evolution-cms / evolution

manager/processors/login.processor.php

Indentation +127 added lines, -127 removed lines

@@ -1,7 +1,7 @@ 
 <?php
 if(!isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
-	header('HTTP/1.0 404 Not Found');
-	exit('error');
+    header('HTTP/1.0 404 Not Found');
+    exit('error');
 }
 define('IN_MANAGER_MODE', true);  // we use this to make sure files are accessed through
 define('MODX_API_MODE', true);
@@ -18,12 +18,12 @@ 
 include_once("{$core_path}lang/english.inc.php");
 
 if($manager_language !== 'english' && is_file("{$core_path}lang/{$manager_language}.inc.php")) {
-	include_once("{$core_path}lang/{$manager_language}.inc.php");
+    include_once("{$core_path}lang/{$manager_language}.inc.php");
 }
 
 // Initialize System Alert Message Queque
 if(!isset($_SESSION['SystemAlertMsgQueque'])) {
-	$_SESSION['SystemAlertMsgQueque'] = array();
+    $_SESSION['SystemAlertMsgQueque'] = array();
 }
 $SystemAlertMsgQueque = &$_SESSION['SystemAlertMsgQueque'];
 
@@ -38,10 +38,10 @@ 
 
 // invoke OnBeforeManagerLogin event
 $modx->invokeEvent('OnBeforeManagerLogin', array(
-		'username' => $username,
-		'userpassword' => $givenPassword,
-		'rememberme' => $rememberme
-	));
+        'username' => $username,
+        'userpassword' => $givenPassword,
+        'rememberme' => $rememberme
+    ));
 $fields = 'mu.*, ua.*';
 $from = '[+prefix+]manager_users AS mu, [+prefix+]user_attributes AS ua';
 $where = "BINARY mu.username='{$username}' and ua.internalKey=mu.id";
@@ -49,8 +49,8 @@ 
 $limit = $modx->db->getRecordCount($rs);
 
 if($limit == 0 || $limit > 1) {
-	jsAlert($_lang['login_processor_unknown_user']);
-	return;
+    jsAlert($_lang['login_processor_unknown_user']);
+    return;
 }
 
 $row = $modx->db->getRow($rs);
@@ -71,127 +71,127 @@ 
 // get the user settings from the database
 $rs = $modx->db->select('setting_name, setting_value', '[+prefix+]user_settings', "user='{$internalKey}' AND setting_value!=''");
 while($row = $modx->db->getRow($rs)) {
-	extract($row);
-	${$setting_name} = $setting_value;
+    extract($row);
+    ${$setting_name} = $setting_value;
 }
 
 // blocked due to number of login errors.
 if($failedlogins >= $failed_allowed && $blockeduntildate > time()) {
-	@session_destroy();
-	session_unset();
-	if($cip = getenv("HTTP_CLIENT_IP")) {
-		$ip = $cip;
-	} elseif($cip = getenv("HTTP_X_FORWARDED_FOR")) {
-		$ip = $cip;
-	} elseif($cip = getenv("REMOTE_ADDR")) {
-		$ip = $cip;
-	} else {
-		$ip = "UNKNOWN";
-	}
-	$log = new EvolutionCMS\Legacy\LogHandler();
-	$log->initAndWriteLog("Login Fail (Temporary Block)", $internalKey, $username, "119", $internalKey, "IP: " . $ip);
-	jsAlert($_lang['login_processor_many_failed_logins']);
-	return;
+    @session_destroy();
+    session_unset();
+    if($cip = getenv("HTTP_CLIENT_IP")) {
+        $ip = $cip;
+    } elseif($cip = getenv("HTTP_X_FORWARDED_FOR")) {
+        $ip = $cip;
+    } elseif($cip = getenv("REMOTE_ADDR")) {
+        $ip = $cip;
+    } else {
+        $ip = "UNKNOWN";
+    }
+    $log = new EvolutionCMS\Legacy\LogHandler();
+    $log->initAndWriteLog("Login Fail (Temporary Block)", $internalKey, $username, "119", $internalKey, "IP: " . $ip);
+    jsAlert($_lang['login_processor_many_failed_logins']);
+    return;
 }
 
 // blocked due to number of login errors, but get to try again
 if($failedlogins >= $failed_allowed && $blockeduntildate < time()) {
-	$fields = array();
-	$fields['failedlogincount'] = '0';
-	$fields['blockeduntil'] = time() - 1;
-	$modx->db->update($fields, '[+prefix+]user_attributes', "internalKey='{$internalKey}'");
+    $fields = array();
+    $fields['failedlogincount'] = '0';
+    $fields['blockeduntil'] = time() - 1;
+    $modx->db->update($fields, '[+prefix+]user_attributes', "internalKey='{$internalKey}'");
 }
 
 // this user has been blocked by an admin, so no way he's loggin in!
 if($blocked == '1') {
-	@session_destroy();
-	session_unset();
-	jsAlert($_lang['login_processor_blocked1']);
-	return;
+    @session_destroy();
+    session_unset();
+    jsAlert($_lang['login_processor_blocked1']);
+    return;
 }
 
 // blockuntil: this user has a block until date
 if($blockeduntildate > time()) {
-	@session_destroy();
-	session_unset();
-	jsAlert($_lang['login_processor_blocked2']);
-	return;
+    @session_destroy();
+    session_unset();
+    jsAlert($_lang['login_processor_blocked2']);
+    return;
 }
 
 // blockafter: this user has a block after date
 if($blockedafterdate > 0 && $blockedafterdate < time()) {
-	@session_destroy();
-	session_unset();
-	jsAlert($_lang['login_processor_blocked3']);
-	return;
+    @session_destroy();
+    session_unset();
+    jsAlert($_lang['login_processor_blocked3']);
+    return;
 }
 
 // allowed ip
 if($allowed_ip) {
-	if(($hostname = gethostbyaddr($_SERVER['REMOTE_ADDR'])) && ($hostname != $_SERVER['REMOTE_ADDR'])) {
-		if(gethostbyname($hostname) != $_SERVER['REMOTE_ADDR']) {
-			jsAlert($_lang['login_processor_remotehost_ip']);
-			return;
-		}
-	}
-	if(!in_array($_SERVER['REMOTE_ADDR'], array_filter(array_map('trim', explode(',', $allowed_ip))))) {
-		jsAlert($_lang['login_processor_remote_ip']);
-		return;
-	}
+    if(($hostname = gethostbyaddr($_SERVER['REMOTE_ADDR'])) && ($hostname != $_SERVER['REMOTE_ADDR'])) {
+        if(gethostbyname($hostname) != $_SERVER['REMOTE_ADDR']) {
+            jsAlert($_lang['login_processor_remotehost_ip']);
+            return;
+        }
+    }
+    if(!in_array($_SERVER['REMOTE_ADDR'], array_filter(array_map('trim', explode(',', $allowed_ip))))) {
+        jsAlert($_lang['login_processor_remote_ip']);
+        return;
+    }
 }
 
 // allowed days
 if($allowed_days) {
-	$date = getdate();
-	$day = $date['wday'] + 1;
-	if(!in_array($day,explode(',',$allowed_days))) {
-		jsAlert($_lang['login_processor_date']);
-		return;
-	}
+    $date = getdate();
+    $day = $date['wday'] + 1;
+    if(!in_array($day,explode(',',$allowed_days))) {
+        jsAlert($_lang['login_processor_date']);
+        return;
+    }
 }
 
 // invoke OnManagerAuthentication event
 $rt = $modx->invokeEvent('OnManagerAuthentication', array(
-		'userid' => $internalKey,
-		'username' => $username,
-		'userpassword' => $givenPassword,
-		'savedpassword' => $dbasePassword,
-		'rememberme' => $rememberme
-	));
+        'userid' => $internalKey,
+        'username' => $username,
+        'userpassword' => $givenPassword,
+        'savedpassword' => $dbasePassword,
+        'rememberme' => $rememberme
+    ));
 
 // check if plugin authenticated the user
 $matchPassword = false;
 if(!isset($rt) || !$rt || (is_array($rt) && !in_array(true, $rt))) {
-	// check user password - local authentication
-	$hashType = $modx->manager->getHashType($dbasePassword);
-	if($hashType == 'phpass') {
-		$matchPassword = login($username, $_REQUEST['password'], $dbasePassword);
-	} elseif($hashType == 'md5') {
-		$matchPassword = loginMD5($internalKey, $_REQUEST['password'], $dbasePassword, $username);
-	} elseif($hashType == 'v1') {
-		$matchPassword = loginV1($internalKey, $_REQUEST['password'], $dbasePassword, $username);
-	} else {
-		$matchPassword = false;
-	}
+    // check user password - local authentication
+    $hashType = $modx->manager->getHashType($dbasePassword);
+    if($hashType == 'phpass') {
+        $matchPassword = login($username, $_REQUEST['password'], $dbasePassword);
+    } elseif($hashType == 'md5') {
+        $matchPassword = loginMD5($internalKey, $_REQUEST['password'], $dbasePassword, $username);
+    } elseif($hashType == 'v1') {
+        $matchPassword = loginV1($internalKey, $_REQUEST['password'], $dbasePassword, $username);
+    } else {
+        $matchPassword = false;
+    }
 } else if($rt === true || (is_array($rt) && in_array(true, $rt))) {
-	$matchPassword = true;
+    $matchPassword = true;
 }
 
 if(!$matchPassword) {
-	jsAlert($_lang['login_processor_wrong_password']);
-	incrementFailedLoginCount($internalKey, $failedlogins, $failed_allowed, $blocked_minutes);
-	return;
+    jsAlert($_lang['login_processor_wrong_password']);
+    incrementFailedLoginCount($internalKey, $failedlogins, $failed_allowed, $blocked_minutes);
+    return;
 }
 
 if($modx->config['use_captcha'] == 1) {
-	if(!isset ($_SESSION['veriword'])) {
-		jsAlert($_lang['login_processor_captcha_config']);
-		return;
-	} elseif($_SESSION['veriword'] != $captcha_code) {
-		jsAlert($_lang['login_processor_bad_code']);
-		incrementFailedLoginCount($internalKey, $failedlogins, $failed_allowed, $blocked_minutes);
-		return;
-	}
+    if(!isset ($_SESSION['veriword'])) {
+        jsAlert($_lang['login_processor_captcha_config']);
+        return;
+    } elseif($_SESSION['veriword'] != $captcha_code) {
+        jsAlert($_lang['login_processor_bad_code']);
+        incrementFailedLoginCount($internalKey, $failedlogins, $failed_allowed, $blocked_minutes);
+        return;
+    }
 }
 
 $modx->cleanupExpiredLocks();
@@ -226,36 +226,36 @@ 
 $_SESSION['mgrToken'] = md5($currentsessionid);
 
 if($rememberme == '1') {
-	$_SESSION['modx.mgr.session.cookie.lifetime'] = (int)$modx->config['session.cookie.lifetime'];
-
-	// Set a cookie separate from the session cookie with the username in it.
-	// Are we using secure connection? If so, make sure the cookie is secure
-	global $https_port;
-
-	$secure = ((isset ($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on') || $_SERVER['SERVER_PORT'] == $https_port);
-	if(version_compare(PHP_VERSION, '5.2', '<')) {
-		setcookie('modx_remember_manager', $_SESSION['mgrShortname'], time() + 60 * 60 * 24 * 365, MODX_BASE_URL, '; HttpOnly', $secure);
-	} else {
-		setcookie('modx_remember_manager', $_SESSION['mgrShortname'], time() + 60 * 60 * 24 * 365, MODX_BASE_URL, NULL, $secure, true);
-	}
+    $_SESSION['modx.mgr.session.cookie.lifetime'] = (int)$modx->config['session.cookie.lifetime'];
+
+    // Set a cookie separate from the session cookie with the username in it.
+    // Are we using secure connection? If so, make sure the cookie is secure
+    global $https_port;
+
+    $secure = ((isset ($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on') || $_SERVER['SERVER_PORT'] == $https_port);
+    if(version_compare(PHP_VERSION, '5.2', '<')) {
+        setcookie('modx_remember_manager', $_SESSION['mgrShortname'], time() + 60 * 60 * 24 * 365, MODX_BASE_URL, '; HttpOnly', $secure);
+    } else {
+        setcookie('modx_remember_manager', $_SESSION['mgrShortname'], time() + 60 * 60 * 24 * 365, MODX_BASE_URL, NULL, $secure, true);
+    }
 } else {
-	$_SESSION['modx.mgr.session.cookie.lifetime'] = 0;
+    $_SESSION['modx.mgr.session.cookie.lifetime'] = 0;
 
-	// Remove the Remember Me cookie
-	setcookie('modx_remember_manager', '', time() - 3600, MODX_BASE_URL);
+    // Remove the Remember Me cookie
+    setcookie('modx_remember_manager', '', time() - 3600, MODX_BASE_URL);
 }
 
 // Check if user already has an active session, if not check if user pressed logout end of last session
 $rs = $modx->db->select('lasthit', $modx->getFullTableName('active_user_sessions'), "internalKey='{$internalKey}'");
 $activeSession = $modx->db->getValue($rs);
 if(!$activeSession) {
-	$rs = $modx->db->select('lasthit', $modx->getFullTableName('active_users'), "internalKey='{$internalKey}' AND action != 8");
-	if($lastHit = $modx->db->getValue($rs)) {
-		$_SESSION['show_logout_reminder'] = array(
-			'type' => 'logout_reminder',
-			'lastHit' => $lastHit
-		);
-	}
+    $rs = $modx->db->select('lasthit', $modx->getFullTableName('active_users'), "internalKey='{$internalKey}' AND action != 8");
+    if($lastHit = $modx->db->getValue($rs)) {
+        $_SESSION['show_logout_reminder'] = array(
+            'type' => 'logout_reminder',
+            'lastHit' => $lastHit
+        );
+    }
 }
 
 $log = new EvolutionCMS\Legacy\LogHandler();
@@ -263,27 +263,27 @@ 
 
 // invoke OnManagerLogin event
 $modx->invokeEvent('OnManagerLogin', array(
-		'userid' => $internalKey,
-		'username' => $username,
-		'userpassword' => $givenPassword,
-		'rememberme' => $rememberme
-	));
+        'userid' => $internalKey,
+        'username' => $username,
+        'userpassword' => $givenPassword,
+        'rememberme' => $rememberme
+    ));
 
 // check if we should redirect user to a web page
 $rs = $modx->db->select('setting_value', '[+prefix+]user_settings', "user='{$internalKey}' AND setting_name='manager_login_startup'");
 $id = (int)$modx->db->getValue($rs);
 if($id > 0) {
-	$header = 'Location: ' . $modx->makeUrl($id, '', '', 'full');
-	if($_POST['ajax'] == 1) {
-		echo $header;
-	} else {
-		header($header);
-	}
+    $header = 'Location: ' . $modx->makeUrl($id, '', '', 'full');
+    if($_POST['ajax'] == 1) {
+        echo $header;
+    } else {
+        header($header);
+    }
 } else {
-	$header = 'Location: ' . MODX_MANAGER_URL;
-	if($_POST['ajax'] == 1) {
-		echo $header;
-	} else {
-		header($header);
-	}
+    $header = 'Location: ' . MODX_MANAGER_URL;
+    if($_POST['ajax'] == 1) {
+        echo $header;
+    } else {
+        header($header);
+    }
 }

manager/processors/move_document.processor.php

Indentation +48 added lines, -48 removed lines

@@ -3,7 +3,7 @@ 
     die("<b>INCLUDE_ORDERING_ERROR</b><br /><br />Please use the EVO Content Manager instead of accessing this file directly.");
 }
 if(!$modx->hasPermission('edit_document')) {
-	$modx->webAlertAndQuit($_lang["error_no_privileges"]);
+    $modx->webAlertAndQuit($_lang["error_no_privileges"]);
 }
 
 $newParentID = isset($_REQUEST['new_parent']) ? (int)$_REQUEST['new_parent'] : 0;
@@ -25,68 +25,68 @@ 
 // check user has permission to move document to chosen location
 
 if ($use_udperms == 1) {
-	if ($oldparent != $newParentID) {
-		$udperms = new EvolutionCMS\Legacy\Permissions();
-		$udperms->user = $modx->getLoginUserID();
-		$udperms->document = $newParentID;
-		$udperms->role = $_SESSION['mgrRole'];
+    if ($oldparent != $newParentID) {
+        $udperms = new EvolutionCMS\Legacy\Permissions();
+        $udperms->user = $modx->getLoginUserID();
+        $udperms->document = $newParentID;
+        $udperms->role = $_SESSION['mgrRole'];
 
-		 if (!$udperms->checkPermissions()) {
-			$modx->webAlertAndQuit($_lang["access_permission_parent_denied"]);
-		 }
-	}
+            if (!$udperms->checkPermissions()) {
+            $modx->webAlertAndQuit($_lang["access_permission_parent_denied"]);
+            }
+    }
 }
 
 $evtOut = $modx->invokeEvent("onBeforeMoveDocument", array (
-	"id_document" => $documentID,
-	"old_parent" => $oldparent,
-	"new_parent" => $newParentID
+    "id_document" => $documentID,
+    "old_parent" => $oldparent,
+    "new_parent" => $newParentID
 ));
 if (is_array($evtOut) && count($evtOut) > 0){
-	$newParent = array_pop($evtOut);
-	if($newParent == $oldparent) {
-		$modx->webAlertAndQuit($_lang["error_movedocument2"]);
-	}else{
-		$newParentID = $newParent;
-	}
+    $newParent = array_pop($evtOut);
+    if($newParent == $oldparent) {
+        $modx->webAlertAndQuit($_lang["error_movedocument2"]);
+    }else{
+        $newParentID = $newParent;
+    }
 }
 
 $children = allChildren($documentID);
 if (!array_search($newParentID, $children)) {
-	$modx->db->update(array(
-		'isfolder' => 1,
-	), $modx->getFullTableName('site_content'), "id='{$newParentID}'");
+    $modx->db->update(array(
+        'isfolder' => 1,
+    ), $modx->getFullTableName('site_content'), "id='{$newParentID}'");
 
-	$modx->db->update(array(
-		'parent'   => $newParentID,
-		'editedby' => $modx->getLoginUserID(),
-		'editedon' => time(),
-	), $modx->getFullTableName('site_content'), "id='{$documentID}'");
+    $modx->db->update(array(
+        'parent'   => $newParentID,
+        'editedby' => $modx->getLoginUserID(),
+        'editedon' => time(),
+    ), $modx->getFullTableName('site_content'), "id='{$documentID}'");
 
-	// finished moving the document, now check to see if the old_parent should no longer be a folder.
-	$rs = $modx->db->select('COUNT(*)', $modx->getFullTableName('site_content'), "parent='{$oldparent}'");
-	$limit = $modx->db->getValue($rs);
+    // finished moving the document, now check to see if the old_parent should no longer be a folder.
+    $rs = $modx->db->select('COUNT(*)', $modx->getFullTableName('site_content'), "parent='{$oldparent}'");
+    $limit = $modx->db->getValue($rs);
 
-	if(!$limit>0) {
-		$modx->db->update(array(
-			'isfolder' => 0,
-		), $modx->getFullTableName('site_content'), "id='{$oldparent}'");
-	}
-	// Set the item name for logger
-	$pagetitle = $modx->db->getValue($modx->db->select('pagetitle', $modx->getFullTableName('site_content'), "id='{$documentID}'"));
-	$_SESSION['itemname'] = $pagetitle;
+    if(!$limit>0) {
+        $modx->db->update(array(
+            'isfolder' => 0,
+        ), $modx->getFullTableName('site_content'), "id='{$oldparent}'");
+    }
+    // Set the item name for logger
+    $pagetitle = $modx->db->getValue($modx->db->select('pagetitle', $modx->getFullTableName('site_content'), "id='{$documentID}'"));
+    $_SESSION['itemname'] = $pagetitle;
 
-	$modx->invokeEvent("onAfterMoveDocument", array (
-		"id_document" => $documentID,
-		"old_parent" => $oldparent,
-		"new_parent" => $newParentID
-	));
+    $modx->invokeEvent("onAfterMoveDocument", array (
+        "id_document" => $documentID,
+        "old_parent" => $oldparent,
+        "new_parent" => $newParentID
+    ));
 
-	// empty cache & sync site
-	$modx->clearCache('full');
+    // empty cache & sync site
+    $modx->clearCache('full');
 
-	$header="Location: index.php?a=3&id={$documentID}&r=9";
-	header($header);
+    $header="Location: index.php?a=3&id={$documentID}&r=9";
+    header($header);
 } else {
-	$modx->webAlertAndQuit("You cannot move a document to a child document!");
+    $modx->webAlertAndQuit("You cannot move a document to a child document!");
 }

manager/processors/undelete_content.processor.php

Indentation +15 added lines, -15 removed lines

@@ -3,12 +3,12 @@ 
     die("<b>INCLUDE_ORDERING_ERROR</b><br /><br />Please use the EVO Content Manager instead of accessing this file directly.");
 }
 if(!$modx->hasPermission('delete_document')) {
-	$modx->webAlertAndQuit($_lang["error_no_privileges"]);
+    $modx->webAlertAndQuit($_lang["error_no_privileges"]);
 }
 
 $id = isset($_REQUEST['id'])? (int)$_REQUEST['id'] : 0;
 if($id==0) {
-	$modx->webAlertAndQuit($_lang["error_no_id"]);
+    $modx->webAlertAndQuit($_lang["error_no_id"]);
 }
 
 /************ webber ********/
@@ -31,14 +31,14 @@ 
 $udperms->role = $_SESSION['mgrRole'];
 
 if(!$udperms->checkPermissions()) {
-	$modx->webAlertAndQuit($_lang["access_permission_denied"]);
+    $modx->webAlertAndQuit($_lang["access_permission_denied"]);
 }
 
 // get the timestamp on which the document was deleted.
 $rs = $modx->db->select('deletedon', $modx->getFullTableName('site_content'), "id='{$id}' AND deleted=1");
 $deltime = $modx->db->getValue($rs);
 if(!$deltime) {
-	$modx->webAlertAndQuit("Couldn't find document to determine it's date of deletion!");
+    $modx->webAlertAndQuit("Couldn't find document to determine it's date of deletion!");
 }
 
 $children = array();
@@ -46,20 +46,20 @@ 
 getChildrenForUnDelete($id);
 
 if(count($children)>0) {
-	$modx->db->update(
-		array(
-			'deleted'   => 0,
-			'deletedby' => 0,
-			'deletedon' => 0,
-		), $modx->getFullTableName('site_content'), "id IN(".implode(", ", $children).")");
+    $modx->db->update(
+        array(
+            'deleted'   => 0,
+            'deletedby' => 0,
+            'deletedon' => 0,
+        ), $modx->getFullTableName('site_content'), "id IN(".implode(", ", $children).")");
 }
 //'undelete' the document.
 $modx->db->update(
-	array(
-		'deleted'   => 0,
-		'deletedby' => 0,
-		'deletedon' => 0,
-	), $modx->getFullTableName('site_content'), "id='{$id}'");
+    array(
+        'deleted'   => 0,
+        'deletedby' => 0,
+        'deletedon' => 0,
+    ), $modx->getFullTableName('site_content'), "id='{$id}'");
 
 $modx->invokeEvent("OnDocFormUnDelete",
     array(

manager/processors/save_user.processor.php

Indentation +245 added lines, -245 removed lines

@@ -1,9 +1,9 @@ 
 <?php
 if( ! defined('IN_MANAGER_MODE') || IN_MANAGER_MODE !== true) {
-	die("<b>INCLUDE_ORDERING_ERROR</b><br /><br />Please use the EVO Content Manager instead of accessing this file directly.");
+    die("<b>INCLUDE_ORDERING_ERROR</b><br /><br />Please use the EVO Content Manager instead of accessing this file directly.");
 }
 if(!$modx->hasPermission('save_user')) {
-	$modx->webAlertAndQuit($_lang["error_no_privileges"]);
+    $modx->webAlertAndQuit($_lang["error_no_privileges"]);
 }
 
 $modx->loadExtension('phpass');
@@ -45,134 +45,134 @@ 
 
 // verify password
 if($passwordgenmethod == "spec" && $input['specifiedpassword'] != $input['confirmpassword']) {
-	webAlertAndQuit("Password typed is mismatched", 12);
+    webAlertAndQuit("Password typed is mismatched", 12);
 }
 
 // verify email
 if($email == '' || !preg_match("/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,24}$/i", $email)) {
-	webAlertAndQuit("E-mail address doesn't seem to be valid!", 12);
+    webAlertAndQuit("E-mail address doesn't seem to be valid!", 12);
 }
 
 // verify admin security
 if($_SESSION['mgrRole'] != 1) {
-	// Check to see if user tried to spoof a "1" (admin) role
-	if(!$modx->hasPermission('save_role')) {
-		webAlertAndQuit("Illegal attempt to create/modify administrator by non-administrator!", 12);
-	}
-	// Verify that the user being edited wasn't an admin and the user ID got spoofed
-	$rs = $modx->db->select('count(internalKey)', $tbl_user_attributes, "internalKey='{$id}' AND role=1");
-	$limit = $modx->db->getValue($rs);
-	if($limit > 0) {
-		webAlertAndQuit("You cannot alter an administrative user.", 12);
-	}
+    // Check to see if user tried to spoof a "1" (admin) role
+    if(!$modx->hasPermission('save_role')) {
+        webAlertAndQuit("Illegal attempt to create/modify administrator by non-administrator!", 12);
+    }
+    // Verify that the user being edited wasn't an admin and the user ID got spoofed
+    $rs = $modx->db->select('count(internalKey)', $tbl_user_attributes, "internalKey='{$id}' AND role=1");
+    $limit = $modx->db->getValue($rs);
+    if($limit > 0) {
+        webAlertAndQuit("You cannot alter an administrative user.", 12);
+    }
 
 }
 
 switch($input['mode']) {
-	case '11' : // new user
-		// check if this user name already exist
-		$rs = $modx->db->select('count(id)', $tbl_manager_users, sprintf("username='%s'", $modx->db->escape($newusername)));
-		$limit = $modx->db->getValue($rs);
-		if($limit > 0) {
-			webAlertAndQuit("User name is already in use!", 12);
-		}
-
-		// check if the email address already exist
-		$rs = $modx->db->select('count(internalKey)', $tbl_user_attributes, sprintf("email='%s' AND id!='%s'", $modx->db->escape($email), $id));
-		$limit = $modx->db->getValue($rs);
-		if($limit > 0) {
-			webAlertAndQuit("Email is already in use!", 12);
-		}
-
-		// generate a new password for this user
-		if($specifiedpassword != "" && $passwordgenmethod == "spec") {
-			if(strlen($specifiedpassword) < 6) {
-				webAlertAndQuit("Password is too short!", 12);
-			} else {
-				$newpassword = $specifiedpassword;
-			}
-		} elseif($specifiedpassword == "" && $passwordgenmethod == "spec") {
-			webAlertAndQuit("You didn't specify a password for this user!", 12);
-		} elseif($passwordgenmethod == 'g') {
-			$newpassword = generate_password(8);
-		} else {
-			webAlertAndQuit("No password generation method specified!", 12);
-		}
-
-		// invoke OnBeforeUserFormSave event
-		$modx->invokeEvent("OnBeforeUserFormSave", array(
-			"mode" => "new",
-		));
-
-		// create the user account
-		$internalKey = $modx->db->insert(array('username' => $modx->db->escape($newusername)), $tbl_manager_users);
-
-		$field = array();
-		$field['password'] = $modx->phpass->HashPassword($newpassword);
-		$modx->db->update($field, $tbl_manager_users, "id='{$internalKey}'");
-
-		$field = compact('internalKey', 'fullname', 'role', 'email', 'phone', 'mobilephone', 'fax', 'zip', 'street', 'city', 'state', 'country', 'gender', 'dob', 'photo', 'comment', 'blocked', 'blockeduntil', 'blockedafter');
-		$field = $modx->db->escape($field);
-		$modx->db->insert($field, $tbl_user_attributes);
-
-		// Save user settings
+    case '11' : // new user
+        // check if this user name already exist
+        $rs = $modx->db->select('count(id)', $tbl_manager_users, sprintf("username='%s'", $modx->db->escape($newusername)));
+        $limit = $modx->db->getValue($rs);
+        if($limit > 0) {
+            webAlertAndQuit("User name is already in use!", 12);
+        }
+
+        // check if the email address already exist
+        $rs = $modx->db->select('count(internalKey)', $tbl_user_attributes, sprintf("email='%s' AND id!='%s'", $modx->db->escape($email), $id));
+        $limit = $modx->db->getValue($rs);
+        if($limit > 0) {
+            webAlertAndQuit("Email is already in use!", 12);
+        }
+
+        // generate a new password for this user
+        if($specifiedpassword != "" && $passwordgenmethod == "spec") {
+            if(strlen($specifiedpassword) < 6) {
+                webAlertAndQuit("Password is too short!", 12);
+            } else {
+                $newpassword = $specifiedpassword;
+            }
+        } elseif($specifiedpassword == "" && $passwordgenmethod == "spec") {
+            webAlertAndQuit("You didn't specify a password for this user!", 12);
+        } elseif($passwordgenmethod == 'g') {
+            $newpassword = generate_password(8);
+        } else {
+            webAlertAndQuit("No password generation method specified!", 12);
+        }
+
+        // invoke OnBeforeUserFormSave event
+        $modx->invokeEvent("OnBeforeUserFormSave", array(
+            "mode" => "new",
+        ));
+
+        // create the user account
+        $internalKey = $modx->db->insert(array('username' => $modx->db->escape($newusername)), $tbl_manager_users);
+
+        $field = array();
+        $field['password'] = $modx->phpass->HashPassword($newpassword);
+        $modx->db->update($field, $tbl_manager_users, "id='{$internalKey}'");
+
+        $field = compact('internalKey', 'fullname', 'role', 'email', 'phone', 'mobilephone', 'fax', 'zip', 'street', 'city', 'state', 'country', 'gender', 'dob', 'photo', 'comment', 'blocked', 'blockeduntil', 'blockedafter');
+        $field = $modx->db->escape($field);
+        $modx->db->insert($field, $tbl_user_attributes);
+
+        // Save user settings
         saveManagerUserSettings($internalKey);
 
-		// invoke OnManagerSaveUser event
-		$modx->invokeEvent("OnManagerSaveUser", array(
-			"mode" => "new",
-			"userid" => $internalKey,
-			"username" => $newusername,
-			"userpassword" => $newpassword,
-			"useremail" => $email,
-			"userfullname" => $fullname,
-			"userroleid" => $role
-		));
-
-		// invoke OnUserFormSave event
-		$modx->invokeEvent("OnUserFormSave", array(
-			"mode" => "new",
-			"id" => $internalKey
-		));
-
-		// Set the item name for logger
-		$_SESSION['itemname'] = $newusername;
-
-		/*******************************************************************************/
-		// put the user in the user_groups he/ she should be in
-		// first, check that up_perms are switched on!
-		if($use_udperms == 1) {
-			if(!empty($user_groups)) {
-				for($i = 0; $i < count($user_groups); $i++) {
-					$f = array();
-					$f['user_group'] = (int)$user_groups[$i];
-					$f['member'] = $internalKey;
-					$modx->db->insert($f, $tbl_member_groups);
-				}
-			}
-		}
-		// end of user_groups stuff!
-
-		if($passwordnotifymethod == 'e') {
+        // invoke OnManagerSaveUser event
+        $modx->invokeEvent("OnManagerSaveUser", array(
+            "mode" => "new",
+            "userid" => $internalKey,
+            "username" => $newusername,
+            "userpassword" => $newpassword,
+            "useremail" => $email,
+            "userfullname" => $fullname,
+            "userroleid" => $role
+        ));
+
+        // invoke OnUserFormSave event
+        $modx->invokeEvent("OnUserFormSave", array(
+            "mode" => "new",
+            "id" => $internalKey
+        ));
+
+        // Set the item name for logger
+        $_SESSION['itemname'] = $newusername;
+
+        /*******************************************************************************/
+        // put the user in the user_groups he/ she should be in
+        // first, check that up_perms are switched on!
+        if($use_udperms == 1) {
+            if(!empty($user_groups)) {
+                for($i = 0; $i < count($user_groups); $i++) {
+                    $f = array();
+                    $f['user_group'] = (int)$user_groups[$i];
+                    $f['member'] = $internalKey;
+                    $modx->db->insert($f, $tbl_member_groups);
+                }
+            }
+        }
+        // end of user_groups stuff!
+
+        if($passwordnotifymethod == 'e') {
             sendMailMessageForUser($email, $newusername, $newpassword, $fullname, $signupemail_message, MODX_MANAGER_URL);
-			if($input['stay'] != '') {
-				$a = ($input['stay'] == '2') ? "12&id={$internalKey}" : "11";
-				$header = "Location: index.php?a={$a}&r=2&stay=" . $input['stay'];
-				header($header);
-			} else {
-				$header = "Location: index.php?a=75&r=2";
-				header($header);
-			}
-		} else {
-			if($input['stay'] != '') {
-				$a = ($input['stay'] == '2') ? "12&id={$internalKey}" : "11";
-				$stayUrl = "index.php?a={$a}&r=2&stay=" . $input['stay'];
-			} else {
-				$stayUrl = "index.php?a=75&r=2";
-			}
-
-			include_once "header.inc.php";
-			?>
+            if($input['stay'] != '') {
+                $a = ($input['stay'] == '2') ? "12&id={$internalKey}" : "11";
+                $header = "Location: index.php?a={$a}&r=2&stay=" . $input['stay'];
+                header($header);
+            } else {
+                $header = "Location: index.php?a=75&r=2";
+                header($header);
+            }
+        } else {
+            if($input['stay'] != '') {
+                $a = ($input['stay'] == '2') ? "12&id={$internalKey}" : "11";
+                $stayUrl = "index.php?a={$a}&r=2&stay=" . $input['stay'];
+            } else {
+                $stayUrl = "index.php?a=75&r=2";
+            }
+
+            include_once "header.inc.php";
+            ?>
 
 			<h1><?php echo $_lang['user_title']; ?></h1>
 
@@ -194,125 +194,125 @@ 
 			</div>
 			<?php
 
-			include_once "footer.inc.php";
-		}
-		break;
-	case '12' : // edit user
-		// generate a new password for this user
-		if($genpassword == 1) {
-			if($specifiedpassword != "" && $passwordgenmethod == "spec") {
-				if(strlen($specifiedpassword) < 6) {
-					webAlertAndQuit("Password is too short!", 12);
-				} else {
-					$newpassword = $specifiedpassword;
-				}
-			} elseif($specifiedpassword == "" && $passwordgenmethod == "spec") {
-				webAlertAndQuit("You didn't specify a password for this user!", 12);
-			} elseif($passwordgenmethod == 'g') {
-				$newpassword = generate_password(8);
-			} else {
-				webAlertAndQuit("No password generation method specified!", 12);
-			}
-		}
-		if($passwordnotifymethod == 'e') {
+            include_once "footer.inc.php";
+        }
+        break;
+    case '12' : // edit user
+        // generate a new password for this user
+        if($genpassword == 1) {
+            if($specifiedpassword != "" && $passwordgenmethod == "spec") {
+                if(strlen($specifiedpassword) < 6) {
+                    webAlertAndQuit("Password is too short!", 12);
+                } else {
+                    $newpassword = $specifiedpassword;
+                }
+            } elseif($specifiedpassword == "" && $passwordgenmethod == "spec") {
+                webAlertAndQuit("You didn't specify a password for this user!", 12);
+            } elseif($passwordgenmethod == 'g') {
+                $newpassword = generate_password(8);
+            } else {
+                webAlertAndQuit("No password generation method specified!", 12);
+            }
+        }
+        if($passwordnotifymethod == 'e') {
             sendMailMessageForUser($email, $newusername, $newpassword, $fullname, $signupemail_message, MODX_MANAGER_URL);
-		}
-
-		// check if the username already exist
-		$rs = $modx->db->select('count(id)', $tbl_manager_users, sprintf("username='%s' AND id!='%s'", $modx->db->escape($newusername), $id));
-		$limit = $modx->db->getValue($rs);
-		if($limit > 0) {
-			webAlertAndQuit("User name is already in use!", 12);
-		}
-
-		// check if the email address already exists
-		$rs = $modx->db->select('count(internalKey)', $tbl_user_attributes, sprintf("email='%s' AND internalKey!='%s'", $modx->db->escape($email), $id));
-		$limit = $modx->db->getValue($rs);
-		if($limit > 0) {
-			webAlertAndQuit("Email is already in use!", 12);
-		}
-
-		// invoke OnBeforeUserFormSave event
-		$modx->invokeEvent("OnBeforeUserFormSave", array(
-			"mode" => "upd",
-			"id" => $id
-		));
-
-		// update user name and password
-		$field = array();
-		$field['username'] = $modx->db->escape($newusername);
-		if($genpassword == 1) {
-			$field['password'] = $modx->phpass->HashPassword($newpassword);
-		}
-		$modx->db->update($field, $tbl_manager_users, "id='{$id}'");
-		$field = compact('fullname', 'role', 'email', 'phone', 'mobilephone', 'fax', 'zip', 'street', 'city', 'state', 'country', 'gender', 'dob', 'photo', 'comment', 'failedlogincount', 'blocked', 'blockeduntil', 'blockedafter');
-		$field = $modx->db->escape($field);
-		$modx->db->update($field, $tbl_user_attributes, "internalKey='{$id}'");
-
-		// Save user settings
+        }
+
+        // check if the username already exist
+        $rs = $modx->db->select('count(id)', $tbl_manager_users, sprintf("username='%s' AND id!='%s'", $modx->db->escape($newusername), $id));
+        $limit = $modx->db->getValue($rs);
+        if($limit > 0) {
+            webAlertAndQuit("User name is already in use!", 12);
+        }
+
+        // check if the email address already exists
+        $rs = $modx->db->select('count(internalKey)', $tbl_user_attributes, sprintf("email='%s' AND internalKey!='%s'", $modx->db->escape($email), $id));
+        $limit = $modx->db->getValue($rs);
+        if($limit > 0) {
+            webAlertAndQuit("Email is already in use!", 12);
+        }
+
+        // invoke OnBeforeUserFormSave event
+        $modx->invokeEvent("OnBeforeUserFormSave", array(
+            "mode" => "upd",
+            "id" => $id
+        ));
+
+        // update user name and password
+        $field = array();
+        $field['username'] = $modx->db->escape($newusername);
+        if($genpassword == 1) {
+            $field['password'] = $modx->phpass->HashPassword($newpassword);
+        }
+        $modx->db->update($field, $tbl_manager_users, "id='{$id}'");
+        $field = compact('fullname', 'role', 'email', 'phone', 'mobilephone', 'fax', 'zip', 'street', 'city', 'state', 'country', 'gender', 'dob', 'photo', 'comment', 'failedlogincount', 'blocked', 'blockeduntil', 'blockedafter');
+        $field = $modx->db->escape($field);
+        $modx->db->update($field, $tbl_user_attributes, "internalKey='{$id}'");
+
+        // Save user settings
         saveManagerUserSettings($id);
 
-		// Set the item name for logger
-		$_SESSION['itemname'] = $newusername;
-
-		// invoke OnManagerSaveUser event
-		$modx->invokeEvent("OnManagerSaveUser", array(
-			"mode" => "upd",
-			"userid" => $id,
-			"username" => $newusername,
-			"userpassword" => $newpassword,
-			"useremail" => $email,
-			"userfullname" => $fullname,
-			"userroleid" => $role,
-			"oldusername" => (($oldusername != $newusername) ? $oldusername : ""),
-			"olduseremail" => (($oldemail != $email) ? $oldemail : "")
-		));
-
-		// invoke OnManagerChangePassword event
-		if($genpassword == 1) {
-			$modx->invokeEvent("OnManagerChangePassword", array(
-				"userid" => $id,
-				"username" => $newusername,
-				"userpassword" => $newpassword
-			));
-		}
-
-		// invoke OnUserFormSave event
-		$modx->invokeEvent("OnUserFormSave", array(
-			"mode" => "upd",
-			"id" => $id
-		));
-
-		/*******************************************************************************/
-		// put the user in the user_groups he/ she should be in
-		// first, check that up_perms are switched on!
-		if($use_udperms == 1) {
-			// as this is an existing user, delete his/ her entries in the groups before saving the new groups
-			$modx->db->delete($tbl_member_groups, "member='{$id}'");
-			if(!empty($user_groups)) {
-				for($i = 0; $i < count($user_groups); $i++) {
-					$field = array();
-					$field['user_group'] = (int)$user_groups[$i];
-					$field['member'] = $id;
-					$modx->db->insert($field, $tbl_member_groups);
-				}
-			}
-		}
-		// end of user_groups stuff!
-		/*******************************************************************************/
-		if($id == $modx->getLoginUserID() && ($genpassword !== 1 && $passwordnotifymethod != 's')) {
-			$modx->webAlertAndQuit($_lang["user_changeddata"], 'javascript:top.location.href="index.php?a=8";');
-		}
-		if($genpassword == 1 && $passwordnotifymethod == 's') {
-			if($input['stay'] != '') {
-				$a = ($input['stay'] == '2') ? "12&id={$id}" : "11";
-				$stayUrl = "index.php?a={$a}&r=2&stay=" . $input['stay'];
-			} else {
-				$stayUrl = "index.php?a=75&r=2";
-			}
-
-			include_once "header.inc.php";
-			?>
+        // Set the item name for logger
+        $_SESSION['itemname'] = $newusername;
+
+        // invoke OnManagerSaveUser event
+        $modx->invokeEvent("OnManagerSaveUser", array(
+            "mode" => "upd",
+            "userid" => $id,
+            "username" => $newusername,
+            "userpassword" => $newpassword,
+            "useremail" => $email,
+            "userfullname" => $fullname,
+            "userroleid" => $role,
+            "oldusername" => (($oldusername != $newusername) ? $oldusername : ""),
+            "olduseremail" => (($oldemail != $email) ? $oldemail : "")
+        ));
+
+        // invoke OnManagerChangePassword event
+        if($genpassword == 1) {
+            $modx->invokeEvent("OnManagerChangePassword", array(
+                "userid" => $id,
+                "username" => $newusername,
+                "userpassword" => $newpassword
+            ));
+        }
+
+        // invoke OnUserFormSave event
+        $modx->invokeEvent("OnUserFormSave", array(
+            "mode" => "upd",
+            "id" => $id
+        ));
+
+        /*******************************************************************************/
+        // put the user in the user_groups he/ she should be in
+        // first, check that up_perms are switched on!
+        if($use_udperms == 1) {
+            // as this is an existing user, delete his/ her entries in the groups before saving the new groups
+            $modx->db->delete($tbl_member_groups, "member='{$id}'");
+            if(!empty($user_groups)) {
+                for($i = 0; $i < count($user_groups); $i++) {
+                    $field = array();
+                    $field['user_group'] = (int)$user_groups[$i];
+                    $field['member'] = $id;
+                    $modx->db->insert($field, $tbl_member_groups);
+                }
+            }
+        }
+        // end of user_groups stuff!
+        /*******************************************************************************/
+        if($id == $modx->getLoginUserID() && ($genpassword !== 1 && $passwordnotifymethod != 's')) {
+            $modx->webAlertAndQuit($_lang["user_changeddata"], 'javascript:top.location.href="index.php?a=8";');
+        }
+        if($genpassword == 1 && $passwordnotifymethod == 's') {
+            if($input['stay'] != '') {
+                $a = ($input['stay'] == '2') ? "12&id={$id}" : "11";
+                $stayUrl = "index.php?a={$a}&r=2&stay=" . $input['stay'];
+            } else {
+                $stayUrl = "index.php?a=75&r=2";
+            }
+
+            include_once "header.inc.php";
+            ?>
 
 			<h1><?php echo $_lang['user_title']; ?></h1>
 
@@ -332,18 +332,18 @@ 
 			</div>
 			<?php
 
-			include_once "footer.inc.php";
-		} else {
-			if($input['stay'] != '') {
-				$a = ($input['stay'] == '2') ? "12&id={$id}" : "11";
-				$header = "Location: index.php?a={$a}&r=2&stay=" . $input['stay'];
-				header($header);
-			} else {
-				$header = "Location: index.php?a=75&r=2";
-				header($header);
-			}
-		}
-		break;
-	default:
-		webAlertAndQuit("No operation set in request.", 12);
+            include_once "footer.inc.php";
+        } else {
+            if($input['stay'] != '') {
+                $a = ($input['stay'] == '2') ? "12&id={$id}" : "11";
+                $header = "Location: index.php?a={$a}&r=2&stay=" . $input['stay'];
+                header($header);
+            } else {
+                $header = "Location: index.php?a=75&r=2";
+                header($header);
+            }
+        }
+        break;
+    default:
+        webAlertAndQuit("No operation set in request.", 12);
 }

manager/processors/save_web_user.processor.php

Indentation +192 added lines, -192 removed lines

@@ -1,9 +1,9 @@ 
 <?php
 if( ! defined('IN_MANAGER_MODE') || IN_MANAGER_MODE !== true) {
-	die("<b>INCLUDE_ORDERING_ERROR</b><br /><br />Please use the EVO Content Manager instead of accessing this file directly.");
+    die("<b>INCLUDE_ORDERING_ERROR</b><br /><br />Please use the EVO Content Manager instead of accessing this file directly.");
 }
 if(!$modx->hasPermission('save_web_user')) {
-	$modx->webAlertAndQuit($_lang["error_no_privileges"]);
+    $modx->webAlertAndQuit($_lang["error_no_privileges"]);
 }
 
 $tbl_web_users = $modx->getFullTableName('web_users');
@@ -12,10 +12,10 @@ 
 
 $input = $_POST;
 foreach($input as $k => $v) {
-	if($k !== 'comment') {
-		$v = $modx->htmlspecialchars($v, ENT_NOQUOTES);
-	}
-	$input[$k] = $v;
+    if($k !== 'comment') {
+        $v = $modx->htmlspecialchars($v, ENT_NOQUOTES);
+    }
+    $input[$k] = $v;
 }
 
 $id = (int)$input['id'];
@@ -51,82 +51,82 @@ 
 
 // verify password
 if($passwordgenmethod == "spec" && $input['specifiedpassword'] != $input['confirmpassword']) {
-	webAlertAndQuit("Password typed is mismatched", 88);
+    webAlertAndQuit("Password typed is mismatched", 88);
 }
 
 // verify email
 if($email == '' || !preg_match("/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,24}$/i", $email)) {
-	webAlertAndQuit("E-mail address doesn't seem to be valid!", 88);
+    webAlertAndQuit("E-mail address doesn't seem to be valid!", 88);
 }
 
 switch($input['mode']) {
-	case '87' : // new user
-		// check if this user name already exist
-		$rs = $modx->db->select('count(id)', $tbl_web_users, "username='{$esc_newusername}'");
-		$limit = $modx->db->getValue($rs);
-		if($limit > 0) {
-			webAlertAndQuit("User name is already in use!", 88);
-		}
-
-		// check if the email address already exist
-		if ($modx->config['allow_multiple_emails'] != 1) {
-			$rs = $modx->db->select('count(id)', $tbl_web_user_attributes, "email='{$esc_email}' AND id!='{$id}'");
-			$limit = $modx->db->getValue($rs);
-			if($limit > 0) {
-				webAlertAndQuit("Email is already in use!", 88);
-			}
-		}
-
-		// generate a new password for this user
-		if($specifiedpassword != "" && $passwordgenmethod == "spec") {
-			if(strlen($specifiedpassword) < 6) {
-				webAlertAndQuit("Password is too short!", 88);
-			} else {
-				$newpassword = $specifiedpassword;
-			}
-		} elseif($specifiedpassword == "" && $passwordgenmethod == "spec") {
-			webAlertAndQuit("You didn't specify a password for this user!", 88);
-		} elseif($passwordgenmethod == 'g') {
-			$newpassword = generate_password(8);
-		} else {
-			webAlertAndQuit("No password generation method specified!", 88);
-		}
-
-		// invoke OnBeforeWUsrFormSave event
-		$modx->invokeEvent("OnBeforeWUsrFormSave", array(
-			"mode" => "new",
-		));
-
-		// create the user account
-		$field = array();
-		$field['username'] = $esc_newusername;
-		$field['password'] = md5($newpassword);
-		$internalKey = $modx->db->insert($field, $tbl_web_users);
-
-		$field = compact('internalKey', 'fullname', 'role', 'email', 'phone', 'mobilephone', 'fax', 'zip', 'street', 'city', 'state', 'country', 'gender', 'dob', 'photo', 'comment', 'blocked', 'blockeduntil', 'blockedafter');
-		$field = $modx->db->escape($field);
-		$modx->db->insert($field, $tbl_web_user_attributes);
-
-		// Save User Settings
+    case '87' : // new user
+        // check if this user name already exist
+        $rs = $modx->db->select('count(id)', $tbl_web_users, "username='{$esc_newusername}'");
+        $limit = $modx->db->getValue($rs);
+        if($limit > 0) {
+            webAlertAndQuit("User name is already in use!", 88);
+        }
+
+        // check if the email address already exist
+        if ($modx->config['allow_multiple_emails'] != 1) {
+            $rs = $modx->db->select('count(id)', $tbl_web_user_attributes, "email='{$esc_email}' AND id!='{$id}'");
+            $limit = $modx->db->getValue($rs);
+            if($limit > 0) {
+                webAlertAndQuit("Email is already in use!", 88);
+            }
+        }
+
+        // generate a new password for this user
+        if($specifiedpassword != "" && $passwordgenmethod == "spec") {
+            if(strlen($specifiedpassword) < 6) {
+                webAlertAndQuit("Password is too short!", 88);
+            } else {
+                $newpassword = $specifiedpassword;
+            }
+        } elseif($specifiedpassword == "" && $passwordgenmethod == "spec") {
+            webAlertAndQuit("You didn't specify a password for this user!", 88);
+        } elseif($passwordgenmethod == 'g') {
+            $newpassword = generate_password(8);
+        } else {
+            webAlertAndQuit("No password generation method specified!", 88);
+        }
+
+        // invoke OnBeforeWUsrFormSave event
+        $modx->invokeEvent("OnBeforeWUsrFormSave", array(
+            "mode" => "new",
+        ));
+
+        // create the user account
+        $field = array();
+        $field['username'] = $esc_newusername;
+        $field['password'] = md5($newpassword);
+        $internalKey = $modx->db->insert($field, $tbl_web_users);
+
+        $field = compact('internalKey', 'fullname', 'role', 'email', 'phone', 'mobilephone', 'fax', 'zip', 'street', 'city', 'state', 'country', 'gender', 'dob', 'photo', 'comment', 'blocked', 'blockeduntil', 'blockedafter');
+        $field = $modx->db->escape($field);
+        $modx->db->insert($field, $tbl_web_user_attributes);
+
+        // Save User Settings
         saveWebUserSettings($internalKey);
 
-		// Set the item name for logger
-		$_SESSION['itemname'] = $newusername;
-
-		/*******************************************************************************/
-		// put the user in the user_groups he/ she should be in
-		// first, check that up_perms are switched on!
-		if($use_udperms == 1) {
-			if(!empty($user_groups)) {
-				for($i = 0; $i < count($user_groups); $i++) {
-					$f = array();
-					$f['webgroup'] = (int)$user_groups[$i];
-					$f['webuser'] = $internalKey;
-					$modx->db->insert($f, $tbl_web_groups);
-				}
-			}
-		}
-		// end of user_groups stuff!
+        // Set the item name for logger
+        $_SESSION['itemname'] = $newusername;
+
+        /*******************************************************************************/
+        // put the user in the user_groups he/ she should be in
+        // first, check that up_perms are switched on!
+        if($use_udperms == 1) {
+            if(!empty($user_groups)) {
+                for($i = 0; $i < count($user_groups); $i++) {
+                    $f = array();
+                    $f['webgroup'] = (int)$user_groups[$i];
+                    $f['webuser'] = $internalKey;
+                    $modx->db->insert($f, $tbl_web_groups);
+                }
+            }
+        }
+        // end of user_groups stuff!
 
         // invoke OnWebSaveUser event
         $modx->invokeEvent("OnWebSaveUser", array(
@@ -144,26 +144,26 @@ 
             "id" => $internalKey
         ));
 
-		if($passwordnotifymethod == 'e') {
+        if($passwordnotifymethod == 'e') {
             sendMailMessageForUser($email, $newusername, $newpassword, $fullname, $websignupemail_message, $site_url);
-			if($input['stay'] != '') {
-				$a = ($input['stay'] == '2') ? "88&id={$internalKey}" : "87";
-				$header = "Location: index.php?a={$a}&r=2&stay=" . $input['stay'];
-				header($header);
-			} else {
-				$header = "Location: index.php?a=99&r=2";
-				header($header);
-			}
-		} else {
-			if($input['stay'] != '') {
-				$a = ($input['stay'] == '2') ? "88&id={$internalKey}" : "87";
-				$stayUrl = "index.php?a={$a}&r=2&stay=" . $input['stay'];
-			} else {
-				$stayUrl = "index.php?a=99&r=2";
-			}
-
-			include_once "header.inc.php";
-			?>
+            if($input['stay'] != '') {
+                $a = ($input['stay'] == '2') ? "88&id={$internalKey}" : "87";
+                $header = "Location: index.php?a={$a}&r=2&stay=" . $input['stay'];
+                header($header);
+            } else {
+                $header = "Location: index.php?a=99&r=2";
+                header($header);
+            }
+        } else {
+            if($input['stay'] != '') {
+                $a = ($input['stay'] == '2') ? "88&id={$internalKey}" : "87";
+                $stayUrl = "index.php?a={$a}&r=2&stay=" . $input['stay'];
+            } else {
+                $stayUrl = "index.php?a=99&r=2";
+            }
+
+            include_once "header.inc.php";
+            ?>
 
 			<h1><?php echo $_lang['web_user_title']; ?></h1>
 
@@ -185,86 +185,86 @@ 
 			</div>
 			<?php
 
-			include_once "footer.inc.php";
-		}
-		break;
-	case '88' : // edit user
-		// generate a new password for this user
-		if($genpassword == 1) {
-			if($specifiedpassword != "" && $passwordgenmethod == "spec") {
-				if(strlen($specifiedpassword) < 6) {
-					webAlertAndQuit("Password is too short!", 88);
-				} else {
-					$newpassword = $specifiedpassword;
-				}
-			} elseif($specifiedpassword == "" && $passwordgenmethod == "spec") {
-				webAlertAndQuit("You didn't specify a password for this user!", 88);
-			} elseif($passwordgenmethod == 'g') {
-				$newpassword = generate_password(8);
-			} else {
-				webAlertAndQuit("No password generation method specified!", 88);
-			}
-		}
-		if($passwordnotifymethod == 'e') {
+            include_once "footer.inc.php";
+        }
+        break;
+    case '88' : // edit user
+        // generate a new password for this user
+        if($genpassword == 1) {
+            if($specifiedpassword != "" && $passwordgenmethod == "spec") {
+                if(strlen($specifiedpassword) < 6) {
+                    webAlertAndQuit("Password is too short!", 88);
+                } else {
+                    $newpassword = $specifiedpassword;
+                }
+            } elseif($specifiedpassword == "" && $passwordgenmethod == "spec") {
+                webAlertAndQuit("You didn't specify a password for this user!", 88);
+            } elseif($passwordgenmethod == 'g') {
+                $newpassword = generate_password(8);
+            } else {
+                webAlertAndQuit("No password generation method specified!", 88);
+            }
+        }
+        if($passwordnotifymethod == 'e') {
             sendMailMessageForUser($email, $newusername, $newpassword, $fullname, $websignupemail_message, $site_url);
-		}
-
-		// check if the username already exist
-		$rs = $modx->db->select('count(id)', $tbl_web_users, "username='{$esc_newusername}' AND id!='{$id}'");
-		$limit = $modx->db->getValue($rs);
-		if($limit > 0) {
-			webAlertAndQuit("User name is already in use!", 88);
-		}
-
-		// check if the email address already exists
-		if ($modx->config['allow_multiple_emails'] != 1) {
-			$rs = $modx->db->select('count(internalKey)', $tbl_web_user_attributes, "email='{$esc_email}' AND internalKey!='{$id}'");
-			$limit = $modx->db->getValue($rs);
-			if($limit > 0) {
-				webAlertAndQuit("Email is already in use!", 88);
-			}
-		}
-
-		// invoke OnBeforeWUsrFormSave event
-		$modx->invokeEvent("OnBeforeWUsrFormSave", array(
-			"mode" => "upd",
-			"id" => $id
-		));
-
-		// update user name and password
-		$field = array();
-		$field['username'] = $esc_newusername;
-		if($genpassword == 1) {
-			$field['password'] = md5($newpassword);
-		}
-		$modx->db->update($field, $tbl_web_users, "id='{$id}'");
-		$field = compact('fullname', 'role', 'email', 'phone', 'mobilephone', 'fax', 'zip', 'street', 'city', 'state', 'country', 'gender', 'dob', 'photo', 'comment', 'failedlogincount', 'blocked', 'blockeduntil', 'blockedafter');
-		$field = $modx->db->escape($field);
-		$modx->db->update($field, $tbl_web_user_attributes, "internalKey='{$id}'");
-
-		// Save User Settings
+        }
+
+        // check if the username already exist
+        $rs = $modx->db->select('count(id)', $tbl_web_users, "username='{$esc_newusername}' AND id!='{$id}'");
+        $limit = $modx->db->getValue($rs);
+        if($limit > 0) {
+            webAlertAndQuit("User name is already in use!", 88);
+        }
+
+        // check if the email address already exists
+        if ($modx->config['allow_multiple_emails'] != 1) {
+            $rs = $modx->db->select('count(internalKey)', $tbl_web_user_attributes, "email='{$esc_email}' AND internalKey!='{$id}'");
+            $limit = $modx->db->getValue($rs);
+            if($limit > 0) {
+                webAlertAndQuit("Email is already in use!", 88);
+            }
+        }
+
+        // invoke OnBeforeWUsrFormSave event
+        $modx->invokeEvent("OnBeforeWUsrFormSave", array(
+            "mode" => "upd",
+            "id" => $id
+        ));
+
+        // update user name and password
+        $field = array();
+        $field['username'] = $esc_newusername;
+        if($genpassword == 1) {
+            $field['password'] = md5($newpassword);
+        }
+        $modx->db->update($field, $tbl_web_users, "id='{$id}'");
+        $field = compact('fullname', 'role', 'email', 'phone', 'mobilephone', 'fax', 'zip', 'street', 'city', 'state', 'country', 'gender', 'dob', 'photo', 'comment', 'failedlogincount', 'blocked', 'blockeduntil', 'blockedafter');
+        $field = $modx->db->escape($field);
+        $modx->db->update($field, $tbl_web_user_attributes, "internalKey='{$id}'");
+
+        // Save User Settings
         saveWebUserSettings($id);
 
-		// Set the item name for logger
-		$_SESSION['itemname'] = $newusername;
-
-		/*******************************************************************************/
-		// put the user in the user_groups he/ she should be in
-		// first, check that up_perms are switched on!
-		if($use_udperms == 1) {
-			// as this is an existing user, delete his/ her entries in the groups before saving the new groups
-			$modx->db->delete($tbl_web_groups, "webuser='{$id}'");
-			if(!empty($user_groups)) {
-				for($i = 0; $i < count($user_groups); $i++) {
-					$field = array();
-					$field['webgroup'] = (int)$user_groups[$i];
-					$field['webuser'] = $id;
-					$modx->db->insert($field, $tbl_web_groups);
-				}
-			}
-		}
-		// end of user_groups stuff!
-		/*******************************************************************************/
+        // Set the item name for logger
+        $_SESSION['itemname'] = $newusername;
+
+        /*******************************************************************************/
+        // put the user in the user_groups he/ she should be in
+        // first, check that up_perms are switched on!
+        if($use_udperms == 1) {
+            // as this is an existing user, delete his/ her entries in the groups before saving the new groups
+            $modx->db->delete($tbl_web_groups, "webuser='{$id}'");
+            if(!empty($user_groups)) {
+                for($i = 0; $i < count($user_groups); $i++) {
+                    $field = array();
+                    $field['webgroup'] = (int)$user_groups[$i];
+                    $field['webuser'] = $id;
+                    $modx->db->insert($field, $tbl_web_groups);
+                }
+            }
+        }
+        // end of user_groups stuff!
+        /*******************************************************************************/
 
         // invoke OnWebSaveUser event
         $modx->invokeEvent("OnWebSaveUser", array(
@@ -293,16 +293,16 @@ 
             "id" => $id
         ));
 
-		if($genpassword == 1 && $passwordnotifymethod == 's') {
-			if($input['stay'] != '') {
-				$a = ($input['stay'] == '2') ? "88&id={$id}" : "87";
-				$stayUrl = "index.php?a={$a}&r=2&stay=" . $input['stay'];
-			} else {
-				$stayUrl = "index.php?a=99&r=2";
-			}
+        if($genpassword == 1 && $passwordnotifymethod == 's') {
+            if($input['stay'] != '') {
+                $a = ($input['stay'] == '2') ? "88&id={$id}" : "87";
+                $stayUrl = "index.php?a={$a}&r=2&stay=" . $input['stay'];
+            } else {
+                $stayUrl = "index.php?a=99&r=2";
+            }
 
-			include_once "header.inc.php";
-			?>
+            include_once "header.inc.php";
+            ?>
 
 			<h1><?php echo $_lang['web_user_title']; ?></h1>
 
@@ -322,18 +322,18 @@ 
 			</div>
 			<?php
 
-			include_once "footer.inc.php";
-		} else {
-			if($input['stay'] != '') {
-				$a = ($input['stay'] == '2') ? "88&id={$id}" : "87";
-				$header = "Location: index.php?a={$a}&r=2&stay=" . $input['stay'];
-				header($header);
-			} else {
-				$header = "Location: index.php?a=99&r=2";
-				header($header);
-			}
-		}
-		break;
-	default :
-		webAlertAndQuit("No operation set in request.", 88);
+            include_once "footer.inc.php";
+        } else {
+            if($input['stay'] != '') {
+                $a = ($input['stay'] == '2') ? "88&id={$id}" : "87";
+                $header = "Location: index.php?a={$a}&r=2&stay=" . $input['stay'];
+                header($header);
+            } else {
+                $header = "Location: index.php?a=99&r=2";
+                header($header);
+            }
+        }
+        break;
+    default :
+        webAlertAndQuit("No operation set in request.", 88);
 }

manager/actions/mutate_content.dynamic.php

Indentation +371 added lines, -371 removed lines

@@ -1,6 +1,6 @@ 
 <?php
 if( ! defined('IN_MANAGER_MODE') || IN_MANAGER_MODE !== true) {
-	die("<b>INCLUDE_ORDERING_ERROR</b><br /><br />Please use the EVO Content Manager instead of accessing this file directly.");
+    die("<b>INCLUDE_ORDERING_ERROR</b><br /><br />Please use the EVO Content Manager instead of accessing this file directly.");
 }
 
 /********************/
@@ -12,29 +12,29 @@ 
 
 // check permissions
 switch($modx->manager->action) {
-	case 27:
-		if(!$modx->hasPermission('edit_document')) {
-			$modx->webAlertAndQuit($_lang["error_no_privileges"]);
-		}
-		break;
-	case 85:
-	case 72:
-	case 4:
-		if(!$modx->hasPermission('new_document')) {
-			$modx->webAlertAndQuit($_lang["error_no_privileges"]);
-		} elseif(isset($_REQUEST['pid']) && $_REQUEST['pid'] != '0') {
-			// check user has permissions for parent
-			$udperms = new EvolutionCMS\Legacy\Permissions();
-			$udperms->user = $modx->getLoginUserID();
-			$udperms->document = empty($_REQUEST['pid']) ? 0 : $_REQUEST['pid'];
-			$udperms->role = $_SESSION['mgrRole'];
-			if(!$udperms->checkPermissions()) {
-				$modx->webAlertAndQuit($_lang["access_permission_denied"]);
-			}
-		}
-		break;
-	default:
-		$modx->webAlertAndQuit($_lang["error_no_privileges"]);
+    case 27:
+        if(!$modx->hasPermission('edit_document')) {
+            $modx->webAlertAndQuit($_lang["error_no_privileges"]);
+        }
+        break;
+    case 85:
+    case 72:
+    case 4:
+        if(!$modx->hasPermission('new_document')) {
+            $modx->webAlertAndQuit($_lang["error_no_privileges"]);
+        } elseif(isset($_REQUEST['pid']) && $_REQUEST['pid'] != '0') {
+            // check user has permissions for parent
+            $udperms = new EvolutionCMS\Legacy\Permissions();
+            $udperms->user = $modx->getLoginUserID();
+            $udperms->document = empty($_REQUEST['pid']) ? 0 : $_REQUEST['pid'];
+            $udperms->role = $_SESSION['mgrRole'];
+            if(!$udperms->checkPermissions()) {
+                $modx->webAlertAndQuit($_lang["access_permission_denied"]);
+            }
+        }
+        break;
+    default:
+        $modx->webAlertAndQuit($_lang["error_no_privileges"]);
 }
 
 $id = isset($_REQUEST['id']) ? (int)$_REQUEST['id'] : 0;
@@ -53,21 +53,21 @@ 
 $tbl_site_tmplvars = $modx->getFullTableName('site_tmplvars');
 
 if($modx->manager->action == 27) {
-	//editing an existing document
-	// check permissions on the document
-	$udperms = new EvolutionCMS\Legacy\Permissions();
-	$udperms->user = $modx->getLoginUserID();
-	$udperms->document = $id;
-	$udperms->role = $_SESSION['mgrRole'];
-
-	if(!$udperms->checkPermissions()) {
-		$modx->webAlertAndQuit($_lang["access_permission_denied"]);
-	}
+    //editing an existing document
+    // check permissions on the document
+    $udperms = new EvolutionCMS\Legacy\Permissions();
+    $udperms->user = $modx->getLoginUserID();
+    $udperms->document = $id;
+    $udperms->role = $_SESSION['mgrRole'];
+
+    if(!$udperms->checkPermissions()) {
+        $modx->webAlertAndQuit($_lang["access_permission_denied"]);
+    }
 }
 
 // check to see if resource isn't locked
 if($lockedEl = $modx->elementIsLocked(7, $id)) {
-	$modx->webAlertAndQuit(sprintf($_lang['lock_msg'], $lockedEl['username'], $_lang['resource']));
+    $modx->webAlertAndQuit(sprintf($_lang['lock_msg'], $lockedEl['username'], $_lang['resource']));
 }
 // end check for lock
 
@@ -76,74 +76,74 @@ 
 
 // get document groups for current user
 if($_SESSION['mgrDocgroups']) {
-	$docgrp = implode(',', $_SESSION['mgrDocgroups']);
+    $docgrp = implode(',', $_SESSION['mgrDocgroups']);
 }
 
 if(!empty ($id)) {
-	$access = sprintf("1='%s' OR sc.privatemgr=0", $_SESSION['mgrRole']);
-	if($docgrp) {
-		$access .= " OR dg.document_group IN ({$docgrp})";
-	}
-	$rs = $modx->db->select('sc.*', "{$tbl_site_content} AS sc LEFT JOIN {$tbl_document_groups} AS dg ON dg.document=sc.id", "sc.id='{$id}' AND ({$access})");
-	$content = array();
-	$content = $modx->db->getRow($rs);
-	$modx->documentObject = &$content;
-	if(!$content) {
-		$modx->webAlertAndQuit($_lang["access_permission_denied"]);
-	}
-	$_SESSION['itemname'] = $content['pagetitle'];
+    $access = sprintf("1='%s' OR sc.privatemgr=0", $_SESSION['mgrRole']);
+    if($docgrp) {
+        $access .= " OR dg.document_group IN ({$docgrp})";
+    }
+    $rs = $modx->db->select('sc.*', "{$tbl_site_content} AS sc LEFT JOIN {$tbl_document_groups} AS dg ON dg.document=sc.id", "sc.id='{$id}' AND ({$access})");
+    $content = array();
+    $content = $modx->db->getRow($rs);
+    $modx->documentObject = &$content;
+    if(!$content) {
+        $modx->webAlertAndQuit($_lang["access_permission_denied"]);
+    }
+    $_SESSION['itemname'] = $content['pagetitle'];
 } else {
-	$content = array();
+    $content = array();
 
-	if(isset($_REQUEST['newtemplate'])) {
-		$content['template'] = $_REQUEST['newtemplate'];
-	} else {
-		$content['template'] = getDefaultTemplate();
-	}
+    if(isset($_REQUEST['newtemplate'])) {
+        $content['template'] = $_REQUEST['newtemplate'];
+    } else {
+        $content['template'] = getDefaultTemplate();
+    }
 
-	$_SESSION['itemname'] = $_lang["new_resource"];
+    $_SESSION['itemname'] = $_lang["new_resource"];
 }
 
 // restore saved form
 $formRestored = $modx->manager->loadFormValues();
 if(isset($_REQUEST['newtemplate'])) {
-	$formRestored = true;
+    $formRestored = true;
 }
 
 // retain form values if template was changed
 // edited to convert pub_date and unpub_date
 // sottwell 02-09-2006
 if($formRestored == true) {
-	$content = array_merge($content, $_POST);
-	$content['content'] = $_POST['ta'];
-	if(empty ($content['pub_date'])) {
-		unset ($content['pub_date']);
-	} else {
-		$content['pub_date'] = $modx->toTimeStamp($content['pub_date']);
-	}
-	if(empty ($content['unpub_date'])) {
-		unset ($content['unpub_date']);
-	} else {
-		$content['unpub_date'] = $modx->toTimeStamp($content['unpub_date']);
-	}
+    $content = array_merge($content, $_POST);
+    $content['content'] = $_POST['ta'];
+    if(empty ($content['pub_date'])) {
+        unset ($content['pub_date']);
+    } else {
+        $content['pub_date'] = $modx->toTimeStamp($content['pub_date']);
+    }
+    if(empty ($content['unpub_date'])) {
+        unset ($content['unpub_date']);
+    } else {
+        $content['unpub_date'] = $modx->toTimeStamp($content['unpub_date']);
+    }
 }
 
 // increase menu index if this is a new document
 if(!isset ($_REQUEST['id'])) {
-	if(!isset ($modx->config['auto_menuindex'])) {
-		$modx->config['auto_menuindex'] = 1;
-	}
-	if($modx->config['auto_menuindex']) {
-		$pid = (int)$_REQUEST['pid'];
-		$rs = $modx->db->select('count(*)', $tbl_site_content, "parent='{$pid}'");
-		$content['menuindex'] = $modx->db->getValue($rs);
-	} else {
-		$content['menuindex'] = 0;
-	}
+    if(!isset ($modx->config['auto_menuindex'])) {
+        $modx->config['auto_menuindex'] = 1;
+    }
+    if($modx->config['auto_menuindex']) {
+        $pid = (int)$_REQUEST['pid'];
+        $rs = $modx->db->select('count(*)', $tbl_site_content, "parent='{$pid}'");
+        $content['menuindex'] = $modx->db->getValue($rs);
+    } else {
+        $content['menuindex'] = 0;
+    }
 }
 
 if(isset ($_POST['which_editor'])) {
-	$modx->config['which_editor'] = $_POST['which_editor'];
+    $modx->config['which_editor'] = $_POST['which_editor'];
 }
 
 // Add lock-element JS-Script
@@ -543,23 +543,23 @@ 
 
 	<form name="mutate" id="mutate" class="content" method="post" enctype="multipart/form-data" action="index.php" onsubmit="documentDirty=false;">
 		<?php
-		// invoke OnDocFormPrerender event
-		$evtOut = $modx->invokeEvent('OnDocFormPrerender', array(
-			'id' => $id,
-			'template' => $content['template']
-		));
-
-		if(is_array($evtOut)) {
-			echo implode('', $evtOut);
-		}
-
-		/*************************/
-		$dir = isset($_REQUEST['dir']) ? $_REQUEST['dir'] : '';
-		$sort = isset($_REQUEST['sort']) ? $_REQUEST['sort'] : 'createdon';
-		$page = isset($_REQUEST['page']) ? (int) $_REQUEST['page'] : '';
-		/*************************/
-
-		?>
+        // invoke OnDocFormPrerender event
+        $evtOut = $modx->invokeEvent('OnDocFormPrerender', array(
+            'id' => $id,
+            'template' => $content['template']
+        ));
+
+        if(is_array($evtOut)) {
+            echo implode('', $evtOut);
+        }
+
+        /*************************/
+        $dir = isset($_REQUEST['dir']) ? $_REQUEST['dir'] : '';
+        $sort = isset($_REQUEST['sort']) ? $_REQUEST['sort'] : 'createdon';
+        $page = isset($_REQUEST['page']) ? (int) $_REQUEST['page'] : '';
+        /*************************/
+
+        ?>
 		<input type="hidden" name="a" value="5" />
 		<input type="hidden" name="id" value="<?= $content['id'] ?>" />
 		<input type="hidden" name="mode" value="<?= $modx->manager->action ?>" />
@@ -574,54 +574,54 @@ 
 
 			<h1>
 				<i class="fa fa-pencil-square-o"></i><?php if(isset($_REQUEST['id'])) {
-					echo iconv_substr($content['pagetitle'], 0, 50, $modx->config['modx_charset']) . (iconv_strlen($content['pagetitle'], $modx->config['modx_charset']) > 50 ? '...' : '') . '<small>(' . $_REQUEST['id'] . ')</small>';
-				} else {
-				    if ($modx->manager->action == '4') {
+                    echo iconv_substr($content['pagetitle'], 0, 50, $modx->config['modx_charset']) . (iconv_strlen($content['pagetitle'], $modx->config['modx_charset']) > 50 ? '...' : '') . '<small>(' . $_REQUEST['id'] . ')</small>';
+                } else {
+                    if ($modx->manager->action == '4') {
                         echo $_lang['add_resource'];
                     } else if ($modx->manager->action == '72') {
                         echo $_lang['add_weblink'];
                     } else {
                         echo $_lang['create_resource_title'];
                     }
-				} ?>
+                } ?>
 			</h1>
 
 			<?= $_style['actionbuttons']['dynamic']['document'] ?>
 
 			<?php
-			// breadcrumbs
-			if($modx->config['use_breadcrumbs']) {
-				$temp = array();
-				$title = isset($content['pagetitle']) ? $content['pagetitle'] : $_lang['create_resource_title'];
-
-				if(isset($_REQUEST['id']) && $content['parent'] != 0) {
-					$bID = (int) $_REQUEST['id'];
-					$temp = $modx->getParentIds($bID);
-				} else if(isset($_REQUEST['pid'])) {
-					$bID = (int) $_REQUEST['pid'];
-					$temp = $modx->getParentIds($bID);
-					array_unshift($temp, $bID);
-				}
-
-				if($temp) {
-					$parents = implode(',', $temp);
-
-					if(!empty($parents)) {
-						$where = "FIND_IN_SET(id,'{$parents}') DESC";
-						$rs = $modx->db->select('id, pagetitle', $tbl_site_content, "id IN ({$parents})", $where);
-						while($row = $modx->db->getRow($rs)) {
-							$out .= '<li class="breadcrumbs__li">
+            // breadcrumbs
+            if($modx->config['use_breadcrumbs']) {
+                $temp = array();
+                $title = isset($content['pagetitle']) ? $content['pagetitle'] : $_lang['create_resource_title'];
+
+                if(isset($_REQUEST['id']) && $content['parent'] != 0) {
+                    $bID = (int) $_REQUEST['id'];
+                    $temp = $modx->getParentIds($bID);
+                } else if(isset($_REQUEST['pid'])) {
+                    $bID = (int) $_REQUEST['pid'];
+                    $temp = $modx->getParentIds($bID);
+                    array_unshift($temp, $bID);
+                }
+
+                if($temp) {
+                    $parents = implode(',', $temp);
+
+                    if(!empty($parents)) {
+                        $where = "FIND_IN_SET(id,'{$parents}') DESC";
+                        $rs = $modx->db->select('id, pagetitle', $tbl_site_content, "id IN ({$parents})", $where);
+                        while($row = $modx->db->getRow($rs)) {
+                            $out .= '<li class="breadcrumbs__li">
                                 <a href="index.php?a=27&id=' . $row['id'] . '" class="breadcrumbs__a">' . htmlspecialchars($row['pagetitle'], ENT_QUOTES, $modx->config['modx_charset']) . '</a>
                                 <span class="breadcrumbs__sep">&gt;</span>
                             </li>';
-						}
-					}
-				}
+                        }
+                    }
+                }
 
-				$out .= '<li class="breadcrumbs__li breadcrumbs__li_current">' . $title . '</li>';
-				echo '<ul class="breadcrumbs">' . $out . '</ul>';
-			}
-			?>
+                $out .= '<li class="breadcrumbs__li breadcrumbs__li_current">' . $title . '</li>';
+                echo '<ul class="breadcrumbs">' . $out . '</ul>';
+            }
+            ?>
 
 			<!-- start main wrapper -->
 			<div class="sectionBody">
@@ -633,13 +633,13 @@ 
 
 					<!-- General -->
 					<?php
-					$evtOut = $modx->invokeEvent('OnDocFormTemplateRender', array(
-						'id' => $id
-					));
-					if(is_array($evtOut)) {
-						echo implode('', $evtOut);
-					} else {
-						?>
+                    $evtOut = $modx->invokeEvent('OnDocFormTemplateRender', array(
+                        'id' => $id
+                    ));
+                    if(is_array($evtOut)) {
+                        echo implode('', $evtOut);
+                    } else {
+                        ?>
 						<div class="tab-page" id="tabGeneral">
 							<h2 class="tab"><?= $_lang['settings_general'] ?></h2>
 							<script type="text/javascript">tpSettings.addTabPage(document.getElementById("tabGeneral"));</script>
@@ -724,36 +724,36 @@ 
 										<select id="template" name="template" class="inputBox" onchange="templateWarning();">
 											<option value="0">(blank)</option>
 											<?php
-											$field = "t.templatename, t.selectable, t.id, c.category";
-											$from = "{$tbl_site_templates} AS t LEFT JOIN {$tbl_categories} AS c ON t.category = c.id";
-											$rs = $modx->db->select($field, $from, '', 'c.category, t.templatename ASC');
-											$currentCategory = '';
-											while($row = $modx->db->getRow($rs)) {
-												if($row['selectable'] != 1 && $row['id'] != $content['template']) {
-													continue;
-												};
-												// Skip if not selectable but show if selected!
-												$thisCategory = $row['category'];
-												if($thisCategory == null) {
-													$thisCategory = $_lang["no_category"];
-												}
-												if($thisCategory != $currentCategory) {
-													if($closeOptGroup) {
-														echo "\t\t\t\t\t</optgroup>\n";
-													}
-													echo "\t\t\t\t\t<optgroup label=\"$thisCategory\">\n";
-													$closeOptGroup = true;
-												}
+                                            $field = "t.templatename, t.selectable, t.id, c.category";
+                                            $from = "{$tbl_site_templates} AS t LEFT JOIN {$tbl_categories} AS c ON t.category = c.id";
+                                            $rs = $modx->db->select($field, $from, '', 'c.category, t.templatename ASC');
+                                            $currentCategory = '';
+                                            while($row = $modx->db->getRow($rs)) {
+                                                if($row['selectable'] != 1 && $row['id'] != $content['template']) {
+                                                    continue;
+                                                };
+                                                // Skip if not selectable but show if selected!
+                                                $thisCategory = $row['category'];
+                                                if($thisCategory == null) {
+                                                    $thisCategory = $_lang["no_category"];
+                                                }
+                                                if($thisCategory != $currentCategory) {
+                                                    if($closeOptGroup) {
+                                                        echo "\t\t\t\t\t</optgroup>\n";
+                                                    }
+                                                    echo "\t\t\t\t\t<optgroup label=\"$thisCategory\">\n";
+                                                    $closeOptGroup = true;
+                                                }
 
-												$selectedtext = ($row['id'] == $content['template']) ? ' selected="selected"' : '';
+                                                $selectedtext = ($row['id'] == $content['template']) ? ' selected="selected"' : '';
 
-												echo "\t\t\t\t\t" . '<option value="' . $row['id'] . '"' . $selectedtext . '>' . $row['templatename'] . "</option>\n";
-												$currentCategory = $thisCategory;
-											}
-											if($thisCategory != '') {
-												echo "\t\t\t\t\t</optgroup>\n";
-											}
-											?>
+                                                echo "\t\t\t\t\t" . '<option value="' . $row['id'] . '"' . $selectedtext . '>' . $row['templatename'] . "</option>\n";
+                                                $currentCategory = $thisCategory;
+                                            }
+                                            if($thisCategory != '') {
+                                                echo "\t\t\t\t\t</optgroup>\n";
+                                            }
+                                            ?>
 										</select>
 									</td>
 								</tr>
@@ -793,37 +793,37 @@ 
 									</td>
 									<td valign="top">
 										<?php
-										$parentlookup = false;
-										if(isset ($_REQUEST['id'])) {
-											if($content['parent'] == 0) {
-												$parentname = $site_name;
-											} else {
-												$parentlookup = $content['parent'];
-											}
-										} elseif(isset ($_REQUEST['pid'])) {
-											if($_REQUEST['pid'] == 0) {
-												$parentname = $site_name;
-											} else {
-												$parentlookup = $_REQUEST['pid'];
-											}
-										} elseif(isset($_POST['parent'])) {
-											if($_POST['parent'] == 0) {
-												$parentname = $site_name;
-											} else {
-												$parentlookup = $_POST['parent'];
-											}
-										} else {
-											$parentname = $site_name;
-											$content['parent'] = 0;
-										}
-										if($parentlookup !== false && is_numeric($parentlookup)) {
-											$rs = $modx->db->select('pagetitle', $tbl_site_content, "id='{$parentlookup}'");
-											$parentname = $modx->db->getValue($rs);
-											if(!$parentname) {
-												$modx->webAlertAndQuit($_lang["error_no_parent"]);
-											}
-										}
-										?>
+                                        $parentlookup = false;
+                                        if(isset ($_REQUEST['id'])) {
+                                            if($content['parent'] == 0) {
+                                                $parentname = $site_name;
+                                            } else {
+                                                $parentlookup = $content['parent'];
+                                            }
+                                        } elseif(isset ($_REQUEST['pid'])) {
+                                            if($_REQUEST['pid'] == 0) {
+                                                $parentname = $site_name;
+                                            } else {
+                                                $parentlookup = $_REQUEST['pid'];
+                                            }
+                                        } elseif(isset($_POST['parent'])) {
+                                            if($_POST['parent'] == 0) {
+                                                $parentname = $site_name;
+                                            } else {
+                                                $parentlookup = $_POST['parent'];
+                                            }
+                                        } else {
+                                            $parentname = $site_name;
+                                            $content['parent'] = 0;
+                                        }
+                                        if($parentlookup !== false && is_numeric($parentlookup)) {
+                                            $rs = $modx->db->select('pagetitle', $tbl_site_content, "id='{$parentlookup}'");
+                                            $parentname = $modx->db->getValue($rs);
+                                            if(!$parentname) {
+                                                $modx->webAlertAndQuit($_lang["error_no_parent"]);
+                                            }
+                                        }
+                                        ?>
 										<i id="plock" class="<?= $_style["actions_folder"] ?>" onclick="enableParentSelection(!allowParentSelection);"></i>
 										<b><span id="parentName"><?= (isset($_REQUEST['pid']) ? $_REQUEST['pid'] : $content['parent']) ?> (<?= $parentname ?>)</span></b>
 										<input type="hidden" name="parent" value="<?= (isset($_REQUEST['pid']) ? $_REQUEST['pid'] : $content['parent']) ?>" onchange="documentDirty=true;" />
@@ -831,7 +831,7 @@ 
 								</tr>
 								<tr></tr>
 								<?php
-								/*
+                                /*
 								if($content['type'] == 'reference' || $modx->manager->action == '72') {
 									?>
 									<tr>
@@ -859,7 +859,7 @@ 
 									</tr>
 									<?php
 								}*/
-								?>
+                                ?>
 
 								<?php if($content['type'] == 'document' || $modx->manager->action == '4') { ?>
 									<tr>
@@ -872,36 +872,36 @@ 
 													<select id="which_editor" class="form-control form-control-sm" size="1" name="which_editor" onchange="changeRTE();">
 													<option value="none"><?= $_lang['none'] ?></option>
 														<?php
-														// invoke OnRichTextEditorRegister event
-														$evtOut = $modx->invokeEvent("OnRichTextEditorRegister");
-														if(is_array($evtOut)) {
-															for($i = 0; $i < count($evtOut); $i++) {
-																$editor = $evtOut[$i];
-																echo "\t\t\t", '<option value="', $editor, '"', ($modx->config['which_editor'] == $editor ? ' selected="selected"' : ''), '>', $editor, "</option>\n";
-															}
-														}
-														?>
+                                                        // invoke OnRichTextEditorRegister event
+                                                        $evtOut = $modx->invokeEvent("OnRichTextEditorRegister");
+                                                        if(is_array($evtOut)) {
+                                                            for($i = 0; $i < count($evtOut); $i++) {
+                                                                $editor = $evtOut[$i];
+                                                                echo "\t\t\t", '<option value="', $editor, '"', ($modx->config['which_editor'] == $editor ? ' selected="selected"' : ''), '>', $editor, "</option>\n";
+                                                            }
+                                                        }
+                                                        ?>
 													</select>
 												</label>
 											</div>
 											<div id="content_body">
 												<?php
-												if(($content['richtext'] == 1 || $modx->manager->action == '4') && $use_editor == 1) {
-													$htmlContent = $content['content'];
-													?>
+                                                if(($content['richtext'] == 1 || $modx->manager->action == '4') && $use_editor == 1) {
+                                                    $htmlContent = $content['content'];
+                                                    ?>
 													<div class="section-editor clearfix">
 														<textarea id="ta" name="ta" onchange="documentDirty=true;"><?= $modx->htmlspecialchars($htmlContent) ?></textarea>
 													</div>
 													<?php
-													// Richtext-[*content*]
-													$richtexteditorIds = array();
-													$richtexteditorOptions = array();
-													$richtexteditorIds[$modx->config['which_editor']][] = 'ta';
-													$richtexteditorOptions[$modx->config['which_editor']]['ta'] = '';
-												} else {
-													echo "\t" . '<div><textarea class="phptextarea" id="ta" name="ta" rows="20" wrap="soft" onchange="documentDirty=true;">', $modx->htmlspecialchars($content['content']), '</textarea></div>' . "\n";
-												}
-												?>
+                                                    // Richtext-[*content*]
+                                                    $richtexteditorIds = array();
+                                                    $richtexteditorOptions = array();
+                                                    $richtexteditorIds[$modx->config['which_editor']][] = 'ta';
+                                                    $richtexteditorOptions[$modx->config['which_editor']]['ta'] = '';
+                                                } else {
+                                                    echo "\t" . '<div><textarea class="phptextarea" id="ta" name="ta" rows="20" wrap="soft" onchange="documentDirty=true;">', $modx->htmlspecialchars($content['content']), '</textarea></div>' . "\n";
+                                                }
+                                                ?>
 											</div>
 										</td>
 									</tr>
@@ -1207,8 +1207,8 @@ 
 
 								<?php
 
-								if($_SESSION['mgrRole'] == 1 || $modx->manager->action != '27' || $_SESSION['mgrInternalKey'] == $content['createdby'] || $modx->hasPermission('change_resourcetype')) {
-									?>
+                                if($_SESSION['mgrRole'] == 1 || $modx->manager->action != '27' || $_SESSION['mgrInternalKey'] == $content['createdby'] || $modx->hasPermission('change_resourcetype')) {
+                                    ?>
 									<tr>
 										<td>
 											<span class="warning"><?= $_lang['resource_type'] ?></span>
@@ -1230,15 +1230,15 @@ 
 										<td>
 											<select name="contentType" class="inputBox" onchange="documentDirty=true;">
 												<?php
-												if(!$content['contentType']) {
-													$content['contentType'] = 'text/html';
-												}
-												$custom_contenttype = (isset ($custom_contenttype) ? $custom_contenttype : "text/html,text/plain,text/xml");
-												$ct = explode(",", $custom_contenttype);
-												for($i = 0; $i < count($ct); $i++) {
-													echo "\t\t\t\t\t" . '<option value="' . $ct[$i] . '"' . ($content['contentType'] == $ct[$i] ? ' selected="selected"' : '') . '>' . $ct[$i] . "</option>\n";
-												}
-												?>
+                                                if(!$content['contentType']) {
+                                                    $content['contentType'] = 'text/html';
+                                                }
+                                                $custom_contenttype = (isset ($custom_contenttype) ? $custom_contenttype : "text/html,text/plain,text/xml");
+                                                $ct = explode(",", $custom_contenttype);
+                                                for($i = 0; $i < count($ct); $i++) {
+                                                    echo "\t\t\t\t\t" . '<option value="' . $ct[$i] . '"' . ($content['contentType'] == $ct[$i] ? ' selected="selected"' : '') . '>' . $ct[$i] . "</option>\n";
+                                                }
+                                                ?>
 											</select>
 										</td>
 									</tr>
@@ -1261,23 +1261,23 @@ 
 										</td>
 									</tr>
 									<?php
-								} else {
-									if($content['type'] != 'reference' && $modx->manager->action != '72') {
-										// non-admin managers creating or editing a document resource
-										?>
+                                } else {
+                                    if($content['type'] != 'reference' && $modx->manager->action != '72') {
+                                        // non-admin managers creating or editing a document resource
+                                        ?>
 										<input type="hidden" name="contentType" value="<?= (isset($content['contentType']) ? $content['contentType'] : "text/html") ?>" />
 										<input type="hidden" name="type" value="document" />
 										<input type="hidden" name="content_dispo" value="<?= (isset($content['content_dispo']) ? $content['content_dispo'] : '0') ?>" />
 										<?php
-									} else {
-										// non-admin managers creating or editing a reference (weblink) resource
-										?>
+                                    } else {
+                                        // non-admin managers creating or editing a reference (weblink) resource
+                                        ?>
 										<input type="hidden" name="type" value="reference" />
 										<input type="hidden" name="contentType" value="text/html" />
 										<?php
-									}
-								}//if mgrRole
-								?>
+                                    }
+                                }//if mgrRole
+                                ?>
 
 								<tr>
 									<td>
@@ -1360,112 +1360,112 @@ 
                     ?>
 
 						<?php
-					/*******************************
+                    /*******************************
 					 * Document Access Permissions */
-					if($use_udperms == 1) {
-						$groupsarray = array();
-						$sql = '';
-
-						$documentId = ($modx->manager->action == '27' ? $id : (!empty($_REQUEST['pid']) ? $_REQUEST['pid'] : $content['parent']));
-						if($documentId > 0) {
-							// Load up, the permissions from the parent (if new document) or existing document
-							$rs = $modx->db->select('id, document_group', $tbl_document_groups, "document='{$documentId}'");
-							while($currentgroup = $modx->db->getRow($rs)) $groupsarray[] = $currentgroup['document_group'] . ',' . $currentgroup['id'];
-
-							// Load up the current permissions and names
-							$vs = array(
-								$tbl_document_group_names,
-								$tbl_document_groups,
-								$documentId
-							);
-							$from = vsprintf("%s AS dgn LEFT JOIN %s AS groups ON groups.document_group=dgn.id AND groups.document='%s'", $vs);
-							$rs = $modx->db->select('dgn.*, groups.id AS link_id', $from, '', 'name');
-						} else {
-							// Just load up the names, we're starting clean
-							$rs = $modx->db->select('*, NULL AS link_id', $tbl_document_group_names, '', 'name');
-						}
-
-						// retain selected doc groups between post
-						if(isset($_POST['docgroups'])) {
-							$groupsarray = array_merge($groupsarray, $_POST['docgroups']);
-						}
+                    if($use_udperms == 1) {
+                        $groupsarray = array();
+                        $sql = '';
+
+                        $documentId = ($modx->manager->action == '27' ? $id : (!empty($_REQUEST['pid']) ? $_REQUEST['pid'] : $content['parent']));
+                        if($documentId > 0) {
+                            // Load up, the permissions from the parent (if new document) or existing document
+                            $rs = $modx->db->select('id, document_group', $tbl_document_groups, "document='{$documentId}'");
+                            while($currentgroup = $modx->db->getRow($rs)) $groupsarray[] = $currentgroup['document_group'] . ',' . $currentgroup['id'];
+
+                            // Load up the current permissions and names
+                            $vs = array(
+                                $tbl_document_group_names,
+                                $tbl_document_groups,
+                                $documentId
+                            );
+                            $from = vsprintf("%s AS dgn LEFT JOIN %s AS groups ON groups.document_group=dgn.id AND groups.document='%s'", $vs);
+                            $rs = $modx->db->select('dgn.*, groups.id AS link_id', $from, '', 'name');
+                        } else {
+                            // Just load up the names, we're starting clean
+                            $rs = $modx->db->select('*, NULL AS link_id', $tbl_document_group_names, '', 'name');
+                        }
+
+                        // retain selected doc groups between post
+                        if(isset($_POST['docgroups'])) {
+                            $groupsarray = array_merge($groupsarray, $_POST['docgroups']);
+                        }
+
+                        $isManager = $modx->hasPermission('access_permissions');
+                        $isWeb = $modx->hasPermission('web_access_permissions');
+
+                        // Setup Basic attributes for each Input box
+                        $inputAttributes = array(
+                            'type' => 'checkbox',
+                            'class' => 'checkbox',
+                            'name' => 'docgroups[]',
+                            'onclick' => 'makePublic(false);',
+                        );
+                        $permissions = array(); // New Permissions array list (this contains the HTML)
+                        $permissions_yes = 0; // count permissions the current mgr user has
+                        $permissions_no = 0; // count permissions the current mgr user doesn't have
+
+                        // Loop through the permissions list
+                        while($row = $modx->db->getRow($rs)) {
+
+                            // Create an inputValue pair (group ID and group link (if it exists))
+                            $inputValue = $row['id'] . ',' . ($row['link_id'] ? $row['link_id'] : 'new');
+                            $inputId = 'group-' . $row['id'];
+
+                            $checked = in_array($inputValue, $groupsarray);
+                            if($checked) {
+                                $notPublic = true;
+                            } // Mark as private access (either web or manager)
+
+                            // Skip the access permission if the user doesn't have access...
+                            if((!$isManager && $row['private_memgroup'] == '1') || (!$isWeb && $row['private_webgroup'] == '1')) {
+                                continue;
+                            }
 
-						$isManager = $modx->hasPermission('access_permissions');
-						$isWeb = $modx->hasPermission('web_access_permissions');
-
-						// Setup Basic attributes for each Input box
-						$inputAttributes = array(
-							'type' => 'checkbox',
-							'class' => 'checkbox',
-							'name' => 'docgroups[]',
-							'onclick' => 'makePublic(false);',
-						);
-						$permissions = array(); // New Permissions array list (this contains the HTML)
-						$permissions_yes = 0; // count permissions the current mgr user has
-						$permissions_no = 0; // count permissions the current mgr user doesn't have
-
-						// Loop through the permissions list
-						while($row = $modx->db->getRow($rs)) {
-
-							// Create an inputValue pair (group ID and group link (if it exists))
-							$inputValue = $row['id'] . ',' . ($row['link_id'] ? $row['link_id'] : 'new');
-							$inputId = 'group-' . $row['id'];
-
-							$checked = in_array($inputValue, $groupsarray);
-							if($checked) {
-								$notPublic = true;
-							} // Mark as private access (either web or manager)
-
-							// Skip the access permission if the user doesn't have access...
-							if((!$isManager && $row['private_memgroup'] == '1') || (!$isWeb && $row['private_webgroup'] == '1')) {
-								continue;
-							}
-
-							// Setup attributes for this Input box
-							$inputAttributes['id'] = $inputId;
-							$inputAttributes['value'] = $inputValue;
-							if($checked) {
-								$inputAttributes['checked'] = 'checked';
-							} else {
-								unset($inputAttributes['checked']);
-							}
-
-							// Create attribute string list
-							$inputString = array();
-							foreach($inputAttributes as $k => $v) $inputString[] = $k . '="' . $v . '"';
-
-							// Make the <input> HTML
-							$inputHTML = '<input ' . implode(' ', $inputString) . ' />';
-
-							// does user have this permission?
-							$from = "{$tbl_membergroup_access} AS mga, {$tbl_member_groups} AS mg";
-							$vs = array(
-								$row['id'],
-								$_SESSION['mgrInternalKey']
-							);
-							$where = vsprintf("mga.membergroup=mg.user_group AND mga.documentgroup=%s AND mg.member=%s", $vs);
-							$rsp = $modx->db->select('COUNT(mg.id)', $from, $where);
-							$count = $modx->db->getValue($rsp);
-							if($count > 0) {
-								++$permissions_yes;
-							} else {
-								++$permissions_no;
-							}
-							$permissions[] = "\t\t" . '<li>' . $inputHTML . '<label for="' . $inputId . '">' . $row['name'] . '</label></li>';
-						}
-						// if mgr user doesn't have access to any of the displayable permissions, forget about them and make doc public
-						if($_SESSION['mgrRole'] != 1 && ($permissions_yes == 0 && $permissions_no > 0)) {
-							$permissions = array();
-						}
+                            // Setup attributes for this Input box
+                            $inputAttributes['id'] = $inputId;
+                            $inputAttributes['value'] = $inputValue;
+                            if($checked) {
+                                $inputAttributes['checked'] = 'checked';
+                            } else {
+                                unset($inputAttributes['checked']);
+                            }
 
-						// See if the Access Permissions section is worth displaying...
-						if(!empty($permissions)) {
-							// Add the "All Document Groups" item if we have rights in both contexts
-							if($isManager && $isWeb) {
-								array_unshift($permissions, "\t\t" . '<li><input type="checkbox" class="checkbox" name="chkalldocs" id="groupall"' . (!$notPublic ? ' checked="checked"' : '') . ' onclick="makePublic(true);" /><label for="groupall" class="warning">' . $_lang['all_doc_groups'] . '</label></li>');
-							}
-							// Output the permissions list...
-							?>
+                            // Create attribute string list
+                            $inputString = array();
+                            foreach($inputAttributes as $k => $v) $inputString[] = $k . '="' . $v . '"';
+
+                            // Make the <input> HTML
+                            $inputHTML = '<input ' . implode(' ', $inputString) . ' />';
+
+                            // does user have this permission?
+                            $from = "{$tbl_membergroup_access} AS mga, {$tbl_member_groups} AS mg";
+                            $vs = array(
+                                $row['id'],
+                                $_SESSION['mgrInternalKey']
+                            );
+                            $where = vsprintf("mga.membergroup=mg.user_group AND mga.documentgroup=%s AND mg.member=%s", $vs);
+                            $rsp = $modx->db->select('COUNT(mg.id)', $from, $where);
+                            $count = $modx->db->getValue($rsp);
+                            if($count > 0) {
+                                ++$permissions_yes;
+                            } else {
+                                ++$permissions_no;
+                            }
+                            $permissions[] = "\t\t" . '<li>' . $inputHTML . '<label for="' . $inputId . '">' . $row['name'] . '</label></li>';
+                        }
+                        // if mgr user doesn't have access to any of the displayable permissions, forget about them and make doc public
+                        if($_SESSION['mgrRole'] != 1 && ($permissions_yes == 0 && $permissions_no > 0)) {
+                            $permissions = array();
+                        }
+
+                        // See if the Access Permissions section is worth displaying...
+                        if(!empty($permissions)) {
+                            // Add the "All Document Groups" item if we have rights in both contexts
+                            if($isManager && $isWeb) {
+                                array_unshift($permissions, "\t\t" . '<li><input type="checkbox" class="checkbox" name="chkalldocs" id="groupall"' . (!$notPublic ? ' checked="checked"' : '') . ' onclick="makePublic(true);" /><label for="groupall" class="warning">' . $_lang['all_doc_groups'] . '</label></li>');
+                            }
+                            // Output the permissions list...
+                            ?>
 							<!-- Access Permissions -->
 							<div class="tab-page" id="tabAccess">
 								<h2 class="tab" id="tab_access_header"><?= $_lang['access_permissions'] ?></h2>
@@ -1499,31 +1499,31 @@ 
 								</ul>
 							</div><!--div class="tab-page" id="tabAccess"-->
 							<?php
-						} // !empty($permissions)
-						elseif($_SESSION['mgrRole'] != 1 && ($permissions_yes == 0 && $permissions_no > 0) && ($_SESSION['mgrPermissions']['access_permissions'] == 1 || $_SESSION['mgrPermissions']['web_access_permissions'] == 1)) {
-							?>
+                        } // !empty($permissions)
+                        elseif($_SESSION['mgrRole'] != 1 && ($permissions_yes == 0 && $permissions_no > 0) && ($_SESSION['mgrPermissions']['access_permissions'] == 1 || $_SESSION['mgrPermissions']['web_access_permissions'] == 1)) {
+                            ?>
 							<p><?= $_lang["access_permissions_docs_collision"] ?></p>
 							<?php
 
-						}
-					}
-					/* End Document Access Permissions *
+                        }
+                    }
+                    /* End Document Access Permissions *
 					 ***********************************/
-					?>
+                    ?>
 
 					<input type="submit" name="save" style="display:none" />
 					<?php
 
-					// invoke OnDocFormRender event
-					$evtOut = $modx->invokeEvent('OnDocFormRender', array(
-						'id' => $id,
-						'template' => $content['template']
-					));
+                    // invoke OnDocFormRender event
+                    $evtOut = $modx->invokeEvent('OnDocFormRender', array(
+                        'id' => $id,
+                        'template' => $content['template']
+                    ));
 
-					if(is_array($evtOut)) {
-						echo implode('', $evtOut);
-					}
-					?>
+                    if(is_array($evtOut)) {
+                        echo implode('', $evtOut);
+                    }
+                    ?>
 				</div><!--div class="tab-pane" id="documentPane"-->
 			</div><!--div class="sectionBody"-->
 		</fieldset>
@@ -1534,17 +1534,17 @@ 
 	</script>
 <?php
 if(($content['richtext'] == 1 || $modx->manager->action == '4' || $modx->manager->action == '72') && $use_editor == 1) {
-	if(is_array($richtexteditorIds)) {
-		foreach($richtexteditorIds as $editor => $elements) {
-			// invoke OnRichTextEditorInit event
-			$evtOut = $modx->invokeEvent('OnRichTextEditorInit', array(
-				'editor' => $editor,
-				'elements' => $elements,
-				'options' => $richtexteditorOptions[$editor]
-			));
-			if(is_array($evtOut)) {
-				echo implode('', $evtOut);
-			}
-		}
-	}
+    if(is_array($richtexteditorIds)) {
+        foreach($richtexteditorIds as $editor => $elements) {
+            // invoke OnRichTextEditorInit event
+            $evtOut = $modx->invokeEvent('OnRichTextEditorInit', array(
+                'editor' => $editor,
+                'elements' => $elements,
+                'options' => $richtexteditorOptions[$editor]
+            ));
+            if(is_array($evtOut)) {
+                echo implode('', $evtOut);
+            }
+        }
+    }
 }

manager/actions/mutate_module.dynamic.php

Indentation +89 added lines, -89 removed lines

@@ -1,20 +1,20 @@ 
 <?php

 if( ! defined('IN_MANAGER_MODE') || IN_MANAGER_MODE !== true) {

-	die("<b>INCLUDE_ORDERING_ERROR</b><br /><br />Please use the EVO Content Manager instead of accessing this file directly.");

+    die("<b>INCLUDE_ORDERING_ERROR</b><br /><br />Please use the EVO Content Manager instead of accessing this file directly.");

 }

 switch($modx->manager->action) {

-	case 107:

-		if(!$modx->hasPermission('new_module')) {

-			$modx->webAlertAndQuit($_lang["error_no_privileges"]);

-		}

-		break;

-	case 108:

-		if(!$modx->hasPermission('edit_module')) {

-			$modx->webAlertAndQuit($_lang["error_no_privileges"]);

-		}

-		break;

-	default:

-		$modx->webAlertAndQuit($_lang["error_no_privileges"]);

+    case 107:

+        if(!$modx->hasPermission('new_module')) {

+            $modx->webAlertAndQuit($_lang["error_no_privileges"]);

+        }

+        break;

+    case 108:

+        if(!$modx->hasPermission('edit_module')) {

+            $modx->webAlertAndQuit($_lang["error_no_privileges"]);

+        }

+        break;

+    default:

+        $modx->webAlertAndQuit($_lang["error_no_privileges"]);

 }

 $id = isset($_REQUEST['id']) ? (int)$_REQUEST['id'] : 0;

 // Get table names (alphabetical)

@@ -32,7 +32,7 @@ 
 

 // check to see the module editor isn't locked

 if($lockedEl = $modx->elementIsLocked(6, $id)) {

-	$modx->webAlertAndQuit(sprintf($_lang['lock_msg'], $lockedEl['username'], $_lang['module']));

+    $modx->webAlertAndQuit(sprintf($_lang['lock_msg'], $lockedEl['username'], $_lang['module']));

 }

 // end check for lock

 

@@ -40,22 +40,22 @@ 
 $modx->lockElement(6, $id);

 

 if(isset($_GET['id'])) {

-	$rs = $modx->db->select('*', $tbl_site_modules, "id='{$id}'");

-	$content = $modx->db->getRow($rs);

-	if(!$content) {

-		$modx->webAlertAndQuit("Module not found for id '{$id}'.");

-	}

-	$content['properties'] = str_replace("&", "&amp;", $content['properties']);

-	$_SESSION['itemname'] = $content['name'];

-	if($content['locked'] == 1 && $_SESSION['mgrRole'] != 1) {

-		$modx->webAlertAndQuit($_lang["error_no_privileges"]);

-	}

+    $rs = $modx->db->select('*', $tbl_site_modules, "id='{$id}'");

+    $content = $modx->db->getRow($rs);

+    if(!$content) {

+        $modx->webAlertAndQuit("Module not found for id '{$id}'.");

+    }

+    $content['properties'] = str_replace("&", "&amp;", $content['properties']);

+    $_SESSION['itemname'] = $content['name'];

+    if($content['locked'] == 1 && $_SESSION['mgrRole'] != 1) {

+        $modx->webAlertAndQuit($_lang["error_no_privileges"]);

+    }

 } else {

-	$_SESSION['itemname'] = $_lang["new_module"];

-	$content['wrap'] = '1';

+    $_SESSION['itemname'] = $_lang["new_module"];

+    $content['wrap'] = '1';

 }

 if($modx->manager->hasFormValues()) {

-	$modx->manager->loadFormValues();

+    $modx->manager->loadFormValues();

 }

 

 // Add lock-element JS-Script

@@ -426,18 +426,18 @@ 
 

 <form name="mutate" id="mutate" class="module" method="post" action="index.php?a=109">

 	<?php

-	// invoke OnModFormPrerender event

-	$evtOut = $modx->invokeEvent('OnModFormPrerender', array('id' => $id));

-	if(is_array($evtOut)) {

-		echo implode('', $evtOut);

-	}

-

-	// Prepare internal params & info-tab via parseDocBlock

-	$modulecode = isset($content['modulecode']) ? $modx->db->escape($content['modulecode']) : '';

-	$docBlock = $modx->parseDocBlockFromString($modulecode);

-	$docBlockList = $modx->convertDocBlockIntoList($docBlock);

-	$internal = array();

-	?>

+    // invoke OnModFormPrerender event

+    $evtOut = $modx->invokeEvent('OnModFormPrerender', array('id' => $id));

+    if(is_array($evtOut)) {

+        echo implode('', $evtOut);

+    }

+

+    // Prepare internal params & info-tab via parseDocBlock

+    $modulecode = isset($content['modulecode']) ? $modx->db->escape($content['modulecode']) : '';

+    $docBlock = $modx->parseDocBlockFromString($modulecode);

+    $docBlockList = $modx->convertDocBlockIntoList($docBlock);

+    $internal = array();

+    ?>

 	<input type="hidden" name="id" value="<?= $content['id'] ?>">

 	<input type="hidden" name="mode" value="<?= $modx->manager->action ?>">

 

@@ -490,11 +490,11 @@ 
 							<select name="categoryid" class="form-control" onchange="documentDirty=true;">

 								<option>&nbsp;</option>

 								<?php

-								include_once(MODX_MANAGER_PATH . 'includes/categories.inc.php');

-								foreach(getCategories() as $n => $v) {

-									echo "\t\t\t" . '<option value="' . $v['id'] . '"' . ($content['category'] == $v['id'] ? ' selected="selected"' : '') . '>' . $modx->htmlspecialchars($v['category']) . "</option>\n";

-								}

-								?>

+                                include_once(MODX_MANAGER_PATH . 'includes/categories.inc.php');

+                                foreach(getCategories() as $n => $v) {

+                                    echo "\t\t\t" . '<option value="' . $v['id'] . '"' . ($content['category'] == $v['id'] ? ' selected="selected"' : '') . '>' . $modx->htmlspecialchars($v['category']) . "</option>\n";

+                                }

+                                ?>

 							</select>

 						</div>

 					</div>

@@ -601,7 +601,7 @@ 
 							<i class="<?= $_style["actions_save"] ?>"></i> <?= $_lang['manage_depends'] ?></a>

 					</div>

 					<?php

-					$ds = $modx->db->select("smd.id, COALESCE(ss.name,st.templatename,sv.name,sc.name,sp.name,sd.pagetitle) AS name, 

+                    $ds = $modx->db->select("smd.id, COALESCE(ss.name,st.templatename,sv.name,sc.name,sp.name,sd.pagetitle) AS name, 

 					CASE smd.type

 						WHEN 10 THEN 'Chunk'

 						WHEN 20 THEN 'Document'

@@ -617,17 +617,17 @@ 
 						LEFT JOIN {$tbl_site_templates} AS st ON st.id = smd.resource AND smd.type = 50

 						LEFT JOIN {$tbl_site_tmplvars} AS sv ON sv.id = smd.resource AND smd.type = 60", "smd.module='{$id}'", 'smd.type,name');

 

-					include_once MODX_MANAGER_PATH . "includes/controls/datagrid.class.php";

-					$grd = new DataGrid('', $ds, 0); // set page size to 0 t show all items

-					$grd->noRecordMsg = $_lang['no_records_found'];

-					$grd->cssClass = 'grid';

-					$grd->columnHeaderClass = 'gridHeader';

-					$grd->itemClass = 'gridItem';

-					$grd->altItemClass = 'gridAltItem';

-					$grd->columns = $_lang['element_name'] . " ," . $_lang['type'];

-					$grd->fields = "name,type";

-					echo $grd->render();

-					?>

+                    include_once MODX_MANAGER_PATH . "includes/controls/datagrid.class.php";

+                    $grd = new DataGrid('', $ds, 0); // set page size to 0 t show all items

+                    $grd->noRecordMsg = $_lang['no_records_found'];

+                    $grd->cssClass = 'grid';

+                    $grd->columnHeaderClass = 'gridHeader';

+                    $grd->itemClass = 'gridItem';

+                    $grd->altItemClass = 'gridAltItem';

+                    $grd->columns = $_lang['element_name'] . " ," . $_lang['type'];

+                    $grd->fields = "name,type";

+                    echo $grd->render();

+                    ?>

 				</div>

 			</div>

 		<?php endif; ?>

@@ -639,12 +639,12 @@ 
 			<div class="container container-body">

 				<?php if($use_udperms == 1) : ?>

 					<?php

-					// fetch user access permissions for the module

-					$rs = $modx->db->select('usergroup', $tbl_site_module_access, "module='{$id}'");

-					$groupsarray = $modx->db->getColumn('usergroup', $rs);

+                    // fetch user access permissions for the module

+                    $rs = $modx->db->select('usergroup', $tbl_site_module_access, "module='{$id}'");

+                    $groupsarray = $modx->db->getColumn('usergroup', $rs);

 

-					if($modx->hasPermission('access_permissions')) {

-						?>

+                    if($modx->hasPermission('access_permissions')) {

+                        ?>

 						<!-- User Group Access Permissions -->

 						<script type="text/javascript">

 							function makePublic(b) {

@@ -668,28 +668,28 @@ 
 						</script>

 						<p><?= $_lang['module_group_access_msg'] ?></p>

 						<?php

-					}

-					$chk = '';

-					$rs = $modx->db->select('name, id', $tbl_membergroup_names, '', 'name');

-					while($row = $modx->db->getRow($rs)) {

-						$groupsarray = is_numeric($id) && $id > 0 ? $groupsarray : array();

-						$checked = in_array($row['id'], $groupsarray);

-						if($modx->hasPermission('access_permissions')) {

-							if($checked) {

-								$notPublic = true;

-							}

-							$chks .= '<label><input type="checkbox" name="usrgroups[]" value="' . $row['id'] . '"' . ($checked ? ' checked="checked"' : '') . ' onclick="makePublic(false)" /> ' . $row['name'] . "</label><br />\n";

-						} else {

-							if($checked) {

-								$chks = '<input type="hidden" name="usrgroups[]"  value="' . $row['id'] . '" />' . "\n" . $chks;

-							}

-						}

-					}

-					if($modx->hasPermission('access_permissions')) {

-						$chks = '<label><input type="checkbox" name="chkallgroups"' . (!$notPublic ? ' checked="checked"' : '') . ' onclick="makePublic(true)" /><span class="warning"> ' . $_lang['all_usr_groups'] . '</span></label><br />' . "\n" . $chks;

-					}

-					echo $chks;

-					?>

+                    }

+                    $chk = '';

+                    $rs = $modx->db->select('name, id', $tbl_membergroup_names, '', 'name');

+                    while($row = $modx->db->getRow($rs)) {

+                        $groupsarray = is_numeric($id) && $id > 0 ? $groupsarray : array();

+                        $checked = in_array($row['id'], $groupsarray);

+                        if($modx->hasPermission('access_permissions')) {

+                            if($checked) {

+                                $notPublic = true;

+                            }

+                            $chks .= '<label><input type="checkbox" name="usrgroups[]" value="' . $row['id'] . '"' . ($checked ? ' checked="checked"' : '') . ' onclick="makePublic(false)" /> ' . $row['name'] . "</label><br />\n";

+                        } else {

+                            if($checked) {

+                                $chks = '<input type="hidden" name="usrgroups[]"  value="' . $row['id'] . '" />' . "\n" . $chks;

+                            }

+                        }

+                    }

+                    if($modx->hasPermission('access_permissions')) {

+                        $chks = '<label><input type="checkbox" name="chkallgroups"' . (!$notPublic ? ' checked="checked"' : '') . ' onclick="makePublic(true)" /><span class="warning"> ' . $_lang['all_usr_groups'] . '</span></label><br />' . "\n" . $chks;

+                    }

+                    echo $chks;

+                    ?>

 				<?php endif; ?>

 			</div>

 		</div>

@@ -705,11 +705,11 @@ 
 

 		<input type="submit" name="save" style="display:none;">

 		<?php

-		// invoke OnModFormRender event

-		$evtOut = $modx->invokeEvent('OnModFormRender', array('id' => $id));

-		if(is_array($evtOut)) {

-			echo implode('', $evtOut);

-		}

-		?>

+        // invoke OnModFormRender event

+        $evtOut = $modx->invokeEvent('OnModFormRender', array('id' => $id));

+        if(is_array($evtOut)) {

+            echo implode('', $evtOut);

+        }

+        ?>

 </form>

 <script type="text/javascript">setTimeout('showParameters();', 10);</script>

manager/actions/help/01About_EVO.php

Indentation +9 added lines, -9 removed lines

@@ -4,18 +4,18 @@
 }
 $logo= '<img src="media/style/default/images/misc/login-logo.png" height="54" width="358" border="0">';
 $downloadLinks = array(
-	0=>array('title'=>$_lang["information"],'link'=>'https://evo.im/'),
-	1=>array('title'=>$_lang["download"],'link'=>'https://github.com/evolution-cms/evolution/releases'),
-	2=>array('title'=>$_lang["previous_releases"],'link'=>'https://modx.com/download/evolution/previous-releases.html'),
-	3=>array('title'=>$_lang["extras"],'link'=>array(
-		'http://extras.evolution-cms.com/',
-		'https://github.com/extras-evolution'
-	)),
+    0=>array('title'=>$_lang["information"],'link'=>'https://evo.im/'),
+    1=>array('title'=>$_lang["download"],'link'=>'https://github.com/evolution-cms/evolution/releases'),
+    2=>array('title'=>$_lang["previous_releases"],'link'=>'https://modx.com/download/evolution/previous-releases.html'),
+    3=>array('title'=>$_lang["extras"],'link'=>array(
+        'http://extras.evolution-cms.com/',
+        'https://github.com/extras-evolution'
+    )),
 );
 
 $translationLinks = array(
-	0=>array('title'=>'Evolution CMS','link'=>'https://www.transifex.com/evolutioncms/evolution/'),
-	1=>array('title'=>$_lang["extras"],'link'=>'https://www.transifex.com/evolutioncms/extras/'),
+    0=>array('title'=>'Evolution CMS','link'=>'https://www.transifex.com/evolutioncms/evolution/'),
+    1=>array('title'=>$_lang["extras"],'link'=>'https://www.transifex.com/evolutioncms/extras/'),
 );
 
 

manager/actions/mutate_settings.dynamic.php

Indentation +18 added lines, -18 removed lines

@@ -1,15 +1,15 @@ 
 <?php

 if( ! defined('IN_MANAGER_MODE') || IN_MANAGER_MODE !== true) {

-	die("<b>INCLUDE_ORDERING_ERROR</b><br />Please use the EVO Content Manager instead of accessing this file directly.");

+    die("<b>INCLUDE_ORDERING_ERROR</b><br />Please use the EVO Content Manager instead of accessing this file directly.");

 }

 if(!$modx->hasPermission('settings')) {

-	$modx->webAlertAndQuit($_lang['error_no_privileges']);

+    $modx->webAlertAndQuit($_lang['error_no_privileges']);

 }

 

 // check to see the edit settings page isn't locked

 $rs = $modx->db->select('username', $modx->getFullTableName('active_users'), "action=17 AND internalKey!='" . $modx->getLoginUserID() . "'");

 if($username = $modx->db->getValue($rs)) {

-	$modx->webAlertAndQuit(sprintf($_lang['lock_settings_msg'], $username));

+    $modx->webAlertAndQuit(sprintf($_lang['lock_settings_msg'], $username));

 }

 // end check for lock

 

@@ -19,7 +19,7 @@ 
 include_once(MODX_MANAGER_PATH . 'includes/default_config.php');

 $rs = $modx->db->select('setting_name, setting_value', '[+prefix+]system_settings');

 while($row = $modx->db->getRow($rs)) {

-	$settings[$row['setting_name']] = $row['setting_value'];

+    $settings[$row['setting_name']] = $row['setting_value'];

 }

 $settings['filemanager_path'] = preg_replace('@^' . preg_quote(MODX_BASE_PATH) . '@', '[(base_path)]', $settings['filemanager_path']);

 $settings['rb_base_dir'] = preg_replace('@^' . preg_quote(MODX_BASE_PATH) . '@', '[(base_path)]', $settings['rb_base_dir']);

@@ -30,11 +30,11 @@ 
 $lang_keys = array();

 $dir = dir('includes/lang');

 while($file = $dir->read()) {

-	if(strpos($file, '.inc.php') > 0) {

-		$endpos = strpos($file, '.');

-		$languagename = substr($file, 0, $endpos);

-		$lang_keys[$languagename] = get_lang_keys($file);

-	}

+    if(strpos($file, '.inc.php') > 0) {

+        $endpos = strpos($file, '.');

+        $languagename = substr($file, 0, $endpos);

+        $lang_keys[$languagename] = get_lang_keys($file);

+    }

 }

 $dir->close();

 $displayStyle = ($_SESSION['browser'] === 'modern') ? 'table-row' : 'block';

@@ -76,14 +76,14 @@ 
 				</script>

 

 				<?php

-				include_once(MODX_MANAGER_PATH . 'actions/mutate_settings/tab1_site_settings.inc.php');

-				include_once(MODX_MANAGER_PATH . 'actions/mutate_settings/tab2_furl_settings.inc.php');

-				include_once(MODX_MANAGER_PATH . 'actions/mutate_settings/tab3_user_settings.inc.php');

-				include_once(MODX_MANAGER_PATH . 'actions/mutate_settings/tab4_manager_settings.inc.php');

-				include_once(MODX_MANAGER_PATH . 'actions/mutate_settings/tab5_security_settings.inc.php');

-				include_once(MODX_MANAGER_PATH . 'actions/mutate_settings/tab6_filemanager_settings.inc.php');

-				include_once(MODX_MANAGER_PATH . 'actions/mutate_settings/tab7_filebrowser_settings.inc.php');

-				?>

+                include_once(MODX_MANAGER_PATH . 'actions/mutate_settings/tab1_site_settings.inc.php');

+                include_once(MODX_MANAGER_PATH . 'actions/mutate_settings/tab2_furl_settings.inc.php');

+                include_once(MODX_MANAGER_PATH . 'actions/mutate_settings/tab3_user_settings.inc.php');

+                include_once(MODX_MANAGER_PATH . 'actions/mutate_settings/tab4_manager_settings.inc.php');

+                include_once(MODX_MANAGER_PATH . 'actions/mutate_settings/tab5_security_settings.inc.php');

+                include_once(MODX_MANAGER_PATH . 'actions/mutate_settings/tab6_filemanager_settings.inc.php');

+                include_once(MODX_MANAGER_PATH . 'actions/mutate_settings/tab7_filebrowser_settings.inc.php');

+                ?>

 			</div>

 		</div>

 	</form>

@@ -130,5 +130,5 @@ 
 	</script>

 <?php

 if(is_numeric($_GET['tab'])) {

-	echo '<script type="text/javascript">tpSettings.setSelectedIndex( ' . $_GET['tab'] . ' );</script>';

+    echo '<script type="text/javascript">tpSettings.setSelectedIndex( ' . $_GET['tab'] . ' );</script>';

 }