From bce919af7b49bbd06223f79b8c37a53a3d263ff0 Mon Sep 17 00:00:00 2001 From: Marcus Campbell Date: Sun, 13 Jul 2008 01:09:50 +0000 Subject: [PATCH 1/1] * Fixed REG_BADRPT error in isValidEmail() that prevented registration * Merged cookie fix from trunk * Set body background to white * Removed poor seed from _randompassword() * Minor fix to updateBookmark() --- .htaccess | 3 +++ header.inc.php | 1 + index.php | 2 +- login.php | 2 +- readme.txt | 11 ++--------- register.php | 4 ++-- scuttle.css | 1 + services/bookmarkservice.php | 3 +-- services/userservice.php | 12 +++++------- 9 files changed, 17 insertions(+), 22 deletions(-) diff --git a/.htaccess b/.htaccess index af3cae9..89f6dfd 100644 --- a/.htaccess +++ b/.htaccess @@ -1,3 +1,5 @@ +# Rewrite clean URLs onto real files + Options +FollowSymlinks AcceptPathInfo On @@ -8,3 +10,4 @@ RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_FILENAME}.php -f RewriteRule ^([^/]+)/?(.*) $1.php/$2 [L] + diff --git a/header.inc.php b/header.inc.php index 751e4e8..de56c84 100644 --- a/header.inc.php +++ b/header.inc.php @@ -23,6 +23,7 @@ if (!isset($root)) { if (($root != '/') && (substr($root, -1, 1) != '/')) { $root .= '/'; } + $path = $root; $root = 'http://'. $_SERVER['HTTP_HOST'] . $root; } diff --git a/index.php b/index.php index b760bd7..ad6f1cc 100644 --- a/index.php +++ b/index.php @@ -28,7 +28,7 @@ $cacheservice =& ServiceFactory::getServiceInstance('CacheService'); $tplvars = array(); if (isset($_GET['action'])){ if ($_GET['action'] == "logout") { - $userservice->logout(); + $userservice->logout($path); $tplvars['msg'] = T_('You have now logged out'); } } diff --git a/login.php b/login.php index 4d212a9..41913f0 100644 --- a/login.php +++ b/login.php @@ -28,7 +28,7 @@ $tplVars = array(); $login = false; if (isset($_POST['submitted']) && isset($_POST['username']) && isset($_POST['password'])) { $posteduser = trim(utf8_strtolower($_POST['username'])); - $login = $userservice->login($posteduser, $_POST['password'], ($_POST['keeppass'] == "yes")); + $login = $userservice->login($posteduser, $_POST['password'], ($_POST['keeppass'] == 'yes'), $path); if ($login) { if ($_POST['query']) header('Location: '. createURL('bookmarks', $posteduser .'?'. $_POST['query'])); diff --git a/readme.txt b/readme.txt index 64b186b..44abd6b 100644 --- a/readme.txt +++ b/readme.txt @@ -1,4 +1,4 @@ -Scuttle 0.7.3 +Scuttle 0.7.4 http://sourceforge.net/projects/scuttle/ http://scuttle.org/ @@ -13,11 +13,4 @@ INSTALLATION * Edit config.inc.php.example and save the changes as a new config.inc.php file in the same directory. -* Set the CHMOD permissions on the /cache/ subdirectory to 777 - -============= -PROJECT LINKS -============= - -Scuttle Project: -http://sourceforge.net/projects/scuttle/ \ No newline at end of file +* Set the CHMOD permissions on the /cache/ subdirectory to 777 \ No newline at end of file diff --git a/register.php b/register.php index 8549d05..bca4de2 100644 --- a/register.php +++ b/register.php @@ -20,8 +20,8 @@ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ***************************************************************************/ require_once('header.inc.php'); -$userservice =& ServiceFactory::getServiceInstance('UserService'); -$templateservice =& ServiceFactory::getServiceInstance('TemplateService'); +$userservice =& ServiceFactory::getServiceInstance('UserService'); +$templateservice =& ServiceFactory::getServiceInstance('TemplateService'); $tplVars = array(); diff --git a/scuttle.css b/scuttle.css index 0d7ab2b..ecd2ab7 100644 --- a/scuttle.css +++ b/scuttle.css @@ -15,6 +15,7 @@ a img { border: 0; } body { + background-color: #FFF; margin: 0; padding: 0; } diff --git a/services/bookmarkservice.php b/services/bookmarkservice.php index afc7179..9159f97 100644 --- a/services/bookmarkservice.php +++ b/services/bookmarkservice.php @@ -180,8 +180,7 @@ class BookmarkService { $updates = array('bModified' => $moddatetime, 'bTitle' => $title, 'bAddress' => $address, 'bDescription' => $description, 'bStatus' => $status, 'bHash' => md5($address)); if (!is_null($date)) { - $datetime = gmdate('Y-m-d H:i:s', strtotime($date)); - $updates[] = array('bDateTime' => $datetime); + $updates['bDateTime'] = gmdate('Y-m-d H:i:s', strtotime($date)); } $sql = 'UPDATE '. $GLOBALS['tableprefix'] .'bookmarks SET '. $this->db->sql_build_array('UPDATE', $updates) .' WHERE bId = '. intval($bId); diff --git a/services/userservice.php b/services/userservice.php index 82abaf0..e0b7ba9 100644 --- a/services/userservice.php +++ b/services/userservice.php @@ -63,8 +63,6 @@ class UserService { } function _randompassword() { - $seed = (integer) md5(microtime()); - mt_srand($seed); $password = mt_rand(1, 99999999); $password = substr(md5($password), mt_rand(0, 19), mt_rand(6, 12)); return $password; @@ -145,7 +143,7 @@ class UserService { return false; } - function login($username, $password, $remember = FALSE) { + function login($username, $password, $remember = FALSE, $path = '/') { $password = $this->sanitisePassword($password); $query = 'SELECT '. $this->getFieldName('primary') .' FROM '. $this->getTableName() .' WHERE '. $this->getFieldName('username') .' = "'. $this->db->sql_escape($username) .'" AND '. $this->getFieldName('password') .' = "'. $this->db->sql_escape($password) .'"'; @@ -158,7 +156,7 @@ class UserService { $id = $_SESSION[$this->getSessionKey()] = $row[$this->getFieldName('primary')]; if ($remember) { $cookie = $id .':'. md5($username.$password); - setcookie($this->cookiekey, $cookie, time() + $this->cookietime); + setcookie($this->cookiekey, $cookie, time() + $this->cookietime, $path); } return true; } else { @@ -166,8 +164,8 @@ class UserService { } } - function logout() { - @setcookie($this->cookiekey, NULL, time() - 1); + function logout($path = '/') { + @setcookie($this->cookiekey, NULL, time() - 1, $path); unset($_COOKIE[$this->cookiekey]); session_unset(); $this->getCurrentUser(TRUE, false); @@ -335,7 +333,7 @@ class UserService { } function isValidEmail($email) { - if (eregi("^((?:(?:(?:\w[\.\-\+_]?)*)\w)+)\@((?:(?:(?:\w[\.\-_]?){0,62})\w)+)\.(\w{2,6})$", $email)) { + if (preg_match("/^((?:(?:(?:\w[\.\-\+_]?)*)\w)+)\@((?:(?:(?:\w[\.\-_]?){0,62})\w)+)\.(\w{2,6})$/i", $email) > 0) { list($emailUser, $emailDomain) = split("@", $email); // Check if the email domain has a DNS record -- 2.30.2