1.6.2

24b4af87 · Gideon Greenspan · 1f7939c1 · 24b4af87 · 24b4af87 · 24b4af87
Commit 24b4af87 authored Jul 31, 2013 by Gideon Greenspan
16 changed files
--- a/VERSION.txt
+++ b/VERSION.txt
-1.6.1
\ No newline at end of file
+1.6.2
\ No newline at end of file
--- a/qa-content/qa-admin.js
+++ b/qa-content/qa-admin.js
@@ -58,7 +58,7 @@ function qa_recalc_click(state, elem, value, noteid)
 function qa_recalc_update(elem, state, noteid)
 {
 	if (state)
-		qa_ajax_post('recalc', {state:state, code:elem.form.elements.code.value},
+		qa_ajax_post('recalc', {state:state, code:(elem.form.elements.code_recalc ? elem.form.elements.code_recalc.value : elem.form.elements.code.value)},
 			function(lines) {
 				if (lines[0]=='1') {
 					if (lines[2])

--- a/qa-include/qa-app-admin.php
+++ b/qa-include/qa-app-admin.php
@@ -102,6 +102,7 @@
 			'ru' => 'Russian - Русский',
 			'sk' => 'Slovak - Slovenčina',
 			'sl' => 'Slovenian - Slovenščina',
+			'sq' => 'Albanian - Shqip',
 			'sr' => 'Serbian - Српски',
 			'sv' => 'Swedish - Svenska',
 			'th' => 'Thai - ไทย',

--- a/qa-include/qa-app-format.php
+++ b/qa-include/qa-app-format.php
@@ -510,7 +510,8 @@
 			$fields['what']=qa_lang_html($isquestion ? 'main/asked' : ($isanswer ? 'main/answered' : 'main/commented'));
 				
 			if (@$options['whatlink'] && strlen(@$options['q_request']))
-				$fields['what_url']=qa_path_html($options['q_request'], array('show' => $postid), null, null, qa_anchor($post['basetype'], $postid));
+				$fields['what_url']=($post['basetype']=='Q') ? qa_path_html($options['q_request'])
+					: qa_path_html($options['q_request'], array('show' => $postid), null, null, qa_anchor($post['basetype'], $postid));
 		}
 		
 		if (isset($post['created']) && @$options['whenview']) {
@@ -1263,7 +1264,7 @@
 		if (isset($navigation[$selected]))
 			$navigation[$selected]['selected']=true;
 			
-		if (!qa_opt('allow_user_walls'))
+		if (QA_FINAL_EXTERNAL_USERS || !qa_opt('allow_user_walls'))
 			unset($navigation['wall']);
 		
 		return $navigation;

--- a/qa-include/qa-app-limits.php
+++ b/qa-include/qa-app-limits.php
@@ -67,7 +67,7 @@

 		$dblimits=qa_db_limits_get($userid, qa_remote_ip_address(), $action);
 		
-		return qa_limits_calc_remaining($action, $dblimits['user'], $dblimits['ip']);
+		return qa_limits_calc_remaining($action, @$dblimits['user'], @$dblimits['ip']);
 	}
 	
 	

--- a/qa-include/qa-base.php
+++ b/qa-include/qa-base.php
@@ -25,8 +25,8 @@
 */

 	
-	define('QA_VERSION', '1.6.1'); // also used as suffix for .js and .css requests
-	define('QA_BUILD_DATE', '2013-07-07');
+	define('QA_VERSION', '1.6.2'); // also used as suffix for .js and .css requests
+	define('QA_BUILD_DATE', '2013-07-31');

 //	Execution section of this file - remainder contains function definitions


--- a/qa-include/qa-db-selects.php
+++ b/qa-include/qa-db-selects.php
@@ -172,7 +172,7 @@
 				$selectspec['columns'][]='^users.level';
 				$selectspec['columns']['email']='^users.email';
 				$selectspec['columns']['handle']='^users.handle';
-				$selectspec['columns'][]='^users.avatarblobid';
+				$selectspec['columns']['avatarblobid']='BINARY ^users.avatarblobid';
 				$selectspec['columns'][]='^users.avatarwidth';
 				$selectspec['columns'][]='^users.avatarheight';
 				$selectspec['source'].=' LEFT JOIN ^users ON ^posts.userid=^users.userid';
@@ -1174,7 +1174,8 @@
 				'^users.userid', 'passsalt', 'passcheck' => 'HEX(passcheck)', 'email', 'level', 'emailcode', 'handle',
 				'created' => 'UNIX_TIMESTAMP(created)', 'sessioncode', 'sessionsource', 'flags', 'loggedin' => 'UNIX_TIMESTAMP(loggedin)',
 				'loginip' => 'INET_NTOA(loginip)', 'written' => 'UNIX_TIMESTAMP(written)', 'writeip' => 'INET_NTOA(writeip)',
-				'avatarblobid', 'avatarwidth', 'avatarheight', 'points', 'wallposts',
+				'avatarblobid' => 'BINARY avatarblobid', // cast to BINARY due to MySQL bug which renders it signed in a union
+				'avatarwidth', 'avatarheight', 'points', 'wallposts',
 			),
 			
 			'source' => '^users LEFT JOIN ^userpoints ON ^userpoints.userid=^users.userid WHERE ^users.'.($isuserid ? 'userid' : 'handle').'=$',
@@ -1264,7 +1265,7 @@
 		
 		else
 			return array(
-				'columns' => array('^users.userid', 'handle', 'points', 'flags', '^users.email', 'avatarblobid', 'avatarwidth', 'avatarheight'),
+				'columns' => array('^users.userid', 'handle', 'points', 'flags', '^users.email', 'avatarblobid' => 'BINARY avatarblobid', 'avatarwidth', 'avatarheight'),
 				'source' => '^users JOIN (SELECT userid FROM ^userpoints ORDER BY points DESC LIMIT #,#) y ON ^users.userid=y.userid JOIN ^userpoints ON ^users.userid=^userpoints.userid',
 				'arguments' => array($start, $count),
 				'arraykey' => 'userid',
@@ -1395,7 +1396,7 @@
 		require_once QA_INCLUDE_DIR.'qa-app-updates.php';
 		
 		return array(
-			'columns' => array('^users.userid', 'handle', 'points', 'flags', '^users.email', 'avatarblobid', 'avatarwidth', 'avatarheight'),
+			'columns' => array('^users.userid', 'handle', 'points', 'flags', '^users.email', 'avatarblobid' => 'BINARY avatarblobid', 'avatarwidth', 'avatarheight'),
 			'source' => "^users JOIN ^userpoints ON ^users.userid=^userpoints.userid JOIN ^userfavorites ON ^users.userid=^userfavorites.entityid WHERE ^userfavorites.userid=$ AND ^userfavorites.entitytype=$",
 			'arguments' => array($userid, QA_ENTITY_USER),
 			'sortasc' => 'handle',

--- a/qa-include/qa-index.php
+++ b/qa-include/qa-index.php
@@ -60,11 +60,8 @@
 				$urlformat=QA_URL_FORMAT_NEAT;
 				$requestparts=explode('/', qa_gpc_to_string($_GET['qa-rewrite']));
 				unset($_GET['qa-rewrite']);
-				$relativedepth=count($requestparts);
 				
-				// Workaround for fact that Apache unescapes characters while rewriting, based on assumption that $_GET['qa-rewrite'] has
-				// right path depth, which is true so long as there are only escaped characters in the last part of the path
-				if (!empty($_SERVER['REQUEST_URI'])) {
+				if (!empty($_SERVER['REQUEST_URI'])) { // workaround for the fact that Apache unescapes characters while rewriting
 					$origpath=$_SERVER['REQUEST_URI'];
 					$_GET=array();
 					
@@ -81,8 +78,21 @@
 						$origpath=substr($origpath, 0, $questionpos);
 					}
 					
-					$requestparts=array_slice(explode('/', urldecode($origpath)), -count($requestparts));
+					// Generally we assume that $_GET['qa-rewrite'] has the right path depth, but this won't be the case if there's
+					// a & or # somewhere in the middle of the path, due to apache unescaping. So we make a special case for that.
+					$keepparts=count($requestparts);
+					$requestparts=explode('/', urldecode($origpath)); // new request calculated from $_SERVER['REQUEST_URI']
+
+					for ($part=count($requestparts)-1; $part>=0; $part--)
+						if (is_numeric(strpos($requestparts[$part], '&')) || is_numeric(strpos($requestparts[$part], '#'))) { 
+							$keepparts+=count($requestparts)-$part-1; // this is how many parts we lost
+							break;
+						}
+						
+					$requestparts=array_slice($requestparts, -$keepparts); // remove any irrelevant parts from the beginning
 				}
+
+				$relativedepth=count($requestparts);
 				
 			} elseif (isset($_GET['qa'])) {
 				if (strpos($_GET['qa'], '/')===false) {

--- a/qa-include/qa-page-admin-categories.php
+++ b/qa-include/qa-page-admin-categories.php
@@ -262,6 +262,7 @@
 			
 			'buttons' => array(
 				'save' => array(
+					'tags' => 'id="dosaveoptions"', // just used for qa_recalc_click()
 					'label' => qa_lang_html('main/save_button'),
 				),
 				
@@ -327,6 +328,7 @@
 			
 			'buttons' => array(
 				'save' => array(
+					'tags' => 'id="dosaveoptions"', // just used for qa_recalc_click
 					'label' => qa_lang_html(isset($editcategory['categoryid']) ? 'main/save_button' : 'admin/add_category_button'),
 				),
 				
@@ -539,7 +541,7 @@
 			
 			'buttons' => array(
 				'save' => array(
-					'tags' => 'name="dosaveoptions"',
+					'tags' => 'name="dosaveoptions" id="dosaveoptions"',
 					'label' => qa_lang_html('main/save_button'),
 				),
 				
@@ -602,12 +604,13 @@

 	if (qa_get('recalc')) {
 		$qa_content['form']['ok']='<span id="recalc_ok">'.qa_lang_html('admin/recalc_categories').'</span>';
+		$qa_content['form']['hidden']['code_recalc']=qa_get_form_security_code('admin/recalc');
 		
 		$qa_content['script_rel'][]='qa-content/qa-admin.js?'.QA_VERSION;
 		$qa_content['script_var']['qa_warning_recalc']=qa_lang('admin/stop_recalc_warning');
 		
 		$qa_content['script_onloads'][]=array(
-			"qa_recalc_click('dorecalccategories', document.getElementById('recalc_ok'), null, 'recalc_ok');"
+			"qa_recalc_click('dorecalccategories', document.getElementById('dosaveoptions'), null, 'recalc_ok');"
 		);
 	}
 	

--- a/qa-include/qa-page-admin-default.php
+++ b/qa-include/qa-page-admin-default.php
@@ -831,6 +831,7 @@
 		
 		'buttons' => array(
 			'save' => array(
+				'tags' => 'id="dosaveoptions"',
 				'label' => qa_lang_html('admin/save_options_button'),
 			),
 			
@@ -849,11 +850,12 @@

 	if ($recalchotness) {
 		$qa_content['form']['ok']='<span id="recalc_ok"></span>';
+		$qa_content['form']['hidden']['code_recalc']=qa_get_form_security_code('admin/recalc');
 		
 		$qa_content['script_var']['qa_warning_recalc']=qa_lang('admin/stop_recalc_warning');
 		
 		$qa_content['script_onloads'][]=array(
-			"qa_recalc_click('dorecountposts', document.getElementById('recalc_ok'), null, 'recalc_ok');"
+			"qa_recalc_click('dorecountposts', document.getElementById('dosaveoptions'), null, 'recalc_ok');"
 		);

 	} elseif ($startmailing) {

--- a/qa-include/qa-page-admin-hidden.php
+++ b/qa-include/qa-page-admin-hidden.php
@@ -124,8 +124,11 @@
 				
 			$htmlfields['what_2']=qa_lang_html('main/hidden');

-			if (@$htmloptions['whenview'])
-				$htmlfields['when_2']=qa_when_to_html($question[isset($question['opostid']) ? 'oupdated' : 'updated'], @$htmloptions['fulldatedays']);
+			if (@$htmloptions['whenview']) {
+				$updated=@$question[isset($question['opostid']) ? 'oupdated' : 'updated'];
+				if (isset($updated))
+					$htmlfields['when_2']=qa_when_to_html($updated, @$htmloptions['fulldatedays']);
+			}
 			
 			$buttons=array();
 			

--- a/qa-include/qa-page-admin-points.php
+++ b/qa-include/qa-page-admin-points.php
@@ -115,12 +115,13 @@
 	} else {
 		if ($recalculate) {
 			$qa_content['form']['ok']='<span id="recalc_ok"></span>';
+			$qa_content['form']['hidden']['code_recalc']=qa_get_form_security_code('admin/recalc');
 			
 			$qa_content['script_rel'][]='qa-content/qa-admin.js?'.QA_VERSION;
 			$qa_content['script_var']['qa_warning_recalc']=qa_lang('admin/stop_recalc_warning');
 			
 			$qa_content['script_onloads'][]=array(
-				"qa_recalc_click('dorecalcpoints', document.getElementById('recalc_ok'), null, 'recalc_ok');"
+				"qa_recalc_click('dorecalcpoints', document.getElementById('dosaverecalc'), null, 'recalc_ok');"
 			);
 		}
 		

--- a/qa-include/qa-page-ask.php
+++ b/qa-include/qa-page-ask.php
@@ -101,7 +101,8 @@
 	
 	$in['title']=qa_post_text('title'); // allow title and tags to be posted by an external form
 	$in['extra']=qa_opt('extra_field_active') ? qa_post_text('extra') : null;
-	$in['tags']=qa_get_tags_field_value('tags');
+	if (qa_using_tags())
+		$in['tags']=qa_get_tags_field_value('tags');

 	if (qa_clicked('doask')) {
 		require_once QA_INCLUDE_DIR.'qa-app-post-create.php';

--- a/qa-include/qa-page-ip.php
+++ b/qa-include/qa-page-ip.php
@@ -217,8 +217,11 @@
 			if ($question[$hasother ? 'ohidden' : 'hidden'] && !isset($question[$hasother ? 'oupdatetype' : 'updatetype'])) {
 				$htmlfields['what_2']=qa_lang_html('main/hidden');

-				if (@$htmloptions['whenview'])
-					$htmlfields['when_2']=qa_when_to_html($question[$hasother ? 'oupdated' : 'updated'], @$htmloptions['fulldatedays']);
+				if (@$htmloptions['whenview']) {
+					$updated=@$question[$hasother ? 'oupdated' : 'updated'];
+					if (isset($updated))
+						$htmlfields['when_2']=qa_when_to_html($updated, @$htmloptions['fulldatedays']);
+				}
 			}

 			$qa_content['q_list']['qs'][]=$htmlfields;

--- a/qa-include/qa-page-question-post.php
+++ b/qa-include/qa-page-question-post.php
@@ -440,7 +440,7 @@
 				$in['categoryid']=qa_get_category_field_value('q_category');
 		}
 		
-		if (isset($in['categoryid'])) { // need to check if we can move it to that category, and if we need moderation
+		if (array_key_exists('categoryid', $in)) { // need to check if we can move it to that category, and if we need moderation
 			$categories=qa_db_select_with_pending(qa_db_category_nav_selectspec($in['categoryid'], true));
 			$categoryids=array_keys(qa_category_path($categories, $in['categoryid']));
 			$userlevel=qa_user_level_for_categories($categoryids);
@@ -476,7 +476,7 @@
 					qa_update_post_text($in, $oldin);
 			}
 			
-			if (strcmp($in['categoryid'], $question['categoryid']))
+			if (array_key_exists('categoryid', $in) && strcmp($in['categoryid'], $question['categoryid']))
 				if (qa_user_permit_error('permit_post_q', null, $userlevel))
 					$errors['categoryid']=qa_lang_html('question/category_ask_not_allowed');
 			

--- a/qa-include/qa-page-question-view.php
+++ b/qa-include/qa-page-question-view.php
@@ -225,6 +225,7 @@
 		$htmloptions=qa_post_html_options($question, null, true);
 		$htmloptions['answersview']=false; // answer count is displayed separately so don't show it here
 		$htmloptions['avatarsize']=qa_opt('avatar_q_page_q_size');
+		$htmloptions['q_request']=qa_q_request($question['postid'], $question['title']);
 		$q_view=qa_post_html_fields($question, $userid, $cookieid, $usershtml, null, $htmloptions);