author | Dan |
Sun, 27 Jan 2008 23:44:02 -0500 | |
changeset 381 | b4751b55ee92 |
parent 378 | c1c7fa6b329f |
child 383 | 1030864dc319 |
permissions | -rw-r--r-- |
0 | 1 |
<?php |
73
0a74676a2f2f
Made the move to Loch Ness, and got some basic page grouping functionality working. TODO: fix some UI issues in Javascript ACL editor and change non-JS ACL editor to work with page groups too
Dan
parents:
70
diff
changeset
|
2 |
|
166
d53cc29308f4
Rebrand as 1.1.1; everything should now be bumped to "unstable" status
Dan
parents:
160
diff
changeset
|
3 |
/* |
0 | 4 |
* Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between |
266 | 5 |
* Version 1.1.1 |
0 | 6 |
* Copyright (C) 2006-2007 Dan Fuhry |
7 |
* |
|
8 |
* This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License |
|
9 |
* as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. |
|
10 |
* |
|
11 |
* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied |
|
12 |
* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details. |
|
13 |
* |
|
246
c9fd175289aa
Cleaned up some HTML in the installer; corrected some phpDoc syntax errors
Dan
parents:
183
diff
changeset
|
14 |
* @package Enano |
c9fd175289aa
Cleaned up some HTML in the installer; corrected some phpDoc syntax errors
Dan
parents:
183
diff
changeset
|
15 |
* @subpackage Frontend |
c9fd175289aa
Cleaned up some HTML in the installer; corrected some phpDoc syntax errors
Dan
parents:
183
diff
changeset
|
16 |
* |
0 | 17 |
*/ |
246
c9fd175289aa
Cleaned up some HTML in the installer; corrected some phpDoc syntax errors
Dan
parents:
183
diff
changeset
|
18 |
|
311
a007145a0ff6
Deprecated debugConsole and removed all calls to it. Added a lot of comments to common.php. Added support for "anonymous pages" that are created when the Enano API is loaded from an external script. Fixed missing border-bottom on Type 2 sidebar blocks in Oxygen.
Dan
parents:
307
diff
changeset
|
19 |
define('ENANO_INTERFACE_INDEX', ''); |
372
5bd429428101
A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager
Dan
parents:
337
diff
changeset
|
20 |
|
5bd429428101
A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager
Dan
parents:
337
diff
changeset
|
21 |
// For the mighty and brave. |
378
c1c7fa6b329f
Got Enano to load even if there are no plugins; added caching for decrypted session keys to significantly improve performance (in theory at least)
Dan
parents:
376
diff
changeset
|
22 |
define('ENANO_DEBUG', ''); |
311
a007145a0ff6
Deprecated debugConsole and removed all calls to it. Added a lot of comments to common.php. Added support for "anonymous pages" that are created when the Enano API is loaded from an external script. Fixed missing border-bottom on Type 2 sidebar blocks in Oxygen.
Dan
parents:
307
diff
changeset
|
23 |
|
81
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
parents:
80
diff
changeset
|
24 |
// Set up gzip encoding before any output is sent |
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
25 |
|
334
c72b545f1304
More localization work. Resolved major issue with JSON parser not parsing files over ~50KB. Switched JSON parser to the one from the Zend Framework (BSD licensed). Forced to split enano.json into five different files.
Dan
parents:
326
diff
changeset
|
26 |
$aggressive_optimize_html = true; |
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
27 |
|
0 | 28 |
global $do_gzip; |
334
c72b545f1304
More localization work. Resolved major issue with JSON parser not parsing files over ~50KB. Switched JSON parser to the one from the Zend Framework (BSD licensed). Forced to split enano.json into five different files.
Dan
parents:
326
diff
changeset
|
29 |
$do_gzip = true; |
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
30 |
|
0 | 31 |
if(isset($_SERVER['PATH_INFO'])) $v = $_SERVER['PATH_INFO']; |
32 |
elseif(isset($_GET['title'])) $v = $_GET['title']; |
|
33 |
else $v = ''; |
|
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
34 |
|
80
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents:
73
diff
changeset
|
35 |
if ( isset($_GET['nocompress']) ) |
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents:
73
diff
changeset
|
36 |
$aggressive_optimize_html = false; |
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents:
73
diff
changeset
|
37 |
|
0 | 38 |
error_reporting(E_ALL); |
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
39 |
|
0 | 40 |
if($aggressive_optimize_html || $do_gzip) |
41 |
{ |
|
42 |
ob_start(); |
|
43 |
} |
|
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
44 |
|
0 | 45 |
require('includes/common.php'); |
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
46 |
|
0 | 47 |
global $db, $session, $paths, $template, $plugins; // Common objects |
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
48 |
|
307 | 49 |
if ( !isset($_GET['do']) ) |
50 |
{ |
|
51 |
$_GET['do'] = 'view'; |
|
52 |
} |
|
0 | 53 |
switch($_GET['do']) |
54 |
{ |
|
55 |
default: |
|
285
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
parents:
256
diff
changeset
|
56 |
die_friendly('Invalid action', '<p>The action "'.htmlspecialchars($_GET['do']).'" is not defined. Return to <a href="'.makeUrl($paths->page).'">viewing this page\'s text</a>.</p>'); |
0 | 57 |
break; |
58 |
case 'view': |
|
59 |
// echo PageUtils::getpage($paths->page, true, ( (isset($_GET['oldid'])) ? $_GET['oldid'] : false )); |
|
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
60 |
$rev_id = ( (isset($_GET['oldid'])) ? intval($_GET['oldid']) : 0 ); |
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
61 |
$page = new PageProcessor( $paths->page_id, $paths->namespace, $rev_id ); |
0 | 62 |
$page->send_headers = true; |
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
28
diff
changeset
|
63 |
$pagepass = ( isset($_REQUEST['pagepass']) ) ? sha1($_REQUEST['pagepass']) : ''; |
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
28
diff
changeset
|
64 |
$page->password = $pagepass; |
61 | 65 |
$page->send(true); |
0 | 66 |
break; |
67 |
case 'comments': |
|
68 |
$template->header(); |
|
69 |
$sub = ( isset ($_GET['sub']) ) ? $_GET['sub'] : false; |
|
70 |
switch($sub) |
|
71 |
{ |
|
72 |
case 'admin': |
|
73 |
default: |
|
74 |
$act = ( isset ($_GET['action']) ) ? $_GET['action'] : false; |
|
75 |
$id = ( isset ($_GET['id']) ) ? intval($_GET['id']) : -1; |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
76 |
echo PageUtils::comments_html($paths->page_id, $paths->namespace, $act, Array('id'=>$id)); |
0 | 77 |
break; |
78 |
case 'postcomment': |
|
79 |
if(empty($_POST['name']) || |
|
80 |
empty($_POST['subj']) || |
|
81 |
empty($_POST['text']) |
|
82 |
) { echo 'Invalid request'; break; } |
|
83 |
$cid = ( isset($_POST['captcha_id']) ) ? $_POST['captcha_id'] : false; |
|
84 |
$cin = ( isset($_POST['captcha_input']) ) ? $_POST['captcha_input'] : false; |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
85 |
PageUtils::addcomment($paths->page_id, $paths->namespace, $_POST['name'], $_POST['subj'], $_POST['text'], $cin, $cid); // All filtering, etc. is handled inside this method |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
86 |
echo PageUtils::comments_html($paths->page_id, $paths->namespace); |
0 | 87 |
break; |
88 |
case 'editcomment': |
|
89 |
if(!isset($_GET['id']) || ( isset($_GET['id']) && !preg_match('#^([0-9]+)$#', $_GET['id']) )) { echo '<p>Invalid comment ID</p>'; break; } |
|
90 |
$q = $db->sql_query('SELECT subject,comment_data,comment_id FROM '.table_prefix.'comments WHERE comment_id='.$_GET['id']); |
|
91 |
if(!$q) $db->_die('The comment data could not be selected.'); |
|
92 |
$row = $db->fetchrow(); |
|
93 |
$db->free_result(); |
|
213
1316404e4ea8
Localized history page and static HTML comment interface
Dan
parents:
187
diff
changeset
|
94 |
$row['subject'] = str_replace('\'', ''', $row['subject']); |
0 | 95 |
echo '<form action="'.makeUrl($paths->page, 'do=comments&sub=savecomment').'" method="post">'; |
96 |
echo "<br /><div class='tblholder'><table border='0' width='100%' cellspacing='1' cellpadding='4'> |
|
213
1316404e4ea8
Localized history page and static HTML comment interface
Dan
parents:
187
diff
changeset
|
97 |
<tr><td class='row1'>" . $lang->get('comment_postform_field_subject') . "</td><td class='row1'><input type='text' name='subj' value='{$row['subject']}' /></td></tr> |
1316404e4ea8
Localized history page and static HTML comment interface
Dan
parents:
187
diff
changeset
|
98 |
<tr><td class='row2'>" . $lang->get('comment_postform_field_comment') . "</td><td class='row2'><textarea rows='10' cols='40' style='width: 98%;' name='text'>{$row['comment_data']}</textarea></td></tr> |
1316404e4ea8
Localized history page and static HTML comment interface
Dan
parents:
187
diff
changeset
|
99 |
<tr><td class='row1' colspan='2' class='row1' style='text-align: center;'><input type='hidden' name='id' value='{$row['comment_id']}' /><input type='submit' value='" . $lang->get('etc_save_changes') . "' /></td></tr> |
0 | 100 |
</table></div>"; |
101 |
echo '</form>'; |
|
102 |
break; |
|
103 |
case 'savecomment': |
|
104 |
if(empty($_POST['subj']) || empty($_POST['text'])) { echo '<p>Invalid request</p>'; break; } |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
105 |
$r = PageUtils::savecomment_neater($paths->page_id, $paths->namespace, $_POST['subj'], $_POST['text'], (int)$_POST['id']); |
0 | 106 |
if($r != 'good') { echo "<pre>$r</pre>"; break; } |
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
107 |
echo PageUtils::comments_html($paths->page_id, $paths->namespace); |
0 | 108 |
break; |
109 |
case 'deletecomment': |
|
110 |
if(!empty($_GET['id'])) |
|
111 |
{ |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
112 |
PageUtils::deletecomment_neater($paths->page_id, $paths->namespace, (int)$_GET['id']); |
0 | 113 |
} |
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
114 |
echo PageUtils::comments_html($paths->page_id, $paths->namespace); |
0 | 115 |
break; |
116 |
} |
|
117 |
$template->footer(); |
|
118 |
break; |
|
119 |
case 'edit': |
|
285
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
parents:
256
diff
changeset
|
120 |
if(isset($_POST['_cancel'])) |
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
parents:
256
diff
changeset
|
121 |
{ |
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
parents:
256
diff
changeset
|
122 |
redirect(makeUrl($paths->page), '', '', 0); |
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
parents:
256
diff
changeset
|
123 |
break; |
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
parents:
256
diff
changeset
|
124 |
} |
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
parents:
256
diff
changeset
|
125 |
if(isset($_POST['_save'])) |
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
parents:
256
diff
changeset
|
126 |
{ |
337
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
127 |
$captcha_valid = true; |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
128 |
if ( !$session->user_logged_in && getConfig('guest_edit_require_captcha') == '1' ) |
285
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
parents:
256
diff
changeset
|
129 |
{ |
337
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
130 |
$captcha_valid = false; |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
131 |
if ( isset($_POST['captcha_id']) && isset($_POST['captcha_code']) ) |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
132 |
{ |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
133 |
$hash_correct = strtolower($session->get_captcha($_POST['captcha_id'])); |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
134 |
$hash_input = strtolower($_POST['captcha_code']); |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
135 |
if ( $hash_input === $hash_correct ) |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
136 |
$captcha_valid = true; |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
137 |
} |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
138 |
} |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
139 |
if ( $captcha_valid ) |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
140 |
{ |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
141 |
$e = PageUtils::savepage($paths->page_id, $paths->namespace, $_POST['page_text'], $_POST['edit_summary'], isset($_POST['minor'])); |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
142 |
if ( $e == 'good' ) |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
143 |
{ |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
144 |
redirect(makeUrl($paths->page), $lang->get('editor_msg_save_success_title'), $lang->get('editor_msg_save_success_body'), 3); |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
145 |
} |
285
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
parents:
256
diff
changeset
|
146 |
} |
0 | 147 |
} |
148 |
$template->header(); |
|
337
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
149 |
if ( isset($captcha_valid) ) |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
150 |
{ |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
151 |
echo '<div class="usermessage">' . $lang->get('editor_err_captcha_wrong') . '</div>'; |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
152 |
} |
0 | 153 |
if(isset($_POST['_preview'])) |
154 |
{ |
|
155 |
$text = $_POST['page_text']; |
|
156 |
echo PageUtils::genPreview($_POST['page_text']); |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
157 |
$text = htmlspecialchars($text); |
0 | 158 |
} |
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
159 |
else |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
160 |
{ |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
161 |
$text = RenderMan::getPage($paths->cpage['urlname_nons'], $paths->namespace, 0, false, false, false, false); |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
162 |
} |
0 | 163 |
echo ' |
164 |
<form action="'.makeUrl($paths->page, 'do=edit').'" method="post" enctype="multipart/form-data"> |
|
165 |
<br /> |
|
166 |
<textarea name="page_text" rows="20" cols="60" style="width: 97%;">'.$text.'</textarea><br /> |
|
167 |
<br /> |
|
168 |
'; |
|
337
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
169 |
echo $lang->get('editor_lbl_edit_summary') . ' <input name="edit_summary" type="text" size="40" /><br /><label><input type="checkbox" name="minor" /> ' . $lang->get('editor_lbl_minor_edit_field') . '</label><br />'; |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
170 |
if ( !$session->user_logged_in && getConfig('guest_edit_require_captcha') == '1' ) |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
171 |
{ |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
172 |
echo '<br /><table border="0"><tr><td>'; |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
173 |
echo '<b>' . $lang->get('editor_lbl_field_captcha') . '</b><br />' |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
174 |
. '<br />' |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
175 |
. $lang->get('editor_msg_captcha_pleaseenter') . '<br /><br />' |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
176 |
. $lang->get('editor_msg_captcha_blind'); |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
177 |
echo '</td><td>'; |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
178 |
$hash = $session->make_captcha(); |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
179 |
echo '<img src="' . makeUrlNS('Special', "Captcha/$hash") . '" onclick="this.src+=\'/a\'" style="cursor: pointer;" /><br />'; |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
180 |
echo '<input type="hidden" name="captcha_id" value="' . $hash . '" />'; |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
181 |
echo $lang->get('editor_lbl_field_captcha_code') . ' <input type="text" name="captcha_code" value="" size="9" />'; |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
182 |
echo '</td></tr></table>'; |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
183 |
} |
0 | 184 |
echo '<br /> |
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
185 |
<input type="submit" name="_save" value="' . $lang->get('editor_btn_save') . '" style="font-weight: bold;" /> |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
186 |
<input type="submit" name="_preview" value="' . $lang->get('editor_btn_preview') . '" /> |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
187 |
<input type="submit" name="_revert" value="' . $lang->get('editor_btn_revert') . '" /> |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
188 |
<input type="submit" name="_cancel" value="' . $lang->get('editor_btn_cancel') . '" /> |
0 | 189 |
</form> |
190 |
'; |
|
160
87a988ca4ff4
Fixed: wiki mode edit notice should be shown on fallback editor now
Dan
parents:
142
diff
changeset
|
191 |
if ( getConfig('wiki_edit_notice') == '1' ) |
87a988ca4ff4
Fixed: wiki mode edit notice should be shown on fallback editor now
Dan
parents:
142
diff
changeset
|
192 |
{ |
87a988ca4ff4
Fixed: wiki mode edit notice should be shown on fallback editor now
Dan
parents:
142
diff
changeset
|
193 |
$notice = getConfig('wiki_edit_notice_text'); |
87a988ca4ff4
Fixed: wiki mode edit notice should be shown on fallback editor now
Dan
parents:
142
diff
changeset
|
194 |
echo RenderMan::render($notice); |
87a988ca4ff4
Fixed: wiki mode edit notice should be shown on fallback editor now
Dan
parents:
142
diff
changeset
|
195 |
} |
0 | 196 |
$template->footer(); |
197 |
break; |
|
198 |
case 'viewsource': |
|
199 |
$template->header(); |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
200 |
$text = RenderMan::getPage($paths->page_id, $paths->namespace, 0, false, false, false, false); |
0 | 201 |
echo ' |
202 |
<form action="'.makeUrl($paths->page, 'do=edit').'" method="post"> |
|
203 |
<br /> |
|
204 |
<textarea readonly="readonly" name="page_text" rows="20" cols="60" style="width: 97%;">'.$text.'</textarea>'; |
|
205 |
echo '<br /> |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
206 |
<input type="submit" name="_cancel" value="' . $lang->get('editor_btn_closeviewer') . '" /> |
0 | 207 |
</form> |
208 |
'; |
|
209 |
$template->footer(); |
|
210 |
break; |
|
211 |
case 'history': |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
212 |
$hist = PageUtils::histlist($paths->page_id, $paths->namespace); |
0 | 213 |
$template->header(); |
214 |
echo $hist; |
|
215 |
$template->footer(); |
|
216 |
break; |
|
217 |
case 'rollback': |
|
218 |
$id = (isset($_GET['id'])) ? $_GET['id'] : false; |
|
219 |
if(!$id || !preg_match('#^([0-9]+)$#', $id)) die_friendly('Invalid action ID', '<p>The URL parameter "id" is not an integer. Exiting to prevent nasties like SQL injection, etc.</p>'); |
|
220 |
$rb = PageUtils::rollback( (int) $id ); |
|
221 |
$template->header(); |
|
222 |
echo '<p>'.$rb.' <a href="'.makeUrl($paths->page).'">Return to the page</a>.</p>'; |
|
223 |
$template->footer(); |
|
224 |
break; |
|
225 |
case 'catedit': |
|
226 |
if(isset($_POST['__enanoSaveButton'])) |
|
227 |
{ |
|
228 |
unset($_POST['__enanoSaveButton']); |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
229 |
$val = PageUtils::catsave($paths->page_id, $paths->namespace, $_POST); |
0 | 230 |
if($val == 'GOOD') |
231 |
{ |
|
232 |
header('Location: '.makeUrl($paths->page)); echo '<html><head><title>Redirecting...</title></head><body>If you haven\'t been redirected yet, <a href="'.makeUrl($paths->page).'">click here</a>.'; break; |
|
233 |
} else { |
|
234 |
die_friendly('Error saving category information', '<p>'.$val.'</p>'); |
|
235 |
} |
|
236 |
} |
|
237 |
elseif(isset($_POST['__enanoCatCancel'])) |
|
238 |
{ |
|
239 |
header('Location: '.makeUrl($paths->page)); echo '<html><head><title>Redirecting...</title></head><body>If you haven\'t been redirected yet, <a href="'.makeUrl($paths->page).'">click here</a>.'; break; |
|
240 |
} |
|
241 |
$template->header(); |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
242 |
$c = PageUtils::catedit_raw($paths->page_id, $paths->namespace); |
0 | 243 |
echo $c[1]; |
244 |
$template->footer(); |
|
245 |
break; |
|
246 |
case 'moreoptions': |
|
247 |
$template->header(); |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
248 |
echo '<div class="menu_nojs" style="width: 150px; padding: 0;"><ul style="display: block;"><li><div class="label">' . $lang->get('ajax_lbl_moreoptions_nojs') . '</div><div style="clear: both;"></div></li>'.$template->toolbar_menu.'</ul></div>'; |
0 | 249 |
$template->footer(); |
250 |
break; |
|
251 |
case 'protect': |
|
252 |
if (!isset($_REQUEST['level'])) die_friendly('Invalid request', '<p>No protection level specified</p>'); |
|
253 |
if(!empty($_POST['reason'])) |
|
254 |
{ |
|
255 |
if(!preg_match('#^([0-2]*){1}$#', $_POST['level'])) die_friendly('Error protecting page', '<p>Request validation failed</p>'); |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
256 |
PageUtils::protect($paths->page_id, $paths->namespace, intval($_POST['level']), $_POST['reason']); |
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
257 |
|
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
258 |
die_friendly($lang->get('page_protect_lbl_success_title'), '<p>' . $lang->get('page_protect_lbl_success_body', array( 'page_link' => makeUrl($paths->page) )) . '</p>'); |
0 | 259 |
} |
260 |
$template->header(); |
|
261 |
?> |
|
262 |
<form action="<?php echo makeUrl($paths->page, 'do=protect'); ?>" method="post"> |
|
263 |
<input type="hidden" name="level" value="<?php echo $_REQUEST['level']; ?>" /> |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
264 |
<?php if(isset($_POST['reason'])) echo '<p style="color: red;">' . $lang->get('page_protect_err_need_reason') . '</p>'; ?> |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
265 |
<p><?php echo $lang->get('page_protect_lbl_reason'); ?></p> |
0 | 266 |
<p><input type="text" name="reason" size="40" /><br /> |
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
267 |
<?php echo $lang->get('page_protect_lbl_level'); ?> <b><?php |
0 | 268 |
switch($_REQUEST['level']) |
269 |
{ |
|
270 |
case '0': |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
271 |
echo $lang->get('page_protect_lbl_level_none'); |
0 | 272 |
break; |
273 |
case '1': |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
274 |
echo $lang->get('page_protect_lbl_level_full'); |
0 | 275 |
break; |
276 |
case '2': |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
277 |
echo $lang->get('page_protect_lbl_level_semi'); |
0 | 278 |
break; |
279 |
default: |
|
280 |
echo 'None;</b> Warning: request validation will fail after clicking submit<b>'; |
|
281 |
} |
|
282 |
?></b></p> |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
283 |
<p><input type="submit" value="<?php echo htmlspecialchars($lang->get('page_protect_btn_submit')) ?>" style="font-weight: bold;" /></p> |
0 | 284 |
</form> |
285 |
<?php |
|
286 |
$template->footer(); |
|
287 |
break; |
|
288 |
case 'rename': |
|
289 |
if(!empty($_POST['newname'])) |
|
290 |
{ |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
291 |
$r = PageUtils::rename($paths->page_id, $paths->namespace, $_POST['newname']); |
304 | 292 |
die_friendly($lang->get('page_rename_success_title'), '<p>'.nl2br($r).' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>'); |
0 | 293 |
} |
294 |
$template->header(); |
|
295 |
?> |
|
296 |
<form action="<?php echo makeUrl($paths->page, 'do=rename'); ?>" method="post"> |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
297 |
<?php if(isset($_POST['newname'])) echo '<p style="color: red;">' . $lang->get('page_rename_err_need_name') . '</p>'; ?> |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
298 |
<p><?php echo $lang->get('page_rename_lbl'); ?></p> |
0 | 299 |
<p><input type="text" name="newname" size="40" /></p> |
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
300 |
<p><input type="submit" value="<?php echo htmlspecialchars($lang->get('page_rename_btn_submit')); ?>" style="font-weight: bold;" /></p> |
0 | 301 |
</form> |
302 |
<?php |
|
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
303 |
$template->footer(); |
0 | 304 |
break; |
305 |
case 'flushlogs': |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
306 |
if(!$session->get_permissions('clear_logs')) |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
307 |
{ |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
308 |
die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>'); |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
309 |
} |
0 | 310 |
if(isset($_POST['_downthejohn'])) |
311 |
{ |
|
312 |
$template->header(); |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
313 |
$result = PageUtils::flushlogs($paths->page_id, $paths->namespace); |
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
314 |
echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>'; |
0 | 315 |
$template->footer(); |
316 |
break; |
|
317 |
} |
|
318 |
$template->header(); |
|
319 |
?> |
|
320 |
<form action="<?php echo makeUrl($paths->page, 'do=flushlogs'); ?>" method="post"> |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
321 |
<?php echo $lang->get('page_flushlogs_warning_stern'); ?> |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
322 |
<p><input type="submit" name="_downthejohn" value="<?php echo htmlspecialchars($lang->get('page_flushlogs_btn_submit')); ?>" style="color: red; font-weight: bold;" /></p> |
0 | 323 |
</form> |
324 |
<?php |
|
325 |
$template->footer(); |
|
326 |
break; |
|
327 |
case 'delvote': |
|
328 |
if(isset($_POST['_ballotbox'])) |
|
329 |
{ |
|
330 |
$template->header(); |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
331 |
$result = PageUtils::delvote($paths->page_id, $paths->namespace); |
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
332 |
echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>'; |
0 | 333 |
$template->footer(); |
334 |
break; |
|
335 |
} |
|
336 |
$template->header(); |
|
337 |
?> |
|
338 |
<form action="<?php echo makeUrl($paths->page, 'do=delvote'); ?>" method="post"> |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
339 |
<?php |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
340 |
echo $lang->get('page_delvote_warning_stern'); |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
341 |
echo '<p>'; |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
342 |
switch($paths->cpage['delvotes']) |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
343 |
{ |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
344 |
case 0: echo $lang->get('page_delvote_count_zero'); break; |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
345 |
case 1: echo $lang->get('page_delvote_count_one'); break; |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
346 |
default: echo $lang->get('page_delvote_count_plural', array('delvotes' => $paths->cpage['delvotes'])); break; |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
347 |
} |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
348 |
echo '</p>'; |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
349 |
?> |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
350 |
<p><input type="submit" name="_ballotbox" value="<?php echo htmlspecialchars($lang->get('page_delvote_btn_submit')); ?>" /></p> |
0 | 351 |
</form> |
352 |
<?php |
|
353 |
$template->footer(); |
|
354 |
break; |
|
355 |
case 'resetvotes': |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
356 |
if(!$session->get_permissions('vote_reset')) |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
357 |
{ |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
358 |
die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>'); |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
359 |
} |
0 | 360 |
if(isset($_POST['_youmaylivealittlelonger'])) |
361 |
{ |
|
362 |
$template->header(); |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
363 |
$result = PageUtils::resetdelvotes($paths->page_id, $paths->namespace); |
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
364 |
echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>'; |
0 | 365 |
$template->footer(); |
366 |
break; |
|
367 |
} |
|
368 |
$template->header(); |
|
369 |
?> |
|
370 |
<form action="<?php echo makeUrl($paths->page, 'do=resetvotes'); ?>" method="post"> |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
371 |
<p><?php echo $lang->get('ajax_delvote_reset_confirm'); ?></p> |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
372 |
<p><input type="submit" name="_youmaylivealittlelonger" value="<?php echo htmlspecialchars($lang->get('page_delvote_reset_btn_submit')); ?>" /></p> |
0 | 373 |
</form> |
374 |
<?php |
|
375 |
$template->footer(); |
|
376 |
break; |
|
377 |
case 'deletepage': |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
378 |
if(!$session->get_permissions('delete_page')) |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
379 |
{ |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
380 |
die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>'); |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
381 |
} |
0 | 382 |
if(isset($_POST['_adiossucker'])) |
383 |
{ |
|
28 | 384 |
$reason = ( isset($_POST['reason']) ) ? $_POST['reason'] : false; |
385 |
if ( empty($reason) ) |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
386 |
$error = $lang->get('ajax_delete_prompt_reason'); |
28 | 387 |
else |
388 |
{ |
|
389 |
$template->header(); |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
390 |
$result = PageUtils::deletepage($paths->page_id, $paths->namespace, $reason); |
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
391 |
echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>'; |
28 | 392 |
$template->footer(); |
393 |
break; |
|
394 |
} |
|
0 | 395 |
} |
396 |
$template->header(); |
|
397 |
?> |
|
398 |
<form action="<?php echo makeUrl($paths->page, 'do=deletepage'); ?>" method="post"> |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
399 |
<?php echo $lang->get('page_delete_warning_stern'); ?> |
28 | 400 |
<?php if ( isset($error) ) echo "<p>$error</p>"; ?> |
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
401 |
<p><?php echo $lang->get('page_delete_lbl_reason'); ?> <input type="text" name="reason" size="50" /></p> |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
402 |
<p><input type="submit" name="_adiossucker" value="<?php echo htmlspecialchars($lang->get('page_delete_btn_submit')); ?>" style="color: red; font-weight: bold;" /></p> |
0 | 403 |
</form> |
404 |
<?php |
|
405 |
$template->footer(); |
|
406 |
break; |
|
407 |
case 'setwikimode': |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
408 |
if(!$session->get_permissions('set_wiki_mode')) |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
409 |
{ |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
410 |
die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>'); |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
411 |
} |
97
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
412 |
if ( isset($_POST['finish']) ) |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
413 |
{ |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
414 |
$level = intval($_POST['level']); |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
415 |
if ( !in_array($level, array(0, 1, 2) ) ) |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
416 |
{ |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
417 |
die_friendly('Invalid request', '<p>Level not specified</p>'); |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
418 |
} |
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
419 |
$q = $db->sql_query('UPDATE '.table_prefix.'pages SET wiki_mode=' . $level . ' WHERE urlname=\'' . $db->escape($paths->page_id) . '\' AND namespace=\'' . $paths->namespace . '\';'); |
97
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
420 |
if ( !$q ) |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
421 |
$db->_die(); |
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
422 |
redirect(makeUrl($paths->page), htmlspecialchars($paths->cpage['name']), $lang->get('page_wikimode_success_redirect'), 2); |
97
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
423 |
} |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
424 |
else |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
425 |
{ |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
426 |
$template->header(); |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
427 |
if(!isset($_GET['level']) || ( isset($_GET['level']) && !preg_match('#^([0-9])$#', $_GET['level']))) die_friendly('Invalid request', '<p>Level not specified</p>'); |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
428 |
$level = intval($_GET['level']); |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
429 |
if ( !in_array($level, array(0, 1, 2) ) ) |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
430 |
{ |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
431 |
die_friendly('Invalid request', '<p>Level not specified</p>'); |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
432 |
} |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
433 |
echo '<form action="' . makeUrl($paths->page, 'do=setwikimode', true) . '" method="post">'; |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
434 |
echo '<input type="hidden" name="finish" value="foo" />'; |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
435 |
echo '<input type="hidden" name="level" value="' . $level . '" />'; |
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
436 |
$level_txt = ( $level == 0 ) ? 'page_wikimode_level_off' : ( ( $level == 1 ) ? 'page_wikimode_level_on' : 'page_wikimode_level_global' ); |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
437 |
$blurb = ( $level == 0 || ( $level == 2 && getConfig('wiki_mode') != '1' ) ) ? 'page_wikimode_blurb_disable' : 'page_wikimode_blurb_enable'; |
97
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
438 |
?> |
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
439 |
<h3><?php echo $lang->get('page_wikimode_heading'); ?></h3> |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
440 |
<p><?php echo $lang->get($level_txt) . ' ' . $lang->get($blurb); ?></p> |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
441 |
<p><?php echo $lang->get('page_wikimode_warning'); ?></p> |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
442 |
<p><input type="submit" value="<?php echo htmlspecialchars($lang->get('page_wikimode_btn_submit')); ?>" /></p> |
97
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
443 |
<?php |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
444 |
echo '</form>'; |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
445 |
$template->footer(); |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
446 |
} |
0 | 447 |
break; |
448 |
case 'diff': |
|
449 |
$template->header(); |
|
450 |
$id1 = ( isset($_GET['diff1']) ) ? (int)$_GET['diff1'] : false; |
|
451 |
$id2 = ( isset($_GET['diff2']) ) ? (int)$_GET['diff2'] : false; |
|
452 |
if(!$id1 || !$id2) { echo '<p>Invalid request.</p>'; $template->footer(); break; } |
|
453 |
if(!preg_match('#^([0-9]+)$#', (string)$_GET['diff1']) || |
|
454 |
!preg_match('#^([0-9]+)$#', (string)$_GET['diff2'] )) { echo '<p>SQL injection attempt</p>'; $template->footer(); break; } |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
455 |
echo PageUtils::pagediff($paths->page_id, $paths->namespace, $id1, $id2); |
0 | 456 |
$template->footer(); |
457 |
break; |
|
91 | 458 |
case 'detag': |
459 |
if ( $session->user_level < USER_LEVEL_ADMIN ) |
|
460 |
{ |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
461 |
die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>'); |
91 | 462 |
} |
463 |
if ( $paths->page_exists ) |
|
464 |
{ |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
465 |
die_friendly($lang->get('etc_invalid_request_short'), '<p>' . $lang->get('page_detag_err_page_exists') . '</p>'); |
91 | 466 |
} |
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
467 |
$q = $db->sql_query('DELETE FROM '.table_prefix.'tags WHERE page_id=\'' . $db->escape($paths->page_id) . '\' AND namespace=\'' . $paths->namespace . '\';'); |
91 | 468 |
if ( !$q ) |
469 |
$db->_die('Detag query, index.php:'.__LINE__); |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
470 |
die_friendly($lang->get('page_detag_success_title'), '<p>' . $lang->get('page_detag_success_body') . '</p>'); |
91 | 471 |
break; |
0 | 472 |
case 'aclmanager': |
473 |
$data = ( isset($_POST['data']) ) ? $_POST['data'] : Array('mode' => 'listgroups'); |
|
474 |
PageUtils::aclmanager($data); |
|
475 |
break; |
|
286
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents:
285
diff
changeset
|
476 |
case 'sql_report': |
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents:
285
diff
changeset
|
477 |
$rev_id = ( (isset($_GET['oldid'])) ? intval($_GET['oldid']) : 0 ); |
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
478 |
$page = new PageProcessor( $paths->page_id, $paths->namespace, $rev_id ); |
286
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents:
285
diff
changeset
|
479 |
$page->send_headers = true; |
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents:
285
diff
changeset
|
480 |
$pagepass = ( isset($_REQUEST['pagepass']) ) ? sha1($_REQUEST['pagepass']) : ''; |
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents:
285
diff
changeset
|
481 |
$page->password = $pagepass; |
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents:
285
diff
changeset
|
482 |
$page->send(true); |
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents:
285
diff
changeset
|
483 |
ob_end_clean(); |
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents:
285
diff
changeset
|
484 |
ob_start(); |
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents:
285
diff
changeset
|
485 |
$db->sql_report(); |
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents:
285
diff
changeset
|
486 |
break; |
0 | 487 |
} |
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
488 |
|
0 | 489 |
// |
490 |
// Optimize HTML by replacing newlines with spaces (excludes <pre>, <script>, and <style> blocks) |
|
491 |
// |
|
492 |
if ($aggressive_optimize_html) |
|
493 |
{ |
|
494 |
// Load up the HTML |
|
495 |
$html = ob_get_contents(); |
|
286
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents:
285
diff
changeset
|
496 |
@ob_end_clean(); |
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
497 |
|
80
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents:
73
diff
changeset
|
498 |
$html = aggressive_optimize_html($html); |
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
499 |
|
0 | 500 |
// Re-enable output buffering to allow the Gzip function (below) to work |
501 |
ob_start(); |
|
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
502 |
|
0 | 503 |
// Done, send it to the user |
504 |
echo( $html ); |
|
505 |
} |
|
80
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents:
73
diff
changeset
|
506 |
|
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents:
73
diff
changeset
|
507 |
$db->close(); |
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents:
73
diff
changeset
|
508 |
gzip_output(); |
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
509 |
|
0 | 510 |
?> |