Changes in [372:cb84f40f1f4b:370:527cc81ceccf]
- Files:
-
- 22 edited
-
.hgignore (modified) (1 diff)
-
CHANGELOG (modified) (1 diff)
-
Makefile (modified) (1 diff)
-
admin/auth.php (modified) (1 diff)
-
admin/js/common.js (modified) (4 diffs)
-
admin/js/jquery/jquery.pageTabs.js (modified) (4 diffs)
-
admin/post.php (modified) (1 diff)
-
admin/preferences.php (modified) (1 diff)
-
admin/services.php (modified) (1 diff)
-
admin/user.php (modified) (2 diffs)
-
admin/users.php (modified) (2 diffs)
-
inc/admin/lib.dc.page.php (modified) (2 diffs)
-
inc/core/class.dc.auth.php (modified) (22 diffs)
-
inc/core/class.dc.blog.php (modified) (8 diffs)
-
inc/core/class.dc.core.php (modified) (1 diff)
-
inc/core/class.dc.error.php (modified) (8 diffs)
-
inc/core/class.dc.settings.php (modified) (1 diff)
-
inc/prepend.php (modified) (1 diff)
-
inc/public/class.dc.template.php (modified) (2 diffs)
-
inc/public/lib.urlhandlers.php (modified) (9 diffs)
-
locales/fr/help/core_blog_pref.html (modified) (1 diff)
-
plugins/pages/_public.php (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
.hgignore
r358 r14 1 1 cache 2 public3 2 inc/config.php 4 3 \.htaccess -
CHANGELOG
r372 r368 1 Dotclear 2.4.0 - ongoing dev2 ===========================================================3 * handling of postgres non default schemas (db_prefix = 'schema.prefix')4 5 1 Dotclear 2.3.1 - 2001-06-14 6 2 =========================================================== -
Makefile
r343 r290 25 25 ## Remove .svn folders 26 26 find ./$(DIST)/ -type d -name '.svn' | xargs rm -rf 27 28 ## Remove .hg* files and folders29 find ./$(DIST)/ -type d -name '.hg*' | xargs rm -rf30 find ./$(DIST)/ -type f -name '.hg*' | xargs rm -rf31 27 32 28 ## Remove config file if any -
admin/auth.php
r372 r366 143 143 } 144 144 145 # Check login informations 146 $check_user = false; 147 if (isset($data['cookie_admin']) && strlen($data['cookie_admin']) == 104) 148 { 149 $user_id = substr($data['cookie_admin'],40); 150 $user_id = @unpack('a32',@pack('H*',$user_id)); 151 if (is_array($user_id)) 145 # Check login informations 146 $check_user = false; 147 if (isset($data['cookie_admin']) && strlen($data['cookie_admin']) == 104) 152 148 { 153 $user_id = $user_id[1]; 154 $user_key = substr($data['cookie_admin'],0,40); 155 $check_user = $core->auth->checkUser($user_id,null,$user_key) === true; 156 } 157 } 149 $user_id = substr($data['cookie_admin'],40); 150 $user_id = @unpack('a32',@pack('H*',$user_id)); 151 if (is_array($user_id)) 152 { 153 $user_id = $user_id[1]; 154 $user_key = substr($data['cookie_admin'],0,40); 155 $check_user = $core->auth->checkUser($user_id,null,$user_key) === true; 156 } 157 } 158 158 159 159 if (!$core->auth->allowPassChange() || !$check_user) { -
admin/js/common.js
r343 r314 57 57 } 58 58 59 jQuery.fn.toggleWithLegend = function(target,s ) {59 jQuery.fn.toggleWithLegend = function(target,s, callback) { 60 60 var defaults = { 61 61 img_on_src: dotclear.img_plus_src, … … 79 79 } 80 80 81 var toggle = function(i,speed ) {81 var toggle = function(i,speed, callback) { 82 82 speed = speed || 0; 83 83 if (p.hide) { 84 84 $(i).get(0).src = p.img_on_src; 85 85 $(i).get(0).alt = p.img_on_alt; 86 target.hide(speed, positionFooter);86 target.hide(speed, callback); 87 87 } else { 88 88 $(i).get(0).src = p.img_off_src; 89 89 $(i).get(0).alt = p.img_off_alt; 90 target.show(speed, positionFooter);90 target.show(speed, callback); 91 91 if (p.fn) { 92 92 p.fn.apply(target); … … 122 122 $(ctarget).css('cursor','pointer'); 123 123 $(ctarget).click(function() { 124 toggle(i,p.speed, positionFooter);124 toggle(i,p.speed, callback); 125 125 return false; 126 126 }); … … 356 356 } 357 357 $('#blog-menu h3:first').toggleWithLegend($('#blog-menu ul:first'), 358 $.extend({cookie:'dc_blog_menu'},menu_settings) 358 $.extend({cookie:'dc_blog_menu'},menu_settings), 359 positionFooter 359 360 ); 360 361 $('#system-menu h3:first').toggleWithLegend($('#system-menu ul:first'), 361 $.extend({cookie:'dc_system_menu'},menu_settings) 362 $.extend({cookie:'dc_system_menu'},menu_settings), 363 positionFooter 362 364 ); 363 365 $('#plugins-menu h3:first').toggleWithLegend($('#plugins-menu ul:first'), 364 $.extend({cookie:'dc_plugins_menu'},menu_settings) 366 $.extend({cookie:'dc_plugins_menu'},menu_settings), 367 positionFooter 365 368 ); 366 369 $('#favorites-menu h3:first').toggleWithLegend($('#favorites-menu ul:first'), 367 $.extend({cookie:'dc_favorites_menu',hide:false,reverse_cookie:true},menu_settings) 370 $.extend({cookie:'dc_favorites_menu',hide:false,reverse_cookie:true},menu_settings), 371 positionFooter 368 372 ); 369 373 -
admin/js/jquery/jquery.pageTabs.js
r297 r0 9 9 breakerClassName: 'clear' 10 10 }; 11 11 12 12 var index = start_tab ? start_tab : 0; 13 13 14 14 this.params = jQuery.extend(defaults,settings); 15 15 this.divs = jQuery('div.'+this.params.className); … … 20 20 jQuery._pageTabs.prototype = { 21 21 items: new Array(), 22 22 23 23 createList: function() { 24 24 if (this.divs.length <= 0) { 25 25 return; 26 26 } 27 27 28 28 this.block = document.createElement('div'); 29 29 this.block.className = this.params.listClassName; … … 32 32 this.block.appendChild(this.list); 33 33 var li, a; 34 34 35 35 var This = this; 36 36 var i=0; … … 57 57 } 58 58 }); 59 59 60 60 this.breaker = document.createElement('br'); 61 61 this.breaker.className = this.params.breakerClassName; 62 62 63 63 jQuery(this.divs.get(0)).before(this.block); 64 64 jQuery(this.block).after(this.breaker); 65 65 }, 66 66 67 67 showDiv: function(index) { 68 68 var This = this; 69 69 var i = 0; 70 70 var to_trigger = null; 71 71 72 72 this.divs.each(function() { 73 73 if ((this.id != '' && this.id == index) || i == index) { 74 jQuery(this).show( 0, positionFooter);74 jQuery(this).show(); 75 75 This.items[i].className = This.params.listClassName+'-active'; 76 76 to_trigger = i; 77 77 } else { 78 jQuery(this).hide( 0, positionFooter);78 jQuery(this).hide(); 79 79 This.items[i].className = ''; 80 80 } 81 81 82 82 i++; 83 83 }); 84 84 85 85 if (to_trigger != null) { 86 86 jQuery(this.divs[to_trigger]).onetabload(); -
admin/post.php
r322 r270 527 527 } 528 528 529 # --BEHAVIOR-- adminCommentsActionsCombo530 $core->callBehavior('adminCommentsActionsCombo',array(&$combo_action));531 532 529 $has_action = !empty($combo_action) && (!$trackbacks->isEmpty() || !$comments->isEmpty()); 533 530 -
admin/preferences.php
r371 r324 555 555 $array = $_fav; 556 556 function cmp($a,$b) { 557 if ( __($a[1]) == __($b[1])) {557 if ($a[1] == $b[1]) { 558 558 return 0; 559 559 } 560 return ( __($a[1]) < __($b[1])) ? -1 : 1;560 return ($a[1] < $b[1]) ? -1 : 1; 561 561 } 562 562 $array=$array->getArrayCopy(); -
admin/services.php
r323 r270 133 133 $rsp->comment_ip($rs->comment_ip); 134 134 $rsp->comment_email($rs->comment_email); 135 $rsp->comment_spam_disp(dcAntispam::statusMessage($rs)); 135 # --BEHAVIOR-- adminAfterCommentDesc 136 $rsp->comment_spam_disp($core->callBehavior('adminAfterCommentDesc', $rs)); 136 137 } 137 138 -
admin/user.php
r313 r270 96 96 $cur->user_post_status = $user_post_status = $_POST['user_post_status']; 97 97 98 if ($cur->user_id == $core->auth->userID() && $core->auth->isSuperAdmin()) {99 // force super_user to true if current user100 $cur->user_super = $user_super = true;101 }102 98 if ($core->auth->allowPassChange()) { 103 99 $cur->user_change_pwd = !empty($_POST['user_change_pwd']) ? 1 : 0; … … 259 255 } 260 256 261 $super_disabled = $user_super && $user_id == $core->auth->userID();262 263 257 echo 264 '<p><label for="user_super" class="classic">'.form::checkbox('user_super','1',$user_super,'',16 ,$super_disabled).' '.258 '<p><label for="user_super" class="classic">'.form::checkbox('user_super','1',$user_super,'',16).' '. 265 259 __('Super administrator').'</label></p>'. 266 260 '</div>'. -
admin/users.php
r313 r270 24 24 # --BEHAVIOR-- adminBeforeUserDelete 25 25 $core->callBehavior('adminBeforeUserDelete',$u); 26 if ($u != $core->auth->userID()) { 27 $core->delUser($u); 28 } 26 27 $core->delUser($u); 29 28 } 30 29 catch (Exception $e) … … 33 32 } 34 33 } 34 35 35 if (!$core->error->flag()) { 36 36 http::redirect('users.php?del=1'); -
inc/admin/lib.dc.page.php
r344 r321 16 16 class dcPage 17 17 { 18 private static $loaded_js=array();19 20 18 # Auth check 21 19 public static function check($permissions) … … 351 349 public static function jsLoad($src) 352 350 { 353 $escaped_src = html::escapeHTML($src); 354 if (!isset(self::$loaded_js[$escaped_src])) { 355 self::$loaded_js[$escaped_src]=true; 356 return '<script type="text/javascript" src="'.$escaped_src.'"></script>'."\n"; 357 } 351 return '<script type="text/javascript" src="'.html::escapeHTML($src).'"></script>'."\n"; 358 352 } 359 353 -
inc/core/class.dc.auth.php
r333 r270 4 4 # This file is part of Dotclear 2. 5 5 # 6 # Copyright (c) 2003-201 0Olivier Meunier & Association Dotclear6 # Copyright (c) 2003-2011 Olivier Meunier & Association Dotclear 7 7 # Licensed under the GPL version 2.0 license. 8 8 # See LICENSE file or … … 13 13 14 14 /** 15 *@ingroup DC_CORE16 *@nosubgrouping17 *@brief Authentication and user credentials management18 * 19 *dcAuth is a class used to handle everything related to user authentication20 *and credentials. Object is provided by dcCore $auth property.15 @ingroup DC_CORE 16 @nosubgrouping 17 @brief Authentication and user credentials management 18 19 dcAuth is a class used to handle everything related to user authentication 20 and credentials. Object is provided by dcCore $auth property. 21 21 */ 22 22 class dcAuth 23 23 { 24 /** @var dcCore dcCore instance */ 25 protected $core; 26 /** @var connection Database connection object */ 27 protected $con; 28 29 /** @var string User table name */ 30 protected $user_table; 31 /** @var string Perm table name */ 32 protected $perm_table; 33 34 /** @var string Current user ID */ 35 protected $user_id; 36 /** @var array Array with user information */ 37 protected $user_info = array(); 38 /** @var array Array with user options */ 39 protected $user_options = array(); 40 /** @var boolean User must change his password after login */ 41 protected $user_change_pwd; 42 /** @var boolean User is super admin */ 43 protected $user_admin; 44 /** @var array Permissions for each blog */ 45 protected $permissions = array(); 46 /** @var boolean User can change its password */ 47 protected $allow_pass_change = true; 48 /** @var array List of blogs on which the user has permissions */ 49 protected $blogs = array(); 50 /** @var integer Count of user blogs */ 51 public $blog_count = null; 52 53 /** @var array Permission types */ 54 protected $perm_types; 55 56 /** @var dcPrefs dcPrefs object */ 57 public $user_prefs; 58 59 /** 60 * Class constructor. Takes dcCore object as single argument. 61 * 62 * @param dcCore $core dcCore object 24 protected $core; ///< <b>dcCore</b> dcCore instance 25 protected $con; ///< <b>connection</b> Database connection object 26 27 protected $user_table; ///< <b>string</b> User table name 28 protected $perm_table; ///< <b>string</b> Perm table name 29 30 protected $user_id; ///< <b>string</b> Current user ID 31 protected $user_info = array(); ///< <b>array</b> Array with user information 32 protected $user_options = array(); ///< <b>array</b> Array with user options 33 protected $user_change_pwd; ///< <b>boolean</b> User must change his password after login 34 protected $user_admin; ///< <b>boolean</b> User is super admin 35 protected $permissions = array(); ///< <b>array</b> Permissions for each blog 36 protected $allow_pass_change = true; ///< <b>boolean</b> User can change its password 37 protected $blogs = array(); ///< <b>array</b> List of blogs on which the user has permissions 38 public $blog_count = null; ///< <b>integer</b> Count of user blogs 39 40 protected $perm_types; ///< <b>array</b> Permission types 41 42 public $user_prefs; ///< <b>dcPrefs</b> dcPrefs object 43 44 /** 45 Class constructor. Takes dcCore object as single argument. 46 47 @param core <b>dcCore</b> dcCore object 63 48 */ 64 49 public function __construct($core) … … 85 70 //@{ 86 71 /** 87 * Checks if user exists and can log in. <var>$pwd</var> argument is optionnal 88 * while you may need to check user without password. This method will create 89 * credentials and populate all needed object properties. 90 * 91 * @param string $user_id User ID 92 * @param string $pwd User password 93 * @param string $user_key User key check 94 * @param boolean $check_blog checks if user is associated to a blog or not. 95 * @return boolean 96 */ 97 public function checkUser($user_id, $pwd=null, $user_key=null, $check_blog=true) 72 Checks if user exists and can log in. <var>$pwd</var> argument is optionnal 73 while you may need to check user without password. This method will create 74 credentials and populate all needed object properties. 75 76 @param user_id <b>string</b> User ID 77 @param pwd <b>string</b> User password 78 @param user_key <b>string</b> User key check 79 @return <b>boolean</b> 80 */ 81 public function checkUser($user_id, $pwd=null, $user_key=null) 98 82 { 99 83 # Check user and password … … 157 141 158 142 # Get permissions on blogs 159 if ($ check_blog && ($this->findUserBlog() === false)) {143 if ($this->findUserBlog() === false) { 160 144 return false; 161 145 } … … 164 148 165 149 /** 166 *This method only check current user password.167 *168 * @param string $pwdUser password169 * @return boolean150 This method only check current user password. 151 152 @param pwd <b>string</b> User password 153 @return <b>boolean</b> 170 154 */ 171 155 public function checkPassword($pwd) … … 179 163 180 164 /** 181 *This method checks if user session cookie exists182 *183 * @return boolean165 This method checks if user session cookie exists 166 167 @return <b>boolean</b> 184 168 */ 185 169 public function sessionExists() … … 189 173 190 174 /** 191 *This method checks user session validity.192 *193 * @return boolean175 This method checks user session validity. 176 177 @return <b>boolean</b> 194 178 */ 195 179 public function checkSession($uid=null) … … 228 212 229 213 /** 230 *Checks if user is super admin231 *232 * @return boolean214 Checks if user is super admin 215 216 @return <b>boolean</b> 233 217 */ 234 218 public function isSuperAdmin() … … 238 222 239 223 /** 240 *Checks if user has permissions given in <var>$permissions</var> for blog241 *<var>$blog_id</var>. <var>$permissions</var> is a coma separated list of242 *permissions.243 *244 * @param string $permissionsPermissions list245 * @param string $blog_idBlog ID246 * @return boolean224 Checks if user has permissions given in <var>$permissions</var> for blog 225 <var>$blog_id</var>. <var>$permissions</var> is a coma separated list of 226 permissions. 227 228 @param permissions <b>string</b> Permissions list 229 @param blog_id <b>string</b> Blog ID 230 @return <b>boolean</b> 247 231 */ 248 232 public function check($permissions,$blog_id) … … 273 257 274 258 /** 275 *Returns true if user is allowed to change its password.276 *277 * @return boolean259 Returns true if user is allowed to change its password. 260 261 @return <b>boolean</b> 278 262 */ 279 263 public function allowPassChange() … … 328 312 //@{ 329 313 /** 330 * Calls $f function with super admin rights. 331 * Returns the function result. 332 * 333 * @param callback $f Callback function 334 * @return mixed 314 Calls <var>$f</var> function with super admin rights. 315 316 @param f <b>callback</b> Callback function 317 @return <b>mixed</b> Function result 335 318 */ 336 319 public function sudo($f) … … 363 346 //@{ 364 347 /** 365 * Returns user permissions for a blog as an array which looks like: 366 * 367 * - [blog_id] 368 * - [permission] => true 369 * - ... 370 * 371 * @param string $blog_id Blog ID 372 * @return array 348 Returns user permissions for a blog as an array which looks like: 349 350 - [blog_id] 351 - [permission] => true 352 - ... 353 354 @return <b>array</b> 373 355 */ 374 356 public function getPermissions($blog_id) … … 440 422 441 423 /** 442 *Returns current user ID443 *444 * @return string424 Returns current user ID 425 426 @return <b>string</b> 445 427 */ 446 428 public function userID() … … 450 432 451 433 /** 452 *Returns information about a user .453 *454 * @param string $nInformation name455 * @return string434 Returns information about a user . 435 436 @param n <b>string</b> Information name 437 @return <b>string</b> Information value 456 438 */ 457 439 public function getInfo($n) … … 465 447 466 448 /** 467 *Returns a specific user option468 *469 * @param string $nOption name470 * @return string449 Returns a specific user option 450 451 @param n <b>string</b> Option name 452 @return <b>string</b> Option value 471 453 */ 472 454 public function getOption($n) … … 479 461 480 462 /** 481 *Returns all user options in an associative array.482 *483 * @return array463 Returns all user options in an associative array. 464 465 @return <b>array</b> 484 466 */ 485 467 public function getOptions() … … 492 474 //@{ 493 475 /** 494 *Returns an array with permissions parsed from the string <var>$level</var>495 *496 * @param string $levelPermissions string497 * @return array476 Returns an array with permissions parsed from the string <var>$level</var> 477 478 @param level <b>string</b> Permissions string 479 @return <b>array</b> 498 480 */ 499 481 public function parsePermissions($level) … … 510 492 511 493 /** 512 *Returns <var>perm_types</var> property content.513 *514 * @return array494 Returns <var>perm_types</var> property content. 495 496 @return <b>array</b> 515 497 */ 516 498 public function getPermissionsTypes() … … 520 502 521 503 /** 522 *Adds a new permission type.523 *524 * @param string $namePermission name525 * @param string $titlePermission title504 Adds a new permission type. 505 506 @param name <b>string</b> Permission name 507 @param title <b>string</b> Permission title 526 508 */ 527 509 public function setPermissionType($name,$title) … … 534 516 //@{ 535 517 /** 536 *Add a recover key to a specific user identified by its email and537 *password.538 *539 * @param string $user_idUser ID540 * @param string $user_emailUser Email541 * @return string518 Add a recover key to a specific user identified by its email and 519 password. 520 521 @param user_id <b>string</b> User ID 522 @param user_email <b>string</b> User Email 523 @return <b>string</b> Recover key 542 524 */ 543 525 public function setRecoverKey($user_id,$user_email) … … 565 547 566 548 /** 567 *Creates a new user password using recovery key. Returns an array:568 *569 *- user_email570 *- user_id571 *- new_pass572 *573 * @param string $recover_keyRecovery key574 * @return array549 Creates a new user password using recovery key. Returns an array: 550 551 - user_email 552 - user_id 553 - new_pass 554 555 @param recover_key <b>string</b> Recovery key 556 @return <b>array</b> 575 557 */ 576 558 public function recoverUserPassword($recover_key) … … 608 590 609 591 /** 610 *Called after core->addUser611 * @seedcCore::addUser612 * @param cursor $curUser cursor592 Called after core->addUser 593 @see dcCore::addUser 594 @param cur <b>cursor</b> User cursor 613 595 */ 614 596 public function afterAddUser($cur) {} 615 597 616 598 /** 617 *Called after core->updUser618 * @seedcCore::updUser619 * @param string $idUser ID620 * @param cursor $curUser cursor599 Called after core->updUser 600 @see dcCore::updUser 601 @param id <b>string</b> User ID 602 @param cur <b>cursor</b> User cursor 621 603 */ 622 604 public function afterUpdUser($id,$cur) {} 623 605 624 606 /** 625 *Called after core->delUser626 * @seedcCore::delUser627 * @param string $idUser ID607 Called after core->delUser 608 @see dcCore::delUser 609 @param id <b>string</b> User ID 628 610 */ 629 611 public function afterDelUser($id) {} -
inc/core/class.dc.blog.php
r340 r270 21 21 class dcBlog 22 22 { 23 /** @var dcCore dcCore instance */ 24 protected $core; 25 /** @var connection Database connection object */ 26 public $con; 27 /** @var string Database table prefix */ 28 public $prefix; 29 30 /** @var string Blog ID */ 31 public $id; 32 /** @var string Blog unique ID */ 33 public $uid; 34 /** @var string Blog name */ 35 public $name; 36 /** @var string Blog description */ 37 public $desc; 38 /** @var string Blog URL */ 39 public $url; 40 /** @var string Blog host */ 41 public $host; 42 /** @var string Blog creation date */ 43 public $creadt; 44 /** @var string Blog last update date */ 45 public $upddt; 46 /** @var string Blog status */ 47 public $status; 48 49 /** @var dcSettings dcSettings object */ 50 public $settings; 51 /** @var string Blog theme path */ 52 public $themes_path; 53 /** @var string Blog public path */ 54 public $public_path; 23 protected $core; ///< <b>dcCore</b> dcCore instance 24 public $con; ///< <b>connection</b> Database connection object 25 public $prefix; ///< <b>string</b> Database table prefix 26 27 public $id; ///< <b>string</b> Blog ID 28 public $uid; ///< <b>string</b> Blog unique ID 29 public $name; ///< <b>string</b> Blog name 30 public $desc; ///< <b>string</b> Blog description 31 public $url; ///< <b>string</b> Blog URL 32 public $host; ///< <b>string</b> Blog host 33 public $creadt; ///< <b>string</b> Blog creation date 34 public $upddt; ///< <b>string</b> Blog last update date 35 public $status; ///< <b>string</b> Blog status 36 37 public $settings; ///< <b>dcSettings</b> dcSettings object 38 public $themes_path; ///< <b>string</b> Blog theme path 39 public $public_path; ///< <b>string</b> Blog public path 55 40 56 41 private $post_status = array(); … … 59 44 private $categories; 60 45 61 /** @var boolean Disallow entries password protection */ 62 public $without_password = true; 46 public $without_password = true; ///< <b>boolean</b> Disallow entries password protection 63 47 64 48 /** … … 407 391 408 392 if (!empty($params['post_type'])) { 409 $strReq .= 'AND P.post_type '.$this->con->in($params['post_type']);393 $strReq .= "AND post_type = '".$this->con->escape($params['post_type'])."' "; 410 394 } 411 395 … … 727 711 if (isset($params['post_type'])) 728 712 { 729 $strReq .= 'AND post_type '.$this->con->in($params['post_type']); 713 if (is_array($params['post_type']) && !empty($params['post_type'])) { 714 $strReq .= 'AND post_type '.$this->con->in($params['post_type']); 715 } elseif ($params['post_type'] != '') { 716 $strReq .= "AND post_type = '".$this->con->escape($params['post_type'])."' "; 717 } 730 718 } 731 719 else … … 870 858 871 859 if($dir > 0) { 872 873 874 875 876 877 878 860 $sign = '>'; 861 $order = 'ASC'; 862 } 863 else { 864 $sign = '<'; 865 $order = 'DESC'; 866 } 879 867 880 868 $params['post_type'] = $post->post_type; … … 1037 1025 $strReq .= "AND post_type = 'post' "; 1038 1026 } 1039 1027 1040 1028 if (!empty($params['year'])) { 1041 1029 $strReq .= 'AND '.$this->con->dateFormat('post_dt','%Y')." = '".sprintf('%04d',$params['year'])."' "; … … 1177 1165 $cur->post_upddt = date('Y-m-d H:i:s'); 1178 1166 1179 # If user is only "usage", we need to check the post's owner1167 #�If user is only "usage", we need to check the post's owner 1180 1168 if (!$this->core->auth->check('contentadmin',$this->id)) 1181 1169 { … … 1780 1768 if (!empty($params['post_type'])) 1781 1769 { 1782 $strReq .= 'AND post_type '.$this->con->in($params['post_type']); 1770 if (is_array($params['post_type']) && !empty($params['post_type'])) { 1771 $strReq .= 'AND post_type '.$this->con->in($params['post_type']); 1772 } else { 1773 $strReq .= "AND post_type = '".$this->con->escape($params['post_type'])."' "; 1774 } 1783 1775 } 1784 1776 -
inc/core/class.dc.core.php
r331 r270 63 63 if ($this->con instanceof mysqlConnection) { 64 64 mysqlConnection::$weak_locks = true; 65 }66 67 # define searchpath for postgresql68 if ($this->con instanceof pgsqlConnection)69 {70 $searchpath = explode ('.',$prefix,2);71 if (count($searchpath) > 1)72 {73 $prefix = $searchpath[1];74 $sql = 'SET search_path TO '.$searchpath[0].',public;';75 $this->con->execute($sql);76 }77 65 } 78 66 -
inc/core/class.dc.error.php
r334 r270 13 13 14 14 /** 15 *@ingroup DC_CORE16 *@brief Error class17 * 18 *dcError is a very simple error class, with a stack. Call dcError::add to19 *add an error in stack. In administration area, errors are automatically20 *displayed.15 @ingroup DC_CORE 16 @brief Error class 17 18 dcError is a very simple error class, with a stack. Call dcError::add to 19 add an error in stack. In administration area, errors are automatically 20 displayed. 21 21 */ 22 22 class dcError 23 23 { 24 /** @var array Errors stack */ 25 protected $errors = array(); 26 /** @var boolean True if stack is not empty */ 27 protected $flag = false; 28 /** @var string HTML errors list pattern */ 29 protected $html_list = "<ul>\n%s</ul>\n"; 30 /** @var string HTML error item pattern */ 31 protected $html_item = "<li>%s</li>\n"; 24 protected $errors = array(); ///< <b>array</b> Errors stack 25 protected $flag = false; ///< <b>boolean</b> True if stack is not empty 26 protected $html_list = "<ul>\n%s</ul>\n"; ///< <b>string</b> HTML errors list pattern 27 protected $html_item = "<li>%s</li>\n"; ///< <b>string</b> HTML error item pattern 32 28 33 29 /** 34 *Object constructor.30 Object constructor. 35 31 */ 36 32 public function __construct() … … 41 37 42 38 /** 43 *Object string representation. Returns errors stack.44 *45 * @return string39 Object string representation. Returns errors stack. 40 41 @return <b>string</b> 46 42 */ 47 43 public function __toString() … … 58 54 59 55 /** 60 *Adds an error to stack.61 *62 * @param string $msgError message56 Adds an error to stack. 57 58 @param msg <b>string</b> Error message 63 59 */ 64 60 public function add($msg) … … 69 65 70 66 /** 71 * Returns the value of <var>flag</var> property. True if errors stack is not empty72 *73 * @return boolean67 Returns the value of <var>flag</var> property. 68 69 @return <b>boolean</b> True if errors stack is not empty 74 70 */ 75 71 public function flag() … … 79 75 80 76 /** 81 *Resets errors stack.77 Resets errors stack. 82 78 */ 83 79 public function reset() … … 88 84 89 85 /** 90 *Returns <var>errors</var> property.91 *92 * @return array86 Returns <var>errors</var> property. 87 88 @return <b>array</b> 93 89 */ 94 90 public function getErrors() … … 98 94 99 95 /** 100 *Sets <var>list</var> and <var>item</var> properties.101 *102 * @param string $listHTML errors list pattern103 * @param string $itemHTML error item pattern96 Sets <var>list</var> and <var>item</var> properties. 97 98 @param list <b>string</b> HTML errors list pattern 99 @param item <b>string</b> HTML error item pattern 104 100 */ 105 101 public function setHTMLFormat($list,$item) … … 110 106 111 107 /** 112 *Returns errors stack as HTML.113 *114 * @return string108 Returns errors stack as HTML. 109 110 @return <b>string</b> 115 111 */ 116 112 public function toHTML() -
inc/core/class.dc.settings.php
r301 r270 308 308 } 309 309 310 /**311 Returns a list of settings matching given criteria, for any blog.312 <b>$params</b> is an array taking the following313 optionnal parameters:314 315 - ns : retrieve setting from given namespace316 - id : retrieve only settings corresponding to the given id317 318 @param params <b>array</b> Parameters319 @return <b>record</b> A record320 */321 public function getGlobalSettings($params=array())322 {323 $strReq = "SELECT * from ".$this->table." ";324 $where = array();325 if (!empty($params['ns'])) {326 $where[] = "setting_ns = '".$this->con->escape($params['ns'])."'";327 }328 if (!empty($params['id'])) {329 $where[] = "setting_id = '".$this->con->escape($params['id'])."'";330 }331 if (isset($params['blog_id'])) {332 if (!empty($params['blog_id'])) {333 $where[] = "blog_id = '".$this->con->escape($params['blog_id'])."'";334 } else {335 $where[] = "blog_id IS NULL";336 }337 }338 if (count($where) != 0) {339 $strReq .= " WHERE ".join(" AND ", $where);340 }341 $strReq .= " ORDER by blog_id";342 return $this->con->select($strReq);343 }344 345 /**346 Updates a setting from a given record347 348 @param rs <b>record</b> the setting to update349 */350 public function updateSetting($rs)351 {352 $cur = $this->con->openCursor($this->table);353 $cur->setting_id = $rs->setting_id;354 $cur->setting_value = $rs->setting_value;355 $cur->setting_type = $rs->setting_type;356 $cur->setting_label = $rs->setting_label;357 $cur->blog_id = $rs->blog_id;358 $cur->setting_ns = $rs->setting_ns;359 if ($cur->blog_id == null) {360 $where = 'WHERE blog_id IS NULL ';361 } else {362 $where = "WHERE blog_id = '".$this->con->escape($cur->blog_id)."' ";363 }364 $cur->update($where."AND setting_id = '".$this->con->escape($cur->setting_id)."' AND setting_ns = '".$this->con->escape($cur->setting_ns)."' ");365 }366 367 /**368 Drops a setting from a given record369 370 @param rs <b>record</b> the setting to drop371 @return int number of deleted records (0 if setting does not exist)372 */373 public function dropSetting($rs) {374 $strReq = "DELETE FROM ".$this->table.' ';375 if ($rs->blog_id == null) {376 $strReq .= 'WHERE blog_id IS NULL ';377 } else {378 $strReq .= "WHERE blog_id = '".$this->con->escape($rs->blog_id)."' ";379 }380 $strReq .= "AND setting_id = '".$this->con->escape($rs->setting_id)."' AND setting_ns = '".$this->con->escape($rs->setting_ns)."' ";381 return $this->con->execute($strReq);382 }383 310 } 384 311 ?> -
inc/prepend.php
r372 r370 118 118 # Constants 119 119 define('DC_ROOT',path::real(dirname(__FILE__).'/..')); 120 define('DC_VERSION','2. 4.0-dev');120 define('DC_VERSION','2.3.2-dev'); 121 121 define('DC_DIGESTS',dirname(__FILE__).'/digests'); 122 122 define('DC_L10N_ROOT',dirname(__FILE__).'/../locales'); -
inc/public/class.dc.template.php
r351 r341 323 323 } 324 324 325 if (($node instanceof tplNodeBlock) && !$node->isClosed()) {326 $errors[] = sprintf(327 __('Did not find closing tag for block <tpl:%s>. Content has been ignored.'),328 html::escapeHTML($node->getTag()));329 }330 331 325 $err = ""; 332 326 if (count($errors) > 0) { … … 3242 3236 $this->closed = true; 3243 3237 } 3244 public function isClosed() {3245 return $this->closed;3246 }3247 3238 public function compile($tpl) { 3248 3239 if ($this->closed) { -
inc/public/lib.urlhandlers.php
r306 r270 204 204 205 205 $n = self::getPageNumber($args); 206 $params = new ArrayObject(array( 207 'lang' => $args)); 208 209 $core->callBehavior('publicLangBeforeGetLangs',$params,$args); 210 206 207 $params['lang'] = $args; 211 208 $_ctx->langs = $core->blog->getLangs($params); 212 209 … … 238 235 else 239 236 { 240 $params = new ArrayObject(array( 241 'cat_url' => $args, 242 'post_type' => 'post')); 243 244 $core->callBehavior('publicCategoryBeforeGetCategories',$params,$args); 237 $params['cat_url'] = $args; 238 $params['post_type'] = 'post'; 245 239 246 240 $_ctx->categories = $core->blog->getCategories($params); … … 273 267 elseif (preg_match('|^/([0-9]{4})/([0-9]{2})$|',$args,$m)) 274 268 { 275 $params = new ArrayObject(array( 276 'year' => $m[1], 277 'month' => $m[2], 278 'type' => 'month')); 279 280 $core->callBehavior('publicArchiveBeforeGetDates',$params,$args); 281 269 $params['year'] = $m[1]; 270 $params['month'] = $m[2]; 271 $params['type'] = 'month'; 282 272 $_ctx->archives = $core->blog->getDates($params); 283 273 … … 310 300 $core->blog->withoutPassword(false); 311 301 312 $params = new ArrayObject(array( 313 'post_url' => $args)); 314 315 $core->callBehavior('publicPostBeforeGetPosts',$params,$args); 316 302 $params = new ArrayObject(); 303 $params['post_url'] = $args; 304 317 305 $_ctx->posts = $core->blog->getPosts($params); 318 306 … … 422 410 423 411 $redir = $_ctx->posts->getURL(); 424 $redir .= $core->blog->settings->system->url_scan == 'query_string'? '&' : '?';412 $redir .= strpos($redir,'?') !== false ? '&' : '?'; 425 413 426 414 try … … 493 481 $cat_url = false; 494 482 $post_id = null; 483 $params = array(); 495 484 $subtitle = ''; 496 485 … … 501 490 502 491 if (preg_match('!^([a-z]{2}(-[a-z]{2})?)/(.*)$!',$args,$m)) { 503 $params = new ArrayObject(array('lang' => $m[1])); 504 492 $params['lang'] = $m[1]; 505 493 $args = $m[3]; 506 507 $core->callBehavior('publicFeedBeforeGetLangs',$params,$args);508 494 509 495 $_ctx->langs = $core->blog->getLangs($params); … … 549 535 if ($cat_url) 550 536 { 551 $params = new ArrayObject(array( 552 'cat_url' => $cat_url, 553 'post_type' => 'post')); 554 555 $core->callBehavior('publicFeedBeforeGetCategories',$params,$args); 556 537 $params['cat_url'] = $cat_url; 538 $params['post_type'] = 'post'; 557 539 $_ctx->categories = $core->blog->getCategories($params); 558 540 … … 567 549 elseif ($post_id) 568 550 { 569 $params = new ArrayObject(array( 570 'post_id' => $post_id, 571 'post_type' => '')); 572 573 $core->callBehavior('publicFeedBeforeGetPosts',$params,$args); 574 551 $params['post_id'] = $post_id; 552 $params['post_type'] = ''; 575 553 $_ctx->posts = $core->blog->getPosts($params); 576 554 -
locales/fr/help/core_blog_pref.html
r352 r175 43 43 <dl> 44 44 <dt>Nom de l'éditeur du blog</dt> 45 <dd>Nom de la personne responsable du contenu du blog. Peut être le propriétaire 46 ou le directeur de publication s'il existe. Information affichée dans les 47 informations du flux de syndication.</dd> 45 <dd>Nom de la personne en charge du blog. Peut être le propriétaire ou le 46 directeur de publication s'il existe.</dd> 48 47 49 48 <dt>Note de copyright</dt> -
plugins/pages/_public.php
r306 r270 33 33 $core->blog->withoutPassword(false); 34 34 35 $params = new ArrayObject(array( 36 'post_type' => 'page', 37 'post_url' => $args)); 38 39 $core->callBehavior('publicPagesBeforeGetPosts',$params,$args); 35 $params = new ArrayObject(); 36 $params['post_type'] = 'page'; 37 $params['post_url'] = $args; 40 38 41 39 $_ctx->posts = $core->blog->getPosts($params);
Note: See TracChangeset
for help on using the changeset viewer.