# HG changeset patch # User Dan # Date 1201666544 18000 # Node ID 85f91037cd4ff3fc98ac53796557002d2bfdaac1 # Parent 9bcc185dc1519fbd92e14b276fe496aac1bbc2ca Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it. diff -r 9bcc185dc151 -r 85f91037cd4f includes/clientside/static/l10n.js --- a/includes/clientside/static/l10n.js Tue Jan 29 17:29:08 2008 -0500 +++ b/includes/clientside/static/l10n.js Tue Jan 29 23:15:44 2008 -0500 @@ -9,9 +9,18 @@ if ( typeof(enano_lang[lang_id]) != 'object' ) return false; this.strings = enano_lang[lang_id]; + this.lang_id = lang_id; this.get = function(string_id, subst) { + if ( window.console ) + { + try { + window.console.log('$lang(' + this.lang_id + '): requested string: ' + string_id); + } + catch(e) + {} + } var catname = string_id.substr(0, string_id.indexOf('_')); var string_name = string_id.substr(string_id.indexOf('_') + 1); if ( typeof(this.strings[catname]) != 'object' ) diff -r 9bcc185dc151 -r 85f91037cd4f includes/functions.php --- a/includes/functions.php Tue Jan 29 17:29:08 2008 -0500 +++ b/includes/functions.php Tue Jan 29 23:15:44 2008 -0500 @@ -321,7 +321,11 @@ if ( $timeout == 0 && empty($_POST) ) { header('Location: ' . $url); + header('Content-length: 0'); header('HTTP/1.1 307 Temporary Redirect'); + + // with 3xx codes HTTP clients expect a response of 0 bytes, so just die here + exit(); } if ( !is_object($template) ) @@ -330,7 +334,7 @@ $template->load_theme('oxygen', 'bleu', false); $template->tpl_strings['SITE_NAME'] = 'Enano'; $template->tpl_strings['SITE_DESC'] = 'This site is experiencing a critical error and cannot load.'; - $template->tpl_strings['COPYRIGHT'] = 'Powered by Enano CMS - © 2007 Dan Fuhry. This program is Free Software; see the GPL file included with this package for details.'; + $template->tpl_strings['COPYRIGHT'] = 'Powered by Enano CMS - © 2006-2008 Dan Fuhry. This program is Free Software; see the GPL file included with this package for details.'; $template->tpl_strings['PAGE_NAME'] = htmlspecialchars($title); } @@ -435,10 +439,6 @@ // echo 'Keyname: '.$keylist[$idx] . '
'; flush(); ob_flush(); // Debugger if($idx < 0) return $arr; if($keylist[$idx] == '' || $keylist[$idx] < 0 || !$keylist[$idx]) { - /* echo 'Infinite loop caught in arrayItemTop(
';
-      print_r($arr);
-      echo '

, '.$keyname.');

EnanoCMS: Critical error during function call, exiting to prevent excessive server load.'; - exit; */ return $arr; } $arr = arrayItemUp($arr, $keylist[$idx]); @@ -613,7 +613,7 @@ { $db->_die(); } - echo '

Subcategories

'; + echo '

' . $lang->get('onpage_cat_heading_subcategories') . '

'; echo '
'; echo ''; echo ''; @@ -636,10 +636,10 @@ } else { - echo ''; + echo ''; } echo '
No subcategories.' . $lang->get('onpage_cat_msg_no_subcategories') . '
' . "\n\n"; - echo '

Pages

'; + echo '

' . $lang->get('onpage_cat_heading_pages') . '

'; echo '
'; echo ''; echo ''; @@ -684,10 +684,10 @@ } else { - echo ''; + echo ''; } echo '
No subcategories.' . $lang->get('onpage_cat_msg_no_subcategories') . '
' . "\n\n"; - echo '

Pages

'; + echo '

' . $lang->get('onpage_cat_heading_pages') . '

'; echo '
'; echo ''; echo ''; @@ -706,7 +706,7 @@ } else { - echo ''; + echo ''; } echo '
No pages in this category.' . $lang->get('onpage_cat_msg_no_pages') . '
' . "\n\n"; } @@ -770,65 +770,111 @@ function show_file_info() { global $db, $session, $paths, $template, $plugins; // Common objects - if($paths->namespace != 'File') return null; // Prevent unnecessary work - $selfn = $paths->page_id; // substr($paths->page, strlen($paths->nslist['File']), strlen($paths->cpage)); - if(substr($paths->cpage['name'], 0, strlen($paths->nslist['File']))==$paths->nslist['File']) $selfn = substr($paths->page_id, strlen($paths->nslist['File']), strlen($paths->page_id)); + global $lang; + + // Prevent unnecessary work + if ( $paths->namespace != 'File' ) + return null; + + $selfn = $paths->page_id; + if ( substr($paths->cpage['name'], 0, strlen($paths->nslist['File'])) == $paths->nslist['File']) + { + $selfn = substr($paths->page_id, strlen($paths->nslist['File']), strlen($paths->page_id)); + } $q = $db->sql_query('SELECT mimetype,time_id,size FROM '.table_prefix.'files WHERE page_id=\''.$selfn.'\' ORDER BY time_id DESC;'); - if(!$q) $db->_die('The file type could not be fetched.'); - if($db->numrows() < 1) { echo '

Uploaded file

There are no files uploaded with this name yet. Upload a file...


'; return; } + if ( !$q ) + { + $db->_die('The file type could not be fetched.'); + } + + if ( $db->numrows() < 1 ) + { + echo '
+

' . $lang->get('onpage_filebox_heading') . '

+

' . $lang->get('onpage_filebox_msg_not_found', array('upload_link' => makeUrlNS('Special', 'UploadFile/'.$paths->page_id))) . '

+
+
'; + return; + } $r = $db->fetchrow(); $mimetype = $r['mimetype']; $datestring = enano_date('F d, Y h:i a', (int)$r['time_id']); - echo '

Uploaded file

Type: '.$r['mimetype'].'
Size: '; - $fs = $r['size']; - echo $fs.' bytes'; - $fs = (int)$fs; - if($fs >= 1048576) + echo '

+

' . $lang->get('onpage_filebox_heading') . '

+

' . $lang->get('onpage_filebox_lbl_type') . ' '.$r['mimetype'].'
'; + + $size = $r['size'] . ' ' . $lang->get('etc_unit_bytes'); + if ( $r['size'] >= 1048576 ) + { + $size .= ' (' . ( round($r['size'] / 1048576, 1) ) . ' ' . $lang->get('etc_unit_megabytes_short') . ')'; + } + else if ( $r['size'] >= 1024 ) { - $fs = round($fs / 1048576, 1); - echo ' ('.$fs.' MB)'; - } elseif($fs >= 1024) { - $fs = round($fs / 1024, 1); - echo ' ('.$fs.' KB)'; + $size .= ' (' . ( round($r['size'] / 1024, 1) ) . ' ' . $lang->get('etc_unit_kilobytes_short') . ')'; + } + + echo $lang->get('onpage_filebox_lbl_size', array('size' => $size)); + + echo '
' . $lang->get('onpage_filebox_lbl_uploaded') . ' ' . $datestring . '

'; + if ( substr($mimetype, 0, 6) != 'image/' && ( substr($mimetype, 0, 5) != 'text/' || $mimetype == 'text/html' || $mimetype == 'text/javascript' ) ) + { + echo '
+ ' . $lang->get('onpage_filebox_msg_virus_warning') . ' +
'; } - echo '
Uploaded: '.$datestring.'

'; - if(substr($mimetype, 0, 6)!='image/' && ( substr($mimetype, 0, 5) != 'text/' || $mimetype == 'text/html' || $mimetype == 'text/javascript' )) + if ( substr($mimetype, 0, 6) == 'image/' ) { - echo '
This file type may contain viruses or other code that could harm your computer. You should exercise caution if you download it.
'; + echo '

+ + '.$paths->page.' + +

'; } - if(substr($mimetype, 0, 6)=='image/') - { - echo '

'.$paths->page.'

'; - } - echo '

Download this file'; + echo '

+ + ' . $lang->get('onpage_filebox_btn_download') . ' + '; if(!$paths->page_protected && ( $paths->wiki_mode || $session->get_permissions('upload_new_version') )) { - echo ' | Upload new version'; + echo ' | + ' . $lang->get('onpage_filebox_btn_upload_new') . ' + '; } echo '

'; - if($db->numrows() > 1) + if ( $db->numrows() > 1 ) { - echo '

File history

'; - while($r = $db->fetchrow()) + echo '

' . $lang->get('onpage_filebox_heading_history') . '

'; + while ( $r = $db->fetchrow() ) { - echo '(this ver) '; - if($session->get_permissions('history_rollback')) - echo ' (revert) '; + echo '(' . $lang->get('onpage_filebox_btn_this_version') . ') '; + if ( $session->get_permissions('history_rollback') ) + echo ' (' . $lang->get('onpage_filebox_btn_revert') . ') '; $mimetype = $r['mimetype']; $datestring = enano_date('F d, Y h:i a', (int)$r['time_id']); + echo $datestring.': '.$r['mimetype'].', '; + $fs = $r['size']; $fs = (int)$fs; + if($fs >= 1048576) { $fs = round($fs / 1048576, 1); - echo ' '.$fs.' MB'; - } elseif($fs >= 1024) { + $size = $fs . ' ' . $lang->get('etc_unit_megabytes_short'); + } + else + if ( $fs >= 1024 ) + { $fs = round($fs / 1024, 1); - echo ' '.$fs.' KB'; - } else { - echo ' '.$fs.' bytes'; + $size = $fs . ' ' . $lang->get('etc_unit_kilobytes_short'); } + else + { + $size = $fs . ' ' . $lang->get('etc_unit_bytes'); + } + + echo $size; + echo '
'; } echo '

'; @@ -879,37 +925,6 @@ } /** - * Deprecated, do not use. - */ - -function password_prompt($id = false) -{ - global $db, $session, $paths, $template, $plugins; // Common objects - if(!$id) $id = $paths->page; - if(isset($paths->pages[$id]['password']) && strlen($paths->pages[$id]['password']) == 40 && !isset($_REQUEST['pagepass'])) - { - die_friendly('Password required', '

You must supply a password to access this page.

Password:

'); - } elseif(isset($_REQUEST['pagepass'])) { - $p = (preg_match('#^([a-f0-9]*){40}$#', $_REQUEST['pagepass'])) ? $_REQUEST['pagepass'] : sha1($_REQUEST['pagepass']); - if($p != $paths->pages[$id]['password']) die_friendly('Password required', '

The password you entered is incorrect.

Password:

'); - } -} - -/** - * Some sort of primitive hex converter from back in the day. Deprecated, do not use. - * @param string Text to encode - * @return string - */ - -function str_hex($string){ - $hex=''; - for ($i=0; $i < strlen($string); $i++){ - $hex .= ' '.dechex(ord($string[$i])); - } - return substr($hex, 1, strlen($hex)); -} - -/** * Essentially an return code reader for a socket. Don't use this unless you're writing mail code and smtp_send_email doesn't cut it. Ported from phpBB's smtp.php. * @param socket A socket resource * @param string The expected response from the server, this needs to be exactly three characters. @@ -1187,14 +1202,6 @@ } /** - * What kinda sh** was I thinking when I wrote this. Deprecated. - */ - -function _dualurlenc($t) { - return rawurlencode(rawurlencode($t)); -} - -/** * Badly named function to send back eval'able Javascript code with an error message. Deprecated, use JSON instead. * @param string Message to send */ diff -r 9bcc185dc151 -r 85f91037cd4f includes/lang.php --- a/includes/lang.php Tue Jan 29 17:29:08 2008 -0500 +++ b/includes/lang.php Tue Jan 29 23:15:44 2008 -0500 @@ -554,7 +554,7 @@ $subs[$key] = strval($value); $string = str_replace("%{$key}%", "{$subs[$key]}", $string); } - return "$string*"; + return $string; } } // class Language diff -r 9bcc185dc151 -r 85f91037cd4f includes/pageprocess.php --- a/includes/pageprocess.php Tue Jan 29 17:29:08 2008 -0500 +++ b/includes/pageprocess.php Tue Jan 29 23:15:44 2008 -0500 @@ -213,7 +213,8 @@ { if ( !$this->page_exists ) { - die_semicritical('Exception in PageProcessor', '

Special page not existent but exception not previously caught by path manager.

'); + $func_name = "page_{$this->namespace}_{$this->page_id}"; + die_semicritical($lang->get('page_msg_admin_404_title'), $lang->get('page_msg_admin_404_body', array('func_name' => $func_name))); } $func_name = "page_{$this->namespace}_{$this->page_id}"; if ( function_exists($func_name) ) diff -r 9bcc185dc151 -r 85f91037cd4f includes/pageutils.php --- a/includes/pageutils.php Tue Jan 29 17:29:08 2008 -0500 +++ b/includes/pageutils.php Tue Jan 29 23:15:44 2008 -0500 @@ -89,7 +89,7 @@ } /** - * Basically a frontend to RenderMan::getPage(), with the ability to send valid data for nonexistent pages + * DEPRECATED. Previously returned the full rendered contents of a page. * @param $page the full page id (Namespace:Pagename) * @param $send_headers true if the theme headers should be sent (still dependent on current page settings), false otherwise * @return string @@ -98,226 +98,6 @@ public static function getpage($page, $send_headers = false, $hist_id = false) { die('PageUtils->getpage is deprecated.'); - global $db, $session, $paths, $template, $plugins; // Common objects - ob_start(); - $pid = RenderMan::strToPageID($page); - //die('
'.print_r($pid, true).'
'); - if(isset($paths->pages[$page]['password']) && strlen($paths->pages[$page]['password']) == 40) - { - password_prompt($page); - } - if(isset($paths->pages[$page])) - { - doStats($pid[0], $pid[1]); - } - if($paths->custom_page || $pid[1] == 'Special') - { - // If we don't have access to the page, get out and quick! - if(!$session->get_permissions('read') && $pid[0] != 'Login' && $pid[0] != 'Register') - { - $template->tpl_strings['PAGE_NAME'] = 'Access denied'; - - if ( $send_headers ) - { - $template->header(); - } - - echo '
Access to this page is denied.
This may be because you are not logged in or you have not met certain criteria for viewing this page.
'; - - if ( $send_headers ) - { - $template->footer(); - } - - $r = ob_get_contents(); - ob_end_clean(); - return $r; - } - - $fname = 'page_' . $pid[1] . '_' . $paths->pages[$page]['urlname_nons']; - @call_user_func($fname); - - } - else if ( $pid[1] == 'Admin' ) - { - // If we don't have access to the page, get out and quick! - if(!$session->get_permissions('read')) - { - $template->tpl_strings['PAGE_NAME'] = 'Access denied'; - if ( $send_headers ) - { - $template->header(); - } - echo '
Access to this page is denied.
This may be because you are not logged in or you have not met certain criteria for viewing this page.
'; - if ( $send_headers ) - { - $template->footer(); - } - $r = ob_get_contents(); - ob_end_clean(); - return $r; - } - - $fname = 'page_' . $pid[1] . '_' . $pid[0]; - if ( !function_exists($fname) ) - { - $title = 'Page backend not found'; - $message = "The administration page you are looking for was properly registered using the page API, but the backend function - ($fname) was not found. If this is a plugin page, then this is almost certainly a bug with the plugin."; - if ( $send_headers ) - { - die_friendly($title, "

$message

"); - } - else - { - echo "

$title

\n

$message

"; - } - } - @call_user_func($fname); - } - else if ( !isset( $paths->pages[$page] ) ) - { - ob_start(); - $code = $plugins->setHook('page_not_found'); - foreach ( $code as $cmd ) - { - eval($cmd); - } - $text = ob_get_contents(); - if ( $text != '' ) - { - ob_end_clean(); - return $text; - } - $template->header(); - if($m = $paths->sysmsg('Page_not_found')) - { - eval('?>'.RenderMan::render($m)); - } - else - { - header('HTTP/1.1 404 Not Found'); - echo '

There is no page with this title yet.

-

You have requested a page that doesn\'t exist yet.'; - if($session->get_permissions('create_page')) echo ' You can create this page, or return to the homepage.'; - else echo ' Return to the homepage.

'; - if ( $session->get_permissions('history_rollback') ) - { - $e = $db->sql_query('SELECT * FROM ' . table_prefix.'logs WHERE action=\'delete\' AND page_id=\'' . $paths->page_id . '\' AND namespace=\'' . $pid[1] . '\' ORDER BY time_id DESC;'); - if ( !$e ) - { - $db->_die('The deletion log could not be selected.'); - } - if ($db->numrows() > 0 ) - { - $r = $db->fetchrow(); - echo '

This page also appears to have some log entries in the database - it seems that it was deleted on ' . enano_date('d M Y h:i a', intval($r['time_id'])) . '. You can probably roll back the deletion.

'; - } - $db->free_result(); - } - echo '

- HTTP Error: 404 Not Found -

'; - } - $template->footer(); - } - else - { - - // If we don't have access to the page, get out and quick! - if(!$session->get_permissions('read')) - { - $template->tpl_strings['PAGE_NAME'] = 'Access denied'; - if($send_headers) $template->header(); - echo '
Access to this page is denied.
This may be because you are not logged in or you have not met certain criteria for viewing this page.
'; - if($send_headers) $template->footer(); - $r = ob_get_contents(); - ob_end_clean(); - return $r; - } - - ob_start(); - $code = $plugins->setHook('page_custom_handler'); - foreach ( $code as $cmd ) - { - eval($cmd); - } - $text = ob_get_contents(); - if ( $text != '' ) - { - ob_end_clean(); - return $text; - } - - if ( $hist_id ) - { - $e = $db->sql_query('SELECT page_text,date_string,char_tag FROM ' . table_prefix.'logs WHERE page_id=\'' . $paths->pages[$page]['urlname_nons'] . '\' AND namespace=\'' . $pid[1] . '\' AND log_type=\'page\' AND action=\'edit\' AND time_id=' . $db->escape($hist_id) . ''); - if($db->numrows() < 1) - { - $db->_die('There were no rows in the text table that matched the page text query.'); - } - $r = $db->fetchrow(); - $db->free_result(); - $message = '
Notice:
The page you are viewing was archived on ' . enano_date('d M Y h:i a', intval($r['time_id'])) . '.
View current version | Restore this version

'.RenderMan::render($r['page_text']); - - if( !$paths->pages[$page]['special'] ) - { - if($send_headers) - { - $template->header(); - } - display_page_headers(); - } - - eval('?>' . $message); - - if( !$paths->pages[$page]['special'] ) - { - display_page_footers(); - if($send_headers) - { - $template->footer(); - } - } - - } else { - if(!$paths->pages[$page]['special']) - { - $message = RenderMan::getPage($paths->pages[$page]['urlname_nons'], $pid[1]); - } - else - { - $message = RenderMan::getPage($paths->pages[$page]['urlname_nons'], $pid[1], 0, false, false, false, false); - } - // This line is used to debug wikiformatted code - // die('
'.htmlspecialchars($message).'
'); - - if( !$paths->pages[$page]['special'] ) - { - if($send_headers) - { - $template->header(); - } - display_page_headers(); - } - - // This is it, this is what all of Enano has been working up to... - - eval('?>' . $message); - - if( !$paths->pages[$page]['special'] ) - { - display_page_footers(); - if($send_headers) - { - $template->footer(); - } - } - } - } - $ret = ob_get_contents(); - ob_end_clean(); - return $ret; } /** diff -r 9bcc185dc151 -r 85f91037cd4f includes/paths.php --- a/includes/paths.php Tue Jan 29 17:29:08 2008 -0500 +++ b/includes/paths.php Tue Jan 29 23:15:44 2008 -0500 @@ -133,6 +133,7 @@ function init() { global $db, $session, $paths, $template, $plugins; // Common objects + global $lang; $code = $plugins->setHook('paths_init_before'); foreach ( $code as $cmd ) @@ -359,8 +360,7 @@ { $main_page = makeUrl($this->pages[0]['urlname']); } - $sp_link = 'here'; - redirect($main_page, 'Can\'t load special page', 'The special page you requested could not be found. This may be due to a plugin failing to load. A list of all special pages on this website can be viewed '.$sp_link.'. You will be redirected to the main page in 15 seconds.', 14); + redirect($main_page, $lang->get('page_msg_special_404_title'), $lang->get('page_msg_special_404_body', array('sp_link' => makeUrlNS('Special', 'SpecialPages'))), 15); exit; } // Allow the user to create/modify his user page uncondtionally (admins can still protect the page) diff -r 9bcc185dc151 -r 85f91037cd4f includes/payload.php --- a/includes/payload.php Tue Jan 29 17:29:08 2008 -0500 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,312 +0,0 @@ -sql_query('SELECT config_value FROM ' . table_prefix . 'config WHERE config_name=\'install_aes_key\';'); - if ( !$q ) - $db->_die(); - if ( $db->numrows() < 1 ) - return false; - list($aes_key) = $db->fetchrow_num(); - $aes_key = $aes->hextostring($aes_key); - - $pass = $aes->decrypt($_POST['crypt_data'], $aes_key, ENC_HEX); - if ( !$pass ) - return false; - - return $pass; // Will be true if the password isn't crapped -} - -function stg_make_private_key() -{ - global $db; - static $site_key = false; - - if ( $site_key ) - return $site_key; - - // Is there already a key cached in the database? - $q = $db->sql_query('SELECT config_value FROM ' . table_prefix . 'config WHERE config_name=\'site_aes_key\';'); - if ( !$q ) - $db->_die(); - - if ( $db->numrows() > 0 ) - { - list($site_key) = $db->fetchrow_num(); - $db->free_result(); - return $site_key; - } - - $aes = AESCrypt::singleton(AES_BITS, AES_BLOCKSIZE); - // This will use /dev/urandom if possible - $site_key = $aes->gen_readymade_key(); - - // Stash it in the database, don't check for errors though because we can always regenerate it - $db->sql_query('INSERT INTO ' . table_prefix . 'config ( config_name, config_value ) VALUES ( \'site_aes_key\', \'' . $site_key . '\' );'); - - return $site_key; -} - -function stg_load_schema() -{ - global $db, $dbdriver, $installer_version; - static $sql_parser = false; - - if ( is_object($sql_parser) ) - return $sql_parser->parse(); - - $aes = AESCrypt::singleton(AES_BITS, AES_BLOCKSIZE); - - $site_key = stg_make_private_key(); - $site_key = $aes->hextostring($site_key); - $admin_pass_clean = stg_password_decode(); - $admin_pass = $aes->encrypt($admin_pass_clean, $site_key, ENC_HEX); - - unset($admin_pass_clean); // Security - - try - { - $sql_parser = new SQL_Parser( ENANO_ROOT . "/install/schemas/{$dbdriver}_stage2.sql" ); - } - catch ( Exception $e ) - { - echo "
$e
"; - return false; - } - - $vars = array( - 'TABLE_PREFIX' => $_POST['table_prefix'], - 'SITE_NAME' => $db->escape($_POST['site_name']), - 'SITE_DESC' => $db->escape($_POST['site_desc']), - 'COPYRIGHT' => $db->escape($_POST['copyright']), - // FIXME: update form - 'WIKI_MODE' => ( isset($_POST['wiki_mode']) ? '1' : '0' ), - 'ENABLE_CACHE' => ( is_writable( ENANO_ROOT . '/cache/' ) ? '1' : '0' ), - 'VERSION' => $installer_version['version'], - 'ADMIN_USER' => $db->escape($_POST['username']), - 'ADMIN_PASS' => $admin_pass, - 'ADMIN_EMAIL' => $db->escape($_POST['email']), - 'REAL_NAME' => '', // This has always been stubbed. - 'ADMIN_EMBED_PHP' => strval(AUTH_DISALLOW), - 'UNIX_TIME' => strval(time()) - ); - - $sql_parser->assign_vars($vars); - return $sql_parser->parse(); -} - -function stg_deliver_payload() -{ - global $db; - $schema = stg_load_schema(); - foreach ( $schema as $sql ) - { - if ( !$db->sql_query($sql) ) - { - echo $db->get_error(); - return false; - } - } - return true; -} - -function stg_write_config() -{ - global $dbhost, $dbuser, $dbpasswd, $dbname, $dbdriver; - $db_data = array( - 'host' => str_replace("'", "\\'", $dbhost), - 'user' => str_replace("'", "\\'", $dbuser), - 'pass' => str_replace("'", "\\'", $dbpasswd), - 'name' => str_replace("'", "\\'", $dbname), - 'tp' => table_prefix, - 'drv' => $dbdriver - ); - - // Retrieves the existing key - $site_key = stg_make_private_key(); - - // Determine contentPath - switch ( @$_POST['url_scheme'] ) - { - case 'standard': - default: - $sp_append = 'index.php?title='; - break; - case 'shortened': - $sp_append = 'index.php/'; - break; - case 'rewrite': - $sp_append = '/'; - break; - } - - $scriptpath = scriptPath; - $contentpath = $scriptpath . $sp_append; - - $config_file = <<import( ENANO_ROOT . "/language/{$lang_info['dir']}/user.json" ); - $lang_local->import( ENANO_ROOT . "/language/{$lang_info['dir']}/tools.json" ); - $lang_local->import( ENANO_ROOT . "/language/{$lang_info['dir']}/admin.json" ); - - return true; -} diff -r 9bcc185dc151 -r 85f91037cd4f includes/render.php --- a/includes/render.php Tue Jan 29 17:29:08 2008 -0500 +++ b/includes/render.php Tue Jan 29 23:15:44 2008 -0500 @@ -763,7 +763,8 @@ $keys = array_keys($smileys); foreach($keys as $k) { - $t = str_hex($k); + $t = hexencode($k, ' ', ''); + $t = trim($t); $t = explode(' ', $t); $s = ''; foreach($t as $b) diff -r 9bcc185dc151 -r 85f91037cd4f includes/search.php --- a/includes/search.php Tue Jan 29 17:29:08 2008 -0500 +++ b/includes/search.php Tue Jan 29 23:15:44 2008 -0500 @@ -168,7 +168,7 @@ if ( count($query['any']) < 1 && count($query['req']) < 1 && count($query_phrase['any']) < 1 && count($query_phrase['req']) < 1 ) { // This is both because of technical restrictions and devastation that would occur on shared servers/large sites. - $warnings[] = 'You need to have at least one keyword in your search query. Searching only for pages not containing a term is not allowed.'; + $warnings[] = $lang->get('search_err_query_no_positive'); return array(); } diff -r 9bcc185dc151 -r 85f91037cd4f includes/sessions.php --- a/includes/sessions.php Tue Jan 29 17:29:08 2008 -0500 +++ b/includes/sessions.php Tue Jan 29 23:15:44 2008 -0500 @@ -398,13 +398,13 @@ { case 'none': default: - $solution = 'Your account was most likely deactivated by an administrator. Please contact the site administration for further assistance.'; + $solution = $lang->get('user_login_noact_solution_none'); break; case 'user': - $solution = 'Please check your e-mail; you should have been sent a message with instructions on how to activate your account. If you do not receive an e-mail from this site within 24 hours, please contact the site administration for further assistance.'; + $solution = $lang->get('user_login_noact_solution_user'); break; case 'admin': - $solution = 'This website has been configured so that all user accounts must be activated by the administrator before they can be used, so your account will most likely be activated the next time an administrator visits the site.'; + $solution = $lang->get('user_login_noact_solution_admin'); break; } @@ -425,14 +425,14 @@ $this->auth_level = USER_LEVEL_MEMBER; $this->user_level = USER_LEVEL_MEMBER; $this->logout(); - redirect(scriptPath . '/', 'Logged out', 'You have successfully been logged out. All cookies cleared.', 4); + redirect(scriptPath . '/', $lang->get('user_login_noact_msg_logout_success_title'), $lang->get('user_login_noact_msg_logout_success_body'), 5); } if ( $can_request && !isset($_POST['activation_request']) ) { - $form = '

If you are having trouble or did not receive the e-mail, you can request account activation from the administrators of this site.

+ $form = '

' . $lang->get('user_login_noact_msg_ask_admins') . '

-

+

'; } else @@ -440,21 +440,21 @@ if ( $can_request && isset($_POST['activation_request']) ) { $this->admin_activation_request($userdata['username']); - $form = '

A request has just been sent to the administrators of this site. They will be able to activate your account or send you another activation e-mail if needed.

+ $form = '

' . $lang->get('user_login_noact_msg_admins_just_asked') . '

-

+

'; } else { - $form = '

There is an active request in the administrators\' control panel for your account to be activated.

+ $form = '

' . $lang->get('user_login_noact_msg_admins_asked') . '

-

+

'; } } - die_semicritical('Account error', '

It appears that your user account has not yet been activated. '.$solution.'

' . $form); + die_semicritical($lang->get('user_login_noact_title'), '

' . $lang->get('user_login_noact_msg_intro') . ' '.$solution.'

' . $form); } $this->sid = $_COOKIE['sid']; @@ -712,7 +712,7 @@ eval($cmd); } - redirect($url, 'Login sucessful', 'Please wait while you are transferred to the Password Reset form.'); + redirect($url, '', '', 0); exit; } } @@ -1582,6 +1582,8 @@ function check_banlist() { global $db, $session, $paths, $template, $plugins; // Common objects + global $lang; + $col_reason = ( $this->compat ) ? '"No reason entered (session manager is in compatibility mode)" AS reason' : 'reason'; $banned = false; if ( $this->user_logged_in ) @@ -1612,7 +1614,7 @@ $q = $this->sql($sql); if ( $db->numrows() > 0 ) { - while ( list($reason, $ban_value, $ban_type, $is_regex) = $db->fetchrow_num() ) + while ( list($reason_temp, $ban_value, $ban_type, $is_regex) = $db->fetchrow_num() ) { if ( $ban_type == BAN_IP && $row['is_regex'] != 1 ) { @@ -1624,6 +1626,7 @@ } if ( preg_match("/$regexp/", $_SERVER['REMOTE_ADDR']) ) { + $reason = $reason_temp; $banned = true; } } @@ -1631,6 +1634,7 @@ { // User is banned $banned = true; + $reason = $reason_temp; } } } @@ -1656,7 +1660,7 @@ $q = $this->sql($sql); if ( $db->numrows() > 0 ) { - while ( list($reason, $ban_value, $ban_type, $is_regex) = $db->fetchrow_num() ) + while ( list($reason_temp, $ban_value, $ban_type, $is_regex) = $db->fetchrow_num() ) { if ( $ban_type == BAN_IP && $row['is_regex'] != 1 ) { @@ -1666,12 +1670,14 @@ continue; if ( preg_match("/$regexp/", $_SERVER['REMOTE_ADDR']) ) { + $reason = $reason_temp; $banned = true; } } else { // User is banned + $reason = $reason_temp; $banned = true; } } @@ -1681,7 +1687,7 @@ if ( $banned && $paths->get_pageid_from_url() != $paths->nslist['Special'].'CSS' ) { // This guy is banned - kill the session, kill the database connection, bail out, and be pretty about it - die_semicritical('Ban notice', '
You have been banned from this website. Please contact the site administrator for more information.

Reason:
'.$reason.'
'); + die_semicritical($lang->get('user_ban_msg_title'), '

' . $lang->get('user_ban_msg_body') . '

' . $lang->get('user_ban_lbl_reason') . '
' . $reason . '
'); exit; } } @@ -2066,46 +2072,71 @@ function userlevel_to_string($user_level, $short = false) { - if ( $short ) + global $lang; + + static $levels = array( + 'short' => array( + USER_LEVEL_GUEST => 'Guest', + USER_LEVEL_MEMBER => 'Member', + USER_LEVEL_CHPREF => 'Sensitive preferences changeable', + USER_LEVEL_MOD => 'Moderator', + USER_LEVEL_ADMIN => 'Administrative' + ), + 'long' => array( + USER_LEVEL_GUEST => 'Low - guest privileges', + USER_LEVEL_MEMBER => 'Standard - normal member level', + USER_LEVEL_CHPREF => 'Medium - user can change his/her own e-mail address and password', + USER_LEVEL_MOD => 'High - moderator privileges', + USER_LEVEL_ADMIN => 'Highest - administrative privileges' + ), + 'l10n' => false + ); + + if ( is_object($lang) && !$levels['l10n'] ) { - switch ( $user_level ) - { - case USER_LEVEL_GUEST: - return 'Guest'; - case USER_LEVEL_MEMBER: - return 'Member'; - case USER_LEVEL_CHPREF: - return 'Sensitive preferences changeable'; - case USER_LEVEL_MOD: - return 'Moderator'; - case USER_LEVEL_ADMIN: - return 'Administrative'; - default: - return "Level $user_level"; - } + $levels = array( + 'short' => array( + USER_LEVEL_GUEST => $lang->get('user_level_short_guest'), + USER_LEVEL_MEMBER => $lang->get('user_level_short_member'), + USER_LEVEL_CHPREF => $lang->get('user_level_short_chpref'), + USER_LEVEL_MOD => $lang->get('user_level_short_mod'), + USER_LEVEL_ADMIN => $lang->get('user_level_short_admin') + ), + 'long' => array( + USER_LEVEL_GUEST => $lang->get('user_level_long_guest'), + USER_LEVEL_MEMBER => $lang->get('user_level_long_member'), + USER_LEVEL_CHPREF => $lang->get('user_level_long_chpref'), + USER_LEVEL_MOD => $lang->get('user_level_long_mod'), + USER_LEVEL_ADMIN => $lang->get('user_level_long_admin') + ), + 'l10n' => true + ); + } + + $key = ( $short ) ? 'short' : 'long'; + if ( isset($levels[$key][$user_level]) ) + { + return $levels[$key][$user_level]; } else { - switch ( $user_level ) + if ( $short ) { - case USER_LEVEL_GUEST: - return 'Low - guest privileges'; - case USER_LEVEL_MEMBER: - return 'Standard - normal member level'; - case USER_LEVEL_CHPREF: - return 'Medium - user can change his/her own e-mail address and password'; - case USER_LEVEL_MOD: - return 'High - moderator privileges'; - case USER_LEVEL_ADMIN: - return 'Highest - administrative privileges'; - default: - return "Unknown ($user_level)"; + return ( is_object($lang) ) ? $lang->get('user_level_short_unknown', array('user_level' => $user_level)) : "Unknown - $user_level"; + } + else + { + return ( is_object($lang) ) ? $lang->get('user_level_long_unknown', array('user_level' => $user_level)) : "Unknown level ($user_level)"; } } + + return 'Linux rocks!'; + } /** * Updates a user's information in the database. Note that any of the values except $user_id can be false if you want to preserve the old values. + * Not localized because this really isn't used a whole lot anymore. * @param int $user_id The user ID of the user to update - this cannot be changed * @param string $username The new username * @param string $old_pass The current password - only required if sessionManager::$user_level < USER_LEVEL_ADMIN. This should usually be an UNENCRYPTED string. This can also be an array - if it is, key 0 is treated as data AES-encrypted with key 1 diff -r 9bcc185dc151 -r 85f91037cd4f includes/tagcloud.php --- a/includes/tagcloud.php Tue Jan 29 17:29:08 2008 -0500 +++ b/includes/tagcloud.php Tue Jan 29 23:15:44 2008 -0500 @@ -132,6 +132,7 @@ function make_html($span_class = 'normal', $div_align = 'center') { + global $lang; $html = array(); $max = max($this->words); $size = $this->get_cloud_size(); @@ -147,8 +148,8 @@ $newline = ( $inc == 5 ) ? "
" : ''; ( $inc == 5 ) ? $inc = 0 : null; $url = makeUrlNS('Special', 'TagCloud/' . htmlspecialchars($word)); - $s = ( $popularity != 1 ) ? 's' : ''; - $html[] = "$word"; // $newline"; + $popstring = ( $popularity == 1 ) ? $lang->get('pagetools_tagcloug_tip_popularity_one') : $lang->get('pagetools_tagcloug_tip_popularity_plural', array('popularity' => $popularity)); + $html[] = "$word"; // $newline"; } } $html = '
' . implode("\n", $html) . '
'; diff -r 9bcc185dc151 -r 85f91037cd4f includes/template.php --- a/includes/template.php Tue Jan 29 17:29:08 2008 -0500 +++ b/includes/template.php Tue Jan 29 23:15:44 2008 -0500 @@ -833,49 +833,16 @@ if ( $this->site_disabled && $session->user_level >= USER_LEVEL_ADMIN && ( $paths->page != $paths->nslist['Special'] . 'Administration' ) ) { $admin_link = makeUrlNS('Special', 'Administration', 'module=' . $paths->nslist['Admin'] . 'GeneralConfig', true); - echo '
The site is currently disabled and thus is only accessible to administrators.
- You can re-enable the site through the administration panel. + echo '
' . $lang->get('page_sitedisabled_admin_msg_title') . '
+ ' . $lang->get('page_sitedisabled_admin_msg_body', array('admin_link' => $admin_link)) . '
'; } } function footer($simple = false) { - global $db, $session, $paths, $template, $plugins; // Common objects - if ( !$this->no_headers ) - { - - if(!defined('ENANO_HEADERS_SENT')) - $this->header(); - - global $_starttime; - if(isset($_GET['sqldbg']) && $session->get_permissions('mod_misc')) - { - echo '

Query list as requested on URI

';
-        echo htmlspecialchars($db->sql_backtrace());
-        echo '
'; - } - - $f = microtime_float(); - $f = $f - $_starttime; - $f = round($f, 4); - $dbg = 'Time: '.$f.'s | Queries: '.$db->num_queries; - $t = ( $simple ) ? $this->process_template('simple-footer.tpl') : $this->process_template('footer.tpl'); - $t = str_replace('[[Stats]]', $dbg, $t); - $t = str_replace('[[NumQueries]]', (string)$db->num_queries, $t); - $t = str_replace('[[GenTime]]', (string)$f, $t); - - if ( defined('ENANO_DEBUG') ) - $t = str_replace('', '
' . profiler_make_html() . '
', $t); - - echo $t; - - ob_end_flush(); - } - else - { - return ''; - } + echo $this->getFooter(); + ob_end_flush(); } function getHeader() @@ -888,28 +855,56 @@ function getFooter() { global $db, $session, $paths, $template, $plugins; // Common objects - if(!$this->no_headers) { + global $lang; + if ( !$this->no_headers ) + { + + if(!defined('ENANO_HEADERS_SENT')) + $this->header(); + global $_starttime; - $t = ''; - if(isset($_GET['sqldbg']) && $session->get_permissions('mod_misc')) { - $t .= '

Query list as requested on URI

';
-        $t .= $db->sql_backtrace();
-        $t .= '
'; + echo '

' . $lang->get('page_heading_sql_list') . '

';
+        echo htmlspecialchars($db->sql_backtrace());
+        echo '
'; } + $t = ( $simple ) ? $this->process_template('simple-footer.tpl') : $this->process_template('footer.tpl'); + $f = microtime_float(); $f = $f - $_starttime; $f = round($f, 4); - $dbg = 'Time: '.$f.'s | Queries: '.$db->num_queries; - $t.= $this->process_template('footer.tpl'); + + $t_loc = $lang->get('page_msg_stats_gentime_short', array('time' => $f)); + $t_loc_long = $lang->get('page_msg_stats_gentime_long', array('time' => $f)); + $q_loc = '' . $lang->get('page_msg_stats_sql', array('nq' => $db->num_queries)) . ''; + $dbg = $t_loc; + $dbg_long = $t_loc_long; + if ( $session->user_level >= USER_LEVEL_ADMIN ) + { + $dbg .= "  |  $q_loc"; + $dbg_long .= "  |  $q_loc"; + } + $t = str_replace('[[Stats]]', $dbg, $t); + $t = str_replace('[[StatsLong]]', $dbg_long, $t); $t = str_replace('[[NumQueries]]', (string)$db->num_queries, $t); $t = str_replace('[[GenTime]]', (string)$f, $t); + $t = str_replace('[[NumQueriesLoc]]', $q_loc, $t); + $t = str_replace('[[GenTimeLoc]]', $t_loc, $t); + $t = str_replace('[[EnanoPoweredLink]]', $lang->get('page_enano_powered', array('about_uri' => $this->tpl_strings['URL_ABOUT_ENANO'])), $t); + $t = str_replace('[[EnanoPoweredLinkLong]]', $lang->get('page_enano_powered_long', array('about_uri' => $this->tpl_strings['URL_ABOUT_ENANO'])), $t); + + if ( defined('ENANO_DEBUG') ) + $t = str_replace('', '
' . profiler_make_html() . '
', $t); + return $t; } - else return ''; + else + { + return ''; + } } /** @@ -1033,7 +1028,7 @@ $keywords = implode('|', $keywords); // Matches - // 1 2 3 4 56 7 8 + // 1 2 3 4 56 7 8 $regexp = '/()(.*)(()(.*))?()/isU'; /* @@ -2029,28 +2024,55 @@ function footer($simple = false) { global $db, $session, $paths, $template, $plugins; // Common objects + global $lang; + if(!$this->no_headers) { global $_starttime; - $f = microtime(true); + $filename = ( $simple ) ? 'simple-footer.tpl' : 'footer.tpl'; + $t = $this->process_template($filename); + + $f = microtime_float(); $f = $f - $_starttime; $f = round($f, 4); - if(defined('IN_ENANO_INSTALL')) $nq = 'N/A'; - else $nq = $db->num_queries; - if($nq == 0) $nq = 'N/A'; - $dbg = 'Time: '.$f.'s | Queries: '.$nq; - $filename = ( $simple ) ? 'simple-footer.tpl' : 'footer.tpl'; - $t = $this->process_template($filename); - $t = str_replace('[[Stats]]', $dbg, $t); - if ( is_object($db) ) + + if ( is_object($lang) ) { - $t = str_replace('[[NumQueries]]', (string)$db->num_queries, $t); + $t_loc = $lang->get('page_msg_stats_gentime_short', array('time' => $f)); + $t_loc_long = $lang->get('page_msg_stats_gentime_long', array('time' => $f)); + $q_loc = '' . $lang->get('page_msg_stats_sql', array('nq' => ( is_object($db) ? $db->num_queries : 'N/A' ))) . ''; + $dbg = $t_loc; + $dbg_long = $t_loc_long; + if ( $session->user_level >= USER_LEVEL_ADMIN ) + { + $dbg .= "  |  $q_loc"; + $dbg_long .= "  |  $q_loc"; + } + $t = str_replace('[[EnanoPoweredLink]]', $lang->get('page_enano_powered', array('about_uri' => $this->tpl_strings['URL_ABOUT_ENANO'])), $t); + $t = str_replace('[[EnanoPoweredLinkLong]]', $lang->get('page_enano_powered_long', array('about_uri' => $this->tpl_strings['URL_ABOUT_ENANO'])), $t); } else { - $t = str_replace('[[NumQueries]]', '0', $t); + $t_loc = "Time: {$f}s"; + $t_loc_long = "Generated in {$f}sec"; + $q_loc = '' . ( is_object($db) ? "{$db->num_queries} SQL" : 'Queries: N/A' ) . ''; + $dbg = $t_loc; + $dbg_long = $t_loc_long; + if ( $session->user_level >= USER_LEVEL_ADMIN ) + { + $dbg .= "  |  $q_loc"; + $dbg_long .= "  |  $q_loc"; + } + $t = str_replace('[[EnanoPoweredLink]]', 'Powered by Enano', $t); + $t = str_replace('[[EnanoPoweredLinkLong]]', 'Website engine powered by Enano', $t); } + + $t = str_replace('[[Stats]]', $dbg, $t); + $t = str_replace('[[StatsLong]]', $dbg_long, $t); + $t = str_replace('[[NumQueries]]', ( is_object($db) ? (string)$db->num_queries : '0' ), $t); $t = str_replace('[[GenTime]]', (string)$f, $t); + $t = str_replace('[[NumQueriesLoc]]', $q_loc, $t); + $t = str_replace('[[GenTimeLoc]]', $t_loc, $t); echo $t; } diff -r 9bcc185dc151 -r 85f91037cd4f index.php --- a/index.php Tue Jan 29 17:29:08 2008 -0500 +++ b/index.php Tue Jan 29 23:15:44 2008 -0500 @@ -198,6 +198,7 @@ case 'viewsource': $template->header(); $text = RenderMan::getPage($paths->page_id, $paths->namespace, 0, false, false, false, false); + $text = htmlspecialchars($text); echo '

diff -r 9bcc185dc151 -r 85f91037cd4f install/includes/stages/confirm.php --- a/install/includes/stages/confirm.php Tue Jan 29 17:29:08 2008 -0500 +++ b/install/includes/stages/confirm.php Tue Jan 29 23:15:44 2008 -0500 @@ -21,10 +21,10 @@ $ui->show_header(); ?> -

Enano is ready to install.

-

Almost there! You've entered all the information we need for now. Click Continue to install the Enano database.

-

A note on AES encryption: - Enano is currently configured to use -bit AES encryption. While the default value of 192 bits is perfectly acceptable for most sites, those in need of extreme security will want to change this value to 256 bits (the maximum available strength). If you need to change the cipher strength, please edit the file includes/constants.php and then restart this installation. Do not click Continue below until you redo the installation process up until this point, or you will experience severe problems with logging into your site. +

get('confirm_title'); ?>

+

get('confirm_body'); ?>

+

get('confirm_info_aes_title'); ?> + get('confirm_info_aes_body', array('aes_bits' => AES_BITS)); ?>

&$value ) @@ -39,6 +39,6 @@ ?>
- +
diff -r 9bcc185dc151 -r 85f91037cd4f install/includes/stages/database_post.php --- a/install/includes/stages/database_post.php Tue Jan 29 17:29:08 2008 -0500 +++ b/install/includes/stages/database_post.php Tue Jan 29 23:15:44 2008 -0500 @@ -96,7 +96,7 @@

Configuration file generation failed.

Couldn't open the configuration file to write out database settings. Check your file permissions.

- +

-

Database operation failed

-

The installer couldn't create one of the tables used for installation.

-

Error description: +

get('database_msg_sql_fail_title'); ?>

+

get('database_msg_sql_fail_body'); ?>

+

get('database_msg_post_fail_desc'); ?> sql_error(); ?>

- +

-

Connection successful

-

The database has been contacted and initial tables created successfully. Redirecting...

-

Click if you're not redirected within 2 seconds

+

get('database_msg_success_title'); ?>

+

get('database_msg_success_body'); ?>

+

get('database_msg_success_redirect'); ?>