Menu
▾
▴
xoops-svn
|
From: <rgr...@us...> - 2016-01-02 01:15:11
|
Revision: 13194
http://sourceforge.net/p/xoops/svn/13194
Author: rgriffith
Date: 2016-01-02 01:15:09 +0000 (Sat, 02 Jan 2016)
Log Message:
-----------
Bug fixes
Modified Paths:
--------------
XoopsCore/branches/2.5.x/2.5.7.2/docs/changelog.250.txt
XoopsCore/branches/2.5.x/2.5.7.2/htdocs/class/xoopssecurity.php
XoopsCore/branches/2.5.x/2.5.7.2/htdocs/include/comment_post.php
XoopsCore/branches/2.5.x/2.5.7.2/htdocs/include/version.php
XoopsCore/branches/2.5.x/2.5.7.2/htdocs/modules/system/admin/comments/main.php
XoopsCore/branches/2.5.x/2.5.7.2/htdocs/modules/system/admin/tplsets/jquery.php
XoopsCore/branches/2.5.x/2.5.7.2/htdocs/modules/system/admin/tplsets/main.php
XoopsCore/branches/2.5.x/2.5.7.2/htdocs/modules/system/admin/users/main.php
XoopsCore/branches/2.5.x/2.5.7.2/htdocs/modules/system/templates/admin/system_comments.html
XoopsCore/branches/2.5.x/2.5.7.2/htdocs/modules/system/templates/admin/system_users.html
XoopsCore/branches/2.5.x/2.5.7.2/release_notes.txt
Modified: XoopsCore/branches/2.5.x/2.5.7.2/docs/changelog.250.txt
===================================================================
--- XoopsCore/branches/2.5.x/2.5.7.2/docs/changelog.250.txt 2015-12-27 23:59:18 UTC (rev 13193)
+++ XoopsCore/branches/2.5.x/2.5.7.2/docs/changelog.250.txt 2016-01-02 01:15:09 UTC (rev 13194)
@@ -1,11 +1,22 @@
XOOPS 2.5.x Changelog (Language changes: see: /docs/lang_diff.txt)
=================================
-2014/06/14: Version 2.5.7.1 Final
+2016/02/02: Version 2.5.7.2 Final
=================================
This patch for XOOPS 2.5.7 corrects the following issues:
+- multiple issues reported by Tim Coen (Curesec GmbH)
+
+All XOOPS 2.5.7.1 users are advised to apply this patch as soon as possible. Any users that are running an older XOOPS version are advised to update to XOOPS 2.5.7.2 now.
+
+
+=================================
+2014/06/14: Version 2.5.7.1 Final
+=================================
+
+This patch for XOOPS 2.5.7 corrects the following issues:
+
- CSRF and XSS issues reported by Dingjie 'Daniel' Yang of Qualsys
- XSS and best practice issues reported by Narendra Bhati
@@ -37,7 +48,7 @@
Bugfixes:
- fixed System Module image manager html/js bugs (luciorota)
- replaced "array_diff_assoc" with "array_diff_key" in /class/theme_blocks.php (masel/mamba)
-- icons for active module sections in System module not shown correctly (Slider84/mamba)
+- icons for active module sections in System module not shown correctly (Slider84/mamba)
- added two new language definitions (see lang_diff.txt)
- added Office 2007 MIME types (Voltan)
- added xml MIME type (Goffy)
@@ -844,4 +855,4 @@
- modules/system/class/users.php: User Class Manager (Add)
* Manage user with a specific class
- modules/system/language/english/admin/users.php: User variable (Modify)
- * Changed define name to follow XOOPS standard
\ No newline at end of file
+ * Changed define name to follow XOOPS standard
Modified: XoopsCore/branches/2.5.x/2.5.7.2/htdocs/class/xoopssecurity.php
===================================================================
--- XoopsCore/branches/2.5.x/2.5.7.2/htdocs/class/xoopssecurity.php 2015-12-27 23:59:18 UTC (rev 13193)
+++ XoopsCore/branches/2.5.x/2.5.7.2/htdocs/class/xoopssecurity.php 2016-01-02 01:15:09 UTC (rev 13194)
@@ -9,7 +9,7 @@
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
*
- * @copyright The XOOPS Project http://sourceforge.net/projects/xoops/
+ * @copyright (c) 2000-2015 XOOPS Project (www.xoops.org)
* @license GNU GPL 2 (http://www.gnu.org/licenses/old-licenses/gpl-2.0.html)
* @package kernel
* @since 2.0.0
@@ -69,7 +69,7 @@
}
$token_data = array(
'id' => $token_id ,
- 'expire' => time() + intval($timeout));
+ 'expire' => time() + (int)($timeout));
array_push($_SESSION[$name . '_SESSION'], $token_data);
return md5($token_id . $_SERVER['HTTP_USER_AGENT'] . XOOPS_DB_PREFIX);
@@ -111,8 +111,10 @@
}
}
}
- if (!$validFound) {
- $xoopsLogger->addExtra('Token Validation', 'No valid token found');
+ if (!$validFound && !isset($str)) {
+ $str = 'No valid token found';
+ $this->setErrors($str);
+ $xoopsLogger->addExtra('Token Validation', $str);
}
$this->garbageCollection($name);
Modified: XoopsCore/branches/2.5.x/2.5.7.2/htdocs/include/comment_post.php
===================================================================
--- XoopsCore/branches/2.5.x/2.5.7.2/htdocs/include/comment_post.php 2015-12-27 23:59:18 UTC (rev 13193)
+++ XoopsCore/branches/2.5.x/2.5.7.2/htdocs/include/comment_post.php 2016-01-02 01:15:09 UTC (rev 13194)
@@ -9,7 +9,7 @@
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
*
- * @copyright The XOOPS Project http://sourceforge.net/projects/xoops/
+ * @copyright (c) 2000-2015 XOOPS Project (www.xoops.org)
* @license GNU GPL 2 (http://www.gnu.org/licenses/old-licenses/gpl-2.0.html)
* @package kernel
* @since 2.0.0
@@ -24,7 +24,7 @@
xoops_loadLanguage('comment');
if ('system' == $xoopsModule->getVar('dirname')) {
- $com_id = isset($_POST['com_id']) ? intval($_POST['com_id']) : 0;
+ $com_id = isset($_POST['com_id']) ? (int)($_POST['com_id']) : 0;
if (empty($com_id)) {
exit();
}
@@ -38,7 +38,7 @@
$moddir = $module->getVar('dirname');
unset($comment);
} else {
- $com_id = isset($_POST['com_id']) ? intval($_POST['com_id']) : 0;
+ $com_id = isset($_POST['com_id']) ? (int)($_POST['com_id']) : 0;
if (XOOPS_COMMENT_APPROVENONE == $xoopsModuleConfig['com_rule']) {
exit();
}
@@ -137,16 +137,16 @@
}
$com_mode = isset($_POST['com_mode']) ? htmlspecialchars(trim($_POST['com_mode']), ENT_QUOTES) : 'flat';
- $com_order = isset($_POST['com_order']) ? intval($_POST['com_order']) : XOOPS_COMMENT_OLD1ST;
- $com_itemid = isset($_POST['com_itemid']) ? intval($_POST['com_itemid']) : 0;
- $com_pid = isset($_POST['com_pid']) ? intval($_POST['com_pid']) : 0;
- $com_rootid = isset($_POST['com_rootid']) ? intval($_POST['com_rootid']) : 0;
- $com_status = isset($_POST['com_status']) ? intval($_POST['com_status']) : 0;
- $dosmiley = (isset($_POST['dosmiley']) && intval($_POST['dosmiley']) > 0) ? 1 : 0;
- $doxcode = (isset($_POST['doxcode']) && intval($_POST['doxcode']) > 0) ? 1 : 0;
- $dobr = (isset($_POST['dobr']) && intval($_POST['dobr']) > 0) ? 1 : 0;
- $dohtml = (isset($_POST['dohtml']) && intval($_POST['dohtml']) > 0) ? 1 : 0;
- $doimage = (isset($_POST['doimage']) && intval($_POST['doimage']) > 0) ? 1 : 0;
+ $com_order = isset($_POST['com_order']) ? (int)($_POST['com_order']) : XOOPS_COMMENT_OLD1ST;
+ $com_itemid = isset($_POST['com_itemid']) ? (int)($_POST['com_itemid']) : 0;
+ $com_pid = isset($_POST['com_pid']) ? (int)($_POST['com_pid']) : 0;
+ $com_rootid = isset($_POST['com_rootid']) ? (int)($_POST['com_rootid']) : 0;
+ $com_status = isset($_POST['com_status']) ? (int)($_POST['com_status']) : 0;
+ $dosmiley = (isset($_POST['dosmiley']) && (int)($_POST['dosmiley']) > 0) ? 1 : 0;
+ $doxcode = (isset($_POST['doxcode']) && (int)($_POST['doxcode']) > 0) ? 1 : 0;
+ $dobr = (isset($_POST['dobr']) && (int)($_POST['dobr']) > 0) ? 1 : 0;
+ $dohtml = (isset($_POST['dohtml']) && (int)($_POST['dohtml']) > 0) ? 1 : 0;
+ $doimage = (isset($_POST['doimage']) && (int)($_POST['doimage']) > 0) ? 1 : 0;
$com_icon = isset($_POST['com_icon']) ? trim($_POST['com_icon']) : '';
} else {
exit();
@@ -175,7 +175,7 @@
}
}
$p_comment =& $myts->previewTarea($_POST['com_text'], $dohtml, $dosmiley, $doxcode, $doimage, $dobr);
- $noname = isset($noname) ? intval($noname) : 0;
+ $noname = isset($noname) ? (int)($noname) : 0;
$com_text = $myts->htmlSpecialChars($myts->stripSlashesGPC($_POST['com_text']));
if ($xoopsModule->getVar('dirname') != 'system') {
include_once $GLOBALS['xoops']->path('header.php');
@@ -200,6 +200,7 @@
break;
case "post":
+ XoopsLoad::load('XoopsRequest');
$doimage = 1;
$comment_handler =& xoops_gethandler('comment');
// Start add by voltan
@@ -322,10 +323,8 @@
}
$comment->setVar('com_uid', $uid);
}
- $com_title = xoops_trim($_POST['com_title']);
- $com_title = ($com_title == '') ? _NOTITLE : $com_title;
- $comment->setVar('com_title', $com_title);
- $comment->setVar('com_text', $_POST['com_text']);
+ $comment->setVar('com_title', XoopsRequest::getString('com_title', _NOTITLE, 'POST'));
+ $comment->setVar('com_text', XoopsRequest::getString('com_text', '', 'POST'));
$comment->setVar('dohtml', $dohtml);
$comment->setVar('dosmiley', $dosmiley);
$comment->setVar('doxcode', $doxcode);
Modified: XoopsCore/branches/2.5.x/2.5.7.2/htdocs/include/version.php
===================================================================
--- XoopsCore/branches/2.5.x/2.5.7.2/htdocs/include/version.php 2015-12-27 23:59:18 UTC (rev 13193)
+++ XoopsCore/branches/2.5.x/2.5.7.2/htdocs/include/version.php 2016-01-02 01:15:09 UTC (rev 13194)
@@ -30,4 +30,4 @@
/**
* Define XOOPS version
*/
-define('XOOPS_VERSION', 'XOOPS 2.5.7.1');
+define('XOOPS_VERSION', 'XOOPS 2.5.7.2');
Modified: XoopsCore/branches/2.5.x/2.5.7.2/htdocs/modules/system/admin/comments/main.php
===================================================================
--- XoopsCore/branches/2.5.x/2.5.7.2/htdocs/modules/system/admin/comments/main.php 2015-12-27 23:59:18 UTC (rev 13193)
+++ XoopsCore/branches/2.5.x/2.5.7.2/htdocs/modules/system/admin/comments/main.php 2016-01-02 01:15:09 UTC (rev 13194)
@@ -2,7 +2,7 @@
// $Id$
// ------------------------------------------------------------------------ //
// XOOPS - PHP Content Management System //
-// Copyright (c) 2000 XOOPS.org //
+// Copyright (c) 2000-2015 XOOPS Project (www.xoops.org) //
// <http://www.xoops.org/> //
// ------------------------------------------------------------------------ //
// This program is free software; you can redistribute it and/or modify //
@@ -61,9 +61,9 @@
$status_array[0] = _AM_SYSTEM_COMMENTS_FORM_ALL_STATUS;
$comments = array();
-$status = (!isset($_REQUEST['status']) || !in_array(intval($_REQUEST['status']), array_keys($status_array))) ? 0 : intval($_REQUEST['status']);
+$status = (!isset($_REQUEST['status']) || !in_array((int)($_REQUEST['status']), array_keys($status_array))) ? 0 : (int)($_REQUEST['status']);
-$module = !isset($_REQUEST['module']) ? 0 : intval($_REQUEST['module']);
+$module = !isset($_REQUEST['module']) ? 0 : (int)($_REQUEST['module']);
$modules_Handler =& xoops_gethandler('module');
$module_array = $modules_Handler->getList(new Criteria('hascomments', 1));
$module_array[0] = _AM_SYSTEM_COMMENTS_FORM_ALL_MODS;
@@ -166,7 +166,7 @@
if ($mcount > 4000) {
redirect_header('admin.php?fct=comments', 2, _MP_DELETECOUNT);
}
- for ($i = 0; $i < $mcount; $i++) {
+ for ($i = 0; $i < $mcount; ++$i) {
$criteria->add(new Criteria('com_uid', $members[$i]->getVar('uid')), 'OR');
}
}
@@ -175,7 +175,7 @@
if (isset($_POST['commentslist_id'])) {
$commentslist_count = (!empty($_POST['commentslist_id']) && is_array($_POST['commentslist_id'])) ? count($_POST['commentslist_id']) : 0;
if ($commentslist_count > 0) {
- for ($i=0; $i < $commentslist_count; $i++) {
+ for ($i=0; $i < $commentslist_count; ++$i) {
$criteria->add(new Criteria('com_id', $_REQUEST['commentslist_id'][$i]), 'OR');
}
}
@@ -290,10 +290,10 @@
$comments['comments_id'] = $com_id;
$comments['comments_poster'] = $comments_poster_uname;
$comments['comments_icon'] = $comments_icon;
- $comments['comments_title'] = '<a href="admin.php?fct=comments&op=comments_jump&com_id='.$comments_arr[$i]->getVar("com_id").'">'.$comments_arr[$i]->getVar("com_title");
+ $comments['comments_title'] = $myts->htmlSpecialChars($comments_arr[$i]->getVar("com_title"));
$comments['comments_ip'] = $comments_arr[$i]->getVar('com_ip');
$comments['comments_date'] = formatTimeStamp($comments_arr[$i]->getVar('com_created'));
- $comments['comments_text'] = $myts->undoHtmlSpecialChars($comments_arr[$i]->getVar('com_text'));
+ $comments['comments_text'] = $myts->htmlSpecialChars($comments_arr[$i]->getVar('com_text'));
$comments['comments_status'] = @$status_array2[$comments_arr[$i]->getVar('com_status')];
$comments['comments_date_created'] = formatTimestamp($comments_arr[$i]->getVar('com_created'), 'm');
$comments['comments_modid'] = @$module_array[$comments_arr[$i]->getVar('com_modid')];
Modified: XoopsCore/branches/2.5.x/2.5.7.2/htdocs/modules/system/admin/tplsets/jquery.php
===================================================================
--- XoopsCore/branches/2.5.x/2.5.7.2/htdocs/modules/system/admin/tplsets/jquery.php 2015-12-27 23:59:18 UTC (rev 13193)
+++ XoopsCore/branches/2.5.x/2.5.7.2/htdocs/modules/system/admin/tplsets/jquery.php 2016-01-02 01:15:09 UTC (rev 13194)
@@ -10,16 +10,16 @@
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
*
- * @copyright The XOOPS Project http://sourceforge.net/projects/xoops/
+ * @copyright (c) 2000-2015 XOOPS Project (www.xoops.org)
* @license GNU GPL 2 (http://www.gnu.org/licenses/old-licenses/gpl-2.0.html)
* @author Maxime Cointin (AKA Kraven30)
* @package system
* @version $Id$
*/
-include dirname( dirname( dirname( __FILE__ ) ) ) . '/header.php';
+include dirname( dirname(__DIR__) ) . '/header.php';
-// defined("XOOPS_ROOT_PATH") || die("XOOPS root path not defined");
+// defined("XOOPS_ROOT_PATH") || exit("XOOPS root path not defined");
if ( !is_object($xoopsUser) || !is_object($xoopsModule) || !$xoopsUser->isAdmin($xoopsModule->mid()) ) exit( _NOPERM );
@@ -32,14 +32,11 @@
include_once './../../language/english/admin/tplsets.php';
}
-if (isset($_REQUEST["op"])) {
- $op = $_REQUEST["op"];
-} else {
- @$op = "default";
-}
+XoopsLoad::load('XoopsRequest');
$GLOBALS['xoopsLogger']->usePopup = true;
+$op = XoopsRequest::getCmd('op', 'default');
switch ($op) {
// Display tree folder
case "tpls_display_folder":
@@ -84,7 +81,9 @@
break;
// Edit File
case 'tpls_edit_file':
- $path_file = realpath(XOOPS_ROOT_PATH.'/themes'.trim($_REQUEST['path_file']));
+ $clean_file = XoopsRequest::getString('file', '');
+ $clean_path_file = XoopsRequest::getString('path_file', '');
+ $path_file = realpath(XOOPS_ROOT_PATH.'/themes'.trim($clean_path_file));
$path_file = str_replace('\\','/',$path_file);
//Button restore
@@ -103,7 +102,7 @@
if (empty($content)) {
echo _AM_SYSTEM_TEMPLATES_EMPTY_FILE;
}
- $ext = preg_replace('/^.*\./', '', $_REQUEST['path_file']);
+ $ext = preg_replace('/^.*\./', '', $clean_path_file);
echo '<form name="back" action="admin.php?fct=tplsets&op=tpls_save" method="POST">
<table border="0">
@@ -127,7 +126,10 @@
<td><textarea id="code_mirror" name="templates" rows=24 cols=110>'.$content.'</textarea></td>
</tr>
</table>';
- echo '<input type="hidden" name="path_file" value="'.$path_file.'"><input type="hidden" name="file" value="'.trim($_REQUEST['file']).'"><input type="hidden" name="ext" value="'.$ext.'"></form>';
+ XoopsLoad::load('XoopsFormHiddenToken');
+ $xoopsToken = new XoopsFormHiddenToken();
+ echo $xoopsToken->render();
+ echo '<input type="hidden" name="path_file" value="'.$clean_path_file.'"><input type="hidden" name="file" value="'.trim($clean_file).'"><input type="hidden" name="ext" value="'.$ext.'"></form>';
break;
// Restore backup file
Modified: XoopsCore/branches/2.5.x/2.5.7.2/htdocs/modules/system/admin/tplsets/main.php
===================================================================
--- XoopsCore/branches/2.5.x/2.5.7.2/htdocs/modules/system/admin/tplsets/main.php 2015-12-27 23:59:18 UTC (rev 13193)
+++ XoopsCore/branches/2.5.x/2.5.7.2/htdocs/modules/system/admin/tplsets/main.php 2016-01-02 01:15:09 UTC (rev 13194)
@@ -2,7 +2,7 @@
// $Id$
// ------------------------------------------------------------------------ //
// XOOPS - PHP Content Management System //
-// Copyright (c) 2000 XOOPS.org //
+// Copyright (c) 2000-2015 XOOPS Project (www.xoops.org) //
// <http://www.xoops.org/> //
// ------------------------------------------------------------------------ //
// This program is free software; you can redistribute it and/or modify //
@@ -166,7 +166,7 @@
// create template
$templates =& $tpltpl_handler->find($tplsetname, 'module', null, $moddir);
- for ($j=0; $j<count($templates); $j++) {
+ for ($j=0; $j<count($templates); ++$j) {
$filename = $templates[$j]->getVar('tpl_file');
if ($tplsetname == $tplset) {
$physical_file = XOOPS_THEME_PATH.'/'.$_REQUEST['select_theme'].'/modules/'.$moddir.'/'.$filename;
@@ -194,7 +194,7 @@
// create block template
$btemplates =& $tpltpl_handler->find($tplsetname, 'block', null, $moddir);
- for ($k = 0; $k < count($btemplates); $k++) {
+ for ($k = 0; $k < count($btemplates); ++$k) {
$filename = $btemplates[$k]->getVar('tpl_file');
if ($tplsetname == $tplset) {
$physical_file = XOOPS_THEME_PATH.'/'.$_REQUEST['select_theme'].'/modules/'.$moddir.'/blocks/'.$filename;
@@ -251,10 +251,10 @@
$class = "odd";
$text .= '<table cellspacing="1" class="outer"><tr><th colspan="3" align="center">'._AM_SYSTEM_TEMPLATES_MODULES.ucfirst($module->getVar('dirname')).'</th></tr><tr><th align="center">'._AM_SYSTEM_TEMPLATES_TYPES.'</th><th align="center">'._AM_SYSTEM_TEMPLATES_FILES.'</th><th>'._AM_SYSTEM_TEMPLATES_STATUS.'</th></tr>';
$select_templates_modules = $_REQUEST['select_templates_modules'];
- for ($l=0; $l<count($_REQUEST['select_templates_modules']); $l++) {
+ for ($l=0; $l<count($_REQUEST['select_templates_modules']); ++$l) {
// create template
$templates =& $tpltpl_handler->find($tplsetname, 'module', null, $moddir);
- for ($j=0; $j<count($templates); $j++) {
+ for ($j=0; $j<count($templates); ++$j) {
$filename = $templates[$j]->getVar('tpl_file');
if ($tplsetname == $tplset) {
$physical_file = XOOPS_THEME_PATH.'/'.$_REQUEST['select_theme'].'/modules/'.$moddir.'/'.$filename;
@@ -284,7 +284,7 @@
// create block template
$btemplates =& $tpltpl_handler->find($tplsetname, 'block', null, $moddir);
- for ($k = 0; $k < count($btemplates); $k++) {
+ for ($k = 0; $k < count($btemplates); ++$k) {
$filename = $btemplates[$k]->getVar('tpl_file');
if ($tplsetname == $tplset) {
$physical_file = XOOPS_THEME_PATH.'/'.$_REQUEST['select_theme'].'/modules/'.$moddir.'/blocks/'.$filename;
@@ -352,11 +352,23 @@
// save
case 'tpls_save':
- $path_file = $_REQUEST['path_file'];
- if (isset($path_file)) {
+ if (!$GLOBALS['xoopsSecurity']->check()) {
+ redirect_header('admin.php?fct=tplsets', 2, implode('<br />', $GLOBALS['xoopsSecurity']->getErrors()));
+ exit();
+ }
+ XoopsLoad::load('XoopsRequest');
+ $clean_path_file = XoopsRequest::getString('path_file', '');
+ if (!empty($clean_path_file)) {
+ $path_file = realpath(XOOPS_ROOT_PATH.'/themes'.trim($clean_path_file));
+ $path_file = str_replace('\\','/',$path_file);
+ $pathInfo = pathinfo($path_file);
+ if (!in_array($pathInfo['extension'], array('css', 'html', 'tpl'))) {
+ redirect_header("admin.php?fct=tplsets", 2, _AM_SYSTEM_TEMPLATES_ERROR);
+ exit;
+ }
// copy file
- $copy_file = $path_file;
- copy($copy_file, $path_file.'.back');
+ $copy_file = $path_file . '.back';
+ copy($path_file, $copy_file);
// Save modif
if (isset($_REQUEST['templates'])) {
$open = fopen("".$path_file."","w+");
Modified: XoopsCore/branches/2.5.x/2.5.7.2/htdocs/modules/system/admin/users/main.php
===================================================================
--- XoopsCore/branches/2.5.x/2.5.7.2/htdocs/modules/system/admin/users/main.php 2015-12-27 23:59:18 UTC (rev 13193)
+++ XoopsCore/branches/2.5.x/2.5.7.2/htdocs/modules/system/admin/users/main.php 2016-01-02 01:15:09 UTC (rev 13194)
@@ -2,7 +2,7 @@
// $Id$
// ------------------------------------------------------------------------ //
// XOOPS - PHP Content Management System //
-// Copyright (c) 2000 XOOPS.org //
+// Copyright (c) 2000-2015 XOOPS Project (www.xoops.org) //
// <http://www.xoops.org/> //
// ------------------------------------------------------------------------ //
// This program is free software; you can redistribute it and/or modify //
@@ -108,7 +108,7 @@
$xoBreadCrumb->render();
$error = '';
foreach ($_REQUEST['memberslist_id'] as $del) {
- $del = intval($del);
+ $del = (int)($del);
$user =& $member_handler->getUser($del);
$groups = $user->getGroups();
if (in_array(XOOPS_GROUP_ADMIN, $groups)) {
@@ -273,7 +273,7 @@
} else {
$groups_failed = array();
foreach ($_REQUEST['groups'] as $group) {
- $group = intval($group);
+ $group = (int)($group);
if (!$member_handler->addUserToGroup($group, $newuser->getVar('uid'))) {
$groups_failed[] = $group;
}
@@ -435,8 +435,8 @@
$form->addElement($op_hidden);
// if this is to find users for a specific group
- if ( !empty($_GET['group']) && intval($_GET['group']) > 0 ) {
- $group_hidden = new XoopsFormHidden("group", intval($_GET['group']));
+ if ( !empty($_GET['group']) && (int)($_GET['group']) > 0 ) {
+ $group_hidden = new XoopsFormHidden("group", (int)($_GET['group']));
$form->addElement($group_hidden);
}
$form->addElement($submit_button);
@@ -453,7 +453,7 @@
$criteria = new CriteriaCompo();
if ( !empty($_REQUEST['user_uname']) ) {
- $match = (!empty($_REQUEST['user_uname_match'])) ? intval($_REQUEST['user_uname_match']) : XOOPS_MATCH_START;
+ $match = (!empty($_REQUEST['user_uname_match'])) ? (int)($_REQUEST['user_uname_match']) : XOOPS_MATCH_START;
switch ($match) {
case XOOPS_MATCH_START:
$criteria->add(new Criteria('uname', $myts->addSlashes(trim($_REQUEST['user_uname'])).'%', 'LIKE'));
@@ -472,7 +472,7 @@
$requete_search .= 'uname : '.$_REQUEST['user_uname'].' et user_uname_match='.$_REQUEST['user_uname_match'].'<br />';
}
if ( !empty($_REQUEST['user_name']) ) {
- $match = (!empty($_REQUEST['user_name_match'])) ? intval($_REQUEST['user_name_match']) : XOOPS_MATCH_START;
+ $match = (!empty($_REQUEST['user_name_match'])) ? (int)($_REQUEST['user_name_match']) : XOOPS_MATCH_START;
switch ($match) {
case XOOPS_MATCH_START:
$criteria->add(new Criteria('name', $myts->addSlashes(trim($_REQUEST['user_name'])).'%', 'LIKE'));
@@ -491,7 +491,7 @@
$requete_search .= 'name : '.$_REQUEST['user_name'].' et user_name_match='.$_REQUEST['user_name_match'].'<br />';
}
if ( !empty($_REQUEST['user_email']) ) {
- $match = (!empty($_REQUEST['user_email_match'])) ? intval($_REQUEST['user_email_match']) : XOOPS_MATCH_START;
+ $match = (!empty($_REQUEST['user_email_match'])) ? (int)($_REQUEST['user_email_match']) : XOOPS_MATCH_START;
switch ($match) {
case XOOPS_MATCH_START:
$criteria->add(new Criteria('email', $myts->addSlashes(trim($_REQUEST['user_email'])).'%', 'LIKE'));
@@ -516,7 +516,7 @@
$requete_search .= 'url : '.$_REQUEST['user_url'].'<br />';
}
if ( !empty($_REQUEST['user_icq']) ) {
- $match = (!empty($_REQUEST['user_icq_match'])) ? intval($_REQUEST['user_icq_match']) : XOOPS_MATCH_START;
+ $match = (!empty($_REQUEST['user_icq_match'])) ? (int)($_REQUEST['user_icq_match']) : XOOPS_MATCH_START;
switch ($match) {
case XOOPS_MATCH_START:
$criteria->add(new Criteria('user_icq', $myts->addSlashes(trim($_REQUEST['user_icq'])).'%', 'LIKE'));
@@ -535,7 +535,7 @@
$requete_search .= 'icq : '.$_REQUEST['user_icq'].' et user_icq_match='.$_REQUEST['user_icq_match'].'<br />';
}
if ( !empty($_REQUEST['user_aim']) ) {
- $match = (!empty($_REQUEST['user_aim_match'])) ? intval($_REQUEST['user_aim_match']) : XOOPS_MATCH_START;
+ $match = (!empty($_REQUEST['user_aim_match'])) ? (int)($_REQUEST['user_aim_match']) : XOOPS_MATCH_START;
switch ($match) {
case XOOPS_MATCH_START:
$criteria->add(new Criteria('user_aim', $myts->addSlashes(trim($_REQUEST['user_aim'])).'%', 'LIKE'));
@@ -554,7 +554,7 @@
$requete_search .= 'aim : '.$_REQUEST['user_aim'].' et user_aim_match='.$_REQUEST['user_aim_match'].'<br />';
}
if ( !empty($_REQUEST['user_yim']) ) {
- $match = (!empty($_REQUEST['user_yim_match'])) ? intval($_REQUEST['user_yim_match']) : XOOPS_MATCH_START;
+ $match = (!empty($_REQUEST['user_yim_match'])) ? (int)($_REQUEST['user_yim_match']) : XOOPS_MATCH_START;
switch ($match) {
case XOOPS_MATCH_START:
$criteria->add(new Criteria('user_yim', $myts->addSlashes(trim($_REQUEST['user_yim'])).'%', 'LIKE'));
@@ -573,7 +573,7 @@
$requete_search .= 'yim : '.$_REQUEST['user_yim'].' et user_yim_match='.$_REQUEST['user_yim_match'].'<br />';
}
if ( !empty($_REQUEST['user_msnm']) ) {
- $match = (!empty($_REQUEST['user_msnm_match'])) ? intval($_REQUEST['user_msnm_match']) : XOOPS_MATCH_START;
+ $match = (!empty($_REQUEST['user_msnm_match'])) ? (int)($_REQUEST['user_msnm_match']) : XOOPS_MATCH_START;
switch ($match) {
case XOOPS_MATCH_START:
$criteria->add(new Criteria('user_msnm', $myts->addSlashes(trim($_REQUEST['user_msnm'])).'%', 'LIKE'));
@@ -611,7 +611,7 @@
}
if ( !empty($_REQUEST['user_lastlog_more']) && is_numeric($_REQUEST['user_lastlog_more']) ) {
- $f_user_lastlog_more = intval(trim($_REQUEST['user_lastlog_more']));
+ $f_user_lastlog_more = (int)(trim($_REQUEST['user_lastlog_more']));
$time = time() - (60 * 60 * 24 * $f_user_lastlog_more);
if ($time > 0) {
$criteria->add(new Criteria('last_login', $time, '<'));
@@ -621,7 +621,7 @@
}
if ( !empty($_REQUEST['user_lastlog_less']) && is_numeric($_REQUEST['user_lastlog_less']) ) {
- $f_user_lastlog_less = intval(trim($_REQUEST['user_lastlog_less']));
+ $f_user_lastlog_less = (int)(trim($_REQUEST['user_lastlog_less']));
$time = time() - (60 * 60 * 24 * $f_user_lastlog_less);
if ($time > 0) {
$criteria->add(new Criteria('last_login', $time, '>'));
@@ -631,7 +631,7 @@
}
if ( !empty($_REQUEST['user_reg_more']) && is_numeric($_REQUEST['user_reg_more']) ) {
- $f_user_reg_more = intval(trim($_REQUEST['user_reg_more']));
+ $f_user_reg_more = (int)(trim($_REQUEST['user_reg_more']));
$time = time() - (60 * 60 * 24 * $f_user_reg_more);
if ($time > 0) {
$criteria->add(new Criteria('user_regdate', $time, '<'));
@@ -641,7 +641,7 @@
}
if ( !empty($_REQUEST['user_reg_less']) && is_numeric($_REQUEST['user_reg_less']) ) {
- $f_user_reg_less = intval($_REQUEST['user_reg_less']);
+ $f_user_reg_less = (int)($_REQUEST['user_reg_less']);
$time = time() - (60 * 60 * 24 * $f_user_reg_less);
if ($time > 0) {
$criteria->add(new Criteria('user_regdate', $time, '>'));
@@ -651,13 +651,13 @@
}
if ( !empty($_REQUEST['user_posts_more']) && is_numeric($_REQUEST['user_posts_more']) ) {
- $criteria->add(new Criteria('posts', intval($_REQUEST['user_posts_more']), '>'));
+ $criteria->add(new Criteria('posts', (int)($_REQUEST['user_posts_more']), '>'));
$requete_pagenav .= '&user_posts_more='. htmlspecialchars($_REQUEST["user_posts_more"]);
$requete_search .= 'posts plus de : '.$_REQUEST['user_posts_more'].'<br />';
}
if ( !empty($_REQUEST['user_posts_less']) && is_numeric($_REQUEST['user_posts_less']) ) {
- $criteria->add(new Criteria('posts', intval($_REQUEST['user_posts_less']), '<'));
+ $criteria->add(new Criteria('posts', (int)($_REQUEST['user_posts_less']), '<'));
$requete_pagenav .= '&user_posts_less='. htmlspecialchars($_REQUEST["user_posts_less"]);
$requete_search .= 'post moins de : '.$_REQUEST['user_posts_less'].'<br />';
}
@@ -723,12 +723,12 @@
$requete_search .= 'limit : '.$user_limit.'<br />';
}
- $start = (!empty($_REQUEST['start'])) ? intval($_REQUEST['start']) : 0;
+ $start = (!empty($_REQUEST['start'])) ? (int)($_REQUEST['start']) : 0;
if ( isset($_REQUEST['selgroups']) ) {
if ($_REQUEST['selgroups'] != 0) {
if ( count($_REQUEST['selgroups']) == 1 ) {
- $groups = array( 0 => $_REQUEST['selgroups']);
+ $groups = array( 0 => (int) $_REQUEST['selgroups']);
} else {
$groups = array_map("intval", $_REQUEST['selgroups']);
}
@@ -759,7 +759,6 @@
$xoopsTpl->assign( 'users_count', $users_count );
$xoopsTpl->assign( 'users_display', true );
- $xoopsTpl->assign( 'php_selft', $_SERVER['PHP_SELF'] );
//User limit
//$user_limit = (!isset($_REQUEST['user_limit'])) ? 20 : $_REQUEST['user_limit'];
Modified: XoopsCore/branches/2.5.x/2.5.7.2/htdocs/modules/system/templates/admin/system_comments.html
===================================================================
--- XoopsCore/branches/2.5.x/2.5.7.2/htdocs/modules/system/templates/admin/system_comments.html 2015-12-27 23:59:18 UTC (rev 13193)
+++ XoopsCore/branches/2.5.x/2.5.7.2/htdocs/modules/system/templates/admin/system_comments.html 2016-01-02 01:15:09 UTC (rev 13194)
@@ -31,7 +31,7 @@
<tbody>
<{foreach item=comments from=$comments}>
<tr class="<{cycle values='even,odd'}> alignmiddle">
- <td class="txtcenter"><input type='checkbox' name='commentslist_id[]' id='commentslist_id[]' value='<{$comments.comments_id}>'/></td>
+ <td class="txtcenter"><input type='checkbox' name='commentslist_id[]' id='commentslist_id[]' value='<{$comments.comments_id}>'/></td>
<td class="txtcenter"><{$comments.comments_icon}></td>
<td><{$comments.comments_title}></td>
<td class="txtcenter"><{$comments.comments_poster}></td>
@@ -59,7 +59,7 @@
</table>
<{foreach item=comments from=$comments_popup}>
<!--Pop-pup-->
-<div id='dialog<{$comments.comments_id}>' title='<{$comments.comments_icon}> <{$comments.comments_title}>' style='display:none;'>
+<div id='dialog<{$comments.comments_id}>' title='<{$comments.comments_title}>' style='display:none;'>
<img src="<{xoAdminIcons comment.png}>" alt="comments" title="comments" class="xo-commentsimg" />
<p><{$comments.comments_text}></p>
</div>
Modified: XoopsCore/branches/2.5.x/2.5.7.2/htdocs/modules/system/templates/admin/system_users.html
===================================================================
--- XoopsCore/branches/2.5.x/2.5.7.2/htdocs/modules/system/templates/admin/system_users.html 2015-12-27 23:59:18 UTC (rev 13193)
+++ XoopsCore/branches/2.5.x/2.5.7.2/htdocs/modules/system/templates/admin/system_users.html 2016-01-02 01:15:09 UTC (rev 13194)
@@ -1,140 +1,140 @@
-<{includeq file="db:system_header.html"}>
-
-<{if $users_display == true}>
-<!--Display form sort-->
-<div class="xo-headercontent">
- <div class="floatleft"><{$form_sort}></div>
- <div class="floatright">
- <div class="xo-buttons">
- <a class="ui-corner-all tooltip" href="admin.php?fct=users&op=users_synchronize&status=2" title="<{$smarty.const._AM_SYSTEM_USERS_SYNCHRONIZE}>">
- <img src="<{xoAdminIcons reload.png}>" alt="<{$smarty.const._AM_SYSTEM_USERS_SYNCHRONIZE}>" />
- <{$smarty.const._AM_SYSTEM_USERS_SYNCHRONIZE}>
- </a>
- <a class="ui-corner-all tooltip" href="admin.php?fct=users&op=users_add" title="<{$smarty.const._AM_SYSTEM_USERS_ADDUSER}>">
- <img src="<{xoAdminIcons user_add.png}>" alt="<{$smarty.const._AM_SYSTEM_USERS_ADDUSER}>" />
- <{$smarty.const._AM_SYSTEM_USERS_ADDUSER}>
- </a>
- </div>
- </div>
-</div>
-<div class="clear"> </div>
- <table id="xo-users-sorter" cellspacing="1" class="outer tablesorter">
- <thead>
- <tr>
- <th class="txtcenter width3"><input name='allbox' id='allbox' onclick='xoopsCheckAll("memberslist", "allbox");' type='checkbox' value='Check All' /></th>
- <th class="txtcenter width5"><{$smarty.const._AM_SYSTEM_USERS_STATUS}></th>
- <th class="txtcenter"><{$smarty.const._AM_SYSTEM_USERS_UNAME}></th>
- <th class="txtcenter"><{$smarty.const._AM_SYSTEM_USERS_EMAIL}></th>
- <th class="txtcenter"><{$smarty.const._AM_SYSTEM_USERS_REG_DATE}></th>
- <th class="txtcenter"><{$smarty.const._AM_SYSTEM_USERS_LAST_LOGIN}></th>
- <th class="txtcenter"><{$smarty.const._AM_SYSTEM_USERS_POSTS}></th>
- <th class="txtcenter" width='11%'><{$smarty.const._AM_SYSTEM_USERS_ACTION}></th>
- </tr>
- </thead>
- <!--Display data-->
- <{if $users_count == true}>
- <form name='memberslist' id='memberslist' action='<{$php_selft}>' method='POST'>
- <tbody>
- <{foreach item=users from=$users}>
- <tr class="<{cycle values='even,odd'}> alignmiddle">
- <td class="txtcenter"><{if $users.checkbox_user}><input type='checkbox' name='memberslist_id[]' id='memberslist_id[]' value='<{$users.uid}>' /><{/if}></td>
- <td class="txtcenter"><img class="xo-imgmini" src="<{$users.group}>" alt="" /></td>
- <td class="txtcenter"><a title="<{$users.uname}>" href="<{$xoops_url}>/userinfo.php?uid=<{$users.uid}>" ><{$users.uname}></a></td>
- <td class="txtcenter"><{$users.email}></td>
- <td class="txtcenter"><{$users.reg_date}></td>
- <td class="txtcenter"><{$users.last_login}></td>
- <td class="txtcenter"><div id="display_post_<{$users.uid}>"><{$users.posts}></div><div id='loading_<{$users.uid}>' class="txtcenter" style="display:none;"><img src="./images/mimetypes/spinner.gif" title="Loading" alt="Loading" width="12px"/></div></td>
- <td class="xo-actions txtcenter">
- <{if $users.user_level > 0}>
- <img class="tooltip" onclick="display_post('<{$users.uid}>');" src="<{xoAdminIcons reload.png}>" alt="<{$smarty.const._AM_SYSTEM_USERS_SYNCHRONIZE}>" title="<{$smarty.const._AM_SYSTEM_USERS_SYNCHRONIZE}>" />
- <img class="tooltip" onclick="display_dialog('<{$users.uid}>', true, true, 'slide', 'slide', 300, 400);" src="<{xoAdminIcons display.png}>" alt="<{$smarty.const._AM_SYSTEM_USERS_VIEW}>" title="<{$smarty.const._AM_SYSTEM_USERS_VIEW}>" />
- <a class="tooltip" href="admin.php?fct=users&op=users_edit&uid=<{$users.uid}>" title="<{$smarty.const._AM_SYSTEM_USERS_EDIT}>">
- <img src="<{xoAdminIcons user_edit.png}>" alt="<{$smarty.const._AM_SYSTEM_USERS_EDIT}>" />
- </a>
- <a class="tooltip" href="admin.php?fct=users&op=users_delete&uid=<{$users.uid}>" title="<{$smarty.const._AM_SYSTEM_USERS_DEL}>">
- <img src="<{xoAdminIcons user_delete.png}>" alt="<{$smarty.const._AM_SYSTEM_USERS_DEL}>" />
- </a>
- <{else}>
- <a class="tooltip" href="admin.php?fct=users&op=users_active&uid=<{$users.uid}>" title="<{$smarty.const._AM_SYSTEM_USERS_ACTIVE}>">
- <img src="<{xoAdminIcons xoops/active_user.png}>" alt="<{$smarty.const._AM_SYSTEM_USERS_ACTIVE}>" />
- </a>
- <img class="tooltip" onclick="display_dialog('<{$users.uid}>', true, true, 'slide', 'slide', 300, 400);" src="<{xoAdminIcons display.png}>" alt="<{$smarty.const._AM_SYSTEM_USERS_VIEW}>" title="<{$smarty.const._AM_SYSTEM_USERS_VIEW}>" />
- <a class="tooltip" href="admin.php?fct=users&op=users_edit&uid=<{$users.uid}>" title="<{$smarty.const._AM_SYSTEM_USERS_EDIT}>">
- <img src="<{xoAdminIcons user_edit.png}>" alt="<{$smarty.const._AM_SYSTEM_USERS_EDIT}>" />
- </a>
- <a class="tooltip" href="admin.php?fct=users&op=users_delete&uid=<{$users.uid}>" title="<{$smarty.const._AM_SYSTEM_USERS_DEL}>">
- <img src="<{xoAdminIcons user_delete.png}>" alt="<{$smarty.const._AM_SYSTEM_USERS_DEL}>" />
- </a>
- <{/if}>
- </td>
- </tr>
- <{/foreach}>
- </tbody>
- <tr>
- <td class='txtleft' colspan='6'>
- <select name='fct' onChange='changeDisplay (this.value, "groups", "edit_group")'>
- <option value=''>---------</option>
- <option value='mailusers'><{$smarty.const._AM_SYSTEM_USERS_SENDMAIL}></option>
- <option value='groups'><{$smarty.const._AM_SYSTEM_USERS_EDIT_GROUPS}></option>
- <option value='users'><{$smarty.const._AM_SYSTEM_USERS_DELETE}></option>
- </select>
- <select name='edit_group' id='edit_group' onChange='changeDisplay (this.value, this.value, "selgroups")' style="display:none;">
- <option value=''>---------</option>
- <option value='add_group'><{$smarty.const._AM_SYSTEM_USERS_ADD_GROUPS}></option>
- <option value='delete_group'><{$smarty.const._AM_SYSTEM_USERS_DELETE_GROUPS}></option>
- </select>
- <{$form_select_groups}>
- <input type="hidden" name="op" value="action_group">
- <input type='submit' name='Submit' />
- </td>
- </tr>
- </form>
- <{/if}>
- <!--No found-->
- <{if $users_no_found == true}>
- <tr class="<{cycle values='even,odd'}> alignmiddle">
- <td colspan='8' class="txtcenter"><{$smarty.const._AM_SYSTEM_USERS_NO_FOUND}></td>
- </tr>
- <{/if}>
- </table>
- <!--Pop-pup-->
- <{if $users_count == true}>
- <{foreach item=users from=$users_popup}>
- <div id="dialog<{$users.uid}>" title="<{$users.uname}>" style='display:none;'>
- <table>
- <tr>
- <td class="txtcenter">
- <img src="<{$users.user_avatar}>" alt="<{$users.uname}>" title="<{$users.uname}>" />
- </td>
- <td class="txtcenter">
- <a href='mailto:<{$users.email}>'><img src="<{xoAdminIcons mail_send.png}>" alt="" title=<{$smarty.const._AM_SYSTEM_USERS_EMAIL}> /></a>
- <a href='javascript:openWithSelfMain("<{$xoops_url}>/pmlite.php?send2=1&to_userid=<{$users.uid}>","pmlite",450,370);'><img src="<{xoAdminIcons pm.png}>" alt="" title=<{$smarty.const._AM_SYSTEM_USERS_PM}> /></a>
- <a href='<{$users.url}>' rel='external'><img src="<{xoAdminIcons url.png}>" alt="" title=<{$smarty.const._AM_SYSTEM_USERS_URL}> ></a>
- </td>
- </tr>
- <tr>
- <td colspan="2">
- <ul style="border: 1px solid #666; padding: 8px;">
- <{if $users.user_name}><li><span class="bold"><{$smarty.const._AM_SYSTEM_USERS_NAME}></span> : <{$users.name}></li><{/if}>
- <li><span class="bold"><{$smarty.const._AM_SYSTEM_USERS_UNAME}></span> : <{$users.uname}></li>
- <li><span class="bold"><{$smarty.const._AM_SYSTEM_USERS_EMAIL}></span> : <{$users.email}></li>
- <{if $users.user_url}><li><span class="bold"><{$smarty.const._AM_SYSTEM_USERS_URL}></span> : <{$users.url}> </li><{/if}>
- <{if $users.user_icq}><li><span class="bold"><{$smarty.const._AM_SYSTEM_USERS_ICQ}></span> : <{$users.user_icq}></li><{/if}>
- <{if $users.user_aim}><li><span class="bold"><{$smarty.const._AM_SYSTEM_USERS_AIM}></span> : <{$users.user_aim}></li><{/if}>
- <{if $users.user_yim}><li><span class="bold"><{$smarty.const._AM_SYSTEM_USERS_YIM}></span> : <{$users.user_yim}></li><{/if}>
- <{if $users.user_msnm}><li><span class="bold"><{$smarty.const._AM_SYSTEM_USERS_MSNM}></span> : <{$users.user_msnm}> </li><{/if}>
- </ul>
- </td>
- </tr>
- </table>
- </div>
- <{/foreach}>
- <{/if}>
- <!--Pop-pup-->
- <div class='txtright'><{$nav}></div>
-<{/if}>
-<br />
-<!-- Display Avatar form (add,edit) -->
-<{if $form}>
-<div class="spacer"><{$form}></div>
-<{/if}>
\ No newline at end of file
+<{includeq file="db:system_header.html"}>
+
+<{if $users_display == true}>
+<!--Display form sort-->
+<div class="xo-headercontent">
+ <div class="floatleft"><{$form_sort}></div>
+ <div class="floatright">
+ <div class="xo-buttons">
+ <a class="ui-corner-all tooltip" href="admin.php?fct=users&op=users_synchronize&status=2" title="<{$smarty.const._AM_SYSTEM_USERS_SYNCHRONIZE}>">
+ <img src="<{xoAdminIcons reload.png}>" alt="<{$smarty.const._AM_SYSTEM_USERS_SYNCHRONIZE}>" />
+ <{$smarty.const._AM_SYSTEM_USERS_SYNCHRONIZE}>
+ </a>
+ <a class="ui-corner-all tooltip" href="admin.php?fct=users&op=users_add" title="<{$smarty.const._AM_SYSTEM_USERS_ADDUSER}>">
+ <img src="<{xoAdminIcons user_add.png}>" alt="<{$smarty.const._AM_SYSTEM_USERS_ADDUSER}>" />
+ <{$smarty.const._AM_SYSTEM_USERS_ADDUSER}>
+ </a>
+ </div>
+ </div>
+</div>
+<div class="clear"> </div>
+ <table id="xo-users-sorter" cellspacing="1" class="outer tablesorter">
+ <thead>
+ <tr>
+ <th class="txtcenter width3"><input name='allbox' id='allbox' onclick='xoopsCheckAll("memberslist", "allbox");' type='checkbox' value='Check All' /></th>
+ <th class="txtcenter width5"><{$smarty.const._AM_SYSTEM_USERS_STATUS}></th>
+ <th class="txtcenter"><{$smarty.const._AM_SYSTEM_USERS_UNAME}></th>
+ <th class="txtcenter"><{$smarty.const._AM_SYSTEM_USERS_EMAIL}></th>
+ <th class="txtcenter"><{$smarty.const._AM_SYSTEM_USERS_REG_DATE}></th>
+ <th class="txtcenter"><{$smarty.const._AM_SYSTEM_USERS_LAST_LOGIN}></th>
+ <th class="txtcenter"><{$smarty.const._AM_SYSTEM_USERS_POSTS}></th>
+ <th class="txtcenter" width='11%'><{$smarty.const._AM_SYSTEM_USERS_ACTION}></th>
+ </tr>
+ </thead>
+ <!--Display data-->
+ <{if $users_count == true}>
+ <form name='memberslist' id='memberslist' action='<{xoAppUrl modules/system/admin.php?fct=users}>' method='POST'>
+ <tbody>
+ <{foreach item=users from=$users}>
+ <tr class="<{cycle values='even,odd'}> alignmiddle">
+ <td class="txtcenter"><{if $users.checkbox_user}><input type='checkbox' name='memberslist_id[]' id='memberslist_id[]' value='<{$users.uid}>' /><{/if}></td>
+ <td class="txtcenter"><img class="xo-imgmini" src="<{$users.group}>" alt="" /></td>
+ <td class="txtcenter"><a title="<{$users.uname}>" href="<{$xoops_url}>/userinfo.php?uid=<{$users.uid}>" ><{$users.uname}></a></td>
+ <td class="txtcenter"><{$users.email}></td>
+ <td class="txtcenter"><{$users.reg_date}></td>
+ <td class="txtcenter"><{$users.last_login}></td>
+ <td class="txtcenter"><div id="display_post_<{$users.uid}>"><{$users.posts}></div><div id='loading_<{$users.uid}>' class="txtcenter" style="display:none;"><img src="./images/mimetypes/spinner.gif" title="Loading" alt="Loading" width="12px"/></div></td>
+ <td class="xo-actions txtcenter">
+ <{if $users.user_level > 0}>
+ <img class="tooltip" onclick="display_post('<{$users.uid}>');" src="<{xoAdminIcons reload.png}>" alt="<{$smarty.const._AM_SYSTEM_USERS_SYNCHRONIZE}>" title="<{$smarty.const._AM_SYSTEM_USERS_SYNCHRONIZE}>" />
+ <img class="tooltip" onclick="display_dialog('<{$users.uid}>', true, true, 'slide', 'slide', 300, 400);" src="<{xoAdminIcons display.png}>" alt="<{$smarty.const._AM_SYSTEM_USERS_VIEW}>" title="<{$smarty.const._AM_SYSTEM_USERS_VIEW}>" />
+ <a class="tooltip" href="admin.php?fct=users&op=users_edit&uid=<{$users.uid}>" title="<{$smarty.const._AM_SYSTEM_USERS_EDIT}>">
+ <img src="<{xoAdminIcons user_edit.png}>" alt="<{$smarty.const._AM_SYSTEM_USERS_EDIT}>" />
+ </a>
+ <a class="tooltip" href="admin.php?fct=users&op=users_delete&uid=<{$users.uid}>" title="<{$smarty.const._AM_SYSTEM_USERS_DEL}>">
+ <img src="<{xoAdminIcons user_delete.png}>" alt="<{$smarty.const._AM_SYSTEM_USERS_DEL}>" />
+ </a>
+ <{else}>
+ <a class="tooltip" href="admin.php?fct=users&op=users_active&uid=<{$users.uid}>" title="<{$smarty.const._AM_SYSTEM_USERS_ACTIVE}>">
+ <img src="<{xoAdminIcons xoops/active_user.png}>" alt="<{$smarty.const._AM_SYSTEM_USERS_ACTIVE}>" />
+ </a>
+ <img class="tooltip" onclick="display_dialog('<{$users.uid}>', true, true, 'slide', 'slide', 300, 400);" src="<{xoAdminIcons display.png}>" alt="<{$smarty.const._AM_SYSTEM_USERS_VIEW}>" title="<{$smarty.const._AM_SYSTEM_USERS_VIEW}>" />
+ <a class="tooltip" href="admin.php?fct=users&op=users_edit&uid=<{$users.uid}>" title="<{$smarty.const._AM_SYSTEM_USERS_EDIT}>">
+ <img src="<{xoAdminIcons user_edit.png}>" alt="<{$smarty.const._AM_SYSTEM_USERS_EDIT}>" />
+ </a>
+ <a class="tooltip" href="admin.php?fct=users&op=users_delete&uid=<{$users.uid}>" title="<{$smarty.const._AM_SYSTEM_USERS_DEL}>">
+ <img src="<{xoAdminIcons user_delete.png}>" alt="<{$smarty.const._AM_SYSTEM_USERS_DEL}>" />
+ </a>
+ <{/if}>
+ </td>
+ </tr>
+ <{/foreach}>
+ </tbody>
+ <tr>
+ <td class='txtleft' colspan='6'>
+ <select name='fct' onChange='changeDisplay (this.value, "groups", "edit_group")'>
+ <option value=''>---------</option>
+ <option value='mailusers'><{$smarty.const._AM_SYSTEM_USERS_SENDMAIL}></option>
+ <option value='groups'><{$smarty.const._AM_SYSTEM_USERS_EDIT_GROUPS}></option>
+ <option value='users'><{$smarty.const._AM_SYSTEM_USERS_DELETE}></option>
+ </select>
+ <select name='edit_group' id='edit_group' onChange='changeDisplay (this.value, this.value, "selgroups")' style="display:none;">
+ <option value=''>---------</option>
+ <option value='add_group'><{$smarty.const._AM_SYSTEM_USERS_ADD_GROUPS}></option>
+ <option value='delete_group'><{$smarty.const._AM_SYSTEM_USERS_DELETE_GROUPS}></option>
+ </select>
+ <{$form_select_groups}>
+ <input type="hidden" name="op" value="action_group">
+ <input type='submit' name='Submit' />
+ </td>
+ </tr>
+ </form>
+ <{/if}>
+ <!--No found-->
+ <{if $users_no_found == true}>
+ <tr class="<{cycle values='even,odd'}> alignmiddle">
+ <td colspan='8' class="txtcenter"><{$smarty.const._AM_SYSTEM_USERS_NO_FOUND}></td>
+ </tr>
+ <{/if}>
+ </table>
+ <!--Pop-pup-->
+ <{if $users_count == true}>
+ <{foreach item=users from=$users_popup}>
+ <div id="dialog<{$users.uid}>" title="<{$users.uname}>" style='display:none;'>
+ <table>
+ <tr>
+ <td class="txtcenter">
+ <img src="<{$users.user_avatar}>" alt="<{$users.uname}>" title="<{$users.uname}>" />
+ </td>
+ <td class="txtcenter">
+ <a href='mailto:<{$users.email}>'><img src="<{xoAdminIcons mail_send.png}>" alt="" title=<{$smarty.const._AM_SYSTEM_USERS_EMAIL}> /></a>
+ <a href='javascript:openWithSelfMain("<{$xoops_url}>/pmlite.php?send2=1&to_userid=<{$users.uid}>","pmlite",450,370);'><img src="<{xoAdminIcons pm.png}>" alt="" title=<{$smarty.const._AM_SYSTEM_USERS_PM}> /></a>
+ <a href='<{$users.url}>' rel='external'><img src="<{xoAdminIcons url.png}>" alt="" title=<{$smarty.const._AM_SYSTEM_USERS_URL}> ></a>
+ </td>
+ </tr>
+ <tr>
+ <td colspan="2">
+ <ul style="border: 1px solid #666; padding: 8px;">
+ <{if $users.user_name}><li><span class="bold"><{$smarty.const._AM_SYSTEM_USERS_NAME}></span> : <{$users.name}></li><{/if}>
+ <li><span class="bold"><{$smarty.const._AM_SYSTEM_USERS_UNAME}></span> : <{$users.uname}></li>
+ <li><span class="bold"><{$smarty.const._AM_SYSTEM_USERS_EMAIL}></span> : <{$users.email}></li>
+ <{if $users.user_url}><li><span class="bold"><{$smarty.const._AM_SYSTEM_USERS_URL}></span> : <{$users.url}> </li><{/if}>
+ <{if $users.user_icq}><li><span class="bold"><{$smarty.const._AM_SYSTEM_USERS_ICQ}></span> : <{$users.user_icq}></li><{/if}>
+ <{if $users.user_aim}><li><span class="bold"><{$smarty.const._AM_SYSTEM_USERS_AIM}></span> : <{$users.user_aim}></li><{/if}>
+ <{if $users.user_yim}><li><span class="bold"><{$smarty.const._AM_SYSTEM_USERS_YIM}></span> : <{$users.user_yim}></li><{/if}>
+ <{if $users.user_msnm}><li><span class="bold"><{$smarty.const._AM_SYSTEM_USERS_MSNM}></span> : <{$users.user_msnm}> </li><{/if}>
+ </ul>
+ </td>
+ </tr>
+ </table>
+ </div>
+ <{/foreach}>
+ <{/if}>
+ <!--Pop-pup-->
+ <div class='txtright'><{$nav}></div>
+<{/if}>
+<br />
+<!-- Display Avatar form (add,edit) -->
+<{if $form}>
+<div class="spacer"><{$form}></div>
+<{/if}>
Modified: XoopsCore/branches/2.5.x/2.5.7.2/release_notes.txt
===================================================================
--- XoopsCore/branches/2.5.x/2.5.7.2/release_notes.txt 2015-12-27 23:59:18 UTC (rev 13193)
+++ XoopsCore/branches/2.5.x/2.5.7.2/release_notes.txt 2016-01-02 01:15:09 UTC (rev 13194)
@@ -1,122 +1,122 @@
-XOOPS 2.5.7.1 Final
-
-The XOOPS Development Team is pleased to announce the release of XOOPS 2.5.7.1 Final.
-
-This version is XOOPS 2.5.7 updated with a Nov. 24 Patch that included security enhancement and bug fixes.
-
-See the Changelog for more details.
-
-System requirements
------------------------------------
-
-PHP:
-Any PHP version >= 5.3.7 (PHP 5.4+ is strongly recommended)
-
-MySQL:
-MySQL server 5.0+
-
-Web server:
-Any server supporting the required PHP version (Apache highly recommended)
-
-
-Downloading XOOPS
------------------------------------
-
-You can get this release package from the [url=https://sourceforge.net/projects/xoops/files/XOOPS%20Core%20%28stable%20releases%29/XOOPS_2.5.7.1/]Sourceforge repository[/url].
-There are .zip, .7z, and .gz archives provided.
-
-
-Installing XOOPS (new installation)
------------------------------------
-
- 1. Copy the content of the htdocs/ folder where it can be accessed by your server
- 2. Ensure that directories:
- - uploads/,
- - uploads/avatars/
- - uploads/images/
- - uploads/ranks/
- - uploads/smilies/
- - xoops_lib/modules/protector/configs/
- and files:
- - mainfile.php and
- - include/license.php
- are writable by the web server
- 3. For security considerations, you are encouraged to move directories "/xoops_lib" (for XOOPS libraries) and "/xoops_data" (for XOOPS data) out of Document Root, and change the folder names.
- 4. Make the directory xoops_data/ writable; Create (if not already present) and make the directories xoops_data/caches/, xoops_data/caches/xoops_cache/, xoops_data/caches/smarty_cache/ and xoops_data/caches/smarty_compile/ writable.
- 5. Access the folder where you installed the htdocs/ files using your web browser to launch the installation wizard
-
-
-Installing Protector in XOOPS
------------------------------------
-We also highly recommend the installation of the PROTECTOR module which will bring additional security protection and logging capabilities to your site.
-
-
-Upgrading from a previous version
------------------------------------
-
-Upgrading from 2.5.x:
------------------------------------
- 1. Get the right update package from the sourceforge file repository
- 2. Overwrite files in XOOPS directory on your server with the content of /htdocs
- * make sure that you copy the content of /xoops_lib to whatever directory you keep it on the server now (it should be your current XOOPS_TRUST_PATH directory), then delete the /xoops_lib directory. There can NOT be two directories with the content of /xoops_lib
- 3. Update the "System" module from the modules administration interface, as well as "Profile", "PM", and "Protector", as they have new GUI.
- 4) Clear caches, using the Admin's Maintenance function
-
-Upgrading from versions older than 2.5.0:
-------------------------------------------
- Following are instructions for upgrading from XOOPS 2.4.5 to 2.5 provided by John Healy:
- 0. Verify the system requirements, in particular the version of PHP. Backup your XOOPS database and site directory. (There are several ways to do these actions, which are discussed elsewhere.) Turning your site off is optional.
- Change the permissions on mainfile.php and /include/license.php to be writable, for example:
- File Normal For upgrade
- mainfile.php 400 700
- /include/license.php 444 777
- Get the correct update package from the SourceForge file repository.
- 1. In the upgrade package folder, move the "upgrade" folder inside the "htdocs" folder, if it's not already there. Remove the install folder from the "htdocs" folder, if it's there. Remove the mainfile.php file from the "htdocs" folder, if it's there.
- If you've moved the xoops_data and xoops_lib folders outside your site's root directory, move these folders out of the "htdocs" folder in the upgrade package folder.
- 2. Delete the /modules/system directory on your current XOOPS site (to get rid of any old unnecessary files).
- 3. Overwrite the files in the XOOPS directory on your current XOOPS site with the content of "htdocs" folder of the upgrade package. (There are several ways to do this action, which are discussed elsewhere.)
- As noted above, if relocated, overwrite the files in your current xoops_data and xoops_lib with the content of those in the upgrade package.
- 4. If you have Protector previously installed, open the "mainfile.php" file , and remove the Pre-check and Post-check lines shown below (if they exist):
- include XOOPS_TRUST_PATH.'/modules/protector/include/precheck.inc.php' ;
- include XOOPS_TRUST_PATH.'/modules/protector/include/postcheck.inc.php' ;
- 5. At your site's address (URL), login as administrator. Access <your.site.url>/upgrade/ with a browser, and follow the instructions (and any for updating your XOOPS database). After all updates have been applied (green checkmarks), note the link in the Updater to update the "system" module, and do so.
- 6. Delete the "upgrade" folder from your site's "htdocs" directory.
- 7. Update (reload) othe...
[truncated message content] |
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X