oqapi/webgui
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

WebGUI 3.6.0 release

Browse source
This commit is contained in:
JT Smith 2002-03-20 06:01:00 +00:00
parent 81da4fe3af
commit 0997fc100c
22 changed files with 3085 additions and 103 deletions
Download patch file Download diff file Expand all files Collapse all files

4
lib/WebGUI/Discussion.pm
View file

@ -13,6 +13,7 @@ package WebGUI::Discussion;
use strict;
use Tie::CPHash;
use WebGUI::DateTime;
use WebGUI::HTML;
use WebGUI::International;
use WebGUI::Session;
use WebGUI::Shortcut;
@ -123,6 +124,8 @@ sub getMessage {
my (%message);
tie %message, 'Tie::CPHash';
%message = WebGUI::SQL->quickHash("select * from discussion where messageId='$_[0]'");
$message{subject} = WebGUI::HTML::filter($message{subject},'all');
$message{message} = WebGUI::HTML::filter($message{message},$session{setting}{filterContributedHTML});
unless ($message{message} =~ /\<div\>/ig || $message{message} =~ /\<br\>/ig || $message{message} =~ /\<p\>/ig) {
$message{message} =~ s/\n/\<br\>/g;
}
@ -241,6 +244,7 @@ sub traverseReplyTree {
}
$sth = WebGUI::SQL->read("select messageId,subject,username,dateOfPost,userId from discussion where pid=$_[0] order by messageId");
while (@data = $sth->array) {
$data[1] = WebGUI::HTML::filter($data[1],'all');
$html .= '<tr';
if ($session{form}{mid} eq $data[0]) {
$html .= ' class="highlight"';

35
lib/WebGUI/ErrorHandler.pm
View file

@ -15,9 +15,10 @@ use WebGUI::Session;
#-------------------------------------------------------------------
sub fatalError {
my ($key, $log, $cgi, $logfile, $config);
my ($key, $log, $cgi, $logfile, $config, $friendly);
if (exists $session{cgi}) {
$cgi = $session{cgi};
$friendly = 1 if ($session{setting}{onCriticalError} eq "friendly");
} else {
use CGI;
$cgi = CGI->new;
@ -30,35 +31,41 @@ sub fatalError {
$config = new Data::Config '../etc/WebGUI.conf';
$logfile = $config->param('logfile');
}
$log = FileHandle->new(">>$logfile") or die "Can't open log file.";
print "<h1>WebGUI Fatal Error</h1>Something unexpected happened that caused this system to fault.<p>";
print $0." at ".localtime(time)." reported:<br>";
print "<h1>WebGUI Fatal Error</h1>Something unexpected happened that caused this system to fault.<p>" unless ($friendly);
$log = FileHandle->new(">>$logfile") or print "Can't open log file.";
print $0." at ".localtime(time)." reported:<br>" unless ($friendly);
print $log localtime(time)." ".$0." ".$_[0]."\n";
print $_[0];
print "<p><h3>Caller</h3><table border=1><tr><td valign=top>";
print "<b>Level 1</b><br>".join("<br>",caller(1));
print $_[0] unless ($friendly);
print "<p><h3>Caller</h3><table border=1><tr><td valign=top>" unless ($friendly);
print "<b>Level 1</b><br>".join("<br>",caller(1)) unless ($friendly);
print $log "\t".join(",",caller(1))."\n";
print "</td><td valign=top>"."<b>Level 2</b><br>".join("<br>",caller(2));
print "</td><td valign=top>"."<b>Level 2</b><br>".join("<br>",caller(2)) unless ($friendly);
print $log "\t".join(",",caller(2))."\n";
print "</td><td valign=top>"."<b>Level 3</b><br>".join("<br>",caller(3));
print "</td><td valign=top>"."<b>Level 3</b><br>".join("<br>",caller(3)) unless ($friendly);
print $log "\t".join(",",caller(3))."\n";
print "</td><td valign=top>"."<b>Level 4</b><br>".join("<br>",caller(4));
print "</td><td valign=top>"."<b>Level 4</b><br>".join("<br>",caller(4)) unless ($friendly);
print $log "\t".join(",",caller(4))."\n";
print "</td></tr></table>";
print "<h3>Form Variables</h3>";
print "</td></tr></table>" unless ($friendly);
print "<h3>Form Variables</h3>" unless ($friendly);
print $log "\t";
if (exists $session{form}) {
foreach $key (keys %{$session{form}}) {
print $key." = ".$session{form}{$key}."<br>";
print $key." = ".$session{form}{$key}."<br>" unless ($friendly);
print $log $key."=".$session{form}{$key}." ";
}
print $log "\n";
} else {
print "Cannot retrieve session information.";
print "Cannot retrieve session information." unless ($friendly);
print $log "Session not accessible for form variable dump.\n";
}
print $log "\n";
$log->close;
if ($friendly) {
print WebGUI::International::get(416).'<br>';
print '<br>'.$session{setting}{companyName};
print '<br>'.$session{setting}{companyEmail};
print '<br>'.$session{setting}{companyURL};
}
exit;
}

76
lib/WebGUI/HTML.pm Normal file
View file

@ -0,0 +1,76 @@
package WebGUI::HTML;
=head1 LEGAL
-------------------------------------------------------------------
WebGUI is Copyright 2001-2002 Plain Black Software.
-------------------------------------------------------------------
Please read the legal notices (docs/legal.txt) and the license
(docs/license.txt) that came with this distribution before using
this software.
-------------------------------------------------------------------
http://www.plainblack.com info@plainblack.com
-------------------------------------------------------------------
=cut
use HTML::TagFilter;
use strict;
use WebGUI::Session;
=head1 NAME
Package WebGUI::HTML
=head1 SYNOPSIS
use WebGUI::HTML;
$html = WebGUI::HTML::filter($html);
=head1 DESCRIPTION
A package for manipulating and massaging HTML.
=head1 METHODS
These methods are available from this package:
=cut
#-------------------------------------------------------------------
=head2 filter ( html [, filter ] )
Returns HTML with unwanted tags filtered out.
=item html
The HTML content you want filtered.
=item filter
Choose from all, none, or most. Defaults to most. All removes all
HTML tags; none removes no HTML tags; and most removes all but
simple formatting tags like bold and italics.
=cut
sub filter {
my ($filter, $html);
if ($_[1] eq "all") {
$filter = HTML::TagFilter->new(allow=>{'none'},strip_comments=>1);
$html = $filter->filter($_[0]);
} elsif ($_[1] eq "none") {
$html = $_[0];
} else {
$filter = HTML::TagFilter->new; # defaultly strips almost everything
$html = $filter->filter($_[0]);
}
return $html;
}
1;

29
lib/WebGUI/Operation/Account.pm
View file

@ -77,17 +77,9 @@ sub _hasBadUsername {
}
#-------------------------------------------------------------------
sub _login {
my ($cookieInfo);
$cookieInfo = $_[0]."|".crypt($_[1],"yJ");
WebGUI::Session::end($cookieInfo); #clearing out old session info just in case something bad happened
if (WebGUI::Session::start($cookieInfo)) {
WebGUI::Session::setCookie("wgSession",$cookieInfo);
return "";
} else {
WebGUI::ErrorHandler::warn("Session signature '".$cookieInfo."' does not match account info for user ID ".$_[0]);
return "<b>Error:</b> Unable to initialize session vars because your session signature does not match your account information.<p>";
}
sub _logLogin {
WebGUI::SQL->write("insert into userLoginLog values ('$_[0]','$_[1]',".time().",".
quote($session{env}{REMOTE_ADDR}).",".quote($session{env}{HTTP_USER_AGENT}).")");
}
#-------------------------------------------------------------------
@ -192,9 +184,8 @@ sub www_createAccountSave {
WebGUI::SQL->write("insert into users (userId,username,identifier,email,authMethod,ldapURL,connectDN,language) values ($uid, ".quote($username).", ".quote($encryptedPassword).", ".quote($session{form}{email}).", ".quote($session{setting}{authMethod}).", ".quote($session{setting}{ldapURL}).", ".quote($connectDN).", ".quote($session{form}{language}).")");
($registeredUserExpire) = WebGUI::SQL->quickArray("select expireAfter from groups where groupId=2");
WebGUI::SQL->write("insert into groupings values (2,$uid,".(time()+$registeredUserExpire).")");
_login($uid,$encryptedPassword);
$output .= WebGUI::International::get(80).'<p>';
$output .= www_displayAccount();
WebGUI::Session::start($uid);
_logLogin($uid,"success");
} else {
$output = "<h1>".WebGUI::International::get(70)."</h1>".$error.www_createAccount();
}
@ -222,7 +213,6 @@ sub www_deactivateAccountConfirm {
WebGUI::SQL->write("delete from users where userId=$session{user}{userId}");
WebGUI::SQL->write("delete from groupings where userId=$session{user}{userId}");
WebGUI::Session::end($session{var}{sessionId});
_login(1,"null");
}
return www_displayLogin();
}
@ -405,10 +395,12 @@ sub www_login {
if ($auth->code == 48 || $auth->code == 49) {
$error = WebGUI::International::get(68);
WebGUI::ErrorHandler::warn("Invalid login for user account: ".$session{form}{username});
_logLogin($uid,"invalid username/password");
} elsif ($auth->code > 0) {
$error .= 'LDAP error "'.$ldapStatusCode{$auth->code}.'" occured.';
$error .= WebGUI::International::get(69);
WebGUI::ErrorHandler::warn("LDAP error: ".$ldapStatusCode{$auth->code});
_logLogin($uid,"LDAP error: ".$ldapStatusCode{$auth->code});
} else {
$success = 1;
}
@ -419,10 +411,12 @@ sub www_login {
} else {
$error = WebGUI::International::get(68);
WebGUI::ErrorHandler::warn("Invalid login for user account: ".$session{form}{username});
_logLogin($uid,"invalid username/password");
}
}
if ($success) {
_login($uid,$pass);
WebGUI::Session::start($uid);
_logLogin($uid,"success");
return "";
} else {
return "<h1>".WebGUI::International::get(70)."</h1>".$error.www_displayLogin();
@ -510,9 +504,6 @@ sub www_updateAccount {
if ($error eq "") {
$encryptedPassword = Digest::MD5::md5_base64($session{form}{identifier1});
WebGUI::SQL->write("update users set username=".quote($session{form}{username}).$passwordStatement.", email=".quote($session{form}{email}).", language=".quote($session{form}{language})." where userId=".$session{user}{userId});
if ($passwordStatement ne "") {
_login($session{user}{userId},$encryptedPassword);
}
$output .= WebGUI::International::get(81).'<p>';
$output .= www_displayAccount();
} else {

15
lib/WebGUI/Operation/Settings.pm
View file

@ -181,7 +181,10 @@ sub www_editMailSettingsSave {
#-------------------------------------------------------------------
sub www_editMiscSettings {
my ($output, @array, %notFoundPage, %yesNo);
my ($output, @array, %notFoundPage, %yesNo, %criticalError, %htmlFilter);
%htmlFilter = ('none'=>WebGUI::International::get(420), 'most'=>WebGUI::International::get(421),
'all'=>WebGUI::International::get(419));
%criticalError = ('debug'=>WebGUI::International::get(414), 'friendly'=>WebGUI::International::get(415));
%notFoundPage = (1=>WebGUI::International::get(136), 4=>WebGUI::International::get(137));
%yesNo = ('1'=>WebGUI::International::get(138), '0'=>WebGUI::International::get(139));
if (WebGUI::Privilege::isInGroup(3)) {
@ -200,6 +203,12 @@ sub www_editMiscSettings {
$array[0] = $session{setting}{preventProxyCache};
$output .= tableFormRow(WebGUI::International::get(400),
WebGUI::Form::selectList("preventProxyCache",\%yesNo,\@array));
$array[0] = $session{setting}{onCriticalError};
$output .= tableFormRow(WebGUI::International::get(413),
WebGUI::Form::selectList("onCriticalError",\%criticalError,\@array));
$array[0] = $session{setting}{filterContributedHTML};
$output .= tableFormRow(WebGUI::International::get(418),
WebGUI::Form::selectList("filterContributedHTML",\%htmlFilter,\@array));
$output .= formSave();
$output .= '</table>';
$output .= '</form> ';
@ -220,6 +229,10 @@ sub www_editMiscSettingsSave {
" where name='docTypeDec'");
WebGUI::SQL->write("update settings set value=".quote($session{form}{preventProxyCache}).
" where name='preventProxyCache'");
WebGUI::SQL->write("update settings set value=".quote($session{form}{onCriticalError}).
" where name='onCriticalError'");
WebGUI::SQL->write("update settings set value=".quote($session{form}{filterContributedHTML}).
" where name='filterContributedHTML'");
return www_manageSettings();
} else {
return WebGUI::Privilege::adminOnly();

90
lib/WebGUI/Operation/Statistics.pm
View file

@ -15,14 +15,94 @@ use HTTP::Request;
use HTTP::Headers;
use LWP::UserAgent;
use strict;
use WebGUI::DateTime;
use WebGUI::International;
use WebGUI::Paginator;
use WebGUI::Privilege;
use WebGUI::Session;
use WebGUI::Shortcut;
use WebGUI::SQL;
our @ISA = qw(Exporter);
our @EXPORT = qw(&www_viewStatistics);
our @EXPORT = qw(&www_viewStatistics &www_killSession &www_viewLoginHistory &www_viewActiveSessions);
#-------------------------------------------------------------------
sub www_killSession {
if (WebGUI::Privilege::isInGroup(3)) {
WebGUI::Session::end($session{form}{sid});
return www_viewActiveSessions();
} else {
return WebGUI::Privilege::adminOnly();
}
}
#-------------------------------------------------------------------
sub www_viewActiveSessions {
my ($output, $p, @row, $i, $sth, %data);
tie %data, 'Tie::CPHash';
if (WebGUI::Privilege::isInGroup(3)) {
$output = '<h1>'.WebGUI::International::get(425).'</h1>';
$sth = WebGUI::SQL->read("select * from users,userSession where users.userId=userSession.userId");
while (%data = $sth->hash) {
$row[$i] = '<tr class="tableData"><td>'.$data{username}.' ('.$data{userId}.')</td>';
$row[$i] .= '<td>'.$data{sessionId}.'</td>';
$row[$i] .= '<td>'.epochToHuman($data{expires},"%H:%n%p %M/%D/%y").'</td>';
$row[$i] .= '<td>'.epochToHuman($data{lastPageView},"%H:%n%p %M/%D/%y").'</td>';
$row[$i] .= '<td>'.$data{lastIP}.'</td>';
$row[$i] .= '<td align="center"><a href="'.WebGUI::URL::page("op=killSession&sid=$data{sessionId}").'">'.
'<img src="'.$session{setting}{lib}.'/delete.gif" border="0"</a></td></tr>';
$i++;
}
$sth->finish;
$p = WebGUI::Paginator->new(WebGUI::URL::page('op=viewActiveSessions'),\@row);
$output .= '<table border=1 cellpadding=5 cellspacing=0 align="center">';
$output .= '<tr class="tableHeader"><td>'.WebGUI::International::get(428).'</td>';
$output .= '<td>'.WebGUI::International::get(435).'</td>';
$output .= '<td>'.WebGUI::International::get(432).'</td>';
$output .= '<td>'.WebGUI::International::get(430).'</td>';
$output .= '<td>'.WebGUI::International::get(431).'</td>';
$output .= '<td>'.WebGUI::International::get(436).'</td></tr>';
$output .= $p->getPage($session{form}{pn});
$output .= '</table>';
$output .= $p->getBarTraditional($session{form}{pn});
} else {
$output = WebGUI::Privilege::adminOnly();
}
return $output;
}
#-------------------------------------------------------------------
sub www_viewLoginHistory {
my ($output, $p, @row, $i, $sth, %data);
tie %data, 'Tie::CPHash';
if (WebGUI::Privilege::isInGroup(3)) {
$output = '<h1>'.WebGUI::International::get(426).'</h1>';
$sth = WebGUI::SQL->read("select * from users,userLoginLog where users.userId=userLoginLog.userId order by userLoginLog.timeStamp");
while (%data = $sth->hash) {
$data{username} = 'unknown user' if ($data{userId} == 0);
$row[$i] = '<tr class="tableData"><td>'.$data{username}.' ('.$data{userId}.')</td>';
$row[$i] .= '<td>'.$data{status}.'</td>';
$row[$i] .= '<td>'.epochToHuman($data{timeStamp},"%H:%n%p %M/%D/%y").'</td>';
$row[$i] .= '<td>'.$data{ipAddress}.'</td>';
$row[$i] .= '<td>'.$data{userAgent}.'</td></tr>';
$i++;
}
$sth->finish;
$p = WebGUI::Paginator->new(WebGUI::URL::page('op=viewLoginHistory'),\@row);
$output .= '<table border=1 cellpadding=5 cellspacing=0 align="center">';
$output .= '<tr class="tableHeader"><td>'.WebGUI::International::get(428).'</td>';
$output .= '<td>'.WebGUI::International::get(434).'</td>';
$output .= '<td>'.WebGUI::International::get(429).'</td>';
$output .= '<td>'.WebGUI::International::get(431).'</td>';
$output .= '<td>'.WebGUI::International::get(433).'</td></tr>';
$output .= $p->getPage($session{form}{pn});
$output .= '</table>';
$output .= $p->getBarTraditional($session{form}{pn});
} else {
$output = WebGUI::Privilege::adminOnly();
}
return $output;
}
#-------------------------------------------------------------------
sub www_viewStatistics {
@ -40,15 +120,17 @@ sub www_viewStatistics {
$version = $response->content;
chomp $version;
$output .= helpLink(12);
$output .= '<h1>'.WebGUI::International::get(144).'</h1>';
$output .= '<h1>'.WebGUI::International::get(437).'</h1>';
$output .= '<table>';
$output .= '<tr><td class="tableHeader">'.WebGUI::International::get(145).'</td><td class="tableData">'.$WebGUI::VERSION.' ('.WebGUI::International::get(349).': '.$version.')</td></tr>';
($data) = WebGUI::SQL->quickArray("select count(*) from userSession");
$output .= '<tr><td class="tableHeader">'.WebGUI::International::get(146).'</td><td class="tableData">'.$data.'</td></tr>';
$output .= '<tr><td class="tableHeader">'.WebGUI::International::get(146).'</td><td class="tableData">'.$data.' (<a href="'.WebGUI::URL::page("op=viewActiveSessions").'">'.WebGUI::International::get(423).'</a> / <a href="'.WebGUI::URL::page("op=viewLoginHistory").'">'.WebGUI::International::get(424).'</a>)</td></tr>';
($data) = WebGUI::SQL->quickArray("select count(*)+1 from page where parentId>25");
$output .= '<tr><td class="tableHeader">'.WebGUI::International::get(147).'</td><td class="tableData">'.$data.'</td></tr>';
($data) = WebGUI::SQL->quickArray("select count(*) from page where pageId>25 or pageId=0");
($data) = WebGUI::SQL->quickArray("select count(*)-1 from widget");
$output .= '<tr><td class="tableHeader">'.WebGUI::International::get(148).'</td><td class="tableData">'.$data.'</td></tr>';
($data) = WebGUI::SQL->quickArray("select count(*) from style where styleId>25");
$output .= '<tr><td class="tableHeader">'.WebGUI::International::get(427).'</td><td class="tableData">'.$data.'</td></tr>';
($data) = WebGUI::SQL->quickArray("select count(*) from users where userId>25");
$output .= '<tr><td class="tableHeader">'.WebGUI::International::get(149).'</td><td class="tableData">'.$data.'</td></tr>';
($data) = WebGUI::SQL->quickArray("select count(*) from groups where groupId>25");

8
lib/WebGUI/Operation/User.pm
View file

@ -91,14 +91,10 @@ sub www_addUserSave {
#-------------------------------------------------------------------
sub www_becomeUser {
my ($cookieInfo, $output, $password);
my ($output);
if (WebGUI::Privilege::isInGroup(3)) {
($password) = WebGUI::SQL->quickArray("select identifier from users where userId='$session{form}{uid}'");
WebGUI::Session::end($session{var}{sessionId});
$cookieInfo = $session{form}{uid}."|".crypt($password,"yJ");
WebGUI::Session::end($cookieInfo);
WebGUI::Session::start($cookieInfo);
WebGUI::Session::setCookie("wgSession",$cookieInfo);
WebGUI::Session::start($session{form}{uid});
$output = "";
} else {
$output = WebGUI::Privilege::adminOnly();

8
lib/WebGUI/Privilege.pm
View file

@ -34,13 +34,15 @@ sub adminOnly {
#-------------------------------------------------------------------
sub canEditPage {
if ($session{page}{worldEdit}) {
my ($isContentManager);
$isContentManager = isInGroup(4);
if ($session{page}{worldEdit} && $isContentManager) {
return 1;
} elsif ($session{user}{userId} eq $session{page}{ownerId} && $session{page}{ownerEdit}) {
} elsif ($session{user}{userId} eq $session{page}{ownerId} && $session{page}{ownerEdit} && $isContentManager) {
return 1;
} elsif (isInGroup(3)) {
return 1;
} elsif (isInGroup($session{page}{groupId}) && $session{page}{groupEdit}) {
} elsif (isInGroup($session{page}{groupId}) && $session{page}{groupEdit} && $isContentManager) {
return 1;
} else {
return 0;

41
lib/WebGUI/Session.pm
View file

@ -23,6 +23,13 @@ our @EXPORT = qw(%session);
our %session = ();
tie %session, 'Tie::CPHash';
#-------------------------------------------------------------------
sub _generateSessionId {
my ($sessionId);
$sessionId = crypt(time(),rand(99));
return $sessionId;
}
#-------------------------------------------------------------------
sub _getPageInfo {
my (%page, $pageId, $pageName);
@ -31,6 +38,8 @@ sub _getPageInfo {
if ($pageId eq "") {
$pageName = lc($ENV{PATH_INFO});
$pageName =~ s/\///;
$pageName =~ s/\'//;
$pageName =~ s/\"//;
if ($pageName ne "") {
($pageId) = WebGUI::SQL->quickArray("select pageId from page where urlizedTitle='".$pageName."'",$_[1]);
if ($pageId eq "") {
@ -60,16 +69,12 @@ sub _getSessionVars {
#-------------------------------------------------------------------
sub _getUserInfo {
my (%user, $uid, $encryptedPassword);
my (%user, $uid);
tie %user, 'Tie::CPHash';
if ($_[0] ne "") {
($uid, $encryptedPassword) = split(/\|/,$_[0]);
} else {
$uid = 1;
}
$uid = $_[0] || 1;
%user = WebGUI::SQL->quickHash("select * from users where userId='$uid'", $_[1]);
if ($user{userId} eq "") {
%user = _getUserInfo("1|none",$_[1]);
%user = _getUserInfo("1",$_[1]);
}
return %user;
}
@ -129,7 +134,7 @@ sub open {
}
%SETTINGS = WebGUI::SQL->buildHash("select name,value from settings",$dbh);
%VARS = _getSessionVars($COOKIES{wgSession},$dbh,$SETTINGS{sessionTimeout});
%USER = _getUserInfo($VARS{sessionId},$dbh);
%USER = _getUserInfo($VARS{userId},$dbh);
$CGI::POST_MAX=1024 * $SETTINGS{maxAttachmentSize};
%PAGE = _getPageInfo("",$dbh,$SETTINGS{notFoundPage},$CONFIG{scripturl});
%session = (
@ -166,7 +171,7 @@ sub refreshSessionVars {
tie %VARS, 'Tie::CPHash';
%VARS = _getSessionVars($_[0],$session{dbh},$session{setting}{sessionTimeout});
$session{var} = \%VARS;
refreshUserInfo($session{var}{sessionId});
refreshUserInfo($session{var}{userId});
}
#-------------------------------------------------------------------
@ -184,17 +189,13 @@ sub setCookie {
#-------------------------------------------------------------------
sub start {
my (%user, $uid, $encryptedPassword);
($uid, $encryptedPassword) = split(/\|/,$_[0]);
tie %user, 'Tie::CPHash';
%user = WebGUI::SQL->quickHash("select * from users where userId='$uid'", $session{dbh});
if (crypt($user{identifier},"yJ") eq $encryptedPassword) {
WebGUI::SQL->write("insert into userSession values ('$_[0]', ".(time()+$session{setting}{sessionTimeout}).", ".time().", 0, '$ENV{REMOTE_ADDR}', $uid)",$session{dbh});
refreshSessionVars($_[0]);
return 1;
} else {
return 0;
}
my ($sessionId);
$sessionId = _generateSessionId();
WebGUI::SQL->write("insert into userSession values ('$sessionId', ".
(time()+$session{setting}{sessionTimeout}).", ".
time().", 0, '$ENV{REMOTE_ADDR}', $_[0])",$session{dbh});
setCookie("wgSession",$sessionId);
refreshSessionVars($sessionId);
}
1;

2
lib/WebGUI/Widget/Article.pm
View file

@ -17,6 +17,7 @@ use Tie::CPHash;
use WebGUI::Attachment;
use WebGUI::DateTime;
use WebGUI::Discussion;
use WebGUI::HTML;
use WebGUI::International;
use WebGUI::Macro;
use WebGUI::Privilege;
@ -35,6 +36,7 @@ sub _showReplies {
$html .= '<tr><td class="tableHeader">'.WebGUI::International::get(229).'</td><td class="tableHeader">'.WebGUI::International::get(22,$namespace).'</td><td class="tableHeader">'.WebGUI::International::get(23,$namespace).'</td></tr>';
$sth = WebGUI::SQL->read("select messageId,subject,username,dateOfPost,userId from discussion where widgetId=$session{form}{wid} and pid=0 order by messageId desc");
while (@data = $sth->array) {
$data[1] = WebGUI::HTML::filter($data[1],'all');
$html .= '<tr';
if ($data[0] == $session{form}{mid}) {
$html .= ' class="highlight"';

4
lib/WebGUI/Widget/MessageBoard.pm
View file

@ -16,6 +16,7 @@ use strict;
use Tie::CPHash;
use WebGUI::DateTime;
use WebGUI::Discussion;
use WebGUI::HTML;
use WebGUI::International;
use WebGUI::Macro;
use WebGUI::Privilege;
@ -319,6 +320,7 @@ sub www_showMessage {
'</td><td class="tableHeader">'.WebGUI::International::get(15,$namespace).
'</td><td class="tableHeader">'.WebGUI::International::get(16,$namespace).'</td></tr>';
@data = WebGUI::SQL->quickArray("select messageId,subject,username,dateOfPost,userId from discussion where messageId=$message{rid}");
$data[1] = WebGUI::HTML::filter($data[1],'all');
$html .= '<tr';
if ($session{form}{mid} eq $message{rid}) {
$html .= ' class="highlight"';
@ -365,8 +367,10 @@ sub www_view {
#$sth = WebGUI::SQL->read("select messageId,subject,count(*)-1,username,dateOfPost,max(dateOfPost),max(messageId) from discussion where widgetId=$_[0] group by rid order by messageId desc");
$sth = WebGUI::SQL->read("select messageId,subject,username,dateOfPost,userId from discussion where widgetId=$_[0] and pid=0 order by messageId desc");
while (@data = $sth->array) {
$data[1] = WebGUI::HTML::filter($data[1],'all');
if ($i >= ($itemsPerPage*$pn) && $i < ($itemsPerPage*($pn+1))) {
@last = WebGUI::SQL->quickArray("select messageId,dateOfPost,username,subject,userId from discussion where widgetId=$_[0] and rid=$data[0] order by dateOfPost desc");
$last[3] = WebGUI::HTML::filter($last[3],'all');
($replies) = WebGUI::SQL->quickArray("select count(*)-1 from discussion where rid=$data[0]");
$html .= '<tr><td class="tableData"><a href="'.WebGUI::URL::page('func=showMessage&mid='.
$data[0].'&wid='.$_[0]).'">'.substr($data[1],0,30).

2
lib/WebGUI/Widget/SiteMap.pm
View file

@ -183,7 +183,7 @@ sub www_edit {
sub www_editSave {
if (WebGUI::Privilege::canEditPage()) {
update();
WebGUI::SQL->write("update SiteMap set startAtThisLevel='$session{form}{startAtThisLevel}', depth='$session{form}{depth}', indent='$session{form}{indent}', bullet=".quote($session{form}{bullet}).", lineSpacing='$session{form}{lineSpacing}' where widgetId=$session{form}{wid}");
WebGUI::SQL->write("update SiteMap set startAtThisLevel='$session{form}{startAtThisLevel}', depth='$session{form}{depth}', indent='$session{form}{indent}', bullet=".quote($session{form}{bullet}).", lineSpacing='$session{form}{lineSpacing}', displaySynopsis='$session{form}{displaySynopsis}' where widgetId=$session{form}{wid}");
return "";
} else {
return WebGUI::Privilege::insufficient();

7
lib/WebGUI/Widget/UserSubmission.pm
View file

@ -16,6 +16,7 @@ use strict;
use Tie::CPHash;
use WebGUI::Attachment;
use WebGUI::DateTime;
use WebGUI::HTML;
use WebGUI::International;
use WebGUI::Macro;
use WebGUI::MessageLog;
@ -129,6 +130,7 @@ sub www_addSubmission {
$output .= '<tr><td class="tableHeader">'.WebGUI::International::get(15,$namespace).'</td><td class="tableHeader">'.WebGUI::International::get(99).'</td><td class="tableHeader">'.WebGUI::International::get(13,$namespace).'</td><td class="tableHeader">'.WebGUI::International::get(14,$namespace).'</td></tr>';
$sth = WebGUI::SQL->read("select title,submissionId,dateSubmitted,status from UserSubmission_submission where widgetId='$session{form}{wid}' and userId=$session{user}{userId} order by dateSubmitted desc");
while (@submission = $sth->array) {
$submission[0] = WebGUI::HTML::filter($submission[0],'all');
$output .= '<tr><td class="tableData"><a href="'.WebGUI::URL::page('func=editSubmission&wid='.
$session{form}{wid}.'&sid='.$submission[1]).'"><img src="'.$session{setting}{lib}.
'/edit.gif" border=0></a><a href="'.WebGUI::URL::page('wid='.$session{form}{wid}.
@ -341,7 +343,7 @@ sub www_editSubmission {
$output .= WebGUI::Form::hidden("func","editSubmissionSave");
$output .= '<table>';
$output .= tableFormRow(WebGUI::International::get(35,$namespace),WebGUI::Form::text("title",20,128,$submission{title}));
$output .= tableFormRow(WebGUI::International::get(31,$namespace),WebGUI::Form::textArea("content",$submission{content},50,10));
$output .= tableFormRow(WebGUI::International::get(31,$namespace),WebGUI::Form::textArea("content",$submission{content},50,10,1));
if ($submission{image} ne "") {
$output .= tableFormRow(WebGUI::International::get(32,$namespace),'<a href="'.
WebGUI::URL::page('func=deleteImage&wid='.$session{form}{wid}.'&sid='.
@ -419,6 +421,7 @@ sub www_view {
}
$sth = WebGUI::SQL->read("select title,submissionId,dateSubmitted,username,userId from UserSubmission_submission where widgetId='$_[0]' and status='Approved' order by dateSubmitted desc");
while (@submission = $sth->array) {
$submission[0] = WebGUI::HTML::filter($submission[0],'all');
$row[$i] = '<tr><td class="tableData"><a href="'.WebGUI::URL::page('wid='.$_[0].
'&func=viewSubmission&sid='.$submission[1]).'">'.$submission[0].
'</a></td><td class="tableData">'.epochToHuman($submission[2],"%M/%D/%y").
@ -447,6 +450,8 @@ sub www_viewSubmission {
my ($output, %submission, $file);
tie %submission, 'Tie::CPHash';
%submission = WebGUI::SQL->quickHash("select * from UserSubmission_submission where submissionId=$session{form}{sid}");
$submission{title} = WebGUI::HTML::filter($submission{title},'all');
$submission{content} = WebGUI::HTML::filter($submission{content},$session{setting}{filterContributedHTML});
$output = "<h1>".$submission{title}."</h1>";
$output .= '<table width="100%" cellpadding=2 cellspacing=1 border=0>';
$output .= '<tr><td class="tableHeader">';