evolution-cms / evolution

manager/actions/mutate_categories.dynamic.php

Indentation +18 added lines, -18 removed lines

@@ -4,24 +4,24 @@ 
 }
 
 if(!$modx->hasPermission('category_manager')) {
-	$modx->webAlertAndQuit($_lang["error_no_privileges"]);
+    $modx->webAlertAndQuit($_lang["error_no_privileges"]);
 }
 
 $_module_params = array(
-	'module_version'   => '1.0.0',
-	'module_params'    => '',
-	'module_id'        => $_GET['id'],
-	'package_name'     => 'Module_Categories_Manager',
-	'native_language'  => 'de',
-	'name'             => 'Categories Manager',
-	'dirname'          => $site_manager_url,
-	'url'              => 'index.php?a=120&id=' . $_GET['id'],
-	'path'             => realpath( dirname(__FILE__) ) . DIRECTORY_SEPARATOR . 'category_mgr' . DIRECTORY_SEPARATOR,
-	'inc_dir'          => realpath( dirname(__FILE__) ) . DIRECTORY_SEPARATOR . 'category_mgr' . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR,
-	'languages_dir'    => realpath( dirname(__FILE__) ) . DIRECTORY_SEPARATOR . 'category_mgr' . DIRECTORY_SEPARATOR . 'lang' . DIRECTORY_SEPARATOR,
-	'views_dir'        => realpath( dirname(__FILE__) ) . DIRECTORY_SEPARATOR . 'category_mgr' . DIRECTORY_SEPARATOR . 'skin' . DIRECTORY_SEPARATOR,
-	'request_key'      => 'module_categories_manager',
-	'messages'         => array()
+    'module_version'   => '1.0.0',
+    'module_params'    => '',
+    'module_id'        => $_GET['id'],
+    'package_name'     => 'Module_Categories_Manager',
+    'native_language'  => 'de',
+    'name'             => 'Categories Manager',
+    'dirname'          => $site_manager_url,
+    'url'              => 'index.php?a=120&id=' . $_GET['id'],
+    'path'             => realpath( dirname(__FILE__) ) . DIRECTORY_SEPARATOR . 'category_mgr' . DIRECTORY_SEPARATOR,
+    'inc_dir'          => realpath( dirname(__FILE__) ) . DIRECTORY_SEPARATOR . 'category_mgr' . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR,
+    'languages_dir'    => realpath( dirname(__FILE__) ) . DIRECTORY_SEPARATOR . 'category_mgr' . DIRECTORY_SEPARATOR . 'lang' . DIRECTORY_SEPARATOR,
+    'views_dir'        => realpath( dirname(__FILE__) ) . DIRECTORY_SEPARATOR . 'category_mgr' . DIRECTORY_SEPARATOR . 'skin' . DIRECTORY_SEPARATOR,
+    'request_key'      => 'module_categories_manager',
+    'messages'         => array()
 );
 
 $cm = new EvolutionCMS\Legacy\ModuleCategoriesManager();
@@ -29,7 +29,7 @@ 
 // assign module_params to internal params
 foreach( $_module_params as $param => $value )
 {
-	$cm->set( $param, $value );
+    $cm->set( $param, $value );
 }
 
 // catch the request actions
@@ -37,8 +37,8 @@ 
 
 if( !$categories = $cm->getCategories() )
 {
-	setcookie('webfxtab_manage-categories-pane', 0 );
-	$cm->addMessage( $cm->txt('Currently no categories available... JUST ADD A NEW ONE!'), 'global' );
+    setcookie('webfxtab_manage-categories-pane', 0 );
+    $cm->addMessage( $cm->txt('Currently no categories available... JUST ADD A NEW ONE!'), 'global' );
 }
 
 $cm->renderView('main', $categories );

manager/processors/execute_module.processor.php

Indentation +27 added lines, -27 removed lines

@@ -3,51 +3,51 @@ 
     die("<b>INCLUDE_ORDERING_ERROR</b><br /><br />Please use the EVO Content Manager instead of accessing this file directly.");
 }
 if(!$modx->hasPermission('exec_module')) {
-	$modx->webAlertAndQuit($_lang["error_no_privileges"]);
+    $modx->webAlertAndQuit($_lang["error_no_privileges"]);
 }
 
 $id = isset($_GET['id'])? (int)$_GET['id'] : 0;
 if($id==0) {
-	$modx->webAlertAndQuit($_lang["error_no_id"]);
+    $modx->webAlertAndQuit($_lang["error_no_id"]);
 }
 
 // check if user has access permission, except admins
 if($_SESSION['mgrRole']!=1){
-	$rs = $modx->db->select(
-		'sma.usergroup,mg.member',
-		$modx->getFullTableName("site_module_access")." sma
+    $rs = $modx->db->select(
+        'sma.usergroup,mg.member',
+        $modx->getFullTableName("site_module_access")." sma
 			LEFT JOIN ".$modx->getFullTableName("member_groups")." mg ON mg.user_group = sma.usergroup AND member='".$modx->getLoginUserID()."'",
-		"sma.module = '{$id}'"
-		);
-	//initialize permission to -1, if it stays -1 no permissions
-	//attached so permission granted
-	$permissionAccessInt = -1;
+        "sma.module = '{$id}'"
+        );
+    //initialize permission to -1, if it stays -1 no permissions
+    //attached so permission granted
+    $permissionAccessInt = -1;
 
-	while ($row = $modx->db->getRow($rs)) {
-		if($row["usergroup"] && $row["member"]) {
-			//if there are permissions and this member has permission, ofcourse
-			//this is granted
-			$permissionAccessInt = 1;
-		} elseif ($permissionAccessInt==-1) {
-			//if there are permissions but this member has no permission and the
-			//variable was still in init state we set permission to 0; no permissions
-			$permissionAccessInt = 0;
-		}
-	}
+    while ($row = $modx->db->getRow($rs)) {
+        if($row["usergroup"] && $row["member"]) {
+            //if there are permissions and this member has permission, ofcourse
+            //this is granted
+            $permissionAccessInt = 1;
+        } elseif ($permissionAccessInt==-1) {
+            //if there are permissions but this member has no permission and the
+            //variable was still in init state we set permission to 0; no permissions
+            $permissionAccessInt = 0;
+        }
+    }
 
-	if($permissionAccessInt==0) {
-		$modx->webAlertAndQuit("You do not sufficient privileges to execute this module.", "index.php?a=106");
-	}
+    if($permissionAccessInt==0) {
+        $modx->webAlertAndQuit("You do not sufficient privileges to execute this module.", "index.php?a=106");
+    }
 }
 
 // get module data
 $rs = $modx->db->select('*', $modx->getFullTableName("site_modules"), "id='{$id}'");
 $content = $modx->db->getRow($rs);
 if(!$content) {
-	$modx->webAlertAndQuit("No record found for id {$id}.", "index.php?a=106");
+    $modx->webAlertAndQuit("No record found for id {$id}.", "index.php?a=106");
 }
 if($content['disabled']) {
-	$modx->webAlertAndQuit("This module is disabled and cannot be executed.", "index.php?a=106");
+    $modx->webAlertAndQuit("This module is disabled and cannot be executed.", "index.php?a=106");
 }
 
 // Set the item name for logger
@@ -62,7 +62,7 @@ 
 
 $output = evalModule($content["modulecode"],$parameter);
 if (strpos(trim($output),'<')===0 && strpos(trim($output),'<?xml')!==0) {
-	echo "<style>@supports (-webkit-overflow-scrolling: touch) {body,html {-webkit-overflow-scrolling: touch;overflow:auto!important;height:100%!important}}</style>"; // for iframe scroller
+    echo "<style>@supports (-webkit-overflow-scrolling: touch) {body,html {-webkit-overflow-scrolling: touch;overflow:auto!important;height:100%!important}}</style>"; // for iframe scroller
 }
 echo $output;
 include MODX_MANAGER_PATH."includes/sysalert.display.inc.php";

manager/processors/duplicate_content.processor.php

Indentation +3 added lines, -3 removed lines

@@ -3,12 +3,12 @@ 
     die("<b>INCLUDE_ORDERING_ERROR</b><br /><br />Please use the EVO Content Manager instead of accessing this file directly.");
 }
 if(!$modx->hasPermission('new_document') || !$modx->hasPermission('save_document')) {
-	$modx->webAlertAndQuit($_lang["error_no_privileges"]);
+    $modx->webAlertAndQuit($_lang["error_no_privileges"]);
 }
 
 $id = isset($_GET['id'])? (int)$_GET['id'] : 0;
 if($id==0) {
-	$modx->webAlertAndQuit($_lang["error_no_id"]);
+    $modx->webAlertAndQuit($_lang["error_no_id"]);
 }
 
 $children = array();
@@ -21,7 +21,7 @@ 
 $udperms->duplicateDoc = true;
 
 if(!$udperms->checkPermissions()) {
-	$modx->webAlertAndQuit($_lang["access_permission_denied"]);
+    $modx->webAlertAndQuit($_lang["access_permission_denied"]);
 }
 
 // Run the duplicator

manager/processors/duplicate_module.processor.php

Indentation +30 added lines, -30 removed lines

@@ -3,12 +3,12 @@ 
     die("<b>INCLUDE_ORDERING_ERROR</b><br /><br />Please use the EVO Content Manager instead of accessing this file directly.");
 }
 if(!$modx->hasPermission('new_module')) {
-	$modx->webAlertAndQuit($_lang["error_no_privileges"]);
+    $modx->webAlertAndQuit($_lang["error_no_privileges"]);
 }
 
 $id = isset($_GET['id'])? (int)$_GET['id'] : 0;
 if($id==0) {
-	$modx->webAlertAndQuit($_lang["error_no_id"]);
+    $modx->webAlertAndQuit($_lang["error_no_id"]);
 }
 // count duplicates
 $name = $modx->db->getValue($modx->db->select('name', $modx->getFullTableName('site_modules'), "id='{$id}'"));
@@ -18,40 +18,40 @@ 
 
 // duplicate module
 $newid = $modx->db->insert(
-	array(
-		'name'=>'',
-		'description'=>'',
-		'disabled'=>'',
-		'category'=>'',
-		'wrap'=>'',
-		'icon'=>'',
-		'enable_resource'=>'',
-		'resourcefile'=>'',
-		'createdon'=>'',
-		'editedon'=>'',
-		'guid'=>'',
-		'enable_sharedparams'=>'',
-		'properties'=>'',
-		'modulecode'=>'',
-		), $modx->getFullTableName('site_modules'), // Insert into
-	"CONCAT(name, ' {$_lang['duplicated_el_suffix']}{$count}') AS name, description, '1' AS disabled, category, wrap, icon, enable_resource, resourcefile, createdon, editedon, '".createGUID()."' AS guid, enable_sharedparams, properties, modulecode", $modx->getFullTableName('site_modules'), "id='{$id}'"); // Copy from
+    array(
+        'name'=>'',
+        'description'=>'',
+        'disabled'=>'',
+        'category'=>'',
+        'wrap'=>'',
+        'icon'=>'',
+        'enable_resource'=>'',
+        'resourcefile'=>'',
+        'createdon'=>'',
+        'editedon'=>'',
+        'guid'=>'',
+        'enable_sharedparams'=>'',
+        'properties'=>'',
+        'modulecode'=>'',
+        ), $modx->getFullTableName('site_modules'), // Insert into
+    "CONCAT(name, ' {$_lang['duplicated_el_suffix']}{$count}') AS name, description, '1' AS disabled, category, wrap, icon, enable_resource, resourcefile, createdon, editedon, '".createGUID()."' AS guid, enable_sharedparams, properties, modulecode", $modx->getFullTableName('site_modules'), "id='{$id}'"); // Copy from
 
 // duplicate module dependencies
 $modx->db->insert(
-	array(
-		'module'=>'',
-		'resource'=>'',
-		'type'=>'',
-		), $modx->getFullTableName('site_module_depobj'), // Insert into
-	"'{$newid}', resource, type", $modx->getFullTableName('site_module_depobj'), "module='{$id}'"); // Copy from
+    array(
+        'module'=>'',
+        'resource'=>'',
+        'type'=>'',
+        ), $modx->getFullTableName('site_module_depobj'), // Insert into
+    "'{$newid}', resource, type", $modx->getFullTableName('site_module_depobj'), "module='{$id}'"); // Copy from
 
 // duplicate module user group access
 $modx->db->insert(
-	array(
-		'module'=>'',
-		'usergroup'=>'',
-		), $modx->getFullTableName('site_module_access'), // Insert into
-	"'{$newid}', usergroup", $modx->getFullTableName('site_module_access'), "module='{$id}'"); // Copy from
+    array(
+        'module'=>'',
+        'usergroup'=>'',
+        ), $modx->getFullTableName('site_module_access'), // Insert into
+    "'{$newid}', usergroup", $modx->getFullTableName('site_module_access'), "module='{$id}'"); // Copy from
 
 // Set the item name for logger
 $name = $modx->db->getValue($modx->db->select('name', $modx->getFullTableName('site_modules'), "id='{$newid}'"));

manager/processors/login.processor.php

Indentation +127 added lines, -127 removed lines

@@ -1,7 +1,7 @@ 
 <?php
 if(!isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
-	header('HTTP/1.0 404 Not Found');
-	exit('error');
+    header('HTTP/1.0 404 Not Found');
+    exit('error');
 }
 define('IN_MANAGER_MODE', true);  // we use this to make sure files are accessed through
 define('MODX_API_MODE', true);
@@ -18,12 +18,12 @@ 
 include_once("{$core_path}lang/english.inc.php");
 
 if($manager_language !== 'english' && is_file("{$core_path}lang/{$manager_language}.inc.php")) {
-	include_once("{$core_path}lang/{$manager_language}.inc.php");
+    include_once("{$core_path}lang/{$manager_language}.inc.php");
 }
 
 // Initialize System Alert Message Queque
 if(!isset($_SESSION['SystemAlertMsgQueque'])) {
-	$_SESSION['SystemAlertMsgQueque'] = array();
+    $_SESSION['SystemAlertMsgQueque'] = array();
 }
 $SystemAlertMsgQueque = &$_SESSION['SystemAlertMsgQueque'];
 
@@ -38,10 +38,10 @@ 
 
 // invoke OnBeforeManagerLogin event
 $modx->invokeEvent('OnBeforeManagerLogin', array(
-		'username' => $username,
-		'userpassword' => $givenPassword,
-		'rememberme' => $rememberme
-	));
+        'username' => $username,
+        'userpassword' => $givenPassword,
+        'rememberme' => $rememberme
+    ));
 $fields = 'mu.*, ua.*';
 $from = '[+prefix+]manager_users AS mu, [+prefix+]user_attributes AS ua';
 $where = "BINARY mu.username='{$username}' and ua.internalKey=mu.id";
@@ -49,8 +49,8 @@ 
 $limit = $modx->db->getRecordCount($rs);
 
 if($limit == 0 || $limit > 1) {
-	jsAlert($_lang['login_processor_unknown_user']);
-	return;
+    jsAlert($_lang['login_processor_unknown_user']);
+    return;
 }
 
 $row = $modx->db->getRow($rs);
@@ -71,127 +71,127 @@ 
 // get the user settings from the database
 $rs = $modx->db->select('setting_name, setting_value', '[+prefix+]user_settings', "user='{$internalKey}' AND setting_value!=''");
 while($row = $modx->db->getRow($rs)) {
-	extract($row);
-	${$setting_name} = $setting_value;
+    extract($row);
+    ${$setting_name} = $setting_value;
 }
 
 // blocked due to number of login errors.
 if($failedlogins >= $failed_allowed && $blockeduntildate > time()) {
-	@session_destroy();
-	session_unset();
-	if($cip = getenv("HTTP_CLIENT_IP")) {
-		$ip = $cip;
-	} elseif($cip = getenv("HTTP_X_FORWARDED_FOR")) {
-		$ip = $cip;
-	} elseif($cip = getenv("REMOTE_ADDR")) {
-		$ip = $cip;
-	} else {
-		$ip = "UNKNOWN";
-	}
-	$log = new EvolutionCMS\Legacy\LogHandler();
-	$log->initAndWriteLog("Login Fail (Temporary Block)", $internalKey, $username, "119", $internalKey, "IP: " . $ip);
-	jsAlert($_lang['login_processor_many_failed_logins']);
-	return;
+    @session_destroy();
+    session_unset();
+    if($cip = getenv("HTTP_CLIENT_IP")) {
+        $ip = $cip;
+    } elseif($cip = getenv("HTTP_X_FORWARDED_FOR")) {
+        $ip = $cip;
+    } elseif($cip = getenv("REMOTE_ADDR")) {
+        $ip = $cip;
+    } else {
+        $ip = "UNKNOWN";
+    }
+    $log = new EvolutionCMS\Legacy\LogHandler();
+    $log->initAndWriteLog("Login Fail (Temporary Block)", $internalKey, $username, "119", $internalKey, "IP: " . $ip);
+    jsAlert($_lang['login_processor_many_failed_logins']);
+    return;
 }
 
 // blocked due to number of login errors, but get to try again
 if($failedlogins >= $failed_allowed && $blockeduntildate < time()) {
-	$fields = array();
-	$fields['failedlogincount'] = '0';
-	$fields['blockeduntil'] = time() - 1;
-	$modx->db->update($fields, '[+prefix+]user_attributes', "internalKey='{$internalKey}'");
+    $fields = array();
+    $fields['failedlogincount'] = '0';
+    $fields['blockeduntil'] = time() - 1;
+    $modx->db->update($fields, '[+prefix+]user_attributes', "internalKey='{$internalKey}'");
 }
 
 // this user has been blocked by an admin, so no way he's loggin in!
 if($blocked == '1') {
-	@session_destroy();
-	session_unset();
-	jsAlert($_lang['login_processor_blocked1']);
-	return;
+    @session_destroy();
+    session_unset();
+    jsAlert($_lang['login_processor_blocked1']);
+    return;
 }
 
 // blockuntil: this user has a block until date
 if($blockeduntildate > time()) {
-	@session_destroy();
-	session_unset();
-	jsAlert($_lang['login_processor_blocked2']);
-	return;
+    @session_destroy();
+    session_unset();
+    jsAlert($_lang['login_processor_blocked2']);
+    return;
 }
 
 // blockafter: this user has a block after date
 if($blockedafterdate > 0 && $blockedafterdate < time()) {
-	@session_destroy();
-	session_unset();
-	jsAlert($_lang['login_processor_blocked3']);
-	return;
+    @session_destroy();
+    session_unset();
+    jsAlert($_lang['login_processor_blocked3']);
+    return;
 }
 
 // allowed ip
 if($allowed_ip) {
-	if(($hostname = gethostbyaddr($_SERVER['REMOTE_ADDR'])) && ($hostname != $_SERVER['REMOTE_ADDR'])) {
-		if(gethostbyname($hostname) != $_SERVER['REMOTE_ADDR']) {
-			jsAlert($_lang['login_processor_remotehost_ip']);
-			return;
-		}
-	}
-	if(!in_array($_SERVER['REMOTE_ADDR'], array_filter(array_map('trim', explode(',', $allowed_ip))))) {
-		jsAlert($_lang['login_processor_remote_ip']);
-		return;
-	}
+    if(($hostname = gethostbyaddr($_SERVER['REMOTE_ADDR'])) && ($hostname != $_SERVER['REMOTE_ADDR'])) {
+        if(gethostbyname($hostname) != $_SERVER['REMOTE_ADDR']) {
+            jsAlert($_lang['login_processor_remotehost_ip']);
+            return;
+        }
+    }
+    if(!in_array($_SERVER['REMOTE_ADDR'], array_filter(array_map('trim', explode(',', $allowed_ip))))) {
+        jsAlert($_lang['login_processor_remote_ip']);
+        return;
+    }
 }
 
 // allowed days
 if($allowed_days) {
-	$date = getdate();
-	$day = $date['wday'] + 1;
-	if(!in_array($day,explode(',',$allowed_days))) {
-		jsAlert($_lang['login_processor_date']);
-		return;
-	}
+    $date = getdate();
+    $day = $date['wday'] + 1;
+    if(!in_array($day,explode(',',$allowed_days))) {
+        jsAlert($_lang['login_processor_date']);
+        return;
+    }
 }
 
 // invoke OnManagerAuthentication event
 $rt = $modx->invokeEvent('OnManagerAuthentication', array(
-		'userid' => $internalKey,
-		'username' => $username,
-		'userpassword' => $givenPassword,
-		'savedpassword' => $dbasePassword,
-		'rememberme' => $rememberme
-	));
+        'userid' => $internalKey,
+        'username' => $username,
+        'userpassword' => $givenPassword,
+        'savedpassword' => $dbasePassword,
+        'rememberme' => $rememberme
+    ));
 
 // check if plugin authenticated the user
 $matchPassword = false;
 if(!isset($rt) || !$rt || (is_array($rt) && !in_array(true, $rt))) {
-	// check user password - local authentication
-	$hashType = $modx->manager->getHashType($dbasePassword);
-	if($hashType == 'phpass') {
-		$matchPassword = login($username, $_REQUEST['password'], $dbasePassword);
-	} elseif($hashType == 'md5') {
-		$matchPassword = loginMD5($internalKey, $_REQUEST['password'], $dbasePassword, $username);
-	} elseif($hashType == 'v1') {
-		$matchPassword = loginV1($internalKey, $_REQUEST['password'], $dbasePassword, $username);
-	} else {
-		$matchPassword = false;
-	}
+    // check user password - local authentication
+    $hashType = $modx->manager->getHashType($dbasePassword);
+    if($hashType == 'phpass') {
+        $matchPassword = login($username, $_REQUEST['password'], $dbasePassword);
+    } elseif($hashType == 'md5') {
+        $matchPassword = loginMD5($internalKey, $_REQUEST['password'], $dbasePassword, $username);
+    } elseif($hashType == 'v1') {
+        $matchPassword = loginV1($internalKey, $_REQUEST['password'], $dbasePassword, $username);
+    } else {
+        $matchPassword = false;
+    }
 } else if($rt === true || (is_array($rt) && in_array(true, $rt))) {
-	$matchPassword = true;
+    $matchPassword = true;
 }
 
 if(!$matchPassword) {
-	jsAlert($_lang['login_processor_wrong_password']);
-	incrementFailedLoginCount($internalKey, $failedlogins, $failed_allowed, $blocked_minutes);
-	return;
+    jsAlert($_lang['login_processor_wrong_password']);
+    incrementFailedLoginCount($internalKey, $failedlogins, $failed_allowed, $blocked_minutes);
+    return;
 }
 
 if($modx->config['use_captcha'] == 1) {
-	if(!isset ($_SESSION['veriword'])) {
-		jsAlert($_lang['login_processor_captcha_config']);
-		return;
-	} elseif($_SESSION['veriword'] != $captcha_code) {
-		jsAlert($_lang['login_processor_bad_code']);
-		incrementFailedLoginCount($internalKey, $failedlogins, $failed_allowed, $blocked_minutes);
-		return;
-	}
+    if(!isset ($_SESSION['veriword'])) {
+        jsAlert($_lang['login_processor_captcha_config']);
+        return;
+    } elseif($_SESSION['veriword'] != $captcha_code) {
+        jsAlert($_lang['login_processor_bad_code']);
+        incrementFailedLoginCount($internalKey, $failedlogins, $failed_allowed, $blocked_minutes);
+        return;
+    }
 }
 
 $modx->cleanupExpiredLocks();
@@ -226,36 +226,36 @@ 
 $_SESSION['mgrToken'] = md5($currentsessionid);
 
 if($rememberme == '1') {
-	$_SESSION['modx.mgr.session.cookie.lifetime'] = (int)$modx->config['session.cookie.lifetime'];
-
-	// Set a cookie separate from the session cookie with the username in it.
-	// Are we using secure connection? If so, make sure the cookie is secure
-	global $https_port;
-
-	$secure = ((isset ($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on') || $_SERVER['SERVER_PORT'] == $https_port);
-	if(version_compare(PHP_VERSION, '5.2', '<')) {
-		setcookie('modx_remember_manager', $_SESSION['mgrShortname'], time() + 60 * 60 * 24 * 365, MODX_BASE_URL, '; HttpOnly', $secure);
-	} else {
-		setcookie('modx_remember_manager', $_SESSION['mgrShortname'], time() + 60 * 60 * 24 * 365, MODX_BASE_URL, NULL, $secure, true);
-	}
+    $_SESSION['modx.mgr.session.cookie.lifetime'] = (int)$modx->config['session.cookie.lifetime'];
+
+    // Set a cookie separate from the session cookie with the username in it.
+    // Are we using secure connection? If so, make sure the cookie is secure
+    global $https_port;
+
+    $secure = ((isset ($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on') || $_SERVER['SERVER_PORT'] == $https_port);
+    if(version_compare(PHP_VERSION, '5.2', '<')) {
+        setcookie('modx_remember_manager', $_SESSION['mgrShortname'], time() + 60 * 60 * 24 * 365, MODX_BASE_URL, '; HttpOnly', $secure);
+    } else {
+        setcookie('modx_remember_manager', $_SESSION['mgrShortname'], time() + 60 * 60 * 24 * 365, MODX_BASE_URL, NULL, $secure, true);
+    }
 } else {
-	$_SESSION['modx.mgr.session.cookie.lifetime'] = 0;
+    $_SESSION['modx.mgr.session.cookie.lifetime'] = 0;
 
-	// Remove the Remember Me cookie
-	setcookie('modx_remember_manager', '', time() - 3600, MODX_BASE_URL);
+    // Remove the Remember Me cookie
+    setcookie('modx_remember_manager', '', time() - 3600, MODX_BASE_URL);
 }
 
 // Check if user already has an active session, if not check if user pressed logout end of last session
 $rs = $modx->db->select('lasthit', $modx->getFullTableName('active_user_sessions'), "internalKey='{$internalKey}'");
 $activeSession = $modx->db->getValue($rs);
 if(!$activeSession) {
-	$rs = $modx->db->select('lasthit', $modx->getFullTableName('active_users'), "internalKey='{$internalKey}' AND action != 8");
-	if($lastHit = $modx->db->getValue($rs)) {
-		$_SESSION['show_logout_reminder'] = array(
-			'type' => 'logout_reminder',
-			'lastHit' => $lastHit
-		);
-	}
+    $rs = $modx->db->select('lasthit', $modx->getFullTableName('active_users'), "internalKey='{$internalKey}' AND action != 8");
+    if($lastHit = $modx->db->getValue($rs)) {
+        $_SESSION['show_logout_reminder'] = array(
+            'type' => 'logout_reminder',
+            'lastHit' => $lastHit
+        );
+    }
 }
 
 $log = new EvolutionCMS\Legacy\LogHandler();
@@ -263,27 +263,27 @@ 
 
 // invoke OnManagerLogin event
 $modx->invokeEvent('OnManagerLogin', array(
-		'userid' => $internalKey,
-		'username' => $username,
-		'userpassword' => $givenPassword,
-		'rememberme' => $rememberme
-	));
+        'userid' => $internalKey,
+        'username' => $username,
+        'userpassword' => $givenPassword,
+        'rememberme' => $rememberme
+    ));
 
 // check if we should redirect user to a web page
 $rs = $modx->db->select('setting_value', '[+prefix+]user_settings', "user='{$internalKey}' AND setting_name='manager_login_startup'");
 $id = (int)$modx->db->getValue($rs);
 if($id > 0) {
-	$header = 'Location: ' . $modx->makeUrl($id, '', '', 'full');
-	if($_POST['ajax'] == 1) {
-		echo $header;
-	} else {
-		header($header);
-	}
+    $header = 'Location: ' . $modx->makeUrl($id, '', '', 'full');
+    if($_POST['ajax'] == 1) {
+        echo $header;
+    } else {
+        header($header);
+    }
 } else {
-	$header = 'Location: ' . MODX_MANAGER_URL;
-	if($_POST['ajax'] == 1) {
-		echo $header;
-	} else {
-		header($header);
-	}
+    $header = 'Location: ' . MODX_MANAGER_URL;
+    if($_POST['ajax'] == 1) {
+        echo $header;
+    } else {
+        header($header);
+    }
 }

manager/processors/move_document.processor.php

Indentation +48 added lines, -48 removed lines

@@ -3,7 +3,7 @@ 
     die("<b>INCLUDE_ORDERING_ERROR</b><br /><br />Please use the EVO Content Manager instead of accessing this file directly.");
 }
 if(!$modx->hasPermission('edit_document')) {
-	$modx->webAlertAndQuit($_lang["error_no_privileges"]);
+    $modx->webAlertAndQuit($_lang["error_no_privileges"]);
 }
 
 $newParentID = isset($_REQUEST['new_parent']) ? (int)$_REQUEST['new_parent'] : 0;
@@ -25,68 +25,68 @@ 
 // check user has permission to move document to chosen location
 
 if ($use_udperms == 1) {
-	if ($oldparent != $newParentID) {
-		$udperms = new EvolutionCMS\Legacy\Permissions();
-		$udperms->user = $modx->getLoginUserID();
-		$udperms->document = $newParentID;
-		$udperms->role = $_SESSION['mgrRole'];
+    if ($oldparent != $newParentID) {
+        $udperms = new EvolutionCMS\Legacy\Permissions();
+        $udperms->user = $modx->getLoginUserID();
+        $udperms->document = $newParentID;
+        $udperms->role = $_SESSION['mgrRole'];
 
-		 if (!$udperms->checkPermissions()) {
-			$modx->webAlertAndQuit($_lang["access_permission_parent_denied"]);
-		 }
-	}
+            if (!$udperms->checkPermissions()) {
+            $modx->webAlertAndQuit($_lang["access_permission_parent_denied"]);
+            }
+    }
 }
 
 $evtOut = $modx->invokeEvent("onBeforeMoveDocument", array (
-	"id_document" => $documentID,
-	"old_parent" => $oldparent,
-	"new_parent" => $newParentID
+    "id_document" => $documentID,
+    "old_parent" => $oldparent,
+    "new_parent" => $newParentID
 ));
 if (is_array($evtOut) && count($evtOut) > 0){
-	$newParent = array_pop($evtOut);
-	if($newParent == $oldparent) {
-		$modx->webAlertAndQuit($_lang["error_movedocument2"]);
-	}else{
-		$newParentID = $newParent;
-	}
+    $newParent = array_pop($evtOut);
+    if($newParent == $oldparent) {
+        $modx->webAlertAndQuit($_lang["error_movedocument2"]);
+    }else{
+        $newParentID = $newParent;
+    }
 }
 
 $children = allChildren($documentID);
 if (!array_search($newParentID, $children)) {
-	$modx->db->update(array(
-		'isfolder' => 1,
-	), $modx->getFullTableName('site_content'), "id='{$newParentID}'");
+    $modx->db->update(array(
+        'isfolder' => 1,
+    ), $modx->getFullTableName('site_content'), "id='{$newParentID}'");
 
-	$modx->db->update(array(
-		'parent'   => $newParentID,
-		'editedby' => $modx->getLoginUserID(),
-		'editedon' => time(),
-	), $modx->getFullTableName('site_content'), "id='{$documentID}'");
+    $modx->db->update(array(
+        'parent'   => $newParentID,
+        'editedby' => $modx->getLoginUserID(),
+        'editedon' => time(),
+    ), $modx->getFullTableName('site_content'), "id='{$documentID}'");
 
-	// finished moving the document, now check to see if the old_parent should no longer be a folder.
-	$rs = $modx->db->select('COUNT(*)', $modx->getFullTableName('site_content'), "parent='{$oldparent}'");
-	$limit = $modx->db->getValue($rs);
+    // finished moving the document, now check to see if the old_parent should no longer be a folder.
+    $rs = $modx->db->select('COUNT(*)', $modx->getFullTableName('site_content'), "parent='{$oldparent}'");
+    $limit = $modx->db->getValue($rs);
 
-	if(!$limit>0) {
-		$modx->db->update(array(
-			'isfolder' => 0,
-		), $modx->getFullTableName('site_content'), "id='{$oldparent}'");
-	}
-	// Set the item name for logger
-	$pagetitle = $modx->db->getValue($modx->db->select('pagetitle', $modx->getFullTableName('site_content'), "id='{$documentID}'"));
-	$_SESSION['itemname'] = $pagetitle;
+    if(!$limit>0) {
+        $modx->db->update(array(
+            'isfolder' => 0,
+        ), $modx->getFullTableName('site_content'), "id='{$oldparent}'");
+    }
+    // Set the item name for logger
+    $pagetitle = $modx->db->getValue($modx->db->select('pagetitle', $modx->getFullTableName('site_content'), "id='{$documentID}'"));
+    $_SESSION['itemname'] = $pagetitle;
 
-	$modx->invokeEvent("onAfterMoveDocument", array (
-		"id_document" => $documentID,
-		"old_parent" => $oldparent,
-		"new_parent" => $newParentID
-	));
+    $modx->invokeEvent("onAfterMoveDocument", array (
+        "id_document" => $documentID,
+        "old_parent" => $oldparent,
+        "new_parent" => $newParentID
+    ));
 
-	// empty cache & sync site
-	$modx->clearCache('full');
+    // empty cache & sync site
+    $modx->clearCache('full');
 
-	$header="Location: index.php?a=3&id={$documentID}&r=9";
-	header($header);
+    $header="Location: index.php?a=3&id={$documentID}&r=9";
+    header($header);
 } else {
-	$modx->webAlertAndQuit("You cannot move a document to a child document!");
+    $modx->webAlertAndQuit("You cannot move a document to a child document!");
 }

manager/processors/undelete_content.processor.php

Indentation +15 added lines, -15 removed lines

@@ -3,12 +3,12 @@ 
     die("<b>INCLUDE_ORDERING_ERROR</b><br /><br />Please use the EVO Content Manager instead of accessing this file directly.");
 }
 if(!$modx->hasPermission('delete_document')) {
-	$modx->webAlertAndQuit($_lang["error_no_privileges"]);
+    $modx->webAlertAndQuit($_lang["error_no_privileges"]);
 }
 
 $id = isset($_REQUEST['id'])? (int)$_REQUEST['id'] : 0;
 if($id==0) {
-	$modx->webAlertAndQuit($_lang["error_no_id"]);
+    $modx->webAlertAndQuit($_lang["error_no_id"]);
 }
 
 /************ webber ********/
@@ -31,14 +31,14 @@ 
 $udperms->role = $_SESSION['mgrRole'];
 
 if(!$udperms->checkPermissions()) {
-	$modx->webAlertAndQuit($_lang["access_permission_denied"]);
+    $modx->webAlertAndQuit($_lang["access_permission_denied"]);
 }
 
 // get the timestamp on which the document was deleted.
 $rs = $modx->db->select('deletedon', $modx->getFullTableName('site_content'), "id='{$id}' AND deleted=1");
 $deltime = $modx->db->getValue($rs);
 if(!$deltime) {
-	$modx->webAlertAndQuit("Couldn't find document to determine it's date of deletion!");
+    $modx->webAlertAndQuit("Couldn't find document to determine it's date of deletion!");
 }
 
 $children = array();
@@ -46,20 +46,20 @@ 
 getChildrenForUnDelete($id);
 
 if(count($children)>0) {
-	$modx->db->update(
-		array(
-			'deleted'   => 0,
-			'deletedby' => 0,
-			'deletedon' => 0,
-		), $modx->getFullTableName('site_content'), "id IN(".implode(", ", $children).")");
+    $modx->db->update(
+        array(
+            'deleted'   => 0,
+            'deletedby' => 0,
+            'deletedon' => 0,
+        ), $modx->getFullTableName('site_content'), "id IN(".implode(", ", $children).")");
 }
 //'undelete' the document.
 $modx->db->update(
-	array(
-		'deleted'   => 0,
-		'deletedby' => 0,
-		'deletedon' => 0,
-	), $modx->getFullTableName('site_content'), "id='{$id}'");
+    array(
+        'deleted'   => 0,
+        'deletedby' => 0,
+        'deletedon' => 0,
+    ), $modx->getFullTableName('site_content'), "id='{$id}'");
 
 $modx->invokeEvent("OnDocFormUnDelete",
     array(

manager/processors/save_user.processor.php

Indentation +245 added lines, -245 removed lines

@@ -1,9 +1,9 @@ 
 <?php
 if( ! defined('IN_MANAGER_MODE') || IN_MANAGER_MODE !== true) {
-	die("<b>INCLUDE_ORDERING_ERROR</b><br /><br />Please use the EVO Content Manager instead of accessing this file directly.");
+    die("<b>INCLUDE_ORDERING_ERROR</b><br /><br />Please use the EVO Content Manager instead of accessing this file directly.");
 }
 if(!$modx->hasPermission('save_user')) {
-	$modx->webAlertAndQuit($_lang["error_no_privileges"]);
+    $modx->webAlertAndQuit($_lang["error_no_privileges"]);
 }
 
 $modx->loadExtension('phpass');
@@ -45,134 +45,134 @@ 
 
 // verify password
 if($passwordgenmethod == "spec" && $input['specifiedpassword'] != $input['confirmpassword']) {
-	webAlertAndQuit("Password typed is mismatched", 12);
+    webAlertAndQuit("Password typed is mismatched", 12);
 }
 
 // verify email
 if($email == '' || !preg_match("/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,24}$/i", $email)) {
-	webAlertAndQuit("E-mail address doesn't seem to be valid!", 12);
+    webAlertAndQuit("E-mail address doesn't seem to be valid!", 12);
 }
 
 // verify admin security
 if($_SESSION['mgrRole'] != 1) {
-	// Check to see if user tried to spoof a "1" (admin) role
-	if(!$modx->hasPermission('save_role')) {
-		webAlertAndQuit("Illegal attempt to create/modify administrator by non-administrator!", 12);
-	}
-	// Verify that the user being edited wasn't an admin and the user ID got spoofed
-	$rs = $modx->db->select('count(internalKey)', $tbl_user_attributes, "internalKey='{$id}' AND role=1");
-	$limit = $modx->db->getValue($rs);
-	if($limit > 0) {
-		webAlertAndQuit("You cannot alter an administrative user.", 12);
-	}
+    // Check to see if user tried to spoof a "1" (admin) role
+    if(!$modx->hasPermission('save_role')) {
+        webAlertAndQuit("Illegal attempt to create/modify administrator by non-administrator!", 12);
+    }
+    // Verify that the user being edited wasn't an admin and the user ID got spoofed
+    $rs = $modx->db->select('count(internalKey)', $tbl_user_attributes, "internalKey='{$id}' AND role=1");
+    $limit = $modx->db->getValue($rs);
+    if($limit > 0) {
+        webAlertAndQuit("You cannot alter an administrative user.", 12);
+    }
 
 }
 
 switch($input['mode']) {
-	case '11' : // new user
-		// check if this user name already exist
-		$rs = $modx->db->select('count(id)', $tbl_manager_users, sprintf("username='%s'", $modx->db->escape($newusername)));
-		$limit = $modx->db->getValue($rs);
-		if($limit > 0) {
-			webAlertAndQuit("User name is already in use!", 12);
-		}
-
-		// check if the email address already exist
-		$rs = $modx->db->select('count(internalKey)', $tbl_user_attributes, sprintf("email='%s' AND id!='%s'", $modx->db->escape($email), $id));
-		$limit = $modx->db->getValue($rs);
-		if($limit > 0) {
-			webAlertAndQuit("Email is already in use!", 12);
-		}
-
-		// generate a new password for this user
-		if($specifiedpassword != "" && $passwordgenmethod == "spec") {
-			if(strlen($specifiedpassword) < 6) {
-				webAlertAndQuit("Password is too short!", 12);
-			} else {
-				$newpassword = $specifiedpassword;
-			}
-		} elseif($specifiedpassword == "" && $passwordgenmethod == "spec") {
-			webAlertAndQuit("You didn't specify a password for this user!", 12);
-		} elseif($passwordgenmethod == 'g') {
-			$newpassword = generate_password(8);
-		} else {
-			webAlertAndQuit("No password generation method specified!", 12);
-		}
-
-		// invoke OnBeforeUserFormSave event
-		$modx->invokeEvent("OnBeforeUserFormSave", array(
-			"mode" => "new",
-		));
-
-		// create the user account
-		$internalKey = $modx->db->insert(array('username' => $modx->db->escape($newusername)), $tbl_manager_users);
-
-		$field = array();
-		$field['password'] = $modx->phpass->HashPassword($newpassword);
-		$modx->db->update($field, $tbl_manager_users, "id='{$internalKey}'");
-
-		$field = compact('internalKey', 'fullname', 'role', 'email', 'phone', 'mobilephone', 'fax', 'zip', 'street', 'city', 'state', 'country', 'gender', 'dob', 'photo', 'comment', 'blocked', 'blockeduntil', 'blockedafter');
-		$field = $modx->db->escape($field);
-		$modx->db->insert($field, $tbl_user_attributes);
-
-		// Save user settings
+    case '11' : // new user
+        // check if this user name already exist
+        $rs = $modx->db->select('count(id)', $tbl_manager_users, sprintf("username='%s'", $modx->db->escape($newusername)));
+        $limit = $modx->db->getValue($rs);
+        if($limit > 0) {
+            webAlertAndQuit("User name is already in use!", 12);
+        }
+
+        // check if the email address already exist
+        $rs = $modx->db->select('count(internalKey)', $tbl_user_attributes, sprintf("email='%s' AND id!='%s'", $modx->db->escape($email), $id));
+        $limit = $modx->db->getValue($rs);
+        if($limit > 0) {
+            webAlertAndQuit("Email is already in use!", 12);
+        }
+
+        // generate a new password for this user
+        if($specifiedpassword != "" && $passwordgenmethod == "spec") {
+            if(strlen($specifiedpassword) < 6) {
+                webAlertAndQuit("Password is too short!", 12);
+            } else {
+                $newpassword = $specifiedpassword;
+            }
+        } elseif($specifiedpassword == "" && $passwordgenmethod == "spec") {
+            webAlertAndQuit("You didn't specify a password for this user!", 12);
+        } elseif($passwordgenmethod == 'g') {
+            $newpassword = generate_password(8);
+        } else {
+            webAlertAndQuit("No password generation method specified!", 12);
+        }
+
+        // invoke OnBeforeUserFormSave event
+        $modx->invokeEvent("OnBeforeUserFormSave", array(
+            "mode" => "new",
+        ));
+
+        // create the user account
+        $internalKey = $modx->db->insert(array('username' => $modx->db->escape($newusername)), $tbl_manager_users);
+
+        $field = array();
+        $field['password'] = $modx->phpass->HashPassword($newpassword);
+        $modx->db->update($field, $tbl_manager_users, "id='{$internalKey}'");
+
+        $field = compact('internalKey', 'fullname', 'role', 'email', 'phone', 'mobilephone', 'fax', 'zip', 'street', 'city', 'state', 'country', 'gender', 'dob', 'photo', 'comment', 'blocked', 'blockeduntil', 'blockedafter');
+        $field = $modx->db->escape($field);
+        $modx->db->insert($field, $tbl_user_attributes);
+
+        // Save user settings
         saveManagerUserSettings($internalKey);
 
-		// invoke OnManagerSaveUser event
-		$modx->invokeEvent("OnManagerSaveUser", array(
-			"mode" => "new",
-			"userid" => $internalKey,
-			"username" => $newusername,
-			"userpassword" => $newpassword,
-			"useremail" => $email,
-			"userfullname" => $fullname,
-			"userroleid" => $role
-		));
-
-		// invoke OnUserFormSave event
-		$modx->invokeEvent("OnUserFormSave", array(
-			"mode" => "new",
-			"id" => $internalKey
-		));
-
-		// Set the item name for logger
-		$_SESSION['itemname'] = $newusername;
-
-		/*******************************************************************************/
-		// put the user in the user_groups he/ she should be in
-		// first, check that up_perms are switched on!
-		if($use_udperms == 1) {
-			if(!empty($user_groups)) {
-				for($i = 0; $i < count($user_groups); $i++) {
-					$f = array();
-					$f['user_group'] = (int)$user_groups[$i];
-					$f['member'] = $internalKey;
-					$modx->db->insert($f, $tbl_member_groups);
-				}
-			}
-		}
-		// end of user_groups stuff!
-
-		if($passwordnotifymethod == 'e') {
+        // invoke OnManagerSaveUser event
+        $modx->invokeEvent("OnManagerSaveUser", array(
+            "mode" => "new",
+            "userid" => $internalKey,
+            "username" => $newusername,
+            "userpassword" => $newpassword,
+            "useremail" => $email,
+            "userfullname" => $fullname,
+            "userroleid" => $role
+        ));
+
+        // invoke OnUserFormSave event
+        $modx->invokeEvent("OnUserFormSave", array(
+            "mode" => "new",
+            "id" => $internalKey
+        ));
+
+        // Set the item name for logger
+        $_SESSION['itemname'] = $newusername;
+
+        /*******************************************************************************/
+        // put the user in the user_groups he/ she should be in
+        // first, check that up_perms are switched on!
+        if($use_udperms == 1) {
+            if(!empty($user_groups)) {
+                for($i = 0; $i < count($user_groups); $i++) {
+                    $f = array();
+                    $f['user_group'] = (int)$user_groups[$i];
+                    $f['member'] = $internalKey;
+                    $modx->db->insert($f, $tbl_member_groups);
+                }
+            }
+        }
+        // end of user_groups stuff!
+
+        if($passwordnotifymethod == 'e') {
             sendMailMessageForUser($email, $newusername, $newpassword, $fullname, $signupemail_message, MODX_MANAGER_URL);
-			if($input['stay'] != '') {
-				$a = ($input['stay'] == '2') ? "12&id={$internalKey}" : "11";
-				$header = "Location: index.php?a={$a}&r=2&stay=" . $input['stay'];
-				header($header);
-			} else {
-				$header = "Location: index.php?a=75&r=2";
-				header($header);
-			}
-		} else {
-			if($input['stay'] != '') {
-				$a = ($input['stay'] == '2') ? "12&id={$internalKey}" : "11";
-				$stayUrl = "index.php?a={$a}&r=2&stay=" . $input['stay'];
-			} else {
-				$stayUrl = "index.php?a=75&r=2";
-			}
-
-			include_once "header.inc.php";
-			?>
+            if($input['stay'] != '') {
+                $a = ($input['stay'] == '2') ? "12&id={$internalKey}" : "11";
+                $header = "Location: index.php?a={$a}&r=2&stay=" . $input['stay'];
+                header($header);
+            } else {
+                $header = "Location: index.php?a=75&r=2";
+                header($header);
+            }
+        } else {
+            if($input['stay'] != '') {
+                $a = ($input['stay'] == '2') ? "12&id={$internalKey}" : "11";
+                $stayUrl = "index.php?a={$a}&r=2&stay=" . $input['stay'];
+            } else {
+                $stayUrl = "index.php?a=75&r=2";
+            }
+
+            include_once "header.inc.php";
+            ?>
 
 			<h1><?php echo $_lang['user_title']; ?></h1>
 
@@ -194,125 +194,125 @@ 
 			</div>
 			<?php
 
-			include_once "footer.inc.php";
-		}
-		break;
-	case '12' : // edit user
-		// generate a new password for this user
-		if($genpassword == 1) {
-			if($specifiedpassword != "" && $passwordgenmethod == "spec") {
-				if(strlen($specifiedpassword) < 6) {
-					webAlertAndQuit("Password is too short!", 12);
-				} else {
-					$newpassword = $specifiedpassword;
-				}
-			} elseif($specifiedpassword == "" && $passwordgenmethod == "spec") {
-				webAlertAndQuit("You didn't specify a password for this user!", 12);
-			} elseif($passwordgenmethod == 'g') {
-				$newpassword = generate_password(8);
-			} else {
-				webAlertAndQuit("No password generation method specified!", 12);
-			}
-		}
-		if($passwordnotifymethod == 'e') {
+            include_once "footer.inc.php";
+        }
+        break;
+    case '12' : // edit user
+        // generate a new password for this user
+        if($genpassword == 1) {
+            if($specifiedpassword != "" && $passwordgenmethod == "spec") {
+                if(strlen($specifiedpassword) < 6) {
+                    webAlertAndQuit("Password is too short!", 12);
+                } else {
+                    $newpassword = $specifiedpassword;
+                }
+            } elseif($specifiedpassword == "" && $passwordgenmethod == "spec") {
+                webAlertAndQuit("You didn't specify a password for this user!", 12);
+            } elseif($passwordgenmethod == 'g') {
+                $newpassword = generate_password(8);
+            } else {
+                webAlertAndQuit("No password generation method specified!", 12);
+            }
+        }
+        if($passwordnotifymethod == 'e') {
             sendMailMessageForUser($email, $newusername, $newpassword, $fullname, $signupemail_message, MODX_MANAGER_URL);
-		}
-
-		// check if the username already exist
-		$rs = $modx->db->select('count(id)', $tbl_manager_users, sprintf("username='%s' AND id!='%s'", $modx->db->escape($newusername), $id));
-		$limit = $modx->db->getValue($rs);
-		if($limit > 0) {
-			webAlertAndQuit("User name is already in use!", 12);
-		}
-
-		// check if the email address already exists
-		$rs = $modx->db->select('count(internalKey)', $tbl_user_attributes, sprintf("email='%s' AND internalKey!='%s'", $modx->db->escape($email), $id));
-		$limit = $modx->db->getValue($rs);
-		if($limit > 0) {
-			webAlertAndQuit("Email is already in use!", 12);
-		}
-
-		// invoke OnBeforeUserFormSave event
-		$modx->invokeEvent("OnBeforeUserFormSave", array(
-			"mode" => "upd",
-			"id" => $id
-		));
-
-		// update user name and password
-		$field = array();
-		$field['username'] = $modx->db->escape($newusername);
-		if($genpassword == 1) {
-			$field['password'] = $modx->phpass->HashPassword($newpassword);
-		}
-		$modx->db->update($field, $tbl_manager_users, "id='{$id}'");
-		$field = compact('fullname', 'role', 'email', 'phone', 'mobilephone', 'fax', 'zip', 'street', 'city', 'state', 'country', 'gender', 'dob', 'photo', 'comment', 'failedlogincount', 'blocked', 'blockeduntil', 'blockedafter');
-		$field = $modx->db->escape($field);
-		$modx->db->update($field, $tbl_user_attributes, "internalKey='{$id}'");
-
-		// Save user settings
+        }
+
+        // check if the username already exist
+        $rs = $modx->db->select('count(id)', $tbl_manager_users, sprintf("username='%s' AND id!='%s'", $modx->db->escape($newusername), $id));
+        $limit = $modx->db->getValue($rs);
+        if($limit > 0) {
+            webAlertAndQuit("User name is already in use!", 12);
+        }
+
+        // check if the email address already exists
+        $rs = $modx->db->select('count(internalKey)', $tbl_user_attributes, sprintf("email='%s' AND internalKey!='%s'", $modx->db->escape($email), $id));
+        $limit = $modx->db->getValue($rs);
+        if($limit > 0) {
+            webAlertAndQuit("Email is already in use!", 12);
+        }
+
+        // invoke OnBeforeUserFormSave event
+        $modx->invokeEvent("OnBeforeUserFormSave", array(
+            "mode" => "upd",
+            "id" => $id
+        ));
+
+        // update user name and password
+        $field = array();
+        $field['username'] = $modx->db->escape($newusername);
+        if($genpassword == 1) {
+            $field['password'] = $modx->phpass->HashPassword($newpassword);
+        }
+        $modx->db->update($field, $tbl_manager_users, "id='{$id}'");
+        $field = compact('fullname', 'role', 'email', 'phone', 'mobilephone', 'fax', 'zip', 'street', 'city', 'state', 'country', 'gender', 'dob', 'photo', 'comment', 'failedlogincount', 'blocked', 'blockeduntil', 'blockedafter');
+        $field = $modx->db->escape($field);
+        $modx->db->update($field, $tbl_user_attributes, "internalKey='{$id}'");
+
+        // Save user settings
         saveManagerUserSettings($id);
 
-		// Set the item name for logger
-		$_SESSION['itemname'] = $newusername;
-
-		// invoke OnManagerSaveUser event
-		$modx->invokeEvent("OnManagerSaveUser", array(
-			"mode" => "upd",
-			"userid" => $id,
-			"username" => $newusername,
-			"userpassword" => $newpassword,
-			"useremail" => $email,
-			"userfullname" => $fullname,
-			"userroleid" => $role,
-			"oldusername" => (($oldusername != $newusername) ? $oldusername : ""),
-			"olduseremail" => (($oldemail != $email) ? $oldemail : "")
-		));
-
-		// invoke OnManagerChangePassword event
-		if($genpassword == 1) {
-			$modx->invokeEvent("OnManagerChangePassword", array(
-				"userid" => $id,
-				"username" => $newusername,
-				"userpassword" => $newpassword
-			));
-		}
-
-		// invoke OnUserFormSave event
-		$modx->invokeEvent("OnUserFormSave", array(
-			"mode" => "upd",
-			"id" => $id
-		));
-
-		/*******************************************************************************/
-		// put the user in the user_groups he/ she should be in
-		// first, check that up_perms are switched on!
-		if($use_udperms == 1) {
-			// as this is an existing user, delete his/ her entries in the groups before saving the new groups
-			$modx->db->delete($tbl_member_groups, "member='{$id}'");
-			if(!empty($user_groups)) {
-				for($i = 0; $i < count($user_groups); $i++) {
-					$field = array();
-					$field['user_group'] = (int)$user_groups[$i];
-					$field['member'] = $id;
-					$modx->db->insert($field, $tbl_member_groups);
-				}
-			}
-		}
-		// end of user_groups stuff!
-		/*******************************************************************************/
-		if($id == $modx->getLoginUserID() && ($genpassword !== 1 && $passwordnotifymethod != 's')) {
-			$modx->webAlertAndQuit($_lang["user_changeddata"], 'javascript:top.location.href="index.php?a=8";');
-		}
-		if($genpassword == 1 && $passwordnotifymethod == 's') {
-			if($input['stay'] != '') {
-				$a = ($input['stay'] == '2') ? "12&id={$id}" : "11";
-				$stayUrl = "index.php?a={$a}&r=2&stay=" . $input['stay'];
-			} else {
-				$stayUrl = "index.php?a=75&r=2";
-			}
-
-			include_once "header.inc.php";
-			?>
+        // Set the item name for logger
+        $_SESSION['itemname'] = $newusername;
+
+        // invoke OnManagerSaveUser event
+        $modx->invokeEvent("OnManagerSaveUser", array(
+            "mode" => "upd",
+            "userid" => $id,
+            "username" => $newusername,
+            "userpassword" => $newpassword,
+            "useremail" => $email,
+            "userfullname" => $fullname,
+            "userroleid" => $role,
+            "oldusername" => (($oldusername != $newusername) ? $oldusername : ""),
+            "olduseremail" => (($oldemail != $email) ? $oldemail : "")
+        ));
+
+        // invoke OnManagerChangePassword event
+        if($genpassword == 1) {
+            $modx->invokeEvent("OnManagerChangePassword", array(
+                "userid" => $id,
+                "username" => $newusername,
+                "userpassword" => $newpassword
+            ));
+        }
+
+        // invoke OnUserFormSave event
+        $modx->invokeEvent("OnUserFormSave", array(
+            "mode" => "upd",
+            "id" => $id
+        ));
+
+        /*******************************************************************************/
+        // put the user in the user_groups he/ she should be in
+        // first, check that up_perms are switched on!
+        if($use_udperms == 1) {
+            // as this is an existing user, delete his/ her entries in the groups before saving the new groups
+            $modx->db->delete($tbl_member_groups, "member='{$id}'");
+            if(!empty($user_groups)) {
+                for($i = 0; $i < count($user_groups); $i++) {
+                    $field = array();
+                    $field['user_group'] = (int)$user_groups[$i];
+                    $field['member'] = $id;
+                    $modx->db->insert($field, $tbl_member_groups);
+                }
+            }
+        }
+        // end of user_groups stuff!
+        /*******************************************************************************/
+        if($id == $modx->getLoginUserID() && ($genpassword !== 1 && $passwordnotifymethod != 's')) {
+            $modx->webAlertAndQuit($_lang["user_changeddata"], 'javascript:top.location.href="index.php?a=8";');
+        }
+        if($genpassword == 1 && $passwordnotifymethod == 's') {
+            if($input['stay'] != '') {
+                $a = ($input['stay'] == '2') ? "12&id={$id}" : "11";
+                $stayUrl = "index.php?a={$a}&r=2&stay=" . $input['stay'];
+            } else {
+                $stayUrl = "index.php?a=75&r=2";
+            }
+
+            include_once "header.inc.php";
+            ?>
 
 			<h1><?php echo $_lang['user_title']; ?></h1>
 
@@ -332,18 +332,18 @@ 
 			</div>
 			<?php
 
-			include_once "footer.inc.php";
-		} else {
-			if($input['stay'] != '') {
-				$a = ($input['stay'] == '2') ? "12&id={$id}" : "11";
-				$header = "Location: index.php?a={$a}&r=2&stay=" . $input['stay'];
-				header($header);
-			} else {
-				$header = "Location: index.php?a=75&r=2";
-				header($header);
-			}
-		}
-		break;
-	default:
-		webAlertAndQuit("No operation set in request.", 12);
+            include_once "footer.inc.php";
+        } else {
+            if($input['stay'] != '') {
+                $a = ($input['stay'] == '2') ? "12&id={$id}" : "11";
+                $header = "Location: index.php?a={$a}&r=2&stay=" . $input['stay'];
+                header($header);
+            } else {
+                $header = "Location: index.php?a=75&r=2";
+                header($header);
+            }
+        }
+        break;
+    default:
+        webAlertAndQuit("No operation set in request.", 12);
 }

manager/processors/save_web_user.processor.php

Indentation +192 added lines, -192 removed lines

@@ -1,9 +1,9 @@ 
 <?php
 if( ! defined('IN_MANAGER_MODE') || IN_MANAGER_MODE !== true) {
-	die("<b>INCLUDE_ORDERING_ERROR</b><br /><br />Please use the EVO Content Manager instead of accessing this file directly.");
+    die("<b>INCLUDE_ORDERING_ERROR</b><br /><br />Please use the EVO Content Manager instead of accessing this file directly.");
 }
 if(!$modx->hasPermission('save_web_user')) {
-	$modx->webAlertAndQuit($_lang["error_no_privileges"]);
+    $modx->webAlertAndQuit($_lang["error_no_privileges"]);
 }
 
 $tbl_web_users = $modx->getFullTableName('web_users');
@@ -12,10 +12,10 @@ 
 
 $input = $_POST;
 foreach($input as $k => $v) {
-	if($k !== 'comment') {
-		$v = $modx->htmlspecialchars($v, ENT_NOQUOTES);
-	}
-	$input[$k] = $v;
+    if($k !== 'comment') {
+        $v = $modx->htmlspecialchars($v, ENT_NOQUOTES);
+    }
+    $input[$k] = $v;
 }
 
 $id = (int)$input['id'];
@@ -51,82 +51,82 @@ 
 
 // verify password
 if($passwordgenmethod == "spec" && $input['specifiedpassword'] != $input['confirmpassword']) {
-	webAlertAndQuit("Password typed is mismatched", 88);
+    webAlertAndQuit("Password typed is mismatched", 88);
 }
 
 // verify email
 if($email == '' || !preg_match("/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,24}$/i", $email)) {
-	webAlertAndQuit("E-mail address doesn't seem to be valid!", 88);
+    webAlertAndQuit("E-mail address doesn't seem to be valid!", 88);
 }
 
 switch($input['mode']) {
-	case '87' : // new user
-		// check if this user name already exist
-		$rs = $modx->db->select('count(id)', $tbl_web_users, "username='{$esc_newusername}'");
-		$limit = $modx->db->getValue($rs);
-		if($limit > 0) {
-			webAlertAndQuit("User name is already in use!", 88);
-		}
-
-		// check if the email address already exist
-		if ($modx->config['allow_multiple_emails'] != 1) {
-			$rs = $modx->db->select('count(id)', $tbl_web_user_attributes, "email='{$esc_email}' AND id!='{$id}'");
-			$limit = $modx->db->getValue($rs);
-			if($limit > 0) {
-				webAlertAndQuit("Email is already in use!", 88);
-			}
-		}
-
-		// generate a new password for this user
-		if($specifiedpassword != "" && $passwordgenmethod == "spec") {
-			if(strlen($specifiedpassword) < 6) {
-				webAlertAndQuit("Password is too short!", 88);
-			} else {
-				$newpassword = $specifiedpassword;
-			}
-		} elseif($specifiedpassword == "" && $passwordgenmethod == "spec") {
-			webAlertAndQuit("You didn't specify a password for this user!", 88);
-		} elseif($passwordgenmethod == 'g') {
-			$newpassword = generate_password(8);
-		} else {
-			webAlertAndQuit("No password generation method specified!", 88);
-		}
-
-		// invoke OnBeforeWUsrFormSave event
-		$modx->invokeEvent("OnBeforeWUsrFormSave", array(
-			"mode" => "new",
-		));
-
-		// create the user account
-		$field = array();
-		$field['username'] = $esc_newusername;
-		$field['password'] = md5($newpassword);
-		$internalKey = $modx->db->insert($field, $tbl_web_users);
-
-		$field = compact('internalKey', 'fullname', 'role', 'email', 'phone', 'mobilephone', 'fax', 'zip', 'street', 'city', 'state', 'country', 'gender', 'dob', 'photo', 'comment', 'blocked', 'blockeduntil', 'blockedafter');
-		$field = $modx->db->escape($field);
-		$modx->db->insert($field, $tbl_web_user_attributes);
-
-		// Save User Settings
+    case '87' : // new user
+        // check if this user name already exist
+        $rs = $modx->db->select('count(id)', $tbl_web_users, "username='{$esc_newusername}'");
+        $limit = $modx->db->getValue($rs);
+        if($limit > 0) {
+            webAlertAndQuit("User name is already in use!", 88);
+        }
+
+        // check if the email address already exist
+        if ($modx->config['allow_multiple_emails'] != 1) {
+            $rs = $modx->db->select('count(id)', $tbl_web_user_attributes, "email='{$esc_email}' AND id!='{$id}'");
+            $limit = $modx->db->getValue($rs);
+            if($limit > 0) {
+                webAlertAndQuit("Email is already in use!", 88);
+            }
+        }
+
+        // generate a new password for this user
+        if($specifiedpassword != "" && $passwordgenmethod == "spec") {
+            if(strlen($specifiedpassword) < 6) {
+                webAlertAndQuit("Password is too short!", 88);
+            } else {
+                $newpassword = $specifiedpassword;
+            }
+        } elseif($specifiedpassword == "" && $passwordgenmethod == "spec") {
+            webAlertAndQuit("You didn't specify a password for this user!", 88);
+        } elseif($passwordgenmethod == 'g') {
+            $newpassword = generate_password(8);
+        } else {
+            webAlertAndQuit("No password generation method specified!", 88);
+        }
+
+        // invoke OnBeforeWUsrFormSave event
+        $modx->invokeEvent("OnBeforeWUsrFormSave", array(
+            "mode" => "new",
+        ));
+
+        // create the user account
+        $field = array();
+        $field['username'] = $esc_newusername;
+        $field['password'] = md5($newpassword);
+        $internalKey = $modx->db->insert($field, $tbl_web_users);
+
+        $field = compact('internalKey', 'fullname', 'role', 'email', 'phone', 'mobilephone', 'fax', 'zip', 'street', 'city', 'state', 'country', 'gender', 'dob', 'photo', 'comment', 'blocked', 'blockeduntil', 'blockedafter');
+        $field = $modx->db->escape($field);
+        $modx->db->insert($field, $tbl_web_user_attributes);
+
+        // Save User Settings
         saveWebUserSettings($internalKey);
 
-		// Set the item name for logger
-		$_SESSION['itemname'] = $newusername;
-
-		/*******************************************************************************/
-		// put the user in the user_groups he/ she should be in
-		// first, check that up_perms are switched on!
-		if($use_udperms == 1) {
-			if(!empty($user_groups)) {
-				for($i = 0; $i < count($user_groups); $i++) {
-					$f = array();
-					$f['webgroup'] = (int)$user_groups[$i];
-					$f['webuser'] = $internalKey;
-					$modx->db->insert($f, $tbl_web_groups);
-				}
-			}
-		}
-		// end of user_groups stuff!
+        // Set the item name for logger
+        $_SESSION['itemname'] = $newusername;
+
+        /*******************************************************************************/
+        // put the user in the user_groups he/ she should be in
+        // first, check that up_perms are switched on!
+        if($use_udperms == 1) {
+            if(!empty($user_groups)) {
+                for($i = 0; $i < count($user_groups); $i++) {
+                    $f = array();
+                    $f['webgroup'] = (int)$user_groups[$i];
+                    $f['webuser'] = $internalKey;
+                    $modx->db->insert($f, $tbl_web_groups);
+                }
+            }
+        }
+        // end of user_groups stuff!
 
         // invoke OnWebSaveUser event
         $modx->invokeEvent("OnWebSaveUser", array(
@@ -144,26 +144,26 @@ 
             "id" => $internalKey
         ));
 
-		if($passwordnotifymethod == 'e') {
+        if($passwordnotifymethod == 'e') {
             sendMailMessageForUser($email, $newusername, $newpassword, $fullname, $websignupemail_message, $site_url);
-			if($input['stay'] != '') {
-				$a = ($input['stay'] == '2') ? "88&id={$internalKey}" : "87";
-				$header = "Location: index.php?a={$a}&r=2&stay=" . $input['stay'];
-				header($header);
-			} else {
-				$header = "Location: index.php?a=99&r=2";
-				header($header);
-			}
-		} else {
-			if($input['stay'] != '') {
-				$a = ($input['stay'] == '2') ? "88&id={$internalKey}" : "87";
-				$stayUrl = "index.php?a={$a}&r=2&stay=" . $input['stay'];
-			} else {
-				$stayUrl = "index.php?a=99&r=2";
-			}
-
-			include_once "header.inc.php";
-			?>
+            if($input['stay'] != '') {
+                $a = ($input['stay'] == '2') ? "88&id={$internalKey}" : "87";
+                $header = "Location: index.php?a={$a}&r=2&stay=" . $input['stay'];
+                header($header);
+            } else {
+                $header = "Location: index.php?a=99&r=2";
+                header($header);
+            }
+        } else {
+            if($input['stay'] != '') {
+                $a = ($input['stay'] == '2') ? "88&id={$internalKey}" : "87";
+                $stayUrl = "index.php?a={$a}&r=2&stay=" . $input['stay'];
+            } else {
+                $stayUrl = "index.php?a=99&r=2";
+            }
+
+            include_once "header.inc.php";
+            ?>
 
 			<h1><?php echo $_lang['web_user_title']; ?></h1>
 
@@ -185,86 +185,86 @@ 
 			</div>
 			<?php
 
-			include_once "footer.inc.php";
-		}
-		break;
-	case '88' : // edit user
-		// generate a new password for this user
-		if($genpassword == 1) {
-			if($specifiedpassword != "" && $passwordgenmethod == "spec") {
-				if(strlen($specifiedpassword) < 6) {
-					webAlertAndQuit("Password is too short!", 88);
-				} else {
-					$newpassword = $specifiedpassword;
-				}
-			} elseif($specifiedpassword == "" && $passwordgenmethod == "spec") {
-				webAlertAndQuit("You didn't specify a password for this user!", 88);
-			} elseif($passwordgenmethod == 'g') {
-				$newpassword = generate_password(8);
-			} else {
-				webAlertAndQuit("No password generation method specified!", 88);
-			}
-		}
-		if($passwordnotifymethod == 'e') {
+            include_once "footer.inc.php";
+        }
+        break;
+    case '88' : // edit user
+        // generate a new password for this user
+        if($genpassword == 1) {
+            if($specifiedpassword != "" && $passwordgenmethod == "spec") {
+                if(strlen($specifiedpassword) < 6) {
+                    webAlertAndQuit("Password is too short!", 88);
+                } else {
+                    $newpassword = $specifiedpassword;
+                }
+            } elseif($specifiedpassword == "" && $passwordgenmethod == "spec") {
+                webAlertAndQuit("You didn't specify a password for this user!", 88);
+            } elseif($passwordgenmethod == 'g') {
+                $newpassword = generate_password(8);
+            } else {
+                webAlertAndQuit("No password generation method specified!", 88);
+            }
+        }
+        if($passwordnotifymethod == 'e') {
             sendMailMessageForUser($email, $newusername, $newpassword, $fullname, $websignupemail_message, $site_url);
-		}
-
-		// check if the username already exist
-		$rs = $modx->db->select('count(id)', $tbl_web_users, "username='{$esc_newusername}' AND id!='{$id}'");
-		$limit = $modx->db->getValue($rs);
-		if($limit > 0) {
-			webAlertAndQuit("User name is already in use!", 88);
-		}
-
-		// check if the email address already exists
-		if ($modx->config['allow_multiple_emails'] != 1) {
-			$rs = $modx->db->select('count(internalKey)', $tbl_web_user_attributes, "email='{$esc_email}' AND internalKey!='{$id}'");
-			$limit = $modx->db->getValue($rs);
-			if($limit > 0) {
-				webAlertAndQuit("Email is already in use!", 88);
-			}
-		}
-
-		// invoke OnBeforeWUsrFormSave event
-		$modx->invokeEvent("OnBeforeWUsrFormSave", array(
-			"mode" => "upd",
-			"id" => $id
-		));
-
-		// update user name and password
-		$field = array();
-		$field['username'] = $esc_newusername;
-		if($genpassword == 1) {
-			$field['password'] = md5($newpassword);
-		}
-		$modx->db->update($field, $tbl_web_users, "id='{$id}'");
-		$field = compact('fullname', 'role', 'email', 'phone', 'mobilephone', 'fax', 'zip', 'street', 'city', 'state', 'country', 'gender', 'dob', 'photo', 'comment', 'failedlogincount', 'blocked', 'blockeduntil', 'blockedafter');
-		$field = $modx->db->escape($field);
-		$modx->db->update($field, $tbl_web_user_attributes, "internalKey='{$id}'");
-
-		// Save User Settings
+        }
+
+        // check if the username already exist
+        $rs = $modx->db->select('count(id)', $tbl_web_users, "username='{$esc_newusername}' AND id!='{$id}'");
+        $limit = $modx->db->getValue($rs);
+        if($limit > 0) {
+            webAlertAndQuit("User name is already in use!", 88);
+        }
+
+        // check if the email address already exists
+        if ($modx->config['allow_multiple_emails'] != 1) {
+            $rs = $modx->db->select('count(internalKey)', $tbl_web_user_attributes, "email='{$esc_email}' AND internalKey!='{$id}'");
+            $limit = $modx->db->getValue($rs);
+            if($limit > 0) {
+                webAlertAndQuit("Email is already in use!", 88);
+            }
+        }
+
+        // invoke OnBeforeWUsrFormSave event
+        $modx->invokeEvent("OnBeforeWUsrFormSave", array(
+            "mode" => "upd",
+            "id" => $id
+        ));
+
+        // update user name and password
+        $field = array();
+        $field['username'] = $esc_newusername;
+        if($genpassword == 1) {
+            $field['password'] = md5($newpassword);
+        }
+        $modx->db->update($field, $tbl_web_users, "id='{$id}'");
+        $field = compact('fullname', 'role', 'email', 'phone', 'mobilephone', 'fax', 'zip', 'street', 'city', 'state', 'country', 'gender', 'dob', 'photo', 'comment', 'failedlogincount', 'blocked', 'blockeduntil', 'blockedafter');
+        $field = $modx->db->escape($field);
+        $modx->db->update($field, $tbl_web_user_attributes, "internalKey='{$id}'");
+
+        // Save User Settings
         saveWebUserSettings($id);
 
-		// Set the item name for logger
-		$_SESSION['itemname'] = $newusername;
-
-		/*******************************************************************************/
-		// put the user in the user_groups he/ she should be in
-		// first, check that up_perms are switched on!
-		if($use_udperms == 1) {
-			// as this is an existing user, delete his/ her entries in the groups before saving the new groups
-			$modx->db->delete($tbl_web_groups, "webuser='{$id}'");
-			if(!empty($user_groups)) {
-				for($i = 0; $i < count($user_groups); $i++) {
-					$field = array();
-					$field['webgroup'] = (int)$user_groups[$i];
-					$field['webuser'] = $id;
-					$modx->db->insert($field, $tbl_web_groups);
-				}
-			}
-		}
-		// end of user_groups stuff!
-		/*******************************************************************************/
+        // Set the item name for logger
+        $_SESSION['itemname'] = $newusername;
+
+        /*******************************************************************************/
+        // put the user in the user_groups he/ she should be in
+        // first, check that up_perms are switched on!
+        if($use_udperms == 1) {
+            // as this is an existing user, delete his/ her entries in the groups before saving the new groups
+            $modx->db->delete($tbl_web_groups, "webuser='{$id}'");
+            if(!empty($user_groups)) {
+                for($i = 0; $i < count($user_groups); $i++) {
+                    $field = array();
+                    $field['webgroup'] = (int)$user_groups[$i];
+                    $field['webuser'] = $id;
+                    $modx->db->insert($field, $tbl_web_groups);
+                }
+            }
+        }
+        // end of user_groups stuff!
+        /*******************************************************************************/
 
         // invoke OnWebSaveUser event
         $modx->invokeEvent("OnWebSaveUser", array(
@@ -293,16 +293,16 @@ 
             "id" => $id
         ));
 
-		if($genpassword == 1 && $passwordnotifymethod == 's') {
-			if($input['stay'] != '') {
-				$a = ($input['stay'] == '2') ? "88&id={$id}" : "87";
-				$stayUrl = "index.php?a={$a}&r=2&stay=" . $input['stay'];
-			} else {
-				$stayUrl = "index.php?a=99&r=2";
-			}
+        if($genpassword == 1 && $passwordnotifymethod == 's') {
+            if($input['stay'] != '') {
+                $a = ($input['stay'] == '2') ? "88&id={$id}" : "87";
+                $stayUrl = "index.php?a={$a}&r=2&stay=" . $input['stay'];
+            } else {
+                $stayUrl = "index.php?a=99&r=2";
+            }
 
-			include_once "header.inc.php";
-			?>
+            include_once "header.inc.php";
+            ?>
 
 			<h1><?php echo $_lang['web_user_title']; ?></h1>
 
@@ -322,18 +322,18 @@ 
 			</div>
 			<?php
 
-			include_once "footer.inc.php";
-		} else {
-			if($input['stay'] != '') {
-				$a = ($input['stay'] == '2') ? "88&id={$id}" : "87";
-				$header = "Location: index.php?a={$a}&r=2&stay=" . $input['stay'];
-				header($header);
-			} else {
-				$header = "Location: index.php?a=99&r=2";
-				header($header);
-			}
-		}
-		break;
-	default :
-		webAlertAndQuit("No operation set in request.", 88);
+            include_once "footer.inc.php";
+        } else {
+            if($input['stay'] != '') {
+                $a = ($input['stay'] == '2') ? "88&id={$id}" : "87";
+                $header = "Location: index.php?a={$a}&r=2&stay=" . $input['stay'];
+                header($header);
+            } else {
+                $header = "Location: index.php?a=99&r=2";
+                header($header);
+            }
+        }
+        break;
+    default :
+        webAlertAndQuit("No operation set in request.", 88);
 }