evolution-cms / evolution

manager/includes/document.parser.class.inc.php

Doc Comments +25 added lines, -25 removed lines

@@ -277,7 +277,7 @@ 
      * MODX_MANAGER_PATH."includes/extenders/ex_{$extname}.inc.php"
      * $extname - extension name in lowercase
      *
-     * @param $extname
+     * @param string $extname
      * @param bool $reload
      * @return bool
      */
@@ -320,7 +320,7 @@ 
      * @param int $count_attempts
      * @param string $type $type
      * @param string $responseCode
-     * @return bool|null
+     * @return false|null
      * @global string $base_url
      * @global string $site_url
      */
@@ -1021,7 +1021,7 @@ 
     }
 
     /**
-     * @param $contents
+     * @param string $contents
      * @return mixed
      */
     public function RecoveryEscapedTags($contents)
@@ -1045,7 +1045,7 @@ 
     }
 
     /**
-     * @param $tstart
+     * @param double $tstart
      * @return array
      */
     public function getTimerStats($tstart)
@@ -1797,7 +1797,7 @@ 
 
     /**
      * Remove Comment-Tags from output like <!--@- Comment -@-->
-     * @param $content
+     * @param string $content
      * @param string $left
      * @param string $right
      * @return mixed
@@ -1970,7 +1970,7 @@ 
     /**
      * Run snippets as per the tags in $documentSource and replace the tags with the returned values.
      *
-     * @param $content
+     * @param string $content
      * @return string
      * @internal param string $documentSource
      */
@@ -3002,7 +3002,7 @@ 
 
     /**
      * @param $templateID
-     * @return mixed
+     * @return string
      */
     public function _getTemplateCodeFromDB($templateID)
     {
@@ -3043,9 +3043,9 @@ 
     }
 
     /**
-     * @param $id
+     * @param integer $id
      * @param int $top
-     * @return mixed
+     * @return string
      */
     public function getUltimateParentId($id, $top = 0)
     {
@@ -3376,7 +3376,7 @@ 
      *
      * @param int $type Types: 1=template, 2=tv, 3=chunk, 4=snippet, 5=plugin, 6=module, 7=resource, 8=role
      * @param int $id Element- / Resource-id
-     * @return bool
+     * @return false|null
      */
     public function lockElement($type, $id)
     {
@@ -3398,7 +3398,7 @@ 
      * @param int $type Types: 1=template, 2=tv, 3=chunk, 4=snippet, 5=plugin, 6=module, 7=resource, 8=role
      * @param int $id Element- / Resource-id
      * @param bool $includeAllUsers true = Deletes not only own user-locks
-     * @return bool
+     * @return false|null
      */
     public function unlockElement($type, $id, $includeAllUsers = false)
     {
@@ -3506,7 +3506,7 @@ 
      * @param array $params
      * @param string $msg
      * @param array $files
-     * @return mixed
+     * @return boolean
      */
     public function sendmail($params = array(), $msg = '', $files = array())
     {
@@ -3910,7 +3910,7 @@ 
      *                     Default: 1
      * @param string $fields List of fields
      *                       Default: id, pagetitle, description, alias
-     * @return boolean|array
+     * @return string
      */
     public function getPageInfo($pageid = -1, $active = 1, $fields = 'id, pagetitle, description, alias')
     {
@@ -4002,7 +4002,7 @@ 
      *
      * @param string $type
      * @param bool $report
-     * @return bool
+     * @return boolean|null
      */
     public function clearCache($type = '', $report = false)
     {
@@ -4369,7 +4369,7 @@ 
      * - Placeholders prefix. Default: '{'.
      * @param string $suffix {string}
      * - Placeholders suffix. Default: '}'.
-     * @return bool|mixed|string {string; false} - Parsed chunk or false if $chunkArr is not array.
+     * @return false|string {string; false} - Parsed chunk or false if $chunkArr is not array.
      * - Parsed chunk or false if $chunkArr is not array.
      */
     public function parseChunk($chunkName, $chunkArr, $prefix = '{', $suffix = '}')
@@ -5345,7 +5345,7 @@ 
      * Remove event listener - only for use within the current execution cycle
      *
      * @param string $evtName
-     * @return boolean
+     * @return false|null
      */
     public function removeEventListener($evtName)
     {
@@ -5369,7 +5369,7 @@ 
      *
      * @param string $evtName
      * @param array $extParams Parameters available to plugins. Each array key will be the PHP variable name, and the array value will be the variable value.
-     * @return boolean|array
+     * @return false|null
      */
     public function invokeEvent($evtName, $extParams = array())
     {
@@ -5968,7 +5968,7 @@ 
 
     /**
      * @param string $str
-     * @return bool|mixed|string
+     * @return string
      */
     public function atBindFileContent($str = '')
     {
@@ -6019,8 +6019,8 @@ 
     }
 
     /**
-     * @param $str
-     * @return bool|string
+     * @param string $str
+     * @return false|string
      */
     public function getExtFromFilename($str)
     {
@@ -6048,7 +6048,7 @@ 
      * @param string $text Error message
      * @param string $file File where the error was detected
      * @param string $line Line number within $file
-     * @return boolean
+     * @return boolean|null
      */
     public function phpError($nr, $text, $file, $line)
     {
@@ -6100,7 +6100,7 @@ 
      * @param string $text
      * @param string $line
      * @param string $output
-     * @return bool
+     * @return null|boolean
      */
     public function messageQuit($msg = 'unspecified error', $query = '', $is_error = true, $nr = '', $file = '', $source = '', $text = '', $line = '', $output = '')
     {
@@ -6522,7 +6522,7 @@ 
 
     /**
      * @param string $str
-     * @return bool|mixed|string
+     * @return string
      */
     public function atBindInclude($str = '')
     {
@@ -6573,7 +6573,7 @@ 
      * @param $str
      * @param int $flags
      * @param string $encode
-     * @return mixed
+     * @return string
      */
     public function htmlspecialchars($str, $flags = ENT_COMPAT, $encode = '')
     {
@@ -6582,7 +6582,7 @@ 
     }
 
     /**
-     * @param $string
+     * @param string $string
      * @param bool $returnData
      * @return bool|mixed
      */

manager/includes/extenders/dbapi.mysql.class.inc.php

Doc Comments +11 added lines

@@ -414,6 +414,9 @@ 
         }
     }
 
+    /**
+     * @param string $table
+     */
     public function save($fields, $table, $where = '')
     {
 
@@ -444,6 +447,7 @@ 
     /**
      * @name:  freeResult
      *
+     * @param mysqli_result $rs
      */
     public function freeResult($rs)
     {
@@ -554,6 +558,7 @@ 
      * @name:  getColumn
      * @desc:  returns an array of the values found on colun $name
      * @param: $dsq - dataset or query string
+     * @param string $name
      */
     public function getColumn($name, $dsq)
     {
@@ -720,6 +725,9 @@ 
         return $result;
     }
 
+    /**
+     * @param string $table_name
+     */
     public function optimize($table_name)
     {
         $rs = $this->query("OPTIMIZE TABLE {$table_name}");
@@ -730,6 +738,9 @@ 
         return $rs;
     }
 
+    /**
+     * @param string $table_name
+     */
     public function truncate($table_name)
     {
         $rs = $this->query("TRUNCATE {$table_name}");

manager/includes/extenders/dbapi.mysqli.class.inc.php

Doc Comments +9 added lines, -9 removed lines

@@ -240,9 +240,9 @@ 
     }
 
     /**
-     * @param string|array $fields
-     * @param string|array $from
-     * @param string|array $where
+     * @param string $fields
+     * @param string $from
+     * @param string $where
      * @param string $orderBy
      * @param string $limit
      * @return bool|mysqli_result
@@ -326,7 +326,7 @@ 
      * @param string $fromtable
      * @param string $where
      * @param string $limit
-     * @return mixed
+     * @return null|integer
      */
     public function insert($fields, $intotable, $fromfields = "*", $fromtable = "", $where = "", $limit = "")
     {
@@ -368,7 +368,7 @@ 
 
     /**
      * @param $fields
-     * @param $table
+     * @param string $table
      * @param string $where
      * @return bool|mixed|mysqli_result
      */
@@ -435,7 +435,7 @@ 
 
     /**
      * @param null|mysqli $conn
-     * @return mixed
+     * @return integer
      */
     public function getInsertId($conn = null)
     {
@@ -513,7 +513,7 @@ 
     }
 
     /**
-     * @param $name
+     * @param string $name
      * @param mysqli_result|string $dsq
      * @return array
      */
@@ -572,7 +572,7 @@ 
 
     /**
      * @param string $table
-     * @return array
+     * @return boolean
      */
     public function getTableMetaData($table)
     {
@@ -619,7 +619,7 @@ 
     }
 
     /**
-     * @param string|mysqli_result $rs
+     * @param string $rs
      * @param bool $index
      * @return array
      */

manager/includes/extenders/deprecated.functions.inc.php

Doc Comments +1 added lines, -1 removed lines

@@ -72,7 +72,7 @@
      * @deprecated
      *
      * @param $rs
-     * @return int|mixed
+     * @return integer
      */
     public function insertId($rs)
     {

manager/includes/extenders/modifiers.class.inc.php

Doc Comments +27 added lines, -1 removed lines

@@ -94,7 +94,7 @@ 
     /**
      * @param string $mode
      * @param string $modifiers
-     * @return bool|string
+     * @return false|string
      */
     public function _getDelim($mode,$modifiers) {
         $c = substr($modifiers,0,1);
@@ -131,6 +131,14 @@ 
             return $opt;
         }
     }
+
+    /**
+     * @param string $mode
+     * @param false|string $delim
+     * @param string $modifiers
+     *
+     * @return string
+     */
     public function _getRemainModifiers($mode,$delim,$modifiers) {
         if($delim) {
             if($mode=='(')
@@ -158,6 +166,9 @@ 
         return substr($string,strpos($string, $delim)+$len);
     }
 
+    /**
+     * @param string $modifiers
+     */
     public function splitEachModifiers($modifiers) {
         $modx = DocumentParser::getInstance();
 
@@ -227,6 +238,10 @@ 
         return $result;
     }
 
+    /**
+     * @param string $key
+     * @param string $value
+     */
     public function parsePhx($key,$value,$modifiers)
     {
         $modx = DocumentParser::getInstance();
@@ -293,6 +308,10 @@ 
         else                  return true;
     }
 
+    /**
+     * @param string $cmd
+     * @param string $opt
+     */
     public function getValueFromPreset($key, $value, $cmd, $opt)
     {
         $modx = DocumentParser::getInstance();
@@ -978,6 +997,9 @@ 
         return $value;
     }
 
+    /**
+     * @param string $cmd
+     */
     public function includeMdfFile($cmd) {
         $modx = DocumentParser::getInstance();
         $key = $this->key;
@@ -1133,6 +1155,10 @@ 
     }
 
     // Sets a placeholder variable which can only be access by Modifiers
+
+    /**
+     * @param string $value
+     */
     public function setModifiersVariable($key, $value) {
         if ($key != 'phx' && $key != 'dummy') $this->placeholders[$key] = $value;
     }

manager/processors/move_document.processor.php

Indentation +65 added lines, -65 removed lines

@@ -3,7 +3,7 @@ 
     die("<b>INCLUDE_ORDERING_ERROR</b><br /><br />Please use the EVO Content Manager instead of accessing this file directly.");
 }
 if(!$modx->hasPermission('edit_document')) {
-	$modx->webAlertAndQuit($_lang["error_no_privileges"]);
+    $modx->webAlertAndQuit($_lang["error_no_privileges"]);
 }
 
 $newParentID = isset($_REQUEST['new_parent']) ? (int)$_REQUEST['new_parent'] : 0;
@@ -25,17 +25,17 @@ 
 // check user has permission to move document to chosen location
 
 if ($use_udperms == 1) {
-	if ($oldparent != $newParentID) {
-		include_once MODX_MANAGER_PATH . "processors/user_documents_permissions.class.php";
-		$udperms = new udperms();
-		$udperms->user = $modx->getLoginUserID();
-		$udperms->document = $newParentID;
-		$udperms->role = $_SESSION['mgrRole'];
-
-		 if (!$udperms->checkPermissions()) {
-			$modx->webAlertAndQuit($_lang["access_permission_parent_denied"]);
-		 }
-	}
+    if ($oldparent != $newParentID) {
+        include_once MODX_MANAGER_PATH . "processors/user_documents_permissions.class.php";
+        $udperms = new udperms();
+        $udperms->user = $modx->getLoginUserID();
+        $udperms->document = $newParentID;
+        $udperms->role = $_SESSION['mgrRole'];
+
+            if (!$udperms->checkPermissions()) {
+            $modx->webAlertAndQuit($_lang["access_permission_parent_denied"]);
+            }
+    }
 }
 
 /**
@@ -43,67 +43,67 @@ 
  * @return array
  */
 function allChildren($currDocID) {
-	$modx = DocumentParser::getInstance();
-	$children= array();
-	$currDocID = $modx->db->escape($currDocID);
-	$rs = $modx->db->select('id', $modx->getFullTableName('site_content'), "parent = '{$currDocID}'");
-	while ($child= $modx->db->getRow($rs)) {
-		$children[]= $child['id'];
-		$children= array_merge($children, allChildren($child['id']));
-	}
-	return $children;
+    $modx = DocumentParser::getInstance();
+    $children= array();
+    $currDocID = $modx->db->escape($currDocID);
+    $rs = $modx->db->select('id', $modx->getFullTableName('site_content'), "parent = '{$currDocID}'");
+    while ($child= $modx->db->getRow($rs)) {
+        $children[]= $child['id'];
+        $children= array_merge($children, allChildren($child['id']));
+    }
+    return $children;
 }
 
 $evtOut = $modx->invokeEvent("onBeforeMoveDocument", array (
-	"id_document" => $documentID,
-	"old_parent" => $oldparent,
-	"new_parent" => $newParentID
+    "id_document" => $documentID,
+    "old_parent" => $oldparent,
+    "new_parent" => $newParentID
 ));
 if (is_array($evtOut) && count($evtOut) > 0){
-	$newParent = array_pop($evtOut);
-	if($newParent == $oldparent) {
-		$modx->webAlertAndQuit($_lang["error_movedocument2"]);
-	}else{
-		$newParentID = $newParent;
-	}
+    $newParent = array_pop($evtOut);
+    if($newParent == $oldparent) {
+        $modx->webAlertAndQuit($_lang["error_movedocument2"]);
+    }else{
+        $newParentID = $newParent;
+    }
 }
 
 $children = allChildren($documentID);
 if (!array_search($newParentID, $children)) {
-	$modx->db->update(array(
-		'isfolder' => 1,
-	), $modx->getFullTableName('site_content'), "id='{$newParentID}'");
-
-	$modx->db->update(array(
-		'parent'   => $newParentID,
-		'editedby' => $modx->getLoginUserID(),
-		'editedon' => time(),
-	), $modx->getFullTableName('site_content'), "id='{$documentID}'");
-
-	// finished moving the document, now check to see if the old_parent should no longer be a folder.
-	$rs = $modx->db->select('COUNT(*)', $modx->getFullTableName('site_content'), "parent='{$oldparent}'");
-	$limit = $modx->db->getValue($rs);
-
-	if(!$limit>0) {
-		$modx->db->update(array(
-			'isfolder' => 0,
-		), $modx->getFullTableName('site_content'), "id='{$oldparent}'");
-	}
-	// Set the item name for logger
-	$pagetitle = $modx->db->getValue($modx->db->select('pagetitle', $modx->getFullTableName('site_content'), "id='{$documentID}'"));
-	$_SESSION['itemname'] = $pagetitle;
-
-	$modx->invokeEvent("onAfterMoveDocument", array (
-		"id_document" => $documentID,
-		"old_parent" => $oldparent,
-		"new_parent" => $newParentID
-	));
-
-	// empty cache & sync site
-	$modx->clearCache('full');
-
-	$header="Location: index.php?a=3&id={$documentID}&r=9";
-	header($header);
+    $modx->db->update(array(
+        'isfolder' => 1,
+    ), $modx->getFullTableName('site_content'), "id='{$newParentID}'");
+
+    $modx->db->update(array(
+        'parent'   => $newParentID,
+        'editedby' => $modx->getLoginUserID(),
+        'editedon' => time(),
+    ), $modx->getFullTableName('site_content'), "id='{$documentID}'");
+
+    // finished moving the document, now check to see if the old_parent should no longer be a folder.
+    $rs = $modx->db->select('COUNT(*)', $modx->getFullTableName('site_content'), "parent='{$oldparent}'");
+    $limit = $modx->db->getValue($rs);
+
+    if(!$limit>0) {
+        $modx->db->update(array(
+            'isfolder' => 0,
+        ), $modx->getFullTableName('site_content'), "id='{$oldparent}'");
+    }
+    // Set the item name for logger
+    $pagetitle = $modx->db->getValue($modx->db->select('pagetitle', $modx->getFullTableName('site_content'), "id='{$documentID}'"));
+    $_SESSION['itemname'] = $pagetitle;
+
+    $modx->invokeEvent("onAfterMoveDocument", array (
+        "id_document" => $documentID,
+        "old_parent" => $oldparent,
+        "new_parent" => $newParentID
+    ));
+
+    // empty cache & sync site
+    $modx->clearCache('full');
+
+    $header="Location: index.php?a=3&id={$documentID}&r=9";
+    header($header);
 } else {
-	$modx->webAlertAndQuit("You cannot move a document to a child document!");
+    $modx->webAlertAndQuit("You cannot move a document to a child document!");
 }

manager/processors/save_web_user.processor.php

Indentation +277 added lines, -277 removed lines

@@ -1,9 +1,9 @@ 
 <?php
 if( ! defined('IN_MANAGER_MODE') || IN_MANAGER_MODE !== true) {
-	die("<b>INCLUDE_ORDERING_ERROR</b><br /><br />Please use the EVO Content Manager instead of accessing this file directly.");
+    die("<b>INCLUDE_ORDERING_ERROR</b><br /><br />Please use the EVO Content Manager instead of accessing this file directly.");
 }
 if(!$modx->hasPermission('save_web_user')) {
-	$modx->webAlertAndQuit($_lang["error_no_privileges"]);
+    $modx->webAlertAndQuit($_lang["error_no_privileges"]);
 }
 
 $tbl_web_users = $modx->getFullTableName('web_users');
@@ -12,10 +12,10 @@ 
 
 $input = $_POST;
 foreach($input as $k => $v) {
-	if($k !== 'comment') {
-		$v = sanitize($v);
-	}
-	$input[$k] = $v;
+    if($k !== 'comment') {
+        $v = sanitize($v);
+    }
+    $input[$k] = $v;
 }
 
 $id = (int)$input['id'];
@@ -51,80 +51,80 @@ 
 
 // verify password
 if($passwordgenmethod == "spec" && $input['specifiedpassword'] != $input['confirmpassword']) {
-	webAlertAndQuit("Password typed is mismatched");
+    webAlertAndQuit("Password typed is mismatched");
 }
 
 // verify email
 if($email == '' || !preg_match("/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,24}$/i", $email)) {
-	webAlertAndQuit("E-mail address doesn't seem to be valid!");
+    webAlertAndQuit("E-mail address doesn't seem to be valid!");
 }
 
 switch($input['mode']) {
-	case '87' : // new user
-		// check if this user name already exist
-		$rs = $modx->db->select('count(id)', $tbl_web_users, "username='{$esc_newusername}'");
-		$limit = $modx->db->getValue($rs);
-		if($limit > 0) {
-			webAlertAndQuit("User name is already in use!");
-		}
-
-		// check if the email address already exist
-		$rs = $modx->db->select('count(id)', $tbl_web_user_attributes, "email='{$esc_email}' AND id!='{$id}'");
-		$limit = $modx->db->getValue($rs);
-		if($limit > 0) {
-			webAlertAndQuit("Email is already in use!");
-		}
-
-		// generate a new password for this user
-		if($specifiedpassword != "" && $passwordgenmethod == "spec") {
-			if(strlen($specifiedpassword) < 6) {
-				webAlertAndQuit("Password is too short!");
-			} else {
-				$newpassword = $specifiedpassword;
-			}
-		} elseif($specifiedpassword == "" && $passwordgenmethod == "spec") {
-			webAlertAndQuit("You didn't specify a password for this user!");
-		} elseif($passwordgenmethod == 'g') {
-			$newpassword = generate_password(8);
-		} else {
-			webAlertAndQuit("No password generation method specified!");
-		}
-
-		// invoke OnBeforeWUsrFormSave event
-		$modx->invokeEvent("OnBeforeWUsrFormSave", array(
-			"mode" => "new",
-		));
-
-		// create the user account
-		$field = array();
-		$field['username'] = $esc_newusername;
-		$field['password'] = md5($newpassword);
-		$internalKey = $modx->db->insert($field, $tbl_web_users);
-
-		$field = compact('internalKey', 'fullname', 'role', 'email', 'phone', 'mobilephone', 'fax', 'zip', 'street', 'city', 'state', 'country', 'gender', 'dob', 'photo', 'comment', 'blocked', 'blockeduntil', 'blockedafter');
-		$field = $modx->db->escape($field);
-		$modx->db->insert($field, $tbl_web_user_attributes);
-
-		// Save User Settings
-		saveUserSettings($internalKey);
-
-		// Set the item name for logger
-		$_SESSION['itemname'] = $newusername;
-
-		/*******************************************************************************/
-		// put the user in the user_groups he/ she should be in
-		// first, check that up_perms are switched on!
-		if($use_udperms == 1) {
-			if(!empty($user_groups)) {
-				for($i = 0; $i < count($user_groups); $i++) {
-					$f = array();
-					$f['webgroup'] = (int)$user_groups[$i];
-					$f['webuser'] = $internalKey;
-					$modx->db->insert($f, $tbl_web_groups);
-				}
-			}
-		}
-		// end of user_groups stuff!
+    case '87' : // new user
+        // check if this user name already exist
+        $rs = $modx->db->select('count(id)', $tbl_web_users, "username='{$esc_newusername}'");
+        $limit = $modx->db->getValue($rs);
+        if($limit > 0) {
+            webAlertAndQuit("User name is already in use!");
+        }
+
+        // check if the email address already exist
+        $rs = $modx->db->select('count(id)', $tbl_web_user_attributes, "email='{$esc_email}' AND id!='{$id}'");
+        $limit = $modx->db->getValue($rs);
+        if($limit > 0) {
+            webAlertAndQuit("Email is already in use!");
+        }
+
+        // generate a new password for this user
+        if($specifiedpassword != "" && $passwordgenmethod == "spec") {
+            if(strlen($specifiedpassword) < 6) {
+                webAlertAndQuit("Password is too short!");
+            } else {
+                $newpassword = $specifiedpassword;
+            }
+        } elseif($specifiedpassword == "" && $passwordgenmethod == "spec") {
+            webAlertAndQuit("You didn't specify a password for this user!");
+        } elseif($passwordgenmethod == 'g') {
+            $newpassword = generate_password(8);
+        } else {
+            webAlertAndQuit("No password generation method specified!");
+        }
+
+        // invoke OnBeforeWUsrFormSave event
+        $modx->invokeEvent("OnBeforeWUsrFormSave", array(
+            "mode" => "new",
+        ));
+
+        // create the user account
+        $field = array();
+        $field['username'] = $esc_newusername;
+        $field['password'] = md5($newpassword);
+        $internalKey = $modx->db->insert($field, $tbl_web_users);
+
+        $field = compact('internalKey', 'fullname', 'role', 'email', 'phone', 'mobilephone', 'fax', 'zip', 'street', 'city', 'state', 'country', 'gender', 'dob', 'photo', 'comment', 'blocked', 'blockeduntil', 'blockedafter');
+        $field = $modx->db->escape($field);
+        $modx->db->insert($field, $tbl_web_user_attributes);
+
+        // Save User Settings
+        saveUserSettings($internalKey);
+
+        // Set the item name for logger
+        $_SESSION['itemname'] = $newusername;
+
+        /*******************************************************************************/
+        // put the user in the user_groups he/ she should be in
+        // first, check that up_perms are switched on!
+        if($use_udperms == 1) {
+            if(!empty($user_groups)) {
+                for($i = 0; $i < count($user_groups); $i++) {
+                    $f = array();
+                    $f['webgroup'] = (int)$user_groups[$i];
+                    $f['webuser'] = $internalKey;
+                    $modx->db->insert($f, $tbl_web_groups);
+                }
+            }
+        }
+        // end of user_groups stuff!
 
         // invoke OnWebSaveUser event
         $modx->invokeEvent("OnWebSaveUser", array(
@@ -142,26 +142,26 @@ 
             "id" => $internalKey
         ));
 
-		if($passwordnotifymethod == 'e') {
-			sendMailMessage($email, $newusername, $newpassword, $fullname);
-			if($input['stay'] != '') {
-				$a = ($input['stay'] == '2') ? "88&id={$internalKey}" : "87";
-				$header = "Location: index.php?a={$a}&r=2&stay=" . $input['stay'];
-				header($header);
-			} else {
-				$header = "Location: index.php?a=99&r=2";
-				header($header);
-			}
-		} else {
-			if($input['stay'] != '') {
-				$a = ($input['stay'] == '2') ? "88&id={$internalKey}" : "87";
-				$stayUrl = "index.php?a={$a}&r=2&stay=" . $input['stay'];
-			} else {
-				$stayUrl = "index.php?a=99&r=2";
-			}
-
-			include_once "header.inc.php";
-			?>
+        if($passwordnotifymethod == 'e') {
+            sendMailMessage($email, $newusername, $newpassword, $fullname);
+            if($input['stay'] != '') {
+                $a = ($input['stay'] == '2') ? "88&id={$internalKey}" : "87";
+                $header = "Location: index.php?a={$a}&r=2&stay=" . $input['stay'];
+                header($header);
+            } else {
+                $header = "Location: index.php?a=99&r=2";
+                header($header);
+            }
+        } else {
+            if($input['stay'] != '') {
+                $a = ($input['stay'] == '2') ? "88&id={$internalKey}" : "87";
+                $stayUrl = "index.php?a={$a}&r=2&stay=" . $input['stay'];
+            } else {
+                $stayUrl = "index.php?a=99&r=2";
+            }
+
+            include_once "header.inc.php";
+            ?>
 
 			<h1><?php echo $_lang['web_user_title']; ?></h1>
 
@@ -183,84 +183,84 @@ 
 			</div>
 			<?php
 
-			include_once "footer.inc.php";
-		}
-		break;
-	case '88' : // edit user
-		// generate a new password for this user
-		if($genpassword == 1) {
-			if($specifiedpassword != "" && $passwordgenmethod == "spec") {
-				if(strlen($specifiedpassword) < 6) {
-					webAlertAndQuit("Password is too short!");
-				} else {
-					$newpassword = $specifiedpassword;
-				}
-			} elseif($specifiedpassword == "" && $passwordgenmethod == "spec") {
-				webAlertAndQuit("You didn't specify a password for this user!");
-			} elseif($passwordgenmethod == 'g') {
-				$newpassword = generate_password(8);
-			} else {
-				webAlertAndQuit("No password generation method specified!");
-			}
-		}
-		if($passwordnotifymethod == 'e') {
-			sendMailMessage($email, $newusername, $newpassword, $fullname);
-		}
-
-		// check if the username already exist
-		$rs = $modx->db->select('count(id)', $tbl_web_users, "username='{$esc_newusername}' AND id!='{$id}'");
-		$limit = $modx->db->getValue($rs);
-		if($limit > 0) {
-			webAlertAndQuit("User name is already in use!");
-		}
-
-		// check if the email address already exists
-		$rs = $modx->db->select('count(internalKey)', $tbl_web_user_attributes, "email='{$esc_email}' AND internalKey!='{$id}'");
-		$limit = $modx->db->getValue($rs);
-		if($limit > 0) {
-			webAlertAndQuit("Email is already in use!");
-		}
-
-		// invoke OnBeforeWUsrFormSave event
-		$modx->invokeEvent("OnBeforeWUsrFormSave", array(
-			"mode" => "upd",
-			"id" => $id
-		));
-
-		// update user name and password
-		$field = array();
-		$field['username'] = $esc_newusername;
-		if($genpassword == 1) {
-			$field['password'] = md5($newpassword);
-		}
-		$modx->db->update($field, $tbl_web_users, "id='{$id}'");
-		$field = compact('fullname', 'role', 'email', 'phone', 'mobilephone', 'fax', 'zip', 'street', 'city', 'state', 'country', 'gender', 'dob', 'photo', 'comment', 'failedlogincount', 'blocked', 'blockeduntil', 'blockedafter');
-		$field = $modx->db->escape($field);
-		$modx->db->update($field, $tbl_web_user_attributes, "internalKey='{$id}'");
-
-		// Save User Settings
-		saveUserSettings($id);
-
-		// Set the item name for logger
-		$_SESSION['itemname'] = $newusername;
-
-		/*******************************************************************************/
-		// put the user in the user_groups he/ she should be in
-		// first, check that up_perms are switched on!
-		if($use_udperms == 1) {
-			// as this is an existing user, delete his/ her entries in the groups before saving the new groups
-			$modx->db->delete($tbl_web_groups, "webuser='{$id}'");
-			if(!empty($user_groups)) {
-				for($i = 0; $i < count($user_groups); $i++) {
-					$field = array();
-					$field['webgroup'] = (int)$user_groups[$i];
-					$field['webuser'] = $id;
-					$modx->db->insert($field, $tbl_web_groups);
-				}
-			}
-		}
-		// end of user_groups stuff!
-		/*******************************************************************************/
+            include_once "footer.inc.php";
+        }
+        break;
+    case '88' : // edit user
+        // generate a new password for this user
+        if($genpassword == 1) {
+            if($specifiedpassword != "" && $passwordgenmethod == "spec") {
+                if(strlen($specifiedpassword) < 6) {
+                    webAlertAndQuit("Password is too short!");
+                } else {
+                    $newpassword = $specifiedpassword;
+                }
+            } elseif($specifiedpassword == "" && $passwordgenmethod == "spec") {
+                webAlertAndQuit("You didn't specify a password for this user!");
+            } elseif($passwordgenmethod == 'g') {
+                $newpassword = generate_password(8);
+            } else {
+                webAlertAndQuit("No password generation method specified!");
+            }
+        }
+        if($passwordnotifymethod == 'e') {
+            sendMailMessage($email, $newusername, $newpassword, $fullname);
+        }
+
+        // check if the username already exist
+        $rs = $modx->db->select('count(id)', $tbl_web_users, "username='{$esc_newusername}' AND id!='{$id}'");
+        $limit = $modx->db->getValue($rs);
+        if($limit > 0) {
+            webAlertAndQuit("User name is already in use!");
+        }
+
+        // check if the email address already exists
+        $rs = $modx->db->select('count(internalKey)', $tbl_web_user_attributes, "email='{$esc_email}' AND internalKey!='{$id}'");
+        $limit = $modx->db->getValue($rs);
+        if($limit > 0) {
+            webAlertAndQuit("Email is already in use!");
+        }
+
+        // invoke OnBeforeWUsrFormSave event
+        $modx->invokeEvent("OnBeforeWUsrFormSave", array(
+            "mode" => "upd",
+            "id" => $id
+        ));
+
+        // update user name and password
+        $field = array();
+        $field['username'] = $esc_newusername;
+        if($genpassword == 1) {
+            $field['password'] = md5($newpassword);
+        }
+        $modx->db->update($field, $tbl_web_users, "id='{$id}'");
+        $field = compact('fullname', 'role', 'email', 'phone', 'mobilephone', 'fax', 'zip', 'street', 'city', 'state', 'country', 'gender', 'dob', 'photo', 'comment', 'failedlogincount', 'blocked', 'blockeduntil', 'blockedafter');
+        $field = $modx->db->escape($field);
+        $modx->db->update($field, $tbl_web_user_attributes, "internalKey='{$id}'");
+
+        // Save User Settings
+        saveUserSettings($id);
+
+        // Set the item name for logger
+        $_SESSION['itemname'] = $newusername;
+
+        /*******************************************************************************/
+        // put the user in the user_groups he/ she should be in
+        // first, check that up_perms are switched on!
+        if($use_udperms == 1) {
+            // as this is an existing user, delete his/ her entries in the groups before saving the new groups
+            $modx->db->delete($tbl_web_groups, "webuser='{$id}'");
+            if(!empty($user_groups)) {
+                for($i = 0; $i < count($user_groups); $i++) {
+                    $field = array();
+                    $field['webgroup'] = (int)$user_groups[$i];
+                    $field['webuser'] = $id;
+                    $modx->db->insert($field, $tbl_web_groups);
+                }
+            }
+        }
+        // end of user_groups stuff!
+        /*******************************************************************************/
 
         // invoke OnWebSaveUser event
         $modx->invokeEvent("OnWebSaveUser", array(
@@ -289,16 +289,16 @@ 
             "id" => $id
         ));
 
-		if($genpassword == 1 && $passwordnotifymethod == 's') {
-			if($input['stay'] != '') {
-				$a = ($input['stay'] == '2') ? "88&id={$id}" : "87";
-				$stayUrl = "index.php?a={$a}&r=2&stay=" . $input['stay'];
-			} else {
-				$stayUrl = "index.php?a=99&r=2";
-			}
+        if($genpassword == 1 && $passwordnotifymethod == 's') {
+            if($input['stay'] != '') {
+                $a = ($input['stay'] == '2') ? "88&id={$id}" : "87";
+                $stayUrl = "index.php?a={$a}&r=2&stay=" . $input['stay'];
+            } else {
+                $stayUrl = "index.php?a=99&r=2";
+            }
 
-			include_once "header.inc.php";
-			?>
+            include_once "header.inc.php";
+            ?>
 
 			<h1><?php echo $_lang['web_user_title']; ?></h1>
 
@@ -318,20 +318,20 @@ 
 			</div>
 			<?php
 
-			include_once "footer.inc.php";
-		} else {
-			if($input['stay'] != '') {
-				$a = ($input['stay'] == '2') ? "88&id={$id}" : "87";
-				$header = "Location: index.php?a={$a}&r=2&stay=" . $input['stay'];
-				header($header);
-			} else {
-				$header = "Location: index.php?a=99&r=2";
-				header($header);
-			}
-		}
-		break;
-	default :
-		webAlertAndQuit("No operation set in request.");
+            include_once "footer.inc.php";
+        } else {
+            if($input['stay'] != '') {
+                $a = ($input['stay'] == '2') ? "88&id={$id}" : "87";
+                $header = "Location: index.php?a={$a}&r=2&stay=" . $input['stay'];
+                header($header);
+            } else {
+                $header = "Location: index.php?a=99&r=2";
+                header($header);
+            }
+        }
+        break;
+    default :
+        webAlertAndQuit("No operation set in request.");
 }
 
 /**
@@ -341,14 +341,14 @@ 
  * @return string
  */
 function save_user_quoted_printable($string) {
-	$crlf = "\n";
-	$string = preg_replace('!(\r\n|\r|\n)!', $crlf, $string) . $crlf;
-	$f[] = '/([\000-\010\013\014\016-\037\075\177-\377])/e';
-	$r[] = "'=' . sprintf('%02X', ord('\\1'))";
-	$f[] = '/([\011\040])' . $crlf . '/e';
-	$r[] = "'=' . sprintf('%02X', ord('\\1')) . '" . $crlf . "'";
-	$string = preg_replace($f, $r, $string);
-	return trim(wordwrap($string, 70, ' =' . $crlf));
+    $crlf = "\n";
+    $string = preg_replace('!(\r\n|\r|\n)!', $crlf, $string) . $crlf;
+    $f[] = '/([\000-\010\013\014\016-\037\075\177-\377])/e';
+    $r[] = "'=' . sprintf('%02X', ord('\\1'))";
+    $f[] = '/([\011\040])' . $crlf . '/e';
+    $r[] = "'=' . sprintf('%02X', ord('\\1')) . '" . $crlf . "'";
+    $string = preg_replace($f, $r, $string);
+    return trim(wordwrap($string, 70, ' =' . $crlf));
 }
 
 /**
@@ -360,94 +360,94 @@ 
  * @param string $ufn
  */
 function sendMailMessage($email, $uid, $pwd, $ufn) {
-	$modx = DocumentParser::getInstance(); global $_lang, $websignupemail_message;
-	global $emailsubject, $emailsender;
-	global $site_name, $site_url;
-	$message = sprintf($websignupemail_message, $uid, $pwd); // use old method
-	// replace placeholders
-	$message = str_replace("[+uid+]", $uid, $message);
-	$message = str_replace("[+pwd+]", $pwd, $message);
-	$message = str_replace("[+ufn+]", $ufn, $message);
-	$message = str_replace("[+sname+]", $site_name, $message);
-	$message = str_replace("[+saddr+]", $emailsender, $message);
-	$message = str_replace("[+semail+]", $emailsender, $message);
-	$message = str_replace("[+surl+]", $site_url, $message);
-
-	$param = array();
-	$param['from'] = "{$site_name}<{$emailsender}>";
-	$param['subject'] = $emailsubject;
-	$param['body'] = $message;
-	$param['to'] = $email;
-	$param['type'] = 'text';
-	$rs = $modx->sendmail($param);
-	if(!$rs) {
-		$modx->manager->saveFormValues();
-		$modx->messageQuit("{$email} - {$_lang['error_sending_email']}");
-	}
+    $modx = DocumentParser::getInstance(); global $_lang, $websignupemail_message;
+    global $emailsubject, $emailsender;
+    global $site_name, $site_url;
+    $message = sprintf($websignupemail_message, $uid, $pwd); // use old method
+    // replace placeholders
+    $message = str_replace("[+uid+]", $uid, $message);
+    $message = str_replace("[+pwd+]", $pwd, $message);
+    $message = str_replace("[+ufn+]", $ufn, $message);
+    $message = str_replace("[+sname+]", $site_name, $message);
+    $message = str_replace("[+saddr+]", $emailsender, $message);
+    $message = str_replace("[+semail+]", $emailsender, $message);
+    $message = str_replace("[+surl+]", $site_url, $message);
+
+    $param = array();
+    $param['from'] = "{$site_name}<{$emailsender}>";
+    $param['subject'] = $emailsubject;
+    $param['body'] = $message;
+    $param['to'] = $email;
+    $param['type'] = 'text';
+    $rs = $modx->sendmail($param);
+    if(!$rs) {
+        $modx->manager->saveFormValues();
+        $modx->messageQuit("{$email} - {$_lang['error_sending_email']}");
+    }
 }
 
 // Save User Settings
 function saveUserSettings($id) {
-	$modx = DocumentParser::getInstance();
-	$tbl_web_user_settings = $modx->getFullTableName('web_user_settings');
-
-	$settings = array(
-		"login_home",
-		"allowed_ip",
-		"allowed_days"
-	);
-
-	$modx->db->delete($tbl_web_user_settings, "webuser='{$id}'");
-
-	foreach($settings as $n) {
-		$vl = $_POST[$n];
-		if(is_array($vl)) {
-			$vl = implode(",", $vl);
-		}
-		if($vl != '') {
-			$f = array();
-			$f['webuser'] = $id;
-			$f['setting_name'] = $n;
-			$f['setting_value'] = $vl;
-			$f = $modx->db->escape($f);
-			$modx->db->insert($f, $tbl_web_user_settings);
-		}
-	}
+    $modx = DocumentParser::getInstance();
+    $tbl_web_user_settings = $modx->getFullTableName('web_user_settings');
+
+    $settings = array(
+        "login_home",
+        "allowed_ip",
+        "allowed_days"
+    );
+
+    $modx->db->delete($tbl_web_user_settings, "webuser='{$id}'");
+
+    foreach($settings as $n) {
+        $vl = $_POST[$n];
+        if(is_array($vl)) {
+            $vl = implode(",", $vl);
+        }
+        if($vl != '') {
+            $f = array();
+            $f['webuser'] = $id;
+            $f['setting_name'] = $n;
+            $f['setting_value'] = $vl;
+            $f = $modx->db->escape($f);
+            $modx->db->insert($f, $tbl_web_user_settings);
+        }
+    }
 }
 
 // Web alert -  sends an alert to web browser
 function webAlertAndQuit($msg) {
-	global $id, $modx;
-	$mode = $_POST['mode'];
-	$modx->manager->saveFormValues($mode);
-	$modx->webAlertAndQuit($msg, "index.php?a={$mode}" . ($mode == '88' ? "&id={$id}" : ''));
+    global $id, $modx;
+    $mode = $_POST['mode'];
+    $modx->manager->saveFormValues($mode);
+    $modx->webAlertAndQuit($msg, "index.php?a={$mode}" . ($mode == '88' ? "&id={$id}" : ''));
 }
 
 // Generate password
 function generate_password($length = 10) {
-	$allowable_characters = "abcdefghjkmnpqrstuvxyzABCDEFGHJKLMNPQRSTUVWXYZ23456789";
-	$ps_len = strlen($allowable_characters);
-	mt_srand((double) microtime() * 1000000);
-	$pass = "";
-	for($i = 0; $i < $length; $i++) {
-		$pass .= $allowable_characters[mt_rand(0, $ps_len - 1)];
-	}
-	return $pass;
+    $allowable_characters = "abcdefghjkmnpqrstuvxyzABCDEFGHJKLMNPQRSTUVWXYZ23456789";
+    $ps_len = strlen($allowable_characters);
+    mt_srand((double) microtime() * 1000000);
+    $pass = "";
+    for($i = 0; $i < $length; $i++) {
+        $pass .= $allowable_characters[mt_rand(0, $ps_len - 1)];
+    }
+    return $pass;
 }
 
 function sanitize($str = '', $safecount = 0) {
-	$modx = DocumentParser::getInstance();
-	$safecount++;
-	if(1000 < $safecount) {
-		exit("error too many loops '{$safecount}'");
-	}
-	if(is_array($str)) {
-		foreach($str as $i => $v) {
-			$str[$i] = sanitize($v, $safecount);
-		}
-	} else {
-		// $str = strip_tags($str); // LEAVE < and > intact
-		$str = htmlspecialchars($str, ENT_NOQUOTES, $modx->config['modx_charset']);
-	}
-	return $str;
+    $modx = DocumentParser::getInstance();
+    $safecount++;
+    if(1000 < $safecount) {
+        exit("error too many loops '{$safecount}'");
+    }
+    if(is_array($str)) {
+        foreach($str as $i => $v) {
+            $str[$i] = sanitize($v, $safecount);
+        }
+    } else {
+        // $str = strip_tags($str); // LEAVE < and > intact
+        $str = htmlspecialchars($str, ENT_NOQUOTES, $modx->config['modx_charset']);
+    }
+    return $str;
 }

manager/processors/duplicate_content.processor.php

Indentation +94 added lines, -94 removed lines

@@ -3,12 +3,12 @@ 
     die("<b>INCLUDE_ORDERING_ERROR</b><br /><br />Please use the EVO Content Manager instead of accessing this file directly.");
 }
 if(!$modx->hasPermission('new_document') || !$modx->hasPermission('save_document')) {
-	$modx->webAlertAndQuit($_lang["error_no_privileges"]);
+    $modx->webAlertAndQuit($_lang["error_no_privileges"]);
 }
 
 $id = isset($_GET['id'])? (int)$_GET['id'] : 0;
 if($id==0) {
-	$modx->webAlertAndQuit($_lang["error_no_id"]);
+    $modx->webAlertAndQuit($_lang["error_no_id"]);
 }
 
 $children = array();
@@ -22,7 +22,7 @@ 
 $udperms->duplicateDoc = true;
 
 if(!$udperms->checkPermissions()) {
-	$modx->webAlertAndQuit($_lang["access_permission_denied"]);
+    $modx->webAlertAndQuit($_lang["access_permission_denied"]);
 }
 
 // Run the duplicator
@@ -43,103 +43,103 @@ 
  * @return int
  */
 function duplicateDocument($docid, $parent=null, $_toplevel=0) {
-	$modx = DocumentParser::getInstance(); global $_lang;
-
-	// invoke OnBeforeDocDuplicate event
-	$evtOut = $modx->invokeEvent('OnBeforeDocDuplicate', array(
-		'id' => $docid
-	));
-
-	// if( !in_array( 'false', array_values( $evtOut ) ) ){}
-	// TODO: Determine necessary handling for duplicateDocument "return $newparent" if OnBeforeDocDuplicate were able to conditially control duplication
-	// [DISABLED]: Proceed with duplicateDocument if OnBeforeDocDuplicate did not return false via: $event->output('false');
-
-	$userID = $modx->getLoginUserID();
-
-	$tblsc = $modx->getFullTableName('site_content');
-
-	// Grab the original document
-	$rs = $modx->db->select('*', $tblsc, "id='{$docid}'");
-	$content = $modx->db->getRow($rs);
-
-	// Handle incremental ID
-	switch($modx->config['docid_incrmnt_method'])
-	{
-		case '1':
-			$from = "{$tblsc} AS T0 LEFT JOIN {$tblsc} AS T1 ON T0.id + 1 = T1.id";
-			$rs = $modx->db->select('MIN(T0.id)+1', $from, "T1.id IS NULL");
-			$content['id'] = $modx->db->getValue($rs);
-			break;
-		case '2':
-			$rs = $modx->db->select('MAX(id)+1',$tblsc);
-			$content['id'] = $modx->db->getValue($rs);
-			break;
-
-		default:
-			unset($content['id']); // remove the current id.
-	}
-
-	// Once we've grabbed the document object, start doing some modifications
-	if ($_toplevel == 0) {
-		// count duplicates
-		$pagetitle = $modx->db->getValue($modx->db->select('pagetitle', $modx->getFullTableName('site_content'), "id='{$docid}'"));
-		$pagetitle = $modx->db->escape($pagetitle);
-		$count = $modx->db->getRecordCount($modx->db->select('pagetitle', $modx->getFullTableName('site_content'), "pagetitle LIKE '{$pagetitle} Duplicate%'"));
-		if($count>=1) $count = ' '.($count+1);
-		else $count = '';
-
-		$content['pagetitle'] = $_lang['duplicated_el_suffix'].$count.' '.$content['pagetitle'];
-		$content['alias'] = null;
-	} elseif($modx->config['friendly_urls'] == 0 || $modx->config['allow_duplicate_alias'] == 0) {
-		$content['alias'] = null;
-	}
-
-	// change the parent accordingly
-	if ($parent !== null) $content['parent'] = $parent;
-
-	// Change the author
-	$content['createdby'] = $userID;
-	$content['createdon'] = time();
-	// Remove other modification times
-	$content['editedby'] = $content['editedon'] = $content['deleted'] = $content['deletedby'] = $content['deletedon'] = 0;
-
-	// [FS#922] Should the published status be honored? - sirlancelot
+    $modx = DocumentParser::getInstance(); global $_lang;
+
+    // invoke OnBeforeDocDuplicate event
+    $evtOut = $modx->invokeEvent('OnBeforeDocDuplicate', array(
+        'id' => $docid
+    ));
+
+    // if( !in_array( 'false', array_values( $evtOut ) ) ){}
+    // TODO: Determine necessary handling for duplicateDocument "return $newparent" if OnBeforeDocDuplicate were able to conditially control duplication
+    // [DISABLED]: Proceed with duplicateDocument if OnBeforeDocDuplicate did not return false via: $event->output('false');
+
+    $userID = $modx->getLoginUserID();
+
+    $tblsc = $modx->getFullTableName('site_content');
+
+    // Grab the original document
+    $rs = $modx->db->select('*', $tblsc, "id='{$docid}'");
+    $content = $modx->db->getRow($rs);
+
+    // Handle incremental ID
+    switch($modx->config['docid_incrmnt_method'])
+    {
+        case '1':
+            $from = "{$tblsc} AS T0 LEFT JOIN {$tblsc} AS T1 ON T0.id + 1 = T1.id";
+            $rs = $modx->db->select('MIN(T0.id)+1', $from, "T1.id IS NULL");
+            $content['id'] = $modx->db->getValue($rs);
+            break;
+        case '2':
+            $rs = $modx->db->select('MAX(id)+1',$tblsc);
+            $content['id'] = $modx->db->getValue($rs);
+            break;
+
+        default:
+            unset($content['id']); // remove the current id.
+    }
+
+    // Once we've grabbed the document object, start doing some modifications
+    if ($_toplevel == 0) {
+        // count duplicates
+        $pagetitle = $modx->db->getValue($modx->db->select('pagetitle', $modx->getFullTableName('site_content'), "id='{$docid}'"));
+        $pagetitle = $modx->db->escape($pagetitle);
+        $count = $modx->db->getRecordCount($modx->db->select('pagetitle', $modx->getFullTableName('site_content'), "pagetitle LIKE '{$pagetitle} Duplicate%'"));
+        if($count>=1) $count = ' '.($count+1);
+        else $count = '';
+
+        $content['pagetitle'] = $_lang['duplicated_el_suffix'].$count.' '.$content['pagetitle'];
+        $content['alias'] = null;
+    } elseif($modx->config['friendly_urls'] == 0 || $modx->config['allow_duplicate_alias'] == 0) {
+        $content['alias'] = null;
+    }
+
+    // change the parent accordingly
+    if ($parent !== null) $content['parent'] = $parent;
+
+    // Change the author
+    $content['createdby'] = $userID;
+    $content['createdon'] = time();
+    // Remove other modification times
+    $content['editedby'] = $content['editedon'] = $content['deleted'] = $content['deletedby'] = $content['deletedon'] = 0;
+
+    // [FS#922] Should the published status be honored? - sirlancelot
 //	if ($modx->hasPermission('publish_document')) {
 //		if ($modx->config['publish_default'])
 //			$content['pub_date'] = $content['pub_date']; // should this be changed to 1?
 //		else	$content['pub_date'] = 0;
 //	} else {
-		// User can't publish documents
+        // User can't publish documents
 //		$content['published'] = $content['pub_date'] = 0;
 //	}
 
     // Set the published status to unpublished by default (see above ... commit #3388)
     $content['published'] = $content['pub_date'] = 0;
 
-	// Escape the proper strings
-	$content = $modx->db->escape($content);
+    // Escape the proper strings
+    $content = $modx->db->escape($content);
 
-	// Duplicate the Document
-	$newparent = $modx->db->insert($content, $tblsc);
+    // Duplicate the Document
+    $newparent = $modx->db->insert($content, $tblsc);
 
-	// duplicate document's TVs
-	duplicateTVs($docid, $newparent);
-	duplicateAccess($docid, $newparent);
+    // duplicate document's TVs
+    duplicateTVs($docid, $newparent);
+    duplicateAccess($docid, $newparent);
 
-	// invoke OnDocDuplicate event
-	$evtOut = $modx->invokeEvent('OnDocDuplicate', array(
-		'id' => $docid,
-		'new_id' => $newparent
-	));
+    // invoke OnDocDuplicate event
+    $evtOut = $modx->invokeEvent('OnDocDuplicate', array(
+        'id' => $docid,
+        'new_id' => $newparent
+    ));
 
-	// Start duplicating all the child documents that aren't deleted.
-	$_toplevel++;
-	$rs = $modx->db->select('id', $tblsc, "parent='{$docid}' AND deleted=0", 'id ASC');
-		while ($row = $modx->db->getRow($rs))
-			duplicateDocument($row['id'], $newparent, $_toplevel);
+    // Start duplicating all the child documents that aren't deleted.
+    $_toplevel++;
+    $rs = $modx->db->select('id', $tblsc, "parent='{$docid}' AND deleted=0", 'id ASC');
+        while ($row = $modx->db->getRow($rs))
+            duplicateDocument($row['id'], $newparent, $_toplevel);
 
-	// return the new doc id
-	return $newparent;
+    // return the new doc id
+    return $newparent;
 }
 
 /**
@@ -149,17 +149,17 @@ 
  * @param int $newid
  */
 function duplicateTVs($oldid, $newid){
-	$modx = DocumentParser::getInstance();
+    $modx = DocumentParser::getInstance();
 
-	$tbltvc = $modx->getFullTableName('site_tmplvar_contentvalues');
+    $tbltvc = $modx->getFullTableName('site_tmplvar_contentvalues');
 
     $newid = (int)$newid;
     $oldid = (int)$oldid;
 
     $modx->db->insert(
-		array('contentid'=>'', 'tmplvarid'=>'', 'value'=>''), $tbltvc, // Insert into
-		"{$newid}, tmplvarid, value", $tbltvc, "contentid='{$oldid}'" // Copy from
-	);
+        array('contentid'=>'', 'tmplvarid'=>'', 'value'=>''), $tbltvc, // Insert into
+        "{$newid}, tmplvarid, value", $tbltvc, "contentid='{$oldid}'" // Copy from
+    );
 }
 
 /**
@@ -169,15 +169,15 @@ 
  * @param int $newid
  */
 function duplicateAccess($oldid, $newid){
-	$modx = DocumentParser::getInstance();
+    $modx = DocumentParser::getInstance();
 
-	$tbldg = $modx->getFullTableName('document_groups');
+    $tbldg = $modx->getFullTableName('document_groups');
 
     $newid = (int)$newid;
     $oldid = (int)$oldid;
 
     $modx->db->insert(
-		array('document'=>'', 'document_group'=>''), $tbldg, // Insert into
-		"{$newid}, document_group", $tbldg, "document='{$oldid}'" // Copy from
-	);
+        array('document'=>'', 'document_group'=>''), $tbldg, // Insert into
+        "{$newid}, document_group", $tbldg, "document='{$oldid}'" // Copy from
+    );
 }

manager/processors/login.processor.php

Indentation +182 added lines, -182 removed lines

@@ -1,7 +1,7 @@ 
 <?php
 if(!isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
-	header('HTTP/1.0 404 Not Found');
-	exit('error');
+    header('HTTP/1.0 404 Not Found');
+    exit('error');
 }
 define('IN_MANAGER_MODE', true);  // we use this to make sure files are accessed through
 define('MODX_API_MODE', true);
@@ -18,7 +18,7 @@ 
 include_once("{$core_path}lang/english.inc.php");
 
 if($manager_language !== 'english' && is_file("{$core_path}lang/{$manager_language}.inc.php")) {
-	include_once("{$core_path}lang/{$manager_language}.inc.php");
+    include_once("{$core_path}lang/{$manager_language}.inc.php");
 }
 
 // include the logger
@@ -26,7 +26,7 @@ 
 
 // Initialize System Alert Message Queque
 if(!isset($_SESSION['SystemAlertMsgQueque'])) {
-	$_SESSION['SystemAlertMsgQueque'] = array();
+    $_SESSION['SystemAlertMsgQueque'] = array();
 }
 $SystemAlertMsgQueque = &$_SESSION['SystemAlertMsgQueque'];
 
@@ -41,10 +41,10 @@ 
 
 // invoke OnBeforeManagerLogin event
 $modx->invokeEvent('OnBeforeManagerLogin', array(
-		'username' => $username,
-		'userpassword' => $givenPassword,
-		'rememberme' => $rememberme
-	));
+        'username' => $username,
+        'userpassword' => $givenPassword,
+        'rememberme' => $rememberme
+    ));
 $fields = 'mu.*, ua.*';
 $from = '[+prefix+]manager_users AS mu, [+prefix+]user_attributes AS ua';
 $where = "BINARY mu.username='{$username}' and ua.internalKey=mu.id";
@@ -52,8 +52,8 @@ 
 $limit = $modx->db->getRecordCount($rs);
 
 if($limit == 0 || $limit > 1) {
-	jsAlert($_lang['login_processor_unknown_user']);
-	return;
+    jsAlert($_lang['login_processor_unknown_user']);
+    return;
 }
 
 $row = $modx->db->getRow($rs);
@@ -74,127 +74,127 @@ 
 // get the user settings from the database
 $rs = $modx->db->select('setting_name, setting_value', '[+prefix+]user_settings', "user='{$internalKey}' AND setting_value!=''");
 while($row = $modx->db->getRow($rs)) {
-	extract($row);
-	${$setting_name} = $setting_value;
+    extract($row);
+    ${$setting_name} = $setting_value;
 }
 
 // blocked due to number of login errors.
 if($failedlogins >= $failed_allowed && $blockeduntildate > time()) {
-	@session_destroy();
-	session_unset();
-	if($cip = getenv("HTTP_CLIENT_IP")) {
-		$ip = $cip;
-	} elseif($cip = getenv("HTTP_X_FORWARDED_FOR")) {
-		$ip = $cip;
-	} elseif($cip = getenv("REMOTE_ADDR")) {
-		$ip = $cip;
-	} else {
-		$ip = "UNKNOWN";
-	}
-	$log = new logHandler;
-	$log->initAndWriteLog("Login Fail (Temporary Block)", $internalKey, $username, "119", $internalKey, "IP: " . $ip);
-	jsAlert($_lang['login_processor_many_failed_logins']);
-	return;
+    @session_destroy();
+    session_unset();
+    if($cip = getenv("HTTP_CLIENT_IP")) {
+        $ip = $cip;
+    } elseif($cip = getenv("HTTP_X_FORWARDED_FOR")) {
+        $ip = $cip;
+    } elseif($cip = getenv("REMOTE_ADDR")) {
+        $ip = $cip;
+    } else {
+        $ip = "UNKNOWN";
+    }
+    $log = new logHandler;
+    $log->initAndWriteLog("Login Fail (Temporary Block)", $internalKey, $username, "119", $internalKey, "IP: " . $ip);
+    jsAlert($_lang['login_processor_many_failed_logins']);
+    return;
 }
 
 // blocked due to number of login errors, but get to try again
 if($failedlogins >= $failed_allowed && $blockeduntildate < time()) {
-	$fields = array();
-	$fields['failedlogincount'] = '0';
-	$fields['blockeduntil'] = time() - 1;
-	$modx->db->update($fields, '[+prefix+]user_attributes', "internalKey='{$internalKey}'");
+    $fields = array();
+    $fields['failedlogincount'] = '0';
+    $fields['blockeduntil'] = time() - 1;
+    $modx->db->update($fields, '[+prefix+]user_attributes', "internalKey='{$internalKey}'");
 }
 
 // this user has been blocked by an admin, so no way he's loggin in!
 if($blocked == '1') {
-	@session_destroy();
-	session_unset();
-	jsAlert($_lang['login_processor_blocked1']);
-	return;
+    @session_destroy();
+    session_unset();
+    jsAlert($_lang['login_processor_blocked1']);
+    return;
 }
 
 // blockuntil: this user has a block until date
 if($blockeduntildate > time()) {
-	@session_destroy();
-	session_unset();
-	jsAlert($_lang['login_processor_blocked2']);
-	return;
+    @session_destroy();
+    session_unset();
+    jsAlert($_lang['login_processor_blocked2']);
+    return;
 }
 
 // blockafter: this user has a block after date
 if($blockedafterdate > 0 && $blockedafterdate < time()) {
-	@session_destroy();
-	session_unset();
-	jsAlert($_lang['login_processor_blocked3']);
-	return;
+    @session_destroy();
+    session_unset();
+    jsAlert($_lang['login_processor_blocked3']);
+    return;
 }
 
 // allowed ip
 if($allowed_ip) {
-	if(($hostname = gethostbyaddr($_SERVER['REMOTE_ADDR'])) && ($hostname != $_SERVER['REMOTE_ADDR'])) {
-		if(gethostbyname($hostname) != $_SERVER['REMOTE_ADDR']) {
-			jsAlert($_lang['login_processor_remotehost_ip']);
-			return;
-		}
-	}
-	if(!in_array($_SERVER['REMOTE_ADDR'], array_filter(array_map('trim', explode(',', $allowed_ip))))) {
-		jsAlert($_lang['login_processor_remote_ip']);
-		return;
-	}
+    if(($hostname = gethostbyaddr($_SERVER['REMOTE_ADDR'])) && ($hostname != $_SERVER['REMOTE_ADDR'])) {
+        if(gethostbyname($hostname) != $_SERVER['REMOTE_ADDR']) {
+            jsAlert($_lang['login_processor_remotehost_ip']);
+            return;
+        }
+    }
+    if(!in_array($_SERVER['REMOTE_ADDR'], array_filter(array_map('trim', explode(',', $allowed_ip))))) {
+        jsAlert($_lang['login_processor_remote_ip']);
+        return;
+    }
 }
 
 // allowed days
 if($allowed_days) {
-	$date = getdate();
-	$day = $date['wday'] + 1;
-	if(strpos($allowed_days, $day) === false) {
-		jsAlert($_lang['login_processor_date']);
-		return;
-	}
+    $date = getdate();
+    $day = $date['wday'] + 1;
+    if(strpos($allowed_days, $day) === false) {
+        jsAlert($_lang['login_processor_date']);
+        return;
+    }
 }
 
 // invoke OnManagerAuthentication event
 $rt = $modx->invokeEvent('OnManagerAuthentication', array(
-		'userid' => $internalKey,
-		'username' => $username,
-		'userpassword' => $givenPassword,
-		'savedpassword' => $dbasePassword,
-		'rememberme' => $rememberme
-	));
+        'userid' => $internalKey,
+        'username' => $username,
+        'userpassword' => $givenPassword,
+        'savedpassword' => $dbasePassword,
+        'rememberme' => $rememberme
+    ));
 
 // check if plugin authenticated the user
 $matchPassword = false;
 if(!isset($rt) || !$rt || (is_array($rt) && !in_array(true, $rt))) {
-	// check user password - local authentication
-	$hashType = $modx->manager->getHashType($dbasePassword);
-	if($hashType == 'phpass') {
-		$matchPassword = login($username, $_REQUEST['password'], $dbasePassword);
-	} elseif($hashType == 'md5') {
-		$matchPassword = loginMD5($internalKey, $_REQUEST['password'], $dbasePassword, $username);
-	} elseif($hashType == 'v1') {
-		$matchPassword = loginV1($internalKey, $_REQUEST['password'], $dbasePassword, $username);
-	} else {
-		$matchPassword = false;
-	}
+    // check user password - local authentication
+    $hashType = $modx->manager->getHashType($dbasePassword);
+    if($hashType == 'phpass') {
+        $matchPassword = login($username, $_REQUEST['password'], $dbasePassword);
+    } elseif($hashType == 'md5') {
+        $matchPassword = loginMD5($internalKey, $_REQUEST['password'], $dbasePassword, $username);
+    } elseif($hashType == 'v1') {
+        $matchPassword = loginV1($internalKey, $_REQUEST['password'], $dbasePassword, $username);
+    } else {
+        $matchPassword = false;
+    }
 } else if($rt === true || (is_array($rt) && in_array(true, $rt))) {
-	$matchPassword = true;
+    $matchPassword = true;
 }
 
 if(!$matchPassword) {
-	jsAlert($_lang['login_processor_wrong_password']);
-	incrementFailedLoginCount($internalKey, $failedlogins, $failed_allowed, $blocked_minutes);
-	return;
+    jsAlert($_lang['login_processor_wrong_password']);
+    incrementFailedLoginCount($internalKey, $failedlogins, $failed_allowed, $blocked_minutes);
+    return;
 }
 
 if($modx->config['use_captcha'] == 1) {
-	if(!isset ($_SESSION['veriword'])) {
-		jsAlert($_lang['login_processor_captcha_config']);
-		return;
-	} elseif($_SESSION['veriword'] != $captcha_code) {
-		jsAlert($_lang['login_processor_bad_code']);
-		incrementFailedLoginCount($internalKey, $failedlogins, $failed_allowed, $blocked_minutes);
-		return;
-	}
+    if(!isset ($_SESSION['veriword'])) {
+        jsAlert($_lang['login_processor_captcha_config']);
+        return;
+    } elseif($_SESSION['veriword'] != $captcha_code) {
+        jsAlert($_lang['login_processor_bad_code']);
+        incrementFailedLoginCount($internalKey, $failedlogins, $failed_allowed, $blocked_minutes);
+        return;
+    }
 }
 
 $modx->cleanupExpiredLocks();
@@ -229,36 +229,36 @@ 
 $_SESSION['mgrToken'] = md5($currentsessionid);
 
 if($rememberme == '1') {
-	$_SESSION['modx.mgr.session.cookie.lifetime'] = (int)$modx->config['session.cookie.lifetime'];
-
-	// Set a cookie separate from the session cookie with the username in it.
-	// Are we using secure connection? If so, make sure the cookie is secure
-	global $https_port;
-
-	$secure = ((isset ($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on') || $_SERVER['SERVER_PORT'] == $https_port);
-	if(version_compare(PHP_VERSION, '5.2', '<')) {
-		setcookie('modx_remember_manager', $_SESSION['mgrShortname'], time() + 60 * 60 * 24 * 365, MODX_BASE_URL, '; HttpOnly', $secure);
-	} else {
-		setcookie('modx_remember_manager', $_SESSION['mgrShortname'], time() + 60 * 60 * 24 * 365, MODX_BASE_URL, NULL, $secure, true);
-	}
+    $_SESSION['modx.mgr.session.cookie.lifetime'] = (int)$modx->config['session.cookie.lifetime'];
+
+    // Set a cookie separate from the session cookie with the username in it.
+    // Are we using secure connection? If so, make sure the cookie is secure
+    global $https_port;
+
+    $secure = ((isset ($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on') || $_SERVER['SERVER_PORT'] == $https_port);
+    if(version_compare(PHP_VERSION, '5.2', '<')) {
+        setcookie('modx_remember_manager', $_SESSION['mgrShortname'], time() + 60 * 60 * 24 * 365, MODX_BASE_URL, '; HttpOnly', $secure);
+    } else {
+        setcookie('modx_remember_manager', $_SESSION['mgrShortname'], time() + 60 * 60 * 24 * 365, MODX_BASE_URL, NULL, $secure, true);
+    }
 } else {
-	$_SESSION['modx.mgr.session.cookie.lifetime'] = 0;
+    $_SESSION['modx.mgr.session.cookie.lifetime'] = 0;
 
-	// Remove the Remember Me cookie
-	setcookie('modx_remember_manager', '', time() - 3600, MODX_BASE_URL);
+    // Remove the Remember Me cookie
+    setcookie('modx_remember_manager', '', time() - 3600, MODX_BASE_URL);
 }
 
 // Check if user already has an active session, if not check if user pressed logout end of last session
 $rs = $modx->db->select('lasthit', $modx->getFullTableName('active_user_sessions'), "internalKey='{$internalKey}'");
 $activeSession = $modx->db->getValue($rs);
 if(!$activeSession) {
-	$rs = $modx->db->select('lasthit', $modx->getFullTableName('active_users'), "internalKey='{$internalKey}' AND action != 8");
-	if($lastHit = $modx->db->getValue($rs)) {
-		$_SESSION['show_logout_reminder'] = array(
-			'type' => 'logout_reminder',
-			'lastHit' => $lastHit
-		);
-	}
+    $rs = $modx->db->select('lasthit', $modx->getFullTableName('active_users'), "internalKey='{$internalKey}' AND action != 8");
+    if($lastHit = $modx->db->getValue($rs)) {
+        $_SESSION['show_logout_reminder'] = array(
+            'type' => 'logout_reminder',
+            'lastHit' => $lastHit
+        );
+    }
 }
 
 $log = new logHandler;
@@ -266,29 +266,29 @@ 
 
 // invoke OnManagerLogin event
 $modx->invokeEvent('OnManagerLogin', array(
-		'userid' => $internalKey,
-		'username' => $username,
-		'userpassword' => $givenPassword,
-		'rememberme' => $rememberme
-	));
+        'userid' => $internalKey,
+        'username' => $username,
+        'userpassword' => $givenPassword,
+        'rememberme' => $rememberme
+    ));
 
 // check if we should redirect user to a web page
 $rs = $modx->db->select('setting_value', '[+prefix+]user_settings', "user='{$internalKey}' AND setting_name='manager_login_startup'");
 $id = (int)$modx->db->getValue($rs);
 if($id > 0) {
-	$header = 'Location: ' . $modx->makeUrl($id, '', '', 'full');
-	if($_POST['ajax'] == 1) {
-		echo $header;
-	} else {
-		header($header);
-	}
+    $header = 'Location: ' . $modx->makeUrl($id, '', '', 'full');
+    if($_POST['ajax'] == 1) {
+        echo $header;
+    } else {
+        header($header);
+    }
 } else {
-	$header = 'Location: ' . MODX_MANAGER_URL;
-	if($_POST['ajax'] == 1) {
-		echo $header;
-	} else {
-		header($header);
-	}
+    $header = 'Location: ' . MODX_MANAGER_URL;
+    if($_POST['ajax'] == 1) {
+        echo $header;
+    } else {
+        header($header);
+    }
 }
 
 /**
@@ -297,12 +297,12 @@ 
  * @param string $msg
  */
 function jsAlert($msg) {
-	$modx = DocumentParser::getInstance();
-	if($_POST['ajax'] != 1) {
-		echo "<script>window.setTimeout(\"alert('" . addslashes($modx->db->escape($msg)) . "')\",10);history.go(-1)</script>";
-	} else {
-		echo $msg . "\n";
-	}
+    $modx = DocumentParser::getInstance();
+    if($_POST['ajax'] != 1) {
+        echo "<script>window.setTimeout(\"alert('" . addslashes($modx->db->escape($msg)) . "')\",10);history.go(-1)</script>";
+    } else {
+        echo $msg . "\n";
+    }
 }
 
 /**
@@ -312,8 +312,8 @@ 
  * @return bool
  */
 function login($username, $givenPassword, $dbasePassword) {
-	$modx = DocumentParser::getInstance();
-	return $modx->phpass->CheckPassword($givenPassword, $dbasePassword);
+    $modx = DocumentParser::getInstance();
+    return $modx->phpass->CheckPassword($givenPassword, $dbasePassword);
 }
 
 /**
@@ -324,26 +324,26 @@ 
  * @return bool
  */
 function loginV1($internalKey, $givenPassword, $dbasePassword, $username) {
-	$modx = DocumentParser::getInstance();
+    $modx = DocumentParser::getInstance();
 
-	$user_algo = $modx->manager->getV1UserHashAlgorithm($internalKey);
+    $user_algo = $modx->manager->getV1UserHashAlgorithm($internalKey);
 
-	if(!isset($modx->config['pwd_hash_algo']) || empty($modx->config['pwd_hash_algo'])) {
-		$modx->config['pwd_hash_algo'] = 'UNCRYPT';
-	}
+    if(!isset($modx->config['pwd_hash_algo']) || empty($modx->config['pwd_hash_algo'])) {
+        $modx->config['pwd_hash_algo'] = 'UNCRYPT';
+    }
 
-	if($user_algo !== $modx->config['pwd_hash_algo']) {
-		$bk_pwd_hash_algo = $modx->config['pwd_hash_algo'];
-		$modx->config['pwd_hash_algo'] = $user_algo;
-	}
+    if($user_algo !== $modx->config['pwd_hash_algo']) {
+        $bk_pwd_hash_algo = $modx->config['pwd_hash_algo'];
+        $modx->config['pwd_hash_algo'] = $user_algo;
+    }
 
-	if($dbasePassword != $modx->manager->genV1Hash($givenPassword, $internalKey)) {
-		return false;
-	}
+    if($dbasePassword != $modx->manager->genV1Hash($givenPassword, $internalKey)) {
+        return false;
+    }
 
-	updateNewHash($username, $givenPassword);
+    updateNewHash($username, $givenPassword);
 
-	return true;
+    return true;
 }
 
 /**
@@ -354,13 +354,13 @@ 
  * @return bool
  */
 function loginMD5($internalKey, $givenPassword, $dbasePassword, $username) {
-	$modx = DocumentParser::getInstance();
+    $modx = DocumentParser::getInstance();
 
-	if($dbasePassword != md5($givenPassword)) {
-		return false;
-	}
-	updateNewHash($username, $givenPassword);
-	return true;
+    if($dbasePassword != md5($givenPassword)) {
+        return false;
+    }
+    updateNewHash($username, $givenPassword);
+    return true;
 }
 
 /**
@@ -368,11 +368,11 @@ 
  * @param string $password
  */
 function updateNewHash($username, $password) {
-	$modx = DocumentParser::getInstance();
+    $modx = DocumentParser::getInstance();
 
-	$field = array();
-	$field['password'] = $modx->phpass->HashPassword($password);
-	$modx->db->update($field, '[+prefix+]manager_users', "username='{$username}'");
+    $field = array();
+    $field['password'] = $modx->phpass->HashPassword($password);
+    $modx->db->update($field, '[+prefix+]manager_users', "username='{$username}'");
 }
 
 /**
@@ -382,27 +382,27 @@ 
  * @param int $blocked_minutes
  */
 function incrementFailedLoginCount($internalKey, $failedlogins, $failed_allowed, $blocked_minutes) {
-	$modx = DocumentParser::getInstance();
-
-	$failedlogins += 1;
-
-	$fields = array('failedlogincount' => $failedlogins);
-	if($failedlogins >= $failed_allowed) //block user for too many fail attempts
-	{
-		$fields['blockeduntil'] = time() + ($blocked_minutes * 60);
-	}
-
-	$modx->db->update($fields, '[+prefix+]user_attributes', "internalKey='{$internalKey}'");
-
-	if($failedlogins < $failed_allowed) {
-		//sleep to help prevent brute force attacks
-		$sleep = (int) $failedlogins / 2;
-		if($sleep > 5) {
-			$sleep = 5;
-		}
-		sleep($sleep);
-	}
-	@session_destroy();
-	session_unset();
-	return;
+    $modx = DocumentParser::getInstance();
+
+    $failedlogins += 1;
+
+    $fields = array('failedlogincount' => $failedlogins);
+    if($failedlogins >= $failed_allowed) //block user for too many fail attempts
+    {
+        $fields['blockeduntil'] = time() + ($blocked_minutes * 60);
+    }
+
+    $modx->db->update($fields, '[+prefix+]user_attributes', "internalKey='{$internalKey}'");
+
+    if($failedlogins < $failed_allowed) {
+        //sleep to help prevent brute force attacks
+        $sleep = (int) $failedlogins / 2;
+        if($sleep > 5) {
+            $sleep = 5;
+        }
+        sleep($sleep);
+    }
+    @session_destroy();
+    session_unset();
+    return;
 }