[ros-diffs] [dgoette] 39818: * readd group & acl deletion * fix subsystem integration * tooltip now does not hide, if changing the <td> element inside the same <tr> * tooltip now hides, if editor is loaded * generator now doesn't cache scripts * show error message on login failure, instead of a white page
dgoette at svn.reactos.org
dgoette at svn.reactos.org
Sun Mar 1 00:47:56 CET 2009
Author: dgoette
Date: Sun Mar 1 02:47:12 2009
New Revision: 39818
URL: http://svn.reactos.org/svn/reactos?rev=39818&view=rev
Log:
* readd group & acl deletion
* fix subsystem integration
* tooltip now does not hide, if changing the <td> element inside the same <tr>
* tooltip now hides, if editor is loaded
* generator now doesn't cache scripts
* show error message on login failure, instead of a white page
Modified:
branches/danny-web/reactos.org/htdocs/roscms/js/cms_maintain.js
branches/danny-web/reactos.org/htdocs/roscms/js/cms_website.js
branches/danny-web/reactos.org/htdocs/roscms/lib/Subsystem.class.php
branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Admin_ACL.class.php
branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Admin_Groups.class.php
branches/danny-web/reactos.org/htdocs/roscms/lib/om/Generate.class.php
branches/danny-web/reactos.org/htdocs/roscms/lib/om/Login.class.php
branches/danny-web/reactos.org/htdocs/roscms/lib/view/HTML_User_Login.class.php
Modified: branches/danny-web/reactos.org/htdocs/roscms/js/cms_maintain.js
URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/roscms/js/cms_maintain.js?rev=39818&r1=39817&r2=39818&view=diff
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/js/cms_maintain.js [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/roscms/js/cms_maintain.js [iso-8859-1] Sun Mar 1 02:47:12 2009
@@ -390,6 +390,36 @@
/**
* @FILLME
*/
+function deleteAccess( id )
+{
+ // highlight left menu entry
+ highlightMenu('Access');
+
+ document.getElementById('accessList').style.display = 'none';
+ document.getElementById('accessDetails').style.display = 'block';
+
+ // get language list
+ makeRequest('?page=backend&type=admin&subtype=acl&action=delete&access='+id, 'apply', 'accessDetails', 'html', 'GET');
+ return true;
+} // end of function loadGenerate
+
+
+
+/**
+ * @FILLME
+ */
+function submitAccessDelete( )
+{
+ makeRequest('?page=backend&type=admin&subtype=acl&action=delete&submit=true', 'apply', 'accessDetails', 'html', 'POST');
+
+ loadAccess();
+}
+
+
+
+/**
+ * @FILLME
+ */
function loadSystem( )
{
@@ -487,7 +517,37 @@
*/
function submitGroupEdit( )
{
- makeRequest('?page=backend&type=admin&subtype=group&action=edit&submit=true', 'apply', 'groupDetails', 'html', 'POST');
+ makeRequest('?page=backend&type=admin&subtype=group&action=delete&submit=true', 'apply', 'groupDetails', 'html', 'POST');
+
+ loadGroups();
+}
+
+
+
+/**
+ * @FILLME
+ */
+function deleteGroup( id )
+{
+ // highlight left menu entry
+ highlightMenu('Groups');
+
+ document.getElementById('groupList').style.display = 'none';
+ document.getElementById('groupDetails').style.display = 'block';
+
+ // get language list
+ makeRequest('?page=backend&type=admin&subtype=group&action=delete&group='+id, 'apply', 'groupDetails', 'html', 'GET');
+ return true;
+} // end of function loadGenerate
+
+
+
+/**
+ * @FILLME
+ */
+function submitGroupDelete( )
+{
+ makeRequest('?page=backend&type=admin&subtype=group&action=delete&submit=true', 'apply', 'groupDetails', 'html', 'POST');
loadGroups();
}
Modified: branches/danny-web/reactos.org/htdocs/roscms/js/cms_website.js
URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/roscms/js/cms_website.js?rev=39818&r1=39817&r2=39818&view=diff
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/js/cms_website.js [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/roscms/js/cms_website.js [iso-8859-1] Sun Mar 1 02:47:12 2009
@@ -24,7 +24,8 @@
// check for quirks / standard mode
var IEmode = ( typeof document.compatMode != "undefined" && document.compatMode != "BackCompat") ? "documentElement" : "body";
-var timerTooltip;
+var timerTooltip, timer_tooltip_delete;
+var tooltip_row = null;
document.onmousemove = getMousePosition;
@@ -302,8 +303,22 @@
{
// deactivate tooltip-timer
window.clearTimeout(timerTooltip);
-
+
+ window.clearTimeout(timer_tooltip_delete);
+ timer_tooltip_delete = window.setTimeout("deleteTooltip()", 300);
+} // end of function clearTooltip
+
+
+
+/**
+ * Disables Tooltip view
+ */
+function deleteTooltip( )
+{
document.getElementById('tooltip').style.display = 'none';
+
+ // deactivate tooltip-timer
+ window.clearTimeout(timer_tooltip_delete);
} // end of function clearTooltip
@@ -433,16 +448,20 @@
// deactivate Tooltip-timer
window.clearTimeout(timerTooltip);
- timerTooltip = window.setTimeout("loadTooltip('"+this.getElementsByTagName('td')[3].className+"')", 500);
+ if (tooltip_row == this.id) {
+ window.clearTimeout(timer_tooltip_delete);
+ }
+ else {
+ tooltip_row = this.id;
+
+ timerTooltip = window.setTimeout("loadTooltip('"+this.getElementsByTagName('td')[3].className+"')", 500);
+ }
} // end of inner function localStartActive
//sets a timeout to remove Tooltip
function localStopActive() {
hlRow(this.id,2);
-
- // deactivate Tooltip-timer
- window.clearTimeout(timerTooltip);
clearTooltip();
} // end of inner function localStopActive
@@ -460,6 +479,8 @@
function localStartEditor() {
+ clearTooltip();
+
loadEditor(roscms_current_page, this.className);
} // end of inner function localStartEditor
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Subsystem.class.php
URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/roscms/lib/Subsystem.class.php?rev=39818&r1=39817&r2=39818&view=diff
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/Subsystem.class.php [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/Subsystem.class.php [iso-8859-1] Sun Mar 1 02:47:12 2009
@@ -154,7 +154,7 @@
*/
protected function updateUser( $user_id, $subsys_user )
{
- $user = ROSUser::getDetailsById($user_id);
+ $user = self::getRoscmsUser($user_id);
if ($user === false) {
return false;
}
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Admin_ACL.class.php
URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Admin_ACL.class.php?rev=39818&r1=39817&r2=39818&view=diff
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Admin_ACL.class.php [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Admin_ACL.class.php [iso-8859-1] Sun Mar 1 02:47:12 2009
@@ -226,6 +226,7 @@
echo_strip('
<h2>Edit Access Control List (ACL)</h2>
<form onsubmit="return false;">
+ <button onclick="'."deleteAccess(".$access['id'].")".'">show Delete ACL</button>
<fieldset>
<legend>Access Control List Options</legend>
<input type="hidden" name="access_id" id="access_id" value="'.$access['id'].'" />
@@ -349,7 +350,7 @@
{
// check how many entries are depend on this ACL
$stmt=&DBConnection::getInstance()->prepare("SELECT COUNT(id) FROM ".ROSCMST_ENTRIES." WHERE access_id=:access_id");
- $stmt->bindParam('access_id',$_POST['access'],PDO::PARAM_INT);
+ $stmt->bindParam('access_id',$_REQUEST['access'],PDO::PARAM_INT);
$stmt->execute();
$data_count = $stmt->fetchColumn();
@@ -360,8 +361,8 @@
else {
// ACL information
- $stmt=&DBConnection::getInstance()->prepare("SELECT name, name_short, description, id FROM ".ROSCMST_ACCESS." WHERE id=:access_id");
- $stmt->bindParam('access_id',$_POST['access'],PDO::PARAM_INT);
+ $stmt=&DBConnection::getInstance()->prepare("SELECT name, description, id FROM ".ROSCMST_ACCESS." WHERE id=:access_id");
+ $stmt->bindParam('access_id',$_REQUEST['access'],PDO::PARAM_INT);
$stmt->execute();
$access = $stmt->fetchOnce(PDO::FETCH_ASSOC);
@@ -371,7 +372,7 @@
<input type="hidden" name="access_id" id="access_id" value="'.$access['id'].'" />
Do you really want to delete the access "<span title="'.$access['description'].'">'.$access['name'].'</span>" ?
- <button style="color: red;" onclick="'."submitDelete('acl')".'" name="uaq" value="yes">Yes, Delete it.</button>
+ <button style="color: red;" onclick="'."submitAccessDelete()".'" name="uaq" value="yes">Yes, Delete it.</button>
<button style="color: green;" name="uaq" value="no">No</button>
</div>
</form>');
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Admin_Groups.class.php
URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Admin_Groups.class.php?rev=39818&r1=39817&r2=39818&view=diff
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Admin_Groups.class.php [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Admin_Groups.class.php [iso-8859-1] Sun Mar 1 02:47:12 2009
@@ -275,6 +275,7 @@
echo_strip('
<h2>Edit Group</h2>
<form onsubmit="return false;">
+ <button onclick="'."deleteGroup(".$group['id'].")".'">show Delete Group</button>
<fieldset>
<legend>Group Data</legend>
<input type="hidden" name="group_id" id="group_id" value="'.$group['id'].'" />
@@ -451,7 +452,7 @@
{
// get Group information
$stmt=&DBConnection::getInstance()->prepare("SELECT name, description, id FROM ".ROSCMST_GROUPS." WHERE id=:group_id");
- $stmt->bindParam('group_id',$_POST['group'],PDO::PARAM_INT);
+ $stmt->bindParam('group_id',$_GET['group'],PDO::PARAM_INT);
$stmt->execute();
$group = $stmt->fetchOnce(PDO::FETCH_ASSOC);
@@ -461,7 +462,7 @@
<input type="hidden" name="group_id" id="group_id" value="'.$group['id'].'" />
Do you really want to delete the Group "<span title="'.$group['description'].'">'.$group['name'].'</span>" ?
- <button style="color: red;" onclick="'."submitDelete('group')".'" name="uaq" value="yes">Yes, Delete it.</button>
+ <button style="color: red;" onclick="'."submitGroupDelete()".'" name="uaq" value="yes">Yes, Delete it.</button>
<button style="color: green;" name="uaq" value="no">No</button>
</div>
</form>');
@@ -480,7 +481,7 @@
// delete group
$stmt=&DBConnection::getInstance()->prepare("DELETE FROM ".ROSCMST_GROUPS." WHERE id=:group_id");
- $stmt->bindParam('group_id',$_POST['group_id'],PDO::PARAM_INT);
+ $stmt->bindParam('group_id',$_REQUEST['group_id'],PDO::PARAM_INT);
$success = $success && $stmt->execute();
// delete connections
@@ -488,17 +489,17 @@
// delete ACL connections
$stmt=&DBConnection::getInstance()->prepare("DELETE FROM ".ROSCMST_ACL." WHERE group_id=:group_id");
- $stmt->bindParam('group_id',$_POST['group_id'],PDO::PARAM_INT);
+ $stmt->bindParam('group_id',$_REQUEST['group_id'],PDO::PARAM_INT);
$success = $success && $stmt->execute();
// delete APL connections
$stmt=&DBConnection::getInstance()->prepare("DELETE FROM ".ROSCMST_AREA_ACCESS." WHERE group_id=:group_id");
- $stmt->bindParam('group_id',$_POST['group_id'],PDO::PARAM_INT);
+ $stmt->bindParam('group_id',$_REQUEST['group_id'],PDO::PARAM_INT);
$success = $success && $stmt->execute();
// delete memberships
$stmt=&DBConnection::getInstance()->prepare("DELETE FROM ".ROSCMST_MEMBERSHIPS." WHERE group_id=:group_id");
- $stmt->bindParam('group_id',$_POST['group_id'],PDO::PARAM_INT);
+ $stmt->bindParam('group_id',$_REQUEST['group_id'],PDO::PARAM_INT);
$success = $success && $stmt->execute();
}
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/om/Generate.class.php
URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/roscms/lib/om/Generate.class.php?rev=39818&r1=39817&r2=39818&view=diff
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/om/Generate.class.php [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/om/Generate.class.php [iso-8859-1] Sun Mar 1 02:47:12 2009
@@ -218,19 +218,17 @@
$content = $revision['content'];
// replace dependencies
- $stmt_more=&DBConnection::getInstance()->prepare("SELECT d.id, d.type, d.name FROM ".ROSCMST_DEPENDENCIES." w JOIN ".ROSCMST_ENTRIES." d ON w.child_id=d.id WHERE w.rev_id=:rev_id AND w.include IS TRUE");
+ $stmt_more=&DBConnection::getInstance()->prepare("SELECT d.id, d.type, d.name FROM ".ROSCMST_DEPENDENCIES." w JOIN ".ROSCMST_ENTRIES." d ON w.child_id=d.id WHERE w.rev_id=:rev_id AND w.include IS TRUE AND d.type != 'script'");
$stmt_more->bindParam('rev_id',$revision['id'],PDO::PARAM_INT);
$stmt_more->execute();
while ($dependency = $stmt_more->fetch(PDO::FETCH_ASSOC)) {
// replace
- if ($dependency['type'] != 'script') {
- $content = str_replace('[#'.$this->short[$dependency['type']].'_'.$dependency['name'].']', $this->getCached(array(null, $this->short[$dependency['type']].'_'.$dependency['name'])), $content);
- }
+ $content = str_replace('[#'.$this->short[$dependency['type']].'_'.$dependency['name'].']', $this->getCached(array(null, $this->short[$dependency['type']].'_'.$dependency['name'])), $content);
} // end foreach
// execute scripts
- $content = preg_replace_callback('/\[#inc_([^][#[:space:]]+)\]/', array($this,'evalScript'),$content);
+ $content = preg_replace_callback('/\[#inc_([a-zA-Z0-9_]+)\]/', array($this,'evalScript'),$content);
// replace roscms vars
$content = $this->replaceRoscmsPlaceholder($content);
@@ -435,7 +433,7 @@
$stmt->execute();
// prepare for usage in loop
- $stmt_more=&DBConnection::getInstance()->prepare("SELECT w.child_id, d.type, d.name FROM ".ROSCMST_DEPENDENCIES." w JOIN ".ROSCMST_ENTRIES." d ON w.child_id=d.id WHERE w.rev_id=:rev_id AND w.include IS TRUE");
+ $stmt_more=&DBConnection::getInstance()->prepare("SELECT w.child_id, d.type, d.name FROM ".ROSCMST_DEPENDENCIES." w JOIN ".ROSCMST_ENTRIES." d ON w.child_id=d.id WHERE w.rev_id=:rev_id AND w.include IS TRUE AND d.type != 'script'");
while ($data = $stmt->fetch(PDO::FETCH_ASSOC)) {
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/om/Login.class.php
URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/roscms/lib/om/Login.class.php?rev=39818&r1=39817&r2=39818&view=diff
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/om/Login.class.php [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/om/Login.class.php [iso-8859-1] Sun Mar 1 02:47:12 2009
@@ -83,8 +83,8 @@
$stmt=&DBConnection::getInstance()->prepare("SELECT s.user_id, s.expires FROM ".ROSCMST_SESSIONS." s JOIN ".ROSCMST_USERS." u ON u.id = s.user_id WHERE s.id = :session_id AND (u.match_ip IS FALSE OR s.ip=:ip ) AND (u.match_browseragent IS FALSE OR s.browseragent = :agent) AND u.disabled IS FALSE LIMIT 1");
}
else{
- $stmt=&DBConnection::getInstance()->prepare("SELECT m.user_id, s.expires FROM ".ROSCMST_SESSIONS." s JOIN ".ROSCMST_USERS." u ON u.id = s.user_id JOIN ".ROSCMST_SUBSYS." m ON m.user_id = s.user_id WHERE s.id = :session_id AND (u.match_ip IS FALSE OR s.ip = :ip) AND (u.match_browseragent IS FALSE OR s.browseragent = :agent) AND m.subsys = :subsys AND u.disabled IS FALSE LIMIT 1");
- $stmt->bindParam('subsys',$subsys,PDO::PARAM_STR);
+ $stmt=&DBConnection::getInstance()->prepare("SELECT m.subsys_user_id AS user_id, s.expires FROM ".ROSCMST_SESSIONS." s JOIN ".ROSCMST_USERS." u ON u.id = s.user_id JOIN ".ROSCMST_SUBSYS." m ON m.user_id = s.user_id WHERE s.id = :session_id AND (u.match_ip IS FALSE OR s.ip = :ip) AND (u.match_browseragent IS FALSE OR s.browseragent = :agent) AND m.subsys = :subsys AND u.disabled IS FALSE LIMIT 1");
+ $stmt->bindParam('subsys',$subsys,PDO::PARAM_STR);
}
$stmt->bindParam('session_id',$session_id,PDO::PARAM_INT);
$stmt->bindParam('ip',$remote_addr,PDO::PARAM_STR);
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/view/HTML_User_Login.class.php
URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/roscms/lib/view/HTML_User_Login.class.php?rev=39818&r1=39817&r2=39818&view=diff
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/view/HTML_User_Login.class.php [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/view/HTML_User_Login.class.php [iso-8859-1] Sun Mar 1 02:47:12 2009
@@ -99,7 +99,7 @@
}
else {
$this->loginPage('You have specified an incorrect username.');
- exit;
+ return false;
}
// Check password. It should only contain printable ASCII chars
@@ -108,7 +108,7 @@
}
else {
$this->loginPage('You have specified an invalid password.');
- exit;
+ return false;
}
// get user data
@@ -128,14 +128,14 @@
}
if ($a_password != $user['password']) {
- $this->loginPage("You have specified an incorrect or inactive username, or an invalid password.");
- exit;
+ $this->loginPage('You have specified an incorrect or inactive username, or an invalid password.');
+ return false;
}
// if the account is NOT enabled; e.g. a reason could be that a member of the admin group has disabled this account because of spamming, etc.
if ($user['disabled'] == true) {
$this->loginPage('Account is not activated or disabled!<br /><br />Check your email inbox (and spam folder), maybe you have overseen the activation information.');
- exit;
+ return false;
}
// if the user account setting is "multisession" (a by user setting), it is set to "false" by default
More information about the Ros-diffs
mailing list