author | Dan |
Tue, 22 Jan 2008 01:08:15 -0500 | |
changeset 370 | b251818286b1 |
parent 369 | d0825e599853 |
child 372 | 5bd429428101 |
permissions | -rw-r--r-- |
1 | 1 |
<?php |
73
0a74676a2f2f
Made the move to Loch Ness, and got some basic page grouping functionality working. TODO: fix some UI issues in Javascript ACL editor and change non-JS ACL editor to work with page groups too
Dan
parents:
62
diff
changeset
|
2 |
|
1 | 3 |
/* |
4 |
* Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
5 |
* Version 1.0.3 (Dyrad) |
1 | 6 |
* pageprocess.php - intelligent retrieval of pages |
7 |
* Copyright (C) 2006-2007 Dan Fuhry |
|
8 |
* |
|
9 |
* This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License |
|
10 |
* as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. |
|
11 |
* |
|
12 |
* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied |
|
13 |
* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details. |
|
14 |
*/ |
|
15 |
||
16 |
/** |
|
17 |
* Class to handle fetching page text (possibly from a cache) and formatting it. |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
18 |
* As of 1.0.4, this also handles the fetching and editing of certain data for pages. |
1 | 19 |
* @package Enano |
20 |
* @subpackage UI |
|
21 |
* @copyright 2007 Dan Fuhry |
|
22 |
* @license GNU General Public License <http://www.gnu.org/licenses/gpl.html> |
|
23 |
*/ |
|
24 |
||
25 |
class PageProcessor |
|
26 |
{ |
|
27 |
||
28 |
/** |
|
29 |
* Page ID and namespace of the page handled by this instance |
|
30 |
* @var string |
|
31 |
*/ |
|
32 |
||
33 |
var $page_id; |
|
34 |
var $namespace; |
|
35 |
||
36 |
/** |
|
62
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
37 |
* The title of the page sent to the template parser |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
38 |
* @var string |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
39 |
*/ |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
40 |
|
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
41 |
var $title = ''; |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
42 |
|
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
43 |
/** |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
44 |
* The information about the page(s) we were redirected from |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
45 |
* @var array |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
46 |
*/ |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
47 |
|
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
48 |
var $redirect_stack = array(); |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
49 |
|
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
50 |
/** |
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
51 |
* The revision ID (history entry) to send. If set to 0 (the default) then the most recent revision will be sent. |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
52 |
* @var int |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
53 |
*/ |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
54 |
|
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
55 |
var $revision_id = 0; |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
56 |
|
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
57 |
/** |
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
58 |
* Unsanitized page ID. |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
59 |
* @var string |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
60 |
*/ |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
61 |
|
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
62 |
var $page_id_unclean; |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
63 |
|
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
64 |
/** |
1 | 65 |
* Tracks if the page we're loading exists in the database or not. |
66 |
* @var bool |
|
67 |
*/ |
|
68 |
||
69 |
var $page_exists = false; |
|
70 |
||
71 |
/** |
|
72 |
* Permissions! |
|
73 |
* @var object |
|
74 |
*/ |
|
75 |
||
76 |
var $perms = null; |
|
77 |
||
78 |
/** |
|
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
31
diff
changeset
|
79 |
* The SHA1 hash of the user-inputted password for the page |
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
31
diff
changeset
|
80 |
* @var string |
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
31
diff
changeset
|
81 |
*/ |
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
31
diff
changeset
|
82 |
|
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
31
diff
changeset
|
83 |
var $password = ''; |
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
31
diff
changeset
|
84 |
|
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
31
diff
changeset
|
85 |
/** |
1 | 86 |
* Switch to track if redirects are allowed. Defaults to true. |
87 |
* @var bool |
|
88 |
*/ |
|
89 |
||
90 |
var $allow_redir = true; |
|
91 |
||
92 |
/** |
|
93 |
* If this is set to true, this will call the header and footer funcs on $template when render() is called. |
|
94 |
* @var bool |
|
95 |
*/ |
|
96 |
||
97 |
var $send_headers = false; |
|
98 |
||
99 |
/** |
|
100 |
* Cache the fetched text so we don't fetch it from the DB twice. |
|
101 |
* @var string |
|
102 |
*/ |
|
103 |
||
104 |
var $text_cache = ''; |
|
105 |
||
106 |
/** |
|
107 |
* Debugging information to track errors. You can set enable to false to disable sending debug information. |
|
108 |
* @var array |
|
109 |
*/ |
|
110 |
||
111 |
var $debug = array( |
|
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
112 |
'enable' => false, |
1 | 113 |
'works' => false |
114 |
); |
|
115 |
||
116 |
/** |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
117 |
* The list of errors raised in the class. |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
118 |
* @var array |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
119 |
*/ |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
120 |
|
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
121 |
var $_errors = array(); |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
122 |
|
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
123 |
/** |
1 | 124 |
* Constructor. |
125 |
* @param string The page ID (urlname) of the page |
|
126 |
* @param string The namespace of the page |
|
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
127 |
* @param int Optional. The revision ID to send. |
1 | 128 |
*/ |
129 |
||
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
130 |
function __construct( $page_id, $namespace, $revision_id = 0 ) |
1 | 131 |
{ |
132 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
133 |
||
134 |
// See if we can get some debug info |
|
135 |
if ( function_exists('debug_backtrace') && $this->debug['enable'] ) |
|
136 |
{ |
|
137 |
$this->debug['works'] = true; |
|
138 |
$this->debug['backtrace'] = enano_debug_print_backtrace(true); |
|
139 |
} |
|
140 |
||
141 |
// First things first - check page existence and permissions |
|
142 |
||
143 |
if ( !isset($paths->nslist[$namespace]) ) |
|
144 |
{ |
|
145 |
$this->send_error('The namespace "' . htmlspecialchars($namespace) . '" does not exist.'); |
|
146 |
} |
|
147 |
||
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
148 |
if ( !is_int($revision_id) ) |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
149 |
$revision_id = 0; |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
150 |
|
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
151 |
$this->_setup( $page_id, $namespace, $revision_id ); |
1 | 152 |
|
153 |
} |
|
154 |
||
155 |
/** |
|
61 | 156 |
* The main method to send the page content. Also responsible for checking permissions and calling the statistics counter. |
157 |
* @param bool If true, the stat counter is called. Defaults to false. |
|
1 | 158 |
*/ |
159 |
||
61 | 160 |
function send( $do_stats = false ) |
1 | 161 |
{ |
162 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
314
474f8be55943
Localized remainder of on-page tools and parts of PageProcess
Dan
parents:
313
diff
changeset
|
163 |
global $lang; |
474f8be55943
Localized remainder of on-page tools and parts of PageProcess
Dan
parents:
313
diff
changeset
|
164 |
|
1 | 165 |
if ( !$this->perms->get_permissions('read') ) |
166 |
{ |
|
167 |
$this->err_access_denied(); |
|
168 |
return false; |
|
169 |
} |
|
24 | 170 |
$pathskey = $paths->nslist[ $this->namespace ] . $this->page_id; |
171 |
$strict_no_headers = false; |
|
329
0437a7cf1acc
Added update-checking function (still a little rough around the edges); added support into admin user CP for changing avatars
Dan
parents:
328
diff
changeset
|
172 |
if ( $this->namespace == 'Admin' && strstr($this->page_id, '/') ) |
0437a7cf1acc
Added update-checking function (still a little rough around the edges); added support into admin user CP for changing avatars
Dan
parents:
328
diff
changeset
|
173 |
{ |
0437a7cf1acc
Added update-checking function (still a little rough around the edges); added support into admin user CP for changing avatars
Dan
parents:
328
diff
changeset
|
174 |
$this->page_id = substr($this->page_id, 0, strpos($this->page_id, '/')); |
0437a7cf1acc
Added update-checking function (still a little rough around the edges); added support into admin user CP for changing avatars
Dan
parents:
328
diff
changeset
|
175 |
$funcname = "page_{$this->namespace}_{$this->page_id}"; |
0437a7cf1acc
Added update-checking function (still a little rough around the edges); added support into admin user CP for changing avatars
Dan
parents:
328
diff
changeset
|
176 |
if ( function_exists($funcname) ) |
0437a7cf1acc
Added update-checking function (still a little rough around the edges); added support into admin user CP for changing avatars
Dan
parents:
328
diff
changeset
|
177 |
{ |
0437a7cf1acc
Added update-checking function (still a little rough around the edges); added support into admin user CP for changing avatars
Dan
parents:
328
diff
changeset
|
178 |
$this->page_exists = true; |
0437a7cf1acc
Added update-checking function (still a little rough around the edges); added support into admin user CP for changing avatars
Dan
parents:
328
diff
changeset
|
179 |
} |
0437a7cf1acc
Added update-checking function (still a little rough around the edges); added support into admin user CP for changing avatars
Dan
parents:
328
diff
changeset
|
180 |
} |
24 | 181 |
if ( isset($paths->pages[$pathskey]) ) |
182 |
{ |
|
183 |
if ( $paths->pages[$pathskey]['special'] == 1 ) |
|
184 |
{ |
|
185 |
$this->send_headers = false; |
|
186 |
$strict_no_headers = true; |
|
187 |
} |
|
286
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents:
285
diff
changeset
|
188 |
if ( isset($paths->pages[$pathskey]['password']) ) |
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
31
diff
changeset
|
189 |
{ |
286
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents:
285
diff
changeset
|
190 |
if ( $paths->pages[$pathskey]['password'] != '' && $paths->pages[$pathskey]['password'] != sha1('') ) |
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
31
diff
changeset
|
191 |
{ |
286
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents:
285
diff
changeset
|
192 |
$password =& $paths->pages[$pathskey]['password']; |
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents:
285
diff
changeset
|
193 |
if ( $this->password != $password ) |
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents:
285
diff
changeset
|
194 |
{ |
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents:
285
diff
changeset
|
195 |
$this->err_wrong_password(); |
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents:
285
diff
changeset
|
196 |
return false; |
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
parents:
285
diff
changeset
|
197 |
} |
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
31
diff
changeset
|
198 |
} |
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
31
diff
changeset
|
199 |
} |
24 | 200 |
} |
61 | 201 |
if ( $this->page_exists && $this->namespace != 'Special' && $this->namespace != 'Admin' && $do_stats ) |
202 |
{ |
|
203 |
doStats($this->page_id, $this->namespace); |
|
204 |
} |
|
1 | 205 |
if ( $this->namespace == 'Special' || $this->namespace == 'Admin' ) |
206 |
{ |
|
207 |
if ( !$this->page_exists ) |
|
208 |
{ |
|
314
474f8be55943
Localized remainder of on-page tools and parts of PageProcess
Dan
parents:
313
diff
changeset
|
209 |
die_semicritical('Exception in PageProcessor', '<p>Special page not existent but exception not previously caught by path manager.</p>'); |
1 | 210 |
} |
211 |
$func_name = "page_{$this->namespace}_{$this->page_id}"; |
|
212 |
if ( function_exists($func_name) ) |
|
213 |
{ |
|
214 |
return @call_user_func($func_name); |
|
215 |
} |
|
216 |
else |
|
217 |
{ |
|
314
474f8be55943
Localized remainder of on-page tools and parts of PageProcess
Dan
parents:
313
diff
changeset
|
218 |
$title = $lang->get('page_err_custompage_function_missing_title'); |
474f8be55943
Localized remainder of on-page tools and parts of PageProcess
Dan
parents:
313
diff
changeset
|
219 |
$message = $lang->get('page_err_custompage_function_missing_body', array( 'function_name' => $fname )); |
1 | 220 |
|
221 |
if ( $this->send_headers ) |
|
222 |
{ |
|
223 |
$template->tpl_strings['PAGE_NAME'] = $title; |
|
224 |
$template->header(); |
|
225 |
echo "<p>$message</p>"; |
|
226 |
$template->footer(); |
|
227 |
} |
|
228 |
else |
|
229 |
{ |
|
230 |
echo "<h2>$title</h2> |
|
231 |
<p>$message</p>"; |
|
232 |
} |
|
233 |
return false; |
|
234 |
} |
|
235 |
} |
|
91 | 236 |
else if ( $this->namespace == 'User' && strpos($this->page_id, '/') === false ) |
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
237 |
{ |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
238 |
$this->_handle_userpage(); |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
239 |
} |
1 | 240 |
else if ( ( $this->namespace == 'Template' || $this->namespace == 'System' ) && $this->page_exists ) |
241 |
{ |
|
242 |
$this->header(); |
|
243 |
||
244 |
$text = $this->fetch_text(); |
|
245 |
$text = preg_replace('/<noinclude>(.*?)<\/noinclude>/is', '\\1', $text); |
|
246 |
$text = preg_replace('/<nodisplay>(.*?)<\/nodisplay>/is', '', $text); |
|
247 |
||
248 |
$text = RenderMan::render( $text ); |
|
249 |
||
343
eefe9ab7fe7c
Localized the first parts of the admin panel. As a consequence, also wrote a brand new Admin:PageManager that doesn't suck like the old one did.
Dan
parents:
335
diff
changeset
|
250 |
eval( '?>' . $text ); |
1 | 251 |
|
252 |
$this->footer(); |
|
312
6c7060d36a23
Improved physical pages: they support comments and have their own dedicated namespace now. Still some consistency fixes to make.
Dan
parents:
286
diff
changeset
|
253 |
} |
6c7060d36a23
Improved physical pages: they support comments and have their own dedicated namespace now. Still some consistency fixes to make.
Dan
parents:
286
diff
changeset
|
254 |
else if ( $this->namespace == 'Anonymous' ) |
6c7060d36a23
Improved physical pages: they support comments and have their own dedicated namespace now. Still some consistency fixes to make.
Dan
parents:
286
diff
changeset
|
255 |
{ |
6c7060d36a23
Improved physical pages: they support comments and have their own dedicated namespace now. Still some consistency fixes to make.
Dan
parents:
286
diff
changeset
|
256 |
$uri = scriptPath . '/' . $this->page_id; |
6c7060d36a23
Improved physical pages: they support comments and have their own dedicated namespace now. Still some consistency fixes to make.
Dan
parents:
286
diff
changeset
|
257 |
if ( !$this->send_headers ) |
6c7060d36a23
Improved physical pages: they support comments and have their own dedicated namespace now. Still some consistency fixes to make.
Dan
parents:
286
diff
changeset
|
258 |
{ |
6c7060d36a23
Improved physical pages: they support comments and have their own dedicated namespace now. Still some consistency fixes to make.
Dan
parents:
286
diff
changeset
|
259 |
$sep = ( strstr($uri, '?') ) ? '&' : '?'; |
6c7060d36a23
Improved physical pages: they support comments and have their own dedicated namespace now. Still some consistency fixes to make.
Dan
parents:
286
diff
changeset
|
260 |
$uri .= "{$sep}noheaders"; |
6c7060d36a23
Improved physical pages: they support comments and have their own dedicated namespace now. Still some consistency fixes to make.
Dan
parents:
286
diff
changeset
|
261 |
} |
6c7060d36a23
Improved physical pages: they support comments and have their own dedicated namespace now. Still some consistency fixes to make.
Dan
parents:
286
diff
changeset
|
262 |
redirect( $uri, '', '', 0 ); |
1 | 263 |
} |
264 |
else if ( !$this->page_exists ) |
|
265 |
{ |
|
266 |
// Perhaps this is hooked? |
|
267 |
ob_start(); |
|
268 |
||
269 |
$code = $plugins->setHook('page_not_found'); |
|
270 |
foreach ( $code as $cmd ) |
|
271 |
{ |
|
272 |
eval($cmd); |
|
273 |
} |
|
274 |
||
275 |
$ob = ob_get_contents(); |
|
276 |
||
277 |
if ( empty($ob) ) |
|
278 |
{ |
|
279 |
$this->err_page_not_existent(); |
|
280 |
} |
|
61 | 281 |
else |
282 |
{ |
|
283 |
// Something sent content, so we'll assume the page exist...ed at least according to the plugin |
|
284 |
if ( $this->namespace != 'Special' && $this->namespace != 'Admin' && $do_stats ) |
|
285 |
{ |
|
286 |
doStats($this->page_id, $this->namespace); |
|
287 |
} |
|
288 |
} |
|
1 | 289 |
} |
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
290 |
else // (disabled for compatibility reasons) if ( in_array($this->namespace, array('Article', 'User', 'Project', 'Help', 'File', 'Category')) && $this->page_exists ) |
9
1e61232606d6
Following fixes: admin theme supports <button> tag now, PageProcessor can eval now, and SpecialAdmin.php plugin can no longer be disabled
dan@fuhry
parents:
4
diff
changeset
|
291 |
{ |
1e61232606d6
Following fixes: admin theme supports <button> tag now, PageProcessor can eval now, and SpecialAdmin.php plugin can no longer be disabled
dan@fuhry
parents:
4
diff
changeset
|
292 |
// Send as regular page |
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
293 |
|
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
294 |
// die($this->page_id); |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
295 |
|
9
1e61232606d6
Following fixes: admin theme supports <button> tag now, PageProcessor can eval now, and SpecialAdmin.php plugin can no longer be disabled
dan@fuhry
parents:
4
diff
changeset
|
296 |
$text = $this->fetch_text(); |
1e61232606d6
Following fixes: admin theme supports <button> tag now, PageProcessor can eval now, and SpecialAdmin.php plugin can no longer be disabled
dan@fuhry
parents:
4
diff
changeset
|
297 |
if ( $text == 'err_no_text_rows' ) |
1e61232606d6
Following fixes: admin theme supports <button> tag now, PageProcessor can eval now, and SpecialAdmin.php plugin can no longer be disabled
dan@fuhry
parents:
4
diff
changeset
|
298 |
{ |
1e61232606d6
Following fixes: admin theme supports <button> tag now, PageProcessor can eval now, and SpecialAdmin.php plugin can no longer be disabled
dan@fuhry
parents:
4
diff
changeset
|
299 |
$this->err_no_rows(); |
1e61232606d6
Following fixes: admin theme supports <button> tag now, PageProcessor can eval now, and SpecialAdmin.php plugin can no longer be disabled
dan@fuhry
parents:
4
diff
changeset
|
300 |
return false; |
1e61232606d6
Following fixes: admin theme supports <button> tag now, PageProcessor can eval now, and SpecialAdmin.php plugin can no longer be disabled
dan@fuhry
parents:
4
diff
changeset
|
301 |
} |
1e61232606d6
Following fixes: admin theme supports <button> tag now, PageProcessor can eval now, and SpecialAdmin.php plugin can no longer be disabled
dan@fuhry
parents:
4
diff
changeset
|
302 |
else |
1e61232606d6
Following fixes: admin theme supports <button> tag now, PageProcessor can eval now, and SpecialAdmin.php plugin can no longer be disabled
dan@fuhry
parents:
4
diff
changeset
|
303 |
{ |
62
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
304 |
$redirect = ( isset($_GET['redirect']) ) ? $_GET['redirect'] : 'YES YOU IDIOT'; |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
305 |
if ( preg_match('/^#redirect \[\[([^\]]+)\]\]/i', $text, $match) && $redirect != 'no' ) |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
306 |
{ |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
307 |
// Redirect page! |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
308 |
$page_to = sanitize_page_id($match[1]); |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
309 |
$page_id_data = RenderMan::strToPageID($page_to); |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
310 |
if ( count($this->redirect_stack) >= 3 ) |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
311 |
{ |
314
474f8be55943
Localized remainder of on-page tools and parts of PageProcess
Dan
parents:
313
diff
changeset
|
312 |
$this->render( (!$strict_no_headers), '<div class="usermessage"><b>' . $lang->get('page_err_redirects_exceeded') . '</b></div>' ); |
62
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
313 |
} |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
314 |
else |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
315 |
{ |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
316 |
$result = $this->_handle_redirect($page_id_data[0], $page_id_data[1]); |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
317 |
if ( $result !== true ) |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
318 |
{ |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
319 |
// There was some error during the redirect process - usually an infinite redirect |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
320 |
$this->render( (!$strict_no_headers), '<div class="usermessage"><b>' . $result . '</b></div>' ); |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
321 |
} |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
322 |
} |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
323 |
} |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
324 |
else |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
325 |
{ |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
326 |
$this->render( (!$strict_no_headers) ); |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
327 |
} |
9
1e61232606d6
Following fixes: admin theme supports <button> tag now, PageProcessor can eval now, and SpecialAdmin.php plugin can no longer be disabled
dan@fuhry
parents:
4
diff
changeset
|
328 |
} |
1e61232606d6
Following fixes: admin theme supports <button> tag now, PageProcessor can eval now, and SpecialAdmin.php plugin can no longer be disabled
dan@fuhry
parents:
4
diff
changeset
|
329 |
} |
1 | 330 |
} |
331 |
||
332 |
/** |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
333 |
* Fetches the wikitext or HTML source for the page. |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
334 |
* @return string |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
335 |
*/ |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
336 |
|
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
337 |
function fetch_source() |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
338 |
{ |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
339 |
if ( !$this->perms->get_permissions('view_source') ) |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
340 |
{ |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
341 |
return false; |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
342 |
} |
325
e17cc42d77cf
Fixed: $paths->page_id not set when the page doesn't exist; finally fixed garbled page names for IP addresses
Dan
parents:
322
diff
changeset
|
343 |
if ( !$this->page_exists ) |
e17cc42d77cf
Fixed: $paths->page_id not set when the page doesn't exist; finally fixed garbled page names for IP addresses
Dan
parents:
322
diff
changeset
|
344 |
{ |
e17cc42d77cf
Fixed: $paths->page_id not set when the page doesn't exist; finally fixed garbled page names for IP addresses
Dan
parents:
322
diff
changeset
|
345 |
return ''; |
e17cc42d77cf
Fixed: $paths->page_id not set when the page doesn't exist; finally fixed garbled page names for IP addresses
Dan
parents:
322
diff
changeset
|
346 |
} |
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
347 |
return $this->fetch_text(); |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
348 |
} |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
349 |
|
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
350 |
/** |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
351 |
* Updates the content of the page. |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
352 |
* @param string The new text for the page |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
353 |
* @param string A summary of edits made to the page. |
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
329
diff
changeset
|
354 |
* @param bool If true, the edit is marked as a minor revision |
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
355 |
* @return bool True on success, false on failure |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
356 |
*/ |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
357 |
|
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
329
diff
changeset
|
358 |
function update_page($text, $edit_summary = false, $minor_edit = false) |
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
359 |
{ |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
360 |
global $db, $session, $paths, $template, $plugins; // Common objects |
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
329
diff
changeset
|
361 |
global $lang; |
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
362 |
|
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
363 |
// Create the page if it doesn't exist |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
364 |
if ( !$this->page_exists ) |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
365 |
{ |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
366 |
if ( !$this->create_page() ) |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
367 |
{ |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
368 |
return false; |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
369 |
} |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
370 |
} |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
371 |
|
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
372 |
// |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
373 |
// Validation |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
374 |
// |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
375 |
|
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
376 |
$page_id = $db->escape($this->page_id); |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
377 |
$namespace = $db->escape($this->namespace); |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
378 |
|
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
379 |
$q = $db->sql_query('SELECT protected FROM ' . table_prefix . "pages WHERE urlname='$page_id' AND namespace='$namespace';"); |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
380 |
if ( !$q ) |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
381 |
$db->_die('PageProcess updating page content'); |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
382 |
if ( $db->numrows() < 1 ) |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
383 |
{ |
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
329
diff
changeset
|
384 |
$this->raise_error($lang->get('editor_err_no_rows')); |
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
385 |
return false; |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
386 |
} |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
387 |
|
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
388 |
// Do we have permission to edit the page? |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
389 |
if ( !$this->perms->get_permissions('edit_page') ) |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
390 |
{ |
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
329
diff
changeset
|
391 |
$this->raise_error($lang->get('editor_err_no_permission')); |
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
392 |
return false; |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
393 |
} |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
394 |
|
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
395 |
list($protection) = $db->fetchrow_num(); |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
396 |
$db->free_result(); |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
397 |
|
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
398 |
if ( $protection == 1 ) |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
399 |
{ |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
400 |
// The page is protected - do we have permission to edit protected pages? |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
401 |
if ( !$this->perms->get_permissions('even_when_protected') ) |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
402 |
{ |
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
329
diff
changeset
|
403 |
$this->raise_error($lang->get('editor_err_page_protected')); |
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
404 |
return false; |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
405 |
} |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
406 |
} |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
407 |
else if ( $protection == 2 ) |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
408 |
{ |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
409 |
// The page is semi-protected. |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
410 |
if ( |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
411 |
( !$session->user_logged_in || // Is the user logged in? |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
412 |
( $session->user_logged_in && $session->reg_time + ( 4 * 86400 ) >= time() ) ) // If so, have they been registered for 4 days? |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
413 |
&& !$this->perms->get_permissions('even_when_protected') ) // And of course, is there an ACL that overrides semi-protection? |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
414 |
{ |
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
329
diff
changeset
|
415 |
$this->raise_error($lang->get('editor_err_page_protected')); |
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
416 |
return false; |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
417 |
} |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
418 |
} |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
419 |
|
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
329
diff
changeset
|
420 |
// |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
329
diff
changeset
|
421 |
// Protection validated; update page content |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
329
diff
changeset
|
422 |
// |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
329
diff
changeset
|
423 |
|
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
329
diff
changeset
|
424 |
$text_undb = RenderMan::preprocess_text($text, false, false); |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
329
diff
changeset
|
425 |
$text = $db->escape($text_undb); |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
329
diff
changeset
|
426 |
$author = $db->escape($session->username); |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
329
diff
changeset
|
427 |
$time = time(); |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
329
diff
changeset
|
428 |
$edit_summary = ( strval($edit_summary) === $edit_summary ) ? $db->escape($edit_summary) : ''; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
329
diff
changeset
|
429 |
$minor_edit = ( $minor_edit ) ? '1' : '0'; |
345
4ccdfeee9a11
WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents:
343
diff
changeset
|
430 |
$date_string = enano_date('d M Y h:i a'); |
335
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
329
diff
changeset
|
431 |
|
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
329
diff
changeset
|
432 |
// Insert log entry |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
329
diff
changeset
|
433 |
$sql = 'INSERT INTO ' . table_prefix . "logs ( time_id, date_string, log_type, action, page_id, namespace, author, page_text, edit_summary, minor_edit )\n" |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
329
diff
changeset
|
434 |
. " VALUES ( $time, '$date_string', 'page', 'edit', '{$this->page_id}', '{$this->namespace}', '$author', '$text', '$edit_summary', $minor_edit );"; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
329
diff
changeset
|
435 |
if ( !$db->sql_query($sql) ) |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
329
diff
changeset
|
436 |
{ |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
329
diff
changeset
|
437 |
$this->raise_error($db->get_error()); |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
329
diff
changeset
|
438 |
return false; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
329
diff
changeset
|
439 |
} |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
329
diff
changeset
|
440 |
|
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
329
diff
changeset
|
441 |
// Update the master text entry |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
329
diff
changeset
|
442 |
$sql = 'UPDATE ' . table_prefix . "page_text SET page_text = '$text' WHERE page_id = '{$this->page_id}' AND namespace = '{$this->namespace}';"; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
329
diff
changeset
|
443 |
if ( !$db->sql_query($sql) ) |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
329
diff
changeset
|
444 |
{ |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
329
diff
changeset
|
445 |
$this->raise_error($db->get_error()); |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
329
diff
changeset
|
446 |
return false; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
329
diff
changeset
|
447 |
} |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
329
diff
changeset
|
448 |
|
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
329
diff
changeset
|
449 |
// Rebuild the search index |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
329
diff
changeset
|
450 |
$paths->rebuild_page_index($this->page_id, $this->namespace); |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
329
diff
changeset
|
451 |
|
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
329
diff
changeset
|
452 |
$this->text_cache = $text; |
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
329
diff
changeset
|
453 |
|
67bd3121a12e
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
Dan
parents:
329
diff
changeset
|
454 |
return true; |
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
455 |
|
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
456 |
} |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
457 |
|
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
458 |
/** |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
459 |
* Creates the page if it doesn't already exist. |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
460 |
* @return bool True on success, false on failure. |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
461 |
*/ |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
462 |
|
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
463 |
function create_page() |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
464 |
{ |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
465 |
global $db, $session, $paths, $template, $plugins; // Common objects |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
466 |
|
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
467 |
// Do we have permission to create the page? |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
468 |
if ( !$this->perms->get_permissions('create_page') ) |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
469 |
{ |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
470 |
$this->raise_error('You do not have permission to create this page.'); |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
471 |
return false; |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
472 |
} |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
473 |
|
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
474 |
// Does it already exist? |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
475 |
if ( $this->page_exists ) |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
476 |
{ |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
477 |
$this->raise_error('The page already exists.'); |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
478 |
return false; |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
479 |
} |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
480 |
|
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
481 |
// It's not in there. Perform validation. |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
482 |
|
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
483 |
// We can't create special, admin, or external pages. |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
484 |
if ( $this->namespace == 'Special' || $this->namespace == 'Admin' || $this->namespace == 'Anonymous' ) |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
485 |
{ |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
486 |
$this->raise_error('You cannot create Special or Admin pages - they can\'t be stored in the database.'); |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
487 |
return false; |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
488 |
} |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
489 |
|
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
490 |
// Guess the proper title |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
491 |
$name = dirtify_page_id($this->page_id); |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
492 |
|
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
493 |
// Check for the restricted Project: prefix |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
494 |
if ( substr($this->page_id, 0, 8) == 'Project:' ) |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
495 |
{ |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
496 |
$this->raise_error('The prefix "Project:" is reserved for internal links and can\'t be used on a page name.'); |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
497 |
return false; |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
498 |
} |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
499 |
|
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
500 |
// Validation successful - insert the page |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
501 |
|
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
502 |
$metadata = array( |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
503 |
'urlname' => $this->page_id, |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
504 |
'namespace' => $this->namespace, |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
505 |
'name' => $name, |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
506 |
'special' => 0, |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
507 |
'visible' => 1, |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
508 |
'comments_on' => 1, |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
509 |
'protected' => ( $this->namespace == 'System' ? 1 : 0 ), |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
510 |
'delvotes' => 0, |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
511 |
'delvote_ips' => serialize(array()), |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
512 |
'wiki_mode' => 2 |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
513 |
); |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
514 |
|
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
515 |
$paths->add_page($metadata); |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
516 |
|
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
517 |
$page_id = $db->escape($this->page_id); |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
518 |
$namespace = $db->escape($this->namespace); |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
519 |
$name = $db->escape($name); |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
520 |
$protect = ( $this->namespace == 'System' ) ? '1' : '0'; |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
521 |
$blank_array = $db->escape(serialize(array())); |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
522 |
|
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
523 |
// Query 1: Metadata entry |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
524 |
$q = $db->sql_query('INSERT INTO ' . table_prefix . "pages(name, urlname, namespace, protected, delvotes, delvote_ips, wiki_mode)\n" |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
525 |
. "VALUES ( '$name', '$page_id', '$namespace', $protect, 0, '$blank_array', 2 );"); |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
526 |
if ( !$q ) |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
527 |
$db->_die('PageProcessor page creation - metadata stage'); |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
528 |
|
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
529 |
// Query 2: Text insertion |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
530 |
$q = $db->sql_query('INSERT INTO ' . table_prefix . "page_text(page_id, namespace, page_text)\n" |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
531 |
. "VALUES ( '$page_id', '$namespace', '' );"); |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
532 |
if ( !$q ) |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
533 |
$db->_die('PageProcessor page creation - text stage'); |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
534 |
|
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
535 |
// Page created. We're good! |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
536 |
return true; |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
537 |
} |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
538 |
|
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
539 |
/** |
1 | 540 |
* Sets internal variables. |
541 |
* @access private |
|
542 |
*/ |
|
543 |
||
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
544 |
function _setup($page_id, $namespace, $revision_id) |
1 | 545 |
{ |
546 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
547 |
||
548 |
$page_id_cleaned = sanitize_page_id($page_id); |
|
549 |
||
550 |
$this->page_id = $page_id_cleaned; |
|
551 |
$this->namespace = $namespace; |
|
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
552 |
$this->revision_id = $revision_id; |
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
553 |
$this->page_id_unclean = dirtify_page_id($page_id); |
1 | 554 |
|
555 |
$this->perms = $session->fetch_page_acl( $page_id, $namespace ); |
|
556 |
||
557 |
// Exception for Admin: pages |
|
558 |
if ( $this->namespace == 'Admin' ) |
|
559 |
{ |
|
560 |
$fname = "page_Admin_{$this->page_id}"; |
|
561 |
} |
|
562 |
||
563 |
// Does the page "exist"? |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
564 |
if ( $paths->page_id == $page_id && $paths->namespace == $namespace && !$paths->page_exists && ( $this->namespace != 'Admin' || ($this->namespace == 'Admin' && !function_exists($fname) ) ) ) |
1 | 565 |
{ |
566 |
$this->page_exists = false; |
|
567 |
} |
|
568 |
else if ( !isset( $paths->pages[ $paths->nslist[$namespace] . $page_id ] ) && ( $this->namespace == 'Admin' && !function_exists($fname) ) ) |
|
569 |
{ |
|
570 |
$this->page_exists = false; |
|
571 |
} |
|
572 |
else |
|
573 |
{ |
|
574 |
$this->page_exists = true; |
|
575 |
} |
|
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
576 |
|
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
577 |
// Compatibility with older databases |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
578 |
if ( strstr($this->page_id, '.2e') && !$this->page_exists ) |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
579 |
{ |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
580 |
$page_id = str_replace('.2e', '.', $page_id); |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
581 |
|
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
582 |
if ( $paths->page_id == $page_id && $paths->namespace == $namespace && !$paths->page_exists && ( $this->namespace != 'Admin' || ($this->namespace == 'Admin' && !function_exists($fname) ) ) ) |
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
583 |
{ |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
584 |
$this->page_exists = false; |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
585 |
} |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
586 |
else if ( !isset( $paths->pages[ $paths->nslist[$namespace] . $page_id ] ) && ( $this->namespace == 'Admin' && !function_exists($fname) ) ) |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
587 |
{ |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
588 |
$this->page_exists = false; |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
589 |
} |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
590 |
else |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
591 |
{ |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
592 |
$this->page_exists = true; |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
593 |
} |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
594 |
|
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
595 |
} |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
596 |
|
62
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
597 |
$this->title = get_page_title_ns($this->page_id, $this->namespace); |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
598 |
|
1 | 599 |
} |
600 |
||
601 |
/** |
|
602 |
* Renders it all in one go, and echoes it out. This assumes that the text is in the DB. |
|
603 |
* @access private |
|
604 |
*/ |
|
605 |
||
62
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
606 |
function render($incl_inner_headers = true, $_errormsg = false) |
1 | 607 |
{ |
62
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
608 |
global $db, $session, $paths, $template, $plugins; // Common objects |
314
474f8be55943
Localized remainder of on-page tools and parts of PageProcess
Dan
parents:
313
diff
changeset
|
609 |
global $lang; |
62
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
610 |
|
1 | 611 |
$text = $this->fetch_text(); |
91 | 612 |
$text = preg_replace('/([\s]*)__NOBREADCRUMBS__([\s]*)/', '', $text); |
613 |
$text = preg_replace('/([\s]*)__NOTOC__([\s]*)/', '', $text); |
|
1 | 614 |
|
62
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
615 |
$redir_enabled = false; |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
616 |
if ( preg_match('/^#redirect \[\[([^\]]+?)\]\]/i', $text, $match ) ) |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
617 |
{ |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
618 |
$redir_enabled = true; |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
619 |
|
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
620 |
$oldtarget = RenderMan::strToPageID($match[1]); |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
621 |
$oldtarget[0] = sanitize_page_id($oldtarget[0]); |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
622 |
|
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
623 |
$url = makeUrlNS($oldtarget[1], $oldtarget[0], false, true); |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
624 |
$page_id_key = $paths->nslist[ $oldtarget[1] ] . $oldtarget[0]; |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
625 |
$page_data = $paths->pages[$page_id_key]; |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
626 |
$title = ( isset($page_data['name']) ) ? $page_data['name'] : $paths->nslist[$oldtarget[1]] . htmlspecialchars( str_replace('_', ' ', dirtify_page_id( $oldtarget[0] ) ) ); |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
627 |
if ( !isset($page_data['name']) ) |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
628 |
{ |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
629 |
$cls = 'class="wikilink-nonexistent"'; |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
630 |
} |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
631 |
else |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
632 |
{ |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
633 |
$cls = ''; |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
634 |
} |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
635 |
$a = '<a ' . $cls . ' href="' . $url . '">' . $title . '</a>'; |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
636 |
$redir_html = '<br /><div class="mdg-infobox"> |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
637 |
<table border="0" width="100%" cellspacing="0" cellpadding="0"> |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
638 |
<tr> |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
639 |
<td valign="top"> |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
640 |
<img alt="Cute wet-floor icon" src="'.scriptPath.'/images/redirector.png" /> |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
641 |
</td> |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
642 |
<td valign="top" style="padding-left: 10px;"> |
314
474f8be55943
Localized remainder of on-page tools and parts of PageProcess
Dan
parents:
313
diff
changeset
|
643 |
' . $lang->get('page_msg_this_is_a_redirector', array( 'redirect_target' => $a )) . ' |
62
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
644 |
</td> |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
645 |
</tr> |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
646 |
</table> |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
647 |
</div> |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
648 |
<br /> |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
649 |
<hr style="margin-left: 1em; width: 200px;" />'; |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
650 |
$text = str_replace($match[0], '', $text); |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
651 |
$text = trim($text); |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
652 |
} |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
653 |
|
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
654 |
$template->tpl_strings['PAGE_NAME'] = htmlspecialchars( $this->title ); |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
655 |
|
1 | 656 |
$this->header(); |
91 | 657 |
$this->do_breadcrumbs(); |
62
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
658 |
|
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
659 |
if ( $_errormsg ) |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
660 |
{ |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
661 |
echo $_errormsg; |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
662 |
} |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
663 |
|
24 | 664 |
if ( $incl_inner_headers ) |
665 |
{ |
|
62
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
666 |
if ( count($this->redirect_stack) > 0 ) |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
667 |
{ |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
668 |
$stack = array_reverse($this->redirect_stack); |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
669 |
foreach ( $stack as $oldtarget ) |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
670 |
{ |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
671 |
$url = makeUrlNS($oldtarget[1], $oldtarget[0], 'redirect=no', true); |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
672 |
$page_id_key = $paths->nslist[ $oldtarget[1] ] . $oldtarget[0]; |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
673 |
$page_data = $paths->pages[$page_id_key]; |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
674 |
$title = ( isset($page_data['name']) ) ? $page_data['name'] : $paths->nslist[$oldtarget[1]] . htmlspecialchars( str_replace('_', ' ', dirtify_page_id( $oldtarget[0] ) ) ); |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
675 |
$a = '<a href="' . $url . '">' . $title . '</a>'; |
368 | 676 |
echo '<small>' . $lang->get('page_msg_redirected_from', array('from' => $a)) . '<br /></small>'; |
62
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
677 |
} |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
678 |
} |
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
679 |
display_page_headers(); |
24 | 680 |
} |
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
681 |
|
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
682 |
if ( $this->revision_id ) |
9
1e61232606d6
Following fixes: admin theme supports <button> tag now, PageProcessor can eval now, and SpecialAdmin.php plugin can no longer be disabled
dan@fuhry
parents:
4
diff
changeset
|
683 |
{ |
368 | 684 |
echo '<div class="info-box" style="margin-left: 0; margin-top: 5px;"> |
685 |
<b>' . $lang->get('page_msg_archived_title') . '</b><br /> |
|
686 |
' . $lang->get('page_msg_archived_body', array( |
|
687 |
'archive_date' => enano_date('F d, Y', $this->revision_id), |
|
688 |
'archive_time' => enano_date('h:i a', $this->revision_id), |
|
689 |
'current_link' => makeUrlNS($this->namespace, $this->page_id), |
|
690 |
'restore_link' => makeUrlNS($this->namespace, $this->page_id, 'do=rollback&id='.$this->revision_id), |
|
691 |
'restore_onclick' => 'ajaxRollback(\''.$this->revision_id.'\'); return false;', |
|
692 |
)) . ' |
|
693 |
</div> |
|
694 |
<br />'; |
|
9
1e61232606d6
Following fixes: admin theme supports <button> tag now, PageProcessor can eval now, and SpecialAdmin.php plugin can no longer be disabled
dan@fuhry
parents:
4
diff
changeset
|
695 |
} |
1e61232606d6
Following fixes: admin theme supports <button> tag now, PageProcessor can eval now, and SpecialAdmin.php plugin can no longer be disabled
dan@fuhry
parents:
4
diff
changeset
|
696 |
|
62
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
697 |
if ( $redir_enabled ) |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
698 |
{ |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
699 |
echo $redir_html; |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
700 |
} |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
701 |
|
345
4ccdfeee9a11
WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents:
343
diff
changeset
|
702 |
$code = $plugins->setHook('pageprocess_render_head'); |
4ccdfeee9a11
WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents:
343
diff
changeset
|
703 |
foreach ( $code as $cmd ) |
4ccdfeee9a11
WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents:
343
diff
changeset
|
704 |
{ |
4ccdfeee9a11
WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents:
343
diff
changeset
|
705 |
eval($cmd); |
4ccdfeee9a11
WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents:
343
diff
changeset
|
706 |
} |
4ccdfeee9a11
WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents:
343
diff
changeset
|
707 |
|
25
08d027882993
Fixed invalid HTML caused by wikitext processor on non-templated pages
Dan
parents:
24
diff
changeset
|
708 |
if ( $incl_inner_headers ) |
08d027882993
Fixed invalid HTML caused by wikitext processor on non-templated pages
Dan
parents:
24
diff
changeset
|
709 |
{ |
08d027882993
Fixed invalid HTML caused by wikitext processor on non-templated pages
Dan
parents:
24
diff
changeset
|
710 |
$text = '?>' . RenderMan::render($text); |
08d027882993
Fixed invalid HTML caused by wikitext processor on non-templated pages
Dan
parents:
24
diff
changeset
|
711 |
} |
08d027882993
Fixed invalid HTML caused by wikitext processor on non-templated pages
Dan
parents:
24
diff
changeset
|
712 |
else |
08d027882993
Fixed invalid HTML caused by wikitext processor on non-templated pages
Dan
parents:
24
diff
changeset
|
713 |
{ |
08d027882993
Fixed invalid HTML caused by wikitext processor on non-templated pages
Dan
parents:
24
diff
changeset
|
714 |
$text = '?>' . $text; |
26 | 715 |
$text = preg_replace('/<nowiki>(.*?)<\/nowiki>/s', '\\1', $text); |
25
08d027882993
Fixed invalid HTML caused by wikitext processor on non-templated pages
Dan
parents:
24
diff
changeset
|
716 |
} |
9
1e61232606d6
Following fixes: admin theme supports <button> tag now, PageProcessor can eval now, and SpecialAdmin.php plugin can no longer be disabled
dan@fuhry
parents:
4
diff
changeset
|
717 |
// echo('<pre>'.htmlspecialchars($text).'</pre>'); |
1e61232606d6
Following fixes: admin theme supports <button> tag now, PageProcessor can eval now, and SpecialAdmin.php plugin can no longer be disabled
dan@fuhry
parents:
4
diff
changeset
|
718 |
eval ( $text ); |
1e61232606d6
Following fixes: admin theme supports <button> tag now, PageProcessor can eval now, and SpecialAdmin.php plugin can no longer be disabled
dan@fuhry
parents:
4
diff
changeset
|
719 |
|
345
4ccdfeee9a11
WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents:
343
diff
changeset
|
720 |
$code = $plugins->setHook('pageprocess_render_tail'); |
4ccdfeee9a11
WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents:
343
diff
changeset
|
721 |
foreach ( $code as $cmd ) |
4ccdfeee9a11
WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents:
343
diff
changeset
|
722 |
{ |
4ccdfeee9a11
WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents:
343
diff
changeset
|
723 |
eval($cmd); |
4ccdfeee9a11
WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents:
343
diff
changeset
|
724 |
} |
4ccdfeee9a11
WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents:
343
diff
changeset
|
725 |
|
24 | 726 |
if ( $incl_inner_headers ) |
727 |
{ |
|
9
1e61232606d6
Following fixes: admin theme supports <button> tag now, PageProcessor can eval now, and SpecialAdmin.php plugin can no longer be disabled
dan@fuhry
parents:
4
diff
changeset
|
728 |
display_page_footers(); |
24 | 729 |
} |
9
1e61232606d6
Following fixes: admin theme supports <button> tag now, PageProcessor can eval now, and SpecialAdmin.php plugin can no longer be disabled
dan@fuhry
parents:
4
diff
changeset
|
730 |
|
1 | 731 |
$this->footer(); |
732 |
} |
|
733 |
||
734 |
/** |
|
735 |
* Sends the page header, dependent on, of course, whether we're supposed to. |
|
736 |
*/ |
|
737 |
||
738 |
function header() |
|
739 |
{ |
|
740 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
741 |
if ( $this->send_headers ) |
|
742 |
$template->header(); |
|
743 |
} |
|
744 |
||
745 |
/** |
|
746 |
* Sends the page footer, dependent on, of course, whether we're supposed to. |
|
747 |
*/ |
|
748 |
||
749 |
function footer() |
|
750 |
{ |
|
751 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
752 |
if ( $this->send_headers ) |
|
753 |
$template->footer(); |
|
754 |
} |
|
755 |
||
756 |
/** |
|
757 |
* Fetches the raw, unfiltered page text. |
|
758 |
* @access public |
|
759 |
*/ |
|
760 |
||
761 |
function fetch_text() |
|
762 |
{ |
|
763 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
764 |
||
765 |
if ( !empty($this->text_cache) ) |
|
766 |
{ |
|
767 |
return $this->text_cache; |
|
768 |
} |
|
769 |
||
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
770 |
if ( $this->revision_id > 0 && is_int($this->revision_id) ) |
1 | 771 |
{ |
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
772 |
|
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
773 |
$q = $db->sql_query('SELECT page_text, char_tag, date_string FROM '.table_prefix.'logs WHERE page_id=\'' . $this->page_id . '\' AND namespace=\'' . $this->namespace . '\' AND time_id=' . $this->revision_id . ';'); |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
774 |
if ( !$q ) |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
775 |
{ |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
776 |
$this->send_error('Error during SQL query.', true); |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
777 |
} |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
778 |
if ( $db->numrows() < 1 ) |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
779 |
{ |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
780 |
// Compatibility fix for old pages with dots in the page ID |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
781 |
if ( strstr($this->page_id, '.2e') ) |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
782 |
{ |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
783 |
$db->free_result(); |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
784 |
$page_id = str_replace('.2e', '.', $this->page_id); |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
785 |
$q = $db->sql_query('SELECT page_text, char_tag, date_string FROM '.table_prefix.'logs WHERE page_id=\'' . $page_id . '\' AND namespace=\'' . $this->namespace . '\' AND time_id=' . $this->revision_id . ';'); |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
786 |
if ( !$q ) |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
787 |
{ |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
788 |
$this->send_error('Error during SQL query.', true); |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
789 |
} |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
790 |
if ( $db->numrows() < 1 ) |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
791 |
{ |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
792 |
$this->page_exists = false; |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
793 |
return 'err_no_text_rows'; |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
794 |
} |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
795 |
} |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
796 |
else |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
797 |
{ |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
798 |
$this->page_exists = false; |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
799 |
return 'err_no_text_rows'; |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
800 |
} |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
801 |
} |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
802 |
else |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
803 |
{ |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
804 |
$row = $db->fetchrow(); |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
805 |
} |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
806 |
|
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
807 |
$db->free_result(); |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
808 |
|
1 | 809 |
} |
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
810 |
else |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
811 |
{ |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
812 |
|
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
813 |
$q = $db->sql_query('SELECT page_text, char_tag FROM '.table_prefix.'page_text WHERE page_id=\'' . $this->page_id . '\' AND namespace=\'' . $this->namespace . '\';'); |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
814 |
if ( !$q ) |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
815 |
{ |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
816 |
$this->send_error('Error during SQL query.', true); |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
817 |
} |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
818 |
if ( $db->numrows() < 1 ) |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
819 |
{ |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
820 |
// Compatibility fix for old pages with dots in the page ID |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
821 |
if ( strstr($this->page_id, '.2e') ) |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
822 |
{ |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
823 |
$db->free_result(); |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
824 |
$page_id = str_replace('.2e', '.', $this->page_id); |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
825 |
$q = $db->sql_query('SELECT page_text, char_tag FROM '.table_prefix.'page_text WHERE page_id=\'' . $page_id . '\' AND namespace=\'' . $this->namespace . '\';'); |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
826 |
if ( !$q ) |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
827 |
{ |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
828 |
$this->send_error('Error during SQL query.', true); |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
829 |
} |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
830 |
if ( $db->numrows() < 1 ) |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
831 |
{ |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
832 |
$this->page_exists = false; |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
833 |
return 'err_no_text_rows'; |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
834 |
} |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
835 |
} |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
836 |
else |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
837 |
{ |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
838 |
$this->page_exists = false; |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
839 |
return 'err_no_text_rows'; |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
840 |
} |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
841 |
} |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
842 |
|
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
843 |
$row = $db->fetchrow(); |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
844 |
$db->free_result(); |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
845 |
|
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
846 |
} |
1 | 847 |
|
848 |
if ( !empty($row['char_tag']) ) |
|
849 |
{ |
|
850 |
// This page text entry uses the old text-escaping format |
|
851 |
$from = array( |
|
852 |
"{APOS:{$row['char_tag']}}", |
|
853 |
"{QUOT:{$row['char_tag']}}", |
|
854 |
"{SLASH:{$row['char_tag']}}" |
|
855 |
); |
|
856 |
$to = array("'", '"', '\\'); |
|
857 |
$row['page_text'] = str_replace($from, $to, $row['page_text']); |
|
858 |
} |
|
859 |
||
860 |
$this->text_cache = $row['page_text']; |
|
861 |
||
862 |
return $row['page_text']; |
|
863 |
||
864 |
} |
|
865 |
||
866 |
/** |
|
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
867 |
* Handles the extra overhead required for user pages. |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
868 |
* @access private |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
869 |
*/ |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
870 |
|
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
871 |
function _handle_userpage() |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
872 |
{ |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
873 |
global $db, $session, $paths, $template, $plugins; // Common objects |
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
31
diff
changeset
|
874 |
global $email; |
328
dc838fd61a06
Added initial avatar support. Currently rather feature complete except for admin controls for avatar.
Dan
parents:
326
diff
changeset
|
875 |
global $lang; |
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
876 |
|
285
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
parents:
166
diff
changeset
|
877 |
$page_urlname = dirtify_page_id($this->page_id); |
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
878 |
if ( $this->page_id == $paths->page_id && $this->namespace == $paths->namespace ) |
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
879 |
{ |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
880 |
$page_name = ( isset($paths->cpage['name']) ) ? $paths->cpage['name'] : $this->page_id; |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
881 |
} |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
882 |
else |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
883 |
{ |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
884 |
$page_name = ( isset($paths->pages[$this->page_id]) ) ? $paths->pages[$this->page_id]['name'] : $this->page_id; |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
885 |
} |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
886 |
|
285
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
parents:
166
diff
changeset
|
887 |
$target_username = strtr($page_urlname, |
22
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
888 |
Array( |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
889 |
'_' => ' ', |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
890 |
'<' => '<', |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
891 |
'>' => '>' |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
892 |
)); |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
893 |
|
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
894 |
$target_username = preg_replace('/^' . preg_quote($paths->nslist['User']) . '/', '', $target_username); |
91 | 895 |
$target_username = explode('/', $target_username); |
896 |
$target_username = $target_username[0]; |
|
22
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
897 |
|
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
898 |
if ( ( $page_name == str_replace('_', ' ', $this->page_id) || $page_name == $paths->nslist['User'] . str_replace('_', ' ', $this->page_id) ) || !$this->page_exists ) |
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
899 |
{ |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
900 |
$page_name = "$target_username's user page"; |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
901 |
} |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
902 |
else |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
903 |
{ |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
904 |
// User has a custom title for their userpage |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
905 |
$page_name = $paths->pages[ $paths->nslist[$this->namespace] . $this->page_id ]['name']; |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
906 |
} |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
907 |
|
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
908 |
$template->tpl_strings['PAGE_NAME'] = htmlspecialchars($page_name); |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
909 |
|
328
dc838fd61a06
Added initial avatar support. Currently rather feature complete except for admin controls for avatar.
Dan
parents:
326
diff
changeset
|
910 |
$q = $db->sql_query('SELECT u.username, u.user_id AS authoritative_uid, u.real_name, u.email, u.reg_time, u.user_has_avatar, u.avatar_type, x.*, COUNT(c.comment_id) AS n_comments |
22
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
911 |
FROM '.table_prefix.'users u |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
912 |
LEFT JOIN '.table_prefix.'users_extra AS x |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
913 |
ON ( u.user_id = x.user_id OR x.user_id IS NULL ) |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
914 |
LEFT JOIN '.table_prefix.'comments AS c |
47
d6361ccbd2bd
OK, that last commit only made things worse...it's fixed now.
Dan
parents:
46
diff
changeset
|
915 |
ON ( ( c.user_id=u.user_id AND c.name=u.username AND c.approved=1 ) OR ( c.comment_id IS NULL AND c.approved IS NULL ) ) |
22
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
916 |
WHERE u.username=\'' . $db->escape($target_username) . '\' |
328
dc838fd61a06
Added initial avatar support. Currently rather feature complete except for admin controls for avatar.
Dan
parents:
326
diff
changeset
|
917 |
GROUP BY u.username, u.user_id, u.real_name, u.email, u.reg_time, u.user_has_avatar, u.avatar_type, x.user_id, x.user_aim, x.user_yahoo, x.user_msn, x.user_xmpp, x.user_homepage, x.user_location, x.user_job, x.user_hobbies, x.email_public;'); |
22
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
918 |
if ( !$q ) |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
919 |
$db->_die(); |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
920 |
|
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
921 |
$user_exists = true; |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
922 |
|
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
923 |
if ( $db->numrows() < 1 ) |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
924 |
{ |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
925 |
$user_exists = false; |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
926 |
} |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
927 |
else |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
928 |
{ |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
929 |
$userdata = $db->fetchrow(); |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
930 |
if ( $userdata['authoritative_uid'] == 1 ) |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
931 |
{ |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
932 |
// Hide data for anonymous user |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
933 |
$user_exists = false; |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
934 |
unset($userdata); |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
935 |
} |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
936 |
} |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
937 |
|
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
938 |
$this->header(); |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
939 |
|
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
940 |
// if ( $send_headers ) |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
941 |
// { |
22
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
942 |
// display_page_headers(); |
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
943 |
// } |
16
64e0d3d4cf14
Emergency version change to 1.0rc3 to fix XSS vulnerabilities
Dan
parents:
15
diff
changeset
|
944 |
|
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
945 |
// Start left sidebar: basic user info, latest comments |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
946 |
|
22
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
947 |
if ( $user_exists ): |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
948 |
|
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
949 |
echo '<table border="0" cellspacing="4" cellpadding="0" style="width: 100%;">'; |
22
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
950 |
echo '<tr><td style="width: 150px;" valign="top">'; |
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
951 |
|
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
952 |
echo '<div class="tblholder"> |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
953 |
<table border="0" cellspacing="1" cellpadding="4">'; |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
954 |
|
22
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
955 |
// |
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
956 |
// Main part of sidebar |
22
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
957 |
// |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
958 |
|
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
959 |
// Basic user info |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
960 |
|
368 | 961 |
echo '<tr><th class="subhead">' . $lang->get('userpage_heading_basics', array('username' => htmlspecialchars($target_username))) . '</th></tr>'; |
328
dc838fd61a06
Added initial avatar support. Currently rather feature complete except for admin controls for avatar.
Dan
parents:
326
diff
changeset
|
962 |
if ( $userdata['user_has_avatar'] == '1' ) |
dc838fd61a06
Added initial avatar support. Currently rather feature complete except for admin controls for avatar.
Dan
parents:
326
diff
changeset
|
963 |
{ |
dc838fd61a06
Added initial avatar support. Currently rather feature complete except for admin controls for avatar.
Dan
parents:
326
diff
changeset
|
964 |
echo '<tr><td class="row1" style="text-align: center;"><img alt="' . $lang->get('usercp_avatar_image_alt', array('username' => $userdata['username'])) . '" src="' . make_avatar_url(intval($userdata['authoritative_uid']), $userdata['avatar_type']) . '" /></td></tr>'; |
dc838fd61a06
Added initial avatar support. Currently rather feature complete except for admin controls for avatar.
Dan
parents:
326
diff
changeset
|
965 |
} |
368 | 966 |
echo '<tr><td class="row3">' . $lang->get('userpage_lbl_joined') . ' ' . enano_date('F d, Y h:i a', $userdata['reg_time']) . '</td></tr>'; |
967 |
echo '<tr><td class="row1">' . $lang->get('userpage_lbl_num_comments') . ' ' . $userdata['n_comments'] . '</td></tr>'; |
|
22
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
968 |
|
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
969 |
if ( !empty($userdata['real_name']) ) |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
970 |
{ |
368 | 971 |
echo '<tr><td class="row3">' . $lang->get('userpage_lbl_real_name') . ' ' . $userdata['real_name'] . '</td></tr>'; |
22
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
972 |
} |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
973 |
|
108
1c7f59df9474
Implemented some extra functionality for friends/foes in comments; fixed lack of table_prefix in stats.php line 63
Dan
parents:
103
diff
changeset
|
974 |
// Administer user button |
1c7f59df9474
Implemented some extra functionality for friends/foes in comments; fixed lack of table_prefix in stats.php line 63
Dan
parents:
103
diff
changeset
|
975 |
|
1c7f59df9474
Implemented some extra functionality for friends/foes in comments; fixed lack of table_prefix in stats.php line 63
Dan
parents:
103
diff
changeset
|
976 |
if ( $session->user_level >= USER_LEVEL_ADMIN ) |
1c7f59df9474
Implemented some extra functionality for friends/foes in comments; fixed lack of table_prefix in stats.php line 63
Dan
parents:
103
diff
changeset
|
977 |
{ |
368 | 978 |
echo '<tr><td class="row1"><a href="' . makeUrlNS('Special', 'Administration', 'module=' . $paths->nslist['Admin'] . 'UserManager&src=get&user=' . urlencode($target_username), true) . '" onclick="ajaxAdminUser(\'' . addslashes($target_username) . '\'); return false;">' . $lang->get('userpage_btn_administer_user') . '</a></td></tr>'; |
108
1c7f59df9474
Implemented some extra functionality for friends/foes in comments; fixed lack of table_prefix in stats.php line 63
Dan
parents:
103
diff
changeset
|
979 |
} |
1c7f59df9474
Implemented some extra functionality for friends/foes in comments; fixed lack of table_prefix in stats.php line 63
Dan
parents:
103
diff
changeset
|
980 |
|
22
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
981 |
// Comments |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
982 |
|
368 | 983 |
echo '<tr><th class="subhead">' . $lang->get('userpage_heading_comments', array('username' => htmlspecialchars($target_username))) . '</th></tr>'; |
47
d6361ccbd2bd
OK, that last commit only made things worse...it's fixed now.
Dan
parents:
46
diff
changeset
|
984 |
$q = $db->sql_query('SELECT page_id, namespace, subject, time FROM '.table_prefix.'comments WHERE name=\'' . $db->escape($target_username) . '\' AND user_id=' . $userdata['authoritative_uid'] . ' AND approved=1 ORDER BY time DESC LIMIT 5;'); |
22
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
985 |
if ( !$q ) |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
986 |
$db->_die(); |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
987 |
|
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
988 |
$comments = Array(); |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
989 |
$no_comments = false; |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
990 |
|
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
991 |
if ( $row = $db->fetchrow() ) |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
992 |
{ |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
993 |
do |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
994 |
{ |
345
4ccdfeee9a11
WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents:
343
diff
changeset
|
995 |
$row['time'] = enano_date('F d, Y', $row['time']); |
22
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
996 |
$comments[] = $row; |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
997 |
} |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
998 |
while ( $row = $db->fetchrow() ); |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
999 |
} |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1000 |
else |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1001 |
{ |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1002 |
$no_comments = true; |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1003 |
} |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1004 |
|
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1005 |
echo '<tr><td class="row3">'; |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1006 |
echo '<div style="border: 1px solid #000000; padding: 0px; margin: 0; max-height: 200px; clip: rect(0px,auto,auto,0px); overflow: auto; background-color: transparent;" class="tblholder">'; |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1007 |
|
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1008 |
echo '<table border="0" cellspacing="1" cellpadding="4">'; |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1009 |
$class = 'row1'; |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1010 |
|
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1011 |
$tpl = '<tr> |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1012 |
<td class="{CLASS}"> |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1013 |
<a href="{PAGE_LINK}" <!-- BEGINNOT page_exists -->class="wikilink-nonexistent"<!-- END page_exists -->>{PAGE}</a><br /> |
368 | 1014 |
<small>{lang:userpage_comments_lbl_posted} {DATE}<br /></small> |
22
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1015 |
<b><a href="{COMMENT_LINK}">{SUBJECT}</a></b> |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1016 |
</td> |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1017 |
</tr>'; |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1018 |
$parser = $template->makeParserText($tpl); |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1019 |
|
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1020 |
if ( count($comments) > 0 ) |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1021 |
{ |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1022 |
foreach ( $comments as $comment ) |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1023 |
{ |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1024 |
$c_page_id = $paths->nslist[ $comment['namespace'] ] . sanitize_page_id($comment['page_id']); |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1025 |
if ( isset($paths->pages[ $c_page_id ]) ) |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1026 |
{ |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1027 |
$parser->assign_bool(array( |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1028 |
'page_exists' => true |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1029 |
)); |
83 | 1030 |
$page_title = htmlspecialchars($paths->pages[ $c_page_id ]['name']); |
22
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1031 |
} |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1032 |
else |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1033 |
{ |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1034 |
$parser->assign_bool(array( |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1035 |
'page_exists' => false |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1036 |
)); |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1037 |
$page_title = htmlspecialchars(dirtify_page_id($c_page_id)); |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1038 |
} |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1039 |
$parser->assign_vars(array( |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1040 |
'CLASS' => $class, |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1041 |
'PAGE_LINK' => makeUrlNS($comment['namespace'], sanitize_page_id($comment['page_id'])), |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1042 |
'PAGE' => $page_title, |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1043 |
'SUBJECT' => $comment['subject'], |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1044 |
'DATE' => $comment['time'], |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1045 |
'COMMENT_LINK' => makeUrlNS($comment['namespace'], sanitize_page_id($comment['page_id']), 'do=comments', true) |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1046 |
)); |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1047 |
$class = ( $class == 'row3' ) ? 'row1' : 'row3'; |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1048 |
echo $parser->run(); |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1049 |
} |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1050 |
} |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1051 |
else |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1052 |
{ |
368 | 1053 |
echo '<tr><td class="' . $class . '">' . $lang->get('userpage_msg_no_comments') . '</td></tr>'; |
22
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1054 |
} |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1055 |
echo '</table>'; |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1056 |
|
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1057 |
echo '</div>'; |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1058 |
echo '</td></tr>'; |
315
f49e3c8b638c
Fixed focus of AJAX login form fields in IE; removed stale/unused call to $template->makeParserText() in paginate_array(); added hook page_create_request to possibly help control creation of pages of certain namespaces from plugins; fixed critical bug in user CP that prevented plugins from adding custom CP modules
Dan
parents:
312
diff
changeset
|
1059 |
|
f49e3c8b638c
Fixed focus of AJAX login form fields in IE; removed stale/unused call to $template->makeParserText() in paginate_array(); added hook page_create_request to possibly help control creation of pages of certain namespaces from plugins; fixed critical bug in user CP that prevented plugins from adding custom CP modules
Dan
parents:
312
diff
changeset
|
1060 |
$code = $plugins->setHook('userpage_sidebar_left'); |
f49e3c8b638c
Fixed focus of AJAX login form fields in IE; removed stale/unused call to $template->makeParserText() in paginate_array(); added hook page_create_request to possibly help control creation of pages of certain namespaces from plugins; fixed critical bug in user CP that prevented plugins from adding custom CP modules
Dan
parents:
312
diff
changeset
|
1061 |
foreach ( $code as $cmd ) |
f49e3c8b638c
Fixed focus of AJAX login form fields in IE; removed stale/unused call to $template->makeParserText() in paginate_array(); added hook page_create_request to possibly help control creation of pages of certain namespaces from plugins; fixed critical bug in user CP that prevented plugins from adding custom CP modules
Dan
parents:
312
diff
changeset
|
1062 |
{ |
f49e3c8b638c
Fixed focus of AJAX login form fields in IE; removed stale/unused call to $template->makeParserText() in paginate_array(); added hook page_create_request to possibly help control creation of pages of certain namespaces from plugins; fixed critical bug in user CP that prevented plugins from adding custom CP modules
Dan
parents:
312
diff
changeset
|
1063 |
eval($cmd); |
f49e3c8b638c
Fixed focus of AJAX login form fields in IE; removed stale/unused call to $template->makeParserText() in paginate_array(); added hook page_create_request to possibly help control creation of pages of certain namespaces from plugins; fixed critical bug in user CP that prevented plugins from adding custom CP modules
Dan
parents:
312
diff
changeset
|
1064 |
} |
f49e3c8b638c
Fixed focus of AJAX login form fields in IE; removed stale/unused call to $template->makeParserText() in paginate_array(); added hook page_create_request to possibly help control creation of pages of certain namespaces from plugins; fixed critical bug in user CP that prevented plugins from adding custom CP modules
Dan
parents:
312
diff
changeset
|
1065 |
|
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
1066 |
echo ' </table> |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
1067 |
</div>'; |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
1068 |
|
22
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1069 |
echo '</td><td valign="top" style="padding: 0 10px;">'; |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1070 |
|
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1071 |
else: |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1072 |
|
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1073 |
// Nothing for now |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1074 |
|
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1075 |
endif; |
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
1076 |
|
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
1077 |
// User's own content |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
1078 |
|
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
1079 |
$send_headers = $this->send_headers; |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
1080 |
$this->send_headers = false; |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
1081 |
|
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
1082 |
if ( $this->page_exists ) |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
1083 |
{ |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
1084 |
$this->render(); |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
1085 |
} |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
1086 |
else |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
1087 |
{ |
22
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1088 |
$this->err_page_not_existent(true); |
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
1089 |
} |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
1090 |
|
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
1091 |
// Right sidebar |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
1092 |
|
22
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1093 |
if ( $user_exists ): |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1094 |
|
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1095 |
echo '</td><td style="width: 150px;" valign="top">'; |
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
1096 |
|
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
1097 |
echo '<div class="tblholder"> |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
1098 |
<table border="0" cellspacing="1" cellpadding="4">'; |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
1099 |
|
22
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1100 |
// |
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
1101 |
// Main part of sidebar |
22
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1102 |
// |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1103 |
|
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1104 |
// Contact information |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1105 |
|
368 | 1106 |
echo '<tr><th class="subhead">' . $lang->get('userpage_heading_contact') . '</th></tr>'; |
22
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1107 |
|
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1108 |
$class = 'row3'; |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1109 |
|
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1110 |
if ( $userdata['email_public'] == 1 ) |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1111 |
{ |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1112 |
$class = ( $class == 'row1' ) ? 'row3' : 'row1'; |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1113 |
$email_link = $email->encryptEmail($userdata['email']); |
368 | 1114 |
echo '<tr><td class="'.$class.'">' . $lang->get('userpage_lbl_email') . ' ' . $email_link . '</td></tr>'; |
22
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1115 |
} |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1116 |
|
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1117 |
$class = ( $class == 'row1' ) ? 'row3' : 'row1'; |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1118 |
if ( $session->user_logged_in ) |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1119 |
{ |
368 | 1120 |
echo '<tr><td class="'.$class.'">' . $lang->get('userpage_btn_send_pm', array('username' => htmlspecialchars($target_username), 'pm_link' => makeUrlNS('Special', 'PrivateMessages/Compose/to/' . $this->page_id, false, true))) . '</td></tr>'; |
22
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1121 |
} |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1122 |
else |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1123 |
{ |
368 | 1124 |
echo '<tr><td class="'.$class.'">' . $lang->get('userpage_btn_send_pm_guest', array('username' => htmlspecialchars($target_username), 'login_flags' => 'href="' . makeUrlNS('Special', 'Login/' . $paths->nslist[$this->namespace] . $this->page_id) . '" onclick="ajaxStartLogin(); return false;"')) . '</td></tr>'; |
22
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1125 |
} |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1126 |
|
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1127 |
if ( !empty($userdata['user_aim']) ) |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1128 |
{ |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1129 |
$class = ( $class == 'row1' ) ? 'row3' : 'row1'; |
368 | 1130 |
echo '<tr><td class="'.$class.'">' . $lang->get('userpage_lbl_aim') . ' ' . $userdata['user_aim'] . '</td></tr>'; |
22
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1131 |
} |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1132 |
|
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1133 |
if ( !empty($userdata['user_yahoo']) ) |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1134 |
{ |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1135 |
$class = ( $class == 'row1' ) ? 'row3' : 'row1'; |
368 | 1136 |
echo '<tr><td class="'.$class.'">' . $lang->get('userpage_lbl_yim') . ' ' . $userdata['user_yahoo'] . '</td></tr>'; |
22
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1137 |
} |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1138 |
|
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1139 |
if ( !empty($userdata['user_msn']) ) |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1140 |
{ |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1141 |
$class = ( $class == 'row1' ) ? 'row3' : 'row1'; |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1142 |
$email_link = $email->encryptEmail($userdata['user_msn']); |
368 | 1143 |
echo '<tr><td class="'.$class.'">' . $lang->get('userpage_lbl_wlm') . ' ' . $email_link . '</td></tr>'; |
22
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1144 |
} |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1145 |
|
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1146 |
if ( !empty($userdata['user_xmpp']) ) |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1147 |
{ |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1148 |
$class = ( $class == 'row1' ) ? 'row3' : 'row1'; |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1149 |
$email_link = $email->encryptEmail($userdata['user_xmpp']); |
368 | 1150 |
echo '<tr><td class="'.$class.'">' . $lang->get('userpage_lbl_xmpp') . ' ' . $email_link . '</td></tr>'; |
22
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1151 |
} |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1152 |
|
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1153 |
// Real life |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1154 |
|
368 | 1155 |
echo '<tr><th class="subhead">' . $lang->get('userpage_heading_real_life', array('username' => htmlspecialchars($target_username))) . '</th></tr>'; |
22
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1156 |
|
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1157 |
if ( !empty($userdata['user_location']) ) |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1158 |
{ |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1159 |
$class = ( $class == 'row1' ) ? 'row3' : 'row1'; |
368 | 1160 |
echo '<tr><td class="'.$class.'">' . $lang->get('userpage_lbl_location') . ' ' . $userdata['user_location'] . '</td></tr>'; |
22
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1161 |
} |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1162 |
|
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1163 |
if ( !empty($userdata['user_job']) ) |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1164 |
{ |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1165 |
$class = ( $class == 'row1' ) ? 'row3' : 'row1'; |
368 | 1166 |
echo '<tr><td class="'.$class.'">' . $lang->get('userpage_lbl_job') . ' ' . $userdata['user_job'] . '</td></tr>'; |
22
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1167 |
} |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1168 |
|
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1169 |
if ( !empty($userdata['user_hobbies']) ) |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1170 |
{ |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1171 |
$class = ( $class == 'row1' ) ? 'row3' : 'row1'; |
368 | 1172 |
echo '<tr><td class="'.$class.'">' . $lang->get('userpage_lbl_hobbies') . ' ' . $userdata['user_hobbies'] . '</td></tr>'; |
22
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1173 |
} |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1174 |
|
28 | 1175 |
if ( empty($userdata['user_location']) && empty($userdata['user_job']) && empty($userdata['user_hobbies']) ) |
1176 |
{ |
|
1177 |
$class = ( $class == 'row1' ) ? 'row3' : 'row1'; |
|
368 | 1178 |
echo '<tr><td class="'.$class.'">' . $lang->get('userpage_msg_no_contact_info', array('username' => htmlspecialchars($target_username))) . '</td></tr>'; |
28 | 1179 |
} |
1180 |
||
315
f49e3c8b638c
Fixed focus of AJAX login form fields in IE; removed stale/unused call to $template->makeParserText() in paginate_array(); added hook page_create_request to possibly help control creation of pages of certain namespaces from plugins; fixed critical bug in user CP that prevented plugins from adding custom CP modules
Dan
parents:
312
diff
changeset
|
1181 |
$code = $plugins->setHook('userpage_sidebar_right'); |
f49e3c8b638c
Fixed focus of AJAX login form fields in IE; removed stale/unused call to $template->makeParserText() in paginate_array(); added hook page_create_request to possibly help control creation of pages of certain namespaces from plugins; fixed critical bug in user CP that prevented plugins from adding custom CP modules
Dan
parents:
312
diff
changeset
|
1182 |
foreach ( $code as $cmd ) |
f49e3c8b638c
Fixed focus of AJAX login form fields in IE; removed stale/unused call to $template->makeParserText() in paginate_array(); added hook page_create_request to possibly help control creation of pages of certain namespaces from plugins; fixed critical bug in user CP that prevented plugins from adding custom CP modules
Dan
parents:
312
diff
changeset
|
1183 |
{ |
f49e3c8b638c
Fixed focus of AJAX login form fields in IE; removed stale/unused call to $template->makeParserText() in paginate_array(); added hook page_create_request to possibly help control creation of pages of certain namespaces from plugins; fixed critical bug in user CP that prevented plugins from adding custom CP modules
Dan
parents:
312
diff
changeset
|
1184 |
eval($cmd); |
f49e3c8b638c
Fixed focus of AJAX login form fields in IE; removed stale/unused call to $template->makeParserText() in paginate_array(); added hook page_create_request to possibly help control creation of pages of certain namespaces from plugins; fixed critical bug in user CP that prevented plugins from adding custom CP modules
Dan
parents:
312
diff
changeset
|
1185 |
} |
f49e3c8b638c
Fixed focus of AJAX login form fields in IE; removed stale/unused call to $template->makeParserText() in paginate_array(); added hook page_create_request to possibly help control creation of pages of certain namespaces from plugins; fixed critical bug in user CP that prevented plugins from adding custom CP modules
Dan
parents:
312
diff
changeset
|
1186 |
|
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
1187 |
echo ' </table> |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
1188 |
</div>'; |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
1189 |
|
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
1190 |
echo '</tr></table>'; |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
1191 |
|
22
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1192 |
else: |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1193 |
|
368 | 1194 |
if ( !is_valid_ip($target_username) ) |
1195 |
{ |
|
1196 |
echo '<p>' . $lang->get('userpage_msg_user_not_exist', array('username' => htmlspecialchars($target_username))) . '</p>'; |
|
1197 |
} |
|
22
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1198 |
|
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1199 |
endif; |
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1200 |
|
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
1201 |
// if ( $send_headers ) |
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
1202 |
// { |
22
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1203 |
// display_page_footers(); |
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
1204 |
// } |
16
64e0d3d4cf14
Emergency version change to 1.0rc3 to fix XSS vulnerabilities
Dan
parents:
15
diff
changeset
|
1205 |
|
15
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
1206 |
$this->send_headers = $send_headers; |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
1207 |
unset($send_headers); |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
1208 |
|
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
1209 |
$this->footer(); |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
1210 |
|
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
1211 |
} |
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
1212 |
|
ad5986a53197
Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Dan
parents:
9
diff
changeset
|
1213 |
/** |
62
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
1214 |
* Pushes to the redirect stack and resets the instance. This depends on the page ID and namespace already being validated and sanitized, and does not check the size of the redirect stack. |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
1215 |
* @param string Page ID to redirect to |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
1216 |
* @param string Namespace to redirect to |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
1217 |
* @access private |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
1218 |
*/ |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
1219 |
|
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
1220 |
function _handle_redirect($page_id, $namespace) |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
1221 |
{ |
92
aa8ffe41d1c4
Fixed stupid redirect bug that referenced $paths without importing it, gah...
Dan
parents:
91
diff
changeset
|
1222 |
global $db, $session, $paths, $template, $plugins; // Common objects |
314
474f8be55943
Localized remainder of on-page tools and parts of PageProcess
Dan
parents:
313
diff
changeset
|
1223 |
global $lang; |
62
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
1224 |
$arr_pid = array($this->page_id, $this->namespace); |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
1225 |
if ( $namespace == 'Special' || $namespace == 'Admin' ) |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
1226 |
{ |
314
474f8be55943
Localized remainder of on-page tools and parts of PageProcess
Dan
parents:
313
diff
changeset
|
1227 |
return $lang->get('page_err_redirect_to_special'); |
62
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
1228 |
} |
314
474f8be55943
Localized remainder of on-page tools and parts of PageProcess
Dan
parents:
313
diff
changeset
|
1229 |
$looped = false; |
474f8be55943
Localized remainder of on-page tools and parts of PageProcess
Dan
parents:
313
diff
changeset
|
1230 |
foreach ( $this->redirect_stack as $page ) |
62
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
1231 |
{ |
314
474f8be55943
Localized remainder of on-page tools and parts of PageProcess
Dan
parents:
313
diff
changeset
|
1232 |
if ( $page[0] == $arr_pid[0] && $page[1] == $arr_pid[1] ) |
474f8be55943
Localized remainder of on-page tools and parts of PageProcess
Dan
parents:
313
diff
changeset
|
1233 |
{ |
474f8be55943
Localized remainder of on-page tools and parts of PageProcess
Dan
parents:
313
diff
changeset
|
1234 |
$looped = true; |
474f8be55943
Localized remainder of on-page tools and parts of PageProcess
Dan
parents:
313
diff
changeset
|
1235 |
break; |
474f8be55943
Localized remainder of on-page tools and parts of PageProcess
Dan
parents:
313
diff
changeset
|
1236 |
} |
474f8be55943
Localized remainder of on-page tools and parts of PageProcess
Dan
parents:
313
diff
changeset
|
1237 |
} |
474f8be55943
Localized remainder of on-page tools and parts of PageProcess
Dan
parents:
313
diff
changeset
|
1238 |
if ( $looped ) |
474f8be55943
Localized remainder of on-page tools and parts of PageProcess
Dan
parents:
313
diff
changeset
|
1239 |
{ |
474f8be55943
Localized remainder of on-page tools and parts of PageProcess
Dan
parents:
313
diff
changeset
|
1240 |
return $lang->get('page_err_redirect_infinite_loop'); |
62
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
1241 |
} |
92
aa8ffe41d1c4
Fixed stupid redirect bug that referenced $paths without importing it, gah...
Dan
parents:
91
diff
changeset
|
1242 |
$page_id_key = $paths->nslist[ $namespace ] . sanitize_page_id($page_id); |
62
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
1243 |
if ( !isset($paths->pages[$page_id_key]) ) |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
1244 |
{ |
314
474f8be55943
Localized remainder of on-page tools and parts of PageProcess
Dan
parents:
313
diff
changeset
|
1245 |
return $lang->get('page_err_redirect_to_nonexistent'); |
62
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
1246 |
} |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
1247 |
$this->redirect_stack[] = $arr_pid; |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
1248 |
|
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
1249 |
|
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
1250 |
// Nuke the text cache to avoid infinite loops, gah... |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
1251 |
$this->text_cache = ''; |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
1252 |
$this->_setup($page_id, $namespace, 0); |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
1253 |
$this->send(); |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
1254 |
return true; |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
1255 |
} |
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
1256 |
|
9dc4fded30e6
Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Dan
parents:
61
diff
changeset
|
1257 |
/** |
1 | 1258 |
* Send the error message to the user that the access to this page is denied. |
1259 |
* @access private |
|
1260 |
*/ |
|
1261 |
||
1262 |
function err_access_denied() |
|
1263 |
{ |
|
1264 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
314
474f8be55943
Localized remainder of on-page tools and parts of PageProcess
Dan
parents:
313
diff
changeset
|
1265 |
global $lang; |
474f8be55943
Localized remainder of on-page tools and parts of PageProcess
Dan
parents:
313
diff
changeset
|
1266 |
global $email; |
1 | 1267 |
|
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
93
diff
changeset
|
1268 |
// Log it for crying out loud |
345
4ccdfeee9a11
WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
Dan
parents:
343
diff
changeset
|
1269 |
$q = $db->sql_query('INSERT INTO '.table_prefix.'logs(log_type,action,time_id,date_string,author,edit_summary,page_text) VALUES(\'security\', \'illegal_page\', '.time().', \''.enano_date('d M Y h:i a').'\', \''.$db->escape($session->username).'\', \''.$db->escape($_SERVER['REMOTE_ADDR']).'\', \'' . $db->escape(serialize(array($this->page_id, $this->namespace))) . '\')'); |
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
93
diff
changeset
|
1270 |
|
1 | 1271 |
$ob = ''; |
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
93
diff
changeset
|
1272 |
//$template->tpl_strings['PAGE_NAME'] = 'Access denied'; |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
93
diff
changeset
|
1273 |
$template->tpl_strings['PAGE_NAME'] = htmlspecialchars( $this->title ); |
1 | 1274 |
|
1275 |
if ( $this->send_headers ) |
|
1276 |
{ |
|
1277 |
$ob .= $template->getHeader(); |
|
1278 |
} |
|
1279 |
||
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
93
diff
changeset
|
1280 |
if ( count($this->redirect_stack) > 0 ) |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
93
diff
changeset
|
1281 |
{ |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
93
diff
changeset
|
1282 |
$stack = array_reverse($this->redirect_stack); |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
93
diff
changeset
|
1283 |
foreach ( $stack as $oldtarget ) |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
93
diff
changeset
|
1284 |
{ |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
93
diff
changeset
|
1285 |
$url = makeUrlNS($oldtarget[1], $oldtarget[0], 'redirect=no', true); |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
93
diff
changeset
|
1286 |
$page_id_key = $paths->nslist[ $oldtarget[1] ] . $oldtarget[0]; |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
93
diff
changeset
|
1287 |
$page_data = $paths->pages[$page_id_key]; |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
93
diff
changeset
|
1288 |
$title = ( isset($page_data['name']) ) ? $page_data['name'] : $paths->nslist[$oldtarget[1]] . htmlspecialchars( str_replace('_', ' ', dirtify_page_id( $oldtarget[0] ) ) ); |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
93
diff
changeset
|
1289 |
$a = '<a href="' . $url . '">' . $title . '</a>'; |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
93
diff
changeset
|
1290 |
|
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
93
diff
changeset
|
1291 |
$url = makeUrlNS($this->namespace, $this->page_id, 'redirect=no', true); |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
93
diff
changeset
|
1292 |
$page_id_key = $paths->nslist[ $this->namespace ] . $this->page_id; |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
93
diff
changeset
|
1293 |
$page_data = $paths->pages[$page_id_key]; |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
93
diff
changeset
|
1294 |
$title = ( isset($page_data['name']) ) ? $page_data['name'] : $paths->nslist[$this->namespace] . htmlspecialchars( str_replace('_', ' ', dirtify_page_id( $this->page_id ) ) ); |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
93
diff
changeset
|
1295 |
$b = '<a href="' . $url . '">' . $title . '</a>'; |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
93
diff
changeset
|
1296 |
|
369 | 1297 |
$ob .= '<small>' . $lang->get('page_msg_redirected_from_to', array('from' => $a, 'to' => $b)) . '<br /></small>'; |
103
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
93
diff
changeset
|
1298 |
} |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
93
diff
changeset
|
1299 |
} |
a8891e108c95
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan
parents:
93
diff
changeset
|
1300 |
|
314
474f8be55943
Localized remainder of on-page tools and parts of PageProcess
Dan
parents:
313
diff
changeset
|
1301 |
$email_link = $email->encryptEmail(getConfig('contact_email'), '', '', $lang->get('page_err_access_denied_siteadmin')); |
474f8be55943
Localized remainder of on-page tools and parts of PageProcess
Dan
parents:
313
diff
changeset
|
1302 |
|
474f8be55943
Localized remainder of on-page tools and parts of PageProcess
Dan
parents:
313
diff
changeset
|
1303 |
$ob .= "<h3>" . $lang->get('page_err_access_denied_title') . "</h3>"; |
474f8be55943
Localized remainder of on-page tools and parts of PageProcess
Dan
parents:
313
diff
changeset
|
1304 |
$ob .= "<p>" . $lang->get('page_err_access_denied_body', array('site_administration' => $email_link)) . "</p>"; |
1 | 1305 |
|
1306 |
if ( $this->send_headers ) |
|
1307 |
{ |
|
1308 |
$ob .= $template->getFooter(); |
|
1309 |
} |
|
1310 |
echo $ob; |
|
1311 |
} |
|
1312 |
||
1313 |
/** |
|
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
31
diff
changeset
|
1314 |
* Inform the user of an incorrect or absent password |
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
31
diff
changeset
|
1315 |
* @access private |
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
31
diff
changeset
|
1316 |
*/ |
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
31
diff
changeset
|
1317 |
|
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
31
diff
changeset
|
1318 |
function err_wrong_password() |
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
31
diff
changeset
|
1319 |
{ |
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
31
diff
changeset
|
1320 |
global $db, $session, $paths, $template, $plugins; // Common objects |
369 | 1321 |
global $lang; |
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
31
diff
changeset
|
1322 |
|
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
31
diff
changeset
|
1323 |
$title = 'Password required'; |
369 | 1324 |
$message = ( empty($this->password) ) ? |
1325 |
'<p>' . $lang->get('page_msg_passrequired') . '</p>' : |
|
1326 |
'<p>' . $lang->get('page_msg_pass_wrong') . '</p>'; |
|
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
31
diff
changeset
|
1327 |
$message .= '<form action="' . makeUrlNS($this->namespace, $this->page_id) . '" method="post"> |
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
31
diff
changeset
|
1328 |
<p> |
369 | 1329 |
<label>' . $lang->get('page_lbl_password') . ' <input name="pagepass" type="password" /></label> <input type="submit" value="Submit" /> |
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
31
diff
changeset
|
1330 |
</p> |
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
31
diff
changeset
|
1331 |
</form>'; |
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
31
diff
changeset
|
1332 |
if ( $this->send_headers ) |
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
31
diff
changeset
|
1333 |
{ |
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
31
diff
changeset
|
1334 |
$template->tpl_strings['PAGE_NAME'] = $title; |
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
31
diff
changeset
|
1335 |
$template->header(); |
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
31
diff
changeset
|
1336 |
echo "$message"; |
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
31
diff
changeset
|
1337 |
$template->footer(); |
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
31
diff
changeset
|
1338 |
} |
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
31
diff
changeset
|
1339 |
else |
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
31
diff
changeset
|
1340 |
{ |
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
31
diff
changeset
|
1341 |
echo "<h2>$title</h2> |
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
31
diff
changeset
|
1342 |
$message"; |
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
31
diff
changeset
|
1343 |
} |
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
31
diff
changeset
|
1344 |
} |
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
31
diff
changeset
|
1345 |
|
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
parents:
31
diff
changeset
|
1346 |
/** |
1 | 1347 |
* Send the error message to the user complaining that there weren't any rows. |
1348 |
* @access private |
|
1349 |
*/ |
|
1350 |
||
1351 |
function err_no_rows() |
|
1352 |
{ |
|
1353 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
1354 |
||
1355 |
$title = 'No text rows'; |
|
1356 |
$message = 'While the page\'s existence was verified, there were no rows in the database that matched the query for the text. This may indicate a bug with the software; ask the webmaster for more information. The offending query was:<pre>' . $db->latest_query . '</pre>'; |
|
1357 |
if ( $this->send_headers ) |
|
1358 |
{ |
|
1359 |
$template->tpl_strings['PAGE_NAME'] = $title; |
|
1360 |
$template->header(); |
|
1361 |
echo "<p>$message</p>"; |
|
1362 |
$template->footer(); |
|
1363 |
} |
|
1364 |
else |
|
1365 |
{ |
|
1366 |
echo "<h2>$title</h2> |
|
1367 |
<p>$message</p>"; |
|
1368 |
} |
|
1369 |
} |
|
1370 |
||
1371 |
/** |
|
1372 |
* Tell the user the page doesn't exist, and present them with their options. |
|
1373 |
* @access private |
|
1374 |
*/ |
|
1375 |
||
22
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1376 |
function err_page_not_existent($userpage = false) |
1 | 1377 |
{ |
1378 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
369 | 1379 |
global $lang; |
1 | 1380 |
|
91 | 1381 |
header('HTTP/1.1 404 Not Found'); |
1382 |
||
1 | 1383 |
$this->header(); |
91 | 1384 |
$this->do_breadcrumbs(); |
1385 |
||
343
eefe9ab7fe7c
Localized the first parts of the admin panel. As a consequence, also wrote a brand new Admin:PageManager that doesn't suck like the old one did.
Dan
parents:
335
diff
changeset
|
1386 |
$msg = $paths->sysmsg('Page_not_found'); |
eefe9ab7fe7c
Localized the first parts of the admin panel. As a consequence, also wrote a brand new Admin:PageManager that doesn't suck like the old one did.
Dan
parents:
335
diff
changeset
|
1387 |
if ( $msg ) |
22
d0314575e2f0
More preliminary l10n work; userpage portal style basics implemented
Dan
parents:
21
diff
changeset
|
1388 |
{ |
343
eefe9ab7fe7c
Localized the first parts of the admin panel. As a consequence, also wrote a brand new Admin:PageManager that doesn't suck like the old one did.
Dan
parents:
335
diff
changeset
|
1389 |
$msg = RenderMan::render($msg); |
eefe9ab7fe7c
Localized the first parts of the admin panel. As a consequence, also wrote a brand new Admin:PageManager that doesn't suck like the old one did.
Dan
parents:
335
diff
changeset
|
1390 |
eval( '?>' . $msg ); |
1 | 1391 |
} |
1392 |
else |
|
1393 |
{ |
|
343
eefe9ab7fe7c
Localized the first parts of the admin panel. As a consequence, also wrote a brand new Admin:PageManager that doesn't suck like the old one did.
Dan
parents:
335
diff
changeset
|
1394 |
if ( $userpage ) |
eefe9ab7fe7c
Localized the first parts of the admin panel. As a consequence, also wrote a brand new Admin:PageManager that doesn't suck like the old one did.
Dan
parents:
335
diff
changeset
|
1395 |
{ |
369 | 1396 |
echo '<h3>' . $lang->get('page_msg_404_title') . '</h3> |
1397 |
<p>' . $lang->get('page_msg_404_body_userpage'); |
|
343
eefe9ab7fe7c
Localized the first parts of the admin panel. As a consequence, also wrote a brand new Admin:PageManager that doesn't suck like the old one did.
Dan
parents:
335
diff
changeset
|
1398 |
} |
eefe9ab7fe7c
Localized the first parts of the admin panel. As a consequence, also wrote a brand new Admin:PageManager that doesn't suck like the old one did.
Dan
parents:
335
diff
changeset
|
1399 |
else |
1 | 1400 |
{ |
369 | 1401 |
echo '<h3>' . $lang->get('page_msg_404_title') . '</h3> |
1402 |
<p>' . $lang->get('page_msg_404_body'); |
|
1 | 1403 |
} |
343
eefe9ab7fe7c
Localized the first parts of the admin panel. As a consequence, also wrote a brand new Admin:PageManager that doesn't suck like the old one did.
Dan
parents:
335
diff
changeset
|
1404 |
if ( $session->get_permissions('create_page') ) |
eefe9ab7fe7c
Localized the first parts of the admin panel. As a consequence, also wrote a brand new Admin:PageManager that doesn't suck like the old one did.
Dan
parents:
335
diff
changeset
|
1405 |
{ |
369 | 1406 |
echo ' ' . $lang->get('page_msg_404_create', array( |
1407 |
'create_flags' => 'href="'.makeUrlNS($this->namespace, $this->page_id, 'do=edit', true).'" onclick="ajaxEditor(); return false;"', |
|
1408 |
'mainpage_link' => makeUrl(getConfig('main_page'), false, true) |
|
1409 |
)); |
|
343
eefe9ab7fe7c
Localized the first parts of the admin panel. As a consequence, also wrote a brand new Admin:PageManager that doesn't suck like the old one did.
Dan
parents:
335
diff
changeset
|
1410 |
} |
eefe9ab7fe7c
Localized the first parts of the admin panel. As a consequence, also wrote a brand new Admin:PageManager that doesn't suck like the old one did.
Dan
parents:
335
diff
changeset
|
1411 |
else |
eefe9ab7fe7c
Localized the first parts of the admin panel. As a consequence, also wrote a brand new Admin:PageManager that doesn't suck like the old one did.
Dan
parents:
335
diff
changeset
|
1412 |
{ |
369 | 1413 |
echo ' ' . $lang->get('page_msg_404_gohome', array( |
1414 |
'mainpage_link' => makeUrl(getConfig('main_page'), false, true) |
|
1415 |
)); |
|
343
eefe9ab7fe7c
Localized the first parts of the admin panel. As a consequence, also wrote a brand new Admin:PageManager that doesn't suck like the old one did.
Dan
parents:
335
diff
changeset
|
1416 |
} |
369 | 1417 |
echo '</p>'; |
343
eefe9ab7fe7c
Localized the first parts of the admin panel. As a consequence, also wrote a brand new Admin:PageManager that doesn't suck like the old one did.
Dan
parents:
335
diff
changeset
|
1418 |
if ( $session->get_permissions('history_rollback') ) |
1 | 1419 |
{ |
343
eefe9ab7fe7c
Localized the first parts of the admin panel. As a consequence, also wrote a brand new Admin:PageManager that doesn't suck like the old one did.
Dan
parents:
335
diff
changeset
|
1420 |
$e = $db->sql_query('SELECT * FROM ' . table_prefix . 'logs WHERE action=\'delete\' AND page_id=\'' . $this->page_id . '\' AND namespace=\'' . $this->namespace . '\' ORDER BY time_id DESC;'); |
eefe9ab7fe7c
Localized the first parts of the admin panel. As a consequence, also wrote a brand new Admin:PageManager that doesn't suck like the old one did.
Dan
parents:
335
diff
changeset
|
1421 |
if ( !$e ) |
93
95c4d91bd954
Redirections to the main page use the redirect() function now
Dan
parents:
92
diff
changeset
|
1422 |
{ |
343
eefe9ab7fe7c
Localized the first parts of the admin panel. As a consequence, also wrote a brand new Admin:PageManager that doesn't suck like the old one did.
Dan
parents:
335
diff
changeset
|
1423 |
$db->_die('The deletion log could not be selected.'); |
93
95c4d91bd954
Redirections to the main page use the redirect() function now
Dan
parents:
92
diff
changeset
|
1424 |
} |
343
eefe9ab7fe7c
Localized the first parts of the admin panel. As a consequence, also wrote a brand new Admin:PageManager that doesn't suck like the old one did.
Dan
parents:
335
diff
changeset
|
1425 |
if ( $db->numrows() > 0 ) |
eefe9ab7fe7c
Localized the first parts of the admin panel. As a consequence, also wrote a brand new Admin:PageManager that doesn't suck like the old one did.
Dan
parents:
335
diff
changeset
|
1426 |
{ |
eefe9ab7fe7c
Localized the first parts of the admin panel. As a consequence, also wrote a brand new Admin:PageManager that doesn't suck like the old one did.
Dan
parents:
335
diff
changeset
|
1427 |
$r = $db->fetchrow(); |
369 | 1428 |
echo '<p>' . $lang->get('page_msg_404_was_deleted', array( |
1429 |
'delete_time' => enano_date('d M Y h:i a', $r['time_id']), |
|
1430 |
'delete_reason' => htmlspecialchars($r['edit_summary']), |
|
1431 |
'rollback_flags' => 'href="'.makeUrl($paths->page, 'do=rollback&id='.$r['time_id']).'" onclick="ajaxRollback(\''.$r['time_id'].'\'); return false;"' |
|
1432 |
)) |
|
1433 |
. '</p>'; |
|
343
eefe9ab7fe7c
Localized the first parts of the admin panel. As a consequence, also wrote a brand new Admin:PageManager that doesn't suck like the old one did.
Dan
parents:
335
diff
changeset
|
1434 |
if ( $session->user_level >= USER_LEVEL_ADMIN ) |
eefe9ab7fe7c
Localized the first parts of the admin panel. As a consequence, also wrote a brand new Admin:PageManager that doesn't suck like the old one did.
Dan
parents:
335
diff
changeset
|
1435 |
{ |
369 | 1436 |
echo '<p>' . $lang->get('page_msg_404_admin_opts', array( |
1437 |
'detag_link' => makeUrl($paths->page, 'do=detag', true) |
|
1438 |
)) |
|
1439 |
. '</p>'; |
|
343
eefe9ab7fe7c
Localized the first parts of the admin panel. As a consequence, also wrote a brand new Admin:PageManager that doesn't suck like the old one did.
Dan
parents:
335
diff
changeset
|
1440 |
} |
eefe9ab7fe7c
Localized the first parts of the admin panel. As a consequence, also wrote a brand new Admin:PageManager that doesn't suck like the old one did.
Dan
parents:
335
diff
changeset
|
1441 |
} |
eefe9ab7fe7c
Localized the first parts of the admin panel. As a consequence, also wrote a brand new Admin:PageManager that doesn't suck like the old one did.
Dan
parents:
335
diff
changeset
|
1442 |
$db->free_result(); |
1 | 1443 |
} |
343
eefe9ab7fe7c
Localized the first parts of the admin panel. As a consequence, also wrote a brand new Admin:PageManager that doesn't suck like the old one did.
Dan
parents:
335
diff
changeset
|
1444 |
echo '<p> |
369 | 1445 |
' . $lang->get('page_msg_404_http_response') . ' |
343
eefe9ab7fe7c
Localized the first parts of the admin panel. As a consequence, also wrote a brand new Admin:PageManager that doesn't suck like the old one did.
Dan
parents:
335
diff
changeset
|
1446 |
</p>'; |
1 | 1447 |
} |
1448 |
$this->footer(); |
|
1449 |
} |
|
1450 |
||
1451 |
/** |
|
91 | 1452 |
* Echoes out breadcrumb data, if appropriate. |
1453 |
* @access private |
|
1454 |
*/ |
|
1455 |
||
1456 |
function do_breadcrumbs() |
|
1457 |
{ |
|
1458 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
1459 |
if ( strpos($this->text_cache, '__NOBREADCRUMBS__') !== false ) |
|
1460 |
return false; |
|
1461 |
$breadcrumb_data = explode('/', $this->page_id); |
|
1462 |
if ( count($breadcrumb_data) > 1 ) |
|
1463 |
{ |
|
1464 |
echo '<!-- Start breadcrumbs --> |
|
1465 |
<div class="breadcrumbs"> |
|
1466 |
'; |
|
1467 |
foreach ( $breadcrumb_data as $i => $higherpage ) |
|
1468 |
{ |
|
1469 |
$higherpage = $paths->nslist[$this->namespace] . sanitize_page_id(implode('/', array_slice($breadcrumb_data, 0, ($i+1)))); |
|
1470 |
if ( ($i + 1) == count($breadcrumb_data) ) |
|
1471 |
{ |
|
1472 |
$title = get_page_title($higherpage, false); |
|
1473 |
if ( !$this->page_exists ) |
|
1474 |
{ |
|
1475 |
$title = explode('/', $title); |
|
1476 |
$title = array_reverse($title); |
|
1477 |
$title = $title[0]; |
|
1478 |
} |
|
1479 |
echo htmlspecialchars($title); |
|
1480 |
break; |
|
1481 |
} |
|
1482 |
else if ( isPage($higherpage) ) |
|
1483 |
{ |
|
1484 |
$title = get_page_title($higherpage, false); |
|
1485 |
echo '<a href="' . makeUrl($higherpage, false, true) . '">' . htmlspecialchars($title) . '</a>'; |
|
1486 |
} |
|
1487 |
else |
|
1488 |
{ |
|
1489 |
$title = get_page_title($higherpage, false); |
|
1490 |
$title = explode('/', $title); |
|
1491 |
$title = array_reverse($title); |
|
1492 |
$title = $title[0]; |
|
1493 |
echo '<a href="' . makeUrl($higherpage, false, true) . '" class="wikilink-nonexistent">' . htmlspecialchars($title) . '</a>'; |
|
1494 |
} |
|
1495 |
echo ' » '; |
|
1496 |
} |
|
1497 |
echo '</div> |
|
1498 |
<!-- End breadcrumbs --> |
|
1499 |
'; |
|
1500 |
} |
|
1501 |
} |
|
1502 |
||
1503 |
/** |
|
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
parents:
16
diff
changeset
|
1504 |
* Send an error message and die. For debugging or critical technical errors only - nothing that would under normal circumstances be shown to the user. |
1 | 1505 |
* @var string Error message |
1506 |
* @var bool If true, send DBAL's debugging information as well |
|
1507 |
*/ |
|
1508 |
||
1509 |
function send_error($message, $sql = false) |
|
1510 |
{ |
|
1511 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
369 | 1512 |
global $lang; |
1 | 1513 |
|
1514 |
$content = "<p>$message</p>"; |
|
369 | 1515 |
$template->tpl_strings['PAGE_NAME'] = $lang->get('page_msg_general_error'); |
1 | 1516 |
|
1517 |
if ( $this->debug['works'] ) |
|
1518 |
{ |
|
1519 |
$content .= $this->debug['backtrace']; |
|
1520 |
} |
|
1521 |
||
1522 |
header('HTTP/1.1 500 Internal Server Error'); |
|
1523 |
||
1524 |
$template->header(); |
|
1525 |
echo $content; |
|
1526 |
$template->footer(); |
|
1527 |
||
1528 |
$db->close(); |
|
1529 |
||
1530 |
exit; |
|
1531 |
||
1532 |
} |
|
1533 |
||
322
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
1534 |
/** |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
1535 |
* Raises an error. |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
1536 |
* @param string Error string |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
1537 |
*/ |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
1538 |
|
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
1539 |
function raise_error($string) |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
1540 |
{ |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
1541 |
if ( !is_string($string) ) |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
1542 |
return false; |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
1543 |
$this->_errors[] = $string; |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
1544 |
} |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
1545 |
|
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
1546 |
/** |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
1547 |
* Retrieves the latest error from the error stack and returns it ('pops' the error stack) |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
1548 |
* @return string |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
1549 |
*/ |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
1550 |
|
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
1551 |
function pop_error() |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
1552 |
{ |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
1553 |
if ( count($this->_errors) < 1 ) |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
1554 |
return false; |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
1555 |
return array_pop($this->_errors); |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
1556 |
} |
5f1cd51bf1be
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan
parents:
320
diff
changeset
|
1557 |
|
1 | 1558 |
} // class PageProcessor |
1559 |
||
1560 |
?> |