diff -r de56132c008d -r bdac73ed481e plugins/SpecialLog.php
--- a/plugins/SpecialLog.php Sun Mar 28 21:49:26 2010 -0400
+++ b/plugins/SpecialLog.php Sun Mar 28 23:10:46 2010 -0400
@@ -1,12 +1,12 @@
fetch_page_acl($pid, 'Article');
- $perms_changed = false;
-
- require_once(ENANO_ROOT . '/includes/log.php');
- $log = new LogDisplay();
- $page = 1;
- $pagesize = 50;
- $fmt = 'full';
-
- if ( $params = $paths->getAllParams() )
- {
- if ( $params === 'AddFilter' && !empty($_POST['type']) && !empty($_POST['value']) )
- {
- $type = $_POST['type'];
- if ( $type == 'within' )
- $value = strval(intval($_POST['value']['within'])) . $_POST['value']['withinunits'];
- else
- $value = $_POST['value'][$type];
-
- if ( !ctype_digit($value) )
- $value = str_replace('/', '.2f', sanitize_page_id($value));
-
- if ( $value !== '0' && (empty($value) || ( $type == 'within' && intval($value) == 0 )) )
- {
- $adderror = $lang->get('log_err_addfilter_field_empty');
- }
- else
- {
- $append = ( !empty($_POST['existing_filters']) ) ? "{$_POST['existing_filters']}/" : '';
- $url = makeUrlNS('Special', "Log/{$append}{$type}={$value}");
-
- redirect($url, '', '', 0);
- }
- }
- $params = explode('/', $params);
- foreach ( $params as $i => $param )
- {
- $param = str_replace('.2f', '/', dirtify_page_id($param));
- if ( preg_match('/^([a-z]+)!?=(.+?)$/', $param, $match) )
- {
- $name =& $match[1];
- $value =& $match[2];
- switch($name)
- {
- case 'resultpage':
- $page = intval($value);
- break;
- case 'size':
- $pagesize = intval($value);
- break;
- case 'fmt':
- switch($value)
- {
- case 'barenaked':
- case 'ajax':
- $fmt = 'naked';
- $output = new Output_Naked();
- break;
- }
- break;
- case 'page':
- // tolerate slashes
- $j = $i;
- while ( true )
- {
- if ( isset($params[++$j]) )
- {
- if ( preg_match('/^([a-z]+)!?=(.+?)$/', $params[$j]) )
- break;
-
- $value .= '/' . $params[$j];
- }
- else
- {
- break;
- }
- }
- if ( get_class($perms) == 'sessionManager' )
- {
- unset($perms);
- list($pid, $ns) = RenderMan::strToPageID($value);
- $perms = $session->fetch_page_acl($pid, $ns);
- if ( !$perms->get_permissions('history_view') )
- {
- die_friendly($lang->get('etc_access_denied_short'), '' . $lang->get('log_err_access_denied') . '
');
- }
- }
- // no break here on purpose
- default:
- try
- {
- $log->add_criterion($name, $value);
- }
- catch ( Exception $e )
- {
- }
- break;
- }
- }
- }
- }
- if ( !$perms->get_permissions('history_view') )
- {
- die_friendly($lang->get('etc_access_denied_short'), '' . $lang->get('log_err_access_denied') . '
');
- }
-
- $page--;
- $rowcount = $log->get_row_count();
- $paramsbit = rtrim(preg_replace('|/?resultpage=([0-9]+)/?|', '/', $paths->getAllParams()), '/');
- $paramsbit = ( !empty($paramsbit) ) ? "/$paramsbit" : '';
- $result_url = makeUrlNS('Special', 'Log' . $paramsbit . '/resultpage=%s', false, true);
- $paginator = generate_paginator($page, ceil($rowcount / $pagesize), $result_url);
-
- $dataset = $log->get_data($page * $pagesize, $pagesize);
-
- $output->header();
-
- // breadcrumbs
- if ( $fmt != 'naked' )
- {
- echo '';
- echo speciallog_generate_breadcrumbs($log->get_criteria());
- echo '
';
-
- // form
- ?>
-
-
-
-
-
-
-
- ';
- }
-
- if ( $rowcount > 0 )
- {
- // we have some results, show pagination + result list
- echo '' . $lang->get('log_heading_logdisplay') . '
';
-
- echo $paginator;
- // padding
- echo '';
- foreach ( $dataset as $row )
- {
- echo LogDisplay::render_row($row) . '
';
- }
- echo $paginator;
- }
- else
- {
- // no results
- echo '' . $lang->get('log_msg_no_results') . '
';
- }
-
- if ( $fmt != 'naked' )
- echo ' ';
-
- $output->footer();
+ global $db, $session, $paths, $template, $plugins; // Common objects
+ global $lang;
+ global $output;
+
+ // FIXME: This doesn't currently prohibit viewing of aggregate logs that might include a page for which
+ // we don't have permission to view history. It does, however, block access if a list of pages is given
+ // and one of those doesn't allow history_view.
+
+ // FIXME: This is a real hack. We're trying to get permissions on a random non-existent article, which
+ // effectively forces calculation to occur based on site-wide permissions.
+ $pid = '';
+ for ( $i = 0; $i < 32; $i++ )
+ {
+ $pid .= chr(mt_rand(32, 126));
+ }
+ $perms = $session->fetch_page_acl($pid, 'Article');
+ $perms_changed = false;
+
+ require_once(ENANO_ROOT . '/includes/log.php');
+ $log = new LogDisplay();
+ $page = 1;
+ $pagesize = 50;
+ $fmt = 'full';
+
+ if ( $params = $paths->getAllParams() )
+ {
+ if ( $params === 'AddFilter' && !empty($_POST['type']) && !empty($_POST['value']) )
+ {
+ $type = $_POST['type'];
+ if ( $type == 'within' )
+ $value = strval(intval($_POST['value']['within'])) . $_POST['value']['withinunits'];
+ else
+ $value = $_POST['value'][$type];
+
+ if ( !ctype_digit($value) )
+ $value = str_replace('/', '.2f', sanitize_page_id($value));
+
+ if ( $value !== '0' && (empty($value) || ( $type == 'within' && intval($value) == 0 )) )
+ {
+ $adderror = $lang->get('log_err_addfilter_field_empty');
+ }
+ else
+ {
+ $append = ( !empty($_POST['existing_filters']) ) ? "{$_POST['existing_filters']}/" : '';
+ $url = makeUrlNS('Special', "Log/{$append}{$type}={$value}");
+
+ redirect($url, '', '', 0);
+ }
+ }
+ $params = explode('/', $params);
+ foreach ( $params as $i => $param )
+ {
+ $param = str_replace('.2f', '/', dirtify_page_id($param));
+ if ( preg_match('/^([a-z]+)!?=(.+?)$/', $param, $match) )
+ {
+ $name =& $match[1];
+ $value =& $match[2];
+ switch($name)
+ {
+ case 'resultpage':
+ $page = intval($value);
+ break;
+ case 'size':
+ $pagesize = intval($value);
+ break;
+ case 'fmt':
+ switch($value)
+ {
+ case 'barenaked':
+ case 'ajax':
+ $fmt = 'naked';
+ $output = new Output_Naked();
+ break;
+ }
+ break;
+ case 'page':
+ // tolerate slashes
+ $j = $i;
+ while ( true )
+ {
+ if ( isset($params[++$j]) )
+ {
+ if ( preg_match('/^([a-z]+)!?=(.+?)$/', $params[$j]) )
+ break;
+
+ $value .= '/' . $params[$j];
+ }
+ else
+ {
+ break;
+ }
+ }
+ if ( get_class($perms) == 'sessionManager' )
+ {
+ unset($perms);
+ list($pid, $ns) = RenderMan::strToPageID($value);
+ $perms = $session->fetch_page_acl($pid, $ns);
+ if ( !$perms->get_permissions('history_view') )
+ {
+ die_friendly($lang->get('etc_access_denied_short'), '' . $lang->get('log_err_access_denied') . '
');
+ }
+ }
+ // no break here on purpose
+ default:
+ try
+ {
+ $log->add_criterion($name, $value);
+ }
+ catch ( Exception $e )
+ {
+ }
+ break;
+ }
+ }
+ }
+ }
+ if ( !$perms->get_permissions('history_view') )
+ {
+ die_friendly($lang->get('etc_access_denied_short'), '' . $lang->get('log_err_access_denied') . '
');
+ }
+
+ $page--;
+ $rowcount = $log->get_row_count();
+ $paramsbit = rtrim(preg_replace('|/?resultpage=([0-9]+)/?|', '/', $paths->getAllParams()), '/');
+ $paramsbit = ( !empty($paramsbit) ) ? "/$paramsbit" : '';
+ $result_url = makeUrlNS('Special', 'Log' . $paramsbit . '/resultpage=%s', false, true);
+ $paginator = generate_paginator($page, ceil($rowcount / $pagesize), $result_url);
+
+ $dataset = $log->get_data($page * $pagesize, $pagesize);
+
+ $output->header();
+
+ // breadcrumbs
+ if ( $fmt != 'naked' )
+ {
+ echo '';
+ echo speciallog_generate_breadcrumbs($log->get_criteria());
+ echo '
';
+
+ // form
+ ?>
+
+
+
+
+
+
+
+ ';
+ }
+
+ if ( $rowcount > 0 )
+ {
+ // we have some results, show pagination + result list
+ echo '' . $lang->get('log_heading_logdisplay') . '
';
+
+ echo $paginator;
+ // padding
+ echo '';
+ foreach ( $dataset as $row )
+ {
+ echo LogDisplay::render_row($row) . '
';
+ }
+ echo $paginator;
+ }
+ else
+ {
+ // no results
+ echo '' . $lang->get('log_msg_no_results') . '
';
+ }
+
+ if ( $fmt != 'naked' )
+ echo ' ';
+
+ $output->footer();
}
function speciallog_generate_breadcrumbs($criteria)
{
- global $db, $session, $paths, $template, $plugins; // Common objects
- global $lang;
-
- if ( count($criteria) == 0 )
- {
- return $lang->get('log_msg_no_filters');
- }
-
- $html = array();
- foreach ( $criteria as $criterion )
- {
- list($type, $value) = $criterion;
- switch($type)
- {
- case 'user':
- $rank_info = $session->get_user_rank($value);
- $user_link = '';
- $user_link .= htmlspecialchars(str_replace('_', ' ', $value)) . '';
-
- $crumb = $lang->get('log_breadcrumb_author', array('user' => $user_link));
- break;
- case 'page':
- list($pid, $ns) = RenderMan::strToPageID($value);
- $ns = namespace_factory($pid, $ns);
- $exist = $ns->exists() ? '' : ' class="wikilink-nonexistent"';
- $crumb = $lang->get('log_breadcrumb_page', array('page' => '' . htmlspecialchars($ns->title) . ''));
- break;
- case 'action':
- $action = ( $lang->get("log_formaction_{$value}") === "log_formaction_{$value}" ) ? $lang->get("log_action_{$value}") : $lang->get("log_formaction_{$value}");
- $crumb = $lang->get('log_breadcrumb_action', array('action' => htmlspecialchars($action)));
- break;
- case 'minor':
- $crumb = $value == '1' ? $lang->get('log_form_filtertype_minor_yes') : $lang->get('log_form_filtertype_minor_no');
- break;
- case 'within':
- $value = intval($value);
- if ( $value % 31536000 == 0 )
- {
- $n = $value / 31536000;
- $value = "$n " . $lang->get( $n > 1 ? 'etc_unit_years' : 'etc_unit_year' );
- }
- else if ( $value % 2592000 == 0 )
- {
- $n = $value / 2592000;
- $value = "$n " . $lang->get( $n > 1 ? 'etc_unit_months' : 'etc_unit_month' );
- }
- else if ( $value % 604800 == 0 )
- {
- $n = $value / 604800;
- $value = "$n " . $lang->get( $n > 1 ? 'etc_unit_weeks' : 'etc_unit_week' );
- }
- else if ( $value % 86400 == 0 )
- {
- $n = $value / 86400;
- $value = "$n " . $lang->get( $n > 1 ? 'etc_unit_days' : 'etc_unit_day' );
- }
- else
- {
- $value = "$value " . $lang->get( $value > 1 ? 'etc_unit_seconds' : 'etc_unit_second' );
- }
- $crumb = $lang->get('log_breadcrumb_within', array('time' => $value));
- break;
- }
- $html[] = $crumb . ' ' . speciallog_crumb_remove_link($criterion);
- }
- return implode(' » ', $html);
+ global $db, $session, $paths, $template, $plugins; // Common objects
+ global $lang;
+
+ if ( count($criteria) == 0 )
+ {
+ return $lang->get('log_msg_no_filters');
+ }
+
+ $html = array();
+ foreach ( $criteria as $criterion )
+ {
+ list($type, $value) = $criterion;
+ switch($type)
+ {
+ case 'user':
+ $rank_info = $session->get_user_rank($value);
+ $user_link = '';
+ $user_link .= htmlspecialchars(str_replace('_', ' ', $value)) . '';
+
+ $crumb = $lang->get('log_breadcrumb_author', array('user' => $user_link));
+ break;
+ case 'page':
+ list($pid, $ns) = RenderMan::strToPageID($value);
+ $ns = namespace_factory($pid, $ns);
+ $exist = $ns->exists() ? '' : ' class="wikilink-nonexistent"';
+ $crumb = $lang->get('log_breadcrumb_page', array('page' => '' . htmlspecialchars($ns->title) . ''));
+ break;
+ case 'action':
+ $action = ( $lang->get("log_formaction_{$value}") === "log_formaction_{$value}" ) ? $lang->get("log_action_{$value}") : $lang->get("log_formaction_{$value}");
+ $crumb = $lang->get('log_breadcrumb_action', array('action' => htmlspecialchars($action)));
+ break;
+ case 'minor':
+ $crumb = $value == '1' ? $lang->get('log_form_filtertype_minor_yes') : $lang->get('log_form_filtertype_minor_no');
+ break;
+ case 'within':
+ $value = intval($value);
+ if ( $value % 31536000 == 0 )
+ {
+ $n = $value / 31536000;
+ $value = "$n " . $lang->get( $n > 1 ? 'etc_unit_years' : 'etc_unit_year' );
+ }
+ else if ( $value % 2592000 == 0 )
+ {
+ $n = $value / 2592000;
+ $value = "$n " . $lang->get( $n > 1 ? 'etc_unit_months' : 'etc_unit_month' );
+ }
+ else if ( $value % 604800 == 0 )
+ {
+ $n = $value / 604800;
+ $value = "$n " . $lang->get( $n > 1 ? 'etc_unit_weeks' : 'etc_unit_week' );
+ }
+ else if ( $value % 86400 == 0 )
+ {
+ $n = $value / 86400;
+ $value = "$n " . $lang->get( $n > 1 ? 'etc_unit_days' : 'etc_unit_day' );
+ }
+ else
+ {
+ $value = "$value " . $lang->get( $value > 1 ? 'etc_unit_seconds' : 'etc_unit_second' );
+ }
+ $crumb = $lang->get('log_breadcrumb_within', array('time' => $value));
+ break;
+ }
+ $html[] = $crumb . ' ' . speciallog_crumb_remove_link($criterion);
+ }
+ return implode(' » ', $html);
}
function speciallog_crumb_remove_link($criterion)
{
- global $db, $session, $paths, $template, $plugins; // Common objects
- global $lang;
-
- list($type, $value) = $criterion;
-
- $params = explode('/', dirtify_page_id($paths->getAllParams()));
- foreach ( $params as $i => $param )
- {
- if ( $param === "$type=$value" )
- {
- unset($params[$i]);
- break;
- }
- else if ( $type === 'within' )
- {
- list($ptype, $pvalue) = explode('=', $param);
- if ( $ptype !== 'within' )
- continue;
-
- $lastchar = substr($pvalue, -1);
- $amt = intval($pvalue);
- switch($lastchar)
- {
- case 'd':
- $amt = $amt * 86400;
- break;
- case 'w':
- $amt = $amt * 604800;
- break;
- case 'm':
- $amt = $amt * 2592000;
- break;
- case 'y':
- $amt = $amt * 31536000;
- break;
- }
- if ( $amt === $value )
- {
- unset($params[$i]);
- break;
- }
- }
- }
- if ( count($params) > 0 )
- {
- $params = implode('/', $params);
- $url = makeUrlNS('Special', "Log/$params", false, true);
- }
- else
- {
- $url = makeUrlNS('Special', "Log", false, true);
- }
-
- return '(x)';
+ global $db, $session, $paths, $template, $plugins; // Common objects
+ global $lang;
+
+ list($type, $value) = $criterion;
+
+ $params = explode('/', dirtify_page_id($paths->getAllParams()));
+ foreach ( $params as $i => $param )
+ {
+ if ( $param === "$type=$value" )
+ {
+ unset($params[$i]);
+ break;
+ }
+ else if ( $type === 'within' )
+ {
+ list($ptype, $pvalue) = explode('=', $param);
+ if ( $ptype !== 'within' )
+ continue;
+
+ $lastchar = substr($pvalue, -1);
+ $amt = intval($pvalue);
+ switch($lastchar)
+ {
+ case 'd':
+ $amt = $amt * 86400;
+ break;
+ case 'w':
+ $amt = $amt * 604800;
+ break;
+ case 'm':
+ $amt = $amt * 2592000;
+ break;
+ case 'y':
+ $amt = $amt * 31536000;
+ break;
+ }
+ if ( $amt === $value )
+ {
+ unset($params[$i]);
+ break;
+ }
+ }
+ }
+ if ( count($params) > 0 )
+ {
+ $params = implode('/', $params);
+ $url = makeUrlNS('Special', "Log/$params", false, true);
+ }
+ else
+ {
+ $url = makeUrlNS('Special', "Log", false, true);
+ }
+
+ return '(x)';
}