diff --git a/defaults.php b/defaults.php
index 6d0fff4..290918d 100755
--- a/defaults.php
+++ b/defaults.php
@@ -1,168 +1,159 @@
$fp_config ['general'] ['blogid'] . ABS_PATH . BLOG_BASEURL . mt_rand()
- ));
- return true;
-}
-
define('SYSTEM_VER', '1.2.dev');
function system_ver() {
@@ -217,7 +208,7 @@ function system_geterr($module = '') {
function system_dpr($action, $content) {
$p = print_r($content, 1);
- add_action($action, function() use ($p) {
+ add_action($action, function () use ($p) {
echo "$p
";
});
}
diff --git a/fp-includes/core/core.users.php b/fp-includes/core/core.users.php
index f2a6b22..74077b3 100755
--- a/fp-includes/core/core.users.php
+++ b/fp-includes/core/core.users.php
@@ -31,24 +31,42 @@ function user_list() {
}
function user_pwd($userid, $pwd) {
- return wp_hash($userid . $pwd);
+ return password_hash($userid . $pwd, PASSWORD_DEFAULT);
}
function user_login($userid, $pwd, $params = null) {
global $loggedin;
-
$loggedin = false;
+ // get user data
$user = user_get($userid);
+ // user not found? get outta here
+ if (!isset($user) || !isset($user ['password'])) {
+ return $loggedin;
+ }
- if (isset($user) && user_pwd($userid, $pwd) == $user ['password']) {
-
+ // check the password
+ if (password_verify($userid . $pwd, $user ['password'])) {
+ $loggedin = true;
+ } //
+ // for FP instances updated from 1.1 to 1.2: check password the old-fashioned way (with wp_hash() which uses md5)
+ elseif (wp_hash($userid . $pwd) == $user ['password']) {
$loggedin = true;
+ // re-hash password with current algorithm, ...
+ $user ['password'] = $pwd;
+ // ... save in user file ...
+ user_add($user);
+ // ... and update user data from re-read user file
+ $user = user_get($userid);
+
+ // after updating the user, we don't need the password hash file any more
+ io_delete_file(HASHSALT_FILE);
+ }
+
+ if ($loggedin) {
// session_regenerate_id();
-
$expire = time() + 31536000;
-
setcookie(USER_COOKIE, $userid, $expire, COOKIEPATH, COOKIE_DOMAIN);
setcookie(PASS_COOKIE, $user ['password'], $expire, COOKIEPATH, COOKIE_DOMAIN);
}
@@ -116,5 +134,3 @@ function user_add($user) {
return system_save(USERS_DIR . $user ['userid'] . ".php", compact('user'));
}
-
-?>
diff --git a/fp-includes/core/core.wp-pluggable-funcs.php b/fp-includes/core/core.wp-pluggable-funcs.php
index 2997fc6..bd9fd7e 100755
--- a/fp-includes/core/core.wp-pluggable-funcs.php
+++ b/fp-includes/core/core.wp-pluggable-funcs.php
@@ -1,488 +1,500 @@
getQuery();
-
- list($caption, $id) = call_user_func(array(&$q, 'get'.$nextprev));
-
- if (!$id)
- return null;
-
- if ($q->single) {
- $link = "?entry={$id}";
- } else {
- if ($_SERVER['QUERY_STRING']){
-
- if ( strpos($_SERVER['QUERY_STRING'], 'paged')!==false ){
- $link = '?'.preg_replace(
- '{paged=[0-9]+}',
- "paged={$id}",
- $_SERVER['QUERY_STRING']
- );
- } else {
- $link = '?' . $_SERVER['QUERY_STRING'] . "&paged={$id}";
- }
- $link = str_replace('&', '&', $link);
-
- } else {
- $link = "?paged={$id}";
- }
- }
-
- return array($caption, BLOG_BASEURL . $link);
-
- }
-
- if (!function_exists('get_nextpage_link')) :
- function get_nextpage_link() {
-
- global $fpdb;
- $q =& $fpdb->getQuery();
-
- $a = _get_nextprev_link('NextPage');
-
-
- if ($q->single) {
- $a[0] .= ' » ';
- }
-
- return $a;
-
- }
- endif;
-
- if (!function_exists('get_prevpage_link')) :
- function get_prevpage_link() {
-
- global $fpdb;
- $q =& $fpdb->getQuery();
-
- $a = _get_nextprev_link('PrevPage');
-
- if ($q->single) {
- $a[0] = ' « ' . $a[0];
- }
-
- return $a;
- }
- endif;
-
-
-
-
- function wp_filter_kses($str) {
- return $str;
- }
-
- //----------------------------------------------------------------------------
- // WordPress pluggable functions
- //----------------------------------------------------------------------------
-
-
- /*
- get_currentuserinfo()
- Grabs the information of the current logged in user, if there is one. Essentially a
- wrapper for get_userdata(), but it also stores information in global variables.
- get_userdata($userid)
- Pulls user information for the specified user from the database.
- get_userdatabylogin($user_login)
- Pulls user information for the specified user from the database.
- wp_mail($to, $subject, $message, $headers = '')
- A convenient wrapper for PHP's mail function.
- wp_login($username, $password, $already_md5 = false)
- Returns true if the specified username and password correspond to a registered
- user.
- auth_redirect()
- If a user is not logged in, he or she will be redirected to WordPress' login page before
- being allowed to access content on the page from which this function was called.
- Upon sucessfully logging in, the user is sent back to the page in question.
- wp_redirect($location)
- Redirects a browser to the absolute URI specified by the $location parameter.
- wp_setcookie($username, $password, $already_md5 = false, $home =
- '', $siteurl = '')
- Sets the WordPress cookies for a logged in user. See WordPress Cookies.
- wp_clearcookie()
- Clears the cookies for a logged in user. See WordPress Cookies.
- wp_notify_postauthor($comment_id, $comment_type='')
- Emails the author of the comment's post the content of the comment specified.
- wp_notify_moderator($comment_id)
- Informs the administrative email account that the comment specified needs to be
- moderated. See General Options SubPanel.
- */
-
-
-
-if ( !function_exists('get_currentuserinfo') ) :
-function get_currentuserinfo() {
-/* global $user_login, $userdata, $user_level, $user_ID, $user_nickname, $user_email, $user_url, $user_pass_md5, $user_identity;
- // *** retrieving user's data from cookies and db - no spoofing
-
- if (isset($_COOKIE['wordpressuser_' . COOKIEHASH]))
- $user_login = $_COOKIE['wordpressuser_' . COOKIEHASH];
- $userdata = get_userdatabylogin($user_login);
- $user_level = $userdata->user_level;
- $user_ID = $userdata->ID;
- $user_nickname = $userdata->user_nickname;
- $user_email = $userdata->user_email;
- $user_url = $userdata->user_url;
- $user_pass_md5 = md5($userdata->user_pass);
-
- $idmode = $userdata->user_idmode;
- if ($idmode == 'nickname') $user_identity = $userdata->user_nickname;
- if ($idmode == 'login') $user_identity = $userdata->user_login;
- if ($idmode == 'firstname') $user_identity = $userdata->user_firstname;
- if ($idmode == 'lastname') $user_identity = $userdata->user_lastname;
- if ($idmode == 'namefl') $user_identity = $userdata->user_firstname.' '.$userdata->user_lastname;
- if ($idmode == 'namelf') $user_identity = $userdata->user_lastname.' '.$userdata->user_firstname;
- if (!$idmode) $user_identity = $userdata->user_nickname;
-*/
-}
-endif;
-
-
-
-if ( !function_exists('get_userdata') ) :
-function get_userdata($userid) {
-/* global $wpdb, $cache_userdata;
- $userid = (int) $userid;
- if ( empty($cache_userdata[$userid]) && $userid != 0) {
- $cache_userdata[$userid] = $wpdb->get_row("SELECT * FROM $wpdb->users WHERE ID = $userid");
- $cache_userdata[$cache_userdata[$userid]->user_login] =& $cache_userdata[$userid];
- }
-
- return $cache_userdata[$userid];
-*/
-}
-endif;
-
-
-
-if ( !function_exists('get_userdatabylogin') ) :
-function get_userdatabylogin($user_login) {
-/* global $cache_userdata, $wpdb;
- if ( !empty($user_login) && empty($cache_userdata[$user_login]) ) {
- $user = $wpdb->get_row("SELECT * FROM $wpdb->users WHERE user_login = '$user_login'"); // todo: get rid of this intermediate var
- $cache_userdata[$user->ID] = $user;
- $cache_userdata[$user_login] =& $cache_userdata[$user->ID];
- } else {
- $user = $cache_userdata[$user_login];
- }
- return $user;
-*/
-}
-endif;
-
-
-
-if ( !function_exists('wp_mail') ) :
-function wp_mail($to, $subject, $message, $headers = '') {
- if( $headers == '' ) {
- $headers = "MIME-Version: 1.0\n" .
- "From: " . get_settings('admin_email') . "\n" .
- "Content-Type: text/plain; charset=\"" . get_settings('blog_charset') . "\"\n";
- }
-
- return @mail($to, $subject, $message, $headers);
-}
-endif;
-
-
-
-if ( !function_exists('wp_login') ) :
-function wp_login($username, $password, $already_md5 = false) {
-/* global $wpdb, $error;
-
- if ( !$username )
- return false;
-
- if ( !$password ) {
- $error = __('Error: The password field is empty.');
- return false;
- }
-
- $login = $wpdb->get_row("SELECT ID, user_login, user_pass FROM $wpdb->users WHERE user_login = '$username'");
-
- if (!$login) {
- $error = __('Error: Wrong username.');
- return false;
- } else {
- // If the password is already_md5, it has been double hashed.
- // Otherwise, it is plain text.
- if ( ($already_md5 && $login->user_login == $username && md5($login->user_pass) == $password) || ($login->user_login == $username && $login->user_pass == md5($password)) ) {
- return true;
- } else {
- $error = __('Error: Incorrect password.');
- $pwd = '';
- return false;
- }
- }
-*/
-}
-endif;
-
-if ( !function_exists('auth_redirect') ) :
-function auth_redirect() {
- // Checks if a user is logged in, if not redirects them to the login page
-/* if ( (!empty($_COOKIE['wordpressuser_' . COOKIEHASH]) &&
- !wp_login($_COOKIE['wordpressuser_' . COOKIEHASH], $_COOKIE['wordpresspass_' . COOKIEHASH], true)) ||
- (empty($_COOKIE['wordpressuser_' . COOKIEHASH])) ) {
- header('Expires: Wed, 11 Jan 1984 05:00:00 GMT');
- header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
- header('Cache-Control: no-cache, must-revalidate, max-age=0');
- header('Pragma: no-cache');
-
- header('Location: ' . get_settings('siteurl') . '/wp-login.php?redirect_to=' . urlencode($_SERVER['REQUEST_URI']));
- exit();
- }
-*/
-}
-endif;
-
-// Cookie safe redirect. Works around IIS Set-Cookie bug.
-// http://support.microsoft.com/kb/q176113/
-if ( !function_exists('wp_redirect') ) :
-function wp_redirect($location, $status = 302) {
- global $is_IIS;
-
- $location = apply_filters('wp_redirect', $location, $status);
-
- if ( !$location ) // allows the wp_redirect filter to cancel a redirect
- return false;
-
- $location = preg_replace('|[^a-z0-9-~+_.?#=&;,/:%]|i', '', $location);
- # $location = wp_kses_no_null($location);
-
- $location = preg_replace('/\0+/', '', $location);
- $location = preg_replace('/(\\\\0)+/', '', $location);
-
-
- $strip = array('%0d', '%0a');
- $location = str_replace($strip, '', $location);
-
- if ( $is_IIS ) {
- header("Refresh: 0;url=$location");
- } else {
- if ( php_sapi_name() != 'cgi-fcgi' )
- utils_status_header($status); // This causes problems on IIS and some FastCGI setups
- header("Location: $location");
- }
-}
-endif;
-
-
-if ( !function_exists('wp_setcookie') ) :
-function wp_setcookie($username, $password, $already_md5 = false, $home = '', $siteurl = '') {
- if ( !$already_md5 )
- $password = md5( md5($password) ); // Double hash the password in the cookie.
-
- if ( empty($home) )
- $cookiepath = COOKIEPATH;
- else
- $cookiepath = preg_replace('|https?://[^/]+|i', '', $home . '/' );
-
- if ( empty($siteurl) ) {
- $sitecookiepath = SITECOOKIEPATH;
- $cookiehash = COOKIEHASH;
- } else {
- $sitecookiepath = preg_replace('|https?://[^/]+|i', '', $siteurl . '/' );
- $cookiehash = md5($siteurl);
- }
-
- setcookie('wordpressuser_'. $cookiehash, $username, time() + 31536000, $cookiepath);
- setcookie('wordpresspass_'. $cookiehash, $password, time() + 31536000, $cookiepath);
-
- if ( $cookiepath != $sitecookiepath ) {
- setcookie('wordpressuser_'. $cookiehash, $username, time() + 31536000, $sitecookiepath);
- setcookie('wordpresspass_'. $cookiehash, $password, time() + 31536000, $sitecookiepath);
- }
-}
-endif;
-
-if ( !function_exists('wp_clearcookie') ) :
-function wp_clearcookie() {
- setcookie('wordpressuser_' . COOKIEHASH, ' ', time() - 31536000, COOKIEPATH);
- setcookie('wordpresspass_' . COOKIEHASH, ' ', time() - 31536000, COOKIEPATH);
- setcookie('wordpressuser_' . COOKIEHASH, ' ', time() - 31536000, SITECOOKIEPATH);
- setcookie('wordpresspass_' . COOKIEHASH, ' ', time() - 31536000, SITECOOKIEPATH);
-}
-endif;
-
-
-
-if ( !function_exists('check_admin_referer') ) :
-function check_admin_referer($action = -1) {
- $adminurl = BLOG_BASEURL . 'admin.php';
- $referer = strtolower(wp_get_referer());
- if ( !wp_verify_nonce(@$_REQUEST['_wpnonce'], $action) &&
- !(-1 == $action && strstr($referer, $adminurl)) ) {
- wp_nonce_ays($action);
- die();
- }
- do_action('check_admin_referer', $action);
-}
-endif;
-
-
-if ( !function_exists('wp_verify_nonce') ) :
-function wp_verify_nonce($nonce, $action = -1) {
-
- $user = user_get();
- $uid = $user['userid'];
-
- $i = ceil(time() / 43200);
-
- //Allow for expanding range, but only do one check if we can
- if( substr(wp_hash($i . $action . $uid), -12, 10) == $nonce || substr(wp_hash(($i - 1) . $action . $uid), -12, 10) == $nonce )
- return true;
- return false;
-}
-endif;
-
-if ( !function_exists('wp_create_nonce') ) :
-function wp_create_nonce($action = -1) {
- $user = user_get();
- $uid = $user['userid'];
-
- $i = ceil(time() / 43200);
-
- return substr(wp_hash($i . $action . $uid), -12, 10);
-}
-endif;
-
-if ( !function_exists('wp_salt') ) :
-function wp_salt() {
- global $fp_config;
- static $salt = null;
- if (!$salt) {
- @include(HASHSALT_FILE);
- if (!$fp_hashsalt)
- trigger_error('Cannot load hash salt: reinstall FlatPress', E_USER_ERROR);
-
- $salt = $fp_hashsalt;
- }
- return $salt;
-}
-endif;
-
-if ( !function_exists('wp_hash') ) :
-function wp_hash($data) {
- $salt = wp_salt();
- return md5($data . $salt);
-}
-endif;
-
-
-if ( ! function_exists('wp_notify_postauthor') ) :
-function wp_notify_postauthor($comment_id, $comment_type='') {
-/* global $wpdb;
-
- $comment = $wpdb->get_row("SELECT * FROM $wpdb->comments WHERE comment_ID='$comment_id' LIMIT 1");
- $post = $wpdb->get_row("SELECT * FROM $wpdb->posts WHERE ID='$comment->comment_post_ID' LIMIT 1");
- $user = $wpdb->get_row("SELECT * FROM $wpdb->users WHERE ID='$post->post_author' LIMIT 1");
-
- if ('' == $user->user_email) return false; // If there's no email to send the comment to
-
- $comment_author_domain = gethostbyaddr($comment->comment_author_IP);
-
- $blogname = get_settings('blogname');
-
- if ( empty( $comment_type ) ) $comment_type = 'comment';
-
- if ('comment' == $comment_type) {
- $notify_message = sprintf( __('New comment on your post #%1$s "%2$s"'), $comment->comment_post_ID, $post->post_title ) . "\r\n";
- $notify_message .= sprintf( __('Author : %1$s (IP: %2$s , %3$s)'), $comment->comment_author, $comment->comment_author_IP, $comment_author_domain ) . "\r\n";
- $notify_message .= sprintf( __('E-mail : %s'), $comment->comment_author_email ) . "\r\n";
- $notify_message .= sprintf( __('URI : %s'), $comment->comment_author_url ) . "\r\n";
- $notify_message .= sprintf( __('Whois : http://ws.arin.net/cgi-bin/whois.pl?queryinput=%s'), $comment->comment_author_IP ) . "\r\n";
- $notify_message .= __('Comment: ') . "\r\n" . $comment->comment_content . "\r\n\r\n";
- $notify_message .= __('You can see all comments on this post here: ') . "\r\n";
- $subject = sprintf( __('[%1$s] Comment: "%2$s"'), $blogname, $post->post_title );
- } elseif ('trackback' == $comment_type) {
- $notify_message = sprintf( __('New trackback on your post #%1$s "%2$s"'), $comment->comment_post_ID, $post->post_title ) . "\r\n";
- $notify_message .= sprintf( __('Website: %1$s (IP: %2$s , %3$s)'), $comment->comment_author, $comment->comment_author_IP, $comment_author_domain ) . "\r\n";
- $notify_message .= sprintf( __('URI : %s'), $comment->comment_author_url ) . "\r\n";
- $notify_message .= __('Excerpt: ') . "\r\n" . $comment->comment_content . "\r\n\r\n";
- $notify_message .= __('You can see all trackbacks on this post here: ') . "\r\n";
- $subject = sprintf( __('[%1$s] Trackback: "%2$s"'), $blogname, $post->post_title );
- } elseif ('pingback' == $comment_type) {
- $notify_message = sprintf( __('New pingback on your post #%1$s "%2$s"'), $comment->comment_post_ID, $post->post_title ) . "\r\n";
- $notify_message .= sprintf( __('Website: %1$s (IP: %2$s , %3$s)'), $comment->comment_author, $comment->comment_author_IP, $comment_author_domain ) . "\r\n";
- $notify_message .= sprintf( __('URI : %s'), $comment->comment_author_url ) . "\r\n";
- $notify_message .= __('Excerpt: ') . "\r\n" . sprintf( __('[...] %s [...]'), $comment->comment_content ) . "\r\n\r\n";
- $notify_message .= __('You can see all pingbacks on this post here: ') . "\r\n";
- $subject = sprintf( __('[%1$s] Pingback: "%2$s"'), $blogname, $post->post_title );
- }
- $notify_message .= get_permalink($comment->comment_post_ID) . "#comments\r\n\r\n";
- $notify_message .= sprintf( __('To delete this comment, visit: %s'), get_settings('siteurl').'/wp-admin/post.php?action=confirmdeletecomment&p='.$comment->comment_post_ID."&comment=$comment_id" ) . "\r\n";
-
- if ('' == $comment->comment_author_email || '' == $comment->comment_author) {
- $from = "From: \"$blogname\" ';
- } else {
- $from = 'From: "' . $comment->comment_author . "\" <$comment->comment_author_email>";
- }
-
- $notify_message = apply_filters('comment_notification_text', $notify_message);
- $subject = apply_filters('comment_notification_subject', $subject);
- $message_headers = apply_filters('comment_notification_headers', $message_headers);
-
- $message_headers = "MIME-Version: 1.0\n"
- . "$from\n"
- . "Content-Type: text/plain; charset=\"" . get_settings('blog_charset') . "\"\n";
-
- @wp_mail($user->user_email, $subject, $notify_message, $message_headers);
-
- return true;
-*/
-}
-endif;
-
-/* wp_notify_moderator
- notifies the moderator of the blog (usually the admin)
- about a new comment that waits for approval
- always returns true
+/*
+ * These functions can be replaced via plugins. They are loaded after
+ * plugins are loaded.
*/
-if ( !function_exists('wp_notify_moderator') ) :
-function wp_notify_moderator($comment_id) {
-/* global $wpdb;
+function _get_nextprev_link($nextprev) {
+ global $fpdb;
+ $q = & $fpdb->getQuery();
- if( get_settings( "moderation_notify" ) == 0 )
- return true;
-
- $comment = $wpdb->get_row("SELECT * FROM $wpdb->comments WHERE comment_ID='$comment_id' LIMIT 1");
- $post = $wpdb->get_row("SELECT * FROM $wpdb->posts WHERE ID='$comment->comment_post_ID' LIMIT 1");
+ list ($caption, $id) = call_user_func(array(
+ &$q,
+ 'get' . $nextprev
+ ));
- $comment_author_domain = gethostbyaddr($comment->comment_author_IP);
- $comments_waiting = $wpdb->get_var("SELECT count(comment_ID) FROM $wpdb->comments WHERE comment_approved = '0'");
+ if (!$id)
+ return null;
- $notify_message = sprintf( __('A new comment on the post #%1$s "%2$s" is waiting for your approval'), $post->ID, $post->post_title ) . "\r\n";
- $notify_message .= get_permalink($comment->comment_post_ID) . "\r\n\r\n";
- $notify_message .= sprintf( __('Author : %1$s (IP: %2$s , %3$s)'), $comment->comment_author, $comment->comment_author_IP, $comment_author_domain ) . "\r\n";
- $notify_message .= sprintf( __('E-mail : %s'), $comment->comment_author_email ) . "\r\n";
- $notify_message .= sprintf( __('URI : %s'), $comment->comment_author_url ) . "\r\n";
- $notify_message .= sprintf( __('Whois : http://ws.arin.net/cgi-bin/whois.pl?queryinput=%s'), $comment->comment_author_IP ) . "\r\n";
- $notify_message .= __('Comment: ') . "\r\n" . $comment->comment_content . "\r\n\r\n";
- $notify_message .= sprintf( __('To approve this comment, visit: %s'), get_settings('siteurl').'/wp-admin/post.php?action=mailapprovecomment&p='.$comment->comment_post_ID."&comment=$comment_id" ) . "\r\n";
- $notify_message .= sprintf( __('To delete this comment, visit: %s'), get_settings('siteurl').'/wp-admin/post.php?action=confirmdeletecomment&p='.$comment->comment_post_ID."&comment=$comment_id" ) . "\r\n";
- $notify_message .= sprintf( __('Currently %s comments are waiting for approval. Please visit the moderation panel:'), $comments_waiting ) . "\r\n";
- $notify_message .= get_settings('siteurl') . "/wp-admin/moderation.php\r\n";
+ if ($q->single) {
+ $link = "?entry={$id}";
+ } else {
+ if ($_SERVER ['QUERY_STRING']) {
- $subject = sprintf( __('[%1$s] Please moderate: "%2$s"'), get_settings('blogname'), $post->post_title );
- $admin_email = get_settings("admin_email");
+ if (strpos($_SERVER ['QUERY_STRING'], 'paged') !== false) {
+ $link = '?' . preg_replace('{paged=[0-9]+}', "paged={$id}", $_SERVER ['QUERY_STRING']);
+ } else {
+ $link = '?' . $_SERVER ['QUERY_STRING'] . "&paged={$id}";
+ }
+ $link = str_replace('&', '&', $link);
+ } else {
+ $link = "?paged={$id}";
+ }
+ }
- $notify_message = apply_filters('comment_moderation_text', $notify_message);
- $subject = apply_filters('comment_moderation_subject', $subject);
-
- @wp_mail($admin_email, $subject, $notify_message);
-
- return true;
-*/
+ return array(
+ $caption,
+ BLOG_BASEURL . $link
+ );
}
+
+if (!function_exists('get_nextpage_link')) :
+
+ function get_nextpage_link() {
+ global $fpdb;
+ $q = & $fpdb->getQuery();
+
+ $a = _get_nextprev_link('NextPage');
+
+ if ($q->single) {
+ $a [0] .= ' » ';
+ }
+
+ return $a;
+ }
+ endif;
+
+if (!function_exists('get_prevpage_link')) :
+
+ function get_prevpage_link() {
+ global $fpdb;
+ $q = & $fpdb->getQuery();
+
+ $a = _get_nextprev_link('PrevPage');
+
+ if ($q->single) {
+ $a [0] = ' « ' . $a [0];
+ }
+
+ return $a;
+ }
+ endif;
+
+
+function wp_filter_kses($str) {
+ return $str;
+}
+
+// ----------------------------------------------------------------------------
+// WordPress pluggable functions
+// ----------------------------------------------------------------------------
+
+/*
+ * get_currentuserinfo()
+ * Grabs the information of the current logged in user, if there is one. Essentially a
+ * wrapper for get_userdata(), but it also stores information in global variables.
+ * get_userdata($userid)
+ * Pulls user information for the specified user from the database.
+ * get_userdatabylogin($user_login)
+ * Pulls user information for the specified user from the database.
+ * wp_mail($to, $subject, $message, $headers = '')
+ * A convenient wrapper for PHP's mail function.
+ * wp_login($username, $password, $already_md5 = false)
+ * Returns true if the specified username and password correspond to a registered
+ * user.
+ * auth_redirect()
+ * If a user is not logged in, he or she will be redirected to WordPress' login page before
+ * being allowed to access content on the page from which this function was called.
+ * Upon sucessfully logging in, the user is sent back to the page in question.
+ * wp_redirect($location)
+ * Redirects a browser to the absolute URI specified by the $location parameter.
+ * wp_setcookie($username, $password, $already_md5 = false, $home =
+ * '', $siteurl = '')
+ * Sets the WordPress cookies for a logged in user. See WordPress Cookies.
+ * wp_clearcookie()
+ * Clears the cookies for a logged in user. See WordPress Cookies.
+ * wp_notify_postauthor($comment_id, $comment_type='')
+ * Emails the author of the comment's post the content of the comment specified.
+ * wp_notify_moderator($comment_id)
+ * Informs the administrative email account that the comment specified needs to be
+ * moderated. See General Options SubPanel.
+ */
+
+if (!function_exists('get_currentuserinfo')) :
+
+ function get_currentuserinfo() {
+ /*
+ * global $user_login, $userdata, $user_level, $user_ID, $user_nickname, $user_email, $user_url, $user_pass_md5, $user_identity;
+ * // *** retrieving user's data from cookies and db - no spoofing
+ *
+ * if (isset($_COOKIE['wordpressuser_' . COOKIEHASH]))
+ * $user_login = $_COOKIE['wordpressuser_' . COOKIEHASH];
+ * $userdata = get_userdatabylogin($user_login);
+ * $user_level = $userdata->user_level;
+ * $user_ID = $userdata->ID;
+ * $user_nickname = $userdata->user_nickname;
+ * $user_email = $userdata->user_email;
+ * $user_url = $userdata->user_url;
+ * $user_pass_md5 = md5($userdata->user_pass);
+ *
+ * $idmode = $userdata->user_idmode;
+ * if ($idmode == 'nickname') $user_identity = $userdata->user_nickname;
+ * if ($idmode == 'login') $user_identity = $userdata->user_login;
+ * if ($idmode == 'firstname') $user_identity = $userdata->user_firstname;
+ * if ($idmode == 'lastname') $user_identity = $userdata->user_lastname;
+ * if ($idmode == 'namefl') $user_identity = $userdata->user_firstname.' '.$userdata->user_lastname;
+ * if ($idmode == 'namelf') $user_identity = $userdata->user_lastname.' '.$userdata->user_firstname;
+ * if (!$idmode) $user_identity = $userdata->user_nickname;
+ */
+ }
+endif;
+
+if (!function_exists('get_userdata')) :
+
+ function get_userdata($userid) {
+ /*
+ * global $wpdb, $cache_userdata;
+ * $userid = (int) $userid;
+ * if ( empty($cache_userdata[$userid]) && $userid != 0) {
+ * $cache_userdata[$userid] = $wpdb->get_row("SELECT * FROM $wpdb->users WHERE ID = $userid");
+ * $cache_userdata[$cache_userdata[$userid]->user_login] =& $cache_userdata[$userid];
+ * }
+ *
+ * return $cache_userdata[$userid];
+ */
+ }
+endif;
+
+if (!function_exists('get_userdatabylogin')) :
+
+ function get_userdatabylogin($user_login) {
+ /*
+ * global $cache_userdata, $wpdb;
+ * if ( !empty($user_login) && empty($cache_userdata[$user_login]) ) {
+ * $user = $wpdb->get_row("SELECT * FROM $wpdb->users WHERE user_login = '$user_login'"); // todo: get rid of this intermediate var
+ * $cache_userdata[$user->ID] = $user;
+ * $cache_userdata[$user_login] =& $cache_userdata[$user->ID];
+ * } else {
+ * $user = $cache_userdata[$user_login];
+ * }
+ * return $user;
+ */
+ }
+endif;
+
+if (!function_exists('wp_mail')) :
+
+ function wp_mail($to, $subject, $message, $headers = '') {
+ if ($headers == '') {
+ $headers = "MIME-Version: 1.0\n" . "From: " . get_settings('admin_email') . "\n" . "Content-Type: text/plain; charset=\"" . get_settings('blog_charset') . "\"\n";
+ }
+
+ return @mail($to, $subject, $message, $headers);
+ }
+endif;
+
+if (!function_exists('wp_login')) :
+
+ function wp_login($username, $password, $already_md5 = false) {
+ /*
+ * global $wpdb, $error;
+ *
+ * if ( !$username )
+ * return false;
+ *
+ * if ( !$password ) {
+ * $error = __('Error: The password field is empty.');
+ * return false;
+ * }
+ *
+ * $login = $wpdb->get_row("SELECT ID, user_login, user_pass FROM $wpdb->users WHERE user_login = '$username'");
+ *
+ * if (!$login) {
+ * $error = __('Error: Wrong username.');
+ * return false;
+ * } else {
+ * // If the password is already_md5, it has been double hashed.
+ * // Otherwise, it is plain text.
+ * if ( ($already_md5 && $login->user_login == $username && md5($login->user_pass) == $password) || ($login->user_login == $username && $login->user_pass == md5($password)) ) {
+ * return true;
+ * } else {
+ * $error = __('Error: Incorrect password.');
+ * $pwd = '';
+ * return false;
+ * }
+ * }
+ */
+ }
+endif;
+
+if (!function_exists('auth_redirect')) :
+
+ function auth_redirect() {
+ // Checks if a user is logged in, if not redirects them to the login page
+ /*
+ * if ( (!empty($_COOKIE['wordpressuser_' . COOKIEHASH]) &&
+ * !wp_login($_COOKIE['wordpressuser_' . COOKIEHASH], $_COOKIE['wordpresspass_' . COOKIEHASH], true)) ||
+ * (empty($_COOKIE['wordpressuser_' . COOKIEHASH])) ) {
+ * header('Expires: Wed, 11 Jan 1984 05:00:00 GMT');
+ * header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
+ * header('Cache-Control: no-cache, must-revalidate, max-age=0');
+ * header('Pragma: no-cache');
+ *
+ * header('Location: ' . get_settings('siteurl') . '/wp-login.php?redirect_to=' . urlencode($_SERVER['REQUEST_URI']));
+ * exit();
+ * }
+ */
+ }
+endif;
+
+ // Cookie safe redirect. Works around IIS Set-Cookie bug.
+ // http://support.microsoft.com/kb/q176113/
+if (!function_exists('wp_redirect')) :
+
+ function wp_redirect($location, $status = 302) {
+ global $is_IIS;
+
+ $location = apply_filters('wp_redirect', $location, $status);
+
+ if (!$location) // allows the wp_redirect filter to cancel a redirect
+ return false;
+
+ $location = preg_replace('|[^a-z0-9-~+_.?#=&;,/:%]|i', '', $location);
+ // $location = wp_kses_no_null($location);
+
+ $location = preg_replace('/\0+/', '', $location);
+ $location = preg_replace('/(\\\\0)+/', '', $location);
+
+ $strip = array(
+ '%0d',
+ '%0a'
+ );
+ $location = str_replace($strip, '', $location);
+
+ if ($is_IIS) {
+ header("Refresh: 0;url=$location");
+ } else {
+ if (php_sapi_name() != 'cgi-fcgi')
+ utils_status_header($status); // This causes problems on IIS and some FastCGI setups
+ header("Location: $location");
+ }
+ }
+endif;
+
+if (!function_exists('wp_setcookie')) :
+
+ function wp_setcookie($username, $password, $already_md5 = false, $home = '', $siteurl = '') {
+ if (!$already_md5)
+ $password = md5(md5($password)); // Double hash the password in the cookie.
+
+ if (empty($home))
+ $cookiepath = COOKIEPATH;
+ else
+ $cookiepath = preg_replace('|https?://[^/]+|i', '', $home . '/');
+
+ if (empty($siteurl)) {
+ $sitecookiepath = SITECOOKIEPATH;
+ $cookiehash = COOKIEHASH;
+ } else {
+ $sitecookiepath = preg_replace('|https?://[^/]+|i', '', $siteurl . '/');
+ $cookiehash = md5($siteurl);
+ }
+
+ setcookie('wordpressuser_' . $cookiehash, $username, time() + 31536000, $cookiepath);
+ setcookie('wordpresspass_' . $cookiehash, $password, time() + 31536000, $cookiepath);
+
+ if ($cookiepath != $sitecookiepath) {
+ setcookie('wordpressuser_' . $cookiehash, $username, time() + 31536000, $sitecookiepath);
+ setcookie('wordpresspass_' . $cookiehash, $password, time() + 31536000, $sitecookiepath);
+ }
+ }
+endif;
+
+if (!function_exists('wp_clearcookie')) :
+
+ function wp_clearcookie() {
+ setcookie('wordpressuser_' . COOKIEHASH, ' ', time() - 31536000, COOKIEPATH);
+ setcookie('wordpresspass_' . COOKIEHASH, ' ', time() - 31536000, COOKIEPATH);
+ setcookie('wordpressuser_' . COOKIEHASH, ' ', time() - 31536000, SITECOOKIEPATH);
+ setcookie('wordpresspass_' . COOKIEHASH, ' ', time() - 31536000, SITECOOKIEPATH);
+ }
+endif;
+
+if (!function_exists('check_admin_referer')) :
+
+ function check_admin_referer($action = -1) {
+ $adminurl = BLOG_BASEURL . 'admin.php';
+ $referer = strtolower(wp_get_referer());
+ if (!wp_verify_nonce(@$_REQUEST ['_wpnonce'], $action) && !(-1 == $action && strstr($referer, $adminurl))) {
+ wp_nonce_ays($action);
+ die();
+ }
+ do_action('check_admin_referer', $action);
+ }
+endif;
+
+if (!function_exists('wp_verify_nonce')) :
+
+ function wp_verify_nonce($nonce, $action = -1) {
+ $user = user_get();
+ $uid = $user ['userid'];
+
+ $i = ceil(time() / 43200);
+
+ // Allow for expanding range, but only do one check if we can
+ if (substr(wp_hash($i . $action . $uid), -12, 10) == $nonce || substr(wp_hash(($i - 1) . $action . $uid), -12, 10) == $nonce)
+ return true;
+ return false;
+ }
+endif;
+
+if (!function_exists('wp_create_nonce')) :
+
+ function wp_create_nonce($action = -1) {
+ $user = user_get();
+ $uid = $user ['userid'];
+
+ $i = ceil(time() / 43200);
+
+ return substr(wp_hash($i . $action . $uid), -12, 10);
+ }
+endif;
+
+if (!function_exists('wp_salt')) :
+
+ /**
+ *
+ * @return NULL|unknown
+ * @deprecated as of FlatPress 1.2 - still here only to be able to update pre-1.2 credentials
+ */
+ function wp_salt() {
+ global $fp_config;
+ static $salt = null;
+ if (!$salt) {
+ @include (HASHSALT_FILE);
+ if (!$fp_hashsalt)
+ trigger_error('Cannot load hash salt: reinstall FlatPress', E_USER_ERROR);
+
+ $salt = $fp_hashsalt;
+ }
+ return $salt;
+ }
+endif;
+
+if (!function_exists('wp_hash')) :
+
+ /**
+ *
+ * @param unknown $data
+ * @return string
+ * @deprecated as of FlatPress 1.2 - still here only to be able to update pre-1.2 credentials
+ */
+ function wp_hash($data) {
+ $salt = wp_salt();
+ return md5($data . $salt);
+ }
+endif;
+
+if (!function_exists('wp_notify_postauthor')) :
+
+ function wp_notify_postauthor($comment_id, $comment_type = '') {
+ /*
+ * global $wpdb;
+ *
+ * $comment = $wpdb->get_row("SELECT * FROM $wpdb->comments WHERE comment_ID='$comment_id' LIMIT 1");
+ * $post = $wpdb->get_row("SELECT * FROM $wpdb->posts WHERE ID='$comment->comment_post_ID' LIMIT 1");
+ * $user = $wpdb->get_row("SELECT * FROM $wpdb->users WHERE ID='$post->post_author' LIMIT 1");
+ *
+ * if ('' == $user->user_email) return false; // If there's no email to send the comment to
+ *
+ * $comment_author_domain = gethostbyaddr($comment->comment_author_IP);
+ *
+ * $blogname = get_settings('blogname');
+ *
+ * if ( empty( $comment_type ) ) $comment_type = 'comment';
+ *
+ * if ('comment' == $comment_type) {
+ * $notify_message = sprintf( __('New comment on your post #%1$s "%2$s"'), $comment->comment_post_ID, $post->post_title ) . "\r\n";
+ * $notify_message .= sprintf( __('Author : %1$s (IP: %2$s , %3$s)'), $comment->comment_author, $comment->comment_author_IP, $comment_author_domain ) . "\r\n";
+ * $notify_message .= sprintf( __('E-mail : %s'), $comment->comment_author_email ) . "\r\n";
+ * $notify_message .= sprintf( __('URI : %s'), $comment->comment_author_url ) . "\r\n";
+ * $notify_message .= sprintf( __('Whois : http://ws.arin.net/cgi-bin/whois.pl?queryinput=%s'), $comment->comment_author_IP ) . "\r\n";
+ * $notify_message .= __('Comment: ') . "\r\n" . $comment->comment_content . "\r\n\r\n";
+ * $notify_message .= __('You can see all comments on this post here: ') . "\r\n";
+ * $subject = sprintf( __('[%1$s] Comment: "%2$s"'), $blogname, $post->post_title );
+ * } elseif ('trackback' == $comment_type) {
+ * $notify_message = sprintf( __('New trackback on your post #%1$s "%2$s"'), $comment->comment_post_ID, $post->post_title ) . "\r\n";
+ * $notify_message .= sprintf( __('Website: %1$s (IP: %2$s , %3$s)'), $comment->comment_author, $comment->comment_author_IP, $comment_author_domain ) . "\r\n";
+ * $notify_message .= sprintf( __('URI : %s'), $comment->comment_author_url ) . "\r\n";
+ * $notify_message .= __('Excerpt: ') . "\r\n" . $comment->comment_content . "\r\n\r\n";
+ * $notify_message .= __('You can see all trackbacks on this post here: ') . "\r\n";
+ * $subject = sprintf( __('[%1$s] Trackback: "%2$s"'), $blogname, $post->post_title );
+ * } elseif ('pingback' == $comment_type) {
+ * $notify_message = sprintf( __('New pingback on your post #%1$s "%2$s"'), $comment->comment_post_ID, $post->post_title ) . "\r\n";
+ * $notify_message .= sprintf( __('Website: %1$s (IP: %2$s , %3$s)'), $comment->comment_author, $comment->comment_author_IP, $comment_author_domain ) . "\r\n";
+ * $notify_message .= sprintf( __('URI : %s'), $comment->comment_author_url ) . "\r\n";
+ * $notify_message .= __('Excerpt: ') . "\r\n" . sprintf( __('[...] %s [...]'), $comment->comment_content ) . "\r\n\r\n";
+ * $notify_message .= __('You can see all pingbacks on this post here: ') . "\r\n";
+ * $subject = sprintf( __('[%1$s] Pingback: "%2$s"'), $blogname, $post->post_title );
+ * }
+ * $notify_message .= get_permalink($comment->comment_post_ID) . "#comments\r\n\r\n";
+ * $notify_message .= sprintf( __('To delete this comment, visit: %s'), get_settings('siteurl').'/wp-admin/post.php?action=confirmdeletecomment&p='.$comment->comment_post_ID."&comment=$comment_id" ) . "\r\n";
+ *
+ * if ('' == $comment->comment_author_email || '' == $comment->comment_author) {
+ * $from = "From: \"$blogname\" ';
+ * } else {
+ * $from = 'From: "' . $comment->comment_author . "\" <$comment->comment_author_email>";
+ * }
+ *
+ * $notify_message = apply_filters('comment_notification_text', $notify_message);
+ * $subject = apply_filters('comment_notification_subject', $subject);
+ * $message_headers = apply_filters('comment_notification_headers', $message_headers);
+ *
+ * $message_headers = "MIME-Version: 1.0\n"
+ * . "$from\n"
+ * . "Content-Type: text/plain; charset=\"" . get_settings('blog_charset') . "\"\n";
+ *
+ * @wp_mail($user->user_email, $subject, $notify_message, $message_headers);
+ *
+ * return true;
+ */
+ }
+endif;
+
+ /*
+ * wp_notify_moderator
+ * notifies the moderator of the blog (usually the admin)
+ * about a new comment that waits for approval
+ * always returns true
+ */
+if (!function_exists('wp_notify_moderator')) :
+
+ function wp_notify_moderator($comment_id) {
+ /*
+ * global $wpdb;
+ *
+ * if( get_settings( "moderation_notify" ) == 0 )
+ * return true;
+ *
+ * $comment = $wpdb->get_row("SELECT * FROM $wpdb->comments WHERE comment_ID='$comment_id' LIMIT 1");
+ * $post = $wpdb->get_row("SELECT * FROM $wpdb->posts WHERE ID='$comment->comment_post_ID' LIMIT 1");
+ *
+ * $comment_author_domain = gethostbyaddr($comment->comment_author_IP);
+ * $comments_waiting = $wpdb->get_var("SELECT count(comment_ID) FROM $wpdb->comments WHERE comment_approved = '0'");
+ *
+ * $notify_message = sprintf( __('A new comment on the post #%1$s "%2$s" is waiting for your approval'), $post->ID, $post->post_title ) . "\r\n";
+ * $notify_message .= get_permalink($comment->comment_post_ID) . "\r\n\r\n";
+ * $notify_message .= sprintf( __('Author : %1$s (IP: %2$s , %3$s)'), $comment->comment_author, $comment->comment_author_IP, $comment_author_domain ) . "\r\n";
+ * $notify_message .= sprintf( __('E-mail : %s'), $comment->comment_author_email ) . "\r\n";
+ * $notify_message .= sprintf( __('URI : %s'), $comment->comment_author_url ) . "\r\n";
+ * $notify_message .= sprintf( __('Whois : http://ws.arin.net/cgi-bin/whois.pl?queryinput=%s'), $comment->comment_author_IP ) . "\r\n";
+ * $notify_message .= __('Comment: ') . "\r\n" . $comment->comment_content . "\r\n\r\n";
+ * $notify_message .= sprintf( __('To approve this comment, visit: %s'), get_settings('siteurl').'/wp-admin/post.php?action=mailapprovecomment&p='.$comment->comment_post_ID."&comment=$comment_id" ) . "\r\n";
+ * $notify_message .= sprintf( __('To delete this comment, visit: %s'), get_settings('siteurl').'/wp-admin/post.php?action=confirmdeletecomment&p='.$comment->comment_post_ID."&comment=$comment_id" ) . "\r\n";
+ * $notify_message .= sprintf( __('Currently %s comments are waiting for approval. Please visit the moderation panel:'), $comments_waiting ) . "\r\n";
+ * $notify_message .= get_settings('siteurl') . "/wp-admin/moderation.php\r\n";
+ *
+ * $subject = sprintf( __('[%1$s] Please moderate: "%2$s"'), get_settings('blogname'), $post->post_title );
+ * $admin_email = get_settings("admin_email");
+ *
+ * $notify_message = apply_filters('comment_moderation_text', $notify_message);
+ * $subject = apply_filters('comment_moderation_subject', $subject);
+ *
+ * @wp_mail($admin_email, $subject, $notify_message);
+ *
+ * return true;
+ */
+ }
endif;
?>
diff --git a/setup/lib/main.lib.php b/setup/lib/main.lib.php
index 3e82b47..8effc71 100644
--- a/setup/lib/main.lib.php
+++ b/setup/lib/main.lib.php
@@ -1,14 +1,8 @@
",
- $label.' DONE' : 'red;">FAILED') .
- '
',
- "\n";
+ echo "", $label . ' DONE' : 'red;">FAILED') . '
', "\n";
}
function config_exist() {
@@ -30,128 +24,115 @@ function remove_checkfile() {
}
function setupid() {
-
global $setupid;
- if (isset($_POST['setupid'])) {
- $setupid = $_POST['setupid'];
+ if (isset($_POST ['setupid'])) {
+ $setupid = $_POST ['setupid'];
} else {
- $setupid = system_generate_id(BLOG_BASEURL . $_SERVER['HTTP_HOST']);
+ $setupid = system_generate_id(BLOG_BASEURL . $_SERVER ['HTTP_HOST']);
}
-
+
return $setupid;
-
}
function getstep(&$id) {
-
global $err;
- $STEPS = array('locked', 'step1', 'step2', 'step3');
- $MAXST = count($STEPS)-1;
-
+ $STEPS = array(
+ 'locked',
+ 'step1',
+ 'step2',
+ 'step3'
+ );
+ $MAXST = count($STEPS) - 1;
+
$i = 0;
-
+
$setupid = null;
-
+
if (!file_exists(LOCKFILE)) {
-
+
$setupid = setupid();
-
- if(!$setupid)
+
+ if (!$setupid)
die('Setup is running');
-
if (!file_exists(SETUPTEMP_FILE)) {
if (empty($_POST))
$i = 0;
- else
+ else
$i = 1;
} else {
$x = explode(',', io_load_file(SETUPTEMP_FILE));
- if ($x[0]!=$setupid)
- die('Setup is running: if you are the owner, you can delete ' .
- SETUPTEMP_FILE .' to restart');
- $i = intval($x[1]);
+ if ($x [0] != $setupid)
+ die('Setup is running: if you are the owner, you can delete ' . SETUPTEMP_FILE . ' to restart');
+ $i = intval($x [1]);
}
-
- @include("./setup/lib/{$STEPS[$i]}.lib.php");
+
+ @include ("./setup/lib/{$STEPS[$i]}.lib.php");
if (!function_exists('check_step')) :
+
function check_step() {
return true;
}
endif;
-
+
if (check_step()) {
++$i;
- if ($i>=$MAXST) {
+ if ($i >= $MAXST) {
fs_delete(SETUPTEMP_FILE);
io_write_file(LOCKFILE, "locked");
} else {
if ($i > 0 && !@io_write_file(SETUPTEMP_FILE, "$setupid,$i")) {
- $err[] = 'Write error';
- }
+ $err [] = 'Write error';
+ }
}
}
-
}
-
- $id = $STEPS[ $i ];
-
+
+ $id = $STEPS [$i];
+
return $i;
}
-
function validate() {
- if (!ctype_alnum($_POST['fpuser']))
- $err[] = "{$_POST['fpuser']} is not a valid username.
+ if (!ctype_alnum($_POST ['fpuser']))
+ $err [] = "{$_POST['fpuser']} is not a valid username.
Username must be alphanumeric and should not contain spaces.";
-
- if (strlen(trim(($_POST['fppwd']))) < 6)
- $err[] = "Password must contain at least 6 non-space characters";
-
- if (($_POST['fppwd'])!=($_POST['fppwd2']))
- $err[] = "Passwords did not match";
-
- if (!(preg_match('!@.*@|\.\.|\,|\;!', $_POST['email']) ||
- preg_match('!^.+\@(\[?)[a-zA-Z0-9\.\-]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$!', $_POST['email'])))
- $err[] = "{$_POST['email']} is not a valid email address";
-
- $www = $_POST['www'];
- if (!(preg_match('!^http(s)?://[\w-]+\.[\w-]+(\S+)?$!i', $www)
- || preg_match('!^http(s)?://localhost!', $www)))
- $err[] = "$www is not a valid URL";
- if ($www && $www[strlen($www)-1]!='/')
+
+ if (strlen(trim(($_POST ['fppwd']))) < 6)
+ $err [] = "Password must contain at least 6 non-space characters";
+
+ if (($_POST ['fppwd']) != ($_POST ['fppwd2']))
+ $err [] = "Passwords did not match";
+
+ if (!(preg_match('!@.*@|\.\.|\,|\;!', $_POST ['email']) || preg_match('!^.+\@(\[?)[a-zA-Z0-9\.\-]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$!', $_POST ['email'])))
+ $err [] = "{$_POST['email']} is not a valid email address";
+
+ $www = $_POST ['www'];
+ if (!(preg_match('!^http(s)?://[\w-]+\.[\w-]+(\S+)?$!i', $www) || preg_match('!^http(s)?://localhost!', $www)))
+ $err [] = "$www is not a valid URL";
+ if ($www && $www [strlen($www) - 1] != '/')
$www .= '/';
-
+
global $fp_config;
-
- $fp_config['general']['author'] = $user['userid'] = $_POST['fpuser'];
- $user['password'] = $_POST['fppwd'];
-
- $fp_config['general']['www'] = $user['www'] = $www;
- $fp_config['general']['email'] = $user['email'] = $_POST['email'];
-
-
-
+
+ $fp_config ['general'] ['author'] = $user ['userid'] = $_POST ['fpuser'];
+ $user ['password'] = $_POST ['fppwd'];
+
+ $fp_config ['general'] ['www'] = $user ['www'] = $www;
+ $fp_config ['general'] ['email'] = $user ['email'] = $_POST ['email'];
+
if (isset($err)) {
- $GLOBALS['err']=$err;
+ $GLOBALS ['err'] = $err;
return false;
}
-
-
- $fp_config['general']['blogid'] = system_generate_id(
- BLOG_ROOT.
- $user['www'].
- $user['email'].
- $user['userid']
- );
-
+
+ $fp_config ['general'] ['blogid'] = system_generate_id(BLOG_ROOT . $user ['www'] . $user ['email'] . $user ['userid']);
+
config_save();
- system_hashsalt_save();
-
user_add($user);
-
+
return true;
}