--- a/includes/clientside/css/enano-shared.css Sat Jan 17 12:08:28 2009 -0500
+++ b/includes/clientside/css/enano-shared.css Sun Jan 18 18:11:42 2009 -0500
@@ -190,62 +190,6 @@
div.search-lobar { background-color: #E5EFFF; margin: 0; padding: 5px; }
/*
- * Search box
- */
-
-input.js-search-box {
- font-size: 13px;
- margin: 0;
- padding: 1px !important;
- background-image: url(../../../images/search-box-normal.gif);
- height: 15px;
- background-repeat: repeat-x;
- border-width: 1px;
- border-style: solid;
- border-color: #6c6c6c;
- color: #C0C0C0;
-}
-
-input.js-search-box:focus {
- background-image: url(../../../images/search-box-hilite.gif);
- color: #666;
-}
-
-div.js-search-submit {
- display: block;
- position: absolute;
- width: 24px;
- height: 19px;
- font-size: 1px;
- line-height: 19px;
- clip: rect(0px, 24px, 19px, 0px);
- overflow: hidden;
- margin: 0;
- padding: 0;
- background: transparent url(../../../images/search-btn-normal.png) no-repeat !important;
- background-repeat: no-repeat;
- cursor: pointer;
-}
-
-div.js-search-submit:hover {
- background-image: url(../../../images/search-btn-hilite.png);
-}
-
-input[type ^="text"].username, input[type ^="password"].password {
- padding: 2px 2px 2px 27px;
- width: 96px;
- height: 15px;
- border: 0px none #000;
- font-size: 11px;
-}
-input[type ^="text"].username {
- background-image: url(../../../images/login-username.png);
-}
-input[type ^="password"].password {
- background-image: url(../../../images/login-password.png);
-}
-
-/*
* jBox menu system
*/
--- a/includes/pageprocess.php Sat Jan 17 12:08:28 2009 -0500
+++ b/includes/pageprocess.php Sun Jan 18 18:11:42 2009 -0500
@@ -165,6 +165,11 @@
$this->err_access_denied();
return false;
}
+ if ( $this->revision_id > 0 && !$this->perms->get_permissions('history_view') )
+ {
+ $this->err_access_denied();
+ return false;
+ }
$pathskey = $paths->nslist[ $this->namespace ] . $this->page_id;
$strict_no_headers = false;
if ( isset($paths->pages[$pathskey]) )
--- a/includes/pageutils.php Sat Jan 17 12:08:28 2009 -0500
+++ b/includes/pageutils.php Sun Jan 18 18:11:42 2009 -0500
@@ -1451,6 +1451,8 @@
if(!$e) $db->_die('The page entry could not be deleted.');
$e = $db->sql_query('DELETE FROM ' . table_prefix.'files WHERE page_id=\'' . $page_id . '\'');
if(!$e) $db->_die('The file entry could not be deleted.');
+ $e = $db->sql_query('DELETE FROM ' . table_prefix.'acl WHERE page_id=\'' . $page_id . '\' AND namespace=\'' . $namespace . '\'');
+ if(!$e) $db->_die('The ACL entries associated with the page could not be deleted.');
return('This page has been deleted. Note that there is still a log of edits and actions in the database, and anyone with admin rights can raise this page from the dead unless the log is cleared. If the deleted file is an image, there may still be cached thumbnails of it in the cache/ directory, which is inaccessible to users.');
}
--- a/plugins/SpecialAdmin.php Sat Jan 17 12:08:28 2009 -0500
+++ b/plugins/SpecialAdmin.php Sun Jan 18 18:11:42 2009 -0500
@@ -1431,6 +1431,7 @@
'DELETE FROM '.table_prefix.'comments WHERE page_id=\'' . $db->escape($_POST['old_page_id']) . '\' AND namespace=\'' . $db->escape($_POST['old_namespace']) . '\';',
'DELETE FROM '.table_prefix.'logs WHERE page_id=\'' . $db->escape($_POST['old_page_id']) . '\' AND namespace=\'' . $db->escape($_POST['old_namespace']) . '\';',
'DELETE FROM '.table_prefix.'page_text WHERE page_id=\'' . $db->escape($_POST['old_page_id']) . '\' AND namespace=\'' . $db->escape($_POST['old_namespace']) . '\';',
+ 'DELETE FROM '.table_prefix.'acl WHERE page_id=\'' . $db->escape($_POST['old_page_id']) . '\' AND namespace=\'' . $db->escape($_POST['old_namespace']) . '\';',
);
foreach($q as $cq)
{
@@ -2626,11 +2627,11 @@
</p>
<p>
<select name="type" onchange="setType(this)"> <?php /* (NOT WORKING, at least in firefox 2) onload="var thingy = this; setTimeout('setType(thingy)', 500);" */ ?>
- <option value="<?php echo BLOCK_WIKIFORMAT; ?>">Wiki-formatted block</option>
- <option value="<?php echo BLOCK_TEMPLATEFORMAT; ?>">Template-formatted block (old pre-beta 3 behavior)</option>
- <option value="<?php echo BLOCK_HTML; ?>">Raw HTML block</option>
- <option value="<?php echo BLOCK_PHP; ?>">PHP code block (danger, Will Robinson!)</option>
- <option value="<?php echo BLOCK_PLUGIN; ?>">Use code from a plugin</option>
+ <option value="<?php echo BLOCK_WIKIFORMAT; ?>">Textual content (wikitext)</option>
+ <option value="<?php echo BLOCK_TEMPLATEFORMAT; ?>">List of links with logic capabilities</option>
+ <option value="<?php echo BLOCK_HTML; ?>">Pure HTML</option>
+ <option value="<?php echo BLOCK_PHP; ?>">PHP code</option>
+ <option value="<?php echo BLOCK_PLUGIN; ?>">Plugin block</option>
</select>
</p>
@@ -2643,6 +2644,10 @@
<div class="sbadd_block" id="blocktype_<?php echo BLOCK_WIKIFORMAT; ?>">
<p>
+ <b>This block type is for textual content.</b> This could be information, a random fact, or some other blob of fully formatted text. Links show up inline,
+ not as a list.
+ </p>
+ <p>
Wikitext:
</p>
<p>
@@ -2652,6 +2657,13 @@
<div class="sbadd_block" id="blocktype_<?php echo BLOCK_TEMPLATEFORMAT; ?>">
<p>
+ <b>This block type is for links.</b> Use wikilinks (both internal and external are supported) to build a list of links. All links will be shown block-style,
+ or one link per line. You can use logic in these blocks as well:
+ </p>
+ <pre>{if user_logged_in}
+ [[Special:Preferences|User control panel]]
+{/if}</pre>
+ <p>
Template code:
</p>
<p>
@@ -2661,6 +2673,10 @@
<div class="sbadd_block" id="blocktype_<?php echo BLOCK_HTML; ?>">
<p>
+ <b>This block type is for textual content.</b> HTML you use here will not be filtered or parsed at all - it will be displayed verbatim. This gives you
+ slightly more control over your content but you can't use wikilinks or other wikitext in here.
+ </p>
+ <p>
HTML to place inside the sidebar:
</p>
<p>
@@ -2674,18 +2690,18 @@
<?php } else { ?>
<p>
<b>WARNING:</b> If you don't know what you're doing, or if you are not fluent in PHP, stop now and choose a different block type. You will brick your Enano installation if you are not careful here.
- ALWAYS remember to write secure code! The Enano team is not responsible if someone drops all your tables because of an SQL injection vulnerability in your sidebar code. You are probably better off using the template-formatted block type.
+ ALWAYS remember to write secure code! The Enano team is not responsible if someone drops all your tables because of an SQL injection vulnerability in your sidebar code. You are probably better off using the links and logic block type.
</p>
<p>
<span style="color: red;">
- It is especially important to note that this code is NOT checked for errors! If there is a syntax error in your code here, it will prevent any pages from loading AT ALL. So you need to use an external PHP editor (like <a href="http://www.jedit.org">jEdit</a>) to check your syntax before you hit save.
+ It is especially important to note that the syntax of your code is not validated here. If there is a syntax error in your code here, it might prevent Enano from working properly. It is recommended that you use an external PHP editor (like <a href="http://www.jedit.org">jEdit</a>) to check your syntax before you hit save.
</span> You have been warned.
</p>
<p>
Also, you should avoid using output buffering functions (ob_[start|end|get_contents|clean]) here, because Enano uses those to track output from this script.
</p>
<p>
- The standard <?php and ?> tags work here. Don't use an initial "<?php" or it will cause a parse error.
+ The standard <?php and ?> tags work here, but don't use an initial "<?php" or it will cause a parse error.
</p>
<p>
PHP code: