onokazu
onoka****@users*****
2006年 5月 1日 (月) 11:37:26 JST
Index: xoops2jp/html/edituser.php diff -u xoops2jp/html/edituser.php:1.4 xoops2jp/html/edituser.php:1.5 --- xoops2jp/html/edituser.php:1.4 Wed Aug 3 21:39:11 2005 +++ xoops2jp/html/edituser.php Mon May 1 11:37:26 2006 @@ -1,5 +1,5 @@ <?php -// $Id: edituser.php,v 1.4 2005/08/03 12:39:11 onokazu Exp $ +// $Id: edituser.php,v 1.5 2006/05/01 02:37:26 onokazu Exp $ // ------------------------------------------------------------------------ // // XOOPS - PHP Content Management System // // Copyright (c) 2000 XOOPS.org // @@ -24,7 +24,6 @@ // along with this program; if not, write to the Free Software // // Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA // // ------------------------------------------------------------------------ // - $xoopsOption['pagetype'] = 'user'; include 'mainfile.php'; include_once XOOPS_ROOT_PATH.'/class/xoopsformloader.php'; @@ -344,9 +343,22 @@ redirect_header('index.php', 3, _US_NOEDITRIGHT); exit(); } - $user_avatar = ''; - if (!empty($_POST['user_avatar'])) { - $user_avatar = trim($_POST['user_avatar']); + $avt_handler =& xoops_gethandler('avatar'); + $user_avatar = 'blank.gif'; + $user_avatar_object = false; + $myts =& MyTextSanitizer::getInstance(); + if ($user_avatar_req = trim($myts->stripSlashesGPC($_POST['user_avatar']))) { + // allow system avatar selection only + if (preg_match("/^savt/", $user_avatar_req)) { + $criteria =& new CriteriaCompo(new Criteria('avatar_file', addslashes($user_avatar_req))); + $criteria->add(new Criteria('avatar_type', 'S')); + if ($avatars = $avt_handler->getObjects($criteria)) { + if (is_object($avatars[0])) { + $user_avatar = $avatars[0]->getVar('avatar_file'); + $user_avatar_object =& $avatars[0]; + } + } + } } $user_avatarpath = str_replace("\\", "/", realpath(XOOPS_UPLOAD_PATH.'/'.$user_avatar)); if (0 === strpos($user_avatarpath, XOOPS_UPLOAD_PATH) && is_file($user_avatarpath)) { @@ -359,9 +371,10 @@ include XOOPS_ROOT_PATH.'/footer.php'; exit(); } - $avt_handler =& xoops_gethandler('avatar'); - if ($oldavatar && $oldavatar != 'blank.gif' && !preg_match("/^savt/", strtolower($oldavatar))) { - $avatars =& $avt_handler->getObjects(new Criteria('avatar_file', $oldavatar)); + if ($oldavatar && $oldavatar != 'blank.gif' && preg_match("/^cavt/", strtolower($oldavatar))) { + $criteria =& new CriteriaCompo(new Criteria('avatar_file', addslashes($oldavatar))); + $criteria->add(new Criteria('avatar_type', 'C')); + $avatars =& $avt_handler->getObjects($criteria); if (is_object($avatars[0])) { $avt_handler->delete($avatars[0]); } @@ -370,11 +383,8 @@ unlink($oldavatar_path); } } - if ($user_avatar != 'blank.gif') { - $avatars =& $avt_handler->getObjects(new Criteria('avatar_file', $user_avatar)); - if (is_object($avatars[0])) { - $avt_handler->addUser($avatars[0]->getVar('avatar_id'), $xoopsUser->getVar('uid')); - } + if (is_object($user_avatar_object)) { + $avt_handler->addUser($user_avatar_object->getVar('avatar_id'), $xoopsUser->getVar('uid')); } } redirect_header('userinfo.php?uid='.$uid, 0, _US_PROFUPDATED); Index: xoops2jp/html/footer.php diff -u xoops2jp/html/footer.php:1.5 xoops2jp/html/footer.php:1.6 --- xoops2jp/html/footer.php:1.5 Mon Sep 5 05:46:08 2005 +++ xoops2jp/html/footer.php Mon May 1 11:37:26 2006 @@ -1,91 +1,91 @@ -<?php -// $Id: footer.php,v 1.5 2005/09/04 20:46:08 onokazu Exp $ -// ------------------------------------------------------------------------ // -// XOOPS - PHP Content Management System // -// Copyright (c) 2000 XOOPS.org // -// <http://www.xoops.org/> // -// ------------------------------------------------------------------------ // -// This program is free software; you can redistribute it and/or modify // -// it under the terms of the GNU General Public License as published by // -// the Free Software Foundation; either version 2 of the License, or // -// (at your option) any later version. // -// // -// You may not change or alter any portion of this comment or credits // -// of supporting developers from this source code or any supporting // -// source code which is considered copyrighted (c) material of the // -// original comment or credit authors. // -// // -// This program is distributed in the hope that it will be useful, // -// but WITHOUT ANY WARRANTY; without even the implied warranty of // -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // -// GNU General Public License for more details. // -// // -// You should have received a copy of the GNU General Public License // -// along with this program; if not, write to the Free Software // -// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA // -// ------------------------------------------------------------------------ // - -if (!defined('XOOPS_ROOT_PATH')) { - exit(); -} -if ( !defined("XOOPS_FOOTER_INCLUDED") ) { - define("XOOPS_FOOTER_INCLUDED",1); - $xoopsLogger->stopTime(); - if ($xoopsOption['theme_use_smarty'] == 0) { - // the old way - $footer = htmlspecialchars($xoopsConfigMetaFooter['footer']).'<br /><div style="text-align:center">Powered by XOOPS © 2001-2005 <a href="http://jp.xoops.org/" target="_blank">The XOOPS Project</a></div>'; - if (isset($xoopsOption['template_main'])) { - $xoopsTpl->xoops_setCaching(0); - $xoopsTpl->display('db:'.$xoopsOption['template_main']); - } - if (!isset($xoopsOption['show_rblock'])) { - $xoopsOption['show_rblock'] = 0; - } - themefooter($xoopsOption['show_rblock'], $footer); - xoops_footer(); - } else { - // RMV-NOTIFY - include_once XOOPS_ROOT_PATH . '/include/notification_select.php'; - if (isset($xoopsOption['template_main'])) { - if (isset($xoopsCachedTemplateId)) { - $xoopsTpl->assign('xoops_contents', $xoopsTpl->fetch('db:'.$xoopsOption['template_main'], $xoopsCachedTemplateId)); - } else { - $xoopsTpl->assign('xoops_contents', $xoopsTpl->fetch('db:'.$xoopsOption['template_main'])); - } - } else { - if (isset($xoopsCachedTemplate)) { - $xoopsTpl->assign('dummy_content', ob_get_contents()); - $xoopsTpl->assign('xoops_contents', $xoopsTpl->fetch($xoopsCachedTemplate, $xoopsCachedTemplateId)); - } else { - $xoopsTpl->assign('xoops_contents', ob_get_contents()); - } - ob_end_clean(); - } - if (!headers_sent()) { - header('Content-Type:text/html; charset='._CHARSET); - header('Expires: Mon, 26 Jul 1997 05:00:00 GMT'); - header('Last-Modified: '.gmdate('D, d M Y H:i:s').' GMT'); - header('Cache-Control: no-store, no-cache, must-revalidate'); - header('Cache-Control: post-check=0, pre-check=0', false); - header('Pragma: no-cache'); - } - $xoopsTpl->xoops_setCaching(0); - $xoopsTpl->display($xoopsConfig['theme_set'].'/theme.html'); - } - if ($xoopsConfig['debug_mode'] == 2 && $xoopsUserIsAdmin) { - echo '<script type="text/javascript"> - <!--// - debug_window = openWithSelfMain("", "xoops_debug", 680, 600, true); - '; - $content = '<html><head><meta http-equiv="content-type" content="text/html; charset='._CHARSET.'" /><meta http-equiv="content-language" content="'._LANGCODE.'" /><title>'.htmlspecialchars($xoopsConfig['sitename']).'</title><link rel="stylesheet" type="text/css" media="all" href="'.getcss($xoopsConfig['theme_set']).'" /></head><body>'.$xoopsLogger->dumpAll().'<div style="text-align:center;"><input class="formButton" value="'._CLOSE.'" type="button" onclick="javascript:window.close();" /></div></body></html>'; - $lines = preg_split("/(\r\n|\r|\n)( *)/", $content); - foreach ($lines as $line) { - echo 'debug_window.document.writeln("'.str_replace('"', '\"', $line).'");'; - } - echo ' - debug_window.document.close(); - //--> - </script>'; - } -} -?> +<?php +// $Id: footer.php,v 1.6 2006/05/01 02:37:26 onokazu Exp $ +// ------------------------------------------------------------------------ // +// XOOPS - PHP Content Management System // +// Copyright (c) 2005 XOOPS.org // +// <http://www.xoops.org/> // +// ------------------------------------------------------------------------ // +// This program is free software; you can redistribute it and/or modify // +// it under the terms of the GNU General Public License as published by // +// the Free Software Foundation; either version 2 of the License, or // +// (at your option) any later version. // +// // +// You may not change or alter any portion of this comment or credits // +// of supporting developers from this source code or any supporting // +// source code which is considered copyrighted (c) material of the // +// original comment or credit authors. // +// // +// This program is distributed in the hope that it will be useful, // +// but WITHOUT ANY WARRANTY; without even the implied warranty of // +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // +// GNU General Public License for more details. // +// // +// You should have received a copy of the GNU General Public License // +// along with this program; if not, write to the Free Software // +// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA // +// ------------------------------------------------------------------------ // + +if (!defined('XOOPS_ROOT_PATH')) { + exit(); +} +if ( !defined("XOOPS_FOOTER_INCLUDED") ) { + define("XOOPS_FOOTER_INCLUDED",1); + $xoopsLogger->stopTime(); + if ($xoopsOption['theme_use_smarty'] == 0) { + // the old way + $footer = htmlspecialchars($xoopsConfigMetaFooter['footer']).'<br /><div style="text-align:center">Powered by XOOPS Cube © 2005-2006 <a href="http://xoopscube.org/" target="_blank">The XOOPS Cube Project</a></div>'; + if (isset($xoopsOption['template_main'])) { + $xoopsTpl->xoops_setCaching(0); + $xoopsTpl->display('db:'.$xoopsOption['template_main']); + } + if (!isset($xoopsOption['show_rblock'])) { + $xoopsOption['show_rblock'] = 0; + } + themefooter($xoopsOption['show_rblock'], $footer); + xoops_footer(); + } else { + // RMV-NOTIFY + include_once XOOPS_ROOT_PATH . '/include/notification_select.php'; + if (isset($xoopsOption['template_main'])) { + if (isset($xoopsCachedTemplateId)) { + $xoopsTpl->assign('xoops_contents', $xoopsTpl->fetch('db:'.$xoopsOption['template_main'], $xoopsCachedTemplateId)); + } else { + $xoopsTpl->assign('xoops_contents', $xoopsTpl->fetch('db:'.$xoopsOption['template_main'])); + } + } else { + if (isset($xoopsCachedTemplate)) { + $xoopsTpl->assign('dummy_content', ob_get_contents()); + $xoopsTpl->assign('xoops_contents', $xoopsTpl->fetch($xoopsCachedTemplate, $xoopsCachedTemplateId)); + } else { + $xoopsTpl->assign('xoops_contents', ob_get_contents()); + } + ob_end_clean(); + } + if (!headers_sent()) { + header('Content-Type:text/html; charset='._CHARSET); + header('Expires: Mon, 26 Jul 1997 05:00:00 GMT'); + header('Last-Modified: '.gmdate('D, d M Y H:i:s').' GMT'); + header('Cache-Control: no-store, no-cache, must-revalidate'); + header('Cache-Control: post-check=0, pre-check=0', false); + header('Pragma: no-cache'); + } + $xoopsTpl->xoops_setCaching(0); + $xoopsTpl->display($xoopsConfig['theme_set'].'/theme.html'); + } + if ($xoopsConfig['debug_mode'] == 2 && $xoopsUserIsAdmin) { + echo '<script type="text/javascript"> + <!--// + debug_window = openWithSelfMain("", "xoops_debug", 680, 600, true); + '; + $content = '<html><head><meta http-equiv="content-type" content="text/html; charset='._CHARSET.'" /><meta http-equiv="content-language" content="'._LANGCODE.'" /><title>'.htmlspecialchars($xoopsConfig['sitename']).'</title><link rel="stylesheet" type="text/css" media="all" href="'.getcss($xoopsConfig['theme_set']).'" /></head><body>'.$xoopsLogger->dumpAll().'<div style="text-align:center;"><input class="formButton" value="'._CLOSE.'" type="button" onclick="javascript:window.close();" /></div></body></html>'; + $lines = preg_split("/(\r\n|\r|\n)( *)/", $content); + foreach ($lines as $line) { + echo 'debug_window.document.writeln("'.str_replace('"', '\"', $line).'");'; + } + echo ' + debug_window.document.close(); + //--> + </script>'; + } +} +?> Index: xoops2jp/html/header.php diff -u xoops2jp/html/header.php:1.5 xoops2jp/html/header.php:1.6 --- xoops2jp/html/header.php:1.5 Mon Sep 5 05:46:08 2005 +++ xoops2jp/html/header.php Mon May 1 11:37:26 2006 @@ -1,5 +1,5 @@ <?php -// $Id: header.php,v 1.5 2005/09/04 20:46:08 onokazu Exp $ +// $Id: header.php,v 1.6 2006/05/01 02:37:26 onokazu Exp $ // ------------------------------------------------------------------------ // // XOOPS - PHP Content Management System // // Copyright (c) 2000 XOOPS.org // @@ -144,11 +144,11 @@ continue; } $xoopsTpl->assign_by_ref('block', $bresult); - $bcontent =& $xoopsTpl->fetch('db:'.$btpl, 'blk_'.$block_arr[$i]->getVar('bid')); + $bcontent = $xoopsTpl->fetch('db:'.$btpl, 'blk_'.$block_arr[$i]->getVar('bid')); $xoopsTpl->clear_assign('block'); } else { $xoopsLogger->addBlock($block_arr[$i]->getVar('name'), true, $bcachetime); - $bcontent =& $xoopsTpl->fetch('db:'.$btpl, 'blk_'.$block_arr[$i]->getVar('bid')); + $bcontent = $xoopsTpl->fetch('db:'.$btpl, 'blk_'.$block_arr[$i]->getVar('bid')); } } else { $bid = $block_arr[$i]->getVar('bid'); @@ -159,11 +159,11 @@ continue; } $xoopsTpl->assign_by_ref('dummy_content', $bresult['content']); - $bcontent =& $xoopsTpl->fetch('db:system_dummy.html', 'blk_'.$bid); + $bcontent = $xoopsTpl->fetch('db:system_dummy.html', 'blk_'.$bid); $xoopsTpl->clear_assign('block'); } else { $xoopsLogger->addBlock($block_arr[$i]->getVar('name'), true, $bcachetime); - $bcontent =& $xoopsTpl->fetch('db:system_dummy.html', 'blk_'.$bid); + $bcontent = $xoopsTpl->fetch('db:system_dummy.html', 'blk_'.$bid); } } switch ($block_arr[$i]->getVar('side')) { Index: xoops2jp/html/lostpass.php diff -u xoops2jp/html/lostpass.php:1.3 xoops2jp/html/lostpass.php:1.4 --- xoops2jp/html/lostpass.php:1.3 Wed Aug 3 21:39:11 2005 +++ xoops2jp/html/lostpass.php Mon May 1 11:37:26 2006 @@ -1,5 +1,5 @@ <?php -// $Id: lostpass.php,v 1.3 2005/08/03 12:39:11 onokazu Exp $ +// $Id: lostpass.php,v 1.4 2006/05/01 02:37:26 onokazu Exp $ // ------------------------------------------------------------------------ // // XOOPS - PHP Content Management System // // Copyright (c) 2000 XOOPS.org // @@ -30,70 +30,70 @@ $email = isset($_GET['email']) ? trim($_GET['email']) : ''; $email = isset($_POST['email']) ? trim($_POST['email']) : $email; if ($email == '') { - redirect_header("user.php",2,_US_SORRYNOTFOUND); - exit(); + redirect_header("user.php",2,_US_SORRYNOTFOUND); + exit(); } $myts =& MyTextSanitizer::getInstance(); $member_handler =& xoops_gethandler('member'); -$getuser =& $member_handler->getUsers(new Criteria('email', $myts->addSlashes($email))); +$getuser = $member_handler->getUsers(new Criteria('email', $myts->addSlashes($email))); if (empty($getuser)) { - redirect_header("user.php",2,_US_SORRYNOTFOUND); - exit(); + redirect_header("user.php",2,_US_SORRYNOTFOUND); + exit(); } else { - $code = isset($_GET['code']) ? trim($_GET['code']) : ''; - $areyou = substr($getuser[0]->getVar("pass"), 0, 5); - if ($code != '' && $areyou == $code) { - $newpass = xoops_makepass(); - $xoopsMailer =& getMailer(); - $xoopsMailer->useMail(); - $xoopsMailer->setTemplate("lostpass2.tpl"); - $xoopsMailer->assign("SITENAME", $xoopsConfig['sitename']); - $xoopsMailer->assign("ADMINMAIL", $xoopsConfig['adminmail']); - $xoopsMailer->assign("SITEURL", XOOPS_URL."/"); - $xoopsMailer->assign("IP", $_SERVER['REMOTE_ADDR']); - $xoopsMailer->assign("NEWPWD", $newpass); - $xoopsMailer->setToUsers($getuser[0]); - $xoopsMailer->setFromEmail($xoopsConfig['adminmail']); - $xoopsMailer->setFromName($xoopsConfig['sitename']); - $xoopsMailer->setSubject(sprintf(_US_NEWPWDREQ,XOOPS_URL)); - if ( !$xoopsMailer->send() ) { - echo $xoopsMailer->getErrors(); - } + $code = isset($_GET['code']) ? trim($_GET['code']) : ''; + $areyou = substr($getuser[0]->getVar("pass"), 0, 5); + if ($code != '' && $areyou == $code) { + $newpass = xoops_makepass(); + $xoopsMailer =& getMailer(); + $xoopsMailer->useMail(); + $xoopsMailer->setTemplate("lostpass2.tpl"); + $xoopsMailer->assign("SITENAME", $xoopsConfig['sitename']); + $xoopsMailer->assign("ADMINMAIL", $xoopsConfig['adminmail']); + $xoopsMailer->assign("SITEURL", XOOPS_URL."/"); + $xoopsMailer->assign("IP", $_SERVER['REMOTE_ADDR']); + $xoopsMailer->assign("NEWPWD", $newpass); + $xoopsMailer->setToUsers($getuser[0]); + $xoopsMailer->setFromEmail($xoopsConfig['adminmail']); + $xoopsMailer->setFromName($xoopsConfig['sitename']); + $xoopsMailer->setSubject(sprintf(_US_NEWPWDREQ,XOOPS_URL)); + if ( !$xoopsMailer->send() ) { + echo $xoopsMailer->getErrors(); + } - // Next step: add the new password to the database - $sql = sprintf("UPDATE %s SET pass = '%s' WHERE uid = %u", $xoopsDB->prefix("users"), md5($newpass), $getuser[0]->getVar('uid')); - if ( !$xoopsDB->queryF($sql) ) { - include "header.php"; - echo _US_MAILPWDNG; - include "footer.php"; - exit(); - } - redirect_header("user.php", 3, sprintf(_US_PWDMAILED,$getuser[0]->getVar("uname")), false); - exit(); - // If no Code, send it - } else { - $xoopsMailer =& getMailer(); - $xoopsMailer->useMail(); - $xoopsMailer->setTemplate("lostpass1.tpl"); - $xoopsMailer->assign("SITENAME", $xoopsConfig['sitename']); - $xoopsMailer->assign("ADMINMAIL", $xoopsConfig['adminmail']); - $xoopsMailer->assign("SITEURL", XOOPS_URL."/"); - $xoopsMailer->assign("IP", $_SERVER['REMOTE_ADDR']); - $xoopsMailer->assign("NEWPWD_LINK", XOOPS_URL."/lostpass.php?email=".$email."&code=".$areyou); - $xoopsMailer->setToUsers($getuser[0]); - $xoopsMailer->setFromEmail($xoopsConfig['adminmail']); - $xoopsMailer->setFromName($xoopsConfig['sitename']); - $xoopsMailer->setSubject(sprintf(_US_NEWPWDREQ,$xoopsConfig['sitename'])); - include "header.php"; - if ( !$xoopsMailer->send() ) { - echo $xoopsMailer->getErrors(); - } - echo "<h4>"; - printf(_US_CONFMAIL,$getuser[0]->getVar("uname")); - echo "</h4>"; - include "footer.php"; - } + // Next step: add the new password to the database + $sql = sprintf("UPDATE %s SET pass = '%s' WHERE uid = %u", $xoopsDB->prefix("users"), md5($newpass), $getuser[0]->getVar('uid')); + if ( !$xoopsDB->queryF($sql) ) { + include "header.php"; + echo _US_MAILPWDNG; + include "footer.php"; + exit(); + } + redirect_header("user.php", 3, sprintf(_US_PWDMAILED,$getuser[0]->getVar("uname")), false); + exit(); + // If no Code, send it + } else { + $xoopsMailer =& getMailer(); + $xoopsMailer->useMail(); + $xoopsMailer->setTemplate("lostpass1.tpl"); + $xoopsMailer->assign("SITENAME", $xoopsConfig['sitename']); + $xoopsMailer->assign("ADMINMAIL", $xoopsConfig['adminmail']); + $xoopsMailer->assign("SITEURL", XOOPS_URL."/"); + $xoopsMailer->assign("IP", $_SERVER['REMOTE_ADDR']); + $xoopsMailer->assign("NEWPWD_LINK", XOOPS_URL."/lostpass.php?email=".$email."&code=".$areyou); + $xoopsMailer->setToUsers($getuser[0]); + $xoopsMailer->setFromEmail($xoopsConfig['adminmail']); + $xoopsMailer->setFromName($xoopsConfig['sitename']); + $xoopsMailer->setSubject(sprintf(_US_NEWPWDREQ,$xoopsConfig['sitename'])); + include "header.php"; + if ( !$xoopsMailer->send() ) { + echo $xoopsMailer->getErrors(); + } + echo "<h4>"; + printf(_US_CONFMAIL,$getuser[0]->getVar("uname")); + echo "</h4>"; + include "footer.php"; + } } ?> \ No newline at end of file Index: xoops2jp/html/mainfile.dist.php diff -u xoops2jp/html/mainfile.dist.php:1.2 xoops2jp/html/mainfile.dist.php:1.3 --- xoops2jp/html/mainfile.dist.php:1.2 Fri Mar 18 21:51:55 2005 +++ xoops2jp/html/mainfile.dist.php Mon May 1 11:37:26 2006 @@ -1,5 +1,5 @@ <?php -// $Id: mainfile.dist.php,v 1.2 2005/03/18 12:51:55 onokazu Exp $ +// $Id: mainfile.dist.php,v 1.3 2006/05/01 02:37:26 onokazu Exp $ // ------------------------------------------------------------------------ // // XOOPS - PHP Content Management System // // Copyright (c) 2000 XOOPS.org // @@ -26,73 +26,73 @@ // ------------------------------------------------------------------------ // if ( !defined("XOOPS_MAINFILE_INCLUDED") ) { - define("XOOPS_MAINFILE_INCLUDED",1); + define("XOOPS_MAINFILE_INCLUDED",1); - // XOOPS Physical Path - // Physical path to your main XOOPS directory WITHOUT trailing slash - // Example: define('XOOPS_ROOT_PATH', '/path/to/xoops/directory'); - define('XOOPS_ROOT_PATH', ''); - - // XOOPS Virtual Path (URL) - // Virtual path to your main XOOPS directory WITHOUT trailing slash - // Example: define('XOOPS_URL', 'http://url_to_xoops_directory'); - define('XOOPS_URL', 'http://'); - - define('XOOPS_CHECK_PATH', 0); - // Protect against external scripts execution if safe mode is not enabled - if ( XOOPS_CHECK_PATH && !@ini_get('safe_mode') ) { - if ( function_exists('debug_backtrace') ) { - $xoopsScriptPath = debug_backtrace(); - if ( !count($xoopsScriptPath) ) { - die("XOOPS path check: this file cannot be requested directly"); - } - $xoopsScriptPath = $xoopsScriptPath[0]['file']; - } else { - $xoopsScriptPath = isset($_SERVER['PATH_TRANSLATED']) ? $_SERVER['PATH_TRANSLATED'] : $_SERVER['SCRIPT_FILENAME']; - } - if ( DIRECTORY_SEPARATOR != '/' ) { - // IIS6 may double the \ chars - $xoopsScriptPath = str_replace( strpos( $xoopsScriptPath, '\\\\', 2 ) ? '\\\\' : DIRECTORY_SEPARATOR, '/', $xoopsScriptPath); - } - if ( strcasecmp( substr($xoopsScriptPath, 0, strlen(XOOPS_ROOT_PATH)), str_replace( DIRECTORY_SEPARATOR, '/', XOOPS_ROOT_PATH)) ) { - exit("XOOPS path check: Script is not inside XOOPS_ROOT_PATH and cannot run."); - } - } - - // Database - // Choose the database to be used - define('XOOPS_DB_TYPE', 'mysql'); - - // Table Prefix - // This prefix will be added to all new tables created to avoid name conflict in the database. If you are unsure, just use the default 'xoops'. - define('XOOPS_DB_PREFIX', 'xoops'); - - // Database Hostname - // Hostname of the database server. If you are unsure, 'localhost' works in most cases. - define('XOOPS_DB_HOST', 'localhost'); - - // Database Username - // Your database user account on the host - define('XOOPS_DB_USER', ''); - - // Database Password - // Password for your database user account - define('XOOPS_DB_PASS', ''); - - // Database Name - // The name of database on the host. The installer will attempt to create the database if not exist - define('XOOPS_DB_NAME', ''); - - // Use persistent connection? (Yes=1 No=0) - // Default is 'Yes'. Choose 'Yes' if you are unsure. - define('XOOPS_DB_PCONNECT', 0); - - define("XOOPS_GROUP_ADMIN", "1"); - define("XOOPS_GROUP_USERS", "2"); - define("XOOPS_GROUP_ANONYMOUS", "3"); - - if (!isset($xoopsOption['nocommon']) && XOOPS_ROOT_PATH != '') { - include XOOPS_ROOT_PATH."/include/common.php"; - } + // XOOPS Physical Path + // Physical path to your main XOOPS directory WITHOUT trailing slash + // Example: define('XOOPS_ROOT_PATH', '/path/to/xoops/directory'); + define('XOOPS_ROOT_PATH', ''); + + // XOOPS Virtual Path (URL) + // Virtual path to your main XOOPS directory WITHOUT trailing slash + // Example: define('XOOPS_URL', 'http://url_to_xoops_directory'); + define('XOOPS_URL', 'http://'); + + define('XOOPS_CHECK_PATH', 0); + // Protect against external scripts execution if safe mode is not enabled + if ( XOOPS_CHECK_PATH && !@ini_get('safe_mode') ) { + if ( function_exists('debug_backtrace') ) { + $xoopsScriptPath = debug_backtrace(); + if ( !count($xoopsScriptPath) ) { + die("XOOPS path check: this file cannot be requested directly"); + } + $xoopsScriptPath = $xoopsScriptPath[0]['file']; + } else { + $xoopsScriptPath = isset($_SERVER['PATH_TRANSLATED']) ? $_SERVER['PATH_TRANSLATED'] : $_SERVER['SCRIPT_FILENAME']; + } + if ( DIRECTORY_SEPARATOR != '/' ) { + // IIS6 may double the \ chars + $xoopsScriptPath = str_replace( strpos( $xoopsScriptPath, '\\\\', 2 ) ? '\\\\' : DIRECTORY_SEPARATOR, '/', $xoopsScriptPath); + } + if ( strcasecmp( substr($xoopsScriptPath, 0, strlen(XOOPS_ROOT_PATH)), str_replace( DIRECTORY_SEPARATOR, '/', XOOPS_ROOT_PATH)) ) { + exit("XOOPS path check: Script is not inside XOOPS_ROOT_PATH and cannot run."); + } + } + + // Database + // Choose the database to be used + define('XOOPS_DB_TYPE', 'mysql'); + + // Table Prefix + // This prefix will be added to all new tables created to avoid name conflict in the database. If you are unsure, just use the default 'xoops'. + define('XOOPS_DB_PREFIX', 'xoops'); + + // Database Hostname + // Hostname of the database server. If you are unsure, 'localhost' works in most cases. + define('XOOPS_DB_HOST', 'localhost'); + + // Database Username + // Your database user account on the host + define('XOOPS_DB_USER', ''); + + // Database Password + // Password for your database user account + define('XOOPS_DB_PASS', ''); + + // Database Name + // The name of database on the host. The installer will attempt to create the database if not exist + define('XOOPS_DB_NAME', ''); + + // Use persistent connection? (Yes=1 No=0) + // Default is 'No'. Choose 'No' if you are unsure. + define('XOOPS_DB_PCONNECT', 0); + + define("XOOPS_GROUP_ADMIN", "1"); + define("XOOPS_GROUP_USERS", "2"); + define("XOOPS_GROUP_ANONYMOUS", "3"); + + if (!isset($xoopsOption['nocommon']) && XOOPS_ROOT_PATH != '') { + include XOOPS_ROOT_PATH."/include/common.php"; + } } ?> \ No newline at end of file Index: xoops2jp/html/userinfo.php diff -u xoops2jp/html/userinfo.php:1.2 xoops2jp/html/userinfo.php:1.3 --- xoops2jp/html/userinfo.php:1.2 Fri Mar 18 21:51:55 2005 +++ xoops2jp/html/userinfo.php Mon May 1 11:37:26 2006 @@ -1,5 +1,5 @@ <?php -// $Id: userinfo.php,v 1.2 2005/03/18 12:51:55 onokazu Exp $ +// $Id: userinfo.php,v 1.3 2006/05/01 02:37:26 onokazu Exp $ // ------------------------------------------------------------------------ // // XOOPS - PHP Content Management System // // Copyright (c) 2000 XOOPS.org // @@ -33,60 +33,60 @@ $uid = intval($_GET['uid']); if ($uid <= 0) { - redirect_header('index.php', 3, _US_SELECTNG); - exit(); + redirect_header('index.php', 3, _US_SELECTNG); + exit(); } $gperm_handler = & xoops_gethandler( 'groupperm' ); $groups = ( $xoopsUser ) ? $xoopsUser -> getGroups() : XOOPS_GROUP_ANONYMOUS; -$isAdmin = $gperm_handler->checkRight( 'system_admin', XOOPS_SYSTEM_USER, $groups); // isadmin is true if user has 'edit users' admin rights +$isAdmin = $gperm_handler->checkRight( 'system_admin', XOOPS_SYSTEM_USER, $groups); // isadmin is true if user has 'edit users' admin rights if (is_object($xoopsUser)) { - if ($uid == $xoopsUser->getVar('uid')) { - $config_handler =& xoops_gethandler('config'); - $xoopsConfigUser =& $config_handler->getConfigsByCat(XOOPS_CONF_USER); - $xoopsOption['template_main'] = 'system_userinfo.html'; - include XOOPS_ROOT_PATH.'/header.php'; - $xoopsTpl->assign('user_ownpage', true); - $xoopsTpl->assign('lang_editprofile', _US_EDITPROFILE); - $xoopsTpl->assign('lang_avatar', _US_AVATAR); - $xoopsTpl->assign('lang_inbox', _US_INBOX); - $xoopsTpl->assign('lang_logout', _US_LOGOUT); - if ($xoopsConfigUser['self_delete'] == 1) { - $xoopsTpl->assign('user_candelete', true); - $xoopsTpl->assign('lang_deleteaccount', _US_DELACCOUNT); - } else { - $xoopsTpl->assign('user_candelete', false); - } - $thisUser =& $xoopsUser; - } else { - $member_handler =& xoops_gethandler('member'); - $thisUser =& $member_handler->getUser($uid); - if (!is_object($thisUser) || !$thisUser->isActive() ) { - redirect_header("index.php",3,_US_SELECTNG); - exit(); - } - $xoopsOption['template_main'] = 'system_userinfo.html'; - include XOOPS_ROOT_PATH.'/header.php'; - $xoopsTpl->assign('user_ownpage', false); - } + if ($uid == $xoopsUser->getVar('uid')) { + $config_handler =& xoops_gethandler('config'); + $xoopsConfigUser =& $config_handler->getConfigsByCat(XOOPS_CONF_USER); + $xoopsOption['template_main'] = 'system_userinfo.html'; + include XOOPS_ROOT_PATH.'/header.php'; + $xoopsTpl->assign('user_ownpage', true); + $xoopsTpl->assign('lang_editprofile', _US_EDITPROFILE); + $xoopsTpl->assign('lang_avatar', _US_AVATAR); + $xoopsTpl->assign('lang_inbox', _US_INBOX); + $xoopsTpl->assign('lang_logout', _US_LOGOUT); + if ($xoopsConfigUser['self_delete'] == 1) { + $xoopsTpl->assign('user_candelete', true); + $xoopsTpl->assign('lang_deleteaccount', _US_DELACCOUNT); + } else { + $xoopsTpl->assign('user_candelete', false); + } + $thisUser =& $xoopsUser; + } else { + $member_handler =& xoops_gethandler('member'); + $thisUser =& $member_handler->getUser($uid); + if (!is_object($thisUser) || !$thisUser->isActive() ) { + redirect_header("index.php",3,_US_SELECTNG); + exit(); + } + $xoopsOption['template_main'] = 'system_userinfo.html'; + include XOOPS_ROOT_PATH.'/header.php'; + $xoopsTpl->assign('user_ownpage', false); + } } else { - $member_handler =& xoops_gethandler('member'); - $thisUser =& $member_handler->getUser($uid); - if (!is_object($thisUser) || !$thisUser->isActive()) { - redirect_header("index.php",3,_US_SELECTNG); - exit(); - } - $xoopsOption['template_main'] = 'system_userinfo.html'; - include(XOOPS_ROOT_PATH.'/header.php'); - $xoopsTpl->assign('user_ownpage', false); + $member_handler =& xoops_gethandler('member'); + $thisUser =& $member_handler->getUser($uid); + if (!is_object($thisUser) || !$thisUser->isActive()) { + redirect_header("index.php",3,_US_SELECTNG); + exit(); + } + $xoopsOption['template_main'] = 'system_userinfo.html'; + include(XOOPS_ROOT_PATH.'/header.php'); + $xoopsTpl->assign('user_ownpage', false); } $myts =& MyTextSanitizer::getInstance(); if ( is_object($xoopsUser) && $isAdmin ) { - $xoopsTpl->assign('lang_editprofile', _US_EDITPROFILE); - $xoopsTpl->assign('lang_deleteaccount', _US_DELACCOUNT); - $xoopsTpl->assign('user_uid', $thisUser->getVar('uid')); + $xoopsTpl->assign('lang_editprofile', _US_EDITPROFILE); + $xoopsTpl->assign('lang_deleteaccount', _US_DELACCOUNT); + $xoopsTpl->assign('user_uid', $thisUser->getVar('uid')); } $xoopsTpl->assign('lang_allaboutuser', sprintf(_US_ALLABOUT,$thisUser->getVar('uname'))); $xoopsTpl->assign('lang_avatar', _US_AVATAR); @@ -129,63 +129,63 @@ $xoopsTpl->assign('user_signature', $myts->makeTareaData4Show($thisUser->getVar('user_sig', 'N'),0,1,1)); if ($thisUser->getVar('user_viewemail') == 1) { - $xoopsTpl->assign('user_email', $thisUser->getVar('email', 'E')); + $xoopsTpl->assign('user_email', $thisUser->getVar('email', 'E')); } else { - if (is_object($xoopsUser)) { - // All admins will be allowed to see emails, even those that are not allowed to edit users (I think it's ok like this) - if ($xoopsUserIsAdmin || ($xoopsUser->getVar("uid") == $thisUser->getVar("uid"))) { - $xoopsTpl->assign('user_email', $thisUser->getVar('email', 'E')); - } else { - $xoopsTpl->assign('user_email', ' '); - } - } + if (is_object($xoopsUser)) { + // All admins will be allowed to see emails, even those that are not allowed to edit users (I think it's ok like this) + if ($xoopsUserIsAdmin || ($xoopsUser->getVar("uid") == $thisUser->getVar("uid"))) { + $xoopsTpl->assign('user_email', $thisUser->getVar('email', 'E')); + } else { + $xoopsTpl->assign('user_email', ' '); + } + } } if (is_object($xoopsUser)) { - $xoopsTpl->assign('user_pmlink', "<a href=\"javascript:openWithSelfMain('".XOOPS_URL."/pmlite.php?send2=1&to_userid=".$thisUser->getVar('uid')."', 'pmlite', 450, 380);\"><img src=\"".XOOPS_URL."/images/icons/pm.gif\" alt=\"".sprintf(_SENDPMTO,$thisUser->getVar('uname'))."\" /></a>"); + $xoopsTpl->assign('user_pmlink', "<a href=\"javascript:openWithSelfMain('".XOOPS_URL."/pmlite.php?send2=1&to_userid=".$thisUser->getVar('uid')."', 'pmlite', 450, 380);\"><img src=\"".XOOPS_URL."/images/icons/pm.gif\" alt=\"".sprintf(_SENDPMTO,$thisUser->getVar('uname'))."\" /></a>"); } else { - $xoopsTpl->assign('user_pmlink', ''); + $xoopsTpl->assign('user_pmlink', ''); } -$userrank =& $thisUser->rank(); +$userrank = $thisUser->rank(); if ($userrank['image']) { - $xoopsTpl->assign('user_rankimage', '<img src="'.XOOPS_UPLOAD_URL.'/'.$userrank['image'].'" alt="" />'); + $xoopsTpl->assign('user_rankimage', '<img src="'.XOOPS_UPLOAD_URL.'/'.$userrank['image'].'" alt="" />'); } $xoopsTpl->assign('user_ranktitle', $userrank['title']); $date = $thisUser->getVar("last_login"); if (!empty($date)) { - $xoopsTpl->assign('user_lastlogin', formatTimestamp($date,"m")); + $xoopsTpl->assign('user_lastlogin', formatTimestamp($date,"m")); } $module_handler =& xoops_gethandler('module'); $criteria = new CriteriaCompo(new Criteria('hassearch', 1)); $criteria->add(new Criteria('isactive', 1)); -$mids =& array_keys($module_handler->getList($criteria)); +$mids = array_keys($module_handler->getList($criteria)); foreach ($mids as $mid) { // Hack by marcan : only return results of modules for which user has access permission if ( $gperm_handler->checkRight('module_read', $mid, $groups)) { - $module =& $module_handler->get($mid); - $results =& $module->search('', '', 5, 0, $thisUser->getVar('uid')); - $count = count($results); - if (is_array($results) && $count > 0) { - for ($i = 0; $i < $count; $i++) { - if (isset($results[$i]['image']) && $results[$i]['image'] != '') { - $results[$i]['image'] = 'modules/'.$module->getVar('dirname').'/'.$results[$i]['image']; - } else { - $results[$i]['image'] = 'images/icons/posticon2.gif'; - } - $results[$i]['link'] = 'modules/'.$module->getVar('dirname').'/'.$results[$i]['link']; - $results[$i]['title'] = $myts->makeTboxData4Show($results[$i]['title']); - $results[$i]['time'] = $results[$i]['time'] ? formatTimestamp($results[$i]['time']) : ''; - } - if ($count == 5) { - $showall_link = '<a href="search.php?action=showallbyuser&mid='.$mid.'&uid='.$thisUser->getVar('uid').'">'._US_SHOWALL.'</a>'; - } else { - $showall_link = ''; - } - $xoopsTpl->append('modules', array('name' => $module->getVar('name'), 'results' => $results, 'showall_link' => $showall_link)); - } - unset($module); + $module =& $module_handler->get($mid); + $results =& $module->search('', '', 5, 0, $thisUser->getVar('uid')); + $count = count($results); + if (is_array($results) && $count > 0) { + for ($i = 0; $i < $count; $i++) { + if (isset($results[$i]['image']) && $results[$i]['image'] != '') { + $results[$i]['image'] = 'modules/'.$module->getVar('dirname').'/'.$results[$i]['image']; + } else { + $results[$i]['image'] = 'images/icons/posticon2.gif'; + } + $results[$i]['link'] = 'modules/'.$module->getVar('dirname').'/'.$results[$i]['link']; + $results[$i]['title'] = $myts->makeTboxData4Show($results[$i]['title']); + $results[$i]['time'] = $results[$i]['time'] ? formatTimestamp($results[$i]['time']) : ''; + } + if ($count == 5) { + $showall_link = '<a href="search.php?action=showallbyuser&mid='.$mid.'&uid='.$thisUser->getVar('uid').'">'._US_SHOWALL.'</a>'; + } else { + $showall_link = ''; + } + $xoopsTpl->append('modules', array('name' => $module->getVar('name'), 'results' => $results, 'showall_link' => $showall_link)); + } + unset($module); } } include XOOPS_ROOT_PATH.'/footer.php';