33 $filename = __FILE__; |
33 $filename = __FILE__; |
34 } |
34 } |
35 define('ENANO_ROOT', dirname($filename)); |
35 define('ENANO_ROOT', dirname($filename)); |
36 require(ENANO_ROOT.'/includes/functions.php'); |
36 require(ENANO_ROOT.'/includes/functions.php'); |
37 require(ENANO_ROOT.'/includes/dbal.php'); |
37 require(ENANO_ROOT.'/includes/dbal.php'); |
38 require(ENANO_ROOT.'/includes/json.php'); |
38 require(ENANO_ROOT.'/includes/json2.php'); |
39 |
39 |
40 require(ENANO_ROOT . '/config.php'); |
40 require(ENANO_ROOT . '/config.php'); |
41 unset($dbuser, $dbpasswd); |
41 unset($dbuser, $dbpasswd); |
42 if ( !isset($dbdriver) ) |
42 if ( !isset($dbdriver) ) |
43 $dbdriver = 'mysql'; |
43 $dbdriver = 'mysql'; |
94 switch($_GET['_mode']) { |
94 switch($_GET['_mode']) { |
95 case "checkusername": |
95 case "checkusername": |
96 echo PageUtils::checkusername($_GET['name']); |
96 echo PageUtils::checkusername($_GET['name']); |
97 break; |
97 break; |
98 case "getsource": |
98 case "getsource": |
|
99 header('Content-type: application/json'); |
99 $password = ( isset($_GET['pagepass']) ) ? $_GET['pagepass'] : false; |
100 $password = ( isset($_GET['pagepass']) ) ? $_GET['pagepass'] : false; |
100 $page = new PageProcessor($paths->page_id, $paths->namespace); |
101 $page = new PageProcessor($paths->page_id, $paths->namespace); |
101 $page->password = $password; |
102 $page->password = $password; |
102 if ( $src = $page->fetch_source() ) |
103 if ( $src = $page->fetch_source() ) |
103 { |
104 { |
104 echo $src; |
105 $allowed = true; |
105 } |
106 } |
106 else if ( $src !== false ) |
107 else if ( $src !== false ) |
107 { |
108 { |
108 echo ''; |
109 $allowed = true; |
|
110 $src = ''; |
109 } |
111 } |
110 else |
112 else |
111 { |
113 { |
112 echo 'err_access_denied'; |
114 $allowed = false; |
113 } |
115 $src = ''; |
|
116 } |
|
117 $return = array( |
|
118 'mode' => 'editor', |
|
119 'src' => $src, |
|
120 'auth_view_source' => $allowed, |
|
121 'auth_edit' => $session->get_permissions('edit_page'), |
|
122 'time' => time() |
|
123 ); |
|
124 echo enano_json_encode($return); |
114 break; |
125 break; |
115 case "getpage": |
126 case "getpage": |
116 // echo PageUtils::getpage($paths->page, false, ( (isset($_GET['oldid'])) ? $_GET['oldid'] : false )); |
127 // echo PageUtils::getpage($paths->page, false, ( (isset($_GET['oldid'])) ? $_GET['oldid'] : false )); |
117 $revision_id = ( (isset($_GET['oldid'])) ? intval($_GET['oldid']) : 0 ); |
128 $revision_id = ( (isset($_GET['oldid'])) ? intval($_GET['oldid']) : 0 ); |
118 $page = new PageProcessor( $paths->page_id, $paths->namespace, $revision_id ); |
129 $page = new PageProcessor( $paths->page_id, $paths->namespace, $revision_id ); |
133 } |
144 } |
134 else |
145 else |
135 { |
146 { |
136 echo '<p>Error saving the page: '.$e.'</p>'; |
147 echo '<p>Error saving the page: '.$e.'</p>'; |
137 } |
148 } |
|
149 break; |
|
150 case "savepage_json": |
|
151 header('Content-type: application/json'); |
|
152 if ( !isset($_POST['r']) ) |
|
153 die('Invalid request'); |
|
154 |
|
155 $request = enano_json_decode($_POST['r']); |
|
156 if ( !isset($request['src']) || !isset($request['summary']) || !isset($request['minor_edit']) || !isset($request['time']) ) |
|
157 die('Invalid request'); |
|
158 |
|
159 $time = intval($request['time']); |
|
160 |
|
161 // Verify that no edits have been made since the editor was requested |
|
162 $q = $db->sql_query('SELECT time_id, author FROM ' . table_prefix . "logs WHERE log_type = 'page' AND action = 'edit' AND page_id = '{$paths->page_id}' AND namespace = '{$paths->namespace}' ORDER BY time_id DESC LIMIT 1;"); |
|
163 if ( !$q ) |
|
164 $db->die_json(); |
|
165 |
|
166 $row = $db->fetchrow(); |
|
167 $db->free_result(); |
|
168 |
|
169 if ( $row['time_id'] > $time ) |
|
170 { |
|
171 $return = array( |
|
172 'mode' => 'obsolete', |
|
173 'author' => $row['author'], |
|
174 'date_string' => date('d M Y h:i a', $row['time_id']), |
|
175 'time' => $row['time_id'] // time() ??? |
|
176 ); |
|
177 echo enano_json_encode($return); |
|
178 break; |
|
179 } |
|
180 |
|
181 // Verification complete. Start the PageProcessor and let it do the dirty work for us. |
|
182 $page = new PageProcessor($paths->page_id, $paths->namespace); |
|
183 if ( $page->update_page($request['src'], $request['summary'], ( $request['minor_edit'] == 1 )) ) |
|
184 { |
|
185 $return = array( |
|
186 'mode' => 'success' |
|
187 ); |
|
188 } |
|
189 else |
|
190 { |
|
191 $errors = array(); |
|
192 while ( $err = $page->pop_error() ) |
|
193 { |
|
194 $errors[] = $err; |
|
195 } |
|
196 $return = array( |
|
197 'mode' => 'errors', |
|
198 'errors' => array_values($errors) |
|
199 ); |
|
200 } |
|
201 |
|
202 echo enano_json_encode($return); |
|
203 |
|
204 break; |
|
205 case "diff_cur": |
|
206 |
|
207 // Lie about our content type to fool ad scripts |
|
208 header('Content-type: application/xhtml+xml'); |
|
209 |
|
210 if ( !isset($_POST['text']) ) |
|
211 die('Invalid request'); |
|
212 |
|
213 $page = new PageProcessor($paths->page_id, $paths->namespace); |
|
214 if ( !($src = $page->fetch_source()) ) |
|
215 { |
|
216 die('Access denied'); |
|
217 } |
|
218 |
|
219 $diff = RenderMan::diff($src, $_POST['text']); |
|
220 if ( $diff == '<table class="diff"></table>' ) |
|
221 { |
|
222 $diff = '<p>' . $lang->get('editor_msg_diff_empty') . '</p>'; |
|
223 } |
|
224 |
|
225 echo '<div class="info-box">' . $lang->get('editor_msg_diff') . '</div>'; |
|
226 echo $diff; |
|
227 |
138 break; |
228 break; |
139 case "protect": |
229 case "protect": |
140 echo PageUtils::protect($paths->page_id, $paths->namespace, (int)$_POST['level'], $_POST['reason']); |
230 echo PageUtils::protect($paths->page_id, $paths->namespace, (int)$_POST['level'], $_POST['reason']); |
141 break; |
231 break; |
142 case "histlist": |
232 case "histlist": |