phplib-commit Mailing List for PHPLIB (Page 4)
Brought to you by:
nhruby,
richardarcher
You can subscribe to this list here.
2001 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
(76) |
Sep
(7) |
Oct
(2) |
Nov
|
Dec
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
2002 |
Jan
(7) |
Feb
(7) |
Mar
(14) |
Apr
(27) |
May
(2) |
Jun
(2) |
Jul
(5) |
Aug
(6) |
Sep
(1) |
Oct
(9) |
Nov
(4) |
Dec
|
2003 |
Jan
(2) |
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
(2) |
2004 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
(2) |
Aug
(2) |
Sep
|
Oct
|
Nov
|
Dec
|
2005 |
Jan
|
Feb
(7) |
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
(4) |
Sep
|
Oct
|
Nov
|
Dec
|
2006 |
Jan
|
Feb
|
Mar
(1) |
Apr
(3) |
May
|
Jun
|
Jul
(3) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
2007 |
Jan
(6) |
Feb
|
Mar
|
Apr
(1) |
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
From: Richard A. <ric...@us...> - 2002-04-25 06:26:48
|
Update of /cvsroot/phplib/php-lib-stable/pages/admin In directory usw-pr-cvs1:/tmp/cvs-serv11924 Modified Files: new_user.php3 new_user_alt.php3 new_user_md5.php3 Log Message: Committing some fixes from Lindsay Haisley: some fixes to work with register_globals off typo: debug->$debug typo: type="test"->type="text" Index: new_user.php3 =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/pages/admin/new_user.php3,v retrieving revision 1.3 retrieving revision 1.4 diff -C2 -d -r1.3 -r1.4 *** new_user.php3 15 Aug 2001 08:34:43 -0000 1.3 --- new_user.php3 25 Apr 2002 06:26:45 -0000 1.4 *************** *** 45,48 **** --- 45,54 ---- $hash_secret = "Jabberwocky..."; + ## Pull our form variables out of HTTP_POST_VARS + if (isset($HTTP_POST_VARS['username'])) $username = $HTTP_POST_VARS['username']; + if (isset($HTTP_POST_VARS['password'])) $password = $HTTP_POST_VARS['password']; + if (isset($HTTP_POST_VARS['u_id'])) $u_id = $HTTP_POST_VARS['u_id']; + if (isset($HTTP_POST_VARS['perms'])) $perms = $HTTP_POST_VARS['perms']; + ### ### Utility functions *************** *** 117,121 **** while (is_array($HTTP_POST_VARS) && list($key, $val) = each($HTTP_POST_VARS)) { ! if(debug == 1) { printf("key +$key+, val +$val+<br>"); } --- 123,127 ---- while (is_array($HTTP_POST_VARS) && list($key, $val) = each($HTTP_POST_VARS)) { ! if($debug == 1) { printf("key +$key+, val +$val+<br>"); } *************** *** 197,201 **** default: ! if(debug == 1) printf("default switch: u_id: .$u_id. <br>"); break; --- 203,207 ---- default: ! if($debug == 1) printf("default switch: u_id: .$u_id. <br>"); break; *************** *** 224,228 **** <tr valign=middle align=left> <td><input type="text" name="username" size=12 maxlength=32 value=""></td> ! <td><input type="test" name="password" size=12 maxlength=32 value=""></td> <td><?php print $perm->perm_sel("perms","user");?></td> <td align=right><input type="submit" name="create" value="Create User"></td> --- 230,234 ---- <tr valign=middle align=left> <td><input type="text" name="username" size=12 maxlength=32 value=""></td> ! <td><input type="text" name="password" size=12 maxlength=32 value=""></td> <td><?php print $perm->perm_sel("perms","user");?></td> <td align=right><input type="submit" name="create" value="Create User"></td> Index: new_user_alt.php3 =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/pages/admin/new_user_alt.php3,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** new_user_alt.php3 12 Jul 2000 18:22:32 -0000 1.2 --- new_user_alt.php3 25 Apr 2002 06:26:45 -0000 1.3 *************** *** 48,51 **** --- 48,57 ---- $hash_secret = "Jabberwocky..."; + ## Pull our form variables out of HTTP_POST_VARS + if (isset($HTTP_POST_VARS['username'])) $username = $HTTP_POST_VARS['username']; + if (isset($HTTP_POST_VARS['password'])) $password = $HTTP_POST_VARS['password']; + if (isset($HTTP_POST_VARS['u_id'])) $u_id = $HTTP_POST_VARS['u_id']; + if (isset($HTTP_POST_VARS['perms'])) $perms = $HTTP_POST_VARS['perms']; + ### ### Utility functions Index: new_user_md5.php3 =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/pages/admin/new_user_md5.php3,v retrieving revision 1.3 retrieving revision 1.4 diff -C2 -d -r1.3 -r1.4 *** new_user_md5.php3 29 Aug 2001 12:34:47 -0000 1.3 --- new_user_md5.php3 25 Apr 2002 06:26:45 -0000 1.4 *************** *** 44,47 **** --- 44,53 ---- $hash_secret = "Jabberwocky..."; + ## Pull our form variables out of HTTP_POST_VARS + if (isset($HTTP_POST_VARS['username'])) $username = $HTTP_POST_VARS['username']; + if (isset($HTTP_POST_VARS['password'])) $password = $HTTP_POST_VARS['password']; + if (isset($HTTP_POST_VARS['u_id'])) $u_id = $HTTP_POST_VARS['u_id']; + if (isset($HTTP_POST_VARS['perms'])) $perms = $HTTP_POST_VARS['perms']; + ### ### Utility functions *************** *** 293,297 **** <tr valign=middle align=left> <td><input type="text" name="username" size=12 maxlength=32 value=""></td> ! <td><input type="test" name="password" size=12 maxlength=32 value=""></td> <td><?php print $perm->perm_sel("perms","user");?></td> <td align=right><input type="submit" name="create" value="Create User"></td> --- 299,303 ---- <tr valign=middle align=left> <td><input type="text" name="username" size=12 maxlength=32 value=""></td> ! <td><input type="text" name="password" size=12 maxlength=32 value=""></td> <td><?php print $perm->perm_sel("perms","user");?></td> <td align=right><input type="submit" name="create" value="Create User"></td> |
From: Richard A. <ric...@us...> - 2002-04-25 05:30:59
|
Update of /cvsroot/phplib/php-lib/php/auth/sql In directory usw-pr-cvs1:/tmp/cvs-serv10889 Modified Files: auth.inc Log Message: Added a completely untested fix to bug id #545551. People shouldn't be trying to use the devel tree. Index: auth.inc =================================================================== RCS file: /cvsroot/phplib/php-lib/php/auth/sql/auth.inc,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** auth.inc 13 Apr 2000 13:06:56 -0000 1.1 --- auth.inc 25 Apr 2002 05:30:55 -0000 1.2 *************** *** 189,204 **** function translate_error () { ! switch ($this->auth["error"]) { case 'fill': $this->auth["error"]="Please fill in the required registration information. Thank you."; ! break; case 'invalid': $this->auth["error"]="Either your username or password are invalid.<br>Please try again."; ! break; case 'nomatch': $this->auth["error"]="Password and repeated password do not match. Please try again."; ! break; case 'uname_exists': $this->auth["error"]="This username is already taken. Please choose a different one."; } } --- 189,206 ---- function translate_error () { ! if (isset($this->auth["error"])) { ! switch ($this->auth["error"]) { case 'fill': $this->auth["error"]="Please fill in the required registration information. Thank you."; ! break; case 'invalid': $this->auth["error"]="Either your username or password are invalid.<br>Please try again."; ! break; case 'nomatch': $this->auth["error"]="Password and repeated password do not match. Please try again."; ! break; case 'uname_exists': $this->auth["error"]="This username is already taken. Please choose a different one."; + } } } |
From: Richard A. <ric...@us...> - 2002-04-25 05:24:05
|
Update of /cvsroot/phplib/php-lib-stable/php In directory usw-pr-cvs1:/tmp/cvs-serv10802 Modified Files: db_pgsql.inc Log Message: apply patch from bug ID #545551 Index: db_pgsql.inc =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/php/db_pgsql.inc,v retrieving revision 1.7 retrieving revision 1.8 diff -C2 -d -r1.7 -r1.8 *** db_pgsql.inc 14 Mar 2002 20:41:07 -0000 1.7 --- db_pgsql.inc 25 Apr 2002 05:24:03 -0000 1.8 *************** *** 13,16 **** --- 13,17 ---- var $Host = ""; var $Database = ""; + var $Port = ""; var $User = ""; var $Password = ""; |
From: Richard A. <ric...@us...> - 2002-04-25 05:23:50
|
Update of /cvsroot/phplib/php-lib/php/db/pgsql In directory usw-pr-cvs1:/tmp/cvs-serv4285 Modified Files: db_sql.inc Log Message: apply patch from bug ID #545551 Index: db_sql.inc =================================================================== RCS file: /cvsroot/phplib/php-lib/php/db/pgsql/db_sql.inc,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** db_sql.inc 1 Jul 2000 22:08:35 -0000 1.4 --- db_sql.inc 25 Apr 2002 05:23:47 -0000 1.5 *************** *** 13,16 **** --- 13,17 ---- var $Host = ""; var $Database = ""; + var $Port = ""; var $User = ""; var $Password = ""; |
From: Richard A. <ric...@us...> - 2002-04-25 04:55:56
|
Update of /cvsroot/phplib/php-lib/php/html In directory usw-pr-cvs1:/tmp/cvs-serv4199 Modified Files: table.inc Log Message: Sync with -stable tree: Bug #445386: replace print_array($d) calls with $this->print_array($d) Bug #445387: replace $key, $val with $row, $ary[$row] in show_table_page_rows() Bug #445389: delete $found=1 in table_heading_cell() Replace tabs with spaces Globally apply the One True Brace Style for consistency with the rest of PHPLIB Globally insert braces around one-line conditionals Remove irrelevant comments Index: table.inc =================================================================== RCS file: /cvsroot/phplib/php-lib/php/html/table.inc,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** table.inc 25 Apr 2002 02:33:06 -0000 1.2 --- table.inc 25 Apr 2002 04:55:52 -0000 1.3 *************** *** 38,43 **** #========================================================================== ! class Table ! { var $classname = "Table"; ## Persistence Support --- 38,42 ---- #========================================================================== ! class Table { [...1008 lines suppressed...] #========================================================================== ! function table_heading_row_add_extra($data, $class="") { ! } #========================================================================== *************** *** 987,992 **** # History : #========================================================================== ! function table_row_add_extra($row, $row_key, $data, $class="") ! {} } ?> --- 962,967 ---- # History : #========================================================================== ! function table_row_add_extra($row, $row_key, $data, $class="") { ! } } ?> |
From: Richard A. <ric...@us...> - 2002-04-25 04:55:38
|
Update of /cvsroot/phplib/php-lib-stable/php In directory usw-pr-cvs1:/tmp/cvs-serv3583 Modified Files: table.inc Log Message: Bug #445386: replace print_array($d) calls with $this->print_array($d) Bug #445387: replace $key, $val with $row, $ary[$row] in show_table_page_rows() Bug #445389: delete $found=1 in table_heading_cell() Replace tabs with spaces Globally apply the One True Brace Style for consistency with the rest of PHPLIB Globally insert braces around one-line conditionals Remove irrelevant comments Index: table.inc =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/php/table.inc,v retrieving revision 1.3 retrieving revision 1.4 diff -C2 -d -r1.3 -r1.4 *** table.inc 25 Apr 2002 02:32:10 -0000 1.3 --- table.inc 25 Apr 2002 04:55:34 -0000 1.4 *************** *** 38,43 **** #========================================================================== ! class Table ! { var $classname = "Table"; ## Persistence Support --- 38,42 ---- #========================================================================== ! class Table { [...1008 lines suppressed...] #========================================================================== ! function table_heading_row_add_extra($data, $class="") { ! } #========================================================================== *************** *** 987,992 **** # History : #========================================================================== ! function table_row_add_extra($row, $row_key, $data, $class="") ! {} } ?> --- 962,967 ---- # History : #========================================================================== ! function table_row_add_extra($row, $row_key, $data, $class="") { ! } } ?> |
From: Richard A. <ric...@us...> - 2002-04-25 02:33:09
|
Update of /cvsroot/phplib/php-lib/php/html In directory usw-pr-cvs1:/tmp/cvs-serv3596 Modified Files: table.inc Log Message: synch with -stable Index: table.inc =================================================================== RCS file: /cvsroot/phplib/php-lib/php/html/table.inc,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** table.inc 13 Apr 2000 13:28:49 -0000 1.1 --- table.inc 25 Apr 2002 02:33:06 -0000 1.2 *************** *** 3,7 **** * PHP Base Library * ! * Copyright (c) 1998,1999 NetUSE GmbH * Boris Erdmann, Kristian Koehntopp, * Jeffrey Galbraith --- 3,7 ---- * PHP Base Library * ! * Copyright (c) 1998-2000 NetUSE AG * Boris Erdmann, Kristian Koehntopp, * Jeffrey Galbraith *************** *** 289,295 **** --- 289,298 ---- # Comments : # History : 990618 - Fixed return on select_colnames (JSG). + # : 020424 - Assume $row = 0 for header. Avoid PHP uninitialized + # variable error (LEH). #========================================================================== function table_heading_row($data, $class="") { + $row = 0; if (!is_array($data)) return; *************** *** 302,306 **** # call virtual function ! if ($this->add_extra) $this->table_heading_row_add_extra($data, $class); --- 305,309 ---- # call virtual function ! if (isset($this->add_extra) && $this->add_extra) $this->table_heading_row_add_extra($data, $class); *************** *** 323,327 **** global $debug; ! if (@$debug) printf("<p>show_table_rows()<br>\n"); --- 326,330 ---- global $debug; ! if ($debug) printf("<p>show_table_rows()<br>\n"); *************** *** 356,360 **** global $debug; ! if (@$debug) printf("<p>show_table_rows_result()<br>\n"); --- 359,363 ---- global $debug; ! if ($debug) printf("<p>show_table_rows_result()<br>\n"); *************** *** 393,397 **** global $debug; ! if (@$debug) printf("<p>show_table_page_rows()<br>\n"); --- 396,400 ---- global $debug; ! if ($debug) printf("<p>show_table_page_rows()<br>\n"); *************** *** 433,437 **** global $debug; ! if (@$debug) printf("<p>show_table_page_rows_result()<br>\n"); --- 436,440 ---- global $debug; ! if ($debug) printf("<p>show_table_page_rows_result()<br>\n"); *************** *** 470,474 **** global $debug; ! if (@$debug) printf("<p>table_row()<br>\n"); --- 473,477 ---- global $debug; ! if ($debug) printf("<p>table_row()<br>\n"); *************** *** 479,483 **** # call virtual function ! if ($this->add_extra) $this->table_row_add_extra($row, $row_key, $data, $class); --- 482,486 ---- # call virtual function ! if (isset($this->add_extra) && $this->add_extra) $this->table_row_add_extra($row, $row_key, $data, $class); *************** *** 505,513 **** global $debug; ! if (@$debug) printf("<p>set_checkbox_heading()<br>\n"); ## Checkbox handling... ! if ($this->check) $this->table_heading_cell(0, " ", $class); } --- 508,516 ---- global $debug; ! if ($debug) printf("<p>set_checkbox_heading()<br>\n"); ## Checkbox handling... ! if (isset($this->check) && $this->check) $this->table_heading_cell(0, " ", $class); } *************** *** 530,538 **** global $debug; ! if (@$debug) printf("<p>set_checkbox()<br>\n"); ## Checkbox handling... ! if ($this->check) $this->table_checkbox_cell($row, $row_key, $data, $class); } --- 533,541 ---- global $debug; ! if ($debug) printf("<p>set_checkbox()<br>\n"); ## Checkbox handling... ! if (isset($this->check) && $this->check) $this->table_checkbox_cell($row, $row_key, $data, $class); } *************** *** 548,551 **** --- 551,555 ---- # Comments : # History : 990618 - Fixed problem with filtering headers (JSG). + # : 020424 - Fixed code typo - changed $cell=0 to $col=0 (LEH). #========================================================================== function show_table_heading_cells($data, $class="") *************** *** 553,557 **** global $debug; ! if (@$debug) printf("<p>show_table_heading_cells()<br>\n"); --- 557,561 ---- global $debug; ! if ($debug) printf("<p>show_table_heading_cells()<br>\n"); *************** *** 559,563 **** return 0; ! $cell = 0; $d = $this->select_colnames($data); --- 563,567 ---- return 0; ! $col = 0; $d = $this->select_colnames($data); *************** *** 589,593 **** global $debug; ! if (@$debug) printf("<p>show_table_cells()<br>\n"); --- 593,597 ---- global $debug; ! if ($debug) printf("<p>show_table_cells()<br>\n"); *************** *** 602,606 **** while(list($key, $val) = each($d)) { ! $this->table_cell($row, $cell++, $val, $data[$val], $class); } --- 606,611 ---- while(list($key, $val) = each($d)) { ! if (isset($data[$val])) ! $this->table_cell($row, $cell++, $val, $data[$val], $class); } *************** *** 655,659 **** ## Check for column name remapping ! if ($this->verify_array($this->map_cols)) { reset($this->map_cols); --- 660,664 ---- ## Check for column name remapping ! if (isset($this->map_cols) && $this->verify_array($this->map_cols)) { reset($this->map_cols); *************** *** 831,838 **** global $debug; ! if (@$debug) printf("<p>select_colnames()<br>\n"); ! if (!is_array($this->fields) && is_array($data)) { reset($data); --- 836,843 ---- global $debug; ! if ($debug) printf("<p>select_colnames()<br>\n"); ! if (!(isset($this->fields) && is_array($this->fields)) && is_array($data)) { reset($data); *************** *** 845,849 **** $d = $this->fields; ! if (@$debug) { print_array($d); --- 850,854 ---- $d = $this->fields; ! if ($debug) { print_array($d); *************** *** 882,886 **** global $debug; ! if (@$debug) printf("<p>table_open()<br>\n"); --- 887,891 ---- global $debug; ! if ($debug) printf("<p>table_open()<br>\n"); *************** *** 902,906 **** global $debug; ! if (@$debug) printf("<p>table_close()<br>\n"); --- 907,911 ---- global $debug; ! if ($debug) printf("<p>table_close()<br>\n"); |
From: Richard A. <ric...@us...> - 2002-04-25 02:32:14
|
Update of /cvsroot/phplib/php-lib-stable/php In directory usw-pr-cvs1:/tmp/cvs-serv2960 Modified Files: table.inc Log Message: Merge changes from Lindsay Haisley: Fix undefined variable warnings Assume $row = 0 for header Fixed typo - changed $cell=0 to $col=0 Index: table.inc =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/php/table.inc,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** table.inc 12 Jul 2000 18:22:35 -0000 1.2 --- table.inc 25 Apr 2002 02:32:10 -0000 1.3 *************** *** 289,295 **** --- 289,298 ---- # Comments : # History : 990618 - Fixed return on select_colnames (JSG). + # : 020424 - Assume $row = 0 for header. Avoid PHP uninitialized + # variable error (LEH). #========================================================================== function table_heading_row($data, $class="") { + $row = 0; if (!is_array($data)) return; *************** *** 302,306 **** # call virtual function ! if ($this->add_extra) $this->table_heading_row_add_extra($data, $class); --- 305,309 ---- # call virtual function ! if (isset($this->add_extra) && $this->add_extra) $this->table_heading_row_add_extra($data, $class); *************** *** 479,483 **** # call virtual function ! if ($this->add_extra) $this->table_row_add_extra($row, $row_key, $data, $class); --- 482,486 ---- # call virtual function ! if (isset($this->add_extra) && $this->add_extra) $this->table_row_add_extra($row, $row_key, $data, $class); *************** *** 509,513 **** ## Checkbox handling... ! if ($this->check) $this->table_heading_cell(0, " ", $class); } --- 512,516 ---- ## Checkbox handling... ! if (isset($this->check) && $this->check) $this->table_heading_cell(0, " ", $class); } *************** *** 534,538 **** ## Checkbox handling... ! if ($this->check) $this->table_checkbox_cell($row, $row_key, $data, $class); } --- 537,541 ---- ## Checkbox handling... ! if (isset($this->check) && $this->check) $this->table_checkbox_cell($row, $row_key, $data, $class); } *************** *** 548,551 **** --- 551,555 ---- # Comments : # History : 990618 - Fixed problem with filtering headers (JSG). + # : 020424 - Fixed code typo - changed $cell=0 to $col=0 (LEH). #========================================================================== function show_table_heading_cells($data, $class="") *************** *** 559,563 **** return 0; ! $cell = 0; $d = $this->select_colnames($data); --- 563,567 ---- return 0; ! $col = 0; $d = $this->select_colnames($data); *************** *** 602,606 **** while(list($key, $val) = each($d)) { ! $this->table_cell($row, $cell++, $val, $data[$val], $class); } --- 606,611 ---- while(list($key, $val) = each($d)) { ! if (isset($data[$val])) ! $this->table_cell($row, $cell++, $val, $data[$val], $class); } *************** *** 655,659 **** ## Check for column name remapping ! if ($this->verify_array($this->map_cols)) { reset($this->map_cols); --- 660,664 ---- ## Check for column name remapping ! if (isset($this->map_cols) && $this->verify_array($this->map_cols)) { reset($this->map_cols); *************** *** 834,838 **** printf("<p>select_colnames()<br>\n"); ! if (!is_array($this->fields) && is_array($data)) { reset($data); --- 839,843 ---- printf("<p>select_colnames()<br>\n"); ! if (!(isset($this->fields) && is_array($this->fields)) && is_array($data)) { reset($data); |
From: Richard A. <ric...@us...> - 2002-04-25 02:21:04
|
Update of /cvsroot/phplib/php-lib-stable/pages In directory usw-pr-cvs1:/tmp/cvs-serv1132 Modified Files: showoff.php3 Log Message: alter usage of table class so it works Index: showoff.php3 =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/pages/showoff.php3,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -C2 -d -r1.1.1.1 -r1.2 *** showoff.php3 17 Apr 2000 16:40:07 -0000 1.1.1.1 --- showoff.php3 25 Apr 2002 02:20:59 -0000 1.2 *************** *** 142,147 **** // This time, the style sheet class "data" is being used. $db->query("select * from active_sessions order by changed desc"); - // $t is reused... printf("<h3>active_sessions data</h3>\n"); --- 142,150 ---- // This time, the style sheet class "data" is being used. $db->query("select * from active_sessions order by changed desc"); + + // Create a Table instance to print that array + $t = new Table; + $t->heading = "on"; printf("<h3>active_sessions data</h3>\n"); |
From: Richard A. <ric...@us...> - 2002-04-25 02:19:34
|
Update of /cvsroot/phplib/php-lib-stable/php In directory usw-pr-cvs1:/tmp/cvs-serv3225 Modified Files: auth.inc Log Message: fix undefined variable warning in auth.inc Index: auth.inc =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/php/auth.inc,v retrieving revision 1.6 retrieving revision 1.7 diff -C2 -d -r1.6 -r1.7 *** auth.inc 3 Apr 2002 22:53:35 -0000 1.6 --- auth.inc 25 Apr 2002 02:19:31 -0000 1.7 *************** *** 68,73 **** case "form": # Login in progress ! if ($HTTP_POST_VARS[$this->cancel_login] or ! $HTTP_GET_VARS[$this->cancel_login]) { # If $this->cancel_login is set, delete all auth info and set # state to "Not logged in", so eventually default or automatic --- 68,73 ---- case "form": # Login in progress ! if ((isset($HTTP_POST_VARS[$this->cancel_login]) && $HTTP_POST_VARS[$this->cancel_login]) or ! (isset($HTTP_GET_VARS[$this->cancel_login]) && $HTTP_GET_VARS[$this->cancel_login])) { # If $this->cancel_login is set, delete all auth info and set # state to "Not logged in", so eventually default or automatic |
From: Layne W. <lay...@us...> - 2002-04-03 22:53:40
|
Update of /cvsroot/phplib/php-lib-stable In directory usw-pr-cvs1:/tmp/cvs-serv2961 Modified Files: CHANGES Log Message: in auth.inc, allow cancel_login to come from GET as well as POST - was set to POST from global variable yesterday Index: CHANGES =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/CHANGES,v retrieving revision 1.17 retrieving revision 1.18 diff -C2 -d -r1.17 -r1.18 *** CHANGES 2 Apr 2002 23:23:12 -0000 1.17 --- CHANGES 3 Apr 2002 22:53:35 -0000 1.18 *************** *** 1,4 **** --- 1,8 ---- $Id$ + 03-Apr-2002 layne_weathers + - in auth.inc, allow cancel_login to come from GET as well as POST + - was set to POST from global variable yesterday + 02-Apr-2002 layne_weathers - Responded to [ #455856 ] PHPLib fails with register_globals off |
From: Layne W. <lay...@us...> - 2002-04-03 22:53:40
|
Update of /cvsroot/phplib/php-lib-stable/php In directory usw-pr-cvs1:/tmp/cvs-serv2961/php Modified Files: auth.inc Log Message: in auth.inc, allow cancel_login to come from GET as well as POST - was set to POST from global variable yesterday Index: auth.inc =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/php/auth.inc,v retrieving revision 1.5 retrieving revision 1.6 diff -C2 -d -r1.5 -r1.6 *** auth.inc 2 Apr 2002 23:23:12 -0000 1.5 --- auth.inc 3 Apr 2002 22:53:35 -0000 1.6 *************** *** 45,49 **** ## function start() { ! global $sess, $HTTP_POST_VARS; ## This is for performance, I guess but I'm not sure if it could --- 45,49 ---- ## function start() { ! global $sess, $HTTP_POST_VARS, $HTTP_GET_VARS; ## This is for performance, I guess but I'm not sure if it could *************** *** 62,67 **** # 1) Not logged in (no valid auth info or auth expired) # 2) Logged in (valid auth info) ! # 3) Login in progress (if $HTTP_POST_VARS[$this->cancel_login], ! # revert to state 1) if ($this->is_authenticated()) { $uid = $this->auth["uid"]; --- 62,66 ---- # 1) Not logged in (no valid auth info or auth expired) # 2) Logged in (valid auth info) ! # 3) Login in progress (if $this->cancel_login, revert to state 1) if ($this->is_authenticated()) { $uid = $this->auth["uid"]; *************** *** 69,76 **** case "form": # Login in progress ! if ($HTTP_POST_VARS[$this->cancel_login]) { ! # If $HTTP_POST_VARS[$this->cancel_login] is set, ! # delete all auth info and set state to "Not logged in", ! # so eventually default or automatic authentication may take place $this->unauth(); $state = 1; --- 68,76 ---- case "form": # Login in progress ! if ($HTTP_POST_VARS[$this->cancel_login] or ! $HTTP_GET_VARS[$this->cancel_login]) { ! # If $this->cancel_login is set, delete all auth info and set ! # state to "Not logged in", so eventually default or automatic ! # authentication may take place $this->unauth(); $state = 1; |
From: Layne W. <lay...@us...> - 2002-04-03 00:29:47
|
Update of /cvsroot/phplib/php-lib-stable In directory usw-pr-cvs1:/tmp/cvs-serv22606 Modified Files: CHANGES Log Message: Responded to [ #455856 ] PHPLib fails with register_globals off - replaced global post vars in auth (auth.inc, *loginform.ihtml, local.inc) - replaced $GLOBALS["PHP_SELF"] with getenv("PHP_SELF") in tree.inc - did not audit all classes - problems may likely exist in other files Index: CHANGES =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/CHANGES,v retrieving revision 1.16 retrieving revision 1.17 diff -C2 -d -r1.16 -r1.17 *** CHANGES 19 Mar 2002 22:32:24 -0000 1.16 --- CHANGES 2 Apr 2002 23:23:12 -0000 1.17 *************** *** 1,4 **** --- 1,10 ---- $Id$ + 02-Apr-2002 layne_weathers + - Responded to [ #455856 ] PHPLib fails with register_globals off + - replaced global post vars in auth (auth.inc, *loginform.ihtml, local.inc) + - replaced $GLOBALS["PHP_SELF"] with getenv("PHP_SELF") in tree.inc + - did not audit all classes - problems may likely exist in other files + 19-Mar-2002 layne_weathers - Fixed [ #446455 ] Failures with register_globals off |
From: Layne W. <lay...@us...> - 2002-04-03 00:29:31
|
Update of /cvsroot/phplib/php-lib-stable/php In directory usw-pr-cvs1:/tmp/cvs-serv22606/php Modified Files: auth.inc crcloginform.ihtml crloginform.ihtml local.inc loginform.ihtml tree.inc Log Message: Responded to [ #455856 ] PHPLib fails with register_globals off - replaced global post vars in auth (auth.inc, *loginform.ihtml, local.inc) - replaced $GLOBALS["PHP_SELF"] with getenv("PHP_SELF") in tree.inc - did not audit all classes - problems may likely exist in other files Index: auth.inc =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/php/auth.inc,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** auth.inc 16 Aug 2001 18:49:57 -0000 1.4 --- auth.inc 2 Apr 2002 23:23:12 -0000 1.5 *************** *** 45,50 **** ## function start() { ! $cl = $this->cancel_login; ! global $sess, $$cl; ## This is for performance, I guess but I'm not sure if it could --- 45,49 ---- ## function start() { ! global $sess, $HTTP_POST_VARS; ## This is for performance, I guess but I'm not sure if it could *************** *** 55,62 **** } ! ## back compatibility: if d_c is set, create db object if(isset($this->database_class)) { ! $class = $this->database_class; ! $this->db = new $class; } --- 54,60 ---- } ! ## back compatibility: if database_class is set, create db object if(isset($this->database_class)) { ! $this->db = new $this->database_class; } *************** *** 64,68 **** # 1) Not logged in (no valid auth info or auth expired) # 2) Logged in (valid auth info) ! # 3) Login in progress (if $$cl, revert to state 1) if ($this->is_authenticated()) { $uid = $this->auth["uid"]; --- 62,67 ---- # 1) Not logged in (no valid auth info or auth expired) # 2) Logged in (valid auth info) ! # 3) Login in progress (if $HTTP_POST_VARS[$this->cancel_login], ! # revert to state 1) if ($this->is_authenticated()) { $uid = $this->auth["uid"]; *************** *** 70,77 **** case "form": # Login in progress ! if ($$cl) { ! # If $$cl is set, delete all auth info ! # and set state to "Not logged in", so eventually ! # default or automatic authentication may take place $this->unauth(); $state = 1; --- 69,76 ---- case "form": # Login in progress ! if ($HTTP_POST_VARS[$this->cancel_login]) { ! # If $HTTP_POST_VARS[$this->cancel_login] is set, ! # delete all auth info and set state to "Not logged in", ! # so eventually default or automatic authentication may take place $this->unauth(); $state = 1; Index: crcloginform.ihtml =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/php/crcloginform.ihtml,v retrieving revision 1.3 retrieving revision 1.4 diff -C2 -d -r1.3 -r1.4 *** crcloginform.ihtml 29 Aug 2001 12:34:47 -0000 1.3 --- crcloginform.ihtml 2 Apr 2002 23:23:12 -0000 1.4 *************** *** 76,81 **** <?php ! global $username; ! if ( isset($username) ) { ?> <!-- failed login code --> --- 76,81 ---- <?php ! global $HTTP_POST_VARS; ! if ( isset($HTTP_POST_VARS["username"]) ) { ?> <!-- failed login code --> Index: crloginform.ihtml =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/php/crloginform.ihtml,v retrieving revision 1.3 retrieving revision 1.4 diff -C2 -d -r1.3 -r1.4 *** crloginform.ihtml 29 Aug 2001 12:34:47 -0000 1.3 --- crloginform.ihtml 2 Apr 2002 23:23:12 -0000 1.4 *************** *** 74,79 **** <?php ! global $username; ! if ( isset($username) ) { ?> <!-- failed login code --> --- 74,79 ---- <?php ! global $HTTP_POST_VARS; ! if ( isset($HTTP_POST_VARS["username"]) ) { ?> <!-- failed login code --> Index: local.inc =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/php/local.inc,v retrieving revision 1.8 retrieving revision 1.9 diff -C2 -d -r1.8 -r1.9 *** local.inc 29 Aug 2001 12:34:47 -0000 1.8 --- local.inc 2 Apr 2002 23:23:12 -0000 1.9 *************** *** 104,111 **** function auth_validatelogin() { ! global $username, $password; ! if(isset($username)) { ! $this->auth["uname"]=$username; ## This provides access for "loginform.ihtml" } --- 104,111 ---- function auth_validatelogin() { ! global $HTTP_POST_VARS; ! if(isset($HTTP_POST_VARS["username"])) { ! $this->auth["uname"] = $HTTP_POST_VARS["username"]; ## This provides access for "loginform.ihtml" } *************** *** 117,122 **** " and password = '%s'", $this->database_table, ! addslashes($username), ! addslashes($password))); while($this->db->next_record()) { --- 117,122 ---- " and password = '%s'", $this->database_table, ! addslashes($HTTP_POST_VARS["username"]), ! addslashes($HTTP_POST_VARS["password"]))); while($this->db->next_record()) { *************** *** 161,173 **** function auth_validatelogin() { ! global $username, $password, $challenge, $response; ! if(isset($username)) { ! $this->auth["uname"]=$username; ## This provides access for "loginform.ihtml" } ! $this->db->query(sprintf("select user_id,perms,password ". "from %s where username = '%s'", $this->database_table, ! addslashes($username))); if ($this->db->num_rows() == 0) { --- 161,173 ---- function auth_validatelogin() { ! global $HTTP_POST_VARS, $challenge; ! if(isset($HTTP_POST_VARS["username"])) { ! $this->auth["uname"] = $HTTP_POST_VARS["username"]; ## This provides access for "loginform.ihtml" } ! $this->db->query(sprintf("select user_id, perms, password ". "from %s where username = '%s'", $this->database_table, ! addslashes($HTTP_POST_VARS["username"]))); if ($this->db->num_rows() == 0) { *************** *** 180,188 **** $pass = $this->db->f("password"); } ! $expected_response = md5("$username:$pass:$challenge"); ## True when JS is disabled ! if ($response == "") { ! if ($password != $pass) { return false; } else { --- 180,188 ---- $pass = $this->db->f("password"); } ! $expected_response = md5("$HTTP_POST_VARS[username]:$pass:$challenge"); ## True when JS is disabled ! if ($HTTP_POST_VARS["response"] == "") { ! if ($HTTP_POST_VARS["password"] != $pass) { return false; } else { *************** *** 193,197 **** ## Response is set, JS is enabled ! if ($expected_response != $response) { return false; } else { --- 193,197 ---- ## Response is set, JS is enabled ! if ($expected_response != $HTTP_POST_VARS["response"]) { return false; } else { *************** *** 232,243 **** function auth_validatelogin() { ! global $username, $password, $challenge, $response; ! $this->auth["uname"]=$username; ## This provides access for "loginform.ihtml" ! $this->db->query(sprintf("select user_id,perms,password ". "from %s where username = '%s'", $this->database_table, ! addslashes($username))); if ($this->db->num_rows() == 0) { --- 232,243 ---- function auth_validatelogin() { ! global $HTTP_POST_VARS, $challenge; ! $this->auth["uname"] = $HTTP_POST_VARS["username"]; ## This provides access for "loginform.ihtml" ! $this->db->query(sprintf("select user_id, perms, password ". "from %s where username = '%s'", $this->database_table, ! addslashes($HTTP_POST_VARS["username"]))); if ($this->db->num_rows() == 0) { *************** *** 250,258 **** $pass = $this->db->f("password"); ## Password is stored as a md5 hash } ! $expected_response = md5("$username:$pass:$challenge"); ## True when JS is disabled ! if ($response == "") { ! if (md5($password) != $pass) { ## md5 hash for non-JavaScript browsers return false; } else { --- 250,258 ---- $pass = $this->db->f("password"); ## Password is stored as a md5 hash } ! $expected_response = md5("$HTTP_POST_VARS[username]:$pass:$challenge"); ## True when JS is disabled ! if ($HTTP_POST_VARS["response"] == "") { ! if (md5($HTTP_POST_VARS["password"]) != $pass) { ## md5 hash for non-JavaScript browsers return false; } else { *************** *** 263,267 **** ## Response is set, JS is enabled ! if ($expected_response != $response) { return false; } else { --- 263,267 ---- ## Response is set, JS is enabled ! if ($expected_response != $HTTP_POST_VARS["response"]) { return false; } else { Index: loginform.ihtml =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/php/loginform.ihtml,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** loginform.ihtml 29 Aug 2001 07:30:21 -0000 1.2 --- loginform.ihtml 2 Apr 2002 23:23:12 -0000 1.3 *************** *** 36,40 **** </table> ! <?php global $username; if ( isset($username) ): ?> <!-- failed login code --> --- 36,43 ---- </table> ! <?php ! global $HTTP_POST_VARS; ! if ( isset($HTTP_POST_VARS["username"]) ) { ! ?> <!-- failed login code --> *************** *** 48,52 **** </table> ! <?php endif ?> </table> --- 51,57 ---- </table> ! <?php ! } ! ?> </table> Index: tree.inc =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/php/tree.inc,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** tree.inc 16 Aug 2001 05:39:07 -0000 1.2 --- tree.inc 2 Apr 2002 23:23:12 -0000 1.3 *************** *** 210,218 **** } if (isset($sess)) { ! $query_string = $sess->url($GLOBALS["PHP_SELF"]); $query_string .= $sess->mode == "get" ? "&" : "?"; $query_string .= "val=" . urlencode($value); } else { ! $query_string = $GLOBALS["PHP_SELF"] . "?val=" . urlencode($value); } $this->outp.= sprintf("</TT> %s->'<A HREF=\"%s\">%s</A>'". --- 210,218 ---- } if (isset($sess)) { ! $query_string = $sess->url(getenv("PHP_SELF")); $query_string .= $sess->mode == "get" ? "&" : "?"; $query_string .= "val=" . urlencode($value); } else { ! $query_string = getenv("PHP_SELF") . "?val=" . urlencode($value); } $this->outp.= sprintf("</TT> %s->'<A HREF=\"%s\">%s</A>'". *************** *** 239,247 **** } if (isset($sess)) { ! $query_string = $sess->url($GLOBALS["PHP_SELF"]); $query_string .= $sess->mode == "get" ? "&" : "?"; $query_string .= "val=" . urlencode($value); } else { ! $query_string = $GLOBALS["PHP_SELF"] . "?val=" . urlencode($value); } $this->outp.= sprintf("</TT> %s->'<A HREF=\"%s\">%s</A>'". --- 239,247 ---- } if (isset($sess)) { ! $query_string = $sess->url(getenv("PHP_SELF")); $query_string .= $sess->mode == "get" ? "&" : "?"; $query_string .= "val=" . urlencode($value); } else { ! $query_string = getenv("PHP_SELF") . "?val=" . urlencode($value); } $this->outp.= sprintf("</TT> %s->'<A HREF=\"%s\">%s</A>'". |
From: Bernhard F. <bf...@on...> - 2002-03-20 21:12:50
|
Hi! I am new in this mailing list (in fact, it's my first mailing list :-) ) and I have a problem with an older version of phplib. Users at my website http://www.fatnews.de can login, but although I use cookies in session.inc the user isn't logged in when he returns to my website some days or hours later! What is wrong? Can anybody help me? to secure my files I use this code: <? require("autorlib/domain.inc"); page_open(array("sess" => "Session_autor", "auth" => "Auth_autor")); ?> <p>Hello World</p> <?page_close()?> I use this files: auth.inc, page.inc, session.inc, perms.inc, db_mysql.inc, ct_sql.inc here are my settings in session.inc: ################################################################ var $classname = "Session"; ## Needed for object serialization. ## Define the parameters of your session by either overwriting ## these values or by subclassing session (recommended). var $magic = "dickarsch"; ## Some string you should change. var $mode = "cookie"; ## We propagate session IDs with cookies //var $fallback_mode; ## If this doesn't work, fall back... var $lifetime = 525600; ## 0 = do session cookies, else minutes var $cookie_domain = "fatnews.de"; ## If set, the domain for which the ## session cookie is set. var $gc_time = 525600; ## Purge all session data older than 1440 minutes. var $gc_probability = 1; ## Garbage collect probability in percent var $auto_init = ""; ## Name of the autoinit-File, if any. var $secure_auto_init = 1; ## Set to 0 only, if all pages call ## page_close() guaranteed. var $allowcache = "passive"; ## "passive", "no", "private", "public" var $allowcache_expire = 525600; ## If you allowcache, data expires in this ## many minutes. var $that_class = ""; ## Name of data storage container ## ## End of parameters. ## var $name; ## Session name var $id; ## Unique Session ID var $that; var $pt = array(); ## This Array contains the registered things var $in = false; ## Marker: Did we already include the autoinit file? ################################################################ this are my auth.inc settings: ################################################################ class Auth { var $classname = "Auth"; var $persistent_slots = array("auth"); var $lifetime = 525600; ## Max allowed idle time before ## reauthentication is necessary. ## If set to 0, auth never expires. var $refresh = 0; ## Refresh interval in minutes. ## When expires auth data is refreshed ## from db using auth_refreshlogin() ## method. Set to 0 to disable refresh var $mode = "log"; ## "log" for login only systems, ## "reg" for user self registration var $magic = "sjz2u73zdsz"; ## Used in uniqid() generation var $nobody = false; ## If true, a default auth is created... var $cancel_login = "cancel_login"; ## The name of a button that can be ## used to cancel a login form ## End of user qualifiable settings. var $auth = array(); ## Data array var $in; var $db; ################################################################ |
From: Layne W. <lay...@us...> - 2002-03-19 22:32:28
|
Update of /cvsroot/phplib/php-lib-stable/php In directory usw-pr-cvs1:/tmp/cvs-serv22359/php Modified Files: layout_html.inc menu.inc oohforms.inc session.inc setup.inc tpl_form.inc Log Message: Fixed [ #446455 ] Failures with register_globals off Index: layout_html.inc =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/php/layout_html.inc,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** layout_html.inc 12 Jul 2000 18:22:34 -0000 1.2 --- layout_html.inc 19 Mar 2002 22:32:25 -0000 1.3 *************** *** 77,81 **** ## these vars are needed for generating an IMG-Tag ## layouturl: s.th. like "http://hugo.bla/" ! ## layoutpath: if empty it will be set on first call to $DOCUMENT_ROOT ## var $layouturl = ''; --- 77,81 ---- ## these vars are needed for generating an IMG-Tag ## layouturl: s.th. like "http://hugo.bla/" ! ## layoutpath: if empty it will be set on first call to DOCUMENT_ROOT ## var $layouturl = ''; *************** *** 614,618 **** ## server (hm, this is difficult!) function doc_pic ($a,$showdetails=false,$force=false) { ! GLOBAL $DOCUMENT_ROOT; $SRC=$a[SRC]; $path=$a[path]; --- 614,618 ---- ## server (hm, this is difficult!) function doc_pic ($a,$showdetails=false,$force=false) { ! GLOBAL $HTTP_SERVER_VARS; $SRC=$a[SRC]; $path=$a[path]; *************** *** 638,644 **** } if (ereg("^/",$SRC)) { ! ## if unset, assume $DOCUMENT_ROOT to be the path if (!$this->layoutpath) { ! $this->layoutpath=$GLOBALS[DOCUMENT_ROOT]; } $SRC= $this->layouturl . $SRC; --- 638,644 ---- } if (ereg("^/",$SRC)) { ! ## if unset, assume DOCUMENT_ROOT to be the path if (!$this->layoutpath) { ! $this->layoutpath = $HTTP_SERVER_VARS["DOCUMENT_ROOT"]; } $SRC= $this->layouturl . $SRC; Index: menu.inc =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/php/menu.inc,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** menu.inc 20 Aug 2001 06:35:00 -0000 1.2 --- menu.inc 19 Mar 2002 22:32:25 -0000 1.3 *************** *** 54,61 **** */ function get() { ! global $PHP_SELF; # Determine normalized current position in tree ! $this->map = $this->normalize_pos($PHP_SELF); # Determine menu levels up from current position --- 54,61 ---- */ function get() { ! global $HTTP_SERVER_VARS; # Determine normalized current position in tree ! $this->map = $this->normalize_pos($HTTP_SERVER_VARS["PHP_SELF"]); # Determine menu levels up from current position *************** *** 169,177 **** */ function get_title() { ! global $PHP_SELF; $this->title = ""; # Determine normalized current position in tree ! $this->map = $this->normalize_pos($PHP_SELF); # Determine menu levels up from current position --- 169,177 ---- */ function get_title() { ! global $HTTP_SERVER_VARS; $this->title = ""; # Determine normalized current position in tree ! $this->map = $this->normalize_pos($HTTP_SERVER_VARS["PHP_SELF"]); # Determine menu levels up from current position Index: oohforms.inc =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/php/oohforms.inc,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** oohforms.inc 26 Aug 2001 04:56:13 -0000 1.2 --- oohforms.inc 19 Mar 2002 22:32:25 -0000 1.3 *************** *** 157,161 **** function get_start($jvs_name="",$method="",$action="",$target="",$form_name="") { ! global $PHP_SELF; $str = ""; --- 157,161 ---- function get_start($jvs_name="",$method="",$action="",$target="",$form_name="") { ! global $HTTP_SERVER_VARS; $str = ""; *************** *** 164,168 **** $this->n = 0; if (!$method) $method = "POST"; ! if (!$action) $action = $PHP_SELF; if (!$target) $target = "_self"; --- 164,168 ---- $this->n = 0; if (!$method) $method = "POST"; ! if (!$action) $action = $HTTP_SERVER_VARS["PHP_SELF"]; if (!$target) $target = "_self"; Index: session.inc =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/php/session.inc,v retrieving revision 1.13 retrieving revision 1.14 diff -C2 -d -r1.13 -r1.14 *** session.inc 6 Jan 2002 15:10:46 -0000 1.13 --- session.inc 19 Mar 2002 22:32:25 -0000 1.14 *************** *** 86,90 **** function get_id($id = "") { ! global $HTTP_COOKIE_VARS, $HTTP_GET_VARS, $HTTP_POST_VARS, $QUERY_STRING; $newid=true; --- 86,90 ---- function get_id($id = "") { ! global $HTTP_COOKIE_VARS, $HTTP_GET_VARS, $HTTP_POST_VARS, $HTTP_SERVER_VARS; $newid=true; *************** *** 126,140 **** // Remove session ID info from QUERY String - it is in cookie ! if ( isset($QUERY_STRING) && ("" != $QUERY_STRING) ) { ! $QUERY_STRING = ereg_replace( "(^|&)".quotemeta(urlencode($this->name))."=".$id."(&|$)", ! "\\1", $QUERY_STRING); } break; case "get": ! if ( isset($QUERY_STRING) && ("" != $QUERY_STRING) ) { ! $QUERY_STRING = ereg_replace( "(^|&)".quotemeta(urlencode($this->name))."=".$id."(&|$)", ! "\\1", $QUERY_STRING); } break; --- 126,140 ---- // Remove session ID info from QUERY String - it is in cookie ! if ( isset($HTTP_SERVER_VARS["QUERY_STRING"]) && ("" != $HTTP_SERVER_VARS["QUERY_STRING"]) ) { ! $HTTP_SERVER_VARS["QUERY_STRING"] = ereg_replace( "(^|&)".quotemeta(urlencode($this->name))."=".$id."(&|$)", ! "\\1", $HTTP_SERVER_VARS["QUERY_STRING"]); } break; case "get": ! if ( isset($HTTP_SERVER_VARS["QUERY_STRING"]) && ("" != $HTTP_SERVER_VARS["QUERY_STRING"]) ) { ! $HTTP_SERVER_VARS["QUERY_STRING"] = ereg_replace( "(^|&)".quotemeta(urlencode($this->name))."=".$id."(&|$)", ! "\\1", $HTTP_SERVER_VARS["QUERY_STRING"]); } break; *************** *** 210,217 **** function self_url() { ! global $PHP_SELF, $QUERY_STRING; ! return $this->url($PHP_SELF. ! ((isset($QUERY_STRING) && ("" != $QUERY_STRING)) ? "?".$QUERY_STRING : "")); } --- 210,218 ---- function self_url() { ! global $HTTP_SERVER_VARS; ! return $this->url($HTTP_SERVER_VARS["PHP_SELF"] . ! ((isset($HTTP_SERVER_VARS["QUERY_STRING"]) && ("" != $HTTP_SERVER_VARS["QUERY_STRING"])) ! ? "?" . $HTTP_SERVER_VARS["QUERY_STRING"] : "")); } *************** *** 226,233 **** function add_query($qarray) { ! global $PHP_SELF; ! global $QUERY_STRING; ! if ((isset($QUERY_STRING) && ("" != $QUERY_STRING)) || ($this->mode == "get")) { $sep_char = "&"; --- 227,234 ---- function add_query($qarray) { ! global $HTTP_SERVER_VARS; ! if ((isset($HTTP_SERVER_VARS["QUERY_STRING"]) ! && ("" != $HTTP_SERVER_VARS["QUERY_STRING"])) || ($this->mode == "get")) { $sep_char = "&"; *************** *** 384,388 **** function release_token($sid = "") { global $HTTP_COOKIE_VARS, $HTTP_POST_VARS, $HTTP_GET_VARS, ! $HTTP_HOST, $HTTPS; if ( isset($this->fallback_mode) --- 385,389 ---- function release_token($sid = "") { global $HTTP_COOKIE_VARS, $HTTP_POST_VARS, $HTTP_GET_VARS, ! $HTTP_SERVER_VARS; if ( isset($this->fallback_mode) *************** *** 406,418 **** $this->mode = $this->fallback_mode; ! if ( isset($HTTPS) && $HTTPS == 'on' ) { ## You will need to fix suexec as well, if you ## use Apache and CGI PHP ! $PROTOCOL='https'; } else { ! $PROTOCOL='http'; } header("Status: 302 Moved Temporarily"); ! header("Location: ". $PROTOCOL. "://".$HTTP_HOST.$this->self_url()); exit; } --- 407,421 ---- $this->mode = $this->fallback_mode; ! if ( isset($HTTP_SERVER_VARS["HTTPS"]) ! && $HTTP_SERVER_VARS["HTTPS"] == 'on' ) { ## You will need to fix suexec as well, if you ## use Apache and CGI PHP ! $PROTOCOL = 'https'; } else { ! $PROTOCOL = 'http'; } header("Status: 302 Moved Temporarily"); ! header("Location: " . $PROTOCOL . "://" . ! $HTTP_SERVER_VARS["HTTP_HOST"] . $this->self_url()); exit; } Index: setup.inc =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/php/setup.inc,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -C2 -d -r1.1.1.1 -r1.2 *** setup.inc 17 Apr 2000 16:40:13 -0000 1.1.1.1 --- setup.inc 19 Mar 2002 22:32:25 -0000 1.2 *************** *** 34,38 **** # ! global $HTTP_REFERER, $REMOTE_ADDR, $HTTP_USER_AGENT; $db = new DB_Example; --- 34,38 ---- # ! global $HTTP_SERVER_VARS; $db = new DB_Example; *************** *** 45,51 **** $sess->id, $now, ! $HTTP_REFERER, ! $REMOTE_ADDR, ! $HTTP_USER_AGENT); $db->query($query); --- 45,51 ---- $sess->id, $now, ! $HTTP_SERVER_VARS["HTTP_REFERER"], ! $HTTP_SERVER_VARS["REMOTE_ADDR"], ! $HTTP_SERVER_VARS["HTTP_USER_AGENT"]); $db->query($query); Index: tpl_form.inc =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/php/tpl_form.inc,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** tpl_form.inc 12 Jul 2000 18:22:35 -0000 1.2 --- tpl_form.inc 19 Mar 2002 22:32:25 -0000 1.3 *************** *** 135,139 **** global $sess; global $form_name; ! global $PHP_SELF; if (! is_object($this->form_data)) { --- 135,143 ---- global $sess; global $form_name; ! ! // I guess some people use $PHP_SELF in their include files ! // otherwise these should be removed completely - layne_weathers ! global $HTTP_SERVER_VARS; ! $PHP_SELF = $HTTP_SERVER_VARS["PHP_SELF"] if (! is_object($this->form_data)) { |
From: Layne W. <lay...@us...> - 2002-03-19 22:32:28
|
Update of /cvsroot/phplib/php-lib-stable/pages In directory usw-pr-cvs1:/tmp/cvs-serv22359/pages Modified Files: defauth.php3 Log Message: Fixed [ #446455 ] Failures with register_globals off Index: defauth.php3 =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/pages/defauth.php3,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** defauth.php3 18 Aug 2001 09:41:19 -0000 1.2 --- defauth.php3 19 Mar 2002 22:32:25 -0000 1.3 *************** *** 25,31 **** // after the user submits a username and password, we will unauth // them before they even get logged in! ! $QUERY_STRING = ereg_replace( "(^|&)again=yes(&|$)", ! "\\1", $QUERY_STRING); $auth->login_if($again); // relogin, if this was requested... --- 25,31 ---- // after the user submits a username and password, we will unauth // them before they even get logged in! ! $HTTP_SERVER_VARS["QUERY_STRING"] = ereg_replace( "(^|&)again=yes(&|$)", ! "\\1", $HTTP_SERVER_VARS["QUERY_STRING"]); $auth->login_if($again); // relogin, if this was requested... |
From: Layne W. <lay...@us...> - 2002-03-19 22:32:28
|
Update of /cvsroot/phplib/php-lib-stable In directory usw-pr-cvs1:/tmp/cvs-serv22359 Modified Files: CHANGES Log Message: Fixed [ #446455 ] Failures with register_globals off Index: CHANGES =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/CHANGES,v retrieving revision 1.15 retrieving revision 1.16 diff -C2 -d -r1.15 -r1.16 *** CHANGES 18 Mar 2002 18:07:02 -0000 1.15 --- CHANGES 19 Mar 2002 22:32:24 -0000 1.16 *************** *** 1,6 **** $Id$ 18-Mar-2002 layne_weathers ! - Fixed page.inc's use of isset($sess|$user) to is_object() 14-Mar-2002 layne_weathers --- 1,13 ---- $Id$ + 19-Mar-2002 layne_weathers + - Fixed [ #446455 ] Failures with register_globals off + - Fixed [ #474472 ] db_mssql.inc metadata() contains bugs + - Added [ #474476 ] stuff/create_database.mssql7 attached + - Removed unrelated file pages/probe.php3 + 18-Mar-2002 layne_weathers ! - Fixed [ #482372 ] problem in page.inc ! - changed isset($sess|$user) to is_object($sess|$user) 14-Mar-2002 layne_weathers |
From: Layne W. <lay...@us...> - 2002-03-19 22:29:05
|
Update of /cvsroot/phplib/php-lib-stable/php In directory usw-pr-cvs1:/tmp/cvs-serv21113/php Modified Files: ct_sql.inc Log Message: Removed unused globalizations Index: ct_sql.inc =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/php/ct_sql.inc,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** ct_sql.inc 17 May 2001 00:54:20 -0000 1.4 --- ct_sql.inc 19 Mar 2002 22:28:58 -0000 1.5 *************** *** 74,79 **** ## update duration of visit - global $HTTP_REFERER, $HTTP_USER_AGENT, $REMOTE_ADDR; - $now = date("YmdHis", time()); $uquery = sprintf("update %s set val='%s', changed='%s' where sid='%s' and name='%s'", --- 74,77 ---- |
From: Layne W. <lay...@us...> - 2002-03-19 22:27:33
|
Update of /cvsroot/phplib/php-lib-stable/pages In directory usw-pr-cvs1:/tmp/cvs-serv20703/pages Removed Files: probe.php3 Log Message: Removed unrelated file pages/probe.php3 as discussed on list in Sept. 2001 --- probe.php3 DELETED --- |
From: Layne W. <lay...@us...> - 2002-03-19 22:26:53
|
Update of /cvsroot/phplib/php-lib-stable/stuff In directory usw-pr-cvs1:/tmp/cvs-serv20557/stuff Added Files: create_database.mssql7 Log Message: Added [ #474476 ] stuff/create_database.mssql7 attached --- NEW FILE: create_database.mssql7 --- /* Author: Jaroslaw Zabiello, web...@wa..., 2001-10-24 Generated from server MS-SQL7 SP3 by Enterprise Manager */ /****** Object: Table [dbo].[active_sessions] Script Date: 2001-10-23 23:14:28 ******/ if exists (select * from sysobjects where id = object_id(N'[dbo].[active_sessions]') and OBJECTPROPERTY(id, N'IsUserTable') = 1) drop table [dbo].[active_sessions] GO /****** Object: Table [dbo]. [active_sessions_split] Script Date: 2001-10-23 23:14:28 ******/ if exists (select * from sysobjects where id = object_id(N'[dbo].[active_sessions_split]') and OBJECTPROPERTY(id, N'IsUserTable') = 1) drop table [dbo].[active_sessions_split] GO /****** Object: Table [dbo].[auth_user] Script Date: 2001-10-23 23:14:28 ******/ if exists (select * from sysobjects where id = object_id(N'[dbo].[auth_user]') and OBJECTPROPERTY(id, N'IsUserTable') = 1) drop table [dbo].[auth_user] GO /****** Object: Table [dbo].[auth_user_md5] Script Date: 2001-10-23 23:14:28 ******/ if exists (select * from sysobjects where id = object_id(N'[dbo].[auth_user_md5]') and OBJECTPROPERTY (id, N'IsUserTable') = 1) drop table [dbo].[auth_user_md5] GO /****** Object: Table [dbo].[db_sequence] Script Date: 2001-10-23 23:14:28 ******/ if exists (select * from sysobjects where id = object_id(N'[dbo].[db_sequence]') and OBJECTPROPERTY (id, N'IsUserTable') = 1) drop table [dbo].[db_sequence] GO /****** Object: User dbo Script Date: 2001-10-23 23:14:28 ******/ /****** Object: Table [dbo].[active_sessions] Script Date: 2001-10-23 23:14:29 ******/ CREATE TABLE [dbo].[active_sessions] ( [sid] [varchar] (32) NOT NULL , [name] [varchar] (32) NOT NULL , [val] [text] NULL , [changed] [varchar] (14) NOT NULL ) ON [PRIMARY] TEXTIMAGE_ON [PRIMARY] GO /****** Object: Table [dbo]. [active_sessions_split] Script Date: 2001-10-23 23:14:29 ******/ CREATE TABLE [dbo].[active_sessions_split] ( [ct_sid] [varchar] (32) NOT NULL , [ct_name] [varchar] (32) NOT NULL , [ct_pos] [varchar] (6) NOT NULL , [ct_val] [text] NULL , [ct_changed] [varchar] (14) NOT NULL ) ON [PRIMARY] TEXTIMAGE_ON [PRIMARY] GO /****** Object: Table [dbo].[auth_user] Script Date: 2001-10-23 23:14:30 ******/ CREATE TABLE [dbo].[auth_user] ( [user_id] [varchar] (32) NOT NULL , [username] [varchar] (32) NOT NULL , [password] [varchar] (32) NOT NULL , [perms] [varchar] (255) NULL ) ON [PRIMARY] GO /****** Object: Table [dbo].[auth_user_md5] Script Date: 2001-10-23 23:14:30 ******/ CREATE TABLE [dbo].[auth_user_md5] ( [user_id] [varchar] (32) NOT NULL , [username] [varchar] (32) NOT NULL , [password] [varchar] (32) NOT NULL , [perms] [varchar] (255) NULL ) ON [PRIMARY] GO /****** Object: Table [dbo].[db_sequence] Script Date: 2001-10-23 23:14:30 ******/ CREATE TABLE [dbo].[db_sequence] ( [seq_name] [varchar] (127) NOT NULL , [nextid] [int] NOT NULL ) ON [PRIMARY] GO ALTER TABLE [dbo].[active_sessions] WITH NOCHECK ADD CONSTRAINT [DF_active_sessions_changed] DEFAULT ('') FOR [changed], CONSTRAINT [PK_active_sessions] PRIMARY KEY NONCLUSTERED ( [name], [sid] ) ON [PRIMARY] GO ALTER TABLE [dbo].[active_sessions_split] WITH NOCHECK ADD CONSTRAINT [DF_active_sessions_split_ct_sid] DEFAULT ('') FOR [ct_sid], CONSTRAINT [DF_active_sessions_split_ct_name] DEFAULT ('') FOR [ct_name], CONSTRAINT [DF_active_sessions_split_ct_pos] DEFAULT ('') FOR [ct_pos], CONSTRAINT [DF_active_sessions_split_ct_changed] DEFAULT ('') FOR [ct_changed], CONSTRAINT [PK_active_sessions_split] PRIMARY KEY NONCLUSTERED ( [ct_name], [ct_sid], [ct_pos] ) ON [PRIMARY] GO ALTER TABLE [dbo].[auth_user] WITH NOCHECK ADD CONSTRAINT [DF_auth_user_user_id] DEFAULT ('') FOR [user_id], CONSTRAINT [DF_auth_user_username] DEFAULT ('') FOR [username], CONSTRAINT [DF_auth_user_password] DEFAULT ('') FOR [password], CONSTRAINT [PK_auth_user] PRIMARY KEY NONCLUSTERED ( [user_id] ) ON [PRIMARY] GO ALTER TABLE [dbo].[auth_user_md5] WITH NOCHECK ADD CONSTRAINT [DF_auth_user_md5_user_id] DEFAULT ('') FOR [user_id], CONSTRAINT [DF_auth_user_md5_username] DEFAULT ('') FOR [username], CONSTRAINT [DF_auth_user_md5_password] DEFAULT ('') FOR [password], CONSTRAINT [PK_auth_user_md5] PRIMARY KEY NONCLUSTERED ( [user_id] ) ON [PRIMARY] GO ALTER TABLE [dbo].[db_sequence] WITH NOCHECK ADD CONSTRAINT [DF_db_sequence_seq_name] DEFAULT ('') FOR [seq_name], CONSTRAINT [DF_db_sequence_nextid] DEFAULT (0) FOR [nextid], CONSTRAINT [PK_db_sequence] PRIMARY KEY NONCLUSTERED ( [seq_name] ) ON [PRIMARY] GO CREATE INDEX [IX_active_sessions] ON [dbo]. [active_sessions]([changed]) ON [PRIMARY] GO CREATE INDEX [IX_active_sessions_split] ON [dbo]. [active_sessions_split]([ct_changed]) ON [PRIMARY] GO CREATE UNIQUE INDEX [IX_auth_user] ON [dbo]. [auth_user]([username]) ON [PRIMARY] GO CREATE UNIQUE INDEX [IX_auth_user_md5] ON [dbo]. [auth_user_md5]([username]) ON [PRIMARY] GO GRANT SELECT , UPDATE , INSERT , DELETE ON [dbo]. [active_sessions] TO [public] GO GRANT SELECT , UPDATE , INSERT , DELETE ON [dbo]. [active_sessions_split] TO [public] GO GRANT SELECT , UPDATE , INSERT , DELETE ON [dbo]. [auth_user] TO [public] GO GRANT SELECT , UPDATE , INSERT , DELETE ON [dbo]. [auth_user_md5] TO [public] GO GRANT SELECT , UPDATE , INSERT , DELETE ON [dbo]. [db_sequence] TO [public] GO INSERT INTO dbo.auth_user VALUES ('c14cbf141ab1b7cd009356f555b607dc','kris','test','admi n'); INSERT INTO dbo.auth_user_md5 VALUES ('c14cbf141ab1b7cd009356f555b607dc','kris','098f6bcd462 1d373cade4e832627b4f6','admin'); |
From: Layne W. <lay...@us...> - 2002-03-19 22:26:16
|
Update of /cvsroot/phplib/php-lib-stable/php In directory usw-pr-cvs1:/tmp/cvs-serv20410/php Modified Files: db_mssql.inc Log Message: Fixed [ #474472 ] db_mssql.inc metadata() contains bugs Index: db_mssql.inc =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/php/db_mssql.inc,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** db_mssql.inc 14 Mar 2002 20:41:07 -0000 1.4 --- db_mssql.inc 19 Mar 2002 22:26:12 -0000 1.5 *************** *** 120,126 **** $info = mssql_fetch_field($id, $i); $res[$i]["table"] = $table; ! $res[$i]["name"] = $info["name"]; ! $res[$i]["len"] = $info["max_length"]; ! $res[$i]["flags"] = $info["numeric"]; } $this->free_result(); --- 120,126 ---- $info = mssql_fetch_field($id, $i); $res[$i]["table"] = $table; ! $res[$i]["name"] = $info->name; ! $res[$i]["len"] = $info->max_length; ! $res[$i]["flags"] = $info->numeric; } $this->free_result(); |
From: Layne W. <lay...@us...> - 2002-03-18 18:07:07
|
Update of /cvsroot/phplib/php-lib-stable/php In directory usw-pr-cvs1:/tmp/cvs-serv456/php Modified Files: page.inc Log Message: Fixed page.inc's use of isset($sess|$user) to is_object() - allows the use of variable $user when not using the user class. Index: page.inc =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/php/page.inc,v retrieving revision 1.3 retrieving revision 1.4 diff -C2 -d -r1.3 -r1.4 *** page.inc 18 Aug 2001 09:48:10 -0000 1.3 --- page.inc 18 Mar 2002 18:07:02 -0000 1.4 *************** *** 23,27 **** global $auth; ! if (!isset($auth)) { $auth = new $feature["auth"]; } --- 23,27 ---- global $auth; ! if (!is_object($auth)) { $auth = new $feature["auth"]; } *************** *** 33,37 **** global $perm; ! if (!isset($perm)) { $perm = new $feature["perm"]; } --- 33,37 ---- global $perm; ! if (!is_object($perm)) { $perm = new $feature["perm"]; } *************** *** 42,46 **** global $user; ! if (!isset($user)) { $user = new $feature["user"]; } --- 42,46 ---- global $user; ! if (!is_object($user)) { $user = new $feature["user"]; } *************** *** 63,69 **** global $sess, $user; ! if (isset($sess)) { $sess->freeze(); ! if (isset($user)) { $user->freeze(); } --- 63,69 ---- global $sess, $user; ! if (is_object($sess)) { $sess->freeze(); ! if (is_object($user)) { $user->freeze(); } |
From: Layne W. <lay...@us...> - 2002-03-18 18:07:07
|
Update of /cvsroot/phplib/php-lib-stable In directory usw-pr-cvs1:/tmp/cvs-serv456 Modified Files: CHANGES Log Message: Fixed page.inc's use of isset($sess|$user) to is_object() - allows the use of variable $user when not using the user class. Index: CHANGES =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/CHANGES,v retrieving revision 1.14 retrieving revision 1.15 diff -C2 -d -r1.14 -r1.15 *** CHANGES 14 Mar 2002 20:42:40 -0000 1.14 --- CHANGES 18 Mar 2002 18:07:02 -0000 1.15 *************** *** 1,4 **** --- 1,7 ---- $Id$ + 18-Mar-2002 layne_weathers + - Fixed page.inc's use of isset($sess|$user) to is_object() + 14-Mar-2002 layne_weathers - Modified lock() in db_mysql.inc to allow lists of tables |
From: Layne W. <lay...@us...> - 2002-03-14 20:42:46
|
Update of /cvsroot/phplib/php-lib-stable In directory usw-pr-cvs1:/tmp/cvs-serv14590 Modified Files: CHANGES Log Message: Modified db_mysql.inc lock(); set default to non-persistent DB connections in non-Oracle classes. Index: CHANGES =================================================================== RCS file: /cvsroot/phplib/php-lib-stable/CHANGES,v retrieving revision 1.13 retrieving revision 1.14 diff -C2 -d -r1.13 -r1.14 *** CHANGES 26 Feb 2002 06:26:11 -0000 1.13 --- CHANGES 14 Mar 2002 20:42:40 -0000 1.14 *************** *** 1,4 **** --- 1,11 ---- $Id$ + 14-Mar-2002 layne_weathers + - Modified lock() in db_mysql.inc to allow lists of tables + - Modified connect() in msql, mssql, mysql, odbc, pgsql and + sybase setting *_connect() as default and allowing the use of + *_pconnect() + - Thanks to Giancarlo Pinerolo for the wait_timeout advice + 26-Feb-2002 richardarcher - fixed [ #480851 ] "call by reference" warning in user.inc |