0
+ − 1
<?php
73
0a74676a2f2f
Made the move to Loch Ness, and got some basic page grouping functionality working. TODO: fix some UI issues in Javascript ACL editor and change non-JS ACL editor to work with page groups too
Dan
diff
changeset
+ − 2
166
+ − 3
/*
0
+ − 4
* Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
168
+ − 5
* Version 1.0.2 (Coblynau)
0
+ − 6
* Copyright (C) 2006-2007 Dan Fuhry
+ − 7
*
+ − 8
* This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
+ − 9
* as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
+ − 10
*
+ − 11
* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ − 12
* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
+ − 13
*
246
+ − 14
* @package Enano
+ − 15
* @subpackage Frontend
+ − 16
*
0
+ − 17
*/
246
+ − 18
311
a007145a0ff6
Deprecated debugConsole and removed all calls to it. Added a lot of comments to common.php. Added support for "anonymous pages" that are created when the Enano API is loaded from an external script. Fixed missing border-bottom on Type 2 sidebar blocks in Oxygen.
Dan
diff
changeset
+ − 19
define('ENANO_INTERFACE_INDEX', '');
a007145a0ff6
Deprecated debugConsole and removed all calls to it. Added a lot of comments to common.php. Added support for "anonymous pages" that are created when the Enano API is loaded from an external script. Fixed missing border-bottom on Type 2 sidebar blocks in Oxygen.
Dan
diff
changeset
+ − 20
81
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 21
// Set up gzip encoding before any output is sent
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 22
183
91127e62f38f
Fixed some regular expressions in HTML optimization algorithm; regex page groups can be edited now (oops)
Dan
diff
changeset
+ − 23
$aggressive_optimize_html = true;
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 24
0
+ − 25
global $do_gzip;
80
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 26
$do_gzip = true;
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 27
0
+ − 28
if(isset($_SERVER['PATH_INFO'])) $v = $_SERVER['PATH_INFO'];
+ − 29
elseif(isset($_GET['title'])) $v = $_GET['title'];
+ − 30
else $v = '';
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 31
80
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 32
if ( isset($_GET['nocompress']) )
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 33
$aggressive_optimize_html = false;
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 34
0
+ − 35
error_reporting(E_ALL);
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 36
0
+ − 37
// if(!strstr($v, 'CSS') && !strstr($v, 'UploadFile') && !strstr($v, 'DownloadFile')) // These pages are blacklisted because we can't have debugConsole's HTML output disrupting the flow of header() calls and whatnot
+ − 38
// {
+ − 39
// $do_gzip = ( function_exists('gzcompress') && ( isset($_SERVER['HTTP_ACCEPT_ENCODING']) && strstr($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') ) ) ? true : false;
+ − 40
// // Uncomment the following line to enable debugConsole (requires PHP 5 or later)
+ − 41
// // define('ENANO_DEBUG', '');
+ − 42
// }
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 43
0
+ − 44
if(defined('ENANO_DEBUG')) $do_gzip = false;
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 45
0
+ − 46
if($aggressive_optimize_html || $do_gzip)
+ − 47
{
+ − 48
ob_start();
+ − 49
}
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 50
0
+ − 51
require('includes/common.php');
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 52
0
+ − 53
global $db, $session, $paths, $template, $plugins; // Common objects
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 54
307
+ − 55
if ( !isset($_GET['do']) )
+ − 56
{
+ − 57
$_GET['do'] = 'view';
+ − 58
}
0
+ − 59
switch($_GET['do'])
+ − 60
{
+ − 61
default:
285
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 62
die_friendly('Invalid action', '<p>The action "'.htmlspecialchars($_GET['do']).'" is not defined. Return to <a href="'.makeUrl($paths->page).'">viewing this page\'s text</a>.</p>');
0
+ − 63
break;
+ − 64
case 'view':
+ − 65
// echo PageUtils::getpage($paths->page, true, ( (isset($_GET['oldid'])) ? $_GET['oldid'] : false ));
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 66
$rev_id = ( (isset($_GET['oldid'])) ? intval($_GET['oldid']) : 0 );
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 67
$page = new PageProcessor( $paths->cpage['urlname_nons'], $paths->namespace, $rev_id );
0
+ − 68
$page->send_headers = true;
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 69
$pagepass = ( isset($_REQUEST['pagepass']) ) ? sha1($_REQUEST['pagepass']) : '';
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 70
$page->password = $pagepass;
61
+ − 71
$page->send(true);
0
+ − 72
break;
+ − 73
case 'comments':
+ − 74
$template->header();
+ − 75
$sub = ( isset ($_GET['sub']) ) ? $_GET['sub'] : false;
+ − 76
switch($sub)
+ − 77
{
+ − 78
case 'admin':
+ − 79
default:
+ − 80
$act = ( isset ($_GET['action']) ) ? $_GET['action'] : false;
+ − 81
$id = ( isset ($_GET['id']) ) ? intval($_GET['id']) : -1;
+ − 82
echo PageUtils::comments_html($paths->cpage['urlname_nons'], $paths->namespace, $act, Array('id'=>$id));
+ − 83
break;
+ − 84
case 'postcomment':
+ − 85
if(empty($_POST['name']) ||
+ − 86
empty($_POST['subj']) ||
+ − 87
empty($_POST['text'])
+ − 88
) { echo 'Invalid request'; break; }
+ − 89
$cid = ( isset($_POST['captcha_id']) ) ? $_POST['captcha_id'] : false;
+ − 90
$cin = ( isset($_POST['captcha_input']) ) ? $_POST['captcha_input'] : false;
+ − 91
PageUtils::addcomment($paths->cpage['urlname_nons'], $paths->namespace, $_POST['name'], $_POST['subj'], $_POST['text'], $cin, $cid); // All filtering, etc. is handled inside this method
+ − 92
echo PageUtils::comments_html($paths->cpage['urlname_nons'], $paths->namespace);
+ − 93
break;
+ − 94
case 'editcomment':
+ − 95
if(!isset($_GET['id']) || ( isset($_GET['id']) && !preg_match('#^([0-9]+)$#', $_GET['id']) )) { echo '<p>Invalid comment ID</p>'; break; }
+ − 96
$q = $db->sql_query('SELECT subject,comment_data,comment_id FROM '.table_prefix.'comments WHERE comment_id='.$_GET['id']);
+ − 97
if(!$q) $db->_die('The comment data could not be selected.');
+ − 98
$row = $db->fetchrow();
+ − 99
$db->free_result();
+ − 100
echo '<form action="'.makeUrl($paths->page, 'do=comments&sub=savecomment').'" method="post">';
+ − 101
echo "<br /><div class='tblholder'><table border='0' width='100%' cellspacing='1' cellpadding='4'>
+ − 102
<tr><td class='row1'>Subject:</td><td class='row1'><input type='text' name='subj' value='{$row['subject']}' /></td></tr>
+ − 103
<tr><td class='row2'>Comment:</td><td class='row2'><textarea rows='10' cols='40' style='width: 98%;' name='text'>{$row['comment_data']}</textarea></td></tr>
+ − 104
<tr><td class='row1' colspan='2' class='row1' style='text-align: center;'><input type='hidden' name='id' value='{$row['comment_id']}' /><input type='submit' value='Save Changes' /></td></tr>
+ − 105
</table></div>";
+ − 106
echo '</form>';
+ − 107
break;
+ − 108
case 'savecomment':
+ − 109
if(empty($_POST['subj']) || empty($_POST['text'])) { echo '<p>Invalid request</p>'; break; }
+ − 110
$r = PageUtils::savecomment_neater($paths->cpage['urlname_nons'], $paths->namespace, $_POST['subj'], $_POST['text'], (int)$_POST['id']);
+ − 111
if($r != 'good') { echo "<pre>$r</pre>"; break; }
+ − 112
echo PageUtils::comments_html($paths->cpage['urlname_nons'], $paths->namespace);
+ − 113
break;
+ − 114
case 'deletecomment':
+ − 115
if(!empty($_GET['id']))
+ − 116
{
+ − 117
PageUtils::deletecomment_neater($paths->cpage['urlname_nons'], $paths->namespace, (int)$_GET['id']);
+ − 118
}
+ − 119
echo PageUtils::comments_html($paths->cpage['urlname_nons'], $paths->namespace);
+ − 120
break;
+ − 121
}
+ − 122
$template->footer();
+ − 123
break;
+ − 124
case 'edit':
285
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 125
if(isset($_POST['_cancel']))
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 126
{
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 127
redirect(makeUrl($paths->page), '', '', 0);
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 128
break;
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 129
}
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 130
if(isset($_POST['_save']))
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 131
{
0
+ − 132
$e = PageUtils::savepage($paths->cpage['urlname_nons'], $paths->namespace, $_POST['page_text'], $_POST['edit_summary'], isset($_POST['minor']));
285
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 133
if ( $e == 'good' )
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 134
{
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 135
redirect(makeUrl($paths->page), 'Changes saved', 'Your changes to this page have been saved. Redirecting...', 3);
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 136
}
0
+ − 137
}
+ − 138
$template->header();
+ − 139
if(isset($_POST['_preview']))
+ − 140
{
+ − 141
$text = $_POST['page_text'];
+ − 142
echo PageUtils::genPreview($_POST['page_text']);
+ − 143
}
+ − 144
else $text = RenderMan::getPage($paths->cpage['urlname_nons'], $paths->namespace, 0, false, false, false, false);
+ − 145
echo '
+ − 146
<form action="'.makeUrl($paths->page, 'do=edit').'" method="post" enctype="multipart/form-data">
+ − 147
<br />
+ − 148
<textarea name="page_text" rows="20" cols="60" style="width: 97%;">'.$text.'</textarea><br />
+ − 149
<br />
+ − 150
';
+ − 151
if($paths->wiki_mode)
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 152
echo 'Edit summary: <input name="edit_summary" type="text" size="40" /><br /><label><input type="checkbox" name="minor" /> This is a minor edit</label><br />';
0
+ − 153
echo '<br />
+ − 154
<input type="submit" name="_save" value="Save changes" style="font-weight: bold;" />
+ − 155
<input type="submit" name="_preview" value="Preview changes" />
+ − 156
<input type="submit" name="_revert" value="Revert changes" />
+ − 157
<input type="submit" name="_cancel" value="Cancel" />
+ − 158
</form>
+ − 159
';
160
+ − 160
if ( getConfig('wiki_edit_notice') == '1' )
+ − 161
{
+ − 162
$notice = getConfig('wiki_edit_notice_text');
+ − 163
echo RenderMan::render($notice);
+ − 164
}
0
+ − 165
$template->footer();
+ − 166
break;
+ − 167
case 'viewsource':
+ − 168
$template->header();
+ − 169
$text = RenderMan::getPage($paths->cpage['urlname_nons'], $paths->namespace, 0, false, false, false, false);
+ − 170
echo '
+ − 171
<form action="'.makeUrl($paths->page, 'do=edit').'" method="post">
+ − 172
<br />
+ − 173
<textarea readonly="readonly" name="page_text" rows="20" cols="60" style="width: 97%;">'.$text.'</textarea>';
+ − 174
echo '<br />
+ − 175
<input type="submit" name="_cancel" value="Close viewer" />
+ − 176
</form>
+ − 177
';
+ − 178
$template->footer();
+ − 179
break;
+ − 180
case 'history':
+ − 181
$hist = PageUtils::histlist($paths->cpage['urlname_nons'], $paths->namespace);
+ − 182
$template->header();
+ − 183
echo $hist;
+ − 184
$template->footer();
+ − 185
break;
+ − 186
case 'rollback':
+ − 187
$id = (isset($_GET['id'])) ? $_GET['id'] : false;
+ − 188
if(!$id || !preg_match('#^([0-9]+)$#', $id)) die_friendly('Invalid action ID', '<p>The URL parameter "id" is not an integer. Exiting to prevent nasties like SQL injection, etc.</p>');
+ − 189
$rb = PageUtils::rollback( (int) $id );
+ − 190
$template->header();
+ − 191
echo '<p>'.$rb.' <a href="'.makeUrl($paths->page).'">Return to the page</a>.</p>';
+ − 192
$template->footer();
+ − 193
break;
+ − 194
case 'catedit':
+ − 195
if(isset($_POST['__enanoSaveButton']))
+ − 196
{
+ − 197
unset($_POST['__enanoSaveButton']);
+ − 198
$val = PageUtils::catsave($paths->cpage['urlname_nons'], $paths->namespace, $_POST);
+ − 199
if($val == 'GOOD')
+ − 200
{
+ − 201
header('Location: '.makeUrl($paths->page)); echo '<html><head><title>Redirecting...</title></head><body>If you haven\'t been redirected yet, <a href="'.makeUrl($paths->page).'">click here</a>.'; break;
+ − 202
} else {
+ − 203
die_friendly('Error saving category information', '<p>'.$val.'</p>');
+ − 204
}
+ − 205
}
+ − 206
elseif(isset($_POST['__enanoCatCancel']))
+ − 207
{
+ − 208
header('Location: '.makeUrl($paths->page)); echo '<html><head><title>Redirecting...</title></head><body>If you haven\'t been redirected yet, <a href="'.makeUrl($paths->page).'">click here</a>.'; break;
+ − 209
}
+ − 210
$template->header();
+ − 211
$c = PageUtils::catedit_raw($paths->cpage['urlname_nons'], $paths->namespace);
+ − 212
echo $c[1];
+ − 213
$template->footer();
+ − 214
break;
+ − 215
case 'moreoptions':
+ − 216
$template->header();
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 217
echo '<div class="menu_nojs" style="width: 150px; padding: 0;"><ul style="display: block;"><li><div class="label">More options for this page</div><div style="clear: both;"></div></li>'.$template->tpl_strings['TOOLBAR_EXTRAS'].'</ul></div>';
0
+ − 218
$template->footer();
+ − 219
break;
+ − 220
case 'protect':
+ − 221
if (!isset($_REQUEST['level'])) die_friendly('Invalid request', '<p>No protection level specified</p>');
+ − 222
if(!empty($_POST['reason']))
+ − 223
{
+ − 224
if(!preg_match('#^([0-2]*){1}$#', $_POST['level'])) die_friendly('Error protecting page', '<p>Request validation failed</p>');
+ − 225
PageUtils::protect($paths->cpage['urlname_nons'], $paths->namespace, intval($_POST['level']), $_POST['reason']);
+ − 226
die_friendly('Page protected', '<p>The protection setting has been applied. <a href="'.makeUrl($paths->page).'">Return to the page</a>.</p>');
+ − 227
}
+ − 228
$template->header();
+ − 229
?>
+ − 230
<form action="<?php echo makeUrl($paths->page, 'do=protect'); ?>" method="post">
+ − 231
<input type="hidden" name="level" value="<?php echo $_REQUEST['level']; ?>" />
+ − 232
<?php if(isset($_POST['reason'])) echo '<p style="color: red;">Error: you must enter a reason for protecting this page.</p>'; ?>
+ − 233
<p>Reason for protecting the page:</p>
+ − 234
<p><input type="text" name="reason" size="40" /><br />
+ − 235
Protecion level to be applied: <b><?php
+ − 236
switch($_REQUEST['level'])
+ − 237
{
+ − 238
case '0':
+ − 239
echo 'No protection';
+ − 240
break;
+ − 241
case '1':
+ − 242
echo 'Full protection';
+ − 243
break;
+ − 244
case '2':
+ − 245
echo 'Semi-protection';
+ − 246
break;
+ − 247
default:
+ − 248
echo 'None;</b> Warning: request validation will fail after clicking submit<b>';
+ − 249
}
+ − 250
?></b></p>
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 251
<p><input type="submit" value="Protect page" style="font-weight: bold;" /></p>
0
+ − 252
</form>
+ − 253
<?php
+ − 254
$template->footer();
+ − 255
break;
+ − 256
case 'rename':
+ − 257
if(!empty($_POST['newname']))
+ − 258
{
+ − 259
$r = PageUtils::rename($paths->cpage['urlname_nons'], $paths->namespace, $_POST['newname']);
+ − 260
die_friendly('Page renamed', '<p>'.nl2br($r).' <a href="'.makeUrl($paths->page).'">Return to the page</a>.</p>');
+ − 261
}
+ − 262
$template->header();
+ − 263
?>
+ − 264
<form action="<?php echo makeUrl($paths->page, 'do=rename'); ?>" method="post">
+ − 265
<?php if(isset($_POST['newname'])) echo '<p style="color: red;">Error: you must enter a new name for this page.</p>'; ?>
+ − 266
<p>Please enter a new name for this page:</p>
+ − 267
<p><input type="text" name="newname" size="40" /></p>
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 268
<p><input type="submit" value="Rename page" style="font-weight: bold;" /></p>
0
+ − 269
</form>
+ − 270
<?php
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 271
$template->footer();
0
+ − 272
break;
+ − 273
case 'flushlogs':
+ − 274
if(!$session->get_permissions('clear_logs')) die_friendly('Access denied', '<p>Flushing the logs for a page <u>requires</u> administrative rights.</p>');
+ − 275
if(isset($_POST['_downthejohn']))
+ − 276
{
+ − 277
$template->header();
+ − 278
$result = PageUtils::flushlogs($paths->cpage['urlname_nons'], $paths->namespace);
+ − 279
echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">Return to the page</a>.</p>';
+ − 280
$template->footer();
+ − 281
break;
+ − 282
}
+ − 283
$template->header();
+ − 284
?>
+ − 285
<form action="<?php echo makeUrl($paths->page, 'do=flushlogs'); ?>" method="post">
+ − 286
<h3>You are about to <span style="color: red;">destroy</span> all logged edits and actions on this page.</h3>
116
77c75179bb95
Made most special pages "visible"; fixup for non-existent special page redirect in paths.php; rewrote Special:AllPages to have pagination (WiP, Special:SpecialPages is possibly next, depending on whether paginate_array works or not)
Dan
diff
changeset
+ − 287
<p>Unlike deleting or editing this page, this action is <u>not reversible</u>! You should only do this if you are desparate for
0
+ − 288
database space.</p>
+ − 289
<p>Do you really want to continue?</p>
+ − 290
<p><input type="submit" name="_downthejohn" value="Flush logs" style="color: red; font-weight: bold;" /></p>
+ − 291
</form>
+ − 292
<?php
+ − 293
$template->footer();
+ − 294
break;
+ − 295
case 'delvote':
+ − 296
if(isset($_POST['_ballotbox']))
+ − 297
{
+ − 298
$template->header();
+ − 299
$result = PageUtils::delvote($paths->cpage['urlname_nons'], $paths->namespace);
+ − 300
echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">Return to the page</a>.</p>';
+ − 301
$template->footer();
+ − 302
break;
+ − 303
}
+ − 304
$template->header();
+ − 305
?>
+ − 306
<form action="<?php echo makeUrl($paths->page, 'do=delvote'); ?>" method="post">
+ − 307
<h3>Your vote counts.</h3>
+ − 308
<p>If you think that this page is not relavent to the content on this site, or if it looks like this page was only created in
+ − 309
an attempt to spam the site, you can request that this page be deleted by an administrator.</p>
+ − 310
<p>After you vote, you should leave a comment explaining the reason for your vote, especially if you are the first person to
+ − 311
vote against this page.</p>
+ − 312
<p>So far, <?php echo ( $paths->cpage['delvotes'] == 1 ) ? $paths->cpage['delvotes'] . ' person has' : $paths->cpage['delvotes'] . ' people have'; ?> voted to delete this page.</p>
+ − 313
<p><input type="submit" name="_ballotbox" value="Vote to delete this page" /></p>
+ − 314
</form>
+ − 315
<?php
+ − 316
$template->footer();
+ − 317
break;
+ − 318
case 'resetvotes':
+ − 319
if(!$session->get_permissions('vote_reset')) die_friendly('Access denied', '<p>Resetting the deletion votes against this page <u>requires</u> admin rights.</p>');
+ − 320
if(isset($_POST['_youmaylivealittlelonger']))
+ − 321
{
+ − 322
$template->header();
+ − 323
$result = PageUtils::resetdelvotes($paths->cpage['urlname_nons'], $paths->namespace);
+ − 324
echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">Return to the page</a>.</p>';
+ − 325
$template->footer();
+ − 326
break;
+ − 327
}
+ − 328
$template->header();
+ − 329
?>
+ − 330
<form action="<?php echo makeUrl($paths->page, 'do=resetvotes'); ?>" method="post">
+ − 331
<p>This action will reset the number of votes against this page to zero. Are you sure you want to do this?</p>
+ − 332
<p><input type="submit" name="_youmaylivealittlelonger" value="Reset votes" /></p>
+ − 333
</form>
+ − 334
<?php
+ − 335
$template->footer();
+ − 336
break;
+ − 337
case 'deletepage':
+ − 338
if(!$session->get_permissions('delete_page')) die_friendly('Access denied', '<p>Deleting pages <u>requires</u> admin rights.</p>');
+ − 339
if(isset($_POST['_adiossucker']))
+ − 340
{
28
+ − 341
$reason = ( isset($_POST['reason']) ) ? $_POST['reason'] : false;
+ − 342
if ( empty($reason) )
+ − 343
$error = 'Please enter a reason for deleting this page.';
+ − 344
else
+ − 345
{
+ − 346
$template->header();
+ − 347
$result = PageUtils::deletepage($paths->cpage['urlname_nons'], $paths->namespace, $reason);
+ − 348
echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">Return to the page</a>.</p>';
+ − 349
$template->footer();
+ − 350
break;
+ − 351
}
0
+ − 352
}
+ − 353
$template->header();
+ − 354
?>
+ − 355
<form action="<?php echo makeUrl($paths->page, 'do=deletepage'); ?>" method="post">
+ − 356
<h3>You are about to <span style="color: red;">destroy</span> this page.</h3>
+ − 357
<p>While the deletion of the page itself is completely reversible, it is impossible to recover any comments or category information on this page. If this is a file page, the file along with all older revisions of it will be permanently deleted. Also, any custom information that this page is tagged with, such as a custom name, protection status, or additional settings such as whether to allow comments, will be permanently lost.</p>
+ − 358
<p>Are you <u>absolutely sure</u> that you want to continue?<br />
+ − 359
You will not be asked again.</p>
28
+ − 360
<?php if ( isset($error) ) echo "<p>$error</p>"; ?>
+ − 361
<p>Reason for deleting: <input type="text" name="reason" size="50" /></p>
0
+ − 362
<p><input type="submit" name="_adiossucker" value="Delete this page" style="color: red; font-weight: bold;" /></p>
+ − 363
</form>
+ − 364
<?php
+ − 365
$template->footer();
+ − 366
break;
+ − 367
case 'setwikimode':
+ − 368
if(!$session->get_permissions('set_wiki_mode')) die_friendly('Access denied', '<p>Changing the wiki mode setting <u>requires</u> admin rights.</p>');
97
+ − 369
if ( isset($_POST['finish']) )
+ − 370
{
+ − 371
$level = intval($_POST['level']);
+ − 372
if ( !in_array($level, array(0, 1, 2) ) )
+ − 373
{
+ − 374
die_friendly('Invalid request', '<p>Level not specified</p>');
+ − 375
}
+ − 376
$q = $db->sql_query('UPDATE '.table_prefix.'pages SET wiki_mode=' . $level . ' WHERE urlname=\'' . $db->escape($paths->cpage['urlname_nons']) . '\' AND namespace=\'' . $paths->namespace . '\';');
+ − 377
if ( !$q )
+ − 378
$db->_die();
+ − 379
redirect(makeUrl($paths->page), htmlspecialchars($paths->cpage['name']), 'Wiki mode for this page has been set. Redirecting you to the page...', 2);
+ − 380
}
+ − 381
else
+ − 382
{
+ − 383
$template->header();
+ − 384
if(!isset($_GET['level']) || ( isset($_GET['level']) && !preg_match('#^([0-9])$#', $_GET['level']))) die_friendly('Invalid request', '<p>Level not specified</p>');
+ − 385
$level = intval($_GET['level']);
+ − 386
if ( !in_array($level, array(0, 1, 2) ) )
+ − 387
{
+ − 388
die_friendly('Invalid request', '<p>Level not specified</p>');
+ − 389
}
+ − 390
echo '<form action="' . makeUrl($paths->page, 'do=setwikimode', true) . '" method="post">';
+ − 391
echo '<input type="hidden" name="finish" value="foo" />';
+ − 392
echo '<input type="hidden" name="level" value="' . $level . '" />';
+ − 393
$level_txt = ( $level == 0 ) ? 'disabled' : ( ( $level == 1 ) ? 'enabled' : 'use the global setting' );
+ − 394
$blurb = ( $level == 0 || ( $level == 2 && getConfig('wiki_mode') != '1' ) ) ? 'Because this will disable the wiki behavior on this page, several features, most
+ − 395
notably the ability for users to vote to have this page deleted, will be disabled as they are not relevant to non-wiki pages. In addition, users will not be able
+ − 396
to edit this page unless an ACL rule specifically permits them.' : 'Because this will enable the wiki behavior on this page, users will gain the ability to
+ − 397
freely edit this page unless an ACL rule specifically denies them. If your site is public and gets good traffic, you should be aware of the possiblity of vandalism, and you need to be ready to revert
+ − 398
malicious edits to this page.';
+ − 399
?>
+ − 400
<h3>You are changing wiki mode for this page.</h3>
+ − 401
<p>Wiki features will be set to <?php echo $level_txt; ?>. <?php echo $blurb; ?></p>
+ − 402
<p>If you want to continue, please click the button below.</p>
+ − 403
<p><input type="submit" value="Set wiki mode" /></p>
+ − 404
<?php
+ − 405
echo '</form>';
+ − 406
$template->footer();
+ − 407
}
0
+ − 408
break;
+ − 409
case 'diff':
+ − 410
$template->header();
+ − 411
$id1 = ( isset($_GET['diff1']) ) ? (int)$_GET['diff1'] : false;
+ − 412
$id2 = ( isset($_GET['diff2']) ) ? (int)$_GET['diff2'] : false;
+ − 413
if(!$id1 || !$id2) { echo '<p>Invalid request.</p>'; $template->footer(); break; }
+ − 414
if(!preg_match('#^([0-9]+)$#', (string)$_GET['diff1']) ||
+ − 415
!preg_match('#^([0-9]+)$#', (string)$_GET['diff2'] )) { echo '<p>SQL injection attempt</p>'; $template->footer(); break; }
+ − 416
echo PageUtils::pagediff($paths->cpage['urlname_nons'], $paths->namespace, $id1, $id2);
+ − 417
$template->footer();
+ − 418
break;
91
+ − 419
case 'detag':
+ − 420
if ( $session->user_level < USER_LEVEL_ADMIN )
+ − 421
{
+ − 422
die_friendly('Access denied', '<p>You need to be an administrator to detag pages.</p>');
+ − 423
}
+ − 424
if ( $paths->page_exists )
+ − 425
{
+ − 426
die_friendly('Invalid request', '<p>The detag action is only valid for pages that have been deleted in the past.</p>');
+ − 427
}
+ − 428
$q = $db->sql_query('DELETE FROM '.table_prefix.'tags WHERE page_id=\'' . $db->escape($paths->cpage['urlname_nons']) . '\' AND namespace=\'' . $paths->namespace . '\';');
+ − 429
if ( !$q )
+ − 430
$db->_die('Detag query, index.php:'.__LINE__);
+ − 431
die_friendly('Page detagged', '<p>All stale tags have been removed from this page.</p>');
+ − 432
break;
0
+ − 433
case 'aclmanager':
+ − 434
$data = ( isset($_POST['data']) ) ? $_POST['data'] : Array('mode' => 'listgroups');
+ − 435
PageUtils::aclmanager($data);
+ − 436
break;
286
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 437
case 'sql_report':
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 438
$rev_id = ( (isset($_GET['oldid'])) ? intval($_GET['oldid']) : 0 );
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 439
$page = new PageProcessor( $paths->cpage['urlname_nons'], $paths->namespace, $rev_id );
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 440
$page->send_headers = true;
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 441
$pagepass = ( isset($_REQUEST['pagepass']) ) ? sha1($_REQUEST['pagepass']) : '';
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 442
$page->password = $pagepass;
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 443
$page->send(true);
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 444
ob_end_clean();
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 445
ob_start();
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 446
$db->sql_report();
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 447
break;
0
+ − 448
}
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 449
0
+ − 450
//
+ − 451
// Optimize HTML by replacing newlines with spaces (excludes <pre>, <script>, and <style> blocks)
+ − 452
//
+ − 453
if ($aggressive_optimize_html)
+ − 454
{
+ − 455
// Load up the HTML
+ − 456
$html = ob_get_contents();
286
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 457
@ob_end_clean();
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 458
80
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 459
$html = aggressive_optimize_html($html);
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 460
0
+ − 461
// Re-enable output buffering to allow the Gzip function (below) to work
+ − 462
ob_start();
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 463
0
+ − 464
// Done, send it to the user
+ − 465
echo( $html );
+ − 466
}
80
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 467
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 468
$db->close();
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 469
gzip_output();
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 470
0
+ − 471
?>