Allow logged in users to see their private articles and STRs.

Allow logged in users to modify their articles (sets is_published to 0). Send article notification emails to admin address. Fix LOGIN_foo globals in auth.php (didn't declare as global everywhere) Tweek background colors for softer appearance. Add PHP_URL global for full URL to pages. Fix notification emails to use the full URL.
2024-11-08 13:39:58 +00:00 · 2004-05-19 21:17:47 +00:00 · 2004-05-19 21:17:47 +00:00 · 8c31377933
commit 8c31377933
parent 6a062afd64
7 changed files with 271 additions and 115 deletions
--- a/www/articles.php
+++ b/www/articles.php
@ -1,9 +1,13 @@
 <?php
 //
-// "$Id: articles.php,v 1.9 2004/05/19 16:34:54 mike Exp $"
+// "$Id: articles.php,v 1.10 2004/05/19 21:17:47 mike Exp $"
 //
 // Web form for the article table...
 //
 // Contents:
 //
 //   notify_users() - Notify users of new/updated articles...
 //
 //
@ -14,6 +18,34 @@ include_once "phplib/html.php";
 include_once "phplib/common.php";
 //
 // 'notify_users()' - Notify users of new/updated articles...
 //
 function
 notify_users($id,			// I - Article #
             $what = "created")		// I - Reason for notification
 {
  global $PHP_URL, $PROJECT_EMAIL, $PROJECT_NAME;
  $result = db_query("SELECT * FROM article WHERE id = $id");
  if (db_count($result) == 1)
  {
    $row = db_next($result);
    mail($PROJECT_EMAIL, "$PROJECT_NAME Article #$id $what",
 	 wordwrap("$row[create_user] has $what an article titled, "
 	         ."'$row[title]' with the following abstract:\n\n"
 		 ."    $row[abstract]\n\n"
 		 ."Please approve or delete this article via the following "
 		 ."page:\n\n"
 		 ."    $PHP_URL?L$id\n"),
 	 "From: noreply@easysw.com\r\n");
  }
 }
 // Get command-line options...
 //
 // Usage: article.php [operation] [options]
@ -56,7 +88,7 @@ if ($argc)
    exit();
  }
-  if (($op == 'D' || $op == 'M' && $op != 'B') && $LOGIN_LEVEL < AUTH_DEVEL)
+  if ($op == 'B' && $LOGIN_LEVEL < AUTH_DEVEL)
  {
    html_header("Article Error");
    print("<p>You don't have permission to use command '$op'!\n");
@ -64,6 +96,35 @@ if ($argc)
    exit();
  }
  if (($op == 'D' || $op == 'M') && $LOGIN_LEVEL < AUTH_DEVEL)
  {
    $result = db_query("SELECT * FROM article WHERE id = $id");
    if (db_count($result) != 1)
    {
      db_free($result);
      html_header("Article Error");
      print("<p>Article #$id does not exist!\n");
      html_footer();
      exit();
    }
    $row = db_next($result);
    if ($row['create_user'] != $LOGIN_USER &&
        $row['create_user'] != $LOGIN_EMAIL)
    {
      db_free($result);
      html_header("Article Error");
      print("<p>You don't have permission to use command '$op'!\n");
      html_footer();
      exit();
    }
    db_free($result);
  }
  if ($op == 'N' && $id)
  {
    html_header("Article Error");
@ -183,7 +244,7 @@ switch ($op)
 	     ."<p><table width='100%' cellpadding='5' cellspacing='0' border='0'>\n");
        if (!$row['is_published'])
-	  print("<tr><th align='center' colspan='2'>This Article is "
+	  print("<tr><th align='center' colspan='2'>This article is "
 	       ."currently hidden from public view.</td></tr>\n");
        $temp = htmlspecialchars($row["title"]);
@ -217,7 +278,9 @@ switch ($op)
        $row         = db_next($result);
        $title       = htmlspecialchars($row['title']);
        $abstract    = htmlspecialchars($row['abstract']);
 	$contents    = format_text($row['contents']);
 	$create_user = sanitize_email($row['create_user']);
        $date        = date("H:i M d, Y", $row['modify_date']);
        html_header("Article #$id: $title");
@ -225,7 +288,10 @@ switch ($op)
 	html_start_links(1);
 	html_link("Return to Articles", "$PHP_SELF?L$options");
 	html_link("Show Comments", "#_USER_COMMENTS");
-	if ($LOGIN_LEVEL >= AUTH_DEVEL)
+	html_link("Submit Comment", "comment.php?r0+particles.php_L$id");
 	if ($LOGIN_LEVEL >= AUTH_DEVEL ||
 	    $row['create_user'] == $LOGIN_USER)
 	{
 	  html_link("Modify Article</A>", "$PHP_SELF?M$id$options");
 	  html_link("Delete Article</A>", "$PHP_SELF?D$id$options");
@ -233,21 +299,23 @@ switch ($op)
 	html_end_links();
        if (!$row['is_published'])
-	  print("<p align='center'>This Article is currently hidden from "
+	  print("<p align='center'><b>This article is currently hidden from "
-	       ."public view.</p>\n");
+	       ."public view.</b></p>\n");
        print("<h1>Article #$id: $title</h1>\n"
-	     ."<p><i>$date</i></p>\n"
+	     ."<p><i>$date by $create_user</i><br />$abstract</p>\n"
-	     ."$contents\n");
+	     ."<hr noshade/>\n"
 	     ."$contents\n"
 	     ."<hr noshade/>\n"
 	     ."<h2><a name='_USER_COMMENTS'>Comments</a></h2>\n");
-        db_free($result);
+	html_start_links();
-
+	html_link("Submit Comment", "comment.php?r0+particles.php_L$id");
-        print("<hr noshade/>\n"
+	html_end_links();
 	     ."<h2><a name='_USER_COMMENTS'>Comments</a> "
 	     ."[&nbsp;<a href='comment.php?r0+particles.php_L$id'>"
 	     ."Add&nbsp;Comment</a>&nbsp;]</h2>\n");
 	show_comments("articles.php_L$id");
        db_free($result);
      }
      else
      {
@ -271,7 +339,8 @@ switch ($op)
        if ($LOGIN_LEVEL < AUTH_DEVEL)
 	{
-	  $query .= "${prefix}is_published = 1";
+	  $query .= "${prefix}(is_published = 1 OR create_user = '"
 	           . db_escape($LOGIN_USER) . "')";
 	  $prefix = " AND ";
 	}
@ -451,6 +520,9 @@ switch ($op)
          print("</td></tr>\n");
 	  print("</table></p>\n");
        }
        print("<p><img src='images/private.gif' width='16' height='16' "
 	     ."align='middle' alt='private'/> = hidden from public view</p>\n");
      }
      html_footer();
@ -459,7 +531,9 @@ switch ($op)
  case 'M' : // Modify Article
      if ($REQUEST_METHOD == "POST")
      {
-        if (array_key_exists("IS_PUBLISHED", $_POST))
+        if ($LOGIN_LEVEL < AUTH_DEVEL)
 	  $is_published = 0;
 	else if (array_key_exists("IS_PUBLISHED", $_POST))
 	  $is_published = (int)$_POST["IS_PUBLISHED"];
 	else
 	  $is_published = 0;
@ -523,6 +597,9 @@ switch ($op)
 	        ."modify_user = '$LOGIN_USER' "
 	        ."WHERE id = $id");
        if (!$is_published)
 	  notify_users($id, "modified");
 	header("Location: $PHP_SELF?L$id$options");
      }
      else
@ -536,31 +613,69 @@ switch ($op)
        print("<h1>Modify Article #$id</h1>\n");
 	if ($REQUEST_METHOD == "POST")
 	{
 	  print("<p><b>Error:</b> Please fill in the fields marked in "
 	       ."<b><font color='red'>bold red</font></b> below and resubmit "
 	       ."your article.</p><hr noshade/>\n");
 	  $hstart = "<font color='red'>";
 	  $hend   = "</font>";
 	}
 	else
 	{
 	  $hstart = "";
 	  $hend   = "";
 	}
        print("<form method='post' action='$PHP_SELF?M$id$options'>"
 	     ."<p><table width='100%' cellpadding='5' cellspacing='0' border='0'>\n");
 	if ($LOGIN_LEVEL >= AUTH_DEVEL)
 	{
          print("<tr><th align='right'>Published:</th><td>");
          select_is_published($is_published);
          print("</td></tr>\n");
 	}
 	else
          print("<input type='hidden' name='IS_PUBLISHED' value='0'/>\n");
-        $temp = htmlspecialchars($title, ENT_QUOTES);
+	$title = htmlspecialchars($title, ENT_QUOTES);
        print("<tr><th align='right'>Title:</th>"
 	     ."<td><input type='text' name='TITLE' "
 	     ."value='$temp' size='40'></td></tr>\n");
-        $temp = htmlspecialchars($abstract, ENT_QUOTES);
+	if ($title == "")
-        print("<tr><th align='right'>Abstract:</th>"
+	  print("<tr><th align='right'>${hstart}Title:${hend}</th>");
-	     ."<td><input type='text' name='ABSTRACT' "
+	else
-	     ."value='$temp' size='40'></td></tr>\n");
+	  print("<tr><th align='right'>Title:</th>");
 	print("<td><input type='text' name='TITLE' "
 	     ."size='80' value='$title'/></td></tr>\n");
-        $temp = htmlspecialchars($contents, ENT_QUOTES);
+	$abstract = htmlspecialchars($abstract, ENT_QUOTES);
-        print("<tr><th align='right' valign='top'>Contents:</th>"
+
-	     ."<td><textarea name='CONTENTS' "
+	if ($abstract == "")
 	  print("<tr><th align='right'>${hstart}Abstract:${hend}</th>");
 	else
 	  print("<tr><th align='right'>Abstract:</th>");
 	print("<td><input type='text' name='ABSTRACT' "
 	     ."size='80' value='$abstract'/></td></tr>\n");
 	$contents = htmlspecialchars($contents, ENT_QUOTES);
 	if ($contents == "")
 	  print("<tr><th align='right' valign='top'>${hstart}Contents:${hend}</th>");
 	else
 	  print("<tr><th align='right' valign='top'>Contents:</th>");
 	print("<td><textarea name='CONTENTS' "
 	     ."cols='80' rows='10' wrap='virtual'>"
-	     ."$temp</textarea></td></tr>\n");
+	     ."$contents</textarea>\n"
 	     ."<p>The contents of the article may contain the following "
 	     ."HTML elements: <tt>A</tt>, <tt>B</tt>, <tt>BLOCKQUOTE</tt>, "
 	     ."<tt>CODE</tt>, <tt>EM</tt>, <tt>H1</tt>, <tt>H2</tt>, "
 	     ."<tt>H3</tt>, <tt>H4</tt>, <tt>H5</tt>, <tt>H6</tt>, <tt>I</tt>, "
 	     ."<tt>IMG</tt>, <tt>LI</tt>, <tt>OL</tt>, <tt>P</tt>, <tt>PRE</tt>, "
 	     ."<tt>TT</tt>, <tt>U</tt>, <tt>UL</tt></p></td></tr>\n");
        print("<tr><th colspan='2'>"
-	     ."<input type='submit' value='Update Article'></th></tr>\n");
+	     ."<input type='submit' value='Motify Article'/></th></tr>\n");
        print("</table></p></form>\n");
        html_footer();
@ -592,13 +707,16 @@ switch ($op)
 	else
 	  $contents = "";
-        if (array_key_exists("CREATE_USER", $_POST))
+        if ($LOGIN_USER != "" && $LOGIN_LEVEL < AUTH_DEVEL)
 	  $create_user = $LOGIN_USER;
        else if (array_key_exists("CREATE_USER", $_POST))
 	  $create_user = $_POST["CREATE_USER"];
 	else
 	  $create_user = "";
        if (($is_published == 0 || $LOGIN_LEVEL >= AUTH_DEVEL) &&
-	    $title != "" && $abstract != "" && $contents != "")
+	    $title != "" && $abstract != "" && $contents != "" &&
 	    $create_user != "")
          $havedata = 1;
 	else
          $havedata = 0;
@ -610,7 +728,9 @@ switch ($op)
 	$abstract     = "";
 	$contents     = "";
-	if (array_key_exists("FROM", $_COOKIE))
+	if ($LOGIN_USER != "")
 	  $create_user = $LOGIN_USER;
 	else if (array_key_exists("FROM", $_COOKIE))
 	  $create_user = $_COOKIE["FROM"];
 	else
 	  $create_user = "";
@ -632,6 +752,9 @@ switch ($op)
 	$id = db_insert_id();
        if (!$is_published)
 	  notify_users($id);
 	header("Location: $PHP_SELF?L$id$options");
 	break;
      }
@ -656,10 +779,10 @@ switch ($op)
      else
      {
 	print("<p>Please use this form to post announcements, how-to's, "
-             ."examples, and case studies showing how you use $PROJECT. "
+             ."examples, and case studies showing how you use $PROJECT_NAME. "
 	     ."We will proofread your article, and if we determine it is "
 	     ."appropriate for the site, we will make the article public "
-	     ."on the site. <i>Thank you</i> for supporting $PROJECT!</p>\n"
+	     ."on the site. <i>Thank you</i> for supporting $PROJECT_NAME!</p>\n"
 	     ."<hr noshade/>\n");
 	$hstart = "";
@ -685,7 +808,7 @@ switch ($op)
      else
 	print("<tr><th align='right'>Title:</th>");
      print("<td><input type='text' name='TITLE' "
-	   ."size='40' value='$title'></td></tr>\n");
+	   ."size='80' value='$title'/></td></tr>\n");
      $abstract = htmlspecialchars($abstract, ENT_QUOTES);
@ -694,7 +817,7 @@ switch ($op)
      else
 	print("<tr><th align='right'>Abstract:</th>");
      print("<td><input type='text' name='ABSTRACT' "
-	   ."size='40' value='$abstract'></td></tr>\n");
+	   ."size='80' value='$abstract'/></td></tr>\n");
      $create_user = htmlspecialchars($create_user, ENT_QUOTES);
@ -702,8 +825,13 @@ switch ($op)
 	print("<tr><th align='right'>${hstart}Author:${hend}</th>");
      else
 	print("<tr><th align='right'>Author:</th>");
      if ($LOGIN_USER != "" && $LOGIN_LEVEL < AUTH_DEVEL)
 	print("<td><input type='hidden' name='CREATE_USER' "
 	     ."value='$create_user'/>$create_user</td></tr>\n");
      else
 	print("<td><input type='text' name='CREATE_USER' "
-	   ."size='40' value='$create_user'></td></tr>\n");
+	     ."size='40' value='$create_user'/></td></tr>\n");
      $contents = htmlspecialchars($contents, ENT_QUOTES);
@ -722,7 +850,7 @@ switch ($op)
 	   ."<tt>TT</tt>, <tt>U</tt>, <tt>UL</tt></p></td></tr>\n");
      print("<tr><th colspan='2'>"
-	   ."<input type='submit' value='Submit Article'></th></tr>\n");
+	   ."<input type='submit' value='Submit Article'/></th></tr>\n");
      print("</table></p></form>\n");
      html_footer();
@ -731,6 +859,6 @@ switch ($op)
 //
-// End of "$Id: articles.php,v 1.9 2004/05/19 16:34:54 mike Exp $".
+// End of "$Id: articles.php,v 1.10 2004/05/19 21:17:47 mike Exp $".
 //
 ?>
--- a/www/index.php
+++ b/www/index.php
@ -1,6 +1,6 @@
 <?php
 //
-// "$Id: index.php,v 1.3 2004/05/19 14:02:38 mike Exp $"
+// "$Id: index.php,v 1.4 2004/05/19 21:17:47 mike Exp $"
 //
 // Mini-XML home page...
 //
@ -65,6 +65,7 @@ else
    $id          = $row['id'];
    $title       = htmlspecialchars($row['title'], ENT_QUOTES);
    $abstract    = htmlspecialchars($row['abstract'], ENT_QUOTES);
    $create_user = sanitize_email($row['create_user']);
    $date        = date("H:i M d, Y", $row['modify_date']);
    $count       = count_comments("articles.php_L$id");
@ -74,7 +75,7 @@ else
      $count .= " comments";
    print("<h3><a href='articles.php?L$id'>$title</a></h3>\n"
-         ."<p><i>$date, $count</i><br />$abstract [&nbsp;"
+         ."<p><i>$date by $create_user, $count</i><br />$abstract [&nbsp;"
 	 ."<a href='articles.php?L$id'>Read</a>&nbsp;]</p>\n");
  }
 }
@ -87,6 +88,6 @@ print("</td></tr>\n"
 html_footer();
 //
-// End of "$Id: index.php,v 1.3 2004/05/19 14:02:38 mike Exp $".
+// End of "$Id: index.php,v 1.4 2004/05/19 21:17:47 mike Exp $".
 //
 ?>
--- a/www/phplib/auth.php
+++ b/www/phplib/auth.php
@ -1,6 +1,6 @@
 <?
 //
-// "$Id: auth.php,v 1.6 2004/05/19 14:02:38 mike Exp $"
+// "$Id: auth.php,v 1.7 2004/05/19 21:17:47 mike Exp $"
 //
 // Authentication functions for PHP pages...
 //
@ -33,6 +33,7 @@ define("AUTH_ADMIN", 100);
 $LOGIN_LEVEL = 0;
 $LOGIN_USER  = "";
 $LOGIN_EMAIL = "";
 auth_current();
@ -44,7 +45,7 @@ auth_current();
 function				// O - Current username or ""
 auth_current()
 {
-  global $_COOKIE, $_SERVER, $LOGIN_LEVEL, $LOGIN_USER;
+  global $_COOKIE, $_SERVER, $LOGIN_EMAIL, $LOGIN_LEVEL, $LOGIN_USER;
  // See if the SID cookie is set; if not, the user is not logged in...
@ -77,6 +78,7 @@ auth_current()
      // Set globals...
      $LOGIN_USER      = $cookie[0];
      $LOGIN_LEVEL     = $row["level"];
      $LOGIN_EMAIL     = $row["email"];
      $_COOKIE["FROM"] = $row["email"];
      // Return the current user...
@ -96,7 +98,7 @@ function				// O - Current username or ""
 auth_login($name,			// I - Username
           $password)			// I - Password
 {
-  global $_COOKIE, $_SERVER, $LOGIN_USER;
+  global $_COOKIE, $_SERVER, $LOGIN_EMAIL, $LOGIN_LEVEL, $LOGIN_USER;
  // Reset the user...
@ -117,6 +119,7 @@ auth_login($name,			// I - Username
      // Update the username and email...
      $LOGIN_USER      = $name;
      $LOGIN_LEVEL     = $row["level"];
      $LOGIN_EMAIL     = $row["email"];
      $_COOKIE["FROM"] = $row["email"];
      // Compute the session ID...
@ -139,10 +142,11 @@ auth_login($name,			// I - Username
 function
 auth_logout()
 {
-  global $LOGIN_USER;
+  global $LOGIN_EMAIL, $LOGIN_LEVEL, $LOGIN_USER;
  $LOGIN_USER  = "";
  $LOGIN_EMAIL = "";
  $LOGIN_LEVEL = 0;
  setcookie("SID", "", time() + 90 * 86400, "/");
@ -150,6 +154,6 @@ auth_logout()
 //
-// End of "$Id: auth.php,v 1.6 2004/05/19 14:02:38 mike Exp $".
+// End of "$Id: auth.php,v 1.7 2004/05/19 21:17:47 mike Exp $".
 //
 ?>
--- a/www/phplib/common.php
+++ b/www/phplib/common.php
@ -1,6 +1,6 @@
 <?
 //
-// "$Id: common.php,v 1.8 2004/05/19 16:34:54 mike Exp $"
+// "$Id: common.php,v 1.9 2004/05/19 21:17:47 mike Exp $"
 //
 // Common utility functions for PHP pages...
 //
@ -88,13 +88,18 @@ count_comments($url,			// I - URL for comment
 {
  $result = db_query("SELECT * FROM comment WHERE "
                    ."url = '" . db_escape($url) ."' "
-                    ."AND status > 0 AND parent_id = $parent_id "
+                    ."AND parent_id = $parent_id "
 		    ."ORDER BY id");
-  $num_comments = db_count($result);
+  $num_comments = 0;
  while ($row = db_next($result))
  {
    if ($row["status"] > 0)
      $num_comments ++;
    $num_comments += count_comments($url, $row['id']);
  }
  db_free($result);
@ -577,7 +582,7 @@ show_comments($url,			// I - URL for comment
  $result = db_query("SELECT * FROM comment WHERE "
                    ."url = '" . db_escape($url) ."' "
-                    ."AND status > 0 AND parent_id = $parent_id "
+                    ."AND parent_id = $parent_id "
 		    ."ORDER BY id");
  if (array_key_exists("MODPOINTS", $_COOKIE))
@ -593,11 +598,17 @@ show_comments($url,			// I - URL for comment
  $safeurl      = urlencode($url);
  $num_comments = 0;
  $div          = 0;
  while ($row = db_next($result))
  {
-    if ($heading > 3 && $num_comments == 0)
+    if ($row["status"] > 0)
    {
      if ($heading > 3 && !$div)
      {
 	print("<div style='margin-left: 3em;'>\n");
 	$div = 1;
      }
      $num_comments ++;
@ -622,13 +633,14 @@ show_comments($url,			// I - URL for comment
      }
      html_end_links();
    }
    $num_comments += show_comments($url, $path, $row['id'], $heading + 1);
  }
  db_free($result);
-  if ($num_comments > 0 && $heading > 3)
+  if ($div)
    print("</div>\n");
  return ($num_comments);
@ -636,6 +648,6 @@ show_comments($url,			// I - URL for comment
 //
-// End of "$Id: common.php,v 1.8 2004/05/19 16:34:54 mike Exp $".
+// End of "$Id: common.php,v 1.9 2004/05/19 21:17:47 mike Exp $".
 //
 ?>
--- a/www/phplib/globals.php
+++ b/www/phplib/globals.php
@ -1,6 +1,6 @@
 <?php
 //
-// "$Id: globals.php,v 1.3 2004/05/19 14:02:38 mike Exp $"
+// "$Id: globals.php,v 1.4 2004/05/19 21:17:47 mike Exp $"
 //
 // Global PHP constants and variables...
 //
@ -11,8 +11,8 @@
 // Global vars...
 //
-$PROJECT = "Mini-XML";			// Title of project
+$PROJECT_NAME = "Mini-XML";		// Title of project
-$EMAIL = "mxml@easysw.com";		// Default notification address
+$PROJECT_EMAIL = "mxml@easysw.com";	// Default notification address
 $PAGE_MAX = 10; 			// Max items per page
@ -28,8 +28,12 @@ $PHP_SELF       = $_SERVER["PHP_SELF"];
 $REQUEST_METHOD = $_SERVER["REQUEST_METHOD"];
 $SERVER_NAME    = $_SERVER["SERVER_NAME"];
 if (array_key_exists("ISHTTPS", $_SERVER))
  $PHP_URL = "https://$_SERVER[SERVER_NAME]:$_SERVER[SERVER_PORT]$_SERVER[PHP_SELF]";
 else
  $PHP_URL = "http://$_SERVER[SERVER_NAME]:$_SERVER[SERVER_PORT]$_SERVER[PHP_SELF]";
 //
-// End of "$Id: globals.php,v 1.3 2004/05/19 14:02:38 mike Exp $".
+// End of "$Id: globals.php,v 1.4 2004/05/19 21:17:47 mike Exp $".
 //
 ?>
--- a/www/str.php
+++ b/www/str.php
@ -1,6 +1,6 @@
 <?php
 //
-// "$Id: str.php,v 1.9 2004/05/19 14:02:38 mike Exp $"
+// "$Id: str.php,v 1.10 2004/05/19 21:17:47 mike Exp $"
 //
 // Software Trouble Report page...
 //
@ -88,7 +88,7 @@ notify_creator($id,			// I - STR #
  global $priority_long;
  global $scope_long;
  global $status_long;
-  global $PHP_SELF, $EMAIL, $PROJECT;
+  global $PHP_URL, $PROJECT_EMAIL, $PROJECT_NAME;
  $result = db_query("SELECT * FROM str WHERE id = $id");
@ -112,12 +112,12 @@ notify_creator($id,			// I - STR #
    if ($row['create_user'] != $row['modify_user'] &&
        $row['create_user'] != $manager)
-      mail($row['create_user'], "$PROJECT STR #$id $what",
+      mail($row['create_user'], "$PROJECT_NAME STR #$id $what",
 	   "Your software trouble report #$id has been $what.  You can check\n"
 	  ."the status of the report and add additional comments and/or files\n"
 	  ."at the following URL:\n"
 	  ."\n"
-	  ."    $PHP_SELF?L$id\n"
+	  ."    $PHP_URL?L$id\n"
 	  ."\n"
 	  ."    Summary: $row[summary]\n"
 	  ."    Version: $row[str_version]\n"
@ -128,7 +128,7 @@ notify_creator($id,			// I - STR #
 	  ."Fix Version: $fix_version\n"
 	  ."\n$contents"
 	  ."________________________________________________________________\n"
-	  ."Thank you for using the $PROJECT Software Trouble Report page!",
+	  ."Thank you for using the $PROJECT_NAME Software Trouble Report page!",
 	   "From: noreply@easysw.com\r\n");
    $ccresult = db_query("SELECT email FROM strcc WHERE str_id = $id");
@ -136,12 +136,12 @@ notify_creator($id,			// I - STR #
    {
      while ($ccrow = db_next($ccresult))
      {
-	mail($ccrow->email, "$PROJECT STR #$id $what",
+	mail($ccrow->email, "$PROJECT_NAME STR #$id $what",
 	     "Software trouble report #$id has been $what.  You can check\n"
 	    ."the status of the report and add additional comments and/or files\n"
 	    ."at the following URL:\n"
 	    ."\n"
-	    ."    $PHP_SELF?L$id\n"
+	    ."    $PHP_URL?L$id\n"
 	    ."\n"
 	    ."    Summary: $row[summary]\n"
 	    ."    Version: $row[str_version]\n"
@ -152,7 +152,7 @@ notify_creator($id,			// I - STR #
 	    ."Fix Version: $fix_version\n"
 	    ."\n$contents"
 	    ."________________________________________________________________\n"
-	    ."Thank you for using the $PROJECT Software Trouble Report page!",
+	    ."Thank you for using the $PROJECT_NAME Software Trouble Report page!",
 	     "From: noreply@easysw.com\r\n");
      }
@ -162,15 +162,15 @@ notify_creator($id,			// I - STR #
    if ($row['manager_email'] != "")
      $manager = $row['manager_email'];
    else
-      $manager = "$EMAIL";
+      $manager = "$PROJECT_EMAIL";
    if ($row['modify_user'] != $manager)
-      mail($manager, "$PROJECT STR #$id $what",
+      mail($manager, "$PROJECT_NAME STR #$id $what",
 	   "The software trouble report #$id assigned to you has been $what.\n"
 	  ."You can manage the report and add additional comments and/or files\n"
 	  ."at the following URL:\n"
 	  ."\n"
-	  ."    $PHP_SELF?L$id\n"
+	  ."    $PHP_URL?L$id\n"
 	  ."\n"
 	  ."    Summary: $row[summary]\n"
 	  ."    Version: $row[str_version]\n"
@ -186,6 +186,7 @@ notify_creator($id,			// I - STR #
  }
 }
 // Get command-line options...
 //
 // Usage: str.php [operation] [options]
@ -660,7 +661,8 @@ switch ($op)
        if ($LOGIN_LEVEL < AUTH_DEVEL)
 	{
-	  $query .= "${prefix}is_published = 1";
+	  $query .= "${prefix}(is_published = 1 OR create_user = '"
 	           . db_escape($LOGIN_USER) . "')";
 	  $prefix = " AND ";
 	}
@ -947,8 +949,9 @@ switch ($op)
 	print("<p>"
 	     ."MACH = Machine, "
 	     ."OS = Operating System, "
-	     ."STR = Software Trouble Report"
+	     ."STR = Software Trouble Report, "
-	     ."</p>\n");
+	     ."<img src='images/private.gif' width='16' height='16' "
 	     ."align='middle' alt='private'/> = hidden from public view</p>\n");
      }
      html_footer();
@ -1553,7 +1556,9 @@ switch ($op)
 	$version   = $_POST["VERSION"];
 	$contents  = $_POST["CONTENTS"];
-	if (array_key_exists("EMAIL", $_POST))
+	if ($LOGIN_USER != "" && $LOGIN_LEVEL < AUTH_DEVEL)
 	  $email = $LOGIN_USER;
 	else if (array_key_exists("EMAIL", $_POST))
 	{
 	  $email = $_POST["EMAIL"];
 	  setcookie("FROM", "$email", time() + 90 * 86400, "/");
@ -1578,7 +1583,9 @@ switch ($op)
      }
      else
      {
-	if (array_key_exists("FROM", $_COOKIE))
+	if ($LOGIN_USER != "")
 	  $email = $LOGIN_USER;
 	else if (array_key_exists("FROM", $_COOKIE))
          $email = $_COOKIE["FROM"];
 	else
 	  $email = "";
@ -1673,11 +1680,11 @@ switch ($op)
 	else
 	{
 	  print("<p>Please use this form to report all bugs and request "
-	       ."features in the $PROJECT software. Be sure to include "
+	       ."features in the $PROJECT_NAME software. Be sure to include "
 	       ."the operating system, compiler, sample programs and/or "
 	       ."files, and any other information you can about your "
 	       ."problem. <i>Thank you</i> for helping us to improve "
-	       ."$PROJECT!</p><hr noshade/>\n");
+	       ."$PROJECT_NAME!</p><hr noshade/>\n");
 	  $hstart = "";
 	  $hend   = "";
@ -1865,6 +1872,6 @@ switch ($op)
 }
 //
-// End of "$Id: str.php,v 1.9 2004/05/19 14:02:38 mike Exp $".
+// End of "$Id: str.php,v 1.10 2004/05/19 21:17:47 mike Exp $".
 //
 ?>
--- a/www/style.css
+++ b/www/style.css
@ -35,15 +35,15 @@ TR.header, TR.header TH, TH.header {
 }
 TR.page {
-  background-color: #f8f8f8;
+  background-color: #f4f4f4;
 }
 TR.data0, TD.data0 {
-  background-color: #eeeeee;
+  background-color: #e8e8e8;
 }
 TR.data1, TD.data1 {
-  background-color: #dddddd;
+  background-color: #e0e0e0;
 }
 INPUT[TYPE="TEXT"], TEXTAREA {