# HG changeset patch # User Dan # Date 1185031739 14400 # Node ID bda11e521e8adc8db75b2cdebafa2d659298ae0e # Parent 21770a1a5213e0ebc07036b814f85e40fd458b32 Fixed a few presentation bugs in installer, made installer more "legally binding", and fixed global permissions inheritance in $session->fetch_page_acl() diff -r 21770a1a5213 -r bda11e521e8a GPL --- a/GPL Sun Jul 15 11:41:06 2007 -0400 +++ b/GPL Sat Jul 21 11:28:59 2007 -0400 @@ -91,8 +91,8 @@ To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. - - Copyright (C) + <one line to give the program's name and a brief idea of what it does.> + Copyright (C) <year> <name of author> This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -124,7 +124,7 @@ Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (which makes passes at compilers) written by James Hacker. - , 1 April 1989 + <signature of Ty Coon>, 1 April 1989 Ty Coon, President of Vice This General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. diff -r 21770a1a5213 -r bda11e521e8a config.php --- a/config.php Sun Jul 15 11:41:06 2007 -0400 +++ b/config.php Sat Jul 21 11:28:59 2007 -0400 @@ -0,0 +1,15 @@ + \ No newline at end of file diff -r 21770a1a5213 -r bda11e521e8a includes/sessions.php --- a/includes/sessions.php Sun Jul 15 11:41:06 2007 -0400 +++ b/includes/sessions.php Sat Jul 21 11:28:59 2007 -0400 @@ -2052,6 +2052,9 @@ } while ( $row = $db->fetchrow() ); } + // Cache the sitewide permissions for later use + $this->acl_base_cache = $this->perms; + // Eliminate types that don't apply to this namespace foreach ( $this->perms AS $i => $perm ) { @@ -2061,9 +2064,6 @@ } } - // Cache the sitewide permissions for later use - $this->acl_base_cache = $this->perms; - // Build a query to grab ACL info $bs = 'SELECT rules,target_type,target_id FROM '.table_prefix.'acl WHERE ( '; $q = Array(); @@ -2368,24 +2368,21 @@ } var testpassed = ' . ( ( isset($_GET['use_crypt']) && $_GET['use_crypt']=='0') ? 'false; // CRYPTO-AUTH DISABLED ON USER REQUEST // ' : '' ) . '( ct == v && md5_vm_test() ); var frm = document.forms.'.$form_name.'; - if(testpassed) - { - frm.'.$use_crypt.'.value = \'yes\'; - var cryptkey = frm.'.$crypt_key.'.value; - frm.'.$crypt_key.'.value = hex_md5(cryptkey); - cryptkey = hexToByteArray(cryptkey); - if(!cryptkey || ( ( typeof cryptkey == \'string\' || typeof cryptkey == \'object\' ) ) && cryptkey.length != keySizeInBits / 8 ) - { - if ( frm._login ) frm._login.disabled = true; - len = ( typeof cryptkey == \'string\' || typeof cryptkey == \'object\' ) ? \'\\nLen: \'+cryptkey.length : \'\'; - alert(\'The key is messed up\\nType: \'+typeof(cryptkey)+len); - } - } function runEncryption() { + var frm = document.forms.'.$form_name.'; if(testpassed) { - var frm = document.forms.'.$form_name.'; + frm.'.$use_crypt.'.value = \'yes\'; + var cryptkey = frm.'.$crypt_key.'.value; + frm.'.$crypt_key.'.value = hex_md5(cryptkey); + cryptkey = hexToByteArray(cryptkey); + if(!cryptkey || ( ( typeof cryptkey == \'string\' || typeof cryptkey == \'object\' ) ) && cryptkey.length != keySizeInBits / 8 ) + { + if ( frm._login ) frm._login.disabled = true; + len = ( typeof cryptkey == \'string\' || typeof cryptkey == \'object\' ) ? \'\\nLen: \'+cryptkey.length : \'\'; + alert(\'The key is messed up\\nType: \'+typeof(cryptkey)+len); + } pass = frm.'.$pw_field.'.value; chal = frm.'.$challenge.'.value; challenge = hex_md5(pass + chal) + chal; @@ -2464,6 +2461,14 @@ var $perms = Array(); /** + * Array to track which default permissions are being used + * @var array + * @access private + */ + + var $acl_defaults_used = Array(); + + /** * Constructor. * @param string $page_id The ID of the page to check * @param string $namespace The namespace of the page to check. @@ -2477,11 +2482,13 @@ { global $db, $session, $paths, $template, $plugins; // Common objects - $this->perms = $session->acl_merge_complete($acl_types, $base); $this->acl_deps = $acl_deps; $this->acl_types = $acl_types; $this->acl_descs = $acl_descs; + $this->perms = $acl_types; + $this->perms = $session->acl_merge_complete($this->perms, $base); + // Build a query to grab ACL info $bs = 'SELECT rules FROM '.table_prefix.'acl WHERE ( '; $q = Array(); @@ -2502,7 +2509,8 @@ { do { $rules = $session->string_to_perm($row['rules']); - $this->perms = $session->acl_merge($this->perms, $rules); + $is_everyone = ( $row['target_type'] == ACL_TYPE_GROUP && $row['target_id'] == 1 ); + $this->acl_merge_with_current($rules, $is_everyone); } while ( $row = $db->fetchrow() ); } @@ -2519,6 +2527,7 @@ function get_permissions($type, $no_deps = false) { + // echo '
' . print_r($this->perms, true) . '
'; global $db, $session, $paths, $template, $plugins; // Common objects if ( isset( $this->perms[$type] ) ) { @@ -2611,6 +2620,44 @@ return true; } + /** + * Merges the ACL array sent with the current permissions table, deciding precedence based on whether defaults are in effect or not. + * @param array The array to merge into the master ACL list + * @param bool If true, $perm is treated as the "new default" + * @param int 1 if this is a site-wide ACL, 2 if page-specific. Defaults to 2. + */ + + function acl_merge_with_current($perm, $is_everyone = false, $scope = 2) + { + foreach ( $this->perms as $i => $p ) + { + if ( isset($perm[$i]) ) + { + if ( $is_everyone && !$this->acl_defaults_used[$i] ) + continue; + // Decide precedence + if ( isset($this->acl_defaults_used[$i]) ) + { + //echo "$i: default in use, overriding to: {$perm[$i]}
"; + // Defaults are in use, override + $this->perms[$i] = $perm[$i]; + $this->acl_defaults_used[$i] = ( $is_everyone ); + } + else + { + //echo "$i: default NOT in use"; + // Defaults are not in use, merge as normal + if ( $this->perms[$i] != AUTH_DENY ) + { + //echo ", but overriding"; + $this->perms[$i] = $perm[$i]; + } + //echo "
"; + } + } + } + } + } ?> diff -r 21770a1a5213 -r bda11e521e8a includes/wikiengine/Parse/Mediawiki/Wikilink.php --- a/includes/wikiengine/Parse/Mediawiki/Wikilink.php Sun Jul 15 11:41:06 2007 -0400 +++ b/includes/wikiengine/Parse/Mediawiki/Wikilink.php Sat Jul 21 11:28:59 2007 -0400 @@ -101,10 +101,20 @@ $default = $this->conf; parent::Text_Wiki_Parse($obj); - global $paths; - $this->imageConf = array( - 'prefix' => array(':' . $paths->nslist['File']) - ); + if ( defined('IN_ENANO_INSTALL') ) + { + // This doesn't really matter in the installer + $this->imageConf = array( + 'prefix' => array(':File:') + ); + } + else + { + global $paths; + $this->imageConf = array( + 'prefix' => array(':' . $paths->nslist['File']) + ); + } // override config options for image if specified if (in_array('Image', $this->wiki->disable)) { diff -r 21770a1a5213 -r bda11e521e8a install.php --- a/install.php Sun Jul 15 11:41:06 2007 -0400 +++ b/install.php Sat Jul 21 11:28:59 2007 -0400 @@ -338,6 +338,7 @@

Declaration of license usage

Enano is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but without any warranty; without even the implied warranty of merchantability or fitness for a particular purpose. See the GNU General Public License (below) for more details.

+

By clicking the button below or otherwise continuing the installation, you indicate your acceptance of this license agreement.

Human-readable version

Enano is distributed under certain licensing terms that we believe make it of the greatest possible use to the public. The license we distribute it under, the GNU General Public License, provides certain terms and conditions that, rather than limit your use of Enano, allow you to get the most out of it. If you would like to read the full text, it can be found below. Here is a human-readable version that we think is a little easier to understand.

    @@ -369,7 +370,7 @@
    - +

    Before clicking continue:
    • Ensure that you agree with the terms of the license
    • Have your database host, name, username, and password available

    Before clicking continue:
    • Ensure that you agree with the terms of the license
    • Have your database host, name, username, and password available
    @@ -391,6 +392,7 @@ run_test('return is_writable(ENANO_ROOT.\'/config.php\');', 'Configuration file writable', 'It looks like the configuration file, config.php, is not writable. Enano needs to be able to write to this file in order to install.

    If you are installing Enano on a SourceForge web site:
    SourceForge mounts the web partitions read-only now, so you will need to use the project shell service to symlink config.php to a file in the /tmp/persistent directory.'); run_test('return file_exists(\'/usr/bin/convert\');', 'ImageMagick support', 'Enano uses ImageMagick to scale images into thumbnails. Because ImageMagick was not found on your server, Enano will use the width= and height= attributes on the <img> tag to scale images. This can cause somewhat of a performance increase, but bandwidth usage will be higher, especially if you use high-resolution images on your site.

    If you are sure that you have ImageMagick, you can set the location of the "convert" program using the administration panel after installation is complete.', true); run_test('return is_writable(ENANO_ROOT.\'/cache/\');', 'Cache directory writable', 'Apparently the cache/ directory is not writable. Enano will still work, but you will not be able to cache thumbnails, meaning the server will need to re-render them each time they are requested. In some cases, this can cause a significant slowdown.', true); + run_test('return is_writable(ENANO_ROOT.\'/files/\');', 'File uploads directory writable', 'It seems that the directory where uploaded files are stored (' . ENANO_ROOT . '/files) cannot be written by the server. Enano will still function, but file uploads will not function, and will be disabled by default.', true); echo ''; if(!$failed) { @@ -404,7 +406,7 @@ echo ''; } else { echo ''; - run_test('return true;', 'Your server meets all the requirements for running Enano.
    Click the button below to continue the installation.', 'You should never see this text. Congratulations for being a Enano hacker!'); + run_test('return true;', 'Your server meets all the requirements for running Enano.
    Click the button below to continue the installation.', 'You should never see this text. Congratulations for being an Enano hacker!'); echo '
    '; } ?> diff -r 21770a1a5213 -r bda11e521e8a plugins/SpecialAdmin.php --- a/plugins/SpecialAdmin.php Sun Jul 15 11:41:06 2007 -0400 +++ b/plugins/SpecialAdmin.php Sat Jul 21 11:28:59 2007 -0400 @@ -1537,6 +1537,7 @@ 'UPDATE '.table_prefix.'comments SET page_id=\''.$page_info['urlname'].'\',namespace=\''.$page_info['namespace'].'\' WHERE page_id=\'' . $db->escape($_POST['old_page_id']) . '\' AND namespace=\'' . $db->escape($_POST['old_namespace']) . '\';', 'UPDATE '.table_prefix.'logs SET page_id=\''.$page_info['urlname'].'\',namespace=\''.$page_info['namespace'].'\' WHERE page_id=\'' . $db->escape($_POST['old_page_id']) . '\' AND namespace=\'' . $db->escape($_POST['old_namespace']) . '\';', 'UPDATE '.table_prefix.'page_text SET page_id=\''.$page_info['urlname'].'\',namespace=\''.$page_info['namespace'].'\' WHERE page_id=\'' . $db->escape($_POST['old_page_id']) . '\' AND namespace=\'' . $db->escape($_POST['old_namespace']) . '\';', + 'UPDATE '.table_prefix.'acl SET page_id=\''.$page_info['urlname'].'\',namespace=\''.$page_info['namespace'].'\' WHERE page_id=\'' . $db->escape($_POST['old_page_id']) . '\' AND namespace=\'' . $db->escape($_POST['old_namespace']) . '\';' ); foreach($q as $cq) {