:36:49 +00:00
}
$output .= "</UL>\n";
}
- Redid most of account.php and fixed quite some bugs! Check out your new user account stuff and give me some feedback.
2000-11-25 12:56:04 +00:00
- small updates
2001-02-10 17:54:51 +00:00
$theme->header();
- More updates on the translation support
2001-02-17 12:59:24 +00:00
$theme->box(strtr(t("Track %a"), array("%a" => $site_name)), ($output ? $output : t("No comments or stories posted recently.")));
- Redid most of account.php and fixed quite some bugs! Check out your new user account stuff and give me some feedback.
2000-11-25 12:56:04 +00:00
$theme->footer();
}
- here a bunch of changes to make "drupal" (for now) work with PHP 4.0.4 - tidied up some of the code and mainly working on the documentation
2000-12-30 11:58:14 +00:00
// Security check:
Another batch with a lot of internal updates, yet no visual changes to the site: - watchdog (rewrite): + the collected information provides more details and insights for post-mortem research + input limitation - database abstraction layer: + mysql errors are now verbose and is no longer displayed in a browser - fixes a possible security risk - admin.php: + updated watchdog page + fixed security flaw - diary.php: + fixed nl2br problem - themes: + fixed comment bug in all 3 themes. - misc: + renamed some global variables for sake of consistency: $sitename --> $site_name $siteurl --> $site_url + added input check where (a) exploitable and (b) possible + added input size check + various small improvements + fixed various typoes ... and much, much more in fact.
2000-11-13 08:17:45 +00:00
if (strstr($name, " ") || strstr($hash, " ")) {
watchdog("error", "account: attempt to provide malicious input through URI");
exit();
}
Blah. Didnt save this one before commiting the last fix. Some day I will get this right.
2000-06-02 21:28:27 +00:00
switch ($op) {
- More updates on the translation support
2001-02-17 12:59:24 +00:00
case t("E-mail new password"):
A rather large and important update: revised most of the SQL queries and tried to make drupal as secure as possible (while trying to avoid redundant/duplicate checks). For drupal's sake, try to screw something up. See the mail about PHPNuke being hacked appr. 6 days ago. The one who finds a problem is rewarded a beer (and I'm willing to ship it to Norway if required). I beg you to be evil. Try dumping a table a la "http://localhost/index.php?date=77778;DROP TABLE users" or something. ;)
2001-03-07 21:29:40 +00:00
account_email_submit(check_input($userid), check_input($email));
amdin.php: - fixed bug in story section account.php: - removed death code, clean-up, reorganization - added "lost password?" functionality faq.php: - clean-up watchdog.inc: - improvements - end of input-limit test period error.php: - improvements, still crappy layout though
2000-11-20 10:27:35 +00:00
break;
- More updates on the translation support
2001-02-17 12:59:24 +00:00
case t("Create account"):
A rather large and important update: revised most of the SQL queries and tried to make drupal as secure as possible (while trying to avoid redundant/duplicate checks). For drupal's sake, try to screw something up. See the mail about PHPNuke being hacked appr. 6 days ago. The one who finds a problem is rewarded a beer (and I'm willing to ship it to Norway if required). I beg you to be evil. Try dumping a table a la "http://localhost/index.php?date=77778;DROP TABLE users" or something. ;)
2001-03-07 21:29:40 +00:00
account_create_submit(check_input($userid), check_input($email));
Imported sources
2000-05-18 19:52:00 +00:00
break;
- More updates on the translation support
2001-02-17 12:59:24 +00:00
case t("Save user information"):
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
account_user_save($edit);
account_user($user->userid);
Imported sources
2000-05-18 19:52:00 +00:00
break;
- More updates on the translation support
2001-02-17 12:59:24 +00:00
case t("Save site settings"):
Yet another large batch of updates: - I rearranged some of the code and clean-up some of the mess. - Added "blocks" which can be user defined/controlled: check to see. The positioning of blocks is rather basic for the moment, so I'm all open for input on that.
2000-12-23 23:25:28 +00:00
account_site_save($edit);
... and the winner is ... (finally got it to work)
2000-10-04 10:36:47 +00:00
header("Location: account.php?op=info");
Imported sources
2000-05-18 19:52:00 +00:00
break;
- More updates on the translation support
2001-02-17 12:59:24 +00:00
case t("Save content settings"):
- some improvements and code polishing - added a few extra blocks to choose from
2000-12-24 15:44:29 +00:00
account_content_save($edit);
Yet another large batch of updates: - I rearranged some of the code and clean-up some of the mess. - Added "blocks" which can be user defined/controlled: check to see. The positioning of blocks is rather basic for the moment, so I'm all open for input on that.
2000-12-23 23:25:28 +00:00
account_user($user->userid);
break;
- More updates on the translation support
2001-02-17 12:59:24 +00:00
case "confirm":
A rather large and important update: revised most of the SQL queries and tried to make drupal as secure as possible (while trying to avoid redundant/duplicate checks). For drupal's sake, try to screw something up. See the mail about PHPNuke being hacked appr. 6 days ago. The one who finds a problem is rewarded a beer (and I'm willing to ship it to Norway if required). I beg you to be evil. Try dumping a table a la "http://localhost/index.php?date=77778;DROP TABLE users" or something. ;)
2001-03-07 21:29:40 +00:00
account_create_confirm(check_input($name), check_input($hash));
- More updates on the translation support
2001-02-17 12:59:24 +00:00
break;
case "login":
A rather large and important update: revised most of the SQL queries and tried to make drupal as secure as possible (while trying to avoid redundant/duplicate checks). For drupal's sake, try to screw something up. See the mail about PHPNuke being hacked appr. 6 days ago. The one who finds a problem is rewarded a beer (and I'm willing to ship it to Norway if required). I beg you to be evil. Try dumping a table a la "http://localhost/index.php?date=77778;DROP TABLE users" or something. ;)
2001-03-07 21:29:40 +00:00
account_session_start(check_input($userid), check_input($passwd));
- More updates on the translation support
2001-02-17 12:59:24 +00:00
header("Location: account.php?op=info");
break;
- Redid most of account.php and fixed quite some bugs! Check out your new user account stuff and give me some feedback.
2000-11-25 12:56:04 +00:00
case "logout":
account_session_close();
header("Location: account.php?op=info");
break;
case "view":
switch ($topic) {
case "info":
account_user($user->userid);
break;
default:
A rather large and important update: revised most of the SQL queries and tried to make drupal as secure as possible (while trying to avoid redundant/duplicate checks). For drupal's sake, try to screw something up. See the mail about PHPNuke being hacked appr. 6 days ago. The one who finds a problem is rewarded a beer (and I'm willing to ship it to Norway if required). I beg you to be evil. Try dumping a table a la "http://localhost/index.php?date=77778;DROP TABLE users" or something. ;)
2001-03-07 21:29:40 +00:00
account_user(check_input($name));
- Redid most of account.php and fixed quite some bugs! Check out your new user account stuff and give me some feedback.
2000-11-25 12:56:04 +00:00
}
break;
case "track":
switch ($topic) {
case "site":
account_track_site();
break;
case "stories":
account_track_stories();
break;
default:
account_track_comments();
}
break;
case "edit":
switch ($topic) {
- the diary module is truly modular now - the faq has been spell checked
2001-01-04 21:09:40 +00:00
case "content":
account_content_edit();
- Redid most of account.php and fixed quite some bugs! Check out your new user account stuff and give me some feedback.
2000-11-25 12:56:04 +00:00
break;
Yet another large batch of updates: - I rearranged some of the code and clean-up some of the mess. - Added "blocks" which can be user defined/controlled: check to see. The positioning of blocks is rather basic for the moment, so I'm all open for input on that.
2000-12-23 23:25:28 +00:00
case "site":
account_site_edit();
break;
- Redid most of account.php and fixed quite some bugs! Check out your new user account stuff and give me some feedback.
2000-11-25 12:56:04 +00:00
default:
- the diary module is truly modular now - the faq has been spell checked
2001-01-04 21:09:40 +00:00
account_user_edit();
- Redid most of account.php and fixed quite some bugs! Check out your new user account stuff and give me some feedback.
2000-11-25 12:56:04 +00:00
}
break;
- fixed small typo
2001-01-25 13:33:15 +00:00
default:
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
account_user($user->userid);
Imported sources
2000-05-18 19:52:00 +00:00
}
* Added more and better error checking which should fix 'potential' bugs or weird behavior in case something goes wrong. We aim for something that is rock-solid, right? :-)
2000-07-02 15:26:10 +00:00
- More updates on the translation support
2001-02-17 12:59:24 +00:00
?>