index.php
author Dan
Mon, 10 Aug 2009 22:43:26 -0400
changeset 1079 fcc42560afe6
parent 1074 1a4f13626f76
child 1081 745200a9cc2a
permissions -rw-r--r--
Added ability for authentication plugins to modify session keys (to allow invalidation when their own authentication data is changed) as well as the ability to disable the built-in password change facility
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
     1
<?php
73
0a74676a2f2f Made the move to Loch Ness, and got some basic page grouping functionality working. TODO: fix some UI issues in Javascript ACL editor and change non-JS ACL editor to work with page groups too
Dan
parents: 70
diff changeset
     2
166
d53cc29308f4 Rebrand as 1.1.1; everything should now be bumped to "unstable" status
Dan
parents: 160
diff changeset
     3
/*
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
     4
 * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
801
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 798
diff changeset
     5
 * Version 1.1.6 (Caoineag beta 1)
536
218a627eb53e Rebrand as 1.1.4 (Caoineag alpha 4)
Dan
parents: 513
diff changeset
     6
 * Copyright (C) 2006-2008 Dan Fuhry
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
     7
 *
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
     8
 * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
     9
 * as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    10
 *
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    11
 * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    12
 * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    13
 *
246
c9fd175289aa Cleaned up some HTML in the installer; corrected some phpDoc syntax errors
Dan
parents: 183
diff changeset
    14
 * @package Enano
c9fd175289aa Cleaned up some HTML in the installer; corrected some phpDoc syntax errors
Dan
parents: 183
diff changeset
    15
 * @subpackage Frontend
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    16
 */
246
c9fd175289aa Cleaned up some HTML in the installer; corrected some phpDoc syntax errors
Dan
parents: 183
diff changeset
    17
 
311
a007145a0ff6 Deprecated debugConsole and removed all calls to it. Added a lot of comments to common.php. Added support for "anonymous pages" that are created when the Enano API is loaded from an external script. Fixed missing border-bottom on Type 2 sidebar blocks in Oxygen.
Dan
parents: 307
diff changeset
    18
  define('ENANO_INTERFACE_INDEX', '');
372
5bd429428101 A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager
Dan
parents: 337
diff changeset
    19
  
1074
1a4f13626f76 Made index.php bootstrap smarter and better commented.
Dan
parents: 1016
diff changeset
    20
  // start up Enano
1a4f13626f76 Made index.php bootstrap smarter and better commented.
Dan
parents: 1016
diff changeset
    21
  require('includes/common.php');
1a4f13626f76 Made index.php bootstrap smarter and better commented.
Dan
parents: 1016
diff changeset
    22
  
1a4f13626f76 Made index.php bootstrap smarter and better commented.
Dan
parents: 1016
diff changeset
    23
  // decide on HTML compacting
1a4f13626f76 Made index.php bootstrap smarter and better commented.
Dan
parents: 1016
diff changeset
    24
  $aggressive_optimize_html = !defined('ENANO_DEBUG') && !isset($_GET['nocompress']);
1a4f13626f76 Made index.php bootstrap smarter and better commented.
Dan
parents: 1016
diff changeset
    25
  
81
d7fc25acd3f3 Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
parents: 80
diff changeset
    26
  // Set up gzip encoding before any output is sent
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    27
  global $do_gzip;
953
323c4cd1aa37 Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
parents: 907
diff changeset
    28
  // FIXME: make this configurable
1074
1a4f13626f76 Made index.php bootstrap smarter and better commented.
Dan
parents: 1016
diff changeset
    29
  $do_gzip = !defined('ENANO_DEBUG');
80
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 73
diff changeset
    30
  
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    31
  error_reporting(E_ALL);
42
45ebe475ff75 I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents: 41
diff changeset
    32
  
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    33
  if($aggressive_optimize_html || $do_gzip)
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    34
  {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    35
    ob_start();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    36
  }
42
45ebe475ff75 I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents: 41
diff changeset
    37
  
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    38
  global $db, $session, $paths, $template, $plugins; // Common objects
542
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit.
Dan
parents: 536
diff changeset
    39
  $page_timestamp = time();
42
45ebe475ff75 I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents: 41
diff changeset
    40
  
307
95dc632bf084 Dummy revision to artificially increment build number
Dan
parents: 286
diff changeset
    41
  if ( !isset($_GET['do']) )
95dc632bf084 Dummy revision to artificially increment build number
Dan
parents: 286
diff changeset
    42
  {
95dc632bf084 Dummy revision to artificially increment build number
Dan
parents: 286
diff changeset
    43
    $_GET['do'] = 'view';
95dc632bf084 Dummy revision to artificially increment build number
Dan
parents: 286
diff changeset
    44
  }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    45
  switch($_GET['do'])
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    46
  {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    47
    default:
759
6e2671261802 Plugins can now register their own custom actions for $_GET["do"].
Dan
parents: 685
diff changeset
    48
      $code = $plugins->setHook('page_action');
6e2671261802 Plugins can now register their own custom actions for $_GET["do"].
Dan
parents: 685
diff changeset
    49
      ob_start();
6e2671261802 Plugins can now register their own custom actions for $_GET["do"].
Dan
parents: 685
diff changeset
    50
      foreach ( $code as $cmd )
6e2671261802 Plugins can now register their own custom actions for $_GET["do"].
Dan
parents: 685
diff changeset
    51
      {
6e2671261802 Plugins can now register their own custom actions for $_GET["do"].
Dan
parents: 685
diff changeset
    52
        eval($cmd);
6e2671261802 Plugins can now register their own custom actions for $_GET["do"].
Dan
parents: 685
diff changeset
    53
      }
6e2671261802 Plugins can now register their own custom actions for $_GET["do"].
Dan
parents: 685
diff changeset
    54
      if ( $contents = ob_get_contents() )
6e2671261802 Plugins can now register their own custom actions for $_GET["do"].
Dan
parents: 685
diff changeset
    55
      {
6e2671261802 Plugins can now register their own custom actions for $_GET["do"].
Dan
parents: 685
diff changeset
    56
        ob_end_clean();
6e2671261802 Plugins can now register their own custom actions for $_GET["do"].
Dan
parents: 685
diff changeset
    57
        echo $contents;
6e2671261802 Plugins can now register their own custom actions for $_GET["do"].
Dan
parents: 685
diff changeset
    58
      }
6e2671261802 Plugins can now register their own custom actions for $_GET["do"].
Dan
parents: 685
diff changeset
    59
      else
6e2671261802 Plugins can now register their own custom actions for $_GET["do"].
Dan
parents: 685
diff changeset
    60
      {
6e2671261802 Plugins can now register their own custom actions for $_GET["do"].
Dan
parents: 685
diff changeset
    61
        die_friendly('Invalid action', '<p>The action "'.htmlspecialchars($_GET['do']).'" is not defined. Return to <a href="'.makeUrl($paths->page).'">viewing this page\'s text</a>.</p>');
6e2671261802 Plugins can now register their own custom actions for $_GET["do"].
Dan
parents: 685
diff changeset
    62
      }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    63
      break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    64
    case 'view':
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    65
      // echo PageUtils::getpage($paths->page, true, ( (isset($_GET['oldid'])) ? $_GET['oldid'] : false ));
21
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
    66
      $rev_id = ( (isset($_GET['oldid'])) ? intval($_GET['oldid']) : 0 );
322
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 320
diff changeset
    67
      $page = new PageProcessor( $paths->page_id, $paths->namespace, $rev_id );
953
323c4cd1aa37 Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
parents: 907
diff changeset
    68
      // Feed this PageProcessor to the template processor. This prevents $template from starting another
323c4cd1aa37 Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
parents: 907
diff changeset
    69
      // PageProcessor when we already have one going.
323c4cd1aa37 Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
parents: 907
diff changeset
    70
      $template->set_page($page);
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    71
      $page->send_headers = true;
963
b572ce1114f1 Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
parents: 953
diff changeset
    72
      $page->allow_redir = ( !isset($_GET['redirect']) || (isset($_GET['redirect']) && $_GET['redirect'] !== 'no') );
32
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 28
diff changeset
    73
      $pagepass = ( isset($_REQUEST['pagepass']) ) ? sha1($_REQUEST['pagepass']) : '';
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 28
diff changeset
    74
      $page->password = $pagepass;
61
e9708657875a I fixed the statistics!!! YAY!!
Dan
parents: 42
diff changeset
    75
      $page->send(true);
542
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit.
Dan
parents: 536
diff changeset
    76
      $page_timestamp = $page->revision_time;
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    77
      break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    78
    case 'comments':
1016
6d32d80b2192 Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents: 963
diff changeset
    79
      $output->header();
592
27377179fe58 Another sweep from the optimization monster.
Dan
parents: 588
diff changeset
    80
      require_once(ENANO_ROOT.'/includes/pageutils.php');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    81
      $sub = ( isset ($_GET['sub']) ) ? $_GET['sub'] : false;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    82
      switch($sub)
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    83
      {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    84
        case 'admin':
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    85
        default:
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    86
          $act = ( isset ($_GET['action']) ) ? $_GET['action'] : false;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    87
          $id = ( isset ($_GET['id']) ) ? intval($_GET['id']) : -1;
322
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 320
diff changeset
    88
          echo PageUtils::comments_html($paths->page_id, $paths->namespace, $act, Array('id'=>$id));
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    89
          break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    90
        case 'postcomment':
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    91
          if(empty($_POST['name']) ||
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    92
             empty($_POST['subj']) ||
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    93
             empty($_POST['text'])
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    94
             ) { echo 'Invalid request'; break; }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    95
          $cid = ( isset($_POST['captcha_id']) ) ? $_POST['captcha_id'] : false;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    96
          $cin = ( isset($_POST['captcha_input']) ) ? $_POST['captcha_input'] : false;
1016
6d32d80b2192 Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents: 963
diff changeset
    97
          
6d32d80b2192 Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents: 963
diff changeset
    98
          require_once('includes/comment.php');
6d32d80b2192 Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents: 963
diff changeset
    99
          $comments = new Comments($paths->page_id, $paths->namespace);
6d32d80b2192 Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents: 963
diff changeset
   100
          
6d32d80b2192 Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents: 963
diff changeset
   101
          $submission = array(
6d32d80b2192 Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents: 963
diff changeset
   102
              'mode' => 'submit',
6d32d80b2192 Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents: 963
diff changeset
   103
              'captcha_id' => $cid,
6d32d80b2192 Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents: 963
diff changeset
   104
              'captcha_code' => $cin,
6d32d80b2192 Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents: 963
diff changeset
   105
              'name' => $_POST['name'],
6d32d80b2192 Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents: 963
diff changeset
   106
              'subj' => $_POST['subj'],
6d32d80b2192 Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents: 963
diff changeset
   107
              'text' => $_POST['text'],
6d32d80b2192 Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents: 963
diff changeset
   108
            );
6d32d80b2192 Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents: 963
diff changeset
   109
          
6d32d80b2192 Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents: 963
diff changeset
   110
          $result = $comments->process_json($submission);
6d32d80b2192 Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents: 963
diff changeset
   111
          if ( $result['mode'] == 'error' )
6d32d80b2192 Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents: 963
diff changeset
   112
          {
6d32d80b2192 Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents: 963
diff changeset
   113
            echo '<div class="error-box">' . htmlspecialchars($result['error']) . '</div>';
6d32d80b2192 Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents: 963
diff changeset
   114
          }
6d32d80b2192 Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents: 963
diff changeset
   115
          else
6d32d80b2192 Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents: 963
diff changeset
   116
          {
6d32d80b2192 Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents: 963
diff changeset
   117
            echo '<div class="info-box">' . $lang->get('comment_msg_comment_posted') . '</div>';
6d32d80b2192 Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents: 963
diff changeset
   118
          }
6d32d80b2192 Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents: 963
diff changeset
   119
          
322
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 320
diff changeset
   120
          echo PageUtils::comments_html($paths->page_id, $paths->namespace);
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   121
          break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   122
        case 'editcomment':
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   123
          if(!isset($_GET['id']) || ( isset($_GET['id']) && !preg_match('#^([0-9]+)$#', $_GET['id']) )) { echo '<p>Invalid comment ID</p>'; break; }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   124
          $q = $db->sql_query('SELECT subject,comment_data,comment_id FROM '.table_prefix.'comments WHERE comment_id='.$_GET['id']);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   125
          if(!$q) $db->_die('The comment data could not be selected.');
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   126
          $row = $db->fetchrow();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   127
          $db->free_result();
213
1316404e4ea8 Localized history page and static HTML comment interface
Dan
parents: 187
diff changeset
   128
          $row['subject'] = str_replace('\'', '&#039;', $row['subject']);
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   129
          echo '<form action="'.makeUrl($paths->page, 'do=comments&amp;sub=savecomment').'" method="post">';
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   130
          echo "<br /><div class='tblholder'><table border='0' width='100%' cellspacing='1' cellpadding='4'>
213
1316404e4ea8 Localized history page and static HTML comment interface
Dan
parents: 187
diff changeset
   131
                  <tr><td class='row1'>" . $lang->get('comment_postform_field_subject') . "</td><td class='row1'><input type='text' name='subj' value='{$row['subject']}' /></td></tr>
1316404e4ea8 Localized history page and static HTML comment interface
Dan
parents: 187
diff changeset
   132
                  <tr><td class='row2'>" . $lang->get('comment_postform_field_comment') . "</td><td class='row2'><textarea rows='10' cols='40' style='width: 98%;' name='text'>{$row['comment_data']}</textarea></td></tr>
1316404e4ea8 Localized history page and static HTML comment interface
Dan
parents: 187
diff changeset
   133
                  <tr><td class='row1' colspan='2' class='row1' style='text-align: center;'><input type='hidden' name='id' value='{$row['comment_id']}' /><input type='submit' value='" . $lang->get('etc_save_changes') . "' /></td></tr>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   134
                </table></div>";
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   135
          echo '</form>';
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   136
          break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   137
        case 'savecomment':
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   138
          if(empty($_POST['subj']) || empty($_POST['text'])) { echo '<p>Invalid request</p>'; break; }
322
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 320
diff changeset
   139
          $r = PageUtils::savecomment_neater($paths->page_id, $paths->namespace, $_POST['subj'], $_POST['text'], (int)$_POST['id']);
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   140
          if($r != 'good') { echo "<pre>$r</pre>"; break; }
322
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 320
diff changeset
   141
          echo PageUtils::comments_html($paths->page_id, $paths->namespace);
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   142
          break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   143
        case 'deletecomment':
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   144
          if(!empty($_GET['id']))
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   145
          {
322
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 320
diff changeset
   146
            PageUtils::deletecomment_neater($paths->page_id, $paths->namespace, (int)$_GET['id']);
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   147
          }
322
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 320
diff changeset
   148
          echo PageUtils::comments_html($paths->page_id, $paths->namespace);
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   149
          break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   150
      }
1016
6d32d80b2192 Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues
Dan
parents: 963
diff changeset
   151
      $output->footer();
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   152
      break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   153
    case 'edit':
285
7846d45bd250 Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
parents: 256
diff changeset
   154
      if(isset($_POST['_cancel']))
7846d45bd250 Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
parents: 256
diff changeset
   155
      {
7846d45bd250 Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
parents: 256
diff changeset
   156
        redirect(makeUrl($paths->page), '', '', 0);
7846d45bd250 Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
parents: 256
diff changeset
   157
        break;
7846d45bd250 Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
parents: 256
diff changeset
   158
      }
592
27377179fe58 Another sweep from the optimization monster.
Dan
parents: 588
diff changeset
   159
      require_once(ENANO_ROOT.'/includes/pageutils.php');
285
7846d45bd250 Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
parents: 256
diff changeset
   160
      if(isset($_POST['_save']))
7846d45bd250 Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
parents: 256
diff changeset
   161
      {
337
491518997ae5 Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents: 334
diff changeset
   162
        $captcha_valid = true;
491518997ae5 Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents: 334
diff changeset
   163
        if ( !$session->user_logged_in && getConfig('guest_edit_require_captcha') == '1' )
285
7846d45bd250 Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
parents: 256
diff changeset
   164
        {
337
491518997ae5 Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents: 334
diff changeset
   165
          $captcha_valid = false;
491518997ae5 Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents: 334
diff changeset
   166
          if ( isset($_POST['captcha_id']) && isset($_POST['captcha_code']) )
491518997ae5 Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents: 334
diff changeset
   167
          {
491518997ae5 Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents: 334
diff changeset
   168
            $hash_correct = strtolower($session->get_captcha($_POST['captcha_id']));
491518997ae5 Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents: 334
diff changeset
   169
            $hash_input   = strtolower($_POST['captcha_code']);
491518997ae5 Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents: 334
diff changeset
   170
            if ( $hash_input === $hash_correct )
491518997ae5 Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents: 334
diff changeset
   171
              $captcha_valid = true;
491518997ae5 Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents: 334
diff changeset
   172
          }
491518997ae5 Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents: 334
diff changeset
   173
        }
491518997ae5 Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents: 334
diff changeset
   174
        if ( $captcha_valid )
491518997ae5 Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents: 334
diff changeset
   175
        {
491518997ae5 Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents: 334
diff changeset
   176
          $e = PageUtils::savepage($paths->page_id, $paths->namespace, $_POST['page_text'], $_POST['edit_summary'], isset($_POST['minor']));
491518997ae5 Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents: 334
diff changeset
   177
          if ( $e == 'good' )
491518997ae5 Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents: 334
diff changeset
   178
          {
491518997ae5 Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents: 334
diff changeset
   179
            redirect(makeUrl($paths->page), $lang->get('editor_msg_save_success_title'), $lang->get('editor_msg_save_success_body'), 3);
491518997ae5 Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents: 334
diff changeset
   180
          }
285
7846d45bd250 Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
parents: 256
diff changeset
   181
        }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   182
      }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   183
      $template->header();
337
491518997ae5 Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents: 334
diff changeset
   184
      if ( isset($captcha_valid) )
491518997ae5 Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents: 334
diff changeset
   185
      {
491518997ae5 Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents: 334
diff changeset
   186
        echo '<div class="usermessage">' . $lang->get('editor_err_captcha_wrong') . '</div>';
491518997ae5 Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents: 334
diff changeset
   187
      }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   188
      if(isset($_POST['_preview']))
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   189
      {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   190
        $text = $_POST['page_text'];
408
7ecbe721217c Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents: 391
diff changeset
   191
        $edsumm = $_POST['edit_summary'];
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   192
        echo PageUtils::genPreview($_POST['page_text']);
220
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   193
        $text = htmlspecialchars($text);
408
7ecbe721217c Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents: 391
diff changeset
   194
        $revid = 0;
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   195
      }
220
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   196
      else
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   197
      {
408
7ecbe721217c Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents: 391
diff changeset
   198
        $revid = ( isset($_GET['revid']) ) ? intval($_GET['revid']) : 0;
7ecbe721217c Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents: 391
diff changeset
   199
        $page = new PageProcessor($paths->page_id, $paths->namespace, $revid);
7ecbe721217c Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents: 391
diff changeset
   200
        $text = $page->fetch_source();
7ecbe721217c Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents: 391
diff changeset
   201
        $edsumm = '';
7ecbe721217c Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents: 391
diff changeset
   202
        // $text = RenderMan::getPage($paths->cpage['urlname_nons'], $paths->namespace, 0, false, false, false, false);
7ecbe721217c Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents: 391
diff changeset
   203
      }
7ecbe721217c Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents: 391
diff changeset
   204
      if ( $revid > 0 )
7ecbe721217c Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents: 391
diff changeset
   205
      {
468
194a19711346 Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents: 411
diff changeset
   206
        $time = $page->revision_time;
408
7ecbe721217c Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents: 391
diff changeset
   207
        // Retrieve information about this revision and the current one
7ecbe721217c Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents: 391
diff changeset
   208
        $q = $db->sql_query('SELECT l1.author AS currentrev_author, l2.author AS oldrev_author FROM ' . table_prefix . 'logs AS l1
7ecbe721217c Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents: 391
diff changeset
   209
  LEFT JOIN ' . table_prefix . 'logs AS l2
468
194a19711346 Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents: 411
diff changeset
   210
    ON ( l2.log_id = ' . $revid . '
408
7ecbe721217c Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents: 391
diff changeset
   211
         AND l2.log_type  = \'page\'
7ecbe721217c Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents: 391
diff changeset
   212
         AND l2.action    = \'edit\'
468
194a19711346 Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents: 411
diff changeset
   213
         AND l2.page_id   = \'' . $db->escape($paths->page_id) . '\'
194a19711346 Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents: 411
diff changeset
   214
         AND l2.namespace = \'' . $db->escape($paths->namespace) . '\'
194a19711346 Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents: 411
diff changeset
   215
         AND l1.is_draft != 1
408
7ecbe721217c Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents: 391
diff changeset
   216
        )
7ecbe721217c Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents: 391
diff changeset
   217
  WHERE l1.log_type  = \'page\'
7ecbe721217c Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents: 391
diff changeset
   218
    AND l1.action    = \'edit\'
468
194a19711346 Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents: 411
diff changeset
   219
    AND l1.page_id   = \'' . $db->escape($paths->page_id) . '\'
194a19711346 Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents: 411
diff changeset
   220
    AND l1.namespace = \'' . $db->escape($paths->namespace) . '\'
194a19711346 Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents: 411
diff changeset
   221
    AND l1.time_id > ' . $time . '
194a19711346 Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents: 411
diff changeset
   222
    AND l1.is_draft != 1
408
7ecbe721217c Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents: 391
diff changeset
   223
  ORDER BY l1.time_id DESC;');
7ecbe721217c Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents: 391
diff changeset
   224
        if ( !$q )
7ecbe721217c Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents: 391
diff changeset
   225
          $db->die_json();
7ecbe721217c Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents: 391
diff changeset
   226
        
468
194a19711346 Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents: 411
diff changeset
   227
        if ( $db->numrows() > 0 )
194a19711346 Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents: 411
diff changeset
   228
        {
194a19711346 Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents: 411
diff changeset
   229
          echo '<div class="usermessage">' . $lang->get('editor_msg_editing_old_revision') . '</div>';
194a19711346 Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents: 411
diff changeset
   230
          
194a19711346 Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents: 411
diff changeset
   231
          $rev_count = $db->numrows() - 2;
194a19711346 Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents: 411
diff changeset
   232
          $row = $db->fetchrow();
194a19711346 Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents: 411
diff changeset
   233
          $undo_info = array(
194a19711346 Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents: 411
diff changeset
   234
            'old_author'     => $row['oldrev_author'],
194a19711346 Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents: 411
diff changeset
   235
            'current_author' => $row['currentrev_author'],
194a19711346 Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents: 411
diff changeset
   236
            'undo_count'     => max($rev_count, 1),
194a19711346 Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents: 411
diff changeset
   237
            'last_rev_id'    => $revid
194a19711346 Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents: 411
diff changeset
   238
          );
194a19711346 Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents: 411
diff changeset
   239
        }
194a19711346 Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents: 411
diff changeset
   240
        else
194a19711346 Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents: 411
diff changeset
   241
        {
194a19711346 Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents: 411
diff changeset
   242
          $revid = 0;
194a19711346 Fixed the fact that cron just didn't work at all (brain fart that day or something)
Dan
parents: 411
diff changeset
   243
        }
408
7ecbe721217c Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents: 391
diff changeset
   244
        $db->free_result();
220
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   245
      }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   246
      echo '
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   247
        <form action="'.makeUrl($paths->page, 'do=edit').'" method="post" enctype="multipart/form-data">
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   248
        <br />
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   249
        <textarea name="page_text" rows="20" cols="60" style="width: 97%;">'.$text.'</textarea><br />
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   250
        <br />
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   251
        ';
408
7ecbe721217c Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents: 391
diff changeset
   252
      $edsumm = ( $revid > 0 ) ? $lang->get('editor_reversion_edit_summary', $undo_info) : $edsumm;
7ecbe721217c Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
parents: 391
diff changeset
   253
      echo $lang->get('editor_lbl_edit_summary') . ' <input name="edit_summary" type="text" size="40" value="' . htmlspecialchars($edsumm) . '" /><br /><label><input type="checkbox" name="minor" /> ' . $lang->get('editor_lbl_minor_edit_field') . '</label><br />';
337
491518997ae5 Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents: 334
diff changeset
   254
      if ( !$session->user_logged_in && getConfig('guest_edit_require_captcha') == '1' )
491518997ae5 Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents: 334
diff changeset
   255
      {
491518997ae5 Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents: 334
diff changeset
   256
        echo '<br /><table border="0"><tr><td>';
491518997ae5 Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents: 334
diff changeset
   257
        echo '<b>' . $lang->get('editor_lbl_field_captcha') . '</b><br />'
491518997ae5 Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents: 334
diff changeset
   258
             . '<br />'
491518997ae5 Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents: 334
diff changeset
   259
             . $lang->get('editor_msg_captcha_pleaseenter') . '<br /><br />'
491518997ae5 Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents: 334
diff changeset
   260
             . $lang->get('editor_msg_captcha_blind');
491518997ae5 Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents: 334
diff changeset
   261
        echo '</td><td>';
491518997ae5 Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents: 334
diff changeset
   262
        $hash = $session->make_captcha();
491518997ae5 Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents: 334
diff changeset
   263
        echo '<img src="' . makeUrlNS('Special', "Captcha/$hash") . '" onclick="this.src+=\'/a\'" style="cursor: pointer;" /><br />';
491518997ae5 Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents: 334
diff changeset
   264
        echo '<input type="hidden" name="captcha_id" value="' . $hash . '" />';
491518997ae5 Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents: 334
diff changeset
   265
        echo $lang->get('editor_lbl_field_captcha_code') . ' <input type="text" name="captcha_code" value="" size="9" />';
491518997ae5 Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents: 334
diff changeset
   266
        echo '</td></tr></table>';
491518997ae5 Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents: 334
diff changeset
   267
      }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   268
      echo '<br />
220
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   269
          <input type="submit" name="_save"    value="' . $lang->get('editor_btn_save') . '" style="font-weight: bold;" />
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   270
          <input type="submit" name="_preview" value="' . $lang->get('editor_btn_preview') . '" />
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   271
          <input type="submit" name="_revert"  value="' . $lang->get('editor_btn_revert') . '" />
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   272
          <input type="submit" name="_cancel"  value="' . $lang->get('editor_btn_cancel') . '" />
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   273
        </form>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   274
      ';
832
7152ca0a0ce9 Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
parents: 826
diff changeset
   275
      if ( getConfig('wiki_edit_notice', '0') == '1' )
160
87a988ca4ff4 Fixed: wiki mode edit notice should be shown on fallback editor now
Dan
parents: 142
diff changeset
   276
      {
87a988ca4ff4 Fixed: wiki mode edit notice should be shown on fallback editor now
Dan
parents: 142
diff changeset
   277
        $notice = getConfig('wiki_edit_notice_text');
87a988ca4ff4 Fixed: wiki mode edit notice should be shown on fallback editor now
Dan
parents: 142
diff changeset
   278
        echo RenderMan::render($notice);
87a988ca4ff4 Fixed: wiki mode edit notice should be shown on fallback editor now
Dan
parents: 142
diff changeset
   279
      }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   280
      $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   281
      break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   282
    case 'viewsource':
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   283
      $template->header();
322
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 320
diff changeset
   284
      $text = RenderMan::getPage($paths->page_id, $paths->namespace, 0, false, false, false, false);
391
85f91037cd4f Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
parents: 383
diff changeset
   285
      $text = htmlspecialchars($text);
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   286
      echo '
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   287
        <form action="'.makeUrl($paths->page, 'do=edit').'" method="post">
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   288
        <br />
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   289
        <textarea readonly="readonly" name="page_text" rows="20" cols="60" style="width: 97%;">'.$text.'</textarea>';
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   290
      echo '<br />
220
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   291
          <input type="submit" name="_cancel" value="' . $lang->get('editor_btn_closeviewer') . '" />
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   292
        </form>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   293
      ';
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   294
      $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   295
      break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   296
    case 'history':
592
27377179fe58 Another sweep from the optimization monster.
Dan
parents: 588
diff changeset
   297
      require_once(ENANO_ROOT.'/includes/pageutils.php');
322
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 320
diff changeset
   298
      $hist = PageUtils::histlist($paths->page_id, $paths->namespace);
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   299
      $template->header();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   300
      echo $hist;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   301
      $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   302
      break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   303
    case 'rollback':
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   304
      $id = (isset($_GET['id'])) ? $_GET['id'] : false;
826
dcf5381ce8ba Replaced integer checks that used preg_match() to use ctype_digit() instead
Dan
parents: 801
diff changeset
   305
      if(!$id || !ctype_digit($id)) die_friendly('Invalid action ID', '<p>The URL parameter "id" is not an integer. Exiting to prevent nasties like SQL injection, etc.</p>');
481
07bf15b066bc Hopefully completed rewrite and localization of rollback backend and interface
Dan
parents: 468
diff changeset
   306
      
07bf15b066bc Hopefully completed rewrite and localization of rollback backend and interface
Dan
parents: 468
diff changeset
   307
      $id = intval($id);
07bf15b066bc Hopefully completed rewrite and localization of rollback backend and interface
Dan
parents: 468
diff changeset
   308
      
07bf15b066bc Hopefully completed rewrite and localization of rollback backend and interface
Dan
parents: 468
diff changeset
   309
      $page = new PageProcessor($paths->page_id, $paths->namespace);
07bf15b066bc Hopefully completed rewrite and localization of rollback backend and interface
Dan
parents: 468
diff changeset
   310
      $result = $page->rollback_log_entry($id);
07bf15b066bc Hopefully completed rewrite and localization of rollback backend and interface
Dan
parents: 468
diff changeset
   311
      
07bf15b066bc Hopefully completed rewrite and localization of rollback backend and interface
Dan
parents: 468
diff changeset
   312
      if ( $result['success'] )
07bf15b066bc Hopefully completed rewrite and localization of rollback backend and interface
Dan
parents: 468
diff changeset
   313
      {
07bf15b066bc Hopefully completed rewrite and localization of rollback backend and interface
Dan
parents: 468
diff changeset
   314
        $result = $lang->get("page_msg_rb_success_{$result['action']}", array('dateline' => $result['dateline']));
07bf15b066bc Hopefully completed rewrite and localization of rollback backend and interface
Dan
parents: 468
diff changeset
   315
      }
07bf15b066bc Hopefully completed rewrite and localization of rollback backend and interface
Dan
parents: 468
diff changeset
   316
      else
07bf15b066bc Hopefully completed rewrite and localization of rollback backend and interface
Dan
parents: 468
diff changeset
   317
      {
07bf15b066bc Hopefully completed rewrite and localization of rollback backend and interface
Dan
parents: 468
diff changeset
   318
        $result = $lang->get("page_err_{$result['error']}", array('action' => @$result['action']));
07bf15b066bc Hopefully completed rewrite and localization of rollback backend and interface
Dan
parents: 468
diff changeset
   319
      }
07bf15b066bc Hopefully completed rewrite and localization of rollback backend and interface
Dan
parents: 468
diff changeset
   320
      
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   321
      $template->header();
481
07bf15b066bc Hopefully completed rewrite and localization of rollback backend and interface
Dan
parents: 468
diff changeset
   322
      echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a></p>';
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   323
      $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   324
      break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   325
    case 'catedit':
592
27377179fe58 Another sweep from the optimization monster.
Dan
parents: 588
diff changeset
   326
      require_once(ENANO_ROOT.'/includes/pageutils.php');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   327
      if(isset($_POST['__enanoSaveButton']))
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   328
      {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   329
        unset($_POST['__enanoSaveButton']);
322
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 320
diff changeset
   330
        $val = PageUtils::catsave($paths->page_id, $paths->namespace, $_POST);
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   331
        if($val == 'GOOD')
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   332
        {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   333
          header('Location: '.makeUrl($paths->page)); echo '<html><head><title>Redirecting...</title></head><body>If you haven\'t been redirected yet, <a href="'.makeUrl($paths->page).'">click here</a>.'; break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   334
        } else {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   335
          die_friendly('Error saving category information', '<p>'.$val.'</p>');
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   336
        }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   337
      }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   338
      elseif(isset($_POST['__enanoCatCancel']))
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   339
      {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   340
        header('Location: '.makeUrl($paths->page)); echo '<html><head><title>Redirecting...</title></head><body>If you haven\'t been redirected yet, <a href="'.makeUrl($paths->page).'">click here</a>.'; break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   341
      }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   342
      $template->header();
322
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 320
diff changeset
   343
      $c = PageUtils::catedit_raw($paths->page_id, $paths->namespace);
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   344
      echo $c[1];
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   345
      $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   346
      break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   347
    case 'moreoptions':
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   348
      $template->header();
220
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   349
      echo '<div class="menu_nojs" style="width: 150px; padding: 0;"><ul style="display: block;"><li><div class="label">' . $lang->get('ajax_lbl_moreoptions_nojs') . '</div><div style="clear: both;"></div></li>'.$template->toolbar_menu.'</ul></div>';
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   350
      $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   351
      break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   352
    case 'protect':
907
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 906
diff changeset
   353
      if ( !$session->sid_super )
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 906
diff changeset
   354
      {
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 906
diff changeset
   355
        redirect(makeUrlNS('Special', "Login/{$paths->page}", 'target_do=protect&level=' . $session->user_level, false), $lang->get('etc_access_denied_short'), $lang->get('etc_access_denied_need_reauth'), 0);
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 906
diff changeset
   356
      }
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 906
diff changeset
   357
      
906
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   358
      if ( isset($_POST['level']) && isset($_POST['reason']) )
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   359
      {
906
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   360
        $level = intval($_POST['level']);
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   361
        if ( !in_array($level, array(PROTECT_FULL, PROTECT_SEMI, PROTECT_NONE)) )
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   362
        {
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   363
          $errors[] = 'bad level';
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   364
        }
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   365
        $reason = trim($_POST['reason']);
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   366
        if ( empty($reason) )
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   367
        {
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   368
          $errors[] = $lang->get('onpage_protect_err_need_reason');
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   369
        }
220
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   370
        
906
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   371
        $page = new PageProcessor($paths->page_id, $paths->namespace);
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   372
        $result = $page->protect_page($level, $reason);
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   373
        if ( $result['success'] )
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   374
        {
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   375
          redirect(makeUrl($paths->page), $lang->get('page_protect_lbl_success_title'), $lang->get('page_protect_lbl_success_body', array('page_link' => makeUrl($paths->page, false, true))), 3);
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   376
        }
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   377
        else
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   378
        {
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   379
          $errors[] = $lang->get('page_err_' . $result['error']);
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   380
        }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   381
      }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   382
      $template->header();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   383
      ?>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   384
      <form action="<?php echo makeUrl($paths->page, 'do=protect'); ?>" method="post">
906
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   385
        <h3><?php echo $lang->get('onpage_protect_heading'); ?></h3>
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   386
        <p><?php echo $lang->get('onpage_protect_msg_select_level'); ?></p>
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   387
        
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   388
        <?php
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   389
        if ( !empty($errors) )
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   390
        {
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   391
          echo '<ul><li>' . implode('</li><li>', $errors) . '</li></ul>';
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   392
        }
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   393
        ?>
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   394
        
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   395
        <div class="protectlevel" style="line-height: 22px; margin-left: 17px;">
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   396
          <label>
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   397
            <input type="radio" name="level" value="<?php echo PROTECT_FULL; ?>" />
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   398
            <?php echo gen_sprite(cdnPath . '/images/protect-icons.png', 22, 22, 0, 0); ?>
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   399
            <?php echo $lang->get('onpage_protect_btn_full'); ?>
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   400
          </label>
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   401
        </div>
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   402
        <div class="protectlevel_hint" style="font-size: smaller; margin-left: 68px;">
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   403
          <?php echo $lang->get('onpage_protect_btn_full_hint'); ?>
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   404
        </div>
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   405
        
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   406
        <div class="protectlevel" style="line-height: 22px; margin-left: 17px;">
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   407
          <label>
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   408
            <input type="radio" name="level" value="<?php echo PROTECT_SEMI; ?>" />
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   409
            <?php echo gen_sprite(cdnPath . '/images/protect-icons.png', 22, 22, 22, 0); ?>
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   410
            <?php echo $lang->get('onpage_protect_btn_semi'); ?>
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   411
          </label>
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   412
        </div>
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   413
        <div class="protectlevel_hint" style="font-size: smaller; margin-left: 68px;">
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   414
          <?php echo $lang->get('onpage_protect_btn_semi_hint'); ?>
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   415
        </div>
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   416
        
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   417
        <div class="protectlevel" style="line-height: 22px; margin-left: 17px;">
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   418
          <label>
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   419
            <input type="radio" name="level" value="<?php echo PROTECT_NONE; ?>" />
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   420
            <?php echo gen_sprite(cdnPath . '/images/protect-icons.png', 22, 22, 44, 0); ?>
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   421
            <?php echo $lang->get('onpage_protect_btn_none'); ?>
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   422
          </label>
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   423
        </div>
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   424
        <div class="protectlevel_hint" style="font-size: smaller; margin-left: 68px;">
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   425
          <?php echo $lang->get('onpage_protect_btn_none_hint'); ?>
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   426
        </div>
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   427
        
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   428
        <table style="margin-left: 1em;" cellspacing="10">
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   429
          <tr>
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   430
            <td valign="top">
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   431
              <?php echo $lang->get('onpage_protect_lbl_reason'); ?>
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   432
            </td>
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   433
            <td>
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   434
              <input type="text" name="reason" size="40" /><br />
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   435
              <small><?php echo $lang->get('onpage_protect_lbl_reason_hint'); ?></small>
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   436
            </td>
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   437
          </tr>
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   438
        </table>
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   439
                              
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   440
        <p>
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   441
          <input type="submit" value="<?php echo htmlspecialchars($lang->get('page_protect_btn_submit')) ?>" style="font-weight: bold;" />
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   442
          <a class="abutton" href="<?php echo makeUrl($paths->page, false, true); ?>"><?php echo $lang->get('etc_cancel'); ?></a>
c949e82b8f49 New page protection UI. Both miniPrompt and failsafe HTML.
Dan
parents: 900
diff changeset
   443
        </p> 
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   444
      </form>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   445
      <?php
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   446
      $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   447
      break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   448
    case 'rename':
592
27377179fe58 Another sweep from the optimization monster.
Dan
parents: 588
diff changeset
   449
      require_once(ENANO_ROOT.'/includes/pageutils.php');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   450
      if(!empty($_POST['newname']))
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   451
      {
322
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 320
diff changeset
   452
        $r = PageUtils::rename($paths->page_id, $paths->namespace, $_POST['newname']);
304
e2cb5f1432c8 Merging in the newly stable Coblynau
Dan
parents: 266 286
diff changeset
   453
        die_friendly($lang->get('page_rename_success_title'), '<p>'.nl2br($r).' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   454
      }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   455
      $template->header();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   456
      ?>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   457
      <form action="<?php echo makeUrl($paths->page, 'do=rename'); ?>" method="post">
220
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   458
        <?php if(isset($_POST['newname'])) echo '<p style="color: red;">' . $lang->get('page_rename_err_need_name') . '</p>'; ?>
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   459
        <p><?php echo $lang->get('page_rename_lbl'); ?></p>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   460
        <p><input type="text" name="newname" size="40" /></p>
220
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   461
        <p><input type="submit" value="<?php echo htmlspecialchars($lang->get('page_rename_btn_submit')); ?>" style="font-weight: bold;" /></p> 
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   462
      </form>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   463
      <?php
42
45ebe475ff75 I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents: 41
diff changeset
   464
      $template->footer();    
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   465
      break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   466
    case 'flushlogs':
220
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   467
      if(!$session->get_permissions('clear_logs'))
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   468
      {
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   469
        die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>');
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   470
      }
907
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 906
diff changeset
   471
      if ( !$session->sid_super )
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 906
diff changeset
   472
      {
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 906
diff changeset
   473
        redirect(makeUrlNS('Special', "Login/{$paths->page}", 'target_do=flushlogs&level=' . $session->user_level, false), $lang->get('etc_access_denied_short'), $lang->get('etc_access_denied_need_reauth'), 0);
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 906
diff changeset
   474
      }
592
27377179fe58 Another sweep from the optimization monster.
Dan
parents: 588
diff changeset
   475
      require_once(ENANO_ROOT.'/includes/pageutils.php');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   476
      if(isset($_POST['_downthejohn']))
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   477
      {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   478
        $template->header();
322
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 320
diff changeset
   479
          $result = PageUtils::flushlogs($paths->page_id, $paths->namespace);
220
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   480
          echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>';
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   481
        $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   482
        break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   483
      }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   484
      $template->header();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   485
        ?>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   486
        <form action="<?php echo makeUrl($paths->page, 'do=flushlogs'); ?>" method="post">
220
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   487
           <?php echo $lang->get('page_flushlogs_warning_stern'); ?>
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   488
           <p><input type="submit" name="_downthejohn" value="<?php echo htmlspecialchars($lang->get('page_flushlogs_btn_submit')); ?>" style="color: red; font-weight: bold;" /></p>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   489
        </form>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   490
        <?php
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   491
      $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   492
      break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   493
    case 'delvote':
592
27377179fe58 Another sweep from the optimization monster.
Dan
parents: 588
diff changeset
   494
      require_once(ENANO_ROOT.'/includes/pageutils.php');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   495
      if(isset($_POST['_ballotbox']))
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   496
      {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   497
        $template->header();
322
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 320
diff changeset
   498
        $result = PageUtils::delvote($paths->page_id, $paths->namespace);
220
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   499
        echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>';
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   500
        $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   501
        break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   502
      }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   503
      $template->header();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   504
        ?>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   505
        <form action="<?php echo makeUrl($paths->page, 'do=delvote'); ?>" method="post">
220
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   506
           <?php
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   507
             echo $lang->get('page_delvote_warning_stern');
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   508
             echo '<p>';
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   509
             switch($paths->cpage['delvotes'])
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   510
             {
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   511
               case 0:  echo $lang->get('page_delvote_count_zero'); break;
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   512
               case 1:  echo $lang->get('page_delvote_count_one'); break;
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   513
               default: echo $lang->get('page_delvote_count_plural', array('delvotes' => $paths->cpage['delvotes'])); break;
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   514
             }
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   515
             echo '</p>';
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   516
           ?>
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   517
           <p><input type="submit" name="_ballotbox" value="<?php echo htmlspecialchars($lang->get('page_delvote_btn_submit')); ?>" /></p>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   518
        </form>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   519
        <?php
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   520
      $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   521
      break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   522
    case 'resetvotes':
592
27377179fe58 Another sweep from the optimization monster.
Dan
parents: 588
diff changeset
   523
      require_once(ENANO_ROOT.'/includes/pageutils.php');
220
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   524
      if(!$session->get_permissions('vote_reset'))
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   525
      {
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   526
        die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>');
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   527
      }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   528
      if(isset($_POST['_youmaylivealittlelonger']))
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   529
      {
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   530
        $template->header();
322
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 320
diff changeset
   531
          $result = PageUtils::resetdelvotes($paths->page_id, $paths->namespace);
220
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   532
          echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>';
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   533
        $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   534
        break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   535
      }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   536
      $template->header();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   537
        ?>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   538
        <form action="<?php echo makeUrl($paths->page, 'do=resetvotes'); ?>" method="post">
220
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   539
          <p><?php echo $lang->get('ajax_delvote_reset_confirm'); ?></p>
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   540
          <p><input type="submit" name="_youmaylivealittlelonger" value="<?php echo htmlspecialchars($lang->get('page_delvote_reset_btn_submit')); ?>" /></p>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   541
        </form>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   542
        <?php
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   543
      $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   544
      break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   545
    case 'deletepage':
220
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   546
      if(!$session->get_permissions('delete_page'))
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   547
      {
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   548
        die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>');
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   549
      }
907
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 906
diff changeset
   550
      if ( !$session->sid_super )
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 906
diff changeset
   551
      {
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 906
diff changeset
   552
        redirect(makeUrlNS('Special', "Login/{$paths->page}", 'target_do=deletepage&level=' . $session->user_level, false), $lang->get('etc_access_denied_short'), $lang->get('etc_access_denied_need_reauth'), 0);
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 906
diff changeset
   553
      }
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 906
diff changeset
   554
      
592
27377179fe58 Another sweep from the optimization monster.
Dan
parents: 588
diff changeset
   555
      require_once(ENANO_ROOT.'/includes/pageutils.php');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   556
      if(isset($_POST['_adiossucker']))
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   557
      {
28
dd2edcdc6c03 Deleting pages now requires a reason
Dan
parents: 21
diff changeset
   558
        $reason = ( isset($_POST['reason']) ) ? $_POST['reason'] : false;
dd2edcdc6c03 Deleting pages now requires a reason
Dan
parents: 21
diff changeset
   559
        if ( empty($reason) )
220
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   560
          $error = $lang->get('ajax_delete_prompt_reason');
28
dd2edcdc6c03 Deleting pages now requires a reason
Dan
parents: 21
diff changeset
   561
        else
dd2edcdc6c03 Deleting pages now requires a reason
Dan
parents: 21
diff changeset
   562
        {
dd2edcdc6c03 Deleting pages now requires a reason
Dan
parents: 21
diff changeset
   563
          $template->header();
322
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 320
diff changeset
   564
            $result = PageUtils::deletepage($paths->page_id, $paths->namespace, $reason);
220
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   565
            echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>';
28
dd2edcdc6c03 Deleting pages now requires a reason
Dan
parents: 21
diff changeset
   566
          $template->footer();
dd2edcdc6c03 Deleting pages now requires a reason
Dan
parents: 21
diff changeset
   567
          break;
dd2edcdc6c03 Deleting pages now requires a reason
Dan
parents: 21
diff changeset
   568
        }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   569
      }
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   570
      $template->header();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   571
        ?>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   572
        <form action="<?php echo makeUrl($paths->page, 'do=deletepage'); ?>" method="post">
220
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   573
           <?php echo $lang->get('page_delete_warning_stern'); ?>
28
dd2edcdc6c03 Deleting pages now requires a reason
Dan
parents: 21
diff changeset
   574
           <?php if ( isset($error) ) echo "<p>$error</p>"; ?>
220
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   575
           <p><?php echo $lang->get('page_delete_lbl_reason'); ?> <input type="text" name="reason" size="50" /></p>
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   576
           <p><input type="submit" name="_adiossucker" value="<?php echo htmlspecialchars($lang->get('page_delete_btn_submit')); ?>" style="color: red; font-weight: bold;" /></p>
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   577
        </form>
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   578
        <?php
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   579
      $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   580
      break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   581
    case 'setwikimode':
220
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   582
      if(!$session->get_permissions('set_wiki_mode'))
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   583
      {
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   584
        die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>');
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   585
      }
97
293148ad7a70 Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents: 91
diff changeset
   586
      if ( isset($_POST['finish']) )
293148ad7a70 Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents: 91
diff changeset
   587
      {
293148ad7a70 Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents: 91
diff changeset
   588
        $level = intval($_POST['level']);
293148ad7a70 Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents: 91
diff changeset
   589
        if ( !in_array($level, array(0, 1, 2) ) )
293148ad7a70 Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents: 91
diff changeset
   590
        {
293148ad7a70 Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents: 91
diff changeset
   591
          die_friendly('Invalid request', '<p>Level not specified</p>');
293148ad7a70 Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents: 91
diff changeset
   592
        }
322
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 320
diff changeset
   593
        $q = $db->sql_query('UPDATE '.table_prefix.'pages SET wiki_mode=' . $level . ' WHERE urlname=\'' . $db->escape($paths->page_id) . '\' AND namespace=\'' . $paths->namespace . '\';');
97
293148ad7a70 Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents: 91
diff changeset
   594
        if ( !$q )
293148ad7a70 Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents: 91
diff changeset
   595
          $db->_die();
220
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   596
        redirect(makeUrl($paths->page), htmlspecialchars($paths->cpage['name']), $lang->get('page_wikimode_success_redirect'), 2);
97
293148ad7a70 Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents: 91
diff changeset
   597
      }
293148ad7a70 Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents: 91
diff changeset
   598
      else
293148ad7a70 Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents: 91
diff changeset
   599
      {
293148ad7a70 Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents: 91
diff changeset
   600
        $template->header();
293148ad7a70 Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents: 91
diff changeset
   601
        if(!isset($_GET['level']) || ( isset($_GET['level']) && !preg_match('#^([0-9])$#', $_GET['level']))) die_friendly('Invalid request', '<p>Level not specified</p>');
293148ad7a70 Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents: 91
diff changeset
   602
          $level = intval($_GET['level']);
293148ad7a70 Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents: 91
diff changeset
   603
          if ( !in_array($level, array(0, 1, 2) ) )
293148ad7a70 Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents: 91
diff changeset
   604
          {
293148ad7a70 Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents: 91
diff changeset
   605
            die_friendly('Invalid request', '<p>Level not specified</p>');
293148ad7a70 Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents: 91
diff changeset
   606
          }
293148ad7a70 Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents: 91
diff changeset
   607
        echo '<form action="' . makeUrl($paths->page, 'do=setwikimode', true) . '" method="post">';
293148ad7a70 Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents: 91
diff changeset
   608
        echo '<input type="hidden" name="finish" value="foo" />';
293148ad7a70 Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents: 91
diff changeset
   609
        echo '<input type="hidden" name="level" value="' . $level . '" />';
220
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   610
        $level_txt = ( $level == 0 ) ? 'page_wikimode_level_off' : ( ( $level == 1 ) ? 'page_wikimode_level_on' : 'page_wikimode_level_global' );
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   611
        $blurb = ( $level == 0 || ( $level == 2 && getConfig('wiki_mode') != '1' ) ) ? 'page_wikimode_blurb_disable' : 'page_wikimode_blurb_enable';
97
293148ad7a70 Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents: 91
diff changeset
   612
        ?>
220
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   613
        <h3><?php echo $lang->get('page_wikimode_heading'); ?></h3>
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   614
        <p><?php echo $lang->get($level_txt) . ' ' . $lang->get($blurb); ?></p>
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   615
        <p><?php echo $lang->get('page_wikimode_warning'); ?></p>
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   616
        <p><input type="submit" value="<?php echo htmlspecialchars($lang->get('page_wikimode_btn_submit')); ?>" /></p>
97
293148ad7a70 Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents: 91
diff changeset
   617
        <?php
293148ad7a70 Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents: 91
diff changeset
   618
        echo '</form>';
293148ad7a70 Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents: 91
diff changeset
   619
        $template->footer();
293148ad7a70 Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents: 91
diff changeset
   620
      }
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   621
      break;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   622
    case 'diff':
592
27377179fe58 Another sweep from the optimization monster.
Dan
parents: 588
diff changeset
   623
      require_once(ENANO_ROOT.'/includes/pageutils.php');
27377179fe58 Another sweep from the optimization monster.
Dan
parents: 588
diff changeset
   624
      require_once(ENANO_ROOT.'/includes/diff.php');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   625
      $template->header();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   626
      $id1 = ( isset($_GET['diff1']) ) ? (int)$_GET['diff1'] : false;
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   627
      $id2 = ( isset($_GET['diff2']) ) ? (int)$_GET['diff2'] : false;
900
c5409416b61b Index: minor fix-up to code cleanliness under diff loading
Dan
parents: 867
diff changeset
   628
      if ( !$id1 || !$id2 )
c5409416b61b Index: minor fix-up to code cleanliness under diff loading
Dan
parents: 867
diff changeset
   629
      {
c5409416b61b Index: minor fix-up to code cleanliness under diff loading
Dan
parents: 867
diff changeset
   630
        echo '<p>Invalid request.</p>';
c5409416b61b Index: minor fix-up to code cleanliness under diff loading
Dan
parents: 867
diff changeset
   631
        $template->footer();
c5409416b61b Index: minor fix-up to code cleanliness under diff loading
Dan
parents: 867
diff changeset
   632
        break;
c5409416b61b Index: minor fix-up to code cleanliness under diff loading
Dan
parents: 867
diff changeset
   633
      }
c5409416b61b Index: minor fix-up to code cleanliness under diff loading
Dan
parents: 867
diff changeset
   634
      if ( !ctype_digit($_GET['diff1']) || !ctype_digit($_GET['diff1']) )
c5409416b61b Index: minor fix-up to code cleanliness under diff loading
Dan
parents: 867
diff changeset
   635
      {
c5409416b61b Index: minor fix-up to code cleanliness under diff loading
Dan
parents: 867
diff changeset
   636
        echo '<p>SQL injection attempt</p>';
c5409416b61b Index: minor fix-up to code cleanliness under diff loading
Dan
parents: 867
diff changeset
   637
        $template->footer();
c5409416b61b Index: minor fix-up to code cleanliness under diff loading
Dan
parents: 867
diff changeset
   638
        break;
c5409416b61b Index: minor fix-up to code cleanliness under diff loading
Dan
parents: 867
diff changeset
   639
      }
322
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 320
diff changeset
   640
      echo PageUtils::pagediff($paths->page_id, $paths->namespace, $id1, $id2);
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   641
      $template->footer();
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   642
      break;
91
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 86
diff changeset
   643
    case 'detag':
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 86
diff changeset
   644
      if ( $session->user_level < USER_LEVEL_ADMIN )
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 86
diff changeset
   645
      {
220
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   646
        die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>');
91
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 86
diff changeset
   647
      }
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 86
diff changeset
   648
      if ( $paths->page_exists )
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 86
diff changeset
   649
      {
220
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   650
        die_friendly($lang->get('etc_invalid_request_short'), '<p>' . $lang->get('page_detag_err_page_exists') . '</p>');
91
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 86
diff changeset
   651
      }
322
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 320
diff changeset
   652
      $q = $db->sql_query('DELETE FROM '.table_prefix.'tags WHERE page_id=\'' . $db->escape($paths->page_id) . '\' AND namespace=\'' . $paths->namespace . '\';');
91
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 86
diff changeset
   653
      if ( !$q )
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 86
diff changeset
   654
        $db->_die('Detag query, index.php:'.__LINE__);
220
d44492e34ab3 Failsafe page maintenance applets in index.php localized
Dan
parents: 213
diff changeset
   655
      die_friendly($lang->get('page_detag_success_title'), '<p>' . $lang->get('page_detag_success_body') . '</p>');
91
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 86
diff changeset
   656
      break;
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   657
    case 'aclmanager':
907
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 906
diff changeset
   658
      if ( !$session->sid_super )
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 906
diff changeset
   659
      {
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 906
diff changeset
   660
        redirect(makeUrlNS('Special', "Login/{$paths->page}", 'target_do=aclmanager&level=' . $session->user_level, false), $lang->get('etc_access_denied_short'), $lang->get('etc_access_denied_need_reauth'), 0);
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 906
diff changeset
   661
      }
44851d7e9bda Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
parents: 906
diff changeset
   662
      
592
27377179fe58 Another sweep from the optimization monster.
Dan
parents: 588
diff changeset
   663
      require_once(ENANO_ROOT.'/includes/pageutils.php');
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   664
      $data = ( isset($_POST['data']) ) ? $_POST['data'] : Array('mode' => 'listgroups');
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   665
      PageUtils::aclmanager($data);
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   666
      break;
286
b2f985e4cef3 Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents: 285
diff changeset
   667
    case 'sql_report':
b2f985e4cef3 Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents: 285
diff changeset
   668
      $rev_id = ( (isset($_GET['oldid'])) ? intval($_GET['oldid']) : 0 );
322
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 320
diff changeset
   669
      $page = new PageProcessor( $paths->page_id, $paths->namespace, $rev_id );
286
b2f985e4cef3 Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents: 285
diff changeset
   670
      $page->send_headers = true;
b2f985e4cef3 Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents: 285
diff changeset
   671
      $pagepass = ( isset($_REQUEST['pagepass']) ) ? sha1($_REQUEST['pagepass']) : '';
b2f985e4cef3 Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents: 285
diff changeset
   672
      $page->password = $pagepass;
b2f985e4cef3 Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents: 285
diff changeset
   673
      $page->send(true);
b2f985e4cef3 Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents: 285
diff changeset
   674
      ob_end_clean();
b2f985e4cef3 Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents: 285
diff changeset
   675
      ob_start();
b2f985e4cef3 Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents: 285
diff changeset
   676
      $db->sql_report();
b2f985e4cef3 Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents: 285
diff changeset
   677
      break;
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   678
  }
42
45ebe475ff75 I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents: 41
diff changeset
   679
  
867
fc4e242995d4 Moved gzip and aggressive_optimize_html calls to output.php
Dan
parents: 832
diff changeset
   680
  // Generate an ETag
fc4e242995d4 Moved gzip and aggressive_optimize_html calls to output.php
Dan
parents: 832
diff changeset
   681
  /*
fc4e242995d4 Moved gzip and aggressive_optimize_html calls to output.php
Dan
parents: 832
diff changeset
   682
  // format: first 10 digits of SHA1 of page name, user id in hex, user and auth levels, page timestamp in hex
fc4e242995d4 Moved gzip and aggressive_optimize_html calls to output.php
Dan
parents: 832
diff changeset
   683
  $etag = substr(sha1($paths->namespace . ':' . $paths->page_id), 0, 10) . '-' .
fc4e242995d4 Moved gzip and aggressive_optimize_html calls to output.php
Dan
parents: 832
diff changeset
   684
          "u{$session->user_id}l{$session->user_level}a{$session->auth_level}-" .
fc4e242995d4 Moved gzip and aggressive_optimize_html calls to output.php
Dan
parents: 832
diff changeset
   685
          dechex($page_timestamp);
fc4e242995d4 Moved gzip and aggressive_optimize_html calls to output.php
Dan
parents: 832
diff changeset
   686
          
fc4e242995d4 Moved gzip and aggressive_optimize_html calls to output.php
Dan
parents: 832
diff changeset
   687
  if ( isset($_SERVER['HTTP_IF_NONE_MATCH']) )
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   688
  {
867
fc4e242995d4 Moved gzip and aggressive_optimize_html calls to output.php
Dan
parents: 832
diff changeset
   689
    if ( "\"$etag\"" == $_SERVER['HTTP_IF_NONE_MATCH'] )
fc4e242995d4 Moved gzip and aggressive_optimize_html calls to output.php
Dan
parents: 832
diff changeset
   690
    {
fc4e242995d4 Moved gzip and aggressive_optimize_html calls to output.php
Dan
parents: 832
diff changeset
   691
      header('HTTP/1.1 304 Not Modified');
fc4e242995d4 Moved gzip and aggressive_optimize_html calls to output.php
Dan
parents: 832
diff changeset
   692
      exit();
fc4e242995d4 Moved gzip and aggressive_optimize_html calls to output.php
Dan
parents: 832
diff changeset
   693
    }
fc4e242995d4 Moved gzip and aggressive_optimize_html calls to output.php
Dan
parents: 832
diff changeset
   694
  }
542
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit.
Dan
parents: 536
diff changeset
   695
            
867
fc4e242995d4 Moved gzip and aggressive_optimize_html calls to output.php
Dan
parents: 832
diff changeset
   696
  header("ETag: \"$etag\"");
fc4e242995d4 Moved gzip and aggressive_optimize_html calls to output.php
Dan
parents: 832
diff changeset
   697
  */
564
a1c450a911a6 Updated version number metadata in system plugin files; added some comments and removed unused code from index.php and includes/graphs.php
Dan
parents: 547
diff changeset
   698
  
80
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 73
diff changeset
   699
  $db->close();  
cb7dde69c301 Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents: 73
diff changeset
   700
  gzip_output();
42
45ebe475ff75 I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents: 41
diff changeset
   701
  
542
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit.
Dan
parents: 536
diff changeset
   702
  @ob_end_flush();
5841df0ab575 Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit.
Dan
parents: 536
diff changeset
   703
  
0
902822492a68 Initial population
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   704
?>