Add account info page, enforce access levels, cosmetic cleanup.

20 years ago · 236c4e3b78
parent 4b20893f32
commit 236c4e3b78
8 changed files with 249 additions and 134 deletions
--- a/www/account.php
+++ b/www/account.php
@ -1,6 +1,6 @@
 <?php
 //
-// "$Id: account.php,v 1.7 2004/05/19 02:57:18 mike Exp $"
+// "$Id: account.php,v 1.8 2004/05/19 14:02:38 mike Exp $"
 //
 // Account management page...
 //
@ -19,9 +19,9 @@ include_once "phplib/str.php";
 //
 $levels = array(
-  0 => "User",
+  AUTH_USER => "User",
-  50 => "Devel",
+  AUTH_DEVEL => "Devel",
-  100 => "Admin"
+  AUTH_ADMIN => "Admin"
 );
@ -32,13 +32,17 @@ $levels = array(
 function
 account_header($title)
 {
  global $PHP_SELF, $LOGIN_USER, $LOGIN_LEVEL;
  html_header("$title");
  html_start_links(1);
-  html_link("$title", "$PHP_SELF?L");
+  html_link("$LOGIN_USER", "$PHP_SELF");
  html_link("Manage Accounts", "$PHP_SELF?A");
  html_link("Manage Comments", "comment.php?l");
  html_link("Change Password", "$PHP_SELF?P");
  if ($LOGIN_LEVEL == AUTH_ADMIN)
    html_link("Manage Accounts", "$PHP_SELF?A");
  if ($LOGIN_LEVEL > AUTH_USER)
    html_link("New/Pending", "$PHP_SELF?L");
  html_link("Logout", "$PHP_SELF?X");
  html_end_links();
@ -61,12 +65,18 @@ if ($argc >= 1)
  $data = substr($argv[0], 1);
 }
 else
-  $op = "L";
+  $op = "";
 switch ($op)
 {
  case 'A' :
      // Manage accounts...
      if ($LOGIN_LEVEL < AUTH_ADMIN)
      {
        header("Location: $PHP_SELF");
 	exit();
      }
      if ($data == "add")
      {
 	if ($REQUEST_METHOD == "POST")
@ -100,7 +110,7 @@ switch ($op)
          if (array_key_exists("LEVEL", $_POST))
 	    $level = (int)$_POST["LEVEL"];
 	  else
-	    $level = 0;
+	    $level = AUTH_USER;
          if ($name != "" && $email != "" &&
 	      (($password == "" && $password2 == "") ||
@ -121,7 +131,7 @@ switch ($op)
 	  $havedata     = 0;
 	}
-	account_header("Manage Accounts");
+	account_header("Add Account");
 	if ($havedata)
 	{
@ -161,20 +171,14 @@ switch ($op)
 	       ."<tr><th align='right'>Access Level:</th>"
 	       ."<td><select name='LEVEL'>");
-          if ($level == 0)
+          reset($levels);
-	    print("<option value='0' selected>User</option>");
+	  while (list($key, $val) = each($levels))
-	  else
+	  {
-	    print("<option value='0'>User</option>");
+	    if ($level == $key)
-
+	      print("<option value='$key' selected>$val</option>");
          if ($level == 50)
 	    print("<option value='50' selected>Devel</option>");
 	  else
 	    print("<option value='50'>Devel</option>");
          if ($level == 100)
 	    print("<option value='100' selected>Admin</option>");
 	    else
-	    print("<option value='100'>Admin</option>");
+	      print("<option value='$key'>$val</option>");
          }
 	  print("</select></td></tr>\n"
 	       ."<tr><th align='right'>Password:</th>"
@ -248,7 +252,7 @@ switch ($op)
          if (array_key_exists("LEVEL", $_POST))
 	    $level = (int)$_POST["LEVEL"];
 	  else
-	    $level = 0;
+	    $level = AUTH_USER;
          if ($email != "" &&
 	      (($password == "" && $password2 == "") ||
@ -279,7 +283,7 @@ switch ($op)
 	  db_free($result);
 	}
-	account_header("Manage Accounts");
+	account_header("Modify $name");
 	if ($havedata)
 	{
@ -330,20 +334,14 @@ switch ($op)
 	  {
 	    print("<select name='LEVEL'>");
-            if ($level == 0)
+            reset($levels);
-	      print("<option value='0' selected>User</option>");
+	    while (list($key, $val) = each($levels))
-	    else
+	    {
-	      print("<option value='0'>User</option>");
+	      if ($level == $key)
-
+		print("<option value='$key' selected>$val</option>");
            if ($level == 50)
 	      print("<option value='50' selected>Devel</option>");
 	    else
 	      print("<option value='50'>Devel</option>");
            if ($level == 100)
 	      print("<option value='100' selected>Admin</option>");
 	      else
-	      print("<option value='100'>Admin</option>");
+		print("<option value='$key'>$val</option>");
            }
 	    print("</select>");
 	  }
@ -410,6 +408,12 @@ switch ($op)
  case 'L' :
      // List
      if ($LOGIN_LEVEL < AUTH_DEVEL)
      {
        header("Location: $PHP_SELF");
 	exit();
      }
      account_header("New/Pending");
      $email = db_escape($_COOKIE["FROM"]);
@ -515,6 +519,36 @@ switch ($op)
      db_free($result);
      // Show hidden comments...
      print("<h2>Hidden Comments:</h2>\n");
      $result = db_query("SELECT * FROM comment WHERE status = 0 ORDER BY id");
      if (db_count($result) == 0)
        print("<p>No hidden comments.</p>\n");
      else
      {
        print("<ul>\n");
        while ($row = db_next($result))
 	{
 	  $create_date  = date("M d, Y", $row['date']);
 	  $create_user  = sanitize_email($row['create_user']);
 	  $contents     = sanitize_text($row['contents']);
          $location     = str_replace("_", "?", $row['url']);
 	  print("<li><a href='$location'>$row[url]</a> "
 	       ." by $create_user on $create_date "
 	       ."[&nbsp;<a href='comment.php?e$row[id]+p$row[url]'>Edit</a> "
 	       ."| <a href='comment.php?d$row[id]+p$row[url]'>Delete</a>&nbsp;"
 	       ."]<br /><tt>$contents</tt></li>\n");
 	}
        print("</ul>\n");
      }
      db_free($result);
      html_footer();
      break;
@ -547,10 +581,29 @@ switch ($op)
      html_footer();
      break;
  default :
      // Show account info...
      account_header($LOGIN_USER);
      if (array_key_exists("FROM", $_COOKIE))
        $email = htmlspecialchars($_COOKIE["FROM"]);
      else
        $email = "<i>unknown</i>";
      print("<center><table border='0'>\n"
           ."<tr><th align='right'>Username:</th><td>$LOGIN_USER</td></tr>\n"
 	   ."<tr><th align='right'>EMail:</th><td>$email</td></tr>\n"
 	   ."<tr><th align='right'>Access Level:</th>"
 	   ."<td>$levels[$LOGIN_LEVEL]</td></tr>\n"
 	   ."</table></center>\n");
      html_footer();
      break;
 }
 //
-// End of "$Id: account.php,v 1.7 2004/05/19 02:57:18 mike Exp $".
+// End of "$Id: account.php,v 1.8 2004/05/19 14:02:38 mike Exp $".
 //
 ?>
--- a/www/articles.php
+++ b/www/articles.php
@ -1,6 +1,6 @@
 <?php
 //
-// "$Id: articles.php,v 1.7 2004/05/19 03:26:36 mike Exp $"
+// "$Id: articles.php,v 1.8 2004/05/19 14:02:38 mike Exp $"
 //
 // Web form for the article table...
 //
@ -56,10 +56,10 @@ if ($argc)
    exit();
  }
-  if (($op == 'D' || $op == 'M' && $op != 'B') && $LOGIN_USER == "")
+  if (($op == 'D' || $op == 'M' && $op != 'B') && $LOGIN_LEVEL < AUTH_DEVEL)
  {
    html_header("Article Error");
-    print("<p>Command '$op' requires a login!\n");
+    print("<p>You don't have permission to use command '$op'!\n");
    html_footer();
    exit();
  }
@ -221,7 +221,7 @@ switch ($op)
 	html_start_links(1);
 	html_link("Return to Articles", "$PHP_SELF?L$options");
 	html_link("Show Comments", "#_USER_COMMENTS");
-	if ($LOGIN_USER)
+	if ($LOGIN_LEVEL >= AUTH_DEVEL)
 	{
 	  html_link("Modify Article</A>", "$PHP_SELF?M$id$options");
 	  html_link("Delete Article #$id</A>", "$PHP_SELF?D$id$options");
@ -261,7 +261,7 @@ switch ($op)
        html_header("Articles");
 	html_start_links(1);
-	html_link("Post New Article", "$PHP_SELF?N$options");
+	html_link("Submit Article", "$PHP_SELF?N$options");
 	html_end_links();
        print("<h1>Articles</h1>\n");
@ -276,7 +276,7 @@ switch ($op)
        $query = "";
 	$prefix = "WHERE ";
-        if (!$LOGIN_USER)
+        if ($LOGIN_LEVEL < AUTH_DEVEL)
 	{
 	  $query .= "${prefix}is_published = 1";
 	  $prefix = " AND ";
@ -367,7 +367,7 @@ switch ($op)
        print("<p>$count article(s) found, showing $start to $end:</p>\n");
-        if ($LOGIN_USER)
+        if ($LOGIN_LEVEL >= AUTH_DEVEL)
 	  print("<form method='POST' action='$PHP_SELF?B$options'>\n");
        if ($count > $PAGE_MAX)
@ -401,7 +401,7 @@ switch ($op)
 	  $link = "<a href='$PHP_SELF?L$id$options' alt='Article #$id'>";
          print("<td nowrap>");
-          if ($LOGIN_USER)
+          if ($LOGIN_LEVEL >= AUTH_DEVEL)
 	    print("<input type='checkbox' name='ID_$row[id]'>");
          print("$link$id</a></td>");
@ -415,8 +415,8 @@ switch ($op)
          $temp = date("M d, Y", $row['modify_date']);
          print("<td align='center'>$link$temp</a></td>");
-          $count = count_comments("articles.php_L$id");
+          $ccount = count_comments("articles.php_L$id");
-          print("<td align='center'>$link$count</a></td>");
+          print("<td align='center'>$link$ccount</a></td>");
          html_end_row();
@ -426,7 +426,7 @@ switch ($op)
          html_end_row();
 	}
-        if ($LOGIN_USER)
+        if ($LOGIN_LEVEL > 0)
 	{
 	  html_start_row("header");
@ -486,8 +486,8 @@ switch ($op)
 	else
 	  $contents = "";
-        if (($is_published == 0 || $LOGIN_USER) && $title != "" &&
+        if (($is_published == 0 || $LOGIN_LEVEL >= AUTH_DEVEL) &&
-	    $abstract != "" && $contents != "")
+	    $title != "" && $abstract != "" && $contents != "")
          $havedata = 1;
 	else
          $havedata = 0;
@ -577,7 +577,9 @@ switch ($op)
  case 'N' : // Post new Article
      if ($REQUEST_METHOD == "POST")
      {
-        if (array_key_exists("IS_PUBLISHED", $_POST))
+        if ($LOGIN_LEVEL < AUTH_DEVEL)
 	  $is_published = 0;
 	else if (array_key_exists("IS_PUBLISHED", $_POST))
 	  $is_published = (int)$_POST["IS_PUBLISHED"];
 	else
 	  $is_published = 0;
@ -602,8 +604,8 @@ switch ($op)
 	else
 	  $create_user = "";
-        if (($is_published == 0 || $LOGIN_USER) && $title != "" &&
+        if (($is_published == 0 || $LOGIN_LEVEL >= AUTH_DEVEL) &&
-	    $abstract != "" && $contents != "")
+	    $title != "" && $abstract != "" && $contents != "")
          $havedata = 1;
 	else
          $havedata = 0;
@ -641,14 +643,25 @@ switch ($op)
 	break;
      }
-      html_header("Post New Article");
+      html_header("Submit Article");
      html_start_links(1);
      html_link("Return to Articles", "$PHP_SELF?L$options");
      html_end_links();
-      print("<h1>Post New Article</h1>\n");
+      print("<h1>Submit Article</h1>\n");
      if ($REQUEST_METHOD == "POST")
      {
 	print("<p><b>Error:</b> Please fill in the fields marked in "
 	     ."<b><font color='red'>bold red</font></b> below and resubmit "
 	     ."your article.</p><hr noshade/>\n");
 	$hstart = "<font color='red'>";
 	$hend   = "</font>";
      }
      else
      {
 	print("<p>Please use this form to post announcements, how-to's, "
             ."examples, and case studies showing how you use $PROJECT. "
 	     ."We will proofread your article, and if we determine it is "
@ -656,10 +669,14 @@ switch ($op)
 	     ."on the site. <i>Thank you</i> for supporting $PROJECT!</p>\n"
 	     ."<hr noshade/>\n");
 	$hstart = "";
 	$hend   = "";
      }
      print("<form method='post' action='$PHP_SELF?N$options'>"
 	   ."<p><table width='100%' cellpadding='5' cellspacing='0' border='0'>\n");
-      if ($LOGIN_USER != "")
+      if ($LOGIN_LEVEL >= AUTH_DEVEL)
      {
        print("<tr><th align='right'>Published:</th><td>");
        select_is_published($is_published);
@ -670,26 +687,38 @@ switch ($op)
      $title = htmlspecialchars($title, ENT_QUOTES);
-      print("<tr><th align='right'>Title:</th>"
+      if ($title == "")
-	   ."<td><input type='text' name='TITLE' "
+	print("<tr><th align='right'>${hstart}Title:${hend}</th>");
      else
 	print("<tr><th align='right'>Title:</th>");
      print("<td><input type='text' name='TITLE' "
 	   ."size='40' value='$title'></td></tr>\n");
      $abstract = htmlspecialchars($abstract, ENT_QUOTES);
-      print("<tr><th align='right'>Abstract:</th>"
+      if ($abstract == "")
-	   ."<td><input type='text' name='ABSTRACT' "
+	print("<tr><th align='right'>${hstart}Abstract:${hend}</th>");
      else
 	print("<tr><th align='right'>Abstract:</th>");
      print("<td><input type='text' name='ABSTRACT' "
 	   ."size='40' value='$abstract'></td></tr>\n");
-      $author = htmlspecialchars($author, ENT_QUOTES);
+      $create_user = htmlspecialchars($create_user, ENT_QUOTES);
-      print("<tr><th align='right'>Author:</th>"
+      if ($create_user == "")
-	   ."<td><input type='text' name='CREATE_USER' "
+	print("<tr><th align='right'>${hstart}Author:${hend}</th>");
-	   ."size='40' value='$author'></td></tr>\n");
+      else
 	print("<tr><th align='right'>Author:</th>");
      print("<td><input type='text' name='CREATE_USER' "
 	   ."size='40' value='$create_user'></td></tr>\n");
      $contents = htmlspecialchars($contents, ENT_QUOTES);
-      print("<tr><th align='right' valign='top'>Contents:</th>"
+      if ($contents == "")
-	   ."<td><textarea name='CONTENTS' "
+	print("<tr><th align='right' valign='top'>${hstart}Contents:${hend}</th>");
      else
 	print("<tr><th align='right' valign='top'>Contents:</th>");
      print("<td><textarea name='CONTENTS' "
 	   ."cols='80' rows='10' wrap='virtual'>"
 	   ."$contents</textarea>\n"
 	   ."<p>The contents of the article may contain the following "
@ -700,7 +729,7 @@ switch ($op)
 	   ."<tt>TT</tt>, <tt>U</tt>, <tt>UL</tt></p></td></tr>\n");
      print("<tr><th colspan='2'>"
-	   ."<input type='submit' value='Create Article'></th></tr>\n");
+	   ."<input type='submit' value='Submit Article'></th></tr>\n");
      print("</table></p></form>\n");
      html_footer();
@ -709,6 +738,6 @@ switch ($op)
 //
-// End of "$Id: articles.php,v 1.7 2004/05/19 03:26:36 mike Exp $".
+// End of "$Id: articles.php,v 1.8 2004/05/19 14:02:38 mike Exp $".
 //
 ?>
--- a/www/comment.php
+++ b/www/comment.php
@ -1,6 +1,6 @@
 <?php
 //
-// "$Id: comment.php,v 1.4 2004/05/19 03:26:36 mike Exp $"
+// "$Id: comment.php,v 1.5 2004/05/19 14:02:38 mike Exp $"
 //
 // Comment and moderation interface for PHP pages...
 //
@ -18,7 +18,6 @@ include_once "phplib/common.php";
 //
 $op       = "";
 $link     = "";
 $path     = "";
 $refer_id = 0;
 $id       = 0;
@ -58,7 +57,7 @@ for ($i = 0; $i < $argc; $i ++)
 }
 if ($op == "" || ($path == "" && $op != "l" && $op != "L") ||
-    (($op == 'd' || $op == 'D' || $op == 'l') && !$LOGIN_USER))
+    (($op == 'd' || $op == 'D' || $op == 'l') && $LOGIN_LEVEL < AUTH_DEVEL))
 {
  header("Location: index.php");
 }
@ -107,7 +106,11 @@ else
 	  else
 	    $contents = "";
-          if ($create_user != "" && $contents != "" && $file != "")
+          if (strpos($contents, "http:") === false &&
 	      strpos($contents, "https:") === false &&
 	      strpos($contents, "ftp:") === false &&
 	      strpos($contents, "mailto:") === false &&
              $contents != "" && $create_user != "" && $file != "")
 	    $havedata = 1;
          if ($create_user != "" && $id == 0 && !$LOGIN_USER)
@ -228,7 +231,7 @@ else
 	         ."<td><textarea name='MESSAGE' cols='70' rows='8' "
 		 ."wrap='virtual'>$contents</textarea></td></tr>\n");
-          if ($LOGIN_USER)
+          if ($LOGIN_LEVEL >= AUTH_DEVEL)
 	  {
 	    print("<tr><th align='right'>File Path:</th>"
 		 ."<td><input type='text' name='FILE' value='$path' "
@ -265,7 +268,7 @@ else
        html_header("Comments");
 	print("<h1>Comments</h1>\n");
-        if (!$LOGIN_USER)
+        if ($LOGIN_LEVEL < AUTH_DEVEL)
 	{
 	  $result = db_query("SELECT * FROM comment WHERE status = 1 AND "
 	                    ."url LIKE '${listpath}%' ORDER BY id");
@ -276,19 +279,19 @@ else
 	  {
 	    $result = db_query("SELECT * FROM comment WHERE "
 	                      ."url LIKE '${listpath}%' ORDER BY id");
-	    print("<p>[ <a href='$PHP_SELF?l'>Show Hidden Comments</a> ]</p>\n");
+	    print("<p>[&nbsp;<a href='$PHP_SELF?l'>Show Hidden Comments</a>&nbsp;]</p>\n");
 	  }
          else
 	  {
 	    $result = db_query("SELECT * FROM comment WHERE status = 0 AND "
                              ."url LIKE '${listpath}%' ORDER BY id");
-	    print("<p>[ <a href='$PHP_SELF?L'>Show All Comments</a> ]</p>\n");
+	    print("<p>[&nbsp;<a href='$PHP_SELF?L'>Show All Comments</a>&nbsp;]</p>\n");
 	  }
        }
 	if (db_count($result) == 0)
 	{
-	  if ($LOGIN_USER && $op == 'l')
+	  if ($LOGIN_LEVEL >= AUTH_DEVEL && $op == 'l')
            print("<p>No hidden comments.</p>\n");
 	  else
            print("<p>No visible comments.</p>\n");
@ -304,10 +307,10 @@ else
 	    $contents     = sanitize_text($row['contents']);
            $location     = str_replace("_", "?", $row['url']);
-	    print("<li><a href='${link}$location'>$row[url]</a> "
+	    print("<li><a href='$location'>$row[url]</a> "
 	         ." by $create_user on $create_date "
-	         ."[ <a href='$PHP_SELF?e$row[id]+p$row[url]'>Edit</a> "
+	         ."[&nbsp;<a href='$PHP_SELF?e$row[id]+p$row[url]'>Edit</a> "
-	         ."| <a href='$PHP_SELF?d$row[id]+p$row[url]'>Delete</a> "
+	         ."| <a href='$PHP_SELF?d$row[id]+p$row[url]'>Delete</a>&nbsp;"
 		 ."]<br /><tt>$contents</tt></li>\n");
 	  }
@ -357,6 +360,6 @@ else
 }
 //
-// End of "$Id: comment.php,v 1.4 2004/05/19 03:26:36 mike Exp $".
+// End of "$Id: comment.php,v 1.5 2004/05/19 14:02:38 mike Exp $".
 //
 ?>
--- a/www/index.php
+++ b/www/index.php
@ -1,6 +1,6 @@
 <?php
 //
-// "$Id: index.php,v 1.2 2004/05/19 01:39:04 mike Exp $"
+// "$Id: index.php,v 1.3 2004/05/19 14:02:38 mike Exp $"
 //
 // Mini-XML home page...
 //
@ -19,8 +19,10 @@ print("<p><table width='100%' height='100%' border='0' cellpadding='0' "
 html_start_table(array("Quick Info"), "100%", "100%");
 html_start_row();
 print("<td>"
-     ."<p align='center'>Current Release: <a href='software.php'>v1.3, "
+     ."<p align='center'>Stable Release: <a href='software.php?1.3'>v1.3, "
-     ."December 21, 2003</a></p>\n"
+     ."December 21, 2003</a><br />"
     ."Developer Release: <a href='software.php?2.0rc1'>v2.0rc1, "
     ."May 20, 2004</a></p>\n"
     ."<small><p>Mini-XML is a small XML parsing library that you can use to "
     ."read XML and XML-like data files in your application without "
     ."requiring large non-standard libraries. Mini-XML only requires "
@ -46,7 +48,9 @@ html_end_row();
 html_end_table();
 print("</td><td>&nbsp;&nbsp;&nbsp;&nbsp;</td>"
-     ."<td valign='top' width='60%'>");
+     ."<td valign='top' width='60%'>"
     ."<h2>Recent Articles [&nbsp;<a href='articles.php'>View&nbsp;All</a>"
     ."&nbsp;]</h2>\n");
 $result = db_query("SELECT * FROM article WHERE is_published = 1 "
 	          ."ORDER BY modify_date DESC LIMIT 4");
@ -69,7 +73,7 @@ else
    else
      $count .= " comments";
-    print("<h2><a href='articles.php?L$id'>$title</a></h2>\n"
+    print("<h3><a href='articles.php?L$id'>$title</a></h3>\n"
         ."<p><i>$date, $count</i><br />$abstract [&nbsp;"
 	 ."<a href='articles.php?L$id'>Read</a>&nbsp;]</p>\n");
  }
@ -77,18 +81,12 @@ else
 db_free($result);
 html_start_links();
 html_link("View Articles", "articles.php");
 html_link("Submit Bug Report", "str.php");
 html_link("Download Software", "software.php");
 html_end_links();
 print("</td></tr>\n"
     ."</table></p>\n");
 html_footer();
 //
-// End of "$Id: index.php,v 1.2 2004/05/19 01:39:04 mike Exp $".
+// End of "$Id: index.php,v 1.3 2004/05/19 14:02:38 mike Exp $".
 //
 ?>
--- a/www/phplib/auth.php
+++ b/www/phplib/auth.php
@ -1,6 +1,6 @@
 <?
 //
-// "$Id: auth.php,v 1.5 2004/05/19 02:57:18 mike Exp $"
+// "$Id: auth.php,v 1.6 2004/05/19 14:02:38 mike Exp $"
 //
 // Authentication functions for PHP pages...
 //
@ -18,6 +18,15 @@
 include_once "db.php";
 //
 // Define authorization levels...
 //
 define("AUTH_USER", 0);
 define("AUTH_DEVEL", 50);
 define("AUTH_ADMIN", 100);
 //
 // Store the current user in the global variable LOGIN_USER...
 //
@ -141,6 +150,6 @@ auth_logout()
 //
-// End of "$Id: auth.php,v 1.5 2004/05/19 02:57:18 mike Exp $".
+// End of "$Id: auth.php,v 1.6 2004/05/19 14:02:38 mike Exp $".
 //
 ?>
--- a/www/phplib/globals.php
+++ b/www/phplib/globals.php
@ -1,8 +1,8 @@
 <?php
 //
-// "$Id: globals.php,v 1.2 2004/05/19 00:57:33 mike Exp $"
+// "$Id: globals.php,v 1.3 2004/05/19 14:02:38 mike Exp $"
 //
-// Global PHP variables...
+// Global PHP constants and variables...
 //
 // This file should be included using "include_once"...
 //
@ -13,7 +13,12 @@
 $PROJECT = "Mini-XML";			// Title of project
 $EMAIL = "mxml@easysw.com";		// Default notification address
-$PAGE_MAX = 10; 			// Max STRs per page
+$PAGE_MAX = 10; 			// Max items per page
 //
 // PHP transition stuff...
 //
 global $_COOKIE, $_FILES, $_POST, $_SERVER;
@ -25,6 +30,6 @@ $SERVER_NAME    = $_SERVER["SERVER_NAME"];
 //
-// End of "$Id: globals.php,v 1.2 2004/05/19 00:57:33 mike Exp $".
+// End of "$Id: globals.php,v 1.3 2004/05/19 14:02:38 mike Exp $".
 //
 ?>
--- a/www/software.php
+++ b/www/software.php
@ -1,6 +1,6 @@
 <?php
 //
-// "$Id: software.php,v 1.2 2004/05/19 12:15:20 mike Exp $"
+// "$Id: software.php,v 1.3 2004/05/19 14:02:38 mike Exp $"
 //
 // Software download page.
 //
@ -62,8 +62,13 @@ print("<h1>Download</h1>");
 html_start_table(array("Version", "Filename", "Size", "MD5 Sum"));
 $curversion = "";
 $firstversion = current($files);
 reset($files);
 if ($argc >= 1)
  $firstversion = $argv[0];
 else
  $firstversion = current($files);
 while (list($file, $version) = each($files))
 {
  html_start_row();
@ -109,6 +114,6 @@ html_end_table();
 html_footer();
 //
-// End of "$Id: software.php,v 1.2 2004/05/19 12:15:20 mike Exp $".
+// End of "$Id: software.php,v 1.3 2004/05/19 14:02:38 mike Exp $".
 //
 ?>
--- a/www/str.php
+++ b/www/str.php
@ -1,6 +1,6 @@
 <?php
 //
-// "$Id: str.php,v 1.8 2004/05/19 02:57:18 mike Exp $"
+// "$Id: str.php,v 1.9 2004/05/19 14:02:38 mike Exp $"
 //
 // Software Trouble Report page...
 //
@ -22,10 +22,6 @@ include_once "phplib/str.php";
 // String definitions for various things...
 //
 $managers = array(
  "mike" => "Michael Sweet <mike@easysw.com>"
 );
 $messages = array(
  "Fixed in CVS" =>
      "Fixed in CVS - the anonymous CVS repository will be updated at "
@ -53,7 +49,9 @@ $subsystems = array(
 );
 $versions = array(
-  "2.0cvs",
+  "CVS",
  "+2.0rc2",
  "2.0rc1",
  "1.3",
  "1.2",
  "1.1.2",
@ -64,6 +62,20 @@ $versions = array(
 );
 //
 // Get the list of valid developers from the users table...
 //
 $managers = array();
 $result = db_query("SELECT * FROM users WHERE is_published = 1 AND "
                  ."level >= " . AUTH_DEVEL);
 while ($row = db_next($result))
  $managers[$row["name"]] = $row["email"];
 db_free($result);
 //
 // 'notify_creator()' - Notify creator of a STR of changes...
 //
@ -219,7 +231,7 @@ if ($argc)
    exit();
  }
-  if (($op == 'M' || $op == 'B') && !$LOGIN_USER)
+  if (($op == 'M' || $op == 'B') && $LOGIN_LEVEL < AUTH_DEVEL)
  {
    html_header("STR Error");
    print("<p>The '$op' command is not available to you!</p>\n");
@ -404,7 +416,7 @@ switch ($op)
 	  html_link("Post File", "$PHP_SELF?F$id$options");
 	}
-	if ($LOGIN_USER)
+	if ($LOGIN_LEVEL >= AUTH_DEVEL)
 	  html_link("Modify STR", "$PHP_SELF?M$id$options");
        html_end_links();
@ -545,7 +557,7 @@ switch ($op)
        html_header("Support");
        html_start_links(1);
-	html_link("Post New Software Trouble Report", "$PHP_SELF?N$options'");
+	html_link("Submit Support Request", "$PHP_SELF?N$options'");
 	html_end_links();
        print("<h1>Support</h1>\n");
@ -605,7 +617,7 @@ switch ($op)
          print("<option value='1'");
 	  if ($femail)
            print(" selected");
-          if ($LOGIN_USER)
+          if ($LOGIN_LEVEL >= AUTH_DEVEL)
 	    print(">Mine + Unassigned</option>");
 	  else
 	    print(">Only Mine</option>");
@ -646,7 +658,7 @@ switch ($op)
 	  $prefix = " AND ";
 	}
-        if (!$LOGIN_USER)
+        if ($LOGIN_LEVEL < AUTH_DEVEL)
 	{
 	  $query .= "${prefix}is_published = 1";
 	  $prefix = " AND ";
@ -659,7 +671,7 @@ switch ($op)
 	  else
 	    $email = "";
-	  if ($LOGIN_USER)
+	  if ($LOGIN_LEVEL >= AUTH_DEVEL)
 	  {
 	    $query .= "${prefix}(manager_email = '' OR manager_email = '$email')";
 	    $prefix = " AND ";
@ -764,7 +776,7 @@ switch ($op)
        print("<p>$count STR(s) found, showing $start to $end:</p>\n");
-        if ($LOGIN_USER)
+        if ($LOGIN_LEVEL >= AUTH_DEVEL)
 	  print("<form method='POST' action='$PHP_SELF?B$options'>\n");
        if ($count > $PAGE_MAX)
@ -814,7 +826,7 @@ switch ($op)
 	                ."border='0' align='middle' alt='Private'/>";
          print("<td nowrap>");
-          if ($LOGIN_USER)
+          if ($LOGIN_LEVEL >= AUTH_DEVEL)
 	    print("<input type='checkbox' name='ID_$row[id]'>");
 	  print("$link$row[id]</a></td>"
 	       ."<td align='center'>$link$prtext</a></td>"
@ -860,7 +872,7 @@ switch ($op)
        db_free($result);
-        if ($LOGIN_USER)
+        if ($LOGIN_LEVEL >= AUTH_DEVEL)
 	{
 	  html_start_row("header");
 	  print("<th colspan='8'>&nbsp;<br />");
@ -929,12 +941,13 @@ switch ($op)
 	  print("</table></p>\n");
        }
-	if ($LOGIN_USER)
+	if ($LOGIN_LEVEL >= AUTH_DEVEL)
 	  print("</form>");
 	print("<p>"
 	     ."MACH = Machine, "
-	     ."OS = Operating System."
+	     ."OS = Operating System, "
 	     ."STR = Software Trouble Report"
 	     ."</p>\n");
      }
@ -1640,13 +1653,13 @@ switch ($op)
      }
      else
      {
-        html_header("Post New Software Trouble Report");
+        html_header("Submit Support Request");
        html_start_links(1);
 	html_link("Return to Support", "$PHP_SELF?L$options");
 	html_end_links();
-        print("<h1>Post New Software Trouble Report</h1>\n");
+        print("<h1>Submit Support Request</h1>\n");
        if ($REQUEST_METHOD == "POST")
 	{
@ -1773,7 +1786,7 @@ switch ($op)
        print("<input name='STRFILE' type='FILE'></td></tr>\n");
        print("<tr><th align='center' colspan='2'>"
-	     ."<input type='submit' value='Submit Trouble Report'></th></tr>\n");
+	     ."<input type='submit' value='Submit Support Request'></th></tr>\n");
        print("</table></p></form>\n");
        html_footer();
      }
@ -1852,6 +1865,6 @@ switch ($op)
 }
 //
-// End of "$Id: str.php,v 1.8 2004/05/19 02:57:18 mike Exp $".
+// End of "$Id: str.php,v 1.9 2004/05/19 14:02:38 mike Exp $".
 //
 ?>