diff --git a/CHANGELOG.md b/CHANGELOG.md index 955da44..cf05282 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,29 +7,42 @@ - [README](https://github.com/flatpressblog/flatpress/blob/master/README.md): added "help and support" section ## Plugins -- Gallery captions plugin added (see [#108](https://github.com/flatpressblog/flatpress/issues/108)) -- PhotoSwipe plugin added (see [#109](https://github.com/flatpressblog/flatpress/issues/109)) +- Gallery captions plugin added ([#108](https://github.com/flatpressblog/flatpress/issues/108)) +- PhotoSwipe plugin added ([#109](https://github.com/flatpressblog/flatpress/issues/109)) - jQuery plugin: Updated jQuery (3.5.1 => 3.6) and jQueryUI (1.12.1 => 1.13.1) - Media Manager plugin shows 50 items per page, not 10 +- LastComments plugin will not even attempt to delete or rebuild LastComments caches if LastComments plugin is not available ([#43](https://github.com/flatpressblog/flatpress/issues/43)) +- Comment Center config page threw errors ([#90](https://github.com/flatpressblog/flatpress/issues/90)) ## Themes -- Leggero theme: Fixed searchbox glitch in FlatMaas revisited style (see [#97](https://github.com/flatpressblog/flatpress/issues/97)) -- Leggero theme: Fixed missing bullets in preview (see [#98](https://github.com/flatpressblog/flatpress/issues/98)) -- Leggero theme: CSS of the Leggero style had some glitches on mobile devices -- Leggero theme: Invalid HTML output fixed (see [#106](https://github.com/flatpressblog/flatpress/issues/106)) -- Leggero theme: Removed unneccessary external font resource (see [#112](https://github.com/flatpressblog/flatpress/issues/112)) +- Leggero + - Fixed searchbox glitch in FlatMaas revisited style ([#97](https://github.com/flatpressblog/flatpress/issues/97)) + - Fixed missing bullets in preview ([#98](https://github.com/flatpressblog/flatpress/issues/98)) + - CSS of the Leggero style had some glitches on mobile devices + - Invalid HTML output fixed ([#106](https://github.com/flatpressblog/flatpress/issues/106), [#156](https://github.com/flatpressblog/flatpress/issues/156)) + - Removed unneccessary external font resource ([#112](https://github.com/flatpressblog/flatpress/issues/112)) + - "Add comment" link has its own line ([#135](https://github.com/flatpressblog/flatpress/issues/135)) + - Removed legacy/invalid CSS ([#133](https://github.com/flatpressblog/flatpress/issues/133), [#134](https://github.com/flatpressblog/flatpress/issues/134)) + - Fixed description of Leggero and Leggero v2 styles ([#137](https://github.com/flatpressblog/flatpress/issues/137)) + - Obsolete bullet points removed ([#136](https://github.com/flatpressblog/flatpress/issues/136)) + - Updated preview image ([#139](https://github.com/flatpressblog/flatpress/issues/139)) -## Bugfixes -- Comment Center config page threw errors (see [#90](https://github.com/flatpressblog/flatpress/issues/90)) +## Internationalization - Fixed glitches in Spanish an Portuguese language files +- Fixed wrong pt-br country code ([#100](https://github.com/flatpressblog/flatpress/issues/100)) +- Search page: Month names displayed in configured frontend language ([#132](https://github.com/flatpressblog/flatpress/issues/132)) +- German translation for Comment Center plugin added ([#148](https://github.com/flatpressblog/flatpress/issues/148)) + +## Other bugfixes - Plugin management page: Removed empty warning messages box -- Fixed wrong pt-br country code (see [#100](https://github.com/flatpressblog/flatpress/issues/100)) -- Fixed error at prev link on first / next link on last entry (see [#95](https://github.com/flatpressblog/flatpress/issues/95)) -- LastComments plugin will not even attempt to delete or rebuild LastComments caches if LastComments plugin is not available (see [#43](https://github.com/flatpressblog/flatpress/issues/43)) +- Fixed error at prev link on first / next link on last entry ([#95](https://github.com/flatpressblog/flatpress/issues/95)) +- Logout redirects to home page again ([#119](https://github.com/flatpressblog/flatpress/issues/119)) +- Fixed disappearing non-Latin characters in page title ([#49](https://github.com/flatpressblog/flatpress/issues/49) and [#91](https://github.com/flatpressblog/flatpress/issues/91)) ## Security -- Fixed security issue reported by huntr.dev: Session cookie missed the "secure" flag +- Possible XSS prevented: Session cookie missed the "secure" and "httponly" flags - Possible path traversal in Media Manager plugin prevented +- Uploaded files wheren't checked properly ([#152](https://github.com/flatpressblog/flatpress/issues/152)) # 2021-06-19: [FlatPress 1.2.1](https://github.com/flatpressblog/flatpress/releases/tag/1.2.1) ## Bugfixes diff --git a/CONTRIBUTORS.md b/CONTRIBUTORS.md index 9681166..bbe97b9 100644 --- a/CONTRIBUTORS.md +++ b/CONTRIBUTORS.md @@ -37,3 +37,4 @@ FlatPress utilizes the following free frameworks and libraries. Thanks to their ## Other contributions - [Julian Rademacher](https://moortaube.de/) generously donated his Twitter account [@FlatPress](https://twitter.com/FlatPress). Also thanks for your useful pull requests! +- [Fraenkiman](https://github.com/Fraenkiman) tests FlatPress to its very core and creates a metric ton of very helpful [issues](https://github.com/flatpressblog/flatpress/issues). diff --git a/README.md b/README.md index bc4b033..69a7d27 100644 --- a/README.md +++ b/README.md @@ -1,16 +1,16 @@ [![Home page](https://img.shields.io/badge/Home%20page-🏠-555?style=plastic)](https://www.flatpress.org "Home page") [![Support forum](https://img.shields.io/badge/Support%20forum-💬-555?style=plastic)](https://forum.flatpress.org "Support forum") [![Wiki](https://img.shields.io/badge/Wiki-📖-555?style=plastic)](https://wiki.flatpress.org "Wiki") -[![Mastodon](https://img.shields.io/badge/Mastodon-🐘-555?style=plastic)](https://fosstodon.org/@flatpress "FlatPress@Mastodon") -[![Twitter](https://img.shields.io/badge/Twitter-🐦-555?style=plastic)](https://twitter.com/FlatPress "FlatPress@Twitter") [![Change log](https://img.shields.io/badge/Change%20log-📜-555?style=plastic)](./CHANGELOG.md "Change log") [![Security policy](https://img.shields.io/badge/Security%20policy-⚡-555?style=plastic)](./SECURITY.md "Security policy") [![Contributors](https://img.shields.io/badge/Contributors-😎-555?style=plastic)](./CONTRIBUTORS.md "Contributors") +[![Wiki](https://img.shields.io/badge/Donate-💛-555?style=plastic&logo=paypal)](https://www.flatpress.org/donate "Send us a little Thank You") [![Releases](https://img.shields.io/github/release/flatpressblog/flatpress.svg?label=Latest%20release&style=plastic)](https://github.com/flatpressblog/flatpress/releases "See all releases") [![License](https://img.shields.io/github/license/flatpressblog/flatpress.svg?style=plastic)](./LICENSE.md "License") [![Open issues](https://img.shields.io/github/issues-raw/flatpressblog/flatpress?style=plastic)](https://github.com/flatpressblog/flatpress/issues "See open issues") [![Last commit](https://img.shields.io/github/last-commit/flatpressblog/flatpress?style=plastic)](https://github.com/flatpressblog/flatpress/commits/ "Last commit") +Mastodon Follow Follow on Twitter # Welcome to FlatPress! FlatPress is a lightweight, easy-to-set-up blogging engine. Plain and simple, just PHP. No database needed! @@ -41,7 +41,3 @@ FlatPress runs on any web server (e.g. Apache or IIS) with PHP 7.1 or higher. Si ## Credits There are many people who contributed to FlatPress over the years. [See them here.](./CONTRIBUTORS.md) - - -Mastodon Follow
-Follow on Twitter diff --git a/admin/panels/uploader/admin.uploader.php b/admin/panels/uploader/admin.uploader.php index 8cc6ca2..1fc8aec 100755 --- a/admin/panels/uploader/admin.uploader.php +++ b/admin/panels/uploader/admin.uploader.php @@ -102,133 +102,136 @@ class admin_uploader_default extends AdminPanelAction { foreach ($_FILES ["upload"] ["error"] as $key => $error) { - if ($error == UPLOAD_ERR_OK) { - $tmp_name = $_FILES ["upload"] ["tmp_name"] [$key]; - $name = $_FILES ["upload"] ["name"] [$key]; - - $dir = ATTACHS_DIR; - - /* - * second check extension list - * https://stackoverflow.com/questions/4166762/php-image-upload-security-check-list - * - * 2019-11-24 - laborix - */ - - $uploadfilename = strtolower($tmp_name); - - $isForbidden = false; - $deeptest = array(); - $extcount = 0; - $deeptest = explode('.', $uploadfilename); - $extcount = count($deeptest); - - if ($extcount == 1) { - /* - * none extension like .jpg or something else - * - * possible filename = simple-file-without-extension - linux like ok - */ - $isForbidden = false; - } elseif ($extcount == 2) { - /* - * Only one possible extension - * - * possible filename = 1.jpg - * possible filename = admin.uploader.php - * possible filename = .htaccess - * and so on... - */ - $check_ext1 = ""; - $check_ext1 = trim($deeptest [1], "\x00..\x1F"); - if (in_array($check_ext1, $blacklist_extensions)) { - $isForbidden = true; - } else { - $isForbidden = false; - } - } elseif ($extcount > 2) { - /* - * Chekc only the last two possible extensions - * - * Hint: OWASP - Unrestricted File Upload - * - * In Apache, a php file might be executed using the - * double extension technique such as "file.php.jpg" - * when ".jpg" is allowed. - * - * possible filename = 1.PhP.jpg - * possible filename = admin.uploader.php.JPg - * and so on... - */ - $check_ext1 = ""; - $check_ext2 = ""; - $check_ext1 = trim($deeptest [$extcount - 1], "\x00..\x1F"); - if (in_array($check_ext1, $blacklist_extensions)) { - $isForbidden = true; - } else { - $isForbidden = false; - } - /* Test only if first extension check are not in the blacklist */ - if (!$isForbidden) { - $check_ext2 = trim($deeptest [$extcount - 2], "\x00..\x1F"); - if (in_array($check_ext2, $blacklist_extensions)) { - $isForbidden = true; - } else { - $isForbidden = false; - } - } - } - /* - * If one blacklisted extension found then - * return with -1 = An error occurred while trying to upload. - */ - if ($isForbidden) { - $this->smarty->assign('success', $success ? 1 : -1); - sess_add('admin_uploader_files', $uploaded_files); - return -1; - } - - /* - * third check extension - * if someone upload a .php file as .gif, .jpg or .txt - * if someone upload a .html file as .gif, .jpg or .txt - * - * 2019-11-24 - laborix - */ - - if (version_compare(PHP_VERSION, '5.3.0') < 0) - return -1; - if (!function_exists('finfo_open')) - return -1; - - $finfo = finfo_open(FILEINFO_MIME_TYPE); - $mime = finfo_file($finfo, $tmp_name); - finfo_close($finfo); - - if (($mime == "text/x-php") || ($mime == "text/html")) { - $this->smarty->assign('success', $success ? 1 : -1); - sess_add('admin_uploader_files', $uploaded_files); - return -1; - } - - $ext = strtolower(strrchr($name, '.')); - - if (in_array($ext, $imgs)) { - $dir = IMAGES_DIR; - } - - $name = sanitize_title(substr($name, 0, -strlen($ext))) . $ext; - - $target = "$dir/$name"; - @umask(022); - $success = move_uploaded_file($tmp_name, $target); - @chmod($target, 0766); - - $uploaded_files [] = $name; - - // one failure will make $success == false :) - $success &= $success; + // Upload went wrong -> jump to the next file + if ($error != UPLOAD_ERR_OK) { + continue; } + + $tmp_name = $_FILES ["upload"] ["tmp_name"] [$key]; + $name = $_FILES ["upload"] ["name"] [$key]; + + $dir = ATTACHS_DIR; + + /* + * second check extension list + * https://stackoverflow.com/questions/4166762/php-image-upload-security-check-list + * + * 2019-11-24 - laborix + */ + + $uploadfilename = strtolower($name); + + $isForbidden = false; + $deeptest = array(); + $extcount = 0; + $deeptest = explode('.', $uploadfilename); + $extcount = count($deeptest); + + if ($extcount == 1) { + /* + * none extension like .jpg or something else + * + * possible filename = simple-file-without-extension - linux like ok + */ + $isForbidden = false; + } elseif ($extcount == 2) { + /* + * Only one possible extension + * + * possible filename = 1.jpg + * possible filename = admin.uploader.php + * possible filename = .htaccess + * and so on... + */ + $check_ext1 = ""; + $check_ext1 = trim($deeptest [1], "\x00..\x1F"); + if (in_array($check_ext1, $blacklist_extensions)) { + $isForbidden = true; + } else { + $isForbidden = false; + } + } elseif ($extcount > 2) { + /* + * Chekc only the last two possible extensions + * + * Hint: OWASP - Unrestricted File Upload + * + * In Apache, a php file might be executed using the + * double extension technique such as "file.php.jpg" + * when ".jpg" is allowed. + * + * possible filename = 1.PhP.jpg + * possible filename = admin.uploader.php.JPg + * and so on... + */ + $check_ext1 = ""; + $check_ext2 = ""; + $check_ext1 = trim($deeptest [$extcount - 1], "\x00..\x1F"); + if (in_array($check_ext1, $blacklist_extensions)) { + $isForbidden = true; + } else { + $isForbidden = false; + } + /* Test only if first extension check are not in the blacklist */ + if (!$isForbidden) { + $check_ext2 = trim($deeptest [$extcount - 2], "\x00..\x1F"); + if (in_array($check_ext2, $blacklist_extensions)) { + $isForbidden = true; + } else { + $isForbidden = false; + } + } + } + /* + * If one blacklisted extension found then + * return with -1 = An error occurred while trying to upload. + */ + if ($isForbidden) { + $this->smarty->assign('success', $success ? 1 : -1); + sess_add('admin_uploader_files', $uploaded_files); + return -1; + } + + /* + * third check extension + * if someone upload a .php file as .gif, .jpg or .txt + * if someone upload a .html file as .gif, .jpg or .txt + * + * 2019-11-24 - laborix + */ + + if (version_compare(PHP_VERSION, '5.3.0') < 0) + return -1; + if (!function_exists('finfo_open')) + return -1; + + $finfo = finfo_open(FILEINFO_MIME_TYPE); + $mime = finfo_file($finfo, $tmp_name); + finfo_close($finfo); + + if (($mime == "text/x-php") || ($mime == "text/html")) { + $this->smarty->assign('success', $success ? 1 : -1); + sess_add('admin_uploader_files', $uploaded_files); + return -1; + } + + $ext = strtolower(strrchr($name, '.')); + + if (in_array($ext, $imgs)) { + $dir = IMAGES_DIR; + } + + $name = sanitize_title(substr($name, 0, -strlen($ext))) . $ext; + + $target = "$dir/$name"; + @umask(022); + $success = move_uploaded_file($tmp_name, $target); + @chmod($target, 0766); + + $uploaded_files [] = $name; + + // one failure will make $success == false :) + $success &= $success; } if ($uploaded_files) { diff --git a/admin/res/admin.css b/admin/res/admin.css index de58216..03cc1bb 100755 --- a/admin/res/admin.css +++ b/admin/res/admin.css @@ -167,7 +167,7 @@ input.maxsize { width: 99% } #main ul.msgs, ul.msgs { margin-top: 1em; margin-left: 0em; - padding: 1em 2em + padding: 1em 2em; } .errors { diff --git a/defaults.php b/defaults.php index ca6824b..d762590 100755 --- a/defaults.php +++ b/defaults.php @@ -121,6 +121,7 @@ if (isset($_SERVER ['HTTPS'])) { $serverport = "false"; // Unterstützung für Apache und IIS ini_set('session.cookie_secure', 1); +ini_set('session.cookie_httponly', 1); if (isset($_SERVER ['HTTPS']) && ($_SERVER ['HTTPS'] == '1' || strtolower($_SERVER ['HTTPS']) == 'on')) { $serverport = "https://"; } else { diff --git a/fp-includes/core/core.cookie.php b/fp-includes/core/core.cookie.php index dd99493..aadb617 100644 --- a/fp-includes/core/core.cookie.php +++ b/fp-includes/core/core.cookie.php @@ -23,6 +23,8 @@ function cookie_setup() { define('COOKIE_DOMAIN', false); if (!defined('COOKIE_SECURE')) define('COOKIE_SECURE', true); + if (!defined('COOKIE_HTTPONLY')) + define('COOKIE_HTTPONLY', true); } if (!function_exists('wp_get_cookie_login')) : @@ -62,20 +64,20 @@ function cookie_set($username, $password, $already_md5 = false, $home = '', $sit else $expire = 0; - setcookie(USER_COOKIE, $username, $expire, $cookiepath, COOKIE_DOMAIN, COOKIE_SECURE); - setcookie(PASS_COOKIE, $password, $expire, $cookiepath, COOKIE_DOMAIN, COOKIE_SECURE); + setcookie(USER_COOKIE, $username, $expire, $cookiepath, COOKIE_DOMAIN, COOKIE_SECURE, COOKIE_HTTPONLY); + setcookie(PASS_COOKIE, $password, $expire, $cookiepath, COOKIE_DOMAIN, COOKIE_SECURE, COOKIE_HTTPONLY); if ($cookiepath != $sitecookiepath) { - setcookie(USER_COOKIE, $username, $expire, $sitecookiepath, COOKIE_DOMAIN, COOKIE_SECURE); - setcookie(PASS_COOKIE, $password, $expire, $sitecookiepath, COOKIE_DOMAIN, COOKIE_SECURE); + setcookie(USER_COOKIE, $username, $expire, $sitecookiepath, COOKIE_DOMAIN, COOKIE_SECURE, COOKIE_HTTPONLY); + setcookie(PASS_COOKIE, $password, $expire, $sitecookiepath, COOKIE_DOMAIN, COOKIE_SECURE, COOKIE_HTTPONLY); } } function cookie_clear() { - setcookie(USER_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN, COOKIE_SECURE); - setcookie(PASS_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN, COOKIE_SECURE); - setcookie(USER_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN, COOKIE_SECURE); - setcookie(PASS_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN, COOKIE_SECURE); + setcookie(USER_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN, COOKIE_SECURE, COOKIE_HTTPONLY); + setcookie(PASS_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN, COOKIE_SECURE, COOKIE_HTTPONLY); + setcookie(USER_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN, COOKIE_SECURE, COOKIE_HTTPONLY); + setcookie(PASS_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN, COOKIE_SECURE, COOKIE_HTTPONLY); } if (!function_exists('wp_login')) : diff --git a/fp-includes/core/core.session.php b/fp-includes/core/core.session.php index 7a428e2..8790442 100755 --- a/fp-includes/core/core.session.php +++ b/fp-includes/core/core.session.php @@ -5,7 +5,7 @@ function sess_setup() { session_save_path(SESSION_PATH); session_name(SESS_COOKIE); - setcookie(SESS_COOKIE, '', 0, '', COOKIE_DOMAIN, COOKIE_SECURE); + setcookie(SESS_COOKIE, '', 0, '', COOKIE_DOMAIN, COOKIE_SECURE, COOKIE_HTTPONLY); session_start(); } @@ -32,7 +32,7 @@ function sess_get($key) { function sess_close() { unset($_SESSION); if (isset($_COOKIE [session_name()])) { - setcookie(session_name(), '', time() - 42000, '/', COOKIE_SECURE); + setcookie(session_name(), '', time() - 42000, '/', COOKIE_SECURE, COOKIE_HTTPONLY); session_set_cookie_params(-42000); } session_destroy(); diff --git a/fp-includes/core/core.users.php b/fp-includes/core/core.users.php index 82d61d6..032a95c 100755 --- a/fp-includes/core/core.users.php +++ b/fp-includes/core/core.users.php @@ -64,8 +64,8 @@ function user_login($userid, $pwd, $params = null) { if ($loggedin) { // session_regenerate_id(); $expire = time() + 31536000; - setcookie(USER_COOKIE, $userid, $expire, COOKIEPATH, COOKIE_DOMAIN, COOKIE_SECURE); - setcookie(PASS_COOKIE, $user ['password'], $expire, COOKIEPATH, COOKIE_DOMAIN, COOKIE_SECURE); + setcookie(USER_COOKIE, $userid, $expire, COOKIEPATH, COOKIE_DOMAIN, COOKIE_SECURE, COOKIE_HTTPONLY); + setcookie(PASS_COOKIE, $user ['password'], $expire, COOKIEPATH, COOKIE_DOMAIN, COOKIE_SECURE, COOKIE_HTTPONLY); } return $loggedin; @@ -76,8 +76,8 @@ function user_logout() { if (user_loggedin()) { - setcookie(USER_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN, COOKIE_SECURE); - setcookie(PASS_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN, COOKIE_SECURE); + setcookie(USER_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN, COOKIE_SECURE, COOKIE_HTTPONLY); + setcookie(PASS_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN, COOKIE_SECURE, COOKIE_HTTPONLY); } $loggedin = false; diff --git a/fp-includes/core/core.wp-formatting.php b/fp-includes/core/core.wp-formatting.php index 842af80..26508e5 100644 --- a/fp-includes/core/core.wp-formatting.php +++ b/fp-includes/core/core.wp-formatting.php @@ -487,25 +487,21 @@ function sanitize_title($title, $fallback_title = '') { function sanitize_title_with_dashes($title) { $title = strip_tags($title); - - if (seems_utf8($title)) { - if (function_exists('mb_strtolower')) { - $title = mb_strtolower($title, 'UTF-8'); - } - $title = utf8_uri_encode($title); - } - // Preserve escaped octets. $title = preg_replace('|%([a-fA-F0-9][a-fA-F0-9])|', '---$1---', $title); // Remove percent signs that are not part of an octet. $title = str_replace('%', '', $title); // Restore octets. $title = preg_replace('|---([a-fA-F0-9][a-fA-F0-9])---|', '%$1', $title); - // and finally: Kill octets - $title = preg_replace('|%([a-fA-F0-9][a-fA-F0-9])|', '', $title); // remove accents $title = remove_accents($title); + if (seems_utf8($title)) { + if (function_exists('mb_strtolower')) { + $title = mb_strtolower($title, 'UTF-8'); + } + $title = utf8_uri_encode($title); + } // title is in lower case always $title = strtolower($title); diff --git a/fp-includes/core/core.wp-pluggable-funcs.php b/fp-includes/core/core.wp-pluggable-funcs.php index 815e020..45941c1 100755 --- a/fp-includes/core/core.wp-pluggable-funcs.php +++ b/fp-includes/core/core.wp-pluggable-funcs.php @@ -6,7 +6,7 @@ */ function _get_nextprev_link($nextprev) { global $fpdb; - $q = & $fpdb->getQuery(); + $q = &$fpdb->getQuery(); list ($caption, $id) = call_user_func(array( &$q, @@ -42,7 +42,7 @@ if (!function_exists('get_nextpage_link')) : function get_nextpage_link() { global $fpdb; - $q = & $fpdb->getQuery(); + $q = &$fpdb->getQuery(); $a = _get_nextprev_link('NextPage'); @@ -59,7 +59,7 @@ if (!function_exists('get_prevpage_link')) : function get_prevpage_link() { global $fpdb; - $q = & $fpdb->getQuery(); + $q = &$fpdb->getQuery(); $a = _get_nextprev_link('PrevPage'); @@ -292,12 +292,12 @@ if (!function_exists('wp_setcookie')) : $cookiehash = md5($siteurl); } - setcookie('wordpressuser_' . $cookiehash, $username, time() + 31536000, $cookiepath, COOKIE_SECURE); - setcookie('wordpresspass_' . $cookiehash, $password, time() + 31536000, $cookiepath, COOKIE_SECURE); + setcookie('wordpressuser_' . $cookiehash, $username, time() + 31536000, $cookiepath, COOKIE_SECURE, COOKIE_HTTPONLY); + setcookie('wordpresspass_' . $cookiehash, $password, time() + 31536000, $cookiepath, COOKIE_SECURE, COOKIE_HTTPONLY); if ($cookiepath != $sitecookiepath) { - setcookie('wordpressuser_' . $cookiehash, $username, time() + 31536000, $sitecookiepath, COOKIE_SECURE); - setcookie('wordpresspass_' . $cookiehash, $password, time() + 31536000, $sitecookiepath, COOKIE_SECURE); + setcookie('wordpressuser_' . $cookiehash, $username, time() + 31536000, $sitecookiepath, COOKIE_SECURE, COOKIE_HTTPONLY); + setcookie('wordpresspass_' . $cookiehash, $password, time() + 31536000, $sitecookiepath, COOKIE_SECURE, COOKIE_HTTPONLY); } } endif; @@ -305,10 +305,10 @@ endif; if (!function_exists('wp_clearcookie')) : function wp_clearcookie() { - setcookie('wordpressuser_' . COOKIEHASH, ' ', time() - 31536000, COOKIEPATH, COOKIE_SECURE); - setcookie('wordpresspass_' . COOKIEHASH, ' ', time() - 31536000, COOKIEPATH, COOKIE_SECURE); - setcookie('wordpressuser_' . COOKIEHASH, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_SECURE); - setcookie('wordpresspass_' . COOKIEHASH, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_SECURE); + setcookie('wordpressuser_' . COOKIEHASH, ' ', time() - 31536000, COOKIEPATH, COOKIE_SECURE, COOKIE_HTTPONLY); + setcookie('wordpresspass_' . COOKIEHASH, ' ', time() - 31536000, COOKIEPATH, COOKIE_SECURE, COOKIE_HTTPONLY); + setcookie('wordpressuser_' . COOKIEHASH, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_SECURE, COOKIE_HTTPONLY); + setcookie('wordpresspass_' . COOKIEHASH, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_SECURE, COOKIE_HTTPONLY); } endif; diff --git a/fp-includes/smarty/plugins/function.html_select_date.php b/fp-includes/smarty/plugins/function.html_select_date.php new file mode 100644 index 0000000..eb4de0f --- /dev/null +++ b/fp-includes/smarty/plugins/function.html_select_date.php @@ -0,0 +1,373 @@ + + * Name: html_select_date
+ * Purpose: Prints the dropdowns for date selection. + * + * ChangeLog:
+ * - 1.0 initial release + * - 1.1 added support for +/- N syntax for begin + * and end year values. (Monte) + * - 1.2 added support for yyyy-mm-dd syntax for + * time value. (Jan Rosier) + * - 1.3 added support for choosing format for + * month values (Gary Loescher) + * - 1.3.1 added support for choosing format for + * day values (Marcus Bointon) + * - 1.3.2 support negative timestamps, force year + * dropdown to include given date unless explicitly set (Monte) + * - 1.3.4 fix behaviour of 0000-00-00 00:00:00 dates to match that + * of 0000-00-00 dates (cybot, boots) + * + * @link http://smarty.php.net/manual/en/language.function.html.select.date.php {html_select_date} + * (Smarty online manual) + * @version 1.3.4 + * @author Andrei Zmievski + * @author Monte Ohrt + * @param + * array + * @param + * Smarty + * @return string + */ +function smarty_function_html_select_date($params, &$smarty) { + require_once $smarty->_get_plugin_filepath('shared', 'escape_special_chars'); + require_once $smarty->_get_plugin_filepath('shared', 'make_timestamp'); + require_once $smarty->_get_plugin_filepath('function', 'html_options'); + /* Default values. */ + $prefix = "Date_"; + $start_year = strftime("%Y"); + $end_year = $start_year; + $display_days = true; + $display_months = true; + $display_years = true; + $month_format = "%B"; + /* Write months as numbers by default GL */ + $month_value_format = "%m"; + $day_format = "%02d"; + /* Write day values using this format MB */ + $day_value_format = "%d"; + $year_as_text = false; + /* Display years in reverse order? Ie. 2000,1999,.... */ + $reverse_years = false; + /* + * Should the select boxes be part of an array when returned from PHP? + * e.g. setting it to "birthday", would create "birthday[Day]", + * "birthday[Month]" & "birthday[Year]". Can be combined with prefix + */ + $field_array = null; + /* + * tags. + * If not set, uses default dropdown. + */ + $day_size = null; + $month_size = null; + $year_size = null; + /* + * Unparsed attributes common to *ALL* the tags. + * An example might be in the template: all_extra ='class ="foo"'. + */ + $all_extra = null; + /* Separate attributes for the tags. */ + $day_extra = null; + $month_extra = null; + $year_extra = null; + /* + * Order in which to display the fields. + * "D" -> day, "M" -> month, "Y" -> year. + */ + $field_order = 'MDY'; + /* String printed between the different fields. */ + $field_separator = "\n"; + $time = time(); + $all_empty = null; + $day_empty = null; + $month_empty = null; + $year_empty = null; + $extra_attrs = ''; + + foreach ($params as $_key => $_value) { + switch ($_key) { + case 'prefix': + case 'time': + case 'start_year': + case 'end_year': + case 'month_format': + case 'day_format': + case 'day_value_format': + case 'field_array': + case 'day_size': + case 'month_size': + case 'year_size': + case 'all_extra': + case 'day_extra': + case 'month_extra': + case 'year_extra': + case 'field_order': + case 'field_separator': + case 'month_value_format': + case 'month_empty': + case 'day_empty': + case 'year_empty': + $$_key = (string) $_value; + break; + + case 'all_empty': + $$_key = (string) $_value; + $day_empty = $month_empty = $year_empty = $all_empty; + break; + + case 'display_days': + case 'display_months': + case 'display_years': + case 'year_as_text': + case 'reverse_years': + $$_key = (bool) $_value; + break; + + default: + if (!is_array($_value)) { + $extra_attrs .= ' ' . $_key . '="' . smarty_function_escape_special_chars($_value) . '"'; + } else { + $smarty->trigger_error("html_select_date: extra attribute '$_key' cannot be an array", E_USER_NOTICE); + } + break; + } + } + + if (preg_match('!^-\d+$!', $time)) { + // negative timestamp, use date() + $time = date('Y-m-d', $time); + } + // If $time is not in format yyyy-mm-dd + if (preg_match('/^(\d{0,4}-\d{0,2}-\d{0,2})/', $time, $found)) { + $time = $found [1]; + } else { + // use smarty_make_timestamp to get an unix timestamp and + // strftime to make yyyy-mm-dd + $time = strftime('%Y-%m-%d', smarty_make_timestamp($time)); + } + // Now split this in pieces, which later can be used to set the select + $time = explode("-", $time); + + // make syntax "+N" or "-N" work with start_year and end_year + if (preg_match('!^(\+|\-)\s*(\d+)$!', $end_year, $match)) { + if ($match [1] == '+') { + $end_year = strftime('%Y') + $match [2]; + } else { + $end_year = strftime('%Y') - $match [2]; + } + } + if (preg_match('!^(\+|\-)\s*(\d+)$!', $start_year, $match)) { + if ($match [1] == '+') { + $start_year = strftime('%Y') + $match [2]; + } else { + $start_year = strftime('%Y') - $match [2]; + } + } + if (strlen($time [0]) > 0) { + if ($start_year > $time [0] && !isset($params ['start_year'])) { + // force start year to include given date if not explicitly set + $start_year = $time [0]; + } + if ($end_year < $time [0] && !isset($params ['end_year'])) { + // force end year to include given date if not explicitly set + $end_year = $time [0]; + } + } + + $field_order = strtoupper($field_order); + + $html_result = $month_result = $day_result = $year_result = ""; + + $field_separator_count = -1; + if ($display_months) { + $field_separator_count++; + $month_names = array(); + $month_values = array(); + if (isset($month_empty)) { + $month_names [''] = $month_empty; + $month_values [''] = ''; + } + // Using the month_names from the FlatPress language files + global $lang; + $replace_month_names = array(); + $replace_month_names [0] = '-'; + $replace_month_value_format = array( + "00", + "01", + "02", + "03", + "04", + "05", + "06", + "07", + "08", + "09", + "10", + "11", + "12" + ); + $fp_lang_months = array(); + $fp_lang_months = $lang ['date'] ['month']; + $fplm = 0; + for($lm = 1; $lm <= 12; $lm++) { + $replace_month_names [$lm] = $fp_lang_months [$fplm]; + $fplm++; + } + for($i = 1; $i <= 12; $i++) { + $month_names [$i] = $replace_month_names [$i]; + $month_values [$i] = $replace_month_value_format [$i]; + } + // /FlatPress change + + $month_result .= ''; + } + + if ($display_days) { + $field_separator_count++; + $days = array(); + if (isset($day_empty)) { + $days [''] = $day_empty; + $day_values [''] = ''; + } + for($i = 1; $i <= 31; $i++) { + $days [] = sprintf($day_format, $i); + $day_values [] = sprintf($day_value_format, $i); + } + + $day_result .= ''; + } + + if ($display_years) { + $field_separator_count++; + if (null !== $field_array) { + $year_name = $field_array . '[' . $prefix . 'Year]'; + } else { + $year_name = $prefix . 'Year'; + } + if ($year_as_text) { + $year_result .= '' . "\n"; + $year_result .= smarty_function_html_options(array( + 'output' => $years, + 'values' => $yearvals, + 'selected' => $time [0], + 'print_result' => false + ), $smarty); + $year_result .= ''; + } + } + + // Loop thru the field_order field + for($i = 0; $i <= 2; $i++) { + $c = substr($field_order, $i, 1); + switch ($c) { + case 'D': + $html_result .= $day_result; + break; + + case 'M': + $html_result .= $month_result; + break; + + case 'Y': + $html_result .= $year_result; + break; + } + // Add the field seperator + if ($i < $field_separator_count) { + $html_result .= $field_separator; + } + } + + return $html_result; +} + +/* vim: set expandtab: */ + +?> diff --git a/fp-interface/lang/nl-nl/lang.admin.config.php b/fp-interface/lang/nl-nl/lang.admin.config.php index 05ddb3f..2b83d95 100644 --- a/fp-interface/lang/nl-nl/lang.admin.config.php +++ b/fp-interface/lang/nl-nl/lang.admin.config.php @@ -3,17 +3,17 @@ $lang['admin']['config']['default'] = array( 'head' => 'Opties', - 'descr' => 'Aanpassen en configureren jouw FlatPress + 'descr' => 'Aanpassen en configureren van de FlatPress installatie.', 'submit' => 'Bewaar aanpassingen', 'sysfset' => 'Algemene systeeminformatie', 'syswarning' => 'Warschuwing! Deze informatie is van cruciaal belang en moet correct zijn, - anders FlatPress zal (waarschijnlijk) weigeren om goed te werken.', + anders zal FlatPress (waarschijnlijk) weigeren om goed te werken.', 'blog_root' => 'Absoluut pad naar flatpress. Opmerking: over het algemeen hoeft u dit niet te bewerken, wees hoe dan ook voorzichtig, want we kunnen niet controleren of het correct is of niet.', - 'www' =>'Blog root. URL naar je blog, compleet met + 'www' =>'Blog root. URL naar de blog, compleet met subdirectories.
VB: https://www.mydomain.com/flatpress/ (voorwaard slash is nodig)', @@ -24,10 +24,10 @@ 'blogsubtitle' => 'Blog subtitel', 'blogfooter' => 'Blog voettekst', 'blogauthor' => 'Blog auteur', - 'startpage' => 'De home page van deze web site is', + 'startpage' => 'De home page van deze website is', 'stdstartpage' => 'mijn blog (default)', 'blogurl' => 'Blog URL', - 'blogemail' => 'Blog email', + 'blogemail' => 'Blog e-mail', 'notifications' => 'Notificaties', 'mailnotify' => 'E-mailmelding inschakelen voor opmerkingen', 'blogmaxentries' => 'Aantal berichten per pagina', diff --git a/fp-interface/lang/nl-nl/lang.admin.static.php b/fp-interface/lang/nl-nl/lang.admin.static.php index 63d7f6b..cd2c1d1 100644 --- a/fp-interface/lang/nl-nl/lang.admin.static.php +++ b/fp-interface/lang/nl-nl/lang.admin.static.php @@ -11,7 +11,7 @@ $lang['admin']['static']['list'] = array( 'head' => 'Statische paginas', - 'descr' => 'Selecteer een pagina om te bewerken of voeg nieuw toe.', + 'descr' => 'Selecteer een pagina om te bewerken of voeg een nieuwe toe.', 'sel' => 'Selecteer', // checkbox 'date' => 'Datum', diff --git a/fp-interface/lang/nl-nl/lang.admin.widgets.php b/fp-interface/lang/nl-nl/lang.admin.widgets.php index bda5e23..b47ccfb 100644 --- a/fp-interface/lang/nl-nl/lang.admin.widgets.php +++ b/fp-interface/lang/nl-nl/lang.admin.widgets.php @@ -19,19 +19,19 @@ thema dat u kiest.

FlatPress komt met verschillende widgets: zo zijn er widgets om je met inloggen te helpen, om - deen zoek box te tonen, etc.

+ een zoekbox te tonen, etc.

-

Elke Widget is gedefineert door een Elke Widget is gedefineerd door een plugin.', 'availwdgs' => 'Beschikbare Widgets', - 'trashcan' => 'Sleep het hier om te verwijderen', + 'trashcan' => 'Sleep het hierheen om te verwijderen', 'themewdgs' => 'Widgetsets voor dit thema', - 'themewdgsdescr' => 'Het thema wat je nu hebt geslekteerd heeft de volgende widgetsets', + 'themewdgsdescr' => 'Het thema wat je nu hebt geselekteerd heeft de volgende widgetsets', 'oldwdgs' => '\\\andere widgetsets', - 'oldwdgsdescr' =>'De volgende widgetsets lijkt niet behoren tot elke andere van de '. - 'widgetsets als boven getoond. Dit kan herinneringen zijn van andere thema.', + 'oldwdgsdescr' =>'De volgende widgetsets lijken niet te behoren tot elke van de andere '. + 'widgetsets als boven getoond. Dit kan een overblijfsel zijn van een ander thema.', 'submit' => 'Bewaar veranderingen', diff --git a/fp-interface/lang/nl-nl/lang.comments.php b/fp-interface/lang/nl-nl/lang.comments.php index 78a5e1c..4caff8e 100644 --- a/fp-interface/lang/nl-nl/lang.comments.php +++ b/fp-interface/lang/nl-nl/lang.comments.php @@ -3,7 +3,7 @@ $lang ['comments'] ['mail'] = 'Beste %toname%, "%fromname%" %frommail% heeft een commentaar geplaatst op de volgende post met als titel "%entrytitle%". -Dit het commentaar link naar je blog: +Dit de commentaar link naar je blog: %commentlink% Hier is het commentaar dat net is geplaatst: diff --git a/fp-interface/lang/nl-nl/lang.contact.php b/fp-interface/lang/nl-nl/lang.contact.php index 85b627f..c6190f7 100644 --- a/fp-interface/lang/nl-nl/lang.contact.php +++ b/fp-interface/lang/nl-nl/lang.contact.php @@ -1,14 +1,16 @@ 'Contact mij', - 'descr' => 'Vuk het formulier hieronder in om een feedback te sturen. Vul je email als je een antwoord wilt.', - 'fieldset1' => 'Gebruiker gegevens', + 'head' => 'Neem contact op', + 'descr' => 'Vul het formulier hieronder in. + Om een antwoord te krijgen is een e-mail adres nodig. + (*) verplicht in te vullen velden', + 'fieldset1' => 'Gegevens gebruiker', 'name' => 'Naam (*)', 'email' => 'Email:', 'www' => 'Web:', - 'cookie' => 'Herinner mij', - 'fieldset2' => 'Jouw bericht', + 'cookie' => 'Stuur herinnering', + 'fieldset2' => 'Bericht', 'comment' => 'Bericht (*):', 'fieldset3' => 'Stuur', 'submit' => 'Stuur', @@ -17,10 +19,10 @@ ); $lang['contact']['error'] = array( - 'name' => 'Je moet een naam invullen', - 'email' => 'Je moet een geldig email invullen', - 'www' => 'Je moet een geldig URL invullen', - 'content' => 'Je moet een bericht invullen', + 'name' => 'Er dient een naam ingevuld te worden', + 'email' => 'Geen geldig e-mail adres', + 'www' => 'Geen geldige URL ', + 'content' => 'Het bericht mag niet blanko zijn', ); $lang['contact']['msgs'] = array( diff --git a/fp-interface/lang/nl-nl/lang.default.php b/fp-interface/lang/nl-nl/lang.default.php index 8d41695..4ebb635 100644 --- a/fp-interface/lang/nl-nl/lang.default.php +++ b/fp-interface/lang/nl-nl/lang.default.php @@ -129,56 +129,56 @@ $lang ['comments'] ['error'] = array( $lang ['date'] ['month'] = array( - 'Januari', - 'Februari', - 'Maart', - 'April', - 'Mei', - 'Juni', - 'July', - 'Augustus', - 'September', - 'October', - 'November', - 'December' + 'januari', + 'februari', + 'maart', + 'april', + 'mei', + 'juni', + 'juli', + 'augustus', + 'september', + 'oktober', + 'november', + 'december' ); $lang ['date'] ['month_abbr'] = array( - 'Jan', - 'Feb', - 'Mrt', - 'Apr', - 'Mei', - 'Jun', - 'Jul', - 'Aug', - 'Sep', - 'Oct', - 'Nov', - 'Dec' + 'jan', + 'feb', + 'mrt', + 'apr', + 'mei', + 'jun', + 'jul', + 'aug', + 'sep', + 'okt', + 'nov', + 'dec' ); $lang ['date'] ['weekday'] = array( - 'Zondag', - 'Maandag', - 'Dinsdag', - 'Woensdag', - 'Donderdag', - 'Vrijdag', - 'Zaterdag' + 'zondag', + 'maandag', + 'dinsdag', + 'woensdag', + 'donderdag', + 'vrijdag', + 'zaterdag' ); $lang ['date'] ['weekday_abbr'] = array( - 'Zo', - 'Ma', - 'Di', - 'Wo', - 'Do', - 'Vr', - 'Za' + 'zo', + 'ma', + 'di', + 'wo', + 'do', + 'vr', + 'za' ); ?> diff --git a/fp-interface/sharedtpls/comment-form.tpl b/fp-interface/sharedtpls/comment-form.tpl index 2585148..9f22f4f 100644 --- a/fp-interface/sharedtpls/comment-form.tpl +++ b/fp-interface/sharedtpls/comment-form.tpl @@ -1,5 +1,5 @@ {if !$entry_commslock} -

{$lang.comments.head}

+

{$lang.comments.head}

{$lang.comments.descr}

diff --git a/fp-interface/sharedtpls/comments.tpl b/fp-interface/sharedtpls/comments.tpl index c6c11fd..e0895b5 100755 --- a/fp-interface/sharedtpls/comments.tpl +++ b/fp-interface/sharedtpls/comments.tpl @@ -1,5 +1,5 @@ {if !$entry_commslock} -

{$lang.comments.head}

+

{$lang.comments.head}

{$lang.comments.descr}

diff --git a/fp-interface/sharedtpls/search.tpl b/fp-interface/sharedtpls/search.tpl index e112ae6..907823b 100755 --- a/fp-interface/sharedtpls/search.tpl +++ b/fp-interface/sharedtpls/search.tpl @@ -9,7 +9,7 @@
{$lang.search.fset2} -

{html_select_date start_year=2000 end_year=$smarty.now|date_format:"%Y" field_separator=" - " field_order="DMY" time="0000-00-00" all_empty="--"}

+

{html_select_date reverse_years="true" start_year=2000 end_year=$smarty.now|date_format:"%Y" field_separator=" - " field_order="DMY" time="0000-00-00" all_empty="--"}

{$lang.search.datedescr}

diff --git a/fp-interface/themes/leggero/flatmaas-rev/res/common.css b/fp-interface/themes/leggero/flatmaas-rev/res/common.css index 4f7b0e3..ddf1c91 100755 --- a/fp-interface/themes/leggero/flatmaas-rev/res/common.css +++ b/fp-interface/themes/leggero/flatmaas-rev/res/common.css @@ -435,4 +435,9 @@ div#widget-searchbox li { margin:0px; padding:0px; } +form#search ul { + list-style-type: none; +} +form#search ul li:before { + content: none } \ No newline at end of file diff --git a/fp-interface/themes/leggero/leggero-v2/res/common.css b/fp-interface/themes/leggero/leggero-v2/res/common.css index 2f1b82c..a30462b 100644 --- a/fp-interface/themes/leggero/leggero-v2/res/common.css +++ b/fp-interface/themes/leggero/leggero-v2/res/common.css @@ -210,7 +210,6 @@ h4 { font-size: 1.2em; } #main h4 { margin: 2em 0 0 0} #main { - float: center; width: 90%; font-size: 100%; padding: 15px; @@ -220,54 +219,6 @@ h4 { font-size: 1.2em; } } } -/* ===== INTERNET EXPLORER ===== */ -@media \0screen\,screen\9{ - - body { margin: 10px 0 10px 0 } - - /* ===== BODY CONTAINER ===== */ - #body-container { - text-align: left; - max-width: 1000px; - width: 100%; - margin: 0 auto 0 auto; - padding: 5px; - background:none; - background-color:rgba(0,0,0,0.75); - -ms-filter:progid:DXImageTransform.Microsoft.gradient(startColorstr=#BF000000,endColorstr=#BF000000); - filter:progid:DXImageTransform.Microsoft.gradient(startColorstr=#BF000000,endColorstr=#BF000000); - zoom:1; - border-radius: 3px; - } - - /* ===== MAIN ===== */ - #main h4 { margin: 2em 0 0 0} - - #main { - float:left; - position: relative; - width: 65%; - font-size: 100%; - padding: 25px; - margin: 20px; - background:none; - background-color:rgba(255,255,255,0.9); - -ms-filter:progid:DXImageTransform.Microsoft.gradient(startColorstr=#E6FFFFFF,endColorstr=#E6FFFFFF); - filter:progid:DXImageTransform.Microsoft.gradient(startColorstr=#E6FFFFFF,endColorstr=#E6FFFFFF); - zoom:1; - border-radius: 3px; - } - - #head { - background:none; - background-color:rgba(184,60,46,0.7); - -ms-filter:progid:DXImageTransform.Microsoft.gradient(startColorstr=#B3b83c2e,endColorstr=#B3b83c2e); - filter:progid:DXImageTransform.Microsoft.gradient(startColorstr=#B3b83c2e,endColorstr=#B3b83c2e); - zoom:1; - } - -} - #main p { line-height: 1.4em; margin-top: 1em; } #main img { margin: .5em } @@ -283,6 +234,8 @@ h4 { font-size: 1.2em; } padding: 0 1.6em 0 1.6em } +h4#addcomment {clear:both;} + #commentform fieldset p { margin: 0 0 .5em 0 } #comments li { @@ -350,6 +303,9 @@ h4 { font-size: 1.2em; } margin-bottom: 3em } + form#search ul { + list-style-type: none; + } /* ===== FOOTER ===== */ #footer { diff --git a/fp-interface/themes/leggero/leggero-v2/res/globals.css b/fp-interface/themes/leggero/leggero-v2/res/globals.css index 662bfd9..6bc6d21 100755 --- a/fp-interface/themes/leggero/leggero-v2/res/globals.css +++ b/fp-interface/themes/leggero/leggero-v2/res/globals.css @@ -16,7 +16,8 @@ Module: globals.css /* ===== NOTIFICATION ===== */ #main ul.msgs, ul.msgs { margin: 0; - padding: 1em 2em + padding: 1em 2em; + list-style-type: none; } .errors { diff --git a/fp-interface/themes/leggero/leggero-v2/style.conf.php b/fp-interface/themes/leggero/leggero-v2/style.conf.php index 2d5140f..6a9ad17 100644 --- a/fp-interface/themes/leggero/leggero-v2/style.conf.php +++ b/fp-interface/themes/leggero/leggero-v2/style.conf.php @@ -1,22 +1,21 @@ diff --git a/fp-interface/themes/leggero/leggero/res/common.css b/fp-interface/themes/leggero/leggero/res/common.css index 81f641a..dc9067c 100644 --- a/fp-interface/themes/leggero/leggero/res/common.css +++ b/fp-interface/themes/leggero/leggero/res/common.css @@ -327,6 +327,10 @@ h4 { font-size: 1.2em; } margin-bottom: 5em } + form#search ul { + list-style-type: none; + } + /* ===== FOOTER ===== */ #footer { diff --git a/fp-interface/themes/leggero/leggero/res/globals.css b/fp-interface/themes/leggero/leggero/res/globals.css index 0c337f3..ff8f100 100755 --- a/fp-interface/themes/leggero/leggero/res/globals.css +++ b/fp-interface/themes/leggero/leggero/res/globals.css @@ -20,7 +20,8 @@ Module: globals.css /* ===== NOTIFICATION ===== */ #main ul.msgs, ul.msgs { margin: 0; - padding: 1em 2em + padding: 1em 2em; + list-style-type: none; } .errors { diff --git a/fp-interface/themes/leggero/leggero/style.conf.php b/fp-interface/themes/leggero/leggero/style.conf.php index a9329bc..b26486b 100644 --- a/fp-interface/themes/leggero/leggero/style.conf.php +++ b/fp-interface/themes/leggero/leggero/style.conf.php @@ -2,7 +2,7 @@ /* * Style Name: Leggero * Style URI: http://www.flatpress.org/ - * Description: The default FlatPress theme which brings a breath of fresh mint air. Responsive and a great start for own themes! + * Description: A responsive and more flat version of the default FlatPress theme. * Version: 1.2 * Author: NoWhereMan and Drudo, optimised by Laborix * Author URI: https://www.flatpress.org/ diff --git a/fp-interface/themes/leggero/preview.png b/fp-interface/themes/leggero/preview.png index c00feec..1ad426c 100644 Binary files a/fp-interface/themes/leggero/preview.png and b/fp-interface/themes/leggero/preview.png differ diff --git a/fp-plugins/calendar/plugin.calendar.php b/fp-plugins/calendar/plugin.calendar.php index 9f38d2d..d00256a 100755 --- a/fp-plugins/calendar/plugin.calendar.php +++ b/fp-plugins/calendar/plugin.calendar.php @@ -31,8 +31,9 @@ function generate_calendar($year, $month, $days = array(), $day_name_length = 3, // Begin calendar. Uses a real . See http://diveintomark.org/archives/2002/07/03 // PHP7 compatibility: Since $pn is never passed, we do not need to create "previous" and "next" elements. - $p = ''; - $n = ''; + + $p = '« '; + $n = ' »'; // Commented out to prevent deprecated each() function from being executed. // @list($p, $pl) = each($pn); @list($n, $nl) = each($pn); #previous and next links, if applicable // if($p) $p = ''.($pl ? ''.$p.'' : $p).' '; diff --git a/fp-plugins/commentcenter/lang/lang.de-de.php b/fp-plugins/commentcenter/lang/lang.de-de.php new file mode 100644 index 0000000..71c986e --- /dev/null +++ b/fp-plugins/commentcenter/lang/lang.de-de.php @@ -0,0 +1,182 @@ + 'Comment Center', + 'desc1' => 'Dieses Panel ermöglicht es Ihnen, die Kommentare in Ihrem Blog zu verwalten.', + 'desc2' => 'Hier können Sie mehrere Dinge tun:', + + // Links + 'lpolicies' => 'Verwaltung der Richtlinien', + 'lapprove' => 'Blockierte Kommentare anzeigen', + 'lmanage' => 'Kommentare verwalten', + 'lconfig' => 'Konfigurieren des Plugins', + + // Policies + 'policies' => 'Richtlinien', + 'desc_pol' => 'Hier können Sie die Richtlinien für Kommentare bearbeiten.', + 'select' => 'Auswählen', + 'criteria' => 'Kriterien', + 'behavoir' => 'Verhalten', + 'options' => 'Einstellungen', + 'entry' => 'Eintrag', + 'entries' => 'Einträge', + 'categories' => 'Kategorien', + 'nopolicies' => 'Es gibt keine Richtlinien', + 'all_entries' => 'Alle Einträge', + 'fol_entries' => 'Die Richtlinie gilt für die folgenden Einträge:', + 'fol_cats' => 'Die Richtlinie gilt für Einträge in den folgenden Kategorien:', + 'older' => 'Die Richtlinie gilt für Einträge, die älter als %d Tag (e) sind.', + 'allow' => 'Kommentare erlauben', + 'block' => 'Kommentare verbieten', + 'approvation' => 'Kommentare müssen genehmigt werden', + 'up' => 'Nach oben', + 'down' => 'Nach unten', + 'edit' => 'Bearbeiten', + 'delete' => 'Löschen', + 'newpol' => 'Eine neue Richtlinie hinzufügen', + 'del_selected' => 'Ausgewählte Richtlinie (n) löschen', + 'select_all' => 'Alle auswählen', + 'deselect_all' => 'Keine auswählen', + + // Configuration page + 'configure' => 'Konfigurieren des Plugins', + 'desc_conf' => 'Hier können Sie die Optionen des Plugins ändern.', + 'log_all' => 'Blockierte Kommentare protokollieren', + 'log_all_long' => 'Aktivieren Sie diese Option, wenn Sie auch blockierte Kommentare protokollieren möchten.', + 'email_alert' => 'Benachrichtigung per E-Mail', + 'email_alert_long' => 'Wenn Sie einen Kommentar zum Genehmigen prüfen sollen, können Sie ' . 'über E-Mail informiert werden.', + 'akismet' => 'Akismet', + 'akismet_use' => 'Kommentar-Prüfung mit Akismet', + 'akismet_key' => 'Akismet-Schlüssel', + 'akismet_key_long' => 'Der Akismet-Dienst stellt Ihnen einen Schlüssel zur Verfügung. Fügen Sie diesen hier ein.', + 'akismet_url' => 'Blog-URL für Akismet', + 'akismet_url_long' => 'Für den kostenlosen Service von Akismet sollten Sie nur eine Domain verwenden. ' . 'Sie können dieses Feld leer lassen. Es wird dann %s verwendet.', + 'save_conf' => 'Einstellungen speichern', + + // Edit policy page + 'apply_to' => 'Anwenden auf', + 'editpol' => 'Bearbeiten einer Richtlinie', + 'createpol' => 'Erstellen einer Richtlinie', + 'some_entries' => 'Bestimmte Einträge', + 'properties' => 'Eintrag mit bestimmten Eigenschaften', + 'se_desc' => 'Wenn Sie die Option %s ausgewählt haben, fügen Sie bitte Einträge ein, die Sie auf diese Richtlinie anwenden möchten.', + 'se_fill' => 'Bitte füllen Sie die Felder mit der ID der Einträge aus (entryYYMMDD-HHMMSS).', + 'po_title' => 'Eigenschaften', + 'po_desc' => 'Wenn Sie die Option %s ausgewählt haben, füllen Sie bitte die Eigenschaften aus.', + 'po_comp' => 'Die Felder sind nicht obligatorisch, aber Sie müssen mindestens eines ausfüllen oder die Richtlinie ' . 'wird auf alle Einträge gelten.', + 'po_time' => 'Zeiteinstellungen', + 'po_older' => 'Auf Einträge anwenden, die älter sind als ', + 'days' => 'Tage.', + 'save_policy' => 'Richtlinie speichern', + + // Delete policies page + 'del_policies' => 'Richtlinien löschen', + 'del_descs' => 'Sie werden diese Richtlinie löschen: ', + 'del_descm' => 'Sie werden diese Richtlinien löschen: ', + 'sure' => 'Sind Sie sicher?', + 'del_subs' => 'Ja, bitte löschen', + 'del_subm' => 'Ja, bitte löschen Sie sie', + 'del_cancel' => 'Nein, zurück zu den Einstellungen.', + + // Approve comments page + 'app_title' => 'Genehmigen Sie den Kommentar', + 'app_desc' => 'Hier können Sie Kommentare genehmigen.', + 'app_date' => 'Datum', + 'app_content' => 'Kommentar', + 'app_author' => 'Verfasser', + 'app_email' => 'Email', + 'app_ip' => 'IP', + 'app_actions' => 'Maßnahmen', + 'app_publish' => 'Veröffentlichung', + 'app_delete' => 'Löschen', + 'app_nocomms' => 'Es gibt keinen Kommentar.', + 'app_pselected' => 'Ausgewählte Kommentare veröffentlichen', + 'app_dselected' => 'Ausgewählte Kommentare entfernen', + 'app_other' => 'Sonstige Bemerkungen', + 'app_akismet' => 'Als Spam erkannt', + 'app_spamdesc' => 'Diese Kommentare wurden von Akismet blockiert.', + 'app_hamsubmit' => 'Beim Veröffentlichen auch gleich als Ham an Akismet melden.', + 'app_pubnotham' => 'Veröffentlichen, aber nicht an Akismet übertragen', + + // Delete comments page + 'delc_title' => 'Kommentare löschen', + 'delc_descs' => 'Sie werden diesen Kommentar löschen: ', + 'delc_descm' => 'Sie werden diese Kommentare löschen: ', + + // Manage comments page + 'man_searcht' => 'Einen Eintrag suchen', + 'man_searchd' => 'Fügen Sie die ID des Eintrags ein, dessen Kommentare Sie verwalten möchten.', + 'man_search' => 'Suche', + 'man_commfor' => 'Bemerkungen für %s', + 'man_spam' => 'Als Spam an Akismet melden', + + // The simple edit + 'simple_pre' => 'Die Kommentare zu diesem Eintrag ', + 'simple_1' => 'werden erlaubt.', + 'simple_0' => 'benötigen Ihre Zustimmung.', + 'simple_-1' => 'werden geblockt.', + 'simple_manage' => 'Verwalten Sie die Kommentare zu diesem Eintrag.', + 'simple_edit' => 'Richtlinien bearbeiten', + + // Akismet warnings + 'akismet_errors' => array( + -1 => 'Der Akismet-Schlüssel ist leer. Bitte geben Sie diesen ein.', + -2 => 'Wir konnten die Akismet-Server nicht erreichen.', + -3 => 'Die Reaktion von Akismet schlug fehl.', + -4 => 'Der Akismet-Schlüssel ist ungültig.' + ), + + // Messages + 'msgs' => array( + 1 => 'Konfiguration gespeichert.', + -1 => 'Beim Speichern der Konfiguration ist ein Fehler aufgetreten.', + + 2 => 'Richtlinie gespeichert.', + -2 => 'Beim Speichern der Richtlinie ist ein Fehler aufgetreten (vielleicht sind Ihre Einstellungen falsch).', + + 3 => 'Richtlinie verschoben.', + -3 => 'Beim Versuch, die Richtlinie zu verschieben, ist ein Fehler aufgetreten (oder sie kann nicht verschoben werden).', + + 4 => 'Richtlinie (n) entfernt.', + -4 => 'Beim Versuch, die Richtlinie (n) zu entfernen, ist ein Fehler aufgetreten (oder Sie haben keine Richtlinie ausgewählt).', + + 5 => 'Kommentar (e) veröffentlicht.', + -5 => 'Beim Versuch, die Kommentare zu veröffentlichen, ist ein Fehler aufgetreten.', + + 6 => 'Kommentar (e) entfernt.', + -6 => 'Beim Versuch, die Kommentare zu entfernen, ist ein Fehler aufgetreten (oder Sie haben keinen Kommentar ausgewählt).', + + 7 => 'Kommentar eingereicht.', + -7 => 'Beim Absenden des Kommentars ist ein Fehler aufgetreten.' + ), + + // Errors + 'errors' => array( + 'pol_nonex' => 'Die Richtlinie, die Sie bearbeiten möchten, existiert nicht.', + 'entry_nf' => 'Der gewählte Eintrag existiert nicht.' + ) +); +$lang ['plugin'] ['commentcenter'] = array( + 'akismet_error' => 'Sorry, wir stossen auf technische Schwierigkeiten.', + 'lock' => 'Dieser Eintrag kann leider nicht kommentiert werden.', + 'approvation' => 'Der Kommentar wurde gespeichert, aber der Administrator muss ihn freischalten, bevor er angezeigt wird.', + + // Mail for comments + 'mail_subj' => 'Neuer Kommentar zu genehmigen %s' +); + +$lang ['plugin'] ['commentcenter'] ['mail_text'] = 'Hallo %toname%, + +"%fromname%" %frommail% hat einen Kommentar zu dem Eintrag geschrieben mit dem Titel "%entrytitle%" +Aber dieser braucht deine Zustimmung, bevor dieser veröffentlicht wird. + +Folgendes wurde als Kommentar geschrieben: +__________________________________________ +%content% +__________________________________________ + +Automatisch generiert von +%blogtitle% + +'; diff --git a/login.php b/login.php index 2d05e3d..988dcb3 100755 --- a/login.php +++ b/login.php @@ -13,7 +13,7 @@ function login_validate() { $pass = trim(@$_POST ['pass']); $error = array(); - $lerr = & $lang ['login'] ['error']; + $lerr = &$lang ['login'] ['error']; if (!$user) { $error ['user'] = $lerr ['user']; @@ -44,7 +44,8 @@ function main() { user_logout(); function myredirect() { - // login_redirect('.'); + // logout redirects to home page + login_redirect('.'); } add_filter('wp_head', 'myredirect'); @@ -53,6 +54,7 @@ function main() { } elseif (user_loggedin()) { function myredirect() { + // login redirects to Admin Area login_redirect('admin.php'); } diff --git a/setup/index.php b/setup/index.php index db0b4f9..eeee52f 100755 --- a/setup/index.php +++ b/setup/index.php @@ -1,10 +1,9 @@ - + FlatPress diff --git a/setup/tpls/header.tpl.php b/setup/tpls/header.tpl.php index 043ac90..1a60bef 100644 --- a/setup/tpls/header.tpl.php +++ b/setup/tpls/header.tpl.php @@ -1,5 +1,4 @@ - + Flatpress installer @@ -11,4 +10,6 @@
-
\ No newline at end of file + \ No newline at end of file