Drupal
/
drupal
mirror of https://git.drupalcode.org/project/drupal.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
drupal/account.php

428 lines
20 KiB
PHP
Raw Normal View History

Imported sources
2000-05-18 19:52:00 +00:00
<?
Over the last 2 days I redid and reorganized an afwul lot of code and made quite a lot of additions. The most remarkable addition is the diary server, which I slapped together in less then 40 minutes. Most of the other changes are however `unvisible' for the user but add much value to a better maintainability from a developer's objective. Like always, I fixed quite a number of small bugs that creeped into the code so we should have a bigger, better and more stable drop.org. Unfortunatly, some theme update _are_ required: REQUIRED THEME UPDATES: ======================= * use format_username() where usernames are used * use format_date() where timestamps/dates are used * use format_email() where e-mail addresses are displayed * use format_url() where url are displayed * replace 'formatTimestamp' with format_date * replace 'morelink_*' with 'display_morelink' [most of these functions are in function.inc or template.inc] ___PLEASE___ (<- this should get your attention ;) update your themes as soon as possible - it only takes 30 min. to get in sync with the other themes. Don't start whining about the fact you don't know what to change ... either eat the source cookie, or ask me to elaborate on a few changes. Just let me know what's puzzling you and I'll try to help you out! TODO LIST FOR NEXT WEEK ======================= * Add checks for max. text length in textarea's? Is there an HMTL attribute for this or ...? * Comment moderation + mojo * Edit/admin user accounts: block, delete, change permissions, ... * E-mail password, change password, change e-mail address -> extra checks and routines to validate such `special' changes. * Input checking - input filter: bad words, html tags, ...
2000-09-11 07:45:22 +00:00
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
include "includes/theme.inc";
Imported sources
2000-05-18 19:52:00 +00:00
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
function account_get_user($uname) {
Here we go again with a rather large commit: fixed a lot of annoying bugs and boxed whatever there was left to be boxed. * user.class.php: renamed $user->update() to $user->rehash(). * user.class.php: fixed a typical quote-bug in $user->rehash(). * functions.inc: fixed bug in displayOldHeadlines(). * functions.inc: improved several functions. * account.php: fixed major bug in showUser(). * account.php: added some extra words to the human-readable password-generator(tm). * account.php: boxed ALL functions! Fieuw! * submit.php: add some general information and guidlines on how to post submissions. * config.inc: re-thought the categories to be more generic. * submission.php: minor changes * search.pph: fixed minor bug with the author's names. Woops. I have an exam within 4 hours: back to my books. ;-) -------------------------------------------------------------------- * Anyone could check sumbit.php, sumbission.php and faq.php for typoes? * Anyone could adjust calendar.class.php to fit IE? *huh*huh* * Don't be scared to hack along (see below)! I'll be working on the submissions and comments. -------------------------------------------------------------------- Status of drop v0.10: (make the system erational' and release it.) - submissions: submission queue (75% complete) submission moderation (75% complete) - comments: comment moderation ( 0% complete) comment administration ( 0% complete) fixup timestamp mess ( 0% complete) - user system: mail password ( 0% complete) user administation (50% complete) patch admin.php ( 0% complete) account confirmation ( 0% complete) e-mail confimation upon modification of e-mail address ( 0% complete) - proper handling of forms: text2html, html2text html2txt, txt2html (10% complete) bad-word filter (80% complete) automatic link detection ( 0% complete) allowed HTML-tag checker ( 0% complete) - FAQ: cleanup, disclaimer (50% complete) - theme: box everything (100% complete)
2000-06-20 07:33:17 +00:00
$result = db_query("SELECT * FROM users WHERE userid = '$uname'");
return db_fetch_object($result);
}
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
function account_login() {
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
$output .= "<FORM ACTION=\"account.php\" METHOD=\"post\">\n";
$output .= " <TABLE BORDER=\"0\" CELLPADDING=\"2\" CELLSPACING=\"2\">\n";
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
$output .= " <TR><TH ALIGN=\"right\">Username:</TH><TD><INPUT NAME=\"userid\"></TD></TR>\n";
$output .= " <TR><TH ALIGN=\"right\">Password:</TH><TD><INPUT NAME=\"passwd\" TYPE=\"password\"></TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\" COLSPAN=\"2\"><INPUT NAME=\"op\" TYPE=\"submit\" VALUE=\"Login\"></TD></TR>\n";
Here we go again with a rather large commit: fixed a lot of annoying bugs and boxed whatever there was left to be boxed. * user.class.php: renamed $user->update() to $user->rehash(). * user.class.php: fixed a typical quote-bug in $user->rehash(). * functions.inc: fixed bug in displayOldHeadlines(). * functions.inc: improved several functions. * account.php: fixed major bug in showUser(). * account.php: added some extra words to the human-readable password-generator(tm). * account.php: boxed ALL functions! Fieuw! * submit.php: add some general information and guidlines on how to post submissions. * config.inc: re-thought the categories to be more generic. * submission.php: minor changes * search.pph: fixed minor bug with the author's names. Woops. I have an exam within 4 hours: back to my books. ;-) -------------------------------------------------------------------- * Anyone could check sumbit.php, sumbission.php and faq.php for typoes? * Anyone could adjust calendar.class.php to fit IE? *huh*huh* * Don't be scared to hack along (see below)! I'll be working on the submissions and comments. -------------------------------------------------------------------- Status of drop v0.10: (make the system erational' and release it.) - submissions: submission queue (75% complete) submission moderation (75% complete) - comments: comment moderation ( 0% complete) comment administration ( 0% complete) fixup timestamp mess ( 0% complete) - user system: mail password ( 0% complete) user administation (50% complete) patch admin.php ( 0% complete) account confirmation ( 0% complete) e-mail confimation upon modification of e-mail address ( 0% complete) - proper handling of forms: text2html, html2text html2txt, txt2html (10% complete) bad-word filter (80% complete) automatic link detection ( 0% complete) allowed HTML-tag checker ( 0% complete) - FAQ: cleanup, disclaimer (50% complete) - theme: box everything (100% complete)
2000-06-20 07:33:17 +00:00
$output .= " </TABLE>\n";
$output .= "</FORM>\n";
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
$output .= "You don't have an account yet? <A HREF=\"account.php?op=register\">Register</A> as new user.\n";
Here we go again with a rather large commit: fixed a lot of annoying bugs and boxed whatever there was left to be boxed. * user.class.php: renamed $user->update() to $user->rehash(). * user.class.php: fixed a typical quote-bug in $user->rehash(). * functions.inc: fixed bug in displayOldHeadlines(). * functions.inc: improved several functions. * account.php: fixed major bug in showUser(). * account.php: added some extra words to the human-readable password-generator(tm). * account.php: boxed ALL functions! Fieuw! * submit.php: add some general information and guidlines on how to post submissions. * config.inc: re-thought the categories to be more generic. * submission.php: minor changes * search.pph: fixed minor bug with the author's names. Woops. I have an exam within 4 hours: back to my books. ;-) -------------------------------------------------------------------- * Anyone could check sumbit.php, sumbission.php and faq.php for typoes? * Anyone could adjust calendar.class.php to fit IE? *huh*huh* * Don't be scared to hack along (see below)! I'll be working on the submissions and comments. -------------------------------------------------------------------- Status of drop v0.10: (make the system erational' and release it.) - submissions: submission queue (75% complete) submission moderation (75% complete) - comments: comment moderation ( 0% complete) comment administration ( 0% complete) fixup timestamp mess ( 0% complete) - user system: mail password ( 0% complete) user administation (50% complete) patch admin.php ( 0% complete) account confirmation ( 0% complete) e-mail confimation upon modification of e-mail address ( 0% complete) - proper handling of forms: text2html, html2text html2txt, txt2html (10% complete) bad-word filter (80% complete) automatic link detection ( 0% complete) allowed HTML-tag checker ( 0% complete) - FAQ: cleanup, disclaimer (50% complete) - theme: box everything (100% complete)
2000-06-20 07:33:17 +00:00
return $output;
Hopefully this will not break anything *prays* ;)
2000-06-02 18:36:14 +00:00
}
Here we go again with a rather large commit: fixed a lot of annoying bugs and boxed whatever there was left to be boxed. * user.class.php: renamed $user->update() to $user->rehash(). * user.class.php: fixed a typical quote-bug in $user->rehash(). * functions.inc: fixed bug in displayOldHeadlines(). * functions.inc: improved several functions. * account.php: fixed major bug in showUser(). * account.php: added some extra words to the human-readable password-generator(tm). * account.php: boxed ALL functions! Fieuw! * submit.php: add some general information and guidlines on how to post submissions. * config.inc: re-thought the categories to be more generic. * submission.php: minor changes * search.pph: fixed minor bug with the author's names. Woops. I have an exam within 4 hours: back to my books. ;-) -------------------------------------------------------------------- * Anyone could check sumbit.php, sumbission.php and faq.php for typoes? * Anyone could adjust calendar.class.php to fit IE? *huh*huh* * Don't be scared to hack along (see below)! I'll be working on the submissions and comments. -------------------------------------------------------------------- Status of drop v0.10: (make the system erational' and release it.) - submissions: submission queue (75% complete) submission moderation (75% complete) - comments: comment moderation ( 0% complete) comment administration ( 0% complete) fixup timestamp mess ( 0% complete) - user system: mail password ( 0% complete) user administation (50% complete) patch admin.php ( 0% complete) account confirmation ( 0% complete) e-mail confimation upon modification of e-mail address ( 0% complete) - proper handling of forms: text2html, html2text html2txt, txt2html (10% complete) bad-word filter (80% complete) automatic link detection ( 0% complete) allowed HTML-tag checker ( 0% complete) - FAQ: cleanup, disclaimer (50% complete) - theme: box everything (100% complete)
2000-06-20 07:33:17 +00:00
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
function account_session_start($userid, $passwd) {
global $user;
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
$user = new User($userid, $passwd);
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
if ($user->id) {
session_start();
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
session_register("user");
Another batch with a lot of internal updates, yet no visual changes to the site: - watchdog (rewrite): + the collected information provides more details and insights for post-mortem research + input limitation - database abstraction layer: + mysql errors are now verbose and is no longer displayed in a browser - fixes a possible security risk - admin.php: + updated watchdog page + fixed security flaw - diary.php: + fixed nl2br problem - themes: + fixed comment bug in all 3 themes. - misc: + renamed some global variables for sake of consistency: $sitename --> $site_name $siteurl --> $site_url + added input check where (a) exploitable and (b) possible + added input size check + various small improvements + fixed various typoes ... and much, much more in fact.
2000-11-13 08:17:45 +00:00
watchdog("message", "session opened for user `$user->userid'");
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
}
else {
Another batch with a lot of internal updates, yet no visual changes to the site: - watchdog (rewrite): + the collected information provides more details and insights for post-mortem research + input limitation - database abstraction layer: + mysql errors are now verbose and is no longer displayed in a browser - fixes a possible security risk - admin.php: + updated watchdog page + fixed security flaw - diary.php: + fixed nl2br problem - themes: + fixed comment bug in all 3 themes. - misc: + renamed some global variables for sake of consistency: $sitename --> $site_name $siteurl --> $site_url + added input check where (a) exploitable and (b) possible + added input size check + various small improvements + fixed various typoes ... and much, much more in fact.
2000-11-13 08:17:45 +00:00
watchdog("warning", "failed login for user `$userid'");
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
}
}
function account_session_close() {
global $user;
Another batch with a lot of internal updates, yet no visual changes to the site: - watchdog (rewrite): + the collected information provides more details and insights for post-mortem research + input limitation - database abstraction layer: + mysql errors are now verbose and is no longer displayed in a browser - fixes a possible security risk - admin.php: + updated watchdog page + fixed security flaw - diary.php: + fixed nl2br problem - themes: + fixed comment bug in all 3 themes. - misc: + renamed some global variables for sake of consistency: $sitename --> $site_name $siteurl --> $site_url + added input check where (a) exploitable and (b) possible + added input size check + various small improvements + fixed various typoes ... and much, much more in fact.
2000-11-13 08:17:45 +00:00
watchdog("message", "session closed for user `$user->userid'");
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
session_unset();
session_destroy();
unset($user);
}
function account_user_edit() {
global $theme, $user;
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
if ($user->id) {
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
### Generate output/content:
$output .= "<FORM ACTION=\"account.php\" METHOD=\"post\">\n";
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
$output .= "<B>Username:</B><BR>\n";
$output .= "&nbsp; $user->userid<P>\n";
$output .= "<I>Required, unique, and can not be changed.</I><P>\n";
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
$output .= "<B>Real name:</B><BR>\n";
$output .= "<INPUT NAME=\"edit[name]\" MAXLENGTH=\"55\" SIZE=\"30\" VALUE=\"$user->name\"><BR>\n";
$output .= "<I>Optional.</I><P>\n";
$output .= "<B>Real e-mail address:</B><BR>\n";
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
$output .= "&nbsp; $user->real_email<P>\n";
$output .= "<I>Required, unique, can not be changed and is never displayed publicly: only needed in case you lose your password.</I><P>\n";
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
$output .= "<B>Fake e-mail address:</B><BR>\n";
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
$output .= "<INPUT NAME=\"edit[fake_email]\" MAXLENGTH=\"55\" SIZE=\"30\" VALUE=\"$user->fake_email\"><BR>\n";
$output .= "<I>Optional, and displayed publicly. You may spam proof your real e-mail address if you want.</I><P>\n";
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
$output .= "<B>URL of homepage:</B><BR>\n";
$output .= "<INPUT NAME=\"edit[url]\" MAXLENGTH=\"55\" SIZE=\"30\" VALUE=\"$user->url\"><BR>\n";
$output .= "<I>Optional, but make sure you enter fully qualified URLs only. That is, remember to include \"http://\".</I><P>\n";
$output .= "<B>Bio:</B> (255 char. limit)<BR>\n";
$output .= "<TEXTAREA NAME=\"edit[bio]\" COLS=\"35\" ROWS=\"5\" WRAP=\"virtual\">$user->bio</TEXTAREA><BR>\n";
$output .= "<I>Optional. This biographical information is publicly displayed on your user page.</I><P>\n";
$output .= "<B>Singature:</B> (255 char. limit)<BR>\n";
$output .= "<TEXTAREA NAME=\"edit[signature]\" COLS=\"35\" ROWS=\"5\" WRAP=\"virtual\">$user->signature</TEXTAREA><BR>\n";
$output .= "<I>Optional. This information will be publicly displayed at the end of your comments. </I><P>\n";
$output .= "<B>Password:</B><BR>\n";
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
$output .= "<INPUT TYPE=\"password\" NAME=\"edit[pass1]\" SIZE=\"10\" MAXLENGTH=\"20\"> <INPUT TYPE=\"password\" NAME=\"edit[pass2]\" SIZE=\"10\" MAXLENGTH=\"20\"><BR>\n";
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
$output .= "<I>Enter your new password twice if you want to change your current password or leave it blank if you are happy with your current password.</I><P>\n";
$output .= "<INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Save user information\"><BR>\n";
$output .= "</FORM>\n";
### Display output/content:
$theme->header();
$theme->box("Edit your information", $output);
$theme->footer();
}
else {
$theme->header();
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
$theme->box("Login", account_login());
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
$theme->footer();
}
}
function account_user_save($edit) {
global $user;
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
if ($user->id) {
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
$data[name] = $edit[name];
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
$data[fake_email] = $edit[fake_email];
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
$data[url] = $edit[url];
$data[bio] = $edit[bio];
$data[signature] = $edit[signature];
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
if ($edit[pass1] && $edit[pass1] == $edit[pass2]) $data[passwd] = $edit[pass1];
user_save($data, $user->id);
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
}
}
function account_page_edit() {
global $theme, $themes, $user;
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
if ($user->id) {
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
$output .= "<FORM ACTION=\"account.php\" METHOD=\"post\">\n";
$output .= "<B>Theme:</B><BR>\n";
foreach ($themes as $key=>$value) {
- fixed a bug in check_input: html stripping was not 100% correct. - fixed a bug in account.php: the confirmation url is now correct. - improved error checking + security in diary.php. - fixed a bug in the html code of theme zaphod. - improved the date handling: always call format_date(). - expanded account information in administration pages. - added a new variable $siteurl to ./includes/config.inc. - added comment moderation to theme zaphod. - "alter table users add timezone varchar(8);" - !!! added new timezone feature !!! :o)
2000-10-30 16:18:39 +00:00
$options1 .= " <OPTION VALUE=\"$key\"". (($user->theme == $key) ? " SELECTED" : "") .">$key - $value[1]</OPTION>\n";
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
}
- fixed a bug in check_input: html stripping was not 100% correct. - fixed a bug in account.php: the confirmation url is now correct. - improved error checking + security in diary.php. - fixed a bug in the html code of theme zaphod. - improved the date handling: always call format_date(). - expanded account information in administration pages. - added a new variable $siteurl to ./includes/config.inc. - added comment moderation to theme zaphod. - "alter table users add timezone varchar(8);" - !!! added new timezone feature !!! :o)
2000-10-30 16:18:39 +00:00
$output .= "<SELECT NAME=\"edit[theme]\">\n$options1</SELECT><BR>\n";
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
$output .= "<I>Selecting a different theme will change the look and feel of the site.</I><P>\n";
- fixed a bug in check_input: html stripping was not 100% correct. - fixed a bug in account.php: the confirmation url is now correct. - improved error checking + security in diary.php. - fixed a bug in the html code of theme zaphod. - improved the date handling: always call format_date(). - expanded account information in administration pages. - added a new variable $siteurl to ./includes/config.inc. - added comment moderation to theme zaphod. - "alter table users add timezone varchar(8);" - !!! added new timezone feature !!! :o)
2000-10-30 16:18:39 +00:00
$output .= "<B>Timezone:</B><BR>\n";
$date = time() - date("Z");
for ($zone = -43200; $zone <= 43200; $zone += 3600) {
$options2 .= " <OPTION VALUE=\"$zone\"". (($user->timezone == $zone) ? " SELECTED" : "") .">". date("l, F dS, Y - h:i A", $date + $zone) ." (GMT ". $zone / 3600 .")</OPTION>\n";
}
$output .= "<SELECT NAME=\"edit[timezone]\">\n$options2</SELECT><BR>\n";
$output .= "<I>Select what time you currently have and your timezone settings will be set appropriate.</I><P>\n";
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
$output .= "<B>Maximum number of stories:</B><BR>\n";
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
$output .= "<INPUT NAME=\"edit[stories]\" MAXLENGTH=\"3\" SIZE=\"3\" VALUE=\"$user->stories\"><P>\n";
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
$output .= "<I>The maximum number of stories that will be displayed on the main page.</I><P>\n";
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
$options = "<OPTION VALUE=\"nested\"". ($user->mode == "nested" ? " SELECTED" : "") .">Nested</OPTION>";
$options .= "<OPTION VALUE=\"flat\"". ($user->mode == "flat" ? " SELECTED" : "") .">Flat</OPTION>";
$options .= "<OPTION VALUE=\"threaded\"". ($user->mode == "threaded" ? " SELECTED" : "") .">Threaded</OPTION>";
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
$output .= "<B>Comment display mode:</B><BR>\n";
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
$output .= "<SELECT NAME=\"edit[mode]\">$options</SELECT><P>\n";
$options = "<OPTION VALUE=\"0\"". ($user->sort == 0 ? " SELECTED" : "") .">Oldest first</OPTION>";
$options .= "<OPTION VALUE=\"1\"". ($user->sort == 1 ? " SELECTED" : "") .">Newest first</OPTION>";
$options .= "<OPTION VALUE=\"2\"". ($user->sort == 2 ? " SELECTED" : "") .">Highest scoring first</OPTION>";
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
$output .= "<B>Comment sort order:</B><BR>\n";
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
$output .= "<SELECT NAME=\"edit[sort]\">$options</SELECT><P>\n";
$options = "<OPTION VALUE=\"-1\"". ($user->threshold == -1 ? " SELECTED" : "") .">-1: Display uncut and raw comments.</OPTION>";
$options .= "<OPTION VALUE=\"0\"". ($user->threshold == 0 ? " SELECTED" : "") .">0: Display almost all comments.</OPTION>";
$options .= "<OPTION VALUE=\"1\"". ($user->threshold == 1 ? " SELECTED" : "") .">1: Display almost no anonymous comments.</OPTION>";
$options .= "<OPTION VALUE=\"2\"". ($user->threshold == 2 ? " SELECTED" : "") .">2: Display comments with score +2 only.</OPTION>";
$options .= "<OPTION VALUE=\"3\"". ($user->threshold == 3 ? " SELECTED" : "") .">3: Display comments with score +3 only.</OPTION>";
$options .= "<OPTION VALUE=\"4\"". ($user->threshold == 4 ? " SELECTED" : "") .">4: Display comments with score +4 only.</OPTION>";
$options .= "<OPTION VALUE=\"5\"". ($user->threshold == 5 ? " SELECTED" : "") .">5: Display comments with score +5 only.</OPTION>";
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
$output .= "<B>Comment threshold:</B><BR>\n";
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
$output .= "<SELECT NAME=\"edit[threshold]\">$options</SELECT><BR>\n";
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
$output .= "<I>Comments that scored less than this setting will be ignored. Anonymous comments start at 0, comments of people logged on start at 1 and moderators can add and subtract points.</I><P>\n";
$output .= "<INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Save page settings\"><BR>\n";
$output .= "</FORM>\n";
$theme->header();
$theme->box("Customize your page", $output);
$theme->footer();
}
else {
$theme->header();
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
$theme->box("Login", account_login());
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
$theme->footer();
}
}
function account_page_save($edit) {
global $user;
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
if ($user->id) {
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
$data[theme] = $edit[theme];
- fixed a bug in check_input: html stripping was not 100% correct. - fixed a bug in account.php: the confirmation url is now correct. - improved error checking + security in diary.php. - fixed a bug in the html code of theme zaphod. - improved the date handling: always call format_date(). - expanded account information in administration pages. - added a new variable $siteurl to ./includes/config.inc. - added comment moderation to theme zaphod. - "alter table users add timezone varchar(8);" - !!! added new timezone feature !!! :o)
2000-10-30 16:18:39 +00:00
$data[timezone] = $edit[timezone];
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
$data[stories] = $edit[stories];
$data[mode] = $edit[mode];
$data[sort] = $edit[sort];
$data[threshold] = $edit[threshold];
user_save($data, $user->id);
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
}
Hopefully this will not break anything *prays* ;)
2000-06-02 18:36:14 +00:00
}
Here we go again with a rather large commit: fixed a lot of annoying bugs and boxed whatever there was left to be boxed. * user.class.php: renamed $user->update() to $user->rehash(). * user.class.php: fixed a typical quote-bug in $user->rehash(). * functions.inc: fixed bug in displayOldHeadlines(). * functions.inc: improved several functions. * account.php: fixed major bug in showUser(). * account.php: added some extra words to the human-readable password-generator(tm). * account.php: boxed ALL functions! Fieuw! * submit.php: add some general information and guidlines on how to post submissions. * config.inc: re-thought the categories to be more generic. * submission.php: minor changes * search.pph: fixed minor bug with the author's names. Woops. I have an exam within 4 hours: back to my books. ;-) -------------------------------------------------------------------- * Anyone could check sumbit.php, sumbission.php and faq.php for typoes? * Anyone could adjust calendar.class.php to fit IE? *huh*huh* * Don't be scared to hack along (see below)! I'll be working on the submissions and comments. -------------------------------------------------------------------- Status of drop v0.10: (make the system erational' and release it.) - submissions: submission queue (75% complete) submission moderation (75% complete) - comments: comment moderation ( 0% complete) comment administration ( 0% complete) fixup timestamp mess ( 0% complete) - user system: mail password ( 0% complete) user administation (50% complete) patch admin.php ( 0% complete) account confirmation ( 0% complete) e-mail confimation upon modification of e-mail address ( 0% complete) - proper handling of forms: text2html, html2text html2txt, txt2html (10% complete) bad-word filter (80% complete) automatic link detection ( 0% complete) allowed HTML-tag checker ( 0% complete) - FAQ: cleanup, disclaimer (50% complete) - theme: box everything (100% complete)
2000-06-20 07:33:17 +00:00
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
function account_user($uname) {
Over the last 2 days I redid and reorganized an afwul lot of code and made quite a lot of additions. The most remarkable addition is the diary server, which I slapped together in less then 40 minutes. Most of the other changes are however `unvisible' for the user but add much value to a better maintainability from a developer's objective. Like always, I fixed quite a number of small bugs that creeped into the code so we should have a bigger, better and more stable drop.org. Unfortunatly, some theme update _are_ required: REQUIRED THEME UPDATES: ======================= * use format_username() where usernames are used * use format_date() where timestamps/dates are used * use format_email() where e-mail addresses are displayed * use format_url() where url are displayed * replace 'formatTimestamp' with format_date * replace 'morelink_*' with 'display_morelink' [most of these functions are in function.inc or template.inc] ___PLEASE___ (<- this should get your attention ;) update your themes as soon as possible - it only takes 30 min. to get in sync with the other themes. Don't start whining about the fact you don't know what to change ... either eat the source cookie, or ask me to elaborate on a few changes. Just let me know what's puzzling you and I'll try to help you out! TODO LIST FOR NEXT WEEK ======================= * Add checks for max. text length in textarea's? Is there an HMTL attribute for this or ...? * Comment moderation + mojo * Edit/admin user accounts: block, delete, change permissions, ... * E-mail password, change password, change e-mail address -> extra checks and routines to validate such `special' changes. * Input checking - input filter: bad words, html tags, ...
2000-09-11 07:45:22 +00:00
global $user, $theme;
* fixed the login problem
2000-10-25 11:23:29 +00:00
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
if ($user->id && $user->userid == $uname) {
Here we go again with a rather large commit: fixed a lot of annoying bugs and boxed whatever there was left to be boxed. * user.class.php: renamed $user->update() to $user->rehash(). * user.class.php: fixed a typical quote-bug in $user->rehash(). * functions.inc: fixed bug in displayOldHeadlines(). * functions.inc: improved several functions. * account.php: fixed major bug in showUser(). * account.php: added some extra words to the human-readable password-generator(tm). * account.php: boxed ALL functions! Fieuw! * submit.php: add some general information and guidlines on how to post submissions. * config.inc: re-thought the categories to be more generic. * submission.php: minor changes * search.pph: fixed minor bug with the author's names. Woops. I have an exam within 4 hours: back to my books. ;-) -------------------------------------------------------------------- * Anyone could check sumbit.php, sumbission.php and faq.php for typoes? * Anyone could adjust calendar.class.php to fit IE? *huh*huh* * Don't be scared to hack along (see below)! I'll be working on the submissions and comments. -------------------------------------------------------------------- Status of drop v0.10: (make the system erational' and release it.) - submissions: submission queue (75% complete) submission moderation (75% complete) - comments: comment moderation ( 0% complete) comment administration ( 0% complete) fixup timestamp mess ( 0% complete) - user system: mail password ( 0% complete) user administation (50% complete) patch admin.php ( 0% complete) account confirmation ( 0% complete) e-mail confimation upon modification of e-mail address ( 0% complete) - proper handling of forms: text2html, html2text html2txt, txt2html (10% complete) bad-word filter (80% complete) automatic link detection ( 0% complete) allowed HTML-tag checker ( 0% complete) - FAQ: cleanup, disclaimer (50% complete) - theme: box everything (100% complete)
2000-06-20 07:33:17 +00:00
$output .= "<P>Welcome $user->userid! This is <B>your</B> user info page. There are many more, but this one is yours. You are probably most interested in editing something, but if you need to kill some time, this place is as good as any other place.</P>\n";
Changelog --------- - improved the user information page. - improved the story submission page. - fixed comments score bug: '.00' --> 'x.00' - tried fixing the calendar wrapping - UnConeD, is it fixed now? - provided a link back to the submission queue after having voted for a story. - fixed comment subject bug (and security flaw) by replacing quotes by &quot;. - updated theme 'zaphod': fixed 2 bugs. - updated theme 'marvin': fixed 1 bug and improved the layout so things wrap (hopefully) better in Windows. - comments have by default no subject pre-set - if no subject is provided, the user is warned and when a comment eventually got submitted without a subject, a subject is composed using the x first characters of the comment's body. - improved comments on submit.php - corrected a typo in the FAQ. UnConeD ------- - replace 'article.php' by 'discussion.php' - comment() still uses old references to account.php: the parameters you supply to account.php does no longer hold. You have to update those links to the new syntax. - commentcontrol() is outdated - copy paste the one of theme 'marvin' and adjust it to your likings.
2000-10-02 07:32:17 +00:00
$output .= "<TABLE BORDER=\"0\" CELLPADDING=\"2\" CELLSPACING=\"2\">\n";
Some ienie-wienie-tiny layout changes I made last night (in presence of Jeroen).
2000-09-28 12:34:44 +00:00
$output .= " <TR><TD ALIGN=\"right\"><B>User ID:</B></TD><TD>$user->userid</TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\"><B>Name:</B></TD><TD>". format_data($user->name) ."</TD></TR>\n";
A bunch of internal changes: - better organisation of include files - renamed a few function to make more sense - small bugfix in the user account registration - ...
2000-10-21 13:59:27 +00:00
$output .= " <TR><TD ALIGN=\"right\"><B>E-mail:</B></TD><TD>". format_email($user->fake_email) ."</A></TD></TR>\n";
Some ienie-wienie-tiny layout changes I made last night (in presence of Jeroen).
2000-09-28 12:34:44 +00:00
$output .= " <TR><TD ALIGN=\"right\"><B>URL:</B></TD><TD>". format_url($user->url) ."</TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\" VALIGN=\"top\"><B>Bio:</B></TD><TD>". format_data($user->bio) ."</TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\" VALIGN=\"top\"><B>Signature:</B></TD><TD>". format_data($user->signature) ."</TD></TR>\n";
Here we go again with a rather large commit: fixed a lot of annoying bugs and boxed whatever there was left to be boxed. * user.class.php: renamed $user->update() to $user->rehash(). * user.class.php: fixed a typical quote-bug in $user->rehash(). * functions.inc: fixed bug in displayOldHeadlines(). * functions.inc: improved several functions. * account.php: fixed major bug in showUser(). * account.php: added some extra words to the human-readable password-generator(tm). * account.php: boxed ALL functions! Fieuw! * submit.php: add some general information and guidlines on how to post submissions. * config.inc: re-thought the categories to be more generic. * submission.php: minor changes * search.pph: fixed minor bug with the author's names. Woops. I have an exam within 4 hours: back to my books. ;-) -------------------------------------------------------------------- * Anyone could check sumbit.php, sumbission.php and faq.php for typoes? * Anyone could adjust calendar.class.php to fit IE? *huh*huh* * Don't be scared to hack along (see below)! I'll be working on the submissions and comments. -------------------------------------------------------------------- Status of drop v0.10: (make the system erational' and release it.) - submissions: submission queue (75% complete) submission moderation (75% complete) - comments: comment moderation ( 0% complete) comment administration ( 0% complete) fixup timestamp mess ( 0% complete) - user system: mail password ( 0% complete) user administation (50% complete) patch admin.php ( 0% complete) account confirmation ( 0% complete) e-mail confimation upon modification of e-mail address ( 0% complete) - proper handling of forms: text2html, html2text html2txt, txt2html (10% complete) bad-word filter (80% complete) automatic link detection ( 0% complete) allowed HTML-tag checker ( 0% complete) - FAQ: cleanup, disclaimer (50% complete) - theme: box everything (100% complete)
2000-06-20 07:33:17 +00:00
$output .= "</TABLE>\n";
* Update: improved error checking/handling.
2000-07-02 15:00:42 +00:00
### Display account information:
Here we go again with a rather large commit: fixed a lot of annoying bugs and boxed whatever there was left to be boxed. * user.class.php: renamed $user->update() to $user->rehash(). * user.class.php: fixed a typical quote-bug in $user->rehash(). * functions.inc: fixed bug in displayOldHeadlines(). * functions.inc: improved several functions. * account.php: fixed major bug in showUser(). * account.php: added some extra words to the human-readable password-generator(tm). * account.php: boxed ALL functions! Fieuw! * submit.php: add some general information and guidlines on how to post submissions. * config.inc: re-thought the categories to be more generic. * submission.php: minor changes * search.pph: fixed minor bug with the author's names. Woops. I have an exam within 4 hours: back to my books. ;-) -------------------------------------------------------------------- * Anyone could check sumbit.php, sumbission.php and faq.php for typoes? * Anyone could adjust calendar.class.php to fit IE? *huh*huh* * Don't be scared to hack along (see below)! I'll be working on the submissions and comments. -------------------------------------------------------------------- Status of drop v0.10: (make the system erational' and release it.) - submissions: submission queue (75% complete) submission moderation (75% complete) - comments: comment moderation ( 0% complete) comment administration ( 0% complete) fixup timestamp mess ( 0% complete) - user system: mail password ( 0% complete) user administation (50% complete) patch admin.php ( 0% complete) account confirmation ( 0% complete) e-mail confimation upon modification of e-mail address ( 0% complete) - proper handling of forms: text2html, html2text html2txt, txt2html (10% complete) bad-word filter (80% complete) automatic link detection ( 0% complete) allowed HTML-tag checker ( 0% complete) - FAQ: cleanup, disclaimer (50% complete) - theme: box everything (100% complete)
2000-06-20 07:33:17 +00:00
$theme->header();
* A set of misc. updates and improvements. * On a side note: Jeroen: I'm feeling somewhat better at the moment so normally it should be OK if you'd stop by tonight (after 19:30h). Give me some feedback on this. ;-)
2000-09-27 07:14:32 +00:00
$theme->box("Your user information", $output);
Here we go again with a rather large commit: fixed a lot of annoying bugs and boxed whatever there was left to be boxed. * user.class.php: renamed $user->update() to $user->rehash(). * user.class.php: fixed a typical quote-bug in $user->rehash(). * functions.inc: fixed bug in displayOldHeadlines(). * functions.inc: improved several functions. * account.php: fixed major bug in showUser(). * account.php: added some extra words to the human-readable password-generator(tm). * account.php: boxed ALL functions! Fieuw! * submit.php: add some general information and guidlines on how to post submissions. * config.inc: re-thought the categories to be more generic. * submission.php: minor changes * search.pph: fixed minor bug with the author's names. Woops. I have an exam within 4 hours: back to my books. ;-) -------------------------------------------------------------------- * Anyone could check sumbit.php, sumbission.php and faq.php for typoes? * Anyone could adjust calendar.class.php to fit IE? *huh*huh* * Don't be scared to hack along (see below)! I'll be working on the submissions and comments. -------------------------------------------------------------------- Status of drop v0.10: (make the system erational' and release it.) - submissions: submission queue (75% complete) submission moderation (75% complete) - comments: comment moderation ( 0% complete) comment administration ( 0% complete) fixup timestamp mess ( 0% complete) - user system: mail password ( 0% complete) user administation (50% complete) patch admin.php ( 0% complete) account confirmation ( 0% complete) e-mail confimation upon modification of e-mail address ( 0% complete) - proper handling of forms: text2html, html2text html2txt, txt2html (10% complete) bad-word filter (80% complete) automatic link detection ( 0% complete) allowed HTML-tag checker ( 0% complete) - FAQ: cleanup, disclaimer (50% complete) - theme: box everything (100% complete)
2000-06-20 07:33:17 +00:00
$theme->footer();
}
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
elseif ($uname && $account = account_get_user($uname)) {
Changelog --------- - improved the user information page. - improved the story submission page. - fixed comments score bug: '.00' --> 'x.00' - tried fixing the calendar wrapping - UnConeD, is it fixed now? - provided a link back to the submission queue after having voted for a story. - fixed comment subject bug (and security flaw) by replacing quotes by &quot;. - updated theme 'zaphod': fixed 2 bugs. - updated theme 'marvin': fixed 1 bug and improved the layout so things wrap (hopefully) better in Windows. - comments have by default no subject pre-set - if no subject is provided, the user is warned and when a comment eventually got submitted without a subject, a subject is composed using the x first characters of the comment's body. - improved comments on submit.php - corrected a typo in the FAQ. UnConeD ------- - replace 'article.php' by 'discussion.php' - comment() still uses old references to account.php: the parameters you supply to account.php does no longer hold. You have to update those links to the new syntax. - commentcontrol() is outdated - copy paste the one of theme 'marvin' and adjust it to your likings.
2000-10-02 07:32:17 +00:00
$box1 .= "<TABLE BORDER=\"0\" CELLPADDING=\"1\" CELLSPACING=\"1\">\n";
* A set of misc. updates and improvements. * On a side note: Jeroen: I'm feeling somewhat better at the moment so normally it should be OK if you'd stop by tonight (after 19:30h). Give me some feedback on this. ;-)
2000-09-27 07:14:32 +00:00
$box1 .= " <TR><TD ALIGN=\"right\"><B>Username:</B></TD><TD>$account->userid</TD></TR>\n";
A bunch of internal changes: - better organisation of include files - renamed a few function to make more sense - small bugfix in the user account registration - ...
2000-10-21 13:59:27 +00:00
$box1 .= " <TR><TD ALIGN=\"right\"><B>E-mail:</B></TD><TD>". format_email($account->fake_email) ."</TD></TR>\n";
Some ienie-wienie-tiny layout changes I made last night (in presence of Jeroen).
2000-09-28 12:34:44 +00:00
$box1 .= " <TR><TD ALIGN=\"right\"><B>URL:</B></TD><TD>". format_url($account->url) ."</TD></TR>\n";
$box1 .= " <TR><TD ALIGN=\"right\"><B>Bio:</B></TD><TD>". format_data($account->bio) ."</TD></TR>\n";
* A set of misc. updates and improvements. * On a side note: Jeroen: I'm feeling somewhat better at the moment so normally it should be OK if you'd stop by tonight (after 19:30h). Give me some feedback on this. ;-)
2000-09-27 07:14:32 +00:00
$box1 .= "</TABLE>\n";
- fixed bug in search.php - fixed bug in discussion.php - theme update: comment() now takes 3 arguments: $comment - an object with comment data $link - a link to the reply form of that particular comment $thread - the subthread of that particular comment - theme 'marvin' and theme 'zaphod' are updated, theme 'unconed' is left to be done
2000-11-03 07:57:28 +00:00
$result = db_query("SELECT c.cid, c.pid, c.sid, c.subject, c.timestamp, s.subject AS story FROM comments c LEFT JOIN users u ON u.id = c.author LEFT JOIN stories s ON s.id = c.sid WHERE u.userid = '$uname' AND s.status = 2 AND s.timestamp > ". (time() - 1209600) ." ORDER BY cid DESC LIMIT 10");
* A set of misc. updates and improvements. * On a side note: Jeroen: I'm feeling somewhat better at the moment so normally it should be OK if you'd stop by tonight (after 19:30h). Give me some feedback on this. ;-)
2000-09-27 07:14:32 +00:00
while ($comment = db_fetch_object($result)) {
Changelog --------- - improved the user information page. - improved the story submission page. - fixed comments score bug: '.00' --> 'x.00' - tried fixing the calendar wrapping - UnConeD, is it fixed now? - provided a link back to the submission queue after having voted for a story. - fixed comment subject bug (and security flaw) by replacing quotes by &quot;. - updated theme 'zaphod': fixed 2 bugs. - updated theme 'marvin': fixed 1 bug and improved the layout so things wrap (hopefully) better in Windows. - comments have by default no subject pre-set - if no subject is provided, the user is warned and when a comment eventually got submitted without a subject, a subject is composed using the x first characters of the comment's body. - improved comments on submit.php - corrected a typo in the FAQ. UnConeD ------- - replace 'article.php' by 'discussion.php' - comment() still uses old references to account.php: the parameters you supply to account.php does no longer hold. You have to update those links to the new syntax. - commentcontrol() is outdated - copy paste the one of theme 'marvin' and adjust it to your likings.
2000-10-02 07:32:17 +00:00
$box2 .= "<TABLE BORDER=\"0\" CELLPADDING=\"1\" CELLSPACING=\"1\">\n";
- Fixed quote bug in the comment tracker. (suggestion UnConeD) - Added anchors to comment links to easy comment navigation. (suggestion UnConeD) - Fixed duplicate `you voted' after moderating a story. (suggestion UnConeD) - Fixed quote bug in administration center. - Expanded user administration with timezone information. - Improved the theme system by eliminating the "preview" function. Let's not make the system more complex then it ought to be. - Refined watchdog administration. - ...
2000-11-02 09:23:07 +00:00
$box2 .= " <TR><TD ALIGN=\"right\"><B>Comment:</B></TD><TD><A HREF=\"discussion.php?id=$comment->sid&cid=$comment->cid&pid=$comment->pid#$comment->cid\">". check_output($comment->subject) ."</A></TD></TR>\n";
Changelog --------- - improved the user information page. - improved the story submission page. - fixed comments score bug: '.00' --> 'x.00' - tried fixing the calendar wrapping - UnConeD, is it fixed now? - provided a link back to the submission queue after having voted for a story. - fixed comment subject bug (and security flaw) by replacing quotes by &quot;. - updated theme 'zaphod': fixed 2 bugs. - updated theme 'marvin': fixed 1 bug and improved the layout so things wrap (hopefully) better in Windows. - comments have by default no subject pre-set - if no subject is provided, the user is warned and when a comment eventually got submitted without a subject, a subject is composed using the x first characters of the comment's body. - improved comments on submit.php - corrected a typo in the FAQ. UnConeD ------- - replace 'article.php' by 'discussion.php' - comment() still uses old references to account.php: the parameters you supply to account.php does no longer hold. You have to update those links to the new syntax. - commentcontrol() is outdated - copy paste the one of theme 'marvin' and adjust it to your likings.
2000-10-02 07:32:17 +00:00
$box2 .= " <TR><TD ALIGN=\"right\"><B>Date:</B></TD><TD>". format_date($comment->timestamp) ."</TD></TR>\n";
- Fixed quote bug in the comment tracker. (suggestion UnConeD) - Added anchors to comment links to easy comment navigation. (suggestion UnConeD) - Fixed duplicate `you voted' after moderating a story. (suggestion UnConeD) - Fixed quote bug in administration center. - Expanded user administration with timezone information. - Improved the theme system by eliminating the "preview" function. Let's not make the system more complex then it ought to be. - Refined watchdog administration. - ...
2000-11-02 09:23:07 +00:00
$box2 .= " <TR><TD ALIGN=\"right\"><B>Story:</B></TD><TD><A HREF=\"discussion.php?id=$comment->sid\">". check_output($comment->story) ."</A></TD></TR>\n";
Changelog --------- - improved the user information page. - improved the story submission page. - fixed comments score bug: '.00' --> 'x.00' - tried fixing the calendar wrapping - UnConeD, is it fixed now? - provided a link back to the submission queue after having voted for a story. - fixed comment subject bug (and security flaw) by replacing quotes by &quot;. - updated theme 'zaphod': fixed 2 bugs. - updated theme 'marvin': fixed 1 bug and improved the layout so things wrap (hopefully) better in Windows. - comments have by default no subject pre-set - if no subject is provided, the user is warned and when a comment eventually got submitted without a subject, a subject is composed using the x first characters of the comment's body. - improved comments on submit.php - corrected a typo in the FAQ. UnConeD ------- - replace 'article.php' by 'discussion.php' - comment() still uses old references to account.php: the parameters you supply to account.php does no longer hold. You have to update those links to the new syntax. - commentcontrol() is outdated - copy paste the one of theme 'marvin' and adjust it to your likings.
2000-10-02 07:32:17 +00:00
$box2 .= "</TABLE>\n";
$box2 .= "<BR><BR>\n";
* A set of misc. updates and improvements. * On a side note: Jeroen: I'm feeling somewhat better at the moment so normally it should be OK if you'd stop by tonight (after 19:30h). Give me some feedback on this. ;-)
2000-09-27 07:14:32 +00:00
$comments++;
}
Here we go again with a rather large commit: fixed a lot of annoying bugs and boxed whatever there was left to be boxed. * user.class.php: renamed $user->update() to $user->rehash(). * user.class.php: fixed a typical quote-bug in $user->rehash(). * functions.inc: fixed bug in displayOldHeadlines(). * functions.inc: improved several functions. * account.php: fixed major bug in showUser(). * account.php: added some extra words to the human-readable password-generator(tm). * account.php: boxed ALL functions! Fieuw! * submit.php: add some general information and guidlines on how to post submissions. * config.inc: re-thought the categories to be more generic. * submission.php: minor changes * search.pph: fixed minor bug with the author's names. Woops. I have an exam within 4 hours: back to my books. ;-) -------------------------------------------------------------------- * Anyone could check sumbit.php, sumbission.php and faq.php for typoes? * Anyone could adjust calendar.class.php to fit IE? *huh*huh* * Don't be scared to hack along (see below)! I'll be working on the submissions and comments. -------------------------------------------------------------------- Status of drop v0.10: (make the system erational' and release it.) - submissions: submission queue (75% complete) submission moderation (75% complete) - comments: comment moderation ( 0% complete) comment administration ( 0% complete) fixup timestamp mess ( 0% complete) - user system: mail password ( 0% complete) user administation (50% complete) patch admin.php ( 0% complete) account confirmation ( 0% complete) e-mail confimation upon modification of e-mail address ( 0% complete) - proper handling of forms: text2html, html2text html2txt, txt2html (10% complete) bad-word filter (80% complete) automatic link detection ( 0% complete) allowed HTML-tag checker ( 0% complete) - FAQ: cleanup, disclaimer (50% complete) - theme: box everything (100% complete)
2000-06-20 07:33:17 +00:00
* A set of misc. updates and improvements. * On a side note: Jeroen: I'm feeling somewhat better at the moment so normally it should be OK if you'd stop by tonight (after 19:30h). Give me some feedback on this. ;-)
2000-09-27 07:14:32 +00:00
$result = db_query("SELECT d.* FROM diaries d LEFT JOIN users u ON u.id = d.author WHERE u.userid = '$uname' AND d.timestamp > ". (time() - 1209600) ." ORDER BY id DESC LIMIT 2");
while ($diary = db_fetch_object($result)) {
Changelog --------- - improved the user information page. - improved the story submission page. - fixed comments score bug: '.00' --> 'x.00' - tried fixing the calendar wrapping - UnConeD, is it fixed now? - provided a link back to the submission queue after having voted for a story. - fixed comment subject bug (and security flaw) by replacing quotes by &quot;. - updated theme 'zaphod': fixed 2 bugs. - updated theme 'marvin': fixed 1 bug and improved the layout so things wrap (hopefully) better in Windows. - comments have by default no subject pre-set - if no subject is provided, the user is warned and when a comment eventually got submitted without a subject, a subject is composed using the x first characters of the comment's body. - improved comments on submit.php - corrected a typo in the FAQ. UnConeD ------- - replace 'article.php' by 'discussion.php' - comment() still uses old references to account.php: the parameters you supply to account.php does no longer hold. You have to update those links to the new syntax. - commentcontrol() is outdated - copy paste the one of theme 'marvin' and adjust it to your likings.
2000-10-02 07:32:17 +00:00
$box3 .= "<DL><DT><B>". date("l, F jS", $diary->timestamp) .":</B></DT><DD><P>". check_output($diary->text) ."</P><P>[ <A HREF=\"diary.php?op=view&name=$uname\">more</A> ]</P></DD></DL>\n";
* A set of misc. updates and improvements. * On a side note: Jeroen: I'm feeling somewhat better at the moment so normally it should be OK if you'd stop by tonight (after 19:30h). Give me some feedback on this. ;-)
2000-09-27 07:14:32 +00:00
$diaries++;
}
* Update: improved error checking/handling.
2000-07-02 15:00:42 +00:00
### Display account information:
Here we go again with a rather large commit: fixed a lot of annoying bugs and boxed whatever there was left to be boxed. * user.class.php: renamed $user->update() to $user->rehash(). * user.class.php: fixed a typical quote-bug in $user->rehash(). * functions.inc: fixed bug in displayOldHeadlines(). * functions.inc: improved several functions. * account.php: fixed major bug in showUser(). * account.php: added some extra words to the human-readable password-generator(tm). * account.php: boxed ALL functions! Fieuw! * submit.php: add some general information and guidlines on how to post submissions. * config.inc: re-thought the categories to be more generic. * submission.php: minor changes * search.pph: fixed minor bug with the author's names. Woops. I have an exam within 4 hours: back to my books. ;-) -------------------------------------------------------------------- * Anyone could check sumbit.php, sumbission.php and faq.php for typoes? * Anyone could adjust calendar.class.php to fit IE? *huh*huh* * Don't be scared to hack along (see below)! I'll be working on the submissions and comments. -------------------------------------------------------------------- Status of drop v0.10: (make the system erational' and release it.) - submissions: submission queue (75% complete) submission moderation (75% complete) - comments: comment moderation ( 0% complete) comment administration ( 0% complete) fixup timestamp mess ( 0% complete) - user system: mail password ( 0% complete) user administation (50% complete) patch admin.php ( 0% complete) account confirmation ( 0% complete) e-mail confimation upon modification of e-mail address ( 0% complete) - proper handling of forms: text2html, html2text html2txt, txt2html (10% complete) bad-word filter (80% complete) automatic link detection ( 0% complete) allowed HTML-tag checker ( 0% complete) - FAQ: cleanup, disclaimer (50% complete) - theme: box everything (100% complete)
2000-06-20 07:33:17 +00:00
$theme->header();
* A set of misc. updates and improvements. * On a side note: Jeroen: I'm feeling somewhat better at the moment so normally it should be OK if you'd stop by tonight (after 19:30h). Give me some feedback on this. ;-)
2000-09-27 07:14:32 +00:00
if ($box1) $theme->box("User information for $uname", $box1);
if ($box2) $theme->box("$uname has posted ". format_plural($comments, "comment", "comments") ." recently", $box2);
if ($box3) $theme->box("$uname has posted ". format_plural($diaries, "diary entry", "diary entries") ." recently", $box3);
Here we go again with a rather large commit: fixed a lot of annoying bugs and boxed whatever there was left to be boxed. * user.class.php: renamed $user->update() to $user->rehash(). * user.class.php: fixed a typical quote-bug in $user->rehash(). * functions.inc: fixed bug in displayOldHeadlines(). * functions.inc: improved several functions. * account.php: fixed major bug in showUser(). * account.php: added some extra words to the human-readable password-generator(tm). * account.php: boxed ALL functions! Fieuw! * submit.php: add some general information and guidlines on how to post submissions. * config.inc: re-thought the categories to be more generic. * submission.php: minor changes * search.pph: fixed minor bug with the author's names. Woops. I have an exam within 4 hours: back to my books. ;-) -------------------------------------------------------------------- * Anyone could check sumbit.php, sumbission.php and faq.php for typoes? * Anyone could adjust calendar.class.php to fit IE? *huh*huh* * Don't be scared to hack along (see below)! I'll be working on the submissions and comments. -------------------------------------------------------------------- Status of drop v0.10: (make the system erational' and release it.) - submissions: submission queue (75% complete) submission moderation (75% complete) - comments: comment moderation ( 0% complete) comment administration ( 0% complete) fixup timestamp mess ( 0% complete) - user system: mail password ( 0% complete) user administation (50% complete) patch admin.php ( 0% complete) account confirmation ( 0% complete) e-mail confimation upon modification of e-mail address ( 0% complete) - proper handling of forms: text2html, html2text html2txt, txt2html (10% complete) bad-word filter (80% complete) automatic link detection ( 0% complete) allowed HTML-tag checker ( 0% complete) - FAQ: cleanup, disclaimer (50% complete) - theme: box everything (100% complete)
2000-06-20 07:33:17 +00:00
$theme->footer();
}
else {
* Update: improved error checking/handling.
2000-07-02 15:00:42 +00:00
### Display login form:
Here we go again with a rather large commit: fixed a lot of annoying bugs and boxed whatever there was left to be boxed. * user.class.php: renamed $user->update() to $user->rehash(). * user.class.php: fixed a typical quote-bug in $user->rehash(). * functions.inc: fixed bug in displayOldHeadlines(). * functions.inc: improved several functions. * account.php: fixed major bug in showUser(). * account.php: added some extra words to the human-readable password-generator(tm). * account.php: boxed ALL functions! Fieuw! * submit.php: add some general information and guidlines on how to post submissions. * config.inc: re-thought the categories to be more generic. * submission.php: minor changes * search.pph: fixed minor bug with the author's names. Woops. I have an exam within 4 hours: back to my books. ;-) -------------------------------------------------------------------- * Anyone could check sumbit.php, sumbission.php and faq.php for typoes? * Anyone could adjust calendar.class.php to fit IE? *huh*huh* * Don't be scared to hack along (see below)! I'll be working on the submissions and comments. -------------------------------------------------------------------- Status of drop v0.10: (make the system erational' and release it.) - submissions: submission queue (75% complete) submission moderation (75% complete) - comments: comment moderation ( 0% complete) comment administration ( 0% complete) fixup timestamp mess ( 0% complete) - user system: mail password ( 0% complete) user administation (50% complete) patch admin.php ( 0% complete) account confirmation ( 0% complete) e-mail confimation upon modification of e-mail address ( 0% complete) - proper handling of forms: text2html, html2text html2txt, txt2html (10% complete) bad-word filter (80% complete) automatic link detection ( 0% complete) allowed HTML-tag checker ( 0% complete) - FAQ: cleanup, disclaimer (50% complete) - theme: box everything (100% complete)
2000-06-20 07:33:17 +00:00
$theme->header();
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
$theme->box("Login", account_login());
Here we go again with a rather large commit: fixed a lot of annoying bugs and boxed whatever there was left to be boxed. * user.class.php: renamed $user->update() to $user->rehash(). * user.class.php: fixed a typical quote-bug in $user->rehash(). * functions.inc: fixed bug in displayOldHeadlines(). * functions.inc: improved several functions. * account.php: fixed major bug in showUser(). * account.php: added some extra words to the human-readable password-generator(tm). * account.php: boxed ALL functions! Fieuw! * submit.php: add some general information and guidlines on how to post submissions. * config.inc: re-thought the categories to be more generic. * submission.php: minor changes * search.pph: fixed minor bug with the author's names. Woops. I have an exam within 4 hours: back to my books. ;-) -------------------------------------------------------------------- * Anyone could check sumbit.php, sumbission.php and faq.php for typoes? * Anyone could adjust calendar.class.php to fit IE? *huh*huh* * Don't be scared to hack along (see below)! I'll be working on the submissions and comments. -------------------------------------------------------------------- Status of drop v0.10: (make the system erational' and release it.) - submissions: submission queue (75% complete) submission moderation (75% complete) - comments: comment moderation ( 0% complete) comment administration ( 0% complete) fixup timestamp mess ( 0% complete) - user system: mail password ( 0% complete) user administation (50% complete) patch admin.php ( 0% complete) account confirmation ( 0% complete) e-mail confimation upon modification of e-mail address ( 0% complete) - proper handling of forms: text2html, html2text html2txt, txt2html (10% complete) bad-word filter (80% complete) automatic link detection ( 0% complete) allowed HTML-tag checker ( 0% complete) - FAQ: cleanup, disclaimer (50% complete) - theme: box everything (100% complete)
2000-06-20 07:33:17 +00:00
$theme->footer();
Imported sources
2000-05-18 19:52:00 +00:00
}
}
Here we go again with a rather large commit: fixed a lot of annoying bugs and boxed whatever there was left to be boxed. * user.class.php: renamed $user->update() to $user->rehash(). * user.class.php: fixed a typical quote-bug in $user->rehash(). * functions.inc: fixed bug in displayOldHeadlines(). * functions.inc: improved several functions. * account.php: fixed major bug in showUser(). * account.php: added some extra words to the human-readable password-generator(tm). * account.php: boxed ALL functions! Fieuw! * submit.php: add some general information and guidlines on how to post submissions. * config.inc: re-thought the categories to be more generic. * submission.php: minor changes * search.pph: fixed minor bug with the author's names. Woops. I have an exam within 4 hours: back to my books. ;-) -------------------------------------------------------------------- * Anyone could check sumbit.php, sumbission.php and faq.php for typoes? * Anyone could adjust calendar.class.php to fit IE? *huh*huh* * Don't be scared to hack along (see below)! I'll be working on the submissions and comments. -------------------------------------------------------------------- Status of drop v0.10: (make the system erational' and release it.) - submissions: submission queue (75% complete) submission moderation (75% complete) - comments: comment moderation ( 0% complete) comment administration ( 0% complete) fixup timestamp mess ( 0% complete) - user system: mail password ( 0% complete) user administation (50% complete) patch admin.php ( 0% complete) account confirmation ( 0% complete) e-mail confimation upon modification of e-mail address ( 0% complete) - proper handling of forms: text2html, html2text html2txt, txt2html (10% complete) bad-word filter (80% complete) automatic link detection ( 0% complete) allowed HTML-tag checker ( 0% complete) - FAQ: cleanup, disclaimer (50% complete) - theme: box everything (100% complete)
2000-06-20 07:33:17 +00:00
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
function account_validate($user) {
include "includes/ban.inc";
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
### Verify username and e-mail address:
$user[userid] = trim($user[userid]);
if (empty($user[real_email]) || (!eregi("^[_\.0-9a-z-]+@([0-9a-z][0-9a-z-]+\.)+[a-z]{2,3}$", $user[real_email]))) $error .= "<LI>the specified e-mail address is not valid.</LI>\n";
if (empty($user[userid]) || (ereg("[^a-zA-Z0-9_-]", $user[userid]))) $error .= "<LI>the specified username is not valid.</LI>\n";
if (strlen($user[userid]) > 15) $error .= "<LI>the specified username is too long: it must be less than 15 characters.</LI>\n";
### Check to see whether the username or e-mail address are banned:
if ($ban = ban_match($user[userid], $type2index[usernames])) $error .= "<LI>the specified username is banned for the following reason: <I>$ban->reason</I>.</LI>\n";
if ($ban = ban_match($user[real_email], $type2index[addresses])) $error .= "<LI>the specified e-mail address is banned for the following reason: <I>$ban->reason</I>.</LI>\n";
### Verify whether username and e-mail address are unique:
if (db_num_rows(db_query("SELECT userid FROM users WHERE LOWER(userid) = LOWER('$user[userid]')")) > 0) $error .= "<LI>the specified username is already taken.</LI>\n";
if (db_num_rows(db_query("SELECT real_email FROM users WHERE LOWER(real_email)=LOWER('$user[real_email]')")) > 0) $error .= "<LI>the specified e-mail address is already registered.</LI>\n";
return $error;
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
}
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
function account_register_enter($user = "", $error = "") {
* fixed theme bug reported by Philippe Verbeeck.
2000-09-11 13:09:06 +00:00
global $theme;
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
if ($error) $output .= "<B><FONT COLOR=\"red\">Failed to register.</FONT>$error</B>\n";
else $output .= "<P>Registering allows you to comment on stories, to moderate comments and pending stories, to maintain an online diary, to customize the look and feel of the site and generally helps you interact with the site more efficiently.</P><P>To create an account, simply fill out this form an click the `Register' button below. An e-mail will then be sent to you with instructions on how to validate your account.</P>\n";
$output .= "<FORM ACTION=\"account.php\" METHOD=\"post\">\n";
$output .= "<P>\n";
$output .= " <B>Username:</B><BR>\n";
$output .= " <INPUT NAME=\"new[userid]\" VALUE=\"$new[userid]\"><BR>\n";
This significant commit fixes 99% of all known bugs and improves drop.org by means of better security checks in order to avoid malicious behavior. In addition, quite some code has been fine-tuned. However, as a result, every theme will require a small update ...
2000-10-24 07:24:24 +00:00
$output .= " <SMALL><I>Enter your desired username: only letters, numbers and common special characters are allowed.</I></SMALL><BR>\n";
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
$output .= "</P>\n";
$output .= "<P>\n";
$output .= " <B>E-mail address:</B><BR>\n";
$output .= " <INPUT NAME=\"new[real_email]\" VALUE=\"$new[real_email]\"><BR>\n";
$output .= " <SMALL><I>You will be sent instructions on how to validate your account via this e-mail address - please make sure it is accurate.</I></SMALL><BR>\n";
$output .= "</P>\n";
$output .= "<P>\n";
$output .= " <INPUT NAME=\"op\" TYPE=\"submit\" VALUE=\"Register\">\n";
$output .= "</P>\n";
Here we go again with a rather large commit: fixed a lot of annoying bugs and boxed whatever there was left to be boxed. * user.class.php: renamed $user->update() to $user->rehash(). * user.class.php: fixed a typical quote-bug in $user->rehash(). * functions.inc: fixed bug in displayOldHeadlines(). * functions.inc: improved several functions. * account.php: fixed major bug in showUser(). * account.php: added some extra words to the human-readable password-generator(tm). * account.php: boxed ALL functions! Fieuw! * submit.php: add some general information and guidlines on how to post submissions. * config.inc: re-thought the categories to be more generic. * submission.php: minor changes * search.pph: fixed minor bug with the author's names. Woops. I have an exam within 4 hours: back to my books. ;-) -------------------------------------------------------------------- * Anyone could check sumbit.php, sumbission.php and faq.php for typoes? * Anyone could adjust calendar.class.php to fit IE? *huh*huh* * Don't be scared to hack along (see below)! I'll be working on the submissions and comments. -------------------------------------------------------------------- Status of drop v0.10: (make the system erational' and release it.) - submissions: submission queue (75% complete) submission moderation (75% complete) - comments: comment moderation ( 0% complete) comment administration ( 0% complete) fixup timestamp mess ( 0% complete) - user system: mail password ( 0% complete) user administation (50% complete) patch admin.php ( 0% complete) account confirmation ( 0% complete) e-mail confimation upon modification of e-mail address ( 0% complete) - proper handling of forms: text2html, html2text html2txt, txt2html (10% complete) bad-word filter (80% complete) automatic link detection ( 0% complete) allowed HTML-tag checker ( 0% complete) - FAQ: cleanup, disclaimer (50% complete) - theme: box everything (100% complete)
2000-06-20 07:33:17 +00:00
$output .= "</FORM>\n";
Imported sources
2000-05-18 19:52:00 +00:00
$theme->header();
Here we go again with a rather large commit: fixed a lot of annoying bugs and boxed whatever there was left to be boxed. * user.class.php: renamed $user->update() to $user->rehash(). * user.class.php: fixed a typical quote-bug in $user->rehash(). * functions.inc: fixed bug in displayOldHeadlines(). * functions.inc: improved several functions. * account.php: fixed major bug in showUser(). * account.php: added some extra words to the human-readable password-generator(tm). * account.php: boxed ALL functions! Fieuw! * submit.php: add some general information and guidlines on how to post submissions. * config.inc: re-thought the categories to be more generic. * submission.php: minor changes * search.pph: fixed minor bug with the author's names. Woops. I have an exam within 4 hours: back to my books. ;-) -------------------------------------------------------------------- * Anyone could check sumbit.php, sumbission.php and faq.php for typoes? * Anyone could adjust calendar.class.php to fit IE? *huh*huh* * Don't be scared to hack along (see below)! I'll be working on the submissions and comments. -------------------------------------------------------------------- Status of drop v0.10: (make the system erational' and release it.) - submissions: submission queue (75% complete) submission moderation (75% complete) - comments: comment moderation ( 0% complete) comment administration ( 0% complete) fixup timestamp mess ( 0% complete) - user system: mail password ( 0% complete) user administation (50% complete) patch admin.php ( 0% complete) account confirmation ( 0% complete) e-mail confimation upon modification of e-mail address ( 0% complete) - proper handling of forms: text2html, html2text html2txt, txt2html (10% complete) bad-word filter (80% complete) automatic link detection ( 0% complete) allowed HTML-tag checker ( 0% complete) - FAQ: cleanup, disclaimer (50% complete) - theme: box everything (100% complete)
2000-06-20 07:33:17 +00:00
$theme->box("Register as new user", $output);
Imported sources
2000-05-18 19:52:00 +00:00
$theme->footer();
}
Here we go again with a rather large commit: fixed a lot of annoying bugs and boxed whatever there was left to be boxed. * user.class.php: renamed $user->update() to $user->rehash(). * user.class.php: fixed a typical quote-bug in $user->rehash(). * functions.inc: fixed bug in displayOldHeadlines(). * functions.inc: improved several functions. * account.php: fixed major bug in showUser(). * account.php: added some extra words to the human-readable password-generator(tm). * account.php: boxed ALL functions! Fieuw! * submit.php: add some general information and guidlines on how to post submissions. * config.inc: re-thought the categories to be more generic. * submission.php: minor changes * search.pph: fixed minor bug with the author's names. Woops. I have an exam within 4 hours: back to my books. ;-) -------------------------------------------------------------------- * Anyone could check sumbit.php, sumbission.php and faq.php for typoes? * Anyone could adjust calendar.class.php to fit IE? *huh*huh* * Don't be scared to hack along (see below)! I'll be working on the submissions and comments. -------------------------------------------------------------------- Status of drop v0.10: (make the system erational' and release it.) - submissions: submission queue (75% complete) submission moderation (75% complete) - comments: comment moderation ( 0% complete) comment administration ( 0% complete) fixup timestamp mess ( 0% complete) - user system: mail password ( 0% complete) user administation (50% complete) patch admin.php ( 0% complete) account confirmation ( 0% complete) e-mail confimation upon modification of e-mail address ( 0% complete) - proper handling of forms: text2html, html2text html2txt, txt2html (10% complete) bad-word filter (80% complete) automatic link detection ( 0% complete) allowed HTML-tag checker ( 0% complete) - FAQ: cleanup, disclaimer (50% complete) - theme: box everything (100% complete)
2000-06-20 07:33:17 +00:00
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
function account_register_submit($new) {
Another batch with a lot of internal updates, yet no visual changes to the site: - watchdog (rewrite): + the collected information provides more details and insights for post-mortem research + input limitation - database abstraction layer: + mysql errors are now verbose and is no longer displayed in a browser - fixes a possible security risk - admin.php: + updated watchdog page + fixed security flaw - diary.php: + fixed nl2br problem - themes: + fixed comment bug in all 3 themes. - misc: + renamed some global variables for sake of consistency: $sitename --> $site_name $siteurl --> $site_url + added input check where (a) exploitable and (b) possible + added input size check + various small improvements + fixed various typoes ... and much, much more in fact.
2000-11-13 08:17:45 +00:00
global $theme, $mail, $site_name, $site_url;
* fixed the login problem
2000-10-25 11:23:29 +00:00
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
if ($rval = account_validate($new)) {
account_register_enter($new, "$rval");
}
else {
$new[passwd] = account_password();
$new[status] = 1;
$new[hash] = substr(md5("$new[userid]. ". time() .""), 0, 12);
* Implemented ban-capabilities, a first step towards an admin-friendly user system: - you can add and remove wild-carded e-mails from the banlist. - you can add and remove wild-carded hostnames from the banlist. - you can add and remove wild-carded usernames from the banlist. - you can add and remove wild-carded profanity from the banlist. - you can browse all bans according to their category: see ban.php.
2000-06-10 18:58:41 +00:00
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
user_save($new);
Imported sources
2000-05-18 19:52:00 +00:00
Another batch with a lot of internal updates, yet no visual changes to the site: - watchdog (rewrite): + the collected information provides more details and insights for post-mortem research + input limitation - database abstraction layer: + mysql errors are now verbose and is no longer displayed in a browser - fixes a possible security risk - admin.php: + updated watchdog page + fixed security flaw - diary.php: + fixed nl2br problem - themes: + fixed comment bug in all 3 themes. - misc: + renamed some global variables for sake of consistency: $sitename --> $site_name $siteurl --> $site_url + added input check where (a) exploitable and (b) possible + added input size check + various small improvements + fixed various typoes ... and much, much more in fact.
2000-11-13 08:17:45 +00:00
$link = $site_url ."account.php?op=confirm&name=$new[userid]&hash=$new[hash]";
$message = "$new[userid],\n\n\nsomeone signed up for a user account on $site_name and supplied this email address as their contact. If it wasn't you, don't get your panties in a knot and simply ignore this mail.\n\nIf this was you, you have to activate your account first before you can login. You can do so simply by visiting the URL below:\n\n $link\n\nVisiting this URL will automatically activate your account. Once activated you can login using the following information:\n\n username: $new[userid]\n password: $new[passwd]\n\n\n-- $site_name crew\n";
A bunch of internal changes: - better organisation of include files - renamed a few function to make more sense - small bugfix in the user account registration - ...
2000-10-21 13:59:27 +00:00
Another batch with a lot of internal updates, yet no visual changes to the site: - watchdog (rewrite): + the collected information provides more details and insights for post-mortem research + input limitation - database abstraction layer: + mysql errors are now verbose and is no longer displayed in a browser - fixes a possible security risk - admin.php: + updated watchdog page + fixed security flaw - diary.php: + fixed nl2br problem - themes: + fixed comment bug in all 3 themes. - misc: + renamed some global variables for sake of consistency: $sitename --> $site_name $siteurl --> $site_url + added input check where (a) exploitable and (b) possible + added input size check + various small improvements + fixed various typoes ... and much, much more in fact.
2000-11-13 08:17:45 +00:00
mail($new[real_email], "Account details for $site_name", $message, "From: noreply@$site_url");
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
Another batch with a lot of internal updates, yet no visual changes to the site: - watchdog (rewrite): + the collected information provides more details and insights for post-mortem research + input limitation - database abstraction layer: + mysql errors are now verbose and is no longer displayed in a browser - fixes a possible security risk - admin.php: + updated watchdog page + fixed security flaw - diary.php: + fixed nl2br problem - themes: + fixed comment bug in all 3 themes. - misc: + renamed some global variables for sake of consistency: $sitename --> $site_name $siteurl --> $site_url + added input check where (a) exploitable and (b) possible + added input size check + various small improvements + fixed various typoes ... and much, much more in fact.
2000-11-13 08:17:45 +00:00
watchdog("message", "new user `$new[userid]' &lt;$new[real_email]&gt;");
* Update: improved error checking/handling.
2000-07-02 15:00:42 +00:00
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
$theme->header();
$theme->box("Account details", "Congratulations! Your member account has been sucessfully created and further instructions on how to activate your account have been sent to your e-mail address.");
$theme->footer();
}
}
function account_register_confirm($name, $hash) {
global $theme;
$result = db_query("SELECT userid, hash, status FROM users WHERE userid = '$name'");
if ($account = db_fetch_object($result)) {
if ($account->status == 1) {
if ($account->hash == $hash) {
db_query("UPDATE users SET status = 2, hash = '' WHERE userid = '$name'");
$output .= "Your account has been sucessfully confirmed. You can click <A HREF=\"account.php?op=login\">here</A> to login.\n";
Another batch with a lot of internal updates, yet no visual changes to the site: - watchdog (rewrite): + the collected information provides more details and insights for post-mortem research + input limitation - database abstraction layer: + mysql errors are now verbose and is no longer displayed in a browser - fixes a possible security risk - admin.php: + updated watchdog page + fixed security flaw - diary.php: + fixed nl2br problem - themes: + fixed comment bug in all 3 themes. - misc: + renamed some global variables for sake of consistency: $sitename --> $site_name $siteurl --> $site_url + added input check where (a) exploitable and (b) possible + added input size check + various small improvements + fixed various typoes ... and much, much more in fact.
2000-11-13 08:17:45 +00:00
watchdog("message", "$name: account confirmation sucessful");
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
}
else {
$output .= "Confirmation failed: invalid confirmation hash.\n";
Another batch with a lot of internal updates, yet no visual changes to the site: - watchdog (rewrite): + the collected information provides more details and insights for post-mortem research + input limitation - database abstraction layer: + mysql errors are now verbose and is no longer displayed in a browser - fixes a possible security risk - admin.php: + updated watchdog page + fixed security flaw - diary.php: + fixed nl2br problem - themes: + fixed comment bug in all 3 themes. - misc: + renamed some global variables for sake of consistency: $sitename --> $site_name $siteurl --> $site_url + added input check where (a) exploitable and (b) possible + added input size check + various small improvements + fixed various typoes ... and much, much more in fact.
2000-11-13 08:17:45 +00:00
watchdog("error", "$name: invalid confirmation hash");
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
}
}
else {
$output .= "Confirmation failed: your account has already been confirmed. You can click <A HREF=\"account.php?op=login\">here</A> to login.\n";
Another batch with a lot of internal updates, yet no visual changes to the site: - watchdog (rewrite): + the collected information provides more details and insights for post-mortem research + input limitation - database abstraction layer: + mysql errors are now verbose and is no longer displayed in a browser - fixes a possible security risk - admin.php: + updated watchdog page + fixed security flaw - diary.php: + fixed nl2br problem - themes: + fixed comment bug in all 3 themes. - misc: + renamed some global variables for sake of consistency: $sitename --> $site_name $siteurl --> $site_url + added input check where (a) exploitable and (b) possible + added input size check + various small improvements + fixed various typoes ... and much, much more in fact.
2000-11-13 08:17:45 +00:00
watchdog("error", "$name: attempt to re-confirm account");
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
}
}
else {
$output .= "Confirmation failed: no such account found.<BR>";
Another batch with a lot of internal updates, yet no visual changes to the site: - watchdog (rewrite): + the collected information provides more details and insights for post-mortem research + input limitation - database abstraction layer: + mysql errors are now verbose and is no longer displayed in a browser - fixes a possible security risk - admin.php: + updated watchdog page + fixed security flaw - diary.php: + fixed nl2br problem - themes: + fixed comment bug in all 3 themes. - misc: + renamed some global variables for sake of consistency: $sitename --> $site_name $siteurl --> $site_url + added input check where (a) exploitable and (b) possible + added input size check + various small improvements + fixed various typoes ... and much, much more in fact.
2000-11-13 08:17:45 +00:00
watchdog("error", "$name: attempt to confirm non-existing account");
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
}
$theme->header();
$theme->box("Account confirmation", $output);
$theme->footer();
Imported sources
2000-05-18 19:52:00 +00:00
}
Here we go again with a rather large commit: fixed a lot of annoying bugs and boxed whatever there was left to be boxed. * user.class.php: renamed $user->update() to $user->rehash(). * user.class.php: fixed a typical quote-bug in $user->rehash(). * functions.inc: fixed bug in displayOldHeadlines(). * functions.inc: improved several functions. * account.php: fixed major bug in showUser(). * account.php: added some extra words to the human-readable password-generator(tm). * account.php: boxed ALL functions! Fieuw! * submit.php: add some general information and guidlines on how to post submissions. * config.inc: re-thought the categories to be more generic. * submission.php: minor changes * search.pph: fixed minor bug with the author's names. Woops. I have an exam within 4 hours: back to my books. ;-) -------------------------------------------------------------------- * Anyone could check sumbit.php, sumbission.php and faq.php for typoes? * Anyone could adjust calendar.class.php to fit IE? *huh*huh* * Don't be scared to hack along (see below)! I'll be working on the submissions and comments. -------------------------------------------------------------------- Status of drop v0.10: (make the system erational' and release it.) - submissions: submission queue (75% complete) submission moderation (75% complete) - comments: comment moderation ( 0% complete) comment administration ( 0% complete) fixup timestamp mess ( 0% complete) - user system: mail password ( 0% complete) user administation (50% complete) patch admin.php ( 0% complete) account confirmation ( 0% complete) e-mail confimation upon modification of e-mail address ( 0% complete) - proper handling of forms: text2html, html2text html2txt, txt2html (10% complete) bad-word filter (80% complete) automatic link detection ( 0% complete) allowed HTML-tag checker ( 0% complete) - FAQ: cleanup, disclaimer (50% complete) - theme: box everything (100% complete)
2000-06-20 07:33:17 +00:00
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
function account_password($min_length=6) {
Hopefully this will not break anything *prays* ;)
2000-06-02 18:36:14 +00:00
mt_srand((double)microtime() * 1000000);
* Update: improved error checking/handling.
2000-07-02 15:00:42 +00:00
$words = array("foo","bar","guy","neo","tux","moo","sun","asm","dot","god","axe","geek","nerd","fish","hack","star","mice","warp","moon","hero","cola","girl","fish","java","perl","boss","dark","sith","jedi","drop","mojo");
* Implemented ban-capabilities, a first step towards an admin-friendly user system: - you can add and remove wild-carded e-mails from the banlist. - you can add and remove wild-carded hostnames from the banlist. - you can add and remove wild-carded usernames from the banlist. - you can add and remove wild-carded profanity from the banlist. - you can browse all bans according to their category: see ban.php.
2000-06-10 18:58:41 +00:00
while(strlen($password) < $min_length) $password .= $words[mt_rand(0, count($words))];
Hopefully this will not break anything *prays* ;)
2000-06-02 18:36:14 +00:00
return $password;
Imported sources
2000-05-18 19:52:00 +00:00
}
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
function account_comments() {
global $theme, $user;
A really BIG, BIG UPDATE, after two straight days of nothing but code and sleep, new stuff is finally in drop.org. This is a quite large and wide-ranging update, which affects almost all of the system files in one way or another. I fixed quite a lot of bugs and added quite a lot of new features, mostly administrative tools as these were really lacking. It's far from finished but it's a start ...
2000-09-04 16:14:46 +00:00
- Fixed quote bug in the comment tracker. (suggestion UnConeD) - Added anchors to comment links to easy comment navigation. (suggestion UnConeD) - Fixed duplicate `you voted' after moderating a story. (suggestion UnConeD) - Fixed quote bug in administration center. - Expanded user administration with timezone information. - Improved the theme system by eliminating the "preview" function. Let's not make the system more complex then it ought to be. - Refined watchdog administration. - ...
2000-11-02 09:23:07 +00:00
$info = "<P>This page might be helpful in case you want to keep track of your recent comments in any of the current discussions. You are presented an overview of your comments in each of the stories you participated in along with the number of replies each comment got.\n<P>\n";
A really BIG, BIG UPDATE, after two straight days of nothing but code and sleep, new stuff is finally in drop.org. This is a quite large and wide-ranging update, which affects almost all of the system files in one way or another. I fixed quite a lot of bugs and added quite a lot of new features, mostly administrative tools as these were really lacking. It's far from finished but it's a start ...
2000-09-04 16:14:46 +00:00
$sresult = db_query("SELECT s.id, s.subject, COUNT(s.id) as count FROM comments c LEFT JOIN stories s ON c.sid = s.id WHERE c.author = $user->id GROUP BY s.id DESC LIMIT 5");
while ($story = db_fetch_object($sresult)) {
- Fixed quote bug in the comment tracker. (suggestion UnConeD) - Added anchors to comment links to easy comment navigation. (suggestion UnConeD) - Fixed duplicate `you voted' after moderating a story. (suggestion UnConeD) - Fixed quote bug in administration center. - Expanded user administration with timezone information. - Improved the theme system by eliminating the "preview" function. Let's not make the system more complex then it ought to be. - Refined watchdog administration. - ...
2000-11-02 09:23:07 +00:00
$output .= "<LI>". format_plural($story->count, comment, comments) ." in story `<A HREF=\"discussion.php?id=$story->id\">". check_output($story->subject) ."</A>`:</LI>\n";
A really BIG, BIG UPDATE, after two straight days of nothing but code and sleep, new stuff is finally in drop.org. This is a quite large and wide-ranging update, which affects almost all of the system files in one way or another. I fixed quite a lot of bugs and added quite a lot of new features, mostly administrative tools as these were really lacking. It's far from finished but it's a start ...
2000-09-04 16:14:46 +00:00
$output .= " <UL>\n";
$cresult = db_query("SELECT * FROM comments WHERE author = $user->id AND sid = $story->id");
while ($comment = db_fetch_object($cresult)) {
- Fixed quote bug in the comment tracker. (suggestion UnConeD) - Added anchors to comment links to easy comment navigation. (suggestion UnConeD) - Fixed duplicate `you voted' after moderating a story. (suggestion UnConeD) - Fixed quote bug in administration center. - Expanded user administration with timezone information. - Improved the theme system by eliminating the "preview" function. Let's not make the system more complex then it ought to be. - Refined watchdog administration. - ...
2000-11-02 09:23:07 +00:00
$output .= " <LI><A HREF=\"discussion.php?id=$story->id&cid=$comment->cid&pid=$comment->pid#$comment->cid\">". check_output($comment->subject) ."</A> (<B>". format_plural(discussion_num_replies($comment->cid), "reply", "replies") ."</B>)</LI>\n";
A really BIG, BIG UPDATE, after two straight days of nothing but code and sleep, new stuff is finally in drop.org. This is a quite large and wide-ranging update, which affects almost all of the system files in one way or another. I fixed quite a lot of bugs and added quite a lot of new features, mostly administrative tools as these were really lacking. It's far from finished but it's a start ...
2000-09-04 16:14:46 +00:00
}
$output .= " </UL>\n";
}
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
$output = ($output) ? "$info $output" : "$info <CENTER><B>You have not posted any comments recently.</B></CENTER>\n";
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
$theme->header();
$theme->box("Track your comments", $output);
$theme->footer();
A really BIG, BIG UPDATE, after two straight days of nothing but code and sleep, new stuff is finally in drop.org. This is a quite large and wide-ranging update, which affects almost all of the system files in one way or another. I fixed quite a lot of bugs and added quite a lot of new features, mostly administrative tools as these were really lacking. It's far from finished but it's a start ...
2000-09-04 16:14:46 +00:00
}
Another batch with a lot of internal updates, yet no visual changes to the site: - watchdog (rewrite): + the collected information provides more details and insights for post-mortem research + input limitation - database abstraction layer: + mysql errors are now verbose and is no longer displayed in a browser - fixes a possible security risk - admin.php: + updated watchdog page + fixed security flaw - diary.php: + fixed nl2br problem - themes: + fixed comment bug in all 3 themes. - misc: + renamed some global variables for sake of consistency: $sitename --> $site_name $siteurl --> $site_url + added input check where (a) exploitable and (b) possible + added input size check + various small improvements + fixed various typoes ... and much, much more in fact.
2000-11-13 08:17:45 +00:00
### Security check:
if (strstr($name, " ") || strstr($hash, " ")) {
watchdog("error", "account: attempt to provide malicious input through URI");
exit();
}
Blah. Didnt save this one before commiting the last fix. Some day I will get this right.
2000-06-02 21:28:27 +00:00
switch ($op) {
Imported sources
2000-05-18 19:52:00 +00:00
case "Login":
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
account_session_start($userid, $passwd);
header("Location: account.php?op=info");
Imported sources
2000-05-18 19:52:00 +00:00
break;
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
case "register":
account_register_enter();
break;
case "confirm":
account_register_confirm($name, $hash);
break;
case "Register":
account_register_submit($new);
Imported sources
2000-05-18 19:52:00 +00:00
break;
Over the last 2 days I redid and reorganized an afwul lot of code and made quite a lot of additions. The most remarkable addition is the diary server, which I slapped together in less then 40 minutes. Most of the other changes are however `unvisible' for the user but add much value to a better maintainability from a developer's objective. Like always, I fixed quite a number of small bugs that creeped into the code so we should have a bigger, better and more stable drop.org. Unfortunatly, some theme update _are_ required: REQUIRED THEME UPDATES: ======================= * use format_username() where usernames are used * use format_date() where timestamps/dates are used * use format_email() where e-mail addresses are displayed * use format_url() where url are displayed * replace 'formatTimestamp' with format_date * replace 'morelink_*' with 'display_morelink' [most of these functions are in function.inc or template.inc] ___PLEASE___ (<- this should get your attention ;) update your themes as soon as possible - it only takes 30 min. to get in sync with the other themes. Don't start whining about the fact you don't know what to change ... either eat the source cookie, or ask me to elaborate on a few changes. Just let me know what's puzzling you and I'll try to help you out! TODO LIST FOR NEXT WEEK ======================= * Add checks for max. text length in textarea's? Is there an HMTL attribute for this or ...? * Comment moderation + mojo * Edit/admin user accounts: block, delete, change permissions, ... * E-mail password, change password, change e-mail address -> extra checks and routines to validate such `special' changes. * Input checking - input filter: bad words, html tags, ...
2000-09-11 07:45:22 +00:00
case "view":
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
account_user($name);
Here we go again with a rather large commit: fixed a lot of annoying bugs and boxed whatever there was left to be boxed. * user.class.php: renamed $user->update() to $user->rehash(). * user.class.php: fixed a typical quote-bug in $user->rehash(). * functions.inc: fixed bug in displayOldHeadlines(). * functions.inc: improved several functions. * account.php: fixed major bug in showUser(). * account.php: added some extra words to the human-readable password-generator(tm). * account.php: boxed ALL functions! Fieuw! * submit.php: add some general information and guidlines on how to post submissions. * config.inc: re-thought the categories to be more generic. * submission.php: minor changes * search.pph: fixed minor bug with the author's names. Woops. I have an exam within 4 hours: back to my books. ;-) -------------------------------------------------------------------- * Anyone could check sumbit.php, sumbission.php and faq.php for typoes? * Anyone could adjust calendar.class.php to fit IE? *huh*huh* * Don't be scared to hack along (see below)! I'll be working on the submissions and comments. -------------------------------------------------------------------- Status of drop v0.10: (make the system erational' and release it.) - submissions: submission queue (75% complete) submission moderation (75% complete) - comments: comment moderation ( 0% complete) comment administration ( 0% complete) fixup timestamp mess ( 0% complete) - user system: mail password ( 0% complete) user administation (50% complete) patch admin.php ( 0% complete) account confirmation ( 0% complete) e-mail confimation upon modification of e-mail address ( 0% complete) - proper handling of forms: text2html, html2text html2txt, txt2html (10% complete) bad-word filter (80% complete) automatic link detection ( 0% complete) allowed HTML-tag checker ( 0% complete) - FAQ: cleanup, disclaimer (50% complete) - theme: box everything (100% complete)
2000-06-20 07:33:17 +00:00
break;
... and the winner is ... (finally got it to work)
2000-10-04 10:36:47 +00:00
case "info":
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
account_user($user->userid);
... and the winner is ... (finally got it to work)
2000-10-04 10:36:47 +00:00
break;
A really BIG, BIG UPDATE, after two straight days of nothing but code and sleep, new stuff is finally in drop.org. This is a quite large and wide-ranging update, which affects almost all of the system files in one way or another. I fixed quite a lot of bugs and added quite a lot of new features, mostly administrative tools as these were really lacking. It's far from finished but it's a start ...
2000-09-04 16:14:46 +00:00
case "discussion":
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
account_comments();
A really BIG, BIG UPDATE, after two straight days of nothing but code and sleep, new stuff is finally in drop.org. This is a quite large and wide-ranging update, which affects almost all of the system files in one way or another. I fixed quite a lot of bugs and added quite a lot of new features, mostly administrative tools as these were really lacking. It's far from finished but it's a start ...
2000-09-04 16:14:46 +00:00
break;
Bugfixes
2000-06-02 18:46:08 +00:00
case "logout":
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
account_session_close();
header("Location: account.php");
Imported sources
2000-05-18 19:52:00 +00:00
break;
Hopefully this will not break anything *prays* ;)
2000-06-02 18:36:14 +00:00
case "Register":
A big, fat commit with a shitload of internal changes. Not that much visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
2000-10-19 13:31:23 +00:00
account_register_submit($new);
Imported sources
2000-05-18 19:52:00 +00:00
break;
Updates: -------- * URI/URL enhancements to make the URLs more comprehensive and shorter. * Fixed a bug in submit.php that slipped in during the latest commit. * Changed a few tidbits on the calendar. * Fixed a bug in most themes: $tid --> $cid COUNT(tid) --> COUNT(cid) Updated most themes except for UnConeD's. * Fixed a handful of problems with Jeroen's theme. However, Jeroen's theme is still not working yet - some features are completly missing, making the theme not very useful ... Any known bugs left? If not, I'll head on tonight and add some new features. I'll probably add basic admin tools to edit articles and such. Once done, we can start on the comment moderation.
2000-07-13 07:21:57 +00:00
case "user":
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
account_user_edit();
Imported sources
2000-05-18 19:52:00 +00:00
break;
Updates: -------- * URI/URL enhancements to make the URLs more comprehensive and shorter. * Fixed a bug in submit.php that slipped in during the latest commit. * Changed a few tidbits on the calendar. * Fixed a bug in most themes: $tid --> $cid COUNT(tid) --> COUNT(cid) Updated most themes except for UnConeD's. * Fixed a handful of problems with Jeroen's theme. However, Jeroen's theme is still not working yet - some features are completly missing, making the theme not very useful ... Any known bugs left? If not, I'll head on tonight and add some new features. I'll probably add basic admin tools to edit articles and such. Once done, we can start on the comment moderation.
2000-07-13 07:21:57 +00:00
case "page":
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
account_page_edit();
Imported sources
2000-05-18 19:52:00 +00:00
break;
Hopefully this will not break anything *prays* ;)
2000-06-02 18:36:14 +00:00
case "Save user information":
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
account_user_save($edit);
account_user($user->userid);
Imported sources
2000-05-18 19:52:00 +00:00
break;
Hopefully this will not break anything *prays* ;)
2000-06-02 18:36:14 +00:00
case "Save page settings":
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
account_page_save($edit);
... and the winner is ... (finally got it to work)
2000-10-04 10:36:47 +00:00
header("Location: account.php?op=info");
Imported sources
2000-05-18 19:52:00 +00:00
break;
Here we go again with a rather large commit: fixed a lot of annoying bugs and boxed whatever there was left to be boxed. * user.class.php: renamed $user->update() to $user->rehash(). * user.class.php: fixed a typical quote-bug in $user->rehash(). * functions.inc: fixed bug in displayOldHeadlines(). * functions.inc: improved several functions. * account.php: fixed major bug in showUser(). * account.php: added some extra words to the human-readable password-generator(tm). * account.php: boxed ALL functions! Fieuw! * submit.php: add some general information and guidlines on how to post submissions. * config.inc: re-thought the categories to be more generic. * submission.php: minor changes * search.pph: fixed minor bug with the author's names. Woops. I have an exam within 4 hours: back to my books. ;-) -------------------------------------------------------------------- * Anyone could check sumbit.php, sumbission.php and faq.php for typoes? * Anyone could adjust calendar.class.php to fit IE? *huh*huh* * Don't be scared to hack along (see below)! I'll be working on the submissions and comments. -------------------------------------------------------------------- Status of drop v0.10: (make the system erational' and release it.) - submissions: submission queue (75% complete) submission moderation (75% complete) - comments: comment moderation ( 0% complete) comment administration ( 0% complete) fixup timestamp mess ( 0% complete) - user system: mail password ( 0% complete) user administation (50% complete) patch admin.php ( 0% complete) account confirmation ( 0% complete) e-mail confimation upon modification of e-mail address ( 0% complete) - proper handling of forms: text2html, html2text html2txt, txt2html (10% complete) bad-word filter (80% complete) automatic link detection ( 0% complete) allowed HTML-tag checker ( 0% complete) - FAQ: cleanup, disclaimer (50% complete) - theme: box everything (100% complete)
2000-06-20 07:33:17 +00:00
default:
A lot of (non-visual) updates!
2000-10-10 10:51:00 +00:00
account_user($user->userid);
Imported sources
2000-05-18 19:52:00 +00:00
}
* Added more and better error checking which should fix 'potential' bugs or weird behavior in case something goes wrong. We aim for something that is rock-solid, right? :-)
2000-07-02 15:26:10 +00:00
- fixed bug in search.php - fixed bug in discussion.php - theme update: comment() now takes 3 arguments: $comment - an object with comment data $link - a link to the reply form of that particular comment $thread - the subthread of that particular comment - theme 'marvin' and theme 'zaphod' are updated, theme 'unconed' is left to be done
2000-11-03 07:57:28 +00:00
?>