179 |
179 |
180 profiler_log('PageProcessor: send() called'); |
180 profiler_log('PageProcessor: send() called'); |
181 |
181 |
182 if ( !$this->perms->get_permissions('read') ) |
182 if ( !$this->perms->get_permissions('read') ) |
183 { |
183 { |
184 if ( $this->send_headers ) |
|
185 { |
|
186 $template->init_vars($this); |
|
187 } |
|
188 // Permission denied to read page. Is this one of our core pages that must always be allowed? |
184 // Permission denied to read page. Is this one of our core pages that must always be allowed? |
189 // NOTE: Not even the administration panel will work if ACLs deny access to it. |
185 // NOTE: Not even the administration panel will work if ACLs deny access to it. |
190 if ( $this->namespace == 'Special' && in_array($this->page_id, array('Login', 'Logout', 'LangExportJSON', 'CSS')) ) |
186 if ( $this->namespace == 'Special' && in_array($this->page_id, array('Login', 'Logout', 'LangExportJSON', 'CSS')) ) |
191 { |
187 { |
192 // Do nothing; allow execution to continue |
188 // Do nothing; allow execution to continue |
216 $pathskey = $paths->nslist[ $this->namespace ] . $this->page_id; |
212 $pathskey = $paths->nslist[ $this->namespace ] . $this->page_id; |
217 $strict_no_headers = false; |
213 $strict_no_headers = false; |
218 $admin_fail = false; |
214 $admin_fail = false; |
219 if ( $this->namespace == 'Admin' && strstr($this->page_id, '/') ) |
215 if ( $this->namespace == 'Admin' && strstr($this->page_id, '/') ) |
220 { |
216 { |
221 if ( $this->send_headers ) |
|
222 { |
|
223 $template->init_vars($this); |
|
224 } |
|
225 $this->page_id = substr($this->page_id, 0, strpos($this->page_id, '/')); |
217 $this->page_id = substr($this->page_id, 0, strpos($this->page_id, '/')); |
226 $funcname = "page_{$this->namespace}_{$this->page_id}"; |
218 $funcname = "page_{$this->namespace}_{$this->page_id}"; |
227 if ( function_exists($funcname) ) |
219 if ( function_exists($funcname) ) |
228 { |
220 { |
229 $this->page_exists = true; |
221 $this->page_exists = true; |
230 } |
222 } |
231 } |
223 } |
232 if ( isPage($pathskey) ) |
224 if ( isPage($pathskey) ) |
233 { |
225 { |
234 if ( $this->send_headers ) |
226 $cdata = $this->ns->get_cdata(); |
235 { |
227 |
236 $template->init_vars($this); |
228 if ( $cdata['special'] == 1 ) |
237 } |
|
238 if ( $paths->pages[$pathskey]['special'] == 1 ) |
|
239 { |
229 { |
240 $this->send_headers = false; |
230 $this->send_headers = false; |
241 $strict_no_headers = true; |
231 $strict_no_headers = true; |
242 $GLOBALS['output'] = new Output_Naked(); |
232 $GLOBALS['output'] = new Output_Naked(); |
243 } |
233 } |
244 if ( isset($paths->pages[$pathskey]['password']) ) |
234 if ( isset($cdata['password']) ) |
245 { |
235 { |
246 if ( $paths->pages[$pathskey]['password'] != '' && $paths->pages[$pathskey]['password'] != sha1('') ) |
236 if ( $cdata['password'] != '' && $cdata['password'] != sha1('') ) |
247 { |
237 { |
248 $password =& $paths->pages[$pathskey]['password']; |
238 $password =& $cdata['password']; |
249 if ( $this->password != $password ) |
239 if ( $this->password != $password ) |
250 { |
240 { |
251 $this->err_wrong_password(); |
241 $this->err_wrong_password(); |
252 return false; |
242 return false; |
253 } |
243 } |
254 } |
244 } |
255 } |
245 } |
256 if ( isset($paths->pages[$pathskey]['require_admin']) && $paths->pages[$pathskey]['require_admin'] ) |
246 if ( isset($cdata['require_admin']) && $cdata['require_admin'] ) |
257 { |
247 { |
258 if ( $session->auth_level < USER_LEVEL_ADMIN ) |
248 if ( $session->auth_level < USER_LEVEL_ADMIN ) |
259 { |
249 { |
260 $admin_fail = true; |
250 $admin_fail = true; |
261 } |
251 } |
323 } |
308 } |
324 if ( !$this->page_exists ) |
309 if ( !$this->page_exists ) |
325 { |
310 { |
326 return ''; |
311 return ''; |
327 } |
312 } |
328 $pathskey = $paths->nslist[ $this->namespace ] . $this->page_id; |
313 $cdata = $this->ns->get_cdata(); |
329 if ( isPage($pathskey) ) |
314 if ( isset($cdata['password']) ) |
330 { |
315 { |
331 if ( isset($paths->pages[$pathskey]['password']) ) |
316 if ( $cdata['password'] != sha1('') && $cdata['password'] !== $this->password && !empty($cdata['password']) ) |
332 { |
317 { |
333 if ( $paths->pages[$pathskey]['password'] != sha1('') && $paths->pages[$pathskey]['password'] !== $this->password && !empty($paths->pages[$pathskey]['password']) ) |
318 return false; |
334 { |
|
335 return false; |
|
336 } |
|
337 } |
319 } |
338 } |
320 } |
339 return $this->fetch_text(); |
321 return $this->fetch_text(); |
340 } |
322 } |
341 |
323 |
460 $this->raise_error($db->get_error()); |
442 $this->raise_error($db->get_error()); |
461 return false; |
443 return false; |
462 } |
444 } |
463 |
445 |
464 // Set page_format |
446 // Set page_format |
465 $pathskey = $paths->nslist[ $this->namespace ] . $this->page_id; |
|
466 // Using @ due to warning thrown when saving new page |
447 // Using @ due to warning thrown when saving new page |
467 if ( @$paths->pages[ $pathskey ]['page_format'] !== $page_format ) |
448 $cdata = $this->ns->get_cdata(); |
|
449 if ( @$cdata['page_format'] !== $page_format ) |
468 { |
450 { |
469 // Note: no SQL injection to worry about here. Everything that goes into this is sanitized already, barring some rogue plugin. |
451 // Note: no SQL injection to worry about here. Everything that goes into this is sanitized already, barring some rogue plugin. |
470 // (and if there's a rogue plugin running, we have bigger things to worry about anyway.) |
452 // (and if there's a rogue plugin running, we have bigger things to worry about anyway.) |
471 if ( !$db->sql_query('UPDATE ' . table_prefix . "pages SET page_format = '$page_format' WHERE urlname = '$this->page_id' AND namespace = '$this->namespace';") ) |
453 if ( !$db->sql_query('UPDATE ' . table_prefix . "pages SET page_format = '$page_format' WHERE urlname = '$this->page_id' AND namespace = '$this->namespace';") ) |
472 { |
454 { |
904 'error' => 'invalid_parameter' |
886 'error' => 'invalid_parameter' |
905 ); |
887 ); |
906 } |
888 } |
907 |
889 |
908 // Retrieve page metadata |
890 // Retrieve page metadata |
909 $pathskey = $paths->nslist[ $this->namespace ] . $this->page_id; |
891 $metadata = $this->ns->get_cdata(); |
910 if ( !isPage($pathskey) ) |
|
911 { |
|
912 return array( |
|
913 'success' => false, |
|
914 'error' => 'page_metadata_not_found' |
|
915 ); |
|
916 } |
|
917 $metadata =& $paths->pages[$pathskey]; |
|
918 |
892 |
919 // Log the action |
893 // Log the action |
920 $username = $db->escape($session->username); |
894 $username = $db->escape($session->username); |
921 $time = time(); |
895 $time = time(); |
922 $existing_protection = intval($metadata['protected']); |
896 $existing_protection = intval($metadata['protected']); |
998 { |
972 { |
999 $stack = array_reverse($this->redirect_stack); |
973 $stack = array_reverse($this->redirect_stack); |
1000 foreach ( $stack as $oldtarget ) |
974 foreach ( $stack as $oldtarget ) |
1001 { |
975 { |
1002 $url = makeUrlNS($oldtarget[1], $oldtarget[0], 'redirect=no', true); |
976 $url = makeUrlNS($oldtarget[1], $oldtarget[0], 'redirect=no', true); |
1003 $page_id_key = $paths->nslist[ $oldtarget[1] ] . $oldtarget[0]; |
977 $page_data = $this->ns->get_cdata(); |
1004 $page_data = $paths->pages[$page_id_key]; |
|
1005 $title = ( isset($page_data['name']) ) ? $page_data['name'] : $paths->nslist[$oldtarget[1]] . htmlspecialchars( str_replace('_', ' ', dirtify_page_id( $oldtarget[0] ) ) ); |
978 $title = ( isset($page_data['name']) ) ? $page_data['name'] : $paths->nslist[$oldtarget[1]] . htmlspecialchars( str_replace('_', ' ', dirtify_page_id( $oldtarget[0] ) ) ); |
1006 $a = '<a href="' . $url . '">' . $title . '</a>'; |
979 $a = '<a href="' . $url . '">' . $title . '</a>'; |
1007 $output->add_after_header('<small>' . $lang->get('page_msg_redirected_from', array('from' => $a)) . '<br /></small>'); |
980 $output->add_after_header('<small>' . $lang->get('page_msg_redirected_from', array('from' => $a)) . '<br /></small>'); |
1008 } |
981 } |
1009 } |
982 } |
1123 { |
1096 { |
1124 $stack = array_reverse($this->redirect_stack); |
1097 $stack = array_reverse($this->redirect_stack); |
1125 foreach ( $stack as $oldtarget ) |
1098 foreach ( $stack as $oldtarget ) |
1126 { |
1099 { |
1127 $url = makeUrlNS($oldtarget[1], $oldtarget[0], 'redirect=no', true); |
1100 $url = makeUrlNS($oldtarget[1], $oldtarget[0], 'redirect=no', true); |
1128 $page_id_key = $paths->nslist[ $oldtarget[1] ] . $oldtarget[0]; |
1101 $old_page = namespace_factory($oldtarget[0], $oldtarget[1]); |
1129 $page_data = $paths->pages[$page_id_key]; |
1102 $page_data = $old_page->get_cdata(); |
1130 $title = ( isset($page_data['name']) ) ? $page_data['name'] : $paths->nslist[$oldtarget[1]] . htmlspecialchars( str_replace('_', ' ', dirtify_page_id( $oldtarget[0] ) ) ); |
1103 $title = ( isset($page_data['name']) ) ? $page_data['name'] : $paths->nslist[$oldtarget[1]] . htmlspecialchars( str_replace('_', ' ', dirtify_page_id( $oldtarget[0] ) ) ); |
1131 $a = '<a href="' . $url . '">' . $title . '</a>'; |
1104 $a = '<a href="' . $url . '">' . $title . '</a>'; |
1132 |
1105 |
1133 $url = makeUrlNS($this->namespace, $this->page_id, 'redirect=no', true); |
1106 $url = makeUrlNS($this->namespace, $this->page_id, 'redirect=no', true); |
1134 $page_id_key = $paths->nslist[ $this->namespace ] . $this->page_id; |
1107 $page_data = $this->ns->get_cdata(); |
1135 $page_data = $paths->pages[$page_id_key]; |
|
1136 $title = ( isset($page_data['name']) ) ? $page_data['name'] : $paths->nslist[$this->namespace] . htmlspecialchars( str_replace('_', ' ', dirtify_page_id( $this->page_id ) ) ); |
1108 $title = ( isset($page_data['name']) ) ? $page_data['name'] : $paths->nslist[$this->namespace] . htmlspecialchars( str_replace('_', ' ', dirtify_page_id( $this->page_id ) ) ); |
1137 $b = '<a href="' . $url . '">' . $title . '</a>'; |
1109 $b = '<a href="' . $url . '">' . $title . '</a>'; |
1138 |
1110 |
1139 $ob .= '<small>' . $lang->get('page_msg_redirected_from_to', array('from' => $a, 'to' => $b)) . '<br /></small>'; |
1111 $ob .= '<small>' . $lang->get('page_msg_redirected_from_to', array('from' => $a, 'to' => $b)) . '<br /></small>'; |
1140 } |
1112 } |