| changeset 320 | 112debff64bd |
| parent 317 | f8356d9c3481 |
| child 322 | 5f1cd51bf1be |
| 319:8be996c3740d | 320:112debff64bd |
|---|---|
376 // Strip potentially harmful tags and PHP from the message, dependent upon permissions settings |
376 // Strip potentially harmful tags and PHP from the message, dependent upon permissions settings |
377 $message = RenderMan::preprocess_text($message, false, false); |
377 $message = RenderMan::preprocess_text($message, false, false); |
378 |
378 |
379 $msg = $db->escape($message); |
379 $msg = $db->escape($message); |
380 |
380 |
381 $minor = $minor ? 'true' : 'false'; |
381 $minor = $minor ? ENANO_SQL_BOOLEAN_TRUE : ENANO_SQL_BOOLEAN_FALSE; |
382 $q='INSERT INTO ' . table_prefix.'logs(log_type,action,time_id,date_string,page_id,namespace,page_text,char_tag,author,edit_summary,minor_edit) VALUES(\'page\', \'edit\', '.time().', \''.date('d M Y h:i a').'\', \'' . $paths->cpage['urlname_nons'] . '\', \'' . $paths->namespace . '\', \'' . $msg . '\', \'' . $uid . '\', \'' . $session->username . '\', \'' . $db->escape(htmlspecialchars($summary)) . '\', ' . $minor . ');'; |
382 $q='INSERT INTO ' . table_prefix.'logs(log_type,action,time_id,date_string,page_id,namespace,page_text,char_tag,author,edit_summary,minor_edit) VALUES(\'page\', \'edit\', '.time().', \''.date('d M Y h:i a').'\', \'' . $paths->cpage['urlname_nons'] . '\', \'' . $paths->namespace . '\', ' . ENANO_SQL_MULTISTRING_PRFIX . '\'' . $msg . '\', \'' . $uid . '\', \'' . $session->username . '\', \'' . $db->escape(htmlspecialchars($summary)) . '\', ' . $minor . ');'; |
383 if(!$db->sql_query($q)) $db->_die('The history (log) entry could not be inserted into the logs table.'); |
383 if(!$db->sql_query($q)) $db->_die('The history (log) entry could not be inserted into the logs table.'); |
384 |
384 |
385 $q = 'UPDATE ' . table_prefix.'page_text SET page_text=\'' . $msg . '\',char_tag=\'' . $uid . '\' WHERE page_id=\'' . $page_id . '\' AND namespace=\'' . $namespace . '\';'; |
385 $q = 'UPDATE ' . table_prefix.'page_text SET page_text=' . ENANO_SQL_MULTISTRING_PRFIX . '\'' . $msg . '\',char_tag=\'' . $uid . '\' WHERE page_id=\'' . $page_id . '\' AND namespace=\'' . $namespace . '\';'; |
386 $e = $db->sql_query($q); |
386 $e = $db->sql_query($q); |
387 if(!$e) $db->_die('Enano was unable to save the page contents. Your changes have been lost <tt>:\'(</tt>.'); |
387 if(!$e) $db->_die('Enano was unable to save the page contents. Your changes have been lost <tt>:\'(</tt>.'); |
388 |
388 |
389 $paths->rebuild_page_index($page_id, $namespace); |
389 $paths->rebuild_page_index($page_id, $namespace); |
390 |
390 |
441 $page_id = dirtify_page_id($page_id); |
441 $page_id = dirtify_page_id($page_id); |
442 |
442 |
443 if ( !$name ) |
443 if ( !$name ) |
444 $name = str_replace('_', ' ', $page_id); |
444 $name = str_replace('_', ' ', $page_id); |
445 $regex = '#^([A-z0-9 _\-\.\/\!\@\(\)]*)$#is'; |
445 $regex = '#^([A-z0-9 _\-\.\/\!\@\(\)]*)$#is'; |
446 if(!preg_match($regex, $page)) |
446 if(!preg_match($regex, $name)) |
447 { |
447 { |
448 //echo '<b>Notice:</b> PageUtils::createPage: Name contains invalid characters<br />'; |
448 //echo '<b>Notice:</b> PageUtils::createPage: Name contains invalid characters<br />'; |
449 return 'Name contains invalid characters'; |
449 return 'Name contains invalid characters'; |
450 } |
450 } |
451 |
451 |
1412 { |
1412 { |
1413 $e = $db->sql_query('SELECT page_text,char_tag FROM ' . table_prefix.'page_text WHERE page_id=\'' . $page_id . '\' AND namespace=\'' . $namespace . '\';'); |
1413 $e = $db->sql_query('SELECT page_text,char_tag FROM ' . table_prefix.'page_text WHERE page_id=\'' . $page_id . '\' AND namespace=\'' . $namespace . '\';'); |
1414 if(!$e) $db->_die('The current page text could not be selected; as a result, creating the backup of the page failed. Please make a backup copy of the page by clicking Edit this page and then clicking Save Changes.'); |
1414 if(!$e) $db->_die('The current page text could not be selected; as a result, creating the backup of the page failed. Please make a backup copy of the page by clicking Edit this page and then clicking Save Changes.'); |
1415 $row = $db->fetchrow(); |
1415 $row = $db->fetchrow(); |
1416 $db->free_result(); |
1416 $db->free_result(); |
1417 $q='INSERT INTO ' . table_prefix.'logs(log_type,action,time_id,date_string,page_id,namespace,page_text,char_tag,author,edit_summary,minor_edit) VALUES(\'page\', \'edit\', '.time().', \''.date('d M Y h:i a').'\', \'' . $page_id . '\', \'' . $namespace . '\', \'' . $db->escape($row['page_text']) . '\', \'' . $row['char_tag'] . '\', \'' . $session->username . '\', \''."Automatic backup created when logs were purged".'\', '.'false'.');'; |
1417 $minor_edit = ( ENANO_DBLAYER == 'MYSQL' ) ? 'false' : '0'; |
1418 $q='INSERT INTO ' . table_prefix.'logs(log_type,action,time_id,date_string,page_id,namespace,page_text,char_tag,author,edit_summary,minor_edit) VALUES(\'page\', \'edit\', '.time().', \''.date('d M Y h:i a').'\', \'' . $page_id . '\', \'' . $namespace . '\', \'' . $db->escape($row['page_text']) . '\', \'' . $row['char_tag'] . '\', \'' . $session->username . '\', \''."Automatic backup created when logs were purged".'\', '.$minor_edit.');'; |
|
1418 if(!$db->sql_query($q)) $db->_die('The history (log) entry could not be inserted into the logs table.'); |
1419 if(!$db->sql_query($q)) $db->_die('The history (log) entry could not be inserted into the logs table.'); |
1419 } |
1420 } |
1420 return('The logs for this page have been cleared. A backup of this page has been added to the logs table so that this page can be restored in case of vandalism or spam later.'); |
1421 return('The logs for this page have been cleared. A backup of this page has been added to the logs table so that this page can be restored in case of vandalism or spam later.'); |
1421 } |
1422 } |
1422 |
1423 |