author | Dan |
Sun, 26 Aug 2007 22:52:38 -0400 | |
changeset 105 | f7750e454168 |
parent 103 | a8891e108c95 |
child 116 | 77c75179bb95 |
permissions | -rwxr-xr-x |
0 | 1 |
<?php |
73
0a74676a2f2f
Made the move to Loch Ness, and got some basic page grouping functionality working. TODO: fix some UI issues in Javascript ACL editor and change non-JS ACL editor to work with page groups too
Dan
parents:
70
diff
changeset
|
2 |
|
0 | 3 |
/** |
4 |
* Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between |
|
73
0a74676a2f2f
Made the move to Loch Ness, and got some basic page grouping functionality working. TODO: fix some UI issues in Javascript ACL editor and change non-JS ACL editor to work with page groups too
Dan
parents:
70
diff
changeset
|
5 |
* @Version 1.0.1 (Loch Ness) |
0 | 6 |
* Copyright (C) 2006-2007 Dan Fuhry |
7 |
* |
|
8 |
* This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License |
|
9 |
* as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. |
|
10 |
* |
|
11 |
* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied |
|
12 |
* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details. |
|
13 |
* |
|
14 |
*/ |
|
70 | 15 |
|
81
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
parents:
80
diff
changeset
|
16 |
// Set up gzip encoding before any output is sent |
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
17 |
|
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
97
diff
changeset
|
18 |
$aggressive_optimize_html = true; |
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
19 |
|
0 | 20 |
global $do_gzip; |
80
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents:
73
diff
changeset
|
21 |
$do_gzip = true; |
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
22 |
|
0 | 23 |
if(isset($_SERVER['PATH_INFO'])) $v = $_SERVER['PATH_INFO']; |
24 |
elseif(isset($_GET['title'])) $v = $_GET['title']; |
|
25 |
else $v = ''; |
|
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
26 |
|
80
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents:
73
diff
changeset
|
27 |
if ( isset($_GET['nocompress']) ) |
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents:
73
diff
changeset
|
28 |
$aggressive_optimize_html = false; |
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents:
73
diff
changeset
|
29 |
|
0 | 30 |
error_reporting(E_ALL); |
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
31 |
|
0 | 32 |
// if(!strstr($v, 'CSS') && !strstr($v, 'UploadFile') && !strstr($v, 'DownloadFile')) // These pages are blacklisted because we can't have debugConsole's HTML output disrupting the flow of header() calls and whatnot |
33 |
// { |
|
34 |
// $do_gzip = ( function_exists('gzcompress') && ( isset($_SERVER['HTTP_ACCEPT_ENCODING']) && strstr($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') ) ) ? true : false; |
|
35 |
// // Uncomment the following line to enable debugConsole (requires PHP 5 or later) |
|
36 |
// // define('ENANO_DEBUG', ''); |
|
37 |
// } |
|
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
38 |
|
0 | 39 |
if(defined('ENANO_DEBUG')) $do_gzip = false; |
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
40 |
|
0 | 41 |
if($aggressive_optimize_html || $do_gzip) |
42 |
{ |
|
43 |
ob_start(); |
|
44 |
} |
|
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
45 |
|
0 | 46 |
require('includes/common.php'); |
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
47 |
|
0 | 48 |
global $db, $session, $paths, $template, $plugins; // Common objects |
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
49 |
|
0 | 50 |
if(!isset($_GET['do'])) $_GET['do'] = 'view'; |
51 |
switch($_GET['do']) |
|
52 |
{ |
|
53 |
default: |
|
54 |
die_friendly('Invalid action', '<p>The action "'.$_GET['do'].'" is not defined. Return to <a href="'.makeUrl($paths->page).'">viewing this page\'s text</a>.</p>'); |
|
55 |
break; |
|
56 |
case 'view': |
|
57 |
// echo PageUtils::getpage($paths->page, true, ( (isset($_GET['oldid'])) ? $_GET['oldid'] : false )); |
|
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
58 |
$rev_id = ( (isset($_GET['oldid'])) ? intval($_GET['oldid']) : 0 ); |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
59 |
$page = new PageProcessor( $paths->cpage['urlname_nons'], $paths->namespace, $rev_id ); |
0 | 60 |
$page->send_headers = true; |
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
28
diff
changeset
|
61 |
$pagepass = ( isset($_REQUEST['pagepass']) ) ? sha1($_REQUEST['pagepass']) : ''; |
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
28
diff
changeset
|
62 |
$page->password = $pagepass; |
61 | 63 |
$page->send(true); |
0 | 64 |
break; |
65 |
case 'comments': |
|
66 |
$template->header(); |
|
67 |
$sub = ( isset ($_GET['sub']) ) ? $_GET['sub'] : false; |
|
68 |
switch($sub) |
|
69 |
{ |
|
70 |
case 'admin': |
|
71 |
default: |
|
72 |
$act = ( isset ($_GET['action']) ) ? $_GET['action'] : false; |
|
73 |
$id = ( isset ($_GET['id']) ) ? intval($_GET['id']) : -1; |
|
74 |
echo PageUtils::comments_html($paths->cpage['urlname_nons'], $paths->namespace, $act, Array('id'=>$id)); |
|
75 |
break; |
|
76 |
case 'postcomment': |
|
77 |
if(empty($_POST['name']) || |
|
78 |
empty($_POST['subj']) || |
|
79 |
empty($_POST['text']) |
|
80 |
) { echo 'Invalid request'; break; } |
|
81 |
$cid = ( isset($_POST['captcha_id']) ) ? $_POST['captcha_id'] : false; |
|
82 |
$cin = ( isset($_POST['captcha_input']) ) ? $_POST['captcha_input'] : false; |
|
83 |
PageUtils::addcomment($paths->cpage['urlname_nons'], $paths->namespace, $_POST['name'], $_POST['subj'], $_POST['text'], $cin, $cid); // All filtering, etc. is handled inside this method |
|
84 |
echo PageUtils::comments_html($paths->cpage['urlname_nons'], $paths->namespace); |
|
85 |
break; |
|
86 |
case 'editcomment': |
|
87 |
if(!isset($_GET['id']) || ( isset($_GET['id']) && !preg_match('#^([0-9]+)$#', $_GET['id']) )) { echo '<p>Invalid comment ID</p>'; break; } |
|
88 |
$q = $db->sql_query('SELECT subject,comment_data,comment_id FROM '.table_prefix.'comments WHERE comment_id='.$_GET['id']); |
|
89 |
if(!$q) $db->_die('The comment data could not be selected.'); |
|
90 |
$row = $db->fetchrow(); |
|
91 |
$db->free_result(); |
|
92 |
echo '<form action="'.makeUrl($paths->page, 'do=comments&sub=savecomment').'" method="post">'; |
|
93 |
echo "<br /><div class='tblholder'><table border='0' width='100%' cellspacing='1' cellpadding='4'> |
|
94 |
<tr><td class='row1'>Subject:</td><td class='row1'><input type='text' name='subj' value='{$row['subject']}' /></td></tr> |
|
95 |
<tr><td class='row2'>Comment:</td><td class='row2'><textarea rows='10' cols='40' style='width: 98%;' name='text'>{$row['comment_data']}</textarea></td></tr> |
|
96 |
<tr><td class='row1' colspan='2' class='row1' style='text-align: center;'><input type='hidden' name='id' value='{$row['comment_id']}' /><input type='submit' value='Save Changes' /></td></tr> |
|
97 |
</table></div>"; |
|
98 |
echo '</form>'; |
|
99 |
break; |
|
100 |
case 'savecomment': |
|
101 |
if(empty($_POST['subj']) || empty($_POST['text'])) { echo '<p>Invalid request</p>'; break; } |
|
102 |
$r = PageUtils::savecomment_neater($paths->cpage['urlname_nons'], $paths->namespace, $_POST['subj'], $_POST['text'], (int)$_POST['id']); |
|
103 |
if($r != 'good') { echo "<pre>$r</pre>"; break; } |
|
104 |
echo PageUtils::comments_html($paths->cpage['urlname_nons'], $paths->namespace); |
|
105 |
break; |
|
106 |
case 'deletecomment': |
|
107 |
if(!empty($_GET['id'])) |
|
108 |
{ |
|
109 |
PageUtils::deletecomment_neater($paths->cpage['urlname_nons'], $paths->namespace, (int)$_GET['id']); |
|
110 |
} |
|
111 |
echo PageUtils::comments_html($paths->cpage['urlname_nons'], $paths->namespace); |
|
112 |
break; |
|
113 |
} |
|
114 |
$template->footer(); |
|
115 |
break; |
|
116 |
case 'edit': |
|
117 |
if(isset($_POST['_cancel'])) { header('Location: '.makeUrl($paths->page)); echo '<html><head><title>Redirecting...</title></head><body>If you haven\'t been redirected yet, <a href="'.makeUrl($paths->page).'">click here</a>.'; break; } |
|
118 |
if(isset($_POST['_save'])) { |
|
119 |
$e = PageUtils::savepage($paths->cpage['urlname_nons'], $paths->namespace, $_POST['page_text'], $_POST['edit_summary'], isset($_POST['minor'])); |
|
120 |
header('Location: '.makeUrl($paths->page)); echo '<html><head><title>Redirecting...</title></head><body>If you haven\'t been redirected yet, <a href="'.makeUrl($paths->page).'">click here</a>.'; break; |
|
121 |
} |
|
122 |
$template->header(); |
|
123 |
if(isset($_POST['_preview'])) |
|
124 |
{ |
|
125 |
$text = $_POST['page_text']; |
|
126 |
echo PageUtils::genPreview($_POST['page_text']); |
|
127 |
} |
|
128 |
else $text = RenderMan::getPage($paths->cpage['urlname_nons'], $paths->namespace, 0, false, false, false, false); |
|
129 |
echo ' |
|
130 |
<form action="'.makeUrl($paths->page, 'do=edit').'" method="post" enctype="multipart/form-data"> |
|
131 |
<br /> |
|
132 |
<textarea name="page_text" rows="20" cols="60" style="width: 97%;">'.$text.'</textarea><br /> |
|
133 |
<br /> |
|
134 |
'; |
|
135 |
if($paths->wiki_mode) |
|
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
136 |
echo 'Edit summary: <input name="edit_summary" type="text" size="40" /><br /><label><input type="checkbox" name="minor" /> This is a minor edit</label><br />'; |
0 | 137 |
echo '<br /> |
138 |
<input type="submit" name="_save" value="Save changes" style="font-weight: bold;" /> |
|
139 |
<input type="submit" name="_preview" value="Preview changes" /> |
|
140 |
<input type="submit" name="_revert" value="Revert changes" /> |
|
141 |
<input type="submit" name="_cancel" value="Cancel" /> |
|
142 |
</form> |
|
143 |
'; |
|
144 |
$template->footer(); |
|
145 |
break; |
|
146 |
case 'viewsource': |
|
147 |
$template->header(); |
|
148 |
$text = RenderMan::getPage($paths->cpage['urlname_nons'], $paths->namespace, 0, false, false, false, false); |
|
149 |
echo ' |
|
150 |
<form action="'.makeUrl($paths->page, 'do=edit').'" method="post"> |
|
151 |
<br /> |
|
152 |
<textarea readonly="readonly" name="page_text" rows="20" cols="60" style="width: 97%;">'.$text.'</textarea>'; |
|
153 |
echo '<br /> |
|
154 |
<input type="submit" name="_cancel" value="Close viewer" /> |
|
155 |
</form> |
|
156 |
'; |
|
157 |
$template->footer(); |
|
158 |
break; |
|
159 |
case 'history': |
|
160 |
$hist = PageUtils::histlist($paths->cpage['urlname_nons'], $paths->namespace); |
|
161 |
$template->header(); |
|
162 |
echo $hist; |
|
163 |
$template->footer(); |
|
164 |
break; |
|
165 |
case 'rollback': |
|
166 |
$id = (isset($_GET['id'])) ? $_GET['id'] : false; |
|
167 |
if(!$id || !preg_match('#^([0-9]+)$#', $id)) die_friendly('Invalid action ID', '<p>The URL parameter "id" is not an integer. Exiting to prevent nasties like SQL injection, etc.</p>'); |
|
168 |
$rb = PageUtils::rollback( (int) $id ); |
|
169 |
$template->header(); |
|
170 |
echo '<p>'.$rb.' <a href="'.makeUrl($paths->page).'">Return to the page</a>.</p>'; |
|
171 |
$template->footer(); |
|
172 |
break; |
|
173 |
case 'catedit': |
|
174 |
if(isset($_POST['__enanoSaveButton'])) |
|
175 |
{ |
|
176 |
unset($_POST['__enanoSaveButton']); |
|
177 |
$val = PageUtils::catsave($paths->cpage['urlname_nons'], $paths->namespace, $_POST); |
|
178 |
if($val == 'GOOD') |
|
179 |
{ |
|
180 |
header('Location: '.makeUrl($paths->page)); echo '<html><head><title>Redirecting...</title></head><body>If you haven\'t been redirected yet, <a href="'.makeUrl($paths->page).'">click here</a>.'; break; |
|
181 |
} else { |
|
182 |
die_friendly('Error saving category information', '<p>'.$val.'</p>'); |
|
183 |
} |
|
184 |
} |
|
185 |
elseif(isset($_POST['__enanoCatCancel'])) |
|
186 |
{ |
|
187 |
header('Location: '.makeUrl($paths->page)); echo '<html><head><title>Redirecting...</title></head><body>If you haven\'t been redirected yet, <a href="'.makeUrl($paths->page).'">click here</a>.'; break; |
|
188 |
} |
|
189 |
$template->header(); |
|
190 |
$c = PageUtils::catedit_raw($paths->cpage['urlname_nons'], $paths->namespace); |
|
191 |
echo $c[1]; |
|
192 |
$template->footer(); |
|
193 |
break; |
|
194 |
case 'moreoptions': |
|
195 |
$template->header(); |
|
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
28
diff
changeset
|
196 |
echo '<div class="menu_nojs" style="width: 150px; padding: 0;"><ul style="display: block;"><li><div class="label">More options for this page</div><div style="clear: both;"></div></li>'.$template->tpl_strings['TOOLBAR_EXTRAS'].'</ul></div>'; |
0 | 197 |
$template->footer(); |
198 |
break; |
|
199 |
case 'protect': |
|
200 |
if (!isset($_REQUEST['level'])) die_friendly('Invalid request', '<p>No protection level specified</p>'); |
|
201 |
if(!empty($_POST['reason'])) |
|
202 |
{ |
|
203 |
if(!preg_match('#^([0-2]*){1}$#', $_POST['level'])) die_friendly('Error protecting page', '<p>Request validation failed</p>'); |
|
204 |
PageUtils::protect($paths->cpage['urlname_nons'], $paths->namespace, intval($_POST['level']), $_POST['reason']); |
|
205 |
die_friendly('Page protected', '<p>The protection setting has been applied. <a href="'.makeUrl($paths->page).'">Return to the page</a>.</p>'); |
|
206 |
} |
|
207 |
$template->header(); |
|
208 |
?> |
|
209 |
<form action="<?php echo makeUrl($paths->page, 'do=protect'); ?>" method="post"> |
|
210 |
<input type="hidden" name="level" value="<?php echo $_REQUEST['level']; ?>" /> |
|
211 |
<?php if(isset($_POST['reason'])) echo '<p style="color: red;">Error: you must enter a reason for protecting this page.</p>'; ?> |
|
212 |
<p>Reason for protecting the page:</p> |
|
213 |
<p><input type="text" name="reason" size="40" /><br /> |
|
214 |
Protecion level to be applied: <b><?php |
|
215 |
switch($_REQUEST['level']) |
|
216 |
{ |
|
217 |
case '0': |
|
218 |
echo 'No protection'; |
|
219 |
break; |
|
220 |
case '1': |
|
221 |
echo 'Full protection'; |
|
222 |
break; |
|
223 |
case '2': |
|
224 |
echo 'Semi-protection'; |
|
225 |
break; |
|
226 |
default: |
|
227 |
echo 'None;</b> Warning: request validation will fail after clicking submit<b>'; |
|
228 |
} |
|
229 |
?></b></p> |
|
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
230 |
<p><input type="submit" value="Protect page" style="font-weight: bold;" /></p> |
0 | 231 |
</form> |
232 |
<?php |
|
233 |
$template->footer(); |
|
234 |
break; |
|
235 |
case 'rename': |
|
236 |
if(!empty($_POST['newname'])) |
|
237 |
{ |
|
238 |
$r = PageUtils::rename($paths->cpage['urlname_nons'], $paths->namespace, $_POST['newname']); |
|
239 |
die_friendly('Page renamed', '<p>'.nl2br($r).' <a href="'.makeUrl($paths->page).'">Return to the page</a>.</p>'); |
|
240 |
} |
|
241 |
$template->header(); |
|
242 |
?> |
|
243 |
<form action="<?php echo makeUrl($paths->page, 'do=rename'); ?>" method="post"> |
|
244 |
<?php if(isset($_POST['newname'])) echo '<p style="color: red;">Error: you must enter a new name for this page.</p>'; ?> |
|
245 |
<p>Please enter a new name for this page:</p> |
|
246 |
<p><input type="text" name="newname" size="40" /></p> |
|
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
247 |
<p><input type="submit" value="Rename page" style="font-weight: bold;" /></p> |
0 | 248 |
</form> |
249 |
<?php |
|
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
250 |
$template->footer(); |
0 | 251 |
break; |
252 |
case 'flushlogs': |
|
253 |
if(!$session->get_permissions('clear_logs')) die_friendly('Access denied', '<p>Flushing the logs for a page <u>requires</u> administrative rights.</p>'); |
|
254 |
if(isset($_POST['_downthejohn'])) |
|
255 |
{ |
|
256 |
$template->header(); |
|
257 |
$result = PageUtils::flushlogs($paths->cpage['urlname_nons'], $paths->namespace); |
|
258 |
echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">Return to the page</a>.</p>'; |
|
259 |
$template->footer(); |
|
260 |
break; |
|
261 |
} |
|
262 |
$template->header(); |
|
263 |
?> |
|
264 |
<form action="<?php echo makeUrl($paths->page, 'do=flushlogs'); ?>" method="post"> |
|
265 |
<h3>You are about to <span style="color: red;">destroy</span> all logged edits and actions on this page.</h3> |
|
266 |
<p>Unlike deleting or editing this page, this action is <u>not reversible</u>! You should only do this if you are desperate for |
|
267 |
database space.</p> |
|
268 |
<p>Do you really want to continue?</p> |
|
269 |
<p><input type="submit" name="_downthejohn" value="Flush logs" style="color: red; font-weight: bold;" /></p> |
|
270 |
</form> |
|
271 |
<?php |
|
272 |
$template->footer(); |
|
273 |
break; |
|
274 |
case 'delvote': |
|
275 |
if(isset($_POST['_ballotbox'])) |
|
276 |
{ |
|
277 |
$template->header(); |
|
278 |
$result = PageUtils::delvote($paths->cpage['urlname_nons'], $paths->namespace); |
|
279 |
echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">Return to the page</a>.</p>'; |
|
280 |
$template->footer(); |
|
281 |
break; |
|
282 |
} |
|
283 |
$template->header(); |
|
284 |
?> |
|
285 |
<form action="<?php echo makeUrl($paths->page, 'do=delvote'); ?>" method="post"> |
|
286 |
<h3>Your vote counts.</h3> |
|
287 |
<p>If you think that this page is not relavent to the content on this site, or if it looks like this page was only created in |
|
288 |
an attempt to spam the site, you can request that this page be deleted by an administrator.</p> |
|
289 |
<p>After you vote, you should leave a comment explaining the reason for your vote, especially if you are the first person to |
|
290 |
vote against this page.</p> |
|
291 |
<p>So far, <?php echo ( $paths->cpage['delvotes'] == 1 ) ? $paths->cpage['delvotes'] . ' person has' : $paths->cpage['delvotes'] . ' people have'; ?> voted to delete this page.</p> |
|
292 |
<p><input type="submit" name="_ballotbox" value="Vote to delete this page" /></p> |
|
293 |
</form> |
|
294 |
<?php |
|
295 |
$template->footer(); |
|
296 |
break; |
|
297 |
case 'resetvotes': |
|
298 |
if(!$session->get_permissions('vote_reset')) die_friendly('Access denied', '<p>Resetting the deletion votes against this page <u>requires</u> admin rights.</p>'); |
|
299 |
if(isset($_POST['_youmaylivealittlelonger'])) |
|
300 |
{ |
|
301 |
$template->header(); |
|
302 |
$result = PageUtils::resetdelvotes($paths->cpage['urlname_nons'], $paths->namespace); |
|
303 |
echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">Return to the page</a>.</p>'; |
|
304 |
$template->footer(); |
|
305 |
break; |
|
306 |
} |
|
307 |
$template->header(); |
|
308 |
?> |
|
309 |
<form action="<?php echo makeUrl($paths->page, 'do=resetvotes'); ?>" method="post"> |
|
310 |
<p>This action will reset the number of votes against this page to zero. Are you sure you want to do this?</p> |
|
311 |
<p><input type="submit" name="_youmaylivealittlelonger" value="Reset votes" /></p> |
|
312 |
</form> |
|
313 |
<?php |
|
314 |
$template->footer(); |
|
315 |
break; |
|
316 |
case 'deletepage': |
|
317 |
if(!$session->get_permissions('delete_page')) die_friendly('Access denied', '<p>Deleting pages <u>requires</u> admin rights.</p>'); |
|
318 |
if(isset($_POST['_adiossucker'])) |
|
319 |
{ |
|
28 | 320 |
$reason = ( isset($_POST['reason']) ) ? $_POST['reason'] : false; |
321 |
if ( empty($reason) ) |
|
322 |
$error = 'Please enter a reason for deleting this page.'; |
|
323 |
else |
|
324 |
{ |
|
325 |
$template->header(); |
|
326 |
$result = PageUtils::deletepage($paths->cpage['urlname_nons'], $paths->namespace, $reason); |
|
327 |
echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">Return to the page</a>.</p>'; |
|
328 |
$template->footer(); |
|
329 |
break; |
|
330 |
} |
|
0 | 331 |
} |
332 |
$template->header(); |
|
333 |
?> |
|
334 |
<form action="<?php echo makeUrl($paths->page, 'do=deletepage'); ?>" method="post"> |
|
335 |
<h3>You are about to <span style="color: red;">destroy</span> this page.</h3> |
|
336 |
<p>While the deletion of the page itself is completely reversible, it is impossible to recover any comments or category information on this page. If this is a file page, the file along with all older revisions of it will be permanently deleted. Also, any custom information that this page is tagged with, such as a custom name, protection status, or additional settings such as whether to allow comments, will be permanently lost.</p> |
|
337 |
<p>Are you <u>absolutely sure</u> that you want to continue?<br /> |
|
338 |
You will not be asked again.</p> |
|
28 | 339 |
<?php if ( isset($error) ) echo "<p>$error</p>"; ?> |
340 |
<p>Reason for deleting: <input type="text" name="reason" size="50" /></p> |
|
0 | 341 |
<p><input type="submit" name="_adiossucker" value="Delete this page" style="color: red; font-weight: bold;" /></p> |
342 |
</form> |
|
343 |
<?php |
|
344 |
$template->footer(); |
|
345 |
break; |
|
346 |
case 'setwikimode': |
|
347 |
if(!$session->get_permissions('set_wiki_mode')) die_friendly('Access denied', '<p>Changing the wiki mode setting <u>requires</u> admin rights.</p>'); |
|
97
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
348 |
if ( isset($_POST['finish']) ) |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
349 |
{ |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
350 |
$level = intval($_POST['level']); |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
351 |
if ( !in_array($level, array(0, 1, 2) ) ) |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
352 |
{ |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
353 |
die_friendly('Invalid request', '<p>Level not specified</p>'); |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
354 |
} |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
355 |
$q = $db->sql_query('UPDATE '.table_prefix.'pages SET wiki_mode=' . $level . ' WHERE urlname=\'' . $db->escape($paths->cpage['urlname_nons']) . '\' AND namespace=\'' . $paths->namespace . '\';'); |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
356 |
if ( !$q ) |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
357 |
$db->_die(); |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
358 |
redirect(makeUrl($paths->page), htmlspecialchars($paths->cpage['name']), 'Wiki mode for this page has been set. Redirecting you to the page...', 2); |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
359 |
} |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
360 |
else |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
361 |
{ |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
362 |
$template->header(); |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
363 |
if(!isset($_GET['level']) || ( isset($_GET['level']) && !preg_match('#^([0-9])$#', $_GET['level']))) die_friendly('Invalid request', '<p>Level not specified</p>'); |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
364 |
$level = intval($_GET['level']); |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
365 |
if ( !in_array($level, array(0, 1, 2) ) ) |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
366 |
{ |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
367 |
die_friendly('Invalid request', '<p>Level not specified</p>'); |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
368 |
} |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
369 |
echo '<form action="' . makeUrl($paths->page, 'do=setwikimode', true) . '" method="post">'; |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
370 |
echo '<input type="hidden" name="finish" value="foo" />'; |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
371 |
echo '<input type="hidden" name="level" value="' . $level . '" />'; |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
372 |
$level_txt = ( $level == 0 ) ? 'disabled' : ( ( $level == 1 ) ? 'enabled' : 'use the global setting' ); |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
373 |
$blurb = ( $level == 0 || ( $level == 2 && getConfig('wiki_mode') != '1' ) ) ? 'Because this will disable the wiki behavior on this page, several features, most |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
374 |
notably the ability for users to vote to have this page deleted, will be disabled as they are not relevant to non-wiki pages. In addition, users will not be able |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
375 |
to edit this page unless an ACL rule specifically permits them.' : 'Because this will enable the wiki behavior on this page, users will gain the ability to |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
376 |
freely edit this page unless an ACL rule specifically denies them. If your site is public and gets good traffic, you should be aware of the possiblity of vandalism, and you need to be ready to revert |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
377 |
malicious edits to this page.'; |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
378 |
?> |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
379 |
<h3>You are changing wiki mode for this page.</h3> |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
380 |
<p>Wiki features will be set to <?php echo $level_txt; ?>. <?php echo $blurb; ?></p> |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
381 |
<p>If you want to continue, please click the button below.</p> |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
382 |
<p><input type="submit" value="Set wiki mode" /></p> |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
383 |
<?php |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
384 |
echo '</form>'; |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
385 |
$template->footer(); |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
386 |
} |
0 | 387 |
break; |
388 |
case 'diff': |
|
389 |
$template->header(); |
|
390 |
$id1 = ( isset($_GET['diff1']) ) ? (int)$_GET['diff1'] : false; |
|
391 |
$id2 = ( isset($_GET['diff2']) ) ? (int)$_GET['diff2'] : false; |
|
392 |
if(!$id1 || !$id2) { echo '<p>Invalid request.</p>'; $template->footer(); break; } |
|
393 |
if(!preg_match('#^([0-9]+)$#', (string)$_GET['diff1']) || |
|
394 |
!preg_match('#^([0-9]+)$#', (string)$_GET['diff2'] )) { echo '<p>SQL injection attempt</p>'; $template->footer(); break; } |
|
395 |
echo PageUtils::pagediff($paths->cpage['urlname_nons'], $paths->namespace, $id1, $id2); |
|
396 |
$template->footer(); |
|
397 |
break; |
|
91 | 398 |
case 'detag': |
399 |
if ( $session->user_level < USER_LEVEL_ADMIN ) |
|
400 |
{ |
|
401 |
die_friendly('Access denied', '<p>You need to be an administrator to detag pages.</p>'); |
|
402 |
} |
|
403 |
if ( $paths->page_exists ) |
|
404 |
{ |
|
405 |
die_friendly('Invalid request', '<p>The detag action is only valid for pages that have been deleted in the past.</p>'); |
|
406 |
} |
|
407 |
$q = $db->sql_query('DELETE FROM '.table_prefix.'tags WHERE page_id=\'' . $db->escape($paths->cpage['urlname_nons']) . '\' AND namespace=\'' . $paths->namespace . '\';'); |
|
408 |
if ( !$q ) |
|
409 |
$db->_die('Detag query, index.php:'.__LINE__); |
|
410 |
die_friendly('Page detagged', '<p>All stale tags have been removed from this page.</p>'); |
|
411 |
break; |
|
0 | 412 |
case 'aclmanager': |
413 |
$data = ( isset($_POST['data']) ) ? $_POST['data'] : Array('mode' => 'listgroups'); |
|
414 |
PageUtils::aclmanager($data); |
|
415 |
break; |
|
416 |
} |
|
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
417 |
|
0 | 418 |
// |
419 |
// Optimize HTML by replacing newlines with spaces (excludes <pre>, <script>, and <style> blocks) |
|
420 |
// |
|
421 |
if ($aggressive_optimize_html) |
|
422 |
{ |
|
423 |
// Load up the HTML |
|
424 |
$html = ob_get_contents(); |
|
425 |
ob_end_clean(); |
|
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
426 |
|
80
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents:
73
diff
changeset
|
427 |
$html = aggressive_optimize_html($html); |
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
428 |
|
0 | 429 |
// Re-enable output buffering to allow the Gzip function (below) to work |
430 |
ob_start(); |
|
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
431 |
|
0 | 432 |
// Done, send it to the user |
433 |
echo( $html ); |
|
434 |
} |
|
80
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents:
73
diff
changeset
|
435 |
|
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents:
73
diff
changeset
|
436 |
$db->close(); |
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents:
73
diff
changeset
|
437 |
gzip_output(); |
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
438 |
|
0 | 439 |
?> |