includes/pageutils.php
changeset 1103 90225c988124
parent 1081 745200a9cc2a
child 1114 4f4d63a281cd
equal deleted inserted replaced
1102:faef5e62e1e0 1103:90225c988124
     1 <?php
     1 <?php
     2 
     2 
     3 /*
     3 /*
     4  * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
     4  * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
     5  * Version 1.1.6 (Caoineag beta 1)
     5  * Copyright (C) 2006-2009 Dan Fuhry
     6  * Copyright (C) 2006-2008 Dan Fuhry
       
     7  * pageutils.php - a class that handles raw page manipulations, used mostly by AJAX requests or their old-fashioned form-based counterparts
     6  * pageutils.php - a class that handles raw page manipulations, used mostly by AJAX requests or their old-fashioned form-based counterparts
     8  *
     7  *
     9  * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
     8  * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
    10  * as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
     9  * as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
    11  *
    10  *
   203     
   202     
   204     $paths->add_page($page_data);
   203     $paths->add_page($page_data);
   205     
   204     
   206     $qa = $db->sql_query('INSERT INTO ' . table_prefix.'pages(name,urlname,namespace,visible,protected,delvote_ips) VALUES(\'' . $db->escape($name) . '\', \'' . $db->escape($page_id) . '\', \'' . $namespace . '\', '. ( $visible ? '1' : '0' ) .', ' . $prot . ', \'' . $db->escape(serialize($ips)) . '\');');
   205     $qa = $db->sql_query('INSERT INTO ' . table_prefix.'pages(name,urlname,namespace,visible,protected,delvote_ips) VALUES(\'' . $db->escape($name) . '\', \'' . $db->escape($page_id) . '\', \'' . $namespace . '\', '. ( $visible ? '1' : '0' ) .', ' . $prot . ', \'' . $db->escape(serialize($ips)) . '\');');
   207     $qb = $db->sql_query('INSERT INTO ' . table_prefix.'page_text(page_id,namespace) VALUES(\'' . $db->escape($page_id) . '\', \'' . $namespace . '\');');
   206     $qb = $db->sql_query('INSERT INTO ' . table_prefix.'page_text(page_id,namespace) VALUES(\'' . $db->escape($page_id) . '\', \'' . $namespace . '\');');
   208     $qc = $db->sql_query('INSERT INTO ' . table_prefix.'logs(time_id,date_string,log_type,action,author,page_id,namespace) VALUES('.time().', \''.enano_date('d M Y h:i a').'\', \'page\', \'create\', \'' . $session->username . '\', \'' . $db->escape($page_id) . '\', \'' . $namespace . '\');');
   207     $qc = $db->sql_query('INSERT INTO ' . table_prefix.'logs(time_id,date_string,log_type,action,author,page_id,namespace) VALUES('.time().', \'DEPRECATED\', \'page\', \'create\', \'' . $session->username . '\', \'' . $db->escape($page_id) . '\', \'' . $namespace . '\');');
   209     
   208     
   210     if($qa && $qb && $qc)
   209     if($qa && $qb && $qc)
   211       return 'good';
   210       return 'good';
   212     else
   211     else
   213     {
   212     {
   330         }
   329         }
   331         if($ticker > 1)        echo '<td class="' . $cls . '" style="padding: 0;"><input ' . $s1 . 'name="diff1" type="radio" value="' . $r['time_id'] . '" id="diff1_' . $r['time_id'] . '" class="clsDiff1Radio" onclick="selectDiff1Button(this);" /></td>'."\n"; else echo '<td class="' . $cls . '"></td>';
   330         if($ticker > 1)        echo '<td class="' . $cls . '" style="padding: 0;"><input ' . $s1 . 'name="diff1" type="radio" value="' . $r['time_id'] . '" id="diff1_' . $r['time_id'] . '" class="clsDiff1Radio" onclick="selectDiff1Button(this);" /></td>'."\n"; else echo '<td class="' . $cls . '"></td>';
   332         if($ticker < $numrows) echo '<td class="' . $cls . '" style="padding: 0;"><input ' . $s2 . 'name="diff2" type="radio" value="' . $r['time_id'] . '" id="diff2_' . $r['time_id'] . '" class="clsDiff2Radio" onclick="selectDiff2Button(this);" /></td>'."\n"; else echo '<td class="' . $cls . '"></td>';
   331         if($ticker < $numrows) echo '<td class="' . $cls . '" style="padding: 0;"><input ' . $s2 . 'name="diff2" type="radio" value="' . $r['time_id'] . '" id="diff2_' . $r['time_id'] . '" class="clsDiff2Radio" onclick="selectDiff2Button(this);" /></td>'."\n"; else echo '<td class="' . $cls . '"></td>';
   333         
   332         
   334         // Date and time
   333         // Date and time
   335         echo '<td class="' . $cls . '" style="white-space: nowrap;">' . enano_date('d M Y h:i a', intval($r['time_id'])) . '</td class="' . $cls . '">'."\n";
   334         echo '<td class="' . $cls . '" style="white-space: nowrap;">' . enano_date(ED_DATE | ED_TIME, intval($r['time_id'])) . '</td class="' . $cls . '">'."\n";
   336         
   335         
   337         // User
   336         // User
   338         if ( $session->get_permissions('mod_misc') && is_valid_ip($r['author']) )
   337         if ( $session->get_permissions('mod_misc') && is_valid_ip($r['author']) )
   339         {
   338         {
   340           $rc = ' style="cursor: pointer;" title="' . $lang->get('history_tip_rdns') . '" onclick="ajaxReverseDNS(this, \'' . $r['author'] . '\');"';
   339           $rc = ' style="cursor: pointer;" title="' . $lang->get('history_tip_rdns') . '" onclick="ajaxReverseDNS(this, \'' . $r['author'] . '\');"';
   406         else $cls = 'row2';
   405         else $cls = 'row2';
   407         
   406         
   408         echo '<tr>';
   407         echo '<tr>';
   409         
   408         
   410         // Date and time
   409         // Date and time
   411         echo '<td class="' . $cls . '">' . enano_date('d M Y h:i a', intval($r['time_id'])) . '</td class="' . $cls . '">';
   410         echo '<td class="' . $cls . '">' . enano_date(ED_DATE | ED_TIME, intval($r['time_id'])) . '</td class="' . $cls . '">';
   412         
   411         
   413         // User
   412         // User
   414         echo '<td class="' . $cls . '"><a href="'.makeUrlNS('User', sanitize_page_id($r['author'])).'" ';
   413         echo '<td class="' . $cls . '"><a href="'.makeUrlNS('User', sanitize_page_id($r['author'])).'" ';
   415         if(!isPage($paths->nslist['User'] . sanitize_page_id($r['author']))) echo 'class="wikilink-nonexistent"';
   414         if(!isPage($paths->nslist['User'] . sanitize_page_id($r['author']))) echo 'class="wikilink-nonexistent"';
   416         echo '>' . $r['author'] . '</a></td class="' . $cls . '">';
   415         echo '>' . $r['author'] . '</a></td class="' . $cls . '">';
   628         $s = $row['subject'];
   627         $s = $row['subject'];
   629         if(!$row['approved']) $s .= ' <span style="color: #D84308">' . $lang->get('comment_msg_note_unapp') . '</span>';
   628         if(!$row['approved']) $s .= ' <span style="color: #D84308">' . $lang->get('comment_msg_note_unapp') . '</span>';
   630         $strings['SUBJECT'] = $s;
   629         $strings['SUBJECT'] = $s;
   631         
   630         
   632         // Date and time
   631         // Date and time
   633         $strings['DATETIME'] = enano_date('F d, Y h:i a', $row['time']);
   632         $strings['DATETIME'] = enano_date(ED_DATE | ED_TIME, $row['time']);
   634         
   633         
   635         // User level
   634         // User level
   636         switch($row['user_level'])
   635         switch($row['user_level'])
   637         {
   636         {
   638           default:
   637           default:
  1009       $e = $db->sql_query('SELECT page_text,char_tag FROM ' . table_prefix.'page_text WHERE page_id=\'' . $page_id . '\' AND namespace=\'' . $namespace . '\';');
  1008       $e = $db->sql_query('SELECT page_text,char_tag FROM ' . table_prefix.'page_text WHERE page_id=\'' . $page_id . '\' AND namespace=\'' . $namespace . '\';');
  1010       if(!$e) $db->_die('The current page text could not be selected; as a result, creating the backup of the page failed. Please make a backup copy of the page by clicking Edit this page and then clicking Save Changes.');
  1009       if(!$e) $db->_die('The current page text could not be selected; as a result, creating the backup of the page failed. Please make a backup copy of the page by clicking Edit this page and then clicking Save Changes.');
  1011       $row = $db->fetchrow();
  1010       $row = $db->fetchrow();
  1012       $db->free_result();
  1011       $db->free_result();
  1013       $minor_edit = ( ENANO_DBLAYER == 'MYSQL' ) ? 'false' : '0';
  1012       $minor_edit = ( ENANO_DBLAYER == 'MYSQL' ) ? 'false' : '0';
  1014       $q='INSERT INTO ' . table_prefix.'logs(log_type,action,time_id,date_string,page_id,namespace,page_text,char_tag,author,edit_summary,minor_edit) VALUES(\'page\', \'edit\', '.time().', \''.enano_date('d M Y h:i a').'\', \'' . $page_id . '\', \'' . $namespace . '\', \'' . $db->escape($row['page_text']) . '\', \'' . $row['char_tag'] . '\', \'' . $session->username . '\', \''."Automatic backup created when logs were purged".'\', '.$minor_edit.');';
  1013       $q='INSERT INTO ' . table_prefix.'logs(log_type,action,time_id,date_string,page_id,namespace,page_text,char_tag,author,edit_summary,minor_edit) VALUES(\'page\', \'edit\', '.time().', \''.enano_date(ED_DATE | ED_TIME).'\', \'' . $page_id . '\', \'' . $namespace . '\', \'' . $db->escape($row['page_text']) . '\', \'' . $row['char_tag'] . '\', \'' . $session->username . '\', \''."Automatic backup created when logs were purged".'\', '.$minor_edit.');';
  1015       if(!$db->sql_query($q)) $db->_die('The history (log) entry could not be inserted into the logs table.');
  1014       if(!$db->sql_query($q)) $db->_die('The history (log) entry could not be inserted into the logs table.');
  1016     }
  1015     }
  1017     return $lang->get('ajax_clearlogs_success');
  1016     return $lang->get('ajax_clearlogs_success');
  1018   }
  1017   }
  1019   
  1018   
  1041     if ( !$session->sid_super )
  1040     if ( !$session->sid_super )
  1042     {
  1041     {
  1043       return $lang->get('etc_access_denied_need_reauth');
  1042       return $lang->get('etc_access_denied_need_reauth');
  1044     }
  1043     }
  1045     
  1044     
  1046     $e = $db->sql_query('INSERT INTO ' . table_prefix.'logs(time_id,date_string,log_type,action,page_id,namespace,author,edit_summary) VALUES('.time().', \''.enano_date('d M Y h:i a').'\', \'page\', \'delete\', \'' . $page_id . '\', \'' . $namespace . '\', \'' . $session->username . '\', \'' . $db->escape(htmlspecialchars($reason)) . '\')');
  1045     $e = $db->sql_query('INSERT INTO ' . table_prefix.'logs(time_id,date_string,log_type,action,page_id,namespace,author,edit_summary) VALUES('.time().', \''.enano_date(ED_DATE | ED_TIME).'\', \'page\', \'delete\', \'' . $page_id . '\', \'' . $namespace . '\', \'' . $session->username . '\', \'' . $db->escape(htmlspecialchars($reason)) . '\')');
  1047     if(!$e) $db->_die('The page log entry could not be inserted.');
  1046     if(!$e) $db->_die('The page log entry could not be inserted.');
  1048     $e = $db->sql_query('DELETE FROM ' . table_prefix.'categories WHERE page_id=\'' . $page_id . '\' AND namespace=\'' . $namespace . '\'');
  1047     $e = $db->sql_query('DELETE FROM ' . table_prefix.'categories WHERE page_id=\'' . $page_id . '\' AND namespace=\'' . $namespace . '\'');
  1049     if(!$e) $db->_die('The page categorization entries could not be deleted.');
  1048     if(!$e) $db->_die('The page categorization entries could not be deleted.');
  1050     $e = $db->sql_query('DELETE FROM ' . table_prefix.'comments WHERE page_id=\'' . $page_id . '\' AND namespace=\'' . $namespace . '\'');
  1049     $e = $db->sql_query('DELETE FROM ' . table_prefix.'comments WHERE page_id=\'' . $page_id . '\' AND namespace=\'' . $namespace . '\'');
  1051     if(!$e) $db->_die('The page comments could not be deleted.');
  1050     if(!$e) $db->_die('The page comments could not be deleted.');
  1598       if(sizeof($row1) < 1 || sizeof($row2) < 2)
  1597       if(sizeof($row1) < 1 || sizeof($row2) < 2)
  1599         return 'Couldn\'t find any rows that matched the query. The time ID probably doesn\'t exist in the logs table.';
  1598         return 'Couldn\'t find any rows that matched the query. The time ID probably doesn\'t exist in the logs table.';
  1600     }
  1599     }
  1601     $text1 = $row1['page_text'];
  1600     $text1 = $row1['page_text'];
  1602     $text2 = $row2['page_text'];
  1601     $text2 = $row2['page_text'];
  1603     $time1 = enano_date('F d, Y h:i a', $row1['time_id']);
  1602     $time1 = enano_date(ED_DATE | ED_TIME, $row1['time_id']);
  1604     $time2 = enano_date('F d, Y h:i a', $row2['time_id']);
  1603     $time2 = enano_date(ED_DATE | ED_TIME, $row2['time_id']);
  1605     $_ob = "
  1604     $_ob = "
  1606     <p>" . $lang->get('history_lbl_comparingrevisions') . " {$time1} &rarr; {$time2}</p>
  1605     <p>" . $lang->get('history_lbl_comparingrevisions') . " {$time1} &rarr; {$time2}</p>
  1607     ";
  1606     ";
  1608     // Free some memory
  1607     // Free some memory
  1609     unset($row1, $row2, $q1, $q2);
  1608     unset($row1, $row2, $q1, $q2);