ajax.php
changeset 335 67bd3121a12e
parent 334 c72b545f1304
child 336 bfa2e9c23f03
equal deleted inserted replaced
334:c72b545f1304 335:67bd3121a12e
    33       $filename = __FILE__;
    33       $filename = __FILE__;
    34     }
    34     }
    35     define('ENANO_ROOT', dirname($filename));
    35     define('ENANO_ROOT', dirname($filename));
    36     require(ENANO_ROOT.'/includes/functions.php');
    36     require(ENANO_ROOT.'/includes/functions.php');
    37     require(ENANO_ROOT.'/includes/dbal.php');
    37     require(ENANO_ROOT.'/includes/dbal.php');
    38     require(ENANO_ROOT.'/includes/json.php');
    38     require(ENANO_ROOT.'/includes/json2.php');
    39     
    39     
    40     require(ENANO_ROOT . '/config.php');
    40     require(ENANO_ROOT . '/config.php');
    41     unset($dbuser, $dbpasswd);
    41     unset($dbuser, $dbpasswd);
    42     if ( !isset($dbdriver) )
    42     if ( !isset($dbdriver) )
    43       $dbdriver = 'mysql';
    43       $dbdriver = 'mysql';
    94   switch($_GET['_mode']) {
    94   switch($_GET['_mode']) {
    95     case "checkusername":
    95     case "checkusername":
    96       echo PageUtils::checkusername($_GET['name']);
    96       echo PageUtils::checkusername($_GET['name']);
    97       break;
    97       break;
    98     case "getsource":
    98     case "getsource":
       
    99       header('Content-type: application/json');
    99       $password = ( isset($_GET['pagepass']) ) ? $_GET['pagepass'] : false;
   100       $password = ( isset($_GET['pagepass']) ) ? $_GET['pagepass'] : false;
   100       $page = new PageProcessor($paths->page_id, $paths->namespace);
   101       $page = new PageProcessor($paths->page_id, $paths->namespace);
   101       $page->password = $password;
   102       $page->password = $password;
   102       if ( $src = $page->fetch_source() )
   103       if ( $src = $page->fetch_source() )
   103       {
   104       {
   104         echo $src;
   105         $allowed = true;
   105       }
   106       }
   106       else if ( $src !== false )
   107       else if ( $src !== false )
   107       {
   108       {
   108         echo '';
   109         $allowed = true;
       
   110         $src = '';
   109       }
   111       }
   110       else
   112       else
   111       {
   113       {
   112         echo 'err_access_denied';
   114         $allowed = false;
   113       }
   115         $src = '';
       
   116       }
       
   117       $return = array(
       
   118           'mode' => 'editor',
       
   119           'src' => $src,
       
   120           'auth_view_source' => $allowed,
       
   121           'auth_edit' => $session->get_permissions('edit_page'),
       
   122           'time' => time()
       
   123         );
       
   124       echo enano_json_encode($return);
   114       break;
   125       break;
   115     case "getpage":
   126     case "getpage":
   116       // echo PageUtils::getpage($paths->page, false, ( (isset($_GET['oldid'])) ? $_GET['oldid'] : false ));
   127       // echo PageUtils::getpage($paths->page, false, ( (isset($_GET['oldid'])) ? $_GET['oldid'] : false ));
   117       $revision_id = ( (isset($_GET['oldid'])) ? intval($_GET['oldid']) : 0 );
   128       $revision_id = ( (isset($_GET['oldid'])) ? intval($_GET['oldid']) : 0 );
   118       $page = new PageProcessor( $paths->page_id, $paths->namespace, $revision_id );
   129       $page = new PageProcessor( $paths->page_id, $paths->namespace, $revision_id );
   133       }
   144       }
   134       else
   145       else
   135       {
   146       {
   136         echo '<p>Error saving the page: '.$e.'</p>';
   147         echo '<p>Error saving the page: '.$e.'</p>';
   137       }
   148       }
       
   149       break;
       
   150     case "savepage_json":
       
   151       header('Content-type: application/json');
       
   152       if ( !isset($_POST['r']) )
       
   153         die('Invalid request');
       
   154       
       
   155       $request = enano_json_decode($_POST['r']);
       
   156       if ( !isset($request['src']) || !isset($request['summary']) || !isset($request['minor_edit']) || !isset($request['time']) )
       
   157         die('Invalid request');
       
   158       
       
   159       $time = intval($request['time']);
       
   160       
       
   161       // Verify that no edits have been made since the editor was requested
       
   162       $q = $db->sql_query('SELECT time_id, author FROM ' . table_prefix . "logs WHERE log_type = 'page' AND action = 'edit' AND page_id = '{$paths->page_id}' AND namespace = '{$paths->namespace}' ORDER BY time_id DESC LIMIT 1;");
       
   163       if ( !$q )
       
   164         $db->die_json();
       
   165       
       
   166       $row = $db->fetchrow();
       
   167       $db->free_result();
       
   168       
       
   169       if ( $row['time_id'] > $time )
       
   170       {
       
   171         $return = array(
       
   172           'mode' => 'obsolete',
       
   173           'author' => $row['author'],
       
   174           'date_string' => date('d M Y h:i a', $row['time_id']),
       
   175           'time' => $row['time_id'] // time() ???
       
   176           );
       
   177         echo enano_json_encode($return);
       
   178         break;
       
   179       }
       
   180       
       
   181       // Verification complete. Start the PageProcessor and let it do the dirty work for us.
       
   182       $page = new PageProcessor($paths->page_id, $paths->namespace);
       
   183       if ( $page->update_page($request['src'], $request['summary'], ( $request['minor_edit'] == 1 )) )
       
   184       {
       
   185         $return = array(
       
   186             'mode' => 'success'
       
   187           );
       
   188       }
       
   189       else
       
   190       {
       
   191         $errors = array();
       
   192         while ( $err = $page->pop_error() )
       
   193         {
       
   194           $errors[] = $err;
       
   195         }
       
   196         $return = array(
       
   197           'mode' => 'errors',
       
   198           'errors' => array_values($errors)
       
   199           );
       
   200       }
       
   201       
       
   202       echo enano_json_encode($return);
       
   203       
       
   204       break;
       
   205     case "diff_cur":
       
   206       
       
   207       // Lie about our content type to fool ad scripts
       
   208       header('Content-type: application/xhtml+xml');
       
   209       
       
   210       if ( !isset($_POST['text']) )
       
   211         die('Invalid request');
       
   212       
       
   213       $page = new PageProcessor($paths->page_id, $paths->namespace);
       
   214       if ( !($src = $page->fetch_source()) )
       
   215       {
       
   216         die('Access denied');
       
   217       }
       
   218       
       
   219       $diff = RenderMan::diff($src, $_POST['text']);
       
   220       if ( $diff == '<table class="diff"></table>' )
       
   221       {
       
   222         $diff = '<p>' . $lang->get('editor_msg_diff_empty') . '</p>';
       
   223       }
       
   224       
       
   225       echo '<div class="info-box">' . $lang->get('editor_msg_diff') . '</div>';
       
   226       echo $diff;
       
   227       
   138       break;
   228       break;
   139     case "protect":
   229     case "protect":
   140       echo PageUtils::protect($paths->page_id, $paths->namespace, (int)$_POST['level'], $_POST['reason']);
   230       echo PageUtils::protect($paths->page_id, $paths->namespace, (int)$_POST['level'], $_POST['reason']);
   141       break;
   231       break;
   142     case "histlist":
   232     case "histlist":