ajax.php
author Dan
Fri, 05 Oct 2007 01:57:00 -0400
changeset 162 e1a22031b5bd
parent 144 380e55865f86
child 166 d53cc29308f4
child 184 d74ff822acc9
permissions -rwxr-xr-x
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
     1
<?php
73
0a74676a2f2f Made the move to Loch Ness, and got some basic page grouping functionality working. TODO: fix some UI issues in Javascript ACL editor and change non-JS ACL editor to work with page groups too
Dan
parents: 69
diff changeset
     2
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
     3
/*
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
     4
 * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
142
ca9118d9c0f2 Rebrand as 1.0.2 (Coblynau); internal links are now parsed by RenderMan::parse_internal_links()
Dan
parents: 118
diff changeset
     5
 * Version 1.0.2 (Coblynau)
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
     6
 * Copyright (C) 2006-2007 Dan Fuhry
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
     7
 *
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
     8
 * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
     9
 * as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    10
 *
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    11
 * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    12
 * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    13
 */
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    14
 
144
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    15
  // fillusername should be done without the help of the rest of Enano - all we need is the DBAL
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    16
  if ( isset($_GET['_mode']) && $_GET['_mode'] == 'fillusername' )
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    17
  {
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    18
    // setup and load a very basic, specialized instance of the Enano API
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    19
    function dc_here($m)     { return false; }
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    20
    function dc_dump($a, $g) { return false; }
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    21
    function dc_watch($n)    { return false; }
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    22
    function dc_start_timer($u) { return false; }
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    23
    function dc_stop_timer($m) { return false; }
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    24
    // Determine directory (special case for development servers)
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    25
    if ( strpos(__FILE__, '/repo/') && file_exists('.enanodev') )
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    26
    {
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    27
      $filename = str_replace('/repo/', '/', __FILE__);
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    28
    }
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    29
    else
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    30
    {
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    31
      $filename = __FILE__;
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    32
    }
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    33
    define('ENANO_ROOT', dirname($filename));
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    34
    require(ENANO_ROOT.'/includes/functions.php');
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    35
    require(ENANO_ROOT.'/includes/dbal.php');
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    36
    $db = new mysql();
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    37
    $db->connect();
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    38
    
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    39
    // should be connected now
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    40
    $name = (isset($_GET['name'])) ? $db->escape($_GET['name']) : false;
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    41
    if ( !$name )
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    42
    {
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    43
      die('userlist = new Array(); errorstring=\'Invalid URI\'');
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    44
    }
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    45
    $q = $db->sql_query('SELECT username,user_id FROM '.table_prefix.'users WHERE lcase(username) LIKE lcase(\'%'.$name.'%\');');
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    46
    if ( !$q )
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    47
    {
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    48
      die('userlist = new Array(); errorstring=\'MySQL error selecting username data: '.addslashes(mysql_error()).'\'');
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    49
    }
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    50
    if($db->numrows() < 1)
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    51
    {
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    52
      die('userlist = new Array(); errorstring=\'No usernames found\';');
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    53
    }
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    54
    echo 'var errorstring = false; userlist = new Array();';
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    55
    $i = 0;
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    56
    while($r = $db->fetchrow())
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    57
    {
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    58
      echo "userlist[$i] = '".addslashes($r['username'])."'; ";
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    59
      $i++;
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    60
    }
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    61
    $db->free_result();
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    62
    
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    63
    // all done! :-)
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    64
    $db->close();
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    65
    exit;
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    66
  }
380e55865f86 Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan
parents: 142
diff changeset
    67
 
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    68
  require('includes/common.php');
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    69
  
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    70
  global $db, $session, $paths, $template, $plugins; // Common objects
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    71
  if(!isset($_GET['_mode'])) die('This script cannot be accessed directly.');
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    72
  
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    73
  $_ob = '';
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    74
  
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    75
  switch($_GET['_mode']) {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    76
    case "checkusername":
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    77
      echo PageUtils::checkusername($_GET['name']);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    78
      break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    79
    case "getsource":
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    80
      $p = ( isset($_GET['pagepass']) ) ? $_GET['pagepass'] : false;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    81
      echo PageUtils::getsource($paths->page, $p);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    82
      break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    83
    case "getpage":
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    84
      // echo PageUtils::getpage($paths->page, false, ( (isset($_GET['oldid'])) ? $_GET['oldid'] : false ));
21
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
    85
      $revision_id = ( (isset($_GET['oldid'])) ? intval($_GET['oldid']) : 0 );
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
    86
      $page = new PageProcessor( $paths->cpage['urlname_nons'], $paths->namespace, $revision_id );
32
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 29
diff changeset
    87
      
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 29
diff changeset
    88
      $pagepass = ( isset($_REQUEST['pagepass']) ) ? $_REQUEST['pagepass'] : '';
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 29
diff changeset
    89
      $page->password = $pagepass;
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 29
diff changeset
    90
            
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    91
      $page->send();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    92
      break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    93
    case "savepage":
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    94
      $summ = ( isset($_POST['summary']) ) ? $_POST['summary'] : '';
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    95
      $minor = isset($_POST['minor']);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    96
      $e = PageUtils::savepage($paths->cpage['urlname_nons'], $paths->namespace, $_POST['text'], $summ, $minor);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    97
      if($e=='good')
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    98
      {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    99
        $page = new PageProcessor($paths->cpage['urlname_nons'], $paths->namespace);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   100
        $page->send();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   101
      }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   102
      else
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   103
      {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   104
        echo 'Error saving the page: '.$e;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   105
      }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   106
      break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   107
    case "protect":
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   108
      echo PageUtils::protect($paths->cpage['urlname_nons'], $paths->namespace, (int)$_POST['level'], $_POST['reason']);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   109
      break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   110
    case "histlist":
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   111
      echo PageUtils::histlist($paths->cpage['urlname_nons'], $paths->namespace);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   112
      break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   113
    case "rollback":
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   114
      echo PageUtils::rollback( (int)$_GET['id'] );
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   115
      break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   116
    case "comments":
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   117
      $comments = new Comments($paths->cpage['urlname_nons'], $paths->namespace);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   118
      if ( isset($_POST['data']) )
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   119
      {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   120
        $comments->process_json($_POST['data']);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   121
      }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   122
      else
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   123
      {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   124
        die('{ "mode" : "error", "error" : "No input" }');
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   125
      }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   126
      break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   127
    case "rename":
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   128
      echo PageUtils::rename($paths->cpage['urlname_nons'], $paths->namespace, $_POST['newtitle']);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   129
      break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   130
    case "flushlogs":
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   131
      echo PageUtils::flushlogs($paths->cpage['urlname_nons'], $paths->namespace);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   132
      break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   133
    case "deletepage":
28
dd2edcdc6c03 Deleting pages now requires a reason
Dan
parents: 22
diff changeset
   134
      $reason = ( isset($_POST['reason']) ) ? $_POST['reason'] : false;
dd2edcdc6c03 Deleting pages now requires a reason
Dan
parents: 22
diff changeset
   135
      if ( empty($reason) )
dd2edcdc6c03 Deleting pages now requires a reason
Dan
parents: 22
diff changeset
   136
        die('Please enter a reason for deleting this page.');
dd2edcdc6c03 Deleting pages now requires a reason
Dan
parents: 22
diff changeset
   137
      echo PageUtils::deletepage($paths->cpage['urlname_nons'], $paths->namespace, $reason);
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   138
      break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   139
    case "delvote":
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   140
      echo PageUtils::delvote($paths->cpage['urlname_nons'], $paths->namespace);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   141
      break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   142
    case "resetdelvotes":
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   143
      echo PageUtils::resetdelvotes($paths->cpage['urlname_nons'], $paths->namespace);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   144
      break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   145
    case "getstyles":
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   146
      echo PageUtils::getstyles($_GET['id']);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   147
      break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   148
    case "catedit":
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   149
      echo PageUtils::catedit($paths->cpage['urlname_nons'], $paths->namespace);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   150
      break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   151
    case "catsave":
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   152
      echo PageUtils::catsave($paths->cpage['urlname_nons'], $paths->namespace, $_POST);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   153
      break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   154
    case "setwikimode":
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   155
      echo PageUtils::setwikimode($paths->cpage['urlname_nons'], $paths->namespace, (int)$_GET['mode']);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   156
      break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   157
    case "setpass":
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   158
      echo PageUtils::setpass($paths->cpage['urlname_nons'], $paths->namespace, $_POST['password']);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   159
      break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   160
    case "fillusername":
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   161
      break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   162
    case "fillpagename":
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   163
      $name = (isset($_GET['name'])) ? $_GET['name'] : false;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   164
      if(!$name) die('userlist = new Array(); namelist = new Array(); errorstring=\'Invalid URI\'');
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   165
      $nd = RenderMan::strToPageID($name);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   166
      $c = 0;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   167
      $u = Array();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   168
      $n = Array();
22
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   169
      
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   170
      $name = sanitize_page_id($name);
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   171
      $name = str_replace('_', ' ', $name);
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   172
      
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   173
      for($i=0;$i<sizeof($paths->pages)/2;$i++)
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   174
      {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   175
        if( ( 
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   176
            preg_match('#'.preg_quote($name).'(.*)#i', $paths->pages[$i]['name']) ||
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   177
            preg_match('#'.preg_quote($name).'(.*)#i', $paths->pages[$i]['urlname']) ||
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   178
            preg_match('#'.preg_quote($name).'(.*)#i', $paths->pages[$i]['urlname_nons']) ||
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   179
            preg_match('#'.preg_quote(str_replace(' ', '_', $name)).'(.*)#i', $paths->pages[$i]['name']) ||
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   180
            preg_match('#'.preg_quote(str_replace(' ', '_', $name)).'(.*)#i', $paths->pages[$i]['urlname']) ||
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   181
            preg_match('#'.preg_quote(str_replace(' ', '_', $name)).'(.*)#i', $paths->pages[$i]['urlname_nons'])
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   182
            ) &&
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   183
           ( ( $nd[1] != 'Article' && $paths->pages[$i]['namespace'] == $nd[1] ) || $nd[1] == 'Article' )
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   184
            && $paths->pages[$i]['visible']
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   185
           )
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   186
        {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   187
          $c++;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   188
          $u[] = $paths->pages[$i]['name'];
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   189
          $n[] = $paths->pages[$i]['urlname'];
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   190
        }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   191
      }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   192
      if($c > 0)
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   193
      {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   194
        echo 'userlist = new Array(); namelist = new Array(); errorstring = false; '."\n";
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   195
        for($i=0;$i<sizeof($u);$i++) // Can't use foreach because we need the value of $i and we need to use both $u and $n
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   196
        {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   197
          echo "userlist[$i] = '".addslashes($n[$i])."';\n";
81
d7fc25acd3f3 Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
parents: 80
diff changeset
   198
          echo "namelist[$i] = '".addslashes(htmlspecialchars($u[$i]))."';\n";
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   199
        }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   200
      } else {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   201
        die('userlist = new Array(); namelist = new Array(); errorstring=\'No page matches found.\'');
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   202
      }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   203
      break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   204
    case "preview":
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   205
      echo PageUtils::genPreview($_POST['text']);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   206
      break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   207
    case "pagediff":
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   208
      $id1 = ( isset($_GET['diff1']) ) ? (int)$_GET['diff1'] : false;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   209
      $id2 = ( isset($_GET['diff2']) ) ? (int)$_GET['diff2'] : false;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   210
      if(!$id1 || !$id2) { echo '<p>Invalid request.</p>'; $template->footer(); break; }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   211
      if(!preg_match('#^([0-9]+)$#', (string)$_GET['diff1']) ||
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   212
         !preg_match('#^([0-9]+)$#', (string)$_GET['diff2']  )) { echo '<p>SQL injection attempt</p>'; $template->footer(); break; }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   213
      echo PageUtils::pagediff($paths->cpage['urlname_nons'], $paths->namespace, $id1, $id2);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   214
      break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   215
    case "jsres":
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   216
      die('// ERROR: this section is deprecated and has moved to includes/clientside/static/enano-lib-basic.js.');
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   217
      break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   218
    case "rdns":
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   219
      if(!$session->get_permissions('mod_misc')) die('Go somewhere else for your reverse DNS info!');
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   220
      $ip = $_GET['ip'];
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   221
      $rdns = gethostbyaddr($ip);
109
93ef7df77847 Added a ton of new log points for administrator actions; restructured security log view and enabled pagination for security logs; string change in ajax.php for RDNS operation failure
Dan
parents: 91
diff changeset
   222
      if($rdns == $ip) echo 'Unable to get reverse DNS information. Perhaps the DNS server is down or the PTR record no longer exists.';
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   223
      else echo $rdns;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   224
      break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   225
    case 'acljson':
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   226
      $parms = ( isset($_POST['acl_params']) ) ? rawurldecode($_POST['acl_params']) : false;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   227
      echo PageUtils::acl_json($parms);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   228
      break;
29
e5484a9e0818 Rewrote change theme dialog; a few minor stability fixes here and there; fixed IE + St Patty background image
Dan
parents: 28
diff changeset
   229
    case "change_theme":
e5484a9e0818 Rewrote change theme dialog; a few minor stability fixes here and there; fixed IE + St Patty background image
Dan
parents: 28
diff changeset
   230
      if ( !isset($_POST['theme_id']) || !isset($_POST['style_id']) )
e5484a9e0818 Rewrote change theme dialog; a few minor stability fixes here and there; fixed IE + St Patty background image
Dan
parents: 28
diff changeset
   231
      {
e5484a9e0818 Rewrote change theme dialog; a few minor stability fixes here and there; fixed IE + St Patty background image
Dan
parents: 28
diff changeset
   232
        die('Invalid input');
e5484a9e0818 Rewrote change theme dialog; a few minor stability fixes here and there; fixed IE + St Patty background image
Dan
parents: 28
diff changeset
   233
      }
e5484a9e0818 Rewrote change theme dialog; a few minor stability fixes here and there; fixed IE + St Patty background image
Dan
parents: 28
diff changeset
   234
      if ( !preg_match('/^([a-z0-9_-]+)$/i', $_POST['theme_id']) || !preg_match('/^([a-z0-9_-]+)$/i', $_POST['style_id']) )
e5484a9e0818 Rewrote change theme dialog; a few minor stability fixes here and there; fixed IE + St Patty background image
Dan
parents: 28
diff changeset
   235
      {
e5484a9e0818 Rewrote change theme dialog; a few minor stability fixes here and there; fixed IE + St Patty background image
Dan
parents: 28
diff changeset
   236
        die('Invalid input');
e5484a9e0818 Rewrote change theme dialog; a few minor stability fixes here and there; fixed IE + St Patty background image
Dan
parents: 28
diff changeset
   237
      }
e5484a9e0818 Rewrote change theme dialog; a few minor stability fixes here and there; fixed IE + St Patty background image
Dan
parents: 28
diff changeset
   238
      if ( !file_exists(ENANO_ROOT . '/themes/' . $_POST['theme_id'] . '/css/' . $_POST['style_id'] . '.css') )
e5484a9e0818 Rewrote change theme dialog; a few minor stability fixes here and there; fixed IE + St Patty background image
Dan
parents: 28
diff changeset
   239
      {
e5484a9e0818 Rewrote change theme dialog; a few minor stability fixes here and there; fixed IE + St Patty background image
Dan
parents: 28
diff changeset
   240
        die('Can\'t find theme file: ' . ENANO_ROOT . '/themes/' . $_POST['theme_id'] . '/css/' . $_POST['style_id'] . '.css');
e5484a9e0818 Rewrote change theme dialog; a few minor stability fixes here and there; fixed IE + St Patty background image
Dan
parents: 28
diff changeset
   241
      }
e5484a9e0818 Rewrote change theme dialog; a few minor stability fixes here and there; fixed IE + St Patty background image
Dan
parents: 28
diff changeset
   242
      if ( !$session->user_logged_in )
e5484a9e0818 Rewrote change theme dialog; a few minor stability fixes here and there; fixed IE + St Patty background image
Dan
parents: 28
diff changeset
   243
      {
e5484a9e0818 Rewrote change theme dialog; a few minor stability fixes here and there; fixed IE + St Patty background image
Dan
parents: 28
diff changeset
   244
        die('You must be logged in to change your theme');
e5484a9e0818 Rewrote change theme dialog; a few minor stability fixes here and there; fixed IE + St Patty background image
Dan
parents: 28
diff changeset
   245
      }
e5484a9e0818 Rewrote change theme dialog; a few minor stability fixes here and there; fixed IE + St Patty background image
Dan
parents: 28
diff changeset
   246
      // Just in case something slipped through...
e5484a9e0818 Rewrote change theme dialog; a few minor stability fixes here and there; fixed IE + St Patty background image
Dan
parents: 28
diff changeset
   247
      $theme_id = $db->escape($_POST['theme_id']);
e5484a9e0818 Rewrote change theme dialog; a few minor stability fixes here and there; fixed IE + St Patty background image
Dan
parents: 28
diff changeset
   248
      $style_id = $db->escape($_POST['style_id']);
e5484a9e0818 Rewrote change theme dialog; a few minor stability fixes here and there; fixed IE + St Patty background image
Dan
parents: 28
diff changeset
   249
      $e = $db->sql_query('UPDATE ' . table_prefix . "users SET theme='$theme_id', style='$style_id' WHERE user_id=$session->user_id;");
e5484a9e0818 Rewrote change theme dialog; a few minor stability fixes here and there; fixed IE + St Patty background image
Dan
parents: 28
diff changeset
   250
      if ( !$e )
e5484a9e0818 Rewrote change theme dialog; a few minor stability fixes here and there; fixed IE + St Patty background image
Dan
parents: 28
diff changeset
   251
        die( $db->get_error() );
e5484a9e0818 Rewrote change theme dialog; a few minor stability fixes here and there; fixed IE + St Patty background image
Dan
parents: 28
diff changeset
   252
      die('GOOD');
e5484a9e0818 Rewrote change theme dialog; a few minor stability fixes here and there; fixed IE + St Patty background image
Dan
parents: 28
diff changeset
   253
      break;
76
608dee512bf0 Work started on page tags, still aways to go, but syncing to Nighthawk
Dan
parents: 73
diff changeset
   254
    case 'get_tags':
608dee512bf0 Work started on page tags, still aways to go, but syncing to Nighthawk
Dan
parents: 73
diff changeset
   255
      $json = new Services_JSON(SERVICES_JSON_LOOSE_TYPE);
608dee512bf0 Work started on page tags, still aways to go, but syncing to Nighthawk
Dan
parents: 73
diff changeset
   256
      
608dee512bf0 Work started on page tags, still aways to go, but syncing to Nighthawk
Dan
parents: 73
diff changeset
   257
      $ret = array('tags' => array(), 'user_level' => $session->user_level, 'can_add' => $session->get_permissions('tag_create'));
80
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   258
      $q = $db->sql_query('SELECT t.tag_id, t.tag_name, pg.pg_target IS NOT NULL AS used_in_acl, t.user FROM '.table_prefix.'tags AS t
76
608dee512bf0 Work started on page tags, still aways to go, but syncing to Nighthawk
Dan
parents: 73
diff changeset
   259
        LEFT JOIN '.table_prefix.'page_groups AS pg
608dee512bf0 Work started on page tags, still aways to go, but syncing to Nighthawk
Dan
parents: 73
diff changeset
   260
          ON ( ( pg.pg_type = ' . PAGE_GRP_TAGGED . ' AND pg.pg_target=t.tag_name ) OR ( pg.pg_type IS NULL AND pg.pg_target IS NULL ) )
608dee512bf0 Work started on page tags, still aways to go, but syncing to Nighthawk
Dan
parents: 73
diff changeset
   261
        WHERE t.page_id=\'' . $db->escape($paths->cpage['urlname_nons']) . '\' AND t.namespace=\'' . $db->escape($paths->namespace) . '\';');
608dee512bf0 Work started on page tags, still aways to go, but syncing to Nighthawk
Dan
parents: 73
diff changeset
   262
      if ( !$q )
608dee512bf0 Work started on page tags, still aways to go, but syncing to Nighthawk
Dan
parents: 73
diff changeset
   263
        $db->_die();
608dee512bf0 Work started on page tags, still aways to go, but syncing to Nighthawk
Dan
parents: 73
diff changeset
   264
      
608dee512bf0 Work started on page tags, still aways to go, but syncing to Nighthawk
Dan
parents: 73
diff changeset
   265
      while ( $row = $db->fetchrow() )
608dee512bf0 Work started on page tags, still aways to go, but syncing to Nighthawk
Dan
parents: 73
diff changeset
   266
      {
80
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   267
        $can_del = true;
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   268
        
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   269
        $perm = ( $row['user'] != $session->user_id ) ?
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   270
                'tag_delete_other' :
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   271
                'tag_delete_own';
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   272
        
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   273
        if ( $row['user'] == 1 && !$session->user_logged_in )
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   274
          // anonymous user trying to delete tag (hardcode blacklisted)
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   275
          $can_del = false;
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   276
          
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   277
        if ( !$session->get_permissions($perm) )
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   278
          $can_del = false;
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   279
        
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   280
        if ( $row['used_in_acl'] == 1 && !$session->get_permissions('edit_acl') && $session->user_level < USER_LEVEL_ADMIN )
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   281
          $can_del = false;
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   282
        
76
608dee512bf0 Work started on page tags, still aways to go, but syncing to Nighthawk
Dan
parents: 73
diff changeset
   283
        $ret['tags'][] = array(
608dee512bf0 Work started on page tags, still aways to go, but syncing to Nighthawk
Dan
parents: 73
diff changeset
   284
          'id' => $row['tag_id'],
608dee512bf0 Work started on page tags, still aways to go, but syncing to Nighthawk
Dan
parents: 73
diff changeset
   285
          'name' => $row['tag_name'],
80
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   286
          'can_del' => $can_del,
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   287
          'acl' => ( $row['used_in_acl'] == 1 )
76
608dee512bf0 Work started on page tags, still aways to go, but syncing to Nighthawk
Dan
parents: 73
diff changeset
   288
        );
608dee512bf0 Work started on page tags, still aways to go, but syncing to Nighthawk
Dan
parents: 73
diff changeset
   289
      }
608dee512bf0 Work started on page tags, still aways to go, but syncing to Nighthawk
Dan
parents: 73
diff changeset
   290
      
608dee512bf0 Work started on page tags, still aways to go, but syncing to Nighthawk
Dan
parents: 73
diff changeset
   291
      echo $json->encode($ret);
608dee512bf0 Work started on page tags, still aways to go, but syncing to Nighthawk
Dan
parents: 73
diff changeset
   292
      
608dee512bf0 Work started on page tags, still aways to go, but syncing to Nighthawk
Dan
parents: 73
diff changeset
   293
      break;
80
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   294
    case 'addtag':
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   295
      $json = new Services_JSON(SERVICES_JSON_LOOSE_TYPE);
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   296
      $resp = array(
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   297
          'success' => false,
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   298
          'error' => 'No error',
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   299
          'can_del' => ( $session->get_permissions('tag_delete_own') && $session->user_logged_in ),
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   300
          'in_acl' => false
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   301
        );
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   302
      
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   303
      // first of course, are we allowed to tag pages?
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   304
      if ( !$session->get_permissions('tag_create') )
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   305
      {
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   306
        $resp['error'] = 'You are not permitted to tag pages.';
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   307
        die($json->encode($resp));
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   308
      }
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   309
      
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   310
      // sanitize the tag name
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   311
      $tag = sanitize_tag($_POST['tag']);
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   312
      $tag = $db->escape($tag);
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   313
      
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   314
      if ( strlen($tag) < 2 )
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   315
      {
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   316
        $resp['error'] = 'Tags must consist of at least 2 alphanumeric characters.';
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   317
        die($json->encode($resp));
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   318
      }
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   319
      
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   320
      // check if tag is already on page
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   321
      $q = $db->sql_query('SELECT 1 FROM '.table_prefix.'tags WHERE page_id=\'' . $db->escape($paths->cpage['urlname_nons']) . '\' AND namespace=\'' . $db->escape($paths->namespace) . '\' AND tag_name=\'' . $tag . '\';');
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   322
      if ( !$q )
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   323
        $db->_die();
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   324
      if ( $db->numrows() > 0 )
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   325
      {
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   326
        $resp['error'] = 'This page already has this tag.';
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   327
        die($json->encode($resp));
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   328
      }
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   329
      $db->free_result();
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   330
      
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   331
      // tricky: make sure this tag isn't being used in some page group, and thus adding it could affect page access
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   332
      $can_edit_acl = ( $session->get_permissions('edit_acl') || $session->user_level >= USER_LEVEL_ADMIN );
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   333
      $q = $db->sql_query('SELECT 1 FROM '.table_prefix.'page_groups WHERE pg_type=' . PAGE_GRP_TAGGED . ' AND pg_target=\'' . $tag . '\';');
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   334
      if ( !$q )
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   335
        $db->_die();
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   336
      if ( $db->numrows() > 0 && !$can_edit_acl )
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   337
      {
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   338
        $resp['error'] = 'This tag is used in an ACL page group, and thus can\'t be added to a page by people without administrator privileges.';
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   339
        die($json->encode($resp));
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   340
      }
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   341
      $resp['in_acl'] = ( $db->numrows() > 0 );
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   342
      $db->free_result();
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   343
      
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   344
      // we're good
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   345
      $q = $db->sql_query('INSERT INTO '.table_prefix.'tags(tag_name,page_id,namespace,user) VALUES(\'' . $tag . '\', \'' . $db->escape($paths->cpage['urlname_nons']) . '\', \'' . $db->escape($paths->namespace) . '\', ' . $session->user_id . ');');
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   346
      if ( !$q )
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   347
        $db->_die();
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   348
      
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   349
      $resp['success'] = true;
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   350
      $resp['tag'] = $tag;
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   351
      $resp['tag_id'] = $db->insert_id();
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   352
      
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   353
      echo $json->encode($resp);
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   354
      break;
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   355
    case 'deltag':
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   356
      
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   357
      $tag_id = intval($_POST['tag_id']);
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   358
      if ( empty($tag_id) )
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   359
        die('Invalid tag ID');
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   360
      
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   361
      $q = $db->sql_query('SELECT t.tag_id, t.user, t.page_id, t.namespace, pg.pg_target IS NOT NULL AS used_in_acl FROM '.table_prefix.'tags AS t
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   362
  LEFT JOIN '.table_prefix.'page_groups AS pg
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   363
    ON ( pg.pg_id IS NULL OR ( pg.pg_target = t.tag_name AND pg.pg_type = ' . PAGE_GRP_TAGGED . ' ) )
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   364
  WHERE t.tag_id=' . $tag_id . ';');
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   365
      
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   366
      if ( !$q )
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   367
        $db->_die();
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   368
      
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   369
      if ( $db->numrows() < 1 )
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   370
        die('Could not find a tag with that ID');
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   371
      
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   372
      $row = $db->fetchrow();
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   373
      $db->free_result();
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   374
      
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   375
      if ( $row['page_id'] == $paths->cpage['urlname_nons'] && $row['namespace'] == $paths->namespace )
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   376
        $perms =& $session;
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   377
      else
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   378
        $perms = $session->fetch_page_acl($row['page_id'], $row['namespace']);
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   379
        
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   380
      $perm = ( $row['user'] != $session->user_id ) ?
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   381
                'tag_delete_other' :
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   382
                'tag_delete_own';
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   383
      
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   384
      if ( $row['user'] == 1 && !$session->user_logged_in )
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   385
        // anonymous user trying to delete tag (hardcode blacklisted)
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   386
        die('You are not authorized to delete this tag.');
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   387
        
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   388
      if ( !$perms->get_permissions($perm) )
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   389
        die('You are not authorized to delete this tag.');
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   390
      
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   391
      if ( $row['used_in_acl'] == 1 && !$perms->get_permissions('edit_acl') && $session->user_level < USER_LEVEL_ADMIN )
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   392
        die('You are not authorized to delete this tag.');
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   393
      
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   394
      // We're good
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   395
      $q = $db->sql_query('DELETE FROM '.table_prefix.'tags WHERE tag_id = ' . $tag_id . ';');
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   396
      if ( !$q )
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   397
        $db->_die();
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   398
      
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   399
      echo 'success';
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   400
      
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 76
diff changeset
   401
      break;
118
0c5efda996bf Added keep-alive function to admin panel (had been planned for some time) and a new hook, template_var_init_end
Dan
parents: 109
diff changeset
   402
    case 'ping':
0c5efda996bf Added keep-alive function to admin panel (had been planned for some time) and a new hook, template_var_init_end
Dan
parents: 109
diff changeset
   403
      echo 'pong';
0c5efda996bf Added keep-alive function to admin panel (had been planned for some time) and a new hook, template_var_init_end
Dan
parents: 109
diff changeset
   404
      break;
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   405
    default:
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   406
      die('Hacking attempt');
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   407
      break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   408
  }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   409
  
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   410
?>