0
+ − 1 <?php
73
0a74676a2f2f
Made the move to Loch Ness, and got some basic page grouping functionality working. TODO: fix some UI issues in Javascript ACL editor and change non-JS ACL editor to work with page groups too
Dan
diff
changeset
+ − 2
166
+ − 3 /*
0
+ − 4 * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
801
eb8b23f11744
Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
diff
changeset
+ − 5 * Version 1.1.6 (Caoineag beta 1)
536
+ − 6 * Copyright (C) 2006-2008 Dan Fuhry
0
+ − 7 *
+ − 8 * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
+ − 9 * as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
+ − 10 *
+ − 11 * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ − 12 * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
+ − 13 *
246
+ − 14 * @package Enano
+ − 15 * @subpackage Frontend
0
+ − 16 */
246
+ − 17
311
a007145a0ff6
Deprecated debugConsole and removed all calls to it. Added a lot of comments to common.php. Added support for "anonymous pages" that are created when the Enano API is loaded from an external script. Fixed missing border-bottom on Type 2 sidebar blocks in Oxygen.
Dan
diff
changeset
+ − 18 define('ENANO_INTERFACE_INDEX', '');
372
5bd429428101
A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager
Dan
diff
changeset
+ − 19
5bd429428101
A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager
Dan
diff
changeset
+ − 20 // For the mighty and brave.
605
+ − 21 // define('ENANO_DEBUG', '');
311
a007145a0ff6
Deprecated debugConsole and removed all calls to it. Added a lot of comments to common.php. Added support for "anonymous pages" that are created when the Enano API is loaded from an external script. Fixed missing border-bottom on Type 2 sidebar blocks in Oxygen.
Dan
diff
changeset
+ − 22
81
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 23 // Set up gzip encoding before any output is sent
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 24
637
+ − 25 $aggressive_optimize_html = true;
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 26
0
+ − 27 global $do_gzip;
637
+ − 28 $do_gzip = true;
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 29
80
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 30 if ( isset($_GET['nocompress']) )
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 31 $aggressive_optimize_html = false;
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 32
0
+ − 33 error_reporting(E_ALL);
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 34
0
+ − 35 if($aggressive_optimize_html || $do_gzip)
+ − 36 {
+ − 37 ob_start();
+ − 38 }
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 39
564
a1c450a911a6
Updated version number metadata in system plugin files; added some comments and removed unused code from index.php and includes/graphs.php
Dan
diff
changeset
+ − 40 // start up Enano
0
+ − 41 require('includes/common.php');
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 42
0
+ − 43 global $db, $session, $paths, $template, $plugins; // Common objects
542
5841df0ab575
Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit.
Dan
diff
changeset
+ − 44 $page_timestamp = time();
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 45
307
+ − 46 if ( !isset($_GET['do']) )
+ − 47 {
+ − 48 $_GET['do'] = 'view';
+ − 49 }
0
+ − 50 switch($_GET['do'])
+ − 51 {
+ − 52 default:
759
+ − 53 $code = $plugins->setHook('page_action');
+ − 54 ob_start();
+ − 55 foreach ( $code as $cmd )
+ − 56 {
+ − 57 eval($cmd);
+ − 58 }
+ − 59 if ( $contents = ob_get_contents() )
+ − 60 {
+ − 61 ob_end_clean();
+ − 62 echo $contents;
+ − 63 }
+ − 64 else
+ − 65 {
+ − 66 die_friendly('Invalid action', '<p>The action "'.htmlspecialchars($_GET['do']).'" is not defined. Return to <a href="'.makeUrl($paths->page).'">viewing this page\'s text</a>.</p>');
+ − 67 }
0
+ − 68 break;
+ − 69 case 'view':
+ − 70 // echo PageUtils::getpage($paths->page, true, ( (isset($_GET['oldid'])) ? $_GET['oldid'] : false ));
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 71 $rev_id = ( (isset($_GET['oldid'])) ? intval($_GET['oldid']) : 0 );
322
+ − 72 $page = new PageProcessor( $paths->page_id, $paths->namespace, $rev_id );
0
+ − 73 $page->send_headers = true;
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 74 $pagepass = ( isset($_REQUEST['pagepass']) ) ? sha1($_REQUEST['pagepass']) : '';
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 75 $page->password = $pagepass;
61
+ − 76 $page->send(true);
542
5841df0ab575
Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit.
Dan
diff
changeset
+ − 77 $page_timestamp = $page->revision_time;
0
+ − 78 break;
+ − 79 case 'comments':
+ − 80 $template->header();
592
+ − 81 require_once(ENANO_ROOT.'/includes/pageutils.php');
0
+ − 82 $sub = ( isset ($_GET['sub']) ) ? $_GET['sub'] : false;
+ − 83 switch($sub)
+ − 84 {
+ − 85 case 'admin':
+ − 86 default:
+ − 87 $act = ( isset ($_GET['action']) ) ? $_GET['action'] : false;
+ − 88 $id = ( isset ($_GET['id']) ) ? intval($_GET['id']) : -1;
322
+ − 89 echo PageUtils::comments_html($paths->page_id, $paths->namespace, $act, Array('id'=>$id));
0
+ − 90 break;
+ − 91 case 'postcomment':
+ − 92 if(empty($_POST['name']) ||
+ − 93 empty($_POST['subj']) ||
+ − 94 empty($_POST['text'])
+ − 95 ) { echo 'Invalid request'; break; }
+ − 96 $cid = ( isset($_POST['captcha_id']) ) ? $_POST['captcha_id'] : false;
+ − 97 $cin = ( isset($_POST['captcha_input']) ) ? $_POST['captcha_input'] : false;
322
+ − 98 PageUtils::addcomment($paths->page_id, $paths->namespace, $_POST['name'], $_POST['subj'], $_POST['text'], $cin, $cid); // All filtering, etc. is handled inside this method
+ − 99 echo PageUtils::comments_html($paths->page_id, $paths->namespace);
0
+ − 100 break;
+ − 101 case 'editcomment':
+ − 102 if(!isset($_GET['id']) || ( isset($_GET['id']) && !preg_match('#^([0-9]+)$#', $_GET['id']) )) { echo '<p>Invalid comment ID</p>'; break; }
+ − 103 $q = $db->sql_query('SELECT subject,comment_data,comment_id FROM '.table_prefix.'comments WHERE comment_id='.$_GET['id']);
+ − 104 if(!$q) $db->_die('The comment data could not be selected.');
+ − 105 $row = $db->fetchrow();
+ − 106 $db->free_result();
213
+ − 107 $row['subject'] = str_replace('\'', ''', $row['subject']);
0
+ − 108 echo '<form action="'.makeUrl($paths->page, 'do=comments&sub=savecomment').'" method="post">';
+ − 109 echo "<br /><div class='tblholder'><table border='0' width='100%' cellspacing='1' cellpadding='4'>
213
+ − 110 <tr><td class='row1'>" . $lang->get('comment_postform_field_subject') . "</td><td class='row1'><input type='text' name='subj' value='{$row['subject']}' /></td></tr>
+ − 111 <tr><td class='row2'>" . $lang->get('comment_postform_field_comment') . "</td><td class='row2'><textarea rows='10' cols='40' style='width: 98%;' name='text'>{$row['comment_data']}</textarea></td></tr>
+ − 112 <tr><td class='row1' colspan='2' class='row1' style='text-align: center;'><input type='hidden' name='id' value='{$row['comment_id']}' /><input type='submit' value='" . $lang->get('etc_save_changes') . "' /></td></tr>
0
+ − 113 </table></div>";
+ − 114 echo '</form>';
+ − 115 break;
+ − 116 case 'savecomment':
+ − 117 if(empty($_POST['subj']) || empty($_POST['text'])) { echo '<p>Invalid request</p>'; break; }
322
+ − 118 $r = PageUtils::savecomment_neater($paths->page_id, $paths->namespace, $_POST['subj'], $_POST['text'], (int)$_POST['id']);
0
+ − 119 if($r != 'good') { echo "<pre>$r</pre>"; break; }
322
+ − 120 echo PageUtils::comments_html($paths->page_id, $paths->namespace);
0
+ − 121 break;
+ − 122 case 'deletecomment':
+ − 123 if(!empty($_GET['id']))
+ − 124 {
322
+ − 125 PageUtils::deletecomment_neater($paths->page_id, $paths->namespace, (int)$_GET['id']);
0
+ − 126 }
322
+ − 127 echo PageUtils::comments_html($paths->page_id, $paths->namespace);
0
+ − 128 break;
+ − 129 }
+ − 130 $template->footer();
+ − 131 break;
+ − 132 case 'edit':
285
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 133 if(isset($_POST['_cancel']))
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 134 {
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 135 redirect(makeUrl($paths->page), '', '', 0);
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 136 break;
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 137 }
592
+ − 138 require_once(ENANO_ROOT.'/includes/pageutils.php');
285
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 139 if(isset($_POST['_save']))
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 140 {
337
+ − 141 $captcha_valid = true;
+ − 142 if ( !$session->user_logged_in && getConfig('guest_edit_require_captcha') == '1' )
285
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 143 {
337
+ − 144 $captcha_valid = false;
+ − 145 if ( isset($_POST['captcha_id']) && isset($_POST['captcha_code']) )
+ − 146 {
+ − 147 $hash_correct = strtolower($session->get_captcha($_POST['captcha_id']));
+ − 148 $hash_input = strtolower($_POST['captcha_code']);
+ − 149 if ( $hash_input === $hash_correct )
+ − 150 $captcha_valid = true;
+ − 151 }
+ − 152 }
+ − 153 if ( $captcha_valid )
+ − 154 {
+ − 155 $e = PageUtils::savepage($paths->page_id, $paths->namespace, $_POST['page_text'], $_POST['edit_summary'], isset($_POST['minor']));
+ − 156 if ( $e == 'good' )
+ − 157 {
+ − 158 redirect(makeUrl($paths->page), $lang->get('editor_msg_save_success_title'), $lang->get('editor_msg_save_success_body'), 3);
+ − 159 }
285
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 160 }
0
+ − 161 }
+ − 162 $template->header();
337
+ − 163 if ( isset($captcha_valid) )
+ − 164 {
+ − 165 echo '<div class="usermessage">' . $lang->get('editor_err_captcha_wrong') . '</div>';
+ − 166 }
0
+ − 167 if(isset($_POST['_preview']))
+ − 168 {
+ − 169 $text = $_POST['page_text'];
408
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 170 $edsumm = $_POST['edit_summary'];
0
+ − 171 echo PageUtils::genPreview($_POST['page_text']);
220
+ − 172 $text = htmlspecialchars($text);
408
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 173 $revid = 0;
0
+ − 174 }
220
+ − 175 else
+ − 176 {
408
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 177 $revid = ( isset($_GET['revid']) ) ? intval($_GET['revid']) : 0;
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 178 $page = new PageProcessor($paths->page_id, $paths->namespace, $revid);
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 179 $text = $page->fetch_source();
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 180 $edsumm = '';
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 181 // $text = RenderMan::getPage($paths->cpage['urlname_nons'], $paths->namespace, 0, false, false, false, false);
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 182 }
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 183 if ( $revid > 0 )
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 184 {
468
+ − 185 $time = $page->revision_time;
408
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 186 // Retrieve information about this revision and the current one
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 187 $q = $db->sql_query('SELECT l1.author AS currentrev_author, l2.author AS oldrev_author FROM ' . table_prefix . 'logs AS l1
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 188 LEFT JOIN ' . table_prefix . 'logs AS l2
468
+ − 189 ON ( l2.log_id = ' . $revid . '
408
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 190 AND l2.log_type = \'page\'
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 191 AND l2.action = \'edit\'
468
+ − 192 AND l2.page_id = \'' . $db->escape($paths->page_id) . '\'
+ − 193 AND l2.namespace = \'' . $db->escape($paths->namespace) . '\'
+ − 194 AND l1.is_draft != 1
408
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 195 )
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 196 WHERE l1.log_type = \'page\'
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 197 AND l1.action = \'edit\'
468
+ − 198 AND l1.page_id = \'' . $db->escape($paths->page_id) . '\'
+ − 199 AND l1.namespace = \'' . $db->escape($paths->namespace) . '\'
+ − 200 AND l1.time_id > ' . $time . '
+ − 201 AND l1.is_draft != 1
408
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 202 ORDER BY l1.time_id DESC;');
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 203 if ( !$q )
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 204 $db->die_json();
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 205
468
+ − 206 if ( $db->numrows() > 0 )
+ − 207 {
+ − 208 echo '<div class="usermessage">' . $lang->get('editor_msg_editing_old_revision') . '</div>';
+ − 209
+ − 210 $rev_count = $db->numrows() - 2;
+ − 211 $row = $db->fetchrow();
+ − 212 $undo_info = array(
+ − 213 'old_author' => $row['oldrev_author'],
+ − 214 'current_author' => $row['currentrev_author'],
+ − 215 'undo_count' => max($rev_count, 1),
+ − 216 'last_rev_id' => $revid
+ − 217 );
+ − 218 }
+ − 219 else
+ − 220 {
+ − 221 $revid = 0;
+ − 222 }
408
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 223 $db->free_result();
220
+ − 224 }
0
+ − 225 echo '
+ − 226 <form action="'.makeUrl($paths->page, 'do=edit').'" method="post" enctype="multipart/form-data">
+ − 227 <br />
+ − 228 <textarea name="page_text" rows="20" cols="60" style="width: 97%;">'.$text.'</textarea><br />
+ − 229 <br />
+ − 230 ';
408
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 231 $edsumm = ( $revid > 0 ) ? $lang->get('editor_reversion_edit_summary', $undo_info) : $edsumm;
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 232 echo $lang->get('editor_lbl_edit_summary') . ' <input name="edit_summary" type="text" size="40" value="' . htmlspecialchars($edsumm) . '" /><br /><label><input type="checkbox" name="minor" /> ' . $lang->get('editor_lbl_minor_edit_field') . '</label><br />';
337
+ − 233 if ( !$session->user_logged_in && getConfig('guest_edit_require_captcha') == '1' )
+ − 234 {
+ − 235 echo '<br /><table border="0"><tr><td>';
+ − 236 echo '<b>' . $lang->get('editor_lbl_field_captcha') . '</b><br />'
+ − 237 . '<br />'
+ − 238 . $lang->get('editor_msg_captcha_pleaseenter') . '<br /><br />'
+ − 239 . $lang->get('editor_msg_captcha_blind');
+ − 240 echo '</td><td>';
+ − 241 $hash = $session->make_captcha();
+ − 242 echo '<img src="' . makeUrlNS('Special', "Captcha/$hash") . '" onclick="this.src+=\'/a\'" style="cursor: pointer;" /><br />';
+ − 243 echo '<input type="hidden" name="captcha_id" value="' . $hash . '" />';
+ − 244 echo $lang->get('editor_lbl_field_captcha_code') . ' <input type="text" name="captcha_code" value="" size="9" />';
+ − 245 echo '</td></tr></table>';
+ − 246 }
0
+ − 247 echo '<br />
220
+ − 248 <input type="submit" name="_save" value="' . $lang->get('editor_btn_save') . '" style="font-weight: bold;" />
+ − 249 <input type="submit" name="_preview" value="' . $lang->get('editor_btn_preview') . '" />
+ − 250 <input type="submit" name="_revert" value="' . $lang->get('editor_btn_revert') . '" />
+ − 251 <input type="submit" name="_cancel" value="' . $lang->get('editor_btn_cancel') . '" />
0
+ − 252 </form>
+ − 253 ';
832
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 254 if ( getConfig('wiki_edit_notice', '0') == '1' )
160
+ − 255 {
+ − 256 $notice = getConfig('wiki_edit_notice_text');
+ − 257 echo RenderMan::render($notice);
+ − 258 }
0
+ − 259 $template->footer();
+ − 260 break;
+ − 261 case 'viewsource':
+ − 262 $template->header();
322
+ − 263 $text = RenderMan::getPage($paths->page_id, $paths->namespace, 0, false, false, false, false);
391
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 264 $text = htmlspecialchars($text);
0
+ − 265 echo '
+ − 266 <form action="'.makeUrl($paths->page, 'do=edit').'" method="post">
+ − 267 <br />
+ − 268 <textarea readonly="readonly" name="page_text" rows="20" cols="60" style="width: 97%;">'.$text.'</textarea>';
+ − 269 echo '<br />
220
+ − 270 <input type="submit" name="_cancel" value="' . $lang->get('editor_btn_closeviewer') . '" />
0
+ − 271 </form>
+ − 272 ';
+ − 273 $template->footer();
+ − 274 break;
+ − 275 case 'history':
592
+ − 276 require_once(ENANO_ROOT.'/includes/pageutils.php');
322
+ − 277 $hist = PageUtils::histlist($paths->page_id, $paths->namespace);
0
+ − 278 $template->header();
+ − 279 echo $hist;
+ − 280 $template->footer();
+ − 281 break;
+ − 282 case 'rollback':
+ − 283 $id = (isset($_GET['id'])) ? $_GET['id'] : false;
826
+ − 284 if(!$id || !ctype_digit($id)) die_friendly('Invalid action ID', '<p>The URL parameter "id" is not an integer. Exiting to prevent nasties like SQL injection, etc.</p>');
481
+ − 285
+ − 286 $id = intval($id);
+ − 287
+ − 288 $page = new PageProcessor($paths->page_id, $paths->namespace);
+ − 289 $result = $page->rollback_log_entry($id);
+ − 290
+ − 291 if ( $result['success'] )
+ − 292 {
+ − 293 $result = $lang->get("page_msg_rb_success_{$result['action']}", array('dateline' => $result['dateline']));
+ − 294 }
+ − 295 else
+ − 296 {
+ − 297 $result = $lang->get("page_err_{$result['error']}", array('action' => @$result['action']));
+ − 298 }
+ − 299
0
+ − 300 $template->header();
481
+ − 301 echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a></p>';
0
+ − 302 $template->footer();
+ − 303 break;
+ − 304 case 'catedit':
592
+ − 305 require_once(ENANO_ROOT.'/includes/pageutils.php');
0
+ − 306 if(isset($_POST['__enanoSaveButton']))
+ − 307 {
+ − 308 unset($_POST['__enanoSaveButton']);
322
+ − 309 $val = PageUtils::catsave($paths->page_id, $paths->namespace, $_POST);
0
+ − 310 if($val == 'GOOD')
+ − 311 {
+ − 312 header('Location: '.makeUrl($paths->page)); echo '<html><head><title>Redirecting...</title></head><body>If you haven\'t been redirected yet, <a href="'.makeUrl($paths->page).'">click here</a>.'; break;
+ − 313 } else {
+ − 314 die_friendly('Error saving category information', '<p>'.$val.'</p>');
+ − 315 }
+ − 316 }
+ − 317 elseif(isset($_POST['__enanoCatCancel']))
+ − 318 {
+ − 319 header('Location: '.makeUrl($paths->page)); echo '<html><head><title>Redirecting...</title></head><body>If you haven\'t been redirected yet, <a href="'.makeUrl($paths->page).'">click here</a>.'; break;
+ − 320 }
+ − 321 $template->header();
322
+ − 322 $c = PageUtils::catedit_raw($paths->page_id, $paths->namespace);
0
+ − 323 echo $c[1];
+ − 324 $template->footer();
+ − 325 break;
+ − 326 case 'moreoptions':
+ − 327 $template->header();
220
+ − 328 echo '<div class="menu_nojs" style="width: 150px; padding: 0;"><ul style="display: block;"><li><div class="label">' . $lang->get('ajax_lbl_moreoptions_nojs') . '</div><div style="clear: both;"></div></li>'.$template->toolbar_menu.'</ul></div>';
0
+ − 329 $template->footer();
+ − 330 break;
+ − 331 case 'protect':
907
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
diff
changeset
+ − 332 if ( !$session->sid_super )
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
diff
changeset
+ − 333 {
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
diff
changeset
+ − 334 redirect(makeUrlNS('Special', "Login/{$paths->page}", 'target_do=protect&level=' . $session->user_level, false), $lang->get('etc_access_denied_short'), $lang->get('etc_access_denied_need_reauth'), 0);
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
diff
changeset
+ − 335 }
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
diff
changeset
+ − 336
906
+ − 337 if ( isset($_POST['level']) && isset($_POST['reason']) )
0
+ − 338 {
906
+ − 339 $level = intval($_POST['level']);
+ − 340 if ( !in_array($level, array(PROTECT_FULL, PROTECT_SEMI, PROTECT_NONE)) )
+ − 341 {
+ − 342 $errors[] = 'bad level';
+ − 343 }
+ − 344 $reason = trim($_POST['reason']);
+ − 345 if ( empty($reason) )
+ − 346 {
+ − 347 $errors[] = $lang->get('onpage_protect_err_need_reason');
+ − 348 }
220
+ − 349
906
+ − 350 $page = new PageProcessor($paths->page_id, $paths->namespace);
+ − 351 $result = $page->protect_page($level, $reason);
+ − 352 if ( $result['success'] )
+ − 353 {
+ − 354 redirect(makeUrl($paths->page), $lang->get('page_protect_lbl_success_title'), $lang->get('page_protect_lbl_success_body', array('page_link' => makeUrl($paths->page, false, true))), 3);
+ − 355 }
+ − 356 else
+ − 357 {
+ − 358 $errors[] = $lang->get('page_err_' . $result['error']);
+ − 359 }
0
+ − 360 }
+ − 361 $template->header();
+ − 362 ?>
+ − 363 <form action="<?php echo makeUrl($paths->page, 'do=protect'); ?>" method="post">
906
+ − 364 <h3><?php echo $lang->get('onpage_protect_heading'); ?></h3>
+ − 365 <p><?php echo $lang->get('onpage_protect_msg_select_level'); ?></p>
+ − 366
+ − 367 <?php
+ − 368 if ( !empty($errors) )
+ − 369 {
+ − 370 echo '<ul><li>' . implode('</li><li>', $errors) . '</li></ul>';
+ − 371 }
+ − 372 ?>
+ − 373
+ − 374 <div class="protectlevel" style="line-height: 22px; margin-left: 17px;">
+ − 375 <label>
+ − 376 <input type="radio" name="level" value="<?php echo PROTECT_FULL; ?>" />
+ − 377 <?php echo gen_sprite(cdnPath . '/images/protect-icons.png', 22, 22, 0, 0); ?>
+ − 378 <?php echo $lang->get('onpage_protect_btn_full'); ?>
+ − 379 </label>
+ − 380 </div>
+ − 381 <div class="protectlevel_hint" style="font-size: smaller; margin-left: 68px;">
+ − 382 <?php echo $lang->get('onpage_protect_btn_full_hint'); ?>
+ − 383 </div>
+ − 384
+ − 385 <div class="protectlevel" style="line-height: 22px; margin-left: 17px;">
+ − 386 <label>
+ − 387 <input type="radio" name="level" value="<?php echo PROTECT_SEMI; ?>" />
+ − 388 <?php echo gen_sprite(cdnPath . '/images/protect-icons.png', 22, 22, 22, 0); ?>
+ − 389 <?php echo $lang->get('onpage_protect_btn_semi'); ?>
+ − 390 </label>
+ − 391 </div>
+ − 392 <div class="protectlevel_hint" style="font-size: smaller; margin-left: 68px;">
+ − 393 <?php echo $lang->get('onpage_protect_btn_semi_hint'); ?>
+ − 394 </div>
+ − 395
+ − 396 <div class="protectlevel" style="line-height: 22px; margin-left: 17px;">
+ − 397 <label>
+ − 398 <input type="radio" name="level" value="<?php echo PROTECT_NONE; ?>" />
+ − 399 <?php echo gen_sprite(cdnPath . '/images/protect-icons.png', 22, 22, 44, 0); ?>
+ − 400 <?php echo $lang->get('onpage_protect_btn_none'); ?>
+ − 401 </label>
+ − 402 </div>
+ − 403 <div class="protectlevel_hint" style="font-size: smaller; margin-left: 68px;">
+ − 404 <?php echo $lang->get('onpage_protect_btn_none_hint'); ?>
+ − 405 </div>
+ − 406
+ − 407 <table style="margin-left: 1em;" cellspacing="10">
+ − 408 <tr>
+ − 409 <td valign="top">
+ − 410 <?php echo $lang->get('onpage_protect_lbl_reason'); ?>
+ − 411 </td>
+ − 412 <td>
+ − 413 <input type="text" name="reason" size="40" /><br />
+ − 414 <small><?php echo $lang->get('onpage_protect_lbl_reason_hint'); ?></small>
+ − 415 </td>
+ − 416 </tr>
+ − 417 </table>
+ − 418
+ − 419 <p>
+ − 420 <input type="submit" value="<?php echo htmlspecialchars($lang->get('page_protect_btn_submit')) ?>" style="font-weight: bold;" />
+ − 421 <a class="abutton" href="<?php echo makeUrl($paths->page, false, true); ?>"><?php echo $lang->get('etc_cancel'); ?></a>
+ − 422 </p>
0
+ − 423 </form>
+ − 424 <?php
+ − 425 $template->footer();
+ − 426 break;
+ − 427 case 'rename':
592
+ − 428 require_once(ENANO_ROOT.'/includes/pageutils.php');
0
+ − 429 if(!empty($_POST['newname']))
+ − 430 {
322
+ − 431 $r = PageUtils::rename($paths->page_id, $paths->namespace, $_POST['newname']);
304
+ − 432 die_friendly($lang->get('page_rename_success_title'), '<p>'.nl2br($r).' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>');
0
+ − 433 }
+ − 434 $template->header();
+ − 435 ?>
+ − 436 <form action="<?php echo makeUrl($paths->page, 'do=rename'); ?>" method="post">
220
+ − 437 <?php if(isset($_POST['newname'])) echo '<p style="color: red;">' . $lang->get('page_rename_err_need_name') . '</p>'; ?>
+ − 438 <p><?php echo $lang->get('page_rename_lbl'); ?></p>
0
+ − 439 <p><input type="text" name="newname" size="40" /></p>
220
+ − 440 <p><input type="submit" value="<?php echo htmlspecialchars($lang->get('page_rename_btn_submit')); ?>" style="font-weight: bold;" /></p>
0
+ − 441 </form>
+ − 442 <?php
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 443 $template->footer();
0
+ − 444 break;
+ − 445 case 'flushlogs':
220
+ − 446 if(!$session->get_permissions('clear_logs'))
+ − 447 {
+ − 448 die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>');
+ − 449 }
907
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
diff
changeset
+ − 450 if ( !$session->sid_super )
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
diff
changeset
+ − 451 {
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
diff
changeset
+ − 452 redirect(makeUrlNS('Special', "Login/{$paths->page}", 'target_do=flushlogs&level=' . $session->user_level, false), $lang->get('etc_access_denied_short'), $lang->get('etc_access_denied_need_reauth'), 0);
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
diff
changeset
+ − 453 }
592
+ − 454 require_once(ENANO_ROOT.'/includes/pageutils.php');
0
+ − 455 if(isset($_POST['_downthejohn']))
+ − 456 {
+ − 457 $template->header();
322
+ − 458 $result = PageUtils::flushlogs($paths->page_id, $paths->namespace);
220
+ − 459 echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>';
0
+ − 460 $template->footer();
+ − 461 break;
+ − 462 }
+ − 463 $template->header();
+ − 464 ?>
+ − 465 <form action="<?php echo makeUrl($paths->page, 'do=flushlogs'); ?>" method="post">
220
+ − 466 <?php echo $lang->get('page_flushlogs_warning_stern'); ?>
+ − 467 <p><input type="submit" name="_downthejohn" value="<?php echo htmlspecialchars($lang->get('page_flushlogs_btn_submit')); ?>" style="color: red; font-weight: bold;" /></p>
0
+ − 468 </form>
+ − 469 <?php
+ − 470 $template->footer();
+ − 471 break;
+ − 472 case 'delvote':
592
+ − 473 require_once(ENANO_ROOT.'/includes/pageutils.php');
0
+ − 474 if(isset($_POST['_ballotbox']))
+ − 475 {
+ − 476 $template->header();
322
+ − 477 $result = PageUtils::delvote($paths->page_id, $paths->namespace);
220
+ − 478 echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>';
0
+ − 479 $template->footer();
+ − 480 break;
+ − 481 }
+ − 482 $template->header();
+ − 483 ?>
+ − 484 <form action="<?php echo makeUrl($paths->page, 'do=delvote'); ?>" method="post">
220
+ − 485 <?php
+ − 486 echo $lang->get('page_delvote_warning_stern');
+ − 487 echo '<p>';
+ − 488 switch($paths->cpage['delvotes'])
+ − 489 {
+ − 490 case 0: echo $lang->get('page_delvote_count_zero'); break;
+ − 491 case 1: echo $lang->get('page_delvote_count_one'); break;
+ − 492 default: echo $lang->get('page_delvote_count_plural', array('delvotes' => $paths->cpage['delvotes'])); break;
+ − 493 }
+ − 494 echo '</p>';
+ − 495 ?>
+ − 496 <p><input type="submit" name="_ballotbox" value="<?php echo htmlspecialchars($lang->get('page_delvote_btn_submit')); ?>" /></p>
0
+ − 497 </form>
+ − 498 <?php
+ − 499 $template->footer();
+ − 500 break;
+ − 501 case 'resetvotes':
592
+ − 502 require_once(ENANO_ROOT.'/includes/pageutils.php');
220
+ − 503 if(!$session->get_permissions('vote_reset'))
+ − 504 {
+ − 505 die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>');
+ − 506 }
0
+ − 507 if(isset($_POST['_youmaylivealittlelonger']))
+ − 508 {
+ − 509 $template->header();
322
+ − 510 $result = PageUtils::resetdelvotes($paths->page_id, $paths->namespace);
220
+ − 511 echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>';
0
+ − 512 $template->footer();
+ − 513 break;
+ − 514 }
+ − 515 $template->header();
+ − 516 ?>
+ − 517 <form action="<?php echo makeUrl($paths->page, 'do=resetvotes'); ?>" method="post">
220
+ − 518 <p><?php echo $lang->get('ajax_delvote_reset_confirm'); ?></p>
+ − 519 <p><input type="submit" name="_youmaylivealittlelonger" value="<?php echo htmlspecialchars($lang->get('page_delvote_reset_btn_submit')); ?>" /></p>
0
+ − 520 </form>
+ − 521 <?php
+ − 522 $template->footer();
+ − 523 break;
+ − 524 case 'deletepage':
220
+ − 525 if(!$session->get_permissions('delete_page'))
+ − 526 {
+ − 527 die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>');
+ − 528 }
907
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
diff
changeset
+ − 529 if ( !$session->sid_super )
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
diff
changeset
+ − 530 {
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
diff
changeset
+ − 531 redirect(makeUrlNS('Special', "Login/{$paths->page}", 'target_do=deletepage&level=' . $session->user_level, false), $lang->get('etc_access_denied_short'), $lang->get('etc_access_denied_need_reauth'), 0);
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
diff
changeset
+ − 532 }
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
diff
changeset
+ − 533
592
+ − 534 require_once(ENANO_ROOT.'/includes/pageutils.php');
0
+ − 535 if(isset($_POST['_adiossucker']))
+ − 536 {
28
+ − 537 $reason = ( isset($_POST['reason']) ) ? $_POST['reason'] : false;
+ − 538 if ( empty($reason) )
220
+ − 539 $error = $lang->get('ajax_delete_prompt_reason');
28
+ − 540 else
+ − 541 {
+ − 542 $template->header();
322
+ − 543 $result = PageUtils::deletepage($paths->page_id, $paths->namespace, $reason);
220
+ − 544 echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>';
28
+ − 545 $template->footer();
+ − 546 break;
+ − 547 }
0
+ − 548 }
+ − 549 $template->header();
+ − 550 ?>
+ − 551 <form action="<?php echo makeUrl($paths->page, 'do=deletepage'); ?>" method="post">
220
+ − 552 <?php echo $lang->get('page_delete_warning_stern'); ?>
28
+ − 553 <?php if ( isset($error) ) echo "<p>$error</p>"; ?>
220
+ − 554 <p><?php echo $lang->get('page_delete_lbl_reason'); ?> <input type="text" name="reason" size="50" /></p>
+ − 555 <p><input type="submit" name="_adiossucker" value="<?php echo htmlspecialchars($lang->get('page_delete_btn_submit')); ?>" style="color: red; font-weight: bold;" /></p>
0
+ − 556 </form>
+ − 557 <?php
+ − 558 $template->footer();
+ − 559 break;
+ − 560 case 'setwikimode':
220
+ − 561 if(!$session->get_permissions('set_wiki_mode'))
+ − 562 {
+ − 563 die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>');
+ − 564 }
97
+ − 565 if ( isset($_POST['finish']) )
+ − 566 {
+ − 567 $level = intval($_POST['level']);
+ − 568 if ( !in_array($level, array(0, 1, 2) ) )
+ − 569 {
+ − 570 die_friendly('Invalid request', '<p>Level not specified</p>');
+ − 571 }
322
+ − 572 $q = $db->sql_query('UPDATE '.table_prefix.'pages SET wiki_mode=' . $level . ' WHERE urlname=\'' . $db->escape($paths->page_id) . '\' AND namespace=\'' . $paths->namespace . '\';');
97
+ − 573 if ( !$q )
+ − 574 $db->_die();
220
+ − 575 redirect(makeUrl($paths->page), htmlspecialchars($paths->cpage['name']), $lang->get('page_wikimode_success_redirect'), 2);
97
+ − 576 }
+ − 577 else
+ − 578 {
+ − 579 $template->header();
+ − 580 if(!isset($_GET['level']) || ( isset($_GET['level']) && !preg_match('#^([0-9])$#', $_GET['level']))) die_friendly('Invalid request', '<p>Level not specified</p>');
+ − 581 $level = intval($_GET['level']);
+ − 582 if ( !in_array($level, array(0, 1, 2) ) )
+ − 583 {
+ − 584 die_friendly('Invalid request', '<p>Level not specified</p>');
+ − 585 }
+ − 586 echo '<form action="' . makeUrl($paths->page, 'do=setwikimode', true) . '" method="post">';
+ − 587 echo '<input type="hidden" name="finish" value="foo" />';
+ − 588 echo '<input type="hidden" name="level" value="' . $level . '" />';
220
+ − 589 $level_txt = ( $level == 0 ) ? 'page_wikimode_level_off' : ( ( $level == 1 ) ? 'page_wikimode_level_on' : 'page_wikimode_level_global' );
+ − 590 $blurb = ( $level == 0 || ( $level == 2 && getConfig('wiki_mode') != '1' ) ) ? 'page_wikimode_blurb_disable' : 'page_wikimode_blurb_enable';
97
+ − 591 ?>
220
+ − 592 <h3><?php echo $lang->get('page_wikimode_heading'); ?></h3>
+ − 593 <p><?php echo $lang->get($level_txt) . ' ' . $lang->get($blurb); ?></p>
+ − 594 <p><?php echo $lang->get('page_wikimode_warning'); ?></p>
+ − 595 <p><input type="submit" value="<?php echo htmlspecialchars($lang->get('page_wikimode_btn_submit')); ?>" /></p>
97
+ − 596 <?php
+ − 597 echo '</form>';
+ − 598 $template->footer();
+ − 599 }
0
+ − 600 break;
+ − 601 case 'diff':
592
+ − 602 require_once(ENANO_ROOT.'/includes/pageutils.php');
+ − 603 require_once(ENANO_ROOT.'/includes/diff.php');
0
+ − 604 $template->header();
+ − 605 $id1 = ( isset($_GET['diff1']) ) ? (int)$_GET['diff1'] : false;
+ − 606 $id2 = ( isset($_GET['diff2']) ) ? (int)$_GET['diff2'] : false;
900
+ − 607 if ( !$id1 || !$id2 )
+ − 608 {
+ − 609 echo '<p>Invalid request.</p>';
+ − 610 $template->footer();
+ − 611 break;
+ − 612 }
+ − 613 if ( !ctype_digit($_GET['diff1']) || !ctype_digit($_GET['diff1']) )
+ − 614 {
+ − 615 echo '<p>SQL injection attempt</p>';
+ − 616 $template->footer();
+ − 617 break;
+ − 618 }
322
+ − 619 echo PageUtils::pagediff($paths->page_id, $paths->namespace, $id1, $id2);
0
+ − 620 $template->footer();
+ − 621 break;
91
+ − 622 case 'detag':
+ − 623 if ( $session->user_level < USER_LEVEL_ADMIN )
+ − 624 {
220
+ − 625 die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>');
91
+ − 626 }
+ − 627 if ( $paths->page_exists )
+ − 628 {
220
+ − 629 die_friendly($lang->get('etc_invalid_request_short'), '<p>' . $lang->get('page_detag_err_page_exists') . '</p>');
91
+ − 630 }
322
+ − 631 $q = $db->sql_query('DELETE FROM '.table_prefix.'tags WHERE page_id=\'' . $db->escape($paths->page_id) . '\' AND namespace=\'' . $paths->namespace . '\';');
91
+ − 632 if ( !$q )
+ − 633 $db->_die('Detag query, index.php:'.__LINE__);
220
+ − 634 die_friendly($lang->get('page_detag_success_title'), '<p>' . $lang->get('page_detag_success_body') . '</p>');
91
+ − 635 break;
0
+ − 636 case 'aclmanager':
907
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
diff
changeset
+ − 637 if ( !$session->sid_super )
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
diff
changeset
+ − 638 {
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
diff
changeset
+ − 639 redirect(makeUrlNS('Special', "Login/{$paths->page}", 'target_do=aclmanager&level=' . $session->user_level, false), $lang->get('etc_access_denied_short'), $lang->get('etc_access_denied_need_reauth'), 0);
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
diff
changeset
+ − 640 }
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
diff
changeset
+ − 641
592
+ − 642 require_once(ENANO_ROOT.'/includes/pageutils.php');
0
+ − 643 $data = ( isset($_POST['data']) ) ? $_POST['data'] : Array('mode' => 'listgroups');
+ − 644 PageUtils::aclmanager($data);
+ − 645 break;
286
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 646 case 'sql_report':
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 647 $rev_id = ( (isset($_GET['oldid'])) ? intval($_GET['oldid']) : 0 );
322
+ − 648 $page = new PageProcessor( $paths->page_id, $paths->namespace, $rev_id );
286
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 649 $page->send_headers = true;
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 650 $pagepass = ( isset($_REQUEST['pagepass']) ) ? sha1($_REQUEST['pagepass']) : '';
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 651 $page->password = $pagepass;
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 652 $page->send(true);
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 653 ob_end_clean();
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 654 ob_start();
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 655 $db->sql_report();
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 656 break;
0
+ − 657 }
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 658
867
+ − 659 // Generate an ETag
+ − 660 /*
+ − 661 // format: first 10 digits of SHA1 of page name, user id in hex, user and auth levels, page timestamp in hex
+ − 662 $etag = substr(sha1($paths->namespace . ':' . $paths->page_id), 0, 10) . '-' .
+ − 663 "u{$session->user_id}l{$session->user_level}a{$session->auth_level}-" .
+ − 664 dechex($page_timestamp);
+ − 665
+ − 666 if ( isset($_SERVER['HTTP_IF_NONE_MATCH']) )
0
+ − 667 {
867
+ − 668 if ( "\"$etag\"" == $_SERVER['HTTP_IF_NONE_MATCH'] )
+ − 669 {
+ − 670 header('HTTP/1.1 304 Not Modified');
+ − 671 exit();
+ − 672 }
+ − 673 }
542
5841df0ab575
Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit.
Dan
diff
changeset
+ − 674
867
+ − 675 header("ETag: \"$etag\"");
+ − 676 */
564
a1c450a911a6
Updated version number metadata in system plugin files; added some comments and removed unused code from index.php and includes/graphs.php
Dan
diff
changeset
+ − 677
80
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 678 $db->close();
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 679 gzip_output();
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 680
542
5841df0ab575
Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit.
Dan
diff
changeset
+ − 681 @ob_end_flush();
5841df0ab575
Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit.
Dan
diff
changeset
+ − 682
0
+ − 683 ?>