This commit has been accessed 572 times via Git panel.
commit 238981c4cf0923dee796dd97222cb6d520335955
tree b67b08fd915f2be2b8bb085da7f26200478b4421
parent 5a09e5df8f30e8a78bcf8d4662cd89fed2afed6c
author Engels Antonio <engels@majcms.org> 1277314213 +0800
committer Engels Antonio <engels@majcms.org> 1277314213 +0800
maj-2.0-201006030907.zip
diff --git a/index.php b/index.php
index ddfd129..b25291d 100644
--- a/index.php
+++ b/index.php
@@ -616,6 +616,15 @@ if (isset($maj_req_entry) and !empty($maj_req_entry)) {
fwrite($maj_fp_email_txt,$maj_email);
fclose($maj_fp_email_txt);
+ if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt")) and !file_exists("data/email.txt")) {
+ $maj_fp_email_root = fopen("data/email.txt","w");
+ $maj_email_root = strtolower($_POST['email']);
+ $maj_email_root = trim($maj_email_root);
+ $maj_email_root = htmlentities($maj_email_root,ENT_NOQUOTES);
+ fwrite($maj_fp_email_root,$maj_email_root);
+ fclose($maj_fp_email_root);
+ }
+
if (isset($_POST['url']) and !empty($_POST['url']) and (ereg("\.",$_POST['url']))) {
$maj_fp_url_txt = fopen("data/items/$maj_req_entry/comments/pending/$maj_comment_entry_dir/url.txt","w");
$maj_url = str_replace("http://","",$_POST['url']);
@@ -4596,19 +4605,10 @@ foreach ($maj_disp as $maj_d) {
echo " to add your comment.";
if ((!isset($_SESSION['logged_in']) and !file_exists("data/xscreen.txt")) or (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")))) {
- echo " Note that it will not be posted immediately, but will be ";
-
- if (file_exists("data/email.txt")) {
- echo "e-mailed";
- }
- else {
- echo "sent";
- }
-
- echo " to me first.";
+ echo " Please wait for your comment to be approved and posted.";
if (!isset($_SESSION['logged_in']) or (isset($_SESSION['logged_in']) and !file_exists("data/members/active/{$_SESSION['logged_in']}"))) {
- echo " Comments with bogus contact information will be discarded.";
+ echo " Comments with bogus contact information or spam will be discarded.";
}
}
echo "</p>";
diff --git a/login.php b/login.php
index bacfc15..cb891e4 100644
--- a/login.php
+++ b/login.php
@@ -1,26 +1,35 @@
<?php
session_start();
+
header("Cache-control: private");
+
error_reporting(E_ERROR);
- if (get_magic_quotes_gpc())
- {
- function stripslashes_array($data)
- {
- if (is_array($data))
- {
- foreach ($data as $key => $value)
- {
+
+ if (get_magic_quotes_gpc()) {
+
+ function stripslashes_array($data) {
+
+ if (is_array($data)) {
+
+ foreach ($data as $key => $value) {
$data[$key] = stripslashes_array($value);
}
return $data;
}
- else
- {
+ else {
return stripslashes($data);
}
}
$_POST = stripslashes_array($_POST);
}
+
+ if (isset($_POST['go']) and ($_POST['go'] == "index")) {
+ header("Location: .");
+ }
+
+ if (isset($_POST['go']) and ($_POST['go'] == "reset")) {
+ header("Location: reset.php");
+ }
?>
<title>Login</title>
@@ -32,10 +41,10 @@ body {
margin: 10px;
padding: 0px;
text-align: left;
+ font-size: 11px;
font-family:
<?php
- if (file_exists("data/fonts/body.txt"))
- {
+ if (file_exists("data/fonts/body.txt")) {
$font_body = file_get_contents("data/fonts/body.txt");
echo "{$font_body},";
}
@@ -69,11 +78,10 @@ a:active {
color: #666666;
background: #ffffff;
border: #999999 solid 1px;
- width: 125px;
+ width: 250px;
font-family:
<?php
- if (file_exists("data/fonts/input.txt"))
- {
+ if (file_exists("data/fonts/input.txt")) {
$font_input = file_get_contents("data/fonts/input.txt");
echo "{$font_input},";
}
@@ -85,82 +93,96 @@ a:active {
</style>
<?php
- if (!isset($_POST['username']) or empty($_POST['username']) or !isset($_POST['password']) or empty($_POST['password']))
- {
+ if (!isset($_POST['username']) or empty($_POST['username']) or !isset($_POST['password']) or empty($_POST['password'])) {
$_SESSION = array();
session_destroy();
}
- else
- {
+ else {
$put_username = trim($_POST['username']);
+
/* Fun with crypt! */
$put_password = sha1($_POST['password']);
$put_password = md5($put_password);
$put_password = crypt($put_password, $put_password);
- if ($put_username == file_get_contents("data/username.txt"))
- {
+
+ $err_username = "1";
+ $err_password = "1";
+
+ if ($put_username == file_get_contents("data/username.txt")) {
$get_password = file_get_contents("data/password.txt");
$last_login = "data/lastlog.txt";
$logins = "data/logins.txt";
+ $err_username = "0";
}
- else
- {
- if (file_exists("data/members/active/$put_username") and file_exists("data/bb.txt"))
- {
+ else {
+ if (file_exists("data/members/active/$put_username") and file_exists("data/bb.txt")) {
$get_password = file_get_contents("data/members/active/$put_username/password.txt");
$last_login = "data/members/active/$put_username/bb-last.txt";
$logins = "data/members/active/$put_username/bb-logins.txt";
+ $err_username = "0";
}
}
- if ($get_password == $put_password)
- {
+
+ if ($get_password == $put_password) {
+
$_SESSION['logged_in'] = $_POST['username'];
$_SESSION['user_agent'] = $_SERVER['HTTP_USER_AGENT'];
$_SESSION['maj_server'] = sha1($_SERVER['SERVER_NAME'] . dirname($_SERVER['SCRIPT_NAME']));
+
$lastlog = date("YmdHis", time() + $offset);
+
$fp_lastlog_txt = fopen($last_login, "w");
fwrite($fp_lastlog_txt, $lastlog);
fclose($fp_lastlog_txt);
- if (file_exists("data/bb.txt") and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")))
- {
+
+ if (file_exists("data/bb.txt") and ($_SESSION['logged_in'] != file_get_contents("data/username.txt"))) {
$fp_latest_login_txt = fopen("data/bb-last.txt", "w");
fwrite($fp_latest_login_txt, $_SESSION['logged_in']);
fclose($fp_latest_login_txt);
}
+
$login_count = file_get_contents($logins);
$login_count = $login_count + 1;
+
$login_count_file = fopen($logins, "w");
fwrite($login_count_file, $login_count);
fclose($login_count_file);
+
+ $err_password = "0";
+
header("Location: index.php");
}
- else
- {
+ else {
$_SESSION = array();
session_destroy();
}
}
?>
-<form enctype="multipart/form-data" action="login.php" method="post">
<table border="0" cellspacing="1" cellpadding="2">
-<tr>
-<td><input class="input" type="text" name="username"<?php if (!file_exists("data/autocomplete.txt")) { echo " autocomplete=\"off\""; } ?>></td>
-<td><input autocomplete="off" class="input" type="password" name="password"<?php if (!file_exists("data/autocomplete.txt")) { echo " autocomplete=\"off\""; } ?>></td>
-<td><input class="input" type="submit" value="login"></td>
-</tr>
-<tr>
-<td colspan="3">Enter your login credentials above or click <a href="index.php">here</a> to go to the index page.
+<form enctype="multipart/form-data" action="login.php" method="post">
-<?php
- if (!file_exists("data/lite.txt") and file_exists("data/reset.txt"))
- {
- echo "<br>Click <a href=\"reset.php\">here</a> if you forgot your password.";
- }
-?>
+<tr><td>Username</td><td><input class="input" type="text" maxlength="30" name="username"<?php if (!file_exists("data/autocomplete.txt")) { echo " autocomplete=\"off\""; } if ($err_username == "0") { echo " value=\"{$_POST['username']}\""; } ?>></td><?php if ($err_username == "0") { echo "<td><img src=\"images/widget.ok.png\" border=\"0\" width=\"14\" height=\"14\"></td><td>The username you entered is correct.</td>"; } if ($err_username == "1") { echo "<td><img src=\"images/widget.x.png\" border=\"0\" width=\"14\" height=\"14\"></td><td>The username you entered is invalid.</td>"; } ?></tr>
+
+<tr><td>Password</td><td><input autocomplete="off" class="input" type="password" maxlength="128" name="password"<?php if (!file_exists("data/autocomplete.txt")) { echo " autocomplete=\"off\""; } ?>></td><?php if ($err_password == "1") { echo "<td><img src=\"images/widget.x.png\" border=\"0\" width=\"14\" height=\"14\"></td><td>The password you entered is invalid.</td>"; } ?></tr>
+
+<tr><td></td><td><input class="input" type="submit" value="click here to login"></td></tr>
-</td>
-</tr>
-</table>
</form>
+
+<form enctype="multipart/form-data" action="login.php" method="post">
+<input type="hidden" name="go" value="index">
+<tr><td></td><td><input class="input" type="submit" value="click here to go to the index page"></td></tr>
+</form>
+
+<?php if (!file_exists("data/lite.txt") and file_exists("data/reset.txt")) { ?>
+
+<form enctype="multipart/form-data" action="login.php" method="post">
+<input type="hidden" name="go" value="reset">
+<tr><td></td><td><input class="input" type="submit" value="click here to reset your password"></td></tr>
+</form>
+
+<?php } ?>
+
+</table>
diff --git a/reg.php b/reg.php
index be845a0..dd87a41 100644
--- a/reg.php
+++ b/reg.php
@@ -25,6 +25,10 @@ if (get_magic_quotes_gpc()) {
$_REQUEST = stripslashes_array($_REQUEST);
}
+if (isset($_POST['go']) and ($_POST['go'] == "index")) {
+ header("Location: .");
+}
+
if (file_exists("data/offset.txt")) {
$offset = file_get_contents("data/offset.txt");
}
@@ -498,7 +502,7 @@ if (file_exists("data/bb-disclaimer.txt")) {
<tr><td width=100><p>Last Name</p></td><td colspan=3><input class=input type=text autocomplete=off name=lastname maxlength=30></td></tr>
<tr><td width=100><p>E-mail Address</p></td><td colspan=3><input class=input type=text autocomplete=off name=email maxlength=60></td></tr>
<tr><td width=100><p>Birthdate</p></td><td><input class=bd type=text autocomplete=off name=bd_year maxlength=4 value=<?php echo date("Y", time() + $offset); ?>></td><td><input class=bd type=text autocomplete=off name=bd_month maxlength=2 value=<?php echo date("m", time() + $offset); ?>></td><td><input class=bd type=text autocomplete=off name=bd_day maxlength=2 value=<?php echo date("d", time() + $offset); ?>></td></tr>
-<tr><td width=100><p>Website</p></td><td colspan=3><input class=input type=text autocomplete=off name=url maxlength=300></td></tr>
+<tr><td width=100><p>Website (optional)</p></td><td colspan=3><input class=input type=text autocomplete=off name=url maxlength=300></td></tr>
<tr><td width=100><p>Country</p></td><td colspan=3>
@@ -756,6 +760,6 @@ if (file_exists("data/bb-disclaimer.txt")) {
<tr><td width=100><p>Registration Code</p></td><td colspan=3><input class=input type=text autocomplete=off name=captcha_put maxlength=7></td></tr>
<tr><td><p></p></td><td colspan=3><input class=input type=submit value="click here to submit your registration"></td></tr>
</form>
-<form enctype="multipart/form-data" action="<?php echo 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']); ?>" method="post">
-<tr><td><p></p></td><td colspan=3><input class=input type=submit value="click here to go to the index page"></td></tr>
+<form enctype="multipart/form-data" method="post">
+<tr><td><p></p></td><td colspan=3><input type="hidden" name="go" value="index"><input class=input type=submit value="click here to go to the index page"></td></tr>
</for
diff --git a/rel.txt b/rel.txt
index 81b916d..01bd233 100644
--- a/rel.txt
+++ b/rel.txt
@@ -1 +1 @@
-201006030700
+201006030907
tree b67b08fd915f2be2b8bb085da7f26200478b4421
parent 5a09e5df8f30e8a78bcf8d4662cd89fed2afed6c
author Engels Antonio <engels@majcms.org> 1277314213 +0800
committer Engels Antonio <engels@majcms.org> 1277314213 +0800
maj-2.0-201006030907.zip
diff --git a/index.php b/index.php
index ddfd129..b25291d 100644
--- a/index.php
+++ b/index.php
@@ -616,6 +616,15 @@ if (isset($maj_req_entry) and !empty($maj_req_entry)) {
fwrite($maj_fp_email_txt,$maj_email);
fclose($maj_fp_email_txt);
+ if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt")) and !file_exists("data/email.txt")) {
+ $maj_fp_email_root = fopen("data/email.txt","w");
+ $maj_email_root = strtolower($_POST['email']);
+ $maj_email_root = trim($maj_email_root);
+ $maj_email_root = htmlentities($maj_email_root,ENT_NOQUOTES);
+ fwrite($maj_fp_email_root,$maj_email_root);
+ fclose($maj_fp_email_root);
+ }
+
if (isset($_POST['url']) and !empty($_POST['url']) and (ereg("\.",$_POST['url']))) {
$maj_fp_url_txt = fopen("data/items/$maj_req_entry/comments/pending/$maj_comment_entry_dir/url.txt","w");
$maj_url = str_replace("http://","",$_POST['url']);
@@ -4596,19 +4605,10 @@ foreach ($maj_disp as $maj_d) {
echo " to add your comment.";
if ((!isset($_SESSION['logged_in']) and !file_exists("data/xscreen.txt")) or (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")))) {
- echo " Note that it will not be posted immediately, but will be ";
-
- if (file_exists("data/email.txt")) {
- echo "e-mailed";
- }
- else {
- echo "sent";
- }
-
- echo " to me first.";
+ echo " Please wait for your comment to be approved and posted.";
if (!isset($_SESSION['logged_in']) or (isset($_SESSION['logged_in']) and !file_exists("data/members/active/{$_SESSION['logged_in']}"))) {
- echo " Comments with bogus contact information will be discarded.";
+ echo " Comments with bogus contact information or spam will be discarded.";
}
}
echo "</p>";
diff --git a/login.php b/login.php
index bacfc15..cb891e4 100644
--- a/login.php
+++ b/login.php
@@ -1,26 +1,35 @@
<?php
session_start();
+
header("Cache-control: private");
+
error_reporting(E_ERROR);
- if (get_magic_quotes_gpc())
- {
- function stripslashes_array($data)
- {
- if (is_array($data))
- {
- foreach ($data as $key => $value)
- {
+
+ if (get_magic_quotes_gpc()) {
+
+ function stripslashes_array($data) {
+
+ if (is_array($data)) {
+
+ foreach ($data as $key => $value) {
$data[$key] = stripslashes_array($value);
}
return $data;
}
- else
- {
+ else {
return stripslashes($data);
}
}
$_POST = stripslashes_array($_POST);
}
+
+ if (isset($_POST['go']) and ($_POST['go'] == "index")) {
+ header("Location: .");
+ }
+
+ if (isset($_POST['go']) and ($_POST['go'] == "reset")) {
+ header("Location: reset.php");
+ }
?>
<title>Login</title>
@@ -32,10 +41,10 @@ body {
margin: 10px;
padding: 0px;
text-align: left;
+ font-size: 11px;
font-family:
<?php
- if (file_exists("data/fonts/body.txt"))
- {
+ if (file_exists("data/fonts/body.txt")) {
$font_body = file_get_contents("data/fonts/body.txt");
echo "{$font_body},";
}
@@ -69,11 +78,10 @@ a:active {
color: #666666;
background: #ffffff;
border: #999999 solid 1px;
- width: 125px;
+ width: 250px;
font-family:
<?php
- if (file_exists("data/fonts/input.txt"))
- {
+ if (file_exists("data/fonts/input.txt")) {
$font_input = file_get_contents("data/fonts/input.txt");
echo "{$font_input},";
}
@@ -85,82 +93,96 @@ a:active {
</style>
<?php
- if (!isset($_POST['username']) or empty($_POST['username']) or !isset($_POST['password']) or empty($_POST['password']))
- {
+ if (!isset($_POST['username']) or empty($_POST['username']) or !isset($_POST['password']) or empty($_POST['password'])) {
$_SESSION = array();
session_destroy();
}
- else
- {
+ else {
$put_username = trim($_POST['username']);
+
/* Fun with crypt! */
$put_password = sha1($_POST['password']);
$put_password = md5($put_password);
$put_password = crypt($put_password, $put_password);
- if ($put_username == file_get_contents("data/username.txt"))
- {
+
+ $err_username = "1";
+ $err_password = "1";
+
+ if ($put_username == file_get_contents("data/username.txt")) {
$get_password = file_get_contents("data/password.txt");
$last_login = "data/lastlog.txt";
$logins = "data/logins.txt";
+ $err_username = "0";
}
- else
- {
- if (file_exists("data/members/active/$put_username") and file_exists("data/bb.txt"))
- {
+ else {
+ if (file_exists("data/members/active/$put_username") and file_exists("data/bb.txt")) {
$get_password = file_get_contents("data/members/active/$put_username/password.txt");
$last_login = "data/members/active/$put_username/bb-last.txt";
$logins = "data/members/active/$put_username/bb-logins.txt";
+ $err_username = "0";
}
}
- if ($get_password == $put_password)
- {
+
+ if ($get_password == $put_password) {
+
$_SESSION['logged_in'] = $_POST['username'];
$_SESSION['user_agent'] = $_SERVER['HTTP_USER_AGENT'];
$_SESSION['maj_server'] = sha1($_SERVER['SERVER_NAME'] . dirname($_SERVER['SCRIPT_NAME']));
+
$lastlog = date("YmdHis", time() + $offset);
+
$fp_lastlog_txt = fopen($last_login, "w");
fwrite($fp_lastlog_txt, $lastlog);
fclose($fp_lastlog_txt);
- if (file_exists("data/bb.txt") and ($_SESSION['logged_in'] != file_get_contents("data/username.txt")))
- {
+
+ if (file_exists("data/bb.txt") and ($_SESSION['logged_in'] != file_get_contents("data/username.txt"))) {
$fp_latest_login_txt = fopen("data/bb-last.txt", "w");
fwrite($fp_latest_login_txt, $_SESSION['logged_in']);
fclose($fp_latest_login_txt);
}
+
$login_count = file_get_contents($logins);
$login_count = $login_count + 1;
+
$login_count_file = fopen($logins, "w");
fwrite($login_count_file, $login_count);
fclose($login_count_file);
+
+ $err_password = "0";
+
header("Location: index.php");
}
- else
- {
+ else {
$_SESSION = array();
session_destroy();
}
}
?>
-<form enctype="multipart/form-data" action="login.php" method="post">
<table border="0" cellspacing="1" cellpadding="2">
-<tr>
-<td><input class="input" type="text" name="username"<?php if (!file_exists("data/autocomplete.txt")) { echo " autocomplete=\"off\""; } ?>></td>
-<td><input autocomplete="off" class="input" type="password" name="password"<?php if (!file_exists("data/autocomplete.txt")) { echo " autocomplete=\"off\""; } ?>></td>
-<td><input class="input" type="submit" value="login"></td>
-</tr>
-<tr>
-<td colspan="3">Enter your login credentials above or click <a href="index.php">here</a> to go to the index page.
+<form enctype="multipart/form-data" action="login.php" method="post">
-<?php
- if (!file_exists("data/lite.txt") and file_exists("data/reset.txt"))
- {
- echo "<br>Click <a href=\"reset.php\">here</a> if you forgot your password.";
- }
-?>
+<tr><td>Username</td><td><input class="input" type="text" maxlength="30" name="username"<?php if (!file_exists("data/autocomplete.txt")) { echo " autocomplete=\"off\""; } if ($err_username == "0") { echo " value=\"{$_POST['username']}\""; } ?>></td><?php if ($err_username == "0") { echo "<td><img src=\"images/widget.ok.png\" border=\"0\" width=\"14\" height=\"14\"></td><td>The username you entered is correct.</td>"; } if ($err_username == "1") { echo "<td><img src=\"images/widget.x.png\" border=\"0\" width=\"14\" height=\"14\"></td><td>The username you entered is invalid.</td>"; } ?></tr>
+
+<tr><td>Password</td><td><input autocomplete="off" class="input" type="password" maxlength="128" name="password"<?php if (!file_exists("data/autocomplete.txt")) { echo " autocomplete=\"off\""; } ?>></td><?php if ($err_password == "1") { echo "<td><img src=\"images/widget.x.png\" border=\"0\" width=\"14\" height=\"14\"></td><td>The password you entered is invalid.</td>"; } ?></tr>
+
+<tr><td></td><td><input class="input" type="submit" value="click here to login"></td></tr>
-</td>
-</tr>
-</table>
</form>
+
+<form enctype="multipart/form-data" action="login.php" method="post">
+<input type="hidden" name="go" value="index">
+<tr><td></td><td><input class="input" type="submit" value="click here to go to the index page"></td></tr>
+</form>
+
+<?php if (!file_exists("data/lite.txt") and file_exists("data/reset.txt")) { ?>
+
+<form enctype="multipart/form-data" action="login.php" method="post">
+<input type="hidden" name="go" value="reset">
+<tr><td></td><td><input class="input" type="submit" value="click here to reset your password"></td></tr>
+</form>
+
+<?php } ?>
+
+</table>
diff --git a/reg.php b/reg.php
index be845a0..dd87a41 100644
--- a/reg.php
+++ b/reg.php
@@ -25,6 +25,10 @@ if (get_magic_quotes_gpc()) {
$_REQUEST = stripslashes_array($_REQUEST);
}
+if (isset($_POST['go']) and ($_POST['go'] == "index")) {
+ header("Location: .");
+}
+
if (file_exists("data/offset.txt")) {
$offset = file_get_contents("data/offset.txt");
}
@@ -498,7 +502,7 @@ if (file_exists("data/bb-disclaimer.txt")) {
<tr><td width=100><p>Last Name</p></td><td colspan=3><input class=input type=text autocomplete=off name=lastname maxlength=30></td></tr>
<tr><td width=100><p>E-mail Address</p></td><td colspan=3><input class=input type=text autocomplete=off name=email maxlength=60></td></tr>
<tr><td width=100><p>Birthdate</p></td><td><input class=bd type=text autocomplete=off name=bd_year maxlength=4 value=<?php echo date("Y", time() + $offset); ?>></td><td><input class=bd type=text autocomplete=off name=bd_month maxlength=2 value=<?php echo date("m", time() + $offset); ?>></td><td><input class=bd type=text autocomplete=off name=bd_day maxlength=2 value=<?php echo date("d", time() + $offset); ?>></td></tr>
-<tr><td width=100><p>Website</p></td><td colspan=3><input class=input type=text autocomplete=off name=url maxlength=300></td></tr>
+<tr><td width=100><p>Website (optional)</p></td><td colspan=3><input class=input type=text autocomplete=off name=url maxlength=300></td></tr>
<tr><td width=100><p>Country</p></td><td colspan=3>
@@ -756,6 +760,6 @@ if (file_exists("data/bb-disclaimer.txt")) {
<tr><td width=100><p>Registration Code</p></td><td colspan=3><input class=input type=text autocomplete=off name=captcha_put maxlength=7></td></tr>
<tr><td><p></p></td><td colspan=3><input class=input type=submit value="click here to submit your registration"></td></tr>
</form>
-<form enctype="multipart/form-data" action="<?php echo 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']); ?>" method="post">
-<tr><td><p></p></td><td colspan=3><input class=input type=submit value="click here to go to the index page"></td></tr>
+<form enctype="multipart/form-data" method="post">
+<tr><td><p></p></td><td colspan=3><input type="hidden" name="go" value="index"><input class=input type=submit value="click here to go to the index page"></td></tr>
</for
diff --git a/rel.txt b/rel.txt
index 81b916d..01bd233 100644
--- a/rel.txt
+++ b/rel.txt
@@ -1 +1 @@
-201006030700
+201006030907