includes/pageprocess.php
author Dan Fuhry <dan@enanocms.org>
Tue, 12 Jul 2011 22:49:29 -0400
changeset 345 95d9e7eacc83
parent 322 44b68ee8d2f5
permissions -rw-r--r--
Release: 1.0.6pl4
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
     1
<?php
73
0a74676a2f2f Made the move to Loch Ness, and got some basic page grouping functionality working. TODO: fix some UI issues in Javascript ACL editor and change non-JS ACL editor to work with page groups too
Dan
parents: 62
diff changeset
     2
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
     3
/*
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
     4
 * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
318
eec2dfd2f0a3 Rebrand as v1.0.6 (Roane)
Dan
parents: 301
diff changeset
     5
 * Version 1.0.6 (Roane)
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
     6
 * pageprocess.php - intelligent retrieval of pages
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
     7
 * Copyright (C) 2006-2007 Dan Fuhry
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
     8
 *
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
     9
 * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    10
 * as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    11
 *
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    12
 * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    13
 * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    14
 */
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    15
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    16
/**
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    17
 * Class to handle fetching page text (possibly from a cache) and formatting it.
261
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
    18
 * As of 1.0.4, this also handles the fetching and editing of certain data for pages.
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    19
 * @package Enano
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    20
 * @subpackage UI
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    21
 * @copyright 2007 Dan Fuhry
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    22
 * @license GNU General Public License <http://www.gnu.org/licenses/gpl.html>
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    23
 */
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    24
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    25
class PageProcessor
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    26
{
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    27
  
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    28
  /**
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    29
   * Page ID and namespace of the page handled by this instance
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    30
   * @var string
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    31
   */
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    32
  
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    33
  var $page_id;
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    34
  var $namespace;
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    35
  
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    36
  /**
62
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
    37
   * The title of the page sent to the template parser
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
    38
   * @var string
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
    39
   */
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
    40
  
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
    41
  var $title = '';
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
    42
  
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
    43
  /**
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
    44
   * The information about the page(s) we were redirected from
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
    45
   * @var array
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
    46
   */
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
    47
  
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
    48
  var $redirect_stack = array();
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
    49
  
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
    50
  /**
21
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
    51
   * The revision ID (history entry) to send. If set to 0 (the default) then the most recent revision will be sent.
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
    52
   * @var int
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
    53
   */
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
    54
  
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
    55
  var $revision_id = 0;
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
    56
  
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
    57
  /**
15
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
    58
   * Unsanitized page ID.
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
    59
   * @var string
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
    60
   */
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
    61
  
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
    62
  var $page_id_unclean;
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
    63
  
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
    64
  /**
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    65
   * Tracks if the page we're loading exists in the database or not.
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    66
   * @var bool
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    67
   */
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    68
  
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    69
  var $page_exists = false;
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    70
  
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    71
  /**
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    72
   * Permissions!
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    73
   * @var object
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    74
   */
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    75
  
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    76
  var $perms = null;
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    77
  
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    78
  /**
32
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 31
diff changeset
    79
   * The SHA1 hash of the user-inputted password for the page
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 31
diff changeset
    80
   * @var string
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 31
diff changeset
    81
   */
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 31
diff changeset
    82
   
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 31
diff changeset
    83
  var $password = '';
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 31
diff changeset
    84
  
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 31
diff changeset
    85
  /**
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    86
   * Switch to track if redirects are allowed. Defaults to true.
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    87
   * @var bool
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    88
   */
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    89
  
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    90
  var $allow_redir = true;
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    91
  
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    92
  /**
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    93
   * If this is set to true, this will call the header and footer funcs on $template when render() is called.
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    94
   * @var bool
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    95
   */
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    96
  
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    97
  var $send_headers = false;
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    98
  
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
    99
  /**
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   100
   * Cache the fetched text so we don't fetch it from the DB twice.
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   101
   * @var string
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   102
   */
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   103
  
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   104
  var $text_cache = '';
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   105
  
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   106
  /**
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   107
   * Debugging information to track errors. You can set enable to false to disable sending debug information.
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   108
   * @var array
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   109
   */
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   110
  
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   111
  var $debug = array(
21
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   112
      'enable' => false,
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   113
      'works'  => false
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   114
    );
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   115
  
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   116
  /**
261
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   117
   * The list of errors raised in the class.
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   118
   * @var array
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   119
   */
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   120
  
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   121
  var $_errors = array();
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   122
  
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   123
  /**
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   124
   * Constructor.
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   125
   * @param string The page ID (urlname) of the page
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   126
   * @param string The namespace of the page
21
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   127
   * @param int Optional. The revision ID to send.
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   128
   */
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   129
  
21
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   130
  function __construct( $page_id, $namespace, $revision_id = 0 )
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   131
  {
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   132
    global $db, $session, $paths, $template, $plugins; // Common objects
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   133
    
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   134
    // See if we can get some debug info
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   135
    if ( function_exists('debug_backtrace') && $this->debug['enable'] )
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   136
    {
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   137
      $this->debug['works'] = true;
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   138
      $this->debug['backtrace'] = enano_debug_print_backtrace(true);
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   139
    }
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   140
    
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   141
    // First things first - check page existence and permissions
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   142
    
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   143
    if ( !isset($paths->nslist[$namespace]) )
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   144
    {
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   145
      $this->send_error('The namespace "' . htmlspecialchars($namespace) . '" does not exist.');
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   146
    }
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   147
    
21
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   148
    if ( !is_int($revision_id) )
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   149
      $revision_id = 0;
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   150
    
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   151
    $this->_setup( $page_id, $namespace, $revision_id );
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   152
    
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   153
  }
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   154
  
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   155
  /**
61
e9708657875a I fixed the statistics!!! YAY!!
Dan
parents: 47
diff changeset
   156
   * The main method to send the page content. Also responsible for checking permissions and calling the statistics counter.
e9708657875a I fixed the statistics!!! YAY!!
Dan
parents: 47
diff changeset
   157
   * @param bool If true, the stat counter is called. Defaults to false.
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   158
   */
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   159
  
61
e9708657875a I fixed the statistics!!! YAY!!
Dan
parents: 47
diff changeset
   160
  function send( $do_stats = false )
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   161
  {
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   162
    global $db, $session, $paths, $template, $plugins; // Common objects
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   163
    if ( !$this->perms->get_permissions('read') )
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   164
    {
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   165
      $this->err_access_denied();
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   166
      return false;
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   167
    }
322
44b68ee8d2f5 SECURITY: Enforce denied history_view on previous revisions
Dan
parents: 318
diff changeset
   168
    if ( $this->revision_id > 0 && !$this->perms->get_permissions('history_view') )
44b68ee8d2f5 SECURITY: Enforce denied history_view on previous revisions
Dan
parents: 318
diff changeset
   169
    {
44b68ee8d2f5 SECURITY: Enforce denied history_view on previous revisions
Dan
parents: 318
diff changeset
   170
      $this->err_access_denied();
44b68ee8d2f5 SECURITY: Enforce denied history_view on previous revisions
Dan
parents: 318
diff changeset
   171
      return false;
44b68ee8d2f5 SECURITY: Enforce denied history_view on previous revisions
Dan
parents: 318
diff changeset
   172
    }
24
9ecc94c4c7f5 Fixed tons of bugs relating to non-templated pages
Dan
parents: 22
diff changeset
   173
    $pathskey = $paths->nslist[ $this->namespace ] . $this->page_id;
9ecc94c4c7f5 Fixed tons of bugs relating to non-templated pages
Dan
parents: 22
diff changeset
   174
    $strict_no_headers = false;
9ecc94c4c7f5 Fixed tons of bugs relating to non-templated pages
Dan
parents: 22
diff changeset
   175
    if ( isset($paths->pages[$pathskey]) )
9ecc94c4c7f5 Fixed tons of bugs relating to non-templated pages
Dan
parents: 22
diff changeset
   176
    {
9ecc94c4c7f5 Fixed tons of bugs relating to non-templated pages
Dan
parents: 22
diff changeset
   177
      if ( $paths->pages[$pathskey]['special'] == 1 )
9ecc94c4c7f5 Fixed tons of bugs relating to non-templated pages
Dan
parents: 22
diff changeset
   178
      {
9ecc94c4c7f5 Fixed tons of bugs relating to non-templated pages
Dan
parents: 22
diff changeset
   179
        $this->send_headers = false;
9ecc94c4c7f5 Fixed tons of bugs relating to non-templated pages
Dan
parents: 22
diff changeset
   180
        $strict_no_headers = true;
9ecc94c4c7f5 Fixed tons of bugs relating to non-templated pages
Dan
parents: 22
diff changeset
   181
      }
229
b2f985e4cef3 Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents: 228
diff changeset
   182
      if ( isset($paths->pages[$pathskey]['password']) )
32
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 31
diff changeset
   183
      {
229
b2f985e4cef3 Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents: 228
diff changeset
   184
        if ( $paths->pages[$pathskey]['password'] != '' && $paths->pages[$pathskey]['password'] != sha1('') )
32
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 31
diff changeset
   185
        {
229
b2f985e4cef3 Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents: 228
diff changeset
   186
          $password =& $paths->pages[$pathskey]['password'];
b2f985e4cef3 Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents: 228
diff changeset
   187
          if ( $this->password != $password )
b2f985e4cef3 Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents: 228
diff changeset
   188
          {
b2f985e4cef3 Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents: 228
diff changeset
   189
            $this->err_wrong_password();
b2f985e4cef3 Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents: 228
diff changeset
   190
            return false;
b2f985e4cef3 Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents: 228
diff changeset
   191
          }
32
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 31
diff changeset
   192
        }
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 31
diff changeset
   193
      }
24
9ecc94c4c7f5 Fixed tons of bugs relating to non-templated pages
Dan
parents: 22
diff changeset
   194
    }
61
e9708657875a I fixed the statistics!!! YAY!!
Dan
parents: 47
diff changeset
   195
    if ( $this->page_exists && $this->namespace != 'Special' && $this->namespace != 'Admin' && $do_stats )
e9708657875a I fixed the statistics!!! YAY!!
Dan
parents: 47
diff changeset
   196
    {
e9708657875a I fixed the statistics!!! YAY!!
Dan
parents: 47
diff changeset
   197
      doStats($this->page_id, $this->namespace);
e9708657875a I fixed the statistics!!! YAY!!
Dan
parents: 47
diff changeset
   198
    }
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   199
    if ( $this->namespace == 'Special' || $this->namespace == 'Admin' )
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   200
    {
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   201
      if ( !$this->page_exists )
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   202
      {
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   203
        redirect( makeUrl(getConfig('main_page')), 'Can\'t find special page', 'The special or administration page you requested does not exist. You will now be transferred to the main page.', 2 );
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   204
      }
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   205
      $func_name = "page_{$this->namespace}_{$this->page_id}";
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   206
      if ( function_exists($func_name) )
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   207
      {
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   208
        return @call_user_func($func_name);
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   209
      }
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   210
      else
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   211
      {
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   212
        $title = 'Page backend not found';
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   213
        $message = "The administration page you are looking for was properly registered using the page API, but the backend function
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   214
                    (<tt>$fname</tt>) was not found. If this is a plugin page, then this is almost certainly a bug with the plugin.";
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   215
                    
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   216
        if ( $this->send_headers )
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   217
        {
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   218
          $template->tpl_strings['PAGE_NAME'] = $title;
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   219
          $template->header();
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   220
          echo "<p>$message</p>";
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   221
          $template->footer();
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   222
        }
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   223
        else
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   224
        {
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   225
          echo "<h2>$title</h2>
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   226
                <p>$message</p>";
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   227
        }
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   228
        return false;
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   229
      }
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   230
    }
91
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
   231
    else if ( $this->namespace == 'User' && strpos($this->page_id, '/') === false )
15
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
   232
    {
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
   233
      $this->_handle_userpage();
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
   234
    }
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   235
    else if ( ( $this->namespace == 'Template' || $this->namespace == 'System' ) && $this->page_exists )
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   236
    {
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   237
      $this->header();
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   238
      
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   239
      $text = $this->fetch_text();
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   240
      $text = preg_replace('/<noinclude>(.*?)<\/noinclude>/is', '\\1', $text);
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   241
      $text = preg_replace('/<nodisplay>(.*?)<\/nodisplay>/is', '', $text);
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   242
      
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   243
      $text = RenderMan::render( $text );
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   244
      
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   245
      echo $text;
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   246
      
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   247
      $this->footer();
253
6c7060d36a23 Improved physical pages: they support comments and have their own dedicated namespace now. Still some consistency fixes to make.
Dan
parents: 229
diff changeset
   248
    }
6c7060d36a23 Improved physical pages: they support comments and have their own dedicated namespace now. Still some consistency fixes to make.
Dan
parents: 229
diff changeset
   249
    else if ( $this->namespace == 'Anonymous' )
6c7060d36a23 Improved physical pages: they support comments and have their own dedicated namespace now. Still some consistency fixes to make.
Dan
parents: 229
diff changeset
   250
    {
6c7060d36a23 Improved physical pages: they support comments and have their own dedicated namespace now. Still some consistency fixes to make.
Dan
parents: 229
diff changeset
   251
      $uri = scriptPath . '/' . $this->page_id;
6c7060d36a23 Improved physical pages: they support comments and have their own dedicated namespace now. Still some consistency fixes to make.
Dan
parents: 229
diff changeset
   252
      if ( !$this->send_headers )
6c7060d36a23 Improved physical pages: they support comments and have their own dedicated namespace now. Still some consistency fixes to make.
Dan
parents: 229
diff changeset
   253
      {
6c7060d36a23 Improved physical pages: they support comments and have their own dedicated namespace now. Still some consistency fixes to make.
Dan
parents: 229
diff changeset
   254
        $sep = ( strstr($uri, '?') ) ? '&' : '?';
6c7060d36a23 Improved physical pages: they support comments and have their own dedicated namespace now. Still some consistency fixes to make.
Dan
parents: 229
diff changeset
   255
        $uri .= "{$sep}noheaders";
6c7060d36a23 Improved physical pages: they support comments and have their own dedicated namespace now. Still some consistency fixes to make.
Dan
parents: 229
diff changeset
   256
      }
6c7060d36a23 Improved physical pages: they support comments and have their own dedicated namespace now. Still some consistency fixes to make.
Dan
parents: 229
diff changeset
   257
      redirect( $uri, '', '', 0 );
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   258
    }
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   259
    else if ( !$this->page_exists )
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   260
    {
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   261
      // Perhaps this is hooked?
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   262
      ob_start();
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   263
      
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   264
      $code = $plugins->setHook('page_not_found');
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   265
      foreach ( $code as $cmd )
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   266
      {
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   267
        eval($cmd);
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   268
      }
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   269
      
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   270
      $ob = ob_get_contents();
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   271
      
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   272
      if ( empty($ob) )
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   273
      {
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   274
        $this->err_page_not_existent();
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   275
      }
61
e9708657875a I fixed the statistics!!! YAY!!
Dan
parents: 47
diff changeset
   276
      else
e9708657875a I fixed the statistics!!! YAY!!
Dan
parents: 47
diff changeset
   277
      {
e9708657875a I fixed the statistics!!! YAY!!
Dan
parents: 47
diff changeset
   278
        // Something sent content, so we'll assume the page exist...ed at least according to the plugin
e9708657875a I fixed the statistics!!! YAY!!
Dan
parents: 47
diff changeset
   279
        if ( $this->namespace != 'Special' && $this->namespace != 'Admin' && $do_stats )
e9708657875a I fixed the statistics!!! YAY!!
Dan
parents: 47
diff changeset
   280
        {
e9708657875a I fixed the statistics!!! YAY!!
Dan
parents: 47
diff changeset
   281
          doStats($this->page_id, $this->namespace);
e9708657875a I fixed the statistics!!! YAY!!
Dan
parents: 47
diff changeset
   282
        }
e9708657875a I fixed the statistics!!! YAY!!
Dan
parents: 47
diff changeset
   283
      }
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   284
    }
15
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
   285
    else // (disabled for compatibility reasons) if ( in_array($this->namespace, array('Article', 'User', 'Project', 'Help', 'File', 'Category')) && $this->page_exists )
9
1e61232606d6 Following fixes: admin theme supports <button> tag now, PageProcessor can eval now, and SpecialAdmin.php plugin can no longer be disabled
dan@fuhry
parents: 4
diff changeset
   286
    {
1e61232606d6 Following fixes: admin theme supports <button> tag now, PageProcessor can eval now, and SpecialAdmin.php plugin can no longer be disabled
dan@fuhry
parents: 4
diff changeset
   287
      // Send as regular page
21
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   288
      
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   289
      // die($this->page_id);
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   290
      
9
1e61232606d6 Following fixes: admin theme supports <button> tag now, PageProcessor can eval now, and SpecialAdmin.php plugin can no longer be disabled
dan@fuhry
parents: 4
diff changeset
   291
      $text = $this->fetch_text();
1e61232606d6 Following fixes: admin theme supports <button> tag now, PageProcessor can eval now, and SpecialAdmin.php plugin can no longer be disabled
dan@fuhry
parents: 4
diff changeset
   292
      if ( $text == 'err_no_text_rows' )
1e61232606d6 Following fixes: admin theme supports <button> tag now, PageProcessor can eval now, and SpecialAdmin.php plugin can no longer be disabled
dan@fuhry
parents: 4
diff changeset
   293
      {
1e61232606d6 Following fixes: admin theme supports <button> tag now, PageProcessor can eval now, and SpecialAdmin.php plugin can no longer be disabled
dan@fuhry
parents: 4
diff changeset
   294
        $this->err_no_rows();
1e61232606d6 Following fixes: admin theme supports <button> tag now, PageProcessor can eval now, and SpecialAdmin.php plugin can no longer be disabled
dan@fuhry
parents: 4
diff changeset
   295
        return false;
1e61232606d6 Following fixes: admin theme supports <button> tag now, PageProcessor can eval now, and SpecialAdmin.php plugin can no longer be disabled
dan@fuhry
parents: 4
diff changeset
   296
      }
1e61232606d6 Following fixes: admin theme supports <button> tag now, PageProcessor can eval now, and SpecialAdmin.php plugin can no longer be disabled
dan@fuhry
parents: 4
diff changeset
   297
      else
1e61232606d6 Following fixes: admin theme supports <button> tag now, PageProcessor can eval now, and SpecialAdmin.php plugin can no longer be disabled
dan@fuhry
parents: 4
diff changeset
   298
      {
62
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   299
        $redirect = ( isset($_GET['redirect']) ) ? $_GET['redirect'] : 'YES YOU IDIOT';
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   300
        if ( preg_match('/^#redirect \[\[([^\]]+)\]\]/i', $text, $match) && $redirect != 'no' )
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   301
        {
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   302
          // Redirect page!
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   303
          $page_to = sanitize_page_id($match[1]);
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   304
          $page_id_data = RenderMan::strToPageID($page_to);
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   305
          if ( count($this->redirect_stack) >= 3 )
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   306
          {
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   307
            $this->render( (!$strict_no_headers), '<div class="usermessage"><b>The maximum number of internal redirects has been exceeded.</b></div>' );
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   308
          }
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   309
          else
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   310
          {
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   311
            $result = $this->_handle_redirect($page_id_data[0], $page_id_data[1]);
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   312
            if ( $result !== true )
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   313
            {
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   314
              // There was some error during the redirect process - usually an infinite redirect
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   315
              $this->render( (!$strict_no_headers), '<div class="usermessage"><b>' . $result . '</b></div>' );
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   316
            }
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   317
          }
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   318
        }
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   319
        else
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   320
        {
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   321
          $this->render( (!$strict_no_headers) );
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   322
        }
9
1e61232606d6 Following fixes: admin theme supports <button> tag now, PageProcessor can eval now, and SpecialAdmin.php plugin can no longer be disabled
dan@fuhry
parents: 4
diff changeset
   323
      }
1e61232606d6 Following fixes: admin theme supports <button> tag now, PageProcessor can eval now, and SpecialAdmin.php plugin can no longer be disabled
dan@fuhry
parents: 4
diff changeset
   324
    }
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   325
  }
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   326
  
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   327
  /**
261
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   328
   * Fetches the wikitext or HTML source for the page.
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   329
   * @return string
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   330
   */
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   331
  
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   332
  function fetch_source()
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   333
  {
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   334
    if ( !$this->perms->get_permissions('view_source') )
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   335
    {
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   336
      return false;
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   337
    }
264
e17cc42d77cf Fixed: $paths->page_id not set when the page doesn't exist; finally fixed garbled page names for IP addresses
Dan
parents: 261
diff changeset
   338
    if ( !$this->page_exists )
e17cc42d77cf Fixed: $paths->page_id not set when the page doesn't exist; finally fixed garbled page names for IP addresses
Dan
parents: 261
diff changeset
   339
    {
e17cc42d77cf Fixed: $paths->page_id not set when the page doesn't exist; finally fixed garbled page names for IP addresses
Dan
parents: 261
diff changeset
   340
      return '';
e17cc42d77cf Fixed: $paths->page_id not set when the page doesn't exist; finally fixed garbled page names for IP addresses
Dan
parents: 261
diff changeset
   341
    }
261
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   342
    return $this->fetch_text();
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   343
  }
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   344
  
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   345
  /**
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   346
   * Updates the content of the page.
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   347
   * @param string The new text for the page
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   348
   * @param string A summary of edits made to the page.
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   349
   * @return bool True on success, false on failure
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   350
   */
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   351
  
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   352
  function update_page($text, $edit_summary = false)
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   353
  {
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   354
    global $db, $session, $paths, $template, $plugins; // Common objects
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   355
    
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   356
    // Create the page if it doesn't exist
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   357
    if ( !$this->page_exists )
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   358
    {
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   359
      if ( !$this->create_page() )
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   360
      {
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   361
        return false;
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   362
      }
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   363
    }
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   364
      
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   365
    //
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   366
    // Validation
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   367
    //
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   368
    
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   369
    $page_id = $db->escape($this->page_id);
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   370
    $namespace = $db->escape($this->namespace);
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   371
    
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   372
    $q = $db->sql_query('SELECT protected FROM ' . table_prefix . "pages WHERE urlname='$page_id' AND namespace='$namespace';");
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   373
    if ( !$q )
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   374
      $db->_die('PageProcess updating page content');
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   375
    if ( $db->numrows() < 1 )
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   376
    {
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   377
      $this->raise_error('Page doesn\'t exist in the database');
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   378
      return false;
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   379
    }
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   380
    
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   381
    // Do we have permission to edit the page?
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   382
    if ( !$this->perms->get_permissions('edit_page') )
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   383
    {
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   384
      $this->raise_error('You do not have permission to edit this page.');
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   385
      return false;
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   386
    }
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   387
    
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   388
    list($protection) = $db->fetchrow_num();
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   389
    $db->free_result();
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   390
    
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   391
    if ( $protection == 1 )
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   392
    {
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   393
      // The page is protected - do we have permission to edit protected pages?
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   394
      if ( !$this->perms->get_permissions('even_when_protected') )
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   395
      {
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   396
        $this->raise_error('This page is protected, and you do not have permission to edit protected pages.');
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   397
        return false;
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   398
      }
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   399
    }
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   400
    else if ( $protection == 2 )
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   401
    {
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   402
      // The page is semi-protected.
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   403
      if (
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   404
           ( !$session->user_logged_in || // Is the user logged in?
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   405
             ( $session->user_logged_in && $session->reg_time + ( 4 * 86400 ) >= time() ) ) // If so, have they been registered for 4 days?
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   406
           && !$this->perms->get_permissions('even_when_protected') ) // And of course, is there an ACL that overrides semi-protection?
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   407
      {
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   408
        $this->raise_error('This page is protected, and you do not have permission to edit protected pages.');
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   409
        return false;
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   410
      }
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   411
    }
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   412
    
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   413
    // Protection validated
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   414
    
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   415
  }
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   416
  
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   417
  /**
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   418
   * Creates the page if it doesn't already exist.
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   419
   * @return bool True on success, false on failure.
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   420
   */
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   421
  
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   422
  function create_page()
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   423
  {
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   424
    global $db, $session, $paths, $template, $plugins; // Common objects
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   425
    
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   426
    // Do we have permission to create the page?
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   427
    if ( !$this->perms->get_permissions('create_page') )
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   428
    {
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   429
      $this->raise_error('You do not have permission to create this page.');
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   430
      return false;
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   431
    }
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   432
    
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   433
    // Does it already exist?
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   434
    if ( $this->page_exists )
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   435
    {
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   436
      $this->raise_error('The page already exists.');
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   437
      return false;
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   438
    }
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   439
    
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   440
    // It's not in there. Perform validation.
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   441
    
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   442
    // We can't create special, admin, or external pages.
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   443
    if ( $this->namespace == 'Special' || $this->namespace == 'Admin' || $this->namespace == 'Anonymous' )
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   444
    {
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   445
      $this->raise_error('You cannot create Special or Admin pages - they can\'t be stored in the database.');
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   446
      return false;
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   447
    }
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   448
    
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   449
    // Guess the proper title
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   450
    $name = dirtify_page_id($this->page_id);
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   451
    
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   452
    // Check for the restricted Project: prefix
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   453
    if ( substr($this->page_id, 0, 8) == 'Project:' )
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   454
    {
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   455
      $this->raise_error('The prefix "Project:" is reserved for internal links and can\'t be used on a page name.');
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   456
      return false;
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   457
    }
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   458
    
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   459
    // Validation successful - insert the page
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   460
    
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   461
    $metadata = array(
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   462
        'urlname' => $this->page_id,
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   463
        'namespace' => $this->namespace,
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   464
        'name' => $name,
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   465
        'special' => 0,
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   466
        'visible' => 1,
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   467
        'comments_on' => 1,
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   468
        'protected' => ( $this->namespace == 'System' ? 1 : 0 ),
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   469
        'delvotes' => 0,
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   470
        'delvote_ips' => serialize(array()),
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   471
        'wiki_mode' => 2
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   472
      );
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   473
    
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   474
    $paths->add_page($metadata);
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   475
    
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   476
    $page_id = $db->escape($this->page_id);
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   477
    $namespace = $db->escape($this->namespace);
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   478
    $name = $db->escape($name);
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   479
    $protect = ( $this->namespace == 'System' ) ? '1' : '0';
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   480
    $blank_array = $db->escape(serialize(array()));
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   481
    
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   482
    // Query 1: Metadata entry
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   483
    $q = $db->sql_query('INSERT INTO ' . table_prefix . "pages(name, urlname, namespace, protected, delvotes, delvote_ips, wiki_mode)\n"
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   484
                        . "VALUES ( '$name', '$page_id', '$namespace', $protect, 0, '$blank_array', 2 );");
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   485
    if ( !$q )
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   486
      $db->_die('PageProcessor page creation - metadata stage');
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   487
    
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   488
    // Query 2: Text insertion
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   489
    $q = $db->sql_query('INSERT INTO ' . table_prefix . "page_text(page_id, namespace, page_text)\n"
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   490
                        . "VALUES ( '$page_id', '$namespace', '' );");
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   491
    if ( !$q )
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   492
      $db->_die('PageProcessor page creation - text stage');
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   493
    
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   494
    // Page created. We're good!
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   495
    return true;
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   496
  }
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   497
  
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   498
  /**
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   499
   * Sets internal variables.
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   500
   * @access private
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   501
   */
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   502
  
21
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   503
  function _setup($page_id, $namespace, $revision_id)
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   504
  {
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   505
    global $db, $session, $paths, $template, $plugins; // Common objects
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   506
    
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   507
    $page_id_cleaned = sanitize_page_id($page_id);
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   508
    
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   509
    $this->page_id = $page_id_cleaned;
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   510
    $this->namespace = $namespace;
21
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   511
    $this->revision_id = $revision_id;
15
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
   512
    $this->page_id_unclean = dirtify_page_id($page_id);
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   513
    
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   514
    $this->perms = $session->fetch_page_acl( $page_id, $namespace );
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   515
    
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   516
    // Exception for Admin: pages
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   517
    if ( $this->namespace == 'Admin' )
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   518
    {
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   519
      $fname = "page_Admin_{$this->page_id}";
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   520
    }
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   521
    
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   522
    // Does the page "exist"?
261
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   523
    if ( $paths->page_id == $page_id && $paths->namespace == $namespace && !$paths->page_exists && ( $this->namespace != 'Admin' || ($this->namespace == 'Admin' && !function_exists($fname) ) ) )
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   524
    {
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   525
      $this->page_exists = false;
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   526
    }
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   527
    else if ( !isset( $paths->pages[ $paths->nslist[$namespace] . $page_id ] ) && ( $this->namespace == 'Admin' && !function_exists($fname) ) )
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   528
    {
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   529
      $this->page_exists = false;
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   530
    }
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   531
    else
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   532
    {
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   533
      $this->page_exists = true;
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   534
    }
21
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   535
    
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   536
    // Compatibility with older databases
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   537
    if ( strstr($this->page_id, '.2e') && !$this->page_exists )
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   538
    {
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   539
      $page_id = str_replace('.2e', '.', $page_id);
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   540
      
261
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   541
      if ( $paths->page_id == $page_id && $paths->namespace == $namespace && !$paths->page_exists && ( $this->namespace != 'Admin' || ($this->namespace == 'Admin' && !function_exists($fname) ) ) )
21
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   542
      {
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   543
        $this->page_exists = false;
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   544
      }
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   545
      else if ( !isset( $paths->pages[ $paths->nslist[$namespace] . $page_id ] ) && ( $this->namespace == 'Admin' && !function_exists($fname) ) )
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   546
      {
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   547
        $this->page_exists = false;
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   548
      }
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   549
      else
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   550
      {
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   551
        $this->page_exists = true;
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   552
      }
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   553
      
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   554
    }
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   555
    
62
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   556
    $this->title = get_page_title_ns($this->page_id, $this->namespace);
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   557
    
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   558
  }
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   559
  
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   560
  /**
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   561
   * Renders it all in one go, and echoes it out. This assumes that the text is in the DB.
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   562
   * @access private
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   563
   */
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   564
  
62
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   565
  function render($incl_inner_headers = true, $_errormsg = false)
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   566
  {
62
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   567
    global $db, $session, $paths, $template, $plugins; // Common objects
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   568
    
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   569
    $text = $this->fetch_text();
91
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
   570
    $text = preg_replace('/([\s]*)__NOBREADCRUMBS__([\s]*)/', '', $text);
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
   571
    $text = preg_replace('/([\s]*)__NOTOC__([\s]*)/', '', $text);
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   572
    
62
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   573
    $redir_enabled = false;
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   574
    if ( preg_match('/^#redirect \[\[([^\]]+?)\]\]/i', $text, $match ) )
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   575
    {
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   576
      $redir_enabled = true;
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   577
      
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   578
      $oldtarget = RenderMan::strToPageID($match[1]);
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   579
      $oldtarget[0] = sanitize_page_id($oldtarget[0]);
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   580
      
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   581
      $url = makeUrlNS($oldtarget[1], $oldtarget[0], false, true);
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   582
      $page_id_key = $paths->nslist[ $oldtarget[1] ] . $oldtarget[0];
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   583
      $page_data = $paths->pages[$page_id_key];
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   584
      $title = ( isset($page_data['name']) ) ? $page_data['name'] : $paths->nslist[$oldtarget[1]] . htmlspecialchars( str_replace('_', ' ', dirtify_page_id( $oldtarget[0] ) ) );
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   585
      if ( !isset($page_data['name']) )
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   586
      {
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   587
        $cls = 'class="wikilink-nonexistent"';
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   588
      }
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   589
      else
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   590
      {
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   591
        $cls = '';
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   592
      }
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   593
      $a = '<a ' . $cls . ' href="' . $url . '">' . $title . '</a>';
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   594
      $redir_html = '<br /><div class="mdg-infobox">
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   595
              <table border="0" width="100%" cellspacing="0" cellpadding="0">
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   596
                <tr>
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   597
                  <td valign="top">
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   598
                    <img alt="Cute wet-floor icon" src="'.scriptPath.'/images/redirector.png" />
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   599
                  </td>
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   600
                  <td valign="top" style="padding-left: 10px;">
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   601
                    <b>This page is a <i>redirector</i>.</b><br />
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   602
                    This means that this page will not show its own content by default. Instead it will display the contents of the page it redirects to.<br /><br />
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   603
                    To create a redirect page, make the <i>first characters</i> in the page content <tt>#redirect [[Page_ID]]</tt>. For more information, see the
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   604
                    Enano <a href="http://enanocms.org/Help:Wiki_formatting" onclick="window.open(this.href); return false;">Wiki formatting guide</a>.<br /><br />
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   605
                    This page redirects to ' . $a . '.
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   606
                  </td>
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   607
                </tr>
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   608
              </table>
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   609
            </div>
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   610
            <br />
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   611
            <hr style="margin-left: 1em; width: 200px;" />';
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   612
      $text = str_replace($match[0], '', $text);
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   613
      $text = trim($text);
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   614
    }
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   615
    
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   616
    $template->tpl_strings['PAGE_NAME'] = htmlspecialchars( $this->title );
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   617
    
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   618
    $this->header();
91
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
   619
    $this->do_breadcrumbs();
62
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   620
    
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   621
    if ( $_errormsg )
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   622
    {
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   623
      echo $_errormsg;
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   624
    }
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   625
    
24
9ecc94c4c7f5 Fixed tons of bugs relating to non-templated pages
Dan
parents: 22
diff changeset
   626
    if ( $incl_inner_headers )
9ecc94c4c7f5 Fixed tons of bugs relating to non-templated pages
Dan
parents: 22
diff changeset
   627
    {
62
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   628
      if ( count($this->redirect_stack) > 0 )
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   629
      {
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   630
        $stack = array_reverse($this->redirect_stack);
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   631
        foreach ( $stack as $oldtarget )
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   632
        {
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   633
          $url = makeUrlNS($oldtarget[1], $oldtarget[0], 'redirect=no', true);
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   634
          $page_id_key = $paths->nslist[ $oldtarget[1] ] . $oldtarget[0];
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   635
          $page_data = $paths->pages[$page_id_key];
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   636
          $title = ( isset($page_data['name']) ) ? $page_data['name'] : $paths->nslist[$oldtarget[1]] . htmlspecialchars( str_replace('_', ' ', dirtify_page_id( $oldtarget[0] ) ) );
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   637
          $a = '<a href="' . $url . '">' . $title . '</a>';
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   638
          echo '<small>(Redirected from ' . $a . ')<br /></small>';
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   639
        }
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   640
      }
21
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   641
      display_page_headers();
24
9ecc94c4c7f5 Fixed tons of bugs relating to non-templated pages
Dan
parents: 22
diff changeset
   642
    }
21
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   643
    
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   644
    if ( $this->revision_id )
9
1e61232606d6 Following fixes: admin theme supports <button> tag now, PageProcessor can eval now, and SpecialAdmin.php plugin can no longer be disabled
dan@fuhry
parents: 4
diff changeset
   645
    {
259
112debff64bd SURPRISE! Preliminary PostgreSQL support added. The required schema file is not present in this commit and will be included at a later date. No installer support is implemented. Also in this commit: several fixes including <!-- SYSMSG ... --> was broken in template compiler; set fixed width on included images to prevent the thumbnail box from getting huge; added a much more friendly interface to AJAX responses that are invalid JSON
Dan
parents: 254
diff changeset
   646
      echo '<div class="info-box" style="margin-left: 0; margin-top: 5px;"><b>Notice:</b><br />The page you are viewing was archived on '.date('F d, Y \a\t h:i a', $this->revision_id).'.<br /><a href="'.makeUrlNS($this->namespace, $this->page_id).'" onclick="ajaxReset(); return false;">View current version</a>  |  <a href="'.makeUrlNS($this->namespace, $this->page_id, 'do=rollback&amp;id='.$this->revision_id).'" onclick="ajaxRollback(\''.$this->revision_id.'\')">Restore this version</a></div><br />';
9
1e61232606d6 Following fixes: admin theme supports <button> tag now, PageProcessor can eval now, and SpecialAdmin.php plugin can no longer be disabled
dan@fuhry
parents: 4
diff changeset
   647
    }
1e61232606d6 Following fixes: admin theme supports <button> tag now, PageProcessor can eval now, and SpecialAdmin.php plugin can no longer be disabled
dan@fuhry
parents: 4
diff changeset
   648
    
62
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   649
    if ( $redir_enabled )
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   650
    {
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   651
      echo $redir_html;
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   652
    }
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
   653
    
268
4d9a4da1975b Adding a few stray files and removing the no-longer-needed Creative Commons Attribution 2.0 license (no more libraries under that license are included with Enano); adding hooks pageprocess_render_{head,tail} to be run before and after the final page render, respectively.
Dan
parents: 264
diff changeset
   654
    $code = $plugins->setHook('pageprocess_render_head');
4d9a4da1975b Adding a few stray files and removing the no-longer-needed Creative Commons Attribution 2.0 license (no more libraries under that license are included with Enano); adding hooks pageprocess_render_{head,tail} to be run before and after the final page render, respectively.
Dan
parents: 264
diff changeset
   655
    foreach ( $code as $cmd )
4d9a4da1975b Adding a few stray files and removing the no-longer-needed Creative Commons Attribution 2.0 license (no more libraries under that license are included with Enano); adding hooks pageprocess_render_{head,tail} to be run before and after the final page render, respectively.
Dan
parents: 264
diff changeset
   656
    {
4d9a4da1975b Adding a few stray files and removing the no-longer-needed Creative Commons Attribution 2.0 license (no more libraries under that license are included with Enano); adding hooks pageprocess_render_{head,tail} to be run before and after the final page render, respectively.
Dan
parents: 264
diff changeset
   657
      eval($cmd);
4d9a4da1975b Adding a few stray files and removing the no-longer-needed Creative Commons Attribution 2.0 license (no more libraries under that license are included with Enano); adding hooks pageprocess_render_{head,tail} to be run before and after the final page render, respectively.
Dan
parents: 264
diff changeset
   658
    }
4d9a4da1975b Adding a few stray files and removing the no-longer-needed Creative Commons Attribution 2.0 license (no more libraries under that license are included with Enano); adding hooks pageprocess_render_{head,tail} to be run before and after the final page render, respectively.
Dan
parents: 264
diff changeset
   659
    
25
08d027882993 Fixed invalid HTML caused by wikitext processor on non-templated pages
Dan
parents: 24
diff changeset
   660
    if ( $incl_inner_headers )
08d027882993 Fixed invalid HTML caused by wikitext processor on non-templated pages
Dan
parents: 24
diff changeset
   661
    {
08d027882993 Fixed invalid HTML caused by wikitext processor on non-templated pages
Dan
parents: 24
diff changeset
   662
      $text = '?>' . RenderMan::render($text);
08d027882993 Fixed invalid HTML caused by wikitext processor on non-templated pages
Dan
parents: 24
diff changeset
   663
    }
08d027882993 Fixed invalid HTML caused by wikitext processor on non-templated pages
Dan
parents: 24
diff changeset
   664
    else
08d027882993 Fixed invalid HTML caused by wikitext processor on non-templated pages
Dan
parents: 24
diff changeset
   665
    {
08d027882993 Fixed invalid HTML caused by wikitext processor on non-templated pages
Dan
parents: 24
diff changeset
   666
      $text = '?>' . $text;
26
acf6f55bf023 ...again
Dan
parents: 25
diff changeset
   667
      $text = preg_replace('/<nowiki>(.*?)<\/nowiki>/s', '\\1', $text);
25
08d027882993 Fixed invalid HTML caused by wikitext processor on non-templated pages
Dan
parents: 24
diff changeset
   668
    }
9
1e61232606d6 Following fixes: admin theme supports <button> tag now, PageProcessor can eval now, and SpecialAdmin.php plugin can no longer be disabled
dan@fuhry
parents: 4
diff changeset
   669
    // echo('<pre>'.htmlspecialchars($text).'</pre>');
1e61232606d6 Following fixes: admin theme supports <button> tag now, PageProcessor can eval now, and SpecialAdmin.php plugin can no longer be disabled
dan@fuhry
parents: 4
diff changeset
   670
    eval ( $text );
1e61232606d6 Following fixes: admin theme supports <button> tag now, PageProcessor can eval now, and SpecialAdmin.php plugin can no longer be disabled
dan@fuhry
parents: 4
diff changeset
   671
    
268
4d9a4da1975b Adding a few stray files and removing the no-longer-needed Creative Commons Attribution 2.0 license (no more libraries under that license are included with Enano); adding hooks pageprocess_render_{head,tail} to be run before and after the final page render, respectively.
Dan
parents: 264
diff changeset
   672
    $code = $plugins->setHook('pageprocess_render_tail');
4d9a4da1975b Adding a few stray files and removing the no-longer-needed Creative Commons Attribution 2.0 license (no more libraries under that license are included with Enano); adding hooks pageprocess_render_{head,tail} to be run before and after the final page render, respectively.
Dan
parents: 264
diff changeset
   673
    foreach ( $code as $cmd )
4d9a4da1975b Adding a few stray files and removing the no-longer-needed Creative Commons Attribution 2.0 license (no more libraries under that license are included with Enano); adding hooks pageprocess_render_{head,tail} to be run before and after the final page render, respectively.
Dan
parents: 264
diff changeset
   674
    {
4d9a4da1975b Adding a few stray files and removing the no-longer-needed Creative Commons Attribution 2.0 license (no more libraries under that license are included with Enano); adding hooks pageprocess_render_{head,tail} to be run before and after the final page render, respectively.
Dan
parents: 264
diff changeset
   675
      eval($cmd);
4d9a4da1975b Adding a few stray files and removing the no-longer-needed Creative Commons Attribution 2.0 license (no more libraries under that license are included with Enano); adding hooks pageprocess_render_{head,tail} to be run before and after the final page render, respectively.
Dan
parents: 264
diff changeset
   676
    }
4d9a4da1975b Adding a few stray files and removing the no-longer-needed Creative Commons Attribution 2.0 license (no more libraries under that license are included with Enano); adding hooks pageprocess_render_{head,tail} to be run before and after the final page render, respectively.
Dan
parents: 264
diff changeset
   677
    
24
9ecc94c4c7f5 Fixed tons of bugs relating to non-templated pages
Dan
parents: 22
diff changeset
   678
    if ( $incl_inner_headers )
9ecc94c4c7f5 Fixed tons of bugs relating to non-templated pages
Dan
parents: 22
diff changeset
   679
    {
9
1e61232606d6 Following fixes: admin theme supports <button> tag now, PageProcessor can eval now, and SpecialAdmin.php plugin can no longer be disabled
dan@fuhry
parents: 4
diff changeset
   680
      display_page_footers();
24
9ecc94c4c7f5 Fixed tons of bugs relating to non-templated pages
Dan
parents: 22
diff changeset
   681
    }
9
1e61232606d6 Following fixes: admin theme supports <button> tag now, PageProcessor can eval now, and SpecialAdmin.php plugin can no longer be disabled
dan@fuhry
parents: 4
diff changeset
   682
    
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   683
    $this->footer();
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   684
  }
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   685
  
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   686
  /**
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   687
   * Sends the page header, dependent on, of course, whether we're supposed to.
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   688
   */
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   689
  
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   690
  function header()
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   691
  {
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   692
    global $db, $session, $paths, $template, $plugins; // Common objects
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   693
    if ( $this->send_headers )
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   694
      $template->header();
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   695
  }
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   696
  
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   697
  /**
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   698
   * Sends the page footer, dependent on, of course, whether we're supposed to.
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   699
   */
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   700
  
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   701
  function footer()
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   702
  {
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   703
    global $db, $session, $paths, $template, $plugins; // Common objects
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   704
    if ( $this->send_headers )
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   705
      $template->footer();
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   706
  }
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   707
  
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   708
  /**
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   709
   * Fetches the raw, unfiltered page text.
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   710
   * @access public
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   711
   */
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   712
  
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   713
  function fetch_text()
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   714
  {
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   715
    global $db, $session, $paths, $template, $plugins; // Common objects
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   716
    
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   717
    if ( !empty($this->text_cache) )
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   718
    {
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   719
      return $this->text_cache;
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   720
    }
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   721
    
21
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   722
    if ( $this->revision_id > 0 && is_int($this->revision_id) )
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   723
    {
21
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   724
    
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   725
      $q = $db->sql_query('SELECT page_text, char_tag, date_string FROM '.table_prefix.'logs WHERE page_id=\'' . $this->page_id . '\' AND namespace=\'' . $this->namespace . '\' AND time_id=' . $this->revision_id . ';');
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   726
      if ( !$q )
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   727
      {
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   728
        $this->send_error('Error during SQL query.', true);
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   729
      }
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   730
      if ( $db->numrows() < 1 )
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   731
      {
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   732
        // Compatibility fix for old pages with dots in the page ID
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   733
        if ( strstr($this->page_id, '.2e') )
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   734
        {
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   735
          $db->free_result();
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   736
          $page_id = str_replace('.2e', '.', $this->page_id);
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   737
          $q = $db->sql_query('SELECT page_text, char_tag, date_string FROM '.table_prefix.'logs WHERE page_id=\'' . $page_id . '\' AND namespace=\'' . $this->namespace . '\' AND time_id=' . $this->revision_id . ';');
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   738
          if ( !$q )
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   739
          {
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   740
            $this->send_error('Error during SQL query.', true);
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   741
          }
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   742
          if ( $db->numrows() < 1 )
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   743
          {
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   744
            $this->page_exists = false;
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   745
            return 'err_no_text_rows';
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   746
          }
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   747
        }
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   748
        else
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   749
        {
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   750
          $this->page_exists = false;
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   751
          return 'err_no_text_rows';
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   752
        }
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   753
      }
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   754
      else
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   755
      {
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   756
        $row = $db->fetchrow();
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   757
      }
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   758
      
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   759
      $db->free_result();
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   760
      
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   761
    }
21
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   762
    else
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   763
    {
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   764
      
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   765
      $q = $db->sql_query('SELECT page_text, char_tag FROM '.table_prefix.'page_text WHERE page_id=\'' . $this->page_id . '\' AND namespace=\'' . $this->namespace . '\';');
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   766
      if ( !$q )
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   767
      {
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   768
        $this->send_error('Error during SQL query.', true);
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   769
      }
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   770
      if ( $db->numrows() < 1 )
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   771
      {
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   772
        // Compatibility fix for old pages with dots in the page ID
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   773
        if ( strstr($this->page_id, '.2e') )
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   774
        {
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   775
          $db->free_result();
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   776
          $page_id = str_replace('.2e', '.', $this->page_id);
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   777
          $q = $db->sql_query('SELECT page_text, char_tag FROM '.table_prefix.'page_text WHERE page_id=\'' . $page_id . '\' AND namespace=\'' . $this->namespace . '\';');
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   778
          if ( !$q )
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   779
          {
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   780
            $this->send_error('Error during SQL query.', true);
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   781
          }
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   782
          if ( $db->numrows() < 1 )
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   783
          {
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   784
            $this->page_exists = false;
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   785
            return 'err_no_text_rows';
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   786
          }
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   787
        }
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   788
        else
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   789
        {
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   790
          $this->page_exists = false;
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   791
          return 'err_no_text_rows';
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   792
        }
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   793
      }
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   794
      
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   795
      $row = $db->fetchrow();
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   796
      $db->free_result();
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   797
      
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   798
    }
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   799
    
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   800
    if ( !empty($row['char_tag']) )
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   801
    {
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   802
      // This page text entry uses the old text-escaping format
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   803
      $from = array(
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   804
          "{APOS:{$row['char_tag']}}",
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   805
          "{QUOT:{$row['char_tag']}}",
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   806
          "{SLASH:{$row['char_tag']}}"
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   807
        );
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   808
      $to = array("'", '"',  '\\');
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   809
      $row['page_text'] = str_replace($from, $to, $row['page_text']);
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   810
    }
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   811
    
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   812
    $this->text_cache = $row['page_text'];
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   813
    
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   814
    return $row['page_text'];
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   815
    
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   816
  }
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   817
  
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
   818
  /**
15
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
   819
   * Handles the extra overhead required for user pages.
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
   820
   * @access private
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
   821
   */
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
   822
   
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
   823
  function _handle_userpage()
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
   824
  {
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
   825
    global $db, $session, $paths, $template, $plugins; // Common objects
32
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 31
diff changeset
   826
    global $email;
15
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
   827
    
228
7846d45bd250 Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
parents: 165
diff changeset
   828
    $page_urlname = dirtify_page_id($this->page_id);
261
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
   829
    if ( $this->page_id == $paths->page_id && $this->namespace == $paths->namespace )
15
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
   830
    {
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
   831
      $page_name = ( isset($paths->cpage['name']) ) ? $paths->cpage['name'] : $this->page_id;
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
   832
    }
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
   833
    else
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
   834
    {
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
   835
      $page_name = ( isset($paths->pages[$this->page_id]) ) ? $paths->pages[$this->page_id]['name'] : $this->page_id;
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
   836
    }
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
   837
    
228
7846d45bd250 Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
parents: 165
diff changeset
   838
    $target_username = strtr($page_urlname, 
22
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   839
      Array(
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   840
        '_' => ' ',
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   841
        '<' => '&lt;',
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   842
        '>' => '&gt;'
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   843
        ));
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   844
    
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   845
    $target_username = preg_replace('/^' . preg_quote($paths->nslist['User']) . '/', '', $target_username);
91
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
   846
    $target_username = explode('/', $target_username);
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
   847
    $target_username = $target_username[0];
22
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   848
    
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   849
    if ( ( $page_name == str_replace('_', ' ', $this->page_id) || $page_name == $paths->nslist['User'] . str_replace('_', ' ', $this->page_id) ) || !$this->page_exists )
15
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
   850
    {
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
   851
      $page_name = "$target_username's user page";
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
   852
    }
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
   853
    else
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
   854
    {
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
   855
      // User has a custom title for their userpage
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
   856
      $page_name = $paths->pages[ $paths->nslist[$this->namespace] . $this->page_id ]['name'];
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
   857
    }
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
   858
    
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
   859
    $template->tpl_strings['PAGE_NAME'] = htmlspecialchars($page_name);
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
   860
    
22
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   861
    $q = $db->sql_query('SELECT u.username, u.user_id AS authoritative_uid, u.real_name, u.email, u.reg_time, x.*, COUNT(c.comment_id) AS n_comments
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   862
                           FROM '.table_prefix.'users u
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   863
                           LEFT JOIN '.table_prefix.'users_extra AS x
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   864
                             ON ( u.user_id = x.user_id OR x.user_id IS NULL ) 
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   865
                           LEFT JOIN '.table_prefix.'comments AS c
47
d6361ccbd2bd OK, that last commit only made things worse...it's fixed now.
Dan
parents: 46
diff changeset
   866
                             ON ( ( c.user_id=u.user_id AND c.name=u.username AND c.approved=1 ) OR ( c.comment_id IS NULL AND c.approved IS NULL ) )
22
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   867
                           WHERE u.username=\'' . $db->escape($target_username) . '\'
259
112debff64bd SURPRISE! Preliminary PostgreSQL support added. The required schema file is not present in this commit and will be included at a later date. No installer support is implemented. Also in this commit: several fixes including <!-- SYSMSG ... --> was broken in template compiler; set fixed width on included images to prevent the thumbnail box from getting huge; added a much more friendly interface to AJAX responses that are invalid JSON
Dan
parents: 254
diff changeset
   868
                           GROUP BY u.username, u.user_id, u.real_name, u.email, u.reg_time,x.user_id, x.user_aim, x.user_yahoo, x.user_msn, x.user_xmpp, x.user_homepage, x.user_location, x.user_job, x.user_hobbies, x.email_public;');
22
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   869
    if ( !$q )
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   870
      $db->_die();
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   871
    
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   872
    $user_exists = true;
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   873
    
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   874
    if ( $db->numrows() < 1 )
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   875
    {
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   876
      $user_exists = false;
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   877
    }
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   878
    else
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   879
    {
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   880
      $userdata = $db->fetchrow();
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   881
      if ( $userdata['authoritative_uid'] == 1 )
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   882
      {
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   883
        // Hide data for anonymous user
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   884
        $user_exists = false;
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   885
        unset($userdata);
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   886
      }
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   887
    }
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   888
    
15
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
   889
    $this->header();
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
   890
    
21
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   891
    // if ( $send_headers )
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   892
    // {
22
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   893
    //  display_page_headers();
21
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
   894
    // }
16
64e0d3d4cf14 Emergency version change to 1.0rc3 to fix XSS vulnerabilities
Dan
parents: 15
diff changeset
   895
   
15
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
   896
    // Start left sidebar: basic user info, latest comments
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
   897
    
22
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   898
    if ( $user_exists ):
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   899
    
15
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
   900
    echo '<table border="0" cellspacing="4" cellpadding="0" style="width: 100%;">';
22
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   901
    echo '<tr><td style="width: 150px;" valign="top">';
15
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
   902
    
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
   903
    echo '<div class="tblholder">
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
   904
            <table border="0" cellspacing="1" cellpadding="4">';
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
   905
    
22
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   906
    //
15
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
   907
    // Main part of sidebar
22
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   908
    //
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   909
    
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   910
    // Basic user info
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   911
    
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   912
    echo '<tr><th class="subhead">All about ' . htmlspecialchars($target_username) . '</th></tr>';
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   913
    echo '<tr><td class="row3">Joined: ' . date('F d, Y h:i a', $userdata['reg_time']) . '</td></tr>';
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   914
    echo '<tr><td class="row1">Total comments: ' . $userdata['n_comments'] . '</td></tr>';
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   915
    
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   916
    if ( !empty($userdata['real_name']) )
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   917
    {
31
dc8741857bde Finished Special:Preferences/Profile page! Only the wikitext parser cleanup left, yay!
Dan
parents: 28
diff changeset
   918
      echo '<tr><td class="row3">Real name: ' . $userdata['real_name'] . '</td></tr>';
22
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   919
    }
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   920
    
108
1c7f59df9474 Implemented some extra functionality for friends/foes in comments; fixed lack of table_prefix in stats.php line 63
Dan
parents: 103
diff changeset
   921
    // Administer user button
1c7f59df9474 Implemented some extra functionality for friends/foes in comments; fixed lack of table_prefix in stats.php line 63
Dan
parents: 103
diff changeset
   922
    
1c7f59df9474 Implemented some extra functionality for friends/foes in comments; fixed lack of table_prefix in stats.php line 63
Dan
parents: 103
diff changeset
   923
    if ( $session->user_level >= USER_LEVEL_ADMIN )
1c7f59df9474 Implemented some extra functionality for friends/foes in comments; fixed lack of table_prefix in stats.php line 63
Dan
parents: 103
diff changeset
   924
    {
1c7f59df9474 Implemented some extra functionality for friends/foes in comments; fixed lack of table_prefix in stats.php line 63
Dan
parents: 103
diff changeset
   925
      echo '<tr><td class="row1"><a href="' . makeUrlNS('Special', 'Administration', 'module=' . $paths->nslist['Admin'] . 'UserManager&src=get&user=' . urlencode($target_username), true) . '" onclick="ajaxAdminUser(\'' . addslashes($target_username) . '\'); return false;">Administer user</a></td></tr>';
1c7f59df9474 Implemented some extra functionality for friends/foes in comments; fixed lack of table_prefix in stats.php line 63
Dan
parents: 103
diff changeset
   926
    }
1c7f59df9474 Implemented some extra functionality for friends/foes in comments; fixed lack of table_prefix in stats.php line 63
Dan
parents: 103
diff changeset
   927
    
22
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   928
    // Comments
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   929
    
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   930
    echo '<tr><th class="subhead">' . htmlspecialchars($target_username) . '\'s latest comments</th></tr>';
47
d6361ccbd2bd OK, that last commit only made things worse...it's fixed now.
Dan
parents: 46
diff changeset
   931
    $q = $db->sql_query('SELECT page_id, namespace, subject, time FROM '.table_prefix.'comments WHERE name=\'' . $db->escape($target_username) . '\' AND user_id=' . $userdata['authoritative_uid'] . ' AND approved=1 ORDER BY time DESC LIMIT 5;');
22
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   932
    if ( !$q )
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   933
      $db->_die();
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   934
    
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   935
    $comments = Array();
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   936
    $no_comments = false;
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   937
    
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   938
    if ( $row = $db->fetchrow() )
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   939
    {
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   940
      do 
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   941
      {
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   942
        $row['time'] = date('F d, Y', $row['time']);
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   943
        $comments[] = $row;
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   944
      }
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   945
      while ( $row = $db->fetchrow() );
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   946
    }
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   947
    else
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   948
    {
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   949
      $no_comments = true;
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   950
    }
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   951
    
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   952
    echo '<tr><td class="row3">';
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   953
    echo '<div style="border: 1px solid #000000; padding: 0px; margin: 0; max-height: 200px; clip: rect(0px,auto,auto,0px); overflow: auto; background-color: transparent;" class="tblholder">';
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   954
    
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   955
    echo '<table border="0" cellspacing="1" cellpadding="4">';
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   956
    $class = 'row1';
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   957
    
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   958
    $tpl = '<tr>
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   959
              <td class="{CLASS}">
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   960
                <a href="{PAGE_LINK}" <!-- BEGINNOT page_exists -->class="wikilink-nonexistent"<!-- END page_exists -->>{PAGE}</a><br />
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   961
                <small>Posted {DATE}<br /></small>
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   962
                <b><a href="{COMMENT_LINK}">{SUBJECT}</a></b>
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   963
              </td>
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   964
            </tr>';
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   965
    $parser = $template->makeParserText($tpl);
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   966
    
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   967
    if ( count($comments) > 0 )
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   968
    {
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   969
      foreach ( $comments as $comment )
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   970
      {
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   971
        $c_page_id = $paths->nslist[ $comment['namespace'] ] . sanitize_page_id($comment['page_id']);
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   972
        if ( isset($paths->pages[ $c_page_id ]) )
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   973
        {
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   974
          $parser->assign_bool(array(
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   975
            'page_exists' => true
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   976
            ));
83
80facec76d9f Tag cloud is now implemented
Dan
parents: 73
diff changeset
   977
          $page_title = htmlspecialchars($paths->pages[ $c_page_id ]['name']);
22
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   978
        }
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   979
        else
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   980
        {
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   981
          $parser->assign_bool(array(
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   982
            'page_exists' => false
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   983
            ));
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   984
          $page_title = htmlspecialchars(dirtify_page_id($c_page_id));
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   985
        }
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   986
        $parser->assign_vars(array(
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   987
            'CLASS' => $class,
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   988
            'PAGE_LINK' => makeUrlNS($comment['namespace'], sanitize_page_id($comment['page_id'])),
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   989
            'PAGE' => $page_title,
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   990
            'SUBJECT' => $comment['subject'],
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   991
            'DATE' => $comment['time'],
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   992
            'COMMENT_LINK' => makeUrlNS($comment['namespace'], sanitize_page_id($comment['page_id']), 'do=comments', true)
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   993
          ));
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   994
        $class = ( $class == 'row3' ) ? 'row1' : 'row3';
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   995
        echo $parser->run();
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   996
      }
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   997
    }
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   998
    else
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
   999
    {
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1000
      echo '<tr><td class="' . $class . '">This user has not posted any comments.</td></tr>';
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1001
    }
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1002
    echo '</table>';
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1003
    
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1004
    echo '</div>';
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1005
    echo '</td></tr>';
254
f49e3c8b638c Fixed focus of AJAX login form fields in IE; removed stale/unused call to $template->makeParserText() in paginate_array(); added hook page_create_request to possibly help control creation of pages of certain namespaces from plugins; fixed critical bug in user CP that prevented plugins from adding custom CP modules
Dan
parents: 253
diff changeset
  1006
    
f49e3c8b638c Fixed focus of AJAX login form fields in IE; removed stale/unused call to $template->makeParserText() in paginate_array(); added hook page_create_request to possibly help control creation of pages of certain namespaces from plugins; fixed critical bug in user CP that prevented plugins from adding custom CP modules
Dan
parents: 253
diff changeset
  1007
    $code = $plugins->setHook('userpage_sidebar_left');
f49e3c8b638c Fixed focus of AJAX login form fields in IE; removed stale/unused call to $template->makeParserText() in paginate_array(); added hook page_create_request to possibly help control creation of pages of certain namespaces from plugins; fixed critical bug in user CP that prevented plugins from adding custom CP modules
Dan
parents: 253
diff changeset
  1008
    foreach ( $code as $cmd )
f49e3c8b638c Fixed focus of AJAX login form fields in IE; removed stale/unused call to $template->makeParserText() in paginate_array(); added hook page_create_request to possibly help control creation of pages of certain namespaces from plugins; fixed critical bug in user CP that prevented plugins from adding custom CP modules
Dan
parents: 253
diff changeset
  1009
    {
f49e3c8b638c Fixed focus of AJAX login form fields in IE; removed stale/unused call to $template->makeParserText() in paginate_array(); added hook page_create_request to possibly help control creation of pages of certain namespaces from plugins; fixed critical bug in user CP that prevented plugins from adding custom CP modules
Dan
parents: 253
diff changeset
  1010
      eval($cmd);
f49e3c8b638c Fixed focus of AJAX login form fields in IE; removed stale/unused call to $template->makeParserText() in paginate_array(); added hook page_create_request to possibly help control creation of pages of certain namespaces from plugins; fixed critical bug in user CP that prevented plugins from adding custom CP modules
Dan
parents: 253
diff changeset
  1011
    }
f49e3c8b638c Fixed focus of AJAX login form fields in IE; removed stale/unused call to $template->makeParserText() in paginate_array(); added hook page_create_request to possibly help control creation of pages of certain namespaces from plugins; fixed critical bug in user CP that prevented plugins from adding custom CP modules
Dan
parents: 253
diff changeset
  1012
    
15
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
  1013
    echo '  </table>
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
  1014
          </div>';
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
  1015
    
22
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1016
    echo '</td><td valign="top" style="padding: 0 10px;">';
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1017
    
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1018
    else:
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1019
    
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1020
    // Nothing for now
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1021
    
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1022
    endif;
15
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
  1023
    
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
  1024
    // User's own content
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
  1025
    
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
  1026
    $send_headers = $this->send_headers;
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
  1027
    $this->send_headers = false;
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
  1028
    
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
  1029
    if ( $this->page_exists )
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
  1030
    {
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
  1031
      $this->render();
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
  1032
    }
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
  1033
    else
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
  1034
    {
22
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1035
      $this->err_page_not_existent(true);
15
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
  1036
    }
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
  1037
    
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
  1038
    // Right sidebar
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
  1039
    
22
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1040
    if ( $user_exists ):
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1041
    
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1042
    echo '</td><td style="width: 150px;" valign="top">';
15
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
  1043
    
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
  1044
    echo '<div class="tblholder">
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
  1045
            <table border="0" cellspacing="1" cellpadding="4">';
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
  1046
    
22
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1047
    //
15
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
  1048
    // Main part of sidebar
22
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1049
    //
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1050
    
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1051
    // Contact information
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1052
    
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1053
    echo '<tr><th class="subhead">Get in touch</th></tr>';
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1054
    
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1055
    $class = 'row3';
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1056
    
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1057
    if ( $userdata['email_public'] == 1 )
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1058
    {
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1059
      $class = ( $class == 'row1' ) ? 'row3' : 'row1';
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1060
      $email_link = $email->encryptEmail($userdata['email']);
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1061
      echo '<tr><td class="'.$class.'">E-mail address: ' . $email_link . '</td></tr>';
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1062
    }
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1063
    
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1064
    $class = ( $class == 'row1' ) ? 'row3' : 'row1';
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1065
    if ( $session->user_logged_in )
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1066
    {
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1067
      echo '<tr><td class="'.$class.'">Send ' . htmlspecialchars($target_username) . ' a <a href="' . makeUrlNS('Special', 'PrivateMessages/Compose/to/' . $this->page_id, false, true) . '">Private Message</a>!</td></tr>';
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1068
    }
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1069
    else
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1070
    {
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1071
      echo '<tr><td class="'.$class.'">You could send ' . htmlspecialchars($target_username) . ' a private message if you were <a href="' . makeUrlNS('Special', 'Login/' . $paths->nslist[$this->namespace] . $this->page_id) . '">logged in</a>.</td></tr>';
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1072
    }
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1073
    
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1074
    if ( !empty($userdata['user_aim']) )
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1075
    {
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1076
      $class = ( $class == 'row1' ) ? 'row3' : 'row1';
37
7267c2a67a93 More image tag parser fixes
Dan
parents: 32
diff changeset
  1077
      echo '<tr><td class="'.$class.'">AIM: ' . $userdata['user_aim'] . '</td></tr>';
22
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1078
    }
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1079
    
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1080
    if ( !empty($userdata['user_yahoo']) )
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1081
    {
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1082
      $class = ( $class == 'row1' ) ? 'row3' : 'row1';
37
7267c2a67a93 More image tag parser fixes
Dan
parents: 32
diff changeset
  1083
      echo '<tr><td class="'.$class.'">Yahoo! IM: ' . $userdata['user_yahoo'] . '</td></tr>';
22
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1084
    }
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1085
    
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1086
    if ( !empty($userdata['user_msn']) )
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1087
    {
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1088
      $class = ( $class == 'row1' ) ? 'row3' : 'row1';
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1089
      $email_link = $email->encryptEmail($userdata['user_msn']);
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1090
      echo '<tr><td class="'.$class.'">WLM: ' . $email_link . '</td></tr>';
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1091
    }
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1092
    
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1093
    if ( !empty($userdata['user_xmpp']) )
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1094
    {
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1095
      $class = ( $class == 'row1' ) ? 'row3' : 'row1';
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1096
      $email_link = $email->encryptEmail($userdata['user_xmpp']);
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1097
      echo '<tr><td class="'.$class.'">XMPP/Jabber: ' . $email_link . '</td></tr>';
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1098
    }
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1099
    
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1100
    // Real life
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1101
    
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1102
    echo '<tr><th class="subhead">' . htmlspecialchars($target_username) . ' in real life</th></tr>';
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1103
    
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1104
    if ( !empty($userdata['user_location']) )
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1105
    {
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1106
      $class = ( $class == 'row1' ) ? 'row3' : 'row1';
37
7267c2a67a93 More image tag parser fixes
Dan
parents: 32
diff changeset
  1107
      echo '<tr><td class="'.$class.'">Location: ' . $userdata['user_location'] . '</td></tr>';
22
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1108
    }
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1109
    
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1110
    if ( !empty($userdata['user_job']) )
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1111
    {
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1112
      $class = ( $class == 'row1' ) ? 'row3' : 'row1';
37
7267c2a67a93 More image tag parser fixes
Dan
parents: 32
diff changeset
  1113
      echo '<tr><td class="'.$class.'">Job/occupation: ' . $userdata['user_job'] . '</td></tr>';
22
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1114
    }
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1115
    
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1116
    if ( !empty($userdata['user_hobbies']) )
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1117
    {
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1118
      $class = ( $class == 'row1' ) ? 'row3' : 'row1';
37
7267c2a67a93 More image tag parser fixes
Dan
parents: 32
diff changeset
  1119
      echo '<tr><td class="'.$class.'">Enjoys: ' . $userdata['user_hobbies'] . '</td></tr>';
22
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1120
    }
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1121
    
28
dd2edcdc6c03 Deleting pages now requires a reason
Dan
parents: 26
diff changeset
  1122
    if ( empty($userdata['user_location']) && empty($userdata['user_job']) && empty($userdata['user_hobbies']) )
dd2edcdc6c03 Deleting pages now requires a reason
Dan
parents: 26
diff changeset
  1123
    {
dd2edcdc6c03 Deleting pages now requires a reason
Dan
parents: 26
diff changeset
  1124
      $class = ( $class == 'row1' ) ? 'row3' : 'row1';
dd2edcdc6c03 Deleting pages now requires a reason
Dan
parents: 26
diff changeset
  1125
      echo '<tr><td class="'.$class.'">' . htmlspecialchars($target_username) . ' hasn\'t posted any real-life contact information.</td></tr>';
dd2edcdc6c03 Deleting pages now requires a reason
Dan
parents: 26
diff changeset
  1126
    }
dd2edcdc6c03 Deleting pages now requires a reason
Dan
parents: 26
diff changeset
  1127
    
254
f49e3c8b638c Fixed focus of AJAX login form fields in IE; removed stale/unused call to $template->makeParserText() in paginate_array(); added hook page_create_request to possibly help control creation of pages of certain namespaces from plugins; fixed critical bug in user CP that prevented plugins from adding custom CP modules
Dan
parents: 253
diff changeset
  1128
    $code = $plugins->setHook('userpage_sidebar_right');
f49e3c8b638c Fixed focus of AJAX login form fields in IE; removed stale/unused call to $template->makeParserText() in paginate_array(); added hook page_create_request to possibly help control creation of pages of certain namespaces from plugins; fixed critical bug in user CP that prevented plugins from adding custom CP modules
Dan
parents: 253
diff changeset
  1129
    foreach ( $code as $cmd )
f49e3c8b638c Fixed focus of AJAX login form fields in IE; removed stale/unused call to $template->makeParserText() in paginate_array(); added hook page_create_request to possibly help control creation of pages of certain namespaces from plugins; fixed critical bug in user CP that prevented plugins from adding custom CP modules
Dan
parents: 253
diff changeset
  1130
    {
f49e3c8b638c Fixed focus of AJAX login form fields in IE; removed stale/unused call to $template->makeParserText() in paginate_array(); added hook page_create_request to possibly help control creation of pages of certain namespaces from plugins; fixed critical bug in user CP that prevented plugins from adding custom CP modules
Dan
parents: 253
diff changeset
  1131
      eval($cmd);
f49e3c8b638c Fixed focus of AJAX login form fields in IE; removed stale/unused call to $template->makeParserText() in paginate_array(); added hook page_create_request to possibly help control creation of pages of certain namespaces from plugins; fixed critical bug in user CP that prevented plugins from adding custom CP modules
Dan
parents: 253
diff changeset
  1132
    }
f49e3c8b638c Fixed focus of AJAX login form fields in IE; removed stale/unused call to $template->makeParserText() in paginate_array(); added hook page_create_request to possibly help control creation of pages of certain namespaces from plugins; fixed critical bug in user CP that prevented plugins from adding custom CP modules
Dan
parents: 253
diff changeset
  1133
    
15
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
  1134
    echo '  </table>
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
  1135
          </div>';
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
  1136
          
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
  1137
    echo '</tr></table>';
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
  1138
    
22
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1139
    else:
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1140
    
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1141
    echo '<p>Additional information: user "' . htmlspecialchars($target_username) . '" does not exist.</p>';
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1142
    
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1143
    endif;
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1144
    
21
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
  1145
    // if ( $send_headers )
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
  1146
    // {
22
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1147
    //  display_page_footers();
21
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
  1148
    // }
16
64e0d3d4cf14 Emergency version change to 1.0rc3 to fix XSS vulnerabilities
Dan
parents: 15
diff changeset
  1149
    
15
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
  1150
    $this->send_headers = $send_headers;
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
  1151
    unset($send_headers);
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
  1152
    
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
  1153
    $this->footer();
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
  1154
    
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
  1155
  }
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
  1156
  
ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents: 9
diff changeset
  1157
  /**
62
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
  1158
   * Pushes to the redirect stack and resets the instance. This depends on the page ID and namespace already being validated and sanitized, and does not check the size of the redirect stack.
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
  1159
   * @param string Page ID to redirect to
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
  1160
   * @param string Namespace to redirect to
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
  1161
   * @access private
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
  1162
   */
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
  1163
  
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
  1164
  function _handle_redirect($page_id, $namespace)
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
  1165
  {
92
aa8ffe41d1c4 Fixed stupid redirect bug that referenced $paths without importing it, gah...
Dan
parents: 91
diff changeset
  1166
    global $db, $session, $paths, $template, $plugins; // Common objects
62
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
  1167
    $arr_pid = array($this->page_id, $this->namespace);
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
  1168
    if ( $namespace == 'Special' || $namespace == 'Admin' )
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
  1169
    {
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
  1170
      return 'This page redirects to a Special or Administration page, which is not allowed.';
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
  1171
    }
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
  1172
    if ( in_array($this->redirect_stack, $arr_pid) )
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
  1173
    {
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
  1174
      return 'This page infinitely redirects with another page (or another series of pages), and the infinite redirect was trapped.';
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
  1175
    }
92
aa8ffe41d1c4 Fixed stupid redirect bug that referenced $paths without importing it, gah...
Dan
parents: 91
diff changeset
  1176
    $page_id_key = $paths->nslist[ $namespace ] . sanitize_page_id($page_id);
62
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
  1177
    if ( !isset($paths->pages[$page_id_key]) )
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
  1178
    {
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
  1179
      return 'This page redirects to another page that doesn\'t exist.';
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
  1180
    }
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
  1181
    $this->redirect_stack[] = $arr_pid;
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
  1182
    
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
  1183
    
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
  1184
    // Nuke the text cache to avoid infinite loops, gah...
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
  1185
    $this->text_cache = '';
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
  1186
    $this->_setup($page_id, $namespace, 0);
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
  1187
    $this->send();
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
  1188
    return true;
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
  1189
  }
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
  1190
  
9dc4fded30e6 Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents: 61
diff changeset
  1191
  /**
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1192
   * Send the error message to the user that the access to this page is denied.
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1193
   * @access private
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1194
   */
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1195
  
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1196
  function err_access_denied()
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1197
  {
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1198
    global $db, $session, $paths, $template, $plugins; // Common objects
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1199
    
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 93
diff changeset
  1200
    // Log it for crying out loud
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 93
diff changeset
  1201
    $q = $db->sql_query('INSERT INTO '.table_prefix.'logs(log_type,action,time_id,date_string,author,edit_summary,page_text) VALUES(\'security\', \'illegal_page\', '.time().', \''.date('d M Y h:i a').'\', \''.$db->escape($session->username).'\', \''.$db->escape($_SERVER['REMOTE_ADDR']).'\', \'' . $db->escape(serialize(array($this->page_id, $this->namespace))) . '\')');
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 93
diff changeset
  1202
    
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1203
    $ob = '';
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 93
diff changeset
  1204
    //$template->tpl_strings['PAGE_NAME'] = 'Access denied';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 93
diff changeset
  1205
    $template->tpl_strings['PAGE_NAME'] = htmlspecialchars( $this->title );
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1206
      
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1207
    if ( $this->send_headers )
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1208
    {
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1209
      $ob .= $template->getHeader();
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1210
    }
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1211
    
103
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 93
diff changeset
  1212
    if ( count($this->redirect_stack) > 0 )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 93
diff changeset
  1213
    {
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 93
diff changeset
  1214
      $stack = array_reverse($this->redirect_stack);
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 93
diff changeset
  1215
      foreach ( $stack as $oldtarget )
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 93
diff changeset
  1216
      {
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 93
diff changeset
  1217
        $url = makeUrlNS($oldtarget[1], $oldtarget[0], 'redirect=no', true);
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 93
diff changeset
  1218
        $page_id_key = $paths->nslist[ $oldtarget[1] ] . $oldtarget[0];
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 93
diff changeset
  1219
        $page_data = $paths->pages[$page_id_key];
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 93
diff changeset
  1220
        $title = ( isset($page_data['name']) ) ? $page_data['name'] : $paths->nslist[$oldtarget[1]] . htmlspecialchars( str_replace('_', ' ', dirtify_page_id( $oldtarget[0] ) ) );
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 93
diff changeset
  1221
        $a = '<a href="' . $url . '">' . $title . '</a>';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 93
diff changeset
  1222
        
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 93
diff changeset
  1223
        $url = makeUrlNS($this->namespace, $this->page_id, 'redirect=no', true);
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 93
diff changeset
  1224
        $page_id_key = $paths->nslist[ $this->namespace ] . $this->page_id;
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 93
diff changeset
  1225
        $page_data = $paths->pages[$page_id_key];
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 93
diff changeset
  1226
        $title = ( isset($page_data['name']) ) ? $page_data['name'] : $paths->nslist[$this->namespace] . htmlspecialchars( str_replace('_', ' ', dirtify_page_id( $this->page_id ) ) );
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 93
diff changeset
  1227
        $b = '<a href="' . $url . '">' . $title . '</a>';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 93
diff changeset
  1228
        
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 93
diff changeset
  1229
        $ob .= '<small>(Redirected to ' . $b . ' from ' . $a . ')<br /></small>';
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 93
diff changeset
  1230
      }
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 93
diff changeset
  1231
    }
a8891e108c95 Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents: 93
diff changeset
  1232
    
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1233
    $ob .= '<div class="error-box"><b>Access to this page is denied.</b><br />This may be because you are not logged in or you have not met certain criteria for viewing this page.</div>';
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1234
    
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1235
    if ( $this->send_headers )
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1236
    {
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1237
      $ob .= $template->getFooter();
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1238
    }
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1239
    echo $ob;
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1240
  }
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1241
  
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1242
  /**
32
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 31
diff changeset
  1243
   * Inform the user of an incorrect or absent password
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 31
diff changeset
  1244
   * @access private
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 31
diff changeset
  1245
   */
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 31
diff changeset
  1246
   
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 31
diff changeset
  1247
  function err_wrong_password()
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 31
diff changeset
  1248
  {
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 31
diff changeset
  1249
    global $db, $session, $paths, $template, $plugins; // Common objects
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 31
diff changeset
  1250
    
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 31
diff changeset
  1251
    $title = 'Password required';
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 31
diff changeset
  1252
    $message = ( empty($this->password) ) ? '<p>Access to this page requires a password. Please enter the password for this page below:</p>' : '<p>The password you entered for this page was incorrect. Please enter the password for this page below:</p>';
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 31
diff changeset
  1253
    $message .= '<form action="' . makeUrlNS($this->namespace, $this->page_id) . '" method="post">
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 31
diff changeset
  1254
                   <p>
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 31
diff changeset
  1255
                     <label>Password: <input name="pagepass" type="password" /></label>&nbsp;&nbsp;<input type="submit" value="Submit" />
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 31
diff changeset
  1256
                   </p>
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 31
diff changeset
  1257
                 </form>';
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 31
diff changeset
  1258
    if ( $this->send_headers )
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 31
diff changeset
  1259
    {
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 31
diff changeset
  1260
      $template->tpl_strings['PAGE_NAME'] = $title;
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 31
diff changeset
  1261
      $template->header();
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 31
diff changeset
  1262
      echo "$message";
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 31
diff changeset
  1263
      $template->footer();
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 31
diff changeset
  1264
    }
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 31
diff changeset
  1265
    else
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 31
diff changeset
  1266
    {
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 31
diff changeset
  1267
      echo "<h2>$title</h2>
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 31
diff changeset
  1268
            $message";
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 31
diff changeset
  1269
    }
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 31
diff changeset
  1270
  }
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 31
diff changeset
  1271
  
4d87aad3c4c0 Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents: 31
diff changeset
  1272
  /**
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1273
   * Send the error message to the user complaining that there weren't any rows.
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1274
   * @access private
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1275
   */
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1276
  
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1277
  function err_no_rows()
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1278
  {
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1279
    global $db, $session, $paths, $template, $plugins; // Common objects
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1280
    
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1281
    $title = 'No text rows';
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1282
    $message = 'While the page\'s existence was verified, there were no rows in the database that matched the query for the text. This may indicate a bug with the software; ask the webmaster for more information. The offending query was:<pre>' . $db->latest_query . '</pre>';
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1283
    if ( $this->send_headers )
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1284
    {
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1285
      $template->tpl_strings['PAGE_NAME'] = $title;
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1286
      $template->header();
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1287
      echo "<p>$message</p>";
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1288
      $template->footer();
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1289
    }
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1290
    else
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1291
    {
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1292
      echo "<h2>$title</h2>
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1293
            <p>$message</p>";
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1294
    }
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1295
  }
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1296
  
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1297
  /**
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1298
   * Tell the user the page doesn't exist, and present them with their options.
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1299
   * @access private
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1300
   */
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1301
   
22
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1302
  function err_page_not_existent($userpage = false)
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1303
  {
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1304
    global $db, $session, $paths, $template, $plugins; // Common objects
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1305
    
91
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1306
    header('HTTP/1.1 404 Not Found');
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1307
    
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1308
    $this->header();
91
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1309
    $this->do_breadcrumbs();
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1310
    
301
13f5f7d0cd64 Backported customizable 404 page from unstable (thanks Vadi); made customizable 404 page have a {STANDARD404} variable available to allow embedding the "default" 404 content.
Dan
parents: 294
diff changeset
  1311
    $standard_404 = '';
13f5f7d0cd64 Backported customizable 404 page from unstable (thanks Vadi); made customizable 404 page have a {STANDARD404} variable available to allow embedding the "default" 404 content.
Dan
parents: 294
diff changeset
  1312
    
22
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1313
    if ( $userpage )
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1314
    {
301
13f5f7d0cd64 Backported customizable 404 page from unstable (thanks Vadi); made customizable 404 page have a {STANDARD404} variable available to allow embedding the "default" 404 content.
Dan
parents: 294
diff changeset
  1315
      $standard_404 .= '<h3>There is no page with this title yet.</h3>
22
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1316
             <p>This user has not created his or her user page yet.';
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1317
    }
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1318
    else
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1319
    {
301
13f5f7d0cd64 Backported customizable 404 page from unstable (thanks Vadi); made customizable 404 page have a {STANDARD404} variable available to allow embedding the "default" 404 content.
Dan
parents: 294
diff changeset
  1320
      $standard_404 .= '<h3>There is no page with this title yet.</h3>
22
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1321
             <p>You have requested a page that doesn\'t exist yet.';
d0314575e2f0 More preliminary l10n work; userpage portal style basics implemented
Dan
parents: 21
diff changeset
  1322
    }
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1323
    if ( $session->get_permissions('create_page') )
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1324
    {
301
13f5f7d0cd64 Backported customizable 404 page from unstable (thanks Vadi); made customizable 404 page have a {STANDARD404} variable available to allow embedding the "default" 404 content.
Dan
parents: 294
diff changeset
  1325
      $standard_404 .= ' You can <a href="'.makeUrlNS($this->namespace, $this->page_id, 'do=edit', true).'" onclick="ajaxEditor(); return false;">create this page</a>, or return to the <a href="'.makeUrl(getConfig('main_page')).'">homepage</a>.';
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1326
    }
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1327
    else
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1328
    {
301
13f5f7d0cd64 Backported customizable 404 page from unstable (thanks Vadi); made customizable 404 page have a {STANDARD404} variable available to allow embedding the "default" 404 content.
Dan
parents: 294
diff changeset
  1329
      $standard_404 .= ' Return to the <a href="'.makeUrl(getConfig('main_page')).'">homepage</a>.</p>';
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1330
    }
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1331
    if ( $session->get_permissions('history_rollback') )
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1332
    {
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1333
      $e = $db->sql_query('SELECT * FROM ' . table_prefix . 'logs WHERE action=\'delete\' AND page_id=\'' . $this->page_id . '\' AND namespace=\'' . $this->namespace . '\' ORDER BY time_id DESC;');
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1334
      if ( !$e )
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1335
      {
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1336
        $db->_die('The deletion log could not be selected.');
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1337
      }
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1338
      if ( $db->numrows() > 0 )
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1339
      {
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1340
        $r = $db->fetchrow();
301
13f5f7d0cd64 Backported customizable 404 page from unstable (thanks Vadi); made customizable 404 page have a {STANDARD404} variable available to allow embedding the "default" 404 content.
Dan
parents: 294
diff changeset
  1341
        $standard_404 .= '<p><b>This page was deleted on ' . $r['date_string'] . '.</b> The stated reason was:</p><blockquote>' . $r['edit_summary'] . '</blockquote><p>You can probably <a href="'.makeUrl($paths->page, 'do=rollback&amp;id='.$r['time_id']).'" onclick="ajaxRollback(\''.$r['time_id'].'\'); return false;">roll back</a> the deletion.</p>';
93
95c4d91bd954 Redirections to the main page use the redirect() function now
Dan
parents: 92
diff changeset
  1342
        if ( $session->user_level >= USER_LEVEL_ADMIN )
95c4d91bd954 Redirections to the main page use the redirect() function now
Dan
parents: 92
diff changeset
  1343
        {
301
13f5f7d0cd64 Backported customizable 404 page from unstable (thanks Vadi); made customizable 404 page have a {STANDARD404} variable available to allow embedding the "default" 404 content.
Dan
parents: 294
diff changeset
  1344
          $standard_404 .= '<p>Additional admin options: <a href="' . makeUrl($paths->page, 'do=detag', true) . '" title="Remove any tags on this page">detag page</a></p>';
93
95c4d91bd954 Redirections to the main page use the redirect() function now
Dan
parents: 92
diff changeset
  1345
        }
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1346
      }
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1347
      $db->free_result();
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1348
    }
301
13f5f7d0cd64 Backported customizable 404 page from unstable (thanks Vadi); made customizable 404 page have a {STANDARD404} variable available to allow embedding the "default" 404 content.
Dan
parents: 294
diff changeset
  1349
    $standard_404 .= '<p>
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1350
            HTTP Error: 404 Not Found
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1351
          </p>';
301
13f5f7d0cd64 Backported customizable 404 page from unstable (thanks Vadi); made customizable 404 page have a {STANDARD404} variable available to allow embedding the "default" 404 content.
Dan
parents: 294
diff changeset
  1352
          
13f5f7d0cd64 Backported customizable 404 page from unstable (thanks Vadi); made customizable 404 page have a {STANDARD404} variable available to allow embedding the "default" 404 content.
Dan
parents: 294
diff changeset
  1353
    $msg = ( $pp = $paths->sysmsg('Page_not_found') ) ? RenderMan::render($pp) : '{STANDARD404}';
13f5f7d0cd64 Backported customizable 404 page from unstable (thanks Vadi); made customizable 404 page have a {STANDARD404} variable available to allow embedding the "default" 404 content.
Dan
parents: 294
diff changeset
  1354
    $parser = $template->makeParserText($msg);
13f5f7d0cd64 Backported customizable 404 page from unstable (thanks Vadi); made customizable 404 page have a {STANDARD404} variable available to allow embedding the "default" 404 content.
Dan
parents: 294
diff changeset
  1355
    $parser->assign_vars(array(
13f5f7d0cd64 Backported customizable 404 page from unstable (thanks Vadi); made customizable 404 page have a {STANDARD404} variable available to allow embedding the "default" 404 content.
Dan
parents: 294
diff changeset
  1356
        'STANDARD404' => $standard_404
13f5f7d0cd64 Backported customizable 404 page from unstable (thanks Vadi); made customizable 404 page have a {STANDARD404} variable available to allow embedding the "default" 404 content.
Dan
parents: 294
diff changeset
  1357
      ));
13f5f7d0cd64 Backported customizable 404 page from unstable (thanks Vadi); made customizable 404 page have a {STANDARD404} variable available to allow embedding the "default" 404 content.
Dan
parents: 294
diff changeset
  1358
    
13f5f7d0cd64 Backported customizable 404 page from unstable (thanks Vadi); made customizable 404 page have a {STANDARD404} variable available to allow embedding the "default" 404 content.
Dan
parents: 294
diff changeset
  1359
    $msg = $parser->run();
13f5f7d0cd64 Backported customizable 404 page from unstable (thanks Vadi); made customizable 404 page have a {STANDARD404} variable available to allow embedding the "default" 404 content.
Dan
parents: 294
diff changeset
  1360
    eval( '?>' . $msg );
13f5f7d0cd64 Backported customizable 404 page from unstable (thanks Vadi); made customizable 404 page have a {STANDARD404} variable available to allow embedding the "default" 404 content.
Dan
parents: 294
diff changeset
  1361
    
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1362
    $this->footer();
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1363
  }
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1364
  
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1365
  /**
91
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1366
   * Echoes out breadcrumb data, if appropriate.
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1367
   * @access private
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1368
   */
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1369
  
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1370
  function do_breadcrumbs()
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1371
  {
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1372
    global $db, $session, $paths, $template, $plugins; // Common objects
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1373
    if ( strpos($this->text_cache, '__NOBREADCRUMBS__') !== false )
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1374
      return false;
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1375
    $breadcrumb_data = explode('/', $this->page_id);
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1376
    if ( count($breadcrumb_data) > 1 )
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1377
    {
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1378
      echo '<!-- Start breadcrumbs -->
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1379
            <div class="breadcrumbs">
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1380
              ';
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1381
      foreach ( $breadcrumb_data as $i => $higherpage )
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1382
      {
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1383
        $higherpage = $paths->nslist[$this->namespace] . sanitize_page_id(implode('/', array_slice($breadcrumb_data, 0, ($i+1))));
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1384
        if ( ($i + 1) == count($breadcrumb_data) )
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1385
        {
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1386
          $title = get_page_title($higherpage, false);
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1387
          if ( !$this->page_exists )
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1388
          {
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1389
            $title = explode('/', $title);
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1390
            $title = array_reverse($title);
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1391
            $title = $title[0];
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1392
          }
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1393
          echo htmlspecialchars($title);
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1394
          break;
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1395
        }
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1396
        else if ( isPage($higherpage) )
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1397
        {
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1398
          $title = get_page_title($higherpage, false);
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1399
          echo '<a href="' . makeUrl($higherpage, false, true) . '">' . htmlspecialchars($title) . '</a>';
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1400
        }
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1401
        else
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1402
        {
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1403
          $title = get_page_title($higherpage, false);
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1404
          $title = explode('/', $title);
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1405
          $title = array_reverse($title);
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1406
          $title = $title[0];
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1407
          echo '<a href="' . makeUrl($higherpage, false, true) . '" class="wikilink-nonexistent">' . htmlspecialchars($title) . '</a>';
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1408
        }
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1409
        echo ' &raquo; ';
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1410
      }
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1411
      echo '</div>
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1412
            <!-- End breadcrumbs -->
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1413
            ';
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1414
    }
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1415
  }
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1416
  
8079b0288e8e Added ability to detag deleted pages
Dan
parents: 83
diff changeset
  1417
  /**
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1418
   * PHP 4 constructor.
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1419
   * @see PageProcessor::__construct()
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1420
   */
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1421
  
21
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
  1422
  function PageProcessor( $page_id, $namespace, $revision_id = 0 )
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1423
  {
21
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
  1424
    $this->__construct($page_id, $namespace, $revision_id);
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1425
  }
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1426
  
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1427
  /**
21
663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents: 16
diff changeset
  1428
   * Send an error message and die. For debugging or critical technical errors only - nothing that would under normal circumstances be shown to the user.
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1429
   * @var string Error message
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1430
   * @var bool If true, send DBAL's debugging information as well
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1431
   */
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1432
   
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1433
  function send_error($message, $sql = false)
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1434
  {
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1435
    global $db, $session, $paths, $template, $plugins; // Common objects
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1436
    
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1437
    $content = "<p>$message</p>";
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1438
    $template->tpl_strings['PAGE_NAME'] = 'General error in page fetcher';
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1439
    
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1440
    if ( $this->debug['works'] )
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1441
    {
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1442
      $content .= $this->debug['backtrace'];
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1443
    }
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1444
    
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1445
    header('HTTP/1.1 500 Internal Server Error');
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1446
    
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1447
    $template->header();
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1448
    echo $content;
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1449
    $template->footer();
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1450
    
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1451
    $db->close();
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1452
    
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1453
    exit;
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1454
    
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1455
  }
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1456
  
261
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
  1457
  /**
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
  1458
   * Raises an error.
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
  1459
   * @param string Error string
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
  1460
   */
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
  1461
   
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
  1462
  function raise_error($string)
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
  1463
  {
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
  1464
    if ( !is_string($string) )
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
  1465
      return false;
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
  1466
    $this->_errors[] = $string;
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
  1467
  }
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
  1468
  
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
  1469
  /**
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
  1470
   * Retrieves the latest error from the error stack and returns it ('pops' the error stack)
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
  1471
   * @return string
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
  1472
   */
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
  1473
  
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
  1474
  function pop_error()
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
  1475
  {
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
  1476
    if ( count($this->_errors) < 1 )
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
  1477
      return false;
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
  1478
    return array_pop($this->_errors);
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
  1479
  }
5f1cd51bf1be Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents: 259
diff changeset
  1480
  
1
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1481
} // class PageProcessor
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1482
fe660c52c48f Adding /includes
dan@scribus.fuhry.local.fuhry.local
parents:
diff changeset
  1483
?>