author | Dan |
Thu, 17 Jan 2008 23:31:35 -0500 | |
changeset 353 | 2398420f48e7 |
parent 337 | 491518997ae5 |
child 372 | 5bd429428101 |
permissions | -rw-r--r-- |
0 | 1 |
<?php |
73
0a74676a2f2f
Made the move to Loch Ness, and got some basic page grouping functionality working. TODO: fix some UI issues in Javascript ACL editor and change non-JS ACL editor to work with page groups too
Dan
parents:
70
diff
changeset
|
2 |
|
166
d53cc29308f4
Rebrand as 1.1.1; everything should now be bumped to "unstable" status
Dan
parents:
160
diff
changeset
|
3 |
/* |
0 | 4 |
* Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between |
266 | 5 |
* Version 1.1.1 |
0 | 6 |
* Copyright (C) 2006-2007 Dan Fuhry |
7 |
* |
|
8 |
* This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License |
|
9 |
* as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. |
|
10 |
* |
|
11 |
* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied |
|
12 |
* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details. |
|
13 |
* |
|
246
c9fd175289aa
Cleaned up some HTML in the installer; corrected some phpDoc syntax errors
Dan
parents:
183
diff
changeset
|
14 |
* @package Enano |
c9fd175289aa
Cleaned up some HTML in the installer; corrected some phpDoc syntax errors
Dan
parents:
183
diff
changeset
|
15 |
* @subpackage Frontend |
c9fd175289aa
Cleaned up some HTML in the installer; corrected some phpDoc syntax errors
Dan
parents:
183
diff
changeset
|
16 |
* |
0 | 17 |
*/ |
246
c9fd175289aa
Cleaned up some HTML in the installer; corrected some phpDoc syntax errors
Dan
parents:
183
diff
changeset
|
18 |
|
311
a007145a0ff6
Deprecated debugConsole and removed all calls to it. Added a lot of comments to common.php. Added support for "anonymous pages" that are created when the Enano API is loaded from an external script. Fixed missing border-bottom on Type 2 sidebar blocks in Oxygen.
Dan
parents:
307
diff
changeset
|
19 |
define('ENANO_INTERFACE_INDEX', ''); |
a007145a0ff6
Deprecated debugConsole and removed all calls to it. Added a lot of comments to common.php. Added support for "anonymous pages" that are created when the Enano API is loaded from an external script. Fixed missing border-bottom on Type 2 sidebar blocks in Oxygen.
Dan
parents:
307
diff
changeset
|
20 |
|
81
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
parents:
80
diff
changeset
|
21 |
// Set up gzip encoding before any output is sent |
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
22 |
|
334
c72b545f1304
More localization work. Resolved major issue with JSON parser not parsing files over ~50KB. Switched JSON parser to the one from the Zend Framework (BSD licensed). Forced to split enano.json into five different files.
Dan
parents:
326
diff
changeset
|
23 |
$aggressive_optimize_html = true; |
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
24 |
|
0 | 25 |
global $do_gzip; |
334
c72b545f1304
More localization work. Resolved major issue with JSON parser not parsing files over ~50KB. Switched JSON parser to the one from the Zend Framework (BSD licensed). Forced to split enano.json into five different files.
Dan
parents:
326
diff
changeset
|
26 |
$do_gzip = true; |
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
27 |
|
0 | 28 |
if(isset($_SERVER['PATH_INFO'])) $v = $_SERVER['PATH_INFO']; |
29 |
elseif(isset($_GET['title'])) $v = $_GET['title']; |
|
30 |
else $v = ''; |
|
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
31 |
|
80
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents:
73
diff
changeset
|
32 |
if ( isset($_GET['nocompress']) ) |
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents:
73
diff
changeset
|
33 |
$aggressive_optimize_html = false; |
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents:
73
diff
changeset
|
34 |
|
0 | 35 |
error_reporting(E_ALL); |
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
36 |
|
0 | 37 |
// if(!strstr($v, 'CSS') && !strstr($v, 'UploadFile') && !strstr($v, 'DownloadFile')) // These pages are blacklisted because we can't have debugConsole's HTML output disrupting the flow of header() calls and whatnot |
38 |
// { |
|
39 |
// $do_gzip = ( function_exists('gzcompress') && ( isset($_SERVER['HTTP_ACCEPT_ENCODING']) && strstr($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') ) ) ? true : false; |
|
40 |
// // Uncomment the following line to enable debugConsole (requires PHP 5 or later) |
|
41 |
// // define('ENANO_DEBUG', ''); |
|
42 |
// } |
|
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
43 |
|
0 | 44 |
if(defined('ENANO_DEBUG')) $do_gzip = false; |
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
45 |
|
0 | 46 |
if($aggressive_optimize_html || $do_gzip) |
47 |
{ |
|
48 |
ob_start(); |
|
49 |
} |
|
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
50 |
|
0 | 51 |
require('includes/common.php'); |
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
52 |
|
0 | 53 |
global $db, $session, $paths, $template, $plugins; // Common objects |
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
54 |
|
307 | 55 |
if ( !isset($_GET['do']) ) |
56 |
{ |
|
57 |
$_GET['do'] = 'view'; |
|
58 |
} |
|
0 | 59 |
switch($_GET['do']) |
60 |
{ |
|
61 |
default: |
|
285
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
parents:
256
diff
changeset
|
62 |
die_friendly('Invalid action', '<p>The action "'.htmlspecialchars($_GET['do']).'" is not defined. Return to <a href="'.makeUrl($paths->page).'">viewing this page\'s text</a>.</p>'); |
0 | 63 |
break; |
64 |
case 'view': |
|
65 |
// echo PageUtils::getpage($paths->page, true, ( (isset($_GET['oldid'])) ? $_GET['oldid'] : false )); |
|
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
66 |
$rev_id = ( (isset($_GET['oldid'])) ? intval($_GET['oldid']) : 0 ); |
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
67 |
$page = new PageProcessor( $paths->page_id, $paths->namespace, $rev_id ); |
0 | 68 |
$page->send_headers = true; |
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
28
diff
changeset
|
69 |
$pagepass = ( isset($_REQUEST['pagepass']) ) ? sha1($_REQUEST['pagepass']) : ''; |
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
28
diff
changeset
|
70 |
$page->password = $pagepass; |
61 | 71 |
$page->send(true); |
0 | 72 |
break; |
73 |
case 'comments': |
|
74 |
$template->header(); |
|
75 |
$sub = ( isset ($_GET['sub']) ) ? $_GET['sub'] : false; |
|
76 |
switch($sub) |
|
77 |
{ |
|
78 |
case 'admin': |
|
79 |
default: |
|
80 |
$act = ( isset ($_GET['action']) ) ? $_GET['action'] : false; |
|
81 |
$id = ( isset ($_GET['id']) ) ? intval($_GET['id']) : -1; |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
82 |
echo PageUtils::comments_html($paths->page_id, $paths->namespace, $act, Array('id'=>$id)); |
0 | 83 |
break; |
84 |
case 'postcomment': |
|
85 |
if(empty($_POST['name']) || |
|
86 |
empty($_POST['subj']) || |
|
87 |
empty($_POST['text']) |
|
88 |
) { echo 'Invalid request'; break; } |
|
89 |
$cid = ( isset($_POST['captcha_id']) ) ? $_POST['captcha_id'] : false; |
|
90 |
$cin = ( isset($_POST['captcha_input']) ) ? $_POST['captcha_input'] : false; |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
91 |
PageUtils::addcomment($paths->page_id, $paths->namespace, $_POST['name'], $_POST['subj'], $_POST['text'], $cin, $cid); // All filtering, etc. is handled inside this method |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
92 |
echo PageUtils::comments_html($paths->page_id, $paths->namespace); |
0 | 93 |
break; |
94 |
case 'editcomment': |
|
95 |
if(!isset($_GET['id']) || ( isset($_GET['id']) && !preg_match('#^([0-9]+)$#', $_GET['id']) )) { echo '<p>Invalid comment ID</p>'; break; } |
|
96 |
$q = $db->sql_query('SELECT subject,comment_data,comment_id FROM '.table_prefix.'comments WHERE comment_id='.$_GET['id']); |
|
97 |
if(!$q) $db->_die('The comment data could not be selected.'); |
|
98 |
$row = $db->fetchrow(); |
|
99 |
$db->free_result(); |
|
213
1316404e4ea8
Localized history page and static HTML comment interface
Dan
parents:
187
diff
changeset
|
100 |
$row['subject'] = str_replace('\'', ''', $row['subject']); |
0 | 101 |
echo '<form action="'.makeUrl($paths->page, 'do=comments&sub=savecomment').'" method="post">'; |
102 |
echo "<br /><div class='tblholder'><table border='0' width='100%' cellspacing='1' cellpadding='4'> |
|
213
1316404e4ea8
Localized history page and static HTML comment interface
Dan
parents:
187
diff
changeset
|
103 |
<tr><td class='row1'>" . $lang->get('comment_postform_field_subject') . "</td><td class='row1'><input type='text' name='subj' value='{$row['subject']}' /></td></tr> |
1316404e4ea8
Localized history page and static HTML comment interface
Dan
parents:
187
diff
changeset
|
104 |
<tr><td class='row2'>" . $lang->get('comment_postform_field_comment') . "</td><td class='row2'><textarea rows='10' cols='40' style='width: 98%;' name='text'>{$row['comment_data']}</textarea></td></tr> |
1316404e4ea8
Localized history page and static HTML comment interface
Dan
parents:
187
diff
changeset
|
105 |
<tr><td class='row1' colspan='2' class='row1' style='text-align: center;'><input type='hidden' name='id' value='{$row['comment_id']}' /><input type='submit' value='" . $lang->get('etc_save_changes') . "' /></td></tr> |
0 | 106 |
</table></div>"; |
107 |
echo '</form>'; |
|
108 |
break; |
|
109 |
case 'savecomment': |
|
110 |
if(empty($_POST['subj']) || empty($_POST['text'])) { echo '<p>Invalid request</p>'; break; } |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
111 |
$r = PageUtils::savecomment_neater($paths->page_id, $paths->namespace, $_POST['subj'], $_POST['text'], (int)$_POST['id']); |
0 | 112 |
if($r != 'good') { echo "<pre>$r</pre>"; break; } |
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
113 |
echo PageUtils::comments_html($paths->page_id, $paths->namespace); |
0 | 114 |
break; |
115 |
case 'deletecomment': |
|
116 |
if(!empty($_GET['id'])) |
|
117 |
{ |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
118 |
PageUtils::deletecomment_neater($paths->page_id, $paths->namespace, (int)$_GET['id']); |
0 | 119 |
} |
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
120 |
echo PageUtils::comments_html($paths->page_id, $paths->namespace); |
0 | 121 |
break; |
122 |
} |
|
123 |
$template->footer(); |
|
124 |
break; |
|
125 |
case 'edit': |
|
285
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
parents:
256
diff
changeset
|
126 |
if(isset($_POST['_cancel'])) |
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
parents:
256
diff
changeset
|
127 |
{ |
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
parents:
256
diff
changeset
|
128 |
redirect(makeUrl($paths->page), '', '', 0); |
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
parents:
256
diff
changeset
|
129 |
break; |
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
parents:
256
diff
changeset
|
130 |
} |
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
parents:
256
diff
changeset
|
131 |
if(isset($_POST['_save'])) |
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
parents:
256
diff
changeset
|
132 |
{ |
337
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
133 |
$captcha_valid = true; |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
134 |
if ( !$session->user_logged_in && getConfig('guest_edit_require_captcha') == '1' ) |
285
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
parents:
256
diff
changeset
|
135 |
{ |
337
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
136 |
$captcha_valid = false; |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
137 |
if ( isset($_POST['captcha_id']) && isset($_POST['captcha_code']) ) |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
138 |
{ |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
139 |
$hash_correct = strtolower($session->get_captcha($_POST['captcha_id'])); |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
140 |
$hash_input = strtolower($_POST['captcha_code']); |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
141 |
if ( $hash_input === $hash_correct ) |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
142 |
$captcha_valid = true; |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
143 |
} |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
144 |
} |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
145 |
if ( $captcha_valid ) |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
146 |
{ |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
147 |
$e = PageUtils::savepage($paths->page_id, $paths->namespace, $_POST['page_text'], $_POST['edit_summary'], isset($_POST['minor'])); |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
148 |
if ( $e == 'good' ) |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
149 |
{ |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
150 |
redirect(makeUrl($paths->page), $lang->get('editor_msg_save_success_title'), $lang->get('editor_msg_save_success_body'), 3); |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
151 |
} |
285
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
parents:
256
diff
changeset
|
152 |
} |
0 | 153 |
} |
154 |
$template->header(); |
|
337
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
155 |
if ( isset($captcha_valid) ) |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
156 |
{ |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
157 |
echo '<div class="usermessage">' . $lang->get('editor_err_captcha_wrong') . '</div>'; |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
158 |
} |
0 | 159 |
if(isset($_POST['_preview'])) |
160 |
{ |
|
161 |
$text = $_POST['page_text']; |
|
162 |
echo PageUtils::genPreview($_POST['page_text']); |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
163 |
$text = htmlspecialchars($text); |
0 | 164 |
} |
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
165 |
else |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
166 |
{ |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
167 |
$text = RenderMan::getPage($paths->cpage['urlname_nons'], $paths->namespace, 0, false, false, false, false); |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
168 |
} |
0 | 169 |
echo ' |
170 |
<form action="'.makeUrl($paths->page, 'do=edit').'" method="post" enctype="multipart/form-data"> |
|
171 |
<br /> |
|
172 |
<textarea name="page_text" rows="20" cols="60" style="width: 97%;">'.$text.'</textarea><br /> |
|
173 |
<br /> |
|
174 |
'; |
|
337
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
175 |
echo $lang->get('editor_lbl_edit_summary') . ' <input name="edit_summary" type="text" size="40" /><br /><label><input type="checkbox" name="minor" /> ' . $lang->get('editor_lbl_minor_edit_field') . '</label><br />'; |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
176 |
if ( !$session->user_logged_in && getConfig('guest_edit_require_captcha') == '1' ) |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
177 |
{ |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
178 |
echo '<br /><table border="0"><tr><td>'; |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
179 |
echo '<b>' . $lang->get('editor_lbl_field_captcha') . '</b><br />' |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
180 |
. '<br />' |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
181 |
. $lang->get('editor_msg_captcha_pleaseenter') . '<br /><br />' |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
182 |
. $lang->get('editor_msg_captcha_blind'); |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
183 |
echo '</td><td>'; |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
184 |
$hash = $session->make_captcha(); |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
185 |
echo '<img src="' . makeUrlNS('Special', "Captcha/$hash") . '" onclick="this.src+=\'/a\'" style="cursor: pointer;" /><br />'; |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
186 |
echo '<input type="hidden" name="captcha_id" value="' . $hash . '" />'; |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
187 |
echo $lang->get('editor_lbl_field_captcha_code') . ' <input type="text" name="captcha_code" value="" size="9" />'; |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
188 |
echo '</td></tr></table>'; |
491518997ae5
Made CAPTCHA for guests' page editing work with the non-AJAX interface
Dan
parents:
334
diff
changeset
|
189 |
} |
0 | 190 |
echo '<br /> |
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
191 |
<input type="submit" name="_save" value="' . $lang->get('editor_btn_save') . '" style="font-weight: bold;" /> |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
192 |
<input type="submit" name="_preview" value="' . $lang->get('editor_btn_preview') . '" /> |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
193 |
<input type="submit" name="_revert" value="' . $lang->get('editor_btn_revert') . '" /> |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
194 |
<input type="submit" name="_cancel" value="' . $lang->get('editor_btn_cancel') . '" /> |
0 | 195 |
</form> |
196 |
'; |
|
160
87a988ca4ff4
Fixed: wiki mode edit notice should be shown on fallback editor now
Dan
parents:
142
diff
changeset
|
197 |
if ( getConfig('wiki_edit_notice') == '1' ) |
87a988ca4ff4
Fixed: wiki mode edit notice should be shown on fallback editor now
Dan
parents:
142
diff
changeset
|
198 |
{ |
87a988ca4ff4
Fixed: wiki mode edit notice should be shown on fallback editor now
Dan
parents:
142
diff
changeset
|
199 |
$notice = getConfig('wiki_edit_notice_text'); |
87a988ca4ff4
Fixed: wiki mode edit notice should be shown on fallback editor now
Dan
parents:
142
diff
changeset
|
200 |
echo RenderMan::render($notice); |
87a988ca4ff4
Fixed: wiki mode edit notice should be shown on fallback editor now
Dan
parents:
142
diff
changeset
|
201 |
} |
0 | 202 |
$template->footer(); |
203 |
break; |
|
204 |
case 'viewsource': |
|
205 |
$template->header(); |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
206 |
$text = RenderMan::getPage($paths->page_id, $paths->namespace, 0, false, false, false, false); |
0 | 207 |
echo ' |
208 |
<form action="'.makeUrl($paths->page, 'do=edit').'" method="post"> |
|
209 |
<br /> |
|
210 |
<textarea readonly="readonly" name="page_text" rows="20" cols="60" style="width: 97%;">'.$text.'</textarea>'; |
|
211 |
echo '<br /> |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
212 |
<input type="submit" name="_cancel" value="' . $lang->get('editor_btn_closeviewer') . '" /> |
0 | 213 |
</form> |
214 |
'; |
|
215 |
$template->footer(); |
|
216 |
break; |
|
217 |
case 'history': |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
218 |
$hist = PageUtils::histlist($paths->page_id, $paths->namespace); |
0 | 219 |
$template->header(); |
220 |
echo $hist; |
|
221 |
$template->footer(); |
|
222 |
break; |
|
223 |
case 'rollback': |
|
224 |
$id = (isset($_GET['id'])) ? $_GET['id'] : false; |
|
225 |
if(!$id || !preg_match('#^([0-9]+)$#', $id)) die_friendly('Invalid action ID', '<p>The URL parameter "id" is not an integer. Exiting to prevent nasties like SQL injection, etc.</p>'); |
|
226 |
$rb = PageUtils::rollback( (int) $id ); |
|
227 |
$template->header(); |
|
228 |
echo '<p>'.$rb.' <a href="'.makeUrl($paths->page).'">Return to the page</a>.</p>'; |
|
229 |
$template->footer(); |
|
230 |
break; |
|
231 |
case 'catedit': |
|
232 |
if(isset($_POST['__enanoSaveButton'])) |
|
233 |
{ |
|
234 |
unset($_POST['__enanoSaveButton']); |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
235 |
$val = PageUtils::catsave($paths->page_id, $paths->namespace, $_POST); |
0 | 236 |
if($val == 'GOOD') |
237 |
{ |
|
238 |
header('Location: '.makeUrl($paths->page)); echo '<html><head><title>Redirecting...</title></head><body>If you haven\'t been redirected yet, <a href="'.makeUrl($paths->page).'">click here</a>.'; break; |
|
239 |
} else { |
|
240 |
die_friendly('Error saving category information', '<p>'.$val.'</p>'); |
|
241 |
} |
|
242 |
} |
|
243 |
elseif(isset($_POST['__enanoCatCancel'])) |
|
244 |
{ |
|
245 |
header('Location: '.makeUrl($paths->page)); echo '<html><head><title>Redirecting...</title></head><body>If you haven\'t been redirected yet, <a href="'.makeUrl($paths->page).'">click here</a>.'; break; |
|
246 |
} |
|
247 |
$template->header(); |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
248 |
$c = PageUtils::catedit_raw($paths->page_id, $paths->namespace); |
0 | 249 |
echo $c[1]; |
250 |
$template->footer(); |
|
251 |
break; |
|
252 |
case 'moreoptions': |
|
253 |
$template->header(); |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
254 |
echo '<div class="menu_nojs" style="width: 150px; padding: 0;"><ul style="display: block;"><li><div class="label">' . $lang->get('ajax_lbl_moreoptions_nojs') . '</div><div style="clear: both;"></div></li>'.$template->toolbar_menu.'</ul></div>'; |
0 | 255 |
$template->footer(); |
256 |
break; |
|
257 |
case 'protect': |
|
258 |
if (!isset($_REQUEST['level'])) die_friendly('Invalid request', '<p>No protection level specified</p>'); |
|
259 |
if(!empty($_POST['reason'])) |
|
260 |
{ |
|
261 |
if(!preg_match('#^([0-2]*){1}$#', $_POST['level'])) die_friendly('Error protecting page', '<p>Request validation failed</p>'); |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
262 |
PageUtils::protect($paths->page_id, $paths->namespace, intval($_POST['level']), $_POST['reason']); |
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
263 |
|
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
264 |
die_friendly($lang->get('page_protect_lbl_success_title'), '<p>' . $lang->get('page_protect_lbl_success_body', array( 'page_link' => makeUrl($paths->page) )) . '</p>'); |
0 | 265 |
} |
266 |
$template->header(); |
|
267 |
?> |
|
268 |
<form action="<?php echo makeUrl($paths->page, 'do=protect'); ?>" method="post"> |
|
269 |
<input type="hidden" name="level" value="<?php echo $_REQUEST['level']; ?>" /> |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
270 |
<?php if(isset($_POST['reason'])) echo '<p style="color: red;">' . $lang->get('page_protect_err_need_reason') . '</p>'; ?> |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
271 |
<p><?php echo $lang->get('page_protect_lbl_reason'); ?></p> |
0 | 272 |
<p><input type="text" name="reason" size="40" /><br /> |
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
273 |
<?php echo $lang->get('page_protect_lbl_level'); ?> <b><?php |
0 | 274 |
switch($_REQUEST['level']) |
275 |
{ |
|
276 |
case '0': |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
277 |
echo $lang->get('page_protect_lbl_level_none'); |
0 | 278 |
break; |
279 |
case '1': |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
280 |
echo $lang->get('page_protect_lbl_level_full'); |
0 | 281 |
break; |
282 |
case '2': |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
283 |
echo $lang->get('page_protect_lbl_level_semi'); |
0 | 284 |
break; |
285 |
default: |
|
286 |
echo 'None;</b> Warning: request validation will fail after clicking submit<b>'; |
|
287 |
} |
|
288 |
?></b></p> |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
289 |
<p><input type="submit" value="<?php echo htmlspecialchars($lang->get('page_protect_btn_submit')) ?>" style="font-weight: bold;" /></p> |
0 | 290 |
</form> |
291 |
<?php |
|
292 |
$template->footer(); |
|
293 |
break; |
|
294 |
case 'rename': |
|
295 |
if(!empty($_POST['newname'])) |
|
296 |
{ |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
297 |
$r = PageUtils::rename($paths->page_id, $paths->namespace, $_POST['newname']); |
304 | 298 |
die_friendly($lang->get('page_rename_success_title'), '<p>'.nl2br($r).' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>'); |
0 | 299 |
} |
300 |
$template->header(); |
|
301 |
?> |
|
302 |
<form action="<?php echo makeUrl($paths->page, 'do=rename'); ?>" method="post"> |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
303 |
<?php if(isset($_POST['newname'])) echo '<p style="color: red;">' . $lang->get('page_rename_err_need_name') . '</p>'; ?> |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
304 |
<p><?php echo $lang->get('page_rename_lbl'); ?></p> |
0 | 305 |
<p><input type="text" name="newname" size="40" /></p> |
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
306 |
<p><input type="submit" value="<?php echo htmlspecialchars($lang->get('page_rename_btn_submit')); ?>" style="font-weight: bold;" /></p> |
0 | 307 |
</form> |
308 |
<?php |
|
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
309 |
$template->footer(); |
0 | 310 |
break; |
311 |
case 'flushlogs': |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
312 |
if(!$session->get_permissions('clear_logs')) |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
313 |
{ |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
314 |
die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>'); |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
315 |
} |
0 | 316 |
if(isset($_POST['_downthejohn'])) |
317 |
{ |
|
318 |
$template->header(); |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
319 |
$result = PageUtils::flushlogs($paths->page_id, $paths->namespace); |
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
320 |
echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>'; |
0 | 321 |
$template->footer(); |
322 |
break; |
|
323 |
} |
|
324 |
$template->header(); |
|
325 |
?> |
|
326 |
<form action="<?php echo makeUrl($paths->page, 'do=flushlogs'); ?>" method="post"> |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
327 |
<?php echo $lang->get('page_flushlogs_warning_stern'); ?> |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
328 |
<p><input type="submit" name="_downthejohn" value="<?php echo htmlspecialchars($lang->get('page_flushlogs_btn_submit')); ?>" style="color: red; font-weight: bold;" /></p> |
0 | 329 |
</form> |
330 |
<?php |
|
331 |
$template->footer(); |
|
332 |
break; |
|
333 |
case 'delvote': |
|
334 |
if(isset($_POST['_ballotbox'])) |
|
335 |
{ |
|
336 |
$template->header(); |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
337 |
$result = PageUtils::delvote($paths->page_id, $paths->namespace); |
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
338 |
echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>'; |
0 | 339 |
$template->footer(); |
340 |
break; |
|
341 |
} |
|
342 |
$template->header(); |
|
343 |
?> |
|
344 |
<form action="<?php echo makeUrl($paths->page, 'do=delvote'); ?>" method="post"> |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
345 |
<?php |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
346 |
echo $lang->get('page_delvote_warning_stern'); |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
347 |
echo '<p>'; |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
348 |
switch($paths->cpage['delvotes']) |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
349 |
{ |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
350 |
case 0: echo $lang->get('page_delvote_count_zero'); break; |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
351 |
case 1: echo $lang->get('page_delvote_count_one'); break; |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
352 |
default: echo $lang->get('page_delvote_count_plural', array('delvotes' => $paths->cpage['delvotes'])); break; |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
353 |
} |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
354 |
echo '</p>'; |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
355 |
?> |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
356 |
<p><input type="submit" name="_ballotbox" value="<?php echo htmlspecialchars($lang->get('page_delvote_btn_submit')); ?>" /></p> |
0 | 357 |
</form> |
358 |
<?php |
|
359 |
$template->footer(); |
|
360 |
break; |
|
361 |
case 'resetvotes': |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
362 |
if(!$session->get_permissions('vote_reset')) |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
363 |
{ |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
364 |
die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>'); |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
365 |
} |
0 | 366 |
if(isset($_POST['_youmaylivealittlelonger'])) |
367 |
{ |
|
368 |
$template->header(); |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
369 |
$result = PageUtils::resetdelvotes($paths->page_id, $paths->namespace); |
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
370 |
echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>'; |
0 | 371 |
$template->footer(); |
372 |
break; |
|
373 |
} |
|
374 |
$template->header(); |
|
375 |
?> |
|
376 |
<form action="<?php echo makeUrl($paths->page, 'do=resetvotes'); ?>" method="post"> |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
377 |
<p><?php echo $lang->get('ajax_delvote_reset_confirm'); ?></p> |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
378 |
<p><input type="submit" name="_youmaylivealittlelonger" value="<?php echo htmlspecialchars($lang->get('page_delvote_reset_btn_submit')); ?>" /></p> |
0 | 379 |
</form> |
380 |
<?php |
|
381 |
$template->footer(); |
|
382 |
break; |
|
383 |
case 'deletepage': |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
384 |
if(!$session->get_permissions('delete_page')) |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
385 |
{ |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
386 |
die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>'); |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
387 |
} |
0 | 388 |
if(isset($_POST['_adiossucker'])) |
389 |
{ |
|
28 | 390 |
$reason = ( isset($_POST['reason']) ) ? $_POST['reason'] : false; |
391 |
if ( empty($reason) ) |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
392 |
$error = $lang->get('ajax_delete_prompt_reason'); |
28 | 393 |
else |
394 |
{ |
|
395 |
$template->header(); |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
396 |
$result = PageUtils::deletepage($paths->page_id, $paths->namespace, $reason); |
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
397 |
echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>'; |
28 | 398 |
$template->footer(); |
399 |
break; |
|
400 |
} |
|
0 | 401 |
} |
402 |
$template->header(); |
|
403 |
?> |
|
404 |
<form action="<?php echo makeUrl($paths->page, 'do=deletepage'); ?>" method="post"> |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
405 |
<?php echo $lang->get('page_delete_warning_stern'); ?> |
28 | 406 |
<?php if ( isset($error) ) echo "<p>$error</p>"; ?> |
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
407 |
<p><?php echo $lang->get('page_delete_lbl_reason'); ?> <input type="text" name="reason" size="50" /></p> |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
408 |
<p><input type="submit" name="_adiossucker" value="<?php echo htmlspecialchars($lang->get('page_delete_btn_submit')); ?>" style="color: red; font-weight: bold;" /></p> |
0 | 409 |
</form> |
410 |
<?php |
|
411 |
$template->footer(); |
|
412 |
break; |
|
413 |
case 'setwikimode': |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
414 |
if(!$session->get_permissions('set_wiki_mode')) |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
415 |
{ |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
416 |
die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>'); |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
417 |
} |
97
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
418 |
if ( isset($_POST['finish']) ) |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
419 |
{ |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
420 |
$level = intval($_POST['level']); |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
421 |
if ( !in_array($level, array(0, 1, 2) ) ) |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
422 |
{ |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
423 |
die_friendly('Invalid request', '<p>Level not specified</p>'); |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
424 |
} |
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
425 |
$q = $db->sql_query('UPDATE '.table_prefix.'pages SET wiki_mode=' . $level . ' WHERE urlname=\'' . $db->escape($paths->page_id) . '\' AND namespace=\'' . $paths->namespace . '\';'); |
97
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
426 |
if ( !$q ) |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
427 |
$db->_die(); |
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
428 |
redirect(makeUrl($paths->page), htmlspecialchars($paths->cpage['name']), $lang->get('page_wikimode_success_redirect'), 2); |
97
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
429 |
} |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
430 |
else |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
431 |
{ |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
432 |
$template->header(); |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
433 |
if(!isset($_GET['level']) || ( isset($_GET['level']) && !preg_match('#^([0-9])$#', $_GET['level']))) die_friendly('Invalid request', '<p>Level not specified</p>'); |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
434 |
$level = intval($_GET['level']); |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
435 |
if ( !in_array($level, array(0, 1, 2) ) ) |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
436 |
{ |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
437 |
die_friendly('Invalid request', '<p>Level not specified</p>'); |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
438 |
} |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
439 |
echo '<form action="' . makeUrl($paths->page, 'do=setwikimode', true) . '" method="post">'; |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
440 |
echo '<input type="hidden" name="finish" value="foo" />'; |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
441 |
echo '<input type="hidden" name="level" value="' . $level . '" />'; |
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
442 |
$level_txt = ( $level == 0 ) ? 'page_wikimode_level_off' : ( ( $level == 1 ) ? 'page_wikimode_level_on' : 'page_wikimode_level_global' ); |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
443 |
$blurb = ( $level == 0 || ( $level == 2 && getConfig('wiki_mode') != '1' ) ) ? 'page_wikimode_blurb_disable' : 'page_wikimode_blurb_enable'; |
97
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
444 |
?> |
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
445 |
<h3><?php echo $lang->get('page_wikimode_heading'); ?></h3> |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
446 |
<p><?php echo $lang->get($level_txt) . ' ' . $lang->get($blurb); ?></p> |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
447 |
<p><?php echo $lang->get('page_wikimode_warning'); ?></p> |
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
448 |
<p><input type="submit" value="<?php echo htmlspecialchars($lang->get('page_wikimode_btn_submit')); ?>" /></p> |
97
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
449 |
<?php |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
450 |
echo '</form>'; |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
451 |
$template->footer(); |
293148ad7a70
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan
parents:
91
diff
changeset
|
452 |
} |
0 | 453 |
break; |
454 |
case 'diff': |
|
455 |
$template->header(); |
|
456 |
$id1 = ( isset($_GET['diff1']) ) ? (int)$_GET['diff1'] : false; |
|
457 |
$id2 = ( isset($_GET['diff2']) ) ? (int)$_GET['diff2'] : false; |
|
458 |
if(!$id1 || !$id2) { echo '<p>Invalid request.</p>'; $template->footer(); break; } |
|
459 |
if(!preg_match('#^([0-9]+)$#', (string)$_GET['diff1']) || |
|
460 |
!preg_match('#^([0-9]+)$#', (string)$_GET['diff2'] )) { echo '<p>SQL injection attempt</p>'; $template->footer(); break; } |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
461 |
echo PageUtils::pagediff($paths->page_id, $paths->namespace, $id1, $id2); |
0 | 462 |
$template->footer(); |
463 |
break; |
|
91 | 464 |
case 'detag': |
465 |
if ( $session->user_level < USER_LEVEL_ADMIN ) |
|
466 |
{ |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
467 |
die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>'); |
91 | 468 |
} |
469 |
if ( $paths->page_exists ) |
|
470 |
{ |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
471 |
die_friendly($lang->get('etc_invalid_request_short'), '<p>' . $lang->get('page_detag_err_page_exists') . '</p>'); |
91 | 472 |
} |
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
473 |
$q = $db->sql_query('DELETE FROM '.table_prefix.'tags WHERE page_id=\'' . $db->escape($paths->page_id) . '\' AND namespace=\'' . $paths->namespace . '\';'); |
91 | 474 |
if ( !$q ) |
475 |
$db->_die('Detag query, index.php:'.__LINE__); |
|
220
d44492e34ab3
Failsafe page maintenance applets in index.php localized
Dan
parents:
213
diff
changeset
|
476 |
die_friendly($lang->get('page_detag_success_title'), '<p>' . $lang->get('page_detag_success_body') . '</p>'); |
91 | 477 |
break; |
0 | 478 |
case 'aclmanager': |
479 |
$data = ( isset($_POST['data']) ) ? $_POST['data'] : Array('mode' => 'listgroups'); |
|
480 |
PageUtils::aclmanager($data); |
|
481 |
break; |
|
286
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents:
285
diff
changeset
|
482 |
case 'sql_report': |
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents:
285
diff
changeset
|
483 |
$rev_id = ( (isset($_GET['oldid'])) ? intval($_GET['oldid']) : 0 ); |
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
484 |
$page = new PageProcessor( $paths->page_id, $paths->namespace, $rev_id ); |
286
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents:
285
diff
changeset
|
485 |
$page->send_headers = true; |
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents:
285
diff
changeset
|
486 |
$pagepass = ( isset($_REQUEST['pagepass']) ) ? sha1($_REQUEST['pagepass']) : ''; |
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents:
285
diff
changeset
|
487 |
$page->password = $pagepass; |
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents:
285
diff
changeset
|
488 |
$page->send(true); |
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents:
285
diff
changeset
|
489 |
ob_end_clean(); |
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents:
285
diff
changeset
|
490 |
ob_start(); |
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents:
285
diff
changeset
|
491 |
$db->sql_report(); |
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents:
285
diff
changeset
|
492 |
break; |
0 | 493 |
} |
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
494 |
|
0 | 495 |
// |
496 |
// Optimize HTML by replacing newlines with spaces (excludes <pre>, <script>, and <style> blocks) |
|
497 |
// |
|
498 |
if ($aggressive_optimize_html) |
|
499 |
{ |
|
500 |
// Load up the HTML |
|
501 |
$html = ob_get_contents(); |
|
286
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents:
285
diff
changeset
|
502 |
@ob_end_clean(); |
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
503 |
|
80
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents:
73
diff
changeset
|
504 |
$html = aggressive_optimize_html($html); |
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
505 |
|
0 | 506 |
// Re-enable output buffering to allow the Gzip function (below) to work |
507 |
ob_start(); |
|
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
508 |
|
0 | 509 |
// Done, send it to the user |
510 |
echo( $html ); |
|
511 |
} |
|
80
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents:
73
diff
changeset
|
512 |
|
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents:
73
diff
changeset
|
513 |
$db->close(); |
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
parents:
73
diff
changeset
|
514 |
gzip_output(); |
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
parents:
41
diff
changeset
|
515 |
|
0 | 516 |
?> |