Profile
MAJ is an Open Source, PHP-based content management system (CMS) that can be deployed as a blog, bulletin or message board, Internet forum, and wiki. It is extensible via PHP panels and is HTML5 and CSS3 ready.
Git
This commit has been accessed 1069 times via Git panel.

commit 796d3da732db5b9e57cc49d34040361a0f35acad
tree 8ec0fba760aeb0a249c41fd2a26c94bc88bab49c
parent eb82e00c52a0b4bdd03b399aafa5224fbfd29d42
author Magie Antonio <magie@majcms.org> 1316535259 +0800
committer Magie Antonio <magie@majcms.org> 1316535259 +0800

    Fix comment notification issues

diff --git a/index.php b/index.php
index b68fc52..16d48fd 100644
--- a/index.php
+++ b/index.php
@@ -3146,9 +3146,9 @@ foreach ($maj_disp as $maj_d) {
 
                        echo "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"$maj_wmain\"><tr><td>";
 
-                       if (!isset($maj_logged_in_username) or (isset($maj_logged_in_username) and ($maj_logged_in_username != $maj_admin_username and file_exists("$maj_data_directory/members/active/$maj_logged_in_username")))) {
+                       if (!isset($maj_logged_in_username) or (isset($maj_logged_in_username) and ($maj_logged_in_username != $maj_admin_username) and file_exists("$maj_data_directory/members/active/$maj_logged_in_username"))) {
       
-                               if (isset($maj_req_show) and !empty($maj_req_show) and isset($_POST['captcha_put']) and !empty($_REQUEST['captcha_get']) and isset($_POST['firstname']) and !empty($_POST['firstname']) and isset($_POST['lastname']) and !empty($_POST['lastname']) and isset($_POST['email']) and !empty($_POST['email']) and isset($_POST['new_comment']) and !empty($_POST['new_comment']) and isset($_POST['captcha_put']) and !empty($_POST['captcha_put']) and ($_REQUEST['captcha_get'] == $_POST['captcha_put']) and (mb_ereg("@",$_POST['email'])) and (mb_ereg("\.",$_POST['email']))) {
+                               if (isset($maj_req_show) and !empty($maj_req_show) and isset($_POST['captcha_put']) and !empty($_REQUEST['captcha_get']) and isset($_POST['firstname']) and !empty($_POST['firstname']) and isset($_POST['lastname']) and !empty($_POST['lastname']) and isset($_POST['email']) and !empty($_POST['email']) and isset($_POST['new_comment']) and !empty($_POST['new_comment']) and isset($_POST['captcha_put']) and !empty($_POST['captcha_put']) and ($_REQUEST['captcha_get'] == sha1($_POST['captcha_put'])) and (mb_ereg("@",$_POST['email'])) and (mb_ereg("\.",$_POST['email']))) {
                                        echo "<font style=\"font-size: $maj_font_Lpx;\"><b>Thanks!</b></font><p>Your comment has been submitted for approval. Please check back soon to see if it has been posted.</p>";
                                }
                        }
diff --git a/member.php b/member.php
index 0c7aaf2..7c72ab2 100644
--- a/member.php
+++ b/member.php
@@ -616,6 +616,11 @@ maj_avatar_image($id,80);
 
 <?php
 
+if (file_exists("data/members/active/$id/org.txt") and ($maj_logged_in_username == $maj_admin_username)) {
+       $org = file_get_contents("data/members/active/$id/org.txt");
+       echo "<tr><td width=90>organization</td><td><code>$org</code></td></tr>";
+}
+
 if (($maj_admin_username == $id) and file_exists("data/url.txt") and isset($maj_logged_in_username) and !empty($maj_logged_in_username)) {
        $member_url = file_get_contents("data/url.txt");
        echo "<tr><td width=90>website</td><td><a href=$member_url target=_majbb><code>$member_url</code></a></td></tr>";
@@ -625,6 +630,11 @@ elseif (file_exists("data/members/active/$id/url.txt") and isset($maj_logged_in_
        echo "<tr><td width=90>website</td><td><a href=$member_url target=_majbb><code>$member_url</code></a></td></tr>";
 }
 
+if (file_exists("data/members/active/$id/tel.txt") and ($maj_logged_in_username == $maj_admin_username)) {
+       $tel = file_get_contents("data/members/active/$id/tel.txt");
+       echo "<tr><td width=90>mobile number</td><td><code>$tel</code></td></tr>";
+}
+
 if (file_exists("data/members/active/$id/bday.txt") and ($maj_logged_in_username == $maj_admin_username)) {
        $bday = file_get_contents("data/members/active/$id/bday.txt");
        $bday_year = mb_substr($bday,0,4);
diff --git a/options.php b/options.php
index 59cfcab..a55509d 100644
--- a/options.php
+++ b/options.php
@@ -41,7 +41,7 @@ if (isset($_REQUEST['username']) and !empty($_REQUEST['username']) and isset($_R
                unlink("$maj_data_directory/members/active/$username/bb-vacation.txt");
                unlink("$maj_data_directory/members/active/$username/email.txt");
                rename("$maj_data_directory/members/active/$username/new-email.txt","$maj_data_directory/members/active/$username/email.txt");
-               echo "<p><font style=\"font-size: 12px;\"><b>Thanks!</b></font></p><p>You have successfully verified your new e-mail address.<br>Click <a href=index.php>here</a> to go to the index page.</p>";
+               echo "<font style=\"font-size: 12px;\"><b>Thanks!</b></font>You have successfully verified your new e-mail address.<br>Click <a href=index.php>here</a> to go to the index page.";
        }
        exit();
 }
@@ -100,7 +100,40 @@ if (isset($_POST['email']) and !empty($_POST['email']) and (file_get_contents("$
                "Reply-To: $email_from\r\n" .
                "X-Mailer: $mailer");
 
-       echo "<p>Confirmation request sent. Check your $email_write_content inbox for details.</p>";
+       echo "Confirmation request sent. Check your $email_write_content inbox for details.";
+}
+
+if (isset($_POST['tel']) and !empty($_POST['tel']) and (mb_strlen(preg_replace("/[^0-9]/","", $_POST['tel'])) > 6)) {
+
+       $tel = strip_tags($_POST['tel']);
+       $tel = htmlentities($tel, ENT_QUOTES, 'UTF-8');
+       $tel = trim($tel);
+
+       $tel = preg_replace('/[^0-9+]/i','',$tel);
+
+       if (preg_match("/^\+/",$tel)) {
+
+               $tel = preg_replace('/[^0-9]/i','',$tel);
+               $tel = '+' . $tel;
+       }
+       else {
+               $tel = preg_replace('/[^0-9]/i','',$tel);
+       }
+
+       $fp_tel_txt = fopen("$maj_data_directory/members/active/$maj_logged_in_username/tel.txt","w");
+       fwrite($fp_tel_txt,$tel);
+       fclose($fp_tel_txt);
+}
+
+if (isset($_POST['org']) and !empty($_POST['org']) and (strlen($_POST['org']) > 2)) {
+
+       $org = trim(strip_tags($_POST['org']));
+       $org = htmlentities($org, ENT_QUOTES, 'UTF-8');
+       $org = format_title_put($org);
+
+       $fp_org_txt = fopen("$maj_data_directory/members/active/$maj_logged_in_username/org.txt","w");
+       fwrite($fp_org_txt,$org);
+       fclose($fp_org_txt);
 }
 
 if ((!isset($_POST['url']) or empty($_POST['url'])) and isset($_POST['edit']) and ($_POST['edit'] == "on")) {
@@ -283,7 +316,7 @@ if (isset($_POST['current_passwd']) and !empty($_POST['current_passwd']) and iss
        $confirm_passwd = trim($_POST['confirm_passwd']);
 
        if ((mb_strlen($new_passwd) < $pass_len) or (mb_strlen($confirm_passwd) < $pass_len)) {
-               echo "<p>Passwords must be composed of at least $pass_len characters.</p>";
+               echo "Passwords must be composed of at least $pass_len characters.";
        }
        else {
                /* Fun with crypt! */
@@ -298,7 +331,7 @@ if (isset($_POST['current_passwd']) and !empty($_POST['current_passwd']) and iss
                $confirm_passwd = crypt($confirm_passwd, $confirm_passwd);
               
                if (($current_passwd != file_get_contents("$maj_data_directory/members/active/$maj_logged_in_username/password.txt")) or ($new_passwd != $confirm_passwd)) {
-                       echo "<p>Passwords do not match.</p>";
+                       echo "Passwords do not match.";
                }
                else {
                        $fp_passwd_txt = fopen("$maj_data_directory/members/active/$maj_logged_in_username/password.txt","w");
@@ -306,7 +339,7 @@ if (isset($_POST['current_passwd']) and !empty($_POST['current_passwd']) and iss
                        fclose($fp_passwd_txt);
                        $login_url = "http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/login.php";
                        $login_url = str_replace("//login.php", "/login.php", $login_url);
-                       echo "<p>Password successfully changed and encrypted on record.</p>";
+                       echo "Password successfully changed and encrypted on record.";
                }
        }
 }
@@ -315,9 +348,9 @@ if (isset($_POST['current_passwd']) and !empty($_POST['current_passwd']) and iss
 
 <table border="0" cellspacing="1" cellpadding="2" bgcolor="#cccccc">
 
-<tr><td bgcolor="#ffffff" colspan="2" align="right"><p>you are logged in as <b><?php echo "<b>{$maj_logged_in_username}</b>"; ?>&nbsp;&nbsp;</b></p></td></tr>
+<tr><td bgcolor="#ffffff" colspan="2" align="right">you are logged in as <b><?php echo "<b>{$maj_logged_in_username}</b>"; ?>&nbsp;&nbsp;</b></td></tr>
 
-<tr><td bgcolor="#ffffff"><?php maj_avatar_image($maj_logged_in_username,80,0,0); ?></td><td bgcolor="#ffffff"><p>
+<tr><td bgcolor="#ffffff"><?php maj_avatar_image($maj_logged_in_username,80,0,0); ?></td><td bgcolor="#ffffff">
 
 <?php
 
@@ -335,7 +368,7 @@ elseif (!file_exists("$maj_data_directory/members/active/$maj_logged_in_username
        echo "<br>member";
 }
 
-echo "</p><p align=right>";
+echo "<p align=right>";
 
 if (file_exists("$maj_data_directory/members/active/$maj_logged_in_username/bday.txt")) {
 
@@ -371,18 +404,22 @@ if (file_exists("$maj_data_directory/members/active/$maj_logged_in_username/bb-l
 
 ?>
 
-</p></td></tr>
+</td></tr>
 
 <form enctype="multipart/form-data" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
 <input type="hidden" name="edit" value="on">
 
 <?php if (!file_exists("$maj_data_directory/members/active/$maj_logged_in_username/key.txt")) { ?>
-<tr><td bgcolor="#ffffff"><p>e-mail address*</p></td><td bgcolor="#ffffff" colspan="2"><input autofocus required class="input" type="email" autocomplete="off" name="email" maxlength="60" value="<?php readfile("$maj_data_directory/members/active/$maj_logged_in_username/email.txt"); ?>"></td></tr>
+<tr><td bgcolor="#ffffff">e-mail address*</td><td bgcolor="#ffffff" colspan="2"><input autofocus required class="input" type="email" autocomplete="off" name="email" maxlength="60" value="<?php readfile("$maj_data_directory/members/active/$maj_logged_in_username/email.txt"); ?>"></td></tr>
 <?php } ?>
 
-<tr><td bgcolor="#ffffff"><p>website</p></td><td bgcolor="#ffffff" colspan="2"><input class="input" type="url" autocomplete="off" name="url" maxlength="300" <?php if (file_exists("$maj_data_directory/members/active/$maj_logged_in_username/url.txt")) { echo "value=\""; readfile("$maj_data_directory/members/active/$maj_logged_in_username/url.txt"); echo "\""; } ?>></td></tr>
+<tr><td bgcolor="#ffffff">mobile number</td><td bgcolor="#ffffff" colspan="2"><input autofocus required class="input" type="tel" autocomplete="off" name="tel" maxlength="30" <?php if (file_exists("$maj_data_directory/members/active/$maj_logged_in_username/tel.txt")) { echo "value=\""; readfile("$maj_data_directory/members/active/$maj_logged_in_username/tel.txt"); echo "\""; } ?>></td></tr>
+
+<tr><td bgcolor="#ffffff">company or school</td><td bgcolor="#ffffff" colspan="2"><input autofocus required class="input" type="org" autocomplete="off" name="org" maxlength="60" <?php if (file_exists("$maj_data_directory/members/active/$maj_logged_in_username/org.txt")) { echo "value=\""; readfile("$maj_data_directory/members/active/$maj_logged_in_username/org.txt"); echo "\""; } ?>></td></tr>
+
+<tr><td bgcolor="#ffffff">website</td><td bgcolor="#ffffff" colspan="2"><input class="input" type="url" autocomplete="off" name="url" maxlength="300" <?php if (file_exists("$maj_data_directory/members/active/$maj_logged_in_username/url.txt")) { echo "value=\""; readfile("$maj_data_directory/members/active/$maj_logged_in_username/url.txt"); echo "\""; } ?>></td></tr>
 
-<tr><td bgcolor="#ffffff"><p>country</p></td><td bgcolor="#ffffff" colspan="2">
+<tr><td bgcolor="#ffffff">country</td><td bgcolor="#ffffff" colspan="2">
 
 <select class="input" name="country" required>
 <option<?php if (!file_exists("$maj_data_directory/members/active/$maj_logged_in_username/country.txt")) { echo " selected"; } ?> value=""></option>
@@ -633,11 +670,11 @@ if (file_exists("$maj_data_directory/members/active/$maj_logged_in_username/bb-l
 
 </td></tr>
 
-<tr><td bgcolor="#ffffff"><p>city or municipality</p></td><td bgcolor="#ffffff" colspan="2"><input required class="input" type="text" autocomplete="off" name="city" maxlength="100" <?php if (file_exists("$maj_data_directory/members/active/$maj_logged_in_username/city.txt")) { echo "value=\""; readfile("$maj_data_directory/members/active/$maj_logged_in_username/city.txt");echo "\"";  } ?>></td></tr>
+<tr><td bgcolor="#ffffff">city or municipality</td><td bgcolor="#ffffff" colspan="2"><input required class="input" type="text" autocomplete="off" name="city" maxlength="100" <?php if (file_exists("$maj_data_directory/members/active/$maj_logged_in_username/city.txt")) { echo "value=\""; readfile("$maj_data_directory/members/active/$maj_logged_in_username/city.txt");echo "\"";  } ?>></td></tr>
 
 <?php if (file_exists("$maj_data_directory/bb.txt") and file_exists("$maj_data_directory/bb-sig.txt")) { ?>
 
-<tr><td bgcolor="#ffffff"><p>signature</p></td><td bgcolor="#ffffff" colspan="2"><textarea class="input" name="sig"><?php if (file_exists("$maj_data_directory/members/active/$maj_logged_in_username/sig.txt")) {
+<tr><td bgcolor="#ffffff">signature</td><td bgcolor="#ffffff" colspan="2"><textarea class="input" name="sig"><?php if (file_exists("$maj_data_directory/members/active/$maj_logged_in_username/sig.txt")) {
 
        $get_sig = file_get_contents("$maj_data_directory/members/active/$maj_logged_in_username/sig.txt");
        $get_sig = str_replace("<b>","[b]",$get_sig);
@@ -666,27 +703,27 @@ if (file_exists("$maj_data_directory/avatar.txt")) {
 
 ?>
 
-<tr><td bgcolor="#ffffff"><p>upload avatar</p></td><td bgcolor="#ffffff" colspan="2"><input type="file" autocomplete="off" name="avatar"></td></tr>
+<tr><td bgcolor="#ffffff">upload avatar</td><td bgcolor="#ffffff" colspan="2"><input type="file" autocomplete="off" name="avatar"></td></tr>
 <?php
 
 }
 
 if (file_exists("$maj_data_directory/avatar.txt") and (file_exists("$maj_image_directory/members/$maj_logged_in_username/avatar.gif") or file_exists("$maj_image_directory/members/$maj_logged_in_username/avatar.jpg") or file_exists("$maj_image_directory/members/$maj_logged_in_username/avatar.png"))) { ?>
-<tr><td bgcolor="#ffffff"><p></p></td><td bgcolor="#ffffff" colspan="2"><p><input type="checkbox" name="del_avatar">delete existing avatar</p></td></tr>
+<tr><td bgcolor="#ffffff"></td><td bgcolor="#ffffff" colspan="2"><table border="0" cellspacing="0" cellpadding="0"><tr><td><input type="checkbox" name="del_avatar"></td><td>delete existing avatar</td></tr></table></td></tr>
 <?php } if (file_exists("$maj_data_directory/ml.txt") and !file_exists("$maj_data_directory/members/active/$maj_logged_in_username/key.txt")) { ?>
-<tr><td bgcolor="#ffffff"><p></p></td><td bgcolor="#ffffff" colspan="2"><p><input type="checkbox" name="vacation" <?php if (file_exists("$maj_data_directory/members/active/$maj_logged_in_username/bb-vacation.txt")) { echo checked; } ?>>temporarily disable mailing list subscription</p></td></tr>
+<tr><td bgcolor="#ffffff"></td><td bgcolor="#ffffff" colspan="2"><table border="0" cellspacing="0" cellpadding="0"><tr><td><input type="checkbox" name="vacation" <?php if (file_exists("$maj_data_directory/members/active/$maj_logged_in_username/bb-vacation.txt")) { echo checked; } ?>></td><td>temporarily disable mailing list subscription</td></tr></table></td></tr>
 <?php } ?>
 
 <?php if (!file_exists("$maj_data_directory/members/active/$maj_logged_in_username/bday.txt")) { ?>
-<tr><td bgcolor="#ffffff"><p>birthdate (YYYYMMDD)</p></td><td bgcolor="#ffffff" colspan="2"><input class="input" type="text" autocomplete="off" name="bday" maxlength="8" value="<?php echo date("Ymd", time() + $maj_offset); ?>"></td></tr>
+<tr><td bgcolor="#ffffff">birthdate (YYYYMMDD)</td><td bgcolor="#ffffff" colspan="2"><input class="input" type="text" autocomplete="off" name="bday" maxlength="8" value="<?php echo date("Ymd", time() + $maj_offset); ?>"></td></tr>
 <?php } ?>
 
-<tr><td bgcolor="#ffffff"><p>current password</p></td><td bgcolor="#ffffff" colspan="2"><input class="input" type="password" autocomplete="off" name="current_passwd" maxlength="30"></td></tr>
-<tr><td bgcolor="#ffffff"><p>new password</p></td><td bgcolor="#ffffff" width="300"><input class="input" type="password" autocomplete="off" name="new_passwd" maxlength="30"></td></tr>
-<tr><td bgcolor="#ffffff"><p>confirm password</p></td><td bgcolor="#ffffff"><input class="input" type="password" autocomplete="off" name="confirm_passwd" maxlength="30"></td></tr>
-<tr><td bgcolor="#ffffff"><p></p></td><td bgcolor="#ffffff"><input class="click" type="submit" value="click here to activate new settings"></td></tr>
+<tr><td bgcolor="#ffffff">current password</td><td bgcolor="#ffffff" colspan="2"><input class="input" type="password" autocomplete="off" name="current_passwd" maxlength="30"></td></tr>
+<tr><td bgcolor="#ffffff">new password</td><td bgcolor="#ffffff" width="300"><input class="input" type="password" autocomplete="off" name="new_passwd" maxlength="30"></td></tr>
+<tr><td bgcolor="#ffffff">confirm password</td><td bgcolor="#ffffff"><input class="input" type="password" autocomplete="off" name="confirm_passwd" maxlength="30"></td></tr>
+<tr><td bgcolor="#ffffff"></td><td bgcolor="#ffffff"><input class="click" type="submit" value="click here to activate new settings"></td></tr>
 </form>
 <form enctype="multipart/form-data" action="<?php echo 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']); ?>" method="post">
-<tr><td bgcolor="#ffffff"><p></p></td><td bgcolor="#ffffff"><input class="click" type="submit" value="click here to go to the index page"></td></tr>
+<tr><td bgcolor="#ffffff"></td><td bgcolor="#ffffff"><input class="click" type="submit" value="click here to go to the index page"></td></tr>
 </form>
 </table>
 
Credits
Sunday, Sep 18, 2005, 12:00 AM (Revision 11 - Thursday, Jul 14, 2011, 7:30 PM)
Open Source enables software developers to stand on the shoulders of giants instead of reinventing the wheel, so to speak. Kudos and many thanks to the folks who made their work freely available for reuse in MAJ.

read more
Bugs and Exploits
Friday, Aug 26, 2005, 12:00 AM (Revision 23 - Wednesday, May 29, 2013, 5:25 AM)
Although MAJ started as a family project, care has been taken to make it as "safe" as possible. With more people now working on MAJ, bugs and exploitable code may sometimes slip in. We invite you to poke around and see if you can find any. Generally, there are two things you can do when you find a MAJ or PHP-related bug or exploit:

1. Take advantage of it. But hey, what's so exciting about messing up someone's blog? Ho-hum, right?
2. Report it here so that we can work on a fix and make MAJ better.

read more
Search
Download
MAJ 2.0
75 files
33087 downloads
MAJ 1.0
26 files
13170 downloads
MAJ 0.14
45 files
35071 downloads