This commit was manufactured by cvs2svn to create tag 'AMO1_STAGING'.

git-svn-id: svn://10.0.0.236/tags/AMO1_STAGING@221439 18797224-902f-48f8-a5cc-f745e15eee43

mozilla/tools/tinderbox-configs/firefox/linux/CLOBBER

@@ -1,2 +0,0 @@
-Clobbering to pick up changes from bug 409803.
-

mozilla/tools/tinderbox-configs/firefox/linux/mozconfig

@@ -1,27 +0,0 @@
-#
-## hostname: fx-linux-tbox
-## uname: Linux fx-linux-tbox.build.mozilla.org 2.6.18-8.el5 #1 SMP Thu Mar 15 19:57:35 EDT 2007 i686 i686 i386 GNU/Linux
-#
-
-export CFLAGS="-gstabs+"
-export CXXFLAGS="-gstabs+"
-
-mk_add_options MOZ_CO_PROJECT=browser
-mk_add_options PROFILE_GEN_SCRIPT=@TOPSRCDIR@/build/profile_pageloader.pl
-mk_add_options MOZ_CO_MODULE="mozilla/tools/update-packaging mozilla/tools/codesighs"
-ac_add_options --enable-application=browser
-
-ac_add_options --enable-update-channel=nightly
-ac_add_options --enable-update-packaging
-
-# Don't add explicit optimize flags here, set them in configure.in, see bug 407794.
-ac_add_options --enable-optimize
-ac_add_options --disable-debug
-ac_add_options --disable-tests
-#not yet
-#ac_add_options --enable-glitz
-
-ac_add_options --enable-codesighs
-
-CC=/tools/gcc/bin/gcc
-CXX=/tools/gcc/bin/g++

mozilla/tools/tinderbox-configs/firefox/linux/tinder-config.pl

@@ -1,269 +0,0 @@
-#
-## hostname: fx-linux-tbox
-## uname: Linux fx-linux-tbox.build.mozilla.org 2.6.18-8.el5 #1 SMP Thu Mar 15 19:57:35 EDT 2007 i686 i686 i386 GNU/Linux
-#
-
-#- tinder-config.pl - Tinderbox configuration file.
-#-    Uncomment the variables you need to set.
-#-    The default values are the same as the commented variables.
-
-$ENV{CVS_RSH} = "ssh";
-$ENV{MOZ_CRASHREPORTER_NO_REPORT} = '1';
-
-# To ensure Talkback client builds properly on some Linux boxen where LANG
-# is set to "en_US.UTF-8" by default, override that setting here by setting
-# it to "en_US.iso885915" (the setting on ocean).  Proper fix is to update
-# where xrestool is called in the build system so that 'LANG=C' in its
-# environment, according to bryner.
-$ENV{LANG} = "en_US.iso885915";
-
-# $ENV{MOZ_PACKAGE_MSI}
-#-----------------------------------------------------------------------------
-#  Default: 0
-#   Values: 0 | 1
-#  Purpose: Controls whether a MSI package is made.
-# Requires: Windows and a local MakeMSI installation.
-#$ENV{MOZ_PACKAGE_MSI} = 0;
-
-# $ENV{MOZ_SYMBOLS_TRANSFER_TYPE}
-#-----------------------------------------------------------------------------
-#  Default: scp
-#   Values: scp | rsync
-#  Purpose: Use scp or rsync to transfer symbols to the Talkback server.
-# Requires: The selected type requires the command be available both locally
-#           and on the Talkback server.
-#$ENV{MOZ_SYMBOLS_TRANSFER_TYPE} = "scp";
-
-#- PLEASE FILL THIS IN WITH YOUR PROPER EMAIL ADDRESS
-$BuildAdministrator = 'build@mozilla.org';
-#$BuildAdministrator = "$ENV{USER}\@$ENV{HOST}";
-#$BuildAdministrator = ($ENV{USER} || "cltbld") . "\@" . ($ENV{HOST} || "dhcp");
-
-#- You'll need to change these to suit your machine's needs
-$DisplayServer = ':0.0';
-
-#- Default values of command-line opts
-#-
-#$BuildDepend       = 1;      # Depend or Clobber
-#$BuildDebug        = 0;      # Debug or Opt (Darwin)
-#$ReportStatus      = 1;      # Send results to server, or not
-#$ReportFinalStatus = 1;      # Finer control over $ReportStatus.
-#$UseTimeStamp      = 1;      # Use the CVS 'pull-by-timestamp' option, or not
-#$BuildOnce         = 0;      # Build once, don't send results to server
-#$TestOnly          = 0;      # Only run tests, don't pull/build
-#$BuildEmbed        = 0;      # After building seamonkey, go build embed app.
-#$SkipMozilla       = 0;      # Use to debug post-mozilla.pl scripts.
-#$BuildLocales      = 0;      # Do l10n packaging?
-
-# Tests
-$CleanProfile             = 1;
-#$ResetHomeDirForTests     = 1;
-$ProductName              = "Firefox";
-$VendorName               = 'Mozilla';
-
-# CONFIG: $RunMozillaTests          = %runMozillaTests%;
-$RunMozillaTests          = 1;
-$RegxpcomTest             = 1;
-$AliveTest                = 1;
-#$JavaTest                 = 0;
-#$ViewerTest               = 0;
-#$BloatTest                = 0;  # warren memory bloat test
-#$BloatTest2               = 0;  # dbaron memory bloat test, require tracemalloc
-#$DomToTextConversionTest  = 0;  
-#$XpcomGlueTest            = 0;
-$CodesizeTest             = 1;  # Z,  require mozilla/tools/codesighs
-$EmbedCodesizeTest        = 1;  # mZ, require mozilla/tools/codesigns
-#$MailBloatTest            = 0;
-#$EmbedTest                = 0;  # Assumes you wanted $BuildEmbed=1
-$LayoutPerformanceTest    = 0;  # Tp
-$DHTMLPerformanceTest     = 0;  # Tdhtml
-#$QATest                   = 0;  
-#$XULWindowOpenTest        = 0;  # Txul
-$StartupPerformanceTest   = 0;  # Ts
-
-$TestsPhoneHome           = 0;  # Should test report back to server?
-$GraphNameOverride        = 'fx-linux-tbox';
-
-# $results_server
-#----------------------------------------------------------------------------
-# Server on which test results will be accessible.  This was originally tegu,
-# then became axolotl.  Once we moved services from axolotl, it was time
-# to give this service its own hostname to make future transitions easier.
-# - cmp@mozilla.org
-#$results_server           = "build-graphs.mozilla.org";
-
-#$pageload_server          = "spider";  # localhost
-$pageload_server      = "pageload.build.mozilla.org";
-
-
-#
-# Timeouts, values are in seconds.
-#
-#$CVSCheckoutTimeout               = 3600;
-#$CreateProfileTimeout             = 45;
-#$RegxpcomTestTimeout              = 120;
-
-#$AliveTestTimeout                 = 45;
-#$ViewerTestTimeout                = 45;
-#$EmbedTestTimeout                 = 45;
-#$BloatTestTimeout                 = 120;   # seconds
-#$MailBloatTestTimeout             = 120;   # seconds
-#$JavaTestTimeout                  = 45;
-#$DomTestTimeout	                  = 45;    # seconds
-#$XpcomGlueTestTimeout             = 15;
-#$CodesizeTestTimeout              = 900;     # seconds
-#$CodesizeTestType                 = "auto";  # {"auto"|"base"}
-#$LayoutPerformanceTestTimeout     = 1200;  # entire test, seconds
-#$DHTMLPerformanceTestTimeout      = 1200;  # entire test, seconds
-#$QATestTimeout                    = 1200;   # entire test, seconds
-#$LayoutPerformanceTestPageTimeout = 30000; # each page, ms
-#$StartupPerformanceTestTimeout    = 15;    # seconds
-#$XULWindowOpenTestTimeout	      = 150;   # seconds
-
-
-#$MozConfigFileName = 'mozconfig';
-
-#$UseMozillaProfile = 1;
-#$MozProfileName = 'default';
-
-#- Set these to what makes sense for your system
-#$Make          = 'gmake';       # Must be GNU make
-#$MakeOverrides = '';
-#$mail          = '/bin/mail';
-#$CVS           = 'cvs -q';
-#$CVSCO         = 'checkout -P';
-
-# win32 usually doesn't have /bin/mail
-#$blat           = 'c:/nstools/bin/blat';
-#$use_blat       = 0;
-
-# Set moz_cvsroot to something like:
-# :pserver:$ENV{USER}%netscape.com\@cvs.mozilla.org:/cvsroot
-# :pserver:anonymous\@cvs-mirror.mozilla.org:/cvsroot
-#
-# Note that win32 may not need \@, depends on ' or ".
-# :pserver:$ENV{USER}%netscape.com@cvs.mozilla.org:/cvsroot
-
-#$moz_cvsroot   = $ENV{CVSROOT};
-# CONFIG: $moz_cvsroot   = '%mozillaCvsroot%';
-$moz_cvsroot   = ':ext:cltbld@cvs.mozilla.org:/cvsroot';
-
-#- Set these proper values for your tinderbox server
-#$Tinderbox_server = 'tinderbox-daemon@tinderbox.mozilla.org';
-
-# Allow for non-client builds, e.g. camino.
-#$moz_client_mk = 'client.mk';
-
-#- Set if you want to build in a separate object tree
-$ObjDir = 'obj-fx-trunk';
-
-# Extra build name, if needed.
-$BuildNameExtra = 'Nightly';
-
-# User comment, eg. ip address for dhcp builds.
-# ex: $UserComment = "ip = 208.12.36.108";
-#$UserComment = 0;
-
-#-
-#- The rest should not need to be changed
-#-
-
-#- Minimum wait period from start of build to start of next build in minutes.
-#$BuildSleep = 10;
-
-#- Until you get the script working. When it works,
-#- change to the tree you're actually building
-# CONFIG: $BuildTree  = '%buildTree%';
-$BuildTree  = 'MozillaTest';
-
-#$BuildName = '';
-#$BuildTag = '';
-#$BuildConfigDir = 'mozilla/config';
-#$Topsrcdir = 'mozilla';
-
-$BinaryName = 'firefox-bin';
-
-#
-# For embedding app, use:
-#$EmbedBinaryName = 'TestGtkEmbed';
-#$EmbedDistDir    = 'dist/bin'
-
-
-#$ShellOverride = ''; # Only used if the default shell is too stupid
-#$ConfigureArgs = '';
-#$ConfigureEnvArgs = '';
-#$Compiler = 'gcc';
-#$NSPRArgs = '';
-#$ShellOverride = '';
-
-# Release build options
-$ReleaseBuild  = 1;
-$shiptalkback  = 0;
-$ReleaseToLatest = 1; # Push the release to latest-<milestone>?
-$ReleaseToDated = 1; # Push the release to YYYY-MM-DD-HH-<milestone>?
-$build_hour    = 14;
-$package_creation_path = "/browser/installer";
-# needs setting for mac + talkback: $mac_bundle_path = "/browser/app";
-$ssh_version   = "2";
-# CONFIG: $ssh_user      = "%sshUser%";
-$ssh_user      = "ffxbld";
-$ssh_key       = "'$ENV{HOME}/.ssh/ffxbld_dsa'";
-# CONFIG: $ssh_server    = "%sshServer%";
-$ssh_server    = "stage-old.mozilla.org";
-$ReleaseGroup  = "firefox";
-$ftp_path      = "/home/ftp/pub/firefox/nightly/experimental";
-$url_path      = "http://ftp.mozilla.org/pub/mozilla.org/firefox/nightly/experimental";
-$tbox_ftp_path = "/home/ftp/pub/firefox/tinderbox-builds";
-$tbox_url_path = "http://ftp.mozilla.org/pub/mozilla.org/firefox/tinderbox-builds";
-$milestone     = "trunk";
-$notify_list   = 'build-announce@mozilla.org';
-$stub_installer = 0;
-$sea_installer = 0;
-$archive       = 1;
-$push_raw_xpis = 0;
-# CONFIG: $update_aus_host = '%ausServer%';
-$update_aus_host = 'aus2-staging.mozilla.org';
-$update_pushinfo = 0;
-$update_package = 1;
-$update_product = "Firefox";
-$update_version = "trunk";
-$update_platform = "Linux_x86-gcc3";
-$update_hash = "sha1";
-# CONFIG: $update_filehost = '%ftpServer%';
-$update_filehost = 'ftp.mozilla.org';
-$update_ver_file = 'browser/config/version.txt';
-$crashreporter_buildsymbols = 1;
-$crashreporter_pushsymbols = 1;
-# CONFIG: $ENV{'SYMBOL_SERVER_HOST'}    = '%symbolServer%';
-$ENV{'SYMBOL_SERVER_HOST'}    = 'dm-symbolpush01.mozilla.org';
-# CONFIG: $ENV{'SYMBOL_SERVER_USER'}    = '%symbolServerUser%';
-$ENV{'SYMBOL_SERVER_USER'}    = 'ffxbld';
-# CONFIG: $ENV{'SYMBOL_SERVER_PATH'}    = '%symbolServerPath%';
-$ENV{'SYMBOL_SERVER_PATH'}    = '/mnt/netapp/breakpad/symbols_ffx';
-# CONFIG: $ENV{'SYMBOL_SERVER_SSH_KEY'} = '%symbolServerKey%';
-$ENV{'SYMBOL_SERVER_SSH_KEY'} = '/home/cltbld/.ssh/ffxbld_dsa';
-
-# Reboot the OS at the end of build-and-test cycle. This is primarily
-# intended for Win9x, which can't last more than a few cycles before
-# locking up (and testing would be suspect even after a couple of cycles).
-# Right now, there is only code to force the reboot for Win9x, so even
-# setting this to 1, will not have an effect on other platforms. Setting
-# up win9x to automatically logon and begin running tinderbox is left 
-# as an exercise to the reader. 
-#$RebootSystem = 0;
-
-# LogCompression specifies the type of compression used on the log file.
-# Valid options are 'gzip', and 'bzip2'. Please make sure the binaries
-# for 'gzip' or 'bzip2' are in the user's path before setting this
-# option.
-#$LogCompression = '';
-
-# LogEncoding specifies the encoding format used for the logs. Valid
-# options are 'base64', and 'uuencode'. If $LogCompression is set above,
-# this needs to be set to 'base64' or 'uuencode' to ensure that the
-# binary data is transferred properly.
-#$LogEncoding = '';
-
-# Prevent Extension Manager from spawning child processes during tests
-# - processes that tbox scripts cannot kill. 
-#$ENV{NO_EM_RESTART} = '1';

mozilla/tools/tinderbox-configs/firefox/macosx/CLOBBER

@@ -1 +0,0 @@
-trigger a nightly to push the fix to bug 421841 to users

mozilla/tools/tinderbox-configs/firefox/macosx/mozconfig

@@ -1,28 +0,0 @@
-#
-## hostname: bm-xserve08.build.mozilla.org
-## uname: Darwin bm-xserve08.build.mozilla.org 8.8.4 Darwin Kernel Version 8.8.4: Sun Oct 29 15:26:54 PST 2006; root:xnu-792.16.4.obj~1/RELEASE_I386 i386 i386
-#
-
-# symbols for breakpad
-export CFLAGS="-g -gfull"
-export CXXFLAGS="-g -gfull"
-
-. $topsrcdir/build/macosx/universal/mozconfig
-
-mk_add_options MOZ_MAKE_FLAGS="-j4"
-mk_add_options MOZ_CO_MODULE="mozilla/tools/update-packaging mozilla/tools/codesighs"
-mk_add_options MOZ_CO_PROJECT="browser"
-mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/../build/universal
-
-ac_add_options --enable-application=browser
-ac_add_options --enable-update-channel=nightly
-# Don't add explicit optimize flags here, set them in configure.in, see bug 407794.
-ac_add_options --enable-optimize
-ac_add_options --disable-debug
-ac_add_options --disable-tests
-ac_add_options --enable-update-packaging
-
-# ac_add_options --enable-official-branding
-ac_add_app_options ppc --enable-prebinding
-
-ac_add_options --enable-codesighs

mozilla/tools/tinderbox-configs/firefox/macosx/tinder-config.pl

@@ -1,269 +0,0 @@
-#
-## hostname: bm-xserve08.build.mozilla.org
-## uname: Darwin bm-xserve08.build.mozilla.org 8.8.4 Darwin Kernel Version 8.8.4: Sun Oct 29 15:26:54 PST 2006; root:xnu-792.16.4.obj~1/RELEASE_I386 i386 i386
-#
-
-#- tinder-config.pl - Tinderbox configuration file.
-#-    Uncomment the variables you need to set.
-#-    The default values are the same as the commented variables.
-
-$ENV{NO_EM_RESTART} = "1";
-$ENV{DYLD_NO_FIX_PREBINDING} = "1";
-$ENV{LD_PREBIND_ALLOW_OVERLAP} = "1";
-$ENV{CVS_RSH} = "ssh";
-$ENV{MOZ_CRASHREPORTER_NO_REPORT} = '1';
-
-$MacUniversalBinary = 1;
-
-# $ENV{MOZ_PACKAGE_MSI}
-#-----------------------------------------------------------------------------
-#  Default: 0
-#   Values: 0 | 1
-#  Purpose: Controls whether a MSI package is made.
-# Requires: Windows and a local MakeMSI installation.
-#$ENV{MOZ_PACKAGE_MSI} = 0;
-
-# $ENV{MOZ_SYMBOLS_TRANSFER_TYPE}
-#-----------------------------------------------------------------------------
-#  Default: scp
-#   Values: scp | rsync
-#  Purpose: Use scp or rsync to transfer symbols to the Talkback server.
-# Requires: The selected type requires the command be available both locally
-#           and on the Talkback server.
-#$ENV{MOZ_SYMBOLS_TRANSFER_TYPE} = "scp";
-
-#- PLEASE FILL THIS IN WITH YOUR PROPER EMAIL ADDRESS
-$BuildAdministrator = 'build@mozilla.org';
-#$BuildAdministrator = "$ENV{USER}\@$ENV{HOST}";
-#$BuildAdministrator = ($ENV{USER} || "cltbld") . "\@" . ($ENV{HOST} || "dhcp");
-
-#- You'll need to change these to suit your machine's needs
-#$DisplayServer = ':0.0';
-
-#- Default values of command-line opts
-#-
-#$BuildDepend       = 1;      # Depend or Clobber
-#$BuildDebug        = 0;      # Debug or Opt (Darwin)
-#$ReportStatus      = 1;      # Send results to server, or not
-#$ReportFinalStatus = 1;      # Finer control over $ReportStatus.
-#$UseTimeStamp      = 1;      # Use the CVS 'pull-by-timestamp' option, or not
-#$BuildOnce         = 0;      # Build once, don't send results to server
-#$TestOnly          = 0;      # Only run tests, don't pull/build
-#$BuildEmbed        = 0;      # After building seamonkey, go build embed app.
-#$SkipMozilla       = 0;      # Use to debug post-mozilla.pl scripts.
-#$BuildLocales      = 0;      # Do l10n packaging?
-
-# Tests
-$CleanProfile             = 1;
-#$ResetHomeDirForTests     = 1;
-$ProductName              = 'Minefield';
-$VendorName               = "";
-
-# CONFIG: $RunMozillaTests          = %runMozillaTests%;
-$RunMozillaTests          = 1;
-$RegxpcomTest             = 1;
-$AliveTest                = 1;
-#$JavaTest                 = 0;
-#$ViewerTest               = 0;
-#$BloatTest                = 0;  # warren memory bloat test
-#$BloatTest2               = 0;  # dbaron memory bloat test, require tracemalloc
-#$DomToTextConversionTest  = 0;  
-#$XpcomGlueTest            = 0;
-$CodesizeTest             = 1;  # Z,  require mozilla/tools/codesighs
-$EmbedCodesizeTest        = 0;  # mZ, require mozilla/tools/codesigns
-#$MailBloatTest            = 0;
-#$EmbedTest                = 0;  # Assumes you wanted $BuildEmbed=1
-$LayoutPerformanceTest    = 0;  # Tp
-$LayoutPerformanceLocalTest   = 0;  # Tp2
-$DHTMLPerformanceTest     = 0;  # Tdhtml
-#$QATest                   = 0;  
-$XULWindowOpenTest        = 0;  # Txul
-$StartupPerformanceTest   = 0;  # Ts
-
-$TestsPhoneHome           = 0;  # Should test report back to server?
-
-$GraphNameOverride        = 'xserve08.build.mozilla.org_Fx-Trunk';
-
-# $results_server
-#----------------------------------------------------------------------------
-# Server on which test results will be accessible.  This was originally tegu,
-# then became axolotl.  Once we moved services from axolotl, it was time
-# to give this service its own hostname to make future transitions easier.
-# - cmp@mozilla.org
-#$results_server           = "build-graphs.mozilla.org";
-
-#$pageload_server          = "spider";  # localhost
-$pageload_server          = "pageload.build.mozilla.org";  # localhost
-
-#
-# Timeouts, values are in seconds.
-#
-#$CVSCheckoutTimeout               = 3600;
-#$CreateProfileTimeout             = 45;
-#$RegxpcomTestTimeout              = 120;
-
-$AliveTestTimeout                 = 10;
-#$ViewerTestTimeout                = 45;
-#$EmbedTestTimeout                 = 45;
-#$BloatTestTimeout                 = 120;   # seconds
-#$MailBloatTestTimeout             = 120;   # seconds
-#$JavaTestTimeout                  = 45;
-#$DomTestTimeout	                  = 45;    # seconds
-#$XpcomGlueTestTimeout             = 15;
-#$CodesizeTestTimeout              = 900;     # seconds
-#$CodesizeTestType                 = "auto";  # {"auto"|"base"}
-$LayoutPerformanceTestTimeout     = 300;  # entire test, seconds
-$LayoutPerformanceLocalTestTimeout     = 180;  # entire test, seconds
-$DHTMLPerformanceTestTimeout      = 180;  # entire test, seconds
-#$QATestTimeout                    = 1200;   # entire test, seconds
-#$LayoutPerformanceTestPageTimeout = 30000; # each page, ms
-#$StartupPerformanceTestTimeout    = 15;    # seconds
-#$XULWindowOpenTestTimeout	      = 150;   # seconds
-
-
-#$MozConfigFileName = 'mozconfig';
-
-#$UseMozillaProfile = 1;
-#$MozProfileName = 'default';
-
-#- Set these to what makes sense for your system
-#$Make          = 'gmake';       # Must be GNU make
-#$MakeOverrides = '';
-#$mail          = '/bin/mail';
-#$CVS           = 'cvs -q';
-#$CVSCO         = 'checkout -P';
-
-# win32 usually doesn't have /bin/mail
-#$blat           = 'c:/nstools/bin/blat';
-#$use_blat       = 0;
-
-# Set moz_cvsroot to something like:
-# :pserver:$ENV{USER}%netscape.com\@cvs.mozilla.org:/cvsroot
-# :pserver:anonymous\@cvs-mirror.mozilla.org:/cvsroot
-#
-# Note that win32 may not need \@, depends on ' or ".
-# :pserver:$ENV{USER}%netscape.com@cvs.mozilla.org:/cvsroot
-
-# CONFIG: $moz_cvsroot = '%mozillaCvsroot%';
-$moz_cvsroot = ':ext:cltbld@cvs.mozilla.org:/cvsroot';
-
-#- Set these proper values for your tinderbox server
-#$Tinderbox_server = 'tinderbox-daemon@tinderbox.mozilla.org';
-
-# Allow for non-client builds, e.g. camino.
-#$moz_client_mk = 'client.mk';
-
-#- Set if you want to build in a separate object tree
-$ObjDir = '../build/universal';
-
-# Extra build name, if needed.
-$BuildNameExtra = 'Universal Nightly';
-
-# User comment, eg. ip address for dhcp builds.
-# ex: $UserComment = "ip = 208.12.36.108";
-#$UserComment = 0;
-
-#-
-#- The rest should not need to be changed
-#-
-
-#- Minimum wait period from start of build to start of next build in minutes.
-#$BuildSleep = 10;
-
-#- Until you get the script working. When it works,
-#- change to the tree you're actually building
-# CONFIG: $BuildTree  = '%buildTree%';
-$BuildTree  = 'MozillaTest';
-
-#$BuildName = '';
-#$BuildTag = '';
-#$BuildConfigDir = 'mozilla/config';
-#$Topsrcdir = 'mozilla';
-
-$BinaryName = 'firefox-bin';
-
-#
-# For embedding app, use:
-#$EmbedBinaryName = 'TestGtkEmbed';
-#$EmbedDistDir    = 'dist/bin'
-
-
-#$ShellOverride = ''; # Only used if the default shell is too stupid
-#$ConfigureArgs = '';
-#$ConfigureEnvArgs = '';
-#$Compiler = 'gcc';
-#$NSPRArgs = '';
-#$ShellOverride = '';
-
-# Release build options
-$ReleaseBuild  = 1;
-$shiptalkback  = 0;
-$ReleaseToLatest = 1; # Push the release to latest-<milestone>?
-$ReleaseToDated = 1; # Push the release to YYYY-MM-DD-HH-<milestone>?
-$build_hour    = "14";
-$package_creation_path = "/browser/installer";
-# needs setting for mac + talkback: $mac_bundle_path = "/browser/app";
-$mac_bundle_path = "/browser/app";
-$ssh_version   = "2";
-# CONFIG: $ssh_user      = "%sshUser%";
-$ssh_user      = "ffxbld";
-$ssh_key       = "'$ENV{HOME}/.ssh/ffxbld_dsa'";
-# CONFIG: $ssh_server    = "%sshServer%";
-$ssh_server    = "stage-old.mozilla.org";
-$ReleaseGroup  = "firefox";
-$ftp_path      = "/home/ftp/pub/firefox/nightly/experimental";
-$url_path      = "http://ftp.mozilla.org/pub/mozilla.org/firefox/nightly/experimental";
-$tbox_ftp_path = "/home/ftp/pub/firefox/tinderbox-builds";
-$tbox_url_path = "http://ftp.mozilla.org/pub/mozilla.org/firefox/tinderbox-builds";
-$milestone     = "trunk";
-$notify_list   = "build-announce\@mozilla.org";
-$stub_installer = 0;
-$sea_installer = 0;
-$archive       = 1;
-$push_raw_xpis = 0;
-# CONFIG: $update_aus_host = '%ausServer%';
-$update_aus_host = 'aus2-staging.mozilla.org';
-$update_package = 1;
-$update_product = "Firefox";
-$update_version = "trunk";
-$update_platform = "Darwin_Universal-gcc3";
-$update_hash = "sha1";
-# CONFIG: $update_filehost = '%ftpServer%';
-$update_filehost = 'ftp.mozilla.org';
-$update_ver_file = 'browser/config/version.txt';
-$update_pushinfo = 0;
-$crashreporter_buildsymbols = 1;
-$crashreporter_pushsymbols = 1;
-# CONFIG: $ENV{'SYMBOL_SERVER_HOST'}    = '%symbolServer%';
-$ENV{'SYMBOL_SERVER_HOST'}    = 'dm-symbolpush01.mozilla.org';
-# CONFIG: $ENV{'SYMBOL_SERVER_USER'}    = '%symbolServerUser%';
-$ENV{'SYMBOL_SERVER_USER'}    = 'ffxbld';
-# CONFIG: $ENV{'SYMBOL_SERVER_PATH'}    = '%symbolServerPath%';
-$ENV{'SYMBOL_SERVER_PATH'}    = '/mnt/netapp/breakpad/symbols_ffx';
-# CONFIG: $ENV{'SYMBOL_SERVER_SSH_KEY'} = '%symbolServerKey%';
-$ENV{'SYMBOL_SERVER_SSH_KEY'} = '/Users/cltbld/.ssh/ffxbld_dsa';
-
-# Reboot the OS at the end of build-and-test cycle. This is primarily
-# intended for Win9x, which can't last more than a few cycles before
-# locking up (and testing would be suspect even after a couple of cycles).
-# Right now, there is only code to force the reboot for Win9x, so even
-# setting this to 1, will not have an effect on other platforms. Setting
-# up win9x to automatically logon and begin running tinderbox is left 
-# as an exercise to the reader. 
-#$RebootSystem = 0;
-
-# LogCompression specifies the type of compression used on the log file.
-# Valid options are 'gzip', and 'bzip2'. Please make sure the binaries
-# for 'gzip' or 'bzip2' are in the user's path before setting this
-# option.
-#$LogCompression = '';
-
-# LogEncoding specifies the encoding format used for the logs. Valid
-# options are 'base64', and 'uuencode'. If $LogCompression is set above,
-# this needs to be set to 'base64' or 'uuencode' to ensure that the
-# binary data is transferred properly.
-#$LogEncoding = '';
-
-# Prevent Extension Manager from spawning child processes during tests
-# - processes that tbox scripts cannot kill. 
-#$ENV{NO_EM_RESTART} = '1';

mozilla/tools/tinderbox-configs/firefox/win32/CLOBBER

@@ -1 +0,0 @@
-Clobbering to pick up fixes from bug 419319.

mozilla/tools/tinderbox-configs/firefox/win32/mozconfig

@@ -1,20 +0,0 @@
-#
-## hostname: fx-win32-tbox
-## uname: MINGW32_NT-5.2 FX-WIN32-TBOX 1.0.11(0.46/3/2) 2007-01-12 12:05 i686 Msys
-#
-export CFLAGS="-GL -wd4624 -wd4952"
-export CXXFLAGS="-GL -wd4624 -wd4952"
-export LDFLAGS="-LTCG"
-
-mk_add_options MOZ_CO_PROJECT=browser
-mk_add_options MOZ_MAKE_FLAGS="-j5"
-mk_add_options MOZ_CO_MODULE="mozilla/tools/update-packaging"
-mk_add_options PROFILE_GEN_SCRIPT='$(PYTHON) $(MOZ_OBJDIR)/_profile/pgo/profileserver.py'
-
-ac_add_options --enable-application=browser
-ac_add_options --enable-update-channel=nightly
-ac_add_options --enable-optimize
-ac_add_options --disable-debug
-ac_add_options --disable-tests
-ac_add_options --enable-update-packaging
-ac_add_options --enable-jemalloc

mozilla/tools/tinderbox-configs/firefox/win32/tinder-config.pl

@@ -1,264 +0,0 @@
-#
-## hostname: fx-win32-tbox
-## uname: MINGW32_NT-5.2 FX-WIN32-TBOX 1.0.11(0.46/3/2) 2007-01-12 12:05 i686 Msys
-#
-
-#- tinder-config.pl - Tinderbox configuration file.
-#-    Uncomment the variables you need to set.
-#-    The default values are the same as the commented variables.
-
-$ENV{NO_EM_RESTART} = '1';
-$ENV{CVS_RSH} = "ssh";
-$ENV{MOZ_CRASHREPORTER_NO_REPORT} = '1';
-
-# $ENV{MOZ_PACKAGE_MSI}
-#-----------------------------------------------------------------------------
-#  Default: 0
-#   Values: 0 | 1
-#  Purpose: Controls whether a MSI package is made.
-# Requires: Windows and a local MakeMSI installation.
-#$ENV{MOZ_PACKAGE_MSI} = 0;
-
-# $ENV{MOZ_SYMBOLS_TRANSFER_TYPE}
-#-----------------------------------------------------------------------------
-#  Default: scp
-#   Values: scp | rsync
-#  Purpose: Use scp or rsync to transfer symbols to the Talkback server.
-# Requires: The selected type requires the command be available both locally
-#           and on the Talkback server.
-#$ENV{MOZ_SYMBOLS_TRANSFER_TYPE} = "scp";
-
-#- PLEASE FILL THIS IN WITH YOUR PROPER EMAIL ADDRESS
-$BuildAdministrator = 'build@mozilla.org';
-#$BuildAdministrator = "$ENV{USER}\@$ENV{HOST}";
-#$BuildAdministrator = ($ENV{USER} || "cltbld") . "\@" . ($ENV{HOST} || "dhcp");
-
-#- You'll need to change these to suit your machine's needs
-#$DisplayServer = ':0.0';
-
-#- Default values of command-line opts
-#-
-#$BuildDepend       = 1;      # Depend or Clobber
-#$BuildDebug        = 0;      # Debug or Opt (Darwin)
-#$ReportStatus      = 1;      # Send results to server, or not
-#$ReportFinalStatus = 1;      # Finer control over $ReportStatus.
-#$UseTimeStamp      = 1;      # Use the CVS 'pull-by-timestamp' option, or not
-#$BuildOnce         = 0;      # Build once, don't send results to server
-#$TestOnly          = 0;      # Only run tests, don't pull/build
-#$BuildEmbed        = 0;      # After building seamonkey, go build embed app.
-#$SkipMozilla       = 0;      # Use to debug post-mozilla.pl scripts.
-#$BuildLocales      = 0;      # Do l10n packaging?
-
-# Tests
-$CleanProfile             = 1;
-#$ResetHomeDirForTests     = 1;
-$ProductName              = "Firefox";
-$VendorName               = "Mozilla";
-
-# CONFIG: $RunMozillaTests          = %runMozillaTests%;
-$RunMozillaTests          = 1;
-$RegxpcomTest             = 1;
-$AliveTest                = 1;
-$JavaTest                 = 0;
-$ViewerTest               = 0;
-$BloatTest                = 0;  # warren memory bloat test
-$BloatTest2               = 0;  # dbaron memory bloat test, require tracemalloc
-$DomToTextConversionTest  = 0;  
-$XpcomGlueTest            = 0;
-$CodesizeTest             = 0;  # Z,  require mozilla/tools/codesighs
-$EmbedCodesizeTest        = 0;  # mZ, require mozilla/tools/codesigns
-$MailBloatTest            = 0;
-$EmbedTest                = 0;  # Assumes you wanted $BuildEmbed=1
-$LayoutPerformanceTest    = 0;  # Tp
-$DHTMLPerformanceTest     = 0;  # Tdhtml
-$QATest                   = 0;  
-$XULWindowOpenTest        = 0;  # Txul
-$StartupPerformanceTest   = 0;  # Ts
-$NeckoUnitTest            = 0;
-$RenderPerformanceTest    = 0;  # Tgfx
-
-$TestsPhoneHome           = 0;  # Should test report back to server?
-$GraphNameOverride        = 'fx-win32-tbox';
-
-# $results_server
-#----------------------------------------------------------------------------
-# Server on which test results will be accessible.  This was originally tegu,
-# then became axolotl.  Once we moved services from axolotl, it was time
-# to give this service its own hostname to make future transitions easier.
-# - cmp@mozilla.org
-#$results_server           = "build-graphs.mozilla.org";
-
-$pageload_server          = "pageload.build.mozilla.org";  # localhost
-
-#
-# Timeouts, values are in seconds.
-#
-#$CVSCheckoutTimeout               = 3600;
-#$CreateProfileTimeout             = 45;
-#$RegxpcomTestTimeout              = 120;
-
-#$AliveTestTimeout                 = 30;
-#$ViewerTestTimeout                = 45;
-#$EmbedTestTimeout                 = 45;
-#$BloatTestTimeout                 = 120;   # seconds
-#$MailBloatTestTimeout             = 120;   # seconds
-#$JavaTestTimeout                  = 45;
-#$DomTestTimeout	                  = 45;    # seconds
-#$XpcomGlueTestTimeout             = 15;
-#$CodesizeTestTimeout              = 900;     # seconds
-#$CodesizeTestType                 = "auto";  # {"auto"|"base"}
-$LayoutPerformanceTestTimeout     = 800;  # entire test, seconds
-#$DHTMLPerformanceTestTimeout      = 1200;  # entire test, seconds
-#$QATestTimeout                    = 1200;   # entire test, seconds
-#$LayoutPerformanceTestPageTimeout = 30000; # each page, ms
-#$StartupPerformanceTestTimeout    = 20;    # seconds
-#$XULWindowOpenTestTimeout	      = 90;   # seconds
-#$NeckoUnitTestTimeout             = 30;    # seconds
-$RenderPerformanceTestTimeout     = 1800;  # seconds
-
-#$MozConfigFileName = 'mozconfig';
-
-#$UseMozillaProfile = 1;
-#$MozProfileName = 'default';
-
-#- Set these to what makes sense for your system
-$Make          = 'make';       # Must be GNU make
-#$MakeOverrides = '';
-#$mail          = '/bin/mail';
-#$CVS           = 'cvs -q';
-#$CVSCO         = 'checkout -P';
-
-# win32 usually doesn't have /bin/mail
-$blat           = '/d/mozilla-build/blat261/full/blat';
-#$use_blat       = 1;
-
-# Set moz_cvsroot to something like:
-# :pserver:$ENV{USER}%netscape.com\@cvs.mozilla.org:/cvsroot
-# :pserver:anonymous\@cvs-mirror.mozilla.org:/cvsroot
-#
-# Note that win32 may not need \@, depends on ' or ".
-# :pserver:$ENV{USER}%netscape.com@cvs.mozilla.org:/cvsroot
-
-# CONFIG: $moz_cvsroot = '%mozillaCvsroot%';
-$moz_cvsroot = ':ext:cltbld@cvs.mozilla.org:/cvsroot';
-
-#- Set these proper values for your tinderbox server
-#$Tinderbox_server = 'tinderbox-daemon@tinderbox.mozilla.org';
-
-# Allow for non-client builds, e.g. camino.
-#$moz_client_mk = 'client.mk';
-
-#- Set if you want to build in a separate object tree
-$ObjDir = 'obj-fx-trunk';
-
-# Extra build name, if needed.
-$BuildNameExtra = 'Nightly';
-
-# User comment, eg. ip address for dhcp builds.
-# ex: $UserComment = "ip = 208.12.36.108";
-#$UserComment = 0;
-
-#-
-#- The rest should not need to be changed
-#-
-
-#- Minimum wait period from start of build to start of next build in minutes.
-#$BuildSleep = 10;
-
-#- Until you get the script working. When it works,
-#- change to the tree you're actually building
-# CONFIG: $BuildTree  = '%buildTree%';
-$BuildTree  = 'MozillaTest';
-
-#$BuildName = '';
-#$BuildTag = '';
-#$BuildConfigDir = 'mozilla/config';
-#$Topsrcdir = 'mozilla';
-
-$BinaryName = 'firefox.exe';
-
-#
-# For embedding app, use:
-#$EmbedBinaryName = 'TestGtkEmbed';
-#$EmbedDistDir    = 'dist/bin'
-
-
-#$ShellOverride = ''; # Only used if the default shell is too stupid
-#$ConfigureArgs = '';
-#$ConfigureEnvArgs = '';
-#$Compiler = 'gcc';
-#$NSPRArgs = '';
-#$ShellOverride = '';
-
-$ProfiledBuild = 1;
-# Release build options
-$ReleaseBuild  = 1;
-$shiptalkback  = 0;
-$ReleaseToLatest = 1; # Push the release to latest-<milestone>?
-$ReleaseToDated = 1; # Push the release to YYYY-MM-DD-HH-<milestone>?
-$build_hour    = "14";
-$package_creation_path = "/browser/installer";
-# needs setting for mac + talkback: $mac_bundle_path = "/browser/app";
-$ssh_version   = "2";
-# CONFIG: $ssh_user      = "%sshUser%";
-$ssh_user      = "ffxbld";
-$ssh_key       = "'$ENV{HOME}/.ssh/ffxbld_dsa'";
-# CONFIG: $ssh_server    = "%sshServer%";
-$ssh_server    = "stage-old.mozilla.org";
-$ReleaseGroup  = "firefox";
-$ftp_path      = "/home/ftp/pub/firefox/nightly/experimental";
-$url_path      = "http://ftp.mozilla.org/pub/mozilla.org/firefox/nightly/experimental";
-$tbox_ftp_path = "/home/ftp/pub/firefox/tinderbox-builds";
-$tbox_url_path = "http://ftp.mozilla.org/pub/mozilla.org/firefox/tinderbox-builds";
-$milestone     = "trunk";
-$notify_list   = 'build-announce@mozilla.org';
-$stub_installer = 0;
-$sea_installer = 1;
-$archive       = 1;
-$push_raw_xpis = 0;
-# CONFIG: $update_aus_host = '%ausServer%';
-$update_aus_host = 'aus2-staging.mozilla.org';
-$update_package = 1;
-$update_product = "Firefox";
-$update_version = "trunk";
-$update_platform = "WINNT_x86-msvc";
-$update_hash = "sha1";
-# CONFIG: $update_filehost = '%ftpServer%';
-$update_filehost = 'ftp.mozilla.org';
-$update_ver_file = 'browser/config/version.txt';
-$update_pushinfo = 0;
-$crashreporter_buildsymbols = 1;
-$crashreporter_pushsymbols = 1;
-# CONFIG: $ENV{'SYMBOL_SERVER_HOST'}    = '%symbolServer%';
-$ENV{'SYMBOL_SERVER_HOST'}    = 'dm-symbolpush01.mozilla.org';
-# CONFIG: $ENV{'SYMBOL_SERVER_USER'}    = '%symbolServerUser%';
-$ENV{'SYMBOL_SERVER_USER'}    = 'ffxbld';
-# CONFIG: $ENV{'SYMBOL_SERVER_PATH'}    = '%symbolServerPath%';
-$ENV{'SYMBOL_SERVER_PATH'}    = '/mnt/netapp/breakpad/symbols_ffx';
-# CONFIG: $ENV{'SYMBOL_SERVER_SSH_KEY'} = '%symbolServerKey%';
-$ENV{'SYMBOL_SERVER_SSH_KEY'} = '/c/Documents and Settings/cltbld/.ssh/ffxbld_dsa';
-
-# Reboot the OS at the end of build-and-test cycle. This is primarily
-# intended for Win9x, which can't last more than a few cycles before
-# locking up (and testing would be suspect even after a couple of cycles).
-# Right now, there is only code to force the reboot for Win9x, so even
-# setting this to 1, will not have an effect on other platforms. Setting
-# up win9x to automatically logon and begin running tinderbox is left 
-# as an exercise to the reader. 
-#$RebootSystem = 0;
-
-# LogCompression specifies the type of compression used on the log file.
-# Valid options are 'gzip', and 'bzip2'. Please make sure the binaries
-# for 'gzip' or 'bzip2' are in the user's path before setting this
-# option.
-#$LogCompression = '';
-
-# LogEncoding specifies the encoding format used for the logs. Valid
-# options are 'base64', and 'uuencode'. If $LogCompression is set above,
-# this needs to be set to 'base64' or 'uuencode' to ensure that the
-# binary data is transferred properly.
-#$LogEncoding = '';
-
-# Prevent Extension Manager from spawning child processes during tests
-# - processes that tbox scripts cannot kill. 
-#$ENV{NO_EM_RESTART} = '1';

mozilla/webtools/update/.htaccess

@@ -0,0 +1,3 @@
+<Files favicon.ico>
+  ForceType image/png
+</Files>

mozilla/webtools/update/about/contact/index.php

@@ -0,0 +1,69 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+?>
+<?php
+
+// Set this page to read from the SHADOW_DB.
+define('USE_SHADOW_DB',true);
+
+require_once('../../core/init.php');
+$page_title = 'Mozilla Update :: Contact Information';
+require_once(HEADER);
+?>
+
+<div id="mBody">
+
+<h1>Contact Mozilla Update</h1>
+<p>Are you looking for contact information for the Mozilla Update staff to report a bug?  
+Mozilla Update bugs should be filed in Bugzilla, the mozilla organizations bug tracking tool.
+For more information, visit our <a href="../#bugs">frequently asked
+questions</a>.</p>
+
+<h2>IRC</h2>
+<p>For support questions, please visit <a href="irc://irc.mozilla.org/firefox">#firefox</a> 
+and <a href="irc://irc.mozilla.org/thunderbird">#thunderbird</a>.</p>
+
+<p>Some of the Mozilla Update staff can be found on IRC. In the 
+<a href="irc://irc.mozilla.org/umo">#umo</a> channel on 
+<a href="irc://irc.mozilla.org">irc.mozilla.org</a>. Note: this channel is not
+for end-user support.</p>
+
+</div>
+<?php
+require_once(FOOTER);
+?>

mozilla/webtools/update/about/index.php

@@ -0,0 +1,87 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+?>
+<?php
+
+// Set this page to read from the SHADOW_DB.
+define('USE_SHADOW_DB',true);
+
+require_once('../core/init.php');
+$page_title = 'Mozilla Update :: Frequently Asked Questions';
+require_once(HEADER);
+?>
+
+<div id="mBody">
+
+<h1>Frequently Asked Questions</h1>
+
+<h2>How do I get involved?</h2>
+<p class="first">We are looking for volunteers to help us with UMO. We are in need of PHP
+developers to help with redesigning the site, and people to review extensions
+and themes that get submitted to UMO. We especially need Mac and Thunderbird
+users. If you are interested in being a part of this exciting project, please
+join us in <kbd>#umo</kbd> on <kbd>irc.mozilla.org</kbd> to start getting a feeling for what's up or for a more informal chat.
+</p>
+
+<h2>What is Mozilla Update?</h2>
+<p>Mozilla Update is the place to get updates and extras for
+your <a href="http://www.mozilla.org/">Mozilla</a> products.  This service
+has undergone <a href="./update.php">several changes</a> that we hope
+will make the site better.  We have re-enabled access to the developers area
+and look forward to serving the extension and theme developer community in the
+future!  We will be posting frequent 
+<a href="./update.php">status updates</a> as to our progress with the 
+UMO service.  The best is yet to come!</p>
+
+<?php
+$sql = "SELECT `title`, `text` FROM  `faq` WHERE `active` = 'YES' ORDER  BY  `index` ASC, `title` ASC";
+$sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+
+while ($row = mysql_fetch_array($sql_result)) {
+    $title = $row['title'];
+    $text = nl2br($row['text']);
+
+    echo "<h2>$title</h2>\n";
+    echo "<p>$text</p>\n";
+}
+?>
+</div>
+
+<?php
+require_once(FOOTER);
+?>

mozilla/webtools/update/about/policies/index.php

@@ -0,0 +1,59 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+?>
+<?php
+
+// Set this page to read from the SHADOW_DB.
+define('USE_SHADOW_DB',true);
+
+require_once('../../core/init.php');
+$page_title = 'Mozilla Update :: Terms of Use';
+require_once(HEADER);
+?>
+
+<div id="mBody">
+
+<h1>Mozilla Update - Terms of Use</h1>
+This section has not yet been completed. This page serves as a placeholder for content that is coming soon.
+
+
+</div>
+
+<?php
+require_once(FOOTER);
+?>

mozilla/webtools/update/about/update.php

@@ -0,0 +1,114 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+// Set this page to read from the SHADOW_DB.
+define('USE_SHADOW_DB',true);
+
+require_once('../core/config.php');
+$page_title = 'Mozilla Update :: News and Updates';
+require_once(HEADER);
+?>
+
+<hr class="hide">
+<div id="mBody">
+
+<h1>Progress! :: 2005/08/01</h1>
+
+<dl>
+<dt>Reviewers</dt>
+<dd>Thanks to our <a href="http://wiki.mozilla.org/Update:Reviewers_Guide">many reviewers</a> we have been able to keep the approval queue moving along for new Addons.  However, there is still a lot of work - you can help get new Addons out quicker by <a href="http://wiki.mozilla.org/Update:Home_Page#Volunteering">becoming a reviewer today!</a></dd>
+
+<dt>v2.0 Progress</dt>
+<dd><a href="http://wiki.mozilla.org/Update:Development:v2.0"><acronym title="addons.mozilla.org">AMO</acronym> v2.0</a> is <a href="http://bonsai.mozilla.org/cvsquery.cgi?treeid=default&amp;module=Webtools&amp;branch=HEAD&amp;branchtype=match&amp;dir=mozilla%2Fwebtools%2Faddons&amp;file=&amp;filetype=match&amp;who=&amp;whotype=match&amp;sortby=Date&amp;hours=2&amp;date=week&amp;mindate=&amp;maxdate=&amp;cvsroot=%2Fcvsroot">well underway</a>.  Our development team is working hard on a new framework that will bring you new features and improvements.  Stay tuned!</dd>
+
+<dt>CSS Issues</dt>
+<dd>You may have noticed some CSS problems with the site.  A solution has been found and the problem should be fixed.  Thanks to all of you who submitted comments regarding this matter.</dd>
+</dl>
+
+<h1>Going Live :: 2005/04/15</h1>
+
+<p>It's time to get the Addons site back on track.  We have spent the last month working
+hard making the Addons site more secure so that users can trust the software they are
+using, downloading and installing.</p>
+
+<p>The enabling of the developer section of the Addons site is absolutely critical
+to the success of Firefox.  We believe that the differentiating factor behind Firefox is
+more than just a great application; it's an enabled community of users and developers
+that have exactly what they want, when they want it.</p>
+
+<p>We are now going to be focusing our attention on Addons 
+<a href="http://wiki.mozilla.org/Update:Development:v2.0">v2.0</a> which is going to
+be a complete re-write of the current codebase focusing on ease of use, scalability,
+security and most importantly maintainability over time.  We want to build a platform
+that will make it easy for extension and theme developers to do what they do best;
+innovate.</p>
+
+
+<h1>Status Update :: 2005/03/23</h1>
+
+        <p>Over the past month, the UMO developers have been working on doing a security audit of the codebase that supports addons.mozilla.org and pfs.mozilla.org.  That audit is complete as well as <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=287159">some</a> <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=278016">patches</a> to ease the development of the application by single developers and solve some performance issues.  These are in the process of being reviewed.</p>
+    <p>The <a href="http://wiki.mozilla.org/Update:Development:v1.0">security audit</a> revealed <a href="http://wiki.mozilla.org/Update:Development:v1.0#Audit_Log">several problems</a> with the existing codebase.  Most of these can be remedied but there is a lot of work to be done.  The final word on the security audit is that <a href="http://wiki.mozilla.org/Update:Development:v2.0">v2.0</a> of UMO will most likely need to be re-written from the ground up.</p>
+
+    <p>We have brought up a new <a href="http://wiki.mozilla.org/Update:Home_Page#Developer.27s_Guide">development environment</a> with development, staging and sandbox space for developers.  This is going to allow us to do much faster development and give the release engineering folks a solid foundation for testing of new features, etc.</p>
+    <p>Now that we have identified <a href="http://wiki.mozilla.org/Update:Development:v1.0#Audit_Log">things</a> we need to get cleaned up, we&#8217;re looking for volunteers to help make it happen.  If you, or someone you know, is interested in working on the UMO project and doing some PHP development we can definitely use the help.  In addition, we are going to be looking for people in the near future to act as moderators, QA and reviewers of user extensions that land on UMO.  Application development is not required there but would be helpful.  If you are interested in being a developer or moderator please contact <a href="http://wiki.mozilla.org/Update:Home_Page#Contact_Information">me</a> or join the development team in #umo on irc.mozilla.org.
+</p>
+
+<h1>Status Update :: 2005/02/03</h1>
+
+    <p>The Mozilla Update service (a.k.a UMO) has been frozen for close to a month now for various reasons.  We would like to take this opportunity to bring folks up to speed on where it is going and when it will get there.</p>
+    <p>Just a few weeks ago, the <a href="http://www.psychoticwolf.net">lead developer</a> stepped down and so the Mozilla Foundation has taken the chance to re-evaluate the project and look at how to best move it forward.  Looking over the existing v1.0 codebase, the remaining developers felt there were security concerns and scalability issues with the site that needed to be addressed.  At this time, the site and CVS for updates to the UMO codebase are frozen.</p>
+    <p>However, the community awaits and we really want to get the the site back on-line so we can continue the momentum that the release of Firefox 1.0 has created.  To that end, we are moving quickly to do the following:</p>
+    <ul>
+
+    <li>Next week we will be launching a <a href="http://wiki.mozilla.org/wiki/Update:Development:v1.0">security audit</a> of the existing UMO code.  The goal is to get the UMO site back to a known state so that we can feel comfortable with pushing out updates to end-users.</li>
+
+    <li>Starting next week, we are going to start processing the pending requests in the UMO queue.  We want to do updates for existing extension/theme developers via the UMO site admins.</li>
+    <li>Upon completion of the <a href="http://wiki.mozilla.org/wiki/Update:Development:v1.0">security audit</a> we will be starting to work up requirements for <a href="http://wiki.mozilla.org/wiki/Update:Development:v2.0">UMO v2.0</a> which will be a complete rewrite and will allow us to usethings like database abstraction and templating.</li>
+
+    <li>To help scale the site, we have decoupled the services from one URL (http://update.mozilla.org) to several: <a href="http://wiki.mozilla.org/wiki/Update:Architecture_and_General_Design#Application_Update_Service">Application Update Service - AUS</a> , <a href="http://wiki.mozilla.org/wiki/Update:Architecture_and_General_Design#Plugin_Finder_Service">Plugin Finder Service - PFS</a> and <a href="http://wiki.mozilla.org/wiki/Update:Architecture_and_General_Design#Addons.Mozilla.Org_End-User_Website">Addons section with extensions/themes</a>.  This will allow us to upgrade the busiest parts of the site in the most cost effective and scalable manners.</li>
+
+    </ul>
+    <p>The biggest concern right now is that we don&#8217;t know what we&#8217;re dealing with.  Once we know what we have and have completed the security audit, we will turn the site back on in its existing state (with several bugs fixed).  In the mean time, please bear with us as we hand audit each pending request and get the site back rolling (as slow as that may be).</p>
+
+    <p>We&#8217;re working hard to get UMO going again and we want to be sure to include everyone in our <a href="http://wiki.mozilla.org/wiki/Update:Home_Page">discussions</a>.</p>
+
+</div>
+
+<?php
+require_once(FOOTER);
+?>

mozilla/webtools/update/asa.php

@@ -0,0 +1,57 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+	
+// Set this page to read from the SHADOW_DB.
+define('USE_SHADOW_DB',true);
+
+require_once('./core/init.php');
+
+$titleCaseApp=ucwords($application); // cache results!
+$uriparams=uriparams(); // cache results!
+$page_title = 'Asa\'s Picks :: Mozilla Update';
+require_once(HEADER);
+?>
+
+<div id="mBody">
+<h1>Asa's Picks</h1>
+
+</div>
+
+<?php
+require_once(FOOTER);
+?>

mozilla/webtools/update/busy.php

@@ -0,0 +1,51 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+	
+$page_title = 'Site Temporarily Unavailable :: Mozilla Update';
+require_once(HEADER);
+?>
+
+<div id="mBody">
+<h1>Site Temporarily Unavailable</h1>
+<p>We're sorry, but due to high traffic, we were unable to process your request.  Please wait a few moments and try again.</p>
+
+</div>
+
+<?php
+require_once(FOOTER);
+?>

mozilla/webtools/update/core/browser_detection.php

@@ -0,0 +1,419 @@
+<?php 
+/*
+Script Name: Full Featured PHP Browser/OS detection
+Author: Harald Hope, Website: http://tech.ratmachines.com/
+Script Source URI: http://tech.ratmachines.com/downloads/browser_detection.php
+Version 4.2.7
+Copyright (C) 04 March 2004
+
+This library is free software; you can redistribute it and/or
+modify it under the terms of the GNU Lesser General Public
+License as published by the Free Software Foundation; either
+version 2.1 of the License, or (at your option) any later version.
+
+This library is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+Lesser General Public License for more details.
+
+Lesser GPL license text:
+http://www.gnu.org/licenses/lgpl.txt
+
+Coding conventions:
+http://cvs.sourceforge.net/viewcvs.py/phpbb/phpBB2/docs/codingstandards.htm?rev=1.3
+*/
+
+/****************************************** 
+this is currently set to accept 9 parameters, although you can add as many as you want:
+1. safe - returns true/false, you can determine what makes the browser be safe lower down, 
+  currently it's set for ns4 and pre version 1 mozillas not being safe, plus all older browsers
+2. ie_version - tests to see what general IE it is, ie5x-6, ie4, or macIE, returns these values.
+3. moz_version - returns array of moz version, version number (includes full version, + etc), rv number (for math
+  comparison), rv number (for full rv, including alpha and beta versions), and release date
+4. dom - returns true/false if it is a basic dom browser, ie >= 5, opera >= 5, all new mozillas, safaris, konquerors
+5. os - returns which os is being used
+6. os_number - returns windows versions, 95, 98, me, nt 4, nt 5 [windows 2000], nt 5.1 [windows xp],
+  otherwise returns false
+7. browser - returns the browser name, in shorthand: ie, ie4, ie5x, op, moz, konq, saf, ns4
+8. number - returns the browser version number, if available, otherwise returns '' [not available]
+9. full - returns this array: $browser_name, $version_number, $ie_version, $dom_browser, $safe_browser, $os, $os_number
+*******************************************/
+
+// main script, uses two other functions, which_os() and browser_version() as needed
+function browser_detection( $which_test ) {
+  /*
+  uncomment the global variable declaration if you want the variables to be available on a global level
+  throughout your php page, make sure that php is configured to support the use of globals first!
+  Use of globals should be avoided however, and they are not necessary with this script
+  */
+
+  /*global $dom_browser, $safe_browser, $browser_user_agent, $os, $browser_name, $ie_version, 
+  $version_number, $os_number, $b_repeat, $moz_version, $moz_version_number, $moz_rv, $moz_rv_full, $moz_release;*/
+
+  static $dom_browser, $safe_browser, $browser_user_agent, $os, $browser_name, $ie_version, 
+  $version_number, $os_number, $b_repeat, $moz_version, $moz_version_number, $moz_rv, $moz_rv_full, $moz_release;
+
+  /* 
+  this makes the test only run once no matter how many times you call it
+  since all the variables are filled on the first run through, it's only a matter of returning the
+  the right ones 
+  */
+  if ( !$b_repeat )
+  {
+    //initialize all variables with default values to prevent error
+    $dom_browser = false;
+    $safe_browser = false;
+    $os = '';
+    $os_number = '';
+    $a_os_data = '';
+    $browser_name = '';
+    $version_number = '';
+    $ie_version = '';
+    $moz_version = '';
+    $moz_version_number = '';
+    $moz_rv = '';
+    $moz_rv_full = '';
+    $moz_release = '';
+
+    //make navigator user agent string lower case to make sure all versions get caught
+    $browser_user_agent = (isset($_SERVER['HTTP_USER_AGENT'])) ?  strtolower($_SERVER['HTTP_USER_AGENT']) : null;
+    
+    $a_os_data = which_os( $browser_user_agent );// get os/number array
+    $os = $a_os_data[0];// os name, abbreviated
+    $os_number = $a_os_data[1];// os number if windows
+
+    /*
+    pack the browser type array, in this order
+    the order is important, because opera must be tested first, and ie4 tested for before ie general
+    same for konqueror, then safari, then gecko, since safari navigator user agent id's with 'gecko' in string.
+    note that $dom_browser is set for all  modern dom browsers, this gives you a default to use.
+
+    array[0] = id string for useragent, array[1] is if dom capable, array[2] is working name for browser
+
+    Note: all browser strings are in lower case to match the strtolower output, this avoids possible detection
+    errors
+    */
+    $a_browser_types[] = array( 'opera', true, 'op' );
+    $a_browser_types[] = array( 'msie', true, 'ie' );
+    $a_browser_types[] = array( 'konqueror', true, 'konq' );
+    $a_browser_types[] = array( 'safari', true, 'saf' );
+    // covers Netscape 6-7, K-Meleon, Most linux versions
+    // the 3 is for the rv: number, the release date is hardcoded
+    $a_browser_types[] = array( 'gecko', true, 'moz' );
+    // netscape 4 test: this has to be last or else ie or opera might register true
+    $a_browser_types[] = array( 'mozilla/4', false, 'ns4' );
+    $a_browser_types[] = array( 'lynx', false, 'lynx' );
+    $a_browser_types[] = array( 'webtv', true, 'webtv' );
+    // search engine spider bots:
+    $a_browser_types[] = array( 'googlebot', false, 'google' );// google
+    $a_browser_types[] = array( 'fast-webcrawler', false, 'fast' );// Fast AllTheWeb
+    $a_browser_types[] = array( 'msnbot', false, 'msn' );// msn search 
+    $a_browser_types[] = array( 'scooter', false, 'scooter' );// altavista
+    //$a_browser_types[] = array( '', false ); // browser array template
+
+    /* 
+    moz types array
+    note the order, netscape6 must come before netscape, which  is how netscape 7 id's itself.
+    rv comes last in case it is plain old mozilla 
+    */
+    $moz_types = array( 'firebird', 'phoenix', 'firefox', 'galeon', 'k-meleon', 'camino', 'netscape6', 
+    'netscape', 'rv' );
+
+    /*
+    run through the browser_types array, break if you hit a match, if no match, assume old browser
+    or non dom browser, assigns false value to $b_success.
+    */
+    for ($i = 0; $i < count($a_browser_types); $i++)
+    {
+      //unpacks browser array, assigns to variables
+      $s_browser = $a_browser_types[$i][0];// text string to id browser from array
+      $b_dom = $a_browser_types[$i][1];// hardcoded dom support from array
+      $browser_name = $a_browser_types[$i][2];// working name for browser
+      $b_success = false;
+
+      if (stristr($browser_user_agent, $s_browser)) 
+      {
+        // it defaults to true, will become false below if needed
+        // this keeps it easier to keep track of what is safe, only explicit false assignment will make it false.
+        $safe_browser = true;
+        switch ( $browser_name )
+        {
+          case 'ns4':
+            $safe_browser = false;
+            break;
+          case 'moz':
+            /*
+            note: The 'rv' test is not absolute since the rv number is very different on 
+            different versions, for example Galean doesn't use the same rv version as Mozilla, 
+            neither do later Netscapes, like 7.x. For more on this, read the full mozilla numbering 
+            conventions here:
+            http://www.mozilla.org/releases/cvstags.html
+            */
+
+            // this will return alpha and beta version numbers, if present
+            $moz_rv_full = browser_version( $browser_user_agent, 'rv' );
+            // this slices them back off for math comparisons
+            $moz_rv = substr( $moz_rv_full, 0, 3 );
+
+            // this is to pull out specific mozilla versions, firebird, netscape etc..
+            for ( $i = 0; $i < count( $moz_types ); $i++ )
+            {
+              if ( stristr( $browser_user_agent, $moz_types[$i] ) ) 
+              {
+                $moz_version = $moz_types[$i];
+                $moz_version_number = browser_version( $browser_user_agent, $moz_version );
+                break;
+              }
+            }
+            // this is necesary to protect against false id'ed moz'es and new moz'es.
+            // this corrects for galeon, or any other moz browser without an rv number
+            if ( !$moz_rv ) 
+            { 
+              $moz_rv = substr( $moz_version_number, 0, 3 ); 
+              $moz_rv_full = $moz_version_number; 
+              /* 
+              // you can use this instead if you are running php >= 4.2
+              $moz_rv = floatval( $moz_version_number ); 
+              $moz_rv_full = $moz_version_number;
+              */
+            }
+            // this corrects the version name in case it went to the default 'rv' for the test
+            if ( $moz_version == 'rv' ) 
+            {
+              $moz_version = 'mozilla';
+            }
+            
+            //the moz version will be taken from the rv number, see notes above for rv problems
+            $version_number = $moz_rv;
+            // gets the actual release date, necessary if you need to do functionality tests
+            $moz_release = browser_version( $browser_user_agent, 'gecko/' );
+            /* 
+            Test for mozilla 0.9.x / netscape 6.x
+            test your javascript/CSS to see if it works in these mozilla releases, if it does, just default it to:
+            $safe_browser = true;
+            */
+            if ( ( $moz_release < 20020400 ) || ( $moz_rv < 1 ) )
+            {
+              $safe_browser = false;
+            }
+            break;
+          case 'ie':
+            //$version_number = browser_version( $browser_user_agent, $s_browser, $substring_length );
+            $version_number = browser_version( $browser_user_agent, $s_browser );
+            if ( $os == 'mac' )
+            {
+              $ie_version = 'ieMac';
+            }
+            // this assigns a general ie id to the $ie_version variable
+            if ( $version_number >= 5 )
+            {
+              $ie_version = 'ie5x';
+            }
+            elseif ( ( $version_number > 3 ) && $version_number < 5 )
+            {
+              $dom_browser = false;
+              $ie_version = 'ie4';
+              $safe_browser = true; // this depends on what you're using the script for, make sure this fits your needs
+            }
+            else
+            {
+              $ie_version = 'old';
+              $safe_browser = false; 
+            }
+            break;
+          case 'op':
+            //$version_number = browser_version( $browser_user_agent, $s_browser, $substring_length );
+            $version_number = browser_version( $browser_user_agent, $s_browser );
+            if ( $version_number < 5 )// opera 4 wasn't very useable.
+            {
+              $safe_browser = false; 
+            }
+            break;
+          case 'saf':
+            //$version_number = browser_version( $browser_user_agent, $s_browser, $substring_length );
+            $version_number = browser_version( $browser_user_agent, $s_browser );
+            break;
+          default:
+            break;
+        }
+
+        $dom_browser = $b_dom;
+        $b_success = true;
+
+        break;
+      }
+    }
+    //assigns defaults if the browser was not found in the loop test
+    if ( !$b_success ) 
+    {
+      $safe_browser = false;
+      $dom_browser = false;
+      $browser_name = '';
+    }
+    // this ends the run through once if clause, set the boolean 
+    //to true so the function won't retest everything
+    $b_repeat = true;
+  }
+  /*
+  This is where you return values based on what parameter you used to call the function
+  $which_test is the passed parameter in the initial browser_detection('os') for example call
+  */
+  switch ( $which_test )
+  {
+    case 'safe':// returns true/false if your tests determine it's a safe browser
+      // you can change the tests to determine what is a safeBrowser for your scripts
+      // in this case sub rv 1 Mozillas and Netscape 4x's trigger the unsafe condition
+      return $safe_browser; 
+      break;
+    case 'ie_version': // returns iemac or ie5x
+      return $ie_version;
+      break;
+    case 'moz_version':// returns array of all relevant moz information
+      $moz_array = array( $moz_version, $moz_version_number, $moz_rv, $moz_rv_full, $moz_release );
+      return $moz_array;
+      break;
+    case 'dom':// returns true/fale if a DOM capable browser
+      return $dom_browser;
+      break;
+    case 'os':// returns os name
+      return $os; 
+      break;
+    case 'os_number':// returns os number if windows
+      return $os_number;
+      break;
+    case 'browser':// returns browser name
+      return $browser_name; 
+      break;
+    case 'number':// returns browser number
+      return $version_number;
+      break;
+    case 'full':// returns all relevant browser information in an array
+      $full_array = array( $browser_name, $version_number, $ie_version, $dom_browser, $safe_browser, $os, $os_number );
+      return $full_array;
+      break;
+    default:
+      break;
+  }
+}
+
+// gets which os from the browser string
+function which_os ( $browser_string )
+{
+  // initialize variables
+  $os = '';
+  $os_version = '';
+  /*
+  packs the os array
+  use this order since some navigator user agents will put 'macintosh' in the navigator user agent string
+  which would make the nt test register true
+  */
+  $a_os = array('lin', 'mac', 'unix', 'sunos', 'bsd', 'nt', 'win');
+
+  //os tester
+  for ($i = 0; $i < count($a_os); $i++)
+  {
+    //unpacks os array, assigns to variable
+    $s_os = $a_os[$i];
+
+    //assign os to global os variable, os flag true on success
+    if (stristr( $browser_string, $s_os )) 
+    {
+      $os = $s_os;
+
+      switch ( $os )
+      {
+        case 'win':
+          if ( strstr( $browser_string, '95' ) )
+          {
+            $os_version = '95';
+          }
+          elseif ( strstr( $browser_string, '98' ) )
+          {
+            $os_version = '98';
+          }
+          elseif ( strstr( $browser_string, 'me' ) )
+          {
+            $os_version = 'me';
+          }
+          elseif ( strstr( $browser_string, '2000' ) )// windows 2000, for opera ID
+          {
+            $os_version = '5.0';
+            $os = 'nt';
+          }
+          elseif ( strstr( $browser_string, 'xp' ) )// windows 2000, for opera ID
+          {
+            $os_version = '5.1';
+            $os = 'nt';
+          }
+          break;
+        case 'nt':
+          if ( strstr( $browser_string, 'nt 5.1' || strstr( $browser_string, 'xp' )) )// windows xp
+          {
+            $os_version = '5.1';//
+          }
+          elseif ( strstr( $browser_string, 'nt 5' ) || strstr( $browser_string, '2000' ) )// windows 2000
+          {
+            $os_version = '5.0';
+          }
+          elseif ( strstr( $browser_string, 'nt 4' ) )// nt 4
+          {
+            $os_version = '4';
+          }
+          elseif ( strstr( $browser_string, 'nt 3' ) )// nt 4
+          {
+            $os_version = '3';
+          }
+          break;
+        default:
+          break;
+      }
+      break;
+    }
+  }
+
+  // pack the os data array for return to main function
+  $os_data = array( $os, $os_version );
+  return $os_data;
+}
+
+// function returns browser number, gecko rv number, or gecko release date
+//function browser_version( $browser_user_agent, $search_string, $substring_length )
+function browser_version( $browser_user_agent, $search_string )
+{
+  // 8 is the longest that will be required, handles release dates: 20020323; 0.8.0+
+  $substring_length = 8;
+  //initialize browser number, will return '' if not found
+  $browser_number = '';
+
+  // use the passed parameter for $search_string
+  // start the substring slice right after these moz search strings
+  $start_pos = strpos( $browser_user_agent, $search_string ) + strlen( $search_string );
+
+  // this is just to get the release date, not other moz information
+  if ( ( $search_string != 'gecko/' ) ) 
+  { 
+    $start_pos++; 
+  }
+
+  // Initial trimming
+  $browser_number = substr( $browser_user_agent, $start_pos, $substring_length );
+
+  // Find the space, ;, or parentheses that ends the number
+  $browser_number = substr( $browser_number, 0, strcspn($browser_number, ' );') );
+
+  //make sure the returned value is actually the id number and not a string
+  // otherwise return ''
+  if ( !is_numeric( substr( $browser_number, 0, 1 ) ) )
+  { 
+    $browser_number = ''; 
+  }
+
+  return $browser_number;
+}
+
+/* 
+Here are some typical navigator.userAgent strings so you can see where the data comes from
+Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.5) Gecko/20031007 Firebird/0.7 
+Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:0.9.4) Gecko/20011128 Netscape6/6.2.1
+*/
+?>

mozilla/webtools/update/core/commenthelpful.php

@@ -0,0 +1,105 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+
+//Submit Review/Rating Feedback to Table
+require_once('../core/init.php');
+
+
+//Check and see if the CommentID/ID is valid.
+$sql = "SELECT `ID`, `CommentID` FROM `feedback` WHERE `ID` = '".escape_string($_GET[id])."' AND `CommentID`='".escape_string($_GET["commentid"])."' LIMIT 1";
+$sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_ERROR);
+    if(mysql_num_rows($sql_result)=="0") {
+        unset($_GET["id"],$_GET["commentid"],$id,$commentid);
+    } else {
+        $id = escape_string($_GET["id"]);
+        $commentid = escape_string($_GET["commentid"]);
+    }
+
+    //Make Sure action is as expected.
+    if ($_GET["action"]=="yes") {
+        $action="yes";
+    } else {
+        $action="no";
+    }
+
+    if (!$commentid or !$action ) {
+    //No CommentID / Invalid Action --> Error.
+        page_error("4","No Comment ID or Action is Invalid");
+        exit;
+    }
+
+//Get Data for the Comment Record as it stands.
+$sql = "SELECT `helpful-yes`,`helpful-no`,`helpful-rating` FROM  `feedback` WHERE `CommentID` = '$commentid' LIMIT 1";
+$sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_ERROR);
+    $row = mysql_fetch_array($sql_result);
+    $helpful_yes = $row["helpful-yes"];
+    $helpful_no = $row["helpful-no"];
+    $helpful_rating = $row["helpful-rating"];
+
+    if ($action=="yes") {
+        $helpful_yes = $helpful_yes+1;
+    } else if ($action=="no") {
+        $helpful_no = $helpful_no+1;
+    }
+
+    //Recompute the Helpful Rating for this Comment
+    $total = $helpful_yes+$helpful_no;
+    if ($total=="0") {
+        $helpful_rating=0;
+    } else {
+        if ($helpful_yes>$helpful_no) {
+            $helpful_rating = ($helpful_yes/$total)*100;
+        } else {
+            $helpful_rating = ($helpful_no/$total)*-100;
+        }
+    }
+    $sql = "UPDATE `feedback` SET `helpful-yes`='$helpful_yes',`helpful-no`='$helpful_no',`helpful-rating`='$helpful_rating' WHERE `CommentID`='$commentid' LIMIT 1";
+    $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+
+if ($_GET['type']=='T') {
+    $type='themes';
+} else {
+    $type='extensions';
+}
+
+$pageid = intval($_GET['pageid']);
+$return_path="$type/moreinfo.php?id=$id&vid=$vid&".uriparams()."&page=comments&pageid=$pageid#$commentid";
+header('Location: https://'.HOST_NAME.'/'.$return_path);
+exit;
+?>

mozilla/webtools/update/core/config-dist.php

@@ -0,0 +1,77 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+/**
+ * Mozilla Update configuration.
+ *
+ * Define central configuration variables.  Use CAPS for constants to flag them
+ * as being defined in this document.
+ *
+ * Copy this document (config-dist.php) to (config.php).  This prevents
+ * committing database or working directory information back to CVS.
+ *
+ * @package umo
+ * @subpackage core
+ * @author Mike Morgan
+ */
+
+// Path information.  No trailing slashes. (old variable)
+define('FILE_PATH',''); // Root filepath of application. ($websitepath)
+define('WEB_PATH',''); // Relative webpath. ('' if at root).
+define('REPO_PATH',FILE_PATH.'/files'); // XPI repo path. ($repositorypath)
+define('FTP_URL','http://ftp.mozilla.org/pub/mozilla.org'); // FTP. ($ftpurl)
+define('HOST_NAME',$_SERVER['SERVER_NAME']); // Host (*.*.*) ($sitehostname)
+
+// Site template includes. 
+define('HEADER',FILE_PATH.'/core/inc_header.php');
+define('FOOTER',FILE_PATH.'/core/inc_footer.php');
+
+// DB config.
+// This is accessed for general read/write requests.
+define('DB_HOST',''); // MySQL host
+define('DB_USER',''); // MySQL username
+define('DB_PASS',''); // MySQL password
+define('DB_NAME',''); // MySQL database
+
+// Shadow DB config.
+// This is accessed by high-load read-only requests.
+define('SHADOW_DB_HOST',''); // Shadow MySQL host
+define('SHADOW_DB_USER',''); // Shadow MySQL username
+define('SHADOW_DB_PASS',''); // Shadow MySQL password
+define('SHADOW_DB_NAME',''); // Shadow MySQL database
+?>

mozilla/webtools/update/core/inc_browserdetection.php

@@ -0,0 +1,161 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+//Various Sample User_Agents, uncomment to debug detection for one. :-)
+//$_SERVER["HTTP_USER_AGENT"] = "Mozilla/5.0 (Photon; U; QNX x86pc; en-US; rv:1.6a) Gecko/20030122";
+//$_SERVER["HTTP_USER_AGENT"] = "Mozilla/5.0 (BeOS; U; BeOS BePC; en-US; rv:1.4a) Gecko/20030305";
+//$_SERVER["HTTP_USER_AGENT"] = "Mozilla/5.0 (X11; U; SunOS i86pc; en-US; rv:1.7b) Gecko/20040302";
+//$_SERVER["HTTP_USER_AGENT"] = "Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.7) Gecko/20040803 Firefox/0.9.3";
+//$_SERVER["HTTP_USER_AGENT"] = "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.3) Gecko/20041001 Firefox/0.10.1";
+
+
+if (isset($_GET["version"]) && $_GET["version"]=="auto-detect") {$_GET["version"]="";}//Clear Version For AutoDetect 
+
+//Change OS Support for showlist.php
+if (isset($_GET["os"])) {
+  switch ( $_GET["os"] )
+  {
+    case 'windows':
+      $_GET["os"] = 'Windows';
+      break;
+    case 'linux':
+      $_GET["os"] = 'Linux';
+      break;
+    case 'solaris':
+      $_GET["os"] = 'Solaris';
+      break;
+    case 'bsd':
+      $_GET["os"] = 'BSD';
+      break;
+    case 'macosx':
+      $_GET["os"] = 'MacOSX';
+      break;
+    case 'all':
+      $_GET["os"] = 'ALL';
+      break;
+    default:
+      unset($_GET["os"]);
+      break;
+  }
+}
+
+if (isset($_GET["application"])) {
+    $application = escape_string($_GET["application"]);
+}
+if (isset($_GET["version"])) {
+    $app_version = escape_string($_GET["version"]);
+}
+if (isset($_GET["os"])) {
+    $OS = escape_string($_GET["os"]);
+}
+//print("$application, $app_version, $OS<br>\n");
+
+
+include"browser_detection.php"; //Script that defines the browser_detection() function
+
+if (!isset($OS)) {$OS = browser_detection('os');}
+if (!isset($application) or !isset($app_version)) {$moz_array = browser_detection('moz_version');}
+
+//Turn $OS into something usable.
+if ( isset($moz_array) && $moz_array[0] !== '' )
+{
+  switch ( $OS )
+  {
+    case 'win':
+    case 'nt':
+      $OS = 'Windows';
+      break;
+    case 'lin':
+      $OS = 'Linux';
+      break;
+    case 'solaris':
+    case 'sunos':
+      $OS = 'Solaris';
+      break;
+    case 'unix':
+    case 'bsd':
+      $OS = 'BSD';
+      break;
+    case 'mac':
+      $OS = 'MacOSX';
+      break;
+    default:
+      break;
+  }
+
+//Print what it's found, debug item.
+//echo ( 'Your Mozilla product is ' . $moz_array[0] . ' ' . $moz_array[1] . ' running on '. $OS . '<br>');
+
+if (!isset($application)) {$application = $moz_array[0];}
+if (!isset($app_version)) {$app_version = $moz_array[1];}
+
+//If the applicatin is user-defined and not the same as what was detected, ignore the detected version and use the user-defined.
+if (isset($_GET["application"]) and $_GET["application"] !==$moz_array[0]) {
+    $app_version = escape_string($_GET["version"]); 
+}
+
+
+} else {
+//If it's not a Mozilla product, then return nothing and let the default app code work..
+}
+
+//----------------------------
+//Browser & OS Detection (Default Code)
+//----------------------------
+
+//Application
+if (!isset($application) || !$application) { $application="firefox"; } //Default App is Firefox
+
+//App_Version
+//Get Max Version for Application Specified
+if (!isset($app_version) || !$app_version) {
+    $sql = "SELECT `Version` FROM `applications` WHERE `AppName` = '$application' ORDER BY `Version` DESC LIMIT 1";
+    $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+    $row = mysql_fetch_array($sql_result);
+         $app_version = $row['Version'];
+}
+
+//So, at this point we gracefully leave, feeling happy and sending 3 variables on.
+//$application
+//$app_version
+//$OS
+if (!isset($OS)) {
+    $OS = "unknown";
+}
+
+?>

mozilla/webtools/update/core/inc_footer.php

@@ -0,0 +1,56 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+?>
+<hr class="hide">
+	<div id="footer">
+        <p><a href="<?=WEB_PATH?>/?application=firefox" class="switch-fx">Firefox Add-ons </a><a href="<?=WEB_PATH?>/?application=thunderbird" class="switch-tb">Thunderbird Add-ons </a><a href="<?=WEB_PATH?>/?application=mozilla" class="switch-suite">Mozilla Suite Add-ons </a></p>
+        <p><a href="http://www.mozilla.org/privacy-policy.html">Privacy Policy</a> <a href="<?=WEB_PATH?>/faq.php">FAQ</a> <a href="http://www.mozilla.org/foundation/donate.html">Donate to Mozilla</a> <a href="http://mozilla.org/">The Mozilla Organization</a></p>
+
+        <p><span>Copyright &copy; 2004-2006</span>  <a href="http://www.xramp.com/">256-bit SSL Encryption provided by XRamp</a></p>
+	</div>
+  <!-- closes #footer-->
+
+</div>
+<!-- closes #container -->
+
+<div class="disclaimer">
+Mozilla is providing links to these applications as a courtesy, and makes no representations regarding the applications or any information related thereto. Any questions, complaints or claims regarding the applications must be directed to the appropriate software vendor.  See our <a href="<?=WEB_PATH?>/support.php">Support Page</a> for support information and contacts.
+</div>
+
+</body>
+</html>

mozilla/webtools/update/core/inc_global.php

@@ -0,0 +1,370 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+//inc_global.php -- Stuff that needs to be done globally to all of Mozilla Update
+
+//Cache Control Headers
+//if (isset($nocache) && $nocache == TRUE) {
+//    $expstr = gmdate("D, d M Y H:i:s", time() - 1800) . " GMT";
+//    header("Expires: $expstr");
+//    header("Cache-Control: public, max-age=0");
+//} else {
+//    $expstr = gmdate("D, d M Y H:i:s", time() + 1800) . " GMT";
+//    header("Expires: $expstr");
+//    header("Cache-Control: public, max-age=1800");
+//}
+
+// ---------------------------
+// escape_string() --  Quote a variable to make it safe
+// ---------------------------
+function escape_string($value)
+{
+   // Stripslashes if we need to
+   if (get_magic_quotes_gpc()) {
+       $value = stripslashes($value);
+   }
+
+   // Quote it if it's not an integer
+   if (!is_numeric($value)) {
+       $value = mysql_real_escape_string($value);
+   }
+
+   return $value;
+}
+
+//Remove HTML tags and escape enities from GET/POST vars.
+foreach ($_GET as $key => $val) {
+        $_GET["$key"] = htmlentities(str_replace("\\","",strip_tags($_GET["$key"])), ENT_COMPAT, 'UTF-8');
+}
+
+foreach ($_POST as $key => $val) {
+    if (!is_array($_POST["$key"])) {
+        $_POST["$key"] = htmlentities(str_replace("\\","",strip_tags($_POST["$key"])), ENT_COMPAT, 'UTF-8');
+    }
+}
+
+// Bug 250596 Fixes for incoming $_GET variables.
+if (isset($_GET["application"]) && $_GET["application"]) {
+$_GET["application"] = escape_string(strtolower($_GET["application"]));
+$sql = "SELECT AppID FROM  `applications` WHERE `AppName` = '".ucwords(strtolower($_GET["application"]))."' AND public_ver = 'YES' LIMIT 1";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+   if (mysql_num_rows($sql_result)===0) {unset($_GET["application"]);}
+}
+
+
+if (isset($_GET["category"]) AND $_GET["category"] !=="All"
+    AND $_GET["category"] !=="Editors Pick" AND $_GET["category"] !=="Popular"
+    AND $_GET["category"] !=="Top Rated" AND $_GET["category"] !=="Newest") {
+$sql = "SELECT CatName FROM  `categories` WHERE `CatName` = '".escape_string(ucwords(strtolower($_GET["category"])))."' LIMIT 1";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+   if (mysql_num_rows($sql_result)===0) {unset($_GET["category"]);}
+}
+
+if (isset($_GET["id"]) && !is_numeric($_GET["id"])) { unset($_GET["id"]); }
+if (isset($_GET["vid"]) && !is_numeric($_GET["vid"])) { unset($_GET["vid"]); }
+if (isset($_GET["pageid"]) && !is_numeric($_GET["pageid"])) { unset($_GET["pageid"]); }
+if (isset($_GET["numpg"]) && !is_numeric($_GET["numpg"])) { unset($_GET["numpg"]); }
+
+// page_error() function
+
+function page_error($reason, $custom_message) {
+    $page_title = 'Mozilla Update :: Error';
+    require_once(HEADER);
+    echo"<div id=\"mBody\">";
+    echo"<h1>Mozilla Update :: Error</h1>\n";
+    echo"<SPAN style=\"font-size: 12pt\">\n";
+    echo"Mozilla Update has encountered an error and is unable to fulfill your request. Please try your request again later. If the
+    problem continues, please contact the Mozilla Update staff. More information about the error may be found at the end of this
+    message.<BR><BR>
+    Error $reason: $custom_message<BR><BR>
+    &nbsp;&nbsp;&nbsp;<A HREF=\"javascript:history.back()\">&#171;&#171; Go Back to Previous Page</A>";
+    echo"</SPAN>\n";
+    echo"</div>\n";
+    require_once(FOOTER);
+    exit;
+}
+
+function writeFormKey()
+{
+	$sql = "SELECT UserPass FROM userprofiles WHERE UserID = '".$_SESSION["uid"]."'";
+	$res = mysql_query($sql) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+	$row = mysql_fetch_array($res);
+	echo "<input type=\"hidden\" name=\"formkey\" value=\"".md5($row["UserPass"])."\">\n";
+}
+
+function checkFormKey()
+{
+	$key = $_POST["formkey"];
+	$sql = "SELECT UserPass FROM userprofiles WHERE UserID = '".$_SESSION["uid"]."'";
+	$res = mysql_query($sql) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+	$row = mysql_fetch_array($res);
+	if ($key != md5($row["UserPass"]))
+	{
+		echo "<br><font size=+2 color='red'>WARNING: FORMKEY MISMATCH!</font><br>\n";
+		return false;
+	}
+	return true;
+}
+
+// -----------------------------
+// function uriparams() -- print all the present and valid URI variables.
+// Usage: string uriparams()
+// -----------------------------
+
+function uriparams() {
+    global $app_version, $application, $items_per_page, $category, $OS, $uriparams_skip;
+    $uriparams = "";
+
+    if (!empty($application) and $uriparams_skip !="application") { $uriparams .="application=$application&amp;"; }
+//    if ($app_version and $uriparams_skip !="application") { $uriparams .="version=$app_version&amp;"; }
+//    if ($OS) { $uriparams .="os=$OS&amp;"; }
+    if (!empty($category) and $uriparams_skip !="category") { $uriparams .="category=$category&amp;"; }
+    if (!empty($items_per_page)) { $uriparams .="numpg=$items_per_page"; }
+    if (substr($uriparams, -1)==";") {
+        $uriparams = substr($uriparams,0,strlen($uriparams)-5);
+    }
+    return $uriparams;
+}
+
+// -----------------------------
+// function installtrigger() -- print installtrigger function for extension/theme installation on page.
+// Usage null uriparams(string functionname) 
+// -----------------------------
+
+function installtrigger($functionname) {
+    if ($functionname=="extensions") {
+    echo'
+        <script type="text/javascript">
+        <!--
+
+        function install( aEvent, extName, iconURL)  {   
+
+            if (aEvent.target.href.match(/^.+\.xpi$/)) {
+
+                var params = new Array();
+
+                params[extName] = {
+                    URL: aEvent.target.href,
+                    IconURL: iconURL,
+                    toString: function () { return this.URL; }
+                };
+
+                InstallTrigger.install(params);
+
+                try {
+                    var p = new XMLHttpRequest();
+                    p.open("GET", "'.WEB_PATH.'/core/install.php?uri="+aEvent.target.href, true);
+                    p.send(null);
+                } catch(e) { }
+
+                return false;
+            }
+        }
+
+        -->
+        </script>
+    ';
+
+
+    } else if ($functionname=="themes") {
+    echo'
+        <script type="text/javascript">
+        <!--
+            function installTheme( aEvent, extName) {
+                InstallTrigger.installChrome(InstallTrigger.SKIN,aEvent.target.href,extName);
+
+                try {
+                    var p = new XMLHttpRequest();
+                    p.open("GET", "'.WEB_PATH.'/core/install.php?uri="+aEvent.target.href, true);
+                    p.send(null);
+                } catch(e) { }
+                return false;
+            }
+        -->
+        </script>
+    ';
+    }
+}
+
+/**
+   mozupd_buildDownloadlURL function
+   builds the URL for extensions/themes download
+   in the form /core/install.php/filename.$ext?passthrough=yes&uri=$uri
+   performing entities escaping as per W3C specification 
+   
+   @param string $uri the 'real' URI of the file
+   @param string $name file name
+   @param string $version file version
+   @param string $ext suggested file extension, including leading '.'
+   @param boolean $force should we force passed extension?
+   
+   @author: Giorgio Maone <g.maone at informaction dot com>
+   @version: 0.1
+*/
+function mozupd_buildDownloadURL($uri, $name, $version, 
+                                    $ext='.xpi', $force=FALSE) {
+                                      
+  if(preg_match('/.*\/(.*?)(\.[a-z]+)(\?|$)/i',$uri,$uri_parts) // uri parsing
+     && strcasecmp($autoext=$uri_parts[2],$ext)==0 // extension exact matching
+      || (!$force // autodetection for a set of reasonable download extensions
+          && preg_match('/^\.(jar|xpi|zip|exe|gz[\w]+|bz[\w+]|rpm)$/i',$autoext)
+       )
+  ) {
+    $filename=$uri_parts[1].$uri_parts[2];
+  } else { // fall back if $uri has not a recognized extension
+    $filename=ereg_replace('/\W/','_',"$name $version").$ext;
+  }
+ 
+  return htmlspecialchars( // if we don't escape '&' and friends validator cries
+    "/core/install.php/$filename?passthrough=yes&uri=".urlencode($uri));
+}
+
+/**
+ * Get time as a float.
+ * @return float
+ */
+function getmicrotime() {
+	list($usec, $sec) = explode(" ", microtime());
+    return ((float)$usec + (float)$sec);
+}
+
+/**
+ * Update the Rating for an ID
+ * @param int ID
+ */
+function update_rating($id) 
+{
+    global $connection;
+
+    // Sanatize $id
+    settype($id, "integer");
+    if ($id <= 0) {
+         page_error("15", "Invalid ID in call to update ratings");
+    }
+
+    // Select current average from the database; note we can now use the AVG
+    // function as the decision has been taken to make the average the average
+    // over the duration of the items life rather than the last 30 days.
+    // Added as part of Bug 296541 which changed the database schema
+
+    $sql = "SELECT AVG(CommentVote) AS CommentVote FROM `feedback` " .
+           "WHERE ID = $id AND `CommentVote` IS NOT NULL";
+    $sql_result = mysql_query($sql, $connection) or
+        trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+
+    $row = mysql_fetch_array($sql_result);
+    // Round to 2 decimal places, enough for the application
+    $average = round($row["CommentVote"], 2);
+    // Update the database with the new average
+    $sql = "UPDATE `main` SET `Rating`='$average' WHERE `ID`='$id' LIMIT 1";
+    $sql_result = mysql_query($sql, $connection) or
+        trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+}
+
+/**
+ * Form a properly formatted string for comparison based on applications table
+ * data.
+ * @param string $major
+ * @param string $minor
+ * @param string $release
+ * @param string $subver
+ * @return string $version
+ */
+function buildAppVersion ($major,$minor,$release,$subver) {
+
+    // This is our final version string.
+    $version = '';
+
+    // By default, we cat major and minor versions, because we assume they
+    // exist and are always numeric.  And they typically are, for now... :\
+    $version = $major.'.'.$minor;
+
+    // If we have a release and it's not a final version, add the release.
+    if (isset($release) && (empty($subver) || isset($subver) && $subver != 'final' && $subver != '+')) {
+
+        // Only add the '.' if it's numeric.
+        if (preg_match('/^\*|\w+$/',$release)) {
+            $version = $version.'.'.$release;
+        } else {
+            $version = $version.$release;
+        }
+    }
+
+    // If we have a subversion and it's not 'final', append it depending on its type.
+    if (!empty($subver) && $subver != 'final') {
+        if (preg_match('/^\*|\w+$/',$subver)) {
+            $version  = $version.'.'.$subver;
+        } else {
+            $version  = $version.$subver;
+        }
+    }
+
+    return $version;
+}
+
+/**
+ * check_filename() function
+ * checks a file name and die if it is "evil"
+ * @param string $filename the file to be checked
+ * @return the checked file
+ */
+function check_filename($filename) {
+    if(strlen($filename) && (preg_match('/[\/\\\\]/',$filename) || !preg_match('/\.(xpi|jar)$/',$filename))) {
+        die('Error: bad file name "'.htmlentities($filename).'"');
+    }
+    return $filename;
+}
+
+/**
+ * This is a temp function.
+ * It is a placeholder until multiple locales are supported.
+ * Morgamic did not write this.
+ * @param array $array
+ * @return mixed values
+ */
+function default_l10n($array)
+{
+    if ($array["en-US"]) {
+        return $array["en-US"];
+    } else {
+        foreach ($array as $val) {
+            return $val;
+        }
+    }
+}
+?>

mozilla/webtools/update/core/inc_guids.php

@@ -0,0 +1,51 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+//Reset GUIDs to something human-readable
+if (isset($_GET['application'])) {
+    if ($_GET["application"]=="{ec8030f7-c20a-464f-9b0e-13a3a9e97384}") {
+    $_GET["application"]="firefox"; 
+
+    } else if ($_GET["application"]=="{3550f703-e582-4d05-9a08-453d09bdfdc6}") {
+    $_GET["application"]="thunderbird";
+
+    } else if ($_GET["application"]=="{86c18b42-e466-45a9-ae7a-9b95ba6f5640}") {
+    $_GET["application"]="mozilla";
+    }
+}
+?>

mozilla/webtools/update/core/inc_header.php

@@ -0,0 +1,134 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+?>
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
+<html lang="en">
+
+<head>
+
+    <?php
+    $page_title = (empty($page_title)) ? 'Mozilla Update' : $page_title;
+    echo '<title>'.$page_title.'</title>'."\n";
+    ?>
+
+    <meta http-equiv="content-type" content="text/html; charset=utf-8">
+    
+	<meta name="keywords" content="mozilla update, mozilla extensions, mozilla plugins, thunderbird themes, thunderbird extensions, firefox extensions, firefox themes">
+	
+	<link rel="stylesheet" type="text/css" href="<?php echo WEB_PATH; ?>/css/print.css" media="print">
+	
+	<link rel="stylesheet" type="text/css" href="<?php echo WEB_PATH; ?>/css/base/content.css" media="all">
+	<link rel="stylesheet" type="text/css" href="<?php echo WEB_PATH; ?>/css/cavendish/content.css" title="Cavendish" media="all">
+	
+	<link rel="stylesheet" type="text/css" href="<?php echo WEB_PATH; ?>/css/base/template.css" media="screen">
+	<link rel="stylesheet" type="text/css" href="<?php echo WEB_PATH; ?>/css/cavendish/template.css" title="Cavendish" media="screen">
+	
+	<link rel="icon" href="<?php echo WEB_PATH; ?>/favicon.ico" type="image/png">
+	
+	<link rel="home" title="Home" href="http://update.mozilla.org/">
+<?php
+    // Display the approval javascript page only on approval.php
+    if(strpos($_SERVER["PHP_SELF"], "approval.php") !== false) {
+        echo "<script language=\"JavaScript\" type=\"text/javascript\" src=\"".WEB_PATH."/developers/approval.js\"></script>\n";
+    }
+
+if (!empty($page_headers)) {
+    echo $page_headers;
+}
+?>
+</head>
+
+<body>
+<div id="container">
+
+<p class="skipLink"><a href="#firefox-feature" accesskey="2">Skip to main content</a></p>
+
+<div id="mozilla-com"><a href="http://mozilla.com/">Visit mozilla.com</a></div>
+<div id="header">
+
+
+	<div id="key-title">
+
+<?php
+// Here we want to show different headers based on which application we are currently viewing.
+// @TODO Consider a common 'branding' instead.
+switch (strtolower($application)) {
+    default:
+    case 'firefox':
+        echo '<h1><a href="'.WEB_PATH.'/?application=firefox" title="Return to home page" accesskey="1"><img src="'.WEB_PATH.'/images/title-firefox.gif" width="276" height="54" alt="Firefox Add-ons Beta"></a></h1>';
+    break;
+
+    case 'thunderbird':
+        echo '<h1><a href="'.WEB_PATH.'/?application=thunderbird" title="Return to home page" accesskey="1"><img src="'.WEB_PATH.'/images/title-thunderbird.gif" width="355" height="54" alt="Thunderbird Add-ons Beta"></a></h1>';
+    break;
+
+    case 'mozilla':
+        echo '<h1><a href="'.WEB_PATH.'/?application=mozilla" title="Return to home page"
+        accesskey="1"><img src="'.WEB_PATH.'/images/title-suite.gif" width="370" height="54" alt="Mozilla Suite Add-ons Beta"></a></h1>';
+    break;
+}
+?>
+	
+		<form id="search" method="get" action="<?php echo WEB_PATH; ?>/search.php" title="Search Mozilla Update">
+		<div>
+		<label for="q" title="Search Mozilla Update">search:</label>
+		<input type="text" id="q" name="q" accesskey="s" size="10">
+		<select name="section" id="sectionsearch">
+		  <option value="A">Entire Site</option>
+		  <option value="E">Extensions</option>
+		  <option value="T">Themes</option>
+		</select>
+        <input type="hidden" name="app" value="<?=$application?>">
+		<input type="submit" id="submit" value="Go">
+		</div>
+		</form>
+	</div>
+	<div id="key-menu">	
+        <ul id="menu-firefox">
+            <li<?=(isset($currentTab)&&$currentTab=='home')?' class="current"':''?>><a href="<?=WEB_PATH?>/?application=<?=$application?>">Home</a></li>
+            <li<?=(isset($currentTab)&&$currentTab=='extensions')?' class="current"':''?>><a href="<?=WEB_PATH?>/extensions/?application=<?=$application?>">Extensions</a></li>
+            <li<?=(isset($currentTab)&&$currentTab=='pfs')?' class="current"':''?>><a href="https://pfs.mozilla.org/plugins/?application=<?=$application?>">Plugins</a></li>
+            <li<?=(isset($currentTab)&&$currentTab=='search-engines')?' class="current"':''?>><a href="<?=WEB_PATH?>/search-engines.php?application=<?=$application?>">Search Engines</a></li>
+            <li<?=(isset($currentTab)&&$currentTab=='themes')?' class="current"':''?>><a href="<?=WEB_PATH?>/themes/?application=<?=$application?>">Themes</a></li>
+        </ul>
+    </div>
+</div>
+<!-- closes #header-->
+
+<hr class="hide">
+

mozilla/webtools/update/core/inc_version_comparison.php

@@ -0,0 +1,155 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// Contributor(s):
+//        Benjamin Smedberg
+//        Mike Morgan 
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+/**
+ * Version comparison script.  The purpose of this file is to mimic the C++
+ * version comparison algorithm so version comparisons in VersionCheck.php are
+ * properly executed with expected results.  This could have been accomplished
+ * by establishing a standardized versioning scheme across all Mozilla
+ * operations, but although that would make more sense, it's simply too late
+ * for that now.  We cannot escape this.
+ *
+ * @package umo
+ * @subpackage core
+ */
+
+/**
+ * Parse a version part. 
+ * @return array $r parsed version part.
+ */
+function NS_ParseVersionPart($p) {
+    if ($p == '*') {
+        return array('numA'   => 2147483647,
+                     'strB'   => '',
+                     'numC'   => 0,
+                     'extraD' => '');
+    }
+
+    preg_match('/^([-\d]*)([^-\d]*)([-\d]*)(.*)$/', $p, $m);
+
+    $r = array('numA'   => intval($m[1]),
+               'strB'   => $m[2],
+               'numC'   => intval($m[3]),
+               'extraD' => $m[4]);
+
+    if ($r['strB'] == '+') {
+        ++$r['numA'];
+        $r['strB'] = 'pre';
+    }
+
+    return $r;
+}
+
+/**
+ * Compare parsed version parts.
+ * @param string $an
+ * @param string $bp
+ * @return int $r
+ */
+function NS_cmp($an, $bn) {
+    if ($an < $bn)
+        return -1;
+
+    if ($an > $bn)
+        return 1;
+
+    return 0;
+}
+
+/**
+ * Recursive string comparison.
+ * @param string $as
+ * @param string $bs
+ * @return int $r
+ */
+function NS_strcmp($as, $bs) {
+    if ($as == $bs)
+        return 0;
+
+    if ($as == '')
+        return 1;
+
+    if ($bs == '')
+        return -1;
+
+    return strcmp($as, $bs);
+}
+
+/**
+ * Compare parsed version numbers.
+ * @param string $ap
+ * @param string $bp
+ * @return int $r -1|0|1
+ */
+function NS_CompareVersionParts($ap, $bp) {
+    $avp = NS_ParseVersionPart($ap);
+    $bvp = NS_ParseVersionPart($bp);
+
+    $r = NS_cmp($avp['numA'], $bvp['numA']);
+    if ($r)
+        return $r;
+
+    $r = NS_strcmp($avp['strB'], $bvp['strB']);
+    if ($r)
+        return $r;
+
+    $r = NS_cmp($avp['numC'], $bvp['numC']);
+    if ($r)
+        return $r;
+
+    return NS_strcmp($avp['extraD'], $bvp['extraD']);
+}
+
+/**
+ * Master comparison function.
+ * @param string $a complete version string.
+ * @param string $b complete version string.
+ * @return int $r -1|0|1
+ */
+function NS_CompareVersions($a, $b) {
+    $al = explode('.', $a);
+    $bl = explode('.', $b);
+
+    while (count($al) || count($bl)) {
+        $ap = array_shift($al);
+        $bp = array_shift($bl);
+
+        $r = NS_CompareVersionParts($ap, $bp);
+        if ($r != 0)
+            return $r;
+    }
+
+    return 0;
+}
+?>

mozilla/webtools/update/core/init.php

@@ -0,0 +1,97 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+/**
+ * Mozilla Update Initialization Script
+ * 
+ * Configuration, libraries and includes are processed here.
+ *
+ * @package umo
+ * @subpackage core
+ * @author Mike Morgan
+ */
+
+// Process configuration file.
+require_once('config.php');
+
+// Connect to DB.
+//
+// The core includes depend on this, so taking this out for use in static pages
+// is not possible.
+//
+// For completely static pages, do not require init.php, require only config.php.
+// This prevents unnecessary database connections.
+//
+
+function logAndDie()
+{
+    error_log('MySQL Error -- ' . mysql_errno().': ' . mysql_error(), 0);
+    // No caching error pages, please!
+    header('Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, private',true);
+    header('Pragma: no-cache',true);
+    require_once(FILE_PATH.'/busy.php');
+    exit;
+}
+
+// If we have the SHADOW_DB flag set, use the SHADOW_DB - otherwise use the regular db.
+if (defined('USE_SHADOW_DB')) {
+    // SHADOW_DB_HOST, SHADOW_DB_USER, SHADOW_DB_PASS, SHADOW_DB_NAME are set in ./config.php
+    $connection = @mysql_connect(SHADOW_DB_HOST,SHADOW_DB_USER,SHADOW_DB_PASS);
+    if (is_resource($connection)) {
+        $db = @mysql_select_db(SHADOW_DB_NAME, $connection);
+    } else {
+        logAndDie();
+    }
+} else { 
+    // DB_HOST, DB_USER, DB_PASS, DB_NAME are set in ./config.php
+    $connection = @mysql_connect(DB_HOST,DB_USER,DB_PASS);
+    if (is_resource($connection)) {
+        $db = @mysql_select_db(DB_NAME, $connection);
+    } else {
+        logAndDie();
+    }
+}
+
+// Includes.
+require_once('inc_guids.php'); // GUID --> AppName Handler
+require_once('inc_global.php'); // Global Functions - Variable Cleanup
+require_once('inc_browserdetection.php'); // Browser Detection - App Variable Handling
+
+// Start timer.
+$time_start = getmicrotime();
+?>

mozilla/webtools/update/core/install.php

@@ -0,0 +1,95 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//      Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//      Mike Morgan <morgamic@gmail.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+?>
+<?php 
+require_once('../core/init.php');
+
+//Get Full Information for the file requested.
+$uri = escape_string(str_replace(" ","+",$_GET["uri"]));
+$sql = "SELECT `vID`, TM.ID, `URI` FROM `version` TV INNER JOIN `main` TM ON TM.ID=TV.ID WHERE `URI`='$uri' LIMIT 1";
+$sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+
+if (mysql_num_rows($sql_result)=="0") {
+    exit("Invalid URI cannot Continue");
+} else {
+
+    // Get our info.
+    $row = mysql_fetch_array($sql_result);
+    $uri=$row["URI"]; 
+    $id = $row["ID"];
+    $vid = $row["vID"];
+}
+
+//Are we behind a proxy and given the IP via an alternate enviroment variable? If so, use it.
+if (!empty($_SERVER["HTTP_X_FORWARDED_FOR"])) {
+    $remote_addr = mysql_real_escape_string($_SERVER["HTTP_X_FORWARDED_FOR"]);
+} else {
+    $remote_addr = mysql_real_escape_string($_SERVER["REMOTE_ADDR"]);
+}
+
+// Clean the user agent string.
+$http_user_agent = mysql_real_escape_string($_SERVER['HTTP_USER_AGENT']);
+
+// Rate limit set to 10 minutes.
+$sql = "
+    SELECT
+        `dID`
+    FROM
+        `downloads`
+    WHERE
+        `ID`='$id' AND
+        `vID`='$vid' AND
+        `user_ip`='$remote_addr' AND
+        `user_agent`='$http_user_agent' AND
+        `date`>DATE_SUB(NOW(), INTERVAL 10 MINUTE)
+    LIMIT 
+        1
+";
+$sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+
+if (mysql_num_rows($sql_result)==0) {
+    $sql = "INSERT INTO `downloads` (`ID`,`date`,`vID`, `user_ip`, `user_agent`) VALUES ('$id',NOW(),'$vid', '$remote_addr', '$http_user_agent');";
+    $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+}
+
+// Send User on their way to the file, if requested...
+if ($_GET["passthrough"]=="yes") {
+    header("Location: $uri");
+}
+?>

mozilla/webtools/update/core/maintenance.php

@@ -0,0 +1,253 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//      Mike Morgan <morgamic@gmail.com> 
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+?>
+<?php 
+/**
+ * Maintenance script for addons.mozilla.org.
+ *
+ * The purpose of this document is to perform periodic tasks that should not be
+ * done everytime a download occurs in install.php.  This should reduce
+ * unnecessary DELETE and UPDATE queries and lighten the load on the database
+ * backend.
+ *
+ * This script should not ever be accessed over HTTP.
+ *
+ * @package umo
+ * @subpackage core
+ */
+
+
+// Before doing anything, test to see if we are calling this from the command
+// line.  If this is being called from the web, HTTP environment variables will
+// be automatically set by Apache.  If these are found, exit immediately.
+if (isset($_SERVER['HTTP_HOST'])) {
+    exit;
+}
+
+// If we get here, we're on the command line, which means we can continue.
+require_once('init.php');
+
+// Start our timer.
+$start = getmicrotime();
+
+// Get our action.
+$action = isset($_SERVER['argv'][1]) ? $_SERVER['argv'][1] : '';
+
+// Perform specified task.  If a task is not properly defined, exit.
+switch ($action) {
+
+    /**
+     * Update weekly addon counts.
+     */
+    case 'weekly':
+        // Get 7 day counts from the download table.
+        $seven_day_count_sql = "
+            SELECT
+                downloads.ID as ID,
+                COUNT(downloads.ID) as seven_day_count
+            FROM
+                `downloads`
+            WHERE
+                `date` >= DATE_SUB(NOW(), INTERVAL 7 DAY)
+            GROUP BY
+                downloads.ID
+            ORDER BY
+                downloads.ID
+        ";
+
+        echo 'Retrieving seven-day counts from `downloads` ...'."\n";
+        $seven_day_count_result = mysql_query($seven_day_count_sql, $connection) 
+            or trigger_error('MySQL Error '.mysql_errno().': '.mysql_error()."", 
+                             E_USER_NOTICE);
+
+        $affected_rows = mysql_num_rows($seven_day_count_result);
+    
+        if ($affected_rows > 0 ) {
+            $seven_day_counts = array();
+            while ($row = mysql_fetch_array($seven_day_count_result)) {
+                $seven_day_counts[$row['ID']] = ($row['seven_day_count']>0) ? $row['seven_day_count'] : 0;
+            }
+
+            echo 'Updating seven day counts in `main` ...'."\n";
+
+            foreach ($seven_day_counts as $id=>$seven_day_count) {
+                $seven_day_count_update_sql = "
+                    UPDATE `main` SET `downloadcount`='{$seven_day_count}' WHERE `id`={$id}
+                ";
+
+                $seven_day_count_update_result = mysql_query($seven_day_count_update_sql, $connection) 
+                    or trigger_error('mysql error '.mysql_errno().': '.mysql_error()."", 
+                                     E_USER_NOTICE);
+            }
+        }
+    break;
+
+
+
+    /**
+     * Update all total download counts.
+     */
+    case 'total':
+
+        // Get the max dID from downloads so we don't miscount hits 
+        // that occur while the update query is running.
+        $max_sql = "
+            SELECT
+                MAX(dID) as max_id
+            FROM
+                downloads
+        ";
+
+        $max_result = mysql_query($max_sql, $connection)
+            or trigger_error('MySQL Error '.mysql_errno().': '.mysql_error()."", 
+                             E_USER_NOTICE);
+
+        $max_row = mysql_fetch_array($max_result,MYSQL_ASSOC);
+
+        $max_id = $max_row['max_id'];
+
+        // Get uncounted hits from the download table.
+        // We only select counts for dID < max_id for accuracy.
+        $uncounted_hits_sql = "
+            SELECT
+                downloads.ID as ID,
+                COUNT(downloads.ID) as count
+            FROM
+                downloads
+            WHERE
+                `counted`=0 AND
+                dID <= {$max_id}
+            GROUP BY
+                downloads.ID
+            ORDER BY
+                downloads.ID
+        ";
+
+        echo 'Retrieving uncounted downloads ...'."\n";
+
+        $uncounted_hits_result = mysql_query($uncounted_hits_sql, $connection) 
+            or trigger_error('MySQL Error '.mysql_errno().': '.mysql_error()."", 
+                             E_USER_NOTICE);
+        $affected_rows = mysql_num_rows($uncounted_hits_result);
+
+        if ($affected_rows > 0) {
+            $uncounted_hits = array();
+            while ($row = mysql_fetch_array($uncounted_hits_result)) {
+                $uncounted_hits[$row['ID']] = ($row['count'] > 0) ? $row['count'] : 0;
+            }
+
+            echo 'Updating download totals ...'."\n";
+
+            foreach ($uncounted_hits as $id=>$hits) {
+                $uncounted_update_sql = "
+                    UPDATE `main` SET `TotalDownloads`=`TotalDownloads`+{$hits} WHERE `ID`={$id}
+                ";
+                $uncounted_update_result = mysql_query($uncounted_update_sql, $connection) 
+                    or trigger_error('MySQL Error '.mysql_errno().': '.mysql_error()."", 
+                                     E_USER_NOTICE);
+            }
+
+
+            // If we get here, we've counted everything and we can mark stuff for
+            // deletion.
+            //
+            // Mark the downloads we just counted as counted if it has a key lower 
+            // than max_id, because all keys lower than max_id have been counted above
+            $counted_update_sql = "
+                UPDATE
+                    `downloads`
+                SET
+                    `counted`=1
+                WHERE
+                    dID <= {$max_id}
+            ";
+            $counted_update_result = mysql_query($counted_update_sql, $connection) 
+                or trigger_error('MySQL Error '.mysql_errno().': '.mysql_error()."", 
+                                 E_USER_NOTICE);
+        } else {
+            $affected_rows = 0;
+        }
+    break;
+
+
+
+    /**
+     * Garbage collection for all records that are older than 8 days.
+     */
+    case 'gc':
+        echo 'Starting garbage collection ...'."\n";
+        $gc_sql = "
+            DELETE FROM
+                `downloads`
+            WHERE
+                `date` < DATE_SUB(NOW(), INTERVAL 8 DAY)
+        ";
+        $gc_result = mysql_query($gc_sql, $connection) 
+            or trigger_error('MySQL Error '.mysql_errno().': '.mysql_error()."", 
+                             E_USER_NOTICE);
+
+        // This is unreliable, but it's not a big deal.
+        $affected_rows = mysql_affected_rows();
+    break;
+
+
+
+    /**
+     * Unknown command.
+     */
+    default:
+        echo 'Command not found. Exiting ...'."\n";
+        exit;
+    break;
+}
+// End switch.
+
+
+
+// How long did it take to run?
+$exectime = getmicrotime() - $start;
+
+
+
+// Display script output.
+echo 'Affected rows: '.$affected_rows.'    ';
+echo 'Time: '.$exectime."\n";
+echo 'Exiting ...'."\n";
+
+
+
+exit;
+?>

mozilla/webtools/update/core/postfeedback.php

@@ -0,0 +1,229 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+//Submit Review/Rating Feedback to Table
+require_once('../core/init.php');
+
+// Minimum number of seconds since the last comment.
+define("COMMENTS_MIN_BREAK", 90);
+define("COMMENTS_MAX_LENGTH", 2000);
+
+/**
+ * Check if client has posted recently.
+ *
+ * @param string name - Name that they User Submitted
+ * @param string addr - IPv4 Address of the client to check
+ * @return bool - True if the client has posted too often, false if they have not
+ *                posted recently.
+ */
+function client_rate_limited($name, $addr) 
+{
+    global $connection;
+
+    $sql = "SELECT (UNIX_TIMESTAMP(CURRENT_TIMESTAMP()) - UNIX_TIMESTAMP(CommentDate)) as since_last_post
+            FROM `feedback` 
+            WHERE commentip = '".$addr."' OR
+                  CommentName = '".$name."'
+            ORDER BY CommentDate DESC LIMIT 1";
+   
+    $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_ERROR);
+   
+    $count = mysql_num_rows($sql_result);
+    if ($count == 0) {
+        return false;
+    }
+    else if ($count == 1) {
+        $row = mysql_fetch_array($sql_result);
+        if ($row['since_last_post'] > COMMENTS_MIN_BREAK) {
+            return false;
+        }
+    }
+
+    return true;
+}
+
+/**
+ * @param string key - formkey to test for
+ * @return bool True if the formkey is valid, false if invalid.
+ */
+function valid_form_key($key) 
+{
+    global $connection;
+    //Check the Formkey against the DB, and see if this has already been posted...
+    $formkey = escape_string($key);
+    $date = date("Y-m-d H:i:s", mktime(0, 0, 0, date("m"), date("d")-1, date("Y")));
+    $sql = "SELECT `CommentID` FROM  `feedback` WHERE `formkey` = '$formkey' AND `CommentDate`>='$date'";
+    $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_ERROR);
+    if (mysql_num_rows($sql_result) == 0) {
+        return true;
+    }
+    return false;
+}
+
+/**
+ * Check if a client is banned from posting comments
+ * @param string address - IPv4 Client IP Address to check
+ * @return bool - True if the client is banned, false if they are not.
+ */
+function client_ip_banned($address) 
+{
+    global $connection;
+    $sql = "SELECT `bID` from `feedback_ipbans` WHERE `beginip` <= '$address' AND `endip` >='$address' LIMIT 1";
+    $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_ERROR);
+    if (mysql_num_rows($sql_result)== 0) {
+        return false;
+    }
+    return true;
+}
+
+/**
+ * Determine the Client IP Address as Logged
+ * @return string IP Address of the client
+ */
+function get_client_ip() 
+{
+    // Are we behind a proxy and given the IP via an alternate enviroment variable? If so, use it.
+    if (isset($_SERVER["HTTP_X_FORWARDED_FOR"])) {
+        return $_SERVER["HTTP_X_FORWARDED_FOR"];
+    } 
+    else {
+        return $_SERVER["REMOTE_ADDR"];
+    }
+}
+
+
+//Check and see if the ID/vID is valid.
+$sql = "SELECT TM.ID, TV.vID 
+        FROM `main` TM 
+        INNER JOIN `version` TV ON TM.ID=TV.ID 
+        WHERE TM.ID = '".escape_string($_POST['id'])."' AND `vID`='".escape_string($_POST["vid"])."' LIMIT 1";
+
+$sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_ERROR);
+if (mysql_num_rows($sql_result)=="0") {
+    unset($_POST["id"],$_POST["vid"],$id,$vid);
+} 
+else {
+    $id = escape_string($_POST["id"]);
+    $vid = escape_string($_POST["vid"]);
+}
+
+$comments = nl2br(strip_tags(escape_string($_POST["comments"])));
+$email = escape_string($_POST["email"]);
+
+$name="Anonymous";
+
+if (strlen($comments) > COMMENTS_MAX_LENGTH) {
+    page_error("29912312", "Your comment was longer than the maximum allowed length of ".COMMENTS_MAX_LENGTH." characters.");
+    exit;
+}
+
+if (isset($_POST["name"])) {
+    $name = escape_string(strip_tags($_POST["name"]));
+}
+
+$title="No Title";
+if (isset($_POST["title"])) {
+    $title = escape_string(strip_tags($_POST["title"]));
+}
+
+$rating = escape_string($_POST["rating"]);
+// Make Sure Rating is as expected.
+if (!(is_numeric($rating) and $rating<=5 and $rating>=0)) {
+    unset($rating);
+} 
+
+if (!isset($rating) or !$comments ) {
+    //No Rating or Comment Defined, throw an error.
+    page_error("3","Comment is Blank or Rating is Null.");
+    exit;
+}
+
+
+//Compile Info about What Version of the item this comment is about.
+$sql = "SELECT TV.Version, `OSName`, `AppName` FROM `version` TV
+        INNER JOIN `os` TOS ON TOS.OSID=TV.OSID
+        INNER JOIN `applications` TA ON TA.AppID=TV.AppID
+        WHERE TV.ID = '$id' AND TV.vID='$vid' LIMIT 1";
+$sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_ERROR);
+$row = mysql_fetch_array($sql_result);
+$version = $row["Version"];
+$os = $row["OSName"];
+$appname = $row["AppName"];
+$versiontagline = "version $version for $appname";
+
+if ($os !=="ALL") {
+    $versiontagline .=" on $os";
+}
+
+$remote_addr = escape_string(get_client_ip());
+
+$form_key = "";
+if (!valid_form_key($_POST['formkey'])) {
+    page_error("5","Invalid formkey.");
+    exit;
+}
+else {
+    $formkey = escape_string($_POST['formkey']);
+}
+
+if (client_rate_limited($name, $remote_addr)) {
+    page_error("6","You may only post one comment every ". COMMENTS_MIN_BREAK ." seconds.");
+    exit;
+}
+
+if (client_ip_banned($remote_addr)) {
+    page_error("7","Your IP Address is Banned from Making Comments.");
+    exit;
+}
+
+$sql = "INSERT INTO `feedback` (`ID`, `CommentName`, `CommentVote`, `CommentTitle`, `CommentNote`, `CommentDate`, `commentip`, `email`, `formkey`, `VersionTagline`) VALUES ('$id', '$name', '$rating', '$title', '$comments', NOW(NULL), '$remote_addr', '$email', '$formkey', '$versiontagline');";
+$sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+
+update_rating($id);
+
+if ($_POST["type"]=="E") {
+    $type="extensions";
+} else if ($_POST["type"]=="T") {
+    $type="themes";
+}
+
+$return_path="$type/moreinfo.php?id=$id&vid=$vid&page=comments&action=successful";
+header('Location: http://'.HOST_NAME.WEB_PATH.'/'.$return_path);
+exit;
+
+?>

mozilla/webtools/update/core/reportcomment.php

@@ -0,0 +1,99 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//   Colin Ogilvie <colin.ogilvie@gmail.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+//Inappropriate Comment Reporting Tool
+require_once('../core/init.php');
+
+if (strtolower($_SERVER['REQUEST_METHOD']) == 'post')
+{
+    $id = escape_string($_POST['id']);
+    $commentid = escape_string($_POST['commentid']);
+    
+    //Check and see if the CommentID/ID is valid.
+    $sql = "SELECT `ID`, `CommentID` FROM `feedback` WHERE `ID` = '".$id."' AND `CommentID`='" .$commentid."' LIMIT 1";
+    $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_ERROR);
+    if(mysql_num_rows($sql_result)==0) {
+        page_error("4","Comment could not be found. Please go back and try again.");
+    } else {
+        if ($_POST['action'] == 'reportconfirm')
+        {
+            $sql = "UPDATE `feedback` SET `flag`='YES' WHERE `CommentID`='".$commentid."' LIMIT 1";
+            $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+            if (mysql_affected_rows()==0)
+            {
+                page_error("5", "Comment could not be flagged for review. Please go back and try again.");
+            } else {
+                $page_title = 'Mozilla Update :: Report a Comment';
+                require_once(HEADER);
+                echo '<h1>Mozilla Update :: Report a Comment</h1>
+                <p>You have sucessfully reported this comment to Mozilla Update staff.</p>
+                <p>A staff member will review your submission and take the appropriate action.</p>
+                <p>Thank you for your assistance.</p>';
+                require_once(FOOTER);
+            }
+        }
+    }
+}
+else
+{
+    $page_title = 'Mozilla Update :: Report a Comment';
+    require_once(HEADER);
+    $id = escape_string($_GET['id']);
+    $commentid = escape_string($_GET['commentid']);
+    // Check to see if Comment ID is valid
+    $sql = "SELECT `ID`, `CommentID` FROM `feedback` WHERE `ID` = '".$id."' AND `CommentID`='" .$commentid."' LIMIT 1";
+    $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_ERROR);
+    if (mysql_num_rows($sql_result)==0)
+    {
+        page_error("4","Comment could not be found. Please go back and try again.");
+        // page_error automatically exists for us.
+    }
+?>
+    <h1>Mozilla Update :: Report a Comment</h1>
+    <p>You have asked for a comment to be reviewed by the Mozilla Update staff. To confirm this action, please click 'Review this Comment' below.</p>
+    <form action="reportcomment.php" method="post">
+        <input type="hidden" name="id" value="<?=$id?>">
+        <input type="hidden" name="commentid" value="<?=$commentid?>">
+        <input type="hidden" name="action" value="reportconfirm">
+        <input type="submit" name="submit" value="Review this Comment">
+    </form>
+<?
+    require_once(FOOTER);
+}
+?>

mozilla/webtools/update/css/base/content.css

@@ -0,0 +1,123 @@
+body, td, th, h3, input { /* redundant rules for bad browsers  */
+	font-family: verdana, sans-serif;
+	font-size: x-small;
+	voice-family: "\"}\"";
+	voice-family: inherit;
+	font-size: small;
+}
+
+body {
+	color: #333;
+	line-height: 140%;
+}
+
+a:link { color: #039; }
+a:visited { color: #609; }
+a:hover { color: #333; }
+a:active { color: #000; }
+
+#header a:visited { color: #039; }
+#header a:hover { color: #333; }
+
+#mBody li { padding-bottom: 0.5em; }
+
+.sidebar_content > h1,.sidebar_content > h2,.sidebar_content > h3,.sidebar_content > h4,.sidebar_content > h5,.sidebar_content > h6,.sidebar > h1,.sidebar_general > h2,.sidebar_general > h3,.sidebar_general > h4,.sidebar_general > h5,.sidebar_general > h6 {
+	margin-top: 0;
+}
+
+.sidebar_right {
+	margin-left: 65%;
+}
+
+.sidebar_general ul {
+	margin-left: 0;
+	padding-left: 20px;
+}
+
+.sidebar_general li {
+	padding: 0.2em 0;
+}
+
+img.imgright {
+	float: right;
+    margin: .3em .3em .3em 0;
+    padding: .3em .3em .3em 0;
+}
+
+img {
+	border: 0;
+}
+
+dt {
+	font-weight: bold;
+}
+
+dd {
+	margin: 0 0 1em 1em;
+}
+
+.skipLink {
+	position: absolute;
+	left: -1200px;
+	width: 990px;
+}
+
+.hide {
+	display: none;
+}
+
+ul.compact {
+	margin-left: 0;
+	padding-left: 20px;
+}
+
+img.rss {
+	float: right;
+	margin: 0;
+	padding: 4px 4px 0 0;
+}
+
+.first { margin-top: 0.2em; }
+
+.requires img {
+	vertical-align: middle;
+}
+
+/* Headers */
+
+#mainContent > h1:first-child,
+#mainContent > h2:first-child,
+#mainContent > h3:first-child,
+#mainContent > h4:first-child,
+#mainContent > h5:first-child,
+#mainContent > h6:first-child,
+#side > h1:first-child,
+#side > h2:first-child,
+#side > h3:first-child,
+#side > h4:first-child,
+#side > h5:first-child,
+#side > h6:first-child {
+	margin-top: 0;
+}
+
+.appversions {
+    border: 1px solid #ccc;
+    margin: .5em 0;
+}
+
+.appversions th {
+    background-color: #ccc;
+    padding: .2em;
+}
+
+.appversions .row1 {
+    background-color: #eee;
+}
+
+tr.rowa {
+    background-color: #eee;
+}
+
+tr.rowb {
+    background-color: #ddd;
+}

mozilla/webtools/update/css/base/template.css

@@ -0,0 +1,139 @@
+body {
+	min-width: 700px;
+	margin: 0 0 2em 0;
+	padding: 0;
+}
+
+#container {
+	width: 740px;
+	margin: 0 auto;
+}
+
+#mBody {
+	clear: both;
+	padding: .2em 0;
+}
+
+.sidebar_content {
+	width: 60%;
+	float: left;
+}
+
+#footer {
+	clear: both;
+}
+
+#side {
+	float: left;
+	width: 23%;
+	margin-bottom: 1em;
+}
+
+#mainContent {
+	margin-left: 25%;
+}
+.nomenu #mainContent {
+	margin-left: 0;
+}
+.bodyleft {
+	margin-left: 25% ! important
+}
+#mainContent.right {
+	float: left;
+	width: 62%;
+	margin-bottom: 1em;
+	margin-left: 0;
+}
+
+#side.right {
+	float: none;
+	width: auto;
+	margin-left: 65%;
+}
+
+p.security-update {
+	padding-left: 35px;
+	background: url(../../images/security-update.png) no-repeat;
+	margin-top: 0;
+	min-height: 30px;
+}
+
+/* Sidebar */
+
+#nav:before {
+	line-height: 0.1;
+	font-size: 1px;
+	background: transparent url("../../images/menu_tr.gif") no-repeat top right;
+	margin: 0;
+	height: 9px;
+	display: block;
+	border-bottom: 1px solid #ddd;
+	content: url("../../images/key-point_tl.gif");
+}
+#nav {
+	background: #E0E9E9 url("../../images/menu_back.gif") right repeat-y;
+}
+#nav:after {
+	display: block;
+	padding-top: 0;
+	line-height: 0.1;
+	font-size: 1px;
+	content:  url("../../images/key-point_bl.gif");
+	margin: 0 0 0 0;
+	height: 8px;
+	background: transparent url("../../images/menu_br.gif") scroll no-repeat bottom right ;
+	border-top: 1px solid #fff;
+}
+
+#nav, #nav ul {
+	margin: 0;
+	padding: 0;
+	list-style: none;
+}
+#nav {
+	margin-bottom: 1em;
+}	
+#nav li {
+	display: inline;
+	padding: 0;
+	margin: 0;
+}
+
+#nav li span { /* used for un-linked menu items */
+	display: block;
+	padding: 6px 10px;
+	font-weight: bold;
+	color: #666;
+}
+
+#nav li span#configParent, #nav li span #configuration {
+	display: inline;
+	font-weight: normal;
+	padding: 0;
+}
+
+#nav li a {
+	display: block;
+	padding: 6px 10px;
+	text-decoration: none;
+	background: #EDF2F2;
+	border-bottom: 1px solid #ddd;
+	border-top: 1px solid #fff;
+	border-right: 1px solid #ddd;
+}
+
+#nav li a:hover {
+	background: #E0E9E9;
+}
+
+#nav ul li span,#nav ul li a {
+	padding: 4px 8px 4px 20px;
+}
+
+.clear-both {
+    clear: both;
+}
+
+.center {
+    text-align: center;
+}

mozilla/webtools/update/css/cavendish/content.css

@@ -0,0 +1,289 @@
+#mBody h2 {
+	font: 140% arial,helvetica,verdana,sans-serif;
+	border-bottom: 1px solid #ccc;
+	margin-bottom: 0;
+}
+
+#mBody h2 a {
+    margin: 0;
+    padding: 0;
+    text-decoration: none;
+}
+
+#mBody h3 {
+	font: 120% arial,helvetica,verdana,sans-serif;
+	border-bottom: 1px solid #ccc;
+	margin-bottom: 0;
+}
+
+#mBody h1 {
+	font: 180% arial,helvetica,sans-serif;
+	border-bottom: 1px solid #ccc;
+	margin-bottom: 0;
+}
+
+.key-point:before {
+	line-height: 0.1;
+	font-size: 1px;
+	background: transparent url("../../images/key-point_tr.gif") no-repeat top right;
+	margin: -15px -15px 0 -15px;
+	height: 15px;
+	display: block;
+	border: none;
+	content: url("../../images/key-point_tl.gif");
+}
+.key-point {
+	background: #EFF8CE url("../../images/key-point_back.gif") right repeat-y;
+	padding: 15px;
+	margin-top: 18px;
+}
+.key-point:after {
+	display: block;
+	padding-top: 15px;
+	line-height: 0.1;
+	font-size: 1px;
+	content:  url("../../images/key-point_bl.gif");
+	margin: -15px;
+	height: 8px;
+	background: transparent url("../../images/key-point_br.gif") scroll no-repeat bottom right ;
+}
+
+#header form #submit {
+	font-size: 100%;
+	padding: 1px;
+	font-family: tahoma, arial, sans-serif;
+}
+
+#header form #q {
+	width: 10em;
+	font-size: 100%;
+	font-weight: normal;
+	border:	1px solid #9097A2;
+	padding: 2px;
+	font-family: tahoma, arial, sans-serif;
+}
+
+#sectionsearch {
+	font-size: 100%;
+	font-weight: normal;
+	font-family: tahoma, arial, sans-serif;
+} 
+
+.popularlist {
+	font-size: 85%;
+}
+
+.popularlist span {
+	color: #666;
+	white-space: nowrap;
+}
+
+.install a {
+	background: url(../../images/install.png) no-repeat;
+	padding: 3px 0 8px 30px;
+	display: block;
+	text-decoration: none;
+}
+
+.install a strong {
+	text-decoration: underline;
+}
+
+.install-box {
+	width: 18em;
+}
+
+#opinions h4 {
+	margin: 0;
+}
+
+.opinions-info {
+	font-size: 85%;
+	margin: 0 0 0.5em 0;
+}
+
+.opinions-info a {
+	text-decoration: none;
+	color: #666;
+}
+
+.opinions-info a:hover {
+	text-decoration: underline;
+}
+
+.opinions-text {
+	margin: 0;
+}
+
+.opinions-rating img {
+	vertical-align: middle;
+}
+
+.rating {
+	float: right;
+	font-size: 85%;
+	font-weight: bold;
+}
+
+.rating img {
+	vertical-align: middle;
+}
+
+.more-links {
+	margin: 0.5em 0 0 0;
+	padding: 0;
+}
+
+.more-links li {
+	display: inline;
+	margin: 0;
+	padding: 5px;
+}
+
+.screenshot {
+	float: right;
+	background: #fff;
+	padding: 0 0 2em 2em;
+}
+
+.screenshot a {
+	text-align: center;
+	display: block;
+}
+
+/* Remaining Original Update Styles */
+
+.item {
+	border: #D2D6D6 1px solid;
+    padding-left: 5px;
+    padding-right: 6px;
+    MARGIN-bottom: 10px;
+    -moz-border-radius: 10px;
+}
+
+.item a {
+	color: #00129c;
+    text-decoration: none;
+}
+.item a:visited {
+	color: #00129c;
+    text-decoration: none;
+}
+.item a:hover {
+	color: #fc5900;
+}
+
+.item h2 {
+    margin-top: 0.2em;
+}
+
+.recommended {
+    clear: both;
+    padding: 1em 0;
+}
+
+.recommended h2 {
+    padding: 1em 0 0 215px;
+    margin: 0;
+}
+
+.recommended p {
+    padding-left: 215px;
+}
+
+.recommended-download h3 {
+	font: small tahoma, verdana, sans-serif;
+	margin: 0;
+	background: url("../../images/download.gif") 0 100%;
+    font-size: small;
+	padding-bottom: 5px;
+}
+
+.recommended-download h3 a {
+	display: block;
+	background: url("../../images/download.gif") 0 0;
+    font-size: 65%;
+    font-weight: bold;
+	width: 165px;
+	padding: 12px 25px 5px 10px;
+	text-decoration: none;
+	color: #5A9A3B;
+}
+
+.recommended-download h3 a:hover {
+	text-decoration: underline;
+	color: #275113;
+}
+
+.recommended-download {
+	width: 200px;
+    padding: 15px 0 0 215px;
+}
+
+.recommended-img {
+    border: 2px outset #eee;
+    float: left;
+    margin: 1em 1em 0 0;
+}
+
+.iconbar {
+	padding-right: 15px;
+    float: left;
+    width: auto;
+    height: 34px;
+}
+
+.iconbar img {
+    float:left;
+}
+
+.iconbar a {
+    text-decoration: none;
+}
+
+.selected a, .selected a:visited {
+	 color: #fc5900;
+}
+
+.baseline {
+	margin-top: 5px;
+    border-top: #ccc 1px solid;
+    padding: 3px;
+    padding-left: 10px;
+    font-size: 8pt;
+    color: #333;
+}
+
+.tooltip {
+    cursor: help;
+    border-bottom: 1px dotted;
+}
+
+.disclaimer {
+    text-align: center;
+    color: #ccc;
+    font-size: x-small;
+    width: 600px;
+    margin-left: auto;
+    margin-right: auto;
+}
+
+.disclaimer a {
+    color: #999;
+}
+
+.finalists-link {
+    border: 1px solid #ccc;
+    display: block;
+    text-align: center;
+    font-size: 1.3em;
+    background-color: #eee;
+    margin: 1em 0 .5em 0;
+    padding: .5em;
+    text-decoration: none;
+}
+
+.finalists-link:hover {
+    background-color: #fff;
+    border: 1px inset #ccc;
+}

mozilla/webtools/update/css/cavendish/template.css

@@ -0,0 +1,313 @@
+body {
+	background: #fff url("../../images/body_back.gif") repeat-x;
+}
+
+#footer {
+	background: url("../../images/footer.gif") 0 8px no-repeat;
+	margin: 10px 0;
+	text-align: center;
+}
+
+#footer span,#footer a {
+	white-space: nowrap;
+	padding: 0 1em;
+	color: #666;
+	font-size: 85%;
+}
+
+#footer p a:hover {
+	color: #000;
+}
+
+#footer .switch-fx, 
+#footer .switch-tb, 
+#footer .switch-suite  {
+	padding-left: 30px;
+	font-size: 100%;
+	background: #fff 9px 0 no-repeat;
+}
+
+#footer .switch-tb {
+	background-image: url("../../images/switch-tb.gif");
+}
+
+#footer .switch-suite {
+	background-image: url("../../images/switch-suite.gif");
+}
+
+#footer .switch-fx {
+	background-image: url("../../images/switch-fx.gif");
+}
+
+/* Site Header */
+
+#header {
+	clear: both;
+	padding-top: 40px;
+	position: relative;
+} * html #header { padding-top: 20px; }
+
+#header h1 {
+	height: 46px;
+	margin: 0;
+	font-size: 2px;
+	position: absolute;
+	top: 0;
+	left: -4px;
+	border: none;
+	z-index: 5000;
+}
+
+#header form {
+	position: absolute;
+	right: 0;
+	top: 9px;
+	margin-left: 200px;
+	font-family: tahoma, arial, sans-serif;
+	font-size: 85%;
+}
+
+#key-menu {
+	background: #B2C1C8 url("../../images/header-bottom.gif") 0 100% no-repeat;
+	padding: 0 0 10px 0;
+	overflow: auto;
+	margin-bottom: 1em;
+}
+
+* html #key-menu {
+	overflow: visible;
+	height: 1px;
+}
+
+#key-menu ul, #key-menu li {
+	margin: 0;
+	padding: 0;
+	list-style: none;
+}
+
+#key-menu ul {
+	padding: 14px 12px 0 12px;
+	background: url("../../images/header-top.gif") 0 0 no-repeat;
+}
+
+#key-menu li {
+	float: left;
+	background: url("../../images/tabs.gif") 100% -50px;
+	padding-right: 5px;
+	margin-right: 2px;
+	border-bottom: 1px solid #849CA4;
+	margin-bottom: -10px;
+}
+
+#key-menu li a, #key-menu li span {
+	display: block;
+	float: left;
+	padding: 3px 15px 2px 20px;
+	background: url("../../images/tabs.gif") 0 -50px;
+	color: #5A7CBA;
+	text-decoration: none;
+}
+
+#key-menu li:hover a {
+	background-position: 0 -100px;
+}
+
+#key-menu li:hover {
+	background-position: 100% -100px;
+}
+
+#key-menu li.current {
+	background: url("../../images/tabs.gif") 100% 0;
+	border-bottom-color: white;
+}
+
+#key-menu li.current a, #key-menu li.current span {
+	background: url("../../images/tabs.gif") 0 0;
+	color: #999;
+}
+
+#mozilla-com a {
+	float: right;
+	display: block;
+	text-indent: -5000em;
+	width: 110px;
+	height: 25px;
+	text-decoration: none;
+	background: url("../../images/mozilla-org.gif") no-repeat;
+}
+
+/* End Site Header */
+
+/* Front Feature */
+.split-feature {
+    background: url("../../images/feature-back.png") 0 100% no-repeat;
+    overflow: auto;
+    padding-bottom: 10px;
+    margin-right: -2px;
+} * html .split-feature { overflow: visible; height: 1px; } 
+
+.split-feature-one, .split-feature-two {
+	padding: 15px 15px 0 15px;
+	float: left;
+}
+
+.split-feature-one {
+	width: 485px;
+	background: url("../../images/feature-back.png") 0 0 no-repeat;
+}
+
+.split-feature-one p {
+    margin-left: 220px;
+}
+
+.split-feature-two {
+	width: 185px;
+	padding-left: 25px;
+	background: url("../../images/feature-back.png") 100% 0 no-repeat;
+}
+
+.split-feature h2 {
+	margin: 0 0 0.2em 0;
+    font-family: verdana, arial, sans-serif;
+    font-size: 1.4em;
+}
+
+.split-feature h2 a {
+    text-decoration: none;
+    font-size: medium;
+    font-style: italic;
+}
+
+.split-feature-one p {
+	line-height: 160%;
+}
+
+.feature-download h3 {
+	font: 85% tahoma, verdana, sans-serif;
+	margin: 5px 0 0 0;
+	background: url("../../images/download.gif") 0 100%;
+	padding-bottom: 5px;
+}
+
+.feature-download h3 a {
+	display: block;
+	background: url("../../images/download.gif") 0 0;
+    font-weight: bold;
+	width: 165px;
+	padding: 12px 25px 5px 10px;
+	text-decoration: none;
+	color: #5A9A3B;
+}
+
+.feature-download h3 a:hover {
+	text-decoration: underline;
+	color: #275113;
+}
+
+.feature-download {
+	float: left;
+	width: 200px;
+	padding-right: 20px;
+}
+
+ol.top-10, ol.top-10 li {
+	margin: 0;
+	padding: 0;
+	list-style: none;
+}
+
+ol.top-10 li a {
+	display: block;
+	text-align: right;
+	padding: 1px 0 1px 20px;
+	border-top: 1px solid #eee;
+	text-decoration: none;
+	width: 160px;
+	background: url("../../images/top-10.gif") 0 0 no-repeat;
+	cursor: pointer; /* for IE as it ignores floating <strong>s */
+	font-size: 85%;
+}
+
+ol.top-10 li a:hover strong {
+	text-decoration: underline;
+}
+
+ol.top-10 li.top-10-2 a { background-position: 0 -50px; }
+ol.top-10 li.top-10-3 a { background-position: 0 -100px; }
+ol.top-10 li.top-10-4 a { background-position: 0 -150px; }
+ol.top-10 li.top-10-5 a { background-position: 0 -200px; }
+ol.top-10 li.top-10-6 a { background-position: 0 -250px; }
+ol.top-10 li.top-10-7 a { background-position: 0 -300px; }
+ol.top-10 li.top-10-8 a { background-position: 0 -350px; }
+ol.top-10 li.top-10-9 a { background-position: 0 -400px; }
+ol.top-10 li.top-10-10 a { background-position: 0 -450px; }
+
+ol.top-10 li strong {
+	float: left;
+}
+
+#front-search {
+	text-align: center;
+	margin: 1.5em 0 1em 0;
+}
+
+.front-section-left, .front-section-right {
+	width: 220px;
+	float: left;
+	color: #666;
+}
+
+.front-section-left {
+	padding: 5px 0 5px 190px;
+}
+
+.front-section-right {
+	padding: 5px 70px 5px 0;
+}
+
+.front-section-left h2, .front-section-right h2{
+	margin: 0;
+}
+
+.front-section-left ul, .front-section-right ul {
+	margin: 0;
+	padding: 0;
+	margin-bottom: 2em;
+}
+
+.front-section-left li, .front-section-right li {
+	padding: 0.2em 0;
+	margin-left: 20px;
+}
+
+.front-section {
+	width: 220px;
+	padding: 5px 0 5px 25px;
+	float: left;
+	color: #666;
+}
+
+.front-section h2 {
+	margin: 0;
+}
+
+.front-section ul {
+	margin: 0;
+	padding: 0;
+	margin-bottom: 2em;
+}
+
+.front-section li {
+	padding: 0.2em 0;
+	margin-left: 20px;
+}
+
+a.top-feature {
+    float: left;
+    background: #fff;
+}
+
+a.top-feature img {
+    margin: 0;
+    padding: 0;
+}

mozilla/webtools/update/database/README

@@ -0,0 +1,4 @@
+The files contained in this directory are schema for the Mozilla Update MySQL Database.
+This directory does not have to be on the webserver for the site to function, in fact, it should not be.
+
+Mozilla Update requires MySQL 4.0 or higher w/ InnoDB support.

mozilla/webtools/update/database/mozillaupdate.sql

@@ -0,0 +1,403 @@
+# ***** BEGIN LICENSE BLOCK *****
+# Version: MPL 1.1/GPL 2.0/LGPL 2.1
+#
+# The contents of this file are subject to the Mozilla Public License Version
+# 1.1 (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+# http:#www.mozilla.org/MPL/
+#
+# Software distributed under the License is distributed on an "AS IS" basis,
+# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+# for the specific language governing rights and limitations under the
+# License.
+#
+# The Original Code is Mozilla Update.
+#
+# The Initial Developer of the Original Code is
+# Chris "Wolf" Crews.
+# Portions created by the Initial Developer are Copyright (C) 2004
+# the Initial Developer. All Rights Reserved.
+#
+# Contributor(s):
+#   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+#   Alan Starr <alanjstarr@yahoo.com>
+#
+# Alternatively, the contents of this file may be used under the terms of
+# either the GNU General Public License Version 2 or later (the "GPL"), or
+# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+# in which case the provisions of the GPL or the LGPL are applicable instead
+# of those above. If you wish to allow use of your version of this file only
+# under the terms of either the GPL or the LGPL, and not to allow others to
+# use your version of this file under the terms of the MPL, indicate your
+# decision by deleting the provisions above and replace them with the notice
+# and other provisions required by the GPL or the LGPL. If you do not delete
+# the provisions above, a recipient may use your version of this file under
+# the terms of any one of the MPL, the GPL or the LGPL.
+#
+# ***** END LICENSE BLOCK *****
+
+-- phpMyAdmin SQL Dump
+-- version 2.6.0
+-- http://www.phpmyadmin.net
+-- 
+-- Host: localhost
+-- Generation Time: Dec 07, 2004 at 02:18 AM
+-- Server version: 4.0.21
+-- PHP Version: 4.3.8
+-- 
+-- Database: `mozillaupdate`
+-- 
+
+-- --------------------------------------------------------
+
+-- 
+-- Table structure for table `applications`
+-- 
+
+CREATE TABLE `applications` (
+  `AppID` int(11) NOT NULL auto_increment,
+  `AppName` varchar(30) NOT NULL default '',
+  `Version` varchar(15) NOT NULL default '',
+  `major` int(3) NOT NULL default '0',
+  `minor` int(3) NOT NULL default '0',
+  `release` int(3) NOT NULL default '0',
+  `SubVer` varchar(15) NOT NULL default 'final',
+  `GUID` varchar(50) NOT NULL default '',
+  `int_version` varchar(5) default NULL,
+  `public_ver` enum('YES','NO') NOT NULL default 'YES',
+  `shortname` char(2) NOT NULL default '',
+  PRIMARY KEY  (`AppID`),
+  KEY `additem_index` (`AppName`,`major`,`minor`,`release`,`SubVer`)
+) TYPE=InnoDB PACK_KEYS=0;
+
+-- --------------------------------------------------------
+
+-- 
+-- Table structure for table `approvallog`
+-- 
+
+CREATE TABLE `approvallog` (
+  `LogID` int(5) NOT NULL auto_increment,
+  `ID` varchar(11) NOT NULL default '',
+  `vID` varchar(11) NOT NULL default '',
+  `UserID` varchar(11) NOT NULL default '',
+  `action` varchar(255) NOT NULL default '',
+  `date` datetime NOT NULL default '0000-00-00 00:00:00',
+  `Installation` enum('','YES','NO') NOT NULL default '',
+  `Uninstallation` enum('','YES','NO') NOT NULL default '',
+  `NewChrome` enum('','YES','NO') NOT NULL default '',
+  `AppWorks` enum('','YES','NO') NOT NULL default '',
+  `VisualErrors` enum('','YES','NO') NOT NULL default '',
+  `AllElementsThemed` enum('','YES','NO') NOT NULL default '',
+  `CleanProfile` enum('','YES','NO') NOT NULL default '',
+  `WorksAsDescribed` enum('','YES','NO') NOT NULL default '',
+  `TestBuild` varchar(255) default NULL,
+  `TestOS` varchar(255) default NULL,
+  `comments` text NOT NULL,
+  PRIMARY KEY  (`LogID`),
+  KEY `ID` (`ID`),
+  KEY `vID` (`vID`),
+  KEY `UserID` (`UserID`),
+  KEY `UserID_2` (`UserID`)
+) TYPE=InnoDB;
+
+-- --------------------------------------------------------
+
+-- 
+-- Table structure for table `authorxref`
+-- 
+
+CREATE TABLE `authorxref` (
+  `ID` int(11) NOT NULL default '0',
+  `UserID` int(11) NOT NULL default '0',
+  KEY `ID` (`ID`),
+  KEY `UserID` (`UserID`)
+) TYPE=InnoDB;
+
+-- --------------------------------------------------------
+
+-- 
+-- Table structure for table `categories`
+-- 
+
+CREATE TABLE `categories` (
+  `CategoryID` int(11) NOT NULL auto_increment,
+  `CatName` varchar(30) NOT NULL default '',
+  `CatDesc` varchar(100) NOT NULL default '',
+  `CatType` enum('E','T','P') NOT NULL default 'E',
+  `CatApp` varchar(25) NOT NULL default '',
+  PRIMARY KEY  (`CategoryID`)
+) TYPE=InnoDB;
+
+-- --------------------------------------------------------
+
+-- 
+-- Table structure for table `categoryxref`
+-- 
+
+CREATE TABLE `categoryxref` (
+  `ID` int(11) NOT NULL default '0',
+  `CategoryID` int(11) NOT NULL default '0',
+  KEY `IDIndex` (`ID`,`CategoryID`),
+  KEY `CategoryID` (`CategoryID`)
+) TYPE=InnoDB;
+
+-- --------------------------------------------------------
+
+-- 
+-- Table structure for table `downloads`
+-- 
+
+CREATE TABLE `downloads` (
+  `dID` int(11) NOT NULL auto_increment,
+  `ID` varchar(5) NOT NULL default '',
+  `date` datetime default NULL,
+  `downloadcount` int(15) NOT NULL default '0',
+  `vID` varchar(5) NOT NULL default '',
+  `user_ip` varchar(15) NOT NULL default '',
+  `user_agent` text NOT NULL,
+  `type` enum('count','download') NOT NULL default 'download',
+  `counted` int(1) unsigned NOT NULL default '0',
+  PRIMARY KEY  (`dID`),
+  KEY `type` (`type`),
+  KEY `date` (`date`)
+) TYPE=InnoDB PACK_KEYS=0;
+
+-- --------------------------------------------------------
+
+-- 
+-- Table structure for table `faq`
+-- 
+
+CREATE TABLE `faq` (
+  `id` int(3) NOT NULL auto_increment,
+  `index` varchar(5) NOT NULL default '1',
+  `alias` varchar(20) NOT NULL default '',
+  `title` varchar(150) NOT NULL default '',
+  `text` text NOT NULL,
+  `lastupdated` timestamp(14) NOT NULL,
+  `active` enum('YES','NO') NOT NULL default 'YES',
+  PRIMARY KEY  (`id`)
+) TYPE=InnoDB PACK_KEYS=0;
+
+-- --------------------------------------------------------
+
+-- 
+-- Table structure for table `feedback`
+-- 
+
+CREATE TABLE `feedback` (
+  `CommentID` int(11) NOT NULL auto_increment,
+  `ID` int(11) NOT NULL default '0',
+  `CommentName` varchar(100) default NULL,
+  `CommentVote` enum('0','1','2','3','4','5') default NULL,
+  `CommentTitle` varchar(75) NOT NULL default '',
+  `CommentNote` text,
+  `CommentDate` datetime NOT NULL default '0000-00-00 00:00:00',
+  `commentip` varchar(15) NOT NULL default '',
+  `email` varchar(128) NOT NULL default '',
+  `formkey` varchar(160) NOT NULL default '',
+  `helpful-yes` int(6) NOT NULL default '0',
+  `helpful-no` int(6) NOT NULL default '0',
+  `helpful-rating` varchar(4) NOT NULL default '',
+  `VersionTagline` varchar(255) NOT NULL default '',
+  `flag` varchar(8) NOT NULL default '',
+  PRIMARY KEY  (`CommentID`),
+  KEY `ID` (`ID`),
+  KEY `CommentDate` (`CommentDate`)
+) TYPE=InnoDB PACK_KEYS=0;
+
+-- --------------------------------------------------------
+-- 
+-- Table structure for table `feedback_ipbans`
+-- 
+
+CREATE TABLE `feedback_ipbans` (
+  `bID` int(11) NOT NULL auto_increment,
+  `beginip` varchar(15) NOT NULL default '',
+  `endip` varchar(15) NOT NULL default '',
+  `DateAdded` datetime default '0000-00-00 00:00:00',
+  `comments` text NOT NULL,
+  PRIMARY KEY  (`bID`)
+) TYPE=InnoDB;
+
+-- --------------------------------------------------------
+
+-- 
+-- Table structure for table `main`
+-- 
+
+CREATE TABLE `main` (
+  `ID` int(11) NOT NULL auto_increment,
+  `GUID` varchar(50) NOT NULL default '',
+  `Name` varchar(100) NOT NULL default '',
+  `Type` enum('T','E','P') NOT NULL default 'T',
+  `DateAdded` datetime NOT NULL default '0000-00-00 00:00:00',
+  `DateUpdated` datetime NOT NULL default '0000-00-00 00:00:00',
+  `Homepage` varchar(200) default NULL,
+  `Description` text NOT NULL,
+  `Rating` varchar(4) NOT NULL default '0',
+  `downloadcount` int(15) NOT NULL default '0',
+  `TotalDownloads` int(18) NOT NULL default '0',
+  `devcomments` text NOT NULL,
+  PRIMARY KEY  (`ID`),
+  UNIQUE KEY `Name` (`Name`),
+  KEY `Type` (`Type`)
+) TYPE=InnoDB PACK_KEYS=0;
+
+-- --------------------------------------------------------
+
+-- 
+-- Table structure for table `os`
+-- 
+
+CREATE TABLE `os` (
+  `OSID` int(11) NOT NULL auto_increment,
+  `OSName` varchar(20) NOT NULL default '',
+  PRIMARY KEY  (`OSID`),
+  UNIQUE KEY `OSName` (`OSName`)
+) TYPE=InnoDB;
+
+-- 
+-- Dumping data for table `os`
+-- 
+
+INSERT INTO `os` (`OSID`, `OSName`) VALUES (1, 'ALL');
+INSERT INTO `os` (`OSID`, `OSName`) VALUES (4, 'BSD');
+INSERT INTO `os` (`OSID`, `OSName`) VALUES (2, 'Linux');
+INSERT INTO `os` (`OSID`, `OSName`) VALUES (3, 'MacOSX');
+INSERT INTO `os` (`OSID`, `OSName`) VALUES (6, 'Solaris');
+INSERT INTO `os` (`OSID`, `OSName`) VALUES (5, 'Windows');
+
+-- --------------------------------------------------------
+
+-- 
+-- Table structure for table `previews`
+-- 
+
+CREATE TABLE `previews` (
+  `PreviewID` int(11) NOT NULL auto_increment,
+  `PreviewURI` varchar(200) NOT NULL default '',
+  `ID` int(5) NOT NULL default '0',
+  `caption` varchar(255) NOT NULL default '',
+  `preview` enum('YES','NO') NOT NULL default 'NO',
+  PRIMARY KEY  (`PreviewID`),
+  KEY `ID` (`ID`)
+) TYPE=InnoDB PACK_KEYS=0;
+
+-- --------------------------------------------------------
+
+-- 
+-- Table structure for table `reviews`
+-- 
+
+CREATE TABLE `reviews` (
+  `rID` int(11) NOT NULL auto_increment,
+  `ID` int(11) NOT NULL default '0',
+  `DateAdded` datetime NOT NULL default '0000-00-00 00:00:00',
+  `AuthorID` int(11) NOT NULL default '0',
+  `Title` varchar(60) NOT NULL default '',
+  `Body` text,
+  `ExtendedBody` text NOT NULL,
+  `pick` enum('YES','NO') NOT NULL default 'NO',
+  `featured` enum('YES','NO') NOT NULL default 'NO',
+  `featuredate` varchar(6) NOT NULL default '',
+  PRIMARY KEY  (`rID`),
+  UNIQUE KEY `ID` (`ID`),
+  KEY `AuthorID` (`AuthorID`)
+) TYPE=InnoDB PACK_KEYS=0;
+        
+
+-- --------------------------------------------------------
+
+-- 
+-- Table structure for table `userprofiles`
+-- 
+
+CREATE TABLE `userprofiles` (
+  `UserID` int(11) NOT NULL auto_increment,
+  `UserName` varchar(100) NOT NULL default '',
+  `UserEmail` varchar(100) NOT NULL default '',
+  `UserWebsite` varchar(100) default NULL,
+  `UserPass` varchar(200) NOT NULL default '',
+  `UserMode` enum('A','E','U','D') NOT NULL default 'U',
+  `UserTrusted` enum('TRUE','FALSE') NOT NULL default 'FALSE',
+  `UserEmailHide` tinyint(1) NOT NULL default '1',
+  `UserLastLogin` datetime NOT NULL default '0000-00-00 00:00:00',
+  `ConfirmationCode` varchar(32) default NULL,
+  PRIMARY KEY  (`UserID`),
+  UNIQUE KEY `UserEmail` (`UserEmail`)
+) TYPE=InnoDB PACK_KEYS=0;
+
+-- --------------------------------------------------------
+
+-- 
+-- Table structure for table `version`
+-- 
+
+CREATE TABLE `version` (
+  `vID` int(11) NOT NULL auto_increment,
+  `ID` int(11) NOT NULL default '0',
+  `Version` varchar(30) NOT NULL default '0',
+  `OSID` int(11) NOT NULL default '0',
+  `AppID` int(11) NOT NULL default '0',
+  `MinAppVer` varchar(10) NOT NULL default '',
+  `MinAppVer_int` varchar(10) NOT NULL default '',
+  `MaxAppVer` varchar(10) NOT NULL default '',
+  `MaxAppVer_int` varchar(10) NOT NULL default '',
+  `Size` int(11) NOT NULL default '0',
+  `DateAdded` datetime NOT NULL default '0000-00-00 00:00:00',
+  `DateUpdated` datetime NOT NULL default '0000-00-00 00:00:00',
+  `URI` varchar(255) NOT NULL default '',
+  `Notes` text,
+  `approved` enum('YES','NO','?','DISABLED') NOT NULL default '?',
+  PRIMARY KEY  (`vID`),
+  KEY `ID` (`ID`),
+  KEY `AppID` (`AppID`),
+  KEY `OSID` (`OSID`),
+  KEY `Version` (`Version`)
+) TYPE=InnoDB PACK_KEYS=0;
+
+-- 
+-- Constraints for dumped tables
+-- 
+
+-- 
+-- Constraints for table `authorxref`
+-- 
+ALTER TABLE `authorxref`
+  ADD CONSTRAINT `0_125` FOREIGN KEY (`ID`) REFERENCES `main` (`ID`) ON DELETE CASCADE ON UPDATE CASCADE,
+  ADD CONSTRAINT `0_126` FOREIGN KEY (`UserID`) REFERENCES `userprofiles` (`UserID`) ON DELETE CASCADE ON UPDATE CASCADE;
+
+-- 
+-- Constraints for table `categoryxref`
+-- 
+ALTER TABLE `categoryxref`
+  ADD CONSTRAINT `0_128` FOREIGN KEY (`ID`) REFERENCES `main` (`ID`) ON DELETE CASCADE ON UPDATE CASCADE,
+  ADD CONSTRAINT `0_129` FOREIGN KEY (`CategoryID`) REFERENCES `categories` (`CategoryID`) ON DELETE CASCADE ON UPDATE CASCADE;
+
+-- 
+-- Constraints for table `feedback`
+-- 
+ALTER TABLE `feedback`
+  ADD CONSTRAINT `0_131` FOREIGN KEY (`ID`) REFERENCES `main` (`ID`) ON DELETE CASCADE ON UPDATE CASCADE;
+
+-- 
+-- Constraints for table `previews`
+-- 
+ALTER TABLE `previews`
+  ADD CONSTRAINT `previews_ibfk_1` FOREIGN KEY (`ID`) REFERENCES `main` (`ID`) ON DELETE CASCADE ON UPDATE CASCADE;
+
+-- 
+-- Constraints for table `reviews`
+-- 
+ALTER TABLE `reviews`
+  ADD CONSTRAINT `0_135` FOREIGN KEY (`ID`) REFERENCES `main` (`ID`) ON DELETE CASCADE ON UPDATE CASCADE,
+  ADD CONSTRAINT `0_136` FOREIGN KEY (`AppID`) REFERENCES `applications` (`AppID`) ON DELETE CASCADE ON UPDATE CASCADE;
+
+-- 
+-- Constraints for table `version`
+-- 
+ALTER TABLE `version`
+  ADD CONSTRAINT `0_139` FOREIGN KEY (`ID`) REFERENCES `main` (`ID`) ON DELETE CASCADE ON UPDATE CASCADE,
+  ADD CONSTRAINT `version_ibfk_1` FOREIGN KEY (`AppID`) REFERENCES `applications` (`AppID`) ON UPDATE CASCADE;

mozilla/webtools/update/developers/additem.php

@@ -0,0 +1,869 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//   Mike Morgan <morgamic@gmail.com>
+//   Justin Scott <fligtar@gmail.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+require_once('../core/init.php');
+require_once('./core/sessionconfig.php');
+$function = $_GET['function'];
+$page_title = 'Mozilla Update :: Developer Control Panel :: Add Item';
+require_once(HEADER);
+require_once('./inc_sidebar.php');
+require_once('./parse_install_manifest.php');
+require_once('../core/inc_version_comparison.php');
+
+if (!$function or $function=="additem") {
+    if (!$_GET["type"]) {
+        $_GET["type"] = "E"; 
+    }
+    $typearray = array("E"=>"Extension","T"=>"Theme");
+    $typename = $typearray[$_GET["type"]];
+?>
+
+<h1>Add New <?php echo"$typename"; ?></h1>
+<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=2 ALIGN=CENTER STYLE="border: solid 0px #000000; width: 100%">
+<FORM NAME="additem" METHOD="POST" ACTION="?function=additem2" enctype="multipart/form-data">
+<INPUT NAME="type" TYPE="hidden" VALUE="<?php echo"$_GET[type]"; ?>">
+<TR><TD style="padding-left: 20px">
+Your <?php echo"$typename"?> File:<BR>
+<INPUT NAME="file" SIZE=40 TYPE="FILE"><BR>
+<BR>
+<INPUT NAME="button" TYPE="BUTTON" VALUE="Cancel" onclick="javascript:history.back()"> <INPUT NAME="submit" TYPE="SUBMIT" VALUE="Next &#187;"> 
+</TD></TR>
+</FORM>
+</TABLE>
+
+<?php
+} else if ($function=="additem2") {
+    $filename=check_filename($_FILES['file']['name']);
+    $filetype=$_FILES['file']['type'];
+    $filesize=$_FILES['file']['size'];
+    $uploadedfile=$_FILES['file']['tmp_name'];
+    $status=$_FILES['file']['error'];
+
+    //Convert File-Size to Kilobytes
+    $filesize = round($filesize/1024, 1);
+
+    //Status
+    // TODO: refactor this nonsense code to make some use of messages
+    // (and perhaps die early)
+
+    if ($status==0) {$statusresult="Success!";
+    } else if ($status==1) {$statusresult="Error: File Exceeds upload_max_filesize (PHP)";
+    } else if ($status==2) {$statusresult="Error: File Exceeds max_file_size (HTML)";
+    } else if ($status==3) {$statusresult="Error: File Incomplete, Partial File Received";
+    } else if ($status==4) {$statusresult="Error: No File Was Uploaded";
+    }
+
+    if ($status != 0) {
+        echo '<h2>Error</h2>';
+        echo "<p>There was an error uploading your file. ({$status})</p>";
+        echo "<p><b>{$statusresult}</b></p>";
+        echo '</div>';
+        require_once(FOOTER);
+        exit;
+    }
+
+    $manifest_exists = "FALSE";
+    $destination = REPO_PATH."/temp/$filename";
+
+    if (move_uploaded_file($uploadedfile, $destination)) {
+        $uploadedfile = $destination;
+        $chmod_result = chmod("$uploadedfile", 0644); //Make the file world readable. prevent nasty permissions issues.
+    }
+
+    $zip = @zip_open("$uploadedfile");
+
+    if ($zip) {
+
+        while ($zip_entry = zip_read($zip)) {
+            if (zip_entry_name($zip_entry)=="install.rdf") {
+                $manifest_exists = "TRUE";
+                // echo "Name:              " . zip_entry_name($zip_entry) . "\n";
+                // echo "Actual Filesize:    " . zip_entry_filesize($zip_entry) . "\n";
+                // echo "Compressed Size:    " . zip_entry_compressedsize($zip_entry) . "\n";
+                // echo "Compression Method: " . zip_entry_compressionmethod($zip_entry) . "\n";
+
+                if (zip_entry_open($zip, $zip_entry, "r")) {
+                    //    echo "File Contents:\n";
+                    $buf = zip_entry_read($zip_entry, zip_entry_filesize($zip_entry));
+                    // echo "$buf\n";
+
+                    zip_entry_close($zip_entry);
+                }
+                echo "\n";
+            }
+        }
+
+   zip_close($zip);
+   
+   }
+
+}
+if ($manifest_exists=='TRUE') {
+
+//------------------
+//  Construct $manifestdata[] array from install.rdf info.
+//-------------------
+$manifestdata = parse_install_manifest($buf);
+
+if(is_null($manifestdata)) {
+  echo"Errors were encountered during install.rdf parsing...<br>\n";
+  die("Aborting...");
+}
+
+//echo"<h1>Adding Extension... Checking file...</h1>\n";
+//echo"<pre>"; print_r($manifestdata); echo"</pre>\n";
+//Populate Form Variables from manifestdata.
+$id = $manifestdata["id"];
+$version = $manifestdata["version"];
+$homepage = $manifestdata["homepageURL"];
+
+// Do we have an updateURL?  If so, error out.
+if (isset($manifestdata['updateURL'])) {
+    echo '<h2>updateUrl not allowed</h2>';
+    echo '<p>Addons cannot have an external updateURL value.   Please remove this from your install.rdf and try again.</p>';
+    echo '</div>';
+    require_once(FOOTER);
+    exit;
+}
+
+if (isset($id) && !preg_match('/^(\{[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}\}|[a-z0-9-\._]*\@[a-z0-9-\._]+)$/i',$id)) {
+    echo '<h2>Invalid id</h2>';
+    echo '<p>Your id is invalid.  Please update your install.rdf and try again.  For more information on valid id\'s, please see <a href="http://developer.mozilla.org/en/docs/Install_Manifests#id">developer.mozilla.org\'s page on id\'s</a>.</p>';
+    echo '</div>';
+    require_once(FOOTER);
+    exit;
+}
+
+if (isset($version) && preg_match('/.*\s.*/',$version)) {
+    echo '<h2>Invalid extension version</h2>';
+    echo '<p>Your version is invalid.  Versions cannot contain a space.</p>';
+    echo '</div>';
+    require_once(FOOTER);
+    exit;
+}
+
+// $names, $descriptions are arrays keyed by locale
+$names = $manifestdata["name"];
+$descriptions = $manifestdata["description"];
+//TODO: support multiple locale names/descriptions
+// right now we just use en-US or the first one
+$name = trim(default_l10n($names));
+$description = default_l10n($descriptions);
+
+//Check GUID for validity/existance, if it exists, check the logged in author for permission
+$sql = "SELECT ID, GUID from `main` WHERE `GUID` = '".escape_string($manifestdata[id])."' LIMIT 1";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+  if (mysql_num_rows($sql_result)=="1") {
+//    echo"This is a updated extension... Checking author data...<br>\n";
+    $mode = "update";
+    $row = mysql_fetch_array($sql_result);
+    $item_id = $row["ID"];
+
+    $sql = "SELECT `UserID` from `authorxref` WHERE `ID`='{$item_id}' AND `UserID` = '{$_SESSION['uid']}' LIMIT 1";
+    $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+    if (mysql_num_rows($sql_result)=="1" or $_SESSION["level"]=="admin") {
+    } else {
+        echo '<h2>Permission Denied</h2>';
+        echo '<p>You do not have permissions to edit this add-on.</p>';
+        echo '</div>';
+        require_once(FOOTER);
+        exit;
+    }
+
+  } else {
+  $mode = "new";
+//  echo"This is a new extension...<br>\n";
+  }
+
+/**
+ * For each targetApplication, verify that the min/max app versions are
+ * correctly formatted.
+ * @TODO Rewrite this entire page one weekend instead of hacking on it.
+ * @TODO Fix references to non-existent variables and array indeces.
+ * @TODO Rethink how we're storing versions, and clean up new versions as they come in.
+ */
+
+// We need a marker to say whether or not we have a valid GUID at all.
+// We are looking for at least one valid Mozilla application.
+// If it has none, it will error out, as it is a conflict of interest.
+$oneValidGuidFound = false;
+
+$versioncheck = array();
+
+// For each of our specified targetApplications, we iterate to find a matching
+// result.  Once we find a matching result, we set the flag to true.  Once we
+// have to successful matches (one for maxVersion, one for minVersion), we break
+// the loop and move on.
+foreach ($manifestdata['targetApplication'] as $key=>$val) {
+    $esckey = escape_string($key);
+
+    // Query to attempt to grab valid application records.
+    $app_sql = "
+        SELECT 
+            `AppName`,
+            `Version`
+        FROM
+            `applications`
+        WHERE
+            `GUID`='$esckey' AND
+            `public_ver`='YES'
+        ORDER BY
+            `Version` DESC
+    ";
+
+    $app_sql_result = mysql_query($app_sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+
+    // If we have results, set our min/max versions to false by default so we can check them later.
+    if (mysql_num_rows($app_sql_result) == 0) {
+        continue;
+    } else {
+        // If we get here, we found at least one valid GUID.
+        // This doesn't mean, however, that the min/max verion values for that GUID are valid.
+        // This will still be tested.
+        $oneValidGuidFound = true;
+
+        $versioncheck[$key]['minVersion_valid'] = false;
+        $versioncheck[$key]['maxVersion_valid'] = false;
+
+        while ($row = mysql_fetch_array($app_sql_result, MYSQL_ASSOC)) {
+
+            // Set up our variables.
+            $appname = $row['AppName'];  // Name of the application.
+
+            // Build our app version string.
+            $appVersion = $row['Version'];
+
+            // If we have a match, set our valid minVersion flag to true.
+            if ($appVersion == $val['minVersion']) {
+                $versioncheck[$key]['minVersion_valid'] = true;
+            }
+
+            // If we have a match, set our valid maxVersion flag to true.
+            if ($appVersion == $val['maxVersion']) {
+                $versioncheck[$key]['maxVersion_valid'] = true; 
+            }
+
+            /**
+             * Use this to debug app versions.
+            echo '<pre>';
+            echo 'App: '.$appname."\n";
+            echo 'Release from DB: '.$row['Version']."\n";
+            echo 'Version we put together: '.$appVersion."\n";
+            echo 'MinVersion from RDF (match): '.$val['minVersion'].' ('.$versioncheck[$key]['minVersion_valid'].') '."\n";
+            echo 'MaxVersion from RDF (match): '.$val['maxVersion'].' ('.$versioncheck[$key]['maxVersion_valid'].') '."\n\n";
+            print_r($versioncheck);
+            echo "\n\n\n";
+            echo '</pre>';
+            */
+
+            // If we have valid matches for both max/minVersions, we don't need to
+            // keep checking.  Break this loop and continue to the next application.
+            if ($versioncheck[$key]['minVersion_valid'] == true && $versioncheck[$key]['maxVersion_valid'] == true) {
+                break;
+            }
+        }
+
+        // If we never found a valid minVersion, report the error.
+        if ($versioncheck[$key]['minVersion_valid'] == false) {
+            echo "Error! The MinAppVer for $appname of " . $val['minVersion'] . " in install.rdf is invalid.<br>\n";
+            $versioncheck['errors'] = true;
+        }
+
+        // If we never found a valid maxVersion, report the error.
+        if ($versioncheck[$key]['maxVersion_valid'] == false) {
+            echo "Error! The MaxAppVer for $appname of ". $val['maxVersion'] . " in install.rdf is invalid.<br>\n";
+            $versioncheck['errors'] = true;
+        }
+    }
+}
+
+// If they don't have at least one valid GUID, tell them that is not allowed.
+if ($oneValidGuidFound == false) {
+    echo "Sorry, your add-on must have at least one valid Mozilla application to use this site.<br>";
+    die('Aborting...');
+
+/**
+ * Even if we have a valid GUID, it still has to have valid min/max version values.
+ * If these don't exist, we need to error out and say why.
+ */
+} elseif (!empty($versioncheck['errors']) && $versioncheck['errors'] == true) {
+    echo "Errors were encountered during install.rdf checking...<br>\n";
+    echo "<p>How to fix this:</p>";
+    echo "<ul>";
+    echo "<li><a href=\"".WEB_PATH."/faq.php\">See the list of valid version numbers</a></li>";
+    echo "<li>minVersion (MinAppVer) values may only contain values 0-9 and '.' because they have to be an absolute version.  minVersions like 1.0+ or 1.5.0.* are not allowed.</li>";
+    echo "<li>Your version has not been found in the addons database but it should be.  See #amo@mozilla.org in IRC if you think this is in error.</li>";
+    echo "</ul>";
+    die('Aborting...');
+}
+
+$typearray = array("E"=>"Extension","T"=>"Theme");
+$type = escape_string($_POST["type"]);
+$typename = $typearray[$type];
+
+if ($mode=="update") {
+ $sql = "SELECT  `Name`, `Homepage`, `Description` FROM  `main` WHERE `ID` = '$item_id' LIMIT 1";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+   $row = mysql_fetch_array($sql_result);
+    if (!$name) { $name=$row["Name"]; }
+    $homepage = $row["Homepage"];
+    $description = $row["Description"];
+
+ $authors = ""; $i="";
+ $sql = "SELECT TU.UserEmail FROM  `authorxref` TAX INNER JOIN userprofiles TU ON TAX.UserID = TU.UserID WHERE `ID` = '$item_id'";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+   $numresults = mysql_num_rows($sql_result);
+   while ($row = mysql_fetch_array($sql_result)) {
+    $i++;
+    $email = $row["UserEmail"];
+   $authors .= "$email";
+   if ($i < $numresults) { $authors .=", "; }
+   }
+
+//Get Currently Set Categories for this Object...
+ $sql = "SELECT  TCX.CategoryID, TC.CatName FROM  `categoryxref`  TCX 
+INNER JOIN categories TC ON TCX.CategoryID = TC.CategoryID
+WHERE TCX.ID = '$item_id'
+ORDER  BY  `CatName`  ASC ";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+  while ($row = mysql_fetch_array($sql_result)) {
+   $n++;
+   $catid = $row["CategoryID"];
+   $categories[$n] = $catid;
+  }
+unset($n);
+}
+
+if (!$categories) {$categories = array(); }
+?>
+<h1>Add New <?php echo"$typename"; ?> &#187;&#187; Step 2:</h2>
+<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=2 ALIGN=CENTER STYLE="border: solid 0px #000000; width: 100%">
+<FORM NAME="addstep2" METHOD="POST" ACTION="?function=additem3">
+<INPUT NAME="mode" TYPE="HIDDEN" VALUE="<?php echo"$mode"; ?>">
+<?php if ($mode=="update") { ?>
+<INPUT NAME="item_id" TYPE="HIDDEN" VALUE="<?php echo"$item_id"; ?>">
+<?php } ?>
+<INPUT NAME="guid" TYPE="HIDDEN" VALUE="<?php echo"$id"; ?>">
+<INPUT NAME="type" TYPE="HIDDEN" VALUE="<?php echo"$type"; ?>">
+<TR><TD><SPAN class="global">Name*</SPAN></TD> <TD><INPUT NAME="name" TYPE="TEXT" VALUE="<?php echo"$name"; ?>" SIZE=45 MAXLENGTH=100></TD>
+
+<?php
+//Get the Category Table Data for the Select Box
+ $sql = "SELECT  `CategoryID`, `CatName` FROM  `categories` WHERE `CatType` = '$type' GROUP BY `Catname` ORDER  BY  `CatName` ASC";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+?>
+<TD ROWSPAN=8 VALIGN=TOP><SPAN class="global">Categories:</SPAN><BR>&nbsp;&nbsp;&nbsp;&nbsp;<SELECT NAME="categories[]" MULTIPLE="YES" SIZE="10">
+<?php
+  while ($row = mysql_fetch_array($sql_result)) {
+    $catid = $row["CategoryID"];
+    $catname = $row["CatName"];
+
+    echo"<OPTION value=\"$catname\"";
+    foreach ($categories as $validcat) {
+    if ($validcat==$catid) { echo" SELECTED"; }
+    }
+    echo">$catname</OPTION>\n";
+
+  }
+?>
+</SELECT></TD></TR>
+
+<?php
+if (!$authors) {$authors="$_SESSION[email]"; }
+?>
+<TR><TD><SPAN class="global">Author(s):*</SPAN></TD><TD><INPUT NAME="authors" TYPE="TEXT" VALUE="<?php echo"$authors"; ?>" SIZE=45></TD></TR>
+<?php
+if ($version) {
+    echo"<TR><TD><SPAN class=\"file\">Version:*</SPAN></TD><TD>$version<INPUT NAME=\"version\" TYPE=\"HIDDEN\" VALUE=\"$version\"></TD></TR>\n";
+} else {
+    echo"<TR><TD><SPAN class=\"file\">Version:*</SPAN></TD><TD><INPUT NAME=\"version\" TYPE=\"TEXT\" VALUE=\"$version\"></TD></TR>\n";
+}
+    echo"<TR><TD><SPAN class=\"file\">OS*</SPAN></TD><TD><SELECT NAME=\"osid\">";
+ $sql = "SELECT * FROM `os` ORDER BY `OSName` ASC";
+  $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+  while ($row = mysql_fetch_array($sql_result)) {
+  $osid = $row["OSID"];
+  $osname = $row["OSName"];
+   echo"<OPTION value=\"$osid\">$osname</OPTION>\n";
+  }
+    echo"</SELECT></TD></TR>\n";
+    echo"<TR><TD><SPAN class=\"file\">Filename:</SPAN></TD><TD>$filename ($filesize"."kb) <INPUT name=\"filename\" type=\"hidden\" value=\"$filename\"><INPUT name=\"filesize\" type=\"hidden\" value=\"$filesize\"></TD></TR>\n";
+
+echo"<TR><TD COLSPAN=2><SPAN class=\"file\">Target Application(s):</SPAN></TD></TR>\n";
+ $sql2 = "SELECT `AppName`,`GUID` FROM `applications` GROUP BY `AppName` ORDER BY `AppName` ASC";
+ $sql_result2 = mysql_query($sql2, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+  while ($row2 = mysql_fetch_array($sql_result2)) {
+   $appname = $row2["AppName"];
+   $guid = $row2["GUID"];
+   $minappver = $manifestdata["targetApplication"]["$guid"]["minVersion"];
+   $maxappver = $manifestdata["targetApplication"]["$guid"]["maxVersion"];
+    echo"<TR><TD></TD><TD>$appname ";
+
+if ($mode=="new" or $mode=="update") {
+ //Based on Extension Manifest (New Mode)
+    if (!empty($minappver) and !empty($maxappver)) {
+      echo"$minappver - $maxappver\n";
+      echo"<INPUT name=\"$appname-minappver\" TYPE=\"HIDDEN\" VALUE=\"$minappver\">\n";
+      echo"<INPUT name=\"$appname-maxappver\" TYPE=\"HIDDEN\" VALUE=\"$maxappver\">\n";
+    } else {
+      echo"N/A";
+    }
+}
+}
+?>
+
+<TR><TD><SPAN class="global">Homepage</SPAN></TD> <TD COLSPAN=2><INPUT NAME="homepage" TYPE="TEXT" VALUE="<?php echo"$homepage"; ?>" SIZE=60 MAXLENGTH=200></TD></TR>
+<TR><TD><SPAN class="global">Description*</SPAN></TD> <TD COLSPAN=2><TEXTAREA NAME="description" ROWS=3 COLS=55><?php echo"$description"; ?></TEXTAREA></TD></TR>
+<TR><TD><SPAN class="global">Version Notes:</SPAN></TD><TD COLSPAN=2><TEXTAREA NAME="notes" ROWS=4 COLS=55><?=$notes?></TEXTAREA></TD></TR>
+<TR><TD><SPAN class="global">Notes to Reviewers:</SPAN></TD><TD COLSPAN=2><TEXTAREA NAME="reviewnotes" ROWS=3 COLS=55><?=$reviewnotes?></TEXTAREA></TD></TR>
+<TR><TD COLSPAN="3" ALIGN="CENTER"><INPUT NAME="submit" TYPE="SUBMIT" VALUE="Next &#187;">&nbsp;&nbsp;<INPUT NAME="reset" TYPE="RESET" VALUE="Reset Form"></TD></TR>
+</FORM>
+
+
+</TABLE>
+
+<?php
+} else if ($function=="additem3") {
+
+// Set the ID, which will be used throughout this phase.
+$item_id = !empty($_POST['item_id']) && is_numeric($_POST['item_id']) ? escape_string($_POST['item_id']) : null;
+
+// If our item_id is passed at all, we are looking at an update, and need to do _some_ checking of the current user's permissions.
+if (!empty($item_id)) {
+
+    // Test to see if the currently logged in user is an author for this add-on, or is an admin.
+    $permissions_sql = "SELECT `UserID` from `authorxref` WHERE `ID`='{$item_id}' AND `UserID` = '{$_SESSION['uid']}' LIMIT 1";
+    $permissions_sql_result = mysql_query($permissions_sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+    if (mysql_num_rows($permissions_sql_result)<1 && $_SESSION['level']!='admin') {
+        echo '<h2>Permission Denied</h2>';
+        echo '<p>You do not have permissions to edit this add-on.</p>';
+        echo '</div>';
+        require_once(FOOTER);
+        exit;
+    }
+}
+
+
+//Verify that there's at least one min/max app value pair...
+ $sql = "SELECT `AppName`,`AppID` FROM `applications` GROUP BY `AppName` ORDER BY `AppName` ASC";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+  while ($row = mysql_fetch_array($sql_result)) {
+   $appname = $row["AppName"];
+   $appid = $row["AppID"];
+   if (!$minappver AND $_POST["$appname-minappver"]) {$minappver="true";}
+   if (!$maxappver AND  $_POST["$appname-maxappver"]) {$maxappver="true";}
+
+  }
+
+//Author List -- Autocomplete and Verify, if no valid authors, kill add.. otherwise, autocomplete/prompt
+  $authors = escape_string($_POST["authors"]);
+  $authors = explode(", ","$authors");
+foreach ($authors as $author) {
+if (strlen($author)<2) {continue;} //Kills all values that're too short.. 
+$a++;
+ $sql = "SELECT `UserID`,`UserEmail` FROM `userprofiles` WHERE `UserEmail` LIKE '$author%' ORDER BY `UserMode`, `UserName` ASC";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+ $numresults = mysql_num_rows($sql_result);
+   while ($row = mysql_fetch_array($sql_result)) {
+    $userid = $row["UserID"];
+    $useremail = $row["UserEmail"];
+  if ($numresults>1) {
+   //Too many e-mails match, store individual data for error block.
+    $r++;
+     $emailerrors[$a]["foundemails"][$r] = $useremail;
+  }
+ $authorids[] = $userid;
+ $authoremails[] = $useremail;
+ }
+ if ($numresults !="1") {
+  //No Valid Entry Found for this E-Mail or too many, kill and store data for error block.
+  $emailerrors[$a]["author"] = "$author";
+  $updateauthors = "false"; // Just takes one of these to kill the author update.
+  }
+}
+unset($a,$r);
+
+
+
+if ($_POST["name"] AND $_POST["type"] AND $_POST["authors"] AND $updateauthors !="false" AND $_POST["version"] AND $_POST["osid"] AND $_POST["filename"] AND $_POST["filesize"] AND $_POST["description"] AND $minappver AND $maxappver) {
+//All Needed Info is in the arrays, procceed with inserting...
+
+//Create DIV for Box around the output...
+ echo"<h1>Adding Item... Please Wait...</h1>\n";
+ echo"<DIV>\n";
+
+//Phase One, Main Data
+$name = escape_string($_POST["name"]);
+$homepage = escape_string($_POST["homepage"]);
+$description = escape_string($_POST["description"]);
+$guid = escape_string($_POST["guid"]);
+$type = escape_string($_POST["type"]);
+$osid = escape_string($_POST["osid"]);
+$version = escape_string($_POST["version"]);
+
+//Check to ensure tha the name isn't already taken, if it is, throw an error and halt.
+$sql = "SELECT `Name` from `main` WHERE `Name`='$name' and `GUID` != '$guid'";
+$sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+
+if (mysql_num_rows($sql_result)=="0") {
+
+    /**
+     * This should probably not be compared to $_POST -- someone could fake an update this way.
+     * @TODO do not realy on "mode" POST data.
+     */
+    if ($_POST["mode"]=="update") { 
+
+        /**
+         * We want to check to see if an identical version for this add-on exists.  If one does, we abort.
+         *
+         * Previously, we would overwrite existing versions which is bad practice and defeats
+         * the purpose of add-on versioning.
+         */
+        $versionCheckSql = "
+            SELECT
+                `vID`
+            FROM 
+                `version` v
+            INNER JOIN main m ON m.id = v.id
+            WHERE
+                v.Version='{$version}' AND
+                m.guid = '{$guid}' AND
+                v.OSID = '{$osid}' AND
+                v.ID = '{$item_id}'
+        ";
+
+        $versionCheckResult = mysql_query($versionCheckSql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+
+        /**
+         * If a version is found, abort the add-on upload and explain why it was aborted.
+         */
+        if (mysql_num_rows($versionCheckResult) > 0) {  
+            echo '<h2>Identical Add-on Version</h2>';
+            echo "<p><strong>Error:</strong> An identical version (".htmlentities($version).") already exists for this add-on and platform.</p>"; 
+            echo '</div>';
+            require_once(FOOTER);
+            exit;   
+        }
+
+        $sql = "UPDATE `main` SET `Name`='$name', `Homepage`='$homepage', `Description`='$description', `DateUpdated`=NOW(NULL) WHERE `ID`='$item_id' LIMIT 1";
+    } else {
+        $sql = "INSERT INTO `main` (`GUID`, `Name`, `Type`, `Homepage`,`Description`,`DateAdded`,`DateUpdated`) VALUES ('$guid', '$name', '$type', '$homepage', '$description', NOW(NULL), NOW(NULL));";
+    }
+
+    $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+    if ($sql_result) {
+        echo"Updating/Adding record for $name...<br>\n";
+    } else {
+        //Handle Error Case and Abort
+        $failure = "true";
+        echo"Failure to successfully add/update main record. Unrecoverable Error, aborting.<br>\n";
+        require_once(FOOTER);
+        exit;
+    }
+} else {
+    //Name wasn't unique, error time. :-)
+    //Handle Error Case and Abort
+    $failure = "true";
+    echo"<p><strong>Error!</strong> The Name for your extension or theme already exists in the Update database.  Please make sure that:</p>\n";
+    echo <<<OPTIONS
+    <ul>
+        <li>Your GUIDs match -- the most common cause for this error is mismatched GUIDs (please make sure you also have the {}).</li>
+        <li>You do not have a duplicate entry in the database.  If you do, you should update that entry, or delete it and try again.</li>
+    </ul>
+OPTIONS;
+    require_once(FOOTER);
+    exit;
+}
+
+
+
+
+//Get ID for inserted row... if we don't know it already
+if (!$_POST[item_id] and $_POST["mode"] !=="update") {
+$name = escape_string($_POST["name"]);
+$guid = escape_string($_POST["guid"]);
+
+ $sql = "SELECT `ID` FROM `main` WHERE `GUID`='$guid' AND `Name`='$name' LIMIT 1";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+  $row = mysql_fetch_array($sql_result);
+   $id = $row["ID"];
+  } else {
+   $id = escape_string($_POST["item_id"]);
+  }
+
+
+//Phase 2 -- Commit Updates to AuthorXref tables.. with the ID and UserID.
+if ($updateauthors != "false") {
+ //Remove Current Authors
+ $sql = "DELETE FROM `authorxref` WHERE `ID` = '$id'";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+
+ //Add New Authors based on $authorids
+ sort($authorids);
+  foreach ($authorids as $authorid) {
+   	$sql = "INSERT INTO `authorxref` (`ID`, `UserID`) VALUES ('$id', '$authorid');";
+    $result = mysql_query($sql) or trigger_error("<FONT COLOR=\"#FF0000\"><B>MySQL Error ".mysql_errno().": ".mysql_error()."</B></FONT>", E_USER_NOTICE);
+  }
+   if ($result) { echo"Authors added...<br>\n"; }
+} else {
+   echo"ERROR: Could not update Authors list, please fix the errors printed below and try again...<br>\n"; 
+}
+
+unset($authors); //Clear from Post.. 
+
+
+// Phase 3, categoryxref
+
+if (!$_POST["categories"]) {
+//No Categories defined, need to grab one to prevent errors...
+ $sql = "SELECT `CategoryID` FROM `categories` WHERE `CatType`='$type' AND `CatName`='Miscellaneous' LIMIT 1";
+   $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+   while ($row = mysql_fetch_array($sql_result)) {
+   $_POST["categories"] = array("$row[CategoryID]");
+  }
+
+}
+
+ //Delete Current Category Linkages...
+   $sql = "DELETE FROM `categoryxref` WHERE `ID` = '$id'";
+   $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+
+ //Add New Categories from $_POST["categories"]
+   foreach ($_POST["categories"] as $categoryname) {
+
+    $sql2 = "SELECT `CategoryID` FROM `categories` WHERE `CatType` = '$type' AND `CatName` = '$categoryname' ORDER BY `CategoryID` ASC";
+    $sql_result2 = mysql_query($sql2, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+    while ($row2 = mysql_fetch_array($sql_result2)) {
+        $categoryid = $row2["CategoryID"];
+
+   	    $sql = "INSERT INTO `categoryxref` (`ID`, `CategoryID`) VALUES ('$id', '$categoryid');";
+        $result = mysql_query($sql) or trigger_error("<FONT COLOR=\"#FF0000\"><B>MySQL Error ".mysql_errno().": ".mysql_error()."</B></FONT>", E_USER_NOTICE);
+    }
+
+  }
+   if ($result) {echo"Categories added...<br>\n"; }
+
+
+//Phase 4, version rows
+
+//Construct Internal App_Version Arrays
+$i=0;
+$sql = "SELECT `AppName`, `Version`, `shortname` FROM `applications` ORDER BY `AppName`, `Version` DESC";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+  while ($row = mysql_fetch_array($sql_result)) {
+    $i++;
+    $appname = $row["AppName"];
+    $app_shortname[strtolower($appname)] = $row["shortname"];
+  }
+
+ $sql2 = "SELECT `AppName`,`AppID` FROM `applications` GROUP BY `AppName` ORDER BY `AppName` ASC";
+ $sql_result2 = mysql_query($sql2, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+  while ($row2 = mysql_fetch_array($sql_result2)) {
+   $appname = $row2["AppName"];
+   $appid = $row2["AppID"];
+   $minappver = $_POST["$appname-minappver"];
+   $maxappver = $_POST["$appname-maxappver"];
+
+if ($minappver and $maxappver) {
+
+$filesize = escape_string($_POST["filesize"]);
+$uri = ""; //we don't have all the parts to set a uri, leave blank and fix when we do.
+$notes = escape_string($_POST["notes"]);
+$reviewnotes = escape_string($_POST["reviewnotes"]);
+
+//Construct the New Filename
+$filename = check_filename($_POST['filename']);
+$filesum = 'sha1:'.sha1_file(REPO_PATH.'/temp/'.$filename); // Right now we are limited to sha1.  Will move to another hash type in the future.
+$filename_array = explode(".",$filename);
+$filename_count = count($filename_array)-1;
+$fileext = $filename_array[$filename_count];
+
+$sql = "INSERT INTO `version` (`ID`, `Version`, `OSID`, `AppID`, `MinAppVer`, `MaxAppVer`, `Size`, `URI`, `Notes`, `ReviewNotes`, `DateAdded`, `DateUpdated`, `hash`) VALUES ('$id', '$version', '$osid', '$appid', '$minappver', '$maxappver', '$filesize', '$uri', '$notes', '$reviewnotes',  NOW(NULL), NOW(NULL), '{$filesum}');";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+ if ($sql_result) {echo"Added $name version $version for $appname<br>\n"; $apps_array[]=$app_shortname[strtolower($appname)];}
+
+$sql = "SELECT `vID` from `version` WHERE `id` = '$id' ORDER BY `vID` DESC LIMIT 1";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+  $row = mysql_fetch_array($sql_result);
+   $vid_array[] = $row["vID"];
+}
+}
+
+$sql = "SELECT `OSName` FROM `os` WHERE `OSID`='$osid' LIMIT 1";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+   $row = mysql_fetch_array($sql_result);
+   $osname = $row["OSName"];
+
+$itemname = preg_replace('/(^\.+|[^\w\-\.]+)/','_',$name); // if you modify this, update inc_approval.php as well
+$j=0; $app="";
+$app_count = count($apps_array);
+foreach ($apps_array as $app_val) {
+$j++;
+$apps .="$app_val";
+if ($j<$app_count) {$apps .="+"; }
+}
+$newfilename = "$itemname-$version-$apps";
+if (strtolower($osname) !=="all") {$newfilename .="-".strtolower($osname).""; }
+$newfilename .=".$fileext";
+$newfilename=check_filename(strtolower($newfilename));
+
+//Move temp XPI to home for approval queue items...
+$oldpath = REPO_PATH.'/temp/'.$filename;
+$newpath = REPO_PATH.'/approval/'.$newfilename;
+if (file_exists($oldpath)) { 
+  rename($oldpath,$newpath) or die("Can't save $newpath to disk");
+  echo"File $newfilename saved to disk...<br>\n";
+}
+$uri = str_replace(REPO_PATH.'/approval/','http://'.HOST_NAME.'/developers/approvalfile.php/',$newpath);
+//echo"$newfilename ($oldpath) ($newpath) ($uri)<br>\n";
+
+foreach ($vid_array as $vid) {
+  $sql = "UPDATE `version` SET `URI`='$uri' WHERE `vID`='$vid'";
+  $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+}
+
+//Approval Queue
+  //Check if the item belongs to the user, (special case for where admins are trusted, the trust only applies to their own work.)
+  $sql = "SELECT `UserID` from `authorxref` WHERE `ID`='$id' AND `UserID` = '$_SESSION[uid]' LIMIT 1";
+    $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+    if (mysql_num_rows($sql_result)=="1" AND $_SESSION["trusted"]=="TRUE") {
+    //User is trusted and the item they're modifying inheirits that trust.
+    include"inc_approval.php"; //Get the resuable process_approval() function.
+    $action = "Approval+";
+    $file = $uri;
+    $comments = "Auto-Approval for Trusted User";
+       $approval_result = process_approval($type, $file, "approve");
+
+    } else {
+    $action="Approval?";
+    $comments="";
+    }
+
+
+//Firstly, log the comments and action taken..
+$userid = $_SESSION["uid"];
+
+if (!$vid_array) { $vid_array = array(); }
+foreach ($vid_array as $vid) {
+$sql = "INSERT INTO `approvallog` (`ID`, `vID`, `UserID`, `action`, `date`, `comments`) VALUES ('$id', '$vid', '$userid', '$action', NOW(NULL), '$comments');";
+  $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+}
+
+
+echo"Process Complete...<br><br>\n";
+echo"$name version $version has been added to the Mozilla Update database";
+if ($_SESSION["trusted"]=="FALSE") { echo" and is awaiting review by an editor, you will be notified when an editor reviews it.";
+} else if ($_SESSION["trusted"]=="TRUE") {
+echo" and has been auto-approved. It should be up on the website within the next half-hour.";
+}
+echo"<br>\n";
+echo"To review or make changes to your submission, visit the <A HREF=\"itemoverview.php?id=$id\">Item Details page</A>...<br>\n";
+
+echo"<br><br>\n";
+echo"<A HREF=\"/developers/\">&#171;&#171; Back to Home</A>";
+echo"</div>\n";
+
+}
+
+
+//Author Error Handling/Display Block for Form Post...
+if ($emailerrors) {
+
+echo"
+<h1>Adding Item... Error Found while processing authors</h1>\n
+<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=2 ALIGN=CENTER STYLE=\"border: 0px; width: 100%\">
+<FORM NAME=\"addstep2b\" METHOD=\"POST\" ACTION=\"?function=additem3\">";
+
+foreach ($_POST as $key => $val) {
+if ($key=="authors" or $key=="submit") {continue; }
+if ($key=="categories") {
+foreach ($_POST["categories"] as $val) {
+echo"<INPUT name=\"categories[]\" type=\"hidden\" value=\"$val\">\n";
+}
+continue;
+}
+echo"<INPUT name=\"$key\" type=\"hidden\" value=\"$val\">\n";
+}
+
+
+echo"<TR><TD COLSPAN=2 STYLE=\"\">\n";
+echo"<DIV style=\"margin-left 2px; border: 1px dotted #CCC;\">";
+foreach ($emailerrors as $authorerror) {
+$author = $authorerror["author"];
+$count = count($authorerror["foundemails"]);
+
+if ($count=="0") {
+//Error for No Entry Found
+echo"<SPAN STYLE=\"color: #FF0000;\"><strong>Error! Entry '$author': No Matches Found.</strong></SPAN> Please check your entry and try again.<BR>\n";
+} else {
+//Error for Too Many Entries Found
+echo"<SPAN STYLE=\"color: #FF0000;\"><strong>Error! Entry '$author': Too Many Matches.</strong></SPAN> Please make your entry more specific.<BR>\n";
+}
+if ($count>0 AND $count<6) {
+echo"&nbsp;&nbsp;&nbsp;&nbsp;Possible Addresses found: ";
+foreach ($authorerror["foundemails"] as $foundemails) {
+$a++;
+echo"$foundemails";
+
+if ($a != $count) {echo", "; } else {echo"<br>\n";}
+}
+}
+
+}
+echo"</font></DIV></TD></TR>\n";
+$authors = $_POST["authors"];
+?>
+
+<TR><TD><SPAN class="global">Author(s):*</SPAN></TD><TD><INPUT NAME="authors" TYPE="TEXT" VALUE="<?php echo"$authors"; ?>" SIZE=70><INPUT NAME="submit" TYPE="SUBMIT" VALUE="Next &#187;"></TD></TR>
+</FORM></TABLE>
+<?php
+}
+
+
+} else {}
+?>
+
+
+<!-- close #mBody-->
+</div>
+
+<?php
+require_once(FOOTER);
+?>

mozilla/webtools/update/developers/appmanager.php

@@ -0,0 +1,241 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//   Mike Morgan <morgamic@gmail.com>
+//   Justin Scott <fligtar@gmail.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+require_once('../core/init.php');
+require_once('./core/sessionconfig.php');
+$function = $_GET['function'];
+$page_title = 'Mozilla Update :: Developer Control Panel :: Application Manager';
+require_once(HEADER);
+require_once('./inc_sidebar.php');
+
+if ($_SESSION["level"]!="admin") {
+    echo"<h1>Access Denied</h1>\n";
+    echo"You do not have access to the Application Manager";
+    require_once(FOOTER);
+    exit;
+}
+?>
+
+<?php
+if (!$function) {
+
+//Add Category to MySQL Table
+  if ($_POST["submit"]=="Add Application" or $_POST["submit"]=="Add Version") {
+     echo"<h2>Processing Add Request, please wait...</h2>\n";
+
+     $appname = escape_string($_POST["appname"]);
+     $guid = escape_string($_POST["guid"]);
+     $shortname = escape_string($_POST["shortname"]);
+     $version = escape_string($_POST["version"]);
+     $public_ver = escape_string($_POST["public_ver"]);
+
+     if (checkFormKey()) {
+       $sql = "INSERT INTO `applications` (`AppName`, `GUID`, `shortname`, `Version`, `public_ver`) VALUES ('$appname','$guid','$shortname','$version','$public_ver')";
+       $sql_result = mysql_query($sql, $connection) or trigger_error("<div class=\"error\">MySQL Error ".mysql_errno().": ".mysql_error()."</div>", E_USER_NOTICE);
+       if ($sql_result) {
+           echo"The application $appname $version has been successfully added.";
+       }
+     }
+}
+?>
+
+<h1>Manage Application List</h1>
+<SPAN style="font-size:8pt">&nbsp;&nbsp;&nbsp;&nbsp; Show Versions for: <?php $i=0;
+$sql = "SELECT `AppName` from `applications` GROUP BY `AppName` ORDER BY `AppName` ASC";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+   while ($row = mysql_fetch_array($sql_result)) {
+   $appname = $row["AppName"];
+   echo"<a href=\"?application=".strtolower($appname)."\">$appname</a> / ";
+   }
+   echo"<a href=\"?function=addnewapp\">Add New Application...</a>";
+?></span>
+
+<h2>Application Versions for <?php echo ucwords($application); ?></h2>
+<TABLE CELLPADDING=1 CELLSPACING=1 STYLE="border: 0px;">
+<TR>
+<tr>
+<th></th>
+<th style="width: 200px">Release</th>
+<th>Public Version?</th>
+</tr>
+
+<?php
+  $i=0;
+  $sql = "SELECT * FROM `applications` WHERE `AppName`='$application' ORDER BY `AppName` ASC, `Version` DESC";
+  $sql_result = mysql_query($sql, $connection) or trigger_error("<div class=\"error\">MySQL Error ".mysql_errno().": ".mysql_error()."</div>", E_USER_NOTICE);
+  while ($row = mysql_fetch_array($sql_result)) {
+      
+      echo"<tr>\n";
+      echo"<td>".++$i."</td>\n";
+      echo"<td>&nbsp;<a href=\"?function=editversion&appid=".$row["AppID"]."\">$row[AppName] $row[Version]</a></td>";
+      echo"<td>$row[public_ver]</td>";
+      echo"</tr>\n";
+
+  }
+
+?>
+</table>
+
+<h2>New Version of <?php echo ucwords($application); ?></h2>
+<form name="addapplication" method="post" action="?function=&action=addnewapp">
+<?writeFormKey();?>
+<?php
+  $sql = "SELECT `AppName`, `GUID`, `shortname` FROM `applications` WHERE `AppName`='$application' LIMIT 1";
+  $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+  $row = mysql_fetch_array($sql_result);
+  $application = $row["AppName"];
+  $guid = $row["GUID"];
+  $shortname = $row["shortname"];
+?>
+<input name="appname" type="hidden" value="<?php echo ucwords($application); ?>">
+<input name="guid" type="hidden" value="<?php echo"$guid"; ?>">
+<input name="shortname" type="hidden" value="<?php echo"$shortname"; ?>">
+
+Version (e.g. 1.0PR): <input name="version" size=8 maxlength=15 title="User Friendly Version (Ex. 1.0PR instead of 0.10)"><BR>
+
+<br><br>
+Public Version: Yes: <input name="public_ver" type="radio" value="YES" checked> No: <input name="public_ver" type="radio" value="NO"><br>
+
+<input name="submit" type="submit" value="Add Version">&nbsp;<input name="reset" type="reset" value="Reset Form">
+</form>
+
+<?php
+} else if ($function=="editversion") {
+
+  $appid = escape_string($_GET["appid"]);
+  //Post Functions
+  if ($_POST["submit"] == "Update") {
+
+     $appname = escape_string($_POST["AppName"]);
+     $version = escape_string($_POST["version"]);
+     $appid= escape_string($_POST["appid"]);
+     $public_ver = escape_string($_POST['public_ver']);
+
+    if (checkFormKey()) {
+      echo"<h2>Processing update request, please wait...</h2>\n";
+
+      $sql = "UPDATE `applications` SET `AppName`='$appname', `Version`='$version', `public_ver`='$public_ver' WHERE `appid`='$appid'";
+      $sql_result = mysql_query($sql, $connection) or trigger_error("<div class=\"error\">MySQL Error ".mysql_errno().": ".mysql_error()."</div>", E_USER_NOTICE);
+      if ($sql_result) {
+          echo"Your update to $appname $version has been successful.<br>";
+      }
+    }
+  } else if ($_POST["submit"] == "Delete Version") {
+     $appid= escape_string($_POST["appid"]);
+     $appname = escape_string($_POST["AppName"]);
+     $version = escape_string($_POST["version"]);
+    echo"<h2>Processing delete request, please wait...</h2>\n";
+    $sql = "DELETE FROM `applications` WHERE `appid`='$appid'";
+    $sql_result = mysql_query($sql, $connection) or trigger_error("<div class=\"error\">MySQL Error ".mysql_errno().": ".mysql_error()."</div>", E_USER_NOTICE);
+    if ($sql_result) {
+        echo"You've successfully deleted the application '$appname $version'<br>";
+        require_once(FOOTER);
+        exit;
+    }
+}
+
+if (!$appid) { $appid = escape_string($_POST["appid"]); }
+// Show Edit Form
+  $sql = "SELECT * FROM `applications` WHERE `appid` = '$appid' LIMIT 1";
+  $sql_result = mysql_query($sql, $connection) or trigger_error("<div class=\"error\">MySQL Error ".mysql_errno().": ".mysql_error()."</div>", E_USER_NOTICE);
+
+  $row = mysql_fetch_array($sql_result);
+?>
+
+
+<h3>Edit Application:</h3>
+<form name="editcategory" method="post" action="?function=editversion">
+<?writeFormKey();?>
+<?php
+  echo"Name:  <input name=\"AppName\" type=\"text\" size=\"30\" maxlength=\"30\" value=\"".$row["AppName"]."\"><br>\n";
+  echo"Version: <input name=\"version\" type=\"text\" size=\"10\" maxlength=\"15\" value=\"$row[Version]\" title=\"User Friendly Version (Ex. 1.0PR instead of 0.10)\"><br>\n";
+
+?>
+<div style="margin-top: 10px; font-size: 8pt">Should this version be exposed to end-users of the website, or just allowed for extension authors' install.rdf files? In general only release milestones should be exposed.</DIV>
+<?php
+$public_ver = $row["public_ver"];
+ echo"Public Version: ";
+ if ($public_ver=="YES") {
+   echo"Yes: <input name=\"public_ver\" type=\"radio\" value=\"YES\" checked> No: <input name=\"public_ver\" type=\"radio\" value=\"NO\">\n";
+   } else if ($public_ver=="NO" || empty($public_ver)) {
+   echo"Yes: <input name=\"public_ver\" type=\"radio\" value=\"YES\"> No: <input name=\"public_ver\" type=\"radio\" value=\"NO\" checked>\n";
+   }
+
+
+  echo"<input name=\"appid\" type=\"hidden\" value=\"".$row["AppID"]."\">\n";
+?>
+<BR><BR>
+<input name="submit" type="submit" value="Update">
+<input name="reset"  type="reset"  value="Reset Form">
+<input name="submit" type="submit" value="Delete Version" onclick="return confirm('Are you sure you want to delete <?php echo"$row[AppName] $row[Version]"; ?>?');">
+</form>
+<BR><BR>
+<A HREF="?function=">&#171;&#171; Return to Application Manager</A>
+</div>
+
+<?php
+} else if ($function=="addnewapp") {
+?>
+
+<h1>Add New Application</h1>
+<form name="addapplication" method="post" action="?function=&action=addnewapp">
+<?writeFormKey();?>
+Application Name: <input name="appname" type="text" title="Name of Application (e.g. Firefox)"><BR>
+GUID of App: <input name="guid" type="text" size=35 title="Application Identifier"><BR>
+Shortname: <input name="shortname" type="text" size="5" maxlength=2 title="two char abbrieviation of appname. (Eg fx for Firefox, or tb for Thunderbird)"><BR>
+<BR>
+Version (e.g. 1.0PR): <input name="version" size=8 maxlength=15 title="User Friendly Version (Ex. 1.0PR instead of 0.10)"><BR>
+
+<BR>
+<input name="public_ver" type="hidden" value="YES">
+<BR>
+<input name="submit" type="submit" value="Add Application">&nbsp;<input name="reset" type="reset" value="Reset Form">
+</form>
+<?php
+} 
+?>
+
+
+<!-- close #mBody-->
+</div>
+
+<?php
+require_once(FOOTER);
+?>

mozilla/webtools/update/developers/approval.js

@@ -0,0 +1,60 @@
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Justin "Huggybear" Scott.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Justin "Huggybear" Scott <fligtar@gmail.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+// Check all the checkboxes for the specified item
+
+function checkAll(id) {
+    document.getElementById('installation_'+id).checked = true;
+    document.getElementById('uninstallation_'+id).checked = true;
+    document.getElementById('appworks_'+id).checked = true;
+    document.getElementById('cleanprofile_'+id).checked = true;
+    if(document.getElementById('newchrome_'+id))
+        document.getElementById('newchrome_'+id).checked = true;
+    if(document.getElementById('worksasdescribed_'+id))
+        document.getElementById('worksasdescribed_'+id).checked = true;
+    if(document.getElementById('visualerrors_'+id))
+        document.getElementById('visualerrors_'+id).checked = true;
+    if(document.getElementById('allelementsthemed_'+id))
+        document.getElementById('allelementsthemed_'+id).checked = true;
+
+    document.getElementById('checkall_'+id).style.display = 'none';
+}
+
+// Show the form for the specified item
+function showForm(id) {
+    document.getElementById('form_'+id).style.display = '';
+    document.getElementById('showform_'+id).style.display = 'none';
+}

mozilla/webtools/update/developers/approval.php

@@ -0,0 +1,560 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//   Mike Morgan <morgamic@gmail.com>
+//   Justin Scott <fligtar@gmail.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+require_once('../core/init.php');
+require_once('./core/sessionconfig.php');
+$function = $_GET['function'];
+$page_title = 'Mozilla Update :: Developer Control Panel :: Manage Approval Queue';
+require_once(HEADER);
+$skipqueue='true';
+require_once('./inc_sidebar.php');
+require_once('../core/inc_version_comparison.php');
+
+if ($_SESSION["level"]=="admin" or $_SESSION["level"]=="editor") {
+    //Do Nothing, they're good. :-)
+} else {
+    echo"<h1>Access Denied</h1>\n";
+    echo"You do not have access to the Approval Queue.";
+    require_once(FOOTER);
+    exit;
+}
+
+if (!$function || $function == "approvalqueue") {
+//Overview page for admins/editors to see all the waiting approval queue items...
+
+  if ($_POST["submit"] == "Submit") {
+    include "inc_approval.php"; //Get the resuable process_approval() function.
+
+    echo "<h2>Processing changes to approval queue, please wait...</h2>\n";
+    //echo"<pre>"; print_r($_POST); echo"</pre>\n";
+
+    for ($i = 1; $_POST["maxvid"] >= $i; $i++) {
+      $type = escape_string($_POST["type_$i"]);
+      $comments = escape_string($_POST["comments_$i"]);
+      $approval = escape_string($_POST["approval_$i"]);
+      $file = escape_string($_POST["file_$i"]);
+      $testos = escape_string($_POST["testos_$i"]);
+      $testbuild = escape_string($_POST["testbuild_$i"]);
+
+      $installation = $_POST["installation_$i"] ? escape_string($_POST["installation_$i"]) : "NO";
+      $uninstallation = $_POST["uninstallation_$i"] ? escape_string($_POST["uninstallation_$i"]) : "NO";
+      $appworks = $_POST["appworks_$i"] ? escape_string($_POST["appworks_$i"]) : "NO";
+      $cleanprofile = $_POST["cleanprofile_$i"] ? escape_string($_POST["cleanprofile_$i"]) : "NO";
+
+      if ($type == "E") {
+        $newchrome = $_POST["newchrome_$i"] ? escape_string($_POST["newchrome_$i"]) : "NO";
+        $worksasdescribed = $_POST["worksasdescribed_$i"] ? escape_string($_POST["worksasdescribed_$i"]) : "NO";
+      } elseif ($type == "T") {
+        $visualerrors = $_POST["visualerrors_$i"] ? escape_string($_POST["visualerrors_$i"]) : "NO";
+        $allelementsthemed = $_POST["allelementsthemed_$i"] ? escape_string($_POST["allelementsthemed_$i"]) : "NO";
+      }
+
+      if ($approval == "YES" || $approval == "NO") {
+        $name = escape_string($_POST["name_$i"]);
+        $version = escape_string($_POST["version_$i"]);
+        if ($type == "T") {
+          if ($approval == "YES") {
+            if ($installation == "YES" && $uninstallation == "YES" && $appworks == "YES" && $cleanprofile == "YES" && $visualerrors == "YES" && $allelementsthemed == "YES" && $testos && $testbuild) {
+              $approval_result = process_approval($type, $file, "approve");
+            } else {
+              echo "Error: Approval of $name $version cannot be processed because of missing data. Fill in the required fields and try again.<br>\n";
+            }
+          } elseif ($comments) {
+            $approval_result = process_approval($type, $file, "deny");
+          } else {
+            echo"Error: Denial of $name $version cannot be processed because of missing data. Fill in the required fields and try again.<br>\n";
+          }
+        } else if ($type == "E") {
+          if ($approval == "YES") {
+            if ($installation == "YES" && $uninstallation == "YES" && $appworks == "YES" && $cleanprofile == "YES" && $newchrome == "YES" && $worksasdescribed == "YES" && $testos && $testbuild) {
+              $approval_result = process_approval($type, $file, "approve");
+            } else {
+              echo "Error: Approval of $name $version cannot be processed because of missing data. Fill in the required fields and try again.<br>\n";
+            }
+          } elseif ($comments) {
+            $approval_result = process_approval($type, $file, "deny");    
+          } else {
+            echo"Error: Denial of $name $version cannot be processed because of missing data. Fill in the required fields and try again.<br>\n";
+          }
+        }
+      }
+
+      //Approval for this file was successful, print the output message.
+      if ($approval_result) {
+        if ($approval == "YES") {
+          echo "$name $version was granted approval<br>\n";
+        } elseif ($approval == "NO") {
+          echo "$name $version was denied approval<br>\n";
+        }    
+      }
+    }  
+  }
+
+?>
+
+<h1>Extensions/Themes Awaiting Approval</h1>
+<div style="margin-left: 20px; font-size: 8pt;">
+    <a href="?function=approvalhistory">Approval Log History</a>
+    <?=($_SESSION["level"] == "admin") ? " | <a href=\"responsemanager.php\">Canned Response Manager</a>" : ""?>
+</div>
+<form name="approvalqueue" method="post" action="?">
+<?php
+// Get canned responses available for all addons
+$sql = "SELECT `CannedAction`, `CannedName`, `CannedResponse` FROM `canned_responses` ORDER BY `CannedAction`, `CannedName`";
+$sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+while($row = mysql_fetch_array($sql_result)) {
+     $cannedResponses[] = $row;
+}
+
+$i = 0;
+// Get main info about extensions pending approval
+$sql = "SELECT TM.ID, `Type`, `vID`, `Name`, `Description`, `ReviewNotes`, `Homepage`, TV.Version, `OSName`, `URI` FROM `main` TM
+INNER JOIN `version` TV ON TM.ID = TV.ID
+INNER JOIN `os` TOS ON TV.OSID=TOS.OSID
+WHERE `approved` = '?' GROUP BY TV.URI ORDER BY TV.DateUpdated ASC";
+$sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+$num_results = mysql_num_rows($sql_result);
+while ($row = mysql_fetch_array($sql_result)) {
+    $i++;
+    $id = $row["ID"];
+    $type = $row["Type"];
+    $uri = $row["URI"];
+    $approvalFileName = basename($uri);
+    $reviewnotes = $row["ReviewNotes"];
+    
+    // Get author information
+    $authors = ""; $j = ""; $authorWebsites = "";
+    $authid = array();
+    $sql2 = "SELECT `UserName`, `UserWebsite`, TAX.`UserID` from `authorxref` TAX INNER JOIN `userprofiles` TU ON TAX.UserID = TU.UserID WHERE TAX.ID='$row[ID]' ORDER BY `UserName` ASC";
+    $sql_result2 = mysql_query($sql2, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+    $num_results2 = mysql_num_rows($sql_result2);
+    while ($row2 = mysql_fetch_array($sql_result2)) {
+        $j++;
+        $authid[] = $row2["UserID"];
+        $authors .= $row2["UserName"];
+        if ($num_results2 > $j) { $authors .= ", "; }
+        if($row2["UserWebsite"] != "") {
+            $authorWebsite = $row2["UserWebsite"];
+            if(strpos($authorWebsite, "://") === false) { $authorWebsite = "http://".$authorWebsite; }
+            if($num_results2 == 1) {
+                $authorWebsites = " | <a href=\"$authorWebsite\">Author Homepage</a>";
+            } else {
+                $authorWebsites .= " | <a href=\"$authorWebsite\">".$row2["UserName"]." Homepage</a>";
+            }
+        }
+    }
+
+    // Get category information
+    $categories = ""; $j = "";
+    $sql2 = "SELECT `CatName` from `categoryxref` TCX INNER JOIN `categories` TC ON TCX.CategoryID = TC.CategoryID WHERE TCX.ID='$row[ID]' GROUP BY `CatName` ORDER BY `CatName` ASC";
+    $sql_result2 = mysql_query($sql2, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+    if (mysql_num_rows($sql_result2) == 1) {$categories = "<strong>Category:</strong> "; } else { $categories = "<strong>Categories:</strong> "; }
+    while ($row2 = mysql_fetch_array($sql_result2)) {
+        $j++;
+        $categories .= $row2["CatName"];
+        if (mysql_num_rows($sql_result2) > $j) { $categories .= ", "; } 
+    }
+
+    // Get preview information
+    $sql2 = "SELECT `PreviewID` FROM `previews` WHERE `ID`='$id' AND `preview`='YES' LIMIT 1";
+    $sql_result2 = mysql_query($sql2, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+    if (mysql_num_rows($sql_result2) == 1) {
+        $listpreview = " | <a href=\"previews.php?id=$id\">View Previews</a>";
+    } else {
+        $listpreview = " | <span class=\"tooltip\" title=\"Previews are REQUIRED for Themes and recommended for Extensions\">No Previews</span>";
+    }
+
+    // Get requester information
+    $sql2 = "SELECT `UserName`,`UserEmail`,`date` FROM `approvallog` TA INNER JOIN `userprofiles` TU ON TA.UserID = TU.UserID WHERE `ID`='$row[ID]' AND `vID`='$row[vID]' and `action`='Approval?' ORDER BY `date` DESC LIMIT 1";
+    $sql_result2 = mysql_query($sql2, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+    $row2 = mysql_fetch_array($sql_result2);
+    if ($row2["date"]) { $date = $row2["date"]; } else { $date = $row["DateUpdated"]; } 
+    $date = date("l, F d, Y, g:i:sa", strtotime($date));
+
+    // Previous versions?
+    $sql3 = "SELECT `ID` FROM `version` WHERE `ID`='{$id}' AND `URI`!='" . escape_string($row['URI']) . "'";
+    $sql_result3 = mysql_query($sql3, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+    if(mysql_num_rows($sql_result3) > 0) {
+        $updatingAddon = true;
+    } else {
+        $updatingAddon = false;
+    }
+
+    //Updates that give previously non-existant Firefox 2 compatability should be high priority
+    $latestversionQry = mysql_query("SELECT * FROM `version` WHERE `ID`='{$id}' AND `AppID`='1' AND `approved`='YES' AND `MaxAppVer`!='' ORDER BY `DateAdded` DESC LIMIT 1");
+    $latestversion = mysql_fetch_array($latestversionQry);
+ 
+    if (mysql_num_rows($latestversionQry) > 0 && NS_CompareVersions($latestversion['MaxAppVer'], '2.0.0.*') == -1 && $updatingAddon == true) {
+        $priority = 'HIGH (Firefox 2 Compatibility)';
+    }
+    else {
+        $priority = '';
+    }
+
+    //Featured add-ons also get high priority
+    $featured = mysql_query("SELECT `rID` FROM `reviews` WHERE `ID`='{$id}' AND `featured`='YES'");
+    if (mysql_num_rows($featured) > 0) {
+        $priority = 'HIGH (Featured Add-on)';
+    }
+
+    // Start of extension listing  
+    echo "<TABLE BORDER=0 CELLPADDING=1 CELLSPACING=0 ALIGN=CENTER STYLE=\"border: 0px; width: 100%;\">\n";
+
+    echo "<TR><TD><h2><a href=\"../addon.php?id=$id\">$row[Name] $row[Version]</a> by $authors&nbsp;\n";
+
+    // Icons
+    echo "&nbsp;&nbsp;";
+    if($type == "E") {
+        echo "<img src=\"../images/icons/extension.png\" title=\"This is an Extension\" style=\"vertical-align: middle;\">\n";
+    } elseif($type == "T") {
+        echo "<img src=\"../images/icons/theme.png\" title=\"This is a Theme\" style=\"vertical-align: middle;\">\n";
+    }
+
+    if($updatingAddon == true) {
+        echo "<img src=\"../images/icons/update.png\" title=\"This is an update for an existing add-on\" style=\"vertical-align: middle;\">\n";
+    } else {
+        echo "<img src=\"../images/icons/new.png\" title=\"This is a new add-on\" style=\"vertical-align: middle;\">\n";
+    }
+
+    // Get OS information
+    $sql3 = "SELECT `AppName`, `shortname`, `MinAppVer`, `MaxAppVer` FROM `version` TV INNER JOIN `applications` TA ON TV.AppID = TA.AppID WHERE `URI`='" . escape_string($row['URI']) . "' ORDER BY `AppName` ASC";
+    $sql_result3 = mysql_query($sql3, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+
+    // Array of applications this item is associated with.
+    $apps = array(); $compatability = ""; $j = 0;
+
+    while ($row3 = mysql_fetch_array($sql_result3)) {
+        // Built compatability string with version numbers for use later
+        $appstring = "<span class=\"tooltip\" title=\"{$row3['AppName']}\">".ucwords(strtolower($row3['shortname']))."</span> {$row3['MinAppVer']}-{$row3['MaxAppVer']} \n";
+
+        // Output application's icon
+        if(strpos($compatability, $row3["AppName"]) === false) {
+            echo "<img src=\"../images/icons/".strtolower($row3["AppName"]).".png\" title=\"This add-on works with ".$row3["AppName"]."\" style=\"vertical-align: middle;\">\n";
+        }
+
+        // Throw application compatibility into array.
+        $apps[$j]["display"] = $appstring;
+        $apps[$j]["value"] = $row3["AppName"]." ".$row3["MinAppVer"]."-".$row3["MaxAppVer"];
+        $compatability .= $appstring;
+
+        //If this update does not include Firefox 2 compatability, it cannot be high priority
+        if ($row3['AppName'] == 'Firefox' && NS_CompareVersions($row3['MaxAppVer'], '2.0.0.*') == 1) {
+            $priority = '';
+        }
+
+        $j++;
+    }
+
+    echo "</h2></TD><TR>\n";
+
+
+    // Links TR
+    echo "<TR><TD>";
+    echo "<span style=\"font-size: 8pt;\">";
+
+     // Escape each instance of name/uri for javascript.
+    if ($type == "T") {
+        // Show Themes install link.
+        echo "<a href=\"javascript:void(InstallTrigger.installChrome(InstallTrigger.SKIN,'./approvalfile.php/".addslashes($approvalFileName)."','".addslashes($row['Name']." ".$row['Version'])."'))\">Install Now</a>\n";
+    } else {
+        // Show extensions install link.
+        echo "<a href=\"javascript:void(InstallTrigger.install({'".addslashes($row['Name'].$row['Version'])."':'./approvalfile.php/".addslashes($approvalFileName)."'}))\">Install Now</a>\n";
+    }
+
+    // Show a download now link.
+    echo " | <a href=\"./approvalfile.php/".$approvalFileName."\">Download Now</a>";
+
+    // Show previews link
+    echo $listpreview;
+
+    // Only admins can edit versions
+    if($_SESSION["level"] == "admin") {
+        echo " | <a href=\"listmanager.php?function=editversion&id=$id&vid={$row[vID]}\">Edit Version</a>";
+    }
+
+    // Show these links only if the addon has other versions
+    if($updatingAddon == true) {
+        echo " | <a href=\"itemhistory.php?id=$id\">Item History</a>";
+    }
+    echo "<br>\n";
+    if($updatingAddon == true) {
+        echo "<a href=\"../addon.php?id=$id\">Item Overview</a> | ";
+    }
+
+    if($row["Homepage"] != "") {
+        echo "<a href=\"".$row["Homepage"]."\">Item Homepage</a>";
+    }
+    echo $authorWebsites;
+
+    echo "</span>\n";
+    echo "</TD></TR>\n";
+
+    echo "<TR><TD style=\"font-size: 8pt;\"><strong>Works with:</strong> $compatability";
+
+    if($row["OSName"] != "ALL") { echo " (<strong>".$row["OSName"]."</strong>)"; }
+  
+    echo "</TD></TR>";
+
+    echo "<TR><TD style=\"font-size: 8pt;\">".nl2br($row[Description])."</TD></TR>\n";
+
+    echo "<TR><TD style=\"font-size: 8pt;\">$categories</TD></TR>\n";
+
+    echo "<TR>";
+    if ($row2[UserName]) {
+        echo "<TD COLSPAN=2 style=\"font-size: 8pt;\"><strong>Requested by:</strong> <a href=\"mailto:$row2[UserEmail]\">$row2[UserName]</a> on $date</TD>";
+    } else {
+        echo "<TD COLSPAN=2></TD>";
+    }
+    echo "</TR>\n";
+  
+    if($reviewnotes != "") {
+        echo "<TR><TD COLSPAN=2 style=\"font-size: 8pt;\"><strong>Notes to Reviewer:</strong> ".nl2br($reviewnotes)."</TD></TR>\n";
+    }
+
+    if (!empty($priority)) {
+        echo "<TR><TD COLSPAN=2 style=\"font-size: 8pt; font-weight: bold;\">Priority: <span style=\"color: red;\">{$priority}</span></TD></TR>";
+    }
+
+    // Author cannot approve their own work unless they are an admin
+    if (!in_array($_SESSION['uid'], $authid) || $_SESSION["level"] == "admin") {
+
+        // Approval Form for this item
+        echo "<TR id=\"showform_$i\"><TD><a href=\"javascript:void(0);\" onClick=\"showForm('$i');\">Show Approval Form &raquo;</a></TD></TR>";
+        echo "</TABLE>";
+
+        echo "<TABLE BORDER=0 CELLPADDING=1 CELLSPACING=0 id=\"form_$i\" ALIGN=CENTER STYLE=\"display: none; border: 1px solid #CCC; width: 100%;\">";
+
+        echo "<TR BGCOLOR=\"#DDDDFF\"><TD WIDTH=\"75%\" style=\"border-bottom: 1px solid #CCC;\">Add-on Review Information:</TD><TD style=\"border-bottom: 1px solid #CCC; text-align: right; font-size: 8pt;\"><a href=\"#submitjump\">Jump to Submit</a></TD></TR>\n";
+
+        echo "<input name=\"type_$i\" type=\"hidden\" value=\"$type\">\n";
+        echo "<input name=\"file_$i\" type=\"hidden\" value=\"$uri\">\n";
+        echo "<input name=\"name_$i\" type=\"hidden\" value=\"{$row['Name']}\">\n";
+        echo "<input name=\"version_$i\" type=\"hidden\" value=\"{$row['Version']}\">\n";
+
+        // Action
+        echo "<TR><TD COLSPAN=4 style=\"font-size: 8pt\"><strong>Action:</strong> \n";
+        echo "<input name=\"approval_$i\" type=\"radio\" value=\"YES\">Approve&nbsp;&nbsp;";
+        echo "<input name=\"approval_$i\" type=\"radio\" value=\"NO\">Deny&nbsp;&nbsp;";
+        echo "<input name=\"approval_$i\" type=\"radio\" checked=\"checked\" VALUE=\"noaction\">No Action\n";
+        echo "</TD></TR>\n";
+
+        // Comments
+        echo "<TR><TD COLSPAN=2 style=\"font-size: 8pt;\">";
+        echo "<strong>Comments:</strong> <textarea name=\"comments_$i\" id=\"comments_$i\" rows=3 cols=50 style=\"vertical-align: top;\"></textarea>"; 
+        echo "</TD></TR>\n";
+
+        echo "<TR><TD COLSPAN=2 style=\"font-size: 8pt;\">";
+        echo "or select a canned response: ";
+        echo "<select onchange=\"document.getElementById('comments_$i').value=this.value;\">";
+        echo "<option value=\"\"></option>";
+        for($j = 0; $j < count($cannedResponses); $j++) {
+            echo "<option value=\"".$cannedResponses[$j]["CannedResponse"]."\">[".(($cannedResponses[$j]["CannedAction"] == "+") ? "APPROVE" : "DENY")."] ".$cannedResponses[$j]["CannedName"]."</option>";
+        }
+        echo "</select>";
+        echo "</TD></TR>";
+
+        echo "<TR><TD COLSPAN=2 style=\"font-size: 8pt;\">";
+        echo "<strong>Add-on Testing: </strong>&nbsp;&nbsp;<a href=\"javascript:void(0);\" id=\"checkall_$i\" onClick=\"checkAll('$i');\">Check All</a>";
+        echo "</TD></TR>";
+
+        echo "<TR><TD COLSPAN=2 style=\"font-size: 8pt\">\n";
+        echo "<label for=\"installation_$i\"><input name=\"installation_$i\" id=\"installation_$i\" type=\"checkbox\" value=\"YES\" style=\"vertical-align: middle;\"><span class=\"tooltip\" TITLE=\"Installs OK?\">Install?</span></label>\n";
+        echo "<label for=\"uninstallation_$i\"><input name=\"uninstallation_$i\" id=\"uninstallation_$i\" type=\"checkbox\" value=\"YES\" style=\"vertical-align: middle;\"><span class=\"tooltip\" TITLE=\"Uninstalls OK?\">Uninstall?</span></label>\n";
+        echo "<label for=\"appworks_$i\"><input name=\"appworks_$i\" id=\"appworks_$i\" type=\"checkbox\" value=\"YES\" style=\"vertical-align: middle;\"><span class=\"tooltip\" TITLE=\"App works OK? (Loading pages/messages, Tabs, Back/Forward)\">App Works?</span></label>\n";
+        echo "<label for=\"cleanprofile_$i\"><input name=\"cleanprofile_$i\" id=\"cleanprofile_$i\" type=\"checkbox\" value=\"YES\" style=\"vertical-align: middle;\"><span class=\"tooltip\" TITLE=\"Using a clean profile? (I.E. Works with no major extensions installed, like TBE)\">Clean Profile?</span></label>\n";
+        if ($type == "E") {
+            echo "<label for=\"newchrome_$i\"><input name=\"newchrome_$i\" id=\"newchrome_$i\" type=\"checkbox\" value=\"YES\" style=\"vertical-align: middle;\"><span class=\"tooltip\" TITLE=\"Extension added chrome to the UI?\">New Chrome?</span></label>\n";
+            echo "<label for=\"worksasdescribed_$i\"><input name=\"worksasdescribed_$i\" id=\"worksasdescribed_$i\" type=\"checkbox\" value=\"YES\" style=\"vertical-align: middle;\"><span class=\"tooltip\" TITLE=\"Item works as author describes\">Works?</span></label>\n";
+        } elseif ($type == "T") {
+            echo "<label for=\"visualerrors_$i\"><input name=\"visualerrors_$i\" id=\"visualerrors_$i\" type=\"checkbox\" value=\"YES\" style=\"vertical-align: middle;\"><span class=\"tooltip\" TITLE=\"No visual errors/rendering problems\">Visual Errors?</span></label>\n";
+            echo "<label for=\"allelementsthemed_$i\"><input name=\"allelementsthemed_$i\" id=\"allelementsthemed_$i\" type=\"checkbox\" value=\"YES\" style=\"vertical-align: middle;\"><span class=\"tooltip\" TITLE=\"All components themed? (Including no missing icons?)\">Theme Complete?</span></label>\n";
+        }
+        echo "</TD></TR>\n";
+
+        // Operating Systems
+        echo "<TR><TD COLSPAN=2 style=\"font-size: 8pt;\">\n";
+        echo "<strong>Operating Systems:</strong> <input type=\"text\" name=\"testos_$i\" size=\"40\"></TD></TR>\n";
+
+        // Applications
+        echo "<TR><TD COLSPAN=2 style=\"font-size: 8pt;\">";
+        echo "<strong>Applications:</strong> <input type=\"text\" name=\"testbuild_$i\" size=\"40\"></TD></TR>\n";
+
+        echo "</TABLE>";
+    }
+}
+
+echo "<input name=\"maxvid\" id=\"maxvid\" type=\"hidden\" value=\"$i\">\n";
+
+
+echo "<TABLE>";
+if ($num_results > 0) {
+    echo "<TR><TD COLSPAN=4 style=\"height: 8px\"></td></tr>";
+    echo "<TR><TD COLSPAN=4><img src=\"../images/faq_small.png\" border=0 height=16 width=16 alt=\"\"> Before pressing submit, please make sure all the information you entered above is complete and correct. For themes, a preview screenshot is required for approval. A preview image is recommended for extensions.</TD></TR>";
+    echo "<TR><TD COLSPAN=4 ALIGN=\"center\"><a name=\"submitjump\"><input name=\"submit\" type=\"submit\" value=\"Submit\">&nbsp;&nbsp;<input name=\"reset\" type=\"reset\" value=\"Reset\"></a></TD></TR>";
+} else {
+    echo "<TR><TD COLSPAN=4 ALIGN=\"center\">No items are pending approval at this time</TD></TR>";
+}
+?>
+</TABLE>
+</form>
+<?php 
+} elseif ($function == "approvalhistory") {
+?>
+<style type="text/css">
+TD { font-size: 8pt }
+</style>
+<h1>Approval History Log</h2>
+<span style="font-size: 8pt;">Incomplete Basic UI for the Approval History Log. <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=255305">Bug 255305</a>.</span>
+<table border=0 cellpadding=2 cellspacing=0 align="Center">
+<tr style="background-color:#ccc;font-weight:bold;">
+<td>&nbsp;</td>
+<td style="font-size: 8pt">ID</td>
+<td style="font-size: 8pt">vID</td>
+<td style="font-size: 8pt">uID</td>
+<td style="font-size: 8pt">Action</td>
+<td style="font-size: 8pt">Date</td>
+<td style="font-size: 6pt">Install?</td>
+<td style="font-size: 6pt">Unistall?</td>
+<td style="font-size: 6pt">New Chrome?</td>
+<td style="font-size: 6pt">App Works?</td>
+<td style="font-size: 6pt">Visual Errors?</td>
+<td style="font-size: 6pt">All Elements Themed?</td>
+<td style="font-size: 6pt">Clean Profile?</td>
+<td style="font-size: 6pt">Works As Described?</td>
+<td style="font-size: 6pt">Test Build:</td>
+<td style="font-size: 7pt">Test OS:</td>
+<td style="font-size: 7pt">Comments:</td>
+</tr>
+<?php
+
+$_start_date = mysql_real_escape_string($_GET['start']);
+$_end_date = mysql_real_escape_string($_GET['end']);
+
+$sql ="SELECT * FROM `approvallog` WHERE 1=1";
+
+if (!empty($_start_date)) {
+    $sql .= " AND date >= '{$_start_date}'";
+} else {
+    // If we don't have a start date, throw in the beginning of the current month
+    $_start_date = date('Y-m-01');
+    $sql .= " AND date >= '{$_start_date}'";
+}
+if (!empty($_end_date)) {
+    $sql .= " AND date <= '{$_end_date} 23:59:59'";
+} else {
+    $_end_date = date('Y-m-t');
+    $sql .= " AND date <= '{$_end_date} 23:59:59'";
+}
+$sql .= " ORDER BY `date` DESC";
+
+$_start_date = htmlentities($_start_date);
+$_end_date = htmlentities($_end_date);
+
+echo "<p>Showing results between {$_start_date} and {$_end_date}</p>";
+
+// Basically, we're grabbing the start and end dates
+// they gave us, and adding or subtracting a week to exaggerate the month they are
+// in.  This means they land into the previous or next month for us, and we just have
+// to make the start the first, and then figure out the length of the month.  I
+// assure you this is temporary and this whole thing is getting rewritten.
+echo '
+<p>
+<a href="?function=approvalhistory&start='.date('Y-m-01',strtotime($_start_date)-604800).'&end='.date('Y-m-t',strtotime($_start_date)-604800).'">&laquo; Prev Month</a> 
+<a href="?function=approvalhistory&start='.date('Y-m-01',strtotime($_end_date)+604800).'&end='.date('Y-m-t',strtotime($_end_date)+604800).'">Next Month &raquo;</a>
+</p>
+';
+
+
+
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+ $num_results = mysql_num_rows($sql_result);
+  while ($row = mysql_fetch_array($sql_result)) {
+    $i++;
+    $logid = $row["LogID"];
+    $id = $row["ID"];
+    $vid = $row["vID"];
+    $userid = $row["UserID"];
+    $action = $row["action"];
+    $date = $row["date"];
+    $installation = $row["Installation"];
+    $uninstallation = $row["Uninstallation"];
+    $newchrome = $row["NewChrome"];
+    $appworks = $row["AppWorks"];
+    $visualerrors = $row["VisualErrors"];
+    $allelementsthemed = $row["AllElementsThemed"];
+    $cleanprofile = $row["CleanProfile"];
+    $worksasdescribed = $row["WorksAsDescribed"];
+    $testbuild = $row["TestBuild"];
+    $testos = $row["TestOS"];
+    $comments = $row["comments"];
+
+    $class = ($i % 2) ? 'rowa' : 'rowb';
+
+    echo"<tr class=\"{$class}\">
+    <td>$i.</td>
+    <td>$id</td>
+    <td>$vid</td>
+    <td>$userid</td>
+    <td>$action</td>
+    <td>$date</td>
+    <td>$installation</td>
+    <td>$uninstallation</td>
+    <td>$newchrome</td>
+    <td>$appworks</td>
+    <td>$visualerrors</td>
+    <td>$allelementsthemed</td>
+    <td>$cleanprofile</td>
+    <td>$worksasdescribed</td>
+    <td>$testbuild</td>
+    <td>$testos</td>
+    <td>$comments</td>
+    </tr>\n";
+  }
+?>
+</table>
+<?php
+}
+?>
+<!-- close #mBody-->
+</div>
+
+<?php
+require_once(FOOTER);
+?>

mozilla/webtools/update/developers/approvalfile.php

@@ -0,0 +1,59 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//   Mike Morgan <morgamic@gmail.com>
+//   Justin Scott <fligtar@gmail.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+require_once('../core/init.php');
+require_once('./core/sessionconfig.php');
+
+if ($_SESSION["level"]!="admin" && $_SESSION["level"]!="editor") {
+    require_once(HEADER);
+    echo '<h1>Access Denied</h1>';
+    echo '<p>You do not have access to the Approval Queue.</p>';
+    require_once(FOOTER);
+    exit;
+}
+
+$filename = basename($_SERVER['PATH_INFO']);
+$file = REPO_PATH . "/approval/$filename";
+header('Content-Description: File Transfer');
+header('Content-Type: application/octet-stream');
+header('Content-Length: ' . filesize($file));
+header('Content-Disposition: attachment; filename=' . $filename);
+readfile($file);
+?>

mozilla/webtools/update/developers/categorymanager.php

@@ -0,0 +1,217 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//   Mike Morgan <morgamic@gmail.com>
+//   Justin Scott <fligtar@gmail.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+require_once('../core/init.php');
+require_once('./core/sessionconfig.php');
+$function = $_GET['function'];
+$page_title = 'Mozilla Update :: Developer Control Panel :: Category Manager';
+require_once(HEADER);
+require_once('inc_sidebar.php');
+
+if ($_SESSION["level"]=="admin") {
+    //Do Nothing, they're good. :-)
+} else {
+    echo"<h1>Access Denied</h1>\n";
+    echo"You do not have access to the Category Manager";
+    require_once(FOOTER);
+    exit;
+}
+?>
+<?php
+if (!$function) {
+?>
+<?php
+if ($_POST["submit"]=="Create Category") {
+  if ($_POST[cattype]=="other") $_POST["cattype"]=$_POST["othertype"];
+  $catname = escape_string($_POST["catname"]);
+  $catdesc = escape_string($_POST["catdesc"]);
+  $cattype = escape_string($_POST["cattype"]);
+  $catapp = escape_string($_POST["catapp"]);
+  if (checkFormKey()) {
+    $sql = "INSERT INTO `categories` (`CatName`, `CatDesc`, `CatType`, `CatApp`) VALUES ('$catname', '$catdesc', '$cattype', '$catapp');";
+    $result = mysql_query($sql) or trigger_error("<div class=\"error\">MySQL Error ".mysql_errno().": ".mysql_error()."</div>", E_USER_NOTICE);
+  }
+}
+?>
+<h1>Manage Category List</h1>
+<SPAN style="font-size:8pt">&nbsp;&nbsp;&nbsp;&nbsp; Show Categories for Application: <?php $i=0;
+$sql = "SELECT `AppName` from `applications` GROUP BY `AppName` ORDER BY `AppName` ASC";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+ $num_results = mysql_num_rows($sql_result);
+   while ($row = mysql_fetch_array($sql_result)) {
+   $i++;
+   $appname = $row["AppName"];
+   echo"<a href=\"?application=".strtolower($appname)."\">$appname</a>";
+   if ($num_results>$i) { echo" / "; }
+   }
+
+?></span>
+<TABLE BORDER=0 CELLPADDING=1 CELLSPACING=1 ALIGN=CENTER STYLE="border: 0px; width: 100%">
+<?php
+$typenames = array("E"=>"Extensions", "T"=>"Themes","P"=>"Plugins");
+ $sql1 = "SELECT `CatType`, `CatApp` FROM `categories` WHERE `CatApp`='$application' GROUP BY `CatType` ORDER BY `CatType`";
+ $sql_result1 = mysql_query($sql1, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+   while ($row = mysql_fetch_array($sql_result1)) {
+    $type = ucwords($row["CatType"]);
+    $application = strtolower($row["CatApp"]);
+    $typename=$typenames["$type"];
+?>
+<tr>
+<td colspan="4"><h2><?php echo"$typename Categories for ".ucwords($application); ?></h2></td>
+</tr>
+<tr>
+<th></th>
+<th>Name</th>
+<th>Description</th>
+</tr>
+
+<?php
+ $i=0;
+ $sql = "SELECT * FROM `categories` WHERE `CatType` LIKE '$type' AND `CatApp`='$application' ORDER BY `CatType`,`CatName`";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+   while ($row = mysql_fetch_array($sql_result)) {
+    $categoryid = $row["CategoryID"];
+    $catname = $row["CatName"];
+    $catdesc = $row["CatDesc"];
+    $cattype = $row["CatType"];
+
+    $i++;
+    echo"<tr>\n";
+    echo"<td>$i</td>\n";
+    echo"<td><a href=\"?function=editcategory&categoryid=$categoryid\">$catname</a></td>\n";
+    echo"<td>$catdesc</a></td>\n";
+    echo"</tr>\n";
+}
+
+}
+?>
+</table>
+<h2>New Category for <?php echo ucwords($application); ?><BR></h2>
+<div style="font-size: 10pt; font-weight: bold">
+<form name="addapplication" method="post" action="?function=&action=addnewcategory">
+<?writeFormKey();?>
+<input name="catapp" type="hidden" value="<?php echo strtolower($application); ?>">
+Name: <input name="catname" type="text" value="" size="30" maxlength="100"><BR>
+Description: <input name="catdesc" type="text" value="" size="50" maxlength="100"><BR>
+
+<SPAN style="margin-left: 20px">Type: <select name="cattype">";
+<?php
+ $sql = "SELECT `CatType` FROM `categories` GROUP BY `CatType` ORDER BY `CatType`";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+   while ($row = mysql_fetch_array($sql_result)) {
+    $type = ucwords($row["CatType"]);
+    $typename = $typenames[$type];
+    echo"<option value=\"$type\">$typename</option>\n";
+  }
+    echo"<option value=\"other\">Other</option>\n";
+?>
+  </select>
+If other, Type: <INPUT NAME="othertype" TYPE="TEXT" SIZE=3 MAXLENGTH=1>
+<input name="submit" type="submit" value="Create Category"></SPAN>
+</form>
+</div>
+
+<?php
+} else if ($function=="editcategory") {
+$categoryid = escape_string($_GET["categoryid"]);
+//Post Functions
+if ($_POST["submit"] == "Update") {
+  echo"<h2>Processing Update, please wait...</h2>\n";
+  $categoryid = escape_string($_POST["categoryid"]);
+  $catname = escape_string($_POST["catname"]);
+  $catdesc = escape_string($_POST["catdesc"]);
+  $cattype = escape_string($_POST["cattype"]);
+  if (checkFormKey()) {
+    $sql = "UPDATE `categories` SET `CatName`='$catname', `CatDesc`='$catdesc', `CatType`='$cattype' WHERE `CategoryID`='$categoryid'";
+    $sql_result = mysql_query($sql, $connection) or trigger_error("<div class=\"error\">MySQL Error ".mysql_errno().": ".mysql_error()."</div>", E_USER_NOTICE);
+
+    echo"Your update to $catname, has been submitted successfully...<br>";
+  }
+
+} else if ($_POST["submit"] == "Delete Category") {
+  echo"<h2>Processing Delete Request, please wait...</h2>\n";
+  $categoryid = escape_string($_POST["categoryid"]);
+  if (checkFormKey()) {
+    $sql = "DELETE FROM `categories` WHERE `CategoryID`='$categoryid'";
+    $sql_result = mysql_query($sql, $connection) or trigger_error("<div class=\"error\">MySQL Error ".mysql_errno().": ".mysql_error()."</div>", E_USER_NOTICE);
+  }
+  echo"You've successfully deleted the category '$catname'...<br>";
+}
+
+if (!$categoryid) { $categoryid = escape_string($_POST["categoryid"]); }
+// Show Edit Form
+  $sql = "SELECT * FROM `categories` WHERE `CategoryID` = '$categoryid' LIMIT 1";
+  $sql_result = mysql_query($sql, $connection) or trigger_error("<div class=\"error\">MySQL Error ".mysql_errno().": ".mysql_error()."</div>", E_USER_NOTICE);
+  $row = mysql_fetch_array($sql_result);
+  $categoryid = $row["CategoryID"];
+  $catapp = ucwords($row["CatApp"]);
+  $catname = $row["CatName"];
+  $catdesc = $row["CatDesc"];
+  $cattype = $row["CatType"];
+?>
+
+<div class="editbox">
+    <h3>Edit Category <?php echo"$catname for ".ucwords($catapp); ?>:</h3>
+<form name="editcategory" method="post" action="?function=editcategory">
+<?writeFormKey();?>
+<?php
+  echo"Name:  <input name=\"catname\" type=\"text\" value=\"$catname\" size=\"30\" maxlength=\"100\"><br>\n";
+  echo"Description:  <input name=\"catdesc\" type=\"text\" value=\"$catdesc\" size=\"50\" maxlength=\"100\"><br>\n";
+  echo"Type: <input name=\"cattype\" type=\"text\" value=\"$cattype\" size=\"1\" maxlength=\"1\"><br>\n";
+  echo"<input name=\"categoryid\" type=\"hidden\" value=\"$categoryid\">\n";
+?>
+<input name="submit" type="submit" value="Update">
+<input name="reset"  type="reset"  value="Reset Form">
+<input name="submit" type="submit" value="Delete Category" onclick="return confirm('Are you sure you want to delete the category <?php echo"$catname"; ?> for <?php echo ucwords($catapp); ?>?');">
+</form><br>
+<A HREF="?function=">&#171;&#171; Return to Category Manager</A>
+</div>
+<?php
+
+} else {}
+?>
+
+
+<!-- close #mBody-->
+</div>
+
+<?php
+require_once(FOOTER);
+?>

mozilla/webtools/update/developers/commentsmanager.php

@@ -0,0 +1,499 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//   Mike Morgan <morgamic@gmail.com>
+//   Justin Scott <fligtar@gmail.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+require_once('../core/init.php');
+require_once('./core/sessionconfig.php');
+
+$function = $_GET["function"];
+//Kill access to flagged comments for users.
+if ($_SESSION["level"] !=="admin" and $_SESSION["level"] !=="editor") {
+    if ($function=="flaggedcomments") {
+        unset($function);
+    }
+
+    $id = escape_string($_GET["id"]);
+    if (!$id) {$id = escape_string($_POST["id"]); }
+    $sql = "SELECT `UserID` from `authorxref` TAX WHERE `ID` = '$id' AND `UserID` = '$_SESSION[uid]' LIMIT 1";
+    $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+    if (mysql_num_rows($sql_result)=="0") {
+        echo"<h1>Access Denied</h1>\n";
+        echo"You do not have access to this item.";
+        require_once(FOOTER);
+        exit;
+    }
+}
+
+$page_title = 'Mozilla Update :: Developer Control Panel :: Comments Manager';
+require_once(HEADER);
+
+if ($function=="flaggedcomments") {
+    $skipcomments = true;
+}
+
+require_once('./inc_sidebar.php');
+
+?>
+<?php
+if (!$function) {
+?>
+
+<?php
+if ($_POST["submit"]=="Flag Selected" or $_POST["submit"]=="Delete Selected") {
+?>
+<h1>Updating comments list, please wait...</h1>
+<?php
+
+    $errors = false;
+
+    //Process Post Data, Make Changes to Feedback Table.
+    //Begin General Updating
+    for ($i=1; $i<=$_POST[maxid]; $i++) {
+      if (!$_POST["selected_$i"]) {
+        continue;
+      } else {
+        $selected = escape_string($_POST["selected_$i"]);
+      }
+
+        //Admins/Editors can delete from here. Regular Users Can't.
+        if ($_SESSION["level"] !=="admin" and $_SESSION["level"] !=="editor") {
+            if ($_POST["submit"]=="Delete Selected") {
+                $_POST["submit"]="Flag Selected";
+            }
+        }
+
+
+     if (checkFormKey()) {
+        if ($_POST["submit"]=="Delete Selected" && !empty($_POST["note_$i"])) {
+	    $note = escape_string($_POST["note_$i"]);
+
+            // Get the ID of the addon whose comment is being deleted
+            // so we can recompute its rating after deleting the comment.
+            $sql = "SELECT ID FROM  `feedback` WHERE `CommentID`='$selected'";
+            $sql_result = mysql_query($sql, $connection) or trigger_error("<FONT COLOR=\"#FF0000\"><B>MySQL Error ".mysql_errno().": ".mysql_error()."</B></FONT>", E_USER_NOTICE);
+            $id = mysql_result($sql_result, 0);
+
+            //$sql = "DELETE FROM `feedback` WHERE `CommentID`='$selected'";
+            $sql = "UPDATE `feedback` SET `CommentTitle` = '<i>Removed by Staff</i>', `CommentNote` = 'Deleted because: $note', `flag`='', `CommentVote` = NULL WHERE `CommentID='$selected'";
+            $sql_result = mysql_query($sql, $connection) or trigger_error("<FONT COLOR=\"#FF0000\"><B>MySQL Error ".mysql_errno().": ".mysql_error()."</B></FONT>", E_USER_NOTICE);
+
+            if ($sql_result) {
+                echo"Comment $selected removed.<br>\n";
+                // Update the rating for this item, since it has potentially changed
+                update_rating($id);
+            } else {
+                $errors = true;
+            }
+        } else if ($_POST["submit"]=="Flag Selected") {
+            $sql = "UPDATE `feedback` SET `flag`= 'YES' WHERE `CommentID`='$selected'";
+            $sql_result = mysql_query($sql, $connection) or trigger_error("<FONT COLOR=\"#FF0000\"><B>MySQL Error ".mysql_errno().": ".mysql_error()."</B></FONT>", E_USER_NOTICE);
+            if ($sql_result) {
+                echo"Comment $selected flagged for editor review.<br>\n";
+            } else {
+                $errors = true;
+            }
+
+        }
+     }
+
+    }
+
+  unset($i);
+  if ($errors==true) {
+  echo"Your changes to the comment list have been succesfully completed<BR>\n";
+  } else {
+  echo "There were some errors processing your request.\n";
+  }
+
+ }
+?>
+<?php
+if ($_GET["numpg"]) {$items_per_page=escape_string($_GET["numpg"]); } else {$items_per_page="50";} //Default Num per Page is 50
+if (!$_GET["pageid"]) {$pageid="1"; } else { $pageid = escape_string($_GET["pageid"]); } //Default PageID is 1
+$startpoint = ($pageid-1)*$items_per_page;
+
+$id = escape_string($_GET["id"]);
+
+$sql = "SELECT `Type`,`Name` FROM `main` WHERE `ID`='$id' LIMIT 1";
+$sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+    $row = mysql_fetch_array($sql_result);
+    $type = $row["Type"];
+    $name = $row["Name"];
+
+$sql = "SELECT CommentID FROM  `feedback` WHERE ID = '$id'";
+$sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+    $num_pages = ceil(mysql_num_rows($sql_result)/$items_per_page);
+?>
+
+<h1>Manage Comments for <?php echo"$name :: Page $pageid of $num_pages"; ?></h1>
+<?php
+//Flagged Comments Queue Link for Admins/Editors
+if ($_SESSION["level"] =="admin" or $_SESSION["level"]=="editor") {
+    echo"<a href=\"?function=flaggedcomments\">View Flagged Comments Queue</a> | \n";
+}
+
+// Begin Code for Dynamic Navbars
+if ($pageid <=$num_pages) {
+    $previd=$pageid-1;
+    if ($previd >"0") {
+        echo"<a href=\"?".uriparams()."&id=$id&page=$page&pageid=$previd\">&#171; Previous</A> &bull; ";
+    }
+}
+
+echo"Page $pageid of $num_pages";
+$nextid=$pageid+1;
+
+if ($pageid <$num_pages) {
+    echo" &bull; <a href=\"?".uriparams()."&id=$id&page=$page&pageid=$nextid\">Next &#187;</a>";
+}
+echo"<BR>\n";
+?>
+
+<TABLE BORDER=0 CELLPADDING=1 CELLSPACING=1 ALIGN=CENTER STYLE="border: 0px; width: 100%">
+<FORM NAME="updateusers" METHOD="POST" ACTION="?id=<?php echo"$id&pageid=$pageid&numpg=$items_per_page"; ?>&action=update">
+<?writeFormKey();?>
+<?php
+
+ $sql = "SELECT * FROM `feedback` WHERE `ID`='$id' AND CommentVote IS NOT NULL ORDER BY `CommentDate`DESC LIMIT $startpoint,$items_per_page";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+    while ($row = mysql_fetch_array($sql_result)) {
+        $commentid = $row["CommentID"];
+        $name = $row["CommentName"];
+        $email = $row["email"];
+        $title = $row["CommentTitle"];
+        $notes = $row["CommentNote"];
+        $helpful_yes = $row["helpful-yes"];
+        $helpful_no = $row["helpful-no"];
+        $helpful_total = $helpful_yes+$helpful_no;
+        $date = date("l, F j Y g:i:sa", strtotime($row["CommentDate"]));
+        $rating = $row["CommentVote"];
+        if (!$title) {$title = "No Title"; }
+        if (!$name) {$name = "Anonymous"; }
+        if ($rating==NULL) {$rating="N/A"; }
+        if ($row["flag"]=="YES") {$title .= " (flagged)"; }
+
+   
+   
+   $i++;
+    echo"<TR><TD COLSPAN=4><h2>$i.&nbsp;&nbsp;$title</h2></TD></TR>\n";
+    echo"<TR>\n";
+    echo"<TD COLSPAN=4>$notes";
+    if ($helpful_total>0) {echo" ($helpful_yes of $helpful_total found this comment helpful)"; }
+    echo"</TD>\n";
+    echo"</TR>\n";
+    echo"<TR>";
+    if ($email) {
+        echo"<TD>Posted by <A HREF=\"mailto:$email\">$name</A></TD>\n";
+    } else {
+        echo"<TD>Posted by $name</TD>\n";
+    }
+    echo"<TD NOWRAP>$date</TD>\n";
+    echo"<TD NOWRAP>Rated $rating of 5</TD>\n";
+    echo"<TD ALIGN=CENTER><INPUT NAME=\"selected_$i\" TYPE=\"CHECKBOX\" VALUE=\"$commentid\" TITLE=\"Selected User\"></TD>";
+    echo"</TR>\n";
+    echo"<TR>\n";
+    echo"<TD colspan=3>Reason for deletion (if deleting): <INPUT NAME=\"note_$i\" TYPE=\"TEXT\" TITLE=\"Note on comment\"></TD>\n";
+    echo"</TR>\n";
+
+}
+
+echo"<INPUT NAME=\"maxid\" TYPE=\"HIDDEN\" VALUE=\"$i\">\n";
+
+?>
+<TR>
+<TD COLSPAN=4>
+<h3></h3>
+Found a duplicate or inappropriate comment? To flag comments for review by Mozilla Update Staff, select the comment and choose "Flag Selected".<BR>
+</TD>
+</TR>
+<TR><TD COLSPAN=4 ALIGN=RIGHT>
+<?php
+if ($_SESSION["level"] =="admin" or $_SESSION["level"]=="editor") {
+//This user is an Admin or Editor, show the delete button.
+?>
+<INPUT NAME="submit" TYPE="SUBMIT" VALUE="Delete Selected" ONCLICK="return confirm('Are you sure you want to delete all selected comments?');">
+<?php
+}
+?>
+<INPUT NAME="submit" TYPE="SUBMIT" VALUE="Flag Selected" ONCLICK="return confirm('Are you sure you want to flag all selected comments for editor review?');">
+</TD>
+<TD>
+</TR>
+</FORM>
+</TABLE>
+<h3></h3>
+<?php
+// Begin Code for Dynamic Navbars
+if ($pageid <=$num_pages) {
+    $previd=$pageid-1;
+    if ($previd >"0") {
+        echo"<a href=\"?".uriparams()."&id=$id&page=$page&pageid=$previd\">&#171; Previous</A> &bull; ";
+    }
+}
+
+echo"Page $pageid of $num_pages";
+$nextid=$pageid+1;
+
+if ($pageid <$num_pages) {
+    echo" &bull; <a href=\"?".uriparams()."&id=$id&page=$page&pageid=$nextid\">Next &#187;</a>";
+}
+echo"<BR>\n";
+
+//Skip to Page...
+if ($num_pages>1) {
+    echo"Jump to Page: ";
+    $pagesperpage=9; //Plus 1 by default..
+    $i = 01;
+
+    //Dynamic Starting Point
+    if ($pageid>11) {
+        $nextpage=$pageid-10;
+    }
+
+    $i=$nextpage;
+
+    //Dynamic Ending Point
+    $maxpagesonpage=$pageid+$pagesperpage;
+    //Page #s
+    while ($i <= $maxpagesonpage && $i <= $num_pages) {
+        if ($i==$pageid) { 
+            echo"<SPAN style=\"color: #FF0000\">$i</SPAN>&nbsp;";
+        } else {
+            echo"<A HREF=\"?".uriparams()."&id=$id&page=$page&pageid=$i\">$i</A>&nbsp;";
+        }
+        $i++;
+    }
+}
+
+if ($num_pages>1) {
+    echo"<br>\nComments per page: \n";
+    $perpagearray = array("25","50","100");
+    foreach ($perpagearray as $items_per_page) {
+       echo"<A HREF=\"?".uriparams()."&id=$id&page=$page&pageid=1\">$items_per_page</A>&nbsp;";
+    }
+}
+?>
+
+<?php
+if ($_POST["submit"]=="Add Comment") {
+echo"<a name=\"addcomment\"></a>\n";
+echo"<h2>Submitting Comment, please wait...</h2>\n";
+
+
+  if (checkFormKey()) {
+
+    $id = escape_string($_POST["id"]);
+    $name = escape_string($_POST["name"]);
+    $title = escape_string($_POST["title"]);
+    $comments = escape_string($_POST["notes"]);
+
+    if ($_POST["type"]=="E") {
+        $type="extensions";
+    } else if ($_POST["type"]=="T") {
+        $type="themes";
+    }
+    
+    $name = "<a href=\"/$type/authorprofiles.php?id=$_SESSION[uid]\">$_SESSION[name]</a>";
+
+    $sql = "INSERT INTO `feedback` (`ID`, `CommentName`, `CommentVote`, `CommentTitle`, `CommentNote`, `CommentDate`, `commentip`) VALUES ('$id', '$name', NULL, '$title', '$comments', NOW(NULL), '$_SERVER[REMOTE_ADDR]');";
+    $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+    if ($sql_result) {
+      echo"Your comment has been added successfully...<br>\n";
+    } else {
+      echo"There was a problem adding your comment, please try again.<br>\n";
+    }
+  }
+
+
+
+}
+?>
+
+<?php /* This Section commented out until bug 333335 is fixed - https://bugzilla.mozilla.org/show_bug.cgi?id=333335
+
+<h2>Add Comment with No Rating</h2>
+Need to make a reply comment or answer a question somebody left who didn't provide an e-mail address? Use the form below. No rating is supplied and it will not affect your item's overall rating.
+
+<form name="addcoment" method="post" action="?id=<?php echo"$id"; ?>&action=addcomment#addcomment">
+<?writeFormKey();?>
+  <input name="id" type="hidden" value="<?php echo"$id"; ?>">
+  <input name="type" type="hidden" value="<?php echo"$type"; ?>">
+  <input name="name" type="hidden" value="<?php echo"$_SESSION[name]"; ?>">
+  <strong>Title:</strong> <input name="title" type="text" size="30" maxlength="150" value=""><br>
+  <strong>Comment:</strong><br>
+  <textarea name="notes" rows=5 cols=50></textarea><br>
+<input name="submit" type="submit" value="Add Comment"></SPAN>
+</form>
+
+*/ ?>
+
+</div>
+
+<?php
+} else if ($function=="flaggedcomments") {
+?>
+
+<?php
+if ($_POST["submit"]=="Process Queue") {
+echo"<h2>Processing Changes to the Flagged Comments List, please wait...</h2>\n";
+    
+    for ($i=1; $i<=$_POST['maxid']; $i++) {
+        $action = $_POST["action_$i"];
+        $commentid = escape_string($_POST["selected_$i"]); 
+        if ($action=="skip") {continue;}
+
+        if ($action=="delete" && !empty($_POST["note_$i"])) {
+            $note = escape_string($_POST["note_$i"]);
+
+            $sql = "SELECT ID FROM  `feedback` WHERE `CommentID`='$commentid'";
+            $sql_result = mysql_query($sql, $connection) or trigger_error("<FONT COLOR=\"#FF0000\"><B>MySQL Error ".mysql_errno().": ".mysql_error()."</B></FONT>", E_USER_NOTICE);
+            $id = mysql_result($sql_result, 0);
+
+            //$sql = "DELETE FROM `feedback` WHERE `CommentID`='$commentid'";
+            $sql = "UPDATE `feedback` SET `CommentTitle` = '<i>Removed by Staff</i>', `CommentNote` = 'Deleted because: $note', `flag`='', `CommentVote` = NULL WHERE `CommentID`='$commentid'";
+            $sql_result = mysql_query($sql, $connection) or trigger_error("<FONT COLOR=\"#FF0000\"><B>MySQL Error ".mysql_errno().": ".mysql_error()."</B></FONT>", E_USER_NOTICE);
+            if ($sql_result) {
+                echo"Comment $commentid removed.<br>\n";
+                // Update the rating for this item since it has potentially changed
+                update_rating($id);
+            }
+	} else if ($action=="delete") {
+	   echo "You must provide a reason for deleting comment $commentid<br>\n";
+	} else if ($action=="clear") {
+            $sql = "UPDATE `feedback` SET `flag`= '' WHERE `CommentID`='$commentid'";
+            $sql_result = mysql_query($sql, $connection) or trigger_error("<FONT COLOR=\"#FF0000\"><B>MySQL Error ".mysql_errno().": ".mysql_error()."</B></FONT>", E_USER_NOTICE);
+            if ($sql_result) {
+                echo"Flag cleared for comment $commentid.<br>\n";
+            }
+
+        }
+    }
+}
+unset($i);
+?>
+
+<h1>Comments Flagged for Editor Review</h1>
+<TABLE BORDER=0 CELLPADDING=1 CELLSPACING=1 ALIGN=CENTER STYLE="border: 0px; width: 100%">
+<?php
+ $sql = "SELECT `CommentID`,`CommentName`,`email`,`CommentTitle`,`CommentNote`,`CommentDate`,`CommentVote`,`commentip`, TM.Name, TM.ID, TM.Type FROM `feedback` INNER JOIN `main` TM ON feedback.ID=TM.ID WHERE `flag`='YES' ORDER BY `CommentDate`DESC";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+    $num_results = mysql_num_rows($sql_result);
+    if ($num_results>"0") {
+?>
+<FORM NAME="updateusers" METHOD="POST" ACTION="?function=flaggedcomments&action=update">
+<?writeFormKey();?>
+
+<?php
+    }
+$i=0;
+    while ($row = mysql_fetch_array($sql_result)) {
+        $itemname = $row["Name"];
+        $commentid = $row["CommentID"];
+        $name = $row["CommentName"];
+        $email = $row["email"];
+        $title = $row["CommentTitle"];
+        $notes = $row["CommentNote"];
+        $type = $row["Type"];
+        $theid = $row["ID"];
+        $date = date("l, F j Y g:i:sa", strtotime($row["CommentDate"]));
+        $rating = $row["CommentVote"];
+        $commentip = $row["commentip"];
+        if (!$title) {$title = "No Title"; }
+        if (!$name) {$name = "Anonymous"; }
+        if ($rating==NULL) {$rating="N/A"; }
+
+   
+   
+   $i++;
+    echo"<TR><TD COLSPAN=4><h2><a href=\"../";
+    echo ($type=="E")?"extensions":"themes";
+    echo "/moreinfo.php?id=$theid\">$i.&nbsp;&nbsp;$itemname :: $title</a></h2></TD></TR>\n";
+    echo"<TR>\n";
+    echo"<TD COLSPAN=4>$notes";
+    if ($commentip) {echo"<BR>(Posted from IP: $commentip)"; }
+    echo"</TD>\n";
+    echo"</TR>\n";
+    echo"<TR>";
+    if ($email) {
+        echo"<TD>Posted by <A HREF=\"mailto:$email\">$name</A></TD>\n";
+    } else {
+        echo"<TD>Posted by $name</TD>\n";
+    }
+    echo"<TD NOWRAP>$date</TD>\n";
+    echo"<TD NOWRAP>Rated $rating of 5</TD>\n";
+    echo"<TD>&nbsp;<INPUT NAME=\"selected_$i\" TYPE=\"hidden\" VALUE=\"$commentid\"></TD>";
+    echo"</TR>\n";
+
+    echo"<TR>\n";
+    echo"<TD COLSPAN=4><input name=\"action_$i\" type=\"radio\" value=\"delete\"> Delete Comment  <input name=\"action_$i\" type=\"radio\" value=\"clear\"> Clear Flag <input name=\"action_$i\" type=\"radio\" value=\"skip\" checked> No Action</TD>\n";
+    echo"</TR>\n";
+    echo"<TR>\n";
+    echo"<TD colspan=3>Reason for deletion (if deleting): <INPUT NAME=\"note_$i\" TYPE=\"TEXT\" TITLE=\"Note on comment\"></TD>\n";
+    echo"</TR>\n";
+
+}
+if ($num_results>"0") {
+echo"<INPUT NAME=\"maxid\" TYPE=\"HIDDEN\" VALUE=\"$i\">\n";
+
+?>
+<TR><TD COLSPAN=4 ALIGN=RIGHT>
+<h3></h3>
+<INPUT NAME="submit" TYPE="SUBMIT" VALUE="Process Queue">&nbsp;&nbsp;<INPUT name="reset" type="reset" value="Reset Form">
+</TD>
+<TD>
+</TR>
+<?php
+} else {
+echo"<TR><TD COLSPAN=4 align=center>No Comments are Currently Flagged for Editor Review</TD></TR>\n";
+}
+?>
+</FORM>
+</TABLE>
+
+<?php
+} else {}
+?>
+
+
+<!-- close #mBody-->
+</div>
+
+<?php
+require_once(FOOTER);
+?>

mozilla/webtools/update/developers/core/sessionconfig.php

@@ -0,0 +1,47 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+//session_name('sid');
+session_name();
+session_start();
+
+if ($_SESSION["logoncheck"] !=="YES" && strpos($_SERVER["SCRIPT_NAME"],"login.php")===false && strpos($_SERVER["SCRIPT_NAME"],"index.php")===false) {
+header('Location: http://'.HOST_NAME.WEB_PATH.'/developers/');
+exit;
+}
+?>

mozilla/webtools/update/developers/createaccount.php

@@ -0,0 +1,191 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//   Mike Morgan <morgamic@gmail.com>
+//   Justin Scott <fligtar@gmail.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+require_once('../core/init.php');
+$page_title = 'Mozilla Update :: Create An Account';
+require_once(HEADER);
+$function = $_GET['function'];
+
+if (!$function or $function=="step1") {
+?>
+<hr class="hide">
+<div id="mBody">
+<div id="mainContent" class="right">
+
+<h2>Create an Account</h2>
+<p>Joining Mozilla Update is easy!  Just fill out the form below and click the join button.</p>
+
+<form name="createaccount" method="post" action="createaccount.php?function=step2">
+<table border=0 cellpadding=0 cellspacing=0>
+<tr><td colspan="2">Your e-mail address is used as your username to login. You'll also receive a confirmation e-mail to this address. In order for your account to be activated succesfully, you must specify a valid e-mail address.</td></tr>
+<tr>
+<td><strong>E-Mail Address:</strong></td>
+<td><input name="email" type="text" size=30></td>
+</tr>
+<tr>
+<td><strong>Confirm E-Mail:</strong></td>
+<td><input name="emailconfirm" type="text" size=30></td>
+</tr>
+<tr><td colspan="2">How do you want to be known to visitors of Mozilla Update? This is your "author name" and it will be shown with your extension/theme listings on the Mozilla Update web site.</td></tr>
+<tr>
+<td><strong>Your Name</strong></td>
+<td><input name="name" type="text" size=30></td>
+</tr>
+<tr><td colspan="2">If you have a website, enter the URL here. (including the http:// ) Your website will be shown to site visitors on your author profile page. This field is optional; if you don't have a website or don't want it linked to from Mozilla Update, leave this box blank. </td></tr>
+<tr>
+<td><strong>Your Website</strong></td>
+<td><input name="website" type="text" size=30></td>
+</tr>
+<tr><td colspan="2">Your desired password. This along with your e-mail will allow you to login, so make it something memorable but not easy to guess. Type it in both fields below.  The two fields must match.</td></tr>
+<tr>
+<td><strong>Password:</strong></td>
+<td><input name="password" type="password" size=30></td>
+</tr>
+<tr>
+<td><strong>Confirm Password:</strong></td>
+<td><input name="passwordconfirm" type="password" size=30></td>
+</tr>
+<tr><td colspan="2">Review what you entered above. If everything's correct, click the "Join Mozilla Update" button. If you want to start over, click "Clear Form".</td></tr>
+<tr>
+<td colspan="2"><input name="submit" type="submit" value="Join Mozilla Update"><input name="reset" type="reset" value="Clear Form"></td>
+</tr>
+</table>
+
+</form>
+
+</div>
+<div id="side" class="right">
+<h2>Already Have an Account?</h2>
+<P>If you already have signed up for an account, you don't need to sign-up again. Just use your e-mail address and password and <a href="index.php">login</a>.</P>
+<P>If you don't remember the password for your account, you can <a href="./passwordreset.php">recover a forgotten password</a>.</P>
+</div>
+
+<?php
+} else if ($function=="step2") {
+echo"<h1>Processing New Account Request, Please Wait...</h1>\n";
+//Gather and Filter Data from the Submission Form
+if ($_POST["email"]==$_POST["emailconfirm"]) {$email = escape_string($_POST["email"]);} else { $errors="true"; $emailvalid="no";}
+if (empty($_POST["password"])) {$errors="true"; $passwordempty="yes"; }
+if ($_POST["password"]==$_POST["passwordconfirm"]) {$password = escape_string($_POST["password"]);} else { $errors="true"; $passwordvalid="no"; }
+if ($_POST["name"]) { $name = escape_string($_POST["name"]); } else { $errors="true"; $namevalid="no"; }
+$website = escape_string($_POST["website"]);
+
+// Before doing an unneccessary query for dupes, check to see that the email has a valid format.
+// Regex from Gavin Sharp -- thanks Gavin.
+if (!preg_match('/^(([A-Za-z0-9]+_+)|([A-Za-z0-9]+\-+)|([A-Za-z0-9]+\.+)|([A-Za-z0-9]+\++))*[A-Za-z0-9]+@((\w+\-+)|(\w+\.))*\w{1,63}\.[a-zA-Z]{2,6}$/',$email)) {
+    $errors = 'true';
+    $emailvalid = 'bademail';
+}
+
+//Check e-mail address and see if its already in use.
+if ($emailvalid !="no") {
+$sql = "SELECT `UserEmail` from `userprofiles` WHERE `UserEmail`='$email' LIMIT 1";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+  if (mysql_num_rows($sql_result)>"0") {$errors="true"; $emailvalid="no"; }
+}
+
+if ($errors == "true") {
+echo"<p>Errors have been found in your submission:</p>\n";
+echo '<ul>';
+if ($emailvalid=="no") {echo"<li>Your e-mail addresses didn't match, or your e-mail is already in use.</li>\n"; }
+if ($passwordempty=="yes") {echo"<li>A password is required.</li>\n"; }
+if ($passwordvalid=="no") {echo"<li>The passwords you entered did not match.</li>\n"; }
+if ($namevalid=="no") {echo"<li>The name field cannot be left blank.</li>\n"; }
+if ($emailvalid=='bademail') {echo"<li>The email you entered cannot possibly be a valid email.  Please try again.</li>\n";}
+echo '</ul>';
+
+require_once(FOOTER);
+exit;
+}
+
+//We've got good data here, valid password & e-mail. 
+
+//Generate Confirmation Code
+$confirmationcode = md5(mt_rand());
+$password_plain = $password;
+$password = md5($password);
+
+$sql = "INSERT INTO `userprofiles` (`UserName`,`UserEmail`,`UserWebsite`,`UserPass`,`UserMode`,`ConfirmationCode`) VALUES ('$name','$email','$website','$password','D','$confirmationcode');";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+  if ($sql_result) {
+    include"mail_newaccount.php";
+    echo"Your account has been created successfully. An e-mail has been sent to you with instructions on how to activate your account so you can begin using it.<br>\n";
+    echo"<br><br><a href=\"./index.php\">&#171;&#171; Login to Mozilla Update's Developer Control Panel &#187;&#187;</a>";
+  }
+
+} else if ($function=="confirmaccount") {
+?>
+<h2>Activate Your Mozilla Update Account</h2>
+<?php
+//Get the two URI variables from the query_string..
+$email = escape_string($_GET["email"]);
+$confirmationcode = escape_string($_GET["confirmationcode"]);
+
+//Check DB to see if those two values match a record.. if it does, activate the account, if not throw error.
+$sql = "SELECT `UserID` from `userprofiles` WHERE `UserEmail`='$email' and `ConfirmationCode`='$confirmationcode' LIMIT 1";
+  $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+   if (mysql_num_rows($sql_result)=="1") {
+     $row = mysql_fetch_array($sql_result);
+      $userid = $row["UserID"];
+      $sql = "UPDATE `userprofiles` SET `UserMode`='U', `ConfirmationCode`=NULL WHERE `UserID`='$userid' LIMIT 1";
+        $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+        if ($sql_result) {
+        echo"Thanks! Your account has been activated successfully, you may now login and being using Mozilla Update's Developer Control Panel.";
+        echo"<br><br><a href=\"./index.php\">&#171;&#171; Login to Mozilla Update's Developer Control Panel &#187;&#187;</a>";
+        }
+   } else {
+     echo"Sorry, the e-mail and confirmation code do not match, please make sure you've copied the entire URL, if you copy/pasted it from your e-mail client, and try again.";
+     echo"<br><br><a href=\"./index.php\">&#171;&#171; Back to Mozilla Update Developer Control Panel Home &#187;&#187;</a>";
+
+   }
+
+?>
+
+
+<?php
+} else {}
+?>
+
+
+</div>
+
+<?php
+require_once(FOOTER);
+?>

mozilla/webtools/update/developers/disable.php

@@ -0,0 +1,153 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Justin Scott <fligtar@gmail.com>.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+
+require_once('../core/init.php');
+require_once('./core/sessionconfig.php');
+$page_title = 'Mozilla Update :: Developer Control Panel :: Disable Add-on';
+require_once(HEADER);
+require_once('./inc_sidebar.php');
+
+if ($_SESSION['level'] != 'admin') {
+    echo "<h1>Access Denied</h1>\n";
+    echo "You do not have permission to access this page.";
+    require_once(FOOTER);
+    exit;
+}
+
+$addon_id = mysql_real_escape_string($_GET['id']);
+
+$addon_qry = mysql_query("SELECT * FROM main WHERE ID='{$addon_id}'");
+$addon = mysql_fetch_array($addon_qry);
+    
+$version_qry = mysql_query("SELECT version.*, os.* FROM version LEFT JOIN os ON version.OSID=os.OSID WHERE version.ID='{$addon_id}' GROUP BY version.URI ORDER BY version.DateAdded DESC");
+    
+$author_qry = mysql_query("SELECT userprofiles.UserName, userprofiles.UserEmail, userprofiles.UserID FROM authorxref LEFT JOIN userprofiles ON authorxref.UserID = userprofiles.UserID WHERE authorxref.ID='{$addon_id}'");
+
+if (isset($_POST['submit'])) {
+    $email = $_POST['email'];
+    
+    echo '<h1>Disable '.$addon['Name'].'</h1>';
+    
+    if (empty($email)) {
+        echo 'Error: Please enter text for the e-mail body.';
+        exit;
+    }
+    
+    //Disable all versions
+    mysql_query("UPDATE version SET approved='DISABLED' WHERE ID='{$addon_id}'");
+    echo 'Versions disabled...<br>';
+    
+    //Set only author to disabled@addons.mozilla.org account
+    mysql_query("DELETE FROM authorxref WHERE ID='{$addon_id}'");
+    mysql_query("INSERT INTO authorxref (ID, UserID) VALUES('{$addon_id}', '69324')");
+    echo 'Author changed to disabled@addons.mozilla.org...<br>';
+    
+    //Add notice to beginning of description
+    $disabled_notice = "********** NOTICE **********\nThis add-on has been disabled by an administrator.\n****************************\n\n";
+    mysql_query("UPDATE main SET description=CONCAT('{$disabled_notice}', description) WHERE ID='{$addon_id}'");
+    echo 'Description updated...<br>';
+    
+    //email authors
+    $headers = "From: AMO Administrators <umo-admins@mozilla.org>\r\n";
+    $subject = $addon['Name'].' disabled';
+    $body = $email."\n\nMozilla Add-ons\nhttps://".HOST_NAME.WEB_PATH."\n";
+    
+    while ($author = mysql_fetch_array($author_qry)) {
+        $authors[] = $author['UserName'].' ('.$author['UserEmail'].' - ID '.$author['UserID'].')';
+        mail($author['UserEmail'], $subject, $body, $headers);
+        echo $author['UserEmail'].' emailed...<br>';
+    }
+    
+    //email admins
+    $body = "The following add-on was disabled by an AMO administrator:\n";
+    $body .= "Disabled: {$addon['Name']} ({$addon['GUID']} - https://".HOST_NAME.WEB_PATH."/disabled/{$addon_id}/)\n";
+    $body .= "Authors: ".implode(', ', $authors)."\n";
+    $body .= "Administrator: {$_SESSION['name']} ({$_SESSION['email']})\n\n";
+    $body .= "Notes to author:\n";
+    $body .= "{$email}\n";
+
+    mail('umo-admins@mozilla.org', $subject, $body, $headers);
+    echo 'umo-admins@mozilla.org emailed...<br>';
+    
+    echo '<b>Add-on disabled successfully.</b>';
+}
+else {
+    while ($author = mysql_fetch_array($author_qry)) {
+        $authors[] = '<a href="mailto:'.$author['UserEmail'].'">'.$author['UserName'].'</a> (<a href="usermanager.php?function=edituser&userid='.$author['UserID'].'">Manage</a>, <a href="../author.php?id='.$author['UserID'].'">Profile</a>)';
+    }
+?>
+<form method="post">
+<input type="hidden" name="id" value="<?=$addon_id?>">
+<h1>Disable <?=$addon['Name']?></h1>
+Authors: <?=implode('; ', $authors)?><br>
+GUID: <?=$addon['GUID']?><br>
+<br>
+The following versions will be disabled:
+<ul>
+<?
+    $status = array(
+                'YES' => 'Approved',
+                'NO' => 'Denied',
+                '?' => 'Pending Approval',
+                'DISABLED' => 'Disabled'
+              );
+    while ($version = mysql_fetch_array($version_qry)) {
+        echo '<li>'.$version['Version'].' ['.$version['OSName'].'] ('.$status[$version['approved']].') - '.$version['DateAdded'].'</li>';
+    }
+?>
+</ul>
+<br>
+The following e-mail will be sent to the author(s) [REQUIRED]:
+<textarea name="email" cols=70 rows=10></textarea>
+<br>
+<div style="text-align: center;">
+    <input type="submit" name="submit" value="Disable Add-on">
+    <input type="button" value="Cancel" onClick="window.location='listmanager.php?function=editmain&id=<?=$addon_id?>';">
+    <br><br><a href="../author.php?id=69324">See all disabled add-ons</a>
+</div>
+</form>
+<?
+}
+?>
+
+<!-- close #mBody-->
+</div>
+
+<?php
+require_once(FOOTER);
+?>

mozilla/webtools/update/developers/faqmanager.php

@@ -0,0 +1,245 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//   Mike Morgan <morgamic@gmail.com>
+//   Justin Scott <fligtar@gmail.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+require_once('../core/init.php');
+require_once('./core/sessionconfig.php');
+$function = $_GET['function'];
+$page_title = 'Mozilla Update :: Developer Control Panel :: FAQ Manager';
+require_once(HEADER);
+require_once('inc_sidebar.php');
+
+if ($_SESSION["level"]=="admin") {
+    //Do Nothing, they're good. :-)
+} else {
+    echo"<h1>Access Denied</h1>\n";
+    echo"You do not have access to the FAQ Manager";
+    require_once(FOOTER);
+    exit;
+}
+?>
+
+<?php
+if (!$function) {
+?>
+
+<h1>Manage FAQs:</h1>
+<TABLE CELLPADDING=1 CELLSPACING=1 ALIGN=CENTER STYLE="border: 0px; width: 100%">
+<TR>
+<tr>
+<th></th>
+<th>FAQ Entry</th>
+<th>Updated</th>
+<th>Active</th>
+</tr>
+
+<?php
+  $sql = "SELECT id, title, active, UNIX_TIMESTAMP(lastupdated) as lastupdated FROM `faq` ORDER BY `index` ASC, `title` ASC";
+  $sql_result = mysql_query($sql, $connection) or trigger_error("<div class=\"error\">MySQL Error ".mysql_errno().": ".mysql_error()."</div>", E_USER_NOTICE);
+  while ($row = mysql_fetch_array($sql_result)) {
+    $lastupdated = gmdate("F d, Y g:i:sa", $row['lastupdated']);
+    echo"<tr>\n";
+    echo"<td>".++$i."</td>\n";
+    echo"<td>&nbsp;<a href=\"?function=edit&id=".$row["id"]."\">".$row["title"]."</a></td>\n";
+    echo"<td>$lastupdated</td>\n";
+    echo"<td>".$row['active']."</td>\n";
+    echo"</tr>\n";
+
+}
+?>
+</table>
+
+<h2><a href="?function=addentry">New FAQ Entry</A></h2>
+<form name="addapplication" method="post" action="?function=addentry">
+<?writeFormKey();?>
+  Title: <input name="title" type="text" size="30" maxlength="150" value="">
+<input name="submit" type="submit" value="Next &#187;&#187;"></SPAN>
+</form>
+</div>
+
+<?php
+} else if ($function=="edit") {
+  $id = escape_string($_GET["id"]);
+  //Post Functions
+  if ($_POST["submit"] == "Update Entry") {
+    echo"<h2>Processing your update, please wait...</h2>\n";
+    $title = escape_string($_POST["title"]);
+    $index = escape_string($_POST["index"]);
+    $alias = escape_string($_POST["alias"]);
+    $text = escape_string($_POST["text"]);
+    $active = escape_string($_POST["active"]);
+    $id = escape_string($_POST["id"]);
+    if (checkFormKey()) {
+      $sql = "UPDATE `faq` SET `title`='$title', `index`='$index', `alias`='$alias', `text`='$text', `active`='$active' WHERE `id`='$id'";
+      $sql_result = mysql_query($sql, $connection) or trigger_error("<div class=\"error\">MySQL Error ".mysql_errno().": ".mysql_error()."</div>", E_USER_NOTICE);
+      if ($sql_result) {
+          echo"Your update to '$title', has been successful.<br>";
+      }
+    }
+
+  } else if ($_POST["submit"] == "Delete Entry") {
+    echo"<h2>Processing, please wait...</h2>\n";
+    $id = escape_string($_POST["id"]);
+    $title = escape_string($_POST["title"]);
+    if (checkFormKey()) {
+      $sql = "DELETE FROM `faq` WHERE `id`='$id'";
+      $sql_result = mysql_query($sql, $connection) or trigger_error("<div class=\"error\">MySQL Error ".mysql_errno().": ".mysql_error()."</div>", E_USER_NOTICE);
+      if ($sql_result) {
+          echo"You've successfully deleted the FAQ Entry '$title'.";
+          require_once(FOOTER);
+          exit;
+      }
+    }
+}
+
+// Show Edit Form
+  $sql = "SELECT * FROM `faq` WHERE `id` = '$id' LIMIT 1";
+  $sql_result = mysql_query($sql, $connection) or trigger_error("<div class=\"error\">MySQL Error ".mysql_errno().": ".mysql_error()."</div>", E_USER_NOTICE);
+  $row = mysql_fetch_array($sql_result);
+?>
+
+<h3>Edit FAQ Entry:</h3>
+<form name="editfaq" method="post" action="?function=edit">
+<?writeFormKey();?>
+<?php
+  echo"<input name=\"id\" type=\"hidden\" value=\"".$row["id"]."\" />\n";
+  echo"Title: <input name=\"title\" type=\"text\" size=\"40\" maxlength=\"150\" value=\"".$row["title"]."\"> ";
+  echo"Alias: <input name=\"alias\" type=\"text\" size=\"8\" maxlength=\"20\" value=\"".$row["alias"]."\"><br>\n";
+
+//List of Entry Index for User Convienience
+ echo"Existing Index Reference: <SELECT name=\"titleindex\">\n";
+ $sql = "SELECT `id`,`title`, `index` FROM `faq` ORDER BY `index` ASC";
+  $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+    while ($row2 = mysql_fetch_array($sql_result)) {
+    echo"<OPTION value=\"$row2[index]\"";
+    if ($row2[id]==$id) {echo" SELECTED";}
+    echo">$row2[title] (Index: $row2[index])</OPTION>\n";
+    }
+ echo"</SELECT><BR>\n";
+
+  echo"Index: <input name=\"index\" type=\"text\" size=\"5\" maxlength=\"5\" value=\"".$row["index"]."\"><BR>\n";
+  echo"<br>\n";
+
+  echo"Entry Text:<BR><TEXTAREA NAME=\"text\" ROWS=10 COLS=60>$row[text]</TEXTAREA><BR>";
+$active = $row["active"];
+echo"Show Entry on FAQ Page: ";
+if ($active=="YES") {
+ echo"Yes: <INPUT NAME=\"active\" TYPE=\"RADIO\" VALUE=\"YES\" CHECKED> No: <INPUT NAME=\"active\" TYPE=\"RADIO\" VALUE=\"NO\">";
+ } else if ($active=="NO") {
+ echo"Yes: <INPUT NAME=\"active\" TYPE=\"RADIO\" VALUE=\"YES\"> No: <INPUT NAME=\"active\" TYPE=\"RADIO\" VALUE=\"NO\" CHECKED>";
+ } else {
+ echo"Yes: <INPUT NAME=\"active\" TYPE=\"RADIO\" VALUE=\"YES\"> No: <INPUT NAME=\"active\" TYPE=\"RADIO\" VALUE=\"NO\">";
+ }
+?>
+<BR><BR>
+<input name="submit" type="submit" value="Update Entry">
+<input name="reset"  type="reset"  value="Reset Form">
+<input name="submit" type="submit" value="Delete Entry" onclick="return confirm('Are you sure you want to delete <?php echo $row["title"]; ?>?');" />
+</form>
+<BR><BR>
+<A HREF="?function=">&#171;&#171; Return to FAQ Manager</A>
+
+<?php
+} else if ($function=="addentry") {
+
+ //Add Category to MySQL Table
+  if ($_POST["submit"]=="Add FAQ Entry") {
+
+    echo"<h2>Adding Entry, please wait...</h2>\n";
+    $title = escape_string($_POST["title"]);
+    $index = escape_string($_POST["index"]);
+    $alias = escape_string($_POST["alias"]);
+    $text = escape_string($_POST["text"]);
+    $active = escape_string($_POST["active"]);
+    $id = escape_string($_POST["id"]);
+    if (checkFormKey()) {
+      $sql = "INSERT INTO `faq` (`title`,`index`,`alias`, `text`, `active`) VALUES ('$title','$index','$alias', '$text', '$active')";
+      $sql_result = mysql_query($sql, $connection) or trigger_error("<div class=\"error\">MySQL Error ".mysql_errno().": ".mysql_error()."</div>", E_USER_NOTICE);
+      if ($sql_result) {
+        echo"The entry '$title' has been successfully added.<br>\n";
+      }
+    }
+  }
+?>
+
+<h2>Add FAQ Entry:</h2>
+<form name="addfaq" method="post" action="?function=addentry">
+<?writeFormKey();?>
+<?php
+$title = escape_string($_POST["title"]);
+
+  echo"Title: <input name=\"title\" type=\"text\" size=\"40\" maxlength=\"150\" value=\"$title\">&nbsp;\n";
+  echo"Alias: <input name=\"alias\" type=\"text\" size=\"8\" maxlength=\"20\" value=\"\"><br>";
+
+//List of Entry Index for User Convienience
+ echo"<BR>Existing Index Reference: <SELECT name=\"titleindex\">\n";
+ $sql = "SELECT `id`,`title`, `index` FROM `faq` ORDER BY `index` ASC";
+  $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+    while ($row2 = mysql_fetch_array($sql_result)) {
+    echo"<OPTION value=\"$row2[index]\"";
+    if ($row2[id]==$id) {echo" SELECTED";}
+    echo">$row2[title] (Index: $row2[index])</OPTION>\n";
+    }
+ echo"</SELECT><BR>\n";
+  echo"Index: <input name=\"index\" type=\"text\" size=\"5\" maxlength=\"5\" value=\"\"> (used for FAQ page sort order)<br><br>\n";
+
+  echo"Entry Text:<BR><TEXTAREA NAME=\"text\" ROWS=10 COLS=60></TEXTAREA><BR>";
+  echo"Show Entry on FAQ Page: ";
+  echo"Yes: <INPUT NAME=\"active\" TYPE=\"RADIO\" VALUE=\"YES\" CHECKED>/ No: <INPUT NAME=\"active\" TYPE=\"RADIO\" VALUE=\"NO\">";
+?>
+<BR><BR>
+
+<input name="submit" type="submit" value="Add FAQ Entry" />
+<input name="reset"  type="reset"  value="Reset Form" />
+</form>
+<BR><BR>
+<A HREF="?function=">&#171;&#171; Return to FAQ Manager</A>
+</div>
+
+<?php
+} else {}
+?>
+
+
+<!-- close #mBody-->
+</div>
+
+<?php
+require_once(FOOTER);
+?>

mozilla/webtools/update/developers/inc_approval.php

@@ -0,0 +1,119 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//   Mike Morgan <morgamic@gmail.com>
+//   Justin Scott <fligtar@gmail.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+//Function: process_approval(file, action)
+// Reusable function for handling the approval process, file should be the DB URI and action is either approve or deny.
+// Returns true on success, false on failure.
+
+function process_approval($type, $file, $action) {
+global $connection;
+if ($action=="approve") {
+  $action_comment = "Approval+";
+  $action_email = "Approval Granted";
+  $approved = "YES";
+ } else if ($action=="deny") {
+  $action_comment = "Approval-";
+  $action_email = "Approval Denied";
+  $approved = "NO";
+ }
+
+//Firstly, log the comments and action taken..
+$userid = $_SESSION["uid"];
+$sql = "SELECT TM.ID, `Name`, `vID`, TV.Version from `main` TM INNER JOIN `version` TV ON TM.ID = TV.ID WHERE TV.URI = '$file' ORDER BY `vID` ASC";
+    $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+    while ($row = mysql_fetch_array($sql_result)) {
+      $id = $row["ID"];
+      $vid = $row["vID"];
+      $name = $row["Name"];
+      $version = $row["Version"];
+
+global $installation, $uninstallation, $newchrome, $appworks, $visualerrors, $allelementsthemed, $cleanprofile, $worksasdescribed, $testbuild, $testos, $comments;
+        $sql2 = "INSERT INTO `approvallog` (`ID`, `vID`, `UserID`, `action`, `date`, `Installation`, `Uninstallation`, `NewChrome`, `AppWorks`, `VisualErrors`, `AllElementsThemed`, `CleanProfile`, `WorksAsDescribed`, `TestBuild`, `TestOS`, `comments`) VALUES ('$id', '$vid', '$userid', '$action_comment', NOW(NULL), '$installation', '$uninstallation', '$newchrome', '$appworks', '$visualerrors', '$allelementsthemed', '$cleanprofile', '$worksasdescribed', '$testbuild', '$testos', '$comments');";
+          $sql_result2 = mysql_query($sql2, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+          if ($sql_result2) {} else { $operations_failed="true";}
+    }
+    if ($sql_result) {} else { $operations_failed="true";}
+
+//Secondly, If Stage 1 was successful (and we're approving the file), let's move the file to it's new home in /ftp/ for staging...
+$filename = preg_replace('/http.*approvalfile\.php/', REPO_PATH.'/approval', $file);
+if ($action=="approve") {
+    if (file_exists($filename)) {
+        $type=$type=='T'?'themes':'extensions';
+        $path = $type.'/'.strtolower(preg_replace('/(^\.+|[^\w\-\.]+)/','_',$name)); // if you modify this, update additem.php as well
+        $destination = str_replace("approval",strtolower("ftp/$path"),$filename);
+        $dirpath = REPO_PATH.'/ftp/'.$path;
+        if (!file_exists($dirpath)) {
+            mkdir($dirpath,0755);
+            chmod($dirpath,0755);
+        }
+        if (!file_exists("$destination")) {
+        //No File Exists, its safe to rename.
+            if (rename("$filename", "$destination")) {
+                //Rename Successfull
+            } else {
+                //Rename Unsuccessfull
+                $operations_failed="true";
+            }
+        } else {
+            //A File exists, not safe to rename, throw error.
+            $operations_failed="true";
+        }
+        //FTP_URL defined in config.php
+        $uri = str_replace(REPO_PATH.'/ftp',FTP_URL,$destination);
+    }
+
+} elseif ($action=="deny") {
+    //We're denying approval on this item, delete the file and set URI to null.
+    if (file_exists($filename)) {unlink($filename); }
+    $uri = "";
+
+}
+//Thirdly, update version record...
+$sql = "UPDATE `version` SET `URI`='$uri', `approved`='$approved', `DateUpdated`=NOW(NULL) WHERE `URI`='$file'";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+   if ($sql_result) {} else { $operations_failed="true";}
+
+@include"mail_approval.php";
+
+if ($operations_failed=="true") { return false; } else { return true; }
+
+}
+
+?>

mozilla/webtools/update/developers/inc_sidebar.php

@@ -0,0 +1,100 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//   Mike Morgan <morgamic@gmail.com>
+//   Justin Scott <fligtar@gmail.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+require_once('inc_tshirt.php');
+
+if (($_SESSION["level"] == "admin" or $_SESSION["level"] == "editor")) {
+    $sql ="SELECT TM.ID FROM `main` TM INNER JOIN `version` TV ON TM.ID = TV.ID  WHERE `approved` = '?' GROUP BY `URI`";
+    $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+        $queuenum = mysql_num_rows($sql_result);
+
+    $sql = "SELECT `CommentID` FROM `feedback` WHERE `flag`='YES'";
+    $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+        $commentsnum = mysql_num_rows($sql_result);
+}
+?>
+<div id="mBody">
+
+<div id="side">
+<ul id="nav">
+<li><A HREF="<?=WEB_PATH?>/developers/main.php">Overview</A></li>
+<?php
+
+if ($_SESSION['level'] == 'user') {
+?>
+<li><A HREF="<?=WEB_PATH?>/developers/usermanager.php">Your Profile</A></li>
+
+<?php
+}
+
+if (tshirtEligible()) {
+?>
+
+<li><A HREF="<?=WEB_PATH?>/developers/tshirt.php">T-Shirt Request</A></li>
+
+<?php
+}
+
+if ($_SESSION['level'] == 'editor') {
+?>
+<li><A HREF="<?=WEB_PATH?>/developers/usermanager.php?function=edituser&amp;userid=<?php echo"$_SESSION[uid]"; ?>">Your Profile</A></li>
+<li><A HREF="<?=WEB_PATH?>/developers/approval.php">Approval Queue <?=$queuenum?></A></li>
+<li><a href="<?=WEB_PATH?>/developers/commentsmanager.php?function=flaggedcomments">Comments Manager <?=$commentsnum?></a></li>
+<?php
+} 
+
+if ($_SESSION['level'] == 'admin') {
+?>
+<li><A HREF="<?=WEB_PATH?>/developers/usermanager.php?function=edituser&amp;userid=<?php echo"$_SESSION[uid]"; ?>">Your Profile</A></li>
+<li><A HREF="<?=WEB_PATH?>/developers/approval.php">Approval Queue <?="($queuenum)"?></A></li>
+<li><A HREF="<?=WEB_PATH?>/developers/listmanager.php?type=T">Themes list</A></li>
+<li><A HREF="<?=WEB_PATH?>/developers/listmanager.php?type=E">Extensions list</A></li>
+<li><A HREF="<?=WEB_PATH?>/developers/usermanager.php">Users Manager</A></li>
+<li><a href="<?=WEB_PATH?>/developers/appmanager.php">Application Manager</a></li>
+<li><a href="<?=WEB_PATH?>/developers/categorymanager.php">Category Manager</A></li>
+<li><a href="<?=WEB_PATH?>/developers/faqmanager.php">FAQ Manager</A></li>
+<li><a href="<?=WEB_PATH?>/developers/commentsmanager.php?function=flaggedcomments">Comments Manager <?="($commentsnum)"?></a></li>
+<li><a href="<?=WEB_PATH?>/developers/reviewsmanager.php">Reviews Manager</a></li>
+<?php } ?>
+<li><a href="logout.php">Logout</A></li>
+</ul>
+
+	</div>
+	<div id="mainContent">

mozilla/webtools/update/developers/inc_tshirt.php

@@ -0,0 +1,100 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Justin "Kickstand" Scott.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Justin Scott <fligtar@gmail.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+require_once('../core/inc_version_comparison.php');
+
+/**
+ * Returns the eligibility of the current user to get a tshirt
+ * If $showDetails is false, the function will return true or false
+ * If $showDetails is true, the function will return an array
+ * @param boolean $showDetails
+ */
+function tshirtEligible($showDetails = false) {
+
+    return false;
+
+    $userid = mysql_real_escape_string($_SESSION['uid']);
+    $details = array();
+
+    if ($_SESSION['level'] == "admin") {
+        if ($showDetails == true) {
+            $details[] = 'AMO Administrator';
+        }
+        else {
+            return true;
+        }
+    }
+
+    if ($_SESSION['level'] == "editor") {
+        $checkqry = mysql_query("SELECT COUNT(*) AS `num` FROM `approvallog` WHERE `approvallog`.`action`!='Approval?' AND `approvallog`.`date` > '2006-07-09 00:00:00' AND `approvallog`.`UserID`='{$userid}'"); 
+        $check = mysql_fetch_array($checkqry);
+
+        if ($check['num'] >= 20) {
+            if ($showDetails == true) {
+                $details[] = 'Active AMO Reviewer ('.$check['num'].')';
+            }
+            else {
+                return true;
+            }
+        }
+    }
+
+    $addons = mysql_query("SELECT * FROM `main` LEFT JOIN `authorxref` ON `main`.`ID`=`authorxref`.`ID` WHERE `authorxref`.`UserID`='{$userid}'");
+    while($row = mysql_fetch_array($addons)) {
+        $latestversionqry = mysql_query("SELECT * FROM version WHERE ID='".$row['ID']."' AND AppID=1 AND DateAdded<'2006-10-01 00:00:00' AND MaxAppVer!='' ORDER BY DateAdded DESC LIMIT 1");
+        $latestversion = mysql_fetch_array($latestversionqry);
+
+        if (mysql_num_rows($latestversionqry) > 0 && NS_CompareVersions($latestversion['MaxAppVer'], '2.0') == 1) {
+            if ($showDetails == false) {
+                return true;
+            }
+            else {
+                $details[] = $row['Name'].' ('.$latestversion['MaxAppVer'].' - '.$latestversion['DateAdded'].')';
+            }
+        }
+    }
+    
+    if ($showDetails == true) {
+        return $details;
+    }
+    else {
+        return false;
+    }
+}
+
+?>

mozilla/webtools/update/developers/index.php

@@ -0,0 +1,116 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//   Mike Morgan <morgamic@gmail.com>
+//   Justin Scott <fligtar@gmail.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+require_once('../core/init.php');
+require_once('./core/sessionconfig.php');
+
+//If already logged in, we don't need to show the prompt... redirect the user in.
+if ($_SESSION["logoncheck"]=="YES") {
+header('Location: https://'.HOST_NAME.WEB_PATH.'/developers/main.php');
+exit;
+}
+$page_title = 'Mozilla Update :: Developer Control Panel';
+require_once(HEADER);
+?>
+
+<hr class="hide">
+<div id="mBody">
+
+<?php if (isset($_GET['login'])) { ?>
+<div id="mainContent" class="right">
+
+<h2>Developer Control Panel Locked</h2>
+<p class="first">The Developer Control Panel has been locked so we can clear the review queue and migrate our database in preparation for our new site.  For more information, please visit <a href="http://blog.mozilla.com/webdev/">our blog</a>.</p>
+
+</div>
+<div id="side" class="right">
+<h2>Developers Login</h2>
+
+<?php if ($_GET['login']=="failed") { ?>
+<strong>You were not successfully logged in. Check your e-mail address and password and try again.</strong>
+<?php } else if ($_GET['login']=="unconfirmed") { ?>
+<strong>Please check your email for instructions on how to confirm your account.<br><a href="resendconfirmation.php">Click to request a new email confirmation.</a></strong>
+<?php }else if ($_GET['logout']=="true") { ?>
+<strong>You've been successfully logged out.</strong>
+<?php } else {} ?>
+
+<form name="login" method="post" action="./login.php">
+<table cellpadding="1" cellspacing="1" style="margin: auto">
+<tr><td style="margin-top: 4px"></td></tr>
+<tr>
+<td><strong>E-Mail:</strong></td><td><input name="email" type="text" size="30"
+    maxlength="200"></TD>
+</tr>
+<tr>
+<td><strong>Password:</strong></td><td><input name="password" type="password"
+    size="30" maxlength="100"></td>
+</tr>
+<tr>
+<td align="center" colspan="2"><input name="submit" type="submit" value="Login">
+    <input type="reset" value="Reset"></td>
+</tr>
+</table>
+</form>
+<p>
+<a href="./passwordreset.php">Forgot your password?</a><br>
+<a href="./resendconfirmation.php">Resend Confirmation Email</a>
+</p>
+
+<h2>Create an Account</h2>
+<P>You need an account to access the features of the Developer Control Panel and add your extension or themes to Mozilla Update.</P>
+
+<a href="./createaccount.php">Join Mozilla Update!</a>
+
+</div>
+
+</div>
+<?php } else { ?>
+<h2>Developer Control Panel Closed</h2>
+The Mozilla Add-ons database has been migrated to the <a href="http://preview.addons.mozilla.org">preview version</a> of our new site. Until the launch of our new site, the Developer Control Panel will be inaccessible. If you would like to modify your add-on in our new site, please follow the link below. If you have an issue that requires urgent attention on this site, please <a href="https://bugzilla.mozilla.org/enter_bug.cgi?product=addons.mozilla.org;version=3.0;component=Administration;bug_severity=normal;rep_platform=All;priority=--;op_sys=All;target_milestone=---;;short_desc=%5BPost-migration%20request%5D%20Your_addon_name_here;">file a bug</a>. You can find more information on <a href="http://blog.mozilla.com/webdev/category/amo">our blog</a>.
+
+<div style="border: 1px solid gray; background-color: #eeeeee; margin: 20px 25%; font-weight: bold; text-align: center; padding: 10px;">
+<a href="http://preview.addons.mozilla.org/developers">Proceed to new Developer Control Panel</a>
+</div>
+
+<?php
+}
+
+require_once(FOOTER);
+?>

mozilla/webtools/update/developers/itemhistory.php

@@ -0,0 +1,126 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//   Mike Morgan <morgamic@gmail.com>
+//   Justin Scott <fligtar@gmail.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+require_once('../core/init.php');
+require_once('./core/sessionconfig.php');
+$item = escape_string($_GET['id']);
+$page_title = 'Mozilla Update :: Developer Control Panel :: Item History';
+require_once(HEADER);
+require_once('./inc_sidebar.php');
+
+//Kill access to items this user doesn't own...
+if ($_SESSION["level"] !== "admin" && $_SESSION["level"] !== "editor") {
+    $id = escape_string($_GET["id"] != "" ? $_GET["id"] : $_POST["id"]);
+    $sql = "SELECT `UserID` from `authorxref` TAX WHERE `ID` = '$id' AND `UserID` = '$_SESSION[uid]' LIMIT 1";
+    $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+    if (mysql_num_rows($sql_result) == 0) {
+        echo "<h1>Access Denied</h1>\n";
+        echo "You do not have access to this item.";
+        require_once(FOOTER);
+        exit;
+    }
+}
+
+
+$sql = "SELECT `Name` FROM `main` WHERE `ID`={$item}";
+$sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+$row = mysql_fetch_array($sql_result);
+
+?>
+<style type="text/css">
+TD { font-size: 8pt }
+</style>
+<h1>Item History :: <?=$row["Name"]?></h1><br>
+<table border=0 cellpadding=2 cellspacing=0 width="100%" align="center">
+<tr style="background-color:#ccc;font-weight:bold;">
+<td style="font-size: 8pt">ID</td>
+<td style="font-size: 8pt">Version</td>
+<td style="font-size: 8pt">Date</td>
+<td style="font-size: 8pt">Reviewer</td>
+<td style="font-size: 8pt">Action</td>
+<td style="font-size: 8pt">Comments</td>
+</tr>
+<?php
+
+$sql ="SELECT TV.Version, TU.UserName, TU.UserEmail, `action`, `date`, `comments` FROM `approvallog` TA
+INNER JOIN `version` TV ON TA.vID=TV.vID
+INNER JOIN `userprofiles` TU ON TA.UserID=TU.UserID
+WHERE TA.ID={$item} AND `action`!='Approval?' GROUP BY `date` ORDER BY `date` DESC";
+
+$sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+ $num_results = mysql_num_rows($sql_result);
+ if($num_results > 0) { 
+  while ($row = mysql_fetch_array($sql_result)) {
+    $i++;
+
+    $class = ($i % 2) ? 'rowa' : 'rowb';
+?>
+<tr class="<?=$class?>">
+    <td><?=$i?></td>
+    <td><?=$row["Version"]?></td>
+    <td><?=$row["date"]?></td>
+<?
+    if($_SESSION["level"] == "admin" || $_SESSION["level"] == "editor") {
+        echo "<td><a href=\"mailto:".$row["UserEmail"]."\">".$row["UserName"]."</a></td>";
+    } else {
+        echo "<td>".$row["UserName"]."</td>";
+    }
+?>
+    <td><?=(($row["action"] == "Approval+") ? "Approved" : "Denied")?></td>
+    <td><?=$row["comments"]?></td>
+</tr>
+<?
+  }
+ } 
+ else {
+?>
+<tr><td colspan="6" align="center">No review entries could be found.</td></tr>
+<?
+ }
+?>
+</table>
+
+
+<!-- close #mBody-->
+</div>
+
+<?php
+require_once(FOOTER);
+?>

mozilla/webtools/update/developers/itemoverview.php

@@ -0,0 +1,219 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//   Mike Morgan <morgamic@gmail.com>
+//   Justin Scott <fligtar@gmail.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+require_once('../core/init.php');
+require_once('./core/sessionconfig.php');
+$page_title = 'Mozilla Update :: Developer Control Panel :: Item Overview';
+require_once(HEADER);
+require_once('./inc_sidebar.php');
+
+//Kill access to items this user doesn't own...
+if ($_SESSION["level"] !=="admin") {
+
+    $id = escape_string($_GET["id"]);
+    if (!$id) {$id = escape_string($_POST["id"]); }
+    $sql = "SELECT `UserID` from `authorxref` TAX WHERE `ID` = '$id' AND `UserID` = '$_SESSION[uid]' LIMIT 1";
+    $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+    if (mysql_num_rows($sql_result)=="0") {
+    echo"<h1>Access Denied</h1>\n";
+    echo"You do not have access to this item.";
+    require_once(FOOTER);
+    exit;
+    }
+}
+?>
+<?php
+$id = escape_string($_GET["id"]);
+$sql = "SELECT  TM.ID, TM.Type, TM.GUID, TM.Name, TM.Homepage, TM.Description, TM.downloadcount, TM.TotalDownloads, TM.Rating, TU.UserEmail FROM  `main`  TM 
+LEFT JOIN authorxref TAX ON TM.ID = TAX.ID
+INNER JOIN userprofiles TU ON TAX.UserID = TU.UserID
+WHERE TM.ID = '$id' LIMIT 1";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+  $numresults = mysql_num_rows($sql_result);
+  $row = mysql_fetch_array($sql_result);
+$v++;
+    $id = $row["ID"];
+    $type = $row["Type"];
+    $guid = $row["GUID"];
+    $name = $row["Name"];
+    $dateadded = $row["DateAdded"];
+    $dateupdated = $row["DateUpdated"];
+    $homepage = $row["Homepage"];
+    $description = nl2br($row["Description"]);
+    $downloadcount = $row["downloadcount"];
+    $totaldownloads = $row["TotalDownloads"];
+    $rating = $row["Rating"];
+
+$categories="";
+$sql = "SELECT  TC.CatName FROM  `categoryxref`  TCX 
+INNER JOIN categories TC ON TCX.CategoryID = TC.CategoryID
+WHERE TCX.ID = '$id' GROUP BY TC.CatName";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+  while ($row = mysql_fetch_array($sql_result)) {
+    if($categories == "")
+   $categories = $row["CatName"];
+    else
+   $categories .= ", ".$row["CatName"];
+  }
+?>
+<div id="mainContent" class="right">
+<h2>Item Overview :: <?php echo"$name"; ?></h2>
+<?php
+echo"<a href=\"listmanager.php?function=editmain&id=$id\">Edit $name</a><br>\n";
+echo"$description<br>\n";
+if ($guid) {echo"GUID: $guid<br>\n"; }
+if ($homepage) {echo"Homepage: <a href=\"$homepage\">$homepage</a><br>\n";}
+echo"Categories: $categories<br>\n";
+
+?>
+
+<h2>Add New Version of <?php echo"$name"; ?></h2>
+<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=2 ALIGN=CENTER STYLE="border: solid 0px #000000; width: 100%">
+<FORM NAME="additem" METHOD="POST" ACTION="additem.php?function=additem2" enctype="multipart/form-data">
+<INPUT NAME="type" TYPE="hidden" VALUE="<?php echo"$type"; ?>">
+<TR><TD style="padding-left: 20px">
+Your <?php echo"$typename"?> File:<BR>
+<INPUT NAME="file" SIZE=40 TYPE="FILE"><BR>
+<BR>
+<INPUT NAME="button" TYPE="BUTTON" VALUE="Cancel" onclick="javascript:history.back()"> <INPUT NAME="submit" TYPE="SUBMIT" VALUE="Next &#187;"> 
+</TD></TR>
+</FORM>
+</TABLE>
+
+<h2>Listed Versions</h2>
+<a href="itemhistory.php?id=<?=$id?>">View Item History</a>
+<?php
+$approved_array = array("?"=>"Pending Approval", "YES"=>"Approved", "NO"=>"Denied", "DISABLED"=>"Disabled");
+$sql = "SELECT vID, TV.Version, URI, OSName, approved FROM `version` TV
+INNER JOIN os TOS ON TOS.OSID = TV.OSID
+WHERE `ID`='$id' GROUP BY `OSName`, `Version` ORDER BY `Version` DESC";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+  while($row = mysql_fetch_array($sql_result)) {
+    $vid = $row["vID"];
+    $version = $row["Version"];
+    $uri = $row["URI"];
+    $filename = basename($row["URI"]);
+    $os = $row["OSName"];
+    $approved = $row["approved"];
+    $approved = $approved_array["$approved"];
+
+    echo "<h4><a href=\"listmanager.php?function=editversion&id=$id&vid=$vid\">Version $version</a> - $approved";
+    // Denied add-ons have their URI removed, so we shouldn't show it.
+    if($approved != 'Denied') {
+        echo " (<small>$filename</small>)";
+    }
+    echo "</h4>\n";
+
+    if ($os != "ALL") { echo " - for $os"; }
+ }
+?>
+
+
+	</div>
+    <div id="side" class="right">
+    <h2>Statistics</h2>
+        <img src="/images/download.png" border=0 height=32 width=32 alt="" class="iconbar">Downloads this Week: <?php echo"$downloadcount"; ?><br>
+        Total Downloads: <?php echo"$totaldownloads"; ?><BR>
+    <BR>
+        <img src="/images/ratings.png" border=0 height=34 width=34 alt="" class="iconbar">Rated: <?php echo"$rating"; ?> of 5<BR>&nbsp;<br>
+    <BR>
+<?php
+
+$sql = "SELECT CommentID FROM  `feedback` WHERE ID = '$id'";
+$sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+    $num_comments = mysql_num_rows($sql_result);
+?>
+        <img src="/images/edit.png" border=0 height=34 width=34 alt="" class="iconbar"><a href="commentsmanager.php?id=<?php echo"$id"; ?>">Comments: <?php echo"$num_comments"; ?></a><BR>&nbsp;<br>
+
+    <h2>Developer Comments</h2>
+<?php
+if ($_POST["submit"]=="Post Comments") {
+  $id = escape_string($_POST["id"]);
+  $comments = escape_string($_POST["comments"]);
+  if (checkFormKey()) {
+    $sql = "UPDATE `main` SET `devcomments`='$comments' WHERE `id`='$id'";
+    $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+    if ($sql_result) { echo"Developer Comments Updated...<br>\n"; }
+  }
+}
+
+$sql = "SELECT `devcomments` FROM `main` WHERE `id`='$id' LIMIT 1";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+  $row = mysql_fetch_array($sql_result);
+   $devcomments = $row["devcomments"];
+ 
+?>
+<form name="devcomments" method="post" action="itemoverview.php?id=<?php echo"$id"; ?>">
+<?writeFormKey();?>
+<input name="id" type="hidden" value="<?php echo"$id"; ?>">
+<textarea name="comments" rows=10 cols=26><?php echo"$devcomments"; ?></textarea><br>
+<input name="submit" type="submit" value="Post Comments">&nbsp;<input name="reset" type="reset" value="Reset">
+</form>
+
+    <h2><a href="previews.php?id=<?php echo"$id"; ?>">Previews</a></h2>
+<?php
+$sql = "SELECT * FROM `previews` TP WHERE `ID`='$id' AND `preview`='YES' ORDER BY `PreviewID` LIMIT 1";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+  while ($row = mysql_fetch_array($sql_result)) {
+    $i++;
+    $previewid = $row["PreviewID"];
+    $uri = $row["PreviewURI"];
+    $filename = basename($row["PreviewURI"]);
+    $filename_array[$i] = $filename;
+    $caption = $row["caption"];
+    $preview = $row["preview"];
+    list($src_width, $src_height, $type, $attr) = getimagesize(FILE_PATH.'/'.$uri);
+
+    echo"<a href=\"previews.php?id=$id\"><img src=\"$uri\" border=0 $attr alt=\"$caption\"></a><br>$caption\n";
+   }
+   if (mysql_num_rows($sql_result)=="0") {echo"<a href=\"previews.php?id=$id\">Add a Preview</a>...<br>\n"; }
+?>
+
+
+
+    </div>
+
+
+<!-- close #mBody-->
+</div>
+
+<?php
+require_once(FOOTER);
+?>

mozilla/webtools/update/developers/listmanager.php

@@ -0,0 +1,678 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//   Mike Morgan <morgamic@gmail.com>
+//   Justin Scott <fligtar@gmail.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+require"../core/init.php";
+require"./core/sessionconfig.php";
+$function = $_GET['function'];
+$page_title = 'Mozilla Update :: Developer Control Panel :: List Manager';
+require_once(HEADER);
+require_once('./inc_sidebar.php');
+
+//this screen is only for admins
+if ($_SESSION["level"] !=="admin") {
+
+  $id = escape_string($_GET["id"]);                                           
+  if (!$id) {
+    $id = escape_string($_POST["id"]); 
+  }                             
+  $sql = "SELECT `UserID` from `authorxref` TAX WHERE `ID` = '$id' AND `UserID` = '$_SESSION[uid]' LIMIT 1";
+  $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+  if (mysql_num_rows($sql_result)=="0") {              
+    echo"<h1>Access Denied</h1>\n";
+    echo"You do not have access to this item.";
+    include(FOOTER);
+    exit;
+  }
+  if(!$function) {
+    $function = "editmain";
+  }
+}
+?>
+
+<?php
+if (!$function) {
+$typearray = array("E"=>"Extensions","T"=>"Themes");
+if (!$_GET["type"]) {$_GET["type"]="E";}
+?>
+
+<h1>Manage <?php $typename = $typearray[$_GET[type]]; echo"$typename"; ?>:</h1>
+<SPAN style="font-size: 10pt"><a href="additem.php?function=additem&type=<?php echo"$_GET[type]"; ?>" style="font-weight: bold;">Add New Item</a> | Show: <?php
+
+$count = count($typearray);
+$i = 0;
+foreach ($typearray as $type =>$typename) {
+$i++;
+echo"<a href=\"?type=$type\">$typename</a>";
+if ($i !== $count) {echo" / "; }
+
+}
+unset($i);
+?></SPAN>
+
+<TABLE BORDER=0 CELLPADDING=1 CELLSPACING=0 ALIGN=CENTER STYLE="border: solid 0px #000000; width: 95%" class="listing">
+<TR>
+<TH><!-- Counter --></TH>
+<TH>Name</TH>
+<TH>Description</TH>
+<TH>Last Updated</TH>
+</TR>
+
+<?php
+$type = escape_string($_GET["type"]);
+$sql = "SELECT  TM.ID, TM.Name, TM.Description, TM.DateUpdated FROM  `main`  TM ";
+if ($_SESSION[level]=="user") { $sql .= "LEFT JOIN authorxref TAX ON TM.ID = TAX.ID
+INNER JOIN userprofiles TU ON TAX.UserID = TU.UserID "; }
+$sql .= "WHERE TM.Type = '$type'";
+if ($_SESSION[level]=="user") {$sql .=" AND TU.UserEmail = '$_SESSION[email]'"; }
+$sql .=" ORDER  BY  `Type` , `Name`  ASC ";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+   $numresults = mysql_num_rows($sql_result);
+   while ($row = mysql_fetch_array($sql_result)) {
+    $id = $row["ID"];
+    $name = $row["Name"];
+    $description = substr($row["Description"],0,75);
+    $dateupdated = gmdate("F d, Y", strtotime($row["DateUpdated"]));
+    $i++;
+    echo"<tr>\n";
+    echo"<td align=\"center\" width=\"20\">$i</td>\n";
+    echo"<td><a href=\"itemoverview.php?id=$id\">$name</a></td>\n";
+    echo"<td>$description</td>\n";
+    echo"<td nowrap>$dateupdated</td>\n";
+    echo"</tr>\n";
+}
+?>
+</table>
+<div style="width: 580px; border: 1px dotted #AAA; margin-top: 2px; margin-left: 50px; padding: 5px; font-size: 10pt; font-weight: bold">
+<form name="addapplication" method="post" ACTION="?function=additem2" enctype="multipart/form-data">
+<?writeFormKey();?>
+<a href="additem.php?function=additem">New <?php $typename = $typearray[$_GET[type]]; echo"$typename"; ?></A>
+  Input File: <input name="file" size=30 type="file">
+<input name="type" type="hidden" value="<?php echo"$_GET[type]"; ?>">
+<input name="submit" type="submit" value="Next &#187;"></SPAN>
+</form>
+</div>
+<?php
+} else if ($function=="editmain") {
+
+//Process Submitted Values if this is a return with $_POST data for the parent objects...
+if ($_POST["submit"]=="Update") {
+unset($sql_result);
+ echo"<DIV style=\"width: 95%; text-align:left; margin: 0px; margin-bottom: 10px\">";
+ echo"<h2>Updating $name, please wait...</h2>";
+if ($_POST["name"] && $_POST["authors"] && $_POST["categories"] && $_POST["description"]) {
+//Everything We *must* have is present... Begin....
+
+//Phase One, update main values...
+if (checkFormKey()) {
+  $sql = "UPDATE `main` SET `Name`= '".escape_string($_POST[name])."', `Homepage`='".escape_string($_POST[homepage])."', `Description`='".escape_string($_POST[description])."' WHERE `ID`='".escape_string($_POST[id])."' LIMIT 1";
+   //echo"$sql<br>\n"; //Debug
+   $sql_result = mysql_query($sql, $connection) or trigger_error("<FONT COLOR=\"#FF0000\"><B>MySQL Error ".mysql_errno().": ".mysql_error()."</B></FONT>", E_USER_NOTICE);
+if ($sql_result) {
+   echo"Your update to $_POST[name] has been submitted successfully...<br>\n";
+}
+}
+echo"<SPAN style=\"font-size 10pt;\">";
+
+//Phase Two, Author List -- Autocomplete and Verify
+  $authors = escape_string($_POST["authors"]);
+  $authors = explode(", ","$authors");
+foreach ($authors as $author) {
+if (strlen($author)<2) {continue;} //Kills all values that're too short.. 
+$a++;
+ $sql = "SELECT `UserID`,`UserEmail` FROM `userprofiles` WHERE `UserEmail` LIKE '$author%' ORDER BY `UserMode`, `UserName` ASC";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+ $numresults = mysql_num_rows($sql_result);
+   while ($row = mysql_fetch_array($sql_result)) {
+    $userid = $row["UserID"];
+    $useremail = $row["UserEmail"];
+  if ($numresults>1) {
+   //Too many e-mails match, store individual data for error block.
+    $r++;
+     $emailerrors[$a]["foundemails"][$r] = $useremail;
+  }
+ $authorids[] = $userid;
+ }
+ if ($numresults !="1") {
+  //No Valid Entry Found for this E-Mail or too many, kill and store data for error block.
+  $emailerrors[$a]["author"] = "$author";
+  $updateauthors = "false"; // Just takes one of these to kill the author update.
+  }
+}
+unset($a,$r);
+
+//Commit Updates to AuthorXref tables.. with the ID and UserID.
+if ($updateauthors != "false") {
+ //Remove Current Authors
+ if (checkFormKey()) {
+  $id = escape_string($_POST["id"]);
+  $sql = "DELETE FROM `authorxref` WHERE `ID` = '$id'";
+  $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+ }
+
+ //Add New Authors based on $authorids
+ sort($authorids);
+  foreach ($authorids as $authorid) {
+    if (checkFormKey()) {
+      $id = escape_string($_POST["id"]);
+      $sql = "INSERT INTO `authorxref` (`ID`, `UserID`) VALUES ('$id', '$authorid');";
+      $result = mysql_query($sql) or trigger_error("<FONT COLOR=\"#FF0000\"><B>MySQL Error ".mysql_errno().": ".mysql_error()."</B></FONT>", E_USER_NOTICE);
+    }
+  }
+   echo"Authors for $_POST[name]'s updated...<br>\n";
+} else {
+   echo"ERROR: Could not update Authors list, please fix the errors printed below and try again...<br>\n"; 
+}
+
+unset($authors); //Clear from Post.. 
+
+//Phase Three, Category List, update linkages.
+//print_r($_POST["categories"]);
+ //Delete Current Category Linkages...
+  if (checkFormKey()) {
+   $id = escape_string($_POST["id"]);
+   $sql = "DELETE FROM `categoryxref` WHERE `ID` = '$id'";
+   //echo"$sql<br>\n"; //Debug
+   $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+  
+ //Add New Categories from $_POST["categories"]
+  $sql = "SELECT `Type` from `main` WHERE `ID` = '$id' LIMIT 1";
+  $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+    $row = mysql_fetch_array($sql_result);
+    $type = $row["Type"];
+
+  foreach ($_POST["categories"] as $categoryname) {
+    $sql2 = "SELECT `CategoryID` FROM `categories` WHERE `CatType` = '$type' AND `CatName` = '$categoryname' ORDER BY `CategoryID` ASC";
+    $sql_result2 = mysql_query($sql2, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+    while ($row2 = mysql_fetch_array($sql_result2)) {
+        $categoryid = $row2["CategoryID"];
+
+        $sql = "INSERT INTO `categoryxref` (`ID`, `CategoryID`) VALUES ('$id', '$categoryid');";
+        $result = mysql_query($sql) or trigger_error("<FONT COLOR=\"#FF0000\"><B>MySQL Error ".mysql_errno().": ".mysql_error()."</B></FONT>", E_USER_NOTICE);
+   
+    }
+
+  }
+   echo"Categories for $_POST[name]'s updated...<br>\n";
+  }
+//End _POST if.
+
+} else {
+//Something Isnt Present.. Throw the main error and details...
+
+echo"You're missing one or more required fields, please return to the previous page and correct the errors and try again...<br>\n";
+if (!$_POST["name"]) {echo"Name is required<br>\n";}
+if (!$_POST["authors"]) {echo"Authors is required<br>\n";}
+if (!$_POST["categories"]) {echo"Categories is required<br>\n";}
+if (!$_POST["description"]) {echo"Description is required<br>\n";}
+}   
+
+echo"</SPAN></DIV>";
+
+
+
+} else if ($_POST["submit"]=="Delete") {
+    //Temporary fix for bug 366854 - only admins can delete add-ons
+    if ($_SESSION['level'] != 'admin') {
+
+        echo '<h1>Error</h1>';
+        echo '<p>Add-on deletion is temporarily disabled.</p>';
+        echo '<p>If you would like for your add-on to be removed from this site, please go to the <a href="itemoverview.php?id='.$_POST['id'].'">Item Overview</a> page and delete each version individually and it will no longer appear to users. We are sorry for this inconvenience.</p>';
+
+        require_once(FOOTER);
+        exit;
+    }
+
+$name = escape_string($_POST["name"]);
+$id = escape_string($_POST["id"]);
+
+echo"<h1>Deleting $name, please wait...</h1>\n";
+  $sql = "SELECT `Version`, `URI` FROM `version` WHERE `ID`='$id' GROUP BY `URI` ORDER BY `Version` ASC";
+  $sql_result = mysql_query($sql, $connection) or trigger_error("<FONT COLOR=\"#FF0000\"><B>MySQL Error ".mysql_errno().": ".mysql_error()."</B></FONT>", E_USER_NOTICE);
+    while ($row = mysql_fetch_array($sql_result)) {
+     $version = $row["Version"];
+     $uri = $row["URI"];
+
+    //Delete File(s) from server
+      if (strpos("$uri","approvalfile.php/")) {
+        $file = str_replace('http://'.HOST_NAME.'/developers/approvalfile.php/',REPO_PATH.'/approval/',$uri);
+      } else if (strpos("$uri","ftp.mozilla.org")) {
+        $ftppath = $uri;
+        $file = str_replace("http://ftp.mozilla.org/pub/mozilla.org/",REPO_PATH.'/ftp/',$uri);
+      }
+
+      if (file_exists($file)) {
+        $unlink = unlink($file);
+      } else {
+        $file_exists = "false";
+      }
+
+      if ($file_exists == "false" or !$unlink) {
+        echo"<strong>Error!</strong> Encountered a problem when trying to delete associated files, files were not deleted successfully<br>\n";
+      } else {
+        echo"Deleted $name $version (".basename($uri).") successfully...<br>\n";
+      }
+
+    }
+    if ($ftppath) {
+    $basename = basename($ftppath);
+    $ftppath = str_replace("/$basename","",$ftppath);
+    $ftppath = str_replace("http://ftp.mozilla.org/pub/mozilla.org",REPO_PATH."/ftp",$ftppath);
+    if (@rmdir($ftppath)) {
+    echo"Removed Directory for $name...<br>\n";
+    } else {
+    echo"<strong>Warning!</strong> Unable to remove directory for $name. Directory may not be empty.<br>\n";
+    }
+    }
+
+  if (checkFormKey()) {
+   $sql = "DELETE FROM `main` WHERE `ID`='$id'";
+   $sql_result = mysql_query($sql, $connection) or trigger_error("<FONT COLOR=\"#FF0000\"><B>MySQL Error ".mysql_errno().": ".mysql_error()."</B></FONT>", E_USER_NOTICE);
+    if ($sql_result) {
+    echo"$name has been deleted...<br>\n";
+    echo"<a href=\"./\">&#171;&#171; Back to Main Page...</a><br>\n";
+    require_once(FOOTER);
+    exit;
+    }
+   }
+}
+
+
+//----------------------
+// END
+//----------------------
+
+
+
+//Get Parent Item Information
+$id = escape_string($_GET["id"]);
+if (!$id) {$id = escape_string($_POST["id"]); }
+$sql = "SELECT  TM.ID, TM.Type, TM.GUID, TM.Name, TM.Description, TM.DateAdded, TM.DateUpdated, TM.Homepage, TU.UserEmail FROM  `main`  TM 
+LEFT JOIN authorxref TAX ON TM.ID = TAX.ID
+INNER JOIN userprofiles TU ON TAX.UserID = TU.UserID
+WHERE TM.ID = '$id'
+ORDER  BY  `Type` , `Name`  ASC ";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+  while ($row = mysql_fetch_array($sql_result)) {
+    $v++;
+    $id = $row["ID"];
+    $type = $row["Type"];
+    $guid = $row["GUID"];
+    $name = $row["Name"];
+    $dateadded = date("l, F, j  Y g:i:s",strtotime($row["DateAdded"]));
+    $dateupdated = date("l, F, j  Y g:i:s",strtotime($row["DateUpdated"]));
+    $homepage = $row["Homepage"];
+    $description = $row["Description"];
+    $downloadcount = $row["DownloadCount"];
+    $authors[$v] = $row["UserEmail"];
+ }
+ unset($v);
+    if (!$guid) { $guid = "None"; }
+
+//Make Authors E-Mail Array into a Nice String
+$num_authors = count($authors);
+foreach($authors as $author) {
+$v++;
+$authorstring .= "$author";
+if ($v != $num_authors) { $authorstring .=", "; }
+}
+$authors = $authorstring;
+unset($v);
+?>
+<h1><?php echo"Edit $name"; ?></h1>
+<TABLE CELLPADDING=1 CELLSPACING=1 STYLE="border: solid 0px #000000;">
+<FORM NAME="editmain" METHOD="POST" ACTION="?function=editmain&<?php echo"id=$id"; ?>">
+<?writeFormKey();?>
+<INPUT NAME="id" TYPE="HIDDEN" VALUE="<?php echo"$id"; ?>">
+<TR><TD>GUID:</TD><TD><?php echo"$guid"; ?></TD>
+
+<?php
+//Get Currently Set Categories for this Object...
+ $sql = "SELECT  TCX.CategoryID, TC.CatName FROM  `categoryxref`  TCX 
+INNER JOIN categories TC ON TCX.CategoryID = TC.CategoryID
+WHERE TCX.ID = '$id'
+ORDER  BY  `CatName`  ASC ";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+  while ($row = mysql_fetch_array($sql_result)) {
+   $n++;
+   $catid = $row["CategoryID"];
+   $categories[$n] = $catid;
+  }
+unset($n);
+if (!$categories) {$categories = array(); }
+
+//Get the Category Table Data for the Select Box
+ $sql = "SELECT  `CategoryID`, `CatName` FROM  `categories` WHERE `CatType` = '$type' GROUP BY `CatName` ORDER  BY  `CatName` ASC";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+?>
+<TD ROWSPAN=8 VALIGN=TOP><SPAN class="global">Categories:</SPAN><BR>&nbsp;&nbsp;&nbsp;&nbsp;<SELECT NAME="categories[]" MULTIPLE="YES" SIZE="10">
+<?php
+  while ($row = mysql_fetch_array($sql_result)) {
+    $catid = $row["CategoryID"];
+    $catname = $row["CatName"];
+
+    echo"<OPTION value=\"$catname\"";
+    foreach ($categories as $validcat) {
+    if ($validcat==$catid) { echo" selected=\"selected\" "; }
+    }
+    echo">$catname</OPTION>\n";
+  }
+?>
+</SELECT></TD></TR>
+
+<tr><td>Date Added:</td><td><?php echo"$dateadded"; ?></td></tr>
+<tr><td>Last Updated:</td><td><?php echo"$dateupdated"; ?></td></tr>
+<TR><TD><SPAN class="global">Name*</SPAN></TD> <TD><INPUT NAME="name" TYPE="TEXT" VALUE="<?php echo"$name"; ?>" SIZE=50 MAXLENGTH=100></TD></TR>
+
+<?php
+//Author Error Handling/Display Block for Form Post...
+if ($emailerrors) {
+echo"<TR><TD COLSPAN=2 STYLE=\"\">\n";
+echo"<DIV style=\"margin-left 2px; border: 1px dotted #CCC; width: 550px; font-weight: bold\">";
+echo"<FONT STYLE=\"color: #FF0000; font-weight: bolder\">Errors Found in Authors</FONT><BR>\n";
+echo"<FONT STYLE=\"font-size: 10pt\">\n";
+foreach ($emailerrors as $authorerror) {
+$author = $authorerror["author"];
+$count = count($authorerror["foundemails"]);
+
+if ($count=="0") {
+//Error for No Entry Found
+echo"Entry '$author': No Matches Found, Please check your entry and try again.<BR>\n";
+} else {
+//Error for Too Many Entries Found
+echo"Entry '$author': Too Many Matches, Please make your entry more specific.<BR>\n";
+}
+if ($count>0 AND $count<6) {
+echo"&nbsp;&nbsp;&nbsp;&nbsp;Possible Addresses found: ";
+foreach ($authorerror["foundemails"] as $foundemails) {
+$a++;
+echo"$foundemails";
+
+if ($a != $count) {echo", "; } else {echo"<br>\n";}
+}
+}
+
+}
+echo"</font></DIV></TD></TR>\n";
+$authors = $_POST["authors"];
+}
+?>
+<TR><TD><SPAN class="global">Author(s):*</SPAN></TD><TD><INPUT NAME="authors" TYPE="TEXT" VALUE="<?php echo"$authors"; ?>" SIZE=50></TD></TR>
+<TR><TD><SPAN class="global">Homepage</SPAN></TD> <TD><INPUT NAME="homepage" TYPE="TEXT" VALUE="<?php echo"$homepage"; ?>" SIZE=50 MAXLENGTH=200></TD></TR>
+<TR><TD><SPAN class="global">Description*</SPAN></TD> <TD><TEXTAREA NAME="description" ROWS=4 COLS=45><?php echo"$description"; ?></TEXTAREA></TD></TR>
+<TR><TD COLSPAN="2" ALIGN="CENTER"><INPUT NAME="submit" TYPE="SUBMIT" VALUE="Update">&nbsp;&nbsp;<INPUT NAME="reset" TYPE="RESET" VALUE="Reset Form">&nbsp;&nbsp;<INPUT NAME="submit" TYPE="SUBMIT" VALUE="Delete" ONCLICK="return confirm('Warning! Are you sure you want to delete <?php echo"$name"; ?>? This action is not reversable and will remove all files and listed versions.');">
+<?
+if ($_SESSION['level'] == 'admin') {
+    echo '&nbsp;&nbsp;<input type="button" value="Disable" onClick="window.location=\'disable.php?id='.$id.'\';">';
+}
+?>
+</TD></TR>
+</FORM>
+</TABLE>
+&nbsp;&nbsp;&nbsp;<a href="itemoverview.php?id=<?php echo"$id"; ?>">&#171;&#171; Back to Item Overview</a>
+
+<?php
+} else if ($function=="editversion") {
+
+//Process Submitted Values if this is a return with $_POST data for the parent objects...
+if ($_POST["submit"]=="Update") {
+
+unset($sql_result);
+ echo"<DIV style=\"width: 100%; margin: auto; margin-bottom: 10px\">";
+ echo"<h2>Updating Version, please wait...</h2>\n";
+//print_r($_POST);
+//echo"<br><Br>\n";
+
+echo"<SPAN style=\"font-size 10pt;\">";
+//Phase One-Part 1 -- Version (per-file record update)
+$notes = escape_string($_POST["notes"]);
+$reviewnotes = escape_string($_POST["reviewnotes"]);
+$id = escape_string($_POST["id"]);
+$uri = escape_string($_POST["uri"]);
+$osid = escape_string($_POST["osid"]);
+ if (checkFormKey()) {
+  $sql = "UPDATE `version` SET `OSID`='$osid', `Notes`='$notes', `ReviewNotes`='$reviewnotes' WHERE `ID`='$id' AND `URI`='$uri'";
+  $sql_result = mysql_query($sql, $connection) or trigger_error("<FONT COLOR=\"#FF0000\"><B>MySQL Error ".mysql_errno().": ".mysql_error()."</B></FONT>", E_USER_NOTICE);
+   echo"Version Notes and OS for $_POST[name] $_POST[version] updated...<br>\n";
+ }
+//Phase Two -- Update Min/Max Versions
+
+//Construct Internal App_Version Arrays
+$i=0;
+$sql = "SELECT `Version` FROM `applications` ORDER BY `AppName`, `Version` DESC";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+  while ($row = mysql_fetch_array($sql_result)) {
+  $i++;
+
+    $app_internal_array[$row['Version']] = $row['Version'];
+  }
+
+//print_r($app_internal_array);
+
+for ($i = 1; $i <= $_POST[maxval]; $i++) {
+unset($minappver_int,$maxappver_int);
+$minappver = escape_string($_POST["minappver_$i"]);
+$maxappver = escape_string($_POST["maxappver_$i"]);
+$vid = escape_string($_POST["appvid_$i"]);
+
+if ($minappver && $maxappver) {
+ if (checkFormKey()) {
+  $sql = "UPDATE `version` SET `MinAppVer`='$minappver', `MaxAppVer`='$maxappver' WHERE `vID`='$vid'";
+  //echo"$sql<br>\n";
+  $sql_result = mysql_query($sql, $connection) or trigger_error("<FONT COLOR=\"#FF0000\"><B>MySQL Error ".mysql_errno().": ".mysql_error()."</B></FONT>", E_USER_NOTICE);
+    echo"Updated Target Application Values for Application $i...<br>\n";
+ }
+} else {
+if (!$minappver) { echo"<SPAN class=\"error\">Error: Minimum Version is not specified or invalid</SPAN><BR>\n"; }
+if (!$maxappver) { echo"<SPAN class=\"error\">Error: Maximum Version is not specified or invalid</SPAN><BR>\n"; }
+}
+}
+
+echo"</SPAN></DIV>";
+
+
+
+} else if ($_POST["submit"]=="Delete") {
+$id = escape_string($_POST["id"]);
+$uri = escape_string($_POST["uri"]);
+$version = escape_string($_POST["version"]);
+echo"<h1>Deleting Version... Please wait...</h1>\n";
+$sql = "SELECT `Name` FROM `main` WHERE `ID` = '$id'";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+  $row = mysql_fetch_array($sql_result);
+    $name = $row["Name"];
+
+  $sql_result = false;
+  if (checkFormKey()) {
+   $sql = "DELETE FROM `version` WHERE `ID`='$id' AND `URI`='$uri'";
+   $sql_result = mysql_query($sql, $connection) or trigger_error("<FONT COLOR=\"#FF0000\"><B>MySQL Error ".mysql_errno().": ".mysql_error()."</B></FONT>", E_USER_NOTICE);
+  }
+    if ($sql_result) {
+    //Delete File from server
+    if (strpos("$uri","approvalfile.php/")) {
+    $file = str_replace('http://'.HOST_NAME.'/developers/approvalfile.php/',REPO_PATH.'/approval/',$uri);
+    } else if (strpos("$uri","ftp.mozilla.org")) {
+    $file = str_replace('http://ftp.mozilla.org/pub/mozilla.org/',REPO_PATH.'/ftp/',$uri);
+    }
+
+    if (file_exists($file)) {
+    $unlink = unlink($file);
+    } else {
+    $file_exists = "false";
+    }
+
+    if ($file_exists == "false" or !$unlink) {
+    echo"<strong>Error!</strong> Encountered a problem when trying to delete associated files, files were not deleted successfully<br>\n";
+    }
+    
+    echo"<DIV>$name $version has been deleted...<br>
+    <a href=\"itemoverview.php?id=$id\">&#171;&#171; Back to the $name overview page...</a></DIV>";
+    require_once(FOOTER);
+    echo"</BODY></HTML>";
+    exit;
+    }
+}
+
+
+//----------------------
+// END
+//----------------------
+
+//Get Parent Item Information
+$id = escape_string($_GET["id"]);
+if (!$id) {$id = escape_string($_POST["id"]); }
+$sql = "SELECT  TM.ID, TM.Name FROM  `main` TM WHERE TM.ID = '$id' LIMIT 1";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+  $row = mysql_fetch_array($sql_result);
+    $id = $row["ID"];
+    $name = $row["Name"];
+ 
+
+//-----------------------
+//  Version Table
+//-----------------------
+$vid = escape_string($_GET["vid"]);
+if (!$vid) {$vid = escape_string($_POST["vid"]); }
+//Get Data for Form Population
+//INNER JOIN main TM ON TV.ID = TM.ID 
+ $sql = "SELECT `Version`, TV.OSID, `OSName`, `URI`, `Notes`, `ReviewNotes`, `Size`,`DateAdded`, `DateUpdated` FROM `version` TV INNER JOIN `os` TOS ON TOS.OSID=TV.OSID WHERE `vID` = '$vid' ORDER BY `Version` ASC LIMIT 1";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+  $row = mysql_fetch_array($sql_result);
+    $v++;
+    $version=$row["Version"];
+    $osid=$row["OSID"];
+    $osname=$row["OSName"];
+    $minappver=$row["MinAppVer"];
+    $maxappver=$row["MaxAppVer"];
+    $uri=$row["URI"];
+    $filename=basename($row["URI"]);
+    $notes=$row["Notes"];
+    $reviewnotes=$row["ReviewNotes"];
+    $size=$row["Size"];
+
+?>
+<h1><?php echo"Edit $name Version $version"; ?></h1>
+<TABLE CELLPADDING=1 CELLSPACING=1 STYLE="border: solid 0px #000000;">
+<FORM NAME="editversion" METHOD="POST" ACTION="?function=editversion&<?php echo"id=$id&vid=$vid"; ?>">
+<?writeFormKey();?>
+<?php
+    echo"<INPUT NAME=\"id\" TYPE=\"HIDDEN\" VALUE=\"$id\">\n";
+    echo"<INPUT NAME=\"uri\" TYPE=\"HIDDEN\" VALUE=\"$uri\">\n";
+    echo"<INPUT NAME=\"version\" TYPE=\"HIDDEN\" VALUE=\"$version\">\n";
+    echo"<TR><TD colspan=2>$filename ($size"."kb)</TD></TR>\n";
+
+
+
+//Construct App_Versions Arrays
+$i=0;
+$sql = "SELECT `AppName`, `Version` FROM `applications` ORDER BY `AppName`, `Version` DESC";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+  while ($row = mysql_fetch_array($sql_result)) {
+  $i++;
+    $AppName = strtolower($row['AppName']);
+    $builtAppVersion = $row['Version'];
+    $app_ver_array[$AppName][] = $builtAppVersion;
+    $app_display_array[$AppName][$builtAppVersion] = $row['Version'];
+  }
+
+  
+$i=0;
+echo"<TR><TD COLSPAN=2><SPAN class=\"file\">Target Application(s):</SPAN></TD></TR>\n";
+ $sql = "SELECT vID, TV.AppID,`AppName`,`MinAppVer`,`MaxAppVer` FROM  `version` TV INNER JOIN `applications` TA ON TA.AppID=TV.AppID WHERE `ID` = '$id' && TV.URI = '".escape_string($uri)."' ORDER BY `AppName` ASC";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+  while ($row = mysql_fetch_array($sql_result)) {
+    $i++;
+    $appname = $row["AppName"];
+    $appid=$row["AppID"];
+    $minappver=$row["MinAppVer"];
+    $maxappver=$row["MaxAppVer"];
+
+    echo"<TR><TD></TD><TD>$appname ";
+    echo"<INPUT NAME=\"appvid_$i\" TYPE=\"hidden\" VALUE=\"$row[vID]\">";
+    echo"<SELECT name=\"minappver_$i\" TITLE=\"Minimum Version* (Required)\">\n";
+foreach ($app_ver_array[strtolower($appname)] as $app_version) {
+    $display_version = $app_display_array[strtolower($appname)][$app_version];
+    echo"<OPTION value=\"$app_version\""; if ($app_version==$minappver) {echo" selected=\"selected\" ";} echo">$display_version</OPTION>\n";
+}
+    echo"</SELECT>\n";
+    echo"&nbsp;-&nbsp;";
+
+    echo"<SELECT name=\"maxappver_$i\" TITLE=\"Maximum Version* (Required)\">\n";
+foreach ($app_ver_array[strtolower($appname)] as $app_version) {
+    $display_version = $app_display_array[strtolower($appname)][$app_version];
+    echo"<OPTION value=\"$app_version\""; if ($app_version==$maxappver) {echo" selected=\"selected\" ";} echo">$display_version</OPTION>\n";
+}
+    echo"</SELECT>\n";
+    echo"</TD></TR>\n";
+
+}
+    echo"<INPUT type=\"hidden\" name=\"maxval\" value=\"$i\">";
+    echo"<TR><TD><SPAN class=\"file\">OS*</SPAN></TD><TD>";
+    echo"<SELECT name=\"osid\">";
+$os = $osid;
+$sql = "SELECT * FROM `os` ORDER BY `OSName` ASC";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+  while ($row = mysql_fetch_array($sql_result)) {
+    $osname = $row["OSName"];
+    $osid = $row["OSID"];
+    echo"<OPTION value=\"$osid\""; if ($osid == $os) {echo" selected=\"selected\" "; } echo">$osname</OPTION>\n";
+  }
+    echo"</SELECT>\n";
+    echo"</TD></TR>\n";
+?>
+<TR><TD style="vertical-align: top;"><SPAN class="global">Version Notes:</SPAN></TD><TD COLSPAN=2><TEXTAREA NAME="notes" ROWS=4 COLS=55><?=$notes?></TEXTAREA></TD></TR>
+<TR><TD style="vertical-align: top;"><SPAN class="global">Notes to Reviewer:</SPAN></TD><TD COLSPAN=2><TEXTAREA NAME="reviewnotes" ROWS=3 COLS=55><?=$reviewnotes?></TEXTAREA></TD></TR>
+
+
+<TR><TD COLSPAN="3" ALIGN="CENTER"><INPUT NAME="submit" TYPE="SUBMIT" VALUE="Update">&nbsp;&nbsp;<INPUT NAME="reset" TYPE="RESET" VALUE="Reset Form">&nbsp;&nbsp;<INPUT NAME="submit" TYPE="SUBMIT" VALUE="Delete" ONCLICK="return confirm('Are you sure you want to delete <?php echo"$name $version"; ?>?');"></TD></TR>
+</FORM>
+</TABLE>
+&nbsp;&nbsp;&nbsp;<a href="itemoverview.php?id=<?php echo"$id"; ?>">&#171;&#171; Back to Item Overview</a>
+
+<?php
+} else {}
+?>
+
+
+<!-- close #mBody-->
+</div>
+
+<?php
+require_once(FOOTER);
+?>

mozilla/webtools/update/developers/login.php

@@ -0,0 +1,100 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//   Mike Morgan <morgamic@gmail.com>
+//   Justin Scott <fligtar@gmail.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+require_once('../core/init.php');
+require_once('./core/sessionconfig.php');
+
+$password = md5($_POST[password]);
+$email = escape_string($_POST["email"]);
+$sql = "SELECT DISTINCT `UserID`, `UserEmail`,`UserName`,`UserMode`,`UserTrusted` FROM `userprofiles` WHERE `UserEmail` = '$email' && `UserPass` = '$password' LIMIT 1";
+$sql_result = mysql_query($sql, $connection) or trigger_error("<FONT COLOR=\"#FF0000\"><B>MySQL Error ".mysql_errno().": ".mysql_error()."</B></FONT>", E_USER_NOTICE);
+  $num = mysql_num_rows($sql_result);
+
+if ($num == 1) {
+
+$row = mysql_fetch_array($sql_result);
+
+if ($row['UserMode'] != 'A')
+{
+   $return_path ="";
+   header('Location: https://'.HOST_NAME.WEB_PATH.'/developers/index.php');
+   exit;
+}
+
+if ($row['UserMode'] == 'D')
+{
+	$return_path ="";
+	header('Location: https://'.HOST_NAME.WEB_PATH.'/developers/index.php?login=unconfirmed');
+	exit;
+}
+$userid=$row["UserID"];
+$useremail=$row["UserEmail"];
+$username=$row["UserName"];
+$usermode=$row["UserMode"];
+$usertrusted=$row["UserTrusted"];
+
+$logoncheck="YES";
+
+//Update LastLogin Time to current.
+$sql = "UPDATE `userprofiles` SET `UserLastLogin`=NOW(NULL) WHERE `UserID`='$userid' LIMIT 1";
+  $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+
+//User Role to Session Level variable...
+$rolearray = array("A"=>"admin", "E"=>"editor","U"=>"user");
+$usermode = $rolearray[$usermode];
+
+//Register Session Variables
+$_SESSION["uid"] = "$userid";
+$_SESSION["email"] = "$useremail";
+$_SESSION["name"] = "$username";
+$_SESSION["level"] = "$usermode";
+$_SESSION["trusted"] = "$usertrusted";
+$_SESSION["logoncheck"] = "$logoncheck";
+
+header('Location: https://'.HOST_NAME.WEB_PATH.'/developers/main.php');
+exit;
+
+
+} else {
+$return_path ="";
+header('Location: https://'.HOST_NAME.WEB_PATH.'/developers/index.php?login=failed');
+exit;
+}
+?>

mozilla/webtools/update/developers/logout.php

@@ -0,0 +1,49 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//   Mike Morgan <morgamic@gmail.com>
+//   Justin Scott <fligtar@gmail.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+require_once('../core/init.php');
+require_once('./core/sessionconfig.php');
+
+session_unset();
+session_destroy();
+
+header('Location: https://'.HOST_NAME.WEB_PATH.'/developers/');
+exit;
+?>

mozilla/webtools/update/developers/mail_approval.php

@@ -0,0 +1,88 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//   Mike Morgan <morgamic@gmail.com>
+//   Justin Scott <fligtar@gmail.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+// This message is called to inform the user of action being taken on a queued item listing.
+
+//--- Send via E-Mail Message ---
+
+$from_name = "Mozilla Update";
+$from_address = "update-daemon@mozilla.org";
+
+
+//Send To Address
+//Get E-Mail Addresses of the Authors of this item.
+
+$sql = "SELECT `UserEmail` FROM `authorxref` TAX INNER JOIN `userprofiles` TU ON TAX.UserID=TU.UserID WHERE TAX.ID='$id'";
+$sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+    while ($row = mysql_fetch_array($sql_result)) {
+
+
+    $to_address = $row['UserEmail'];
+
+    $headers .= "MIME-Version: 1.0\r\n";
+    $headers .= "Content-type: text/plain; charset=iso-8859-1\r\n";
+    $headers .= "From: ".$from_name." <".$from_address.">\r\n";
+    $headers .= "X-Priority: 3\r\n";
+    $headers .= "X-MSMail-Priority: Normal\r\n";
+    $headers .= "X-Mailer: UMO Mail System 1.0";
+
+    $subject = "[$name $version] $action_email \n";
+
+    $message = "$name $version - $action_email\n";
+    $message .= "Your item, $name $version, has been reviewed by a Mozilla Update editor who took the following action:\n";
+    $message .= "$action_email\n\n";
+
+    if ($action == 'approve')
+    {
+       $message .= "Please Note: It may take up to 30 minutes for your extension to be available for download.\n\n";
+    }
+
+    $message .= "Your item was tested by " . $_SESSION['name'] ;
+    $message .= " using $testbuild on $testos.\n";
+    if ($comments != "") {
+      $message .= "Editor's Comments:\n ".stripslashes(html_entity_decode($comments))."\n";
+    }
+    $message .= "----\n";
+    $message .= 'Mozilla Update: https://'.HOST_NAME.WEB_PATH.'/'."\n";
+
+    mail($to_address, $subject, $message, $headers);
+
+}
+?>

mozilla/webtools/update/developers/mail_newaccount.php

@@ -0,0 +1,74 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//   Mike Morgan <morgamic@gmail.com>
+//   Justin Scott <fligtar@gmail.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+
+//--- Send Request via E-Mail Message ---
+
+$from_name = "Mozilla Update";
+$from_address = "update-daemon@mozilla.org";
+
+
+//Send To Address
+$to_address = "$email";
+
+$headers .= "MIME-Version: 1.0\r\n";
+$headers .= "Content-type: text/plain; charset=iso-8859-1\r\n";
+$headers .= "From: ".$from_name." <".$from_address.">\r\n";
+//$headers .= "Reply-To: ".$from_name." <".$from_address.">\r\n";
+$headers .= "X-Priority: 3\r\n";
+$headers .= "X-MSMail-Priority: Normal\r\n";
+$headers .= "X-Mailer: UMO Mail System 1.0";
+
+$subject = "Activate your new Mozilla Update account\n";
+
+	$message = "Welcome to Mozilla Update.\n";
+    $message .= "Before you can use your new account you must activate it, this ensures the e-mail address you used is valid and belongs to you.\n";
+    $message .= "To activate your account, click the link below or copy and paste the whole thing into your browsers location bar:\n";
+    $message .=
+    'https://'.HOST_NAME.WEB_PATH.'/developers/createaccount.php?function=confirmaccount&email='.urlencode($email).'&confirmationcode='.$confirmationcode."\n\n";
+    $message .= "Keep this e-mail in a safe-place for your records, below is your account details you used when registering for your account.\n\n";
+	$message .= "E-Mail: $email\n";
+    $message .= "Password: $password_plain\n\n";
+    $message .= "Thanks for joining Mozilla Update\n";
+    $message .= "-- Mozilla Update Staff\n";
+
+mail($to_address, $subject, $message, $headers);
+
+?>

mozilla/webtools/update/developers/mail_newpassword.php

@@ -0,0 +1,75 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//   Mike Morgan <morgamic@gmail.com>
+//   Justin Scott <fligtar@gmail.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+//From the change password function of usermanager
+// This message is called to inform the user of an administrative reset of their password.
+
+//--- Send via E-Mail Message ---
+
+$from_name = "Mozilla Update";
+$from_address = "update-daemon@mozilla.org";
+
+
+//Send To Address
+$to_address = "$email";
+
+$headers .= "MIME-Version: 1.0\r\n";
+$headers .= "Content-type: text/plain; charset=iso-8859-1\r\n";
+$headers .= "From: ".$from_name." <".$from_address.">\r\n";
+//$headers .= "Reply-To: ".$from_name." <".$from_address.">\r\n";
+$headers .= "X-Priority: 3\r\n";
+$headers .= "X-MSMail-Priority: Normal\r\n";
+$headers .= "X-Mailer: UMO Mail System 1.0";
+
+$subject = "Your New Mozilla Update Password\n";
+
+	$message = "Your New Mozilla Update Password\n";
+    $message .= "Below is your new Mozilla Update password which has been either changed by you using the Change Password tool, or regenerated as requested by you using the Mozilla Update Forgotten Password tool or by an Mozilla Update Staff member per your request.\n";
+    $message .= "To login to your account, click the link below or copy and paste the whole thing into your browsers location bar:\n";
+    $message .= 'https://'.HOST_NAME.WEB_PATH.'/developers/'."\n\n";
+    $message .= "Keep this e-mail in a safe-place for your records, below is your account details you used when registering for your account.\n\n";
+	$message .= "E-Mail: $email\n";
+    $message .= "Password: $password_plain\n\n";
+    $message .= "Thanks,\n";
+    $message .= "-- Mozilla Update Staff\n";
+
+mail($to_address, $subject, $message, $headers);
+
+?>

mozilla/webtools/update/developers/main.php

@@ -0,0 +1,146 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//   Mike Morgan <morgamic@gmail.com>
+//   Justin Scott <fligtar@gmail.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+require_once('../core/init.php');
+require_once('./core/sessionconfig.php');
+$page_title = 'Mozilla Update :: Developer Control Panel :: Overview';
+require_once(HEADER);
+require_once('./inc_sidebar.php');
+?>
+<h2>Welcome <?php echo"$_SESSION[name]";?>!</h2>
+
+
+<?php
+$sql ="SELECT TM.ID FROM `main` TM
+INNER JOIN `version` TV ON TM.ID = TV.ID
+WHERE `approved` = '?' GROUP BY `URI` ORDER BY TV.DateUpdated ASC";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+  $num_result = mysql_num_rows($sql_result);
+?>
+<p>
+<strong>Approval Queue Status: There are currently <?php echo"$num_result"; ?> add-ons awaiting review</strong>
+</p>
+
+<h3>My Extensions</h3>
+
+<?php
+$sql = "SELECT  TM.ID, TM.Type, TM.Name, TM.Description, TM.downloadcount, TM.TotalDownloads, TM.Rating, TU.UserEmail FROM  `main`  TM 
+LEFT JOIN authorxref TAX ON TM.ID = TAX.ID
+INNER JOIN userprofiles TU ON TAX.UserID = TU.UserID
+WHERE TU.UserID = '$_SESSION[uid]' AND TM.Type ='E'
+ORDER  BY  `Type` , `Name` ";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+  $numresults = mysql_num_rows($sql_result);
+  while ($row = mysql_fetch_array($sql_result)) {
+
+$v++;
+    $id = $row["ID"];
+    $type = $row["Type"];
+    $name = $row["Name"];
+    $dateadded = $row["DateAdded"];
+    $dateupdated = $row["DateUpdated"];
+    $homepage = $row["Homepage"];
+    $description = nl2br($row["Description"]);
+    $authors = $row["UserEmail"];
+    $downloadcount = $row["downloadcount"];
+    $totaldownloads = $row["TotalDownloads"];
+    $rating = $row["Rating"];
+
+echo"<h4><A HREF=\"./itemoverview.php?id=$id\">$name</A></h4>\n";
+echo"<p>$description</p>\n";
+//Icon Bar
+echo"<DIV style=\"margin-top: 10px; height: 34px\">";
+echo"<DIV class=\"iconbar\"><A HREF=\"./itemoverview.php?id=$id\"><IMG SRC=\"/images/edit.png\" HEIGHT=\"34\" WIDTH=\"34\" ALT=\"\">&nbsp;Edit Item</A></DIV>";
+echo"<DIV class=\"iconbar\"><IMG SRC=\"/images/download.png\" HEIGHT=\"34\" WIDTH=\"34\" ALT=\"\">Downloads: $downloadcount<BR>&nbsp;&nbsp;$totaldownloads total</DIV>";
+echo"<DIV class=\"iconbar\" title=\"$rating of 5 stars\"><A HREF=\"../extensions/moreinfo.php?id=$id&amp;page=comments\"><IMG SRC=\"/images/ratings.png\" HEIGHT=\"34\" WIDTH=\"34\" ALT=\"\">Rated<br>&nbsp;&nbsp;$rating of 5</A></DIV>";
+echo"</DIV>";
+
+}
+?>
+<p>
+&nbsp;&nbsp;&nbsp;&nbsp;<a href="additem.php?type=E">Add New Extension...</a>
+</p>
+
+
+<h3>My Themes</h3>
+
+<?php
+$sql = "SELECT  TM.ID, TM.Type, TM.Name, TM.DateAdded, TM.Description, TM.downloadcount, TM.TotalDownloads, TM.Rating, TU.UserEmail FROM  `main`  TM 
+LEFT JOIN authorxref TAX ON TM.ID = TAX.ID
+INNER JOIN userprofiles TU ON TAX.UserID = TU.UserID
+WHERE TU.UserID = '$_SESSION[uid]' AND TM.Type ='T'
+ORDER  BY  `Type` , `Name` ";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+  $numresults = mysql_num_rows($sql_result);
+  while ($row = mysql_fetch_array($sql_result)) {
+    $id = $row["ID"];
+    $type = $row["Type"];
+    $name = $row["Name"];
+    $dateadded = $row["DateAdded"];
+    $dateupdated = $row["DateUpdated"];
+    $homepage = $row["Homepage"];
+    $description = substr($row["Description"],0,75);
+    $authors = $row["UserEmail"];
+    $downloadcount = $row["downloadcount"];
+    $totaldownloads = $row["TotalDownloads"];
+    $rating = $row["Rating"];
+
+echo"<h4><A HREF=\"./itemoverview.php?id=$id\">$name</A></h4>\n";
+echo"<p>$description</p>\n";
+//Icon Bar
+echo"<DIV style=\"margin-top: 10px; height: 34px\">";
+echo"<DIV class=\"iconbar\"><A HREF=\"./itemoverview.php?id=$id\"><IMG SRC=\"/images/edit.png\" HEIGHT=\"34\" WIDTH=\"34\" ALT=\"\">&nbsp;Edit Item</A></DIV>";
+echo"<DIV class=\"iconbar\"><IMG SRC=\"../images/download.png\" HEIGHT=\"34\" WIDTH=\"34\" ALT=\"\">Downloads: $downloadcount<BR>&nbsp;&nbsp;$totaldownloads total</DIV>";
+echo"<DIV class=\"iconbar\" title=\"$rating of 5 stars\"><A HREF=\"../themes/moreinfo.php?id=$id&amp;page=comments\"><IMG SRC=\"/images/ratings.png\" HEIGHT=\"34\" WIDTH=\"34\" ALT=\"\">Rated<br>&nbsp;&nbsp;$rating of 5</A></DIV>";
+echo"</DIV>";
+
+
+}
+?>
+<p>&nbsp;&nbsp;&nbsp;&nbsp;<a href="additem.php?type=T">Add New Theme...</a></p>
+
+</DIV>
+
+<!-- close #mBody-->
+</div>
+
+<?php
+require_once(FOOTER);
+?>

mozilla/webtools/update/developers/massdisable.php

@@ -0,0 +1,185 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Justin Scott <fligtar@gmail.com>.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+
+require_once('../core/init.php');
+require_once('./core/sessionconfig.php');
+$page_title = 'Mozilla Update :: Developer Control Panel :: Mass Disable Add-ons';
+require_once(HEADER);
+require_once('./inc_sidebar.php');
+
+if ($_SESSION['level'] != 'admin') {
+    echo "<h1>Access Denied</h1>\n";
+    echo "You do not have permission to access this page.";
+    require_once(FOOTER);
+    exit;
+}
+
+if (!empty($_POST['id'])) {
+    $addon_ids = explode(',', str_replace(' ', '', mysql_real_escape_string($_POST['id'])));
+
+    if (!empty($_POST['disable']) && !empty($addon_ids)) {
+        foreach ($addon_ids as $addon_id) {
+            $authors = array();
+
+            $addon_qry = mysql_query("SELECT * FROM main WHERE ID='{$addon_id}'");
+            $addon = mysql_fetch_array($addon_qry);
+    
+            $version_qry = mysql_query("SELECT version.*, os.* FROM version LEFT JOIN os ON version.OSID=os.OSID WHERE version.ID='{$addon_id}' GROUP BY version.URI ORDER BY version.DateAdded DESC");
+
+            $author_qry = mysql_query("SELECT userprofiles.UserName, userprofiles.UserEmail, userprofiles.UserID FROM authorxref LEFT JOIN userprofiles ON authorxref.UserID = userprofiles.UserID WHERE authorxref.ID='{$addon_id}'");
+
+
+            $email = $_POST['email'];
+    
+            echo '<h1>Disable '.$addon['Name'].'</h1>';
+
+            if (empty($email)) {
+                echo 'Error: Please enter text for the e-mail body.';
+                exit;
+            }
+    
+            //Disable all versions
+            mysql_query("UPDATE version SET approved='DISABLED' WHERE ID='{$addon_id}'");
+            echo 'Versions disabled...<br>';
+    
+            //Set only author to disabled@addons.mozilla.org account
+            mysql_query("DELETE FROM authorxref WHERE ID='{$addon_id}'");
+            mysql_query("INSERT INTO authorxref (ID, UserID) VALUES('{$addon_id}', '69324')");
+            echo 'Author changed to disabled@addons.mozilla.org...<br>';
+    
+            //Add notice to beginning of description
+            $disabled_notice = "********** NOTICE **********\nThis add-on has been disabled by an administrator.\n****************************\n\n";
+            mysql_query("UPDATE main SET description=CONCAT('{$disabled_notice}', description) WHERE ID='{$addon_id}'");
+            echo 'Description updated...<br>';
+    
+            //email authors
+            $headers = "From: AMO Administrators <umo-admins@mozilla.org>\r\n";
+            $subject = $addon['Name'].' disabled';
+            $body = $email."\n\nMozilla Add-ons\nhttps://".HOST_NAME.WEB_PATH."\n";
+    
+            while ($author = mysql_fetch_array($author_qry)) {
+                $authors[] = $author['UserName'].' ('.$author['UserEmail'].' - ID '.$author['UserID'].')';
+                mail($author['UserEmail'], $subject, $body, $headers);
+                echo $author['UserEmail'].' emailed...<br>';
+            }
+    
+            echo '<b>Add-on disabled successfully.</b><br>';
+
+            $disabled_addons[$addon_id]['name'] = $addon['Name'];
+            $disabled_addons[$addon_id]['authors'] = implode(', ', $authors);
+            $disabled_addons[$addon_id]['guid'] = $addon['GUID'];
+
+        }
+        echo '<hr>';
+
+        //email admins
+        if (!empty($disabled_addons)) {
+            $body = "Administrator: {$_SESSION['name']} ({$_SESSION['email']})\n\n";
+            $body .= "Notes to author:\n";
+            $body .= "{$email}\n\n";
+
+            $body .= "The following add-ons were disabled:\n\n";
+            foreach ($disabled_addons as $addon_id => $info) {
+                $body .= "{$info['name']} ({$info['guid']} - https://".HOST_NAME.WEB_PATH."/disabled/{$addon_id}/)\n";
+            $body .= "Authors: ".$info['authors']."\n\n";
+            }
+
+            mail('umo-admins@mozilla.org', count($disabled_addons).' add-ons disabled', $body, $headers);
+            echo 'umo-admins@mozilla.org emailed...<br>';
+        }
+
+        echo '<b>Mass Disable complete.</b><br>';
+    }
+    elseif (!empty($_POST['preview'])) {
+    ?>
+        <form method="post">
+        <input type="hidden" name="id" value="<?=$_POST['id']?>">
+        <h1>Mass Disable Preview</h1>
+        The following add-ons and all of their versions will be disabled if you continue:<br>
+        <ul>
+        <?php
+            if (!empty($addon_ids)) {
+                foreach ($addon_ids as $addon_id) {
+                    $addon_qry = mysql_query("SELECT * FROM main WHERE ID='{$addon_id}'");
+                    $addon = mysql_fetch_array($addon_qry);
+
+                    echo "<li><a href=\"../addon.php?id={$addon['ID']}\">{$addon['Name']}</a> (ID {$addon['ID']})</li>";
+                }
+            }
+        ?>
+        </ul>
+        <br><br>
+        The following e-mail will be sent to the authors:<br>
+        <blockquote>
+            <?=nl2br($_POST['email'])?>
+        </blockquote>
+        <input type="hidden" name="email" value="<?=$_POST['email']?>">
+        <div style="text-align: center;">
+            <input type="submit" name="disable" value="Disable Add-ons">
+            <input type="button" value="Cancel" onClick="window.location='main.php';">
+            <br><br><a href="../author.php?id=69324">See all disabled add-ons</a>
+        </div>
+    <?php
+    }
+}
+else {
+?>
+<form method="post">
+<h1>Mass Disable</h1>
+Enter a comma-separated list of add-on IDs to disable:&nbsp;&nbsp;
+<textarea name="id" cols=70 rows=5></textarea>
+<br><br>
+The following e-mail will be sent to the authors [REQUIRED]:
+<textarea name="email" cols=70 rows=10></textarea>
+<br>
+<div style="text-align: center;">
+    <input type="submit" name="preview" value="Preview Mass Disable">
+    <input type="button" value="Cancel" onClick="window.location='main.php';">
+    <br><br><a href="../author.php?id=69324">See all disabled add-ons</a>
+</div>
+</form>
+<?php
+}
+?>
+
+<!-- close #mBody-->
+</div>
+
+<?php
+require_once(FOOTER);
+?>

mozilla/webtools/update/developers/parse_install_manifest.php

@@ -0,0 +1,130 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//   Mike Morgan <morgamic@gmail.com>
+//   Justin Scott <fligtar@gmail.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+require_once('../core/init.php');
+require_once('../core/class_rdf_parser.php');
+
+define("EM_NS", "http://www.mozilla.org/2004/em-rdf#");
+define("MF_RES", "urn:mozilla:install-manifest");
+// ignoring iconURL,optionsURL,aboutURL and anything else not listed
+$singleprops = array("id"=>1, "version"=>1, "creator"=>1, "homepageURL"=>1, "updateURL"=>1);
+// ignoring File
+$multiprops = array("contributor"=>1, "targetApplication"=>1, "requires"=>1);
+// these properties are localizable
+$l10nprops = array("name"=>1, "description"=>1);
+
+function parse_install_manifest( $manifestdata ) {
+
+$data = array();
+
+$rdf=new Rdf_parser();
+$rdf->rdf_parser_create( NULL );
+$rdf->rdf_set_user_data( $data );
+$rdf->rdf_set_statement_handler( "mf_statement_handler" );
+$rdf->rdf_set_base("");
+
+if ( ! $rdf->rdf_parse( $manifestdata, strlen($manifestdata), true ) ) {
+	return null;
+}
+
+// now set the targetApplication data for real
+$tarray = array();
+if(is_array($data["manifest"]["targetApplication"])) {
+	foreach($data["manifest"]["targetApplication"] as $ta) {
+		$id = $data[$ta][EM_NS . "id"];
+		$minVer = $data[$ta][EM_NS . "minVersion"];
+		$maxVer = $data[$ta][EM_NS . "maxVersion"];
+		$tarray[$id]["minVersion"] = $minVer;
+		$tarray[$id]["maxVersion"] = $maxVer;
+	}
+}
+$data["manifest"]["targetApplication"] = $tarray;
+$rdf->rdf_parser_free();
+
+return $data["manifest"];
+}
+
+function mf_statement_handler(
+	&$data,
+	$subject_type,
+	$subject,
+	$predicate,
+	$ordinal,
+	$object_type,
+	$object,
+	$xml_lang )
+{
+	global $singleprops, $multiprops, $l10nprops;
+
+	// look for props on the install manifest itself
+	if($subject == MF_RES) {
+		// we're only really interested in EM props
+		$l = strlen(EM_NS);
+		if(strncmp($predicate,EM_NS,$l) == 0) {
+			$prop = substr($predicate,$l,strlen($predicate)-$l);
+
+			if($singleprops[$prop]) {
+				$data["manifest"][$prop] = $object;
+			}
+			elseif($multiprops[$prop]) {
+				$data["manifest"][$prop][] = $object;
+			}
+			elseif($l10nprops[$prop]) {
+				// handling these separately
+				// so we can handle multiple languages
+				if($xml_lang) {
+					$lang = $xml_lang;
+				}
+				else {
+					// default to en-US
+					$lang = "en-US";
+				}
+				$data["manifest"][$prop][$lang] = $object;
+			}
+        	}
+	}
+	else {
+		// just save it, probably a targetApplication or something
+		// shouldn't ever have multiple targets, doesn't matter
+		$data[$subject][$predicate] = $object;
+	}
+}
+
+?>

mozilla/webtools/update/developers/passwordreset.php

@@ -0,0 +1,103 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//   Mike Morgan <morgamic@gmail.com>
+//   Justin Scott <fligtar@gmail.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+require_once('../core/init.php');
+$page_title = 'Mozilla Update :: Password Reset';
+require_once(HEADER);
+
+?>
+<hr class="hide">
+<div id="mBody">
+
+<?php
+if ($_POST["submit"]=="Reset My Password") {
+echo"<h1>Resetting Your Password, Please Wait...</h1>\n";
+//Gather and Filter Data from the Submission Form
+$email = escape_string($_POST["email"]);
+
+//Generate Confirmation Code
+$confirmationcode = md5(mt_rand());
+
+$newpassword = substr(md5(mt_rand()),0,14);
+$password_plain = $newpassword;
+$password = md5($newpassword);
+
+$sql = "SELECT `UserEmail` FROM `userprofiles` WHERE `UserEmail`='$email' LIMIT 1";
+$sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+   if (mysql_num_rows($sql_result)=="1") {
+    $sql = "UPDATE `userprofiles` SET `UserPass`='$password' WHERE `UserEmail`='$email' LIMIT 1";
+     $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+      if ($sql_result) {
+        include"mail_newpassword.php";
+        echo"Your password has been reset successfully. An e-mail has been sent to you containing your new password..<br>\n";
+        echo"<br><br><a href=\"./index.php\">&#171;&#171; Login to Mozilla Update's Developer Control Panel &#187;&#187;</a>";
+      }
+
+   } else { 
+   echo"An error was encountered when trying to reset your password, verify the e-mail you entered is correct and try again.<br>\n";
+   }
+
+require_once(FOOTER);
+exit;
+}
+?>
+
+<h2>Reset Your Password</h2>
+<P>Forgot the password to your Mozilla Update account? No problem. Just put your e-mail address in the form below, and a new password will
+be generated and e-mailed to the e-mail address you have on file.</P>
+
+<form name="resetpassword" method="post" action="?post=resetpassword">
+<table border=0 cellpadding=0 cellspacing=0 style="width: 50%; margin: auto;">
+<tr>
+<td style="height: 30px;">E-Mail Address:</td>
+<td><input name="email" type="text" size=30></td>
+</tr>
+<tr>
+<td colspan=2 align=center><input name="submit" type="submit" value="Reset My Password"><input name="reset" type="reset" value="Clear Form"></td>
+</tr>
+</table>
+
+</form>
+
+</div>
+
+<?php
+require_once(FOOTER);
+?>

mozilla/webtools/update/developers/previews.php

@@ -0,0 +1,348 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//   Mike Morgan <morgamic@gmail.com>
+//   Justin Scott <fligtar@gmail.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+require_once('../core/init.php');
+require_once('./core/sessionconfig.php');
+$page_title = 'Mozilla Update :: Developer Control Panel :: Item Previews';
+require_once(HEADER);
+require_once('inc_sidebar.php');
+
+//Kill access to items this user doesn't own...
+if ($_SESSION["level"] !=="admin" and $_SESSION["level"] !=="editor") {
+
+    $id = escape_string($_GET["id"]);
+    if (!$id) {$id = escape_string($_POST["id"]); }
+    $sql = "SELECT `UserID` from `authorxref` TAX WHERE `ID` = '$id' AND `UserID` = '$_SESSION[uid]' LIMIT 1";
+    $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+    if (mysql_num_rows($sql_result)=="0") {
+    echo"<h1>Access Denied</h1>\n";
+    echo"You do not have access to this item.";
+    require_once(FOOTER);
+    exit;
+    }
+}
+
+//List Page Preview Variables
+// defaults
+$preview_width = "200";
+$preview_height = "150";
+// limits
+$preview_width_max = "690";
+$preview_height_max = "520";
+?>
+<?php
+$id = escape_string($_GET["id"]);
+$sql = "SELECT  TM.ID, TM.Type, TM.Name, TM.Description, TM.downloadcount, TM.TotalDownloads, TM.Rating, TU.UserEmail FROM  `main`  TM 
+LEFT JOIN authorxref TAX ON TM.ID = TAX.ID
+INNER JOIN userprofiles TU ON TAX.UserID = TU.UserID
+WHERE TM.ID = '$id' ORDER  BY  `Type` , `Name` ";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+  $numresults = mysql_num_rows($sql_result);
+  $row = mysql_fetch_array($sql_result);
+$v++;
+    $id = $row["ID"];
+    $type = $row["Type"];
+    $name = $row["Name"];
+    $dateadded = $row["DateAdded"];
+    $dateupdated = $row["DateUpdated"];
+    $homepage = $row["Homepage"];
+    $description = nl2br($row["Description"]);
+    $authors = $row["UserEmail"];
+    $downloadcount = $row["downloadcount"];
+    $totaldownloads = $row["TotalDownloads"];
+    $rating = $row["Rating"];
+?>
+
+<h2>Item Previews :: <?php echo"$name"; ?></h2>
+<?php
+if ($_POST["submit"]=="Update Previews") {
+for ($i = 1; $i <= $_POST["maxid"]; $i++) {
+$previewid = escape_string($_POST["previewid_$i"]);
+$caption = escape_string($_POST["caption_$i"]);
+$delete = escape_string($_POST["delete_$i"]);
+
+
+
+$sql = "SELECT `PreviewURI` from `previews` WHERE `PreviewID`='$previewid' LIMIT 1";
+  $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+    $row = mysql_fetch_array($sql_result);
+    $file = $row["PreviewURI"];
+    $file = FILE_PATH.'/'.$file;
+    
+    $imagesize = @getimagesize($file);
+if ($_POST["preview"]==$previewid AND $imagesize[0]<="$preview_width" AND $imagesize[1]<="$preview_height") {$preview="YES"; } else {$preview="NO";}
+    
+if ($delete==$previewid) {
+  if (file_exists($file)) {  unlink($file); }
+
+$sql = "DELETE FROM `previews` WHERE `PreviewID`='$previewid'";
+} else {
+$sql = "UPDATE `previews` SET `caption`='$caption', `preview`='$preview' WHERE `PreviewID`='$previewid'";
+}
+  if (checkFormKey()) {
+    $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+  }
+}
+
+echo"Previews successfully updated. The new values for the preview records should be shown below.<br>\n";
+
+}
+
+
+unset($i);
+$sql = "SELECT * FROM `previews` TP WHERE `ID`='$id' ORDER BY `PreviewID`";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+  $num_results = mysql_num_rows($sql_result);
+
+if ($num_results>"0") {
+?>
+<form name="updatepreviews" method="post" action="?id=<?php echo"$id"; 
+?>&amp;function=updatepreviews">
+<?writeFormKey();?>
+<?php
+}
+
+  while($row = mysql_fetch_array($sql_result)) {
+    $i++;
+    $previewid = $row["PreviewID"];
+    $uri = $row["PreviewURI"];
+    $filename = basename($row["PreviewURI"]);
+    $filename_array[$i] = $filename;
+    $caption = $row["caption"];
+    $preview = $row["preview"];
+    list($src_width, $src_height, $type, $attr) = getimagesize(FILE_PATH.'/'.$uri);
+    $filesize = round(filesize(FILE_PATH.$uri)/1024,1);
+    $popup_width = $src_width+25;
+    $popup_height = $src_height+25;
+
+    //Scale Image Dimensions
+    $dest_width="200"; // Destination Width /$tn_size_width
+    $dest_height_fixed="150"; // Destination Height / $tn_size_height (Fixed)
+    if ($src_width<=$dest_width AND $src_height<=$dest_width) {
+    $dest_width = $src_width;
+    $dest_height = $src_height;
+    $nopopup = true;
+    } else {
+        $dest_height= ($src_height * $dest_width) / $src_width; // (Aspect Ratio Variable Height
+        if ($dest_height>$dest_height_fixed) {
+            $dest_height = $dest_height_fixed;
+            $dest_width = ($src_width * $dest_height) / $src_height;
+        }
+    }
+
+echo"<h3>Preview #$i - $caption </h3>\n";
+echo"$filename ($src_width x $src_height) $filesize"."Kb"; if ($preview=="YES") {echo"  (List Page Preview)";}echo"<br>\n";
+if ($nopopup != "true") {echo"<a href=\"javascript:void(window.open('".WEB_PATH."$uri', '', 'scrollbars=yes,resizable=yes,width=$popup_width,height=$popup_height,left=30,top=20'));\">";}
+echo"<img src=\"".WEB_PATH."$uri\" border=\"0\" width=\"$dest_width\" height=\"$dest_height\" alt=\"$caption\" title=\"$caption\">";
+if ($nopopup != "true") {echo"</a>";}
+echo"<br>\n";
+echo"<input name=\"previewid_$i\" type=\"hidden\" value=\"$previewid\">\n";
+echo"Edit Caption: <input name=\"caption_$i\" type=\"text\" value=\"$caption\" size=30>";
+if ($preview == "YES" OR ( $src_width<="$preview_width" AND $src_height <="$preview_height")) {
+echo"&nbsp;&nbsp;<input name=\"preview\" type=\"radio\" value=\"$previewid\""; if ($preview=="YES") {echo" checked"; } echo">List Page Preview?<br>\n";
+} else { echo"<input name=\"preview_null\" type=\"radio\" value=\"\" disabled=\"true\"><span class=\"tooltip\" TITLE=\"Option Disabled. Max Size for Previews is $preview_width x $preview_height\">List Item Preview?</span><br>\n"; }
+echo"Delete File? <input name=\"delete_$i\" type=\"checkbox\" value=\"$previewid\"><br>\n";
+}
+?>
+<?php if ($num_results>"0") { ?>
+<input name="maxid" type="hidden" value="<?php echo"$i"; ?>">
+<br><input name="submit" type="submit" value="Update Previews"><input name="reset" type="reset" value="Reset">
+</form>
+<?php } ?>
+
+<h3>Add Preview</h3>
+<?php
+//Add Photo Function
+if ($_POST["submit"]=="Add Preview") {
+
+//Compute the maxval for the filename for the new file.
+if (!$filename_array) { $filename_array=array(); }
+foreach ( $filename_array as $filename) {
+$exploded_filename = explode("-", $filename);
+$count = count($exploded_filename)-1;
+$val = explode(".",$exploded_filename[$count]);
+$val = $val[0];
+if (!$maxval or $maxval<$val) {$maxval=$val;}
+}
+$maxval = $maxval+1;
+$i=$maxval;
+unset($count,$val,$exploded_filename,$filename,$maxval);
+
+$width = $_POST["width"];
+$height = $_POST["height"];
+$preview = escape_string($_POST["preview"]);
+$caption = escape_string($_POST["caption"]);
+
+$name = preg_replace('/\W/','_',$name);
+$previewpath = strtolower("images/previews/$name-$i.jpg");
+
+if ($preview=="YES") {
+$width = "$preview_width";
+$height = "$preview_height";
+} else {
+$preview="NO";
+}
+
+$filename=$_FILES['file']['name'];
+$filetype=$_FILES['file']['type'];
+$filesize=$_FILES['file']['size'];
+$uploadedfile=$_FILES['file']['tmp_name'];
+$status=$_FILES['file']['error'];
+
+//Status
+if ($status==0) {$statusresult="Success!";
+} else if ($status==1) {$statusresult="Error: File Exceeds upload_max_filesize (PHP)";
+} else if ($status==2) {$statusresult="Error: File Exceeds max_file_size (HTML)";
+} else if ($status==3) {$statusresult="Error: File Incomplete, Partial File Received";
+} else if ($status==4) {$statusresult="Error: No File Was Uploaded";
+}
+
+
+//Now to make the Image...
+$sourcepath="$uploadedfile"; // Source Image Path -- Destination from FileUpload()
+$srcimagehw = @GetImageSize($sourcepath); //GetImage Info -- Source Image
+$src_width="$srcimagehw[0]"; // Source Image Width
+$src_height="$srcimagehw[1]"; // Source Image Height
+$type = $srcimagehw[2];
+
+if (!$width) {$width=$src_width;}
+if (!$height) {$height=$src_height;}
+
+if ($type == "2" && $src_height <= 150 && $src_width <= 200) {
+     // It's all OK, don't screw with it!
+     copy($sourcepath, FILE_PATH . "/" . $previewpath);
+     //Lets attempt to add the record to the DB.
+     if (checkFormKey()) {
+         $sql = "INSERT INTO `previews` (`PreviewURI`,`ID`,`caption`,`preview`) VALUES ('/$previewpath','$id','$caption','$preview');";
+         $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+
+         if ($sql_result=="1") {
+             echo"Your File $filename ($filesize bytes) has been successfully uploaded and added to the database. <a href=\"?id=$id\">Click here</a> to refresh this page to show the added entry for editing.<BR><BR>";
+         }
+     }
+
+} else {
+    if ($type=="2" or $type=="3") {
+
+        //Destination Properties for the Display Image
+        //Output Image Dimensions
+
+        //Limit Max.
+        if ($width > $preview_width_max) {$width=$preview_width_max;}
+        if ($height > $preview_height_max) {$height=$preview_height_max;}
+
+        $dest_width="$width"; // Destination Width /$tn_size_width
+        $dest_height_fixed="$height"; // Destination Height / $tn_size_height (Fixed)
+        $dest_height= ($src_height * $dest_width) / $src_width; // (Aspect Ratio Variable Height
+            if ($dest_height>$dest_height_fixed) {
+                $dest_height = $dest_height_fixed;
+                $dest_width = ($src_width * $dest_height) / $src_height;
+            }
+            $quality="80"; // JPEG Image Quality
+            $outputpath=FILE_PATH.'/'.$previewpath; //path of output image ;-)
+
+            if ($type=="2") {
+                $src_img = imagecreatefromjpeg("$sourcepath");
+                } else if ($type=="3") {
+                    $src_img = imagecreatefrompng("$sourcepath");
+                    $quality="95";
+                }
+                $dst_img = imagecreatetruecolor($dest_width,$dest_height);
+                imagecopyresampled($dst_img, $src_img, 0, 0, 0, 0, $dest_width, $dest_height, $src_width, $src_height);
+                imageinterlace($dst_img, 1);
+                $white = ImageColorAllocate($dst_img, 255, 255, 255);
+                //Make a couple of size corrections for the auto-border feature..
+                $dest_width = $dest_width-1;
+                $dest_height = $dest_height-1;
+                imagerectangle ($dst_img, 0, 0, $dest_width, $dest_height, $white);
+                $status = imagejpeg($dst_img, "$outputpath", $quality);
+                imagedestroy($src_img);
+                imagedestroy($dst_img);
+
+                if ($status=="1") {
+                //Lets attempt to add the record to the DB.
+                if (checkFormKey()) {
+                    $sql = "INSERT INTO `previews` (`PreviewURI`,`ID`,`caption`,`preview`) VALUES ('/$previewpath','$id','$caption','$preview');";
+                    $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+
+                    if ($sql_result=="1") {
+                        echo"Your File $filename ($filesize bytes) has been successfully uploaded and added to the database. <a href=\"?id=$id\">Click here</a> to refresh this page to show the added entry for editing.<BR><BR>";
+                    }
+                }
+                }
+            } else {
+                echo"<span class=error>The image you uploaded has errors and could not be processed successfully. The image may be corrupt or not in the correct format. This tool only supports jpeg and png images. Please try your operation again.</span><br><br>\n";
+
+            }
+
+        }
+}
+
+?>
+
+<form name="addpreview" method="post" action="?id=<?php echo"$id"; 
+?>&amp;function=addpreview" enctype="multipart/form-data">
+<?writeFormKey();?>
+Only PNG or JPG images are supported for addition to the preview screenshots page for your item. Check the "List Page Preview" box
+if you'd like the image to be featured on the list and the top of the item details pages. To just have it added to your screenshots
+page, leave the box unchecked<br>
+<input name="file" SIZE=30 type="file"> <input name="preview" type="checkbox" value="YES">List Page Preview?<br>
+
+Image Width:<input name="width" type="text" value="0" size=5> x Height: <input name="height" type="text" value="0" size=5><br>
+Fill in the image width and height fields above to have the site resize 
+your image for you. Otherwise, leave Width and Height as 0 (the default) 
+for full-size (limited to <?php echo $preview_width_max . " x " 
+. $preview_height_max; ?>, anything larger will be 
+auto-resized). This setting is ignored for preview images, which have 
+strict size requirements of <?php echo $preview_width . " x " . 
+$preview_height; ?>.<br><br> 
+Image Caption: <input name="caption" type="text" size="30"><br>
+
+<input name="submit" type="submit" value="Add Preview"><input name="reset" type="reset" value="Reset">
+</form>
+
+
+
+<!-- close #mBody-->
+</div>
+
+<?php
+require_once(FOOTER);
+?>

mozilla/webtools/update/developers/resendconfirmation.php

@@ -0,0 +1,102 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//   Mike Morgan <morgamic@gmail.com>
+//   Justin Scott <fligtar@gmail.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+require_once('../core/init.php');
+$page_title = 'Mozilla Update :: Resend Confirmation';
+require_once(HEADER);
+?>
+<hr class="hide">
+<div id="mBody">
+
+<?php
+if ($_POST['submit']=='Request New Confirmation Email') {
+    echo "<h1>Resending confirmation email Please Wait...</h1>\n";
+    //Gather and Filter Data from the Submission Form
+    $email = escape_string($_POST['email']);
+    //Generate Confirmation Code
+    $confirmationcode = md5(mt_rand());
+
+    $sql = "SELECT `UserEmail`, `UserMode` FROM `userprofiles` WHERE `UserEmail`='$email' LIMIT 1";
+    $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+    if (mysql_num_rows($sql_result) == 1) {
+        $row = mysql_fetch_array($sql_result);
+        if ($row['UserMode'] !== 'D') {
+            echo "<p>Your account has already been confirmed, so new new confirmation code has been generated.</p>";
+        } else {
+           $newpassword = substr(md5(mt_rand()),0,14);
+		   $password_plain = $newpassword;
+           $password = md5($newpassword);
+           $sql = "UPDATE `userprofiles` SET `ConfirmationCode`='$confirmationcode', `UserPass`='$password' WHERE `UserEmail`='$email' LIMIT 1";
+           $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+           if ($sql_result) {
+               require_once('./mail_newaccount.php');
+               echo"Your confirmation code has been reset successfully. However, as a consequence of this your password has changed. An e-mail has been sent to you to confirm your account and inform you of the new password.<br>\n";
+               echo"<br><br><a href=\"./index.php\">&#171;&#171; Login to Mozilla Update's Developer Control Panel &#187;&#187;</a>";
+           }
+        }
+    } else {
+       echo"An error was encountered when trying to resend your confirmation email, verify the e-mail you entered is correct and try again.<br>\n";
+    }
+    require_once(FOOTER);
+    exit;
+}
+?>
+<h2>Resend Confirmation</h2>
+<P>If you have deleted the confirmation email, then you can have a new one sent to you by filling in the form below. Just put your e-mail address in the form below,
+and a new password and confirmation code will be e-mailed to the e-mail address you have on file.</P>
+
+<form name="resetpassword" method="post" action="?post=getconfirmation">
+<table border=0 cellpadding=0 cellspacing=0 style="width: 50%; margin: auto;">
+<tr>
+<td style="height: 30px;">E-Mail Address:</td>
+<td><input name="email" type="text" size=30></td>
+</tr>
+<tr>
+<td colspan=2 align=center><input name="submit" type="submit" value="Request New Confirmation Email"><input name="reset" type="reset" value="Clear Form"></td>
+</tr>
+</table>
+
+</form>
+
+</div>
+
+<?php
+require_once(FOOTER);
+?>

mozilla/webtools/update/developers/responsemanager.php

@@ -0,0 +1,192 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//   Mike Morgan <morgamic@gmail.com>
+//   Justin Scott <fligtar@gmail.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+require_once('../core/init.php');
+require_once('./core/sessionconfig.php');
+$function = $_GET['function'];
+$page_title = 'Mozilla Update :: Developer Control Panel :: Canned Response Manager';
+require_once(HEADER);
+require_once('inc_sidebar.php');
+
+if ($_SESSION["level"] == "admin") {
+    //Do Nothing, they're good. :-)
+} else {
+    echo"<h1>Access Denied</h1>\n";
+    echo"You do not have access to the Canned Response Manager";
+    require_once(FOOTER);
+    exit;
+}
+
+if (!$function) {
+?>
+<h1>Manage Canned Responses:</h1>
+<TABLE CELLPADDING=1 CELLSPACING=1 ALIGN=CENTER STYLE="border: 0px; width: 100%">
+    <TR>
+        <TD></TD>
+        <TD>Name</TD>
+        <TD>Action</TD>
+    </TR>
+<?php
+    $sql = "SELECT `CannedID`, `CannedName`, `CannedAction`, `CannedResponse` FROM `canned_responses` ORDER BY `CannedAction`, `CannedName`";
+    $sql_result = mysql_query($sql, $connection) or trigger_error("<div class=\"error\">MySQL Error ".mysql_errno().": ".mysql_error()."</div>", E_USER_NOTICE);
+    while ($row = mysql_fetch_array($sql_result)) {
+        echo "<TR>\n";
+        echo "<TD>".++$i."</TD>\n";
+        echo "<TD>&nbsp;<a href=\"?function=edit&id=".$row["CannedID"]."\">".$row["CannedName"]."</a></TD>\n";
+        echo "<TD>Approval".$row["CannedAction"]."</TD>\n";
+        echo "</TR>\n";
+    }
+?>
+</table>
+
+<h2><a href="?function=addentry">New Canned Response</a></h2>
+<form method="post" action="?function=addentry">
+<?writeFormKey();?>
+  Name: <input name="name" type="text" size="30" maxlength="50">
+<input name="submit" type="submit" value="Next &#187;"></SPAN>
+</form>
+</div>
+
+<?php
+} elseif ($function == "edit") {
+    $id = escape_string($_GET["id"]);
+    //Post Functions
+    if ($_POST["submit"] == "Update Response") {
+        echo "<h2>Processing your update, please wait...</h2>\n";
+        $name = escape_string($_POST["name"]);
+        $action = escape_string($_POST["action"]);
+        $response = escape_string($_POST["response"]);
+        $id = escape_string($_POST["id"]);
+        if (checkFormKey()) {
+            $sql = "UPDATE `canned_responses` SET `CannedName`='$name', `CannedAction`='$action', `CannedResponse`='$response' WHERE `CannedID`='$id'";
+            $sql_result = mysql_query($sql, $connection) or trigger_error("<div class=\"error\">MySQL Error ".mysql_errno().": ".mysql_error()."</div>", E_USER_NOTICE);
+          if ($sql_result) {
+              echo "Your update to '$name' has been successful.<br>";
+          }
+        }
+    } elseif ($_POST["submit"] == "Delete Response") {
+        echo "<h2>Processing, please wait...</h2>\n";
+        $id = escape_string($_POST["id"]);
+        $name = escape_string($_POST["name"]);
+        if (checkFormKey()) {
+            $sql = "DELETE FROM `canned_responses` WHERE `CannedID`='$id'";
+            $sql_result = mysql_query($sql, $connection) or trigger_error("<div class=\"error\">MySQL Error ".mysql_errno().": ".mysql_error()."</div>", E_USER_NOTICE);
+            if ($sql_result) {
+                echo "You've successfully deleted the Canned Response '$name'.";
+                echo "<br><br><a href=\"?function=\">&laquo; Back to Canned Response Manager</a>";
+                require_once(FOOTER);
+                exit;
+            }
+        }
+    }
+
+    // Show Edit Form
+    $sql = "SELECT * FROM `canned_responses` WHERE `CannedID` = '$id' LIMIT 1";
+    $sql_result = mysql_query($sql, $connection) or trigger_error("<div class=\"error\">MySQL Error ".mysql_errno().": ".mysql_error()."</div>", E_USER_NOTICE);
+    $row = mysql_fetch_array($sql_result);
+?>
+
+<h3>Edit Canned Response:</h3>
+<form  method="post" action="?function=edit">
+<?php
+    writeFormKey();
+    echo "<br><input name=\"id\" type=\"hidden\" value=\"".$row["CannedID"]."\" />\n";
+    echo "Name: <input name=\"name\" type=\"text\" size=\"40\" maxlength=\"50\" value=\"".$row["CannedName"]."\"><br>\n";
+    echo "Approval Action: <input type=\"radio\" name=\"action\" value=\"+\"".($row["CannedAction"] == "+" ? " checked" : "")."> Approve&nbsp;&nbsp;\n";
+    echo "<input type=\"radio\" name=\"action\" value=\"-\"".($row["CannedAction"] == "-" ? " checked" : "")."> Deny<br><br>\n";
+
+    echo "Canned Response:<BR><TEXTAREA NAME=\"response\" ROWS=5 COLS=60>{$row['CannedResponse']}</TEXTAREA>";
+
+?>
+<BR><BR>
+<input name="submit" type="submit" value="Update Response">
+<input name="reset"  type="reset"  value="Reset Form">
+<input name="submit" type="submit" value="Delete Response" onclick="return confirm('Are you sure you want to delete <?=$row["CannedName"]?>?');" />
+</form>
+<BR><BR>
+<A HREF="?function=">&#171; Return to Canned Response Manager</A>
+
+<?php
+} elseif ($function == "addentry") {
+    //Add response to MySQL Table
+    if ($_POST["add"] != "") {
+        echo "<h2>Adding Canned Response, please wait...</h2>\n";
+        $name = escape_string($_POST["name"]);
+        $action = escape_string($_POST["action"]);
+        $response = escape_string($_POST["response"]);
+        $id = escape_string($_POST["id"]);
+        if (checkFormKey()) {
+            $sql = "INSERT INTO `canned_responses` (`CannedName`, `CannedAction`, `CannedResponse`) VALUES ('$name','$action','$response')";
+            $sql_result = mysql_query($sql, $connection) or trigger_error("<div class=\"error\">MySQL Error ".mysql_errno().": ".mysql_error()."</div>", E_USER_NOTICE);
+            if ($sql_result) {
+                echo "The response '$name' has been successfully added.<br>\n";
+            }
+        }
+    }
+?>
+
+<h2>Add Canned Response:</h2>
+<form method="post" action="?function=addentry">
+<?writeFormKey();?>
+<?php
+    $name = escape_string($_POST["name"]);
+?>
+<br>
+Name: <input name="name" type="text" size="40" maxlength="50" value="<?=$name?>"><br>
+Approval Action: <input type="radio" name="action" value="+"> Approve&nbsp;&nbsp;
+<input type="radio" name="action" value="-" checked> Deny<br><br>
+Canned Response:<BR><TEXTAREA NAME="response" ROWS=5 COLS=60></TEXTAREA>
+
+<BR><BR>
+<input name="add" type="submit" value="Add Cannned Response" />
+<input name="reset"  type="reset"  value="Reset Form" />
+</form>
+<BR><BR>
+<A HREF="?function=">&#171; Return to Canned Response Manager</A>
+</div>
+<?php
+}
+?>
+<!-- close #mBody-->
+</div>
+
+<?php
+require_once(FOOTER);
+?>

mozilla/webtools/update/developers/reviewsmanager.php

@@ -0,0 +1,250 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//   Mike Morgan <morgamic@gmail.com>
+//   Justin Scott <fligtar@gmail.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+require_once('../core/init.php');
+require_once('./core/sessionconfig.php');
+$function = $_GET['function'];
+$page_title = 'Mozilla Update :: Developer Control Panel :: Reviews Manager';
+require_once(HEADER);
+require_once('./inc_sidebar.php');
+
+if ($_SESSION["level"] !=="admin") {
+    echo"<h1>Access Denied</h1>\n";
+    echo"You do not have access to the Editor Reviews Manager";
+    require_once(FOOTER);
+    exit;
+}
+?>
+<?php
+if (!$function) {
+$typearray = array("E"=>"Extensions","T"=>"Themes");
+if (!$_GET["type"]) {$_GET["type"]="E";}
+?>
+
+<h1>Manage Reviews for <?php $typename = $typearray[$_GET[type]]; echo"$typename"; ?>:</h1>
+<SPAN style="font-size: 10pt">Show: <?php
+
+$count = count($typearray);
+$i = 0;
+foreach ($typearray as $type =>$typename) {
+$i++;
+echo"<a href=\"?type=$type\">$typename</a>";
+if ($i !== $count) {echo" / "; }
+
+}
+unset($i);
+?></SPAN>
+
+<TABLE BORDER=0 CELLPADDING=1 CELLSPACING=0 ALIGN=CENTER STYLE="border: solid 0px #000000; width: 95%" class="listing">
+<TR>
+<TH><!-- Counter --></TH>
+<TH>Name</TH>
+<TH>Review...</TH>
+<TH>Review Posted</TH>
+</TR>
+
+<?php
+$type = escape_string($_GET["type"]);
+
+$sql = "SELECT  TM.ID, TM.Name, TR.Body as Description, TR.DateAdded  FROM  `main` TM LEFT JOIN `reviews` TR ON TR.ID=TM.ID WHERE TM.Type = '$type' ORDER  BY  `Type` , ltrim(`Name`)  ASC ";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+   $numresults = mysql_num_rows($sql_result);
+   while ($row = mysql_fetch_array($sql_result)) {
+    $id = $row["ID"];
+    $name = $row["Name"];
+    $description = substr($row["Description"],0,75);
+    if ($description) {$description .="..."; }
+    if ($row["DateAdded"]) {
+        $dateadded = date("F d, Y", strtotime($row["DateAdded"]));
+    } else {
+        $dateadded = "N/A";
+    }
+    $i++;
+    echo"<tr>\n";
+    echo"<td align=\"center\" width=\"20\">$i.</td>\n";
+    echo"<td><a href=\"?function=editreview&id=$id\">$name</a></td>\n";
+    echo"<td>$description</td>\n";
+    echo"<td nowrap>$dateadded</td>\n";
+    echo"</tr>\n";
+}
+?>
+</table>
+
+<?php
+} else if ($function=="editreview") {
+
+    //Process Submitted Values if this is a return with $_POST data for the parent objects...
+    if ($_POST["submit"]=="Add Review") {
+        $name = escape_string($_POST["name"]);
+        echo"<h2>Adding review for $name, please wait...</h2>";
+
+        if ($_POST["title"] && $_POST["body"] && $_POST["id"] && $_POST["method"]=="add") {
+        //Everything We *must* have is present... Begin....
+
+            if (checkFormKey()) {
+                $sql = "INSERT INTO `reviews` (`ID`,`DateAdded`,`AuthorID`,`Title`,`Body`,`ExtendedBody`,`pick`,`featured`,`featuredate`) VALUES ('".escape_string($_POST[id])."', NOW(NULL), '".escape_string($_SESSION[uid])."','".escape_string($_POST[title])."','".escape_string($_POST[body])."','".escape_string($_POST[extendedbody])."','".escape_string($_POST[pick])."','".escape_string($_POST[featured])."','".escape_string($_POST[featuredate])."');";
+                $sql_result = mysql_query($sql, $connection) or trigger_error("<FONT COLOR=\"#FF0000\"><B>MySQL Error ".mysql_errno().": ".mysql_error()."</B></FONT>", E_USER_NOTICE);
+                if ($sql_result) {
+                    echo"Your review of $name has been submitted successfully...<br>\n";
+                }
+            }
+        }
+
+    } else if ($_POST["submit"]=="Update Review") {
+        $name = escape_string($_POST["name"]);
+        echo"<h2>Updating review for $name, please wait...</h2>";
+
+        if ($_POST["title"] && $_POST["body"] && $_POST["rid"] && $_POST["method"]=="edit") {
+        //Everything We *must* have is present... Begin....
+
+            if (checkFormKey()) {
+                $sql = "UPDATE `reviews` SET `Title`= '".escape_string($_POST[title])."', `Body`='".escape_string($_POST[body])."', `ExtendedBody`='".escape_string($_POST[extendedbody])."', `pick`='".escape_string($_POST[pick])."', `featured`='".escape_string($_POST[featured])."', `featuredate`='".escape_string($_POST[featuredate])."' WHERE `rID`='".escape_string($_POST[rid])."' LIMIT 1";
+                $sql_result = mysql_query($sql, $connection) or trigger_error("<FONT COLOR=\"#FF0000\"><B>MySQL Error ".mysql_errno().": ".mysql_error()."</B></FONT>", E_USER_NOTICE);
+                if ($sql_result) {
+                    echo"Your update to the review for $name has been submitted successfully...<br>\n";
+                }
+            }
+        }
+
+    } else if ($_POST["submit"]=="Delete") {
+        $name = escape_string($_POST["name"]);
+        $rid = escape_string($_POST["rid"]);
+
+        echo"<h1>Deleting $name, please wait...</h1>\n";
+
+        if (checkFormKey()) {
+            $sql = "DELETE FROM `reviews` WHERE `rID`='$rid' LIMIT 1";
+            $sql_result = mysql_query($sql, $connection) or trigger_error("<FONT COLOR=\"#FF0000\"><B>MySQL Error ".mysql_errno().": ".mysql_error()."</B></FONT>", E_USER_NOTICE);
+            if ($sql_result) {
+                echo"The review for $name has been deleted...<br>\n";
+                echo"<a href=\"?type=$type\">&#171;&#171; Back to Main Page...</a><br>\n";
+                require_once(FOOTER);
+                exit;
+            }
+
+        }
+
+    }
+
+//Get Parent Item Information
+$id = escape_string($_GET["id"]);
+if (!$id) {$id = escape_string($_POST["id"]); }
+
+$sql = "SELECT  TM.ID, TM.Type, TM.Name FROM  `main` TM  WHERE TM.ID = '$id' LIMIT 1";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+  $row = mysql_fetch_array($sql_result);
+    $id = $row["ID"];
+    $type = $row["Type"];
+    $name = $row["Name"];
+
+$sql = "SELECT `rID`,TU.UserName as AuthorName, `DateAdded`, `Title`, `Body`, `ExtendedBody`, `pick`, `featured`, `featuredate`  FROM `reviews` INNER JOIN `userprofiles` TU ON reviews.AuthorID=TU.UserID WHERE `ID` = '$id' LIMIT 1";
+    $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+    $sql_num = mysql_num_rows($sql_result);
+    if ($sql_num=="0") { $method="Add"; $action="Add"; } else { $method="Edit"; $action="Update"; }
+    $row = mysql_fetch_array($sql_result);
+      $rid = $row["rID"];
+      $authorname = $row["AuthorName"];
+      $dateadded = date("F d, Y", strtotime($row["DateAdded"]));
+      $title = $row["Title"];
+      $body = $row["Body"];
+      $extendedbody = $row["ExtendedBody"];
+      $pick = $row["pick"];
+      $featured = $row["featured"];
+      $featuredate = $row["featuredate"];
+      if (!$featuredate) {$featuredate = date("Ym"); }
+      if (!$authorname) { $authorname = $_SESSION["name"]; }
+?>
+<h1><?php echo"$method Review for $name"; ?></h1>
+<?php echo"Review written by $authorname on $dateadded<br>\n"; ?>
+
+<TABLE CELLPADDING=1 CELLSPACING=1 STYLE="border: solid 0px #000000;">
+<FORM NAME="editmain" METHOD="POST" ACTION="?function=editreview&<?php echo"id=$id"; ?>">
+<?writeFormKey();?>
+<INPUT NAME="rid" TYPE="HIDDEN" VALUE="<?php echo"$rid"; ?>">
+<INPUT NAME="id" TYPE="HIDDEN" VALUE="<?php echo"$id"; ?>">
+<INPUT NAME="name" TYPE="HIDDEN" VALUE="<?php echo"$name"; ?>">
+<INPUT NAME="method" TYPE="HIDDEN" VALUE="<?php echo strtolower($method); ?>">
+<TR><TD><SPAN class="global">Title*</SPAN></TD> <TD><INPUT NAME="title" TYPE="TEXT" VALUE="<?php echo"$title"; ?>" SIZE=50 MAXLENGTH=100></TD></TR>
+<TR><TD><SPAN class="global">Body*</SPAN></TD> <TD><TEXTAREA NAME="body" ROWS=4 COLS=60><?php echo"$body"; ?></TEXTAREA></TD></TR>
+<TR><TD><SPAN class="global">Extended Body</SPAN></TD> <TD><TEXTAREA NAME="extendedbody" ROWS=8 COLS=60><?php echo"$extendedbody"; ?></TEXTAREA></TD></TR>
+
+<TR><TD>
+<?php
+echo"Editor's Pick:</TD>\n<TD>";
+if ($pick=="YES") {
+ echo"<INPUT NAME=\"pick\" TYPE=\"RADIO\" VALUE=\"YES\" CHECKED>Yes  <INPUT NAME=\"pick\" TYPE=\"RADIO\" VALUE=\"NO\">No";
+ } else if ($pick=="NO") {
+ echo"<INPUT NAME=\"pick\" TYPE=\"RADIO\" VALUE=\"YES\">Yes <INPUT NAME=\"pick\" TYPE=\"RADIO\" VALUE=\"NO\" CHECKED>No";
+ } else {
+ echo"<INPUT NAME=\"pick\" TYPE=\"RADIO\" VALUE=\"YES\">Yes <INPUT NAME=\"pick\" TYPE=\"RADIO\" VALUE=\"NO\">No";
+ }
+?>
+</TD></TR>
+
+<TR><TD>
+<?php
+echo"Featured:</TD>\n<TD>";
+if ($featured=="YES") {
+ echo"<INPUT NAME=\"featured\" TYPE=\"RADIO\" VALUE=\"YES\" CHECKED>Yes  <INPUT NAME=\"featured\" TYPE=\"RADIO\" VALUE=\"NO\">No";
+ } else if ($featured=="NO") {
+ echo"<INPUT NAME=\"featured\" TYPE=\"RADIO\" VALUE=\"YES\">Yes <INPUT NAME=\"featured\" TYPE=\"RADIO\" VALUE=\"NO\" CHECKED>No";
+ } else {
+ echo"<INPUT NAME=\"featured\" TYPE=\"RADIO\" VALUE=\"YES\">Yes <INPUT NAME=\"featured\" TYPE=\"RADIO\" VALUE=\"NO\">No";
+ }
+?>
+&nbsp;&nbsp;&nbsp;<span class="tooltip" title="Month this item should appear on the frontpage, Format: YYYYMM">Feature Month</span>: <input name="featuredate" type="text" size=6 value="<?php echo"$featuredate"; ?>">
+</TD></TR>
+
+<TR><TD COLSPAN="2" ALIGN="CENTER"><INPUT NAME="submit" TYPE="SUBMIT" VALUE="<?php echo"$action"; ?> Review">&nbsp;&nbsp;<INPUT NAME="reset" TYPE="RESET" VALUE="Reset Form">&nbsp;&nbsp;<?php if ($method=="Add") {} else { ?><INPUT NAME="submit" TYPE="SUBMIT" VALUE="Delete" ONCLICK="return confirm('Warning! Are you sure you want to delete the review for <?php echo"$name"; ?>?');"><?php } ?></TD></TR>
+</FORM>
+</TABLE>
+&nbsp;&nbsp;&nbsp;<a href="?type=<?php echo"$type"; ?>">&#171;&#171; Back to Reviews Manager</a>
+
+<?php
+} else {}
+?>
+
+
+<!-- close #mBody-->
+</div>
+
+<?php
+require_once(FOOTER);
+?>

mozilla/webtools/update/developers/tshirt.php

@@ -0,0 +1,144 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Justin "Fluffy" Scott.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Justin Scott <fligtar@gmail.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+
+require_once('../core/init.php');
+require_once('./core/sessionconfig.php');
+$page_title = 'Mozilla Update :: Developer Control Panel :: T-Shirt Request';
+require_once(HEADER);
+require_once('./inc_sidebar.php');
+require_once('./inc_tshirt.php');
+
+if (!tshirtEligible()) {
+    echo "<h1>Access Denied</h1>\n";
+    echo "You are not eligible to receive a t-shirt.";
+    require_once(FOOTER);
+    exit;
+}
+
+$userid = mysql_real_escape_string($_SESSION['uid']);
+
+if (isset($_POST['submit'])) {
+    $name = mysql_real_escape_string($_POST['name']);
+    $phone = mysql_real_escape_string($_POST['phone']);
+    $address1 = mysql_real_escape_string($_POST['address1']);
+    $address2 = mysql_real_escape_string($_POST['address2']);
+    $address3 = mysql_real_escape_string($_POST['address3']);
+    $size = mysql_real_escape_string($_POST['size']);
+
+    $eligibility = implode(', ', tshirtEligible(true));
+    
+    if (!empty($address1) && !empty($size) && !empty($phone) && !empty($name)) {
+        mysql_query("UPDATE userprofiles SET UserRealName='{$name}', UserAddress1='{$address1}', UserAddress2='{$address2}', UserAddress3='{$address3}', UserTShirtSize='{$size}', UserPhone='{$phone}', UserTShirtDetails='{$eligibility}' WHERE UserID='{$userid}'");
+    
+        $message = 'Your request has been submitted! Please be patient for delivery.';
+    }
+    else {
+        $message = 'Error: Please fill in all of the fields.';
+    }
+}
+
+$userqry = mysql_query("SELECT * FROM userprofiles WHERE UserID='{$userid}'");
+$user = mysql_fetch_array($userqry);
+?>
+<h1>T-Shirt Request Form</h1>
+<?=!empty($message) ? '<div style="font-weight: bold;">'.$message.'</div><br>' : ''?>
+<div style="font-size: 12px;">You are eligible to receive a free Firefox 2 Extension Team t-shirt for your contributions to Firefox Add-ons. Please complete the following form to receive your t-shirt. Please be patient, as requests will not be processed immediately. For questions related to this offer, please e-mail <a href="mailto:tshirts@mozilla.org">tshirts@mozilla.org</a>.</div><br>
+<div>Current Request Status: <strong><?=!empty($user['UserTShirtSize']) ? 'Submitted' : 'Not Submitted'?></strong></div>
+<table cellpadding=2 cellspacing=0>
+    <tr>
+        <td valign="top">Current Eligibility:</td>
+        <td valign="top" style="font-weight: bold;"><?=implode('<br>', tshirtEligible(true))?></td>
+    </tr>
+</table>
+<hr>
+<div>All fields are required.</div><br>
+<form method="post">
+<table cellpadding=2 cellspacing=0>
+    <tr>
+        <td><span class="tooltip" title="Real name for t-shirt delivery only; will not be displayed publicly">Full Name</span></td>
+        <td><input type="text" name="name" size="30" value="<?=$user['UserRealName']?>"></td>
+    </tr>
+    <tr>
+        <td><span class="tooltip" title="May be required by delivery service (Please include country and area code)">Telephone</span></td>
+        <td><input type="text" name="phone" value="<?=$user['UserPhone']?>"></td>
+    </tr>
+    <tr>
+        <td><span class="tooltip" title="Full shipping address, including country">Address</span></td>
+        <td><input type="text" name="address1" size="40" value="<?=$user['UserAddress1']?>"></td>
+    </tr>
+    <tr>
+        <td>&nbsp;</td>
+        <td><input type="text" name="address2" size="40" value="<?=$user['UserAddress2']?>"></td>
+    </tr>
+    <tr>
+        <td>&nbsp;</td>
+        <td><input type="text" name="address3" size="40" value="<?=$user['UserAddress3']?>"></td>
+    </tr>
+    <tr>
+        <td>T-Shirt Size</td>
+        <td>
+            <select name="size">
+                <option></option>
+                <option value="Men-S"<?=($user['UserTShirtSize'] == 'Men-S') ? ' selected' : ''?>>Men - Small</option>
+                <option value="Men-M"<?=($user['UserTShirtSize'] == 'Men-M') ? ' selected' : ''?>>Men - Medium</option>
+                <option value="Men-L"<?=($user['UserTShirtSize'] == 'Men-L') ? ' selected' : ''?>>Men - Large</option>
+                <option value="Men-XL"<?=($user['UserTShirtSize'] == 'Men-XL') ? ' selected' : ''?>>Men - XL</option>
+                <option value="Men-2XL"<?=($user['UserTShirtSize'] == 'Men-2XL') ? ' selected' : ''?>>Men - 2XL</option>
+                <option value="Women-S"<?=($user['UserTShirtSize'] == 'Women-S') ? ' selected' : ''?>>Women - Small</option>
+                <option value="Women-M"<?=($user['UserTShirtSize'] == 'Women-M') ? ' selected' : ''?>>Women - Medium</option>
+                <option value="Women-L"<?=($user['UserTShirtSize'] == 'Women-L') ? ' selected' : ''?>>Women - Large</option>
+                <option value="Women-XL"<?=($user['UserTShirtSize'] == 'Women-XL') ? ' selected' : ''?>>Women - XL</option>
+            </select>
+        </td>
+    </tr>
+    <tr>
+        <td colspan="2" align="center">The information above is collected in accordance with Mozilla's <a href="http://www.mozilla.org/privacy-policy.html">Privacy Policy</a>.</td>
+    </tr>
+    <tr>
+        <td colspan="2" align="center"><input type="submit" name="submit" value="Submit Request"></td>
+    </tr>
+</table>
+</form>
+
+<!-- close #mBody-->
+</div>
+
+<?php
+require_once(FOOTER);
+?>

mozilla/webtools/update/developers/usermanager.php

@@ -0,0 +1,662 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//   Mike Morgan <morgamic@gmail.com>
+//   Justin Scott <fligtar@gmail.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+require_once('../core/init.php');
+require_once('./core/sessionconfig.php');
+
+class PermissionsManager {
+  var $modes;
+  var $trusted;
+  var $mode;
+  var $func;
+  function PermissionsManager($function) {
+    $this->func=$function;
+    $this->modes=array('A'=>'Admin','E'=>'Editor','U'=>'User','D'=>'Disabled');
+    $mode="";
+    if (isset($_POST['usermode']))
+      $mode=$_POST['usermode'];
+    if( (!$this->decodeMode($mode)) // unknown mode degrades to U
+        || ( $mode == 'A' && $_SESSION['level'] != 'admin' ) 
+            // only admins can create admins  
+    ) { 
+      $mode='U';
+    }
+    $this->mode=$mode;
+    $this->trusted='FALSE';
+    if (isset($_POST['trusted']))
+      $this->trusted=$_POST['trusted']=='TRUE'?'TRUE':'FALSE';
+  }
+  
+  function decodeMode($mode) {
+    return $this->modes[$mode];
+  }
+  
+  function printUI() {
+    $level=$_SESSION['level'];
+    if( $this->func == 'edituser' && ($level=='user' || $level=='editor')) {
+      // read-only (hidden) fields: "usermode" and "trusted"
+      $umDes=$this->decodeMode($this->mode);
+      echo "<input name=\"usermode\" type=\"hidden\" value=\"$this->mode\">"
+        . ( $umDes?$umDes:"Unknown ($this->mode)" );
+      
+      if ($this->trusted==='TRUE') {
+        echo"Trusted <INPUT NAME=\"trusted\" TYPE=\"HIDDEN\" VALUE=\"TRUE\">\n";
+      }
+    } else if( $level=='admin' 
+      || ($editorAdding=($this->func == 'adduser' && $level=='editor')) ) { 
+      // editable fields: "usermode" (radio) and "trusted" (checkbox)
+      $modes=$this->modes;
+      if($editorAdding) array_shift($modes); // only admins can create admins 
+      foreach($modes as $umId=>$umDes) { // decode usermodes
+        echo '<input name="usermode" type="radio" value="'.$umId
+          . ($umId===$this->mode?'" checked="checked"/>':'"/>' )
+          ."$umDes\n";
+      }
+      
+      echo '<input name="trusted" type="checkbox" value="TRUE"';
+      if($this->trusted==='TRUE') echo ' checked="checked"';
+      echo ">Trusted\n";
+    
+    }
+  }
+}
+
+$function = "";
+if (isset($_GET['function']))
+  $function = $_GET['function'];
+$perms = new PermissionsManager($function);
+
+//Access Level: only admins can edit somebody else's profile
+if ($_SESSION['level'] !=='admin') {
+  //Kill access to add user.
+  if($function != 'changepassword') $function = 'edituser';
+  $userid=$_SESSION['uid'];
+}
+
+$page_title = 'Mozilla Update :: Developer Control Panel :: User Manager';
+require_once(HEADER);
+require_once('./inc_sidebar.php');
+
+//Security Check for EditUser/ChangePassword function.
+if ($function=="edituser" || $function=="changepassword") {
+  $postuid = escape_string($_GET["userid"]);
+  $userid = escape_string($_SESSION["uid"]);
+  // All users users may change their own accounts, check when trying to change other accounts
+  if ($postuid && ($postuid != $userid) ) {
+    $allowed = false;
+    if ($_SESSION["level"] == "admin") {
+      // Admins may change any account
+      $allowed = true;
+    } else if ($_SESSION["level"]=="editor") {
+      // Editors may only change regular users, not editors or admins
+      $sql = "SELECT `UserID` from `userprofiles` WHERE " .
+             "`UserMode`='U' and `UserID`='$postuid'" .
+             " LIMIT 1";
+      $sql_result = mysql_query($sql, $connection) or trigger_error("<FONT COLOR=\"#FF0000\"><B>MySQL Error ".mysql_errno().": ".mysql_error()."</B></FONT>", E_USER_NOTICE);
+      if (mysql_num_rows($sql_result) == 1) {
+        $allowed = true;
+      }
+    }
+
+    if ($allowed == false) {
+      echo"<h1>Error Accessing Record</h1>\n";
+      echo"You do not appear to have permission to edit this record.<br>\n";
+      echo"<a href=\"?function=\">&#171;&#171; Go Back</a>\n";
+      require_once(FOOTER);
+      exit;
+    } else {
+      $userid = $postuid;
+    }
+  }
+}
+?>
+<?php
+if (!$function) {
+?>
+
+<?php
+if ($_POST["submit"] && $_GET["action"]=="update" && checkFormKey()) {
+?>
+<h1>Updating User List...</h1>
+<?php
+
+    //Process Post Data, Make Changes to User Table.
+    //Begin General Updating
+     $maxuserid=intval($_POST['maxuserid']);
+     $minuserid=intval($_POST['minuserid']);
+     $sql = "SELECT UserID FROM `userprofiles` ORDER BY `UserMode`, `UserName` ASC LIMIT $minuserid, $maxuserid";
+     $sql_result_uids = mysql_query($sql, $connection) or trigger_error("<FONT COLOR=\"#FF0000\"><B>MySQL Error ".mysql_errno().": ".mysql_error()."</B></FONT>", E_USER_NOTICE);
+    $count = 0;
+    while($row=mysql_fetch_row($sql_result_uids)) {
+        $count++;
+      $i=$row[0]; // UserID
+      $admin = escape_string($_POST["admin$i"]);
+      $editor = escape_string($_POST["editor$i"]);
+      $trusted = escape_string($_POST["trusted$i"]);
+      $disabled = escape_string($_POST["disabled$i"]);
+      $selected = escape_string($_POST["selected$i"]);
+      //echo "$i - $admin - $editor - $trusted - $selected<br>\n";
+
+      if ($admin=="TRUE") { $mode="A"; 
+      } else if ($editor=="TRUE") { $mode="E"; 
+      } else if ($disabled=="TRUE") {$mode="D";
+      } else { $mode="U"; }
+
+      if ($trusted !=="TRUE") {$trusted="FALSE"; }
+
+        $sql = "UPDATE `userprofiles` SET `UserMode`= '$mode', `UserTrusted`= '$trusted' WHERE `UserID`='$i'";
+        $sql_result = mysql_query($sql, $connection) or trigger_error("<FONT COLOR=\"#FF0000\"><B>MySQL Error ".mysql_errno().": ".mysql_error()."</B></FONT>", E_USER_NOTICE);
+
+      //Do Special Disable, Delete, Enable Account Operations
+      if ($_POST["selected$i"] AND $_POST["submit"] !=="Update") {
+	$selecteduser = escape_string($_POST["selected$i"]);
+
+	if ($_POST["submit"]=="Disable Selected") {
+          if (checkFormKey()) {
+	    $sql = "UPDATE `userprofiles` SET `UserMode`= 'D' WHERE `UserID`='$selecteduser'";
+	    $sql_result = mysql_query($sql, $connection) or trigger_error("<FONT COLOR=\"#FF0000\"><B>MySQL Error ".mysql_errno().": ".mysql_error()."</B></FONT>", E_USER_NOTICE);
+	    if ($sql_result) {
+	      echo"User Account for User Number $selecteduser Disabled<br>\n";
+	    }
+
+	    //Disabling an author, check their extension list and disable any item they're the solo author of.
+	    $sql = "SELECT TM.ID, TM.Name from `main` TM INNER JOIN `authorxref` TAX ON TM.ID=TAX.ID WHERE TAX.UserID = '$selecteduser'";
+	    $sql_result = mysql_query($sql, $connection) or trigger_error("<FONT COLOR=\"#FF0000\"><B>MySQL Error ".mysql_errno().": ".mysql_error()."</B></FONT>", E_USER_NOTICE);
+	    while ($row = mysql_fetch_array($sql_result)) {
+	      $id = $row["ID"];
+	      $name = $row["Name"];
+	      $sql2 = "SELECT `ID` from `authorxref` WHERE `ID` = '$id'";
+	      $sql_result2 = mysql_query($sql2, $connection) or trigger_error("<FONT COLOR=\"#FF0000\"><B>MySQL Error ".mysql_errno().": ".mysql_error()."</B></FONT>", E_USER_NOTICE);
+	      if (mysql_num_rows($sql_result2)<="1") {
+	        $sql3 = "UPDATE `version` SET `approved`='DISABLED' WHERE `ID`='$id' and `approved` !='NO' ";
+	        $sql_result3 = mysql_query($sql3, $connection) or trigger_error("<FONT COLOR=\"#FF0000\"><B>MySQL Error ".mysql_errno().": ".mysql_error()."</B></FONT>", E_USER_NOTICE);
+	        if ($sql_result3) {
+	  	  echo"$name disabled from public viewing...<br>\n";
+	        }
+	      }
+            }
+	  }
+
+	} else if ($_POST["submit"]=="Delete Selected") {
+          if (checkFormKey()) {
+	    $sql = "DELETE FROM `userprofiles` WHERE `UserID`='$selecteduser' LIMIT 1";
+	    $sql_result = mysql_query($sql, $connection) or trigger_error("<FONT COLOR=\"#FF0000\"><B>MySQL Error ".mysql_errno().": ".mysql_error()."</B></FONT>", E_USER_NOTICE);
+	    if ($sql_result) {
+	      echo"User Account for User Number $selecteduser Deleted<br>\n";
+	    }
+          }
+
+	} else if ($_POST["submit"]=="Enable Selected") {
+          if (checkFormKey()) {
+	    $sql = "UPDATE `userprofiles` SET `UserMode`= 'U' WHERE `UserID`='$selecteduser'";
+	    $sql_result = mysql_query($sql, $connection) or trigger_error("<FONT COLOR=\"#FF0000\"><B>MySQL Error ".mysql_errno().": ".mysql_error()."</B></FONT>", E_USER_NOTICE);
+	    if ($sql_result) {
+	      echo"User Account for User Number $selecteduser Enabled, User Mode set to User<br>\n";
+	    }
+	    //Disabling an author, check their extension list and disable any item they're the solo author of.
+	    $sql = "SELECT TM.ID, TM.Name from `main` TM INNER JOIN `authorxref` TAX ON TM.ID=TAX.ID WHERE TAX.UserID = '$selecteduser'";
+	    $sql_result = mysql_query($sql, $connection) or trigger_error("<FONT COLOR=\"#FF0000\"><B>MySQL Error ".mysql_errno().": ".mysql_error()."</B></FONT>", E_USER_NOTICE);
+	    while ($row = mysql_fetch_array($sql_result)) {
+	      $id = $row["ID"];
+	      $name = $row["Name"];
+	      $sql2 = "SELECT `ID` from `authorxref` WHERE `ID` = '$id'";
+	      $sql_result2 = mysql_query($sql2, $connection) or trigger_error("<FONT COLOR=\"#FF0000\"><B>MySQL Error ".mysql_errno().": ".mysql_error()."</B></FONT>", E_USER_NOTICE);
+	      if (mysql_num_rows($sql_result2)<="1") {
+	        $sql3 = "UPDATE `version` SET `approved`='?' WHERE `ID`='$id' and `approved` !='NO'";
+	        $sql_result3 = mysql_query($sql3, $connection) or trigger_error("<FONT COLOR=\"#FF0000\"><B>MySQL Error ".mysql_errno().": ".mysql_error()."</B></FONT>", E_USER_NOTICE);
+	        if ($sql_result3) {
+	  	  echo"$name restored to public view pending approval...<br>\n";
+	        }
+	      }
+	    }
+          }
+	}
+      }
+
+
+    }
+  unset($i);
+  mysql_free_result($sql_result_uids);
+  echo"Your changes to the User List have been succesfully completed<BR>\n";
+
+ }
+?>
+<?php
+ $startLimit = 0;
+ if (isset($_GET['start']))
+   $startLimit = $_GET['start'];
+ settype($startLimit, "integer");
+ $endLimit = $startLimit+100;
+
+// Clean our query.
+$nameq = isset($_GET['nameq'])&&ctype_alnum($_GET['nameq'])?mysql_real_escape_string($_GET['nameq']):null;
+?>
+
+<a href="usermanager.php?start=<?=($startLimit-100)>=0?$startLimit-100:0?>">Prev 100</a> <a href="usermanager.php?start=<?=$endLimit?>">Next 100</a>
+<h1>Manage User List</h1>
+
+<br/>
+<form action="./usermanager.php" method="get">
+<div>
+<input type="text" name="nameq" id="nameq" value="<?=isset($nameq)?htmlentities($nameq):null?>"/>
+<input type="submit" name="nameqsubmit" value="Search Users"/>
+</div>
+</form>
+
+<?php
+// Start query.
+$maxuserid=-1;
+$sql = "SELECT * FROM `userprofiles` WHERE username like '%{$nameq}%' OR useremail like '%{$nameq}%' ORDER BY `UserMode`, `UserName` ASC LIMIT $startLimit, 100";
+$sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+$i = $startLimit;
+
+if (!empty($nameq) && mysql_num_rows($sql_result) > 0) {
+?>
+<TABLE BORDER=0 CELLPADDING=1 CELLSPACING=1 ALIGN=CENTER STYLE="border: 0px; width: 100%" class="listing">
+<TR style="font-weight: bold">
+<TH></TH>
+<TH>Name</TH>
+<TH>E-Mail Address</TH>
+<TH>S</TH>
+<TH>E</TH>
+<TH>A</TH>
+<TH>T</TH>
+</TR>
+<FORM NAME="updateusers" METHOD="POST" ACTION="?function=&action=update">
+<?writeFormKey();?>
+<?php
+   while ($row = mysql_fetch_array($sql_result)) {
+    $userid = $row["UserID"];
+    $username = $row["UserName"];
+    $useremail = $row["UserEmail"];
+    $userwebsite = $row["UserWebsite"];
+    $usermode = $row["UserMode"];
+    $useremailhide = $row["UserEmailHide"];
+    $t = $row["UserTrusted"];
+$d = "FALSE";
+if ($usermode=="A") {$a="TRUE"; $e="TRUE";
+} else if ($usermode=="E") {$e="TRUE"; $a="FALSE";
+} else if ($usermode=="U") {$e="FALSE"; $a="FALSE";
+} else if ($usermode=="D") {$d="TRUE";}
+    $i++;
+    echo"<TR>";
+    echo"<TD CLASS=\"tablehighlight\" ALIGN=CENTER><B>$i</B></TD>\n";
+    echo"<TD CLASS=\"tablehighlight\"><B>&nbsp;&nbsp;<A HREF=\"?function=edituser&userid=$userid\">$username</A></B></TD>\n";
+    echo"<TD CLASS=\"tablehighlight\"><B>&nbsp;&nbsp;<A HREF=\"mailto:$useremail\">$useremail</A></B></TD>\n";
+    echo"<TD CLASS=\"tablehighlight\"><INPUT NAME=\"selected$userid\" TYPE=\"CHECKBOX\"  DISABLED=\"DISABLED\ VALUE=\"$userid\" TITLE=\"Selected User\""; if (($a=="TRUE" or $e=="TRUE") AND $_SESSION["level"]=="editor") {echo" DISABLED=\"DISABLED\"";} echo"></TD>";
+    echo"<TD CLASS=\"tablehighlight\"><INPUT NAME=\"editor$userid\" TYPE=\"CHECKBOX\"  DISABLED=\"DISABLED\ VALUE=\"TRUE\" "; if ($e=="TRUE") {echo"CHECKED=\"CHECKED\""; } if (($a=="TRUE" or $d=="TRUE") or $_SESSION["level"]=="editor") {echo" DISABLED=\"DISABLED\"";} echo" TITLE=\"Editor\"></TD>";
+    echo"<TD CLASS=\"tablehighlight\"><INPUT NAME=\"admin$userid\" TYPE=\"CHECKBOX\"  DISABLED=\"DISABLED\ VALUE=\"TRUE\" "; if ($a=="TRUE") {echo"CHECKED=\"CHECKED\""; } if ($d=="TRUE" or $_SESSION["level"]=="editor") {echo" DISABLED=\"DISABLED\"";} echo" TITLE=\"Administrator\"></TD>";
+    echo"<TD CLASS=\"tablehighlight\"><INPUT NAME=\"trusted$userid\" TYPE=\"CHECKBOX\"  DISABLED=\"DISABLED\ VALUE=\"TRUE\" "; if ($t=="TRUE") {echo"CHECKED=\"CHECKED\""; } if ($d=="TRUE" or (($a=="TRUE" or $e=="TRUE") AND $_SESSION["level"]=="editor" )) {echo" DISABLED=\"DISABLED\"";}echo" TITLE=\"Trusted User\"></TD>";
+    if ($d=="TRUE") {echo"<INPUT NAME=\"disabled$userid\" TYPE=\"HIDDEN\" VALUE=\"TRUE\">\n"; }
+    echo"</TR>\n";
+  $maxuserid=max($userid,$maxuserid);
+  unset($a,$e,$t);
+}
+$minuserid = $startLimit+1;
+echo '<INPUT NAME="minuserid" TYPE="HIDDEN" VALUE="'. $minuserid.'">';
+echo "<INPUT NAME=\"maxuserid\" TYPE=\"HIDDEN\" VALUE=\"$endLimit\">";
+?>
+</FORM>
+</TABLE>
+<a href="usermanager.php?start=<?=($startLimit-100)>=0?$startLimit-100:0?>">Prev 100</a> <a href="usermanager.php?start=<?=$endLimit?>">Next 100</a>
+
+<?php
+} elseif (!empty($nameq)) {
+?>
+
+<p>No users matching your query were found.  Please try again.</p>
+
+<?php
+}
+?>
+<h2><a href="?function=adduser">Add New User</A></h2>
+<div style="width: 580px; border: 0px dotted #AAA; margin-top: 1px; margin-left: 50px; margin-bottom: 5px; font-size: 10pt; font-weight: bold">
+
+<form name="adduser" method="post" action="?function=adduser">
+<?writeFormKey();?>
+  E-Mail: <input name="useremail" type="text" size="30" maxlength="150" value="">
+<input name="submit" type="submit" value="Add User"></SPAN>
+</form>
+</div>
+
+
+<?php
+} else if ($function=="edituser") {
+
+
+if (!$userid) {$userid = escape_string($_GET["userid"]);}
+
+//Process Submitted Values if this is a return with $_POST data...
+if ($_POST["submit"]=="Update") {
+  if ($_SESSION["level"] !=="admin" && $_SESSION["uid"] !== $_POST["userid"]) {$_POST["userid"]=$_SESSION["uid"];}
+    
+  $userid = escape_string($_POST["userid"]);
+  $username = escape_string($_POST["username"]);
+  $useremail = escape_string($_POST["useremail"]);
+  $userwebsite = escape_string($_POST["userwebsite"]);
+  $useremailhide = escape_string($_POST["useremailhide"]);
+
+  if (checkFormKey()) {
+    $sql = "UPDATE `userprofiles` SET `UserName`= '$username', `UserEmail`='$useremail', `UserWebsite`='$userwebsite', `UserMode`='$perms->mode', `UserTrusted`='{$perms->trusted}', `UserEmailHide`='$useremailhide' WHERE `UserID`='$userid'";
+   $sql_result = mysql_query($sql, $connection) or trigger_error("<FONT COLOR=\"#FF0000\"><B>MySQL Error ".mysql_errno().": ".mysql_error()."</B></FONT>", E_USER_NOTICE);
+    if ($sql_result) {
+      echo"<h1>Updating User Profile...</h1>\n";
+      echo"The User Profile for $username, has been successfully updated...<br>\n";
+    }
+  }
+} else if ($_POST["submit"] == "Delete User") {
+  if ($_SESSION["level"] !=="admin" && $_SESSION["uid"] !== $_POST["userid"]) {$_POST["userid"]=$_SESSION["uid"];}
+  $userid = escape_string($_POST["userid"]);
+  if (checkFormKey()) {
+
+    /**
+     * Check to make sure the user does not have any existing add-ons.
+     *
+     * This is made to prevent users from erasing their user account and leaving
+     * add-ons with no owner.
+     *
+     * In the error text, we will give them the ability to assign the add-on to
+     * a default owner account: nobody@mozilla.org (in honor of the great Bugzilla handle).
+     */
+
+    /**
+     * First, check to see if there is an add-on attached to this user.
+     */
+    $ownershipCheck = mysql_query("SELECT `main`.`ID`,`main`.`Name` FROM authorxref JOIN main on authorxref.ID=main.ID WHERE `UserID` = {$userid}", $connection) or trigger_error("<FONT COLOR=\"#FF0000\"><B>MySQL Error ".mysql_errno().": ".mysql_error()."</B></FONT>", E_USER_NOTICE);
+
+    /**
+     * If there is at least one, display information on how to delete.
+     */
+    if (mysql_num_rows($ownershipCheck) > 0) {
+
+        $addonsOwned = '';
+        while ($buf = mysql_fetch_array($ownershipCheck, MYSQL_ASSOC)) {
+            $addonsOwned .= '<li><a href="'.WEB_PATH.'/developers/listmanager.php?function=editmain&id='.$buf['ID'].'">'.htmlentities($buf['Name']).'</a></li>';
+        }
+    
+        echo <<<OWNERSHIPCHECK
+        <h1>You own at least one add-on</h1>
+        <p>Sorry, you cannot delete your user account because you are still an author for the following add-on(s):</p>
+        <ul>
+            {$addonsOwned}         
+        </ul>
+        <p>To delete your user account, you must complete one of the following:</p>
+        <ul>
+            <li>Transfer ownership to someone in your add-on community who would like to continue your work (or remove your email if there are multiple authors).</li>
+            <li>Transfer ownership to the default owner (nobody@mozilla.org) so someone else may pick up where you left off.</li>
+            <li>Delete your add-on(s).</li>
+        </ul>
+        <p>You may transfer ownership by entering the appropriate email in the <em>Author(s):</em> field on your add-on's edit page.  Use <em>nobody@mozilla.org</em> if you wish to assign to the default owner.</p>
+        <p>You can edit your add-on(s) by clicking on links above.  Each link will take you to your add-on's edit page.</p>
+        </div>
+OWNERSHIPCHECK;
+        require_once(FOOTER);
+        exit;
+    }
+
+    $sql = "DELETE FROM `userprofiles` WHERE `UserID`='$userid'";
+    $sql_result = mysql_query($sql, $connection) or trigger_error("<FONT COLOR=\"#FF0000\"><B>MySQL Error ".mysql_errno().": ".mysql_error()."</B></FONT>", E_USER_NOTICE);
+    if ($sql_result) {
+      $username = $_POST["username"];
+      echo"<h1>Deleting User... Please wait...</h1>\n";
+      echo"You've successfully deleted the user profile for $username...<br>\n";
+      require_once(FOOTER);
+      exit;
+    }
+  }
+}
+
+if (!$userid) {$userid=escape_string($_POST["userid"]);}
+
+//Show Edit Form
+ $sql = "SELECT * FROM `userprofiles` WHERE `UserID` = '$userid' LIMIT 1";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+   $row = mysql_fetch_array($sql_result);
+    $userid = $row["UserID"];
+    $username = $row["UserName"];
+    $useremail = $row["UserEmail"];
+    $userwebsite = $row["UserWebsite"];
+    $userpass = $row["UserPass"];
+    $perms->mode = $row["UserMode"];
+    $perms->trusted = $row["UserTrusted"];
+    $useremailhide = $row["UserEmailHide"];
+    $userlastlogin = date("l, F, d, Y, g:i:sa", strtotime($row["UserLastLogin"]));
+?>
+
+<h1>Edit User Profile for <?php echo"$username"; ?></h1>
+<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=2 ALIGN=CENTER STYLE="border: 0px; width: 95%">
+<TR><TD COLSPAN=2>Last login: <?php echo"$userlastlogin"; ?></TD></TR>
+<FORM NAME="edituser" METHOD="POST" ACTION="?function=edituser">
+<?writeFormKey();?>
+<?php
+    echo"<INPUT NAME=\"userid\" TYPE=\"HIDDEN\" VALUE=\"$userid\">\n";
+    echo"<TR><TD STYLE=\"width: 130px\"><B>Name:</B></TD><TD><INPUT NAME=\"username\" TYPE=\"TEXT\" VALUE=\"$username\" SIZE=30 MAXLENGTH=100></TD></TR>\n";
+    echo"<TR><TD><B>E-Mail:</B></TD><TD><INPUT NAME=\"useremail\" TYPE=\"TEXT\" VALUE=\"$useremail\" SIZE=30 MAXLENGTH=100></TD></TR>\n";
+    echo"<TR><TD><B>Website:</B></TD><TD><INPUT NAME=\"userwebsite\" TYPE=\"TEXT\" VALUE=\"$userwebsite\" SIZE=30 MAXLENGTH=100></TD></TR>\n";
+    echo"<TR><TD><B>Password:</B></TD><TD><FONT STYLE=\"font-size:10pt; font-weight: bold\"><A HREF=\"?function=changepassword&userid=$userid\">Change Password</A></FONT></TD></TR>\n";
+
+    echo"<TR><TD><B>Permissions:</B></TD><TD>";
+
+    $perms->printUI();
+    
+    echo"</TD></TR>\n";
+
+    echo"<TR><TD><B>E-Mail Public:<B></TD><TD>";
+    if ($useremailhide==="1") {
+      echo"Hidden: <INPUT NAME=\"useremailhide\" TYPE=\"RADIO\" VALUE=\"1\" CHECKED> Visible: <INPUT NAME=\"useremailhide\" TYPE=\"RADIO\" VALUE=\"0\">";
+    } else if ($useremailhide==="0") {
+      echo"Hidden: <INPUT NAME=\"useremailhide\" TYPE=\"RADIO\" VALUE=\"1\"> Visible: <INPUT NAME=\"useremailhide\" TYPE=\"RADIO\" VALUE=\"0\" CHECKED>";
+    } else {
+      echo"Hidden: <INPUT NAME=\"useremailhide\" TYPE=\"RADIO\" VALUE=\"1\"> Visible: <INPUT NAME=\"useremailhide\" TYPE=\"RADIO\" VALUE=\"0\">";
+    }
+    echo"</TD></TR>\n";
+?>
+<TR><TD COLSPAN="2"><strong>Warning:</strong> Setting E-Mail Public to Visible will show your e-mail address in plaintext on your profile. Do not enable this if you wish to keep your e-mail address hidden.</TD></TR>
+<TR><TD COLSPAN="2" ALIGN="CENTER"><INPUT NAME="submit" TYPE="SUBMIT" VALUE="Update">&nbsp;&nbsp;<INPUT NAME="reset" TYPE="RESET" VALUE="Reset Form">&nbsp;&nbsp;<INPUT NAME="submit" TYPE="SUBMIT" VALUE="Delete User" ONCLICK="return confirm('Are you sure you want to delete the profile for <?php echo"$username"; ?>?');"></TD></TR>
+</FORM>
+<?php if ($_SESSION["level"]=="user") {} else { ?>
+<TR><TD COLSPAN="2"><A HREF="?function=">&#171;&#171; Return to User Manager</A></TD></TR>
+<?php } ?>
+</TABLE>
+
+<?php
+} else if ($function=="adduser") {
+
+if ($_POST["submit"]=="Create User") {
+  echo"<h1>Adding User...</h1>\n";
+  if(strlen($_POST['username'])<2) {
+    echo '<b>Name is too short (min 2 characters)</b><br />';
+    $errors='true';
+  }
+
+ //Verify Users Password and md5 encode it for storage...
+  if(strlen($_POST['userpass'])<4) {
+    echo '<b>Password is too short (min 4 characters)</b><br />';
+    $errors='true';
+  }
+ if ($_POST['userpass']==$_POST['userpassconfirm']) {
+ $_POST['userpass']=md5($_POST['userpass']);
+ } else {
+ $errors="true";
+ echo"<B>Your two passwords did not match, go back and try again...</B><br>\n";
+ }
+
+ //Add User to MySQL Table
+if ($errors !="true") {
+   
+$username = escape_string($_POST["username"]);
+$useremail = escape_string($_POST['useremail']);
+$userwebsite = escape_string($_POST['userwebsite']);
+$userpass = escape_string($_POST['userpass']);
+$useremailhide = escape_string($_POST['useremailhide']);
+  if (checkFormKey()) {
+    $sql = "INSERT INTO `userprofiles` (`UserName`, `UserEmail`, `UserWebsite`, `UserPass`, `UserMode`, `UserTrusted`, `UserEmailHide`) VALUES ('$username', '$useremail', '$userwebsite', '$userpass', '{$perms->mode}', '{$perms->trusted}', '$useremailhide');";
+    $sql_result = mysql_query($sql) or trigger_error("<FONT COLOR=\"#FF0000\"><B>MySQL Error ".mysql_errno().": ".mysql_error()."</B></FONT>", E_USER_NOTICE);
+    if ($sql_result) {
+      include"mail_newaccount.php"; 
+      echo"The user $username has been added successfully...<br>\n";
+      echo"An E-Mail has been sent to the e-mail address specified with the login info needed.<br>\n";
+    }
+  }
+}
+
+}
+?>
+
+<h1>Add New User</h1>
+<FORM NAME="adduser" METHOD="POST" ACTION="?function=adduser">
+<?writeFormKey();?>
+<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=2 ALIGN=CENTER STYLE="border: 0px; width: 95%">
+  <TR><TD><B>E-Mail:</B></TD><TD><INPUT NAME="useremail" TYPE="TEXT" VALUE="<?php echo"$_POST[useremail]"; ?>" SIZE=30 MAXLENGTH=100></TD></TR>
+  <TR><TD ALIGN=RIGHT><B>Show E-Mail:<B></TD><TD>Hidden: <INPUT NAME="useremailhide" TYPE="RADIO" VALUE="1" CHECKED> Visible: <INPUT NAME="useremailhide" TYPE="RADIO" VALUE="0"></TD></TR>
+  <TR><TD STYLE="width: 150px"><B>Name:</B></TD><TD><INPUT NAME="username" TYPE="TEXT" VALUE="" SIZE=30 MAXLENGTH=100></TD></TR>
+  <TR><TD><B>Website:</B></TD><TD><INPUT NAME="userwebsite" TYPE="TEXT" VALUE="" SIZE=30 MAXLENGTH=100></TD></TR>
+  <TR><TD><B>Password:</B></TD><TD><INPUT NAME="userpass" TYPE="PASSWORD" VALUE="" SIZE=30 MAXLENGTH=200></TD></TR>
+  <TR><TD ALIGN=RIGHT><FONT STYLE="font-size: 10pt"><B>Confirm:</B></FONT>&nbsp;&nbsp;</TD><TD><INPUT NAME="userpassconfirm" TYPE="PASSWORD" VALUE="" SIZE=30 MAXLENGTH=200></TD></TR>
+
+  <TR>
+    <TD><B>Permissions:</B></TD>
+    <TD>
+      <?php $perms->printUI(); ?>
+    </TD>
+  </TR>
+
+  <TR><TD COLSPAN="2" ALIGN="CENTER"><INPUT NAME="submit" TYPE="SUBMIT" VALUE="Create User">&nbsp;&nbsp;<INPUT NAME="reset" TYPE="RESET" VALUE="Reset Form"></TD></TR>
+  <TR><TD COLSPAN="2"><A HREF="?function=">&#171;&#171; Return to User Manager</A></TD></TR>
+</TABLE>
+</FORM>
+
+<?php
+} else if ($function=="changepassword") {
+if (!$userid) {$userid = escape_string($_GET["userid"]); }
+
+//Set Password Change if this is a POST.
+if ($_POST["submit"]=="Change Password") {
+   echo"<h1>Changing Password, please wait...</h1>\n";
+ $userid = escape_string($_POST["userid"]);
+ $sql = "SELECT `UserPass`, `UserEmail` FROM `userprofiles` WHERE `UserID` = '$userid' LIMIT 1";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+   $row = mysql_fetch_array($sql_result);
+    $userpass = $row["UserPass"];
+    $email = $row["UserEmail"];
+    $oldpass = md5($_POST['oldpass']);
+
+    if ($userpass==$oldpass) {
+
+    if ($_POST['newpass']==$_POST['newpass2']) {
+     $newpassword = $_POST["newpass"];
+     $password_plain = $newpassword;
+     $userpass = md5($newpassword);
+
+     $sql_result = false;
+     if (checkFormKey()) {
+       $sql = "UPDATE `userprofiles` SET `UserPass`='$userpass' WHERE `UserID`='$userid'";
+       $sql_result = mysql_query($sql, $connection) or trigger_error("<FONT COLOR=\"#FF0000\"><B>MySQL Error ".mysql_errno().": ".mysql_error()."</B></FONT>", E_USER_NOTICE);
+     }
+     if ($sql_result) {
+       include"mail_newpassword.php";
+       echo"The password has been successfully changed, an e-mail has been sent confirming this action.<br>\n";
+     }
+    } else {
+     echo"The two passwords did not match, please go back and try again.<BR>\n";
+    }
+
+
+    } else {
+     echo"Your Old password did not match the password on file, please try again.<br>\n";
+
+    }
+
+} else if ($_POST["submit"]=="Generate New Password") {
+   echo"<h1>Generating New Password, please wait...</h1>\n";
+   $newpassword = substr(md5(mt_rand()),0,14);
+   $password_plain = $newpassword;
+   $userpass = md5($newpassword);
+   $userid = escape_string($_POST["userid"]);
+
+     $sql = "SELECT `UserEmail` FROM `userprofiles` WHERE `UserID` = '$userid' LIMIT 1";
+       $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+       $row = mysql_fetch_array($sql_result);
+         $email = $row["UserEmail"];
+
+     if (checkFormKey()) {
+       $sql = "UPDATE `userprofiles` SET `UserPass`='$userpass' WHERE `UserID`='$userid'";
+       $sql_result = mysql_query($sql, $connection) or trigger_error("<FONT COLOR=\"#FF0000\"><B>MySQL Error ".mysql_errno().": ".mysql_error()."</B></FONT>", E_USER_NOTICE);
+       if ($sql_result) {
+       include"mail_newpassword.php";
+       echo"The password has been successfully reset. The user has been sent an e-mail notifying them of their new password.<br>\n";
+       }
+     }
+}
+
+if (!$userid) { $userid = escape_string($_POST["userid"]); }
+//Get Name of User for Form
+ $sql = "SELECT `UserName` FROM `userprofiles` WHERE `UserID` = '$userid' LIMIT 1";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+    $row = mysql_fetch_array($sql_result);
+    $username = $row["UserName"];
+?>
+<h1>Change password for <?php echo"$username"; ?></h1>
+<TABLE BORDER=0 CELLPADDING=2 CELLSPACING=2 ALIGN=CENTER STYLE="border: 0px; width: 95%">
+<FORM NAME="adduser" METHOD="POST" ACTION="?function=changepassword&userid=<?php echo"$userid"; ?>">
+<?writeFormKey();?>
+    <INPUT NAME="userid" TYPE="HIDDEN" VALUE="<?php echo"$userid"; ?>">
+<?php if (($_SESSION["level"] =="admin" or $_SESSION["level"]=="editor") and $userid != $_SESSION["uid"]) { ?>
+    <TR><TD COLSPAN="2" ALIGN="CENTER"><INPUT NAME="submit" TYPE="SUBMIT" VALUE="Generate New Password"></TD></TR>
+<?php } else { ?>
+    <TR><TD><B>Old Password:</B></TD><TD><INPUT NAME="oldpass" TYPE="PASSWORD" VALUE="" SIZE=30 MAXLENGTH=200></TD></TR>
+    <TR><TD style="width: 190px"><B>New Password:</B></TD><TD><INPUT NAME="newpass" TYPE="PASSWORD" VALUE="" SIZE=30 MAXLENGTH=200></TD></TR>
+    <TR><TD><B>Retype New Password:</B>&nbsp;&nbsp;&nbsp;</TD><TD><INPUT NAME="newpass2" TYPE="PASSWORD" VALUE="" SIZE=30 MAXLENGTH=200></TD></TR>
+    <TR><TD COLSPAN="2" ALIGN="CENTER"><INPUT NAME="submit" TYPE="SUBMIT" VALUE="Change Password">&nbsp;&nbsp;<INPUT NAME="reset" TYPE="RESET" VALUE="Reset Form"></TD></TR>
+<?php } ?>
+</FORM>
+<TR><TD COLSPAN="2"><A HREF="?function=">&#171;&#171; Return to User Manager</A></TD></TR>
+</TABLE>
+<?php
+} else {}
+?>
+
+
+<!-- close #mBody-->
+</div>
+
+<?php
+require_once(FOOTER);
+?>

mozilla/webtools/update/extensions/authorprofiles.php

@@ -0,0 +1,163 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+// Set this page to read from the SHADOW_DB.
+define('USE_SHADOW_DB',true);
+
+require_once('../core/init.php');
+
+//Bookmarking-Friendly Page Title
+$id = escape_string($_GET["id"]);
+$sql = "SELECT  UserName FROM `userprofiles`  WHERE UserID = '$id' LIMIT 1";
+$sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+    if (mysql_num_rows($sql_result)===0) {
+        $return = page_error("2","Author ID is Invalid or Missing.");
+        exit;
+    }
+    $row = mysql_fetch_array($sql_result);
+
+$page_title = 'Mozilla Update :: Extensions - Author Profile: '.$row['UserName'];
+require_once(HEADER);
+?>
+
+<div id="mBody">
+
+    <?php
+    $index = 'yes';
+    require_once('./inc_sidebar.php');
+    ?>
+
+	<div id="mainContent">
+
+<?php
+$userid = escape_string($_GET["id"]);
+ $sql = "SELECT * FROM `userprofiles` WHERE `UserID` = '$userid' LIMIT 1";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+   $row = mysql_fetch_array($sql_result);
+    $userid = $row["UserID"];
+    $username = $row["UserName"];
+    $useremail = $row["UserEmail"];
+    $userwebsite = $row["UserWebsite"];
+    $usermode = $row["UserMode"];
+    $useremailhide = $row["UserEmailHide"];
+
+    if ($usermode=="A") {
+        $usermode_text = "Mozilla Update Administrator";
+    } else if ($usermode=="E") {
+        $usermode_text = "Mozilla Update Editor";
+    } else if ($usermode=="U") {
+        $usermode_text = "Extension/Theme Author";
+    }
+?>
+
+<h2>Author Profile &#187; <?php echo"$username"; ?></h2>
+<?php if ($usermode_text) { echo"<div style=\"margin-bottom: 5px\"><strong>$usermode_text</strong></div>\n"; } ?>
+
+Homepage: <?php 
+if ($userwebsite) {echo"<A HREF=\"$userwebsite\">$userwebsite</A>";
+ } else {
+echo"Not Available for this Author";
+}
+?><BR>
+E-Mail: <?php if ($useremailhide=="1") {
+echo"Not Disclosed by Author";
+} else {
+echo"<A HREF=\"mailto:$useremail\">$useremail</A>";
+} 
+?>
+
+&nbsp;<BR>
+<h2>All Extensions and Themes by <?php echo"$username"; ?></h2>
+<?php
+$sql = "SELECT  TM.ID, TM.Type, TM.Name, TM.Description, TM.DateUpdated, TM.TotalDownloads, TU.UserEmail FROM  `main`  TM 
+LEFT JOIN authorxref TAX ON TM.ID = TAX.ID
+INNER JOIN userprofiles TU ON TAX.UserID = TU.UserID
+WHERE TU.UserID = '$userid' AND TM.Type !='P'
+ORDER  BY  `Type` , `Name` ";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+  $numresults = mysql_num_rows($sql_result);
+  while ($row = mysql_fetch_array($sql_result)) {
+
+
+$sql2 = "SELECT `vID`, `Version` FROM `version` WHERE `ID` = '$row[ID]' AND `approved` = 'YES' ORDER BY `Version` ASC LIMIT 1";
+ $sql_result2 = mysql_query($sql2, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+  while ($row2 = mysql_fetch_array($sql_result2)) {
+   $vid = $row2["vID"];
+   $version = $row2["Version"];
+
+$v++;
+    $id = $row["ID"];
+    $type = $row["Type"];
+    $name = $row["Name"];
+    $dateadded = $row["DateAdded"];
+    $dateupdated = $row["DateUpdated"];
+    $homepage = $row["Homepage"];
+    $description = $row["Description"];
+    $authors = $row["UserEmail"];
+    $downloadcount = $row["TotalDownloads"];
+
+	$day=substr($dateupdated,8,2);  //get the day
+    $month=substr($dateupdated,5,2); //get the month
+    $year=substr($dateupdated,0,4); //get the year
+    $hour=substr($dateupdated,11,2); //get the hour
+    $minute=substr($dateupdated,14,2); //get the minute
+    $second=substr($dateupdated,17,2); //get the sec
+    $timestamp = strtotime("$year-$month-$day $hour:$minute:$second");
+    $dateupdated = gmdate("F d, Y g:i:sa", $timestamp); //gmdate("F d, Y", $dutimestamp);
+
+                if ($type=="E") {
+                    $typename = "extensions";
+                } else if ($type=="T") {
+                    $typename = "themes";
+                }
+
+echo"<h3><A HREF=\"/$typename/moreinfo.php?".uriparams()."&amp;id=$id\">$name</A></h3>";
+echo"$description<br>\n";
+}
+}
+if ($numresults=="0") {
+echo"No Extensions or Themes in the Database for $username";
+}
+?>
+</DIV>
+&nbsp;<BR>
+
+</DIV>
+<?php
+require_once(FOOTER);
+?>

mozilla/webtools/update/extensions/inc_sidebar.php

@@ -0,0 +1,87 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+?>
+    <div id="side">
+    <?php
+    $type='E';
+    $types = array("E"=>"Extensions","T"=>"Themes");
+    $typename = $types[$type];
+    $uriparams_skip="category";
+    if (!isset($index)) {
+        $index = 'yes';
+    }
+
+    echo"<ul id=\"nav\">\n";
+
+    $catname = "Newest";
+    $catdesc = "Most recent ".ucwords($typename);
+    echo"<li"; if (!empty($category) && strtolower($category) == strtolower($catname)) { echo" class=\"selected\""; }  echo"><a href=\"showlist.php?".uriparams()."&amp;category=$catname\" title=\"$catdesc\"><strong>$catname</strong></a></li>\n";
+
+    $catname = "Popular";
+    $catdesc = ucwords($typename)." downloaded the most over the last week.";
+    echo"    <li"; if (strtolower($category) == strtolower($catname)) { echo" class=\"selected\""; }  echo"><a href=\"showlist.php?".uriparams()."&amp;category=$catname\" title=\"$catdesc\"><strong>$catname</strong></a></li>\n";
+
+    $catname = "Top Rated";
+    $catdesc = ucwords($typename)." rated the highest by site visitors";
+    echo"    <li"; if (strtolower($category) == strtolower($catname)) { echo" class=\"selected\""; }  echo"><a href=\"showlist.php?".uriparams()."&amp;category=$catname\" title=\"$catdesc\"><strong>$catname</strong></a></li>\n";
+
+    echo"        <li"; if (!$category AND $index != 'yes') { echo" class=\"selected\""; }  echo"><A HREF=\"showlist.php?".uriparams()."&amp;category=All\" TITLE=\"Show All ".ucwords($typename)." Alphabetically\"><strong>All Extensions</strong></A></li>\n";
+
+    echo"        <li><ul>\n";
+
+    // Object Categories
+    $sql = "SELECT `CatName`,`CatDesc` FROM `categories` WHERE `CatType` = '$type' and `CatApp` = '$application' ORDER BY `CatName`";
+    $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+        while ($row = mysql_fetch_array($sql_result)) {
+            $catname = $row["CatName"];
+            $catdesc = $row["CatDesc"];
+            echo"        <li"; if (strtolower($category) == strtolower($catname)) { echo" class=\"selected\""; }  echo"><a href=\"showlist.php?".uriparams()."&amp;category=$catname\" title=\"$catdesc\">$catname</a></li>\n";
+        }
+
+    echo"        </ul></li>\n";
+
+/*
+    $catname = "Editors Pick";
+    $catdesc = ucwords($typename)." picked by the Mozilla Update Editors";
+    echo"    <li"; if (strtolower($category) == strtolower($catname)) { echo" class=\"selected\""; }  echo"><a href=\"showlist.php?".uriparams()."&amp;category=$catname\" title=\"$catdesc\"><strong>Editor's Pick</strong></a></li>\n";
+*/
+
+    $uriparams_skip="";
+    ?>
+    </ul>
+    </div>

mozilla/webtools/update/extensions/index.php

@@ -0,0 +1,256 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+// Set this page to read from the SHADOW_DB.
+define('USE_SHADOW_DB',true);
+
+require_once('../core/init.php');
+$page_title = 'Mozilla Update :: Extensions - Add Features to Mozilla Software';
+$page_headers = '<link rel="alternate" type="application/rss+xml"
+   title="New '.ucwords($application).' Extensions Additions"
+   href="../rss/?application='.$application.'&amp;type=E&amp;list=newest">';
+
+$currentTab = 'extensions';
+require_once(HEADER);
+?>
+
+<div id="mBody">
+
+    <?php
+    $index = 'yes';
+    require_once('./inc_sidebar.php');
+    ?>
+
+	<div id="mainContent">
+	<h2><?php print(ucwords($application)); ?> Extensions</h2>
+
+	<p class="first">Extensions are small add-ons that add new functionality to
+<?php print(ucwords($application)); ?>. They can add anything from a toolbar
+button to a completely new feature. They allow the application to be customized
+to fit the personal needs of each user if they need additional features<?php if
+($application !=="mozilla") { ?>, while keeping <?php
+print(ucwords($application)); ?> small to download<?php } ?>.</p>
+
+    <?php
+    //Get Current Version for Detected Application
+    $sql = "SELECT `Version`, `major`, `minor`, `release`, `SubVer` FROM `applications` WHERE `AppName` = '$application' AND `public_ver` = 'YES'  ORDER BY `major` DESC, `minor` DESC, `release` DESC, `SubVer` DESC LIMIT 1";
+    $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+        $row = mysql_fetch_array($sql_result);
+            $version = $row["Version"];
+            $subver = $row["SubVer"];
+            $release = "$row[major].$row[minor]";
+            if ($row["release"]) {
+                $release = "$release.$row[release]";
+            }
+        $currentver = $release;
+        $currentver_display = $version;
+        unset($version,$subver,$release);
+
+/**
+ * Turn off Top Rated until comment spam is better regulated.
+ * See: https://bugzilla.mozilla.org/show_bug.cgi?id=278016
+ * @TODO Fix comment spam.
+ */
+
+/* TURN OFF TOP RATED
+
+<h2>Top Rated <?php print(ucwords($application)); ?> Extensions</h2>
+<p class="first">Ratings are based on feedback from people who use these extensions.</p>
+
+<?php
+$sql = "
+    SELECT DISTINCT
+        TM.ID,
+        TM.Name,
+        TM.Description, 
+        TM.Rating
+    FROM
+        `main` TM
+    INNER JOIN 
+        version TV 
+    ON 
+        TM.ID = TV.ID
+    INNER JOIN 
+        applications TA 
+    ON 
+        TV.AppID = TA.AppID
+    WHERE
+        `Type` = '{$type}' AND
+        `AppName` = '{$application}' AND
+        `approved` = 'YES' AND
+        TV.vID = (SELECT max(vid) FROM version where id = TM.ID)
+    ORDER BY
+        `Rating` DESC, 
+        `downloadcount` DESC,
+        `Name` ASC
+    LIMIT 5
+";
+
+$sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+
+if (!mysql_num_rows($sql_result)) {
+    echo '<p>No featured extensions were found.  Please check back later.</p>';
+} else {
+    echo '<ol>';
+    while ($row = mysql_fetch_array($sql_result)) {
+echo <<<TR
+        <li>
+        <a href="./moreinfo.php?id={$row['ID']}&amp;application={$application}"><strong>{$row['Name']}</strong></a>, {$row['Rating']} stars<br>
+        {$row['Description']}
+        </li>
+TR;
+    }
+    echo '</ol>';
+}
+*/
+?>
+<h2>
+<a href="../rss/?application=<?php echo"$application"; ?>&amp;type=E&amp;list=popular"><img src="../images/rss.png" width="28" height="16" class="rss" alt="Most Popular Additions in RSS"></a>
+<?php $catname = "Popular"; echo "<a href=\"showlist.php?".uriparams()."&amp;category=$catname&amp;numpg=10&amp;pageid=2\" title=\"$catdesc\">"; ?>
+Most Popular <?php print(ucwords($application)); ?> Extensions</a></h2>
+<p class="first">The most popular downloads over the last week.</p>
+
+<?php
+$sql = "
+    SELECT
+        m.id,
+        m.name,
+        m.description,
+        m.downloadcount,
+        m.rating
+    FROM
+        main m
+    INNER JOIN version v ON m.id = v.id
+    INNER JOIN (
+        SELECT v.id, v.appid, v.osid, max(v.vid) as mxvid 
+        FROM version v       
+        WHERE approved = 'YES' group by v.id, v.appid, v.osid) as vv 
+    ON vv.mxvid = v.vid AND vv.id = v.id
+    INNER JOIN applications a ON a.appid = v.appid
+    WHERE
+        m.type = '{$type}' AND
+        a.appname = '{$application}'
+    GROUP BY
+        m.id
+    ORDER BY
+        m.downloadcount desc,
+        m.rating desc, 
+        m.name asc
+    LIMIT 10
+";
+
+$sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+
+if (!mysql_num_rows($sql_result)) {
+    echo '<p>No featured extensions were found.  Please check back later.</p>';
+} else {
+    echo '<ol>';
+    while ($row = mysql_fetch_array($sql_result)) {
+echo <<<MP
+        <li>
+        <a href="./moreinfo.php?id={$row['id']}&amp;application={$application}"><strong>{$row['name']}</strong></a>,
+        ({$row['rating']} stars, {$row['downloadcount']} downloads)<br>
+        {$row['description']}
+        </li>
+MP;
+    }
+    echo '</ol>';
+}
+?>
+<h2>
+<a href="../rss/?application=<?php echo"$application"; ?>&amp;type=E&amp;list=newest"><img src="../images/rss.png" width="28" height="16" class="rss" alt="News Additions in RSS"></a>
+<?php $catname = "Newest"; echo "<a href=\"showlist.php?".uriparams()."&amp;category=$catname&amp;numpg=10&amp;pageid=2\" title=\"$catdesc\">"; ?>
+Newest <?php print(ucwords($application)); ?> Extensions</a></h2>
+<p class="first">New and updated extensions. Subscribe to <a href="../rss/?application=<?php echo"$application"; ?>&amp;type=E&amp;list=newest">our RSS feed</a> to be notified when new extensions are added.</p>
+
+<?php
+$sql = "
+    SELECT
+        m.id,
+        m.name,
+        m.description,
+        m.downloadcount,
+        v.version,
+        v.dateupdated
+    FROM
+        main m
+    INNER JOIN version v ON m.id = v.id
+    INNER JOIN (
+        SELECT v.id, v.appid, v.osid, max(v.vid) as mxvid 
+        FROM version v       
+        WHERE approved = 'YES' group by v.id, v.appid, v.osid) as vv 
+    ON vv.mxvid = v.vid AND vv.id = v.id
+    INNER JOIN applications a ON a.appid = v.appid
+    WHERE
+        m.type = '{$type}' AND
+        a.appname = '{$application}'
+    GROUP BY
+        m.id
+    ORDER BY
+        v.dateupdated DESC
+    LIMIT 10
+";
+
+$sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+
+if (!mysql_num_rows($sql_result)) {
+    echo '<p>Nothing recently added.  Please try again later.</p>';
+} else {
+    echo '<ol>';
+    while ($row = mysql_fetch_array($sql_result)) {
+        $row['dateupdated'] = gmdate('F d, Y', strtotime($row['dateupdated']));
+echo <<<MP
+        <li>
+        <a href="./moreinfo.php?id={$row['id']}&amp;application={$application}"><strong>{$row['name']} {$row['version']}</strong></a>,
+        {$row['dateupdated']}<br>
+        {$row['description']}
+        </li>
+MP;
+    }
+    echo '</ol>';
+}
+?>
+
+	</div>
+</div>
+
+<!-- closes #mBody-->
+
+<?php
+require_once(FOOTER);
+?>

mozilla/webtools/update/extensions/moreinfo.php

@@ -0,0 +1,846 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+
+// Set this page to read from the SHADOW_DB.
+define('USE_SHADOW_DB',true);
+
+require_once('../core/init.php');
+
+//Bookmarking-Friendly Page Title
+$id = escape_string($_GET['id']);
+$sql = "SELECT  Name FROM `main`  WHERE ID = '$id' AND Type = 'E' LIMIT 1";
+$sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+    if (mysql_num_rows($sql_result)===0) {
+        $return = page_error("1","Extension ID is Invalid or Missing.");
+        exit;
+    }
+    $row = mysql_fetch_array($sql_result);
+
+//Page Titles
+$titles = array('releases'=>'All Releases', 'previews'=>'Preview Images', 'comments'=>'User Comments', 'staffreview'=>'Editor Review', 'opinion'=>' My Opinion');
+if (isset($_GET['page'])) {
+    $title = strip_tags($titles[$_GET['page']]);
+}
+else {
+    $title = $titles['releases'];
+}
+
+$page_title = 'Mozilla Update :: Extensions -- More Info:'.$row['Name'];
+if (!empty($title)) 
+{
+    $page_title .= ' - '.$title;
+}
+
+    
+require_once(HEADER);
+
+installtrigger('extensions');
+?>
+
+<div id="mBody">
+
+<?php
+$type = 'E';
+$index = 'yes';
+if (isset($_GET['category'])) {
+    $category = escape_string($_GET['category']);
+} 
+require_once('./inc_sidebar.php');
+?>
+
+<?php
+$id = escape_string($_GET["id"]);
+
+
+//Get Author Data
+$sql2 = "SELECT  TM.Name, TU.UserName, TU.UserID, TU.UserEmail FROM  `main`  TM 
+        LEFT JOIN authorxref TAX ON TM.ID = TAX.ID
+        INNER JOIN userprofiles TU ON TAX.UserID = TU.UserID
+        WHERE TM.ID = '$id'
+        ORDER  BY  `Type` , `Name`  ASC ";
+$sql_result2 = mysql_query($sql2, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+    while ($row2 = mysql_fetch_array($sql_result2)) {
+        $authorarray[$row2['Name']][] = $row2["UserName"];
+        $authorids[$row2['UserName']] = $row2["UserID"];
+   }
+
+//Assemble a display application version array
+$sql = "SELECT `Version`, `major`, `minor`, `release`, `SubVer` FROM `applications` WHERE `AppName`='$application' ORDER BY `major`,`minor`";
+$sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+    while ($row = mysql_fetch_array($sql_result)) {
+        $version = $row["Version"];
+        $subver = $row["SubVer"];
+        $release = "$row[major].$row[minor]";
+        if ($row["release"]) {$release = "$release.$row[release]";}
+        if ($subver !=="final") {$release="$release$subver";}
+        $appvernames[$release] = $version;
+    }
+
+// If special category, we don't want to join on the category table
+if ($category=="Editors Pick" 
+ or $category=="Newest" 
+ or $category=="Popular" 
+ or $category=="Top Rated") {
+  unset($category);
+}
+
+//Run Query and Create List
+$s = "0";
+$sql = "SELECT TM.ID, TM.Name, TM.DateAdded, TM.DateUpdated, TM.Homepage, TM.Description, TM.Rating, TM.TotalDownloads, TM.downloadcount, TV.vID, TV.Version, TV.MinAppVer, TV.MaxAppVer, TV.Size, TV.DateAdded AS VerDateAdded, TV.DateUpdated AS VerDateUpdated, TV.URI, TV.Notes, TA.AppName, TOS.OSName
+    FROM  `main` TM
+    INNER  JOIN version TV ON TM.ID = TV.ID
+    INNER  JOIN applications TA ON TV.AppID = TA.AppID
+    INNER  JOIN os TOS ON TV.OSID = TOS.OSID";
+
+    if ($category) {
+        $sql .=" INNER  JOIN categoryxref TCX ON TM.ID = TCX.ID
+        INNER JOIN categories TC ON TCX.CategoryID = TC.CategoryID ";
+    }
+    if (isset($editorpick) && $editorpick=="true") {
+        $sql .=" INNER JOIN reviews TR ON TM.ID = TR.ID ";
+    }
+
+    $sql .=" WHERE TM.ID = '$id'";
+
+    if (isset($_GET["vid"]) && $_GET["vid"]) {
+        $vid=escape_string($_GET["vid"]);
+        $sql .=" AND TV.vID = '$vid' AND `approved` = 'YES' ";
+
+    } else {
+
+        $sql .=" AND Type = '$type' AND AppName = '$application' AND   `approved` = 'YES' ";
+        if (isset($editorpick) && $editorpick=="true") {
+            $sql .="AND TR.Pick = 'YES' ";
+        }
+        if ($category) {
+            $sql .="AND CatName LIKE '$category' ";
+        }  
+    }
+
+    $sql .= "\nORDER  BY  `Name` , `Version` DESC LIMIT 1";           
+    $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+    $row = mysql_fetch_array($sql_result);
+
+        $vid = $row["vID"];
+        $name = $row["Name"];
+        $dateadded = $row["DateAdded"];
+        $dateupdated = $row["DateUpdated"];
+        $homepage = $row["Homepage"];
+        $description = $row["Description"];
+        $rating = $row["Rating"];
+        $authors = $authorarray[$name];
+        $appname = $row["AppName"];
+        $osname = $row["OSName"];
+        $verdateadded = $row["VerDateAdded"];
+        $verdateupdated = $row["VerDateUpdated"];
+        $filesize = $row["Size"];
+        $notes = $row["Notes"];
+        $version = $row["Version"];
+        $uri = $row["URI"];
+        $downloadcount = $row["TotalDownloads"];
+        $populardownloads = $row["downloadcount"];
+
+        if (!isset($_GET['vid'])) {
+            $_GET['vid']=$vid;
+        }
+
+        if ($appvernames[$row["MinAppVer"]]) {
+            $minappver = $appvernames[$row["MinAppVer"]];
+        } else {
+            $minappver = $row["MinAppVer"];
+        }
+
+        if ($appvernames[$row["MaxAppVer"]]) {
+            $maxappver = $appvernames[$row["MaxAppVer"]];
+        } else {
+            $maxappver = $row["MaxAppVer"];
+        }
+
+        if ($verdateadded > $dateadded) {
+            $dateadded = $verdateadded;
+        }
+
+        if ($verdateupdated > $dateupdated) {
+            $dateupdated = $verdateupdated;
+        }
+
+    //Turn Authors Array into readable string...
+    $authorcount = count($authors);
+    if (!$authors) {
+        $authors = array();
+    }
+    $n = 0;
+    $authorstring = "";
+    foreach ($authors as $author) {
+        $userid = $authorids[$author];
+        $n++;
+        $authorstring .= "<A HREF=\"authorprofiles.php?".uriparams()."&amp;id=$userid\">$author</A>";
+        if ($authorcount != $n) {
+            $authorstring .=", ";
+        }
+    }
+    $authors = $authorstring;
+    unset($authorstring, $n); // Clear used Vars.. 
+
+    // Create Date String
+    if ($dateupdated > $dateadded) {
+        $timestamp = $dateupdated;
+        $datetitle = "Last Updated: ";
+    } else {
+        $timestamp = $dateadded;
+        $datetitle = "Released On: ";
+    }
+
+    $date = date("F d, Y g:i:sa",  strtotime("$timestamp"));
+    $releasedate = date("F d, Y",  strtotime("$dateadded"));
+    $datestring = "$datetitle $date";
+
+    //Rating
+    if (!$rating) {
+        $rating="0";
+    }
+
+    //No Results Returned for Main Query, throw the Incompatible Error.
+    if (mysql_num_rows($sql_result)=="0") {
+        echo"<div id=\"mainContent\">";
+        echo"<h1>Incompatible Extension or Extension No Longer Available</h1>\n";
+        echo"The extension you requested is either incompatible with the application selected, or the version of it is no longer available on Mozilla Update.<br><br>\n";
+        echo"To try your request again for a different application version, use the form below.<br>\n";
+
+        echo"<form name=\"changeapp\" method=\"get\" action=\"?\">
+            <input name=\"id\" type=\"hidden\" value=\"$id\">
+            <input name=\"os\" type=\"hidden\" value=\"$OS\">
+            <strong>".ucwords($application)."</strong> <input name=\"application\" type=\"hidden\" value=\"$application\">";
+        echo"<select name=\"version\">";
+
+        $sql = "SELECT `Version`,`major`,`minor`,`release`,`SubVer` FROM `applications` WHERE `AppName`='$application' and `public_ver` ='YES' ORDER BY `major` DESC, `minor` DESC, `release` DESC, `SubVer` DESC";
+        $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+            while ($row = mysql_fetch_array($sql_result)) {
+                $release = "$row[major].$row[minor]";
+                if ($row["release"]) {
+                    $release .= ".$row[release]";
+                }
+                $subver = $row["SubVer"];
+                if ($subver !=="final") {
+                    $release .="$subver";
+               }
+
+                echo"<option value=\"$release\">$row[Version]</option>";
+
+    
+            }
+        echo"</select>&nbsp;<input name=\"go\" type=\"submit\" value=\"Go\">";
+        echo"</form>";
+        echo"</div>\n</div>\n";
+        require_once(FOOTER);
+        exit;
+    }
+
+    //Get Preview Image URI
+    $sql3 = "SELECT `PreviewURI`, `caption` from `previews` WHERE `ID` = '$id' AND `preview`='YES' LIMIT 1";
+    $sql_result3 = mysql_query($sql3, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+        $row3 = mysql_fetch_array($sql_result3);
+            $previewuri = $row3["PreviewURI"];
+            $caption = $row3["caption"];
+?>
+
+	<div id="mainContent">
+    <?php
+     if ($rating != NULL) {
+    ?>
+		<div class="rating" title="<?php echo"$rating"; ?> Stars out of 5">Rating: <?php
+        for ($i = 1; $i <= floor($rating); $i++) {
+            echo"<IMG SRC=\"../images/stars/star_icon.png\" width=\"17\" height=\"20\" ALT=\""; if ($i==1) {echo"$rating stars out of 5 ";} echo"\">";
+        }
+
+        if ($rating>floor($rating)) {
+            $val = floor(($rating-floor($rating))*10);
+            echo"<IMG SRC=\"../images/stars/star_0$val.png\" width=\"17\" height=\"20\" ALT=\"\">";
+            $i++;
+        }
+
+        for ($i = $i; $i <= 5; $i++) {
+            echo"<IMG SRC=\"../images/stars/graystar_icon.png\" width=\"17\" height=\"20\" ALT=\""; if ($i==1) {echo"$rating stars out of 5 ";} echo"\">";
+        }
+        ?>
+        </div>
+    <?php } ?>
+		<h2 class="first"><strong><?php echo"$name"; ?></strong> - <?php echo ucwords("$application")." Extension"; ?></h2>
+		<p class="first"><a href="?<?php echo uriparams()."&amp;id=$id"; ?>"><?php echo"$name $version"; ?></a>, by <?php echo"$authors"; ?>, released on <?php echo"$releasedate"; ?></p>
+
+
+    <?php
+    //Begin Pages
+    if (!isset($_GET['page'])) {
+        $_GET['page'] = "general";
+    }
+    $page = $_GET["page"];
+    if (!$page or $page=="general") {
+    //General Page / Default
+    ?>
+
+
+        <?php		
+        if ($previewuri) {
+        ?>
+        <p class="screenshot">
+        <?php
+        $sql = "SELECT `PreviewID` from `previews` WHERE `ID`='$id' and `preview`='NO' LIMIT 1";
+        $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+            if (mysql_num_rows($sql_result)>"0") {
+        ?>
+        <A HREF="?<?php echo"".uriparams()."&amp;id=$id&amp;page=previews"; ?>">
+        <?php } ?>
+        <?php
+            list($width, $height, $attr) = getimagesize(FILE_PATH.$previewuri);
+            echo"<img src=\"..$previewuri\" height=$height width=$width alt=\"$name preview - $caption\" title=\"$caption\">\n";
+        ?>
+        <?php if (mysql_num_rows($sql_result)>"0") { ?>
+        </a>
+        <strong><a href="?<?php echo"".uriparams()."&amp;id=$id&amp;page=previews"; ?>">More Previews&#187;</a></strong>
+        <?php } ?>
+        </p>
+        <?php
+        }
+        ?>
+		
+		<h3>Quick Description</h3>
+		<p class="first">
+
+        <?php
+        echo nl2br($description); 
+        if ($notes) {
+            echo"<br><br>".nl2br($notes)."\n";
+        }
+        ?>
+        </p>
+		<p class="requires">Requires: <?php echo ucwords($appname).": $minappver - $maxappver"; ?> <img src="../images/<?php echo strtolower($appname); ?>_icon.png" width="34" height="34" alt="<?php echo ucwords($appname); ?>">
+        <?php
+        if($osname !=="ALL") {
+            echo"on ".ucwords($osname)." <IMG SRC=\"../images/".strtolower($osname)."_icon.png\" border=0 height=34 width=34 alt=\"".ucwords($osname)."\">";
+        }
+        ?>
+        </p>
+
+		<div class="key-point install-box"><div class="install"><?php 
+
+            if ($appname=="Thunderbird") { 
+              $downloadURL=mozupd_buildDownloadURL($uri,$name,$version);
+              echo "<a href=\"$downloadURL\" onclick=\"return install(event,'".addslashes($name)." $version for Thunderbird', '../images/default.png');\"  title=\"Right-Click to Download $name $version\">";
+            } else {
+                echo"<b><a href=\"$uri\" onclick=\"return install(event,'".addslashes($name)." $version', '../images/default.png');\" TITLE=\"Install $name $version (Right-Click to Download)\">";
+            }
+        ?>Install Now</a></b> (<?php echo"$filesize"; ?>&nbsp;KB&nbsp;File)</div></div>
+
+        <?php
+        //Special Extension Installation Instructions for Thunderbird users
+            if ($application=="thunderbird") {
+                echo"<SPAN style=\"font-size: 10pt; color: #00F\">Extension Install Instructions for Thunderbird Users:</SPAN><BR>
+                    <SPAN style=\"font-size: 8pt;\">(1) Right-Click the link above and choose \"Save Link As...\" to Download and save the file to your hard disk.<BR>
+                    (2) In Mozilla Thunderbird, open the extension manager (Tools Menu/Extensions)<BR>
+                    (3) Click the Install button, and locate/select the file you downloaded and click \"OK\"</SPAN><BR>";
+            }
+        ?>
+		
+		<!-- Only Display Editor's Review if it's been written -->
+        <?php
+        $sql = "SELECT `Title`, `DateAdded`, `Body`, `ExtendedBody`, `Pick` FROM `reviews` WHERE `ID` = '$id' LIMIT 1";
+        $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+            if (mysql_num_rows($sql_result)>"0") {
+                $row = mysql_fetch_array($sql_result);
+                $title = $row["Title"];
+                $dateadded = $row["DateAdded"];
+                $body = nl2br($row["Body"]);
+                $extendedbody = $row["ExtendedBody"];
+                $pick = $row["Pick"];
+                $date = gmdate("F, Y", strtotime("$dateadded")); //Create Customizeable Timestamp
+        ?>
+		<h3>Editor's Review</h3>
+        <?php
+            echo"<strong>$title\n";
+            if ($pick=="YES") {
+                echo"&nbsp;&#8212;&nbsp;$date Editors Pick\n";
+            }
+            echo"</strong><br>\n";
+        ?>
+		<p class="first"><?php echo"$body"; ?> <?php if ($extendedbody) { echo" <a href=\"?".uriparams()."&amp;id=$id&amp;page=staffreview#more\">More...</a>";} ?></p>
+        <?php
+            }
+        ?>
+
+
+        <!-- Only Display Developers Comments if they're written -->
+        <?php
+        $sql = "SELECT `devcomments` FROM `main` WHERE `id`='$id' LIMIT 1";
+        $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+            $row = mysql_fetch_array($sql_result);
+            if ($row["devcomments"]) {
+                $devcomments = nl2br($row["devcomments"]);
+                echo"<h3>Developer Comments:</h3>\n";
+                echo"<p class=\"first\">$devcomments</p>\n";
+            }
+        ?>
+
+		<h3 id="user-comments">User Comments</h3>
+		<p><strong><a href="?<?php echo"".uriparams()."&amp;id=$id&amp;page=opinion"; ?>">Add your own opinion &#187;</a></strong></p>
+		<ul id="opinions">
+        <?php
+        $sql = "SELECT CommentName, CommentTitle, CommentNote, CommentDate, CommentVote FROM  feedback WHERE ID = '$id' AND CommentNote IS NOT NULL ORDER  BY `CommentDate` DESC LIMIT 5";
+        $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+            $num_results = mysql_num_rows($sql_result);
+            while ($row = mysql_fetch_array($sql_result)) {
+                $commentname = $row["CommentName"];
+                $commenttitle = $row["CommentTitle"];
+                $commentnotes = $row["CommentNote"];
+                $commentdate = $row["CommentDate"];
+                $rating = $row["CommentVote"];
+                $commentdate = gmdate("F d, Y g:ia", strtotime("$commentdate")); //Create Customizeable Datestamp
+
+                echo"<li>\n";
+                echo"<h4>$commenttitle</h4>\n";
+                echo"<p class=\"opinions-info\">";
+                echo"by $commentname, ";
+                echo"<a href=\"#permalink\">$commentdate</a>";
+                echo"</p>\n";
+                echo"<p class=\"opinions-text\">$commentnotes</P>\n";
+            if ($rating != NULL) {
+                echo"<p class=\"opinions-rating\" title=\"$rating of 5 stars\">";
+                for ($i = 1; $i <= $rating; $i++) {
+                    echo"<IMG SRC=\"../images/stars/star_icon.png\" WIDTH=17 HEIGHT=20 ALT=\"*\">";
+                }
+                for ($i = $i; $i <= 5; $i++) {
+                echo"<IMG SRC=\"../images/stars/graystar_icon.png\" WIDTH=17 HEIGHT=20 ALT=\"\">";
+                }
+                echo"</p>\n";
+            }
+                echo"</li>\n";
+            }
+
+            if ($num_results=="0") {
+                echo"<li>\n";
+                echo"<h4>Nobody's Commented on this Extension Yet</h4>\n";
+                echo"<p class=\"opinions-text\">Be the First! <A HREF=\"./moreinfo.php?".uriparams()."&amp;id=$id&amp;page=opinion\">Rate It!</A></p>";
+                echo"</li>\n";
+            }
+        ?>
+		</ul>
+		<p><strong><a href="?<?php echo"".uriparams()."&amp;id=$id&amp;&amp;page=comments"; ?>">Read all opinions &#187;</a></strong></p>
+
+		<h3>Extension Details</h3>
+		<ul>
+        <?php
+        //Categories
+        $sql = "SELECT `CatName` from `categoryxref` TCX 
+                  INNER JOIN `categories` TC 
+                    ON TCX.CategoryID=TC.CategoryID  
+                WHERE `ID`='$id' 
+                GROUP BY `CatName` 
+                ORDER BY `CatName` ASC";
+        $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+        $num_results = mysql_num_rows($sql_result); $i=0;
+
+        if ($num_results=="1") {
+          $categories = "Category: ";
+        } else {
+          $categories = "Categories: ";
+        }
+
+        while ($row = mysql_fetch_array($sql_result)) {
+          $i++;
+          $categories .= $row["CatName"];
+          if ($num_results > $i ) {
+            $categories .= ", ";
+          }
+        }
+        ?>
+    <li><?php if ($categories) { echo"$categories"; } ?></li>
+		<li><?php echo"$datestring"; // Last Updated: September 11, 2004 5:38am ?></li>
+		<li>Total Downloads: <?php echo"$downloadcount"; ?> &nbsp;&#8212;&nbsp; Downloads this Week: <?php echo"$populardownloads"; ?></li>
+		<li>See <a href="?<?php echo"".uriparams()."&amp;id=$id&amp;page=releases"; ?>">all previous releases</a> of this extension.</li>
+        <?php
+        if ($homepage) {
+        ?>
+		<li>View the Author's <a href="<?php echo"$homepage"; ?>">homepage</a> for this extension.</li>
+        <?php
+        }
+        ?>
+		</ul>
+
+
+    <?php
+    } else if ($page=="releases") {
+
+    echo"<h3>All Releases</h3>";
+
+    $sql = "SELECT TV.vID, TV.Version, TV.MinAppVer, TV.MaxAppVer, TV.Size, TV.URI, TV.Notes, TV.DateAdded AS VerDateAdded, TA.AppName, TOS.OSName
+            FROM  `version` TV
+            INNER  JOIN applications TA ON TV.AppID = TA.AppID
+            INNER  JOIN os TOS ON TV.OSID = TOS.OSID
+            WHERE TV.ID = '$id' AND `approved` = 'YES' AND TA.AppName = '$application'
+            ORDER  BY  `Version` DESC, `OSName` ASC";
+     $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+        while ($row = mysql_fetch_array($sql_result)) {
+            $vid = $row["vID"];
+            if (isset($appvernames[$row["MinAppVer"]])) {
+                $minappver = $appvernames[$row["MinAppVer"]];
+            } else {
+                $minappver = $row["MinAppVer"];
+            }
+            if (isset($appvernames[$row["MaxAppVer"]])) {
+                $maxappver = $appvernames[$row["MaxAppVer"]];
+            } else {
+                $maxappver = $row["MaxAppVer"];
+            }
+            $filesize = $row["Size"];
+            $notes = $row["Notes"];
+            $version = $row["Version"];
+            $uri = $row["URI"];
+            $osname = $row["OSName"];
+            $appname = $row["AppName"];
+            $filename = basename($uri);
+            $dateadded = $row["VerDateAdded"];
+            $releasedate = date("F d, Y",  strtotime("$dateadded"));
+
+            echo"<DIV>"; //Open Version DIV
+
+            //Description & Version Notes
+            echo"<h3><A HREF=\"./moreinfo.php?".uriparams()."&amp;id=$id&amp;vid=$vid\">$name $version</A></h3>\n";
+            echo"Released on $releasedate<br>\n";
+            if ($notes) {
+                echo"$notes<br><br>\n";
+            }
+
+            //Icon Bar Modules
+            echo"<DIV style=\"height: 34px\">";
+            echo"<DIV class=\"iconbar\">";
+            if ($appname=="Thunderbird") {
+              $downloadURL=mozupd_buildDownloadURL($uri,$name,$version);
+              echo "<a href=\"$downloadURL\" onclick=\"return install(event,'".addslashes($name)." $version for Thunderbird', '../images/default.png');\">";
+            } else {
+                echo"<a href=\"$uri\" onclick=\"return install(event,'".addslashes($name)." $version', '../images/default.png');\">";
+            }
+            echo"<IMG SRC=\"../images/download.png\" HEIGHT=34 WIDTH=34 TITLE=\"Install $name (Right-Click to Download)\" ALT=\"\">Install</A><BR><SPAN class=\"filesize\">Size: $filesize kb</SPAN></DIV>";
+            echo"<DIV class=\"iconbar\"><IMG SRC=\"../images/".strtolower($appname)."_icon.png\" HEIGHT=34 WIDTH=34 ALT=\"\">&nbsp;For $appname:<BR>&nbsp;&nbsp;$minappver - $maxappver</DIV>";
+            if($osname !=="ALL") {
+                echo"<DIV class=\"iconbar\"><IMG SRC=\"../images/".strtolower($osname)."_icon.png\" HEIGHT=34 WIDTH=34 ALT=\"\">For&nbsp;$osname<BR>only</DIV>";
+            }
+            echo"</DIV><BR>\n";
+
+            echo"</DIV>";
+        }
+
+
+    } else if ($page=="comments") {
+    //Comments/Ratings Page
+
+    if ($_GET["numpg"]) {$items_per_page=escape_string($_GET["numpg"]); } else {$items_per_page="25";} //Default Num per Page is 25
+    if (!$_GET["pageid"]) {$pageid="1"; } else { $pageid = escape_string($_GET["pageid"]); } //Default PageID is 1
+    $startpoint = ($pageid-1)*$items_per_page;
+
+    $sql = "SELECT CommentID FROM  `feedback` WHERE ID = '$id'";
+    $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+        $num_pages = ceil(mysql_num_rows($sql_result)/$items_per_page);
+
+    echo"<h3>User Comments:</h3>";
+
+    if ($pageid <=$num_pages) {
+        $previd=$pageid-1;
+        if ($previd >"0") {
+            echo"<a href=\"?".uriparams()."&amp;id=$id&amp;page=$page&amp;pageid=$previd\">&#171; Previous</A> &bull; ";
+        }
+    }
+
+    echo"Page $pageid of $num_pages";
+    $nextid=$pageid+1;
+
+    if ($pageid <$num_pages) {
+        echo" &bull; <a href=\"?".uriparams()."&amp;id=$id&amp;page=$page&amp;pageid=$nextid\">Next &#187;</a>";
+    }
+    echo"<BR>\n";
+    ?>
+		<ul id="opinions">
+    <?php
+    $sql = "SELECT CommentID, CommentName, CommentTitle, CommentNote, CommentDate, CommentVote, `helpful-yes`,`helpful-no` FROM  `feedback` WHERE ID = '$id' ORDER  BY  `CommentDate` DESC LIMIT $startpoint, $items_per_page";
+    $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+        $num_results = mysql_num_rows($sql_result);
+        while ($row = mysql_fetch_array($sql_result)) {
+            $commentid = $row["CommentID"];
+            $name = $row["CommentName"];
+            $title = $row["CommentTitle"];
+            $notes = $row["CommentNote"];
+            $helpful_yes = $row["helpful-yes"];
+            $helpful_no = $row["helpful-no"];
+            $date = date("l, F j Y", strtotime($row["CommentDate"]));
+            $rating = $row["CommentVote"];
+            if (!$title) {$title = "No Title"; }
+            if (!$name) {$name = "Anonymous"; }
+
+
+                echo"<li>\n";
+                echo"<a name=\"$commentid\"></a>\n";
+                echo"<h4>$title</h4>\n";
+                echo"<p class=\"opinions-info\">";
+                echo"by $name, ";
+                echo"<a href=\"#$commentid\">$date</a>";
+                echo"</p>\n";
+                echo"<p class=\"opinions-text\">$notes</P>\n";
+            if ($rating != NULL) {
+                echo"<p class=\"opinions-rating\" title=\"$rating of 5 stars\">";
+                for ($i = 1; $i <= $rating; $i++) {
+                    echo"<IMG SRC=\"../images/stars/star_icon.png\" WIDTH=17 HEIGHT=20 ALT=\"*\">";
+                }
+                for ($i = $i; $i <= 5; $i++) {
+                echo"<IMG SRC=\"../images/stars/graystar_icon.png\" WIDTH=17 HEIGHT=20 ALT=\"\">";
+                }
+
+                //XXX Meta-Ratings not Production Ready, disabled. Bug 247144.
+                //  if ($helpful_yes>0 or $helpful_no>0) {
+                //  $helpful_total=$helpful_yes+$helpful_no;
+                //      echo"<br>$helpful_yes of $helpful_total people found this comment helpful.<br>\n";
+                //  }
+
+                //echo"Was this comment helpful to you? <a href=\"../core/commenthelpful.php?".uriparams()."&amp;id=$id&amp;type=$type&amp;commentid=$commentid&amp;pageid=$pageid&amp;action=yes\">Yes</a>&nbsp;&nbsp;&nbsp;<a href=\"../core/commenthelpful.php?".uriparams()."&amp;id=$id&amp;type=$type&amp;commentid=$commentid&amp;pageid=$pageid&amp;action=no\">No</a>";
+                echo" <span style=\"font-size: xx-small\"><a href=\"../core/reportcomment.php?id=$id&amp;commentid=$commentid\">(Report Comment)</a></span>";
+                echo"<BR>";
+
+                echo"</p>\n";
+            }
+                echo"</li>\n";
+
+            }
+
+            if ($num_results=="0") {
+                echo"<li>\n";
+                echo"<h4>Nobody's Commented on this Extension Yet</h4>\n";
+                echo"<p class=\"opinions-text\">Be the First! <A HREF=\"./moreinfo.php?".uriparams()."&amp;id=$id&amp;page=opinion\">Rate It!</A></p>";
+                echo"</li>\n";
+            }
+        ?>
+    </ul>
+
+    <?php
+    // Begin Code for Dynamic Navbars
+    if ($pageid <=$num_pages) {
+        $previd=$pageid-1;
+        if ($previd >"0") {
+            echo"<a href=\"?".uriparams()."&amp;id=$id&amp;page=$page&amp;pageid=$previd\">&#171; Previous</A> &bull; ";
+        }
+    }
+
+    echo"Page $pageid of $num_pages";
+    $nextid=$pageid+1;
+
+    if ($pageid <$num_pages) {
+        echo" &bull; <a href=\"?".uriparams()."&amp;id=$id&amp;page=$page&amp;pageid=$nextid\">Next &#187;</a>";
+    }
+    echo"<BR>\n";
+
+    //Skip to Page...
+    if ($num_pages>1) {
+        echo"Jump to Page: ";
+        $pagesperpage=9; //Plus 1 by default..
+        $i = 01;
+
+        //Dynamic Starting Point
+        if ($pageid>11) {
+            $nextpage=$pageid-10;
+        }
+
+        $i=$nextpage;
+
+        //Dynamic Ending Point
+        $maxpagesonpage=$pageid+$pagesperpage;
+        //Page #s
+        while ($i <= $maxpagesonpage && $i <= $num_pages) {
+            if ($i==$pageid) { 
+                echo"<SPAN style=\"color: #FF0000\">$i</SPAN>&nbsp;";
+            } else {
+                echo"<A HREF=\"?".uriparams()."&amp;id=$id&amp;page=$page&amp;pageid=$i\">$i</A>&nbsp;";
+            }
+            $i++;
+        }
+    }
+
+    if ($num_pages>1) {
+        echo"<br>\nComments per page: \n";
+        $perpagearray = array("25","50","100");
+        foreach ($perpagearray as $items_per_page) {
+           echo"<A HREF=\"?".uriparams()."&amp;id=$id&amp;page=$page&amp;pageid=1\">$items_per_page</A>&nbsp;";
+        }
+    }
+
+
+    } else if ($page=="previews") {
+
+    // Item Previews Tab
+    echo"<h2>Previews for $name</h2>\n";
+
+    $sql = "SELECT `PreviewURI`,`caption` from `previews` WHERE `ID`='$id' and `preview`='NO' ORDER BY `PreviewID` ASC";
+    $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+        while ($row = mysql_fetch_array($sql_result)) {
+            $uri = $row["PreviewURI"];
+            $caption = $row["caption"];
+
+            echo"<h4>$caption</h4>";
+            list($src_width, $src_height, $type, $attr) = getimagesize(FILE_PATH.'/'.$uri);
+
+            //Scale Image Dimensions
+            $dest_width="690"; // Destination Width /$tn_size_width
+            $dest_height_fixed="520"; // Destination Height / $tn_size_height (Fixed)
+            if ($src_width<=$dest_width AND $src_height<=$dest_width) {
+                $dest_width = $src_width;
+                $dest_height = $src_height;
+            } else {
+                $dest_height= ($src_height * $dest_width) / $src_width; // (Aspect Ratio Variable Height
+                if ($dest_height>$dest_height_fixed) {
+                    $dest_height = $dest_height_fixed;
+                    $dest_width = ($src_width * $dest_height) / $src_height;
+                }
+            }
+
+            echo"<img src=\"..$uri\" alt=\"$caption\" width=\"$dest_width\" height=\"$dest_height\"><br>\n";
+
+        }
+
+
+    } else if ($page=="staffreview") {
+
+    //Staff/Editor Review Tab
+     echo"<h3>Editor Review</h3>\n";
+    $sql = "SELECT TR.ID, `Title`, TR.DateAdded, `Body`, `ExtendedBody`, `Type`, `Pick`, TU.UserID, TU.UserName FROM `reviews`  TR
+            INNER  JOIN main TM ON TR.ID = TM.ID
+            INNER  JOIN userprofiles TU ON TR.AuthorID = TU.UserID
+            WHERE `Type` = 'E' AND TR.ID = '$id' ORDER BY `rID` DESC LIMIT 1";
+    $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+        $num_results = mysql_num_rows($sql_result);
+        while ($row = mysql_fetch_array($sql_result)) {
+            $id = $row["ID"];
+            $title = $row["Title"];
+            $dateadded = $row["DateAdded"];
+            $body = nl2br($row["Body"]);
+            $extendedbody = nl2br($row["ExtendedBody"]);
+            $pick = $row["Pick"];
+            $username = $row["UserName"];
+            $userid = $row["UserID"];
+            $date = gmdate("F, Y", strtotime("$dateadded")); //Create Customizeable Timestamp
+            $posteddate = date("F j Y, g:i:sa", strtotime("$dateadded"));
+
+            echo"<h3>$title\n";
+            if ($pick=="YES") {
+                echo"&nbsp;&#8212;&nbsp;$date Editors Pick\n";
+            }
+            echo"</h3>\n";
+            echo"Posted on $posteddate by <a href=\"authorprofiles.php?id=$userid\">$username</a><br>\n";
+            echo"<p class=\"first\">$body</p>\n";
+            if ($extendedbody) {
+               echo"<a name=\"more\"></a>\n";
+               echo"<p>$extendedbody</p>\n";
+            }
+        }
+
+        $typename = "extension";
+        if ($num_results=="0") {
+            echo"This $typename has not yet been reviewed.<BR><BR>
+
+            To see what other users think of this $typename, view the <A HREF=\"./moreinfo.php?".uriparams()."&amp;id=$id&amp;page=comments\">User Comments...</A>
+            ";
+        }
+
+
+    } else if ($page=="opinion") {
+
+        //My Opinion Tab
+        echo"<h3>Your Comments about $name:</h3>";
+
+        if ($_GET["error"]=="norating") {
+            echo"<DIV class=\"errorbox\">\n
+            Your comment submission had the following error(s), please fix these errors and try again.<br>\n
+            &nbsp;&nbsp;&nbsp;Rating cannot be left blank.<br>\n
+            &nbsp;&nbsp;&nbsp;Review/Comments cannot be left blank.<br>\n
+            </DIV>\n";
+        }
+    ?>
+    <FORM NAME="opinon" METHOD="POST" ACTION="../core/postfeedback.php?<?php echo uriparams(); ?>">
+    <DIV>
+    <input name="formkey" type="hidden" value="<?php print(md5(substr(md5(mt_rand()),0,10))); ?>">
+    <INPUT NAME="id" TYPE="HIDDEN" VALUE="<?php echo"$id"; ?>">
+    <INPUT NAME="vid" TYPE="HIDDEN" VALUE="<?php echo"$vid"; ?>">
+    <INPUT name="type" type="hidden" value="E">
+    Your Name:*<BR>
+    <INPUT NAME="name" TYPE="TEXT" SIZE=30 MAXLENGTH=30><BR>
+
+    Your E-Mail (optional):<BR>
+    <INPUT NAME="email" TYPE="TEXT" SIZE=30 MAXLENGTH=100><BR>
+
+    Rating:*<BR>
+    <SELECT NAME="rating">
+        <OPTION value="">Rating:
+    	<OPTION value="5">5 Stars
+    	<OPTION value="4">4 Stars
+    	<OPTION value="3">3 Stars
+    	<OPTION value="2">2 Stars
+    	<OPTION value="1">1 Star
+        <OPTION value="0">0 Stars
+    </SELECT><BR>
+
+    Title:*<BR>
+    <INPUT NAME="title" TYPE="TEXT" SIZE=30 MAXLENGTH=50><BR>
+
+    Review/Comments:*<BR>
+
+    <TEXTAREA NAME="comments" ROWS=5 COLS=55></TEXTAREA><BR>
+    <INPUT NAME="submit" TYPE="SUBMIT" VALUE="Post">&nbsp;&nbsp;<INPUT NAME="reset" TYPE="RESET" VALUE="Reset"><BR>
+    <SPAN class="smallfont">* Required Fields</SPAN>
+    </DIV>
+    </FORM>
+
+    <?php
+
+    } // End Pages
+    ?>
+
+	</div>
+<!-- closes #mainContent-->
+
+</div>
+
+<!-- closes #mBody-->
+
+<?php
+require_once(FOOTER);
+?>

mozilla/webtools/update/extensions/showlist.php

@@ -0,0 +1,535 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+?>
+<?php
+
+// Set this page to read from the SHADOW_DB.
+// define('USE_SHADOW_DB',true);
+
+require_once('../core/init.php');
+
+//----------------------------
+//Global $_GET variables
+//----------------------------
+if (isset($_GET["numpg"])) {
+    $items_per_page = escape_string($_GET["numpg"]); 
+}
+else {
+    //Default Num per Page is 10
+    $items_per_page="10";
+}
+if (isset($_GET["category"])) { 
+    $category = escape_string($_GET["category"]); 
+}
+if (!isset($category) || $category=="All") {
+    $category="";
+}
+
+
+if (!isset($_GET["pageid"])) {$pageid="1"; } else { $pageid = escape_string($_GET["pageid"]); } 
+//Default PageID is 1
+$type="E"; //Default Type is E
+
+unset($typename);
+$types = array("E"=>"Extensions","T"=>"Themes","U"=>"Updates");
+$typename = $types[$type];
+
+//RSS Autodiscovery Link Stuff
+$rsslist = "newest";
+switch ($category) {
+  case "Newest":
+    $rsslist = "newest";
+    break;
+  case "Popular":
+    $rsslist = "popular";
+    break;
+  case "Top Rated":
+    $rsslist = "rated";
+    break;
+}
+
+$rssfeed = "/rss/?application=" . $application . "&type=" . $type . "&list=" . $rsslist;
+
+if (!$category) {$categoryname = "All $typename"; } else {$categoryname = $category; }
+
+$page_title = 'Mozilla Update :: Extensions - List - '.$categoryname;
+if ($pageid) {
+    $page_title .= ' - Page '.$pageid; 
+}
+
+if ($rsslist) {
+    $page_headers = '<link rel="alternate" type="application/rss+xml"
+        title="RSS" href="'.WEB_PATH.$rssfeed.'>';
+}
+
+ob_start();
+installtrigger("extensions");
+$page_headers = ob_get_clean();
+require_once(HEADER);
+
+?>
+<div id="mBody">
+
+<?php
+require_once('./inc_sidebar.php');
+?>
+
+	<div id="mainContent">
+
+<?php
+
+//Query for List Creation
+$s = "0";
+$editorpick = "false";
+$startpoint = ($pageid-1)*$items_per_page;
+$orderby = false;
+if ($category=="Editors Pick" or $category=="Newest" or $category=="Popular" or $category=="Top Rated") {
+if ($category =="Editors Pick") {
+$editorpick="true";
+} else if ($category =="Newest") {
+$orderby = "TV.DateAdded DESC, LTRIM(`Name`) ASC";
+} else if ($category =="Popular") {
+$orderby = "TM.downloadcount DESC, LTRIM(`Name`) ASC";
+} else if ($category =="Top Rated") {
+$orderby = "TM.Rating DESC, LTRIM(`Name`) ASC";
+}
+$catname = $category;
+$category = "%";
+}
+
+$sql = "SELECT TM.ID, TM.Name, TM.DateAdded, TM.DateUpdated, TM.Homepage, TM.Description, TM.Rating, TM.TotalDownloads, TM.downloadcount, TV.vID,
+SUBSTRING(MAX(CONCAT(LPAD(TV.Version, 6, '0'), TV.vID)), 7)  AS MAXvID,
+MAX(TV.Version) AS Version,
+TA.AppName, TOS.OSName
+FROM `main` TM 
+INNER  JOIN version TV ON TM.ID = TV.ID
+INNER  JOIN applications TA ON TV.AppID = TA.AppID
+INNER  JOIN os TOS ON TV.OSID = TOS.OSID ";
+if ($category && $category !=="%") { $sql .="INNER  JOIN categoryxref TCX ON TM.ID = TCX.ID
+INNER JOIN categories TC ON TCX.CategoryID = TC.CategoryID "; }
+if ($editorpick=="true") { $sql .="INNER JOIN reviews TR ON TM.ID = TR.ID "; }
+$sql .="WHERE Type = '$type' AND AppName = '$application' AND `approved` = 'YES' ";
+if ($editorpick=="true") { $sql .="AND TR.Pick = 'YES' "; }
+if ($category && $category !=="%") {$sql .="AND CatName LIKE '$category' ";}
+if ($OS) { $sql .=" AND (TOS.OSName = '$OS' OR TOS.OSName = 'All') "; }
+if ($catname == "Popular") { $sql .=" AND TM.downloadcount > '5'"; }
+$sql .="GROUP BY `Name` ";
+if ($orderby) {
+$sql .="ORDER BY $orderby";
+} else {
+$sql .="ORDER  BY  LTRIM(`Name`), `Version` DESC ";
+}
+
+$resultsquery = $sql;
+unset($sql);
+
+//Get Total Results from Result Query & Populate Page Control Vars.
+ $sql_result = mysql_query($resultsquery, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+  $totalresults = mysql_num_rows($sql_result);
+  $num_pages = ceil($totalresults/$items_per_page); //Total # of Pages
+    if ($pageid>$num_pages) {$pageid=$num_pages;} //Check PageId for Validity
+    $startpoint = ($pageid-1)*$items_per_page;
+    if ($startpoint<0) {$startpoint=0; $startitem=0;}
+    $startitem = $startpoint+1;
+    $enditem = $startpoint+$items_per_page;
+    if ($totalresults=="0") {$startitem = "0"; }
+    if ($enditem>$totalresults) {$enditem=$totalresults;} //Verify EndItem
+
+
+if (isset($_GET['nextnum'])) {$startpoint = escape_string($_GET["nextnum"]); }
+//$resultsquery = str_replace("GROUP BY `Name` ", "", $resultsquery);
+$resultsquery .= " LIMIT $startpoint , $items_per_page"; //Append LIMIT clause to result query
+
+if ($category=="%") {$category = $catname; unset($catname); }
+
+//Now Showing Box
+if (!$category) {$categoryname="All"; } else {$categoryname = $category;}
+echo"<H2>".ucwords("$application $typename &#187; $categoryname ")."</H2>\n";
+
+if (!$OS) {$OS="all";}
+if (!$category) {$categoryname="All"; } else {$categoryname = $category;}
+
+echo"".ucwords("$typename")." $startitem - $enditem of $totalresults&nbsp;&nbsp;|&nbsp;&nbsp;";
+
+$previd=$pageid-1;
+if ($previd >"0") {
+echo"<a href=\"?".uriparams()."&amp;pageid=$previd\">&#171; Previous</A> &bull; ";
+}
+echo"Page $pageid of $num_pages";
+
+$nextid=$pageid+1;
+if ($pageid <$num_pages) {
+echo" &bull; <a href=\"?".uriparams()."&amp;pageid=$nextid\">Next &#187;</a>";
+}
+
+echo"<br>\n";
+
+$sql = "SELECT `CatDesc` FROM `categories` WHERE `CatName`='$category' and `CatType`='$type' LIMIT 1";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+   $row = mysql_fetch_array($sql_result);
+     $categorydescription = $row["CatDesc"];
+if ($category=="All") {$categorydescription="All listed extensions for $application";}
+
+if ($categorydescription) {echo"$categorydescription<br>\n";}
+
+
+
+echo '<br>';
+/*
+// Modify List Form
+
+echo"<DIV class=\"key-point\">";
+echo"<FORM NAME=\"listviews\" METHOD=\"GET\" ACTION=\"showlist.php\">\n";
+echo"<div>";
+echo"<INPUT NAME=\"application\" TYPE=\"hidden\" VALUE=\"$application\">\n";
+echo"<INPUT NAME=\"category\" TYPE=\"hidden\" VALUE=\"$category\">\n";
+//Items-Per-Page
+echo"Show/Page: ";
+$perpage = array("5","10","20","50");
+echo"<SELECT name=\"numpg\">";
+foreach ($perpage as $value) {
+echo"<OPTION value=\"$value\"";
+if ($items_per_page==$value) {echo" SELECTED"; }
+echo">$value</OPTION>";
+}
+echo"</SELECT>\n";
+
+// Operating Systems
+echo" OS: ";
+echo"<SELECT name=\"os\">\n";
+$sql = "SELECT `OSName` FROM `os` ORDER BY `OSName`";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+  while ($row = mysql_fetch_array($sql_result)) {
+  $osname = $row["OSName"];
+  echo"<OPTION value=\"".strtolower($osname)."\"";
+  if (strtolower($OS) == strtolower($osname)) {echo" SELECTED";}
+  echo">$osname</OPTION>";
+  }
+echo"</SELECT>\n";
+
+
+//Versions of Application
+echo"Versions: ";
+echo"<SELECT name=\"version\">";
+if ($application != "thunderbird") {echo"<OPTION value=\"auto-detect\">Auto-Detect</OPTION>";}
+$app_orig = $application; //Store original to protect against possible corruption
+$sql = "SELECT `Version`, `major`, `minor`, `release`, `SubVer` FROM `applications` WHERE `AppName` = '$application' AND `public_ver` = 'YES'  ORDER BY `major` DESC, `minor` DESC, `release` DESC, `SubVer` DESC";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+  while ($row = mysql_fetch_array($sql_result)) {
+  $version = $row["Version"];
+  $subver = $row["SubVer"];
+  $release = "$row[major].$row[minor]";
+  if ($row["release"]) {$release = "$release.$row[release]";}
+if ($app_version=="0.95") {$app_version="0.10"; }
+//Firesomething Support
+if ($application=="firefox") { if ($release == "0.7") {$application="firebird";} else {$application="firefox";} }
+
+if ($subver !=="final") {$release="$release$subver";}
+echo"<OPTION value=\"$release\"";
+if ($app_version == $release) {echo" SELECTED"; }
+echo">".ucwords($application)." $version</OPTION>";
+
+if ($app_version=="0.10") {$app_version="0.95"; }
+  }
+$application = $app_orig; unset($app_orig);
+
+
+echo"</SELECT>\n";
+echo"<INPUT NAME=\"submit\" TYPE=\"SUBMIT\" VALUE=\"Update\">";
+echo"</div></FORM>";
+echo"</DIV>\n";
+echo"&nbsp;<br>\n";
+*/
+
+//---------------------------------
+// Begin List
+//---------------------------------
+//Get Author Data and Create $authorarray and $authorids
+$sql = "SELECT  TM.Name, TU.UserName, TU.UserID, TU.UserEmail FROM  `main`  TM 
+LEFT JOIN authorxref TAX ON TM.ID = TAX.ID
+INNER JOIN userprofiles TU ON TAX.UserID = TU.UserID
+ORDER  BY  `Type` , `Name`  ASC ";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+  while ($row = mysql_fetch_array($sql_result)) {
+     $authorarray[$row['Name']][] = $row["UserName"];
+     $authorids[$row['UserName']] = $row["UserID"];
+   }
+
+//Assemble a display application version array
+$sql = "SELECT `Version`, `major`, `minor`, `release`, `SubVer` FROM `applications` WHERE `AppName`='$application' ORDER BY `major`,`minor`";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+  while ($row = mysql_fetch_array($sql_result)) {
+  $version = $row["Version"];
+  $subver = $row["SubVer"];
+  $release = "$row[major].$row[minor]";
+  if ($row["release"]) {$release = "$release.$row[release]";}
+  if ($subver !=="final") {$release="$release$subver";}
+
+  $appvernames[$release] = $version;
+  }
+
+//Query to Generate List..
+$sql = "$resultsquery";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+  while ($row = mysql_fetch_array($sql_result)) {
+
+    $id = $row["ID"];
+    $name = $row["Name"];
+    $dateadded = $row["DateAdded"];
+    $dateupdated = $row["DateUpdated"];
+    $homepage = $row["Homepage"];
+    $description = nl2br($row["Description"]);
+    $rating = $row["Rating"];
+    $authors = $authorarray[$name];
+    $osname = $row["OSName"];
+    $appname = $row["AppName"];
+    $downloadcount = $row["TotalDownloads"];
+    $populardownloads = $row["downloadcount"];
+
+//Get Version Record for Referenced MAXvID from list query
+$sql2 = "SELECT TV.vID, TV.Version, TV.MinAppVer, TV.MaxAppVer, TV.Size, TV.DateAdded AS VerDateAdded, TV.DateUpdated AS VerDateUpdated, TV.URI, TV.Notes FROM  `version` TV
+INNER  JOIN applications TA ON TV.AppID = TA.AppID
+INNER  JOIN os TOS ON TV.OSID = TOS.OSID
+WHERE TV.ID = '$id' AND TV.Version = '$row[Version]' AND TA.AppName = '$appname' AND TOS.OSName = '$osname' LIMIT 1";
+ $sql_result2 = mysql_query($sql2, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+$vid = $row['MAXvID'];
+  $row = mysql_fetch_array($sql_result2);
+
+   $vid = $row["vID"];
+if (isset($appvernames[$row["MinAppVer"]])) {
+    $minappver = $appvernames[$row["MinAppVer"]]; 
+} 
+else { 
+    $minappver = $row["MinAppVer"]; 
+}
+
+if (isset($appvernames[$row["MaxAppVer"]])) {
+    $maxappver = $appvernames[$row["MaxAppVer"]]; 
+} 
+else { 
+    $maxappver = $row["MaxAppVer"]; 
+}
+   $VerDateAdded = $row["VerDateAdded"];
+   $VerDateUpdated = $row["VerDateUpdated"];
+   $filesize = $row["Size"];
+   $notes = $row["Notes"];
+   $version = $row["Version"];
+   $uri = $row["URI"];
+   $filename = basename($uri);
+
+$sql3 = "SELECT `PreviewURI`, `caption` from `previews` WHERE `ID` = '$id' AND `preview`='YES' LIMIT 1";
+ $sql_result3 = mysql_query($sql3, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+   $row3 = mysql_fetch_array($sql_result3);
+   $previewuri = $row3["PreviewURI"];
+   $caption = $row3["caption"];
+
+
+if ($VerDateAdded > $dateadded) {$dateadded = $VerDateAdded; }
+if ($VerDateUpdated > $dateupdated) {$dateupdated = $VerDateUpdated; }
+
+//Turn Authors Array into readable string...
+$authorcount = count($authors);
+$n = 0;
+$authorstring = "";
+foreach ($authors as $author) {
+$userid = $authorids[$author];
+$n++;
+$authorstring .= "<A HREF=\"authorprofiles.php?".uriparams()."&amp;id=$userid\">$author</A>";
+if ($authorcount != $n) {$authorstring .=", "; }
+
+}
+$authors = $authorstring;
+unset($authorstring, $n); // Clear used Vars.. 
+
+if ($dateupdated > $dateadded) {
+    $timestamp = $dateupdated;
+    $datetitle = "Last Update: ";
+  } else {
+    $timestamp = $dateadded;
+    $datetitle = "Added on: ";
+  }
+
+  $date = date("F d, Y g:i:sa",  strtotime("$timestamp"));
+
+
+$datestring = "$datetitle $date";
+
+
+echo"<DIV class=\"item\">\n";
+
+     if ($rating != NULL) {
+        echo"<div class=\"rating\" title=\"$rating Stars out of 5\">Rating: ";
+
+        for ($i = 1; $i <= floor($rating); $i++) {
+            echo"<IMG SRC=\"../images/stars/star_icon.png\" width=\"17\" height=\"20\" ALT=\""; if ($i==1) {echo"$rating stars out of 5 ";} echo"\">";
+        }
+
+        if ($rating>floor($rating)) {
+            $val = floor(($rating-floor($rating))*10);
+            echo"<IMG SRC=\"../images/stars/star_0$val.png\" width=\"17\" height=\"20\" ALT=\"\">";
+            $i++;
+        }
+
+        for ($i = $i; $i <= 5; $i++) {
+            echo"<IMG SRC=\"../images/stars/graystar_icon.png\" width=\"17\" height=\"20\" ALT=\""; if ($i==1) {echo"$rating stars out of 5 ";} echo"\">";
+        }
+
+
+        echo"</div>\n";
+        }
+
+echo"<h2 class=\"first\"><A HREF=\"moreinfo.php?".uriparams()."&amp;id=$id\">$name $version</A></h2>";
+
+        if ($previewuri) {
+
+        echo"<p class=\"screenshot\">\n";
+
+            list($width, $height, $attr) = getimagesize(FILE_PATH.'/'.$previewuri);
+            echo"<a href=\"moreinfo.php?".uriparams()."&amp;id=$id\"><img src=\"..$previewuri\" height=$height width=$width alt=\"$name preview - $caption\" title=\"$caption\"></a>\n";
+
+        echo"</p>\n";
+        $preview_minheight=$height-50;
+        }
+
+
+echo"<P class=\"first\">By $authors</P>";
+
+//Description & Version Notes
+if ($previewuri AND $preview_minheight) {
+    echo"<p class=\"first\" style=\"min-height: 80px\">";
+} else {
+    echo"<p class=\"first\">";
+}
+echo"$description<BR>";
+if ($notes) {echo"<BR>$notes"; }
+echo"</p>";
+
+
+
+//Icon Bar Modules
+echo"<DIV style=\"margin-top: 30px; height: 34px\">";
+echo"<DIV class=\"iconbar\">";
+if ($appname=="Thunderbird") {
+    echo"<A HREF=\"moreinfo.php?".uriparams()."&amp;id=$id\"><IMG SRC=\"../images/download.png\" HEIGHT=32 WIDTH=32 TITLE=\"More Info about $name\" ALT=\"\">More Info</A>";
+} else {
+    echo"<a href=\"$uri\" onclick=\"return install(event,'".addslashes($name.' '.$version)."',
+    '../images/default.png');\"><IMG SRC=\"../images/download.png\" HEIGHT=32 WIDTH=32 TITLE=\"Install $name\" ALT=\"\">Install</A>";
+}
+echo"<BR><SPAN class=\"filesize\">&nbsp;&nbsp;$filesize kb</SPAN></DIV>";
+echo"<DIV class=\"iconbar\"><IMG SRC=\"../images/".strtolower($appname)."_icon.png\" HEIGHT=34 WIDTH=34 ALT=\"\">&nbsp;For $appname:<BR>&nbsp;&nbsp;$minappver - $maxappver</DIV>";
+if($osname !=="ALL") { echo"<DIV class=\"iconbar\"><IMG SRC=\"../images/".strtolower($osname)."_icon.png\" HEIGHT=34 WIDTH=34 ALT=\"\">For&nbsp;$osname<BR>only</DIV>"; }
+//if ($homepage) {echo"<DIV class=\"iconbar\"><A HREF=\"$homepage\"><IMG //SRC=\"../images/home.png\" HEIGHT=34 WIDTH=34 TITLE=\"$name Homepage\" ALT=\"\">Homepage</A></DIV>";}
+echo"</DIV>";
+
+echo"<DIV class=\"baseline\">$datestring";
+if ($populardownloads > 5 ) {echo" | Downloads Last 7 Days: $populardownloads";}
+if ($downloadcount) { echo" | Total Downloads: $downloadcount"; }
+echo"</DIV>\n";
+echo"</DIV>\n";
+
+} //End While Loop
+if ($totalresults=="0") {
+echo"<DIV class=\"item noitems\">\n";
+echo"<P>No extensions found in this category for ".ucwords($application).".</P>\n";
+echo"</DIV>\n";
+
+}
+?>
+
+
+
+
+<?php
+echo"<H2>".ucwords("$application $typename &#187; $categoryname ")."</H2>";
+echo"".ucwords("$typename")." $startitem - $enditem of $totalresults";
+echo"&nbsp;&nbsp;|&nbsp;&nbsp;";
+
+// Begin Code for Dynamic Navbars
+if ($pageid <=$num_pages) {
+
+
+$previd=$pageid-1;
+if ($previd >"0") {
+echo"<a href=\"?".uriparams()."&amp;pageid=$previd\">&#171; Previous</A> &bull; ";
+}
+echo"Page $pageid of $num_pages";
+
+
+$nextid=$pageid+1;
+if ($pageid <$num_pages) {
+echo" &bull; <a href=\"?".uriparams()."&amp;pageid=$nextid\">Next &#187;</a>";
+}
+echo"<BR>\n";
+
+
+//Skip to Page...
+if ($num_pages>1) {
+echo"Jump to Page: ";
+$pagesperpage=9; //Plus 1 by default..
+$i = 01;
+//Dynamic Starting Point
+if ($pageid>11) {
+$nextpage=$pageid-10;
+$i=$nextpage;
+}
+
+//Dynamic Ending Point
+$maxpagesonpage=$pageid+$pagesperpage;
+//Page #s
+while ($i <= $maxpagesonpage && $i <= $num_pages) {
+
+if ($i==$pageid) { 
+    echo"<SPAN style=\"color: #FF0000\">$i</SPAN>&nbsp;";
+  } else {
+    echo"<A HREF=\"?".uriparams()."&amp;pageid=$i\">$i</A>&nbsp;";
+
+}
+
+    $i++;
+}
+}
+
+
+
+}
+
+?>
+</div>
+<?php
+require_once(FOOTER);
+?>

mozilla/webtools/update/faq.php

@@ -0,0 +1,174 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// Contributor(s):
+//      Mike Morgan <morgamic@gmail.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+?>
+<?php
+
+// Set this page to read from the SHADOW_DB.
+define('USE_SHADOW_DB',true);
+
+require_once('./core/init.php');
+$page_title = 'Mozilla Update :: Frequently Asked Questions';
+require_once(HEADER);
+?>
+
+<div id="mBody">
+
+<h1>Frequently Asked Questions</h1>
+
+<h2>What is Mozilla Update?</h2>
+<p>Mozilla Update is the place to get updates and extras for
+your <a href="http://www.mozilla.org/">Mozilla</a> products.  This service
+has undergone <a href="./update.php">several changes</a> that we hope
+will make the site better.  We have re-enabled access to the developers area
+and look forward to serving the extension and theme developer community in the
+future!  We will be posting frequent 
+<a href="./update.php">status updates</a> as to our progress with the 
+UMO service.  The best is yet to come!</p>
+
+<h2>How do I get involved?</h2>
+<p class="first">We are looking for volunteers to help us with UMO. We are in need of PHP
+developers to help with redesigning the site, and people to review extensions
+and themes that get submitted to UMO. We especially need Mac and Thunderbird
+users. If you are interested in being a part of this exciting project, please
+join us in <kbd>#umo</kbd> on <kbd>irc.mozilla.org</kbd> to start getting a feeling for what's up or for a more informal chat.
+</p>
+
+<h2>What can I find here?</h2>
+<dl>
+<dt>Extensions</dt>
+<dd>Extensions are small add-ons that add new functionality to your Firefox
+web browser or Thunderbird email client.  They can add anything from
+toolbars to completely new features.  Browse extensions for:
+<a href="./extensions/?application=firefox">Firefox</a>, 
+<a href="./extensions/?application=thunderbird">Thunderbird</a>,
+<a href="./extensions/?application=mozilla">Mozilla Suite</a>
+</dd>
+
+<dt>Themes</dt>
+<dd>Themes allow you to change the way your Mozilla program looks. 
+New graphics and colors. Browse themes for: 
+<a href="./themes/?application=firefox">Firefox</a>,
+<a href="./themes/?application=thunderbird">Thunderbird</a>,
+<a href="./themes/?application=mozilla">Mozilla Suite</a>
+</dd>
+
+<dt>Plugins</dt>
+<dd>Plugins are programs that also add funtionality to your browser to
+deliver specific content like videos, games, and music.  Examples of Plugins
+are Macromedia Flash Player, Adobe Acrobat, and Sun Microsystem's Java
+Software.  Browse plug-ins for:
+<a href="./plugins/">Firefox &amp; Mozilla Suite</a>
+</dd>
+
+	</dl>
+
+<?php
+$sql = "SELECT `title`, `text` FROM  `faq` WHERE `active` = 'YES' ORDER  BY  `index` ASC, `title` ASC";
+$sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+
+while ($row = mysql_fetch_array($sql_result)) {
+    $title = $row['title'];
+    $text = nl2br($row['text']);
+
+    echo "<h2>$title</h2>\n";
+    echo "<p>$text</p>\n";
+}
+?>
+
+<h2>Valid App Versions for Addon Developers</h2>
+
+<table class="appversions">
+<tr>
+    <th>Application Name {GUID}</th>
+    <th>Version</th>
+</tr>
+
+<?php
+// Let's display our valid app versions to make the lives of our appliation
+// developers a lot easier.
+$appVersions = array();
+$guids = array();
+
+$sql = "
+    SELECT 
+        `AppName`,
+        `GUID`,
+        `Version`
+    FROM
+        `applications`
+    WHERE
+        `public_ver`='YES'
+    ORDER BY
+        AppID
+";
+
+$sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+
+while ($row = mysql_fetch_array($sql_result)) {
+    $appVersions[$row['AppName']][] = array(
+        'displayVersion' => $row['Version']
+    );
+    $guids[$row['AppName']] = $row['GUID'];
+}
+
+if (is_array($appVersions)) {
+    foreach ($appVersions as $app=>$versions) {
+        echo <<<ROWHEADER
+            <tr><td colspan="3"><h3>{$app} {$guids[$app]}</h3></td></tr>
+
+ROWHEADER;
+        if (is_array($versions)) { 
+            $class = 0;
+            foreach ($versions as $row) {
+                $rowClass = $class%2;
+                echo <<<ROW
+                <tr class="row{$rowClass}"><td></td><td>{$row['displayVersion']}</td></tr>
+
+ROW;
+                $class++;
+            }
+        }
+    }
+}
+echo '</table>'
+
+?>
+
+<h2>I see this error when trying to upload my extension or theme: "The Name for your extension or theme already exists in the Update database."</h2>
+<p>This is typically caused by mismatching GUIDs or a duplicate record.  If there is a duplicate record, chances are you should submit an update instead of trying to create a new extension or theme.  If you cannot see the existing record, then it is owned by another author, and you should consider renaming your extension/theme.</p>
+
+</div>
+
+<?php
+require_once(FOOTER);
+?>

mozilla/webtools/update/finalists.php

@@ -0,0 +1,209 @@
+<?php
+// ***** BEGIN LICENSE BLOCK *****
+// Version: MPL 1.1/GPL 2.0/LGPL 2.1
+//
+// The contents of this file are subject to the Mozilla Public License Version
+// 1.1 (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+// http://www.mozilla.org/MPL/
+//
+// Software distributed under the License is distributed on an "AS IS" basis,
+// WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+// for the specific language governing rights and limitations under the
+// License.
+//
+// The Original Code is Mozilla Update.
+//
+// The Initial Developer of the Original Code is
+// Chris "Wolf" Crews.
+// Portions created by the Initial Developer are Copyright (C) 2004
+// the Initial Developer. All Rights Reserved.
+//
+// Contributor(s):
+//   Chris "Wolf" Crews <psychoticwolf@carolina.rr.com>
+//
+// Alternatively, the contents of this file may be used under the terms of
+// either the GNU General Public License Version 2 or later (the "GPL"), or
+// the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+// in which case the provisions of the GPL or the LGPL are applicable instead
+// of those above. If you wish to allow use of your version of this file only
+// under the terms of either the GPL or the LGPL, and not to allow others to
+// use your version of this file under the terms of the MPL, indicate your
+// decision by deleting the provisions above and replace them with the notice
+// and other provisions required by the GPL or the LGPL. If you do not delete
+// the provisions above, a recipient may use your version of this file under
+// the terms of any one of the MPL, the GPL or the LGPL.
+//
+// ***** END LICENSE BLOCK *****
+	
+// Set this page to read from the SHADOW_DB.
+define('USE_SHADOW_DB',true);
+
+require_once('./core/init.php');
+
+$titleCaseApp=ucwords($application); // cache results!
+$uriparams=uriparams(); // cache results!
+$page_title = 'Extend Firefox Contest Finalists :: Mozilla Update';
+require_once(HEADER);
+installtrigger('extensions');
+
+echo <<<pagetop
+<div id="mBody">
+<h1>Extend Firefox Contest Finalists</h1>
+<p>We are happy to announce the finalists in our <a href="http://extendfirefox.com/">Extend Firefox Contest</a>, a contest held to award the best and brightest extension developers in the Firefox community.  The contest asked entrants to create Firefox Extensions that are innovative, useful, and integrate with today's Web services. Over 200 Extensions were submitted to the contest.  Many thanks to everyone who entered and everyone who helped spread the word about the contest.</p>
+
+<p>Winners will be announced in mid-February.</p>
+pagetop;
+
+/**
+ * Setting up variables.
+ */
+$guids = array(
+'{34274bf4-1d97-a289-e984-17e546307e4f}',
+'{097d3191-e6fa-4728-9826-b533d755359d}',
+'{B9DAB69C-460E-4085-AE6C-F95B0D858581}',
+'{DDC359D1-844A-42a7-9AA1-88A850A938A8}',
+'{89506680-e3f4-484c-a2c0-ed711d481eda}',
+'{3CE993BF-A3D9-4fd2-B3B6-768CBBC337F8}',
+'{268ad77e-cff8-42d7-b479-da60a7b93305}',
+'{77b819fa-95ad-4f2c-ac7c-486b356188a9}',
+'{bbc21d30-1cff-11da-8cd6-0800200c9a66}',
+'{37E4D8EA-8BDA-4831-8EA1-89053939A250}',
+'{a089fffd-e0cb-431b-8d3a-ebb8afb26dcf}',
+'Reveal@sourmilk.net',
+'{a6ca9b3b-5e52-4f47-85d8-cca35bb57596}',
+'{53A03D43-5363-4669-8190-99061B2DEBA5}',
+'separe@m4ng0.lilik.it',
+'xpose@viamatic.com',
+'{c45c406e-ab73-11d8-be73-000a95be3b12}',
+'{D5EDC062-A372-4936-B782-BD611DD18D86}'
+);
+
+$guids_tmp = array();
+foreach ($guids as $guid) {
+    $guids_tmp[] = "'".$guid."'";
+}
+$guids_imploded = implode(',',$guids_tmp);
+
+$descriptions = array(
+'{34274bf4-1d97-a289-e984-17e546307e4f}'=>"Block ads including Flash ads from their source.  Right click on an ad and select Adblock to block ads.  Hit the status-element and see what has or hasn't been blocked.",
+'{097d3191-e6fa-4728-9826-b533d755359d}'=>"Manage Extensions, Themes, Downloads, and more including Web content via Firefox’s sidebar.",
+'{B9DAB69C-460E-4085-AE6C-F95B0D858581}'=>"Blog directly within Firefox to LiveJournal, WordPress or Blogger. Select Deepest Sender from the ‘Tools’ menu.",
+'{DDC359D1-844A-42a7-9AA1-88A850A938A8}'=>"DownThemAll lets you filter and download all the links contained in any web-page, and lets you pause and resume downloads from previous Firefox sessions.",
+'{89506680-e3f4-484c-a2c0-ed711d481eda}'=>"View open Tabs and Windows with Showcase.  You can use it in two ways: global mode (F12) or local mode (Shift + F12). In global mode, a new window will be opened with thumbnails of the pages you've opened in all windows. In local mode, only content in tabs of your current window will be shown.
+
+You can also right click in those thumbnails to perform the most usual operations on them. Mouse middle button can be used to zoom a thumbnail, although other actions can be assigned to it.",
+'{3CE993BF-A3D9-4fd2-B3B6-768CBBC337F8}'=>"Get international weather forecasts and display it in any toolbar or status bar.",
+'{268ad77e-cff8-42d7-b479-da60a7b93305}'=>"Select from several of your favorite toolbars including including Google, Yahoo, Ask Jeeves, Teoma, Amazon, Download.com and others with one toolbar. The entire toolbar reconfigures when you select a different engine and it includes many advanced features found in each engine.
+You can also easily repeat your search on all engines included in toolbar.",
+'{77b819fa-95ad-4f2c-ac7c-486b356188a9}'=>"View pages with in Internet Explorer with IE Tab.  Select the Firefox icon on the bottom right of the browser to switch to using the Internet Explorer engine or Firefox to switch to IE.",
+'{bbc21d30-1cff-11da-8cd6-0800200c9a66}'=>"Allows sticky notes to be added to any web page, and viewed upon visiting the Web page again.  You can also share sticky notes.  Requires account.",
+'{37E4D8EA-8BDA-4831-8EA1-89053939A250}'=>"PDF Download Extension allows you to choose if you want to view a PDF file inside the browser (as PDF or HTML), if you want to view it outside Firefox with your default or custom PDF reader, or if you want to download it.",
+'{a089fffd-e0cb-431b-8d3a-ebb8afb26dcf}'=>"Platypus is a Firefox extension which lets you modify a Web page from your browser -- \"What You See Is What You Get\" -- and then save those changes as a GreaseMonkey script so that they'll be repeated the next time you visit the page.",
+'Reveal@sourmilk.net'=>"Reveal allows you to see thumbnails of pages in your history by mousing over the back and forward buttons.  With many tabs open, quickly find the page you want, by pressing F2. Reveal also has a rectangular magnifying glass you can use to zoom in on areas of any web page. Comes  with a quick tour of all the features. ",
+'{a6ca9b3b-5e52-4f47-85d8-cca35bb57596}'=>"A lightweight RSS and Atom feed aggregator.  Alt+S to open Sage in the Sidebar to start reading feed content.",
+'{53A03D43-5363-4669-8190-99061B2DEBA5}'=>"Highlight text, create sticky notes, and more to Web pages and Web sites that are saved to your desktop.  Scrapbook Includes full text search and quick filtering of saved pages.",
+'separe@m4ng0.lilik.it'=>"Manage tabs by creating a tab separator.  Right click on a Tab to add a new Tab separator.  Click on the Tab separator to view thumbnail images of web sites that are to the left and right of the Tab separator.",
+'xpose@viamatic.com'=>"Click on the icon in the status bar to view all Web pages in Tabbed windows as thumbnail images.  Press F8 to activate foXpose.",
+'{c45c406e-ab73-11d8-be73-000a95be3b12}'=>"Web developer toolbar includes various development tools such as window resizing, form and image debugging, links to page validation and optimization tools and much more.",
+'{D5EDC062-A372-4936-B782-BD611DD18D86}'=>"RSS news reader with integrated with services such as Feedster and weather information.  Includes online help documentation."
+);
+
+$screenshots = array(
+'{34274bf4-1d97-a289-e984-17e546307e4f}'=>'adblock-mini.png',
+'{097d3191-e6fa-4728-9826-b533d755359d}'=>'all-in-one-mini.png',
+'{B9DAB69C-460E-4085-AE6C-F95B0D858581}'=>'deepest-sender-mini.png',
+'{DDC359D1-844A-42a7-9AA1-88A850A938A8}'=>'downthemall-small.png',
+'{89506680-e3f4-484c-a2c0-ed711d481eda}'=>'firefox-showcase.png',
+'{3CE993BF-A3D9-4fd2-B3B6-768CBBC337F8}'=>'forecastfoxenhanced-small.png',
+'{268ad77e-cff8-42d7-b479-da60a7b93305}'=>'groowe-small.png',
+'{77b819fa-95ad-4f2c-ac7c-486b356188a9}'=>'IE-Tab.png',
+'{bbc21d30-1cff-11da-8cd6-0800200c9a66}'=>'stickies-small.png',
+'{37E4D8EA-8BDA-4831-8EA1-89053939A250}'=>'pdf-download.png',
+'{a089fffd-e0cb-431b-8d3a-ebb8afb26dcf}'=>'platypus.png',
+'Reveal@sourmilk.net'=>'reveal.png',
+'{a6ca9b3b-5e52-4f47-85d8-cca35bb57596}'=>'sage.png',
+'{53A03D43-5363-4669-8190-99061B2DEBA5}'=>'scrapbook-final.png',
+'separe@m4ng0.lilik.it'=>'separe.png',
+'xpose@viamatic.com'=>'xpose-small.png',
+'{c45c406e-ab73-11d8-be73-000a95be3b12}'=>'web-developer-toolbar-small.png',
+'{D5EDC062-A372-4936-B782-BD611DD18D86}'=>'wizz-small.png'
+);
+
+$authors = array(
+'{34274bf4-1d97-a289-e984-17e546307e4f}'=>'Ben Karel (and the Adblock Crew)',
+'{DDC359D1-844A-42a7-9AA1-88A850A938A8}'=>'Federico Parodi',
+'{a6ca9b3b-5e52-4f47-85d8-cca35bb57596}'=>'Peter Andrews (and the Sage Team)',
+'{53A03D43-5363-4669-8190-99061B2DEBA5}'=>'Taiga Gomibuchi',
+'separe@m4ng0.lilik.it'=>'Massimo Mangoni',
+'{77b819fa-95ad-4f2c-ac7c-486b356188a9}'=>'yuoo2k and Hong Jen Yee (PCMan)'
+);
+
+$webpath = WEB_PATH;
+$finalists = array();
+
+
+// Get data for GUIDs.
+$finalists_sql = "
+            SELECT
+                m.guid,
+                m.id, 
+                m.name, 
+                m.downloadcount,
+                m.homepage,
+                v.dateupdated,
+                v.uri,
+                v.size,
+                v.version,
+                (   
+                    SELECT u.username          
+                    FROM userprofiles u
+                    JOIN authorxref a ON u.userid = a.userid
+                    WHERE a.id = m.id
+                    ORDER BY u.userid DESC
+                    LIMIT 1
+                ) as username
+            FROM
+                main m
+            JOIN version v ON m.id = v.id
+            WHERE
+                v.vid = (SELECT max(vid) FROM version WHERE id=m.id AND approved='YES') AND
+                type = 'E' AND
+                m.guid IN({$guids_imploded})
+            ORDER BY
+                LTRIM(m.name)
+";
+
+$finalists_sql_result = mysql_query($finalists_sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+
+while ($row = mysql_fetch_array($finalists_sql_result,MYSQL_ASSOC)) {
+    $finalists[] = $row;
+}
+
+
+// Display output.
+foreach ($finalists as $finalist) {
+
+$author = !empty($authors[$finalist['guid']]) ? $authors[$finalist['guid']] : $finalist['username'];
+
+echo <<<finalist
+<div class="recommended">
+<img class="recommended-img" alt="" src="{$webpath}/images/finalists/{$screenshots[$finalist['guid']]}"/>
+<h2><a href="./extensions/moreinfo.php?id={$finalist['id']}">{$finalist['name']}</a> <small>by {$author}</small></h2>
+<div class="recommended-download">
+<h3><a href="{$finalist['uri']}" onclick="return install(event,'{$finalist['name']} {$finalist['version']}', '{$webpath}/images/default.png');" title="Install {$finalist['name']} {$finalist['version']} (Right-Click to Download)">Install Extension ({$finalist['size']}KB)</a></h3>
+</div>
+<p>{$descriptions[$finalist['guid']]}</p>
+</div>
+finalist;
+
+}
+?>
+
+<br class="clear-both"/>
+
+</div>
+
+<?php
+require_once(FOOTER);
+?>