0
+ − 1
<?php
+ − 2
/**
+ − 3
* Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 4
* @Version 1.0 (Banshee)
0
+ − 5
* Copyright (C) 2006-2007 Dan Fuhry
+ − 6
*
+ − 7
* This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
+ − 8
* as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
+ − 9
*
+ − 10
* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ − 11
* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
+ − 12
*
+ − 13
*/
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 14
0
+ − 15
// Set up gzip encoding before any output is sent
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 16
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 17
$aggressive_optimize_html = false;
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 18
0
+ − 19
global $do_gzip;
+ − 20
$do_gzip = false;
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 21
0
+ − 22
if(isset($_SERVER['PATH_INFO'])) $v = $_SERVER['PATH_INFO'];
+ − 23
elseif(isset($_GET['title'])) $v = $_GET['title'];
+ − 24
else $v = '';
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 25
0
+ − 26
error_reporting(E_ALL);
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 27
0
+ − 28
// if(!strstr($v, 'CSS') && !strstr($v, 'UploadFile') && !strstr($v, 'DownloadFile')) // These pages are blacklisted because we can't have debugConsole's HTML output disrupting the flow of header() calls and whatnot
+ − 29
// {
+ − 30
// $do_gzip = ( function_exists('gzcompress') && ( isset($_SERVER['HTTP_ACCEPT_ENCODING']) && strstr($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') ) ) ? true : false;
+ − 31
// // Uncomment the following line to enable debugConsole (requires PHP 5 or later)
+ − 32
// // define('ENANO_DEBUG', '');
+ − 33
// }
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 34
0
+ − 35
if(defined('ENANO_DEBUG')) $do_gzip = false;
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 36
0
+ − 37
if($aggressive_optimize_html || $do_gzip)
+ − 38
{
+ − 39
ob_start();
+ − 40
}
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 41
0
+ − 42
require('includes/common.php');
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 43
0
+ − 44
global $db, $session, $paths, $template, $plugins; // Common objects
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 45
0
+ − 46
if(!isset($_GET['do'])) $_GET['do'] = 'view';
+ − 47
switch($_GET['do'])
+ − 48
{
+ − 49
default:
+ − 50
die_friendly('Invalid action', '<p>The action "'.$_GET['do'].'" is not defined. Return to <a href="'.makeUrl($paths->page).'">viewing this page\'s text</a>.</p>');
+ − 51
break;
+ − 52
case 'view':
+ − 53
// echo PageUtils::getpage($paths->page, true, ( (isset($_GET['oldid'])) ? $_GET['oldid'] : false ));
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 54
$rev_id = ( (isset($_GET['oldid'])) ? intval($_GET['oldid']) : 0 );
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 55
$page = new PageProcessor( $paths->cpage['urlname_nons'], $paths->namespace, $rev_id );
0
+ − 56
$page->send_headers = true;
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 57
$pagepass = ( isset($_REQUEST['pagepass']) ) ? sha1($_REQUEST['pagepass']) : '';
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 58
$page->password = $pagepass;
0
+ − 59
$page->send();
+ − 60
break;
+ − 61
case 'comments':
+ − 62
$template->header();
+ − 63
$sub = ( isset ($_GET['sub']) ) ? $_GET['sub'] : false;
+ − 64
switch($sub)
+ − 65
{
+ − 66
case 'admin':
+ − 67
default:
+ − 68
$act = ( isset ($_GET['action']) ) ? $_GET['action'] : false;
+ − 69
$id = ( isset ($_GET['id']) ) ? intval($_GET['id']) : -1;
+ − 70
echo PageUtils::comments_html($paths->cpage['urlname_nons'], $paths->namespace, $act, Array('id'=>$id));
+ − 71
break;
+ − 72
case 'postcomment':
+ − 73
if(empty($_POST['name']) ||
+ − 74
empty($_POST['subj']) ||
+ − 75
empty($_POST['text'])
+ − 76
) { echo 'Invalid request'; break; }
+ − 77
$cid = ( isset($_POST['captcha_id']) ) ? $_POST['captcha_id'] : false;
+ − 78
$cin = ( isset($_POST['captcha_input']) ) ? $_POST['captcha_input'] : false;
+ − 79
PageUtils::addcomment($paths->cpage['urlname_nons'], $paths->namespace, $_POST['name'], $_POST['subj'], $_POST['text'], $cin, $cid); // All filtering, etc. is handled inside this method
+ − 80
echo PageUtils::comments_html($paths->cpage['urlname_nons'], $paths->namespace);
+ − 81
break;
+ − 82
case 'editcomment':
+ − 83
if(!isset($_GET['id']) || ( isset($_GET['id']) && !preg_match('#^([0-9]+)$#', $_GET['id']) )) { echo '<p>Invalid comment ID</p>'; break; }
+ − 84
$q = $db->sql_query('SELECT subject,comment_data,comment_id FROM '.table_prefix.'comments WHERE comment_id='.$_GET['id']);
+ − 85
if(!$q) $db->_die('The comment data could not be selected.');
+ − 86
$row = $db->fetchrow();
+ − 87
$db->free_result();
+ − 88
echo '<form action="'.makeUrl($paths->page, 'do=comments&sub=savecomment').'" method="post">';
+ − 89
echo "<br /><div class='tblholder'><table border='0' width='100%' cellspacing='1' cellpadding='4'>
+ − 90
<tr><td class='row1'>Subject:</td><td class='row1'><input type='text' name='subj' value='{$row['subject']}' /></td></tr>
+ − 91
<tr><td class='row2'>Comment:</td><td class='row2'><textarea rows='10' cols='40' style='width: 98%;' name='text'>{$row['comment_data']}</textarea></td></tr>
+ − 92
<tr><td class='row1' colspan='2' class='row1' style='text-align: center;'><input type='hidden' name='id' value='{$row['comment_id']}' /><input type='submit' value='Save Changes' /></td></tr>
+ − 93
</table></div>";
+ − 94
echo '</form>';
+ − 95
break;
+ − 96
case 'savecomment':
+ − 97
if(empty($_POST['subj']) || empty($_POST['text'])) { echo '<p>Invalid request</p>'; break; }
+ − 98
$r = PageUtils::savecomment_neater($paths->cpage['urlname_nons'], $paths->namespace, $_POST['subj'], $_POST['text'], (int)$_POST['id']);
+ − 99
if($r != 'good') { echo "<pre>$r</pre>"; break; }
+ − 100
echo PageUtils::comments_html($paths->cpage['urlname_nons'], $paths->namespace);
+ − 101
break;
+ − 102
case 'deletecomment':
+ − 103
if(!empty($_GET['id']))
+ − 104
{
+ − 105
PageUtils::deletecomment_neater($paths->cpage['urlname_nons'], $paths->namespace, (int)$_GET['id']);
+ − 106
}
+ − 107
echo PageUtils::comments_html($paths->cpage['urlname_nons'], $paths->namespace);
+ − 108
break;
+ − 109
}
+ − 110
$template->footer();
+ − 111
break;
+ − 112
case 'edit':
+ − 113
if(isset($_POST['_cancel'])) { header('Location: '.makeUrl($paths->page)); echo '<html><head><title>Redirecting...</title></head><body>If you haven\'t been redirected yet, <a href="'.makeUrl($paths->page).'">click here</a>.'; break; }
+ − 114
if(isset($_POST['_save'])) {
+ − 115
$e = PageUtils::savepage($paths->cpage['urlname_nons'], $paths->namespace, $_POST['page_text'], $_POST['edit_summary'], isset($_POST['minor']));
+ − 116
header('Location: '.makeUrl($paths->page)); echo '<html><head><title>Redirecting...</title></head><body>If you haven\'t been redirected yet, <a href="'.makeUrl($paths->page).'">click here</a>.'; break;
+ − 117
}
+ − 118
$template->header();
+ − 119
if(isset($_POST['_preview']))
+ − 120
{
+ − 121
$text = $_POST['page_text'];
+ − 122
echo PageUtils::genPreview($_POST['page_text']);
+ − 123
}
+ − 124
else $text = RenderMan::getPage($paths->cpage['urlname_nons'], $paths->namespace, 0, false, false, false, false);
+ − 125
echo '
+ − 126
<form action="'.makeUrl($paths->page, 'do=edit').'" method="post" enctype="multipart/form-data">
+ − 127
<br />
+ − 128
<textarea name="page_text" rows="20" cols="60" style="width: 97%;">'.$text.'</textarea><br />
+ − 129
<br />
+ − 130
';
+ − 131
if($paths->wiki_mode)
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 132
echo 'Edit summary: <input name="edit_summary" type="text" size="40" /><br /><label><input type="checkbox" name="minor" /> This is a minor edit</label><br />';
0
+ − 133
echo '<br />
+ − 134
<input type="submit" name="_save" value="Save changes" style="font-weight: bold;" />
+ − 135
<input type="submit" name="_preview" value="Preview changes" />
+ − 136
<input type="submit" name="_revert" value="Revert changes" />
+ − 137
<input type="submit" name="_cancel" value="Cancel" />
+ − 138
</form>
+ − 139
';
+ − 140
$template->footer();
+ − 141
break;
+ − 142
case 'viewsource':
+ − 143
$template->header();
+ − 144
$text = RenderMan::getPage($paths->cpage['urlname_nons'], $paths->namespace, 0, false, false, false, false);
+ − 145
echo '
+ − 146
<form action="'.makeUrl($paths->page, 'do=edit').'" method="post">
+ − 147
<br />
+ − 148
<textarea readonly="readonly" name="page_text" rows="20" cols="60" style="width: 97%;">'.$text.'</textarea>';
+ − 149
echo '<br />
+ − 150
<input type="submit" name="_cancel" value="Close viewer" />
+ − 151
</form>
+ − 152
';
+ − 153
$template->footer();
+ − 154
break;
+ − 155
case 'history':
+ − 156
$hist = PageUtils::histlist($paths->cpage['urlname_nons'], $paths->namespace);
+ − 157
$template->header();
+ − 158
echo $hist;
+ − 159
$template->footer();
+ − 160
break;
+ − 161
case 'rollback':
+ − 162
$id = (isset($_GET['id'])) ? $_GET['id'] : false;
+ − 163
if(!$id || !preg_match('#^([0-9]+)$#', $id)) die_friendly('Invalid action ID', '<p>The URL parameter "id" is not an integer. Exiting to prevent nasties like SQL injection, etc.</p>');
+ − 164
$rb = PageUtils::rollback( (int) $id );
+ − 165
$template->header();
+ − 166
echo '<p>'.$rb.' <a href="'.makeUrl($paths->page).'">Return to the page</a>.</p>';
+ − 167
$template->footer();
+ − 168
break;
+ − 169
case 'catedit':
+ − 170
if(isset($_POST['__enanoSaveButton']))
+ − 171
{
+ − 172
unset($_POST['__enanoSaveButton']);
+ − 173
$val = PageUtils::catsave($paths->cpage['urlname_nons'], $paths->namespace, $_POST);
+ − 174
if($val == 'GOOD')
+ − 175
{
+ − 176
header('Location: '.makeUrl($paths->page)); echo '<html><head><title>Redirecting...</title></head><body>If you haven\'t been redirected yet, <a href="'.makeUrl($paths->page).'">click here</a>.'; break;
+ − 177
} else {
+ − 178
die_friendly('Error saving category information', '<p>'.$val.'</p>');
+ − 179
}
+ − 180
}
+ − 181
elseif(isset($_POST['__enanoCatCancel']))
+ − 182
{
+ − 183
header('Location: '.makeUrl($paths->page)); echo '<html><head><title>Redirecting...</title></head><body>If you haven\'t been redirected yet, <a href="'.makeUrl($paths->page).'">click here</a>.'; break;
+ − 184
}
+ − 185
$template->header();
+ − 186
$c = PageUtils::catedit_raw($paths->cpage['urlname_nons'], $paths->namespace);
+ − 187
echo $c[1];
+ − 188
$template->footer();
+ − 189
break;
+ − 190
case 'moreoptions':
+ − 191
$template->header();
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 192
echo '<div class="menu_nojs" style="width: 150px; padding: 0;"><ul style="display: block;"><li><div class="label">More options for this page</div><div style="clear: both;"></div></li>'.$template->tpl_strings['TOOLBAR_EXTRAS'].'</ul></div>';
0
+ − 193
$template->footer();
+ − 194
break;
+ − 195
case 'protect':
+ − 196
if (!isset($_REQUEST['level'])) die_friendly('Invalid request', '<p>No protection level specified</p>');
+ − 197
if(!empty($_POST['reason']))
+ − 198
{
+ − 199
if(!preg_match('#^([0-2]*){1}$#', $_POST['level'])) die_friendly('Error protecting page', '<p>Request validation failed</p>');
+ − 200
PageUtils::protect($paths->cpage['urlname_nons'], $paths->namespace, intval($_POST['level']), $_POST['reason']);
+ − 201
die_friendly('Page protected', '<p>The protection setting has been applied. <a href="'.makeUrl($paths->page).'">Return to the page</a>.</p>');
+ − 202
}
+ − 203
$template->header();
+ − 204
?>
+ − 205
<form action="<?php echo makeUrl($paths->page, 'do=protect'); ?>" method="post">
+ − 206
<input type="hidden" name="level" value="<?php echo $_REQUEST['level']; ?>" />
+ − 207
<?php if(isset($_POST['reason'])) echo '<p style="color: red;">Error: you must enter a reason for protecting this page.</p>'; ?>
+ − 208
<p>Reason for protecting the page:</p>
+ − 209
<p><input type="text" name="reason" size="40" /><br />
+ − 210
Protecion level to be applied: <b><?php
+ − 211
switch($_REQUEST['level'])
+ − 212
{
+ − 213
case '0':
+ − 214
echo 'No protection';
+ − 215
break;
+ − 216
case '1':
+ − 217
echo 'Full protection';
+ − 218
break;
+ − 219
case '2':
+ − 220
echo 'Semi-protection';
+ − 221
break;
+ − 222
default:
+ − 223
echo 'None;</b> Warning: request validation will fail after clicking submit<b>';
+ − 224
}
+ − 225
?></b></p>
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 226
<p><input type="submit" value="Protect page" style="font-weight: bold;" /></p>
0
+ − 227
</form>
+ − 228
<?php
+ − 229
$template->footer();
+ − 230
break;
+ − 231
case 'rename':
+ − 232
if(!empty($_POST['newname']))
+ − 233
{
+ − 234
$r = PageUtils::rename($paths->cpage['urlname_nons'], $paths->namespace, $_POST['newname']);
+ − 235
die_friendly('Page renamed', '<p>'.nl2br($r).' <a href="'.makeUrl($paths->page).'">Return to the page</a>.</p>');
+ − 236
}
+ − 237
$template->header();
+ − 238
?>
+ − 239
<form action="<?php echo makeUrl($paths->page, 'do=rename'); ?>" method="post">
+ − 240
<?php if(isset($_POST['newname'])) echo '<p style="color: red;">Error: you must enter a new name for this page.</p>'; ?>
+ − 241
<p>Please enter a new name for this page:</p>
+ − 242
<p><input type="text" name="newname" size="40" /></p>
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 243
<p><input type="submit" value="Rename page" style="font-weight: bold;" /></p>
0
+ − 244
</form>
+ − 245
<?php
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 246
$template->footer();
0
+ − 247
break;
+ − 248
case 'flushlogs':
+ − 249
if(!$session->get_permissions('clear_logs')) die_friendly('Access denied', '<p>Flushing the logs for a page <u>requires</u> administrative rights.</p>');
+ − 250
if(isset($_POST['_downthejohn']))
+ − 251
{
+ − 252
$template->header();
+ − 253
$result = PageUtils::flushlogs($paths->cpage['urlname_nons'], $paths->namespace);
+ − 254
echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">Return to the page</a>.</p>';
+ − 255
$template->footer();
+ − 256
break;
+ − 257
}
+ − 258
$template->header();
+ − 259
?>
+ − 260
<form action="<?php echo makeUrl($paths->page, 'do=flushlogs'); ?>" method="post">
+ − 261
<h3>You are about to <span style="color: red;">destroy</span> all logged edits and actions on this page.</h3>
+ − 262
<p>Unlike deleting or editing this page, this action is <u>not reversible</u>! You should only do this if you are desperate for
+ − 263
database space.</p>
+ − 264
<p>Do you really want to continue?</p>
+ − 265
<p><input type="submit" name="_downthejohn" value="Flush logs" style="color: red; font-weight: bold;" /></p>
+ − 266
</form>
+ − 267
<?php
+ − 268
$template->footer();
+ − 269
break;
+ − 270
case 'delvote':
+ − 271
if(isset($_POST['_ballotbox']))
+ − 272
{
+ − 273
$template->header();
+ − 274
$result = PageUtils::delvote($paths->cpage['urlname_nons'], $paths->namespace);
+ − 275
echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">Return to the page</a>.</p>';
+ − 276
$template->footer();
+ − 277
break;
+ − 278
}
+ − 279
$template->header();
+ − 280
?>
+ − 281
<form action="<?php echo makeUrl($paths->page, 'do=delvote'); ?>" method="post">
+ − 282
<h3>Your vote counts.</h3>
+ − 283
<p>If you think that this page is not relavent to the content on this site, or if it looks like this page was only created in
+ − 284
an attempt to spam the site, you can request that this page be deleted by an administrator.</p>
+ − 285
<p>After you vote, you should leave a comment explaining the reason for your vote, especially if you are the first person to
+ − 286
vote against this page.</p>
+ − 287
<p>So far, <?php echo ( $paths->cpage['delvotes'] == 1 ) ? $paths->cpage['delvotes'] . ' person has' : $paths->cpage['delvotes'] . ' people have'; ?> voted to delete this page.</p>
+ − 288
<p><input type="submit" name="_ballotbox" value="Vote to delete this page" /></p>
+ − 289
</form>
+ − 290
<?php
+ − 291
$template->footer();
+ − 292
break;
+ − 293
case 'resetvotes':
+ − 294
if(!$session->get_permissions('vote_reset')) die_friendly('Access denied', '<p>Resetting the deletion votes against this page <u>requires</u> admin rights.</p>');
+ − 295
if(isset($_POST['_youmaylivealittlelonger']))
+ − 296
{
+ − 297
$template->header();
+ − 298
$result = PageUtils::resetdelvotes($paths->cpage['urlname_nons'], $paths->namespace);
+ − 299
echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">Return to the page</a>.</p>';
+ − 300
$template->footer();
+ − 301
break;
+ − 302
}
+ − 303
$template->header();
+ − 304
?>
+ − 305
<form action="<?php echo makeUrl($paths->page, 'do=resetvotes'); ?>" method="post">
+ − 306
<p>This action will reset the number of votes against this page to zero. Are you sure you want to do this?</p>
+ − 307
<p><input type="submit" name="_youmaylivealittlelonger" value="Reset votes" /></p>
+ − 308
</form>
+ − 309
<?php
+ − 310
$template->footer();
+ − 311
break;
+ − 312
case 'deletepage':
+ − 313
if(!$session->get_permissions('delete_page')) die_friendly('Access denied', '<p>Deleting pages <u>requires</u> admin rights.</p>');
+ − 314
if(isset($_POST['_adiossucker']))
+ − 315
{
28
+ − 316
$reason = ( isset($_POST['reason']) ) ? $_POST['reason'] : false;
+ − 317
if ( empty($reason) )
+ − 318
$error = 'Please enter a reason for deleting this page.';
+ − 319
else
+ − 320
{
+ − 321
$template->header();
+ − 322
$result = PageUtils::deletepage($paths->cpage['urlname_nons'], $paths->namespace, $reason);
+ − 323
echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">Return to the page</a>.</p>';
+ − 324
$template->footer();
+ − 325
break;
+ − 326
}
0
+ − 327
}
+ − 328
$template->header();
+ − 329
?>
+ − 330
<form action="<?php echo makeUrl($paths->page, 'do=deletepage'); ?>" method="post">
+ − 331
<h3>You are about to <span style="color: red;">destroy</span> this page.</h3>
+ − 332
<p>While the deletion of the page itself is completely reversible, it is impossible to recover any comments or category information on this page. If this is a file page, the file along with all older revisions of it will be permanently deleted. Also, any custom information that this page is tagged with, such as a custom name, protection status, or additional settings such as whether to allow comments, will be permanently lost.</p>
+ − 333
<p>Are you <u>absolutely sure</u> that you want to continue?<br />
+ − 334
You will not be asked again.</p>
28
+ − 335
<?php if ( isset($error) ) echo "<p>$error</p>"; ?>
+ − 336
<p>Reason for deleting: <input type="text" name="reason" size="50" /></p>
0
+ − 337
<p><input type="submit" name="_adiossucker" value="Delete this page" style="color: red; font-weight: bold;" /></p>
+ − 338
</form>
+ − 339
<?php
+ − 340
$template->footer();
+ − 341
break;
+ − 342
case 'setwikimode':
+ − 343
if(!$session->get_permissions('set_wiki_mode')) die_friendly('Access denied', '<p>Changing the wiki mode setting <u>requires</u> admin rights.</p>');
+ − 344
if(!isset($_GET['level']) || ( isset($_GET['level']) && !preg_match('#^([0-9])$#', $_GET['level']))) die_friendly('Invalid request', '<p>Level not specified</p>');
+ − 345
$template->header();
+ − 346
$template->footer();
+ − 347
break;
+ − 348
case 'diff':
+ − 349
$template->header();
+ − 350
$id1 = ( isset($_GET['diff1']) ) ? (int)$_GET['diff1'] : false;
+ − 351
$id2 = ( isset($_GET['diff2']) ) ? (int)$_GET['diff2'] : false;
+ − 352
if(!$id1 || !$id2) { echo '<p>Invalid request.</p>'; $template->footer(); break; }
+ − 353
if(!preg_match('#^([0-9]+)$#', (string)$_GET['diff1']) ||
+ − 354
!preg_match('#^([0-9]+)$#', (string)$_GET['diff2'] )) { echo '<p>SQL injection attempt</p>'; $template->footer(); break; }
+ − 355
echo PageUtils::pagediff($paths->cpage['urlname_nons'], $paths->namespace, $id1, $id2);
+ − 356
$template->footer();
+ − 357
break;
+ − 358
case 'aclmanager':
+ − 359
$data = ( isset($_POST['data']) ) ? $_POST['data'] : Array('mode' => 'listgroups');
+ − 360
PageUtils::aclmanager($data);
+ − 361
break;
+ − 362
}
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 363
0
+ − 364
//
+ − 365
// Optimize HTML by replacing newlines with spaces (excludes <pre>, <script>, and <style> blocks)
+ − 366
//
+ − 367
if ($aggressive_optimize_html)
+ − 368
{
+ − 369
// Load up the HTML
+ − 370
$html = ob_get_contents();
+ − 371
ob_end_clean();
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 372
0
+ − 373
// Which tags to strip - you can change this if needed
+ − 374
$strip_tags = Array('pre', 'script', 'style', 'enano:no-opt');
+ − 375
$strip_tags = implode('|', $strip_tags);
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 376
0
+ − 377
// Strip out the tags and replace with placeholders
+ − 378
preg_match_all("#<($strip_tags)(.*?)>(.*?)</($strip_tags)>#is", $html, $matches);
+ − 379
$seed = md5(microtime() . mt_rand()); // Random value used for placeholders
+ − 380
for ($i = 0;$i < sizeof($matches[1]); $i++)
+ − 381
{
+ − 382
$html = str_replace("<{$matches[1][$i]}{$matches[2][$i]}>{$matches[3][$i]}</{$matches[4][$i]}>", "{DONT_STRIP_ME_NAKED:$seed:$i}", $html);
+ − 383
}
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 384
0
+ − 385
// Finally, process the HTML
+ − 386
$html = preg_replace("#\n([ ]*)#", " ", $html);
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 387
0
+ − 388
// Remove annoying spaces between tags
+ − 389
$html = preg_replace("#>([ ]*?){2,}<#", "> <", $html);
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 390
0
+ − 391
// Re-insert untouchable tags
+ − 392
for ($i = 0;$i < sizeof($matches[1]); $i++)
+ − 393
{
+ − 394
$html = str_replace("{DONT_STRIP_ME_NAKED:$seed:$i}", "<{$matches[1][$i]}{$matches[2][$i]}>{$matches[3][$i]}</{$matches[4][$i]}>", $html);
+ − 395
}
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 396
0
+ − 397
// Remove <enano:no-opt> blocks (can be used by themes that don't want their HTML optimized)
+ − 398
$html = preg_replace('#<(\/|)enano:no-opt(.*?)>#', '', $html);
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 399
0
+ − 400
// Tell snoopish users what's going on
+ − 401
$html = str_replace('<html>', "\n<!-- NOTE: This HTML document has been Aggressively Optimized(TM) by Enano to make page loading faster. -->\n<html>", $html);
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 402
0
+ − 403
// Re-enable output buffering to allow the Gzip function (below) to work
+ − 404
ob_start();
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 405
0
+ − 406
// Done, send it to the user
+ − 407
echo( $html );
+ − 408
}
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 409
0
+ − 410
//
+ − 411
// Compress buffered output if required and send to browser
+ − 412
//
+ − 413
if ( $do_gzip )
+ − 414
{
+ − 415
//
+ − 416
// Copied from phpBB, which was in turn borrowed from php.net
+ − 417
//
+ − 418
$gzip_contents = ob_get_contents();
+ − 419
ob_end_clean();
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 420
0
+ − 421
$gzip_size = strlen($gzip_contents);
+ − 422
$gzip_crc = crc32($gzip_contents);
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 423
0
+ − 424
$gzip_contents = gzcompress($gzip_contents, 9);
+ − 425
$gzip_contents = substr($gzip_contents, 0, strlen($gzip_contents) - 4);
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 426
0
+ − 427
header('Content-encoding: gzip');
+ − 428
echo "\x1f\x8b\x08\x00\x00\x00\x00\x00";
+ − 429
echo $gzip_contents;
+ − 430
echo pack('V', $gzip_crc);
+ − 431
echo pack('V', $gzip_size);
+ − 432
}
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 433
0
+ − 434
$db->close();
+ − 435
+ − 436
?>