--- a/index.php Sun Mar 28 21:49:26 2010 -0400
+++ b/index.php Sun Mar 28 23:10:46 2010 -0400
@@ -30,7 +30,7 @@
if($aggressive_optimize_html || $do_gzip)
{
- ob_start();
+ ob_start();
}
global $db, $session, $paths, $template, $plugins; // Common objects
@@ -38,659 +38,659 @@
if ( !isset($_GET['do']) )
{
- $_GET['do'] = 'view';
+ $_GET['do'] = 'view';
}
switch($_GET['do'])
{
- default:
- $code = $plugins->setHook('page_action');
- ob_start();
- foreach ( $code as $cmd )
- {
- eval($cmd);
- }
- if ( $contents = ob_get_contents() )
- {
- ob_end_clean();
- echo $contents;
- }
- else
- {
- die_friendly('Invalid action', '<p>The action "'.htmlspecialchars($_GET['do']).'" is not defined. Return to <a href="'.makeUrl($paths->page).'">viewing this page\'s text</a>.</p>');
- }
- break;
- case 'view':
- // echo PageUtils::getpage($paths->page, true, ( (isset($_GET['oldid'])) ? $_GET['oldid'] : false ));
- $rev_id = ( (isset($_GET['oldid'])) ? intval($_GET['oldid']) : 0 );
- $page = new PageProcessor( $paths->page_id, $paths->namespace, $rev_id );
- // Feed this PageProcessor to the template processor. This prevents $template from starting another
- // PageProcessor when we already have one going.
- $template->set_page($page);
- $page->send_headers = true;
- $page->allow_redir = ( !isset($_GET['redirect']) || (isset($_GET['redirect']) && $_GET['redirect'] !== 'no') );
- $pagepass = ( isset($_REQUEST['pagepass']) ) ? sha1($_REQUEST['pagepass']) : '';
- $page->password = $pagepass;
- $page->send(true);
- $page_timestamp = $page->revision_time;
- break;
- case 'comments':
- $output->header();
- require_once(ENANO_ROOT.'/includes/pageutils.php');
- $sub = ( isset ($_GET['sub']) ) ? $_GET['sub'] : false;
- switch($sub)
- {
- case 'admin':
- default:
- $act = ( isset ($_GET['action']) ) ? $_GET['action'] : false;
- $id = ( isset ($_GET['id']) ) ? intval($_GET['id']) : -1;
- echo PageUtils::comments_html($paths->page_id, $paths->namespace, $act, Array('id'=>$id));
- break;
- case 'postcomment':
- if(empty($_POST['name']) ||
- empty($_POST['subj']) ||
- empty($_POST['text'])
- ) { echo 'Invalid request'; break; }
- $cid = ( isset($_POST['captcha_id']) ) ? $_POST['captcha_id'] : false;
- $cin = ( isset($_POST['captcha_input']) ) ? $_POST['captcha_input'] : false;
-
- require_once('includes/comment.php');
- $comments = new Comments($paths->page_id, $paths->namespace);
-
- $submission = array(
- 'mode' => 'submit',
- 'captcha_id' => $cid,
- 'captcha_code' => $cin,
- 'name' => $_POST['name'],
- 'subj' => $_POST['subj'],
- 'text' => $_POST['text'],
- );
-
- $result = $comments->process_json($submission);
- if ( $result['mode'] == 'error' )
- {
- echo '<div class="error-box">' . htmlspecialchars($result['error']) . '</div>';
- }
- else
- {
- echo '<div class="info-box">' . $lang->get('comment_msg_comment_posted') . '</div>';
- }
-
- echo PageUtils::comments_html($paths->page_id, $paths->namespace);
- break;
- case 'editcomment':
- if(!isset($_GET['id']) || ( isset($_GET['id']) && !preg_match('#^([0-9]+)$#', $_GET['id']) )) { echo '<p>Invalid comment ID</p>'; break; }
- $q = $db->sql_query('SELECT subject,comment_data,comment_id FROM '.table_prefix.'comments WHERE comment_id='.$_GET['id']);
- if(!$q) $db->_die('The comment data could not be selected.');
- $row = $db->fetchrow();
- $db->free_result();
- $row['subject'] = str_replace('\'', ''', $row['subject']);
- echo '<form action="'.makeUrl($paths->page, 'do=comments&sub=savecomment').'" method="post">';
- echo "<br /><div class='tblholder'><table border='0' width='100%' cellspacing='1' cellpadding='4'>
- <tr><td class='row1'>" . $lang->get('comment_postform_field_subject') . "</td><td class='row1'><input type='text' name='subj' value='{$row['subject']}' /></td></tr>
- <tr><td class='row2'>" . $lang->get('comment_postform_field_comment') . "</td><td class='row2'><textarea rows='10' cols='40' style='width: 98%;' name='text'>{$row['comment_data']}</textarea></td></tr>
- <tr><td class='row1' colspan='2' class='row1' style='text-align: center;'><input type='hidden' name='id' value='{$row['comment_id']}' /><input type='submit' value='" . $lang->get('etc_save_changes') . "' /></td></tr>
- </table></div>";
- echo '</form>';
- break;
- case 'savecomment':
- if(empty($_POST['subj']) || empty($_POST['text'])) { echo '<p>Invalid request</p>'; break; }
- $r = PageUtils::savecomment_neater($paths->page_id, $paths->namespace, $_POST['subj'], $_POST['text'], (int)$_POST['id']);
- if($r != 'good') { echo "<pre>$r</pre>"; break; }
- echo PageUtils::comments_html($paths->page_id, $paths->namespace);
- break;
- case 'deletecomment':
- if(!empty($_GET['id']))
- {
- PageUtils::deletecomment_neater($paths->page_id, $paths->namespace, (int)$_GET['id']);
- }
- echo PageUtils::comments_html($paths->page_id, $paths->namespace);
- break;
- }
- $output->footer();
- break;
- case 'edit':
- if(isset($_POST['_cancel']))
- {
- redirect(makeUrl($paths->page), '', '', 0);
- break;
- }
- require_once(ENANO_ROOT.'/includes/pageutils.php');
- if(isset($_POST['_save']))
- {
- $captcha_valid = true;
- if ( !$session->user_logged_in && getConfig('guest_edit_require_captcha') == '1' )
- {
- $captcha_valid = false;
- if ( isset($_POST['captcha_id']) && isset($_POST['captcha_code']) )
- {
- $hash_correct = strtolower($session->get_captcha($_POST['captcha_id']));
- $hash_input = strtolower($_POST['captcha_code']);
- if ( $hash_input === $hash_correct )
- $captcha_valid = true;
- }
- }
- if ( $captcha_valid )
- {
- $e = PageUtils::savepage($paths->page_id, $paths->namespace, $_POST['page_text'], $_POST['edit_summary'], isset($_POST['minor']));
- if ( $e == 'good' )
- {
- redirect(makeUrl($paths->page), $lang->get('editor_msg_save_success_title'), $lang->get('editor_msg_save_success_body'), 3);
- }
- }
- }
- $template->header();
- if ( isset($captcha_valid) )
- {
- echo '<div class="usermessage">' . $lang->get('editor_err_captcha_wrong') . '</div>';
- }
- if(isset($_POST['_preview']))
- {
- $text = $_POST['page_text'];
- $edsumm = $_POST['edit_summary'];
- echo PageUtils::genPreview($_POST['page_text']);
- $text = htmlspecialchars($text);
- $revid = 0;
- }
- else
- {
- $revid = ( isset($_GET['revid']) ) ? intval($_GET['revid']) : 0;
- $page = new PageProcessor($paths->page_id, $paths->namespace, $revid);
- $text = $page->fetch_source();
- $edsumm = '';
- // $text = RenderMan::getPage($paths->cpage['urlname_nons'], $paths->namespace, 0, false, false, false, false);
- }
- if ( $revid > 0 )
- {
- $time = $page->revision_time;
- // Retrieve information about this revision and the current one
- $q = $db->sql_query('SELECT l1.author AS currentrev_author, l2.author AS oldrev_author FROM ' . table_prefix . 'logs AS l1
+ default:
+ $code = $plugins->setHook('page_action');
+ ob_start();
+ foreach ( $code as $cmd )
+ {
+ eval($cmd);
+ }
+ if ( $contents = ob_get_contents() )
+ {
+ ob_end_clean();
+ echo $contents;
+ }
+ else
+ {
+ die_friendly('Invalid action', '<p>The action "'.htmlspecialchars($_GET['do']).'" is not defined. Return to <a href="'.makeUrl($paths->page).'">viewing this page\'s text</a>.</p>');
+ }
+ break;
+ case 'view':
+ // echo PageUtils::getpage($paths->page, true, ( (isset($_GET['oldid'])) ? $_GET['oldid'] : false ));
+ $rev_id = ( (isset($_GET['oldid'])) ? intval($_GET['oldid']) : 0 );
+ $page = new PageProcessor( $paths->page_id, $paths->namespace, $rev_id );
+ // Feed this PageProcessor to the template processor. This prevents $template from starting another
+ // PageProcessor when we already have one going.
+ $template->set_page($page);
+ $page->send_headers = true;
+ $page->allow_redir = ( !isset($_GET['redirect']) || (isset($_GET['redirect']) && $_GET['redirect'] !== 'no') );
+ $pagepass = ( isset($_REQUEST['pagepass']) ) ? sha1($_REQUEST['pagepass']) : '';
+ $page->password = $pagepass;
+ $page->send(true);
+ $page_timestamp = $page->revision_time;
+ break;
+ case 'comments':
+ $output->header();
+ require_once(ENANO_ROOT.'/includes/pageutils.php');
+ $sub = ( isset ($_GET['sub']) ) ? $_GET['sub'] : false;
+ switch($sub)
+ {
+ case 'admin':
+ default:
+ $act = ( isset ($_GET['action']) ) ? $_GET['action'] : false;
+ $id = ( isset ($_GET['id']) ) ? intval($_GET['id']) : -1;
+ echo PageUtils::comments_html($paths->page_id, $paths->namespace, $act, Array('id'=>$id));
+ break;
+ case 'postcomment':
+ if(empty($_POST['name']) ||
+ empty($_POST['subj']) ||
+ empty($_POST['text'])
+ ) { echo 'Invalid request'; break; }
+ $cid = ( isset($_POST['captcha_id']) ) ? $_POST['captcha_id'] : false;
+ $cin = ( isset($_POST['captcha_input']) ) ? $_POST['captcha_input'] : false;
+
+ require_once('includes/comment.php');
+ $comments = new Comments($paths->page_id, $paths->namespace);
+
+ $submission = array(
+ 'mode' => 'submit',
+ 'captcha_id' => $cid,
+ 'captcha_code' => $cin,
+ 'name' => $_POST['name'],
+ 'subj' => $_POST['subj'],
+ 'text' => $_POST['text'],
+ );
+
+ $result = $comments->process_json($submission);
+ if ( $result['mode'] == 'error' )
+ {
+ echo '<div class="error-box">' . htmlspecialchars($result['error']) . '</div>';
+ }
+ else
+ {
+ echo '<div class="info-box">' . $lang->get('comment_msg_comment_posted') . '</div>';
+ }
+
+ echo PageUtils::comments_html($paths->page_id, $paths->namespace);
+ break;
+ case 'editcomment':
+ if(!isset($_GET['id']) || ( isset($_GET['id']) && !preg_match('#^([0-9]+)$#', $_GET['id']) )) { echo '<p>Invalid comment ID</p>'; break; }
+ $q = $db->sql_query('SELECT subject,comment_data,comment_id FROM '.table_prefix.'comments WHERE comment_id='.$_GET['id']);
+ if(!$q) $db->_die('The comment data could not be selected.');
+ $row = $db->fetchrow();
+ $db->free_result();
+ $row['subject'] = str_replace('\'', ''', $row['subject']);
+ echo '<form action="'.makeUrl($paths->page, 'do=comments&sub=savecomment').'" method="post">';
+ echo "<br /><div class='tblholder'><table border='0' width='100%' cellspacing='1' cellpadding='4'>
+ <tr><td class='row1'>" . $lang->get('comment_postform_field_subject') . "</td><td class='row1'><input type='text' name='subj' value='{$row['subject']}' /></td></tr>
+ <tr><td class='row2'>" . $lang->get('comment_postform_field_comment') . "</td><td class='row2'><textarea rows='10' cols='40' style='width: 98%;' name='text'>{$row['comment_data']}</textarea></td></tr>
+ <tr><td class='row1' colspan='2' class='row1' style='text-align: center;'><input type='hidden' name='id' value='{$row['comment_id']}' /><input type='submit' value='" . $lang->get('etc_save_changes') . "' /></td></tr>
+ </table></div>";
+ echo '</form>';
+ break;
+ case 'savecomment':
+ if(empty($_POST['subj']) || empty($_POST['text'])) { echo '<p>Invalid request</p>'; break; }
+ $r = PageUtils::savecomment_neater($paths->page_id, $paths->namespace, $_POST['subj'], $_POST['text'], (int)$_POST['id']);
+ if($r != 'good') { echo "<pre>$r</pre>"; break; }
+ echo PageUtils::comments_html($paths->page_id, $paths->namespace);
+ break;
+ case 'deletecomment':
+ if(!empty($_GET['id']))
+ {
+ PageUtils::deletecomment_neater($paths->page_id, $paths->namespace, (int)$_GET['id']);
+ }
+ echo PageUtils::comments_html($paths->page_id, $paths->namespace);
+ break;
+ }
+ $output->footer();
+ break;
+ case 'edit':
+ if(isset($_POST['_cancel']))
+ {
+ redirect(makeUrl($paths->page), '', '', 0);
+ break;
+ }
+ require_once(ENANO_ROOT.'/includes/pageutils.php');
+ if(isset($_POST['_save']))
+ {
+ $captcha_valid = true;
+ if ( !$session->user_logged_in && getConfig('guest_edit_require_captcha') == '1' )
+ {
+ $captcha_valid = false;
+ if ( isset($_POST['captcha_id']) && isset($_POST['captcha_code']) )
+ {
+ $hash_correct = strtolower($session->get_captcha($_POST['captcha_id']));
+ $hash_input = strtolower($_POST['captcha_code']);
+ if ( $hash_input === $hash_correct )
+ $captcha_valid = true;
+ }
+ }
+ if ( $captcha_valid )
+ {
+ $e = PageUtils::savepage($paths->page_id, $paths->namespace, $_POST['page_text'], $_POST['edit_summary'], isset($_POST['minor']));
+ if ( $e == 'good' )
+ {
+ redirect(makeUrl($paths->page), $lang->get('editor_msg_save_success_title'), $lang->get('editor_msg_save_success_body'), 3);
+ }
+ }
+ }
+ $template->header();
+ if ( isset($captcha_valid) )
+ {
+ echo '<div class="usermessage">' . $lang->get('editor_err_captcha_wrong') . '</div>';
+ }
+ if(isset($_POST['_preview']))
+ {
+ $text = $_POST['page_text'];
+ $edsumm = $_POST['edit_summary'];
+ echo PageUtils::genPreview($_POST['page_text']);
+ $text = htmlspecialchars($text);
+ $revid = 0;
+ }
+ else
+ {
+ $revid = ( isset($_GET['revid']) ) ? intval($_GET['revid']) : 0;
+ $page = new PageProcessor($paths->page_id, $paths->namespace, $revid);
+ $text = $page->fetch_source();
+ $edsumm = '';
+ // $text = RenderMan::getPage($paths->cpage['urlname_nons'], $paths->namespace, 0, false, false, false, false);
+ }
+ if ( $revid > 0 )
+ {
+ $time = $page->revision_time;
+ // Retrieve information about this revision and the current one
+ $q = $db->sql_query('SELECT l1.author AS currentrev_author, l2.author AS oldrev_author FROM ' . table_prefix . 'logs AS l1
LEFT JOIN ' . table_prefix . 'logs AS l2
- ON ( l2.log_id = ' . $revid . '
- AND l2.log_type = \'page\'
- AND l2.action = \'edit\'
- AND l2.page_id = \'' . $db->escape($paths->page_id) . '\'
- AND l2.namespace = \'' . $db->escape($paths->namespace) . '\'
- AND l1.is_draft != 1
- )
+ ON ( l2.log_id = ' . $revid . '
+ AND l2.log_type = \'page\'
+ AND l2.action = \'edit\'
+ AND l2.page_id = \'' . $db->escape($paths->page_id) . '\'
+ AND l2.namespace = \'' . $db->escape($paths->namespace) . '\'
+ AND l1.is_draft != 1
+ )
WHERE l1.log_type = \'page\'
- AND l1.action = \'edit\'
- AND l1.page_id = \'' . $db->escape($paths->page_id) . '\'
- AND l1.namespace = \'' . $db->escape($paths->namespace) . '\'
- AND l1.time_id > ' . $time . '
- AND l1.is_draft != 1
+ AND l1.action = \'edit\'
+ AND l1.page_id = \'' . $db->escape($paths->page_id) . '\'
+ AND l1.namespace = \'' . $db->escape($paths->namespace) . '\'
+ AND l1.time_id > ' . $time . '
+ AND l1.is_draft != 1
ORDER BY l1.time_id DESC;');
- if ( !$q )
- $db->die_json();
-
- if ( $db->numrows() > 0 )
- {
- echo '<div class="usermessage">' . $lang->get('editor_msg_editing_old_revision') . '</div>';
-
- $rev_count = $db->numrows() - 2;
- $row = $db->fetchrow();
- $undo_info = array(
- 'old_author' => $row['oldrev_author'],
- 'current_author' => $row['currentrev_author'],
- 'undo_count' => max($rev_count, 1),
- 'last_rev_id' => $revid
- );
- }
- else
- {
- $revid = 0;
- }
- $db->free_result();
- }
- echo '
- <form action="'.makeUrl($paths->page, 'do=edit').'" method="post" enctype="multipart/form-data">
- <br />
- <textarea name="page_text" rows="20" cols="60" style="width: 97%;">'.$text.'</textarea><br />
- <br />
- ';
- $edsumm = ( $revid > 0 ) ? $lang->get('editor_reversion_edit_summary', $undo_info) : $edsumm;
- echo $lang->get('editor_lbl_edit_summary') . ' <input name="edit_summary" type="text" size="40" value="' . htmlspecialchars($edsumm) . '" /><br /><label><input type="checkbox" name="minor" /> ' . $lang->get('editor_lbl_minor_edit_field') . '</label><br />';
- if ( !$session->user_logged_in && getConfig('guest_edit_require_captcha') == '1' )
- {
- echo '<br /><table border="0"><tr><td>';
- echo '<b>' . $lang->get('editor_lbl_field_captcha') . '</b><br />'
- . '<br />'
- . $lang->get('editor_msg_captcha_pleaseenter') . '<br /><br />'
- . $lang->get('editor_msg_captcha_blind');
- echo '</td><td>';
- $hash = $session->make_captcha();
- echo '<img src="' . makeUrlNS('Special', "Captcha/$hash") . '" onclick="this.src+=\'/a\'" style="cursor: pointer;" /><br />';
- echo '<input type="hidden" name="captcha_id" value="' . $hash . '" />';
- echo $lang->get('editor_lbl_field_captcha_code') . ' <input type="text" name="captcha_code" value="" size="9" />';
- echo '</td></tr></table>';
- }
- echo '<br />
- <input type="submit" name="_save" value="' . $lang->get('editor_btn_save') . '" style="font-weight: bold;" />
- <input type="submit" name="_preview" value="' . $lang->get('editor_btn_preview') . '" />
- <input type="submit" name="_revert" value="' . $lang->get('editor_btn_revert') . '" />
- <input type="submit" name="_cancel" value="' . $lang->get('editor_btn_cancel') . '" />
- </form>
- ';
- if ( getConfig('wiki_edit_notice', '0') == '1' )
- {
- $notice = getConfig('wiki_edit_notice_text');
- echo RenderMan::render($notice);
- }
- $template->footer();
- break;
- case 'viewsource':
- $template->header();
- $text = RenderMan::getPage($paths->page_id, $paths->namespace, 0, false, false, false, false);
- $text = htmlspecialchars($text);
- echo '
- <form action="'.makeUrl($paths->page, 'do=edit').'" method="post">
- <br />
- <textarea readonly="readonly" name="page_text" rows="20" cols="60" style="width: 97%;">'.$text.'</textarea>';
- echo '<br />
- <input type="submit" name="_cancel" value="' . $lang->get('editor_btn_closeviewer') . '" />
- </form>
- ';
- $template->footer();
- break;
- case 'history':
- require_once(ENANO_ROOT.'/includes/pageutils.php');
- $hist = PageUtils::histlist($paths->page_id, $paths->namespace);
- $template->header();
- echo $hist;
- $template->footer();
- break;
- case 'rollback':
- $id = (isset($_GET['id'])) ? $_GET['id'] : false;
- if(!$id || !ctype_digit($id)) die_friendly('Invalid action ID', '<p>The URL parameter "id" is not an integer. Exiting to prevent nasties like SQL injection, etc.</p>');
-
- $id = intval($id);
-
- $page = new PageProcessor($paths->page_id, $paths->namespace);
- $result = $page->rollback_log_entry($id);
-
- if ( $result['success'] )
- {
- $result = $lang->get("page_msg_rb_success_{$result['action']}", array('dateline' => $result['dateline']));
- }
- else
- {
- $result = $lang->get("page_err_{$result['error']}", array('action' => @$result['action']));
- }
-
- $template->header();
- echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a></p>';
- $template->footer();
- break;
- case 'catedit':
- require_once(ENANO_ROOT.'/includes/pageutils.php');
- if(isset($_POST['__enanoSaveButton']))
- {
- unset($_POST['__enanoSaveButton']);
- $val = PageUtils::catsave($paths->page_id, $paths->namespace, $_POST);
- if($val == 'GOOD')
- {
- header('Location: '.makeUrl($paths->page)); echo '<html><head><title>Redirecting...</title></head><body>If you haven\'t been redirected yet, <a href="'.makeUrl($paths->page).'">click here</a>.'; break;
- } else {
- die_friendly('Error saving category information', '<p>'.$val.'</p>');
- }
- }
- elseif(isset($_POST['__enanoCatCancel']))
- {
- header('Location: '.makeUrl($paths->page)); echo '<html><head><title>Redirecting...</title></head><body>If you haven\'t been redirected yet, <a href="'.makeUrl($paths->page).'">click here</a>.'; break;
- }
- $template->header();
- $c = PageUtils::catedit_raw($paths->page_id, $paths->namespace);
- echo $c[1];
- $template->footer();
- break;
- case 'moreoptions':
- $template->header();
- echo '<div class="menu_nojs" style="width: 150px; padding: 0;"><ul style="display: block;"><li><div class="label">' . $lang->get('ajax_lbl_moreoptions_nojs') . '</div><div style="clear: both;"></div></li>'.$template->toolbar_menu.'</ul></div>';
- $template->footer();
- break;
- case 'protect':
- if ( !$session->sid_super )
- {
- redirect(makeUrlNS('Special', "Login/{$paths->page}", 'target_do=protect&level=' . $session->user_level, false), $lang->get('etc_access_denied_short'), $lang->get('etc_access_denied_need_reauth'), 0);
- }
-
- if ( isset($_POST['level']) && isset($_POST['reason']) )
- {
- $level = intval($_POST['level']);
- if ( !in_array($level, array(PROTECT_FULL, PROTECT_SEMI, PROTECT_NONE)) )
- {
- $errors[] = 'bad level';
- }
- $reason = trim($_POST['reason']);
- if ( empty($reason) )
- {
- $errors[] = $lang->get('onpage_protect_err_need_reason');
- }
-
- $page = new PageProcessor($paths->page_id, $paths->namespace);
- $result = $page->protect_page($level, $reason);
- if ( $result['success'] )
- {
- redirect(makeUrl($paths->page), $lang->get('page_protect_lbl_success_title'), $lang->get('page_protect_lbl_success_body', array('page_link' => makeUrl($paths->page, false, true))), 3);
- }
- else
- {
- $errors[] = $lang->get('page_err_' . $result['error']);
- }
- }
- $template->header();
- ?>
- <form action="<?php echo makeUrl($paths->page, 'do=protect'); ?>" method="post">
- <h3><?php echo $lang->get('onpage_protect_heading'); ?></h3>
- <p><?php echo $lang->get('onpage_protect_msg_select_level'); ?></p>
-
- <?php
- if ( !empty($errors) )
- {
- echo '<ul><li>' . implode('</li><li>', $errors) . '</li></ul>';
- }
- ?>
-
- <div class="protectlevel" style="line-height: 22px; margin-left: 17px;">
- <label>
- <input type="radio" name="level" value="<?php echo PROTECT_FULL; ?>" />
- <?php echo gen_sprite(cdnPath . '/images/protect-icons.png', 22, 22, 0, 0); ?>
- <?php echo $lang->get('onpage_protect_btn_full'); ?>
- </label>
- </div>
- <div class="protectlevel_hint" style="font-size: smaller; margin-left: 68px;">
- <?php echo $lang->get('onpage_protect_btn_full_hint'); ?>
- </div>
-
- <div class="protectlevel" style="line-height: 22px; margin-left: 17px;">
- <label>
- <input type="radio" name="level" value="<?php echo PROTECT_SEMI; ?>" />
- <?php echo gen_sprite(cdnPath . '/images/protect-icons.png', 22, 22, 22, 0); ?>
- <?php echo $lang->get('onpage_protect_btn_semi'); ?>
- </label>
- </div>
- <div class="protectlevel_hint" style="font-size: smaller; margin-left: 68px;">
- <?php echo $lang->get('onpage_protect_btn_semi_hint'); ?>
- </div>
-
- <div class="protectlevel" style="line-height: 22px; margin-left: 17px;">
- <label>
- <input type="radio" name="level" value="<?php echo PROTECT_NONE; ?>" />
- <?php echo gen_sprite(cdnPath . '/images/protect-icons.png', 22, 22, 44, 0); ?>
- <?php echo $lang->get('onpage_protect_btn_none'); ?>
- </label>
- </div>
- <div class="protectlevel_hint" style="font-size: smaller; margin-left: 68px;">
- <?php echo $lang->get('onpage_protect_btn_none_hint'); ?>
- </div>
-
- <table style="margin-left: 1em;" cellspacing="10">
- <tr>
- <td valign="top">
- <?php echo $lang->get('onpage_protect_lbl_reason'); ?>
- </td>
- <td>
- <input type="text" name="reason" size="40" /><br />
- <small><?php echo $lang->get('onpage_protect_lbl_reason_hint'); ?></small>
- </td>
- </tr>
- </table>
-
- <p>
- <input type="submit" value="<?php echo htmlspecialchars($lang->get('page_protect_btn_submit')) ?>" style="font-weight: bold;" />
- <a class="abutton" href="<?php echo makeUrl($paths->page, false, true); ?>"><?php echo $lang->get('etc_cancel'); ?></a>
- </p>
- </form>
- <?php
- $template->footer();
- break;
- case 'rename':
- require_once(ENANO_ROOT.'/includes/pageutils.php');
- if(!empty($_POST['newname']))
- {
- $r = PageUtils::rename($paths->page_id, $paths->namespace, $_POST['newname']);
- die_friendly($lang->get('page_rename_success_title'), '<p>'.nl2br($r).' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>');
- }
- $template->header();
- ?>
- <form action="<?php echo makeUrl($paths->page, 'do=rename'); ?>" method="post">
- <?php if(isset($_POST['newname'])) echo '<p style="color: red;">' . $lang->get('page_rename_err_need_name') . '</p>'; ?>
- <p><?php echo $lang->get('page_rename_lbl'); ?></p>
- <p><input type="text" name="newname" size="40" /></p>
- <p><input type="submit" value="<?php echo htmlspecialchars($lang->get('page_rename_btn_submit')); ?>" style="font-weight: bold;" /></p>
- </form>
- <?php
- $template->footer();
- break;
- case 'flushlogs':
- if(!$session->get_permissions('clear_logs'))
- {
- die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>');
- }
- if ( !$session->sid_super )
- {
- redirect(makeUrlNS('Special', "Login/{$paths->page}", 'target_do=flushlogs&level=' . $session->user_level, false), $lang->get('etc_access_denied_short'), $lang->get('etc_access_denied_need_reauth'), 0);
- }
- require_once(ENANO_ROOT.'/includes/pageutils.php');
- if(isset($_POST['_downthejohn']))
- {
- $template->header();
- $result = PageUtils::flushlogs($paths->page_id, $paths->namespace);
- echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>';
- $template->footer();
- break;
- }
- $template->header();
- ?>
- <form action="<?php echo makeUrl($paths->page, 'do=flushlogs'); ?>" method="post">
- <?php echo $lang->get('page_flushlogs_warning_stern'); ?>
- <p><input type="submit" name="_downthejohn" value="<?php echo htmlspecialchars($lang->get('page_flushlogs_btn_submit')); ?>" style="color: red; font-weight: bold;" /></p>
- </form>
- <?php
- $template->footer();
- break;
- case 'delvote':
- require_once(ENANO_ROOT.'/includes/pageutils.php');
- if(isset($_POST['_ballotbox']))
- {
- $template->header();
- $result = PageUtils::delvote($paths->page_id, $paths->namespace);
- echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>';
- $template->footer();
- break;
- }
- $template->header();
- ?>
- <form action="<?php echo makeUrl($paths->page, 'do=delvote'); ?>" method="post">
- <?php
- echo $lang->get('page_delvote_warning_stern');
- echo '<p>';
- switch($paths->cpage['delvotes'])
- {
- case 0: echo $lang->get('page_delvote_count_zero'); break;
- case 1: echo $lang->get('page_delvote_count_one'); break;
- default: echo $lang->get('page_delvote_count_plural', array('delvotes' => $paths->cpage['delvotes'])); break;
- }
- echo '</p>';
- ?>
- <p><input type="submit" name="_ballotbox" value="<?php echo htmlspecialchars($lang->get('page_delvote_btn_submit')); ?>" /></p>
- </form>
- <?php
- $template->footer();
- break;
- case 'resetvotes':
- require_once(ENANO_ROOT.'/includes/pageutils.php');
- if(!$session->get_permissions('vote_reset'))
- {
- die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>');
- }
- if(isset($_POST['_youmaylivealittlelonger']))
- {
- $template->header();
- $result = PageUtils::resetdelvotes($paths->page_id, $paths->namespace);
- echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>';
- $template->footer();
- break;
- }
- $template->header();
- ?>
- <form action="<?php echo makeUrl($paths->page, 'do=resetvotes'); ?>" method="post">
- <p><?php echo $lang->get('ajax_delvote_reset_confirm'); ?></p>
- <p><input type="submit" name="_youmaylivealittlelonger" value="<?php echo htmlspecialchars($lang->get('page_delvote_reset_btn_submit')); ?>" /></p>
- </form>
- <?php
- $template->footer();
- break;
- case 'deletepage':
- if ( !$session->get_permissions('delete_page') )
- {
- die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>');
- }
- if ( !$session->sid_super )
- {
- redirect(makeUrlNS('Special', "Login/{$paths->page}", 'target_do=deletepage&level=' . $session->user_level, false), $lang->get('etc_access_denied_short'), $lang->get('etc_access_denied_need_reauth'), 0);
- }
-
- require_once(ENANO_ROOT . '/includes/pageutils.php');
- if ( isset($_POST['_adiossucker']) )
- {
- $reason = ( isset($_POST['reason']) ) ? $_POST['reason'] : false;
- if ( empty($reason) )
- $error = $lang->get('ajax_delete_prompt_reason');
- else
- {
- $template->header();
- $result = PageUtils::deletepage($paths->page_id, $paths->namespace, $reason);
- echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>';
- $template->footer();
- break;
- }
- }
- $template->header();
- ?>
- <form action="<?php echo makeUrl($paths->page, 'do=deletepage'); ?>" method="post">
- <?php echo $lang->get('page_delete_warning_stern'); ?>
- <?php if ( isset($error) ) echo "<p>$error</p>"; ?>
- <p><?php echo $lang->get('page_delete_lbl_reason'); ?> <input type="text" name="reason" size="50" /></p>
- <p><input type="submit" name="_adiossucker" value="<?php echo htmlspecialchars($lang->get('page_delete_btn_submit')); ?>" style="font-weight: bold;" /></p>
- </form>
- <?php
- $template->footer();
- break;
- case 'setwikimode':
- if(!$session->get_permissions('set_wiki_mode'))
- {
- die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>');
- }
- if ( isset($_POST['finish']) )
- {
- $level = intval($_POST['level']);
- if ( !in_array($level, array(0, 1, 2) ) )
- {
- die_friendly('Invalid request', '<p>Level not specified</p>');
- }
- $q = $db->sql_query('UPDATE '.table_prefix.'pages SET wiki_mode=' . $level . ' WHERE urlname=\'' . $db->escape($paths->page_id) . '\' AND namespace=\'' . $paths->namespace . '\';');
- if ( !$q )
- $db->_die();
- redirect(makeUrl($paths->page), htmlspecialchars($paths->cpage['name']), $lang->get('page_wikimode_success_redirect'), 2);
- }
- else
- {
- $template->header();
- if(!isset($_GET['level']) || ( isset($_GET['level']) && !preg_match('#^([0-9])$#', $_GET['level']))) die_friendly('Invalid request', '<p>Level not specified</p>');
- $level = intval($_GET['level']);
- if ( !in_array($level, array(0, 1, 2) ) )
- {
- die_friendly('Invalid request', '<p>Level not specified</p>');
- }
- echo '<form action="' . makeUrl($paths->page, 'do=setwikimode', true) . '" method="post">';
- echo '<input type="hidden" name="finish" value="foo" />';
- echo '<input type="hidden" name="level" value="' . $level . '" />';
- $level_txt = ( $level == 0 ) ? 'page_wikimode_level_off' : ( ( $level == 1 ) ? 'page_wikimode_level_on' : 'page_wikimode_level_global' );
- $blurb = ( $level == 0 || ( $level == 2 && getConfig('wiki_mode') != '1' ) ) ? 'page_wikimode_blurb_disable' : 'page_wikimode_blurb_enable';
- ?>
- <h3><?php echo $lang->get('page_wikimode_heading'); ?></h3>
- <p><?php echo $lang->get($level_txt) . ' ' . $lang->get($blurb); ?></p>
- <p><?php echo $lang->get('page_wikimode_warning'); ?></p>
- <p><input type="submit" value="<?php echo htmlspecialchars($lang->get('page_wikimode_btn_submit')); ?>" /></p>
- <?php
- echo '</form>';
- $template->footer();
- }
- break;
- case 'diff':
- require_once(ENANO_ROOT.'/includes/pageutils.php');
- require_once(ENANO_ROOT.'/includes/diff.php');
- $template->header();
- $id1 = ( isset($_GET['diff1']) ) ? (int)$_GET['diff1'] : false;
- $id2 = ( isset($_GET['diff2']) ) ? (int)$_GET['diff2'] : false;
- if ( !$id1 || !$id2 )
- {
- echo '<p>Invalid request.</p>';
- $template->footer();
- break;
- }
- if ( !ctype_digit($_GET['diff1']) || !ctype_digit($_GET['diff1']) )
- {
- echo '<p>SQL injection attempt</p>';
- $template->footer();
- break;
- }
- echo PageUtils::pagediff($paths->page_id, $paths->namespace, $id1, $id2);
- $template->footer();
- break;
- case 'detag':
- if ( $session->user_level < USER_LEVEL_ADMIN )
- {
- die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>');
- }
- if ( $paths->page_exists )
- {
- die_friendly($lang->get('etc_invalid_request_short'), '<p>' . $lang->get('page_detag_err_page_exists') . '</p>');
- }
- $q = $db->sql_query('DELETE FROM '.table_prefix.'tags WHERE page_id=\'' . $db->escape($paths->page_id) . '\' AND namespace=\'' . $paths->namespace . '\';');
- if ( !$q )
- $db->_die('Detag query, index.php:'.__LINE__);
- die_friendly($lang->get('page_detag_success_title'), '<p>' . $lang->get('page_detag_success_body') . '</p>');
- break;
- case 'aclmanager':
- if ( !$session->sid_super )
- {
- redirect(makeUrlNS('Special', "Login/{$paths->page}", 'target_do=aclmanager&level=' . $session->user_level, false), $lang->get('etc_access_denied_short'), $lang->get('etc_access_denied_need_reauth'), 0);
- }
-
- require_once(ENANO_ROOT.'/includes/pageutils.php');
- $data = ( isset($_POST['data']) ) ? $_POST['data'] : Array('mode' => 'listgroups');
- PageUtils::aclmanager($data);
- break;
- case 'sql_report':
- $rev_id = ( (isset($_GET['oldid'])) ? intval($_GET['oldid']) : 0 );
- $page = new PageProcessor( $paths->page_id, $paths->namespace, $rev_id );
- $page->send_headers = true;
- $pagepass = ( isset($_REQUEST['pagepass']) ) ? sha1($_REQUEST['pagepass']) : '';
- $page->password = $pagepass;
- $page->send(true);
- ob_end_clean();
- ob_start();
- $db->sql_report();
- break;
+ if ( !$q )
+ $db->die_json();
+
+ if ( $db->numrows() > 0 )
+ {
+ echo '<div class="usermessage">' . $lang->get('editor_msg_editing_old_revision') . '</div>';
+
+ $rev_count = $db->numrows() - 2;
+ $row = $db->fetchrow();
+ $undo_info = array(
+ 'old_author' => $row['oldrev_author'],
+ 'current_author' => $row['currentrev_author'],
+ 'undo_count' => max($rev_count, 1),
+ 'last_rev_id' => $revid
+ );
+ }
+ else
+ {
+ $revid = 0;
+ }
+ $db->free_result();
+ }
+ echo '
+ <form action="'.makeUrl($paths->page, 'do=edit').'" method="post" enctype="multipart/form-data">
+ <br />
+ <textarea name="page_text" rows="20" cols="60" style="width: 97%;">'.$text.'</textarea><br />
+ <br />
+ ';
+ $edsumm = ( $revid > 0 ) ? $lang->get('editor_reversion_edit_summary', $undo_info) : $edsumm;
+ echo $lang->get('editor_lbl_edit_summary') . ' <input name="edit_summary" type="text" size="40" value="' . htmlspecialchars($edsumm) . '" /><br /><label><input type="checkbox" name="minor" /> ' . $lang->get('editor_lbl_minor_edit_field') . '</label><br />';
+ if ( !$session->user_logged_in && getConfig('guest_edit_require_captcha') == '1' )
+ {
+ echo '<br /><table border="0"><tr><td>';
+ echo '<b>' . $lang->get('editor_lbl_field_captcha') . '</b><br />'
+ . '<br />'
+ . $lang->get('editor_msg_captcha_pleaseenter') . '<br /><br />'
+ . $lang->get('editor_msg_captcha_blind');
+ echo '</td><td>';
+ $hash = $session->make_captcha();
+ echo '<img src="' . makeUrlNS('Special', "Captcha/$hash") . '" onclick="this.src+=\'/a\'" style="cursor: pointer;" /><br />';
+ echo '<input type="hidden" name="captcha_id" value="' . $hash . '" />';
+ echo $lang->get('editor_lbl_field_captcha_code') . ' <input type="text" name="captcha_code" value="" size="9" />';
+ echo '</td></tr></table>';
+ }
+ echo '<br />
+ <input type="submit" name="_save" value="' . $lang->get('editor_btn_save') . '" style="font-weight: bold;" />
+ <input type="submit" name="_preview" value="' . $lang->get('editor_btn_preview') . '" />
+ <input type="submit" name="_revert" value="' . $lang->get('editor_btn_revert') . '" />
+ <input type="submit" name="_cancel" value="' . $lang->get('editor_btn_cancel') . '" />
+ </form>
+ ';
+ if ( getConfig('wiki_edit_notice', '0') == '1' )
+ {
+ $notice = getConfig('wiki_edit_notice_text');
+ echo RenderMan::render($notice);
+ }
+ $template->footer();
+ break;
+ case 'viewsource':
+ $template->header();
+ $text = RenderMan::getPage($paths->page_id, $paths->namespace, 0, false, false, false, false);
+ $text = htmlspecialchars($text);
+ echo '
+ <form action="'.makeUrl($paths->page, 'do=edit').'" method="post">
+ <br />
+ <textarea readonly="readonly" name="page_text" rows="20" cols="60" style="width: 97%;">'.$text.'</textarea>';
+ echo '<br />
+ <input type="submit" name="_cancel" value="' . $lang->get('editor_btn_closeviewer') . '" />
+ </form>
+ ';
+ $template->footer();
+ break;
+ case 'history':
+ require_once(ENANO_ROOT.'/includes/pageutils.php');
+ $hist = PageUtils::histlist($paths->page_id, $paths->namespace);
+ $template->header();
+ echo $hist;
+ $template->footer();
+ break;
+ case 'rollback':
+ $id = (isset($_GET['id'])) ? $_GET['id'] : false;
+ if(!$id || !ctype_digit($id)) die_friendly('Invalid action ID', '<p>The URL parameter "id" is not an integer. Exiting to prevent nasties like SQL injection, etc.</p>');
+
+ $id = intval($id);
+
+ $page = new PageProcessor($paths->page_id, $paths->namespace);
+ $result = $page->rollback_log_entry($id);
+
+ if ( $result['success'] )
+ {
+ $result = $lang->get("page_msg_rb_success_{$result['action']}", array('dateline' => $result['dateline']));
+ }
+ else
+ {
+ $result = $lang->get("page_err_{$result['error']}", array('action' => @$result['action']));
+ }
+
+ $template->header();
+ echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a></p>';
+ $template->footer();
+ break;
+ case 'catedit':
+ require_once(ENANO_ROOT.'/includes/pageutils.php');
+ if(isset($_POST['__enanoSaveButton']))
+ {
+ unset($_POST['__enanoSaveButton']);
+ $val = PageUtils::catsave($paths->page_id, $paths->namespace, $_POST);
+ if($val == 'GOOD')
+ {
+ header('Location: '.makeUrl($paths->page)); echo '<html><head><title>Redirecting...</title></head><body>If you haven\'t been redirected yet, <a href="'.makeUrl($paths->page).'">click here</a>.'; break;
+ } else {
+ die_friendly('Error saving category information', '<p>'.$val.'</p>');
+ }
+ }
+ elseif(isset($_POST['__enanoCatCancel']))
+ {
+ header('Location: '.makeUrl($paths->page)); echo '<html><head><title>Redirecting...</title></head><body>If you haven\'t been redirected yet, <a href="'.makeUrl($paths->page).'">click here</a>.'; break;
+ }
+ $template->header();
+ $c = PageUtils::catedit_raw($paths->page_id, $paths->namespace);
+ echo $c[1];
+ $template->footer();
+ break;
+ case 'moreoptions':
+ $template->header();
+ echo '<div class="menu_nojs" style="width: 150px; padding: 0;"><ul style="display: block;"><li><div class="label">' . $lang->get('ajax_lbl_moreoptions_nojs') . '</div><div style="clear: both;"></div></li>'.$template->toolbar_menu.'</ul></div>';
+ $template->footer();
+ break;
+ case 'protect':
+ if ( !$session->sid_super )
+ {
+ redirect(makeUrlNS('Special', "Login/{$paths->page}", 'target_do=protect&level=' . $session->user_level, false), $lang->get('etc_access_denied_short'), $lang->get('etc_access_denied_need_reauth'), 0);
+ }
+
+ if ( isset($_POST['level']) && isset($_POST['reason']) )
+ {
+ $level = intval($_POST['level']);
+ if ( !in_array($level, array(PROTECT_FULL, PROTECT_SEMI, PROTECT_NONE)) )
+ {
+ $errors[] = 'bad level';
+ }
+ $reason = trim($_POST['reason']);
+ if ( empty($reason) )
+ {
+ $errors[] = $lang->get('onpage_protect_err_need_reason');
+ }
+
+ $page = new PageProcessor($paths->page_id, $paths->namespace);
+ $result = $page->protect_page($level, $reason);
+ if ( $result['success'] )
+ {
+ redirect(makeUrl($paths->page), $lang->get('page_protect_lbl_success_title'), $lang->get('page_protect_lbl_success_body', array('page_link' => makeUrl($paths->page, false, true))), 3);
+ }
+ else
+ {
+ $errors[] = $lang->get('page_err_' . $result['error']);
+ }
+ }
+ $template->header();
+ ?>
+ <form action="<?php echo makeUrl($paths->page, 'do=protect'); ?>" method="post">
+ <h3><?php echo $lang->get('onpage_protect_heading'); ?></h3>
+ <p><?php echo $lang->get('onpage_protect_msg_select_level'); ?></p>
+
+ <?php
+ if ( !empty($errors) )
+ {
+ echo '<ul><li>' . implode('</li><li>', $errors) . '</li></ul>';
+ }
+ ?>
+
+ <div class="protectlevel" style="line-height: 22px; margin-left: 17px;">
+ <label>
+ <input type="radio" name="level" value="<?php echo PROTECT_FULL; ?>" />
+ <?php echo gen_sprite(cdnPath . '/images/protect-icons.png', 22, 22, 0, 0); ?>
+ <?php echo $lang->get('onpage_protect_btn_full'); ?>
+ </label>
+ </div>
+ <div class="protectlevel_hint" style="font-size: smaller; margin-left: 68px;">
+ <?php echo $lang->get('onpage_protect_btn_full_hint'); ?>
+ </div>
+
+ <div class="protectlevel" style="line-height: 22px; margin-left: 17px;">
+ <label>
+ <input type="radio" name="level" value="<?php echo PROTECT_SEMI; ?>" />
+ <?php echo gen_sprite(cdnPath . '/images/protect-icons.png', 22, 22, 22, 0); ?>
+ <?php echo $lang->get('onpage_protect_btn_semi'); ?>
+ </label>
+ </div>
+ <div class="protectlevel_hint" style="font-size: smaller; margin-left: 68px;">
+ <?php echo $lang->get('onpage_protect_btn_semi_hint'); ?>
+ </div>
+
+ <div class="protectlevel" style="line-height: 22px; margin-left: 17px;">
+ <label>
+ <input type="radio" name="level" value="<?php echo PROTECT_NONE; ?>" />
+ <?php echo gen_sprite(cdnPath . '/images/protect-icons.png', 22, 22, 44, 0); ?>
+ <?php echo $lang->get('onpage_protect_btn_none'); ?>
+ </label>
+ </div>
+ <div class="protectlevel_hint" style="font-size: smaller; margin-left: 68px;">
+ <?php echo $lang->get('onpage_protect_btn_none_hint'); ?>
+ </div>
+
+ <table style="margin-left: 1em;" cellspacing="10">
+ <tr>
+ <td valign="top">
+ <?php echo $lang->get('onpage_protect_lbl_reason'); ?>
+ </td>
+ <td>
+ <input type="text" name="reason" size="40" /><br />
+ <small><?php echo $lang->get('onpage_protect_lbl_reason_hint'); ?></small>
+ </td>
+ </tr>
+ </table>
+
+ <p>
+ <input type="submit" value="<?php echo htmlspecialchars($lang->get('page_protect_btn_submit')) ?>" style="font-weight: bold;" />
+ <a class="abutton" href="<?php echo makeUrl($paths->page, false, true); ?>"><?php echo $lang->get('etc_cancel'); ?></a>
+ </p>
+ </form>
+ <?php
+ $template->footer();
+ break;
+ case 'rename':
+ require_once(ENANO_ROOT.'/includes/pageutils.php');
+ if(!empty($_POST['newname']))
+ {
+ $r = PageUtils::rename($paths->page_id, $paths->namespace, $_POST['newname']);
+ die_friendly($lang->get('page_rename_success_title'), '<p>'.nl2br($r).' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>');
+ }
+ $template->header();
+ ?>
+ <form action="<?php echo makeUrl($paths->page, 'do=rename'); ?>" method="post">
+ <?php if(isset($_POST['newname'])) echo '<p style="color: red;">' . $lang->get('page_rename_err_need_name') . '</p>'; ?>
+ <p><?php echo $lang->get('page_rename_lbl'); ?></p>
+ <p><input type="text" name="newname" size="40" /></p>
+ <p><input type="submit" value="<?php echo htmlspecialchars($lang->get('page_rename_btn_submit')); ?>" style="font-weight: bold;" /></p>
+ </form>
+ <?php
+ $template->footer();
+ break;
+ case 'flushlogs':
+ if(!$session->get_permissions('clear_logs'))
+ {
+ die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>');
+ }
+ if ( !$session->sid_super )
+ {
+ redirect(makeUrlNS('Special', "Login/{$paths->page}", 'target_do=flushlogs&level=' . $session->user_level, false), $lang->get('etc_access_denied_short'), $lang->get('etc_access_denied_need_reauth'), 0);
+ }
+ require_once(ENANO_ROOT.'/includes/pageutils.php');
+ if(isset($_POST['_downthejohn']))
+ {
+ $template->header();
+ $result = PageUtils::flushlogs($paths->page_id, $paths->namespace);
+ echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>';
+ $template->footer();
+ break;
+ }
+ $template->header();
+ ?>
+ <form action="<?php echo makeUrl($paths->page, 'do=flushlogs'); ?>" method="post">
+ <?php echo $lang->get('page_flushlogs_warning_stern'); ?>
+ <p><input type="submit" name="_downthejohn" value="<?php echo htmlspecialchars($lang->get('page_flushlogs_btn_submit')); ?>" style="color: red; font-weight: bold;" /></p>
+ </form>
+ <?php
+ $template->footer();
+ break;
+ case 'delvote':
+ require_once(ENANO_ROOT.'/includes/pageutils.php');
+ if(isset($_POST['_ballotbox']))
+ {
+ $template->header();
+ $result = PageUtils::delvote($paths->page_id, $paths->namespace);
+ echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>';
+ $template->footer();
+ break;
+ }
+ $template->header();
+ ?>
+ <form action="<?php echo makeUrl($paths->page, 'do=delvote'); ?>" method="post">
+ <?php
+ echo $lang->get('page_delvote_warning_stern');
+ echo '<p>';
+ switch($paths->cpage['delvotes'])
+ {
+ case 0: echo $lang->get('page_delvote_count_zero'); break;
+ case 1: echo $lang->get('page_delvote_count_one'); break;
+ default: echo $lang->get('page_delvote_count_plural', array('delvotes' => $paths->cpage['delvotes'])); break;
+ }
+ echo '</p>';
+ ?>
+ <p><input type="submit" name="_ballotbox" value="<?php echo htmlspecialchars($lang->get('page_delvote_btn_submit')); ?>" /></p>
+ </form>
+ <?php
+ $template->footer();
+ break;
+ case 'resetvotes':
+ require_once(ENANO_ROOT.'/includes/pageutils.php');
+ if(!$session->get_permissions('vote_reset'))
+ {
+ die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>');
+ }
+ if(isset($_POST['_youmaylivealittlelonger']))
+ {
+ $template->header();
+ $result = PageUtils::resetdelvotes($paths->page_id, $paths->namespace);
+ echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>';
+ $template->footer();
+ break;
+ }
+ $template->header();
+ ?>
+ <form action="<?php echo makeUrl($paths->page, 'do=resetvotes'); ?>" method="post">
+ <p><?php echo $lang->get('ajax_delvote_reset_confirm'); ?></p>
+ <p><input type="submit" name="_youmaylivealittlelonger" value="<?php echo htmlspecialchars($lang->get('page_delvote_reset_btn_submit')); ?>" /></p>
+ </form>
+ <?php
+ $template->footer();
+ break;
+ case 'deletepage':
+ if ( !$session->get_permissions('delete_page') )
+ {
+ die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>');
+ }
+ if ( !$session->sid_super )
+ {
+ redirect(makeUrlNS('Special', "Login/{$paths->page}", 'target_do=deletepage&level=' . $session->user_level, false), $lang->get('etc_access_denied_short'), $lang->get('etc_access_denied_need_reauth'), 0);
+ }
+
+ require_once(ENANO_ROOT . '/includes/pageutils.php');
+ if ( isset($_POST['_adiossucker']) )
+ {
+ $reason = ( isset($_POST['reason']) ) ? $_POST['reason'] : false;
+ if ( empty($reason) )
+ $error = $lang->get('ajax_delete_prompt_reason');
+ else
+ {
+ $template->header();
+ $result = PageUtils::deletepage($paths->page_id, $paths->namespace, $reason);
+ echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>';
+ $template->footer();
+ break;
+ }
+ }
+ $template->header();
+ ?>
+ <form action="<?php echo makeUrl($paths->page, 'do=deletepage'); ?>" method="post">
+ <?php echo $lang->get('page_delete_warning_stern'); ?>
+ <?php if ( isset($error) ) echo "<p>$error</p>"; ?>
+ <p><?php echo $lang->get('page_delete_lbl_reason'); ?> <input type="text" name="reason" size="50" /></p>
+ <p><input type="submit" name="_adiossucker" value="<?php echo htmlspecialchars($lang->get('page_delete_btn_submit')); ?>" style="font-weight: bold;" /></p>
+ </form>
+ <?php
+ $template->footer();
+ break;
+ case 'setwikimode':
+ if(!$session->get_permissions('set_wiki_mode'))
+ {
+ die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>');
+ }
+ if ( isset($_POST['finish']) )
+ {
+ $level = intval($_POST['level']);
+ if ( !in_array($level, array(0, 1, 2) ) )
+ {
+ die_friendly('Invalid request', '<p>Level not specified</p>');
+ }
+ $q = $db->sql_query('UPDATE '.table_prefix.'pages SET wiki_mode=' . $level . ' WHERE urlname=\'' . $db->escape($paths->page_id) . '\' AND namespace=\'' . $paths->namespace . '\';');
+ if ( !$q )
+ $db->_die();
+ redirect(makeUrl($paths->page), htmlspecialchars($paths->cpage['name']), $lang->get('page_wikimode_success_redirect'), 2);
+ }
+ else
+ {
+ $template->header();
+ if(!isset($_GET['level']) || ( isset($_GET['level']) && !preg_match('#^([0-9])$#', $_GET['level']))) die_friendly('Invalid request', '<p>Level not specified</p>');
+ $level = intval($_GET['level']);
+ if ( !in_array($level, array(0, 1, 2) ) )
+ {
+ die_friendly('Invalid request', '<p>Level not specified</p>');
+ }
+ echo '<form action="' . makeUrl($paths->page, 'do=setwikimode', true) . '" method="post">';
+ echo '<input type="hidden" name="finish" value="foo" />';
+ echo '<input type="hidden" name="level" value="' . $level . '" />';
+ $level_txt = ( $level == 0 ) ? 'page_wikimode_level_off' : ( ( $level == 1 ) ? 'page_wikimode_level_on' : 'page_wikimode_level_global' );
+ $blurb = ( $level == 0 || ( $level == 2 && getConfig('wiki_mode') != '1' ) ) ? 'page_wikimode_blurb_disable' : 'page_wikimode_blurb_enable';
+ ?>
+ <h3><?php echo $lang->get('page_wikimode_heading'); ?></h3>
+ <p><?php echo $lang->get($level_txt) . ' ' . $lang->get($blurb); ?></p>
+ <p><?php echo $lang->get('page_wikimode_warning'); ?></p>
+ <p><input type="submit" value="<?php echo htmlspecialchars($lang->get('page_wikimode_btn_submit')); ?>" /></p>
+ <?php
+ echo '</form>';
+ $template->footer();
+ }
+ break;
+ case 'diff':
+ require_once(ENANO_ROOT.'/includes/pageutils.php');
+ require_once(ENANO_ROOT.'/includes/diff.php');
+ $template->header();
+ $id1 = ( isset($_GET['diff1']) ) ? (int)$_GET['diff1'] : false;
+ $id2 = ( isset($_GET['diff2']) ) ? (int)$_GET['diff2'] : false;
+ if ( !$id1 || !$id2 )
+ {
+ echo '<p>Invalid request.</p>';
+ $template->footer();
+ break;
+ }
+ if ( !ctype_digit($_GET['diff1']) || !ctype_digit($_GET['diff1']) )
+ {
+ echo '<p>SQL injection attempt</p>';
+ $template->footer();
+ break;
+ }
+ echo PageUtils::pagediff($paths->page_id, $paths->namespace, $id1, $id2);
+ $template->footer();
+ break;
+ case 'detag':
+ if ( $session->user_level < USER_LEVEL_ADMIN )
+ {
+ die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>');
+ }
+ if ( $paths->page_exists )
+ {
+ die_friendly($lang->get('etc_invalid_request_short'), '<p>' . $lang->get('page_detag_err_page_exists') . '</p>');
+ }
+ $q = $db->sql_query('DELETE FROM '.table_prefix.'tags WHERE page_id=\'' . $db->escape($paths->page_id) . '\' AND namespace=\'' . $paths->namespace . '\';');
+ if ( !$q )
+ $db->_die('Detag query, index.php:'.__LINE__);
+ die_friendly($lang->get('page_detag_success_title'), '<p>' . $lang->get('page_detag_success_body') . '</p>');
+ break;
+ case 'aclmanager':
+ if ( !$session->sid_super )
+ {
+ redirect(makeUrlNS('Special', "Login/{$paths->page}", 'target_do=aclmanager&level=' . $session->user_level, false), $lang->get('etc_access_denied_short'), $lang->get('etc_access_denied_need_reauth'), 0);
+ }
+
+ require_once(ENANO_ROOT.'/includes/pageutils.php');
+ $data = ( isset($_POST['data']) ) ? $_POST['data'] : Array('mode' => 'listgroups');
+ PageUtils::aclmanager($data);
+ break;
+ case 'sql_report':
+ $rev_id = ( (isset($_GET['oldid'])) ? intval($_GET['oldid']) : 0 );
+ $page = new PageProcessor( $paths->page_id, $paths->namespace, $rev_id );
+ $page->send_headers = true;
+ $pagepass = ( isset($_REQUEST['pagepass']) ) ? sha1($_REQUEST['pagepass']) : '';
+ $page->password = $pagepass;
+ $page->send(true);
+ ob_end_clean();
+ ob_start();
+ $db->sql_report();
+ break;
}
// Generate an ETag
/*
// format: first 10 digits of SHA1 of page name, user id in hex, user and auth levels, page timestamp in hex
$etag = substr(sha1($paths->namespace . ':' . $paths->page_id), 0, 10) . '-' .
- "u{$session->user_id}l{$session->user_level}a{$session->auth_level}-" .
- dechex($page_timestamp);
-
+ "u{$session->user_id}l{$session->user_level}a{$session->auth_level}-" .
+ dechex($page_timestamp);
+
if ( isset($_SERVER['HTTP_IF_NONE_MATCH']) )
{
- if ( "\"$etag\"" == $_SERVER['HTTP_IF_NONE_MATCH'] )
- {
- header('HTTP/1.1 304 Not Modified');
- exit();
- }
+ if ( "\"$etag\"" == $_SERVER['HTTP_IF_NONE_MATCH'] )
+ {
+ header('HTTP/1.1 304 Not Modified');
+ exit();
+ }
}
-
+
header("ETag: \"$etag\"");
*/
@@ -698,5 +698,5 @@
gzip_output();
@ob_end_flush();
-
+
?>