--- a/includes/paths.php Thu Sep 27 15:55:37 2007 -0400
+++ b/includes/paths.php Sat Nov 03 07:43:35 2007 -0400
@@ -2,7 +2,7 @@
/**
* Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
- * Version 1.0.2 (Coblynau)
+ * Version 1.1.1
* Copyright (C) 2006-2007 Dan Fuhry
* paths.php - The part of Enano that actually manages content. Everything related to page handling and namespaces is in here.
*
@@ -46,52 +46,52 @@
// ACL types
// These can also be added from within plugins
- $session->register_acl_type('read', AUTH_ALLOW, 'Read page(s)');
- $session->register_acl_type('post_comments', AUTH_ALLOW, 'Post comments', Array('read'), 'Article|User|Project|Template|File|Help|System|Category');
- $session->register_acl_type('edit_comments', AUTH_ALLOW, 'Edit own comments', Array('post_comments'), 'Article|User|Project|Template|File|Help|System|Category');
- $session->register_acl_type('edit_page', AUTH_WIKIMODE, 'Edit page', Array('view_source'), 'Article|User|Project|Template|File|Help|System|Category');
- $session->register_acl_type('view_source', AUTH_WIKIMODE, 'View source', Array('read'), 'Article|User|Project|Template|File|Help|System|Category'); // Only used if the page is protected
- $session->register_acl_type('mod_comments', AUTH_DISALLOW, 'Moderate comments', Array('edit_comments'), 'Article|User|Project|Template|File|Help|System|Category');
- $session->register_acl_type('history_view', AUTH_WIKIMODE, 'View history/diffs', Array('read'), 'Article|User|Project|Template|File|Help|System|Category');
- $session->register_acl_type('history_rollback', AUTH_DISALLOW, 'Rollback history', Array('history_view'), 'Article|User|Project|Template|File|Help|System|Category');
- $session->register_acl_type('history_rollback_extra', AUTH_DISALLOW, 'Undelete page(s)', Array('history_rollback'), 'Article|User|Project|Template|File|Help|System|Category');
- $session->register_acl_type('protect', AUTH_DISALLOW, 'Protect page(s)', Array('read'), 'Article|User|Project|Template|File|Help|System|Category');
- $session->register_acl_type('rename', AUTH_WIKIMODE, 'Rename page(s)', Array('read'), 'Article|User|Project|Template|File|Help|System|Category');
- $session->register_acl_type('clear_logs', AUTH_DISALLOW, 'Clear page logs (dangerous)', Array('read', 'protect', 'even_when_protected'), 'Article|User|Project|Template|File|Help|System|Category');
- $session->register_acl_type('vote_delete', AUTH_ALLOW, 'Vote to delete', Array('read'), 'Article|User|Project|Template|File|Help|System|Category');
- $session->register_acl_type('vote_reset', AUTH_DISALLOW, 'Reset delete votes', Array('read'), 'Article|User|Project|Template|File|Help|System|Category');
- $session->register_acl_type('delete_page', AUTH_DISALLOW, 'Delete page(s)', Array(), 'Article|User|Project|Template|File|Help|System|Category');
- $session->register_acl_type('tag_create', AUTH_ALLOW, 'Tag page(s)', Array('read'), 'Article|User|Project|Template|File|Help|System|Category');
- $session->register_acl_type('tag_delete_own', AUTH_ALLOW, 'Remove own page tags', Array('read', 'tag_create'), 'Article|User|Project|Template|File|Help|System|Category');
- $session->register_acl_type('tag_delete_other', AUTH_DISALLOW, 'Remove others\' page tags', Array('read'), 'Article|User|Project|Template|File|Help|System|Category');
- $session->register_acl_type('set_wiki_mode', AUTH_DISALLOW, 'Set per-page wiki mode', Array('read'), 'Article|User|Project|Template|File|Help|System|Category');
- $session->register_acl_type('password_set', AUTH_DISALLOW, 'Set password', Array('read'), 'Article|User|Project|Template|File|Help|System|Category');
- $session->register_acl_type('password_reset', AUTH_DISALLOW, 'Disable/reset password', Array('read'), 'Article|User|Project|Template|File|Help|System|Category');
- $session->register_acl_type('mod_misc', AUTH_DISALLOW, 'Super moderator (generate SQL backtraces, view IP addresses, and send large numbers of private messages)', Array(), 'All');
- $session->register_acl_type('edit_cat', AUTH_WIKIMODE, 'Edit categorization', Array('read'), 'Article|User|Project|Template|File|Help|System|Category');
- $session->register_acl_type('even_when_protected', AUTH_DISALLOW, 'Allow editing, renaming, and categorization even when protected', Array('edit_page', 'rename', 'mod_comments', 'edit_cat'), 'Article|User|Project|Template|File|Help|System|Category');
- $session->register_acl_type('upload_files', AUTH_DISALLOW, 'Upload files', Array('create_page'), 'Article|User|Project|Template|File|Help|System|Category|Special');
- $session->register_acl_type('upload_new_version', AUTH_WIKIMODE, 'Upload new versions of files', Array('upload_files'), 'Article|User|Project|Template|File|Help|System|Category|Special');
- $session->register_acl_type('create_page', AUTH_WIKIMODE, 'Create pages', Array(), 'Article|User|Project|Template|File|Help|System|Category|Special');
- $session->register_acl_type('php_in_pages', AUTH_DISALLOW, 'Embed PHP code in pages', Array('edit_page'), 'Article|User|Project|Template|File|Help|System|Category|Admin');
- $session->register_acl_type('edit_acl', AUTH_DISALLOW, 'Edit access control lists', Array('read', 'post_comments', 'edit_comments', 'edit_page', 'view_source', 'mod_comments', 'history_view', 'history_rollback', 'history_rollback_extra', 'protect', 'rename', 'clear_logs', 'vote_delete', 'vote_reset', 'delete_page', 'set_wiki_mode', 'password_set', 'password_reset', 'mod_misc', 'edit_cat', 'even_when_protected', 'upload_files', 'upload_new_version', 'create_page', 'php_in_pages'));
+ $session->register_acl_type('read', AUTH_ALLOW, 'perm_read');
+ $session->register_acl_type('post_comments', AUTH_ALLOW, 'perm_post_comments', Array('read'), 'Article|User|Project|Template|File|Help|System|Category');
+ $session->register_acl_type('edit_comments', AUTH_ALLOW, 'perm_edit_comments', Array('post_comments'), 'Article|User|Project|Template|File|Help|System|Category');
+ $session->register_acl_type('edit_page', AUTH_WIKIMODE, 'perm_edit_page', Array('view_source'), 'Article|User|Project|Template|File|Help|System|Category');
+ $session->register_acl_type('view_source', AUTH_WIKIMODE, 'perm_view_source', Array('read'), 'Article|User|Project|Template|File|Help|System|Category'); // Only used if the page is protected
+ $session->register_acl_type('mod_comments', AUTH_DISALLOW, 'perm_mod_comments', Array('edit_comments'), 'Article|User|Project|Template|File|Help|System|Category');
+ $session->register_acl_type('history_view', AUTH_WIKIMODE, 'perm_history_view', Array('read'), 'Article|User|Project|Template|File|Help|System|Category');
+ $session->register_acl_type('history_rollback', AUTH_DISALLOW, 'perm_history_rollback', Array('history_view'), 'Article|User|Project|Template|File|Help|System|Category');
+ $session->register_acl_type('history_rollback_extra', AUTH_DISALLOW, 'perm_history_rollback_extra', Array('history_rollback'), 'Article|User|Project|Template|File|Help|System|Category');
+ $session->register_acl_type('protect', AUTH_DISALLOW, 'perm_protect', Array('read'), 'Article|User|Project|Template|File|Help|System|Category');
+ $session->register_acl_type('rename', AUTH_WIKIMODE, 'perm_rename', Array('read'), 'Article|User|Project|Template|File|Help|System|Category');
+ $session->register_acl_type('clear_logs', AUTH_DISALLOW, 'perm_clear_logs', Array('read', 'protect', 'even_when_protected'), 'Article|User|Project|Template|File|Help|System|Category');
+ $session->register_acl_type('vote_delete', AUTH_ALLOW, 'perm_vote_delete', Array('read'), 'Article|User|Project|Template|File|Help|System|Category');
+ $session->register_acl_type('vote_reset', AUTH_DISALLOW, 'perm_vote_reset', Array('read'), 'Article|User|Project|Template|File|Help|System|Category');
+ $session->register_acl_type('delete_page', AUTH_DISALLOW, 'perm_delete_page', Array(), 'Article|User|Project|Template|File|Help|System|Category');
+ $session->register_acl_type('tag_create', AUTH_ALLOW, 'perm_tag_create', Array('read'), 'Article|User|Project|Template|File|Help|System|Category');
+ $session->register_acl_type('tag_delete_own', AUTH_ALLOW, 'perm_tag_delete_own', Array('read', 'tag_create'), 'Article|User|Project|Template|File|Help|System|Category');
+ $session->register_acl_type('tag_delete_other', AUTH_DISALLOW, 'perm_tag_delete_other', Array('read'), 'Article|User|Project|Template|File|Help|System|Category');
+ $session->register_acl_type('set_wiki_mode', AUTH_DISALLOW, 'perm_set_wiki_mode', Array('read'), 'Article|User|Project|Template|File|Help|System|Category');
+ $session->register_acl_type('password_set', AUTH_DISALLOW, 'perm_password_set', Array('read'), 'Article|User|Project|Template|File|Help|System|Category');
+ $session->register_acl_type('password_reset', AUTH_DISALLOW, 'perm_password_reset', Array('read'), 'Article|User|Project|Template|File|Help|System|Category');
+ $session->register_acl_type('mod_misc', AUTH_DISALLOW, 'perm_mod_misc', Array(), 'All');
+ $session->register_acl_type('edit_cat', AUTH_WIKIMODE, 'perm_edit_cat', Array('read'), 'Article|User|Project|Template|File|Help|System|Category');
+ $session->register_acl_type('even_when_protected', AUTH_DISALLOW, 'perm_even_when_protected', Array('edit_page', 'rename', 'mod_comments', 'edit_cat'), 'Article|User|Project|Template|File|Help|System|Category');
+ $session->register_acl_type('upload_files', AUTH_DISALLOW, 'perm_upload_files', Array('create_page'), 'Article|User|Project|Template|File|Help|System|Category|Special');
+ $session->register_acl_type('upload_new_version', AUTH_WIKIMODE, 'perm_upload_new_version', Array('upload_files'), 'Article|User|Project|Template|File|Help|System|Category|Special');
+ $session->register_acl_type('create_page', AUTH_WIKIMODE, 'perm_create_page', Array(), 'Article|User|Project|Template|File|Help|System|Category|Special');
+ $session->register_acl_type('php_in_pages', AUTH_DISALLOW, 'perm_php_in_pages', Array('edit_page'), 'Article|User|Project|Template|File|Help|System|Category|Admin');
+ $session->register_acl_type('edit_acl', AUTH_DISALLOW, 'perm_edit_acl', Array('read', 'post_comments', 'edit_comments', 'edit_page', 'view_source', 'mod_comments', 'history_view', 'history_rollback', 'history_rollback_extra', 'protect', 'rename', 'clear_logs', 'vote_delete', 'vote_reset', 'delete_page', 'set_wiki_mode', 'password_set', 'password_reset', 'mod_misc', 'edit_cat', 'even_when_protected', 'upload_files', 'upload_new_version', 'create_page', 'php_in_pages'));
// DO NOT add new admin pages here! Use a plugin to call $paths->addAdminNode();
- $this->addAdminNode('General', 'General Configuration', 'GeneralConfig');
- $this->addAdminNode('General', 'File uploads', 'UploadConfig');
- $this->addAdminNode('General', 'Allowed file types', 'UploadAllowedMimeTypes');
- $this->addAdminNode('General', 'Manage Plugins', 'PluginManager');
- $this->addAdminNode('General', 'Backup database', 'DBBackup');
- $this->addAdminNode('Content', 'Manage Pages', 'PageManager');
- $this->addAdminNode('Content', 'Edit page content', 'PageEditor');
- $this->addAdminNode('Content', 'Manage page groups', 'PageGroups');
- $this->addAdminNode('Appearance', 'Manage themes', 'ThemeManager');
- $this->addAdminNode('Users', 'Manage users', 'UserManager');
- $this->addAdminNode('Users', 'Edit groups', 'GroupManager');
- $this->addAdminNode('Users', 'COPPA support', 'COPPA');
- $this->addAdminNode('Users', 'Mass e-mail', 'MassEmail');
- $this->addAdminNode('Security', 'Security log', 'SecurityLog');
- $this->addAdminNode('Security', 'Ban control', 'BanControl');
+ $this->addAdminNode('adm_cat_general', 'adm_page_general_config', 'GeneralConfig');
+ $this->addAdminNode('adm_cat_general', 'adm_page_file_uploads', 'UploadConfig');
+ $this->addAdminNode('adm_cat_general', 'adm_page_file_types', 'UploadAllowedMimeTypes');
+ $this->addAdminNode('adm_cat_general', 'adm_page_plugins', 'PluginManager');
+ $this->addAdminNode('adm_cat_general', 'adm_page_db_backup', 'DBBackup');
+ $this->addAdminNode('adm_cat_content', 'adm_page_manager', 'PageManager');
+ $this->addAdminNode('adm_cat_content', 'adm_page_editor', 'PageEditor');
+ $this->addAdminNode('adm_cat_content', 'adm_page_pg_groups', 'PageGroups');
+ $this->addAdminNode('adm_cat_appearance', 'adm_page_themes', 'ThemeManager');
+ $this->addAdminNode('adm_cat_users', 'adm_page_users', 'UserManager');
+ $this->addAdminNode('adm_cat_users', 'adm_page_user_groups', 'GroupManager');
+ $this->addAdminNode('adm_cat_users', 'adm_page_coppa', 'COPPA');
+ $this->addAdminNode('adm_cat_users', 'adm_page_mass_email', 'MassEmail');
+ $this->addAdminNode('adm_cat_security', 'adm_page_security_log', 'SecurityLog');
+ $this->addAdminNode('adm_cat_security', 'adm_page_ban_control', 'BanControl');
$code = $plugins->setHook('acl_rule_init');
foreach ( $code as $cmd )
@@ -493,24 +493,29 @@
// Parses a (very carefully formed) array into Javascript code compatible with the Tigra Tree Menu used in the admin menu
function parseAdminTree()
{
+ global $lang;
+
$k = array_keys($this->admin_tree);
$i = 0;
$ret = '';
- $ret .= "var TREE_ITEMS = [\n ['Administration panel home', 'javascript:ajaxPage(\'".$this->nslist['Admin']."Home\');',\n ";
+ $ret .= "var TREE_ITEMS = [\n ['" . $lang->get('adm_btn_home') . "', 'javascript:ajaxPage(\'".$this->nslist['Admin']."Home\');',\n ";
foreach($k as $key)
{
$i++;
- $ret .= "['".$key."', 'javascript:trees[0].toggle($i)', \n";
+ $name = ( preg_match('/^[a-z0-9_]+$/', $key) ) ? $lang->get($key) : $key;
+ $ret .= "['".$name."', 'javascript:trees[0].toggle($i)', \n";
foreach($this->admin_tree[$key] as $c)
{
$i++;
- $ret .= " ['".$c['name']."', 'javascript:ajaxPage(\\'".$this->nslist['Admin'].$c['pageid']."\\');'],\n";
+ $name = ( preg_match('/^[a-z0-9_]+$/', $key) ) ? $lang->get($c['name']) : $c['name'];
+
+ $ret .= " ['".$name."', 'javascript:ajaxPage(\\'".$this->nslist['Admin'].$c['pageid']."\\');'],\n";
}
$ret .= " ],\n";
}
- $ret .= " ['Log out of admin panel', 'javascript:ajaxPage(\\'".$this->nslist['Admin']."AdminLogout\\');'],\n";
- $ret .= " ['<span id=\\'keepalivestat\\'>Loading keep-alive control...</span>', 'javascript:ajaxToggleKeepalive();',
- ['About keep-alive', 'javascript:aboutKeepAlive();']
+ $ret .= " ['" . $lang->get('adm_btn_logout') . "', 'javascript:ajaxPage(\\'".$this->nslist['Admin']."AdminLogout\\');'],\n";
+ $ret .= " ['<span id=\\'keepalivestat\\'>" . $lang->get('adm_btn_keepalive_loading') . "</span>', 'javascript:ajaxToggleKeepalive();',
+ ['" . $lang->get('adm_btn_keepalive_about') . "', 'javascript:aboutKeepAlive();']
],\n";
// I used this while I painstakingly wrote the Runt code that auto-expands certain nodes based on the value of a bitfield stored in a cookie. *shudders*
// $ret .= " ['(debug) Clear menu bitfield', 'javascript:createCookie(\\'admin_menu_state\\', \\'1\\', 365);'],\n";
@@ -855,14 +860,35 @@
{
global $db, $session, $paths, $template, $plugins; // Common objects
- $page_id = $db->escape(sanitize_page_id($page_id));
+ static $cache = array();
+
+ if ( count($cache) == 0 )
+ {
+ foreach ( $this->nslist as $key => $_ )
+ {
+ $cache[$key] = array();
+ }
+ }
+
if ( !isset($this->nslist[$namespace]) )
- die('$paths->get_page_groups(): HACKING ATTEMPT');
+ die('$paths->get_page_groups(): HACKING ATTEMPT: namespace "'. htmlspecialchars($namespace) .'" doesn\'t exist');
+
+ $page_id_unescaped = $paths->nslist[$namespace] .
+ dirtify_page_id($page_id);
+ $page_id_str = $paths->nslist[$namespace] .
+ sanitize_page_id($page_id);
+
+ $page_id = $db->escape(sanitize_page_id($page_id));
+
+ if ( isset($cache[$namespace][$page_id]) )
+ {
+ return $cache[$namespace][$page_id];
+ }
$group_list = array();
// What linked categories have this page?
- $q = $db->sql_query('SELECT g.pg_id FROM '.table_prefix.'page_groups AS g
+ $q = $db->sql_unbuffered_query('SELECT g.pg_id, g.pg_type, g.pg_target FROM '.table_prefix.'page_groups AS g
LEFT JOIN '.table_prefix.'categories AS c
ON ( ( c.category_id = g.pg_target AND g.pg_type = ' . PAGE_GRP_CATLINK . ' ) OR c.category_id IS NULL )
LEFT JOIN '.table_prefix.'page_group_members AS m
@@ -872,47 +898,32 @@
WHERE
( c.page_id=\'' . $page_id . '\' AND c.namespace=\'' . $namespace . '\' ) OR
( t.page_id=\'' . $page_id . '\' AND t.namespace=\'' . $namespace . '\' ) OR
- ( m.page_id=\'' . $page_id . '\' AND m.namespace=\'' . $namespace . '\' );');
+ ( m.page_id=\'' . $page_id . '\' AND m.namespace=\'' . $namespace . '\' ) OR
+ ( g.pg_type = ' . PAGE_GRP_REGEX . ' );');
if ( !$q )
$db->_die();
while ( $row = $db->fetchrow() )
{
- $group_list[] = $row['pg_id'];
+ if ( $row['pg_type'] == PAGE_GRP_REGEX )
+ {
+ //echo "<debug> matching page " . htmlspecialchars($page_id_unescaped) . " against regex <tt>" . htmlspecialchars($row['pg_target']) . "</tt>.";
+ if ( @preg_match($row['pg_target'], $page_id_unescaped) || @preg_match($row['pg_target'], $page_id_str) )
+ {
+ //echo "..matched";
+ $group_list[] = $row['pg_id'];
+ }
+ //echo "<br />";
+ }
+ else
+ {
+ $group_list[] = $row['pg_id'];
+ }
}
$db->free_result();
- /*
- // Static-page groups
- $q = $db->sql_query('SELECT g.pg_id FROM '.table_prefix.'page_groups AS g
- LEFT JOIN '.table_prefix.'page_group_members AS m
- ON ( g.pg_id = m.pg_id )
- WHERE m.page_id=\'' . $page_id . '\' AND m.namespace=\'' . $namespace . '\'
- GROUP BY g.pg_id;');
-
- if ( !$q )
- $db->_die();
-
- while ( $row = $db->fetchrow() )
- {
- $group_list[] = $row['pg_id'];
- }
-
- // Tag groups
-
- $q = $db->sql_query('SELECT g.pg_id FROM '.table_prefix.'page_groups AS g
- LEFT JOIN '.table_prefix.'tags AS t
- ON ( t.tag_name = g.pg_target AND pg_type = ' . PAGE_GRP_TAGGED . ' )
- WHERE t.page_id = \'' . $page_id . '\' AND t.namespace = \'' . $namespace . '\';');
- if ( !$q )
- $db->_die();
-
- while ( $row = $db->fetchrow() )
- {
- $group_list[] = $row['pg_id'];
- }
- */
+ $cache[$namespace][$page_id] = $group_list;
return $group_list;