1
+ − 1
<?php
73
0a74676a2f2f
Made the move to Loch Ness, and got some basic page grouping functionality working. TODO: fix some UI issues in Javascript ACL editor and change non-JS ACL editor to work with page groups too
Dan
diff
changeset
+ − 2
1
+ − 3
/*
+ − 4
* Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
+ − 5
* pageprocess.php - intelligent retrieval of pages
1081
745200a9cc2a
Fixed some upgrade bugs; added support for choosing one's own date/time formats; rebrand as 1.1.7
Dan
diff
changeset
+ − 6
* Copyright (C) 2006-2009 Dan Fuhry
1
+ − 7
*
+ − 8
* This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
+ − 9
* as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
+ − 10
*
+ − 11
* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ − 12
* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
+ − 13
*/
+ − 14
+ − 15
/**
+ − 16
* Class to handle fetching page text (possibly from a cache) and formatting it.
322
+ − 17
* As of 1.0.4, this also handles the fetching and editing of certain data for pages.
1
+ − 18
* @package Enano
+ − 19
* @subpackage UI
+ − 20
* @copyright 2007 Dan Fuhry
800
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 21
* @license GNU General Public License <http://www.gnu.org/licenses/gpl-2.0.html>
1
+ − 22
*/
+ − 23
+ − 24
class PageProcessor
+ − 25
{
+ − 26
+ − 27
/**
+ − 28
* Page ID and namespace of the page handled by this instance
+ − 29
* @var string
+ − 30
*/
+ − 31
+ − 32
var $page_id;
+ − 33
var $namespace;
+ − 34
+ − 35
/**
800
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 36
* The instance of the namespace processor for the namespace we're doing.
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 37
* @var object
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 38
*/
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 39
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 40
var $ns;
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 41
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 42
/**
62
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 43
* The title of the page sent to the template parser
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 44
* @var string
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 45
*/
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 46
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 47
var $title = '';
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 48
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 49
/**
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 50
* The information about the page(s) we were redirected from
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 51
* @var array
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 52
*/
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 53
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 54
var $redirect_stack = array();
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 55
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 56
/**
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 57
* The revision ID (history entry) to send. If set to 0 (the default) then the most recent revision will be sent.
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 58
* @var int
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 59
*/
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 60
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 61
var $revision_id = 0;
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 62
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 63
/**
468
+ − 64
* The time this revision was saved, as a UNIX timestamp
+ − 65
* @var int
+ − 66
*/
+ − 67
+ − 68
var $revision_time = 0;
+ − 69
+ − 70
/**
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 71
* Unsanitized page ID.
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 72
* @var string
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 73
*/
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 74
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 75
var $page_id_unclean;
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 76
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 77
/**
1
+ − 78
* Tracks if the page we're loading exists in the database or not.
+ − 79
* @var bool
+ − 80
*/
+ − 81
+ − 82
var $page_exists = false;
+ − 83
+ − 84
/**
+ − 85
* Permissions!
+ − 86
* @var object
+ − 87
*/
+ − 88
+ − 89
var $perms = null;
+ − 90
+ − 91
/**
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 92
* The SHA1 hash of the user-inputted password for the page
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 93
* @var string
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 94
*/
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 95
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 96
var $password = '';
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 97
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 98
/**
1
+ − 99
* Switch to track if redirects are allowed. Defaults to true.
+ − 100
* @var bool
+ − 101
*/
+ − 102
+ − 103
var $allow_redir = true;
+ − 104
+ − 105
/**
963
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 106
* Holds any error message from redirection code. Defaults to false (no error).
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 107
* @var mixed
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 108
*/
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 109
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 110
var $redir_error = false;
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 111
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 112
/**
1
+ − 113
* If this is set to true, this will call the header and footer funcs on $template when render() is called.
+ − 114
* @var bool
+ − 115
*/
+ − 116
+ − 117
var $send_headers = false;
+ − 118
+ − 119
/**
+ − 120
* Cache the fetched text so we don't fetch it from the DB twice.
+ − 121
* @var string
+ − 122
*/
+ − 123
+ − 124
var $text_cache = '';
+ − 125
+ − 126
/**
+ − 127
* Debugging information to track errors. You can set enable to false to disable sending debug information.
+ − 128
* @var array
+ − 129
*/
+ − 130
+ − 131
var $debug = array(
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 132
'enable' => false,
1
+ − 133
'works' => false
+ − 134
);
+ − 135
+ − 136
/**
322
+ − 137
* The list of errors raised in the class.
+ − 138
* @var array
+ − 139
*/
+ − 140
+ − 141
var $_errors = array();
+ − 142
+ − 143
/**
1
+ − 144
* Constructor.
+ − 145
* @param string The page ID (urlname) of the page
+ − 146
* @param string The namespace of the page
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 147
* @param int Optional. The revision ID to send.
1
+ − 148
*/
+ − 149
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 150
function __construct( $page_id, $namespace, $revision_id = 0 )
1
+ − 151
{
+ − 152
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 153
372
5bd429428101
A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager
Dan
diff
changeset
+ − 154
profiler_log("PageProcessor [{$namespace}:{$page_id}]: Started constructor");
5bd429428101
A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager
Dan
diff
changeset
+ − 155
1
+ − 156
// See if we can get some debug info
+ − 157
if ( function_exists('debug_backtrace') && $this->debug['enable'] )
+ − 158
{
+ − 159
$this->debug['works'] = true;
+ − 160
$this->debug['backtrace'] = enano_debug_print_backtrace(true);
+ − 161
}
+ − 162
+ − 163
// First things first - check page existence and permissions
+ − 164
+ − 165
if ( !isset($paths->nslist[$namespace]) )
+ − 166
{
+ − 167
$this->send_error('The namespace "' . htmlspecialchars($namespace) . '" does not exist.');
+ − 168
}
+ − 169
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 170
if ( !is_int($revision_id) )
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 171
$revision_id = 0;
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 172
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 173
$this->_setup( $page_id, $namespace, $revision_id );
1
+ − 174
}
+ − 175
+ − 176
/**
61
+ − 177
* The main method to send the page content. Also responsible for checking permissions and calling the statistics counter.
+ − 178
* @param bool If true, the stat counter is called. Defaults to false.
1
+ − 179
*/
+ − 180
61
+ − 181
function send( $do_stats = false )
1
+ − 182
{
+ − 183
global $db, $session, $paths, $template, $plugins; // Common objects
963
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 184
global $lang, $output;
314
+ − 185
592
+ − 186
profiler_log('PageProcessor: send() called');
372
5bd429428101
A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager
Dan
diff
changeset
+ − 187
1
+ − 188
if ( !$this->perms->get_permissions('read') )
+ − 189
{
511
f88c8c79d784
Made some improvements to ACL system including: warning on setting Deny for Everyone on the entire site, added ACL_ALWAYS_ALLOW_ADMIN_EDIT_ACL, and changed behavior as noted in the docs so that Deny for Everyone is no longer able to be overridden
Dan
diff
changeset
+ − 190
// Permission denied to read page. Is this one of our core pages that must always be allowed?
f88c8c79d784
Made some improvements to ACL system including: warning on setting Deny for Everyone on the entire site, added ACL_ALWAYS_ALLOW_ADMIN_EDIT_ACL, and changed behavior as noted in the docs so that Deny for Everyone is no longer able to be overridden
Dan
diff
changeset
+ − 191
// NOTE: Not even the administration panel will work if ACLs deny access to it.
f88c8c79d784
Made some improvements to ACL system including: warning on setting Deny for Everyone on the entire site, added ACL_ALWAYS_ALLOW_ADMIN_EDIT_ACL, and changed behavior as noted in the docs so that Deny for Everyone is no longer able to be overridden
Dan
diff
changeset
+ − 192
if ( $this->namespace == 'Special' && in_array($this->page_id, array('Login', 'Logout', 'LangExportJSON', 'CSS')) )
f88c8c79d784
Made some improvements to ACL system including: warning on setting Deny for Everyone on the entire site, added ACL_ALWAYS_ALLOW_ADMIN_EDIT_ACL, and changed behavior as noted in the docs so that Deny for Everyone is no longer able to be overridden
Dan
diff
changeset
+ − 193
{
f88c8c79d784
Made some improvements to ACL system including: warning on setting Deny for Everyone on the entire site, added ACL_ALWAYS_ALLOW_ADMIN_EDIT_ACL, and changed behavior as noted in the docs so that Deny for Everyone is no longer able to be overridden
Dan
diff
changeset
+ − 194
// Do nothing; allow execution to continue
f88c8c79d784
Made some improvements to ACL system including: warning on setting Deny for Everyone on the entire site, added ACL_ALWAYS_ALLOW_ADMIN_EDIT_ACL, and changed behavior as noted in the docs so that Deny for Everyone is no longer able to be overridden
Dan
diff
changeset
+ − 195
}
f88c8c79d784
Made some improvements to ACL system including: warning on setting Deny for Everyone on the entire site, added ACL_ALWAYS_ALLOW_ADMIN_EDIT_ACL, and changed behavior as noted in the docs so that Deny for Everyone is no longer able to be overridden
Dan
diff
changeset
+ − 196
else
f88c8c79d784
Made some improvements to ACL system including: warning on setting Deny for Everyone on the entire site, added ACL_ALWAYS_ALLOW_ADMIN_EDIT_ACL, and changed behavior as noted in the docs so that Deny for Everyone is no longer able to be overridden
Dan
diff
changeset
+ − 197
{
f88c8c79d784
Made some improvements to ACL system including: warning on setting Deny for Everyone on the entire site, added ACL_ALWAYS_ALLOW_ADMIN_EDIT_ACL, and changed behavior as noted in the docs so that Deny for Everyone is no longer able to be overridden
Dan
diff
changeset
+ − 198
// Page isn't whitelisted, behave as normal
f88c8c79d784
Made some improvements to ACL system including: warning on setting Deny for Everyone on the entire site, added ACL_ALWAYS_ALLOW_ADMIN_EDIT_ACL, and changed behavior as noted in the docs so that Deny for Everyone is no longer able to be overridden
Dan
diff
changeset
+ − 199
$this->err_access_denied();
f88c8c79d784
Made some improvements to ACL system including: warning on setting Deny for Everyone on the entire site, added ACL_ALWAYS_ALLOW_ADMIN_EDIT_ACL, and changed behavior as noted in the docs so that Deny for Everyone is no longer able to be overridden
Dan
diff
changeset
+ − 200
return false;
f88c8c79d784
Made some improvements to ACL system including: warning on setting Deny for Everyone on the entire site, added ACL_ALWAYS_ALLOW_ADMIN_EDIT_ACL, and changed behavior as noted in the docs so that Deny for Everyone is no longer able to be overridden
Dan
diff
changeset
+ − 201
}
1
+ − 202
}
825
9d5c04c1414f
Added (very basic) spam filtering plugin support. Plugins can mark a message as spam by hooking into the spam check API, which is documented in functions.php. No spam checking functionality is built-in.
Dan
diff
changeset
+ − 203
if ( $this->revision_id > 0 && !$this->perms->get_permissions('history_view') )
9d5c04c1414f
Added (very basic) spam filtering plugin support. Plugins can mark a message as spam by hooking into the spam check API, which is documented in functions.php. No spam checking functionality is built-in.
Dan
diff
changeset
+ − 204
{
9d5c04c1414f
Added (very basic) spam filtering plugin support. Plugins can mark a message as spam by hooking into the spam check API, which is documented in functions.php. No spam checking functionality is built-in.
Dan
diff
changeset
+ − 205
$this->err_access_denied();
9d5c04c1414f
Added (very basic) spam filtering plugin support. Plugins can mark a message as spam by hooking into the spam check API, which is documented in functions.php. No spam checking functionality is built-in.
Dan
diff
changeset
+ − 206
return false;
9d5c04c1414f
Added (very basic) spam filtering plugin support. Plugins can mark a message as spam by hooking into the spam check API, which is documented in functions.php. No spam checking functionality is built-in.
Dan
diff
changeset
+ − 207
}
571
66e14e61613e
Got ACL scope logic working again and began enforcing it. Breaking API change: assigning page title with $template->tpl_strings['PAGE_NAME'] will no longer work, use $template->assign_vars(). Workaround may be added later. Test for assign_vars method if compatibility needed. Added namespace processor API (non-breaking change). Several other things tweaked around as well.
Dan
diff
changeset
+ − 208
66e14e61613e
Got ACL scope logic working again and began enforcing it. Breaking API change: assigning page title with $template->tpl_strings['PAGE_NAME'] will no longer work, use $template->assign_vars(). Workaround may be added later. Test for assign_vars method if compatibility needed. Added namespace processor API (non-breaking change). Several other things tweaked around as well.
Dan
diff
changeset
+ − 209
// Is there a custom function registered for handling this namespace?
800
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 210
// DEPRECATED (even though it only saw its way into one alpha release.)
571
66e14e61613e
Got ACL scope logic working again and began enforcing it. Breaking API change: assigning page title with $template->tpl_strings['PAGE_NAME'] will no longer work, use $template->assign_vars(). Workaround may be added later. Test for assign_vars method if compatibility needed. Added namespace processor API (non-breaking change). Several other things tweaked around as well.
Dan
diff
changeset
+ − 211
if ( $proc = $paths->get_namespace_processor($this->namespace) )
66e14e61613e
Got ACL scope logic working again and began enforcing it. Breaking API change: assigning page title with $template->tpl_strings['PAGE_NAME'] will no longer work, use $template->assign_vars(). Workaround may be added later. Test for assign_vars method if compatibility needed. Added namespace processor API (non-breaking change). Several other things tweaked around as well.
Dan
diff
changeset
+ − 212
{
66e14e61613e
Got ACL scope logic working again and began enforcing it. Breaking API change: assigning page title with $template->tpl_strings['PAGE_NAME'] will no longer work, use $template->assign_vars(). Workaround may be added later. Test for assign_vars method if compatibility needed. Added namespace processor API (non-breaking change). Several other things tweaked around as well.
Dan
diff
changeset
+ − 213
// yes, just call that
66e14e61613e
Got ACL scope logic working again and began enforcing it. Breaking API change: assigning page title with $template->tpl_strings['PAGE_NAME'] will no longer work, use $template->assign_vars(). Workaround may be added later. Test for assign_vars method if compatibility needed. Added namespace processor API (non-breaking change). Several other things tweaked around as well.
Dan
diff
changeset
+ − 214
// this is protected aggressively by the PathManager against overriding critical namespaces
66e14e61613e
Got ACL scope logic working again and began enforcing it. Breaking API change: assigning page title with $template->tpl_strings['PAGE_NAME'] will no longer work, use $template->assign_vars(). Workaround may be added later. Test for assign_vars method if compatibility needed. Added namespace processor API (non-breaking change). Several other things tweaked around as well.
Dan
diff
changeset
+ − 215
return call_user_func($proc, $this);
66e14e61613e
Got ACL scope logic working again and began enforcing it. Breaking API change: assigning page title with $template->tpl_strings['PAGE_NAME'] will no longer work, use $template->assign_vars(). Workaround may be added later. Test for assign_vars method if compatibility needed. Added namespace processor API (non-breaking change). Several other things tweaked around as well.
Dan
diff
changeset
+ − 216
}
66e14e61613e
Got ACL scope logic working again and began enforcing it. Breaking API change: assigning page title with $template->tpl_strings['PAGE_NAME'] will no longer work, use $template->assign_vars(). Workaround may be added later. Test for assign_vars method if compatibility needed. Added namespace processor API (non-breaking change). Several other things tweaked around as well.
Dan
diff
changeset
+ − 217
24
+ − 218
$pathskey = $paths->nslist[ $this->namespace ] . $this->page_id;
+ − 219
$strict_no_headers = false;
793
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 220
$admin_fail = false;
329
0437a7cf1acc
Added update-checking function (still a little rough around the edges); added support into admin user CP for changing avatars
Dan
diff
changeset
+ − 221
if ( $this->namespace == 'Admin' && strstr($this->page_id, '/') )
0437a7cf1acc
Added update-checking function (still a little rough around the edges); added support into admin user CP for changing avatars
Dan
diff
changeset
+ − 222
{
0437a7cf1acc
Added update-checking function (still a little rough around the edges); added support into admin user CP for changing avatars
Dan
diff
changeset
+ − 223
$this->page_id = substr($this->page_id, 0, strpos($this->page_id, '/'));
0437a7cf1acc
Added update-checking function (still a little rough around the edges); added support into admin user CP for changing avatars
Dan
diff
changeset
+ − 224
$funcname = "page_{$this->namespace}_{$this->page_id}";
0437a7cf1acc
Added update-checking function (still a little rough around the edges); added support into admin user CP for changing avatars
Dan
diff
changeset
+ − 225
if ( function_exists($funcname) )
0437a7cf1acc
Added update-checking function (still a little rough around the edges); added support into admin user CP for changing avatars
Dan
diff
changeset
+ − 226
{
0437a7cf1acc
Added update-checking function (still a little rough around the edges); added support into admin user CP for changing avatars
Dan
diff
changeset
+ − 227
$this->page_exists = true;
0437a7cf1acc
Added update-checking function (still a little rough around the edges); added support into admin user CP for changing avatars
Dan
diff
changeset
+ − 228
}
0437a7cf1acc
Added update-checking function (still a little rough around the edges); added support into admin user CP for changing avatars
Dan
diff
changeset
+ − 229
}
832
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 230
if ( isPage($pathskey) )
24
+ − 231
{
953
323c4cd1aa37
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
diff
changeset
+ − 232
$cdata = $this->ns->get_cdata();
323c4cd1aa37
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
diff
changeset
+ − 233
323c4cd1aa37
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
diff
changeset
+ − 234
if ( $cdata['special'] == 1 )
24
+ − 235
{
+ − 236
$this->send_headers = false;
+ − 237
$strict_no_headers = true;
800
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 238
$GLOBALS['output'] = new Output_Naked();
24
+ − 239
}
953
323c4cd1aa37
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
diff
changeset
+ − 240
if ( isset($cdata['password']) )
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 241
{
953
323c4cd1aa37
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
diff
changeset
+ − 242
if ( $cdata['password'] != '' && $cdata['password'] != sha1('') )
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 243
{
953
323c4cd1aa37
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
diff
changeset
+ − 244
$password =& $cdata['password'];
286
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 245
if ( $this->password != $password )
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 246
{
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 247
$this->err_wrong_password();
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 248
return false;
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 249
}
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 250
}
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 251
}
953
323c4cd1aa37
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
diff
changeset
+ − 252
if ( isset($cdata['require_admin']) && $cdata['require_admin'] )
793
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 253
{
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 254
if ( $session->auth_level < USER_LEVEL_ADMIN )
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 255
{
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 256
$admin_fail = true;
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 257
}
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 258
}
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 259
}
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 260
else if ( $this->namespace === $paths->namespace && $this->page_id == $paths->page_id )
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 261
{
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 262
if ( isset($paths->cpage['require_admin']) && $paths->cpage['require_admin'] )
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 263
{
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 264
if ( $session->auth_level < USER_LEVEL_ADMIN )
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 265
{
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 266
$admin_fail = true;
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 267
}
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 268
}
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 269
}
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 270
if ( $admin_fail )
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 271
{
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 272
header('Content-type: text/javascript');
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 273
echo enano_json_encode(array(
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 274
'mode' => 'error',
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 275
'error' => 'need_auth_to_admin'
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 276
));
c0724bf6039b
Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Dan
diff
changeset
+ − 277
return true;
24
+ − 278
}
61
+ − 279
if ( $this->page_exists && $this->namespace != 'Special' && $this->namespace != 'Admin' && $do_stats )
+ − 280
{
592
+ − 281
require_once(ENANO_ROOT.'/includes/stats.php');
61
+ − 282
doStats($this->page_id, $this->namespace);
+ − 283
}
800
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 284
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 285
// We are all done. Ship off the page.
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 286
963
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 287
if ( !$this->allow_redir )
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 288
{
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 289
if ( method_exists($this->ns, 'get_redirect') )
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 290
{
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 291
if ( $result = $this->ns->get_redirect() )
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 292
display_redirect_notice($result['page_id'], $result['namespace']);
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 293
}
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 294
}
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 295
else
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 296
{
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 297
$this->process_redirects();
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 298
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 299
if ( count($this->redirect_stack) > 0 )
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 300
{
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 301
$stack = array_reverse($this->redirect_stack);
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 302
foreach ( $stack as $stackel )
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 303
{
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 304
$url = makeUrlNS($stackel['old_namespace'], $stackel['old_page_id'], 'redirect=no', true);
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 305
$page_data = $this->ns->get_cdata();
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 306
$title = $stackel['old_title'];
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 307
$a = '<a href="' . $url . '">' . htmlspecialchars($title) . '</a>';
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 308
$output->add_after_header('<small>' . $lang->get('page_msg_redirected_from', array('from' => $a)) . '<br /></small>');
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 309
}
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 310
$template->set_page($this);
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 311
}
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 312
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 313
if ( $this->redir_error )
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 314
{
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 315
$output->add_after_header('<div class="usermessage"><b>' . $this->redir_error . '</b></div>');
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 316
$result = $this->ns->get_redirect();
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 317
display_redirect_notice($result['page_id'], $result['namespace']);
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 318
}
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 319
}
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 320
800
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 321
$this->ns->send();
741
+ − 322
}
+ − 323
+ − 324
/**
+ − 325
* Sends the page through by fetching it from the database.
+ − 326
*/
+ − 327
+ − 328
function send_from_db($strict_no_headers = false)
+ − 329
{
+ − 330
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 331
global $lang;
+ − 332
832
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 333
$this->ns->send_from_db();
1
+ − 334
}
+ − 335
+ − 336
/**
322
+ − 337
* Fetches the wikitext or HTML source for the page.
+ − 338
* @return string
+ − 339
*/
+ − 340
+ − 341
function fetch_source()
+ − 342
{
800
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 343
global $db, $session, $paths, $template, $plugins; // Common objects
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 344
322
+ − 345
if ( !$this->perms->get_permissions('view_source') )
+ − 346
{
+ − 347
return false;
+ − 348
}
325
e17cc42d77cf
Fixed: $paths->page_id not set when the page doesn't exist; finally fixed garbled page names for IP addresses
Dan
diff
changeset
+ − 349
if ( !$this->page_exists )
e17cc42d77cf
Fixed: $paths->page_id not set when the page doesn't exist; finally fixed garbled page names for IP addresses
Dan
diff
changeset
+ − 350
{
e17cc42d77cf
Fixed: $paths->page_id not set when the page doesn't exist; finally fixed garbled page names for IP addresses
Dan
diff
changeset
+ − 351
return '';
e17cc42d77cf
Fixed: $paths->page_id not set when the page doesn't exist; finally fixed garbled page names for IP addresses
Dan
diff
changeset
+ − 352
}
953
323c4cd1aa37
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
diff
changeset
+ − 353
$cdata = $this->ns->get_cdata();
323c4cd1aa37
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
diff
changeset
+ − 354
if ( isset($cdata['password']) )
800
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 355
{
953
323c4cd1aa37
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
diff
changeset
+ − 356
if ( $cdata['password'] != sha1('') && $cdata['password'] !== $this->password && !empty($cdata['password']) )
800
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 357
{
953
323c4cd1aa37
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
diff
changeset
+ − 358
return false;
800
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 359
}
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 360
}
322
+ − 361
return $this->fetch_text();
+ − 362
}
+ − 363
+ − 364
/**
472
bc4b58034f4d
Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
Dan
diff
changeset
+ − 365
* Updates (saves/changes/edits) the content of the page.
322
+ − 366
* @param string The new text for the page
+ − 367
* @param string A summary of edits made to the page.
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 368
* @param bool If true, the edit is marked as a minor revision
832
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 369
* @param string Page format - wikitext or xhtml. REQUIRED, and new in 1.1.6.
472
bc4b58034f4d
Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
Dan
diff
changeset
+ − 370
* @return bool True on success, false on failure. When returning false, it will push errors to the PageProcessor error stack; read with $page->pop_error()
322
+ − 371
*/
+ − 372
832
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 373
function update_page($text, $edit_summary = false, $minor_edit = false, $page_format)
322
+ − 374
{
+ − 375
global $db, $session, $paths, $template, $plugins; // Common objects
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 376
global $lang;
322
+ − 377
+ − 378
// Create the page if it doesn't exist
+ − 379
if ( !$this->page_exists )
+ − 380
{
+ − 381
if ( !$this->create_page() )
+ − 382
{
+ − 383
return false;
+ − 384
}
+ − 385
}
+ − 386
+ − 387
//
+ − 388
// Validation
+ − 389
//
+ − 390
+ − 391
$page_id = $db->escape($this->page_id);
+ − 392
$namespace = $db->escape($this->namespace);
+ − 393
+ − 394
$q = $db->sql_query('SELECT protected FROM ' . table_prefix . "pages WHERE urlname='$page_id' AND namespace='$namespace';");
+ − 395
if ( !$q )
+ − 396
$db->_die('PageProcess updating page content');
+ − 397
if ( $db->numrows() < 1 )
+ − 398
{
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 399
$this->raise_error($lang->get('editor_err_no_rows'));
322
+ − 400
return false;
+ − 401
}
+ − 402
+ − 403
// Do we have permission to edit the page?
+ − 404
if ( !$this->perms->get_permissions('edit_page') )
+ − 405
{
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 406
$this->raise_error($lang->get('editor_err_no_permission'));
322
+ − 407
return false;
+ − 408
}
+ − 409
+ − 410
list($protection) = $db->fetchrow_num();
+ − 411
$db->free_result();
+ − 412
+ − 413
if ( $protection == 1 )
+ − 414
{
+ − 415
// The page is protected - do we have permission to edit protected pages?
+ − 416
if ( !$this->perms->get_permissions('even_when_protected') )
+ − 417
{
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 418
$this->raise_error($lang->get('editor_err_page_protected'));
322
+ − 419
return false;
+ − 420
}
+ − 421
}
+ − 422
else if ( $protection == 2 )
+ − 423
{
+ − 424
// The page is semi-protected.
+ − 425
if (
+ − 426
( !$session->user_logged_in || // Is the user logged in?
+ − 427
( $session->user_logged_in && $session->reg_time + ( 4 * 86400 ) >= time() ) ) // If so, have they been registered for 4 days?
+ − 428
&& !$this->perms->get_permissions('even_when_protected') ) // And of course, is there an ACL that overrides semi-protection?
+ − 429
{
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 430
$this->raise_error($lang->get('editor_err_page_protected'));
322
+ − 431
return false;
+ − 432
}
+ − 433
}
+ − 434
825
9d5c04c1414f
Added (very basic) spam filtering plugin support. Plugins can mark a message as spam by hooking into the spam check API, which is documented in functions.php. No spam checking functionality is built-in.
Dan
diff
changeset
+ − 435
// Spam check
9d5c04c1414f
Added (very basic) spam filtering plugin support. Plugins can mark a message as spam by hooking into the spam check API, which is documented in functions.php. No spam checking functionality is built-in.
Dan
diff
changeset
+ − 436
if ( !spamalyze($text) )
9d5c04c1414f
Added (very basic) spam filtering plugin support. Plugins can mark a message as spam by hooking into the spam check API, which is documented in functions.php. No spam checking functionality is built-in.
Dan
diff
changeset
+ − 437
{
9d5c04c1414f
Added (very basic) spam filtering plugin support. Plugins can mark a message as spam by hooking into the spam check API, which is documented in functions.php. No spam checking functionality is built-in.
Dan
diff
changeset
+ − 438
$this->raise_error($lang->get('editor_err_spamcheck_failed'));
9d5c04c1414f
Added (very basic) spam filtering plugin support. Plugins can mark a message as spam by hooking into the spam check API, which is documented in functions.php. No spam checking functionality is built-in.
Dan
diff
changeset
+ − 439
return false;
9d5c04c1414f
Added (very basic) spam filtering plugin support. Plugins can mark a message as spam by hooking into the spam check API, which is documented in functions.php. No spam checking functionality is built-in.
Dan
diff
changeset
+ − 440
}
9d5c04c1414f
Added (very basic) spam filtering plugin support. Plugins can mark a message as spam by hooking into the spam check API, which is documented in functions.php. No spam checking functionality is built-in.
Dan
diff
changeset
+ − 441
832
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 442
// Page format check
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 443
if ( !in_array($page_format, array('xhtml', 'wikitext')) )
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 444
{
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 445
$this->raise_error("format \"$page_format\" not one of [xhtml, wikitext]");
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 446
return false;
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 447
}
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 448
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 449
//
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 450
// Protection validated; update page content
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 451
//
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 452
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 453
$text_undb = RenderMan::preprocess_text($text, false, false);
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 454
$text = $db->escape($text_undb);
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 455
$author = $db->escape($session->username);
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 456
$time = time();
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 457
$edit_summary = ( strval($edit_summary) === $edit_summary ) ? $db->escape($edit_summary) : '';
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 458
$minor_edit = ( $minor_edit ) ? '1' : '0';
1081
745200a9cc2a
Fixed some upgrade bugs; added support for choosing one's own date/time formats; rebrand as 1.1.7
Dan
diff
changeset
+ − 459
$date_string = enano_date(ED_DATE | ED_TIME);
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 460
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 461
// Insert log entry
832
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 462
$sql = 'INSERT INTO ' . table_prefix . "logs ( time_id, date_string, log_type, action, page_id, namespace, author, page_text, edit_summary, minor_edit, page_format )\n"
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 463
. " VALUES ( $time, '$date_string', 'page', 'edit', '{$this->page_id}', '{$this->namespace}', '$author', '$text', '$edit_summary', $minor_edit, '$page_format' );";
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 464
if ( !$db->sql_query($sql) )
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 465
{
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 466
$this->raise_error($db->get_error());
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 467
return false;
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 468
}
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 469
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 470
// Update the master text entry
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 471
$sql = 'UPDATE ' . table_prefix . "page_text SET page_text = '$text' WHERE page_id = '{$this->page_id}' AND namespace = '{$this->namespace}';";
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 472
if ( !$db->sql_query($sql) )
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 473
{
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 474
$this->raise_error($db->get_error());
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 475
return false;
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 476
}
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 477
468
+ − 478
// If there's an identical draft copy, delete it
+ − 479
$sql = 'DELETE FROM ' . table_prefix . "logs WHERE is_draft = 1 AND page_id = '{$this->page_id}' AND namespace = '{$this->namespace}' AND page_text = '{$text}';";
+ − 480
if ( !$db->sql_query($sql) )
+ − 481
{
+ − 482
$this->raise_error($db->get_error());
+ − 483
return false;
+ − 484
}
+ − 485
832
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 486
// Set page_format
877
+ − 487
// Using @ due to warning thrown when saving new page
953
323c4cd1aa37
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
diff
changeset
+ − 488
$cdata = $this->ns->get_cdata();
323c4cd1aa37
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
diff
changeset
+ − 489
if ( @$cdata['page_format'] !== $page_format )
832
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 490
{
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 491
// Note: no SQL injection to worry about here. Everything that goes into this is sanitized already, barring some rogue plugin.
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 492
// (and if there's a rogue plugin running, we have bigger things to worry about anyway.)
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 493
if ( !$db->sql_query('UPDATE ' . table_prefix . "pages SET page_format = '$page_format' WHERE urlname = '$this->page_id' AND namespace = '$this->namespace';") )
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 494
{
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 495
$this->raise_error($db->get_error());
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 496
return false;
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 497
}
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 498
$paths->update_metadata_cache();
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 499
}
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 500
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 501
// Rebuild the search index
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 502
$paths->rebuild_page_index($this->page_id, $this->namespace);
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 503
1027
+ − 504
$this->text_cache = $text_undb;
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 505
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
diff
changeset
+ − 506
return true;
322
+ − 507
+ − 508
}
+ − 509
+ − 510
/**
+ − 511
* Creates the page if it doesn't already exist.
426
+ − 512
* @param string Optional page title.
821
a64c56a1a6a4
PageProcessor: fix not setting page_exists to true after create_page() success (todo: move to Namespace_*?); add $visible parameter to create_page()
Dan
diff
changeset
+ − 513
* @param bool Visibility (allow indexing) flag
322
+ − 514
* @return bool True on success, false on failure.
+ − 515
*/
+ − 516
821
a64c56a1a6a4
PageProcessor: fix not setting page_exists to true after create_page() success (todo: move to Namespace_*?); add $visible parameter to create_page()
Dan
diff
changeset
+ − 517
function create_page($title = false, $visible = true)
322
+ − 518
{
+ − 519
global $db, $session, $paths, $template, $plugins; // Common objects
426
+ − 520
global $lang;
322
+ − 521
+ − 522
// Do we have permission to create the page?
+ − 523
if ( !$this->perms->get_permissions('create_page') )
+ − 524
{
426
+ − 525
$this->raise_error($lang->get('pagetools_create_err_no_permission'));
322
+ − 526
return false;
+ − 527
}
+ − 528
+ − 529
// Does it already exist?
+ − 530
if ( $this->page_exists )
+ − 531
{
426
+ − 532
$this->raise_error($lang->get('pagetools_create_err_already_exists'));
322
+ − 533
return false;
+ − 534
}
+ − 535
+ − 536
// It's not in there. Perform validation.
+ − 537
+ − 538
// We can't create special, admin, or external pages.
692
78473351a6c9
Changed namespace properties (including core identifier) for external pages that load the Enano API to be a uniform "API" namespace and "SystemAPI:" prefix.
Dan
diff
changeset
+ − 539
if ( $this->namespace == 'Special' || $this->namespace == 'Admin' || $this->namespace == 'API' )
322
+ − 540
{
426
+ − 541
$this->raise_error($lang->get('pagetools_create_err_nodb_namespace'));
322
+ − 542
return false;
+ − 543
}
+ − 544
+ − 545
// Guess the proper title
481
+ − 546
$name = ( !empty($title) ) ? $title : str_replace('_', ' ', dirtify_page_id($this->page_id));
322
+ − 547
+ − 548
// Check for the restricted Project: prefix
+ − 549
if ( substr($this->page_id, 0, 8) == 'Project:' )
+ − 550
{
426
+ − 551
$this->raise_error($lang->get('pagetools_create_err_reserved_prefix'));
322
+ − 552
return false;
+ − 553
}
+ − 554
+ − 555
// Validation successful - insert the page
+ − 556
+ − 557
$metadata = array(
+ − 558
'urlname' => $this->page_id,
+ − 559
'namespace' => $this->namespace,
+ − 560
'name' => $name,
+ − 561
'special' => 0,
821
a64c56a1a6a4
PageProcessor: fix not setting page_exists to true after create_page() success (todo: move to Namespace_*?); add $visible parameter to create_page()
Dan
diff
changeset
+ − 562
'visible' => $visible ? 1 : 0,
322
+ − 563
'comments_on' => 1,
+ − 564
'protected' => ( $this->namespace == 'System' ? 1 : 0 ),
+ − 565
'delvotes' => 0,
+ − 566
'delvote_ips' => serialize(array()),
+ − 567
'wiki_mode' => 2
+ − 568
);
+ − 569
+ − 570
$paths->add_page($metadata);
+ − 571
+ − 572
$page_id = $db->escape($this->page_id);
+ − 573
$namespace = $db->escape($this->namespace);
+ − 574
$name = $db->escape($name);
+ − 575
$protect = ( $this->namespace == 'System' ) ? '1' : '0';
+ − 576
$blank_array = $db->escape(serialize(array()));
+ − 577
+ − 578
// Query 1: Metadata entry
821
a64c56a1a6a4
PageProcessor: fix not setting page_exists to true after create_page() success (todo: move to Namespace_*?); add $visible parameter to create_page()
Dan
diff
changeset
+ − 579
$q = $db->sql_query('INSERT INTO ' . table_prefix . "pages(name, urlname, namespace, visible, protected, delvotes, delvote_ips, wiki_mode)\n"
a64c56a1a6a4
PageProcessor: fix not setting page_exists to true after create_page() success (todo: move to Namespace_*?); add $visible parameter to create_page()
Dan
diff
changeset
+ − 580
. " VALUES ( '$name', '$page_id', '$namespace', {$metadata['visible']}, $protect, 0, '$blank_array', 2 );");
322
+ − 581
if ( !$q )
+ − 582
$db->_die('PageProcessor page creation - metadata stage');
+ − 583
+ − 584
// Query 2: Text insertion
+ − 585
$q = $db->sql_query('INSERT INTO ' . table_prefix . "page_text(page_id, namespace, page_text)\n"
+ − 586
. "VALUES ( '$page_id', '$namespace', '' );");
+ − 587
if ( !$q )
+ − 588
$db->_die('PageProcessor page creation - text stage');
+ − 589
426
+ − 590
// Query 3: Log entry
+ − 591
$db->sql_query('INSERT INTO ' . table_prefix."logs(time_id, date_string, log_type, action, author, page_id, namespace)\n"
1081
745200a9cc2a
Fixed some upgrade bugs; added support for choosing one's own date/time formats; rebrand as 1.1.7
Dan
diff
changeset
+ − 592
. " VALUES ( " . time() . ", 'DEPRECATED', 'page', 'create', \n"
426
+ − 593
. " '" . $db->escape($session->username) . "', '" . $db->escape($this->page_id) . "', '" . $this->namespace . "');");
+ − 594
if ( !$q )
+ − 595
$db->_die('PageProcessor page creation - logging stage');
+ − 596
593
4f9bec0d65c1
More optimization work. Moved special page init functions to common instead of common_post hook. Allowed paths to cache page metadata on filesystem. Phased out the redundancy in $paths->pages that paired a number with every urlname as foreach loops are allowed now (and have been for some time). Fixed missing includes for several functions. Rewrote str_replace_once to be a lot more efficient.
Dan
diff
changeset
+ − 597
// Update the cache
4f9bec0d65c1
More optimization work. Moved special page init functions to common instead of common_post hook. Allowed paths to cache page metadata on filesystem. Phased out the redundancy in $paths->pages that paired a number with every urlname as foreach loops are allowed now (and have been for some time). Fixed missing includes for several functions. Rewrote str_replace_once to be a lot more efficient.
Dan
diff
changeset
+ − 598
$paths->update_metadata_cache();
4f9bec0d65c1
More optimization work. Moved special page init functions to common instead of common_post hook. Allowed paths to cache page metadata on filesystem. Phased out the redundancy in $paths->pages that paired a number with every urlname as foreach loops are allowed now (and have been for some time). Fixed missing includes for several functions. Rewrote str_replace_once to be a lot more efficient.
Dan
diff
changeset
+ − 599
821
a64c56a1a6a4
PageProcessor: fix not setting page_exists to true after create_page() success (todo: move to Namespace_*?); add $visible parameter to create_page()
Dan
diff
changeset
+ − 600
// Make sure that when/if we save the page later in this instance it doesn't get re-created
a64c56a1a6a4
PageProcessor: fix not setting page_exists to true after create_page() success (todo: move to Namespace_*?); add $visible parameter to create_page()
Dan
diff
changeset
+ − 601
$this->page_exists = true;
a64c56a1a6a4
PageProcessor: fix not setting page_exists to true after create_page() success (todo: move to Namespace_*?); add $visible parameter to create_page()
Dan
diff
changeset
+ − 602
322
+ − 603
// Page created. We're good!
+ − 604
return true;
+ − 605
}
+ − 606
+ − 607
/**
468
+ − 608
* Rolls back a non-edit action in the logs
+ − 609
* @param int Log entry (log_id) to roll back
+ − 610
* @return array Standard Enano error/success protocol
+ − 611
*/
+ − 612
+ − 613
function rollback_log_entry($log_id)
+ − 614
{
+ − 615
global $db, $session, $paths, $template, $plugins; // Common objects
696
bd5069e1f19a
Revamped page deletion interface; fixed bug where page_meta cache was not being cleared upon restoration of deleted page.
Dan
diff
changeset
+ − 616
global $cache;
468
+ − 617
+ − 618
// Verify permissions
+ − 619
if ( !$this->perms->get_permissions('history_rollback') )
+ − 620
{
+ − 621
return array(
+ − 622
'success' => false,
+ − 623
'error' => 'access_denied'
+ − 624
);
+ − 625
}
+ − 626
+ − 627
// Check input
+ − 628
$log_id = intval($log_id);
+ − 629
if ( empty($log_id) )
+ − 630
{
+ − 631
return array(
+ − 632
'success' => false,
+ − 633
'error' => 'invalid_parameter'
+ − 634
);
+ − 635
}
+ − 636
+ − 637
// Fetch the log entry
+ − 638
$q = $db->sql_query('SELECT * FROM ' . table_prefix . "logs WHERE log_type = 'page' AND page_id='{$this->page_id}' AND namespace='{$this->namespace}' AND log_id = $log_id;");
+ − 639
if ( !$q )
+ − 640
$db->_die();
+ − 641
+ − 642
// Is this even a valid log entry for this context?
+ − 643
if ( $db->numrows() < 1 )
+ − 644
{
+ − 645
return array(
+ − 646
'success' => false,
+ − 647
'error' => 'entry_not_found'
+ − 648
);
+ − 649
}
+ − 650
+ − 651
// All good, fetch and free the result
+ − 652
$log_entry = $db->fetchrow();
+ − 653
$db->free_result();
+ − 654
1081
745200a9cc2a
Fixed some upgrade bugs; added support for choosing one's own date/time formats; rebrand as 1.1.7
Dan
diff
changeset
+ − 655
$dateline = enano_date(ED_DATE | ED_TIME, $log_entry['time_id']);
481
+ − 656
468
+ − 657
// Let's see, what do we have here...
+ − 658
switch ( $log_entry['action'] )
+ − 659
{
+ − 660
case 'rename':
+ − 661
// Page was renamed, let the rename method handle this
912
+ − 662
return array_merge($this->rename_page($log_entry['edit_summary']), array('dateline' => $dateline, 'action' => $log_entry['action']));
468
+ − 663
break;
+ − 664
case 'prot':
+ − 665
case 'unprot':
+ − 666
case 'semiprot':
481
+ − 667
return array_merge($this->protect_page(intval($log_entry['page_text']), '__REVERSION__'), array('dateline' => $dateline, 'action' => $log_entry['action']));
+ − 668
break;
+ − 669
case 'delete':
+ − 670
+ − 671
// Raising a previously dead page has implications...
+ − 672
+ − 673
// FIXME: l10n
+ − 674
// rollback_extra is required because usually only moderators can undo page deletion AND restore the content.
696
bd5069e1f19a
Revamped page deletion interface; fixed bug where page_meta cache was not being cleared upon restoration of deleted page.
Dan
diff
changeset
+ − 675
// potential flaw here - once recreated, can past revisions be restored by users without rollback_extra? should
bd5069e1f19a
Revamped page deletion interface; fixed bug where page_meta cache was not being cleared upon restoration of deleted page.
Dan
diff
changeset
+ − 676
// probably modify editor routine to deny revert access if the timestamp < timestamp of last deletion if any.
481
+ − 677
if ( !$this->perms->get_permissions('history_rollback_extra') )
+ − 678
return 'Administrative privileges are required for page undeletion.';
+ − 679
+ − 680
// Rolling back the deletion of a page that was since created?
+ − 681
$pathskey = $paths->nslist[ $this->namespace ] . $this->page_id;
832
7152ca0a0ce9
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Dan
diff
changeset
+ − 682
if ( isPage($pathskey) )
481
+ − 683
return array(
+ − 684
'success' => false,
+ − 685
// This is a clean Christian in-joke.
+ − 686
'error' => 'seeking_living_among_dead'
+ − 687
);
+ − 688
+ − 689
// Generate a crappy page name
+ − 690
$name = $db->escape( str_replace('_', ' ', dirtify_page_id($this->page_id)) );
+ − 691
+ − 692
// Stage 1 - re-insert page
+ − 693
$e = $db->sql_query('INSERT INTO ' . table_prefix.'pages(name,urlname,namespace) VALUES( \'' . $name . '\', \'' . $this->page_id . '\',\'' . $this->namespace . '\' )');
+ − 694
if ( !$e )
+ − 695
$db->die_json();
+ − 696
+ − 697
// Select the latest published revision
+ − 698
$q = $db->sql_query('SELECT page_text FROM ' . table_prefix . "logs WHERE\n"
+ − 699
. " log_type = 'page'\n"
+ − 700
. " AND action = 'edit'\n"
+ − 701
. " AND page_id = '$this->page_id'\n"
+ − 702
. " AND namespace = '$this->namespace'\n"
+ − 703
. " AND is_draft != 1\n"
+ − 704
. "ORDER BY time_id DESC LIMIT 1;");
+ − 705
if ( !$q )
+ − 706
$db->die_json();
+ − 707
list($page_text) = $db->fetchrow_num();
+ − 708
$db->free_result($q);
+ − 709
+ − 710
// Apply the latest revision as the current page text
+ − 711
$page_text = $db->escape($page_text);
+ − 712
$e = $db->sql_query('INSERT INTO ' . table_prefix."page_text(page_id, namespace, page_text) VALUES\n"
+ − 713
. " ( '$this->page_id', '$this->namespace', '$page_text' );");
+ − 714
if ( !$e )
+ − 715
$db->die_json();
+ − 716
696
bd5069e1f19a
Revamped page deletion interface; fixed bug where page_meta cache was not being cleared upon restoration of deleted page.
Dan
diff
changeset
+ − 717
$cache->purge('page_meta');
bd5069e1f19a
Revamped page deletion interface; fixed bug where page_meta cache was not being cleared upon restoration of deleted page.
Dan
diff
changeset
+ − 718
481
+ − 719
return array(
+ − 720
'success' => true,
+ − 721
'dateline' => $dateline,
+ − 722
'action' => $log_entry['action']
+ − 723
);
+ − 724
+ − 725
break;
+ − 726
case 'reupload':
+ − 727
+ − 728
// given a log id and some revision info, restore the old file.
+ − 729
// get the timestamp of the file before this one
+ − 730
$q = $db->sql_query('SELECT time_id, file_key, file_extension, filename, size, mimetype FROM ' . table_prefix . "files WHERE time_id < {$log_entry['time_id']} ORDER BY time_id DESC LIMIT 1;");
+ − 731
if ( !$q )
+ − 732
$db->_die();
+ − 733
+ − 734
$row = $db->fetchrow();
+ − 735
$db->free_result();
+ − 736
+ − 737
// If the file hasn't been renamed to the new format (omitting timestamp), do that now.
+ − 738
$fname = ENANO_ROOT . "/files/{$row['file_key']}_{$row['time_id']}{$row['file_extension']}";
+ − 739
if ( @file_exists($fname) )
+ − 740
{
+ − 741
// it's stored in the old format - rename
+ − 742
$fname_new = ENANO_ROOT . "/files/{$row['file_key']}{$row['file_extension']}";
+ − 743
if ( !@rename($fname, $fname_new) )
+ − 744
{
+ − 745
return array(
+ − 746
'success' => false,
+ − 747
'error' => 'rb_file_rename_failed',
+ − 748
'action' => $log_entry['action']
+ − 749
);
+ − 750
}
+ − 751
}
+ − 752
+ − 753
// Insert a new file entry
+ − 754
$time = time();
+ − 755
$filename = $db->escape($row['filename']);
+ − 756
$mimetype = $db->escape($row['mimetype']);
+ − 757
$ext = $db->escape($row['file_extension']);
+ − 758
$key = $db->escape($row['file_key']);
+ − 759
+ − 760
$q = $db->sql_query('INSERT INTO ' . table_prefix . "files ( time_id, page_id, filename, size, mimetype, file_extension, file_key ) VALUES\n"
+ − 761
. " ( $time, '$this->page_id', '$filename', {$row['size']}, '$mimetype', '$ext', '$key' );");
+ − 762
if ( !$q )
+ − 763
$db->die_json();
+ − 764
+ − 765
// add reupload log entry
+ − 766
$username = $db->escape($session->username);
+ − 767
$q = $db->sql_query('INSERT INTO ' . table_prefix . "logs ( log_type, action, time_id, page_id, namespace, author, edit_summary ) VALUES\n"
+ − 768
. " ( 'page', 'reupload', $time, '$this->page_id', '$this->namespace', '$username', '__ROLLBACK__' )");
+ − 769
if ( !$q )
+ − 770
$db->die_json();
+ − 771
+ − 772
return array(
+ − 773
'success' => true,
+ − 774
'dateline' => $dateline,
+ − 775
'action' => $log_entry['action']
+ − 776
);
+ − 777
468
+ − 778
break;
913
+ − 779
case 'votereset':
+ − 780
if ( !$this->perms->get_permissions('history_rollback_extra') )
+ − 781
return 'Denied!';
+ − 782
+ − 783
// pull existing vote data
+ − 784
$q = $db->sql_query('SELECT delvotes, delvote_ips FROM ' . table_prefix . "pages WHERE urlname = '$this->page_id' AND namespace = '$this->namespace';");
+ − 785
if ( !$q )
+ − 786
$db->_die();
+ − 787
+ − 788
if ( $db->numrows() < 1 )
+ − 789
return array(
+ − 790
'success' => false,
+ − 791
'error' => 'page_not_exist',
+ − 792
'action' => $log_entry['action']
+ − 793
);
+ − 794
+ − 795
list($curr_delvotes, $curr_delvote_ips) = $db->fetchrow_num();
+ − 796
$db->free_result();
+ − 797
+ − 798
// merge with existing votes
+ − 799
$old_delvote_ips = unserialize($log_entry['page_text']);
+ − 800
$new_delvote_ips = unserialize($curr_delvote_ips);
+ − 801
$new_delvote_ips['u'] = array_unique(array_merge($new_delvote_ips['u'], $old_delvote_ips['u']));
+ − 802
$new_delvote_ips['ip'] = array_unique(array_merge($new_delvote_ips['ip'], $old_delvote_ips['ip']));
+ − 803
$new_delvotes = count($new_delvote_ips['ip']);
+ − 804
$new_delvote_ips = $db->escape(serialize($new_delvote_ips));
+ − 805
+ − 806
// update pages table
+ − 807
$q = $db->sql_query('UPDATE ' . table_prefix . "pages SET delvotes = $new_delvotes, delvote_ips = '$new_delvote_ips' WHERE urlname = '$this->page_id' AND namespace = '$this->namespace';");
+ − 808
+ − 809
$cache->purge('page_meta');
+ − 810
+ − 811
return array(
+ − 812
'success' => true,
+ − 813
'dateline' => $dateline,
+ − 814
'action' => $log_entry['action']
+ − 815
);
+ − 816
break;
468
+ − 817
default:
481
+ − 818
+ − 819
return array(
+ − 820
'success' => false,
+ − 821
'error' => 'rb_action_not_supported',
+ − 822
'action' => $log_entry['action']
+ − 823
);
+ − 824
468
+ − 825
break;
+ − 826
}
+ − 827
}
+ − 828
+ − 829
/**
+ − 830
* Renames the page
+ − 831
* @param string New name
+ − 832
* @return array Standard Enano error/success protocol
+ − 833
*/
+ − 834
+ − 835
function rename_page($new_name)
+ − 836
{
+ − 837
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 838
+ − 839
// Check permissions
+ − 840
if ( !$this->perms->get_permissions('rename') )
+ − 841
{
+ − 842
return array(
+ − 843
'success' => false,
+ − 844
'error' => 'access_denied'
+ − 845
);
+ − 846
}
+ − 847
+ − 848
// If this is the same as the current name, return success
+ − 849
$page_name = get_page_title_ns($this->page_id, $this->namespace);
+ − 850
if ( $page_name === $new_name )
+ − 851
{
+ − 852
return array(
+ − 853
'success' => true
+ − 854
);
+ − 855
}
+ − 856
+ − 857
// Make sure the name is valid
+ − 858
$new_name = trim($new_name);
+ − 859
if ( empty($new_name) )
+ − 860
{
+ − 861
return array(
+ − 862
'success' => false,
+ − 863
'error' => 'invalid_parameter'
+ − 864
);
+ − 865
}
+ − 866
+ − 867
// Log the action
+ − 868
$username = $db->escape($session->username);
+ − 869
$page_name = $db->escape($page_name);
+ − 870
$time = time();
+ − 871
+ − 872
$q = $db->sql_query('INSERT INTO ' . table_prefix . "logs ( log_type, action, page_id, namespace, author, edit_summary, time_id, date_string ) VALUES\n"
+ − 873
. " ( 'page', 'rename', '{$this->page_id}', '{$this->namespace}', '$username', '$page_name', '$time', 'DATE_STRING COLUMN OBSOLETE, USE time_id' );");
+ − 874
if ( !$q )
+ − 875
$db->_die();
+ − 876
+ − 877
// Not much to do but to rename it now
+ − 878
$new_name = $db->escape($new_name);
+ − 879
$q = $db->sql_query('UPDATE ' . table_prefix . "pages SET name = '$new_name' WHERE urlname = '{$this->page_id}' AND namespace = '{$this->namespace}';");
+ − 880
if ( !$q )
+ − 881
$db->_die();
+ − 882
600
46abecc238e7
Fixed missing require() on stats.php in pageprocess; made pageprocess update the metadata cache on page rename
Dan
diff
changeset
+ − 883
// Update the cache
46abecc238e7
Fixed missing require() on stats.php in pageprocess; made pageprocess update the metadata cache on page rename
Dan
diff
changeset
+ − 884
$paths->update_metadata_cache();
46abecc238e7
Fixed missing require() on stats.php in pageprocess; made pageprocess update the metadata cache on page rename
Dan
diff
changeset
+ − 885
468
+ − 886
return array(
+ − 887
'success' => true
+ − 888
);
+ − 889
}
+ − 890
+ − 891
/**
+ − 892
* Sets the protection level of the page
+ − 893
* @param int Protection level, one of PROTECT_{FULL,SEMI,NONE}
+ − 894
* @param string Reason for protection - required
+ − 895
*/
+ − 896
+ − 897
function protect_page($protection_level, $reason)
+ − 898
{
+ − 899
global $db, $session, $paths, $template, $plugins; // Common objects
904
+ − 900
global $cache;
468
+ − 901
+ − 902
// Validate permissions
+ − 903
if ( !$this->perms->get_permissions('protect') )
+ − 904
{
+ − 905
return array(
+ − 906
'success' => false,
+ − 907
'error' => 'access_denied'
+ − 908
);
+ − 909
}
+ − 910
907
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
diff
changeset
+ − 911
// Validate re-auth
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
diff
changeset
+ − 912
if ( !$session->sid_super )
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
diff
changeset
+ − 913
{
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
diff
changeset
+ − 914
return array(
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
diff
changeset
+ − 915
'success' => false,
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
diff
changeset
+ − 916
'error' => 'access_denied_need_reauth'
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
diff
changeset
+ − 917
);
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
diff
changeset
+ − 918
}
44851d7e9bda
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Dan
diff
changeset
+ − 919
468
+ − 920
// Validate input
+ − 921
$reason = trim($reason);
+ − 922
if ( !in_array($protection_level, array(PROTECT_NONE, PROTECT_FULL, PROTECT_SEMI)) || empty($reason) )
+ − 923
{
+ − 924
return array(
+ − 925
'success' => false,
+ − 926
'error' => 'invalid_parameter'
+ − 927
);
+ − 928
}
+ − 929
+ − 930
// Retrieve page metadata
953
323c4cd1aa37
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
diff
changeset
+ − 931
$metadata = $this->ns->get_cdata();
468
+ − 932
+ − 933
// Log the action
+ − 934
$username = $db->escape($session->username);
+ − 935
$time = time();
+ − 936
$existing_protection = intval($metadata['protected']);
+ − 937
$reason = $db->escape($reason);
+ − 938
481
+ − 939
if ( $existing_protection == $protection_level )
+ − 940
{
+ − 941
return array(
+ − 942
'success' => false,
+ − 943
'error' => 'protection_already_there'
+ − 944
);
+ − 945
}
+ − 946
468
+ − 947
$action = '[ insanity ]';
+ − 948
switch($protection_level)
+ − 949
{
+ − 950
case PROTECT_FULL: $action = 'prot'; break;
+ − 951
case PROTECT_NONE: $action = 'unprot'; break;
+ − 952
case PROTECT_SEMI: $action = 'semiprot'; break;
+ − 953
}
+ − 954
+ − 955
$sql = 'INSERT INTO ' . table_prefix . "logs ( log_type, action, page_id, namespace, author, edit_summary, time_id, page_text, date_string ) VALUES\n"
+ − 956
. " ( 'page', '$action', '{$this->page_id}', '{$this->namespace}', '$username', '$reason', '$time', '$existing_protection', 'DATE_STRING COLUMN OBSOLETE, USE time_id' );";
+ − 957
if ( !$db->sql_query($sql) )
+ − 958
{
481
+ − 959
$db->die_json();
468
+ − 960
}
+ − 961
+ − 962
// Perform the actual protection
+ − 963
$q = $db->sql_query('UPDATE ' . table_prefix . "pages SET protected = $protection_level WHERE urlname = '{$this->page_id}' AND namespace = '{$this->namespace}';");
+ − 964
if ( !$q )
481
+ − 965
$db->die_json();
468
+ − 966
904
+ − 967
$cache->purge('page_meta');
+ − 968
468
+ − 969
return array(
+ − 970
'success' => true
+ − 971
);
+ − 972
}
+ − 973
+ − 974
/**
1
+ − 975
* Sets internal variables.
+ − 976
* @access private
+ − 977
*/
+ − 978
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 979
function _setup($page_id, $namespace, $revision_id)
1
+ − 980
{
+ − 981
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 982
+ − 983
$page_id_cleaned = sanitize_page_id($page_id);
+ − 984
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 985
$this->revision_id = $revision_id;
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 986
$this->page_id_unclean = dirtify_page_id($page_id);
1
+ − 987
963
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 988
// resolve namespace
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 989
$this->ns = namespace_factory($page_id, $namespace, $this->revision_id);
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 990
$this->page_id =& $this->ns->page_id;
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 991
$this->namespace =& $this->ns->namespace;
1
+ − 992
963
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 993
$this->perms = $session->fetch_page_acl( $page_id, $namespace );
426
+ − 994
800
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 995
$this->page_exists = $this->ns->exists();
62
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 996
$this->title = get_page_title_ns($this->page_id, $this->namespace);
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 997
372
5bd429428101
A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager
Dan
diff
changeset
+ − 998
profiler_log("PageProcessor [{$this->namespace}:{$this->page_id}]: Ran _setup()");
1
+ − 999
}
+ − 1000
+ − 1001
/**
963
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1002
* Processes any redirects.
1
+ − 1003
* @access private
+ − 1004
*/
+ − 1005
963
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1006
function process_redirects()
1
+ − 1007
{
62
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 1008
global $db, $session, $paths, $template, $plugins; // Common objects
800
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 1009
global $output, $lang;
592
+ − 1010
963
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1011
$this->redirect_stack = array();
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1012
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1013
if ( !method_exists($this->ns, 'get_redirect') )
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1014
return true;
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1015
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1016
if ( !$this->allow_redir )
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1017
return true;
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1018
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1019
$redirect_count = 0;
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1020
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1021
while ( $result = $this->ns->get_redirect() )
62
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 1022
{
963
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1023
if ( $result['namespace'] == 'Special' || $result['namespace'] == 'Admin' )
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1024
{
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1025
// Can't redirect to special/admin page
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1026
$this->redir_error = $lang->get('page_err_redirect_to_special');
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1027
break;
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1028
}
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1029
if ( $redirect_count == 3 )
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1030
{
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1031
// max of 3 internal redirects exceeded
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1032
$this->redir_error = $lang->get('page_err_redirects_exceeded');
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1033
break;
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1034
}
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1035
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1036
$loop = false;
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1037
foreach ( $this->redirect_stack as $stackel )
62
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 1038
{
963
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1039
if ( $result['page_id'] == $stackel['old_page_id'] && $result['namespace'] == $stackel['old_namespace'] )
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1040
{
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1041
$loop = true;
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1042
break;
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1043
}
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1044
}
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1045
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1046
if ( $loop )
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1047
{
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1048
// redirect loop
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1049
$this->redir_error = $lang->get('page_err_redirect_infinite_loop');
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1050
break;
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1051
}
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1052
$new_ns = namespace_factory($result['page_id'], $result['namespace']);
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1053
if ( !$new_ns->exists() )
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1054
{
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1055
// new page doesn't exist
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1056
$this->redir_error = $lang->get('page_err_redirect_to_nonexistent');
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1057
break;
62
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 1058
}
963
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1059
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1060
// build stack entry
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1061
$stackel = array(
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1062
'page_id' => $result['page_id'],
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1063
'namespace' => $result['namespace'],
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1064
'old_page_id' => $this->page_id,
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1065
'old_namespace' => $this->namespace,
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1066
'old_title' => $this->ns->title
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1067
);
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1068
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1069
// replace everything (perform the actual redirect)
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1070
$this->ns = $new_ns;
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1071
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1072
$this->page_id =& $this->ns->page_id;
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1073
$this->namespace =& $this->ns->namespace;
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1074
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1075
$this->redirect_stack[] = $stackel;
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1076
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1077
$redirect_count++;
62
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
diff
changeset
+ − 1078
}
1
+ − 1079
}
963
b572ce1114f1
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
Dan
diff
changeset
+ − 1080
1
+ − 1081
/**
+ − 1082
* Sends the page header, dependent on, of course, whether we're supposed to.
+ − 1083
*/
+ − 1084
+ − 1085
function header()
+ − 1086
{
+ − 1087
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1088
if ( $this->send_headers )
+ − 1089
$template->header();
+ − 1090
}
+ − 1091
+ − 1092
/**
+ − 1093
* Sends the page footer, dependent on, of course, whether we're supposed to.
+ − 1094
*/
+ − 1095
+ − 1096
function footer()
+ − 1097
{
+ − 1098
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1099
if ( $this->send_headers )
+ − 1100
$template->footer();
+ − 1101
}
+ − 1102
+ − 1103
/**
+ − 1104
* Fetches the raw, unfiltered page text.
+ − 1105
* @access public
+ − 1106
*/
+ − 1107
+ − 1108
function fetch_text()
+ − 1109
{
800
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 1110
return $this->ns->fetch_text();
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 1111
}
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 1112
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
diff
changeset
+ − 1113
/**
935
+ − 1114
* Tells us if the page exists.
+ − 1115
* @return bool
+ − 1116
*/
+ − 1117
+ − 1118
function exists()
+ − 1119
{
+ − 1120
return $this->ns->exists();
+ − 1121
}
+ − 1122
+ − 1123
/**
1
+ − 1124
* Send the error message to the user that the access to this page is denied.
+ − 1125
* @access private
+ − 1126
*/
+ − 1127
+ − 1128
function err_access_denied()
+ − 1129
{
+ − 1130
global $db, $session, $paths, $template, $plugins; // Common objects
314
+ − 1131
global $lang;
+ − 1132
global $email;
1
+ − 1133
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1134
// Log it for crying out loud
1081
745200a9cc2a
Fixed some upgrade bugs; added support for choosing one's own date/time formats; rebrand as 1.1.7
Dan
diff
changeset
+ − 1135
$q = $db->sql_query('INSERT INTO '.table_prefix.'logs(log_type,action,time_id,date_string,author,edit_summary,page_text) VALUES(\'security\', \'illegal_page\', '.time().', \'DEPRECATED\', \''.$db->escape($session->username).'\', \''.$db->escape($_SERVER['REMOTE_ADDR']).'\', \'' . $db->escape(serialize(array($this->page_id, $this->namespace))) . '\')');
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1136
1
+ − 1137
$ob = '';
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1138
//$template->tpl_strings['PAGE_NAME'] = 'Access denied';
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1139
$template->tpl_strings['PAGE_NAME'] = htmlspecialchars( $this->title );
1
+ − 1140
+ − 1141
if ( $this->send_headers )
+ − 1142
{
+ − 1143
$ob .= $template->getHeader();
+ − 1144
}
+ − 1145
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1146
if ( count($this->redirect_stack) > 0 )
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1147
{
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1148
$stack = array_reverse($this->redirect_stack);
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1149
foreach ( $stack as $oldtarget )
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1150
{
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1151
$url = makeUrlNS($oldtarget[1], $oldtarget[0], 'redirect=no', true);
953
323c4cd1aa37
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
diff
changeset
+ − 1152
$old_page = namespace_factory($oldtarget[0], $oldtarget[1]);
323c4cd1aa37
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
diff
changeset
+ − 1153
$page_data = $old_page->get_cdata();
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1154
$title = ( isset($page_data['name']) ) ? $page_data['name'] : $paths->nslist[$oldtarget[1]] . htmlspecialchars( str_replace('_', ' ', dirtify_page_id( $oldtarget[0] ) ) );
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1155
$a = '<a href="' . $url . '">' . $title . '</a>';
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1156
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1157
$url = makeUrlNS($this->namespace, $this->page_id, 'redirect=no', true);
953
323c4cd1aa37
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Dan
diff
changeset
+ − 1158
$page_data = $this->ns->get_cdata();
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1159
$title = ( isset($page_data['name']) ) ? $page_data['name'] : $paths->nslist[$this->namespace] . htmlspecialchars( str_replace('_', ' ', dirtify_page_id( $this->page_id ) ) );
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1160
$b = '<a href="' . $url . '">' . $title . '</a>';
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1161
369
+ − 1162
$ob .= '<small>' . $lang->get('page_msg_redirected_from_to', array('from' => $a, 'to' => $b)) . '<br /></small>';
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1163
}
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1164
}
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
diff
changeset
+ − 1165
314
+ − 1166
$email_link = $email->encryptEmail(getConfig('contact_email'), '', '', $lang->get('page_err_access_denied_siteadmin'));
+ − 1167
+ − 1168
$ob .= "<h3>" . $lang->get('page_err_access_denied_title') . "</h3>";
+ − 1169
$ob .= "<p>" . $lang->get('page_err_access_denied_body', array('site_administration' => $email_link)) . "</p>";
1
+ − 1170
+ − 1171
if ( $this->send_headers )
+ − 1172
{
+ − 1173
$ob .= $template->getFooter();
+ − 1174
}
+ − 1175
echo $ob;
+ − 1176
}
+ − 1177
+ − 1178
/**
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1179
* Inform the user of an incorrect or absent password
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1180
* @access private
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1181
*/
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1182
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1183
function err_wrong_password()
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1184
{
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1185
global $db, $session, $paths, $template, $plugins; // Common objects
369
+ − 1186
global $lang;
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1187
800
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 1188
$title = $lang->get('page_msg_passrequired_title');
369
+ − 1189
$message = ( empty($this->password) ) ?
+ − 1190
'<p>' . $lang->get('page_msg_passrequired') . '</p>' :
+ − 1191
'<p>' . $lang->get('page_msg_pass_wrong') . '</p>';
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1192
$message .= '<form action="' . makeUrlNS($this->namespace, $this->page_id) . '" method="post">
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1193
<p>
800
9cdfe82c56cd
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Dan
diff
changeset
+ − 1194
<label>' . $lang->get('page_lbl_password') . ' <input name="pagepass" type="password" /></label> <input type="submit" value="' . $lang->get('page_btn_password_submit') . '" />
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1195
</p>
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1196
</form>';
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1197
if ( $this->send_headers )
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1198
{
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1199
$template->tpl_strings['PAGE_NAME'] = $title;
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1200
$template->header();
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1201
echo "$message";
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1202
$template->footer();
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1203
}
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1204
else
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1205
{
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1206
echo "<h2>$title</h2>
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1207
$message";
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1208
}
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1209
}
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1210
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 1211
/**
1
+ − 1212
* Send the error message to the user complaining that there weren't any rows.
+ − 1213
* @access private
+ − 1214
*/
+ − 1215
+ − 1216
function err_no_rows()
+ − 1217
{
+ − 1218
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 1219
+ − 1220
$title = 'No text rows';
+ − 1221
$message = 'While the page\'s existence was verified, there were no rows in the database that matched the query for the text. This may indicate a bug with the software; ask the webmaster for more information. The offending query was:<pre>' . $db->latest_query . '</pre>';
+ − 1222
if ( $this->send_headers )
+ − 1223
{
+ − 1224
$template->tpl_strings['PAGE_NAME'] = $title;
+ − 1225
$template->header();
+ − 1226
echo "<p>$message</p>";
+ − 1227
$template->footer();
+ − 1228
}
+ − 1229
else
+ − 1230
{
+ − 1231
echo "<h2>$title</h2>
+ − 1232
<p>$message</p>";
+ − 1233
}
+ − 1234
}
+ − 1235
+ − 1236
/**
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 1237
* Send an error message and die. For debugging or critical technical errors only - nothing that would under normal circumstances be shown to the user.
468
+ − 1238
* @param string Error message
+ − 1239
* @param bool If true, send DBAL's debugging information as well
1
+ − 1240
*/
+ − 1241
+ − 1242
function send_error($message, $sql = false)
+ − 1243
{
+ − 1244
global $db, $session, $paths, $template, $plugins; // Common objects
369
+ − 1245
global $lang;
1
+ − 1246
+ − 1247
$content = "<p>$message</p>";
369
+ − 1248
$template->tpl_strings['PAGE_NAME'] = $lang->get('page_msg_general_error');
1
+ − 1249
+ − 1250
if ( $this->debug['works'] )
+ − 1251
{
+ − 1252
$content .= $this->debug['backtrace'];
+ − 1253
}
+ − 1254
+ − 1255
header('HTTP/1.1 500 Internal Server Error');
+ − 1256
+ − 1257
$template->header();
+ − 1258
echo $content;
+ − 1259
$template->footer();
+ − 1260
+ − 1261
$db->close();
+ − 1262
+ − 1263
exit;
+ − 1264
+ − 1265
}
+ − 1266
322
+ − 1267
/**
+ − 1268
* Raises an error.
+ − 1269
* @param string Error string
+ − 1270
*/
+ − 1271
+ − 1272
function raise_error($string)
+ − 1273
{
+ − 1274
if ( !is_string($string) )
+ − 1275
return false;
+ − 1276
$this->_errors[] = $string;
+ − 1277
}
+ − 1278
+ − 1279
/**
+ − 1280
* Retrieves the latest error from the error stack and returns it ('pops' the error stack)
+ − 1281
* @return string
+ − 1282
*/
+ − 1283
+ − 1284
function pop_error()
+ − 1285
{
+ − 1286
if ( count($this->_errors) < 1 )
+ − 1287
return false;
+ − 1288
return array_pop($this->_errors);
+ − 1289
}
+ − 1290
1
+ − 1291
} // class PageProcessor
+ − 1292
+ − 1293
?>