diff --git a/www/account.php b/www/account.php index 20f4d9f..07bd5b1 100644 --- a/www/account.php +++ b/www/account.php @@ -1,6 +1,6 @@ \n"); + print("
\n"); html_start_table(array("Username", "EMail", "Level")); @@ -392,8 +397,11 @@ switch ($op) } html_start_row("header"); - print(" 
"); + print(" 
" + .""); html_end_row(); html_end_table(); @@ -604,6 +612,6 @@ switch ($op) // -// End of "$Id: account.php,v 1.8 2004/05/19 14:02:38 mike Exp $". +// End of "$Id: account.php,v 1.9 2004/05/20 02:04:44 mike Exp $". // ?> diff --git a/www/comment.php b/www/comment.php index 4fe397c..9441364 100644 --- a/www/comment.php +++ b/www/comment.php @@ -1,6 +1,6 @@ "; @@ -143,7 +147,9 @@ else } else { - if (array_key_exists("FROM", $_COOKIE)) + if ($LOGIN_USER != "") + $create_user = $LOGIN_USER; + else if (array_key_exists("FROM", $_COOKIE)) $create_user = $_COOKIE["FROM"]; else $create_user = "Anonymous "; @@ -367,6 +373,6 @@ else } // -// End of "$Id: comment.php,v 1.6 2004/05/19 16:34:54 mike Exp $". +// End of "$Id: comment.php,v 1.7 2004/05/20 02:04:44 mike Exp $". // ?> diff --git a/www/docfiles/FindingandIteratingNodes.html b/www/docfiles/FindingandIteratingNodes.html index b730683..22edb17 100644 --- a/www/docfiles/FindingandIteratingNodes.html +++ b/www/docfiles/FindingandIteratingNodes.html @@ -28,46 +28,46 @@ PRE { font-family: monospace } Next

Finding and Iterating Nodes

-

The mxmlWalkPrev() - and mxmlWalkNext() +

The mxmlWalkPrev() + and mxmlWalkNext() functions can be used to iterate through the XML node tree:

-    mxml_node_t *node = mxmlWalkPrev(current, tree, MXML_DESCEND);
+    mxml_node_t *node = mxmlWalkPrev(current, tree, MXML_DESCEND);
 
-    mxml_node_t *node = mxmlWalkNext(current, tree, MXML_DESCEND);
+    mxml_node_t *node = mxmlWalkNext(current, tree, MXML_DESCEND);
 
-

In addition, you can find a named element/node using the +

In addition, you can find a named element/node using the mxmlFindElement() function:

-    mxml_node_t *node = mxmlFindElement(tree, tree, "name", "attr",
+    mxml_node_t *node = mxmlFindElement(tree, tree, "name", "attr",
                                 	"value", MXML_DESCEND);
 

The name, attr, and value arguments can be passed as NULL to act as wildcards, e.g.:

     /* Find the first "a" element */
-    node = mxmlFindElement(tree, tree, "a", NULL, NULL, MXML_DESCEND);
+    node = mxmlFindElement(tree, tree, "a", NULL, NULL, MXML_DESCEND);
 
     /* Find the first "a" element with "href" attribute */
-    node = mxmlFindElement(tree, tree, "a", "href", NULL, MXML_DESCEND);
+    node = mxmlFindElement(tree, tree, "a", "href", NULL, MXML_DESCEND);
 
     /* Find the first "a" element with "href" to a URL */
-    node = mxmlFindElement(tree, tree, "a", "href",
+    node = mxmlFindElement(tree, tree, "a", "href",
                 	   "http://www.easysw.com/~mike/mxml/", MXML_DESCEND);
 
     /* Find the first element with a "src" attribute*/
-    node = mxmlFindElement(tree, tree, NULL, "src", NULL, MXML_DESCEND);
+    node = mxmlFindElement(tree, tree, NULL, "src", NULL, MXML_DESCEND);
 
     /* Find the first element with a "src" = "foo.jpg" */
-    node = mxmlFindElement(tree, tree, NULL, "src", "foo.jpg", MXML_DESCEND);
+    node = mxmlFindElement(tree, tree, NULL, "src", "foo.jpg", MXML_DESCEND);
 

You can also iterate with the same function:

-    mxml_node_t *node;
+    mxml_node_t *node;
 
-    for (node = mxmlFindElement(tree, tree, "name", NULL, NULL, MXML_DESCEND);
+    for (node = mxmlFindElement(tree, tree, "name", NULL, NULL, MXML_DESCEND);
          node != NULL;
-         node = mxmlFindElement(node, tree, "name", NULL, NULL, MXML_DESCEND))
+         node = mxmlFindElement(node, tree, "name", NULL, NULL, MXML_DESCEND))
     {
       ... do something ...
     }
diff --git a/www/docfiles/LegalStuff.html b/www/docfiles/LegalStuff.html
index 6d9152d..2930e2e 100644
--- a/www/docfiles/LegalStuff.html
+++ b/www/docfiles/LegalStuff.html
@@ -30,8 +30,8 @@ PRE { font-family: monospace }
 

Legal Stuff

The Mini-XML library is copyright 2003-2004 by Michael Sweet.

This library is free software; you can redistribute it and/or modify - it under the terms of the -GNU Library General Public License as published by the Free Software + it under the terms of the GNU Library + General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This library is distributed in the hope that it will be useful, but diff --git a/www/docfiles/LoadingandSavingXMLFiles.html b/www/docfiles/LoadingandSavingXMLFiles.html index 306ce36..836228d 100644 --- a/www/docfiles/LoadingandSavingXMLFiles.html +++ b/www/docfiles/LoadingandSavingXMLFiles.html @@ -28,14 +28,14 @@ PRE { font-family: monospace } Next


Loading and Saving XML Files

-

You load an XML file using the -mxmlLoadFile() function:

+

You load an XML file using the +mxmlLoadFile() function:

     FILE *fp;
-    mxml_node_t *tree;
+    mxml_node_t *tree;
 
     fp = fopen("filename.xml", "r");
-    tree = mxmlLoadFile(NULL, fp, MXML_NO_CALLBACK);
+    tree = mxmlLoadFile(NULL, fp, MXML_NO_CALLBACK);
     fclose(fp);
 

The third argument specifies a callback function which returns the @@ -45,14 +45,14 @@ MXML_TEXT. This function is called after the element and its attributes have been read, so you can look at the element name, attributes, and attribute values to determine the proper value type to return. The default value type is MXML_TEXT if no callback is used.

-

Similarly, you save an XML file using the +

Similarly, you save an XML file using the mxmlSaveFile() function:

     FILE *fp;
-    mxml_node_t *tree;
+    mxml_node_t *tree;
 
     fp = fopen("filename.xml", "w");
-    mxmlSaveFile(tree, fp, MXML_NO_CALLBACK);
+    mxmlSaveFile(tree, fp, MXML_NO_CALLBACK);
     fclose(fp);
 

Callback functions for saving are used to optionally insert @@ -63,24 +63,24 @@ MXML_WS_AFTER_OPEN, MXML_WS_BEFORE_CLOSE, or MXML_WS_AFTER_CLOSE. The callback function should return NULL if no whitespace should be added and the string to insert (spaces, tabs, carriage returns, and newlines) otherwise.

-

The mxmlLoadString() -, mxmlSaveAllocString() -, and mxmlSaveString() - functions load XML node trees from and save XML node trees to - strings:

+

The mxmlLoadString() +, +mxmlSaveAllocString(), and +mxmlSaveString() functions load XML node trees from and + save XML node trees to strings:

     char buffer[8192];
     char *ptr;
-    mxml_node_t *tree;
+    mxml_node_t *tree;
 
     ...
-    tree = mxmlLoadString(NULL, buffer, MXML_NO_CALLBACK);
+    tree = mxmlLoadString(NULL, buffer, MXML_NO_CALLBACK);
 
     ...
-    mxmlSaveString(tree, buffer, sizeof(buffer), MXML_NO_CALLBACK);
+    mxmlSaveString(tree, buffer, sizeof(buffer), MXML_NO_CALLBACK);
 
     ...
-    ptr = mxmlSaveAllocString(tree, MXML_NO_CALLBACK);
+    ptr = mxmlSaveAllocString(tree, MXML_NO_CALLBACK);
 

Contents diff --git a/www/docfiles/Nodes.html b/www/docfiles/Nodes.html index c15f501..5b2a66c 100644 --- a/www/docfiles/Nodes.html +++ b/www/docfiles/Nodes.html @@ -29,16 +29,16 @@ PRE { font-family: monospace }

Nodes

Every piece of information in an XML file (elements, text, numbers) - is stored in memory in "nodes". Nodes are defined by the -mxml_node_t structure. The + is stored in memory in "nodes". Nodes are defined by the +mxml_node_t structure. The type member defines the node type (element, integer, opaque, real, or text) which determines which value you want to look at - in the value union.

-

New nodes can be created using the -mxmlNewElement(), -mxmlNewInteger(), -mxmlNewOpaque(), -mxmlNewReal(), and + in the value union.

+

New nodes can be created using the +mxmlNewElement(), +mxmlNewInteger(), +mxmlNewOpaque(), +mxmlNewReal(), and mxmlNewText() functions. Only elements can have child nodes, and the top node must be an element, usually "?xml".

Each node has pointers for the node above (parent), below ( @@ -77,7 +77,7 @@ child), to the left (prev), and to the right (next

where "-" is a pointer to the next node and "|" is a pointer to the first child node.

-

Once you are done with the XML data, use the +

Once you are done with the XML data, use the mxmlDelete() function to recursively free the memory that is used for a particular node or the entire tree:

diff --git a/www/docfiles/OrganizationofThisDocument.html b/www/docfiles/OrganizationofThisDocument.html
index 71f0de9..41d864d 100644
--- a/www/docfiles/OrganizationofThisDocument.html
+++ b/www/docfiles/OrganizationofThisDocument.html
@@ -30,26 +30,25 @@ PRE { font-family: monospace }
 

Organization of This Document

This manual is organized into the following chapters and appendices:

diff --git a/www/documentation.php b/www/documentation.php index f6904e8..4e51270 100644 --- a/www/documentation.php +++ b/www/documentation.php @@ -1,6 +1,6 @@ \n" ."

User Comments [ " - ."Add Comment" + ."Add Comment" ." ]

\n"); - $num_comments = show_comments("documentation.php$path"); + $num_comments = show_comments("documentation.php$path", "../"); if ($num_comments == 0) print("

No comments for this page.

\n"); @@ -195,6 +195,6 @@ formats on-line:

} // -// End of "$Id: documentation.php,v 1.2 2004/05/19 16:34:54 mike Exp $". +// End of "$Id: documentation.php,v 1.3 2004/05/20 02:04:44 mike Exp $". // ?> diff --git a/www/phplib/auth.php b/www/phplib/auth.php index 7bc5296..1623667 100644 --- a/www/phplib/auth.php +++ b/www/phplib/auth.php @@ -1,14 +1,15 @@ diff --git a/www/phplib/common.php b/www/phplib/common.php index 2d0805f..b390193 100644 --- a/www/phplib/common.php +++ b/www/phplib/common.php @@ -1,6 +1,6 @@ for the "is published" field... // show_comments() - Show comments for the given path... +// validate_email() - Validate an email address... // @@ -577,7 +578,7 @@ show_comments($url, // I - URL for comment $parent_id = 0, // I - Parent comment $heading = 3) // I - Heading level { - global $_COOKIE; + global $_COOKIE, $LOGIN_LEVEL; $result = db_query("SELECT * FROM comment WHERE " @@ -621,6 +622,13 @@ show_comments($url, // I - URL for comment ."$contents\n"); html_start_links(); + + if ($LOGIN_LEVEL >= AUTH_DEVEL) + { + html_link("Edit", "${path}comment.php?e$row[id]+p$safeurl"); + html_link("Delete", "${path}comment.php?d$row[id]+p$safeurl"); + } + html_link("Reply", "${path}comment.php?r$row[id]+p$safeurl"); if ($modpoints > 0) @@ -648,6 +656,21 @@ show_comments($url, // I - URL for comment // -// End of "$Id: common.php,v 1.9 2004/05/19 21:17:47 mike Exp $". +// 'validate_email()' - Validate an email address... +// + +function // O - TRUE if OK, FALSE otherwise +validate_email($email) // I - Email address +{ + // Check for both "name@domain.com" and "Full Name " + return (eregi("^[a-zA-Z0-9_\.+-]+@[a-zA-Z0-9\.-]+\.[a-zA-Z]{2,4}$", + $email) || + eregi("^[^<]*<[a-zA-Z0-9_\.+-]+@[a-zA-Z0-9\.-]+\.[a-zA-Z]{2,4}>$", + $email)); +} + + +// +// End of "$Id: common.php,v 1.10 2004/05/20 02:04:45 mike Exp $". // ?> diff --git a/www/str.php b/www/str.php index a25b251..ba2acc5 100644 --- a/www/str.php +++ b/www/str.php @@ -1,12 +1,12 @@ email, "$PROJECT_NAME STR #$id $what", + mail($ccrow['email'], "$PROJECT_NAME STR #$id $what", "Software trouble report #$id has been $what. You can check\n" ."the status of the report and add additional comments and/or files\n" ."at the following URL:\n" @@ -162,7 +168,7 @@ notify_creator($id, // I - STR # if ($row['manager_email'] != "") $manager = $row['manager_email']; else - $manager = "$PROJECT_EMAIL"; + $manager = $PROJECT_EMAIL; if ($row['modify_user'] != $manager) mail($manager, "$PROJECT_NAME STR #$id $what", @@ -383,7 +389,7 @@ switch ($op) db_query("INSERT INTO strtext VALUES(NULL,$id,1,'$contents'," ."$time,'$modify_user')"); - notify_creator($id, "updated", $mailmsg); + notify_users($id, "updated", $mailmsg); } } @@ -966,9 +972,9 @@ switch ($op) $master_id = (int)$_POST["MASTER_ID"]; $summary = db_escape($_POST["SUMMARY"]); $subsystem = db_escape($_POST["SUBSYSTEM"]); - $create_user = db_escape($_POST["CREATE_EMAIL"]); + $create_user = db_escape($_POST["CREATE_EMAIL"]); $manager_email = db_escape($_POST["MANAGER_EMAIL"]); - $modify_user = db_escape($_COOKIE["FROM"]); + $modify_user = db_escape($_COOKIE["FROM"]); $contents = db_escape(trim($_POST["CONTENTS"])); $message = $_POST["MESSAGE"]; @@ -1007,7 +1013,7 @@ switch ($op) header("Location: $PHP_SELF?L$id$options"); - notify_creator($id, "updated", $contents); + notify_users($id, "updated", $contents); } else if (array_key_exists("FILE_ID", $_POST)) { @@ -1051,7 +1057,7 @@ switch ($op) $row = db_next($result); - $create_user = htmlspecialchars($row['create_user']); + $create_user = htmlspecialchars($row['create_user']); $manager_email = htmlspecialchars($row['manager_email']); $summary = htmlspecialchars($row['summary'], ENT_QUOTES); @@ -1292,10 +1298,13 @@ switch ($op) { $contents = $_POST["CONTENTS"]; - if (array_key_exists("EMAIL", $_POST)) + if ($LOGIN_USER != "" && $LOGIN_LEVEL < AUTH_DEVEL) + $email = $LOGIN_USER; + else if (array_key_exists("EMAIL", $_POST) && + validate_email($_POST["EMAIL"])) { $email = $_POST["EMAIL"]; - setcookie("FROM", "$email", time() + 57600, $PHP_SELF, $SERVER_NAME); + setcookie("FROM", "$email", time() + 90 * 86400, "/"); } else if (array_key_exists("FROM", $_COOKIE)) $email = $_COOKIE["FROM"]; @@ -1310,7 +1319,9 @@ switch ($op) } else { - if (array_key_exists("FROM", $_COOKIE)) + if ($LOGIN_USER != "") + $email = $LOGIN_USER; + else if (array_key_exists("FROM", $_COOKIE)) $email = $_COOKIE["FROM"]; else $email = ""; @@ -1338,7 +1349,7 @@ switch ($op) header("Location: $PHP_SELF?L$id$options"); - notify_creator($id, "updated", "$contents\n\n"); + notify_users($id, "updated", "$contents\n\n"); } else { @@ -1400,10 +1411,13 @@ switch ($op) case 'F' : // Post file for STR # if ($REQUEST_METHOD == "POST") { - if (array_key_exists("EMAIL", $_POST)) + if ($LOGIN_USER != "" && $LOGIN_LEVEL < AUTH_DEVEL) + $email = $LOGIN_USER; + else if (array_key_exists("EMAIL", $_POST) && + validate_email($_POST["EMAIL"])) { $email = $_POST["EMAIL"]; - setcookie("FROM", "$email", time() + 57600, $PHP_SELF, $SERVER_NAME); + setcookie("FROM", "$email", time() + 90 * 86400, "/"); } else if (array_key_exists("FROM", $_COOKIE)) $email = $_COOKIE["FROM"]; @@ -1427,7 +1441,9 @@ switch ($op) } else { - if (array_key_exists("FROM", $_COOKIE)) + if ($LOGIN_USER != "") + $email = $LOGIN_USER; + else if (array_key_exists("FROM", $_COOKIE)) $email = $_COOKIE["FROM"]; else $email = ""; @@ -1484,7 +1500,7 @@ switch ($op) header("Location: $PHP_SELF?L$id$options"); - notify_creator($id, "updated", "Added file $name\n\n"); + notify_users($id, "updated", "Added file $name\n\n"); } else { @@ -1558,7 +1574,8 @@ switch ($op) if ($LOGIN_USER != "" && $LOGIN_LEVEL < AUTH_DEVEL) $email = $LOGIN_USER; - else if (array_key_exists("EMAIL", $_POST)) + else if (array_key_exists("EMAIL", $_POST) && + validate_email($_POST["EMAIL"])) { $email = $_POST["EMAIL"]; setcookie("FROM", "$email", time() + 90 * 86400, "/"); @@ -1656,7 +1673,7 @@ switch ($op) } header("Location: $PHP_SELF?L$id$options"); - notify_creator($id, "created", "$contents\n\n"); + notify_users($id, "created", "$contents\n\n"); } else { @@ -1814,20 +1831,21 @@ switch ($op) $notification = $_POST["NOTIFICATION"]; $email = $_POST["EMAIL"]; - if (($notification != "ON" && $notification != "OFF") || $email == "") + if (($notification != "ON" && $notification != "OFF") || $email == "" || + !validate_email($email)) { html_header("STR Error"); - print("

Please press your browsers back button and enter an " + print("

Please press your browsers back button and enter a valid " ."EMail address and choose whether to receive notification " ."messages.

\n"); html_footer(); exit(); } - setcookie("FROM", "$email", time() + 57600, $PHP_SELF, $SERVER_NAME); + setcookie("FROM", "$email", time() + 90 * 86400, "/"); $result = db_query("SELECT * FROM carboncopy WHERE " - ."url = 'str.php?L$id' AND email = '$email'"); + ."url = 'str.php_L$id' AND email = '$email'"); html_header("STR #$id Notifications"); @@ -1872,6 +1890,6 @@ switch ($op) } // -// End of "$Id: str.php,v 1.10 2004/05/19 21:17:47 mike Exp $". +// End of "$Id: str.php,v 1.11 2004/05/20 02:04:44 mike Exp $". // ?>