1
+ − 1
<?php
73
0a74676a2f2f
Made the move to Loch Ness, and got some basic page grouping functionality working. TODO: fix some UI issues in Javascript ACL editor and change non-JS ACL editor to work with page groups too
Dan
diff
changeset
+ − 2
1
+ − 3
/*
+ − 4
* Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
801
eb8b23f11744
Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
diff
changeset
+ − 5
* Version 1.1.6 (Caoineag beta 1)
1
+ − 6
* pageprocess.php - intelligent retrieval of pages
536
+ − 7
* Copyright (C) 2006-2008 Dan Fuhry
1
+ − 8
*
+ − 9
* This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
+ − 10
* as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
+ − 11
*
+ − 12
* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ − 13
* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
+ − 14
*/
+ − 15
+ − 16
/**
+ − 17
* Class to handle fetching page text (possibly from a cache) and formatting it.
322
+ − 18
* As of 1.0.4, this also handles the fetching and editing of certain data for pages.
1
+ − 19
* @package Enano
+ − 20
* @subpackage UI
+ − 21
* @copyright 2007 Dan Fuhry
800
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 22
* @license GNU General Public License <http://www.gnu.org/licenses/gpl-2.0.html>
1
+ − 23
*/
+ − 24
+ − 25
class PageProcessor
+ − 26
{
+ − 27
+ − 28
/**
+ − 29
* Page ID and namespace of the page handled by this instance
+ − 30
* @var string
+ − 31
*/
+ − 32
+ − 33
var $page_id;
+ − 34
var $namespace;
+ − 35
+ − 36
/**
800
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 37
* The instance of the namespace processor for the namespace we're doing.
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 38
* @var object
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 39
*/
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 40
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 41
var $ns;
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 42
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 43
/**
62
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 44
* The title of the page sent to the template parser
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 45
* @var string
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 46
*/
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 47
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 48
var $title = '';
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 49
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 50
/**
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 51
* The information about the page(s) we were redirected from
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 52
* @var array
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 53
*/
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 54
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 55
var $redirect_stack = array();
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 56
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 57
/**
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 58
* The revision ID (history entry) to send. If set to 0 (the default) then the most recent revision will be sent.
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 59
* @var int
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 60
*/
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 61
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 62
var $revision_id = 0;
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 63
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 64
/**
468
+ − 65
* The time this revision was saved, as a UNIX timestamp
+ − 66
* @var int
+ − 67
*/
+ − 68
+ − 69
var $revision_time = 0;
+ − 70
+ − 71
/**
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 72
* Unsanitized page ID.
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 73
* @var string
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 74
*/
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 75
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 76
var $page_id_unclean;
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 77
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 78
/**
1
+ − 79
* Tracks if the page we're loading exists in the database or not.
+ − 80
* @var bool
+ − 81
*/
+ − 82
+ − 83
var $page_exists = false;
+ − 84
+ − 85
/**
+ − 86
* Permissions!
+ − 87
* @var object
+ − 88
*/
+ − 89
+ − 90
var $perms = null;
+ − 91
+ − 92
/**
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 93
* The SHA1 hash of the user-inputted password for the page
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 94
* @var string
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 95
*/
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 96
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 97
var $password = '';
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 98
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 99
/**
1
+ − 100
* Switch to track if redirects are allowed. Defaults to true.
+ − 101
* @var bool
+ − 102
*/
+ − 103
+ − 104
var $allow_redir = true;
+ − 105
+ − 106
/**
963
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 107
* Holds any error message from redirection code. Defaults to false (no error).
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 108
* @var mixed
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 109
*/
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 110
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 111
var $redir_error = false;
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 112
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 113
/**
1
+ − 114
* If this is set to true, this will call the header and footer funcs on $template when render() is called.
+ − 115
* @var bool
+ − 116
*/
+ − 117
+ − 118
var $send_headers = false;
+ − 119
+ − 120
/**
+ − 121
* Cache the fetched text so we don't fetch it from the DB twice.
+ − 122
* @var string
+ − 123
*/
+ − 124
+ − 125
var $text_cache = '';
+ − 126
+ − 127
/**
+ − 128
* Debugging information to track errors. You can set enable to false to disable sending debug information.
+ − 129
* @var array
+ − 130
*/
+ − 131
+ − 132
var $debug = array(
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 133
'enable' => false,
1
+ − 134
'works' => false
+ − 135
);
+ − 136
+ − 137
/**
322
+ − 138
* The list of errors raised in the class.
+ − 139
* @var array
+ − 140
*/
+ − 141
+ − 142
var $_errors = array();
+ − 143
+ − 144
/**
1
+ − 145
* Constructor.
+ − 146
* @param string The page ID (urlname) of the page
+ − 147
* @param string The namespace of the page
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 148
* @param int Optional. The revision ID to send.
1
+ − 149
*/
+ − 150
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 151
function __construct( $page_id, $namespace, $revision_id = 0 )
1
+ − 152
{
+ − 153
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 154
372
5bd429428101
A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager
Dan
diff
changeset
+ − 155
profiler_log("PageProcessor [{$namespace}:{$page_id}]: Started constructor");
5bd429428101
A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager
Dan
diff
changeset
+ − 156
1
+ − 157
// See if we can get some debug info
+ − 158
if ( function_exists('debug_backtrace') && $this->debug['enable'] )
+ − 159
{
+ − 160
$this->debug['works'] = true;
+ − 161
$this->debug['backtrace'] = enano_debug_print_backtrace(true);
+ − 162
}
+ − 163
+ − 164
// First things first - check page existence and permissions
+ − 165
+ − 166
if ( !isset($paths->nslist[$namespace]) )
+ − 167
{
+ − 168
$this->send_error('The namespace "' . htmlspecialchars($namespace) . '" does not exist.');
+ − 169
}
+ − 170
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 171
if ( !is_int($revision_id) )
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 172
$revision_id = 0;
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 173
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 174
$this->_setup( $page_id, $namespace, $revision_id );
1
+ − 175
}
+ − 176
+ − 177
/**
61
+ − 178
* The main method to send the page content. Also responsible for checking permissions and calling the statistics counter.
+ − 179
* @param bool If true, the stat counter is called. Defaults to false.
1
+ − 180
*/
+ − 181
61
+ − 182
function send( $do_stats = false )
1
+ − 183
{
+ − 184
global $db, $session, $paths, $template, $plugins; // Common objects
963
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 185
global $lang, $output;
314
+ − 186
592
+ − 187
profiler_log('PageProcessor: send() called');
372
5bd429428101
A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager
Dan
diff
changeset
+ − 188
1
+ − 189
if ( !$this->perms->get_permissions('read') )
+ − 190
{
511
f88c8c79d784
Made some improvements to ACL system including: warning on setting Deny for Everyone on the entire site, added ACL_ALWAYS_ALLOW_ADMIN_EDIT_ACL, and changed behavior as noted in the docs so that Deny for Everyone is no longer able to be overridden
Dan
diff
changeset
+ − 191
// Permission denied to read page. Is this one of our core pages that must always be allowed?
f88c8c79d784
Made some improvements to ACL system including: warning on setting Deny for Everyone on the entire site, added ACL_ALWAYS_ALLOW_ADMIN_EDIT_ACL, and changed behavior as noted in the docs so that Deny for Everyone is no longer able to be overridden
Dan
diff
changeset
+ − 192
// NOTE: Not even the administration panel will work if ACLs deny access to it.
f88c8c79d784
Made some improvements to ACL system including: warning on setting Deny for Everyone on the entire site, added ACL_ALWAYS_ALLOW_ADMIN_EDIT_ACL, and changed behavior as noted in the docs so that Deny for Everyone is no longer able to be overridden
Dan
diff
changeset
+ − 193
if ( $this->namespace == 'Special' && in_array($this->page_id, array('Login', 'Logout', 'LangExportJSON', 'CSS')) )
f88c8c79d784
Made some improvements to ACL system including: warning on setting Deny for Everyone on the entire site, added ACL_ALWAYS_ALLOW_ADMIN_EDIT_ACL, and changed behavior as noted in the docs so that Deny for Everyone is no longer able to be overridden
Dan
diff
changeset
+ − 194
{
f88c8c79d784
Made some improvements to ACL system including: warning on setting Deny for Everyone on the entire site, added ACL_ALWAYS_ALLOW_ADMIN_EDIT_ACL, and changed behavior as noted in the docs so that Deny for Everyone is no longer able to be overridden
Dan
diff
changeset
+ − 195
// Do nothing; allow execution to continue
f88c8c79d784
Made some improvements to ACL system including: warning on setting Deny for Everyone on the entire site, added ACL_ALWAYS_ALLOW_ADMIN_EDIT_ACL, and changed behavior as noted in the docs so that Deny for Everyone is no longer able to be overridden
Dan
diff
changeset
+ − 196
}
f88c8c79d784
Made some improvements to ACL system including: warning on setting Deny for Everyone on the entire site, added ACL_ALWAYS_ALLOW_ADMIN_EDIT_ACL, and changed behavior as noted in the docs so that Deny for Everyone is no longer able to be overridden
Dan
diff
changeset
+ − 197
else
f88c8c79d784
Made some improvements to ACL system including: warning on setting Deny for Everyone on the entire site, added ACL_ALWAYS_ALLOW_ADMIN_EDIT_ACL, and changed behavior as noted in the docs so that Deny for Everyone is no longer able to be overridden
Dan
diff
changeset
+ − 198
{
f88c8c79d784
Made some improvements to ACL system including: warning on setting Deny for Everyone on the entire site, added ACL_ALWAYS_ALLOW_ADMIN_EDIT_ACL, and changed behavior as noted in the docs so that Deny for Everyone is no longer able to be overridden
Dan
diff
changeset
+ − 199
// Page isn't whitelisted, behave as normal
f88c8c79d784
Made some improvements to ACL system including: warning on setting Deny for Everyone on the entire site, added ACL_ALWAYS_ALLOW_ADMIN_EDIT_ACL, and changed behavior as noted in the docs so that Deny for Everyone is no longer able to be overridden
Dan
diff
changeset
+ − 200
$this->err_access_denied();
f88c8c79d784
Made some improvements to ACL system including: warning on setting Deny for Everyone on the entire site, added ACL_ALWAYS_ALLOW_ADMIN_EDIT_ACL, and changed behavior as noted in the docs so that Deny for Everyone is no longer able to be overridden
Dan
diff
changeset
+ − 201
return false;
f88c8c79d784
Made some improvements to ACL system including: warning on setting Deny for Everyone on the entire site, added ACL_ALWAYS_ALLOW_ADMIN_EDIT_ACL, and changed behavior as noted in the docs so that Deny for Everyone is no longer able to be overridden
Dan
diff
changeset
+ − 202
}
1
+ − 203
}
825
9d5c04c1414f
Added (very basic) spam filtering plugin support. Plugins can mark a message as spam by hooking into the spam check API, which is documented in functions.php. No spam checking functionality is built-in.
Dan
diff
changeset
+ − 204
if ( $this->revision_id > 0 && !$this->perms->get_permissions('history_view') )
9d5c04c1414f
Added (very basic) spam filtering plugin support. Plugins can mark a message as spam by hooking into the spam check API, which is documented in functions.php. No spam checking functionality is built-in.
Dan
diff
changeset
+ − 205
{
9d5c04c1414f
Added (very basic) spam filtering plugin support. Plugins can mark a message as spam by hooking into the spam check API, which is documented in functions.php. No spam checking functionality is built-in.
Dan
diff
changeset
+ − 206
$this->err_access_denied();
9d5c04c1414f
Added (very basic) spam filtering plugin support. Plugins can mark a message as spam by hooking into the spam check API, which is documented in functions.php. No spam checking functionality is built-in.
Dan
diff
changeset
+ − 207
return false;
9d5c04c1414f
Added (very basic) spam filtering plugin support. Plugins can mark a message as spam by hooking into the spam check API, which is documented in functions.php. No spam checking functionality is built-in.
Dan
diff
changeset
+ − 208
}
571
66e14e61613e
Got ACL scope logic working again and began enforcing it. Breaking API change: assigning page title with $template->tpl_strings['PAGE_NAME'] will no longer work, use $template->assign_vars(). Workaround may be added later. Test for assign_vars method if compatibility needed. Added namespace processor API (non-breaking change). Several other things tweaked around as well.
Dan
diff
changeset
+ − 209
66e14e61613e
Got ACL scope logic working again and began enforcing it. Breaking API change: assigning page title with $template->tpl_strings['PAGE_NAME'] will no longer work, use $template->assign_vars(). Workaround may be added later. Test for assign_vars method if compatibility needed. Added namespace processor API (non-breaking change). Several other things tweaked around as well.
Dan
diff
changeset
+ − 210
// Is there a custom function registered for handling this namespace?
800
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 211
// DEPRECATED (even though it only saw its way into one alpha release.)
571
66e14e61613e
Got ACL scope logic working again and began enforcing it. Breaking API change: assigning page title with $template->tpl_strings['PAGE_NAME'] will no longer work, use $template->assign_vars(). Workaround may be added later. Test for assign_vars method if compatibility needed. Added namespace processor API (non-breaking change). Several other things tweaked around as well.
Dan
diff
changeset
+ − 212
if ( $proc = $paths->get_namespace_processor($this->namespace) )
66e14e61613e
Got ACL scope logic working again and began enforcing it. Breaking API change: assigning page title with $template->tpl_strings['PAGE_NAME'] will no longer work, use $template->assign_vars(). Workaround may be added later. Test for assign_vars method if compatibility needed. Added namespace processor API (non-breaking change). Several other things tweaked around as well.
Dan
diff
changeset
+ − 213
{
66e14e61613e
Got ACL scope logic working again and began enforcing it. Breaking API change: assigning page title with $template->tpl_strings['PAGE_NAME'] will no longer work, use $template->assign_vars(). Workaround may be added later. Test for assign_vars method if compatibility needed. Added namespace processor API (non-breaking change). Several other things tweaked around as well.
Dan
diff
changeset
+ − 214
// yes, just call that
66e14e61613e
Got ACL scope logic working again and began enforcing it. Breaking API change: assigning page title with $template->tpl_strings['PAGE_NAME'] will no longer work, use $template->assign_vars(). Workaround may be added later. Test for assign_vars method if compatibility needed. Added namespace processor API (non-breaking change). Several other things tweaked around as well.
Dan
diff
changeset
+ − 215
// this is protected aggressively by the PathManager against overriding critical namespaces
66e14e61613e
Got ACL scope logic working again and began enforcing it. Breaking API change: assigning page title with $template->tpl_strings['PAGE_NAME'] will no longer work, use $template->assign_vars(). Workaround may be added later. Test for assign_vars method if compatibility needed. Added namespace processor API (non-breaking change). Several other things tweaked around as well.
Dan
diff
changeset
+ − 216
return call_user_func($proc, $this);
66e14e61613e
Got ACL scope logic working again and began enforcing it. Breaking API change: assigning page title with $template->tpl_strings['PAGE_NAME'] will no longer work, use $template->assign_vars(). Workaround may be added later. Test for assign_vars method if compatibility needed. Added namespace processor API (non-breaking change). Several other things tweaked around as well.
Dan
diff
changeset
+ − 217
}
66e14e61613e
Got ACL scope logic working again and began enforcing it. Breaking API change: assigning page title with $template->tpl_strings['PAGE_NAME'] will no longer work, use $template->assign_vars(). Workaround may be added later. Test for assign_vars method if compatibility needed. Added namespace processor API (non-breaking change). Several other things tweaked around as well.
Dan
diff
changeset
+ − 218
24
+ − 219
$pathskey = $paths->nslist[ $this->namespace ] . $this->page_id;
+ − 220
$strict_no_headers = false;
793
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 221
$admin_fail = false;
329
0437a7cf1acc
Added update-checking function (still a little rough around the edges); added support into admin user CP for changing avatars
Dan
diff
changeset
+ − 222
if ( $this->namespace == 'Admin' && strstr($this->page_id, '/') )
0437a7cf1acc
Added update-checking function (still a little rough around the edges); added support into admin user CP for changing avatars
Dan
diff
changeset
+ − 223
{
0437a7cf1acc
Added update-checking function (still a little rough around the edges); added support into admin user CP for changing avatars
Dan
diff
changeset
+ − 224
$this->page_id = substr($this->page_id, 0, strpos($this->page_id, '/'));
0437a7cf1acc
Added update-checking function (still a little rough around the edges); added support into admin user CP for changing avatars
Dan
diff
changeset
+ − 225
$funcname = "page_{$this->namespace}_{$this->page_id}";
0437a7cf1acc
Added update-checking function (still a little rough around the edges); added support into admin user CP for changing avatars
Dan
diff
changeset
+ − 226
if ( function_exists($funcname) )
0437a7cf1acc
Added update-checking function (still a little rough around the edges); added support into admin user CP for changing avatars
Dan
diff
changeset
+ − 227
{
0437a7cf1acc
Added update-checking function (still a little rough around the edges); added support into admin user CP for changing avatars
Dan
diff
changeset
+ − 228
$this->page_exists = true;
0437a7cf1acc
Added update-checking function (still a little rough around the edges); added support into admin user CP for changing avatars
Dan
diff
changeset
+ − 229
}
0437a7cf1acc
Added update-checking function (still a little rough around the edges); added support into admin user CP for changing avatars
Dan
diff
changeset
+ − 230
}
832
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 231
if ( isPage($pathskey) )
24
+ − 232
{
953
323c4cd1aa37
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
diff
changeset
+ − 233
$cdata = $this->ns->get_cdata();
323c4cd1aa37
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
diff
changeset
+ − 234
323c4cd1aa37
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
diff
changeset
+ − 235
if ( $cdata['special'] == 1 )
24
+ − 236
{
+ − 237
$this->send_headers = false;
+ − 238
$strict_no_headers = true;
800
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 239
$GLOBALS['output'] = new Output_Naked();
24
+ − 240
}
953
323c4cd1aa37
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
diff
changeset
+ − 241
if ( isset($cdata['password']) )
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 242
{
953
323c4cd1aa37
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
diff
changeset
+ − 243
if ( $cdata['password'] != '' && $cdata['password'] != sha1('') )
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 244
{
953
323c4cd1aa37
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
diff
changeset
+ − 245
$password =& $cdata['password'];
286
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 246
if ( $this->password != $password )
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 247
{
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 248
$this->err_wrong_password();
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 249
return false;
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 250
}
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 251
}
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 252
}
953
323c4cd1aa37
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
diff
changeset
+ − 253
if ( isset($cdata['require_admin']) && $cdata['require_admin'] )
793
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 254
{
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 255
if ( $session->auth_level < USER_LEVEL_ADMIN )
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 256
{
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 257
$admin_fail = true;
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 258
}
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 259
}
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 260
}
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 261
else if ( $this->namespace === $paths->namespace && $this->page_id == $paths->page_id )
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 262
{
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 263
if ( isset($paths->cpage['require_admin']) && $paths->cpage['require_admin'] )
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 264
{
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 265
if ( $session->auth_level < USER_LEVEL_ADMIN )
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 266
{
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 267
$admin_fail = true;
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 268
}
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 269
}
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 270
}
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 271
if ( $admin_fail )
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 272
{
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 273
header('Content-type: text/javascript');
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 274
echo enano_json_encode(array(
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 275
'mode' => 'error',
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 276
'error' => 'need_auth_to_admin'
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 277
));
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 278
return true;
24
+ − 279
}
61
+ − 280
if ( $this->page_exists && $this->namespace != 'Special' && $this->namespace != 'Admin' && $do_stats )
+ − 281
{
592
+ − 282
require_once(ENANO_ROOT.'/includes/stats.php');
61
+ − 283
doStats($this->page_id, $this->namespace);
+ − 284
}
800
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 285
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 286
// We are all done. Ship off the page.
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 287
963
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 288
if ( !$this->allow_redir )
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 289
{
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 290
if ( method_exists($this->ns, 'get_redirect') )
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 291
{
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 292
if ( $result = $this->ns->get_redirect() )
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 293
display_redirect_notice($result['page_id'], $result['namespace']);
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 294
}
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 295
}
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 296
else
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 297
{
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 298
$this->process_redirects();
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 299
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 300
if ( count($this->redirect_stack) > 0 )
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 301
{
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 302
$stack = array_reverse($this->redirect_stack);
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 303
foreach ( $stack as $stackel )
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 304
{
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 305
$url = makeUrlNS($stackel['old_namespace'], $stackel['old_page_id'], 'redirect=no', true);
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 306
$page_data = $this->ns->get_cdata();
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 307
$title = $stackel['old_title'];
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 308
$a = '<a href="' . $url . '">' . htmlspecialchars($title) . '</a>';
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 309
$output->add_after_header('<small>' . $lang->get('page_msg_redirected_from', array('from' => $a)) . '<br /></small>');
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 310
}
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 311
$template->set_page($this);
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 312
}
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 313
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 314
if ( $this->redir_error )
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 315
{
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 316
$output->add_after_header('<div class="usermessage"><b>' . $this->redir_error . '</b></div>');
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 317
$result = $this->ns->get_redirect();
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 318
display_redirect_notice($result['page_id'], $result['namespace']);
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 319
}
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 320
}
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 321
800
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 322
$this->ns->send();
741
+ − 323
}
+ − 324
+ − 325
/**
+ − 326
* Sends the page through by fetching it from the database.
+ − 327
*/
+ − 328
+ − 329
function send_from_db($strict_no_headers = false)
+ − 330
{
+ − 331
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 332
global $lang;
+ − 333
832
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 334
$this->ns->send_from_db();
1
+ − 335
}
+ − 336
+ − 337
/**
322
+ − 338
* Fetches the wikitext or HTML source for the page.
+ − 339
* @return string
+ − 340
*/
+ − 341
+ − 342
function fetch_source()
+ − 343
{
800
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 344
global $db, $session, $paths, $template, $plugins; // Common objects
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 345
322
+ − 346
if ( !$this->perms->get_permissions('view_source') )
+ − 347
{
+ − 348
return false;
+ − 349
}
325
e17cc42d77cf
Fixed: $paths->page_id not set when the page doesn't exist; finally fixed garbled page names for IP addresses
Dan
diff
changeset
+ − 350
if ( !$this->page_exists )
e17cc42d77cf
Fixed: $paths->page_id not set when the page doesn't exist; finally fixed garbled page names for IP addresses
Dan
diff
changeset
+ − 351
{
e17cc42d77cf
Fixed: $paths->page_id not set when the page doesn't exist; finally fixed garbled page names for IP addresses
Dan
diff
changeset
+ − 352
return '';
e17cc42d77cf
Fixed: $paths->page_id not set when the page doesn't exist; finally fixed garbled page names for IP addresses
Dan
diff
changeset
+ − 353
}
953
323c4cd1aa37
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
diff
changeset
+ − 354
$cdata = $this->ns->get_cdata();
323c4cd1aa37
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
diff
changeset
+ − 355
if ( isset($cdata['password']) )
800
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 356
{
953
323c4cd1aa37
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
diff
changeset
+ − 357
if ( $cdata['password'] != sha1('') && $cdata['password'] !== $this->password && !empty($cdata['password']) )
800
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 358
{
953
323c4cd1aa37
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
diff
changeset
+ − 359
return false;
800
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 360
}
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 361
}
322
+ − 362
return $this->fetch_text();
+ − 363
}
+ − 364
+ − 365
/**
472
bc4b58034f4d
Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
Dan
diff
changeset
+ − 366
* Updates (saves/changes/edits) the content of the page.
322
+ − 367
* @param string The new text for the page
+ − 368
* @param string A summary of edits made to the page.
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 369
* @param bool If true, the edit is marked as a minor revision
832
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 370
* @param string Page format - wikitext or xhtml. REQUIRED, and new in 1.1.6.
472
bc4b58034f4d
Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
Dan
diff
changeset
+ − 371
* @return bool True on success, false on failure. When returning false, it will push errors to the PageProcessor error stack; read with $page->pop_error()
322
+ − 372
*/
+ − 373
832
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 374
function update_page($text, $edit_summary = false, $minor_edit = false, $page_format)
322
+ − 375
{
+ − 376
global $db, $session, $paths, $template, $plugins; // Common objects
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 377
global $lang;
322
+ − 378
+ − 379
// Create the page if it doesn't exist
+ − 380
if ( !$this->page_exists )
+ − 381
{
+ − 382
if ( !$this->create_page() )
+ − 383
{
+ − 384
return false;
+ − 385
}
+ − 386
}
+ − 387
+ − 388
//
+ − 389
// Validation
+ − 390
//
+ − 391
+ − 392
$page_id = $db->escape($this->page_id);
+ − 393
$namespace = $db->escape($this->namespace);
+ − 394
+ − 395
$q = $db->sql_query('SELECT protected FROM ' . table_prefix . "pages WHERE urlname='$page_id' AND namespace='$namespace';");
+ − 396
if ( !$q )
+ − 397
$db->_die('PageProcess updating page content');
+ − 398
if ( $db->numrows() < 1 )
+ − 399
{
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 400
$this->raise_error($lang->get('editor_err_no_rows'));
322
+ − 401
return false;
+ − 402
}
+ − 403
+ − 404
// Do we have permission to edit the page?
+ − 405
if ( !$this->perms->get_permissions('edit_page') )
+ − 406
{
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 407
$this->raise_error($lang->get('editor_err_no_permission'));
322
+ − 408
return false;
+ − 409
}
+ − 410
+ − 411
list($protection) = $db->fetchrow_num();
+ − 412
$db->free_result();
+ − 413
+ − 414
if ( $protection == 1 )
+ − 415
{
+ − 416
// The page is protected - do we have permission to edit protected pages?
+ − 417
if ( !$this->perms->get_permissions('even_when_protected') )
+ − 418
{
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 419
$this->raise_error($lang->get('editor_err_page_protected'));
322
+ − 420
return false;
+ − 421
}
+ − 422
}
+ − 423
else if ( $protection == 2 )
+ − 424
{
+ − 425
// The page is semi-protected.
+ − 426
if (
+ − 427
( !$session->user_logged_in || // Is the user logged in?
+ − 428
( $session->user_logged_in && $session->reg_time + ( 4 * 86400 ) >= time() ) ) // If so, have they been registered for 4 days?
+ − 429
&& !$this->perms->get_permissions('even_when_protected') ) // And of course, is there an ACL that overrides semi-protection?
+ − 430
{
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 431
$this->raise_error($lang->get('editor_err_page_protected'));
322
+ − 432
return false;
+ − 433
}
+ − 434
}
+ − 435
825
9d5c04c1414f
Added (very basic) spam filtering plugin support. Plugins can mark a message as spam by hooking into the spam check API, which is documented in functions.php. No spam checking functionality is built-in.
Dan
diff
changeset
+ − 436
// Spam check
9d5c04c1414f
Added (very basic) spam filtering plugin support. Plugins can mark a message as spam by hooking into the spam check API, which is documented in functions.php. No spam checking functionality is built-in.
Dan
diff
changeset
+ − 437
if ( !spamalyze($text) )
9d5c04c1414f
Added (very basic) spam filtering plugin support. Plugins can mark a message as spam by hooking into the spam check API, which is documented in functions.php. No spam checking functionality is built-in.
Dan
diff
changeset
+ − 438
{
9d5c04c1414f
Added (very basic) spam filtering plugin support. Plugins can mark a message as spam by hooking into the spam check API, which is documented in functions.php. No spam checking functionality is built-in.
Dan
diff
changeset
+ − 439
$this->raise_error($lang->get('editor_err_spamcheck_failed'));
9d5c04c1414f
Added (very basic) spam filtering plugin support. Plugins can mark a message as spam by hooking into the spam check API, which is documented in functions.php. No spam checking functionality is built-in.
Dan
diff
changeset
+ − 440
return false;
9d5c04c1414f
Added (very basic) spam filtering plugin support. Plugins can mark a message as spam by hooking into the spam check API, which is documented in functions.php. No spam checking functionality is built-in.
Dan
diff
changeset
+ − 441
}
9d5c04c1414f
Added (very basic) spam filtering plugin support. Plugins can mark a message as spam by hooking into the spam check API, which is documented in functions.php. No spam checking functionality is built-in.
Dan
diff
changeset
+ − 442
832
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 443
// Page format check
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 444
if ( !in_array($page_format, array('xhtml', 'wikitext')) )
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 445
{
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 446
$this->raise_error("format \"$page_format\" not one of [xhtml, wikitext]");
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 447
return false;
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 448
}
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 449
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 450
//
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 451
// Protection validated; update page content
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 452
//
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 453
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 454
$text_undb = RenderMan::preprocess_text($text, false, false);
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 455
$text = $db->escape($text_undb);
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 456
$author = $db->escape($session->username);
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 457
$time = time();
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 458
$edit_summary = ( strval($edit_summary) === $edit_summary ) ? $db->escape($edit_summary) : '';
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 459
$minor_edit = ( $minor_edit ) ? '1' : '0';
345
4ccdfeee9a11
WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
diff
changeset
+ − 460
$date_string = enano_date('d M Y h:i a');
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 461
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 462
// Insert log entry
832
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 463
$sql = 'INSERT INTO ' . table_prefix . "logs ( time_id, date_string, log_type, action, page_id, namespace, author, page_text, edit_summary, minor_edit, page_format )\n"
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 464
. " VALUES ( $time, '$date_string', 'page', 'edit', '{$this->page_id}', '{$this->namespace}', '$author', '$text', '$edit_summary', $minor_edit, '$page_format' );";
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 465
if ( !$db->sql_query($sql) )
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 466
{
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 467
$this->raise_error($db->get_error());
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 468
return false;
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 469
}
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 470
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 471
// Update the master text entry
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 472
$sql = 'UPDATE ' . table_prefix . "page_text SET page_text = '$text' WHERE page_id = '{$this->page_id}' AND namespace = '{$this->namespace}';";
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 473
if ( !$db->sql_query($sql) )
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 474
{
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 475
$this->raise_error($db->get_error());
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 476
return false;
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 477
}
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 478
468
+ − 479
// If there's an identical draft copy, delete it
+ − 480
$sql = 'DELETE FROM ' . table_prefix . "logs WHERE is_draft = 1 AND page_id = '{$this->page_id}' AND namespace = '{$this->namespace}' AND page_text = '{$text}';";
+ − 481
if ( !$db->sql_query($sql) )
+ − 482
{
+ − 483
$this->raise_error($db->get_error());
+ − 484
return false;
+ − 485
}
+ − 486
832
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 487
// Set page_format
877
+ − 488
// Using @ due to warning thrown when saving new page
953
323c4cd1aa37
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
diff
changeset
+ − 489
$cdata = $this->ns->get_cdata();
323c4cd1aa37
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
diff
changeset
+ − 490
if ( @$cdata['page_format'] !== $page_format )
832
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 491
{
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 492
// Note: no SQL injection to worry about here. Everything that goes into this is sanitized already, barring some rogue plugin.
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 493
// (and if there's a rogue plugin running, we have bigger things to worry about anyway.)
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 494
if ( !$db->sql_query('UPDATE ' . table_prefix . "pages SET page_format = '$page_format' WHERE urlname = '$this->page_id' AND namespace = '$this->namespace';") )
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 495
{
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 496
$this->raise_error($db->get_error());
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 497
return false;
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 498
}
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 499
$paths->update_metadata_cache();
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 500
}
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 501
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 502
// Rebuild the search index
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 503
$paths->rebuild_page_index($this->page_id, $this->namespace);
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 504
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 505
$this->text_cache = $text;
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 506
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 507
return true;
322
+ − 508
+ − 509
}
+ − 510
+ − 511
/**
+ − 512
* Creates the page if it doesn't already exist.
426
+ − 513
* @param string Optional page title.
821
a64c56a1a6a4
PageProcessor: fix not setting page_exists to true after create_page() success (todo: move to Namespace_*?); add $visible parameter to create_page()
Dan
diff
changeset
+ − 514
* @param bool Visibility (allow indexing) flag
322
+ − 515
* @return bool True on success, false on failure.
+ − 516
*/
+ − 517
821
a64c56a1a6a4
PageProcessor: fix not setting page_exists to true after create_page() success (todo: move to Namespace_*?); add $visible parameter to create_page()
Dan
diff
changeset
+ − 518
function create_page($title = false, $visible = true)
322
+ − 519
{
+ − 520
global $db, $session, $paths, $template, $plugins; // Common objects
426
+ − 521
global $lang;
322
+ − 522
+ − 523
// Do we have permission to create the page?
+ − 524
if ( !$this->perms->get_permissions('create_page') )
+ − 525
{
426
+ − 526
$this->raise_error($lang->get('pagetools_create_err_no_permission'));
322
+ − 527
return false;
+ − 528
}
+ − 529
+ − 530
// Does it already exist?
+ − 531
if ( $this->page_exists )
+ − 532
{
426
+ − 533
$this->raise_error($lang->get('pagetools_create_err_already_exists'));
322
+ − 534
return false;
+ − 535
}
+ − 536
+ − 537
// It's not in there. Perform validation.
+ − 538
+ − 539
// We can't create special, admin, or external pages.
692
78473351a6c9
Changed namespace properties (including core identifier) for external pages that load the Enano API to be a uniform "API" namespace and "SystemAPI:" prefix.
Dan
diff
changeset
+ − 540
if ( $this->namespace == 'Special' || $this->namespace == 'Admin' || $this->namespace == 'API' )
322
+ − 541
{
426
+ − 542
$this->raise_error($lang->get('pagetools_create_err_nodb_namespace'));
322
+ − 543
return false;
+ − 544
}
+ − 545
+ − 546
// Guess the proper title
481
+ − 547
$name = ( !empty($title) ) ? $title : str_replace('_', ' ', dirtify_page_id($this->page_id));
322
+ − 548
+ − 549
// Check for the restricted Project: prefix
+ − 550
if ( substr($this->page_id, 0, 8) == 'Project:' )
+ − 551
{
426
+ − 552
$this->raise_error($lang->get('pagetools_create_err_reserved_prefix'));
322
+ − 553
return false;
+ − 554
}
+ − 555
+ − 556
// Validation successful - insert the page
+ − 557
+ − 558
$metadata = array(
+ − 559
'urlname' => $this->page_id,
+ − 560
'namespace' => $this->namespace,
+ − 561
'name' => $name,
+ − 562
'special' => 0,
821
a64c56a1a6a4
PageProcessor: fix not setting page_exists to true after create_page() success (todo: move to Namespace_*?); add $visible parameter to create_page()
Dan
diff
changeset
+ − 563
'visible' => $visible ? 1 : 0,
322
+ − 564
'comments_on' => 1,
+ − 565
'protected' => ( $this->namespace == 'System' ? 1 : 0 ),
+ − 566
'delvotes' => 0,
+ − 567
'delvote_ips' => serialize(array()),
+ − 568
'wiki_mode' => 2
+ − 569
);
+ − 570
+ − 571
$paths->add_page($metadata);
+ − 572
+ − 573
$page_id = $db->escape($this->page_id);
+ − 574
$namespace = $db->escape($this->namespace);
+ − 575
$name = $db->escape($name);
+ − 576
$protect = ( $this->namespace == 'System' ) ? '1' : '0';
+ − 577
$blank_array = $db->escape(serialize(array()));
+ − 578
+ − 579
// Query 1: Metadata entry
821
a64c56a1a6a4
PageProcessor: fix not setting page_exists to true after create_page() success (todo: move to Namespace_*?); add $visible parameter to create_page()
Dan
diff
changeset
+ − 580
$q = $db->sql_query('INSERT INTO ' . table_prefix . "pages(name, urlname, namespace, visible, protected, delvotes, delvote_ips, wiki_mode)\n"
a64c56a1a6a4
PageProcessor: fix not setting page_exists to true after create_page() success (todo: move to Namespace_*?); add $visible parameter to create_page()
Dan
diff
changeset
+ − 581
. " VALUES ( '$name', '$page_id', '$namespace', {$metadata['visible']}, $protect, 0, '$blank_array', 2 );");
322
+ − 582
if ( !$q )
+ − 583
$db->_die('PageProcessor page creation - metadata stage');
+ − 584
+ − 585
// Query 2: Text insertion
+ − 586
$q = $db->sql_query('INSERT INTO ' . table_prefix . "page_text(page_id, namespace, page_text)\n"
+ − 587
. "VALUES ( '$page_id', '$namespace', '' );");
+ − 588
if ( !$q )
+ − 589
$db->_die('PageProcessor page creation - text stage');
+ − 590
426
+ − 591
// Query 3: Log entry
+ − 592
$db->sql_query('INSERT INTO ' . table_prefix."logs(time_id, date_string, log_type, action, author, page_id, namespace)\n"
+ − 593
. " VALUES ( " . time() . ", '" . enano_date('d M Y h:i a') . "', 'page', 'create', \n"
+ − 594
. " '" . $db->escape($session->username) . "', '" . $db->escape($this->page_id) . "', '" . $this->namespace . "');");
+ − 595
if ( !$q )
+ − 596
$db->_die('PageProcessor page creation - logging stage');
+ − 597
593
4f9bec0d65c1
More optimization work. Moved special page init functions to common instead of common_post hook. Allowed paths to cache page metadata on filesystem. Phased out the redundancy in $paths->pages that paired a number with every urlname as foreach loops are allowed now (and have been for some time). Fixed missing includes for several functions. Rewrote str_replace_once to be a lot more efficient.
Dan
diff
changeset
+ − 598
// Update the cache
4f9bec0d65c1
More optimization work. Moved special page init functions to common instead of common_post hook. Allowed paths to cache page metadata on filesystem. Phased out the redundancy in $paths->pages that paired a number with every urlname as foreach loops are allowed now (and have been for some time). Fixed missing includes for several functions. Rewrote str_replace_once to be a lot more efficient.
Dan
diff
changeset
+ − 599
$paths->update_metadata_cache();
4f9bec0d65c1
More optimization work. Moved special page init functions to common instead of common_post hook. Allowed paths to cache page metadata on filesystem. Phased out the redundancy in $paths->pages that paired a number with every urlname as foreach loops are allowed now (and have been for some time). Fixed missing includes for several functions. Rewrote str_replace_once to be a lot more efficient.
Dan
diff
changeset
+ − 600
821
a64c56a1a6a4
PageProcessor: fix not setting page_exists to true after create_page() success (todo: move to Namespace_*?); add $visible parameter to create_page()
Dan
diff
changeset
+ − 601
// Make sure that when/if we save the page later in this instance it doesn't get re-created
a64c56a1a6a4
PageProcessor: fix not setting page_exists to true after create_page() success (todo: move to Namespace_*?); add $visible parameter to create_page()
Dan
diff
changeset
+ − 602
$this->page_exists = true;
a64c56a1a6a4
PageProcessor: fix not setting page_exists to true after create_page() success (todo: move to Namespace_*?); add $visible parameter to create_page()
Dan
diff
changeset
+ − 603
322
+ − 604
// Page created. We're good!
+ − 605
return true;
+ − 606
}
+ − 607
+ − 608
/**
468
+ − 609
* Rolls back a non-edit action in the logs
+ − 610
* @param int Log entry (log_id) to roll back
+ − 611
* @return array Standard Enano error/success protocol
+ − 612
*/
+ − 613
+ − 614
function rollback_log_entry($log_id)
+ − 615
{
+ − 616
global $db, $session, $paths, $template, $plugins; // Common objects
696
bd5069e1f19a
Revamped page deletion interface; fixed bug where page_meta cache was not being cleared upon restoration of deleted page.
Dan
diff
changeset
+ − 617
global $cache;
468
+ − 618
+ − 619
// Verify permissions
+ − 620
if ( !$this->perms->get_permissions('history_rollback') )
+ − 621
{
+ − 622
return array(
+ − 623
'success' => false,
+ − 624
'error' => 'access_denied'
+ − 625
);
+ − 626
}
+ − 627
+ − 628
// Check input
+ − 629
$log_id = intval($log_id);
+ − 630
if ( empty($log_id) )
+ − 631
{
+ − 632
return array(
+ − 633
'success' => false,
+ − 634
'error' => 'invalid_parameter'
+ − 635
);
+ − 636
}
+ − 637
+ − 638
// Fetch the log entry
+ − 639
$q = $db->sql_query('SELECT * FROM ' . table_prefix . "logs WHERE log_type = 'page' AND page_id='{$this->page_id}' AND namespace='{$this->namespace}' AND log_id = $log_id;");
+ − 640
if ( !$q )
+ − 641
$db->_die();
+ − 642
+ − 643
// Is this even a valid log entry for this context?
+ − 644
if ( $db->numrows() < 1 )
+ − 645
{
+ − 646
return array(
+ − 647
'success' => false,
+ − 648
'error' => 'entry_not_found'
+ − 649
);
+ − 650
}
+ − 651
+ − 652
// All good, fetch and free the result
+ − 653
$log_entry = $db->fetchrow();
+ − 654
$db->free_result();
+ − 655
481
+ − 656
$dateline = enano_date('d M Y h:i a', $log_entry['time_id']);
+ − 657
468
+ − 658
// Let's see, what do we have here...
+ − 659
switch ( $log_entry['action'] )
+ − 660
{
+ − 661
case 'rename':
+ − 662
// Page was renamed, let the rename method handle this
912
+ − 663
return array_merge($this->rename_page($log_entry['edit_summary']), array('dateline' => $dateline, 'action' => $log_entry['action']));
468
+ − 664
break;
+ − 665
case 'prot':
+ − 666
case 'unprot':
+ − 667
case 'semiprot':
481
+ − 668
return array_merge($this->protect_page(intval($log_entry['page_text']), '__REVERSION__'), array('dateline' => $dateline, 'action' => $log_entry['action']));
+ − 669
break;
+ − 670
case 'delete':
+ − 671
+ − 672
// Raising a previously dead page has implications...
+ − 673
+ − 674
// FIXME: l10n
+ − 675
// rollback_extra is required because usually only moderators can undo page deletion AND restore the content.
696
bd5069e1f19a
Revamped page deletion interface; fixed bug where page_meta cache was not being cleared upon restoration of deleted page.
Dan
diff
changeset
+ − 676
// potential flaw here - once recreated, can past revisions be restored by users without rollback_extra? should
bd5069e1f19a
Revamped page deletion interface; fixed bug where page_meta cache was not being cleared upon restoration of deleted page.
Dan
diff
changeset
+ − 677
// probably modify editor routine to deny revert access if the timestamp < timestamp of last deletion if any.
481
+ − 678
if ( !$this->perms->get_permissions('history_rollback_extra') )
+ − 679
return 'Administrative privileges are required for page undeletion.';
+ − 680
+ − 681
// Rolling back the deletion of a page that was since created?
+ − 682
$pathskey = $paths->nslist[ $this->namespace ] . $this->page_id;
832
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 683
if ( isPage($pathskey) )
481
+ − 684
return array(
+ − 685
'success' => false,
+ − 686
// This is a clean Christian in-joke.
+ − 687
'error' => 'seeking_living_among_dead'
+ − 688
);
+ − 689
+ − 690
// Generate a crappy page name
+ − 691
$name = $db->escape( str_replace('_', ' ', dirtify_page_id($this->page_id)) );
+ − 692
+ − 693
// Stage 1 - re-insert page
+ − 694
$e = $db->sql_query('INSERT INTO ' . table_prefix.'pages(name,urlname,namespace) VALUES( \'' . $name . '\', \'' . $this->page_id . '\',\'' . $this->namespace . '\' )');
+ − 695
if ( !$e )
+ − 696
$db->die_json();
+ − 697
+ − 698
// Select the latest published revision
+ − 699
$q = $db->sql_query('SELECT page_text FROM ' . table_prefix . "logs WHERE\n"
+ − 700
. " log_type = 'page'\n"
+ − 701
. " AND action = 'edit'\n"
+ − 702
. " AND page_id = '$this->page_id'\n"
+ − 703
. " AND namespace = '$this->namespace'\n"
+ − 704
. " AND is_draft != 1\n"
+ − 705
. "ORDER BY time_id DESC LIMIT 1;");
+ − 706
if ( !$q )
+ − 707
$db->die_json();
+ − 708
list($page_text) = $db->fetchrow_num();
+ − 709
$db->free_result($q);
+ − 710
+ − 711
// Apply the latest revision as the current page text
+ − 712
$page_text = $db->escape($page_text);
+ − 713
$e = $db->sql_query('INSERT INTO ' . table_prefix."page_text(page_id, namespace, page_text) VALUES\n"
+ − 714
. " ( '$this->page_id', '$this->namespace', '$page_text' );");
+ − 715
if ( !$e )
+ − 716
$db->die_json();
+ − 717
696
bd5069e1f19a
Revamped page deletion interface; fixed bug where page_meta cache was not being cleared upon restoration of deleted page.
Dan
diff
changeset
+ − 718
$cache->purge('page_meta');
bd5069e1f19a
Revamped page deletion interface; fixed bug where page_meta cache was not being cleared upon restoration of deleted page.
Dan
diff
changeset
+ − 719
481
+ − 720
return array(
+ − 721
'success' => true,
+ − 722
'dateline' => $dateline,
+ − 723
'action' => $log_entry['action']
+ − 724
);
+ − 725
+ − 726
break;
+ − 727
case 'reupload':
+ − 728
+ − 729
// given a log id and some revision info, restore the old file.
+ − 730
// get the timestamp of the file before this one
+ − 731
$q = $db->sql_query('SELECT time_id, file_key, file_extension, filename, size, mimetype FROM ' . table_prefix . "files WHERE time_id < {$log_entry['time_id']} ORDER BY time_id DESC LIMIT 1;");
+ − 732
if ( !$q )
+ − 733
$db->_die();
+ − 734
+ − 735
$row = $db->fetchrow();
+ − 736
$db->free_result();
+ − 737
+ − 738
// If the file hasn't been renamed to the new format (omitting timestamp), do that now.
+ − 739
$fname = ENANO_ROOT . "/files/{$row['file_key']}_{$row['time_id']}{$row['file_extension']}";
+ − 740
if ( @file_exists($fname) )
+ − 741
{
+ − 742
// it's stored in the old format - rename
+ − 743
$fname_new = ENANO_ROOT . "/files/{$row['file_key']}{$row['file_extension']}";
+ − 744
if ( !@rename($fname, $fname_new) )
+ − 745
{
+ − 746
return array(
+ − 747
'success' => false,
+ − 748
'error' => 'rb_file_rename_failed',
+ − 749
'action' => $log_entry['action']
+ − 750
);
+ − 751
}
+ − 752
}
+ − 753
+ − 754
// Insert a new file entry
+ − 755
$time = time();
+ − 756
$filename = $db->escape($row['filename']);
+ − 757
$mimetype = $db->escape($row['mimetype']);
+ − 758
$ext = $db->escape($row['file_extension']);
+ − 759
$key = $db->escape($row['file_key']);
+ − 760
+ − 761
$q = $db->sql_query('INSERT INTO ' . table_prefix . "files ( time_id, page_id, filename, size, mimetype, file_extension, file_key ) VALUES\n"
+ − 762
. " ( $time, '$this->page_id', '$filename', {$row['size']}, '$mimetype', '$ext', '$key' );");
+ − 763
if ( !$q )
+ − 764
$db->die_json();
+ − 765
+ − 766
// add reupload log entry
+ − 767
$username = $db->escape($session->username);
+ − 768
$q = $db->sql_query('INSERT INTO ' . table_prefix . "logs ( log_type, action, time_id, page_id, namespace, author, edit_summary ) VALUES\n"
+ − 769
. " ( 'page', 'reupload', $time, '$this->page_id', '$this->namespace', '$username', '__ROLLBACK__' )");
+ − 770
if ( !$q )
+ − 771
$db->die_json();
+ − 772
+ − 773
return array(
+ − 774
'success' => true,
+ − 775
'dateline' => $dateline,
+ − 776
'action' => $log_entry['action']
+ − 777
);
+ − 778
468
+ − 779
break;
913
+ − 780
case 'votereset':
+ − 781
if ( !$this->perms->get_permissions('history_rollback_extra') )
+ − 782
return 'Denied!';
+ − 783
+ − 784
// pull existing vote data
+ − 785
$q = $db->sql_query('SELECT delvotes, delvote_ips FROM ' . table_prefix . "pages WHERE urlname = '$this->page_id' AND namespace = '$this->namespace';");
+ − 786
if ( !$q )
+ − 787
$db->_die();
+ − 788
+ − 789
if ( $db->numrows() < 1 )
+ − 790
return array(
+ − 791
'success' => false,
+ − 792
'error' => 'page_not_exist',
+ − 793
'action' => $log_entry['action']
+ − 794
);
+ − 795
+ − 796
list($curr_delvotes, $curr_delvote_ips) = $db->fetchrow_num();
+ − 797
$db->free_result();
+ − 798
+ − 799
// merge with existing votes
+ − 800
$old_delvote_ips = unserialize($log_entry['page_text']);
+ − 801
$new_delvote_ips = unserialize($curr_delvote_ips);
+ − 802
$new_delvote_ips['u'] = array_unique(array_merge($new_delvote_ips['u'], $old_delvote_ips['u']));
+ − 803
$new_delvote_ips['ip'] = array_unique(array_merge($new_delvote_ips['ip'], $old_delvote_ips['ip']));
+ − 804
$new_delvotes = count($new_delvote_ips['ip']);
+ − 805
$new_delvote_ips = $db->escape(serialize($new_delvote_ips));
+ − 806
+ − 807
// update pages table
+ − 808
$q = $db->sql_query('UPDATE ' . table_prefix . "pages SET delvotes = $new_delvotes, delvote_ips = '$new_delvote_ips' WHERE urlname = '$this->page_id' AND namespace = '$this->namespace';");
+ − 809
+ − 810
$cache->purge('page_meta');
+ − 811
+ − 812
return array(
+ − 813
'success' => true,
+ − 814
'dateline' => $dateline,
+ − 815
'action' => $log_entry['action']
+ − 816
);
+ − 817
break;
468
+ − 818
default:
481
+ − 819
+ − 820
return array(
+ − 821
'success' => false,
+ − 822
'error' => 'rb_action_not_supported',
+ − 823
'action' => $log_entry['action']
+ − 824
);
+ − 825
468
+ − 826
break;
+ − 827
}
+ − 828
}
+ − 829
+ − 830
/**
+ − 831
* Renames the page
+ − 832
* @param string New name
+ − 833
* @return array Standard Enano error/success protocol
+ − 834
*/
+ − 835
+ − 836
function rename_page($new_name)
+ − 837
{
+ − 838
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 839
+ − 840
// Check permissions
+ − 841
if ( !$this->perms->get_permissions('rename') )
+ − 842
{
+ − 843
return array(
+ − 844
'success' => false,
+ − 845
'error' => 'access_denied'
+ − 846
);
+ − 847
}
+ − 848
+ − 849
// If this is the same as the current name, return success
+ − 850
$page_name = get_page_title_ns($this->page_id, $this->namespace);
+ − 851
if ( $page_name === $new_name )
+ − 852
{
+ − 853
return array(
+ − 854
'success' => true
+ − 855
);
+ − 856
}
+ − 857
+ − 858
// Make sure the name is valid
+ − 859
$new_name = trim($new_name);
+ − 860
if ( empty($new_name) )
+ − 861
{
+ − 862
return array(
+ − 863
'success' => false,
+ − 864
'error' => 'invalid_parameter'
+ − 865
);
+ − 866
}
+ − 867
+ − 868
// Log the action
+ − 869
$username = $db->escape($session->username);
+ − 870
$page_name = $db->escape($page_name);
+ − 871
$time = time();
+ − 872
+ − 873
$q = $db->sql_query('INSERT INTO ' . table_prefix . "logs ( log_type, action, page_id, namespace, author, edit_summary, time_id, date_string ) VALUES\n"
+ − 874
. " ( 'page', 'rename', '{$this->page_id}', '{$this->namespace}', '$username', '$page_name', '$time', 'DATE_STRING COLUMN OBSOLETE, USE time_id' );");
+ − 875
if ( !$q )
+ − 876
$db->_die();
+ − 877
+ − 878
// Not much to do but to rename it now
+ − 879
$new_name = $db->escape($new_name);
+ − 880
$q = $db->sql_query('UPDATE ' . table_prefix . "pages SET name = '$new_name' WHERE urlname = '{$this->page_id}' AND namespace = '{$this->namespace}';");
+ − 881
if ( !$q )
+ − 882
$db->_die();
+ − 883
600
46abecc238e7
Fixed missing require() on stats.php in pageprocess; made pageprocess update the metadata cache on page rename
Dan
diff
changeset
+ − 884
// Update the cache
46abecc238e7
Fixed missing require() on stats.php in pageprocess; made pageprocess update the metadata cache on page rename
Dan
diff
changeset
+ − 885
$paths->update_metadata_cache();
46abecc238e7
Fixed missing require() on stats.php in pageprocess; made pageprocess update the metadata cache on page rename
Dan
diff
changeset
+ − 886
468
+ − 887
return array(
+ − 888
'success' => true
+ − 889
);
+ − 890
}
+ − 891
+ − 892
/**
+ − 893
* Sets the protection level of the page
+ − 894
* @param int Protection level, one of PROTECT_{FULL,SEMI,NONE}
+ − 895
* @param string Reason for protection - required
+ − 896
*/
+ − 897
+ − 898
function protect_page($protection_level, $reason)
+ − 899
{
+ − 900
global $db, $session, $paths, $template, $plugins; // Common objects
904
+ − 901
global $cache;
468
+ − 902
+ − 903
// Validate permissions
+ − 904
if ( !$this->perms->get_permissions('protect') )
+ − 905
{
+ − 906
return array(
+ − 907
'success' => false,
+ − 908
'error' => 'access_denied'
+ − 909
);
+ − 910
}
+ − 911
907
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
diff
changeset
+ − 912
// Validate re-auth
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
diff
changeset
+ − 913
if ( !$session->sid_super )
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
diff
changeset
+ − 914
{
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
diff
changeset
+ − 915
return array(
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
diff
changeset
+ − 916
'success' => false,
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
diff
changeset
+ − 917
'error' => 'access_denied_need_reauth'
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
diff
changeset
+ − 918
);
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
diff
changeset
+ − 919
}
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
diff
changeset
+ − 920
468
+ − 921
// Validate input
+ − 922
$reason = trim($reason);
+ − 923
if ( !in_array($protection_level, array(PROTECT_NONE, PROTECT_FULL, PROTECT_SEMI)) || empty($reason) )
+ − 924
{
+ − 925
return array(
+ − 926
'success' => false,
+ − 927
'error' => 'invalid_parameter'
+ − 928
);
+ − 929
}
+ − 930
+ − 931
// Retrieve page metadata
953
323c4cd1aa37
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
diff
changeset
+ − 932
$metadata = $this->ns->get_cdata();
468
+ − 933
+ − 934
// Log the action
+ − 935
$username = $db->escape($session->username);
+ − 936
$time = time();
+ − 937
$existing_protection = intval($metadata['protected']);
+ − 938
$reason = $db->escape($reason);
+ − 939
481
+ − 940
if ( $existing_protection == $protection_level )
+ − 941
{
+ − 942
return array(
+ − 943
'success' => false,
+ − 944
'error' => 'protection_already_there'
+ − 945
);
+ − 946
}
+ − 947
468
+ − 948
$action = '[ insanity ]';
+ − 949
switch($protection_level)
+ − 950
{
+ − 951
case PROTECT_FULL: $action = 'prot'; break;
+ − 952
case PROTECT_NONE: $action = 'unprot'; break;
+ − 953
case PROTECT_SEMI: $action = 'semiprot'; break;
+ − 954
}
+ − 955
+ − 956
$sql = 'INSERT INTO ' . table_prefix . "logs ( log_type, action, page_id, namespace, author, edit_summary, time_id, page_text, date_string ) VALUES\n"
+ − 957
. " ( 'page', '$action', '{$this->page_id}', '{$this->namespace}', '$username', '$reason', '$time', '$existing_protection', 'DATE_STRING COLUMN OBSOLETE, USE time_id' );";
+ − 958
if ( !$db->sql_query($sql) )
+ − 959
{
481
+ − 960
$db->die_json();
468
+ − 961
}
+ − 962
+ − 963
// Perform the actual protection
+ − 964
$q = $db->sql_query('UPDATE ' . table_prefix . "pages SET protected = $protection_level WHERE urlname = '{$this->page_id}' AND namespace = '{$this->namespace}';");
+ − 965
if ( !$q )
481
+ − 966
$db->die_json();
468
+ − 967
904
+ − 968
$cache->purge('page_meta');
+ − 969
468
+ − 970
return array(
+ − 971
'success' => true
+ − 972
);
+ − 973
}
+ − 974
+ − 975
/**
1
+ − 976
* Sets internal variables.
+ − 977
* @access private
+ − 978
*/
+ − 979
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 980
function _setup($page_id, $namespace, $revision_id)
1
+ − 981
{
+ − 982
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 983
+ − 984
$page_id_cleaned = sanitize_page_id($page_id);
+ − 985
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 986
$this->revision_id = $revision_id;
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 987
$this->page_id_unclean = dirtify_page_id($page_id);
1
+ − 988
963
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 989
// resolve namespace
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 990
$this->ns = namespace_factory($page_id, $namespace, $this->revision_id);
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 991
$this->page_id =& $this->ns->page_id;
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 992
$this->namespace =& $this->ns->namespace;
1
+ − 993
963
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 994
$this->perms = $session->fetch_page_acl( $page_id, $namespace );
426
+ − 995
800
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 996
$this->page_exists = $this->ns->exists();
62
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 997
$this->title = get_page_title_ns($this->page_id, $this->namespace);
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 998
372
5bd429428101
A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager
Dan
diff
changeset
+ − 999
profiler_log("PageProcessor [{$this->namespace}:{$this->page_id}]: Ran _setup()");
1
+ − 1000
}
+ − 1001
+ − 1002
/**
963
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1003
* Processes any redirects.
1
+ − 1004
* @access private
+ − 1005
*/
+ − 1006
963
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1007
function process_redirects()
1
+ − 1008
{
62
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 1009
global $db, $session, $paths, $template, $plugins; // Common objects
800
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 1010
global $output, $lang;
592
+ − 1011
963
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1012
$this->redirect_stack = array();
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1013
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1014
if ( !method_exists($this->ns, 'get_redirect') )
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1015
return true;
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1016
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1017
if ( !$this->allow_redir )
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1018
return true;
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1019
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1020
$redirect_count = 0;
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1021
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1022
while ( $result = $this->ns->get_redirect() )
62
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 1023
{
963
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1024
if ( $result['namespace'] == 'Special' || $result['namespace'] == 'Admin' )
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1025
{
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1026
// Can't redirect to special/admin page
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1027
$this->redir_error = $lang->get('page_err_redirect_to_special');
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1028
break;
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1029
}
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1030
if ( $redirect_count == 3 )
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1031
{
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1032
// max of 3 internal redirects exceeded
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1033
$this->redir_error = $lang->get('page_err_redirects_exceeded');
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1034
break;
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1035
}
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1036
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1037
$loop = false;
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1038
foreach ( $this->redirect_stack as $stackel )
62
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 1039
{
963
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1040
if ( $result['page_id'] == $stackel['old_page_id'] && $result['namespace'] == $stackel['old_namespace'] )
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1041
{
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1042
$loop = true;
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1043
break;
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1044
}
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1045
}
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1046
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1047
if ( $loop )
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1048
{
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1049
// redirect loop
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1050
$this->redir_error = $lang->get('page_err_redirect_infinite_loop');
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1051
break;
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1052
}
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1053
$new_ns = namespace_factory($result['page_id'], $result['namespace']);
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1054
if ( !$new_ns->exists() )
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1055
{
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1056
// new page doesn't exist
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1057
$this->redir_error = $lang->get('page_err_redirect_to_nonexistent');
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1058
break;
62
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 1059
}
963
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1060
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1061
// build stack entry
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1062
$stackel = array(
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1063
'page_id' => $result['page_id'],
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1064
'namespace' => $result['namespace'],
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1065
'old_page_id' => $this->page_id,
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1066
'old_namespace' => $this->namespace,
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1067
'old_title' => $this->ns->title
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1068
);
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1069
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1070
// replace everything (perform the actual redirect)
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1071
$this->ns = $new_ns;
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1072
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1073
$this->page_id =& $this->ns->page_id;
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1074
$this->namespace =& $this->ns->namespace;
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1075
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1076
$this->redirect_stack[] = $stackel;
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1077
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1078
$redirect_count++;
62
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 1079
}
1
+ − 1080
}
963
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1081
1
+ − 1082
/**
+ − 1083
* Sends the page header, dependent on, of course, whether we're supposed to.
+ − 1084
*/
+ − 1085
+ − 1086
function header()
+ − 1087
{
+ − 1088
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1089
if ( $this->send_headers )
+ − 1090
$template->header();
+ − 1091
}
+ − 1092
+ − 1093
/**
+ − 1094
* Sends the page footer, dependent on, of course, whether we're supposed to.
+ − 1095
*/
+ − 1096
+ − 1097
function footer()
+ − 1098
{
+ − 1099
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1100
if ( $this->send_headers )
+ − 1101
$template->footer();
+ − 1102
}
+ − 1103
+ − 1104
/**
+ − 1105
* Fetches the raw, unfiltered page text.
+ − 1106
* @access public
+ − 1107
*/
+ − 1108
+ − 1109
function fetch_text()
+ − 1110
{
800
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 1111
return $this->ns->fetch_text();
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 1112
}
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 1113
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 1114
/**
935
+ − 1115
* Tells us if the page exists.
+ − 1116
* @return bool
+ − 1117
*/
+ − 1118
+ − 1119
function exists()
+ − 1120
{
+ − 1121
return $this->ns->exists();
+ − 1122
}
+ − 1123
+ − 1124
/**
62
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 1125
* Pushes to the redirect stack and resets the instance. This depends on the page ID and namespace already being validated and sanitized, and does not check the size of the redirect stack.
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 1126
* @param string Page ID to redirect to
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 1127
* @param string Namespace to redirect to
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 1128
* @access private
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 1129
*/
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 1130
963
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1131
/*
62
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 1132
function _handle_redirect($page_id, $namespace)
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 1133
{
92
+ − 1134
global $db, $session, $paths, $template, $plugins; // Common objects
314
+ − 1135
global $lang;
62
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 1136
$arr_pid = array($this->page_id, $this->namespace);
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 1137
if ( $namespace == 'Special' || $namespace == 'Admin' )
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 1138
{
963
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1139
return ;
62
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 1140
}
314
+ − 1141
$looped = false;
+ − 1142
foreach ( $this->redirect_stack as $page )
62
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 1143
{
314
+ − 1144
if ( $page[0] == $arr_pid[0] && $page[1] == $arr_pid[1] )
+ − 1145
{
+ − 1146
$looped = true;
+ − 1147
break;
+ − 1148
}
+ − 1149
}
+ − 1150
if ( $looped )
+ − 1151
{
963
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1152
return ;
62
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 1153
}
92
+ − 1154
$page_id_key = $paths->nslist[ $namespace ] . sanitize_page_id($page_id);
832
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 1155
if ( !isPage($page_id_key) )
62
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 1156
{
314
+ − 1157
return $lang->get('page_err_redirect_to_nonexistent');
62
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 1158
}
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 1159
$this->redirect_stack[] = $arr_pid;
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 1160
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 1161
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 1162
// Nuke the text cache to avoid infinite loops, gah...
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 1163
$this->text_cache = '';
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 1164
$this->_setup($page_id, $namespace, 0);
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 1165
$this->send();
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 1166
return true;
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 1167
}
963
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1168
*/
62
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 1169
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 1170
/**
1
+ − 1171
* Send the error message to the user that the access to this page is denied.
+ − 1172
* @access private
+ − 1173
*/
+ − 1174
+ − 1175
function err_access_denied()
+ − 1176
{
+ − 1177
global $db, $session, $paths, $template, $plugins; // Common objects
314
+ − 1178
global $lang;
+ − 1179
global $email;
1
+ − 1180
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1181
// Log it for crying out loud
345
4ccdfeee9a11
WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
diff
changeset
+ − 1182
$q = $db->sql_query('INSERT INTO '.table_prefix.'logs(log_type,action,time_id,date_string,author,edit_summary,page_text) VALUES(\'security\', \'illegal_page\', '.time().', \''.enano_date('d M Y h:i a').'\', \''.$db->escape($session->username).'\', \''.$db->escape($_SERVER['REMOTE_ADDR']).'\', \'' . $db->escape(serialize(array($this->page_id, $this->namespace))) . '\')');
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1183
1
+ − 1184
$ob = '';
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1185
//$template->tpl_strings['PAGE_NAME'] = 'Access denied';
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1186
$template->tpl_strings['PAGE_NAME'] = htmlspecialchars( $this->title );
1
+ − 1187
+ − 1188
if ( $this->send_headers )
+ − 1189
{
+ − 1190
$ob .= $template->getHeader();
+ − 1191
}
+ − 1192
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1193
if ( count($this->redirect_stack) > 0 )
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1194
{
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1195
$stack = array_reverse($this->redirect_stack);
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1196
foreach ( $stack as $oldtarget )
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1197
{
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1198
$url = makeUrlNS($oldtarget[1], $oldtarget[0], 'redirect=no', true);
953
323c4cd1aa37
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
diff
changeset
+ − 1199
$old_page = namespace_factory($oldtarget[0], $oldtarget[1]);
323c4cd1aa37
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
diff
changeset
+ − 1200
$page_data = $old_page->get_cdata();
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1201
$title = ( isset($page_data['name']) ) ? $page_data['name'] : $paths->nslist[$oldtarget[1]] . htmlspecialchars( str_replace('_', ' ', dirtify_page_id( $oldtarget[0] ) ) );
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1202
$a = '<a href="' . $url . '">' . $title . '</a>';
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1203
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1204
$url = makeUrlNS($this->namespace, $this->page_id, 'redirect=no', true);
953
323c4cd1aa37
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
diff
changeset
+ − 1205
$page_data = $this->ns->get_cdata();
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1206
$title = ( isset($page_data['name']) ) ? $page_data['name'] : $paths->nslist[$this->namespace] . htmlspecialchars( str_replace('_', ' ', dirtify_page_id( $this->page_id ) ) );
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1207
$b = '<a href="' . $url . '">' . $title . '</a>';
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1208
369
+ − 1209
$ob .= '<small>' . $lang->get('page_msg_redirected_from_to', array('from' => $a, 'to' => $b)) . '<br /></small>';
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1210
}
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1211
}
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1212
314
+ − 1213
$email_link = $email->encryptEmail(getConfig('contact_email'), '', '', $lang->get('page_err_access_denied_siteadmin'));
+ − 1214
+ − 1215
$ob .= "<h3>" . $lang->get('page_err_access_denied_title') . "</h3>";
+ − 1216
$ob .= "<p>" . $lang->get('page_err_access_denied_body', array('site_administration' => $email_link)) . "</p>";
1
+ − 1217
+ − 1218
if ( $this->send_headers )
+ − 1219
{
+ − 1220
$ob .= $template->getFooter();
+ − 1221
}
+ − 1222
echo $ob;
+ − 1223
}
+ − 1224
+ − 1225
/**
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1226
* Inform the user of an incorrect or absent password
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1227
* @access private
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1228
*/
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1229
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1230
function err_wrong_password()
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1231
{
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1232
global $db, $session, $paths, $template, $plugins; // Common objects
369
+ − 1233
global $lang;
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1234
800
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 1235
$title = $lang->get('page_msg_passrequired_title');
369
+ − 1236
$message = ( empty($this->password) ) ?
+ − 1237
'<p>' . $lang->get('page_msg_passrequired') . '</p>' :
+ − 1238
'<p>' . $lang->get('page_msg_pass_wrong') . '</p>';
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1239
$message .= '<form action="' . makeUrlNS($this->namespace, $this->page_id) . '" method="post">
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1240
<p>
800
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 1241
<label>' . $lang->get('page_lbl_password') . ' <input name="pagepass" type="password" /></label> <input type="submit" value="' . $lang->get('page_btn_password_submit') . '" />
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1242
</p>
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1243
</form>';
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1244
if ( $this->send_headers )
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1245
{
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1246
$template->tpl_strings['PAGE_NAME'] = $title;
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1247
$template->header();
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1248
echo "$message";
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1249
$template->footer();
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1250
}
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1251
else
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1252
{
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1253
echo "<h2>$title</h2>
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1254
$message";
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1255
}
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1256
}
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1257
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1258
/**
1
+ − 1259
* Send the error message to the user complaining that there weren't any rows.
+ − 1260
* @access private
+ − 1261
*/
+ − 1262
+ − 1263
function err_no_rows()
+ − 1264
{
+ − 1265
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1266
+ − 1267
$title = 'No text rows';
+ − 1268
$message = 'While the page\'s existence was verified, there were no rows in the database that matched the query for the text. This may indicate a bug with the software; ask the webmaster for more information. The offending query was:<pre>' . $db->latest_query . '</pre>';
+ − 1269
if ( $this->send_headers )
+ − 1270
{
+ − 1271
$template->tpl_strings['PAGE_NAME'] = $title;
+ − 1272
$template->header();
+ − 1273
echo "<p>$message</p>";
+ − 1274
$template->footer();
+ − 1275
}
+ − 1276
else
+ − 1277
{
+ − 1278
echo "<h2>$title</h2>
+ − 1279
<p>$message</p>";
+ − 1280
}
+ − 1281
}
+ − 1282
+ − 1283
/**
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 1284
* Send an error message and die. For debugging or critical technical errors only - nothing that would under normal circumstances be shown to the user.
468
+ − 1285
* @param string Error message
+ − 1286
* @param bool If true, send DBAL's debugging information as well
1
+ − 1287
*/
+ − 1288
+ − 1289
function send_error($message, $sql = false)
+ − 1290
{
+ − 1291
global $db, $session, $paths, $template, $plugins; // Common objects
369
+ − 1292
global $lang;
1
+ − 1293
+ − 1294
$content = "<p>$message</p>";
369
+ − 1295
$template->tpl_strings['PAGE_NAME'] = $lang->get('page_msg_general_error');
1
+ − 1296
+ − 1297
if ( $this->debug['works'] )
+ − 1298
{
+ − 1299
$content .= $this->debug['backtrace'];
+ − 1300
}
+ − 1301
+ − 1302
header('HTTP/1.1 500 Internal Server Error');
+ − 1303
+ − 1304
$template->header();
+ − 1305
echo $content;
+ − 1306
$template->footer();
+ − 1307
+ − 1308
$db->close();
+ − 1309
+ − 1310
exit;
+ − 1311
+ − 1312
}
+ − 1313
322
+ − 1314
/**
+ − 1315
* Raises an error.
+ − 1316
* @param string Error string
+ − 1317
*/
+ − 1318
+ − 1319
function raise_error($string)
+ − 1320
{
+ − 1321
if ( !is_string($string) )
+ − 1322
return false;
+ − 1323
$this->_errors[] = $string;
+ − 1324
}
+ − 1325
+ − 1326
/**
+ − 1327
* Retrieves the latest error from the error stack and returns it ('pops' the error stack)
+ − 1328
* @return string
+ − 1329
*/
+ − 1330
+ − 1331
function pop_error()
+ − 1332
{
+ − 1333
if ( count($this->_errors) < 1 )
+ − 1334
return false;
+ − 1335
return array_pop($this->_errors);
+ − 1336
}
+ − 1337
1
+ − 1338
} // class PageProcessor
+ − 1339
+ − 1340
?>