| author | Dan |
| Thu, 20 Aug 2009 20:01:55 -0400 | |
| changeset 1081 | 745200a9cc2a |
| parent 1074 | 1a4f13626f76 |
| child 1082 | d1c41601ef39 |
| permissions | -rw-r--r-- |
| 0 | 1 |
<?php |
|
73
0a74676a2f2f
Made the move to Loch Ness, and got some basic page grouping functionality working. TODO: fix some UI issues in Javascript ACL editor and change non-JS ACL editor to work with page groups too
Dan
parents:
70
diff
changeset
|
2 |
|
|
166
d53cc29308f4
Rebrand as 1.1.1; everything should now be bumped to "unstable" status
Dan
parents:
160
diff
changeset
|
3 |
/* |
| 0 | 4 |
* Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between |
|
1081
745200a9cc2a
Fixed some upgrade bugs; added support for choosing one's own date/time formats; rebrand as 1.1.7
Dan
parents:
1074
diff
changeset
|
5 |
* Copyright (C) 2006-2009 Dan Fuhry |
| 0 | 6 |
* |
7 |
* This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License |
|
8 |
* as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. |
|
9 |
* |
|
10 |
* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied |
|
11 |
* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details. |
|
12 |
* |
|
|
246
c9fd175289aa
Cleaned up some HTML in the installer; corrected some phpDoc syntax errors
Dan
parents:
183
diff
changeset
|
13 |
* @package Enano |
|
c9fd175289aa
Cleaned up some HTML in the installer; corrected some phpDoc syntax errors
Dan
parents:
183
diff
changeset
|
14 |
* @subpackage Frontend |
| 0 | 15 |
*/ |
|
246
c9fd175289aa
Cleaned up some HTML in the installer; corrected some phpDoc syntax errors
Dan
parents:
183
diff
changeset
|
16 |
|
|
311
a007145a0ff6
Deprecated debugConsole and removed all calls to it. Added a lot of comments to common.php. Added support for "anonymous pages" that are created when the Enano API is loaded from an external script. Fixed missing border-bottom on Type 2 sidebar blocks in Oxygen.
Dan
parents:
307
diff
changeset
|
17 |
define('ENANO_INTERFACE_INDEX', '');
|
|
372
5bd429428101
A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager
Dan
parents:
337
diff
changeset
|
18 |
|
|
1074
1a4f13626f76
Made index.php bootstrap smarter and better commented.
Dan
parents:
1016
diff
changeset
|
19 |
// start up Enano |
|
1a4f13626f76
Made index.php bootstrap smarter and better commented.
Dan
parents:
1016
diff
changeset
|
20 |
require('includes/common.php');
|
|
1a4f13626f76
Made index.php bootstrap smarter and better commented.
Dan
parents:
1016
diff
changeset
|
21 |
|
|
1a4f13626f76
Made index.php bootstrap smarter and better commented.
Dan
parents:
1016
diff
changeset
|
22 |
// decide on HTML compacting |
|
1a4f13626f76
Made index.php bootstrap smarter and better commented.
Dan
parents:
1016
diff
changeset
|
23 |
$aggressive_optimize_html = !defined('ENANO_DEBUG') && !isset($_GET['nocompress']);
|
|
1a4f13626f76
Made index.php bootstrap smarter and better commented.
Dan
parents:
1016
diff
changeset
|
24 |
|
|
81
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
parents:
80
diff
changeset
|
25 |
// Set up gzip encoding before any output is sent |
| 0 | 26 |
global $do_gzip; |
|
953
323c4cd1aa37
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
parents:
907
diff
changeset
|
27 |
// FIXME: make this configurable |
|
1074
1a4f13626f76
Made index.php bootstrap smarter and better commented.
Dan
parents:
1016
diff
changeset
|
28 |
$do_gzip = !defined('ENANO_DEBUG');
|
|
80
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents:
73
diff
changeset
|
29 |
|
| 0 | 30 |
error_reporting(E_ALL); |
|
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
31 |
|
| 0 | 32 |
if($aggressive_optimize_html || $do_gzip) |
33 |
{
|
|
34 |
ob_start(); |
|
35 |
} |
|
|
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
36 |
|
| 0 | 37 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
542
5841df0ab575
Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit.
Dan
parents:
536
diff
changeset
|
38 |
$page_timestamp = time(); |
|
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
39 |
|
| 307 | 40 |
if ( !isset($_GET['do']) ) |
41 |
{
|
|
42 |
$_GET['do'] = 'view'; |
|
43 |
} |
|
| 0 | 44 |
switch($_GET['do']) |
45 |
{
|
|
46 |
default: |
|
|
759
6e2671261802
Plugins can now register their own custom actions for $_GET["do"].
Dan
parents:
685
diff
changeset
|
47 |
$code = $plugins->setHook('page_action');
|
|
6e2671261802
Plugins can now register their own custom actions for $_GET["do"].
Dan
parents:
685
diff
changeset
|
48 |
ob_start(); |
|
6e2671261802
Plugins can now register their own custom actions for $_GET["do"].
Dan
parents:
685
diff
changeset
|
49 |
foreach ( $code as $cmd ) |
|
6e2671261802
Plugins can now register their own custom actions for $_GET["do"].
Dan
parents:
685
diff
changeset
|
50 |
{
|
|
6e2671261802
Plugins can now register their own custom actions for $_GET["do"].
Dan
parents:
685
diff
changeset
|
51 |
eval($cmd); |
|
6e2671261802
Plugins can now register their own custom actions for $_GET["do"].
Dan
parents:
685
diff
changeset
|
52 |
} |
|
6e2671261802
Plugins can now register their own custom actions for $_GET["do"].
Dan
parents:
685
diff
changeset
|
53 |
if ( $contents = ob_get_contents() ) |
|
6e2671261802
Plugins can now register their own custom actions for $_GET["do"].
Dan
parents:
685
diff
changeset
|
54 |
{
|
|
6e2671261802
Plugins can now register their own custom actions for $_GET["do"].
Dan
parents:
685
diff
changeset
|
55 |
ob_end_clean(); |
|
6e2671261802
Plugins can now register their own custom actions for $_GET["do"].
Dan
parents:
685
diff
changeset
|
56 |
echo $contents; |
|
6e2671261802
Plugins can now register their own custom actions for $_GET["do"].
Dan
parents:
685
diff
changeset
|
57 |
} |
|
6e2671261802
Plugins can now register their own custom actions for $_GET["do"].
Dan
parents:
685
diff
changeset
|
58 |
else |
|
6e2671261802
Plugins can now register their own custom actions for $_GET["do"].
Dan
parents:
685
diff
changeset
|
59 |
{
|
|
6e2671261802
Plugins can now register their own custom actions for $_GET["do"].
Dan
parents:
685
diff
changeset
|
60 |
die_friendly('Invalid action', '<p>The action "'.htmlspecialchars($_GET['do']).'" is not defined. Return to <a href="'.makeUrl($paths->page).'">viewing this page\'s text</a>.</p>');
|
|
6e2671261802
Plugins can now register their own custom actions for $_GET["do"].
Dan
parents:
685
diff
changeset
|
61 |
} |
| 0 | 62 |
break; |
63 |
case 'view': |
|
64 |
// echo PageUtils::getpage($paths->page, true, ( (isset($_GET['oldid'])) ? $_GET['oldid'] : false )); |
|
|
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
65 |
$rev_id = ( (isset($_GET['oldid'])) ? intval($_GET['oldid']) : 0 ); |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
66 |
$page = new PageProcessor( $paths->page_id, $paths->namespace, $rev_id ); |
|
953
323c4cd1aa37
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
parents:
907
diff
changeset
|
67 |
// Feed this PageProcessor to the template processor. This prevents $template from starting another |
|
323c4cd1aa37
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
parents:
907
diff
changeset
|
68 |
// PageProcessor when we already have one going. |
|
323c4cd1aa37
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
parents:
907
diff
changeset
|
69 |
$template->set_page($page); |
| 0 | 70 |
$page->send_headers = true; |
|
963
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
parents:
953
diff
changeset
|
71 |
$page->allow_redir = ( !isset($_GET['redirect']) || (isset($_GET['redirect']) && $_GET['redirect'] !== 'no') ); |
|
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
28
diff
changeset
|
72 |
$pagepass = ( isset($_REQUEST['pagepass']) ) ? sha1($_REQUEST['pagepass']) : ''; |
|
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
28
diff
changeset
|
73 |
$page->password = $pagepass; |
| 61 | 74 |
$page->send(true); |
|
542
5841df0ab575
Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit.
Dan
parents:
536
diff
changeset
|
75 |
$page_timestamp = $page->revision_time; |
| 0 | 76 |
break; |
77 |
case 'comments': |
|
|
1016
6d32d80b2192
Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents:
963
diff
changeset
|
78 |
$output->header(); |
| 592 | 79 |
require_once(ENANO_ROOT.'/includes/pageutils.php'); |
| 0 | 80 |
$sub = ( isset ($_GET['sub']) ) ? $_GET['sub'] : false; |
81 |
switch($sub) |
|
82 |
{
|
|
83 |
case 'admin': |
|
84 |
default: |
|
85 |
$act = ( isset ($_GET['action']) ) ? $_GET['action'] : false; |
|
86 |
$id = ( isset ($_GET['id']) ) ? intval($_GET['id']) : -1; |
|
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
87 |
echo PageUtils::comments_html($paths->page_id, $paths->namespace, $act, Array('id'=>$id));
|
| 0 | 88 |
break; |
89 |
case 'postcomment': |
|
90 |
if(empty($_POST['name']) || |
|
91 |
empty($_POST['subj']) || |
|
92 |
empty($_POST['text']) |
|
93 |
) { echo 'Invalid request'; break; }
|
|
94 |
$cid = ( isset($_POST['captcha_id']) ) ? $_POST['captcha_id'] : false; |
|
95 |
$cin = ( isset($_POST['captcha_input']) ) ? $_POST['captcha_input'] : false; |
|
|
1016
6d32d80b2192
Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents:
963
diff
changeset
|
96 |
|
|
6d32d80b2192
Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents:
963
diff
changeset
|
97 |
require_once('includes/comment.php');
|
|
6d32d80b2192
Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents:
963
diff
changeset
|
98 |
$comments = new Comments($paths->page_id, $paths->namespace); |
|
6d32d80b2192
Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents:
963
diff
changeset
|
99 |
|
|
6d32d80b2192
Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents:
963
diff
changeset
|
100 |
$submission = array( |
|
6d32d80b2192
Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents:
963
diff
changeset
|
101 |
'mode' => 'submit', |
|
6d32d80b2192
Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents:
963
diff
changeset
|
102 |
'captcha_id' => $cid, |
|
6d32d80b2192
Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents:
963
diff
changeset
|
103 |
'captcha_code' => $cin, |
|
6d32d80b2192
Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents:
963
diff
changeset
|
104 |
'name' => $_POST['name'], |
|
6d32d80b2192
Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents:
963
diff
changeset
|
105 |
'subj' => $_POST['subj'], |
|
6d32d80b2192
Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents:
963
diff
changeset
|
106 |
'text' => $_POST['text'], |
|
6d32d80b2192
Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents:
963
diff
changeset
|
107 |
); |
|
6d32d80b2192
Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents:
963
diff
changeset
|
108 |
|
|
6d32d80b2192
Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents:
963
diff
changeset
|
109 |
$result = $comments->process_json($submission); |
|
6d32d80b2192
Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents:
963
diff
changeset
|
110 |
if ( $result['mode'] == 'error' ) |
|
6d32d80b2192
Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents:
963
diff
changeset
|
111 |
{
|
|
6d32d80b2192
Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents:
963
diff
changeset
|
112 |
echo '<div class="error-box">' . htmlspecialchars($result['error']) . '</div>'; |
|
6d32d80b2192
Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents:
963
diff
changeset
|
113 |
} |
|
6d32d80b2192
Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents:
963
diff
changeset
|
114 |
else |
|
6d32d80b2192
Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents:
963
diff
changeset
|
115 |
{
|
|
6d32d80b2192
Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents:
963
diff
changeset
|
116 |
echo '<div class="info-box">' . $lang->get('comment_msg_comment_posted') . '</div>';
|
|
6d32d80b2192
Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents:
963
diff
changeset
|
117 |
} |
|
6d32d80b2192
Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents:
963
diff
changeset
|
118 |
|
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
119 |
echo PageUtils::comments_html($paths->page_id, $paths->namespace); |
| 0 | 120 |
break; |
121 |
case 'editcomment': |
|
122 |
if(!isset($_GET['id']) || ( isset($_GET['id']) && !preg_match('#^([0-9]+)$#', $_GET['id']) )) { echo '<p>Invalid comment ID</p>'; break; }
|
|
123 |
$q = $db->sql_query('SELECT subject,comment_data,comment_id FROM '.table_prefix.'comments WHERE comment_id='.$_GET['id']);
|
|
124 |
if(!$q) $db->_die('The comment data could not be selected.');
|
|
125 |
$row = $db->fetchrow(); |
|
126 |
$db->free_result(); |
|
|
213
1316404e4ea8
Localized history page and static HTML comment interface
Dan
parents:
187
diff
changeset
|
127 |
$row['subject'] = str_replace('\'', ''', $row['subject']);
|
| 0 | 128 |
echo '<form action="'.makeUrl($paths->page, 'do=comments&sub=savecomment').'" method="post">'; |
129 |
echo "<br /><div class='tblholder'><table border='0' width='100%' cellspacing='1' cellpadding='4'> |
|
|
213
1316404e4ea8
Localized history page and static HTML comment interface
Dan
parents:
187
diff
changeset
|
130 |
<tr><td class='row1'>" . $lang->get('comment_postform_field_subject') . "</td><td class='row1'><input type='text' name='subj' value='{$row['subject']}' /></td></tr>
|
|
1316404e4ea8
Localized history page and static HTML comment interface
Dan
parents:
187
diff
changeset
|
131 |
<tr><td class='row2'>" . $lang->get('comment_postform_field_comment') . "</td><td class='row2'><textarea rows='10' cols='40' style='width: 98%;' name='text'>{$row['comment_data']}</textarea></td></tr>
|
|
1316404e4ea8
Localized history page and static HTML comment interface
Dan
parents:
187
diff
changeset
|
132 |
<tr><td class='row1' colspan='2' class='row1' style='text-align: center;'><input type='hidden' name='id' value='{$row['comment_id']}' /><input type='submit' value='" . $lang->get('etc_save_changes') . "' /></td></tr>
|
| 0 | 133 |
</table></div>"; |
134 |
echo '</form>'; |
|
135 |
break; |
|
136 |
case 'savecomment': |
|
137 |
if(empty($_POST['subj']) || empty($_POST['text'])) { echo '<p>Invalid request</p>'; break; }
|
|
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
138 |
$r = PageUtils::savecomment_neater($paths->page_id, $paths->namespace, $_POST['subj'], $_POST['text'], (int)$_POST['id']); |
| 0 | 139 |
if($r != 'good') { echo "<pre>$r</pre>"; break; }
|
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
140 |
echo PageUtils::comments_html($paths->page_id, $paths->namespace); |
| 0 | 141 |
break; |
142 |
case 'deletecomment': |
|
143 |
if(!empty($_GET['id'])) |
|
144 |
{
|
|
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
145 |
PageUtils::deletecomment_neater($paths->page_id, $paths->namespace, (int)$_GET['id']); |
| 0 | 146 |
} |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
147 |
echo PageUtils::comments_html($paths->page_id, $paths->namespace); |
| 0 | 148 |
break; |
149 |
} |
|
|
1016
6d32d80b2192
Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents:
963
diff
changeset
|
150 |
$output->footer(); |
| 0 | 151 |
break; |
152 |
case 'edit': |
|
|
285
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
parents:
256
diff
changeset
|
153 |
if(isset($_POST['_cancel'])) |
|
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
parents:
256
diff
changeset
|
154 |
{
|
|
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
parents:
256
diff
changeset
|
155 |
redirect(makeUrl($paths->page), '', '', 0); |
|
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
parents:
256
diff
changeset
|
156 |
break; |
|
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
parents:
256
diff
changeset
|
157 |
} |
| 592 | 158 |
require_once(ENANO_ROOT.'/includes/pageutils.php'); |
|
285
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
parents:
256
diff
changeset
|
159 |
if(isset($_POST['_save'])) |
|
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
parents:
256
diff
changeset
|
160 |
{
|
|
337
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
161 |
$captcha_valid = true; |
|
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
162 |
if ( !$session->user_logged_in && getConfig('guest_edit_require_captcha') == '1' )
|
|
285
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
parents:
256
diff
changeset
|
163 |
{
|
|
337
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
164 |
$captcha_valid = false; |
|
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
165 |
if ( isset($_POST['captcha_id']) && isset($_POST['captcha_code']) ) |
|
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
166 |
{
|
|
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
167 |
$hash_correct = strtolower($session->get_captcha($_POST['captcha_id'])); |
|
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
168 |
$hash_input = strtolower($_POST['captcha_code']); |
|
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
169 |
if ( $hash_input === $hash_correct ) |
|
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
170 |
$captcha_valid = true; |
|
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
171 |
} |
|
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
172 |
} |
|
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
173 |
if ( $captcha_valid ) |
|
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
174 |
{
|
|
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
175 |
$e = PageUtils::savepage($paths->page_id, $paths->namespace, $_POST['page_text'], $_POST['edit_summary'], isset($_POST['minor'])); |
|
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
176 |
if ( $e == 'good' ) |
|
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
177 |
{
|
|
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
178 |
redirect(makeUrl($paths->page), $lang->get('editor_msg_save_success_title'), $lang->get('editor_msg_save_success_body'), 3);
|
|
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
179 |
} |
|
285
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
parents:
256
diff
changeset
|
180 |
} |
| 0 | 181 |
} |
182 |
$template->header(); |
|
|
337
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
183 |
if ( isset($captcha_valid) ) |
|
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
184 |
{
|
|
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
185 |
echo '<div class="usermessage">' . $lang->get('editor_err_captcha_wrong') . '</div>';
|
|
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
186 |
} |
| 0 | 187 |
if(isset($_POST['_preview'])) |
188 |
{
|
|
189 |
$text = $_POST['page_text']; |
|
|
408
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents:
391
diff
changeset
|
190 |
$edsumm = $_POST['edit_summary']; |
| 0 | 191 |
echo PageUtils::genPreview($_POST['page_text']); |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
192 |
$text = htmlspecialchars($text); |
|
408
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents:
391
diff
changeset
|
193 |
$revid = 0; |
| 0 | 194 |
} |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
195 |
else |
|
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
196 |
{
|
|
408
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents:
391
diff
changeset
|
197 |
$revid = ( isset($_GET['revid']) ) ? intval($_GET['revid']) : 0; |
|
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents:
391
diff
changeset
|
198 |
$page = new PageProcessor($paths->page_id, $paths->namespace, $revid); |
|
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents:
391
diff
changeset
|
199 |
$text = $page->fetch_source(); |
|
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents:
391
diff
changeset
|
200 |
$edsumm = ''; |
|
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents:
391
diff
changeset
|
201 |
// $text = RenderMan::getPage($paths->cpage['urlname_nons'], $paths->namespace, 0, false, false, false, false); |
|
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents:
391
diff
changeset
|
202 |
} |
|
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents:
391
diff
changeset
|
203 |
if ( $revid > 0 ) |
|
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents:
391
diff
changeset
|
204 |
{
|
|
468
194a19711346
Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents:
411
diff
changeset
|
205 |
$time = $page->revision_time; |
|
408
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents:
391
diff
changeset
|
206 |
// Retrieve information about this revision and the current one |
|
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents:
391
diff
changeset
|
207 |
$q = $db->sql_query('SELECT l1.author AS currentrev_author, l2.author AS oldrev_author FROM ' . table_prefix . 'logs AS l1
|
|
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents:
391
diff
changeset
|
208 |
LEFT JOIN ' . table_prefix . 'logs AS l2 |
|
468
194a19711346
Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents:
411
diff
changeset
|
209 |
ON ( l2.log_id = ' . $revid . ' |
|
408
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents:
391
diff
changeset
|
210 |
AND l2.log_type = \'page\' |
|
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents:
391
diff
changeset
|
211 |
AND l2.action = \'edit\' |
|
468
194a19711346
Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents:
411
diff
changeset
|
212 |
AND l2.page_id = \'' . $db->escape($paths->page_id) . '\' |
|
194a19711346
Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents:
411
diff
changeset
|
213 |
AND l2.namespace = \'' . $db->escape($paths->namespace) . '\' |
|
194a19711346
Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents:
411
diff
changeset
|
214 |
AND l1.is_draft != 1 |
|
408
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents:
391
diff
changeset
|
215 |
) |
|
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents:
391
diff
changeset
|
216 |
WHERE l1.log_type = \'page\' |
|
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents:
391
diff
changeset
|
217 |
AND l1.action = \'edit\' |
|
468
194a19711346
Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents:
411
diff
changeset
|
218 |
AND l1.page_id = \'' . $db->escape($paths->page_id) . '\' |
|
194a19711346
Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents:
411
diff
changeset
|
219 |
AND l1.namespace = \'' . $db->escape($paths->namespace) . '\' |
|
194a19711346
Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents:
411
diff
changeset
|
220 |
AND l1.time_id > ' . $time . ' |
|
194a19711346
Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents:
411
diff
changeset
|
221 |
AND l1.is_draft != 1 |
|
408
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents:
391
diff
changeset
|
222 |
ORDER BY l1.time_id DESC;'); |
|
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents:
391
diff
changeset
|
223 |
if ( !$q ) |
|
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents:
391
diff
changeset
|
224 |
$db->die_json(); |
|
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents:
391
diff
changeset
|
225 |
|
|
468
194a19711346
Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents:
411
diff
changeset
|
226 |
if ( $db->numrows() > 0 ) |
|
194a19711346
Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents:
411
diff
changeset
|
227 |
{
|
|
194a19711346
Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents:
411
diff
changeset
|
228 |
echo '<div class="usermessage">' . $lang->get('editor_msg_editing_old_revision') . '</div>';
|
|
194a19711346
Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents:
411
diff
changeset
|
229 |
|
|
194a19711346
Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents:
411
diff
changeset
|
230 |
$rev_count = $db->numrows() - 2; |
|
194a19711346
Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents:
411
diff
changeset
|
231 |
$row = $db->fetchrow(); |
|
194a19711346
Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents:
411
diff
changeset
|
232 |
$undo_info = array( |
|
194a19711346
Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents:
411
diff
changeset
|
233 |
'old_author' => $row['oldrev_author'], |
|
194a19711346
Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents:
411
diff
changeset
|
234 |
'current_author' => $row['currentrev_author'], |
|
194a19711346
Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents:
411
diff
changeset
|
235 |
'undo_count' => max($rev_count, 1), |
|
194a19711346
Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents:
411
diff
changeset
|
236 |
'last_rev_id' => $revid |
|
194a19711346
Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents:
411
diff
changeset
|
237 |
); |
|
194a19711346
Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents:
411
diff
changeset
|
238 |
} |
|
194a19711346
Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents:
411
diff
changeset
|
239 |
else |
|
194a19711346
Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents:
411
diff
changeset
|
240 |
{
|
|
194a19711346
Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents:
411
diff
changeset
|
241 |
$revid = 0; |
|
194a19711346
Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents:
411
diff
changeset
|
242 |
} |
|
408
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents:
391
diff
changeset
|
243 |
$db->free_result(); |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
244 |
} |
| 0 | 245 |
echo ' |
246 |
<form action="'.makeUrl($paths->page, 'do=edit').'" method="post" enctype="multipart/form-data"> |
|
247 |
<br /> |
|
248 |
<textarea name="page_text" rows="20" cols="60" style="width: 97%;">'.$text.'</textarea><br /> |
|
249 |
<br /> |
|
250 |
'; |
|
|
408
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents:
391
diff
changeset
|
251 |
$edsumm = ( $revid > 0 ) ? $lang->get('editor_reversion_edit_summary', $undo_info) : $edsumm;
|
|
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents:
391
diff
changeset
|
252 |
echo $lang->get('editor_lbl_edit_summary') . ' <input name="edit_summary" type="text" size="40" value="' . htmlspecialchars($edsumm) . '" /><br /><label><input type="checkbox" name="minor" /> ' . $lang->get('editor_lbl_minor_edit_field') . '</label><br />';
|
|
337
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
253 |
if ( !$session->user_logged_in && getConfig('guest_edit_require_captcha') == '1' )
|
|
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
254 |
{
|
|
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
255 |
echo '<br /><table border="0"><tr><td>'; |
|
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
256 |
echo '<b>' . $lang->get('editor_lbl_field_captcha') . '</b><br />'
|
|
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
257 |
. '<br />' |
|
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
258 |
. $lang->get('editor_msg_captcha_pleaseenter') . '<br /><br />'
|
|
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
259 |
. $lang->get('editor_msg_captcha_blind');
|
|
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
260 |
echo '</td><td>'; |
|
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
261 |
$hash = $session->make_captcha(); |
|
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
262 |
echo '<img src="' . makeUrlNS('Special', "Captcha/$hash") . '" onclick="this.src+=\'/a\'" style="cursor: pointer;" /><br />';
|
|
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
263 |
echo '<input type="hidden" name="captcha_id" value="' . $hash . '" />'; |
|
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
264 |
echo $lang->get('editor_lbl_field_captcha_code') . ' <input type="text" name="captcha_code" value="" size="9" />';
|
|
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
265 |
echo '</td></tr></table>'; |
|
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
266 |
} |
| 0 | 267 |
echo '<br /> |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
268 |
<input type="submit" name="_save" value="' . $lang->get('editor_btn_save') . '" style="font-weight: bold;" />
|
|
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
269 |
<input type="submit" name="_preview" value="' . $lang->get('editor_btn_preview') . '" />
|
|
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
270 |
<input type="submit" name="_revert" value="' . $lang->get('editor_btn_revert') . '" />
|
|
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
271 |
<input type="submit" name="_cancel" value="' . $lang->get('editor_btn_cancel') . '" />
|
| 0 | 272 |
</form> |
273 |
'; |
|
|
832
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
parents:
826
diff
changeset
|
274 |
if ( getConfig('wiki_edit_notice', '0') == '1' )
|
|
160
87a988ca4ff4
Fixed: wiki mode edit notice should be shown on fallback editor now
Dan
parents:
142
diff
changeset
|
275 |
{
|
|
87a988ca4ff4
Fixed: wiki mode edit notice should be shown on fallback editor now
Dan
parents:
142
diff
changeset
|
276 |
$notice = getConfig('wiki_edit_notice_text');
|
|
87a988ca4ff4
Fixed: wiki mode edit notice should be shown on fallback editor now
Dan
parents:
142
diff
changeset
|
277 |
echo RenderMan::render($notice); |
|
87a988ca4ff4
Fixed: wiki mode edit notice should be shown on fallback editor now
Dan
parents:
142
diff
changeset
|
278 |
} |
| 0 | 279 |
$template->footer(); |
280 |
break; |
|
281 |
case 'viewsource': |
|
282 |
$template->header(); |
|
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
283 |
$text = RenderMan::getPage($paths->page_id, $paths->namespace, 0, false, false, false, false); |
|
391
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
parents:
383
diff
changeset
|
284 |
$text = htmlspecialchars($text); |
| 0 | 285 |
echo ' |
286 |
<form action="'.makeUrl($paths->page, 'do=edit').'" method="post"> |
|
287 |
<br /> |
|
288 |
<textarea readonly="readonly" name="page_text" rows="20" cols="60" style="width: 97%;">'.$text.'</textarea>'; |
|
289 |
echo '<br /> |
|
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
290 |
<input type="submit" name="_cancel" value="' . $lang->get('editor_btn_closeviewer') . '" />
|
| 0 | 291 |
</form> |
292 |
'; |
|
293 |
$template->footer(); |
|
294 |
break; |
|
295 |
case 'history': |
|
| 592 | 296 |
require_once(ENANO_ROOT.'/includes/pageutils.php'); |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
297 |
$hist = PageUtils::histlist($paths->page_id, $paths->namespace); |
| 0 | 298 |
$template->header(); |
299 |
echo $hist; |
|
300 |
$template->footer(); |
|
301 |
break; |
|
302 |
case 'rollback': |
|
303 |
$id = (isset($_GET['id'])) ? $_GET['id'] : false; |
|
|
826
dcf5381ce8ba
Replaced integer checks that used preg_match() to use ctype_digit() instead
Dan
parents:
801
diff
changeset
|
304 |
if(!$id || !ctype_digit($id)) die_friendly('Invalid action ID', '<p>The URL parameter "id" is not an integer. Exiting to prevent nasties like SQL injection, etc.</p>');
|
|
481
07bf15b066bc
Hopefully completed rewrite and localization of rollback backend and interface
Dan
parents:
468
diff
changeset
|
305 |
|
|
07bf15b066bc
Hopefully completed rewrite and localization of rollback backend and interface
Dan
parents:
468
diff
changeset
|
306 |
$id = intval($id); |
|
07bf15b066bc
Hopefully completed rewrite and localization of rollback backend and interface
Dan
parents:
468
diff
changeset
|
307 |
|
|
07bf15b066bc
Hopefully completed rewrite and localization of rollback backend and interface
Dan
parents:
468
diff
changeset
|
308 |
$page = new PageProcessor($paths->page_id, $paths->namespace); |
|
07bf15b066bc
Hopefully completed rewrite and localization of rollback backend and interface
Dan
parents:
468
diff
changeset
|
309 |
$result = $page->rollback_log_entry($id); |
|
07bf15b066bc
Hopefully completed rewrite and localization of rollback backend and interface
Dan
parents:
468
diff
changeset
|
310 |
|
|
07bf15b066bc
Hopefully completed rewrite and localization of rollback backend and interface
Dan
parents:
468
diff
changeset
|
311 |
if ( $result['success'] ) |
|
07bf15b066bc
Hopefully completed rewrite and localization of rollback backend and interface
Dan
parents:
468
diff
changeset
|
312 |
{
|
|
07bf15b066bc
Hopefully completed rewrite and localization of rollback backend and interface
Dan
parents:
468
diff
changeset
|
313 |
$result = $lang->get("page_msg_rb_success_{$result['action']}", array('dateline' => $result['dateline']));
|
|
07bf15b066bc
Hopefully completed rewrite and localization of rollback backend and interface
Dan
parents:
468
diff
changeset
|
314 |
} |
|
07bf15b066bc
Hopefully completed rewrite and localization of rollback backend and interface
Dan
parents:
468
diff
changeset
|
315 |
else |
|
07bf15b066bc
Hopefully completed rewrite and localization of rollback backend and interface
Dan
parents:
468
diff
changeset
|
316 |
{
|
|
07bf15b066bc
Hopefully completed rewrite and localization of rollback backend and interface
Dan
parents:
468
diff
changeset
|
317 |
$result = $lang->get("page_err_{$result['error']}", array('action' => @$result['action']));
|
|
07bf15b066bc
Hopefully completed rewrite and localization of rollback backend and interface
Dan
parents:
468
diff
changeset
|
318 |
} |
|
07bf15b066bc
Hopefully completed rewrite and localization of rollback backend and interface
Dan
parents:
468
diff
changeset
|
319 |
|
| 0 | 320 |
$template->header(); |
|
481
07bf15b066bc
Hopefully completed rewrite and localization of rollback backend and interface
Dan
parents:
468
diff
changeset
|
321 |
echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a></p>';
|
| 0 | 322 |
$template->footer(); |
323 |
break; |
|
324 |
case 'catedit': |
|
| 592 | 325 |
require_once(ENANO_ROOT.'/includes/pageutils.php'); |
| 0 | 326 |
if(isset($_POST['__enanoSaveButton'])) |
327 |
{
|
|
328 |
unset($_POST['__enanoSaveButton']); |
|
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
329 |
$val = PageUtils::catsave($paths->page_id, $paths->namespace, $_POST); |
| 0 | 330 |
if($val == 'GOOD') |
331 |
{
|
|
332 |
header('Location: '.makeUrl($paths->page)); echo '<html><head><title>Redirecting...</title></head><body>If you haven\'t been redirected yet, <a href="'.makeUrl($paths->page).'">click here</a>.'; break;
|
|
333 |
} else {
|
|
334 |
die_friendly('Error saving category information', '<p>'.$val.'</p>');
|
|
335 |
} |
|
336 |
} |
|
337 |
elseif(isset($_POST['__enanoCatCancel'])) |
|
338 |
{
|
|
339 |
header('Location: '.makeUrl($paths->page)); echo '<html><head><title>Redirecting...</title></head><body>If you haven\'t been redirected yet, <a href="'.makeUrl($paths->page).'">click here</a>.'; break;
|
|
340 |
} |
|
341 |
$template->header(); |
|
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
342 |
$c = PageUtils::catedit_raw($paths->page_id, $paths->namespace); |
| 0 | 343 |
echo $c[1]; |
344 |
$template->footer(); |
|
345 |
break; |
|
346 |
case 'moreoptions': |
|
347 |
$template->header(); |
|
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
348 |
echo '<div class="menu_nojs" style="width: 150px; padding: 0;"><ul style="display: block;"><li><div class="label">' . $lang->get('ajax_lbl_moreoptions_nojs') . '</div><div style="clear: both;"></div></li>'.$template->toolbar_menu.'</ul></div>';
|
| 0 | 349 |
$template->footer(); |
350 |
break; |
|
351 |
case 'protect': |
|
|
907
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents:
906
diff
changeset
|
352 |
if ( !$session->sid_super ) |
|
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents:
906
diff
changeset
|
353 |
{
|
|
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents:
906
diff
changeset
|
354 |
redirect(makeUrlNS('Special', "Login/{$paths->page}", 'target_do=protect&level=' . $session->user_level, false), $lang->get('etc_access_denied_short'), $lang->get('etc_access_denied_need_reauth'), 0);
|
|
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents:
906
diff
changeset
|
355 |
} |
|
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents:
906
diff
changeset
|
356 |
|
|
906
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
357 |
if ( isset($_POST['level']) && isset($_POST['reason']) ) |
| 0 | 358 |
{
|
|
906
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
359 |
$level = intval($_POST['level']); |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
360 |
if ( !in_array($level, array(PROTECT_FULL, PROTECT_SEMI, PROTECT_NONE)) ) |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
361 |
{
|
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
362 |
$errors[] = 'bad level'; |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
363 |
} |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
364 |
$reason = trim($_POST['reason']); |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
365 |
if ( empty($reason) ) |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
366 |
{
|
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
367 |
$errors[] = $lang->get('onpage_protect_err_need_reason');
|
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
368 |
} |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
369 |
|
|
906
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
370 |
$page = new PageProcessor($paths->page_id, $paths->namespace); |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
371 |
$result = $page->protect_page($level, $reason); |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
372 |
if ( $result['success'] ) |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
373 |
{
|
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
374 |
redirect(makeUrl($paths->page), $lang->get('page_protect_lbl_success_title'), $lang->get('page_protect_lbl_success_body', array('page_link' => makeUrl($paths->page, false, true))), 3);
|
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
375 |
} |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
376 |
else |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
377 |
{
|
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
378 |
$errors[] = $lang->get('page_err_' . $result['error']);
|
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
379 |
} |
| 0 | 380 |
} |
381 |
$template->header(); |
|
382 |
?> |
|
383 |
<form action="<?php echo makeUrl($paths->page, 'do=protect'); ?>" method="post"> |
|
|
906
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
384 |
<h3><?php echo $lang->get('onpage_protect_heading'); ?></h3>
|
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
385 |
<p><?php echo $lang->get('onpage_protect_msg_select_level'); ?></p>
|
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
386 |
|
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
387 |
<?php |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
388 |
if ( !empty($errors) ) |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
389 |
{
|
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
390 |
echo '<ul><li>' . implode('</li><li>', $errors) . '</li></ul>';
|
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
391 |
} |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
392 |
?> |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
393 |
|
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
394 |
<div class="protectlevel" style="line-height: 22px; margin-left: 17px;"> |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
395 |
<label> |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
396 |
<input type="radio" name="level" value="<?php echo PROTECT_FULL; ?>" /> |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
397 |
<?php echo gen_sprite(cdnPath . '/images/protect-icons.png', 22, 22, 0, 0); ?> |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
398 |
<?php echo $lang->get('onpage_protect_btn_full'); ?>
|
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
399 |
</label> |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
400 |
</div> |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
401 |
<div class="protectlevel_hint" style="font-size: smaller; margin-left: 68px;"> |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
402 |
<?php echo $lang->get('onpage_protect_btn_full_hint'); ?>
|
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
403 |
</div> |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
404 |
|
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
405 |
<div class="protectlevel" style="line-height: 22px; margin-left: 17px;"> |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
406 |
<label> |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
407 |
<input type="radio" name="level" value="<?php echo PROTECT_SEMI; ?>" /> |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
408 |
<?php echo gen_sprite(cdnPath . '/images/protect-icons.png', 22, 22, 22, 0); ?> |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
409 |
<?php echo $lang->get('onpage_protect_btn_semi'); ?>
|
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
410 |
</label> |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
411 |
</div> |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
412 |
<div class="protectlevel_hint" style="font-size: smaller; margin-left: 68px;"> |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
413 |
<?php echo $lang->get('onpage_protect_btn_semi_hint'); ?>
|
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
414 |
</div> |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
415 |
|
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
416 |
<div class="protectlevel" style="line-height: 22px; margin-left: 17px;"> |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
417 |
<label> |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
418 |
<input type="radio" name="level" value="<?php echo PROTECT_NONE; ?>" /> |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
419 |
<?php echo gen_sprite(cdnPath . '/images/protect-icons.png', 22, 22, 44, 0); ?> |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
420 |
<?php echo $lang->get('onpage_protect_btn_none'); ?>
|
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
421 |
</label> |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
422 |
</div> |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
423 |
<div class="protectlevel_hint" style="font-size: smaller; margin-left: 68px;"> |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
424 |
<?php echo $lang->get('onpage_protect_btn_none_hint'); ?>
|
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
425 |
</div> |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
426 |
|
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
427 |
<table style="margin-left: 1em;" cellspacing="10"> |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
428 |
<tr> |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
429 |
<td valign="top"> |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
430 |
<?php echo $lang->get('onpage_protect_lbl_reason'); ?>
|
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
431 |
</td> |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
432 |
<td> |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
433 |
<input type="text" name="reason" size="40" /><br /> |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
434 |
<small><?php echo $lang->get('onpage_protect_lbl_reason_hint'); ?></small>
|
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
435 |
</td> |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
436 |
</tr> |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
437 |
</table> |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
438 |
|
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
439 |
<p> |
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
440 |
<input type="submit" value="<?php echo htmlspecialchars($lang->get('page_protect_btn_submit')) ?>" style="font-weight: bold;" />
|
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
441 |
<a class="abutton" href="<?php echo makeUrl($paths->page, false, true); ?>"><?php echo $lang->get('etc_cancel'); ?></a>
|
|
c949e82b8f49
New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents:
900
diff
changeset
|
442 |
</p> |
| 0 | 443 |
</form> |
444 |
<?php |
|
445 |
$template->footer(); |
|
446 |
break; |
|
447 |
case 'rename': |
|
| 592 | 448 |
require_once(ENANO_ROOT.'/includes/pageutils.php'); |
| 0 | 449 |
if(!empty($_POST['newname'])) |
450 |
{
|
|
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
451 |
$r = PageUtils::rename($paths->page_id, $paths->namespace, $_POST['newname']); |
| 304 | 452 |
die_friendly($lang->get('page_rename_success_title'), '<p>'.nl2br($r).' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>');
|
| 0 | 453 |
} |
454 |
$template->header(); |
|
455 |
?> |
|
456 |
<form action="<?php echo makeUrl($paths->page, 'do=rename'); ?>" method="post"> |
|
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
457 |
<?php if(isset($_POST['newname'])) echo '<p style="color: red;">' . $lang->get('page_rename_err_need_name') . '</p>'; ?>
|
|
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
458 |
<p><?php echo $lang->get('page_rename_lbl'); ?></p>
|
| 0 | 459 |
<p><input type="text" name="newname" size="40" /></p> |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
460 |
<p><input type="submit" value="<?php echo htmlspecialchars($lang->get('page_rename_btn_submit')); ?>" style="font-weight: bold;" /></p>
|
| 0 | 461 |
</form> |
462 |
<?php |
|
|
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
463 |
$template->footer(); |
| 0 | 464 |
break; |
465 |
case 'flushlogs': |
|
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
466 |
if(!$session->get_permissions('clear_logs'))
|
|
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
467 |
{
|
|
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
468 |
die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>');
|
|
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
469 |
} |
|
907
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents:
906
diff
changeset
|
470 |
if ( !$session->sid_super ) |
|
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents:
906
diff
changeset
|
471 |
{
|
|
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents:
906
diff
changeset
|
472 |
redirect(makeUrlNS('Special', "Login/{$paths->page}", 'target_do=flushlogs&level=' . $session->user_level, false), $lang->get('etc_access_denied_short'), $lang->get('etc_access_denied_need_reauth'), 0);
|
|
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents:
906
diff
changeset
|
473 |
} |
| 592 | 474 |
require_once(ENANO_ROOT.'/includes/pageutils.php'); |
| 0 | 475 |
if(isset($_POST['_downthejohn'])) |
476 |
{
|
|
477 |
$template->header(); |
|
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
478 |
$result = PageUtils::flushlogs($paths->page_id, $paths->namespace); |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
479 |
echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>';
|
| 0 | 480 |
$template->footer(); |
481 |
break; |
|
482 |
} |
|
483 |
$template->header(); |
|
484 |
?> |
|
485 |
<form action="<?php echo makeUrl($paths->page, 'do=flushlogs'); ?>" method="post"> |
|
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
486 |
<?php echo $lang->get('page_flushlogs_warning_stern'); ?>
|
|
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
487 |
<p><input type="submit" name="_downthejohn" value="<?php echo htmlspecialchars($lang->get('page_flushlogs_btn_submit')); ?>" style="color: red; font-weight: bold;" /></p>
|
| 0 | 488 |
</form> |
489 |
<?php |
|
490 |
$template->footer(); |
|
491 |
break; |
|
492 |
case 'delvote': |
|
| 592 | 493 |
require_once(ENANO_ROOT.'/includes/pageutils.php'); |
| 0 | 494 |
if(isset($_POST['_ballotbox'])) |
495 |
{
|
|
496 |
$template->header(); |
|
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
497 |
$result = PageUtils::delvote($paths->page_id, $paths->namespace); |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
498 |
echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>';
|
| 0 | 499 |
$template->footer(); |
500 |
break; |
|
501 |
} |
|
502 |
$template->header(); |
|
503 |
?> |
|
504 |
<form action="<?php echo makeUrl($paths->page, 'do=delvote'); ?>" method="post"> |
|
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
505 |
<?php |
|
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
506 |
echo $lang->get('page_delvote_warning_stern');
|
|
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
507 |
echo '<p>'; |
|
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
508 |
switch($paths->cpage['delvotes']) |
|
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
509 |
{
|
|
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
510 |
case 0: echo $lang->get('page_delvote_count_zero'); break;
|
|
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
511 |
case 1: echo $lang->get('page_delvote_count_one'); break;
|
|
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
512 |
default: echo $lang->get('page_delvote_count_plural', array('delvotes' => $paths->cpage['delvotes'])); break;
|
|
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
513 |
} |
|
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
514 |
echo '</p>'; |
|
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
515 |
?> |
|
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
516 |
<p><input type="submit" name="_ballotbox" value="<?php echo htmlspecialchars($lang->get('page_delvote_btn_submit')); ?>" /></p>
|
| 0 | 517 |
</form> |
518 |
<?php |
|
519 |
$template->footer(); |
|
520 |
break; |
|
521 |
case 'resetvotes': |
|
| 592 | 522 |
require_once(ENANO_ROOT.'/includes/pageutils.php'); |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
523 |
if(!$session->get_permissions('vote_reset'))
|
|
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
524 |
{
|
|
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
525 |
die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>');
|
|
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
526 |
} |
| 0 | 527 |
if(isset($_POST['_youmaylivealittlelonger'])) |
528 |
{
|
|
529 |
$template->header(); |
|
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
530 |
$result = PageUtils::resetdelvotes($paths->page_id, $paths->namespace); |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
531 |
echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>';
|
| 0 | 532 |
$template->footer(); |
533 |
break; |
|
534 |
} |
|
535 |
$template->header(); |
|
536 |
?> |
|
537 |
<form action="<?php echo makeUrl($paths->page, 'do=resetvotes'); ?>" method="post"> |
|
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
538 |
<p><?php echo $lang->get('ajax_delvote_reset_confirm'); ?></p>
|
|
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
539 |
<p><input type="submit" name="_youmaylivealittlelonger" value="<?php echo htmlspecialchars($lang->get('page_delvote_reset_btn_submit')); ?>" /></p>
|
| 0 | 540 |
</form> |
541 |
<?php |
|
542 |
$template->footer(); |
|
543 |
break; |
|
544 |
case 'deletepage': |
|
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
545 |
if(!$session->get_permissions('delete_page'))
|
|
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
546 |
{
|
|
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
547 |
die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>');
|
|
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
548 |
} |
|
907
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents:
906
diff
changeset
|
549 |
if ( !$session->sid_super ) |
|
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents:
906
diff
changeset
|
550 |
{
|
|
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents:
906
diff
changeset
|
551 |
redirect(makeUrlNS('Special', "Login/{$paths->page}", 'target_do=deletepage&level=' . $session->user_level, false), $lang->get('etc_access_denied_short'), $lang->get('etc_access_denied_need_reauth'), 0);
|
|
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents:
906
diff
changeset
|
552 |
} |
|
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents:
906
diff
changeset
|
553 |
|
| 592 | 554 |
require_once(ENANO_ROOT.'/includes/pageutils.php'); |
| 0 | 555 |
if(isset($_POST['_adiossucker'])) |
556 |
{
|
|
| 28 | 557 |
$reason = ( isset($_POST['reason']) ) ? $_POST['reason'] : false; |
558 |
if ( empty($reason) ) |
|
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
559 |
$error = $lang->get('ajax_delete_prompt_reason');
|
| 28 | 560 |
else |
561 |
{
|
|
562 |
$template->header(); |
|
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
563 |
$result = PageUtils::deletepage($paths->page_id, $paths->namespace, $reason); |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
564 |
echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>';
|
| 28 | 565 |
$template->footer(); |
566 |
break; |
|
567 |
} |
|
| 0 | 568 |
} |
569 |
$template->header(); |
|
570 |
?> |
|
571 |
<form action="<?php echo makeUrl($paths->page, 'do=deletepage'); ?>" method="post"> |
|
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
572 |
<?php echo $lang->get('page_delete_warning_stern'); ?>
|
| 28 | 573 |
<?php if ( isset($error) ) echo "<p>$error</p>"; ?> |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
574 |
<p><?php echo $lang->get('page_delete_lbl_reason'); ?> <input type="text" name="reason" size="50" /></p>
|
|
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
575 |
<p><input type="submit" name="_adiossucker" value="<?php echo htmlspecialchars($lang->get('page_delete_btn_submit')); ?>" style="color: red; font-weight: bold;" /></p>
|
| 0 | 576 |
</form> |
577 |
<?php |
|
578 |
$template->footer(); |
|
579 |
break; |
|
580 |
case 'setwikimode': |
|
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
581 |
if(!$session->get_permissions('set_wiki_mode'))
|
|
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
582 |
{
|
|
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
583 |
die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>');
|
|
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
584 |
} |
|
97
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
585 |
if ( isset($_POST['finish']) ) |
|
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
586 |
{
|
|
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
587 |
$level = intval($_POST['level']); |
|
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
588 |
if ( !in_array($level, array(0, 1, 2) ) ) |
|
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
589 |
{
|
|
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
590 |
die_friendly('Invalid request', '<p>Level not specified</p>');
|
|
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
591 |
} |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
592 |
$q = $db->sql_query('UPDATE '.table_prefix.'pages SET wiki_mode=' . $level . ' WHERE urlname=\'' . $db->escape($paths->page_id) . '\' AND namespace=\'' . $paths->namespace . '\';');
|
|
97
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
593 |
if ( !$q ) |
|
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
594 |
$db->_die(); |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
595 |
redirect(makeUrl($paths->page), htmlspecialchars($paths->cpage['name']), $lang->get('page_wikimode_success_redirect'), 2);
|
|
97
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
596 |
} |
|
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
597 |
else |
|
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
598 |
{
|
|
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
599 |
$template->header(); |
|
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
600 |
if(!isset($_GET['level']) || ( isset($_GET['level']) && !preg_match('#^([0-9])$#', $_GET['level']))) die_friendly('Invalid request', '<p>Level not specified</p>');
|
|
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
601 |
$level = intval($_GET['level']); |
|
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
602 |
if ( !in_array($level, array(0, 1, 2) ) ) |
|
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
603 |
{
|
|
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
604 |
die_friendly('Invalid request', '<p>Level not specified</p>');
|
|
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
605 |
} |
|
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
606 |
echo '<form action="' . makeUrl($paths->page, 'do=setwikimode', true) . '" method="post">'; |
|
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
607 |
echo '<input type="hidden" name="finish" value="foo" />'; |
|
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
608 |
echo '<input type="hidden" name="level" value="' . $level . '" />'; |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
609 |
$level_txt = ( $level == 0 ) ? 'page_wikimode_level_off' : ( ( $level == 1 ) ? 'page_wikimode_level_on' : 'page_wikimode_level_global' ); |
|
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
610 |
$blurb = ( $level == 0 || ( $level == 2 && getConfig('wiki_mode') != '1' ) ) ? 'page_wikimode_blurb_disable' : 'page_wikimode_blurb_enable';
|
|
97
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
611 |
?> |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
612 |
<h3><?php echo $lang->get('page_wikimode_heading'); ?></h3>
|
|
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
613 |
<p><?php echo $lang->get($level_txt) . ' ' . $lang->get($blurb); ?></p> |
|
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
614 |
<p><?php echo $lang->get('page_wikimode_warning'); ?></p>
|
|
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
615 |
<p><input type="submit" value="<?php echo htmlspecialchars($lang->get('page_wikimode_btn_submit')); ?>" /></p>
|
|
97
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
616 |
<?php |
|
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
617 |
echo '</form>'; |
|
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
618 |
$template->footer(); |
|
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
619 |
} |
| 0 | 620 |
break; |
621 |
case 'diff': |
|
| 592 | 622 |
require_once(ENANO_ROOT.'/includes/pageutils.php'); |
623 |
require_once(ENANO_ROOT.'/includes/diff.php'); |
|
| 0 | 624 |
$template->header(); |
625 |
$id1 = ( isset($_GET['diff1']) ) ? (int)$_GET['diff1'] : false; |
|
626 |
$id2 = ( isset($_GET['diff2']) ) ? (int)$_GET['diff2'] : false; |
|
|
900
c5409416b61b
Index: minor fix-up to code cleanliness under diff loading
Dan
parents:
867
diff
changeset
|
627 |
if ( !$id1 || !$id2 ) |
|
c5409416b61b
Index: minor fix-up to code cleanliness under diff loading
Dan
parents:
867
diff
changeset
|
628 |
{
|
|
c5409416b61b
Index: minor fix-up to code cleanliness under diff loading
Dan
parents:
867
diff
changeset
|
629 |
echo '<p>Invalid request.</p>'; |
|
c5409416b61b
Index: minor fix-up to code cleanliness under diff loading
Dan
parents:
867
diff
changeset
|
630 |
$template->footer(); |
|
c5409416b61b
Index: minor fix-up to code cleanliness under diff loading
Dan
parents:
867
diff
changeset
|
631 |
break; |
|
c5409416b61b
Index: minor fix-up to code cleanliness under diff loading
Dan
parents:
867
diff
changeset
|
632 |
} |
|
c5409416b61b
Index: minor fix-up to code cleanliness under diff loading
Dan
parents:
867
diff
changeset
|
633 |
if ( !ctype_digit($_GET['diff1']) || !ctype_digit($_GET['diff1']) ) |
|
c5409416b61b
Index: minor fix-up to code cleanliness under diff loading
Dan
parents:
867
diff
changeset
|
634 |
{
|
|
c5409416b61b
Index: minor fix-up to code cleanliness under diff loading
Dan
parents:
867
diff
changeset
|
635 |
echo '<p>SQL injection attempt</p>'; |
|
c5409416b61b
Index: minor fix-up to code cleanliness under diff loading
Dan
parents:
867
diff
changeset
|
636 |
$template->footer(); |
|
c5409416b61b
Index: minor fix-up to code cleanliness under diff loading
Dan
parents:
867
diff
changeset
|
637 |
break; |
|
c5409416b61b
Index: minor fix-up to code cleanliness under diff loading
Dan
parents:
867
diff
changeset
|
638 |
} |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
639 |
echo PageUtils::pagediff($paths->page_id, $paths->namespace, $id1, $id2); |
| 0 | 640 |
$template->footer(); |
641 |
break; |
|
| 91 | 642 |
case 'detag': |
643 |
if ( $session->user_level < USER_LEVEL_ADMIN ) |
|
644 |
{
|
|
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
645 |
die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>');
|
| 91 | 646 |
} |
647 |
if ( $paths->page_exists ) |
|
648 |
{
|
|
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
649 |
die_friendly($lang->get('etc_invalid_request_short'), '<p>' . $lang->get('page_detag_err_page_exists') . '</p>');
|
| 91 | 650 |
} |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
651 |
$q = $db->sql_query('DELETE FROM '.table_prefix.'tags WHERE page_id=\'' . $db->escape($paths->page_id) . '\' AND namespace=\'' . $paths->namespace . '\';');
|
| 91 | 652 |
if ( !$q ) |
653 |
$db->_die('Detag query, index.php:'.__LINE__);
|
|
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
654 |
die_friendly($lang->get('page_detag_success_title'), '<p>' . $lang->get('page_detag_success_body') . '</p>');
|
| 91 | 655 |
break; |
| 0 | 656 |
case 'aclmanager': |
|
907
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents:
906
diff
changeset
|
657 |
if ( !$session->sid_super ) |
|
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents:
906
diff
changeset
|
658 |
{
|
|
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents:
906
diff
changeset
|
659 |
redirect(makeUrlNS('Special', "Login/{$paths->page}", 'target_do=aclmanager&level=' . $session->user_level, false), $lang->get('etc_access_denied_short'), $lang->get('etc_access_denied_need_reauth'), 0);
|
|
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents:
906
diff
changeset
|
660 |
} |
|
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents:
906
diff
changeset
|
661 |
|
| 592 | 662 |
require_once(ENANO_ROOT.'/includes/pageutils.php'); |
| 0 | 663 |
$data = ( isset($_POST['data']) ) ? $_POST['data'] : Array('mode' => 'listgroups');
|
664 |
PageUtils::aclmanager($data); |
|
665 |
break; |
|
|
286
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents:
285
diff
changeset
|
666 |
case 'sql_report': |
|
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents:
285
diff
changeset
|
667 |
$rev_id = ( (isset($_GET['oldid'])) ? intval($_GET['oldid']) : 0 ); |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
668 |
$page = new PageProcessor( $paths->page_id, $paths->namespace, $rev_id ); |
|
286
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents:
285
diff
changeset
|
669 |
$page->send_headers = true; |
|
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents:
285
diff
changeset
|
670 |
$pagepass = ( isset($_REQUEST['pagepass']) ) ? sha1($_REQUEST['pagepass']) : ''; |
|
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents:
285
diff
changeset
|
671 |
$page->password = $pagepass; |
|
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents:
285
diff
changeset
|
672 |
$page->send(true); |
|
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents:
285
diff
changeset
|
673 |
ob_end_clean(); |
|
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents:
285
diff
changeset
|
674 |
ob_start(); |
|
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents:
285
diff
changeset
|
675 |
$db->sql_report(); |
|
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents:
285
diff
changeset
|
676 |
break; |
| 0 | 677 |
} |
|
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
678 |
|
|
867
fc4e242995d4
Moved gzip and aggressive_optimize_html calls to output.php
Dan
parents:
832
diff
changeset
|
679 |
// Generate an ETag |
|
fc4e242995d4
Moved gzip and aggressive_optimize_html calls to output.php
Dan
parents:
832
diff
changeset
|
680 |
/* |
|
fc4e242995d4
Moved gzip and aggressive_optimize_html calls to output.php
Dan
parents:
832
diff
changeset
|
681 |
// format: first 10 digits of SHA1 of page name, user id in hex, user and auth levels, page timestamp in hex |
|
fc4e242995d4
Moved gzip and aggressive_optimize_html calls to output.php
Dan
parents:
832
diff
changeset
|
682 |
$etag = substr(sha1($paths->namespace . ':' . $paths->page_id), 0, 10) . '-' . |
|
fc4e242995d4
Moved gzip and aggressive_optimize_html calls to output.php
Dan
parents:
832
diff
changeset
|
683 |
"u{$session->user_id}l{$session->user_level}a{$session->auth_level}-" .
|
|
fc4e242995d4
Moved gzip and aggressive_optimize_html calls to output.php
Dan
parents:
832
diff
changeset
|
684 |
dechex($page_timestamp); |
|
fc4e242995d4
Moved gzip and aggressive_optimize_html calls to output.php
Dan
parents:
832
diff
changeset
|
685 |
|
|
fc4e242995d4
Moved gzip and aggressive_optimize_html calls to output.php
Dan
parents:
832
diff
changeset
|
686 |
if ( isset($_SERVER['HTTP_IF_NONE_MATCH']) ) |
| 0 | 687 |
{
|
|
867
fc4e242995d4
Moved gzip and aggressive_optimize_html calls to output.php
Dan
parents:
832
diff
changeset
|
688 |
if ( "\"$etag\"" == $_SERVER['HTTP_IF_NONE_MATCH'] ) |
|
fc4e242995d4
Moved gzip and aggressive_optimize_html calls to output.php
Dan
parents:
832
diff
changeset
|
689 |
{
|
|
fc4e242995d4
Moved gzip and aggressive_optimize_html calls to output.php
Dan
parents:
832
diff
changeset
|
690 |
header('HTTP/1.1 304 Not Modified');
|
|
fc4e242995d4
Moved gzip and aggressive_optimize_html calls to output.php
Dan
parents:
832
diff
changeset
|
691 |
exit(); |
|
fc4e242995d4
Moved gzip and aggressive_optimize_html calls to output.php
Dan
parents:
832
diff
changeset
|
692 |
} |
|
fc4e242995d4
Moved gzip and aggressive_optimize_html calls to output.php
Dan
parents:
832
diff
changeset
|
693 |
} |
|
542
5841df0ab575
Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit.
Dan
parents:
536
diff
changeset
|
694 |
|
|
867
fc4e242995d4
Moved gzip and aggressive_optimize_html calls to output.php
Dan
parents:
832
diff
changeset
|
695 |
header("ETag: \"$etag\"");
|
|
fc4e242995d4
Moved gzip and aggressive_optimize_html calls to output.php
Dan
parents:
832
diff
changeset
|
696 |
*/ |
|
564
a1c450a911a6
Updated version number metadata in system plugin files; added some comments and removed unused code from index.php and includes/graphs.php
Dan
parents:
547
diff
changeset
|
697 |
|
|
80
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents:
73
diff
changeset
|
698 |
$db->close(); |
|
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents:
73
diff
changeset
|
699 |
gzip_output(); |
|
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
700 |
|
|
542
5841df0ab575
Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit.
Dan
parents:
536
diff
changeset
|
701 |
@ob_end_flush(); |
|
5841df0ab575
Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit.
Dan
parents:
536
diff
changeset
|
702 |
|
| 0 | 703 |
?> |