0
+ − 1
<?php
73
0a74676a2f2f
Made the move to Loch Ness, and got some basic page grouping functionality working. TODO: fix some UI issues in Javascript ACL editor and change non-JS ACL editor to work with page groups too
Dan
diff
changeset
+ − 2
166
+ − 3
/*
0
+ − 4
* Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
266
+ − 5
* Version 1.1.1
0
+ − 6
* Copyright (C) 2006-2007 Dan Fuhry
+ − 7
*
+ − 8
* This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
+ − 9
* as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
+ − 10
*
+ − 11
* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ − 12
* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
+ − 13
*
246
+ − 14
* @package Enano
+ − 15
* @subpackage Frontend
+ − 16
*
0
+ − 17
*/
246
+ − 18
311
a007145a0ff6
Deprecated debugConsole and removed all calls to it. Added a lot of comments to common.php. Added support for "anonymous pages" that are created when the Enano API is loaded from an external script. Fixed missing border-bottom on Type 2 sidebar blocks in Oxygen.
Dan
diff
changeset
+ − 19
define('ENANO_INTERFACE_INDEX', '');
a007145a0ff6
Deprecated debugConsole and removed all calls to it. Added a lot of comments to common.php. Added support for "anonymous pages" that are created when the Enano API is loaded from an external script. Fixed missing border-bottom on Type 2 sidebar blocks in Oxygen.
Dan
diff
changeset
+ − 20
81
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 21
// Set up gzip encoding before any output is sent
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 22
334
c72b545f1304
More localization work. Resolved major issue with JSON parser not parsing files over ~50KB. Switched JSON parser to the one from the Zend Framework (BSD licensed). Forced to split enano.json into five different files.
Dan
diff
changeset
+ − 23
$aggressive_optimize_html = true;
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 24
0
+ − 25
global $do_gzip;
334
c72b545f1304
More localization work. Resolved major issue with JSON parser not parsing files over ~50KB. Switched JSON parser to the one from the Zend Framework (BSD licensed). Forced to split enano.json into five different files.
Dan
diff
changeset
+ − 26
$do_gzip = true;
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 27
0
+ − 28
if(isset($_SERVER['PATH_INFO'])) $v = $_SERVER['PATH_INFO'];
+ − 29
elseif(isset($_GET['title'])) $v = $_GET['title'];
+ − 30
else $v = '';
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 31
80
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 32
if ( isset($_GET['nocompress']) )
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 33
$aggressive_optimize_html = false;
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 34
0
+ − 35
error_reporting(E_ALL);
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 36
0
+ − 37
// if(!strstr($v, 'CSS') && !strstr($v, 'UploadFile') && !strstr($v, 'DownloadFile')) // These pages are blacklisted because we can't have debugConsole's HTML output disrupting the flow of header() calls and whatnot
+ − 38
// {
+ − 39
// $do_gzip = ( function_exists('gzcompress') && ( isset($_SERVER['HTTP_ACCEPT_ENCODING']) && strstr($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') ) ) ? true : false;
+ − 40
// // Uncomment the following line to enable debugConsole (requires PHP 5 or later)
+ − 41
// // define('ENANO_DEBUG', '');
+ − 42
// }
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 43
0
+ − 44
if(defined('ENANO_DEBUG')) $do_gzip = false;
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 45
0
+ − 46
if($aggressive_optimize_html || $do_gzip)
+ − 47
{
+ − 48
ob_start();
+ − 49
}
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 50
0
+ − 51
require('includes/common.php');
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 52
0
+ − 53
global $db, $session, $paths, $template, $plugins; // Common objects
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 54
307
+ − 55
if ( !isset($_GET['do']) )
+ − 56
{
+ − 57
$_GET['do'] = 'view';
+ − 58
}
0
+ − 59
switch($_GET['do'])
+ − 60
{
+ − 61
default:
285
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 62
die_friendly('Invalid action', '<p>The action "'.htmlspecialchars($_GET['do']).'" is not defined. Return to <a href="'.makeUrl($paths->page).'">viewing this page\'s text</a>.</p>');
0
+ − 63
break;
+ − 64
case 'view':
+ − 65
// echo PageUtils::getpage($paths->page, true, ( (isset($_GET['oldid'])) ? $_GET['oldid'] : false ));
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 66
$rev_id = ( (isset($_GET['oldid'])) ? intval($_GET['oldid']) : 0 );
322
+ − 67
$page = new PageProcessor( $paths->page_id, $paths->namespace, $rev_id );
0
+ − 68
$page->send_headers = true;
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 69
$pagepass = ( isset($_REQUEST['pagepass']) ) ? sha1($_REQUEST['pagepass']) : '';
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 70
$page->password = $pagepass;
61
+ − 71
$page->send(true);
0
+ − 72
break;
+ − 73
case 'comments':
+ − 74
$template->header();
+ − 75
$sub = ( isset ($_GET['sub']) ) ? $_GET['sub'] : false;
+ − 76
switch($sub)
+ − 77
{
+ − 78
case 'admin':
+ − 79
default:
+ − 80
$act = ( isset ($_GET['action']) ) ? $_GET['action'] : false;
+ − 81
$id = ( isset ($_GET['id']) ) ? intval($_GET['id']) : -1;
322
+ − 82
echo PageUtils::comments_html($paths->page_id, $paths->namespace, $act, Array('id'=>$id));
0
+ − 83
break;
+ − 84
case 'postcomment':
+ − 85
if(empty($_POST['name']) ||
+ − 86
empty($_POST['subj']) ||
+ − 87
empty($_POST['text'])
+ − 88
) { echo 'Invalid request'; break; }
+ − 89
$cid = ( isset($_POST['captcha_id']) ) ? $_POST['captcha_id'] : false;
+ − 90
$cin = ( isset($_POST['captcha_input']) ) ? $_POST['captcha_input'] : false;
322
+ − 91
PageUtils::addcomment($paths->page_id, $paths->namespace, $_POST['name'], $_POST['subj'], $_POST['text'], $cin, $cid); // All filtering, etc. is handled inside this method
+ − 92
echo PageUtils::comments_html($paths->page_id, $paths->namespace);
0
+ − 93
break;
+ − 94
case 'editcomment':
+ − 95
if(!isset($_GET['id']) || ( isset($_GET['id']) && !preg_match('#^([0-9]+)$#', $_GET['id']) )) { echo '<p>Invalid comment ID</p>'; break; }
+ − 96
$q = $db->sql_query('SELECT subject,comment_data,comment_id FROM '.table_prefix.'comments WHERE comment_id='.$_GET['id']);
+ − 97
if(!$q) $db->_die('The comment data could not be selected.');
+ − 98
$row = $db->fetchrow();
+ − 99
$db->free_result();
213
+ − 100
$row['subject'] = str_replace('\'', ''', $row['subject']);
0
+ − 101
echo '<form action="'.makeUrl($paths->page, 'do=comments&sub=savecomment').'" method="post">';
+ − 102
echo "<br /><div class='tblholder'><table border='0' width='100%' cellspacing='1' cellpadding='4'>
213
+ − 103
<tr><td class='row1'>" . $lang->get('comment_postform_field_subject') . "</td><td class='row1'><input type='text' name='subj' value='{$row['subject']}' /></td></tr>
+ − 104
<tr><td class='row2'>" . $lang->get('comment_postform_field_comment') . "</td><td class='row2'><textarea rows='10' cols='40' style='width: 98%;' name='text'>{$row['comment_data']}</textarea></td></tr>
+ − 105
<tr><td class='row1' colspan='2' class='row1' style='text-align: center;'><input type='hidden' name='id' value='{$row['comment_id']}' /><input type='submit' value='" . $lang->get('etc_save_changes') . "' /></td></tr>
0
+ − 106
</table></div>";
+ − 107
echo '</form>';
+ − 108
break;
+ − 109
case 'savecomment':
+ − 110
if(empty($_POST['subj']) || empty($_POST['text'])) { echo '<p>Invalid request</p>'; break; }
322
+ − 111
$r = PageUtils::savecomment_neater($paths->page_id, $paths->namespace, $_POST['subj'], $_POST['text'], (int)$_POST['id']);
0
+ − 112
if($r != 'good') { echo "<pre>$r</pre>"; break; }
322
+ − 113
echo PageUtils::comments_html($paths->page_id, $paths->namespace);
0
+ − 114
break;
+ − 115
case 'deletecomment':
+ − 116
if(!empty($_GET['id']))
+ − 117
{
322
+ − 118
PageUtils::deletecomment_neater($paths->page_id, $paths->namespace, (int)$_GET['id']);
0
+ − 119
}
322
+ − 120
echo PageUtils::comments_html($paths->page_id, $paths->namespace);
0
+ − 121
break;
+ − 122
}
+ − 123
$template->footer();
+ − 124
break;
+ − 125
case 'edit':
285
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 126
if(isset($_POST['_cancel']))
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 127
{
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 128
redirect(makeUrl($paths->page), '', '', 0);
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 129
break;
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 130
}
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 131
if(isset($_POST['_save']))
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 132
{
337
+ − 133
$captcha_valid = true;
+ − 134
if ( !$session->user_logged_in && getConfig('guest_edit_require_captcha') == '1' )
285
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 135
{
337
+ − 136
$captcha_valid = false;
+ − 137
if ( isset($_POST['captcha_id']) && isset($_POST['captcha_code']) )
+ − 138
{
+ − 139
$hash_correct = strtolower($session->get_captcha($_POST['captcha_id']));
+ − 140
$hash_input = strtolower($_POST['captcha_code']);
+ − 141
if ( $hash_input === $hash_correct )
+ − 142
$captcha_valid = true;
+ − 143
}
+ − 144
}
+ − 145
if ( $captcha_valid )
+ − 146
{
+ − 147
$e = PageUtils::savepage($paths->page_id, $paths->namespace, $_POST['page_text'], $_POST['edit_summary'], isset($_POST['minor']));
+ − 148
if ( $e == 'good' )
+ − 149
{
+ − 150
redirect(makeUrl($paths->page), $lang->get('editor_msg_save_success_title'), $lang->get('editor_msg_save_success_body'), 3);
+ − 151
}
285
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 152
}
0
+ − 153
}
+ − 154
$template->header();
337
+ − 155
if ( isset($captcha_valid) )
+ − 156
{
+ − 157
echo '<div class="usermessage">' . $lang->get('editor_err_captcha_wrong') . '</div>';
+ − 158
}
0
+ − 159
if(isset($_POST['_preview']))
+ − 160
{
+ − 161
$text = $_POST['page_text'];
+ − 162
echo PageUtils::genPreview($_POST['page_text']);
220
+ − 163
$text = htmlspecialchars($text);
0
+ − 164
}
220
+ − 165
else
+ − 166
{
+ − 167
$text = RenderMan::getPage($paths->cpage['urlname_nons'], $paths->namespace, 0, false, false, false, false);
+ − 168
}
0
+ − 169
echo '
+ − 170
<form action="'.makeUrl($paths->page, 'do=edit').'" method="post" enctype="multipart/form-data">
+ − 171
<br />
+ − 172
<textarea name="page_text" rows="20" cols="60" style="width: 97%;">'.$text.'</textarea><br />
+ − 173
<br />
+ − 174
';
337
+ − 175
echo $lang->get('editor_lbl_edit_summary') . ' <input name="edit_summary" type="text" size="40" /><br /><label><input type="checkbox" name="minor" /> ' . $lang->get('editor_lbl_minor_edit_field') . '</label><br />';
+ − 176
if ( !$session->user_logged_in && getConfig('guest_edit_require_captcha') == '1' )
+ − 177
{
+ − 178
echo '<br /><table border="0"><tr><td>';
+ − 179
echo '<b>' . $lang->get('editor_lbl_field_captcha') . '</b><br />'
+ − 180
. '<br />'
+ − 181
. $lang->get('editor_msg_captcha_pleaseenter') . '<br /><br />'
+ − 182
. $lang->get('editor_msg_captcha_blind');
+ − 183
echo '</td><td>';
+ − 184
$hash = $session->make_captcha();
+ − 185
echo '<img src="' . makeUrlNS('Special', "Captcha/$hash") . '" onclick="this.src+=\'/a\'" style="cursor: pointer;" /><br />';
+ − 186
echo '<input type="hidden" name="captcha_id" value="' . $hash . '" />';
+ − 187
echo $lang->get('editor_lbl_field_captcha_code') . ' <input type="text" name="captcha_code" value="" size="9" />';
+ − 188
echo '</td></tr></table>';
+ − 189
}
0
+ − 190
echo '<br />
220
+ − 191
<input type="submit" name="_save" value="' . $lang->get('editor_btn_save') . '" style="font-weight: bold;" />
+ − 192
<input type="submit" name="_preview" value="' . $lang->get('editor_btn_preview') . '" />
+ − 193
<input type="submit" name="_revert" value="' . $lang->get('editor_btn_revert') . '" />
+ − 194
<input type="submit" name="_cancel" value="' . $lang->get('editor_btn_cancel') . '" />
0
+ − 195
</form>
+ − 196
';
160
+ − 197
if ( getConfig('wiki_edit_notice') == '1' )
+ − 198
{
+ − 199
$notice = getConfig('wiki_edit_notice_text');
+ − 200
echo RenderMan::render($notice);
+ − 201
}
0
+ − 202
$template->footer();
+ − 203
break;
+ − 204
case 'viewsource':
+ − 205
$template->header();
322
+ − 206
$text = RenderMan::getPage($paths->page_id, $paths->namespace, 0, false, false, false, false);
0
+ − 207
echo '
+ − 208
<form action="'.makeUrl($paths->page, 'do=edit').'" method="post">
+ − 209
<br />
+ − 210
<textarea readonly="readonly" name="page_text" rows="20" cols="60" style="width: 97%;">'.$text.'</textarea>';
+ − 211
echo '<br />
220
+ − 212
<input type="submit" name="_cancel" value="' . $lang->get('editor_btn_closeviewer') . '" />
0
+ − 213
</form>
+ − 214
';
+ − 215
$template->footer();
+ − 216
break;
+ − 217
case 'history':
322
+ − 218
$hist = PageUtils::histlist($paths->page_id, $paths->namespace);
0
+ − 219
$template->header();
+ − 220
echo $hist;
+ − 221
$template->footer();
+ − 222
break;
+ − 223
case 'rollback':
+ − 224
$id = (isset($_GET['id'])) ? $_GET['id'] : false;
+ − 225
if(!$id || !preg_match('#^([0-9]+)$#', $id)) die_friendly('Invalid action ID', '<p>The URL parameter "id" is not an integer. Exiting to prevent nasties like SQL injection, etc.</p>');
+ − 226
$rb = PageUtils::rollback( (int) $id );
+ − 227
$template->header();
+ − 228
echo '<p>'.$rb.' <a href="'.makeUrl($paths->page).'">Return to the page</a>.</p>';
+ − 229
$template->footer();
+ − 230
break;
+ − 231
case 'catedit':
+ − 232
if(isset($_POST['__enanoSaveButton']))
+ − 233
{
+ − 234
unset($_POST['__enanoSaveButton']);
322
+ − 235
$val = PageUtils::catsave($paths->page_id, $paths->namespace, $_POST);
0
+ − 236
if($val == 'GOOD')
+ − 237
{
+ − 238
header('Location: '.makeUrl($paths->page)); echo '<html><head><title>Redirecting...</title></head><body>If you haven\'t been redirected yet, <a href="'.makeUrl($paths->page).'">click here</a>.'; break;
+ − 239
} else {
+ − 240
die_friendly('Error saving category information', '<p>'.$val.'</p>');
+ − 241
}
+ − 242
}
+ − 243
elseif(isset($_POST['__enanoCatCancel']))
+ − 244
{
+ − 245
header('Location: '.makeUrl($paths->page)); echo '<html><head><title>Redirecting...</title></head><body>If you haven\'t been redirected yet, <a href="'.makeUrl($paths->page).'">click here</a>.'; break;
+ − 246
}
+ − 247
$template->header();
322
+ − 248
$c = PageUtils::catedit_raw($paths->page_id, $paths->namespace);
0
+ − 249
echo $c[1];
+ − 250
$template->footer();
+ − 251
break;
+ − 252
case 'moreoptions':
+ − 253
$template->header();
220
+ − 254
echo '<div class="menu_nojs" style="width: 150px; padding: 0;"><ul style="display: block;"><li><div class="label">' . $lang->get('ajax_lbl_moreoptions_nojs') . '</div><div style="clear: both;"></div></li>'.$template->toolbar_menu.'</ul></div>';
0
+ − 255
$template->footer();
+ − 256
break;
+ − 257
case 'protect':
+ − 258
if (!isset($_REQUEST['level'])) die_friendly('Invalid request', '<p>No protection level specified</p>');
+ − 259
if(!empty($_POST['reason']))
+ − 260
{
+ − 261
if(!preg_match('#^([0-2]*){1}$#', $_POST['level'])) die_friendly('Error protecting page', '<p>Request validation failed</p>');
322
+ − 262
PageUtils::protect($paths->page_id, $paths->namespace, intval($_POST['level']), $_POST['reason']);
220
+ − 263
+ − 264
die_friendly($lang->get('page_protect_lbl_success_title'), '<p>' . $lang->get('page_protect_lbl_success_body', array( 'page_link' => makeUrl($paths->page) )) . '</p>');
0
+ − 265
}
+ − 266
$template->header();
+ − 267
?>
+ − 268
<form action="<?php echo makeUrl($paths->page, 'do=protect'); ?>" method="post">
+ − 269
<input type="hidden" name="level" value="<?php echo $_REQUEST['level']; ?>" />
220
+ − 270
<?php if(isset($_POST['reason'])) echo '<p style="color: red;">' . $lang->get('page_protect_err_need_reason') . '</p>'; ?>
+ − 271
<p><?php echo $lang->get('page_protect_lbl_reason'); ?></p>
0
+ − 272
<p><input type="text" name="reason" size="40" /><br />
220
+ − 273
<?php echo $lang->get('page_protect_lbl_level'); ?> <b><?php
0
+ − 274
switch($_REQUEST['level'])
+ − 275
{
+ − 276
case '0':
220
+ − 277
echo $lang->get('page_protect_lbl_level_none');
0
+ − 278
break;
+ − 279
case '1':
220
+ − 280
echo $lang->get('page_protect_lbl_level_full');
0
+ − 281
break;
+ − 282
case '2':
220
+ − 283
echo $lang->get('page_protect_lbl_level_semi');
0
+ − 284
break;
+ − 285
default:
+ − 286
echo 'None;</b> Warning: request validation will fail after clicking submit<b>';
+ − 287
}
+ − 288
?></b></p>
220
+ − 289
<p><input type="submit" value="<?php echo htmlspecialchars($lang->get('page_protect_btn_submit')) ?>" style="font-weight: bold;" /></p>
0
+ − 290
</form>
+ − 291
<?php
+ − 292
$template->footer();
+ − 293
break;
+ − 294
case 'rename':
+ − 295
if(!empty($_POST['newname']))
+ − 296
{
322
+ − 297
$r = PageUtils::rename($paths->page_id, $paths->namespace, $_POST['newname']);
304
+ − 298
die_friendly($lang->get('page_rename_success_title'), '<p>'.nl2br($r).' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>');
0
+ − 299
}
+ − 300
$template->header();
+ − 301
?>
+ − 302
<form action="<?php echo makeUrl($paths->page, 'do=rename'); ?>" method="post">
220
+ − 303
<?php if(isset($_POST['newname'])) echo '<p style="color: red;">' . $lang->get('page_rename_err_need_name') . '</p>'; ?>
+ − 304
<p><?php echo $lang->get('page_rename_lbl'); ?></p>
0
+ − 305
<p><input type="text" name="newname" size="40" /></p>
220
+ − 306
<p><input type="submit" value="<?php echo htmlspecialchars($lang->get('page_rename_btn_submit')); ?>" style="font-weight: bold;" /></p>
0
+ − 307
</form>
+ − 308
<?php
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 309
$template->footer();
0
+ − 310
break;
+ − 311
case 'flushlogs':
220
+ − 312
if(!$session->get_permissions('clear_logs'))
+ − 313
{
+ − 314
die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>');
+ − 315
}
0
+ − 316
if(isset($_POST['_downthejohn']))
+ − 317
{
+ − 318
$template->header();
322
+ − 319
$result = PageUtils::flushlogs($paths->page_id, $paths->namespace);
220
+ − 320
echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>';
0
+ − 321
$template->footer();
+ − 322
break;
+ − 323
}
+ − 324
$template->header();
+ − 325
?>
+ − 326
<form action="<?php echo makeUrl($paths->page, 'do=flushlogs'); ?>" method="post">
220
+ − 327
<?php echo $lang->get('page_flushlogs_warning_stern'); ?>
+ − 328
<p><input type="submit" name="_downthejohn" value="<?php echo htmlspecialchars($lang->get('page_flushlogs_btn_submit')); ?>" style="color: red; font-weight: bold;" /></p>
0
+ − 329
</form>
+ − 330
<?php
+ − 331
$template->footer();
+ − 332
break;
+ − 333
case 'delvote':
+ − 334
if(isset($_POST['_ballotbox']))
+ − 335
{
+ − 336
$template->header();
322
+ − 337
$result = PageUtils::delvote($paths->page_id, $paths->namespace);
220
+ − 338
echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>';
0
+ − 339
$template->footer();
+ − 340
break;
+ − 341
}
+ − 342
$template->header();
+ − 343
?>
+ − 344
<form action="<?php echo makeUrl($paths->page, 'do=delvote'); ?>" method="post">
220
+ − 345
<?php
+ − 346
echo $lang->get('page_delvote_warning_stern');
+ − 347
echo '<p>';
+ − 348
switch($paths->cpage['delvotes'])
+ − 349
{
+ − 350
case 0: echo $lang->get('page_delvote_count_zero'); break;
+ − 351
case 1: echo $lang->get('page_delvote_count_one'); break;
+ − 352
default: echo $lang->get('page_delvote_count_plural', array('delvotes' => $paths->cpage['delvotes'])); break;
+ − 353
}
+ − 354
echo '</p>';
+ − 355
?>
+ − 356
<p><input type="submit" name="_ballotbox" value="<?php echo htmlspecialchars($lang->get('page_delvote_btn_submit')); ?>" /></p>
0
+ − 357
</form>
+ − 358
<?php
+ − 359
$template->footer();
+ − 360
break;
+ − 361
case 'resetvotes':
220
+ − 362
if(!$session->get_permissions('vote_reset'))
+ − 363
{
+ − 364
die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>');
+ − 365
}
0
+ − 366
if(isset($_POST['_youmaylivealittlelonger']))
+ − 367
{
+ − 368
$template->header();
322
+ − 369
$result = PageUtils::resetdelvotes($paths->page_id, $paths->namespace);
220
+ − 370
echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>';
0
+ − 371
$template->footer();
+ − 372
break;
+ − 373
}
+ − 374
$template->header();
+ − 375
?>
+ − 376
<form action="<?php echo makeUrl($paths->page, 'do=resetvotes'); ?>" method="post">
220
+ − 377
<p><?php echo $lang->get('ajax_delvote_reset_confirm'); ?></p>
+ − 378
<p><input type="submit" name="_youmaylivealittlelonger" value="<?php echo htmlspecialchars($lang->get('page_delvote_reset_btn_submit')); ?>" /></p>
0
+ − 379
</form>
+ − 380
<?php
+ − 381
$template->footer();
+ − 382
break;
+ − 383
case 'deletepage':
220
+ − 384
if(!$session->get_permissions('delete_page'))
+ − 385
{
+ − 386
die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>');
+ − 387
}
0
+ − 388
if(isset($_POST['_adiossucker']))
+ − 389
{
28
+ − 390
$reason = ( isset($_POST['reason']) ) ? $_POST['reason'] : false;
+ − 391
if ( empty($reason) )
220
+ − 392
$error = $lang->get('ajax_delete_prompt_reason');
28
+ − 393
else
+ − 394
{
+ − 395
$template->header();
322
+ − 396
$result = PageUtils::deletepage($paths->page_id, $paths->namespace, $reason);
220
+ − 397
echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>';
28
+ − 398
$template->footer();
+ − 399
break;
+ − 400
}
0
+ − 401
}
+ − 402
$template->header();
+ − 403
?>
+ − 404
<form action="<?php echo makeUrl($paths->page, 'do=deletepage'); ?>" method="post">
220
+ − 405
<?php echo $lang->get('page_delete_warning_stern'); ?>
28
+ − 406
<?php if ( isset($error) ) echo "<p>$error</p>"; ?>
220
+ − 407
<p><?php echo $lang->get('page_delete_lbl_reason'); ?> <input type="text" name="reason" size="50" /></p>
+ − 408
<p><input type="submit" name="_adiossucker" value="<?php echo htmlspecialchars($lang->get('page_delete_btn_submit')); ?>" style="color: red; font-weight: bold;" /></p>
0
+ − 409
</form>
+ − 410
<?php
+ − 411
$template->footer();
+ − 412
break;
+ − 413
case 'setwikimode':
220
+ − 414
if(!$session->get_permissions('set_wiki_mode'))
+ − 415
{
+ − 416
die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>');
+ − 417
}
97
+ − 418
if ( isset($_POST['finish']) )
+ − 419
{
+ − 420
$level = intval($_POST['level']);
+ − 421
if ( !in_array($level, array(0, 1, 2) ) )
+ − 422
{
+ − 423
die_friendly('Invalid request', '<p>Level not specified</p>');
+ − 424
}
322
+ − 425
$q = $db->sql_query('UPDATE '.table_prefix.'pages SET wiki_mode=' . $level . ' WHERE urlname=\'' . $db->escape($paths->page_id) . '\' AND namespace=\'' . $paths->namespace . '\';');
97
+ − 426
if ( !$q )
+ − 427
$db->_die();
220
+ − 428
redirect(makeUrl($paths->page), htmlspecialchars($paths->cpage['name']), $lang->get('page_wikimode_success_redirect'), 2);
97
+ − 429
}
+ − 430
else
+ − 431
{
+ − 432
$template->header();
+ − 433
if(!isset($_GET['level']) || ( isset($_GET['level']) && !preg_match('#^([0-9])$#', $_GET['level']))) die_friendly('Invalid request', '<p>Level not specified</p>');
+ − 434
$level = intval($_GET['level']);
+ − 435
if ( !in_array($level, array(0, 1, 2) ) )
+ − 436
{
+ − 437
die_friendly('Invalid request', '<p>Level not specified</p>');
+ − 438
}
+ − 439
echo '<form action="' . makeUrl($paths->page, 'do=setwikimode', true) . '" method="post">';
+ − 440
echo '<input type="hidden" name="finish" value="foo" />';
+ − 441
echo '<input type="hidden" name="level" value="' . $level . '" />';
220
+ − 442
$level_txt = ( $level == 0 ) ? 'page_wikimode_level_off' : ( ( $level == 1 ) ? 'page_wikimode_level_on' : 'page_wikimode_level_global' );
+ − 443
$blurb = ( $level == 0 || ( $level == 2 && getConfig('wiki_mode') != '1' ) ) ? 'page_wikimode_blurb_disable' : 'page_wikimode_blurb_enable';
97
+ − 444
?>
220
+ − 445
<h3><?php echo $lang->get('page_wikimode_heading'); ?></h3>
+ − 446
<p><?php echo $lang->get($level_txt) . ' ' . $lang->get($blurb); ?></p>
+ − 447
<p><?php echo $lang->get('page_wikimode_warning'); ?></p>
+ − 448
<p><input type="submit" value="<?php echo htmlspecialchars($lang->get('page_wikimode_btn_submit')); ?>" /></p>
97
+ − 449
<?php
+ − 450
echo '</form>';
+ − 451
$template->footer();
+ − 452
}
0
+ − 453
break;
+ − 454
case 'diff':
+ − 455
$template->header();
+ − 456
$id1 = ( isset($_GET['diff1']) ) ? (int)$_GET['diff1'] : false;
+ − 457
$id2 = ( isset($_GET['diff2']) ) ? (int)$_GET['diff2'] : false;
+ − 458
if(!$id1 || !$id2) { echo '<p>Invalid request.</p>'; $template->footer(); break; }
+ − 459
if(!preg_match('#^([0-9]+)$#', (string)$_GET['diff1']) ||
+ − 460
!preg_match('#^([0-9]+)$#', (string)$_GET['diff2'] )) { echo '<p>SQL injection attempt</p>'; $template->footer(); break; }
322
+ − 461
echo PageUtils::pagediff($paths->page_id, $paths->namespace, $id1, $id2);
0
+ − 462
$template->footer();
+ − 463
break;
91
+ − 464
case 'detag':
+ − 465
if ( $session->user_level < USER_LEVEL_ADMIN )
+ − 466
{
220
+ − 467
die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>');
91
+ − 468
}
+ − 469
if ( $paths->page_exists )
+ − 470
{
220
+ − 471
die_friendly($lang->get('etc_invalid_request_short'), '<p>' . $lang->get('page_detag_err_page_exists') . '</p>');
91
+ − 472
}
322
+ − 473
$q = $db->sql_query('DELETE FROM '.table_prefix.'tags WHERE page_id=\'' . $db->escape($paths->page_id) . '\' AND namespace=\'' . $paths->namespace . '\';');
91
+ − 474
if ( !$q )
+ − 475
$db->_die('Detag query, index.php:'.__LINE__);
220
+ − 476
die_friendly($lang->get('page_detag_success_title'), '<p>' . $lang->get('page_detag_success_body') . '</p>');
91
+ − 477
break;
0
+ − 478
case 'aclmanager':
+ − 479
$data = ( isset($_POST['data']) ) ? $_POST['data'] : Array('mode' => 'listgroups');
+ − 480
PageUtils::aclmanager($data);
+ − 481
break;
286
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 482
case 'sql_report':
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 483
$rev_id = ( (isset($_GET['oldid'])) ? intval($_GET['oldid']) : 0 );
322
+ − 484
$page = new PageProcessor( $paths->page_id, $paths->namespace, $rev_id );
286
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 485
$page->send_headers = true;
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 486
$pagepass = ( isset($_REQUEST['pagepass']) ) ? sha1($_REQUEST['pagepass']) : '';
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 487
$page->password = $pagepass;
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 488
$page->send(true);
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 489
ob_end_clean();
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 490
ob_start();
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 491
$db->sql_report();
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 492
break;
0
+ − 493
}
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 494
0
+ − 495
//
+ − 496
// Optimize HTML by replacing newlines with spaces (excludes <pre>, <script>, and <style> blocks)
+ − 497
//
+ − 498
if ($aggressive_optimize_html)
+ − 499
{
+ − 500
// Load up the HTML
+ − 501
$html = ob_get_contents();
286
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 502
@ob_end_clean();
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 503
80
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 504
$html = aggressive_optimize_html($html);
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 505
0
+ − 506
// Re-enable output buffering to allow the Gzip function (below) to work
+ − 507
ob_start();
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 508
0
+ − 509
// Done, send it to the user
+ − 510
echo( $html );
+ − 511
}
80
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 512
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 513
$db->close();
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 514
gzip_output();
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 515
0
+ − 516
?>