# HG changeset patch # User Dan # Date 1182893298 14400 # Node ID 663fcf5287266b13d61f55b913c5f351135dd665 # Parent 40105681f4958158ab5803a14d9ad2db8a403f3b Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs diff -r 40105681f495 -r 663fcf528726 TODO --- a/TODO Sat Jun 23 19:27:41 2007 -0400 +++ b/TODO Tue Jun 26 17:28:18 2007 -0400 @@ -28,6 +28,7 @@ [x] Trigger form submit on press of enter in Dynano login form [ ] Rewrite the change theme dialog - it's archaic code that hasn't changed since beta 1! [ ] This should be the next-to-last step in phasing out the JWS code, which should be removed in the first 1.1 alpha +[ ] Get the new page ID cleaner code working 100% perfectly - this is the core of Enano and should be completely bug free Enano Clurichaun - TODO diff -r 40105681f495 -r 663fcf528726 ajax.php --- a/ajax.php Sat Jun 23 19:27:41 2007 -0400 +++ b/ajax.php Tue Jun 26 17:28:18 2007 -0400 @@ -1,7 +1,7 @@ page, false, ( (isset($_GET['oldid'])) ? $_GET['oldid'] : false )); - $page = new PageProcessor( $paths->cpage['urlname_nons'], $paths->namespace ); + $revision_id = ( (isset($_GET['oldid'])) ? intval($_GET['oldid']) : 0 ); + $page = new PageProcessor( $paths->cpage['urlname_nons'], $paths->namespace, $revision_id ); $page->send(); break; case "savepage": @@ -54,36 +55,6 @@ case "rollback": echo PageUtils::rollback( (int)$_GET['id'] ); break; - - /* - * This is old code and should not be used. It's badly broken and a perfect example of bad database organization. - - case "addcomment": - $cc = ( isset($_POST['captcha_code']) ) ? $_POST['captcha_code'] : false; - $ci = ( isset($_POST['captcha_id'] ) ) ? $_POST['captcha_id'] : false; - if(!isset($_POST['text']) || - !isset($_POST['subj']) || - !isset($_POST['name'])) die('alert(\'Error in POST DATA string, aborting\');'); - if($_POST['text']=='' || - $_POST['name']=='' || - $_POST['subj']=='') die('alert(\'One or more POST DATA fields was empty, aborting post submission\')'); - echo PageUtils::addcomment($paths->cpage['urlname_nons'], $paths->namespace, $_POST['name'], $_POST['subj'], $_POST['text'], $cc, $ci); - break; - case "comments": - echo PageUtils::comments($paths->cpage['urlname_nons'], $paths->namespace, ( isset($_GET['action']) ? $_GET['action'] : false ), Array( - 'name' => ( isset($_POST['name']) ) ? $_POST['name'] : '', - 'subj' => ( isset($_POST['subj']) ) ? $_POST['subj'] : '', - 'text' => ( isset($_POST['text']) ) ? $_POST['text'] : '' - )); - break; - case "savecomment": - echo PageUtils::savecomment($paths->cpage['urlname_nons'], $paths->namespace, $_POST['s'], $_POST['t'], $_POST['os'], $_POST['ot'], $_POST['id']); - break; - case "deletecomment": - echo PageUtils::deletecomment($paths->cpage['urlname_nons'], $paths->namespace, $_POST['name'], $_POST['subj'], $_POST['text'], $_GET['id']); - break; - */ - case "comments": $comments = new Comments($paths->cpage['urlname_nons'], $paths->namespace); if ( isset($_POST['data']) ) diff -r 40105681f495 -r 663fcf528726 includes/captcha.php --- a/includes/captcha.php Sat Jun 23 19:27:41 2007 -0400 +++ b/includes/captcha.php Tue Jun 26 17:28:18 2007 -0400 @@ -1,7 +1,7 @@ ]*)]*?)-->/i', '', $html); + return $html; } @@ -1850,7 +1853,7 @@ // Remove character escapes $page_id = dirtify_page_id($page_id); - $pid_clean = preg_replace('/[\w\/:;\(\)@\[\]_-]/', 'X', $page_id); + $pid_clean = preg_replace('/[\w\.\/:;\(\)@\[\]_-]/', 'X', $page_id); $pid_dirty = enano_str_split($pid_clean, 1); foreach ( $pid_dirty as $id => $char ) @@ -1878,12 +1881,12 @@ $page_id_cleaned .= $pid_dirty[$id]; } - global $mime_types; + // global $mime_types; - $exts = array_keys($mime_types); - $exts = '(' . implode('|', $exts) . ')'; + // $exts = array_keys($mime_types); + // $exts = '(' . implode('|', $exts) . ')'; - $page_id_cleaned = preg_replace('/\.2e' . $exts . '$/', '.\\1', $page_id_cleaned); + // $page_id_cleaned = preg_replace('/\.2e' . $exts . '$/', '.\\1', $page_id_cleaned); return $page_id_cleaned; } diff -r 40105681f495 -r 663fcf528726 includes/graphs.php --- a/includes/graphs.php Sat Jun 23 19:27:41 2007 -0400 +++ b/includes/graphs.php Tue Jun 26 17:28:18 2007 -0400 @@ -2,7 +2,7 @@ /* * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between - * Version 1.0 release candidate 3 (Druid) + * Version 1.0 (Banshee) * Copyright (C) 2006-2007 Dan Fuhry * * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License diff -r 40105681f495 -r 663fcf528726 includes/js-compressor.php --- a/includes/js-compressor.php Sat Jun 23 19:27:41 2007 -0400 +++ b/includes/js-compressor.php Tue Jun 26 17:28:18 2007 -0400 @@ -2,7 +2,7 @@ /* * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between - * Version 1.0 release candidate 3 (Druid) + * Version 1.0 (Banshee) * Copyright (C) 2006-2007 Dan Fuhry * Javascript compression library - used to compact the client-side Javascript code (all 72KB of it!) to save some bandwidth * diff -r 40105681f495 -r 663fcf528726 includes/pageprocess.php --- a/includes/pageprocess.php Sat Jun 23 19:27:41 2007 -0400 +++ b/includes/pageprocess.php Tue Jun 26 17:28:18 2007 -0400 @@ -1,7 +1,7 @@ true, + 'enable' => false, 'works' => false ); @@ -87,9 +94,10 @@ * Constructor. * @param string The page ID (urlname) of the page * @param string The namespace of the page + * @param int Optional. The revision ID to send. */ - function __construct( $page_id, $namespace ) + function __construct( $page_id, $namespace, $revision_id = 0 ) { global $db, $session, $paths, $template, $plugins; // Common objects @@ -107,7 +115,10 @@ $this->send_error('The namespace "' . htmlspecialchars($namespace) . '" does not exist.'); } - $this->_setup( $page_id, $namespace ); + if ( !is_int($revision_id) ) + $revision_id = 0; + + $this->_setup( $page_id, $namespace, $revision_id ); } @@ -195,6 +206,9 @@ else // (disabled for compatibility reasons) if ( in_array($this->namespace, array('Article', 'User', 'Project', 'Help', 'File', 'Category')) && $this->page_exists ) { // Send as regular page + + // die($this->page_id); + $text = $this->fetch_text(); if ( $text == 'err_no_text_rows' ) { @@ -213,7 +227,7 @@ * @access private */ - function _setup($page_id, $namespace) + function _setup($page_id, $namespace, $revision_id) { global $db, $session, $paths, $template, $plugins; // Common objects @@ -221,6 +235,7 @@ $this->page_id = $page_id_cleaned; $this->namespace = $namespace; + $this->revision_id = $revision_id; $this->page_id_unclean = dirtify_page_id($page_id); $this->perms = $session->fetch_page_acl( $page_id, $namespace ); @@ -244,6 +259,27 @@ { $this->page_exists = true; } + + // Compatibility with older databases + if ( strstr($this->page_id, '.2e') && !$this->page_exists ) + { + $page_id = str_replace('.2e', '.', $page_id); + + if ( $paths->cpage['urlname_nons'] == $page_id && $paths->namespace == $namespace && !$paths->page_exists && ( $this->namespace != 'Admin' || ($this->namespace == 'Admin' && !function_exists($fname) ) ) ) + { + $this->page_exists = false; + } + else if ( !isset( $paths->pages[ $paths->nslist[$namespace] . $page_id ] ) && ( $this->namespace == 'Admin' && !function_exists($fname) ) ) + { + $this->page_exists = false; + } + else + { + $this->page_exists = true; + } + + } + } /** @@ -256,19 +292,24 @@ $text = $this->fetch_text(); $this->header(); - if ( $this->send_headers ) + // if ( $this->send_headers ) + // { + display_page_headers(); + // } + + if ( $this->revision_id ) { - display_page_headers(); + echo '
Notice:
The page you are viewing was archived on '.date('F d, Y \a\t h:i a', $this->revision_id).'.
View current version | Restore this version

'; } $text = '?>' . RenderMan::render($text); // echo('
'.htmlspecialchars($text).'
'); eval ( $text ); - if ( $this->send_headers ) - { + // if ( $this->send_headers ) + // { display_page_footers(); - } + // } $this->footer(); } @@ -309,19 +350,83 @@ return $this->text_cache; } - $q = $db->sql_query('SELECT page_text, char_tag FROM '.table_prefix.'page_text WHERE page_id=\'' . $this->page_id . '\' AND namespace=\'' . $this->namespace . '\';'); - if ( !$q ) - { - $this->send_error('Error during SQL query.', true); - } - if ( $db->numrows() < 1 ) + if ( $this->revision_id > 0 && is_int($this->revision_id) ) { - $this->page_exists = false; - return 'err_no_text_rows'; + + $q = $db->sql_query('SELECT page_text, char_tag, date_string FROM '.table_prefix.'logs WHERE page_id=\'' . $this->page_id . '\' AND namespace=\'' . $this->namespace . '\' AND time_id=' . $this->revision_id . ';'); + if ( !$q ) + { + $this->send_error('Error during SQL query.', true); + } + if ( $db->numrows() < 1 ) + { + // Compatibility fix for old pages with dots in the page ID + if ( strstr($this->page_id, '.2e') ) + { + $db->free_result(); + $page_id = str_replace('.2e', '.', $this->page_id); + $q = $db->sql_query('SELECT page_text, char_tag, date_string FROM '.table_prefix.'logs WHERE page_id=\'' . $page_id . '\' AND namespace=\'' . $this->namespace . '\' AND time_id=' . $this->revision_id . ';'); + if ( !$q ) + { + $this->send_error('Error during SQL query.', true); + } + if ( $db->numrows() < 1 ) + { + $this->page_exists = false; + return 'err_no_text_rows'; + } + } + else + { + $this->page_exists = false; + return 'err_no_text_rows'; + } + } + else + { + $row = $db->fetchrow(); + } + + $db->free_result(); + } - - $row = $db->fetchrow(); - $db->free_result(); + else + { + + $q = $db->sql_query('SELECT page_text, char_tag FROM '.table_prefix.'page_text WHERE page_id=\'' . $this->page_id . '\' AND namespace=\'' . $this->namespace . '\';'); + if ( !$q ) + { + $this->send_error('Error during SQL query.', true); + } + if ( $db->numrows() < 1 ) + { + // Compatibility fix for old pages with dots in the page ID + if ( strstr($this->page_id, '.2e') ) + { + $db->free_result(); + $page_id = str_replace('.2e', '.', $this->page_id); + $q = $db->sql_query('SELECT page_text, char_tag FROM '.table_prefix.'page_text WHERE page_id=\'' . $page_id . '\' AND namespace=\'' . $this->namespace . '\';'); + if ( !$q ) + { + $this->send_error('Error during SQL query.', true); + } + if ( $db->numrows() < 1 ) + { + $this->page_exists = false; + return 'err_no_text_rows'; + } + } + else + { + $this->page_exists = false; + return 'err_no_text_rows'; + } + } + + $row = $db->fetchrow(); + $db->free_result(); + + } if ( !empty($row['char_tag']) ) { @@ -380,12 +485,11 @@ $this->header(); - if ( $send_headers ) - { + // if ( $send_headers ) + // { display_page_headers(); - } + // } - /* // Start left sidebar: basic user info, latest comments echo ''; @@ -400,7 +504,6 @@ '; echo '
'; - */ // User's own content @@ -416,8 +519,6 @@ $this->err_page_not_existent(); } - /* - // Right sidebar echo ''; @@ -432,12 +533,10 @@ echo '
'; - if ( $send_headers ) - { + // if ( $send_headers ) + // { display_page_footers(); - } - - */ + // } $this->send_headers = $send_headers; unset($send_headers); @@ -543,13 +642,13 @@ * @see PageProcessor::__construct() */ - function PageProcessor( $page_id, $namespace ) + function PageProcessor( $page_id, $namespace, $revision_id = 0 ) { - $this->__construct($page_id, $namespace); + $this->__construct($page_id, $namespace, $revision_id); } /** - * Send an error message and die + * Send an error message and die. For debugging or critical technical errors only - nothing that would under normal circumstances be shown to the user. * @var string Error message * @var bool If true, send DBAL's debugging information as well */ diff -r 40105681f495 -r 663fcf528726 includes/pageutils.php --- a/includes/pageutils.php Sat Jun 23 19:27:41 2007 -0400 +++ b/includes/pageutils.php Tue Jun 26 17:28:18 2007 -0400 @@ -1,7 +1,7 @@ page_exists = true; } $prot = ( ( $paths->pages[$pname]['protected'] == 2 && $session->user_logged_in && $session->reg_time + 60*60*24*4 < time() ) || $paths->pages[$pname]['protected'] == 1) ? true : false; $wiki = ( ( $paths->pages[$pname]['wiki_mode'] == 2 && getConfig('wiki_mode') == '1') || $paths->pages[$pname]['wiki_mode'] == 1) ? true : false; if(($prot || !$wiki) && $session->user_level < USER_LEVEL_ADMIN ) return('You are not authorized to edit this page.'); - // Strip potentially harmful tags and PHP from the message, if we are in wiki mode and the user is not an administrator + // Strip potentially harmful tags and PHP from the message, dependent upon permissions settings $message = RenderMan::preprocess_text($message, false, false); - $msg=$db->escape($message); + $msg = $db->escape($message); $minor = $minor ? 'true' : 'false'; $q='INSERT INTO '.table_prefix.'logs(log_type,action,time_id,date_string,page_id,namespace,page_text,char_tag,author,edit_summary,minor_edit) VALUES(\'page\', \'edit\', '.time().', \''.date('d M Y h:i a').'\', \''.$paths->cpage['urlname_nons'].'\', \''.$paths->namespace.'\', \''.$msg.'\', \''.$uid.'\', \''.$session->username.'\', \''.$db->escape(htmlspecialchars($summary)).'\', '.$minor.');'; @@ -389,9 +390,10 @@ return false; // Not authorized to create system messages } + $page_id = dirtify_page_id($page_id); + if ( !$name ) $name = str_replace('_', ' ', $page_id); - $page = str_replace(' ', '_', $page_id); $regex = '#^([A-z0-9 _\-\.\/\!\@\(\)]*)$#is'; if(!preg_match($regex, $page)) { @@ -399,18 +401,24 @@ return false; // Name contains invalid characters } + $page_id = sanitize_page_id( $page_id ); + $prot = ( $namespace == 'System' ) ? 1 : 0; - $paths->add_page(Array( + $page_data = Array( 'name'=>$name, - 'urlname'=>$page, + 'urlname'=>$page_id, 'namespace'=>$namespace, 'special'=>0,'visible'=>1,'comments_on'=>0,'protected'=>$prot,'delvotes'=>0,'delvote_ips'=>'','wiki_mode'=>2, - )); + ); + + // die('PageUtils::createpage: Creating page with this data:
' . print_r($page_data, true) . '
'); - $qa = $db->sql_query('INSERT INTO '.table_prefix.'pages(name,urlname,namespace,visible,protected) VALUES(\''.$db->escape($name).'\', \''.$db->escape($page).'\', \''.$namespace.'\', '. ( $visible ? '1' : '0' ) .', '.$prot.');'); - $qb = $db->sql_query('INSERT INTO '.table_prefix.'page_text(page_id,namespace) VALUES(\''.$db->escape($page).'\', \''.$namespace.'\');'); - $qc = $db->sql_query('INSERT INTO '.table_prefix.'logs(time_id,date_string,log_type,action,author,page_id,namespace) VALUES('.time().', \''.date('d M Y h:i a').'\', \'page\', \'create\', \''.$session->username.'\', \''.$db->escape($page).'\', \''.$namespace.'\');'); + $paths->add_page($page_data); + + $qa = $db->sql_query('INSERT INTO '.table_prefix.'pages(name,urlname,namespace,visible,protected) VALUES(\''.$db->escape($name).'\', \''.$db->escape($page_id).'\', \''.$namespace.'\', '. ( $visible ? '1' : '0' ) .', '.$prot.');'); + $qb = $db->sql_query('INSERT INTO '.table_prefix.'page_text(page_id,namespace) VALUES(\''.$db->escape($page_id).'\', \''.$namespace.'\');'); + $qc = $db->sql_query('INSERT INTO '.table_prefix.'logs(time_id,date_string,log_type,action,author,page_id,namespace) VALUES('.time().', \''.date('d M Y h:i a').'\', \'page\', \'create\', \''.$session->username.'\', \''.$db->escape($page_id).'\', \''.$namespace.'\');'); if($qa && $qb && $qc) return true; diff -r 40105681f495 -r 663fcf528726 includes/paths.php --- a/includes/paths.php Sat Jun 23 19:27:41 2007 -0400 +++ b/includes/paths.php Tue Jun 26 17:28:18 2007 -0400 @@ -2,7 +2,7 @@ /** * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between - * Version 1.0 release candidate 3 (Druid) + * Version 1.0 (Banshee) * Copyright (C) 2006-2007 Dan Fuhry * paths.php - The part of Enano that actually manages content. Everything related to page handling and namespaces is in here. * diff -r 40105681f495 -r 663fcf528726 includes/plugins.php --- a/includes/plugins.php Sat Jun 23 19:27:41 2007 -0400 +++ b/includes/plugins.php Tue Jun 26 17:28:18 2007 -0400 @@ -2,7 +2,7 @@ /* * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between - * Version 1.0 release candidate 3 (Druid) + * Version 1.0 (Banshee) * Copyright (C) 2006-2007 Dan Fuhry * * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License diff -r 40105681f495 -r 663fcf528726 includes/render.php --- a/includes/render.php Sat Jun 23 19:27:41 2007 -0400 +++ b/includes/render.php Tue Jun 26 17:28:18 2007 -0400 @@ -1,7 +1,7 @@ $text"; + $output .= " rel=".'"'."nofollow".'"'.">$text"; // make numbered references look like footnotes when no // CSS class specified, make them superscript by default diff -r 40105681f495 -r 663fcf528726 includes/wikiengine/Render/Xhtml/Wikilink.php --- a/includes/wikiengine/Render/Xhtml/Wikilink.php Sat Jun 23 19:27:41 2007 -0400 +++ b/includes/wikiengine/Render/Xhtml/Wikilink.php Tue Jun 26 17:28:18 2007 -0400 @@ -57,8 +57,14 @@ function token($options) { global $session; - if($session->sid_super) $as = htmlspecialchars(urlSeparator).'auth='.$session->sid_super; - else $as = ''; + if ( $session->sid_super ) + { + $as = htmlspecialchars(urlSeparator) . 'auth='.$session->sid_super; + } + else + { + $as = ''; + } // make nice variable names (page, anchor, text) extract($options); @@ -71,6 +77,8 @@ } else { $callback = false; } + + $page = sanitize_page_id( $page ); if ($callback) { // use the callback function @@ -92,7 +100,7 @@ //$page = $this->urlEncode($page); $anchor = $this->urlEncode($anchor); $text = $this->textEncode($text); - + // does the page exist? if ($exists) { diff -r 40105681f495 -r 663fcf528726 includes/wikiengine/Tables.php --- a/includes/wikiengine/Tables.php Sat Jun 23 19:27:41 2007 -0400 +++ b/includes/wikiengine/Tables.php Tue Jun 26 17:28:18 2007 -0400 @@ -2,7 +2,7 @@ /** * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between - * Version 1.0 release candidate 3 (Druid) + * Version 1.0 (Banshee) * Copyright (C) 2006-2007 Dan Fuhry * * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License diff -r 40105681f495 -r 663fcf528726 index.php --- a/index.php Sat Jun 23 19:27:41 2007 -0400 +++ b/index.php Tue Jun 26 17:28:18 2007 -0400 @@ -1,7 +1,7 @@ page, true, ( (isset($_GET['oldid'])) ? $_GET['oldid'] : false )); - $page = new PageProcessor( $paths->cpage['urlname_nons'], $paths->namespace ); + $rev_id = ( (isset($_GET['oldid'])) ? intval($_GET['oldid']) : 0 ); + $page = new PageProcessor( $paths->cpage['urlname_nons'], $paths->namespace, $rev_id ); $page->send_headers = true; $page->send(); break; diff -r 40105681f495 -r 663fcf528726 install.php --- a/install.php Sat Jun 23 19:27:41 2007 -0400 +++ b/install.php Tue Jun 26 17:28:18 2007 -0400 @@ -1,7 +1,7 @@ load_theme('stpatty', 'shamrock', false); +$template->load_theme('oxygen', 'bleu', false); $modestrings = Array( 'welcome' => 'Welcome', @@ -313,8 +312,8 @@
[ Enano CMS Project logo ]

Welcome to Enano

-

version 1.0rc3 – security release
- also affectionately known as "druid" :)

+

version 1.0 – stable
+ also affectionately known as "banshee" :)

Array('1.0b2'), '1.0b2' => Array('1.0b3'), '1.0b3' => Array('1.0b4'), '1.0b4' => Array('1.0RC1'), - '1.0RC1' => Array('1.0RC2') + '1.0RC1' => Array('1.0RC2'), + '1.0RC2' => Array('1.0RC3') ); -$this_version = '1.0RC3'; +$this_version = '1.0'; $func_list = Array( '1.0b4' => Array('u_1_0_RC1_update_user_ids', 'u_1_0_RC1_add_admins_to_group', 'u_1_0_RC1_alter_files_table', 'u_1_0_RC1_destroy_session_cookie', 'u_1_0_RC1_set_contact_email', 'u_1_0_RC1_update_page_text') // , // '1.0RC2' => Array('u_1_0_populate_userpage_comments') @@ -339,6 +351,10 @@ function u_1_0_populate_userpage_comments() { + // + // UNFINISHED... + // + /* global $db; $q = $db->sql_query('SELECT COUNT(c.comment_id) AS num_comments...'); @@ -476,7 +492,9 @@

Your version of Enano () can't be upgraded to this version ().

header(); echo "
"; @@ -494,7 +512,9 @@ `; break; - } else { + } + else + { header('Location: upgrade.php?mode=confirm&auth='.$session->sid_super); } break; diff -r 40105681f495 -r 663fcf528726 upgrade.sql --- a/upgrade.sql Sat Jun 23 19:27:41 2007 -0400 +++ b/upgrade.sql Tue Jun 26 17:28:18 2007 -0400 @@ -3,7 +3,11 @@ -- ALL NON-SQL LINES, even otherwise blank lines, must start with "--" or they will get sent to MySQL! -- Common tasks (version numbers) DELETE FROM {{TABLE_PREFIX}}config WHERE config_name='enano_version' OR config_name='enano_beta_version' OR config_name='enano_alpha_version' OR config_name='enano_rc_version'; -INSERT INTO {{TABLE_PREFIX}}config (config_name, config_value) VALUES( 'enano_version', '1.0' ),( 'enano_rc_version', '3' ); +INSERT INTO {{TABLE_PREFIX}}config (config_name, config_value) VALUES( 'enano_version', '1.0' ); +---BEGIN 1.0RC3--- +-- Placeholder (all versions need to have at least one query performed) +UPDATE {{TABLE_PREFIX}}config SET config_value='' WHERE config_name=' '; +---END 1.0RC3--- ---BEGIN 1.0RC2--- -- Add the "Moderators" group UPDATE {{TABLE_PREFIX}}groups SET group_id=9999 WHERE group_id=3;