Profile
MAJ is an Open Source, PHP-based content management system (CMS) that can be deployed as a blog, bulletin or message board, Internet forum, and wiki. It is extensible via PHP panels and is HTML5 and CSS3 ready.
Git
This commit has been accessed 1021 times via Git panel.

commit 9e45e25b9dc13cb8156947cde51dd7558f42b595
tree 273e4b28b285e81f10718701dbae2d6d1c377454
parent 8b47e730572a1a9b2b9e592aa042510274d0deb0
author Engels Antonio <engels@majcms.org> 1282376206 +0800
committer Engels Antonio <engels@majcms.org> 1282376206 +0800

    Fix comment settings logic
    Add delete unread comments notice
    Fix avatar display in options.php
    Fix toggle display in settings.php
    Add diagnostics to reg.php
    Change $maj_font_Spx to 9 in css.php

diff --git a/css.php b/css.php
index 94ce978..932f7db 100644
--- a/css.php
+++ b/css.php
@@ -32,7 +32,7 @@ if (file_exists("data/fonts/panel-footer-size.txt")) {
        $maj_font_Spx = file_get_contents("data/fonts/panel-footer-size.txt") . "px";
 }
 else {
-       $maj_font_Spx = "10px";
+       $maj_font_Spx = "9px";
 }
 
 if (file_exists("data/round.txt")) {
diff --git a/del.php b/del.php
index 631d53f..7dacf68 100644
--- a/del.php
+++ b/del.php
@@ -21,6 +21,19 @@ else {
        $offset = 0;
 }
 
+if (isset($_SESSION['logged_in']) and isset($_REQUEST['target']) and ($_REQUEST['target'] == "unread")) {
+
+       if (file_exists("data/members/active/{$_SESSION['logged_in']}/comments/unread")) {
+               rmdirr("data/members/active/{$_SESSION['logged_in']}/comments/unread");
+       }
+      
+       if (($_SESSION['logged_in'] == file_get_contents("data/username.txt")) and file_exists("data/comments/unread")) {
+               rmdirr("data/comments/unread");
+       }
+
+       header("Location: .");
+}
+
 if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username)) {
 
        if (isset($_REQUEST['entry']) and !empty($_REQUEST['entry']) and isset($_REQUEST['target']) and !empty($_REQUEST['target'])) {
diff --git a/index.php b/index.php
index 4a019b3..31ecdf9 100644
--- a/index.php
+++ b/index.php
@@ -2640,7 +2640,7 @@ foreach ($maj_disp as $maj_d) {
 
        echo '>';
 
-       if (!file_exists("data/nocomment.txt") or (file_exists("data/memcomment.txt") and isset($_SESSION['logged_in'])) or file_exists("data/items/$maj_d/ucomment.txt")) {
+       if (!file_exists("data/nocomment.txt") or (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt"))) or (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt"))) or (file_exists("data/memcomment.txt") and isset($_SESSION['logged_in'])) or file_exists("data/items/$maj_d/ucomment.txt")) {
 
                if (!file_exists("data/items/$maj_d/comments/live")) {
                        echo "<a href=\"index.php?entry=$maj_d&show=comments\" class=\"status\">add comment</a>";
@@ -2852,7 +2852,7 @@ foreach ($maj_disp as $maj_d) {
                }
        }
 
-       if (!file_exists("data/nocomment.txt") or (file_exists("data/memcomment.txt") and isset($_SESSION['logged_in'])) or file_exists("data/items/$maj_d/ucomment.txt")) {
+       if (!file_exists("data/nocomment.txt") or (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt"))) or (file_exists("data/memcomment.txt") and isset($_SESSION['logged_in'])) or file_exists("data/items/$maj_d/ucomment.txt")) {
                echo "| <a href=\"index.php?entry=$maj_d\" class=\"status\">permalink</a>";
        }
 
@@ -3278,7 +3278,7 @@ foreach ($maj_disp as $maj_d) {
                echo '</td></tr></table>';
        }
 
-       if (isset($maj_req_entry) and !empty($maj_req_entry) and isset($maj_req_show) and !empty($maj_req_show) and ($maj_req_show == comments) and (file_exists("data/items/$maj_req_entry/ucomment.txt") or !file_exists("data/nocomment.txt") or (file_exists("data/memcomment.txt") and isset($_SESSION['logged_in'])))) {
+       if (isset($maj_req_entry) and !empty($maj_req_entry) and isset($maj_req_show) and !empty($maj_req_show) and ($maj_req_show == comments) and (file_exists("data/items/$maj_req_entry/ucomment.txt") or !file_exists("data/nocomment.txt") or (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt"))) or (file_exists("data/memcomment.txt") and isset($_SESSION['logged_in'])))) {
 
                if (file_exists("data/items/$maj_d/passwd.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $maj_login_username)) and (!isset($_REQUEST['passwd']) or ($maj_crypt_passwd != $maj_passwd))) {
                }
@@ -3716,7 +3716,7 @@ foreach ($maj_disp as $maj_d) {
 
                echo "<a name=\"end\"></a>";
 
-               if (!file_exists("data/nocomment.txt") or (file_exists("data/memcomment.txt") and isset($_SESSION['logged_in'])) or file_exists("data/items/$maj_d/ucomment.txt")) {
+               if (!file_exists("data/nocomment.txt") or (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt"))) or (file_exists("data/memcomment.txt") and isset($_SESSION['logged_in'])) or file_exists("data/items/$maj_d/ucomment.txt")) {
 
                        echo "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"$maj_wmain\"><tr><td>";
 
@@ -4373,9 +4373,8 @@ if (!file_exists("data/xucomment.txt") and isset($_SESSION['logged_in'])) {
 
        if (count($maj_unread_comments) > 0) {
 
-               echo '<div class="panel_title">';
-
-               echo 'Unread Comments</div><div class=panel_body><table border="0" cellspacing="0" cellpadding="0" width="100%">';
+               echo '<div class="panel_title"><a href="del.php?target=unread"><img src="images/widget.del.png" border="0" width="11" height="11" align="right"></a>Unread Comments</div>';
+               echo '<div class="panel_body"><table border="0" cellspacing="0" cellpadding="0" width="100%">';
 
                foreach ($maj_unread_comments as $maj_unread_comment) {
               
diff --git a/member.php b/member.php
index 07f61ea..0c943dc 100644
--- a/member.php
+++ b/member.php
@@ -523,7 +523,7 @@ else {
 
 <?php
 
-if ((file_get_contents("data/username.txt") == $id) and (file_exists("images/avatar.jpg") or file_exists("images/avatar.gif") or file_exists("images/avatar.png"))) {
+if ((file_get_contents("data/username.txt") == $id) and file_exists("data/avatar.txt") and (file_exists("images/avatar.jpg") or file_exists("images/avatar.gif") or file_exists("images/avatar.png"))) {
 
        if (file_exists("images/avatar.gif")) {
 
@@ -576,7 +576,7 @@ if ((file_get_contents("data/username.txt") == $id) and (file_exists("images/ava
 }
 else {
 
-       if (file_exists("images/members/$id/avatar.jpg") or file_exists("images/members/$id/avatar.gif") or file_exists("images/members/$id/avatar.png")) {
+       if (file_exists("data/avatar.txt") and (file_exists("images/members/$id/avatar.jpg") or file_exists("images/members/$id/avatar.gif") or file_exists("images/members/$id/avatar.png"))) {
       
                if (file_exists("images/members/$id/avatar.gif")) {
 
diff --git a/options.php b/options.php
index 1bea1c5..8823a1b 100644
--- a/options.php
+++ b/options.php
@@ -389,7 +389,7 @@ if (isset($_POST['current_passwd']) and !empty($_POST['current_passwd']) and iss
 <table border="0" cellspacing="1" cellpadding="2" bgcolor="#cccccc">
 <tr><td bgcolor="#ffffff" colspan="2" align="right"><p>you are logged in as <b><?php echo "<b>{$_SESSION['logged_in']}</b>"; ?>&nbsp;&nbsp;</b></p></td></tr>
 <tr><td bgcolor="#ffffff"><?php
-if (file_exists("images/members/{$_SESSION['logged_in']}/avatar.jpg") or file_exists("images/members/{$_SESSION['logged_in']}/avatar.gif") or file_exists("images/members/{$_SESSION['logged_in']}/avatar.png")) {
+if (file_exists("data/avatar.txt") and (file_exists("images/members/{$_SESSION['logged_in']}/avatar.jpg") or file_exists("images/members/{$_SESSION['logged_in']}/avatar.gif") or file_exists("images/members/{$_SESSION['logged_in']}/avatar.png"))) {
        if (file_exists("images/members/{$_SESSION['logged_in']}/avatar.gif")) {
                $avatar_gif_image_size = getimagesize("images/members/{$_SESSION['logged_in']}/avatar.gif");
                $avatar_gif_image_width = $avatar_gif_image_size[0];
@@ -786,11 +786,20 @@ if (file_exists("data/members/active/{$_SESSION['logged_in']}/bb-last.txt")) {
 
 } ?></textarea></td></tr>
 
-<?php } ?>
+<?php
+
+}
+
+if (file_exists("data/avatar.txt")) {
+
+?>
 
 <tr><td bgcolor="#ffffff"><p>upload avatar</p></td><td bgcolor="#ffffff" colspan="2"><input type="file" autocomplete="off" name="avatar"></td></tr>
 <?php
-if (file_exists("images/members/{$_SESSION['logged_in']}/avatar.gif") or file_exists("images/members/{$_SESSION['logged_in']}/avatar.jpg") or file_exists("images/members/{$_SESSION['logged_in']}/avatar.png")) { ?>
+
+}
+
+if (file_exists("data/avatar.txt") and (file_exists("images/members/{$_SESSION['logged_in']}/avatar.gif") or file_exists("images/members/{$_SESSION['logged_in']}/avatar.jpg") or file_exists("images/members/{$_SESSION['logged_in']}/avatar.png"))) { ?>
 <tr><td bgcolor="#ffffff"><p></p></td><td bgcolor="#ffffff" colspan="2"><p><input type="checkbox" name="del_avatar">delete existing avatar</p></td></tr>
 <?php } if (file_exists("data/ml.txt") and !file_exists("data/members/active/{$_SESSION['logged_in']}/key.txt")) { ?>
 <tr><td bgcolor="#ffffff"><p></p></td><td bgcolor="#ffffff" colspan="2"><p><input type="checkbox" name="vacation" <?php if (file_exists("data/members/active/{$_SESSION['logged_in']}/vacation.txt")) { echo checked; } ?>>temporarily disable mailing list subscription</p></td></tr>
diff --git a/reg.php b/reg.php
index dd87a41..23e2673 100644
--- a/reg.php
+++ b/reg.php
@@ -70,7 +70,7 @@ body {
        background-color: #FFFFFF;
 }
 
-p {
+* {
        font-size: 11px;
 }
 
@@ -120,6 +120,7 @@ a:active {
        font-size: 11px;
        font-weight: normal;
 }
+
 </style>
 
 <?php
@@ -141,26 +142,27 @@ function str_rand($length = 8, $seeds = 'abcdefghijklmnopqrstuvwxyz0123456789')
 
 function rmdirr($recurse_dirname) {
 
-    if (!file_exists($recurse_dirname)) {
-        return false;
-    }
+       if (!file_exists($recurse_dirname)) {
+               return false;
+       }
+
+       if (is_file($recurse_dirname)) {
+               return unlink($recurse_dirname);
+       }
 
-    if (is_file($recurse_dirname)) {
-        return unlink($recurse_dirname);
-    }
+       $recurse_dir = dir($recurse_dirname);
 
-    $recurse_dir = dir($recurse_dirname);
-    while (false !== $recurse_entry = $recurse_dir->read()) {
+       while (false !== $recurse_entry = $recurse_dir->read()) {
 
-        if ($recurse_entry == '.' || $recurse_entry == '..') {
-            continue;
-        }
+               if ($recurse_entry == '.' || $recurse_entry == '..') {
+                       continue;
+               }
 
-        rmdirr("$recurse_dirname/$recurse_entry");
-    }
+               rmdirr("$recurse_dirname/$recurse_entry");
+       }
 
-    $recurse_dir->close();
-    return rmdir($recurse_dirname);
+       $recurse_dir->close();
+       return rmdir($recurse_dirname);
 }
 
 if (isset($_REQUEST['username']) and !empty($_REQUEST['username']) and isset($_REQUEST['key']) and !empty($_REQUEST['key']) and isset($_REQUEST['action']) and !empty($_REQUEST['action']) and ereg('^[^./][^/]*$', $_REQUEST['username'])) {
@@ -365,45 +367,187 @@ if (isset($_REQUEST['username']) and !empty($_REQUEST['username']) and isset($_R
        exit();
 }
 
-if (isset($_REQUEST['username']) and !empty($_REQUEST['username']) and ($_REQUEST['username'] != "all") and isset($_POST['captcha_put']) and !empty($_POST['captcha_get']) and isset($_POST['firstname']) and !empty($_POST['firstname']) and isset($_POST['lastname']) and !empty($_POST['lastname']) and isset($_POST['email']) and !empty($_POST['email']) and isset($_POST['captcha_put']) and !empty($_POST['captcha_put']) and ($_POST['captcha_get'] == $_POST['captcha_put']) and (ereg("@", $_POST['email'])) and (ereg("\.", $_POST['email'])) and (strpos(file_get_contents("data/bb-reserved.txt"), $_REQUEST['username']) === false) and isset($_POST['bd_year']) and !empty($_POST['bd_year']) and isset($_POST['bd_month']) and !empty($_POST['bd_month']) and isset($_POST['bd_day']) and !empty($_POST['bd_day']) and (strlen($_POST['bd_year']) == "4") and (strlen($_POST['bd_month']) == "2") and (strlen($_POST['bd_day']) == "2") and is_numeric($_POST['bd_year']) and is_numeric($_POST['bd_month']) and is_numeric($_POST['bd_day']) and ((date("Y", time() + $offset) - $_POST['bd_year']) <= $maxage) and ((date("Y", time() + $offset) - $_POST['bd_year']) >= $minage) and ($_POST['bd_month'] >= 1) and ($_POST['bd_month'] <= 12) and ($_POST['bd_day'] >= 1) and ($_POST['bd_day'] <= 31) and isset($_POST['country']) and !empty($_POST['country']) and isset($_POST['city']) and !empty($_POST['city']) and ereg('^[^./][^/]*$', $_REQUEST['username'])) {
+if ($_POST['submit'] == "1") {
 
-       $username = strtolower($_REQUEST['username']);
-       $username = str_replace(" ","_",$username);
-       $username = trim($username);
-       $username = htmlentities($username, ENT_NOQUOTES);
+       $err_reg = "0";
 
-       $firstname = strtolower($_POST['firstname']);          
-       $firstname = ucwords($firstname);
-       $firstname = trim($firstname);
-       $firstname = htmlentities($firstname, ENT_NOQUOTES);
+       if (!isset($_REQUEST['username']) or empty($_REQUEST['username'])) {
+               $err_reg = $err_reg + 1;
+               $err_username = "This field is required.";
+               $err_username = "<td><img src=\"images/widget.x.png\" border=\"0\" width=\"14\" height=\"14\"></td><td>$err_username</td>";
+       }
+       else {
+               $username = strip_tags($_REQUEST['username']);
+               $username = htmlentities($username, ENT_NOQUOTES);
+               $username = trim($username);
+               $username = str_replace(" ","_",$username);
+               $username = strtolower($username);
+              
+               $err_username = "<td><img src=\"images/widget.ok.png\" border=\"0\" width=\"14\" height=\"14\"></td><td>$username</td>";
       
-       $lastname = strtolower($_POST['lastname']);
-       $lastname = ucwords($lastname);
-       $lastname = trim($lastname);
-       $lastname = htmlentities($lastname, ENT_NOQUOTES);
+               if (($username == "all") or ereg('^\.', $username) or ereg('\.$', $username) or ereg('@', $username)) {
+                       $err_reg = $err_reg + 1;
+                       $err_username = "The username $username is not allowed on this site.";
+                       $err_username = "<td><img src=\"images/widget.x.png\" border=\"0\" width=\"14\" height=\"14\"></td><td>$err_username</td>";
+               }
+
+               if (preg_match("/\b$username\b/i", file_get_contents("data/bb-reserved.txt"))) {
+                       $err_reg = $err_reg + 1;
+                       $err_username = "The username $username is reserved, please try again.";
+                       $err_username = "<td><img src=\"images/widget.x.png\" border=\"0\" width=\"14\" height=\"14\"></td><td>$err_username</td>";
+               }
+
+               if (file_exists("data/members/pending/$username") or file_exists("data/members/confirmed/$username") or file_exists("data/members/active/$username") or ($username == file_get_contents("data/username.txt"))) {
+                       $err_reg = $err_reg + 1;
+                       $err_username = "The username $username is already taken, please try again.";
+                       $err_username = "<td><img src=\"images/widget.x.png\" border=\"0\" width=\"14\" height=\"14\"></td><td>$err_username</td>";
+               }
+       }
+
+       if (!isset($_REQUEST['firstname']) or empty($_REQUEST['firstname'])) {
+               $err_reg = $err_reg + 1;
+               $err_firstname = "This field is required.";
+               $err_firstname = "<td><img src=\"images/widget.x.png\" border=\"0\" width=\"14\" height=\"14\"></td><td>$err_firstname</td>";
+       }
+       else {
+               $firstname = strip_tags($_POST['firstname']);
+               $firstname = htmlentities($firstname, ENT_NOQUOTES);
+               $firstname = trim($firstname);
+               $firstname = strtolower($firstname);           
+               $firstname = ucwords($firstname);
+              
+               $err_firstname = "<td><img src=\"images/widget.ok.png\" border=\"0\" width=\"14\" height=\"14\"></td><td>$firstname</td>";
+       }
+
+       if (!isset($_REQUEST['lastname']) or empty($_REQUEST['lastname'])) {
+               $err_reg = $err_reg + 1;
+               $err_lastname = "This field is required.";
+               $err_lastname = "<td><img src=\"images/widget.x.png\" border=\"0\" width=\"14\" height=\"14\"></td><td>$err_lastname</td>";
+       }
+       else {
+               $lastname = strip_tags($_POST['lastname']);
+               $lastname = htmlentities($lastname, ENT_NOQUOTES);
+               $lastname = trim($lastname);
+               $lastname = strtolower($lastname);
+               $lastname = ucwords($lastname);
+
+               $err_lastname = "<td><img src=\"images/widget.ok.png\" border=\"0\" width=\"14\" height=\"14\"></td><td>$lastname</td>";
+       }
+
+       if (!isset($_POST['email']) or empty($_POST['email'])) {
+               $err_reg = $err_reg + 1;
+               $err_email = "This field is required.";
+               $err_email = "<td><img src=\"images/widget.x.png\" border=\"0\" width=\"14\" height=\"14\"></td><td>$err_email</td>";
+       }
+       else { 
+               $email = strip_tags($_POST['email']);
+               $email = htmlentities($email, ENT_NOQUOTES);
+               $email = trim($email);
+               $email = strtolower($email);
+               $email = str_replace(" ","",$email);
+
+               $err_email = "<td><img src=\"images/widget.ok.png\" border=\"0\" width=\"14\" height=\"14\"></td><td>$email</td>";
+
+               if (!ereg("@", $email) or !ereg("\.", $email) or ereg('^\.', $email) or ereg('\.$', $email)) {
+                       $err_reg = $err_reg + 1;
+                       $err_email = "The email address $email is invalid.";
+                       $err_email = "<td><img src=\"images/widget.x.png\" border=\"0\" width=\"14\" height=\"14\"></td><td>$err_email</td>";
+               }
+
+               if (preg_match("/\b$email\b/i", file_get_contents("data/bb-banned.txt"))) {
+                       $err_reg = $err_reg + 1;
+                       $err_email = "The email address $email is not allowed on this site.";
+                       $err_email = "<td><img src=\"images/widget.x.png\" border=\"0\" width=\"14\" height=\"14\"></td><td>$err_email</td>";
+               }
+       }
+
+       if (!isset($_POST['bd_year']) or empty($_POST['bd_year']) or !isset($_POST['bd_month']) or empty($_POST['bd_month']) or !isset($_POST['bd_day']) or empty($_POST['bd_day']) or !is_numeric($_POST['bd_year']) or !is_numeric($_POST['bd_month']) or !is_numeric($_POST['bd_day'])or (strlen($_POST['bd_year']) > "4") or (strlen($_POST['bd_month']) > "2") or (strlen($_POST['bd_day']) > "2") or ($_POST['bd_month'] < 1) or ($_POST['bd_month'] > 12) or ($_POST['bd_day'] < 1) or ($_POST['bd_day'] > 31) or (date("Y", time() + $offset) < $_POST['bd_year']) or ((date("Y", time() + $offset) == $_POST['bd_year']) and (date("m", time() + $offset) < $_POST['bd_month'])) or ((date("Y", time() + $offset) == $_POST['bd_year']) and (date("m", time() + $offset) == $_POST['bd_month']) and (date("d", time() + $offset) < $_POST['bd_day']))) {
+               $err_reg = $err_reg + 1;
+               $err_bday = "The date you entered is invalid.";
+               $err_bday = "<td><img src=\"images/widget.x.png\" border=\"0\" width=\"14\" height=\"14\"></td><td>$err_bday</td>";
+       }
+       else {
+               if ((date("m", time() + $offset) == $_POST['bd_month']) and (date("d", time() + $offset) == $_POST['bd_day'])) {
+                       $err_bday = "<td><img src=\"images/widget.ok.png\" border=\"0\" width=\"14\" height=\"14\"></td><td>Happy Birthday!</td>";
+               }
+               else {
+                       $err_bday = "<td><img src=\"images/widget.ok.png\" border=\"0\" width=\"14\" height=\"14\"></td><td>{$_POST['bd_year']} {$_POST['bd_month']} {$_POST['bd_day']}</td>";
+               }
+              
+               if ((date("Y", time() + $offset) - $_POST['bd_year']) > $maxage) {
+                       $err_reg = $err_reg + 1;
+                       $err_bday = "You are too old.";
+                       $err_bday = "<td><img src=\"images/widget.x.png\" border=\"0\" width=\"14\" height=\"14\"></td><td>$err_bday</td>";
+               }
       
-       $email = strtolower($_POST['email']);
-       $email = trim($email);
-       $email = str_replace(" ","",$email);
-       $email = htmlentities($email, ENT_NOQUOTES);
+               if ((date("Y", time() + $offset) - $_POST['bd_year']) < $minage) {
+                       $err_reg = $err_reg + 1;
+                       $err_bday = "You are too young.";
+                       $err_bday = "<td><img src=\"images/widget.x.png\" border=\"0\" width=\"14\" height=\"14\"></td><td>$err_bday</td>";
+               }
+       }
 
-       $country = trim($_POST['country']);
-       $country = strtoupper($country);
+       if (!isset($_POST['country']) or empty($_POST['country'])) {
+               $err_reg = $err_reg + 1;
+               $err_country = "This field is required.";
+               $err_country = "<td><img src=\"images/widget.x.png\" border=\"0\" width=\"14\" height=\"14\"></td><td>$err_country</td>";
+       }
+       else {
+               $country = trim($_POST['country']);
+               $country = strtoupper($country);
+               $err_country = "<td><img src=\"images/widget.ok.png\" border=\"0\" width=\"14\" height=\"14\"></td><td>$country</td>";
+       }
 
-       $city = strtolower($_POST['city']);
-       $city = ucwords($city);
-       $city = trim($city);
-       $city = htmlentities($city, ENT_NOQUOTES);
+       if (!isset($_POST['city']) or empty($_POST['city'])) {
+               $err_reg = $err_reg + 1;
+               $err_city = "This field is required.";
+               $err_city = "<td><img src=\"images/widget.x.png\" border=\"0\" width=\"14\" height=\"14\"></td><td>$err_city</td>";
+       }
+       else {
+               $city = strip_tags($_POST['city']);
+               $city = htmlentities($city, ENT_NOQUOTES);
+               $city = trim($city);
+               $city = strtolower($city);
+               $city = ucwords($city);
 
-       if (!file_exists("data/members")) {
-               mkdir("data/members");
+               $err_city = "<td><img src=\"images/widget.ok.png\" border=\"0\" width=\"14\" height=\"14\"></td><td>$city</td>";
        }
 
-       if (!file_exists("data/members/pending")) {
-               mkdir("data/members/pending");
+       if (!isset($_POST['captcha_get']) or empty($_POST['captcha_get']) or !isset($_POST['captcha_put']) or empty($_POST['captcha_put'])) {
+               $err_reg = $err_reg + 1;
+               $err_captcha = "This field is required.";
+               $err_captcha = "<td><img src=\"images/widget.x.png\" border=\"0\" width=\"14\" height=\"14\"></td><td>$err_captcha</td>";
+       }
+       else {
+               if ($_POST['captcha_get'] != $_POST['captcha_put']) {
+
+                       $err_reg = $err_reg + 1;
+              
+                       if (file_exists("data/scaptcha.txt")) {
+                               $err_captcha = "The solution you entered is incorrect.";
+                       }
+                       else {
+                               $err_captcha = "The registration code you entered is incorrect.";
+                       }
+      
+                       $err_captcha = "<td><img src=\"images/widget.x.png\" border=\"0\" width=\"14\" height=\"14\"></td><td>$err_captcha</td>";
+               }
+
+               if ($_POST['captcha_get'] == $_POST['captcha_put']) {
+                       $err_captcha = "<td><img src=\"images/widget.ok.png\" border=\"0\" width=\"14\" height=\"14\"></td><td>{$_POST['captcha_put']}</td>";
+               }
        }
+
+       if ($err_reg < 1) {
+
+               if (!file_exists("data/members")) {
+                       mkdir("data/members");
+               }
+
+               if (!file_exists("data/members/pending")) {
+                       mkdir("data/members/pending");
+               }
       
-       if (!file_exists("data/members/pending/$username") and !file_exists("data/members/confirmed/$username") and !file_exists("data/members/active/$username") and ($username != file_get_contents("data/username.txt"))) {
                mkdir("data/members/pending/$username");
 
                $fp_firstname_txt = fopen("data/members/pending/$username/firstname.txt","w");
@@ -469,39 +613,68 @@ if (isset($_REQUEST['username']) and !empty($_REQUEST['username']) and ($_REQUES
                                "From: $email_from\r\n" .
                                "Reply-To: $email_from\r\n" .
                                "X-Mailer: $mailer");
-
+                              
+               unset($err_username);
+               unset($err_firstname);
+               unset($err_lastname);
+               unset($err_email);
+               unset($err_bday);
+               unset($err_country);
+               unset($err_city);
+               unset($err_captcha);
+              
                echo "<p><font style=\"font-size: 12px;\"><b>Thanks!</b></font></p><p>Your registration request was successfully submitted. Check your $email inbox for details.<br>You can register another e-mail address below or click <a href=index.php>here</a> to go to the index page.</p>";
-
-       }
-       else {
-               echo "<p><font style=\"font-size: 12px;\"><b>Oops!</b></font></p><p>Sorry, the username $username is already taken. Please try another one.</p>";
        }
 }
 
 ?>
 
-<p><b>Register</b></p>
-
-<p>Fill out the form below and enter <b><?php $captcha_rand = str_rand(7); echo $captcha_rand; ?></b> as your registration code.</p>
+<p><b>Register</b></p><p>
 
 <?php
 
+if (!file_exists("data/scaptcha.txt")) {
+
+       $captcha_rand = str_rand(7);
+
+       echo "Complete all required fields and enter <b>$captcha_rand</b> as your registration code below.";
+}
+else {
+       $scaptcha_x = rand(1,10);
+       $scaptcha_y = rand(1,10);
+       $scaptcha_z = rand(1,10);      
+
+       $captcha_rand = $scaptcha_x + $scaptcha_y + $scaptcha_z;
+
+       echo "Complete all required fields and solve the simple equation below.";
+}
+
+if ($err_reg == 1) {
+       echo " $err_reg error detected, please try again.";
+}
+
+if ($err_reg > 1) {
+       echo " $err_reg errors detected, please try again.";
+}
+
+echo "</p>";
+
 if (file_exists("data/bb-disclaimer.txt")) {
-       echo "<table border=0 cellspacing=0 cellpadding=0 width=400><tr><td><p>";
+       echo "<p>";
        readfile("data/bb-disclaimer.txt");
-       echo "</p></td></tr><tr><td><p>&nbsp;</p></td></tr></table>";
+       echo "</p>";
 }
 
 ?>
 
-<table border=0 cellspacing=2 cellpadding=0>
+<table border="0" cellspacing="2" cellpadding="0">
 <form enctype="multipart/form-data" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
 <input type=hidden name=captcha_get value="<?php echo $captcha_rand; ?>">
-<tr><td width=100><p>Username</p></td><td colspan=3><input class=input type=text autocomplete=off name=username maxlength=30></td></tr>
-<tr><td width=100><p>First Name</p></td><td width=300 colspan=3><input class=input type=text autocomplete=off name=firstname maxlength=30></td></tr>
-<tr><td width=100><p>Last Name</p></td><td colspan=3><input class=input type=text autocomplete=off name=lastname maxlength=30></td></tr>
-<tr><td width=100><p>E-mail Address</p></td><td colspan=3><input class=input type=text autocomplete=off name=email maxlength=60></td></tr>
-<tr><td width=100><p>Birthdate</p></td><td><input class=bd type=text autocomplete=off name=bd_year maxlength=4 value=<?php echo date("Y", time() + $offset); ?>></td><td><input class=bd type=text autocomplete=off name=bd_month maxlength=2 value=<?php echo date("m", time() + $offset); ?>></td><td><input class=bd type=text autocomplete=off name=bd_day maxlength=2 value=<?php echo date("d", time() + $offset); ?>></td></tr>
+<tr><td width=100><p>Username</p></td><td colspan=3><input class=input type=text autocomplete=off name=username maxlength=30></td><?php echo $err_username; ?></tr>
+<tr><td width=100><p>First Name</p></td><td width=300 colspan=3><input class=input type=text autocomplete=off name=firstname maxlength=30></td><?php echo $err_firstname; ?></tr>
+<tr><td width=100><p>Last Name</p></td><td colspan=3><input class=input type=text autocomplete=off name=lastname maxlength=30></td><?php echo $err_lastname; ?></tr>
+<tr><td width=100><p>E-mail Address</p></td><td colspan=3><input class=input type=text autocomplete=off name=email maxlength=60></td><?php echo $err_email; ?></tr>
+<tr><td width=100><p>Birthdate</p></td><td><input class=bd type=text autocomplete=off name=bd_year maxlength=4 value=YYYY></td><td><input class=bd type=text autocomplete=off name=bd_month maxlength=2 value=MM></td><td><input class=bd type=text autocomplete=off name=bd_day maxlength=2 value=DD></td><?php echo $err_bday; ?></tr>
 <tr><td width=100><p>Website (optional)</p></td><td colspan=3><input class=input type=text autocomplete=off name=url maxlength=300></td></tr>
 
 <tr><td width=100><p>Country</p></td><td colspan=3>
@@ -753,13 +926,22 @@ if (file_exists("data/bb-disclaimer.txt")) {
 <option value="ZW">Zimbabwe</option>
 </select>
 
-</td></tr>
+</td><?php echo $err_country; ?></tr>
+
+<tr><td width=100><p>City or Municipality</p></td><td colspan=3><input class=input type=text autocomplete=off name=city maxlength=100></td><?php echo $err_city; ?></tr>
 
-<tr><td width=100><p>City or Municipality</p></td><td colspan=3><input class=input type=text autocomplete=off name=city maxlength=100></td></tr>
+<tr><td width=100><p><?php
 
-<tr><td width=100><p>Registration Code</p></td><td colspan=3><input class=input type=text autocomplete=off name=captcha_put maxlength=7></td></tr>
-<tr><td><p></p></td><td colspan=3><input class=input type=submit value="click here to submit your registration"></td></tr>
+if (!file_exists("data/scaptcha.txt")) {
+       echo "Registration Code";
+}
+else {
+       echo "$scaptcha_x + $scaptcha_y + $scaptcha_z =";
+}
+
+?></p></td><td colspan=3><input class=input type=text autocomplete=off name=captcha_put maxlength=7></td><?php echo $err_captcha; ?></tr>
+<tr><td><p></p></td><td colspan=3><input type=hidden name=submit value=1><input class=input type=submit value="click here to submit your registration"></td></tr>
 </form>
 <form enctype="multipart/form-data" method="post">
 <tr><td><p></p></td><td colspan=3><input type="hidden" name="go" value="index"><input class=input type=submit value="click here to go to the index page"></td></tr>
-</for
+</form>
diff --git a/rel.txt b/rel.txt
index 57c8177..cc7aed9 100644
--- a/rel.txt
+++ b/rel.txt
@@ -1 +1 @@
-201008041915
+201008211520
diff --git a/settings.php b/settings.php
index 7045359..7c49802 100644
--- a/settings.php
+++ b/settings.php
@@ -143,17 +143,6 @@ if (!isset($_POST['xscreen']) or empty($_POST['xscreen'])) {
        }
 }
 
-if (file_exists("data/nocomment.txt") and !file_exists("data/memcomment.txt")) {
-
-       if (file_exists("data/nak.txt")) {
-               unlink("data/nak.txt");
-       }
-
-       if (file_exists("data/xscreen.txt")) {
-               unlink("data/xscreen.txt");
-       }
-}
-
 if (!file_exists("data/nocomment.txt") and file_exists("data/memcomment.txt")) {
        unlink("data/memcomment.txt");
 }
@@ -684,6 +673,22 @@ if (!isset($_POST['bb_reserved']) or empty($_POST['bb_reserved'])) {
        }
 }
 
+if (isset($_POST['bb_banned']) and !empty($_POST['bb_banned']) and (file_get_contents("data/bb-banned.txt") != $_POST['bb_banned'])) {
+       $bb_banned_write_content = strtolower($_POST['bb_banned']);
+       $bb_banned_write_content = trim($bb_banned_write_content);
+       $fp_bb_banned_txt = fopen("data/bb-banned.txt","w");
+       fwrite($fp_bb_banned_txt,$bb_banned_write_content);
+       fclose($fp_bb_banned_txt);
+}
+
+if (!isset($_POST['bb_banned']) or empty($_POST['bb_banned'])) {
+       if (isset($_POST['edit']) and ($_POST['edit'] == "on")) {
+               if (file_exists("data/bb-banned.txt")) {
+                       unlink("data/bb-banned.txt");
+               }
+       }
+}
+
 if (isset($_POST['bb_disclaimer']) and !empty($_POST['bb_disclaimer']) and (file_get_contents("data/bb-disclaimer.txt") != $_POST['bb_disclaimer'])) {
        $bb_disclaimer_write_content = ucfirst($_POST['bb_disclaimer']);
        $bb_disclaimer_write_content = str_replace("\n","<br>",$bb_disclaimer_write_content);
@@ -1170,32 +1175,37 @@ a:active {
 <tr><td>ping on content change</td><td><input autocomplete="off" class="input" type="text" name="ping" value="<?php readfile("data/ping.txt"); ?>"></td></tr>
 <tr><td rowspan="<?php
 
-       $toggles_rowspan = "16";
+       $toggles_rowspan = "14";
 
        if (file_exists("data/email.txt")) {
                $toggles_rowspan = $toggles_rowspan + 1;
        }
 
-       if (file_exists("data/lite.txt")) {
-               $toggles_rowspan = $toggles_rowspan - 2;
+       if (!file_exists("data/lite.txt")) {
+               $toggles_rowspan = $toggles_rowspan + 1;
+       }
+      
+       if (file_exists("data/nocomment.txt") and file_exists("data/bb.txt")) {
+               $toggles_rowspan = $toggles_rowspan + 1;
        }
 
+       //if (!file_exists("data/bb.txt")) {
+       //      $toggles_rowspan = $toggles_rowspan - 1;
+       //}
+
        echo $toggles_rowspan;
 
-?>">toggles</td><td><input type="checkbox" name="nocomment" <?php if (file_exists("data/nocomment.txt")) { echo checked; } ?>> Do not allow visitors to post comments. Override per entry.</td></tr>
+?>">toggles</td><td><input type="checkbox" name="nocomment" <?php if (file_exists("data/nocomment.txt")) { echo checked; } ?>> Do not allow visitors to view and post comments. Override per entry.</td></tr>
 
-<?php if (!file_exists("data/lite.txt")) { ?>
-<tr><td><input type="checkbox" name="memcomment" <?php if (file_exists("data/memcomment.txt")) { echo checked; } ?>> Do not prevent members from posting comments.</td></tr>
+<?php if (!file_exists("data/lite.txt") and file_exists("data/nocomment.txt") and file_exists("data/bb.txt")) { ?>
+<tr><td><input type="checkbox" name="memcomment" <?php if (file_exists("data/memcomment.txt")) { echo checked; } ?>> Do not prevent members from viewing and posting comments.</td></tr>
 <?php } ?>
 
 <?php if (file_exists("data/email.txt")) { ?>
 <tr><td><input type="checkbox" name="nak" <?php if (file_exists("data/nak.txt")) { echo checked; } ?>> Do not acknowledge comment submissions via e-mail.</td></tr>
 <?php } ?>
 
-<?php if (!file_exists("data/lite.txt")) { ?>
 <tr><td><input type="checkbox" name="xscreen" <?php if (file_exists("data/xscreen.txt")) { echo checked; } ?>> Do not screen comments. Automatically approve them.</td></tr>
-<?php } ?>
-
 <tr><td><input type="checkbox" name="nopdf" <?php if (file_exists("data/nopdf.txt")) { echo checked; } ?>> Do not allow PDF generation for all entries.</td></tr>
 <tr><td><input type="checkbox" name="xprofile" <?php if (file_exists("data/xprofile.txt")) { echo checked; } ?>> Do not show profile panel.</td></tr>
 <tr><td><input type="checkbox" name="xnavigation" <?php if (file_exists("data/xnavigation.txt")) { echo checked; } ?>> Do not show navigation panel.</td></tr>
@@ -1468,7 +1478,9 @@ if (file_exists("data/bb-idle.txt")) {
 
 <tr><td>reserved usernames</td><td><textarea class="input" name="bb_reserved"><?php if (file_exists("data/bb-reserved.txt")) { readfile("data/bb-reserved.txt"); } ?></textarea></td></tr>
 
-<tr><td>disclaimer</td><td><textarea class="input" name="bb_disclaimer"><?php if (file_exists("data/bb-disclaimer.txt")) { echo str_replace("<br>","\n",file_get_contents("data/bb-disclaimer.txt")); } ?></textarea></td></tr>
+<tr><td>banned email addresses</td><td><textarea class="input" name="bb_banned"><?php if (file_exists("data/bb-banned.txt")) { readfile("data/bb-banned.txt"); } ?></textarea></td></tr>
+
+<tr><td>registration disclaimer</td><td><textarea class="input" name="bb_disclaimer"><?php if (file_exists("data/bb-disclaimer.txt")) { echo str_replace("<br>","\n",file_get_contents("data/bb-disclaimer.txt")); } ?></textarea></td></tr>
 
 <?php } ?>
 
 
Credits
Sunday, Sep 18, 2005, 12:00 AM (Revision 11 - Thursday, Jul 14, 2011, 7:30 PM)
Open Source enables software developers to stand on the shoulders of giants instead of reinventing the wheel, so to speak. Kudos and many thanks to the folks who made their work freely available for reuse in MAJ.

read more
Bugs and Exploits
Friday, Aug 26, 2005, 12:00 AM (Revision 23 - Wednesday, May 29, 2013, 5:25 AM)
Although MAJ started as a family project, care has been taken to make it as "safe" as possible. With more people now working on MAJ, bugs and exploitable code may sometimes slip in. We invite you to poke around and see if you can find any. Generally, there are two things you can do when you find a MAJ or PHP-related bug or exploit:

1. Take advantage of it. But hey, what's so exciting about messing up someone's blog? Ho-hum, right?
2. Report it here so that we can work on a fix and make MAJ better.

read more
Search
Download
MAJ 2.0
75 files
32977 downloads
MAJ 1.0
26 files
13132 downloads
MAJ 0.14
45 files
35010 downloads