101 case "setwikimode": |
101 case "setwikimode": |
102 echo PageUtils::setwikimode($paths->cpage['urlname_nons'], $paths->namespace, (int)$_GET['mode']); |
102 echo PageUtils::setwikimode($paths->cpage['urlname_nons'], $paths->namespace, (int)$_GET['mode']); |
103 break; |
103 break; |
104 case "setpass": |
104 case "setpass": |
105 echo PageUtils::setpass($paths->cpage['urlname_nons'], $paths->namespace, $_POST['password']); |
105 echo PageUtils::setpass($paths->cpage['urlname_nons'], $paths->namespace, $_POST['password']); |
106 break; |
|
107 case "wikihelp": |
|
108 $html = file_get_contents('http://enanocms.org/ajax.php?title=Help:Wiki_formatting&_mode=getpage&nofooters'); |
|
109 $html = str_replace('src="/Special', 'src="http://enanocms.org/Special', $html); |
|
110 echo '<div class="contentDiv"><h2>Wiki formatting guide</h2>'.$html.'</div>'; |
|
111 break; |
106 break; |
112 case "fillusername": |
107 case "fillusername": |
113 $name = (isset($_GET['name'])) ? $db->escape($_GET['name']) : false; |
108 $name = (isset($_GET['name'])) ? $db->escape($_GET['name']) : false; |
114 if ( !$name ) |
109 if ( !$name ) |
115 { |
110 { |
223 $e = $db->sql_query('UPDATE ' . table_prefix . "users SET theme='$theme_id', style='$style_id' WHERE user_id=$session->user_id;"); |
218 $e = $db->sql_query('UPDATE ' . table_prefix . "users SET theme='$theme_id', style='$style_id' WHERE user_id=$session->user_id;"); |
224 if ( !$e ) |
219 if ( !$e ) |
225 die( $db->get_error() ); |
220 die( $db->get_error() ); |
226 die('GOOD'); |
221 die('GOOD'); |
227 break; |
222 break; |
|
223 case 'get_tags': |
|
224 $json = new Services_JSON(SERVICES_JSON_LOOSE_TYPE); |
|
225 |
|
226 $ret = array('tags' => array(), 'user_level' => $session->user_level, 'can_add' => $session->get_permissions('tag_create')); |
|
227 $q = $db->sql_query('SELECT t.tag_id, t.tag_name, pg.pg_target IS NULL AS used_in_acl, t.user FROM '.table_prefix.'tags AS t |
|
228 LEFT JOIN '.table_prefix.'page_groups AS pg |
|
229 ON ( ( pg.pg_type = ' . PAGE_GRP_TAGGED . ' AND pg.pg_target=t.tag_name ) OR ( pg.pg_type IS NULL AND pg.pg_target IS NULL ) ) |
|
230 WHERE t.page_id=\'' . $db->escape($paths->cpage['urlname_nons']) . '\' AND t.namespace=\'' . $db->escape($paths->namespace) . '\';'); |
|
231 if ( !$q ) |
|
232 $db->_die(); |
|
233 |
|
234 while ( $row = $db->fetchrow() ) |
|
235 { |
|
236 $can_del = ( |
|
237 ( $session->get_permissions('tag_delete_own') && $row['user'] == $session->user_id && $session->user_logged_in ) || // User created the tag and can remove own tags |
|
238 ( $session->get_permissions('tag_delete_other') && $row['used_in_acl'] != 1 ) || // User can remove tags and the tag isn't used in an ACL (page group) |
|
239 ( $row['used_in_acl'] == 1 && $session->get_permissions('tag_delete_own') && $session->get_permissions('tag_delete_other') && ( $session->get_permissions('edit_acl') || $session->user_level >= USER_LEVEL_ADMIN ) ) |
|
240 ); |
|
241 $ret['tags'][] = array( |
|
242 'id' => $row['tag_id'], |
|
243 'name' => $row['tag_name'], |
|
244 'can_del' => $can_del |
|
245 ); |
|
246 } |
|
247 |
|
248 echo $json->encode($ret); |
|
249 |
|
250 break; |
228 default: |
251 default: |
229 die('Hacking attempt'); |
252 die('Hacking attempt'); |
230 break; |
253 break; |
231 } |
254 } |
232 |
255 |