As generated by AppGini 5.93

bigprof-software · Jan 19, 2021 · 4e4d8d0 · 4e4d8d0
1 parent 3d11526
commit 4e4d8d0
Showing 24 changed files with 276 additions and 242 deletions.
diff --git a/app/admin/incFunctions.php b/app/admin/incFunctions.php
@@ -164,109 +164,109 @@ function getThumbnailSpecs($tableName, $fieldName, $view) {
 	}
 	########################################################################
 	function createThumbnail($img, $specs) {
-		$w=$specs['width'];
-		$h=$specs['height'];
-		$id=$specs['identifier'];
-		$path=dirname($img);
+		$w = $specs['width'];
+		$h = $specs['height'];
+		$id = $specs['identifier'];
+		$path = dirname($img);
 
 		// image doesn't exist or inaccessible?
-		if(!$size=@getimagesize($img))   return FALSE;
+		if(!$size = @getimagesize($img)) return false;
 
 		// calculate thumbnail size to maintain aspect ratio
-		$ow=$size[0]; // original image width
-		$oh=$size[1]; // original image height
-		$twbh=$h/$oh*$ow; // calculated thumbnail width based on given height
-		$thbw=$w/$ow*$oh; // calculated thumbnail height based on given width
+		$ow = $size[0]; // original image width
+		$oh = $size[1]; // original image height
+		$twbh = $h / $oh * $ow; // calculated thumbnail width based on given height
+		$thbw = $w / $ow * $oh; // calculated thumbnail height based on given width
 		if($w && $h) {
-			if($twbh>$w) $h=$thbw;
-			if($thbw>$h) $w=$twbh;
+			if($twbh > $w) $h = $thbw;
+			if($thbw > $h) $w = $twbh;
 		} elseif($w) {
-			$h=$thbw;
+			$h = $thbw;
 		} elseif($h) {
-			$w=$twbh;
+			$w = $twbh;
 		} else {
-			return FALSE;
+			return false;
 		}
 
 		// dir not writeable?
-		if(!is_writable($path))  return FALSE;
+		if(!is_writable($path)) return false;
 
 		// GD lib not loaded?
-		if(!function_exists('gd_info'))  return FALSE;
-		$gd=gd_info();
+		if(!function_exists('gd_info')) return false;
+		$gd = gd_info();
 
 		// GD lib older than 2.0?
 		preg_match('/\d/', $gd['GD Version'], $gdm);
-		if($gdm[0]<2)    return FALSE;
+		if($gdm[0] < 2) return false;
 
 		// get file extension
 		preg_match('/\.[a-zA-Z]{3,4}$/U', $img, $matches);
-		$ext=strtolower($matches[0]);
+		$ext = strtolower($matches[0]);
 
 		// check if supplied image is supported and specify actions based on file type
-		if($ext=='.gif') {
-			if(!$gd['GIF Create Support'])   return FALSE;
-			$thumbFunc='imagegif';
-		} elseif($ext=='.png') {
-			if(!$gd['PNG Support'])  return FALSE;
-			$thumbFunc='imagepng';
-		} elseif($ext=='.jpg' || $ext=='.jpe' || $ext=='.jpeg') {
-			if(!$gd['JPG Support'] && !$gd['JPEG Support'])  return FALSE;
-			$thumbFunc='imagejpeg';
+		if($ext == '.gif') {
+			if(!$gd['GIF Create Support']) return false;
+			$thumbFunc = 'imagegif';
+		} elseif($ext == '.png') {
+			if(!$gd['PNG Support'])  return false;
+			$thumbFunc = 'imagepng';
+		} elseif($ext == '.jpg' || $ext == '.jpe' || $ext == '.jpeg') {
+			if(!$gd['JPG Support'] && !$gd['JPEG Support'])  return false;
+			$thumbFunc = 'imagejpeg';
 		} else {
-			return FALSE;
+			return false;
 		}
 
 		// determine thumbnail file name
-		$ext=$matches[0];
-		$thumb=substr($img, 0, -5).str_replace($ext, $id.$ext, substr($img, -5));
+		$ext = $matches[0];
+		$thumb = substr($img, 0, -5) . str_replace($ext, $id . $ext, substr($img, -5));
 
 		// if the original image smaller than thumb, then just copy it to thumb
-		if($h>$oh && $w>$ow) {
-			return (@copy($img, $thumb) ? TRUE : FALSE);
+		if($h > $oh && $w > $ow) {
+			return (@copy($img, $thumb) ? true : false);
 		}
 
 		// get image data
-		if(!$imgData=imagecreatefromstring(implode('', file($img)))) return FALSE;
+		if(!$imgData = imagecreatefromstring(implode('', file($img)))) return false;
 
 		// finally, create thumbnail
-		$thumbData=imagecreatetruecolor($w, $h);
+		$thumbData = imagecreatetruecolor($w, $h);
 
 		//preserve transparency of png and gif images
-		if($thumbFunc=='imagepng') {
-			if(($clr=@imagecolorallocate($thumbData, 0, 0, 0))!=-1) {
+		if($thumbFunc == 'imagepng') {
+			if(($clr = @imagecolorallocate($thumbData, 0, 0, 0)) != -1) {
 				@imagecolortransparent($thumbData, $clr);
 				@imagealphablending($thumbData, false);
 				@imagesavealpha($thumbData, true);
 			}
-		} elseif($thumbFunc=='imagegif') {
+		} elseif($thumbFunc == 'imagegif') {
 			@imagealphablending($thumbData, false);
-			$transIndex=imagecolortransparent($imgData);
-			if($transIndex>=0) {
-				$transClr=imagecolorsforindex($imgData, $transIndex);
-				$transIndex=imagecolorallocatealpha($thumbData, $transClr['red'], $transClr['green'], $transClr['blue'], 127);
+			$transIndex = imagecolortransparent($imgData);
+			if($transIndex >= 0) {
+				$transClr = imagecolorsforindex($imgData, $transIndex);
+				$transIndex = imagecolorallocatealpha($thumbData, $transClr['red'], $transClr['green'], $transClr['blue'], 127);
 				imagefill($thumbData, 0, 0, $transIndex);
 			}
 		}
 
 		// resize original image into thumbnail
-		if(!imagecopyresampled($thumbData, $imgData, 0, 0 , 0, 0, $w, $h, $ow, $oh)) return FALSE;
+		if(!imagecopyresampled($thumbData, $imgData, 0, 0 , 0, 0, $w, $h, $ow, $oh)) return false;
 		unset($imgData);
 
 		// gif transparency
-		if($thumbFunc=='imagegif' && $transIndex>=0) {
+		if($thumbFunc == 'imagegif' && $transIndex >= 0) {
 			imagecolortransparent($thumbData, $transIndex);
-			for($y=0; $y<$h; ++$y)
-				for($x=0; $x<$w; ++$x)
-					if(((imagecolorat($thumbData, $x, $y)>>24) & 0x7F) >= 100)   imagesetpixel($thumbData, $x, $y, $transIndex);
+			for($y = 0; $y < $h; ++$y)
+				for($x = 0; $x < $w; ++$x)
+					if(((imagecolorat($thumbData, $x, $y) >> 24) & 0x7F) >= 100) imagesetpixel($thumbData, $x, $y, $transIndex);
 			imagetruecolortopalette($thumbData, true, 255);
 			imagesavealpha($thumbData, false);
 		}
 
-		if(!$thumbFunc($thumbData, $thumb))  return FALSE;
+		if(!$thumbFunc($thumbData, $thumb)) return false;
 		unset($thumbData);
 
-		return TRUE;
+		return true;
 	}
 	########################################################################
 	function makeSafe($string, $is_gpc = true) {
@@ -1179,7 +1179,7 @@ function toBytes($val) {
 	function convertLegacyOptions($CSVList) {
 		$CSVList=str_replace(';;;', ';||', $CSVList);
 		$CSVList=str_replace(';;', '||', $CSVList);
-		return $CSVList;
+		return trim($CSVList, '|');
 	}
 	########################################################################
 	function getValueGivenCaption($query, $caption) {

diff --git a/app/admin/incHeader.php b/app/admin/incHeader.php
@@ -40,7 +40,7 @@ function jsValidateEmail(address) {
 			}
 
 			function jsShowWait() {
-				return window.confirm("<?php echo $Translation['sending mails']; ?>");
+				return window.confirm('<?php echo addslashes($Translation['sending mails']); ?>');
 			}
 
 			function jsValidateAdminSettings() {
@@ -69,38 +69,36 @@ function jsConfirmTransfer() {
 					var mm=document.getElementById('moveMembers').checked;
 				}
 
-				//confirm('sg='+sg+'\n'+'sm='+sm+'\n'+'dg='+dg+'\n'+'dm='+dm+'\n'+'mm='+mm+'\n'+'dmm='+dmm+'\n');
-
 				if(dmm && !dm) {
 					modal_window({ message: '<div>'+"<?php echo $Translation['complete step 4']; ?>"+'</div>', title: "<?php echo $Translation['info']; ?>", close: function() { jQuery('#destinationMemberID').focus(); } });
 					return false;
 				}
 
 				if(mm && sm!='-1') {
 
-					confirmMessage = "<?php echo $Translation['sure move member']; ?>";
+					confirmMessage = '<?php echo addslashes($Translation['sure move member']); ?>';
 					confirmMessage = confirmMessage.replace(/<MEMBER>/, sm).replace(/<OLDGROUP>/, sg).replace(/<NEWGROUP>/, dg);
 					return window.confirm(confirmMessage);
 
 				}
 				if((dmm || dm) && sm!='-1') {
 
-					confirmMessage = "<?php echo $Translation['sure move data of member']; ?>";
+					confirmMessage = '<?php echo addslashes($Translation['sure move data of member']); ?>';
 					confirmMessage = confirmMessage.replace(/<OLDMEMBER>/, sm).replace(/<OLDGROUP>/, sg).replace(/<NEWMEMBER>/, dm).replace(/<NEWGROUP>/, dg);                 
 					return window.confirm(confirmMessage);
 				}
 
 				if(mm) {
 
-					confirmMessage = "<?php echo $Translation['sure move all members']; ?>";
+					confirmMessage = '<?php echo addslashes($Translation['sure move all members']); ?>';
 					confirmMessage = confirmMessage.replace(/<OLDGROUP>/, sg).replace(/<NEWGROUP>/, dg);
 					return window.confirm(confirmMessage);
 				}
 
 				if(dmm) {
 
 
-					confirmMessage = "<?php echo $Translation['sure move data of all members']; ?>";
+					confirmMessage = '<?php echo addslashes($Translation['sure move data of all members']); ?>';
 					confirmMessage = confirmMessage.replace(/<OLDGROUP>/, sg).replace(/<MEMBER>/, dm).replace(/<NEWGROUP>/, dg);
 					return window.confirm(confirmMessage);
 				}
@@ -223,7 +221,7 @@ function hideDialogs() {
 									<?php
 										$plugin_icon = '';
 										if($plugin['glyphicon']) $plugin_icon = "<i class=\"glyphicon glyphicon-{$plugin['glyphicon']}\"></i> ";
-										if($plugin['icon']) $plugin_icon = "<img src=\"{$plugin['admin_path']}/{$plugin['icon']}\"> ";
+										if($plugin['icon']) $plugin_icon = "<img class=\"rspacer-md\" src=\"{$plugin['admin_path']}/{$plugin['icon']}\"> ";
 									?>
 									<li><a target="_blank" href="<?php echo $plugin['admin_path']; ?>"><?php echo $plugin_icon . $plugin['title']; ?></a></li>
 								<?php } ?>

diff --git a/app/admin/pageEditMember.php b/app/admin/pageEditMember.php
@@ -494,9 +494,6 @@
 				})
 		}
 
-		/* circumvent browser auto-filling of passwords */
-		setTimeout(function() { $j('#password').val(''); }, 100);
-
 		$j('#username-available, #username-not-available').click(function() { $j('#memberID').focus(); });
 
 		$j('#memberID').on('keyup blur', check_user);

diff --git a/app/admin/pageHome.php b/app/admin/pageHome.php
@@ -3,33 +3,33 @@
 	require("{$currDir}/incCommon.php");
 	$GLOBALS['page_title'] = $Translation['membership management homepage'];
 	include("{$currDir}/incHeader.php");
-?>
 
-<?php
-	if(!sqlValue("select count(1) from membership_groups where allowSignup=1")) {
-		$noSignup=TRUE;
+	$eo = ['silentErrors' => true];
+
+	if(!sqlValue("SELECT COUNT(1) FROM `membership_groups` WHERE `allowSignup`=1")) {
+		$noSignup = true;
 		?>
 		<div class="alert alert-info">
-			<i><?php echo $Translation["attention"]; ?></i>
-			<br><?php echo $Translation["visitor sign up"]; ?>
-			</div>
+			<i><?php echo $Translation['attention']; ?></i>
+			<br><?php echo $Translation['visitor sign up']; ?>
+		</div>
 		<?php
 	}
 ?>
 
 <?php
 	// get the count of records having no owners in each table
-	$arrTables=getTableList();
+	$arrTables = getTableList();
 
-	foreach($arrTables as $tn=>$tc) {
-		$countOwned=sqlValue("select count(1) from membership_userrecords where tableName='$tn' and not isnull(groupID)");
-		$countAll=sqlValue("select count(1) from `$tn`");
+	foreach($arrTables as $tn => $tc) {
+		$countOwned = sqlValue("SELECT COUNT(1) FROM membership_userrecords WHERE tableName='$tn' AND NOT ISNULL(groupID)");
+		$countAll = sqlValue("SELECT COUNT(1) FROM `$tn`");
 
-		if($countAll>$countOwned) {
+		if($countAll > $countOwned) {
 			?>
 			<div class="alert alert-info">
-				<?php echo $Translation["table data without owner"]; ?>
-				</div>
+				<?php echo $Translation['table data without owner']; ?>
+			</div>
 			<?php
 			break;
 		}
@@ -148,12 +148,25 @@
 	<div class="panel-body">
 	<table class="table table-striped table-hover">
 	<?php
-		$res=sql("select lcase(memberID), count(1) from membership_userrecords group by memberID order by 2 desc limit 5", $eo);
-		while($row=db_fetch_row($res)) {
+		$res = sql("SELECT LCASE(`memberID`), COUNT(1) FROM `membership_userrecords` GROUP BY `memberID` ORDER BY 2 DESC LIMIT 5", $eo);
+		while($row = db_fetch_row($res)) {
 			?>
 			<tr>
-				<th class="" style="max-width: 10em;"><a href="pageEditMember.php?memberID=<?php echo urlencode($row[0]); ?>" title="<?php echo $Translation["edit member details"]; ?>"><i class="glyphicon glyphicon-pencil"></i> <?php echo $row[0]; ?></a></th>
-				<td class="remaining-width"><a href="pageViewRecords.php?memberID=<?php echo urlencode($row[0]); ?>"><img src="images/data_icon.gif" border="0" alt="<?php echo $Translation["view member records"]; ?>" title="<?php echo $Translation["view member records"]; ?>"></a> <?php echo $row[1]; ?> <?php echo $Translation["records"]; ?></td>
+				<th class="" style="max-width: 10em;">
+					<?php if($row[0]) { ?>
+						<a href="pageEditMember.php?memberID=<?php echo urlencode($row[0]); ?>" title="<?php echo $Translation["edit member details"]; ?>">
+							<i class="glyphicon glyphicon-pencil"></i> <?php echo $row[0]; ?>
+						</a>
+					<?php } else { ?>
+						<i class="glyphicon glyphicon-pencil text-muted"></i> <i><?php echo $Translation['none']; ?></i>
+					<?php } ?>
+				</th>
+				<td class="remaining-width">
+					<a href="pageViewRecords.php?memberID=<?php echo urlencode($row[0] ? $row[0] : '{none}'); ?>">
+						<img src="images/data_icon.gif" border="0" alt="<?php echo $Translation["view member records"]; ?>" title="<?php echo $Translation["view member records"]; ?>">
+					</a>
+					<?php echo $row[1]; ?> <?php echo $Translation["records"]; ?>
+				</td>
 			</tr>
 			<?php
 		}

diff --git a/app/admin/pageRebuildFields.php b/app/admin/pageRebuildFields.php
@@ -224,7 +224,7 @@ function fix_field($fix_table, $fix_field, $schema, &$qry) {
 		});
 
 		$j('.btn_update, #fix_all').click(function() {
-			return confirm("<?php echo $Translation['field update warning'] ; ?>");
+			return confirm('<?php echo addslashes($Translation['field update warning']); ?>');
 		});
 
 		var count_updates = $j('.btn_update').length;

diff --git a/app/admin/pageServerStatus.php b/app/admin/pageServerStatus.php
@@ -1,6 +1,6 @@
 <?php
-	$appgini_version = '5.93.1127';
-	$generated_ts = '11/1/2021 5:42:13 PM';
+	$appgini_version = '5.93.1128';
+	$generated_ts = '19/1/2021 8:54:11 PM';
 
 	$currDir = dirname(__FILE__);
 	require("{$currDir}/incCommon.php");

diff --git a/app/admin/pageSettings.php b/app/admin/pageSettings.php
@@ -153,6 +153,10 @@
 		include("{$currDir}/incFooter.php");
 	}
 
+	function setNewPasswordAttribute($html) {
+		return str_replace(' type="password" ', ' type="password" autocomplete="new-password" ', $html);
+	}
+
 	function settings_textbox($name, $label, $value, $hint = '', $type = 'text') {
 		ob_start();
 		?>
@@ -369,8 +373,8 @@ function settings_checkbox($name, $label, $value, $set_value, $hint = '') {
 		<div class="tab-pane" id="users-settings">
 			<div style="height: 3em;"></div>
 			<?php echo settings_textbox('adminUsername', $Translation['admin username'], $adminConfig['adminUsername']); ?>
-			<?php echo settings_textbox('adminPassword', $Translation['admin password'], '', $Translation['change admin password'], 'password'); ?>
-			<?php echo settings_textbox('confirmPassword', $Translation['confirm password'], '', '', 'password'); ?>
+			<?php echo setNewPasswordAttribute(settings_textbox('adminPassword', $Translation['admin password'], '', $Translation['change admin password'], 'password')); ?>
+			<?php echo setNewPasswordAttribute(settings_textbox('confirmPassword', $Translation['confirm password'], '', '', 'password')); ?>
 			<hr>
 			<?php echo settings_textbox('anonymousGroup', $Translation['anonymous group'], $adminConfig['anonymousGroup']); ?>
 			<?php echo settings_textbox('anonymousMember', $Translation['anonymous user name'], $adminConfig['anonymousMember']); ?>

diff --git a/app/admin/pageTransferOwnership.php b/app/admin/pageTransferOwnership.php
@@ -327,13 +327,23 @@
 			<div class="panel-body">
 				<div class="step-details">
 					<?php
-						$anon_group_safe = makeSafe($adminConfig['anonymousGroup'], false);
-						$noMove = ($sourceGroupID == sqlValue("select groupID from membership_groups where name='{$anon_group_safe}'"));
-						$destinationHasMembers = sqlValue("select count(1) from membership_users where groupID='{$destinationGroupID}'");
-
-						if(!$noMove) {
-							echo $Translation['move records'] ; 
-						}
+						$anon_group_safe = makeSafe(config('adminConfig')['anonymousGroup']);
+						$anonGroupId = sqlValue("SELECT groupID FROM membership_groups WHERE name='{$anon_group_safe}'");
+
+						// present option to move member to destination group only if 
+						// source/destination group is not anonymous group and
+						// source member is not super admin and
+						// source member is not 'all members'
+						$noMove = (
+							$sourceGroupID == $anonGroupId ||
+							$destinationGroupID == $anonGroupId ||
+							$sourceMemberID == config('adminConfig')['adminUsername'] ||
+							$sourceMemberID == -1
+						);
+
+						$destinationHasMembers = sqlValue("SELECT COUNT(1) FROM membership_users WHERE groupID='{$destinationGroupID}'");
+
+						if(!$noMove) echo $Translation['move records'];
 					?>
 				</div>
 

diff --git a/app/admin/pageViewGroups.php b/app/admin/pageViewGroups.php
@@ -82,7 +82,7 @@
 						<?php if(!$groupMembersCount) { ?>
 								<a href="pageDeleteGroup.php?groupID=<?php echo $row[0]; ?>" 
 								   title="<?php echo $Translation['delete group'] ; ?>" 
-								   onClick="return confirm('<?php echo $Translation['confirm delete group'] ; ?>');">
+								   onClick="return confirm('<?php echo addslashes($Translation['confirm delete group']); ?>');">
 									<i class="glyphicon glyphicon-trash text-danger"></i>
 								</a>
 						<?php } else { ?>