Changes in [3284:e2c6add4816b:3285:3ca3e4cf422b]

Files:

• Makefile (modified) (2 diffs)
• admin/comments.php (modified) (4 diffs)
• admin/index.php (modified) (1 diff)
• admin/style/default.css (modified) (2 diffs)
• inc/admin/lib.dc.page.php (modified) (1 diff)
• inc/admin/prepend.php (modified) (1 diff)
• inc/config.php.in (modified) (1 diff)
• inc/core/class.dc.blog.php (modified) (2 diffs)
• inc/dbschema/upgrade.php (modified) (1 diff)
• inc/load_var_file.php (added)
• inc/prepend.php (modified) (1 diff)
• inc/public/class.dc.template.php (modified) (2 diffs)
• inc/public/prepend.php (modified) (1 diff)
• plugins/dcLegacyEditor/_define.php (modified) (1 diff)
• plugins/dcLegacyEditor/css/jsToolBar/bt_mark.png (added)
• plugins/dcLegacyEditor/css/jsToolBar/jsToolBar.css (modified) (1 diff)
• plugins/dcLegacyEditor/inc/dc.legacy.editor.behaviors.php (modified) (1 diff)
• plugins/dcLegacyEditor/js/jsToolBar/jsToolBar.js (modified) (1 diff)
• plugins/dcLegacyEditor/js/jsToolBar/jsToolBar.wysiwyg.js (modified) (1 diff)

Makefile

@@ -25 +25 @@
             ./$(DC)/features ./$(DC)/travis ./$(DC)/behat.yml.dist ./$(DC)/composer.*
 
-     ## Create cache, db, plugins and public folders
-     mkdir ./$(DC)/cache ./$(DC)/db ./$(DC)/plugins ./$(DC)/public ./$(DC)/themes
+     ## Create cache, var, db, plugins, themes and public folders
+     mkdir ./$(DC)/cache ./$(DC)/var ./$(DC)/db ./$(DC)/plugins ./$(DC)/themes ./$(DC)/public
      cp -p inc/.htaccess ./$(DC)/cache/
+     cp -p inc/.htaccess ./$(DC)/var/
      cp -p inc/.htaccess ./$(DC)/db/
      cp -p inc/.htaccess ./$(DC)/plugins/
@@ -73 +74 @@
      ## Create digest
      cd $(DC) && ( \
-          md5sum `find . -type f -not -path "./inc/digest" -not -path "./cache/*" -not -path "./db/*" -not -path ./CHANGELOG` \
+          md5sum `find . -type f -not -path "./inc/digest" -not -path "./cache/*" -not -path "./var/*" -not -path "./db/*" -not -path ./CHANGELOG` \
           > inc/digests \
      )

admin/comments.php

@@ -54 +54 @@
 /* Get comments
 -------------------------------------------------------- */
-$author = isset($_GET['author']) ? $_GET['author'] : '';
-$status = isset($_GET['status']) ?      $_GET['status'] : '';
-$type = !empty($_GET['type']) ?         $_GET['type'] : '';
-$sortby = !empty($_GET['sortby']) ?     $_GET['sortby'] : 'comment_dt';
-$order = !empty($_GET['order']) ?       $_GET['order'] : 'desc';
-$ip = !empty($_GET['ip']) ?             $_GET['ip'] : '';
+$author = isset($_GET['author']) ? $_GET['author'] : '';
+$status = isset($_GET['status']) ? $_GET['status'] : '';
+$type   = !empty($_GET['type']) ? $_GET['type'] : '';
+$sortby = !empty($_GET['sortby']) ? $_GET['sortby'] : 'comment_dt';
+$order  = !empty($_GET['order']) ? $_GET['order'] : 'desc';
+$ip     = !empty($_GET['ip']) ? $_GET['ip'] : '';
+$email  = !empty($_GET['email']) ? $_GET['email'] : '';
+$site   = !empty($_GET['site']) ? $_GET['site'] : '';
 
 $with_spam = $author || $status || $type || $sortby != 'comment_dt' || $order != 'desc' || $ip;
@@ -108 +110 @@
 if ($ip) {
      $params['comment_ip'] = $ip;
+     $show_filters = true;
+}
+
+# - email filter
+if ($email) {
+     $params['comment_email'] = $email;
+     $show_filters = true;
+}
+
+# - site filter
+if ($site) {
+     $params['comment_site'] = $site;
      $show_filters = true;
 }
@@ -237 +251 @@
      '<p><label for="ip" class="ib">'.__('IP address:').'</label> '.
      form::field('ip',20,39,html::escapeHTML($ip)).'</p>'.
+     '<p><label for="email" class="ib">'.__('Email:').'</label> '.
+     form::field('email',20,255,html::escapeHTML($email)).'</p>'.
+     '<p><label for="site" class="ib">'.__('Web site:').'</label> '.
+     form::field('site',20,255,html::escapeHTML($site)).'</p>'.
      '</div>'.
 
@@ -276 +294 @@
      form::hidden(array('page'),$page).
      form::hidden(array('nb'),$nb_per_page).
+     form::hidden(array('email'),html::escapeHTML(preg_replace('/%/','%%',$email))).
+     form::hidden(array('site'),html::escapeHTML(preg_replace('/%/','%%',$site))).
      '</div>'.
 

admin/index.php

@@ -13 +13 @@
 if (!empty($_GET['pf'])) {
      require dirname(__FILE__).'/../inc/load_plugin_file.php';
+     exit;
+}
+
+if (!empty($_GET['vf'])) {
+     require dirname(__FILE__).'/../inc/load_var_file.php';
      exit;
 }

admin/style/default.css

@@ -37 +37 @@
     box-sizing: border-box;
      }
+#dotclear-admin {
+    display: flex;
+    min-height: 100vh;
+     flex-direction: column;
+}
 #header {
      background: #676e78;
      color: #FFF;
      border-bottom: 4px solid #A2CBE9;
-     width: 100%;
+     width: 99.99%; /* Bugfix Chrome >= 49.0.2623.108 */
      display: table;
      position: relative;
@@ -52 +57 @@
      z-index: 10;
      background: #F7F7F7 url(bg_wrapper.png) repeat-y 15em;
+     flex: 1;
      }
 .with-js #wrapper {

inc/admin/lib.dc.page.php

@@ -1007 +1007 @@
      }
 
+     public static function getVF($file)
+     {
+          return $GLOBALS['core']->adminurl->get('load.var.file',array('vf' => $file));
+     }
+
      public static function setXFrameOptions($origin = null)
      {

inc/admin/prepend.php

@@ -208 +208 @@
 
 $core->adminurl->registercopy('load.plugin.file','admin.home',array('pf' => 'dummy.css'));
+$core->adminurl->registercopy('load.var.file','admin.home',array('vf' => 'dummy.json'));
 
 if ($core->auth->userID() && $core->blog !== null)

inc/config.php.in

@@ -52 +52 @@
 define('DC_TPL_CACHE',path::real(dirname(__FILE__).'/..').'/cache');
 
+// Var directory
+define('DC_VAR',path::real(dirname(__FILE__).'/..').'/var');
+
 
 // If you have PATH_INFO issue, uncomment following lines

inc/core/class.dc.blog.php

@@ -138 +138 @@
      {
           $ret = $this->getQmarkURL().'pf='.$pf;
+          if ($strip_host) {
+               $ret = html::stripHostURL($ret);
+          }
+          return $ret;
+     }
+
+     /**
+     Returns public URL of specified var file.
+      */
+     public function getVF($vf, $strip_host=true)
+     {
+          $ret = $this->getQmarkURL().'vf='.$vf;
           if ($strip_host) {
                $ret = html::stripHostURL($ret);
@@ -2027 +2039 @@
           }
 
+          if (isset($params['comment_email'])) {
+               $comment_email = $this->con->escape(str_replace('*','%',$params['comment_email']));
+               $strReq .= "AND comment_email LIKE '".$comment_email."' ";
+          }
+
           if (isset($params['comment_site'])) {
                $comment_site = $this->con->escape(str_replace('*','%',$params['comment_site']));

inc/dbschema/upgrade.php

@@ -544 +544 @@
                @unlink(DC_ROOT.'/'.'admin/js/jsUpload/vendor/jquery.ui.widget.js');
                @rmdir(DC_ROOT.'/'.'admin/js/jsUpload/vendor');
+
+               # Create new var directory and its .htaccess file
+               @files::makeDir(DC_VAR);
+               $f = DC_VAR.'/.htaccess';
+               if (!file_exists($f))
+               {
+                    @file_put_contents($f,'Require all denied'."\n".'Deny from all'."\n");
+               }
           }
 

inc/prepend.php

@@ -197 +197 @@
      if (strlen(crypt::hmac(DC_MASTER_KEY,DC_VENDOR_NAME,DC_CRYPT_ALGO)) < 40) {
           if (!defined('DC_CONTEXT_ADMIN')) {
-               exit('Site temporarily unavailable');
+               __error('Server error','Site temporarily unavailable');
           } else {
-               exit(DC_CRYPT_ALGO.' cryptographic algorithm configured is not strong enough, please change it.');
-          }
+               __error('Dotclear error',DC_CRYPT_ALGO.' cryptographic algorithm configured is not strong enough, please change it.');
+          }
+          exit;
+     }
+}
+
+if (!defined('DC_VAR')) {
+     define('DC_VAR',path::real(dirname(__FILE__).'/..').'/var');
+}
+// Check existence of var directory
+if (!is_dir(DC_VAR)) {
+     // Try to create it
+     @files::makeDir(DC_VAR);
+     if (!is_dir(DC_VAR)) {
+          // Admin must create it
+          if (!defined('DC_CONTEXT_ADMIN')) {
+               __error('Server error','Site temporarily unavailable');
+          } else {
+               __error('Dotclear error',DC_VAR.' directory does not exist. Please create it.');
+          }
+          exit;
      }
 }

inc/public/class.dc.template.php

@@ -1095 +1095 @@
      category  CDATA     #IMPLIED  -- get entries for specific categories only (multiple comma-separated categories can be specified. Use "!" as prefix to exclude a category)
      no_category    CDATA     #IMPLIED  -- get entries without category
+     with_category  CDATA     #IMPLIED  -- get entries with category
      no_context (1|0)    #IMPLIED  -- Override context information
      sortby    (title|selected|author|date|id)    #IMPLIED  -- specify entries sort criteria (default : date) (multiple comma-separated sortby can be specified. Use "?asc" or "?desc" as suffix to provide an order for each sorby)
@@ -1153 +1154 @@
           }
 
+          if (isset($attr['with_category']) && $attr['with_category']) {
+               $p .= "@\$params['sql'] .= ' AND P.cat_id IS NOT NULL ';\n";
+          }
+
           if (isset($attr['no_category']) && $attr['no_category']) {
                $p .= "@\$params['sql'] .= ' AND P.cat_id IS NULL ';\n";

inc/public/prepend.php

@@ -13 +13 @@
 if (!empty($_GET['pf'])) {
      require dirname(__FILE__).'/../load_plugin_file.php';
+     exit;
+}
+
+if (!empty($_GET['vf'])) {
+     require dirname(__FILE__).'/../load_var_file.php';
      exit;
 }

plugins/dcLegacyEditor/_define.php

@@ -16 +16 @@
      /* Description*/         "dotclear legacy editor",
      /* Author */             "dotclear Team",
-     /* Version */            '0.1.3',
+     /* Version */            '0.1.4',
      array(
           'permissions' =>    'usage,contentadmin',

plugins/dcLegacyEditor/css/jsToolBar/jsToolBar.css

@@ -116 +116 @@
      background-image: url(?pf=dcLegacyEditor/css/jsToolBar/bt_code.png);
 }
+button.jstb_mark {
+     background-image: url(?pf=dcLegacyEditor/css/jsToolBar/bt_mark.png);
+}
 button.jstb_paragraph {
      background-image: url(?pf=dcLegacyEditor/css/jsToolBar/bt_paragraph.png);

plugins/dcLegacyEditor/inc/dc.legacy.editor.behaviors.php

@@ -112 +112 @@
           "jsToolBar.prototype.elements.quote.title = '".html::escapeJS(__('Inline quote'))."'; ".
           "jsToolBar.prototype.elements.code.title = '".html::escapeJS(__('Code'))."'; ".
+          "jsToolBar.prototype.elements.mark.title = '".html::escapeJS(__('Mark'))."'; ".
           "jsToolBar.prototype.elements.br.title = '".html::escapeJS(__('Line break'))."'; ".
           "jsToolBar.prototype.elements.blockquote.title = '".html::escapeJS(__('Blockquote'))."'; ".

plugins/dcLegacyEditor/js/jsToolBar/jsToolBar.js

@@ -429 +429 @@
 };
 
+// code
+jsToolBar.prototype.elements.mark = {
+     type: 'button',
+     title: 'Mark',
+     fn: {
+          wiki: function() { this.singleTag('""') },
+          xhtml: function() { this.singleTag('<mark>','</mark>')}
+     }
+};
+
 // spacer
 jsToolBar.prototype.elements.space1 = {

plugins/dcLegacyEditor/js/jsToolBar/jsToolBar.wysiwyg.js

@@ -655 +655 @@
 };
 
+jsToolBar.prototype.elements.mark.fn.wysiwyg = function() {
+     var n = this.getSelectedNode();
+     var mark = this.iwin.document.createElement('mark');
+     mark.appendChild(n);
+     this.insertNode(mark);
+};
+
 jsToolBar.prototype.elements.br.fn.wysiwyg = function() {
      var n = this.iwin.document.createElement('br');