CVS update: xoops2jp/html (xoops-cvslog 224) - XOOPS

Index: xoops2jp/html/lostpass.php
diff -u xoops2jp/html/lostpass.php:1.2 xoops2jp/html/lostpass.php:1.2.10.1

--- xoops2jp/html/lostpass.php:1.2	Fri Mar 18 21:51:55 2005
+++ xoops2jp/html/lostpass.php	Thu Jun 30 01:40:24 2005
@@ -1,5 +1,5 @@
 <?php
-// $Id: lostpass.php,v 1.2 2005/03/18 12:51:55 onokazu Exp $
+// $Id: lostpass.php,v 1.2.10.1 2005/06/29 16:40:24 onokazu Exp $
 //  ------------------------------------------------------------------------ //
 //                XOOPS - PHP Content Management System                      //
 //                    Copyright (c) 2000 XOOPS.org                           //
@@ -27,73 +27,72 @@
 
 $xoopsOption['pagetype'] = "user";
 include "mainfile.php";
-$email = isset($_GET['email']) ? trim($_GET['email']) : '';
-$email = isset($_POST['email']) ? trim($_POST['email']) : $email;
+$myts =& MyTextSanitizer::getInstance();
+$email = isset($_GET['email']) ? $myts->stripSlashesGPC(trim($_GET['email'])) : '';
+$email = isset($_POST['email']) ? $myts->stripSlashesGPC(trim($_POST['email'])) : $email;
 if ($email == '') {
-	redirect_header("user.php",2,_US_SORRYNOTFOUND);
-	exit();
+    redirect_header("user.php",2,_US_SORRYNOTFOUND);
+    exit();
 }
-
-$myts =& MyTextSanitizer::getInstance();
 $member_handler =& xoops_gethandler('member');
-$getuser =& $member_handler->getUsers(new Criteria('email', $myts->addSlashes($email)));
+$getuser =& $member_handler->getUsers(new Criteria('email', $email));
 
 if (empty($getuser)) {
-	redirect_header("user.php",2,_US_SORRYNOTFOUND);
-	exit();
+    redirect_header("user.php",2,_US_SORRYNOTFOUND);
+    exit();
 } else {
-	$code = isset($_GET['code']) ? trim($_GET['code']) : '';
-	$areyou = substr($getuser[0]->getVar("pass"), 0, 5);
-	if ($code != '' && $areyou == $code) {
-		$newpass = xoops_makepass();
-		$xoopsMailer =& getMailer();
-		$xoopsMailer->useMail();
-		$xoopsMailer->setTemplate("lostpass2.tpl");
-		$xoopsMailer->assign("SITENAME", $xoopsConfig['sitename']);
-		$xoopsMailer->assign("ADMINMAIL", $xoopsConfig['adminmail']);
-		$xoopsMailer->assign("SITEURL", XOOPS_URL."/");
-		$xoopsMailer->assign("IP", $_SERVER['REMOTE_ADDR']);
-		$xoopsMailer->assign("NEWPWD", $newpass);
-		$xoopsMailer->setToUsers($getuser[0]);
-		$xoopsMailer->setFromEmail($xoopsConfig['adminmail']);
-		$xoopsMailer->setFromName($xoopsConfig['sitename']);
-		$xoopsMailer->setSubject(sprintf(_US_NEWPWDREQ,XOOPS_URL));
-		if ( !$xoopsMailer->send() ) {
-			echo $xoopsMailer->getErrors();
-		}
+    $code = isset($_GET['code']) ? trim($_GET['code']) : '';
+    $areyou = substr($getuser[0]->getVar("pass"), 0, 5);
+    if ($code != '' && $areyou == $code) {
+        $newpass = xoops_makepass();
+        $xoopsMailer =& getMailer();
+        $xoopsMailer->useMail();
+        $xoopsMailer->setTemplate("lostpass2.tpl");
+        $xoopsMailer->assign("SITENAME", $xoopsConfig['sitename']);
+        $xoopsMailer->assign("ADMINMAIL", $xoopsConfig['adminmail']);
+        $xoopsMailer->assign("SITEURL", XOOPS_URL."/");
+        $xoopsMailer->assign("IP", $_SERVER['REMOTE_ADDR']);
+        $xoopsMailer->assign("NEWPWD", $newpass);
+        $xoopsMailer->setToUsers($getuser[0]);
+        $xoopsMailer->setFromEmail($xoopsConfig['adminmail']);
+        $xoopsMailer->setFromName($xoopsConfig['sitename']);
+        $xoopsMailer->setSubject(sprintf(_US_NEWPWDREQ,XOOPS_URL));
+        if ( !$xoopsMailer->send() ) {
+            echo $xoopsMailer->getErrors();
+        }
 
-		// Next step: add the new password to the database
-		$sql = sprintf("UPDATE %s SET pass = '%s' WHERE uid = %u", $xoopsDB->prefix("users"), md5($newpass), $getuser[0]->getVar('uid'));
-		if ( !$xoopsDB->queryF($sql) ) {
-			include "header.php";
-			echo _US_MAILPWDNG;
-			include "footer.php";
-			exit();
-		}
-		redirect_header("user.php", 3, sprintf(_US_PWDMAILED,$getuser[0]->getVar("uname")), false);
-		exit();
-	// If no Code, send it
-	} else {
-		$xoopsMailer =& getMailer();
-		$xoopsMailer->useMail();
-		$xoopsMailer->setTemplate("lostpass1.tpl");
-		$xoopsMailer->assign("SITENAME", $xoopsConfig['sitename']);
-		$xoopsMailer->assign("ADMINMAIL", $xoopsConfig['adminmail']);
-		$xoopsMailer->assign("SITEURL", XOOPS_URL."/");
-		$xoopsMailer->assign("IP", $_SERVER['REMOTE_ADDR']);
-		$xoopsMailer->assign("NEWPWD_LINK", XOOPS_URL."/lostpass.php?email=".$email."&code=".$areyou);
-		$xoopsMailer->setToUsers($getuser[0]);
-		$xoopsMailer->setFromEmail($xoopsConfig['adminmail']);
-		$xoopsMailer->setFromName($xoopsConfig['sitename']);
-		$xoopsMailer->setSubject(sprintf(_US_NEWPWDREQ,$xoopsConfig['sitename']));
-		include "header.php";
-		if ( !$xoopsMailer->send() ) {
-			echo $xoopsMailer->getErrors();
-		}
-		echo "<h4>";
-		printf(_US_CONFMAIL,$getuser[0]->getVar("uname"));
-		echo "</h4>";
-		include "footer.php";
-	}
+        // Next step: add the new password to the database
+        $sql = sprintf("UPDATE %s SET pass = '%s' WHERE uid = %u", $xoopsDB->prefix("users"), md5($newpass), $getuser[0]->getVar('uid'));
+        if ( !$xoopsDB->queryF($sql) ) {
+            include "header.php";
+            echo _US_MAILPWDNG;
+            include "footer.php";
+            exit();
+        }
+        redirect_header("user.php", 3, sprintf(_US_PWDMAILED,$getuser[0]->getVar("uname")), false);
+        exit();
+    // If no Code, send it
+    } else {
+        $xoopsMailer =& getMailer();
+        $xoopsMailer->useMail();
+        $xoopsMailer->setTemplate("lostpass1.tpl");
+        $xoopsMailer->assign("SITENAME", $xoopsConfig['sitename']);
+        $xoopsMailer->assign("ADMINMAIL", $xoopsConfig['adminmail']);
+        $xoopsMailer->assign("SITEURL", XOOPS_URL."/");
+        $xoopsMailer->assign("IP", $_SERVER['REMOTE_ADDR']);
+        $xoopsMailer->assign("NEWPWD_LINK", XOOPS_URL."/lostpass.php?email=".$email."&code=".$areyou);
+        $xoopsMailer->setToUsers($getuser[0]);
+        $xoopsMailer->setFromEmail($xoopsConfig['adminmail']);
+        $xoopsMailer->setFromName($xoopsConfig['sitename']);
+        $xoopsMailer->setSubject(sprintf(_US_NEWPWDREQ,$xoopsConfig['sitename']));
+        include "header.php";
+        if ( !$xoopsMailer->send() ) {
+            echo $xoopsMailer->getErrors();
+        }
+        echo "<h4>";
+        printf(_US_CONFMAIL,$getuser[0]->getVar("uname"));
+        echo "</h4>";
+        include "footer.php";
+    }
 }
 ?>
\ No newline at end of file
Index: xoops2jp/html/xmlrpc.php
diff -u xoops2jp/html/xmlrpc.php:1.2 xoops2jp/html/xmlrpc.php:1.2.10.1
--- xoops2jp/html/xmlrpc.php:1.2	Fri Mar 18 21:51:55 2005
+++ xoops2jp/html/xmlrpc.php	Thu Jun 30 01:40:24 2005
@@ -30,42 +30,42 @@
 include_once XOOPS_ROOT_PATH.'/class/xml/rpc/xmlrpctag.php';
 include_once XOOPS_ROOT_PATH.'/class/xml/rpc/xmlrpcparser.php';
 $response = new XoopsXmlRpcResponse();
-$parser = new XoopsXmlRpcParser($GLOBALS['HTTP_RAW_POST_DATA']);
+$parser = new XoopsXmlRpcParser(rawurldecode($GLOBALS['HTTP_RAW_POST_DATA']));
 if (!$parser->parse()) {
-	$response->add(new XoopsXmlRpcFault(102));
+    $response->add(new XoopsXmlRpcFault(102));
 } else {
-	$module_handler =& xoops_gethandler('module');
-	$module =& $module_handler->getByDirname('news');
-	if (!is_object($module)) {
-		$response->add(new XoopsXmlRpcFault(110));
-	} else {
-		$methods = explode('.', $parser->getMethodName());
-		switch ($methods[0]) {
-		case 'blogger':
-			include_once XOOPS_ROOT_PATH.'/class/xml/rpc/bloggerapi.php';
-			$rpc_api = new BloggerApi($parser->getParam(), $response, $module);
-			break;
-		case 'metaWeblog':
-			include_once XOOPS_ROOT_PATH.'/class/xml/rpc/metaweblogapi.php';
-			$rpc_api = new MetaWeblogApi($parser->getParam(), $response, $module);
-			break;
-		case 'mt':
-			include_once XOOPS_ROOT_PATH.'/class/xml/rpc/movabletypeapi.php';
-			$rpc_api = new MovableTypeApi($parser->getParam(), $response, $module);
-			break;
-		case 'xoops':
-		default:
-			include_once XOOPS_ROOT_PATH.'/class/xml/rpc/xoopsapi.php';
-			$rpc_api = new XoopsApi($parser->getParam(), $response, $module);
-			break;
-		}
-		$method = $methods[1];
-		if (!method_exists($rpc_api, $method)) {
-			$response->add(new XoopsXmlRpcFault(107));
-		} else {
-			$rpc_api->$method();
-		}
-	}
+    $module_handler =& xoops_gethandler('module');
+    $module =& $module_handler->getByDirname('news');
+    if (!is_object($module)) {
+        $response->add(new XoopsXmlRpcFault(110));
+    } else {
+        $methods = explode('.', $parser->getMethodName());
+        switch ($methods[0]) {
+        case 'blogger':
+            include_once XOOPS_ROOT_PATH.'/class/xml/rpc/bloggerapi.php';
+            $rpc_api = new BloggerApi($parser->getParam(), $response, $module);
+            break;
+        case 'metaWeblog':
+            include_once XOOPS_ROOT_PATH.'/class/xml/rpc/metaweblogapi.php';
+            $rpc_api = new MetaWeblogApi($parser->getParam(), $response, $module);
+            break;
+        case 'mt':
+            include_once XOOPS_ROOT_PATH.'/class/xml/rpc/movabletypeapi.php';
+            $rpc_api = new MovableTypeApi($parser->getParam(), $response, $module);
+            break;
+        case 'xoops':
+        default:
+            include_once XOOPS_ROOT_PATH.'/class/xml/rpc/xoopsapi.php';
+            $rpc_api = new XoopsApi($parser->getParam(), $response, $module);
+            break;
+        }
+        $method = $methods[1];
+        if (!method_exists($rpc_api, $method)) {
+            $response->add(new XoopsXmlRpcFault(107));
+        } else {
+            $rpc_api->$method();
+        }
+    }
 }
 $payload =& $response->render();
 //$fp = fopen(XOOPS_CACHE_PATH.'/xmllog.txt', 'w');


XOOPS

[xoops-cvslog 224] CVS update: xoops2jp/html