0
+ − 1
<?php
73
0a74676a2f2f
Made the move to Loch Ness, and got some basic page grouping functionality working. TODO: fix some UI issues in Javascript ACL editor and change non-JS ACL editor to work with page groups too
Dan
diff
changeset
+ − 2
166
+ − 3
/*
0
+ − 4
* Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
513
+ − 5
* Version 1.1.3 (Caoineag alpha 3)
0
+ − 6
* Copyright (C) 2006-2007 Dan Fuhry
+ − 7
*
+ − 8
* This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
+ − 9
* as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
+ − 10
*
+ − 11
* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ − 12
* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
+ − 13
*
246
+ − 14
* @package Enano
+ − 15
* @subpackage Frontend
+ − 16
*
0
+ − 17
*/
246
+ − 18
311
a007145a0ff6
Deprecated debugConsole and removed all calls to it. Added a lot of comments to common.php. Added support for "anonymous pages" that are created when the Enano API is loaded from an external script. Fixed missing border-bottom on Type 2 sidebar blocks in Oxygen.
Dan
diff
changeset
+ − 19
define('ENANO_INTERFACE_INDEX', '');
372
5bd429428101
A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager
Dan
diff
changeset
+ − 20
5bd429428101
A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager
Dan
diff
changeset
+ − 21
// For the mighty and brave.
383
1030864dc319
Fixed SYSMSG tag in templates causing problems; commented out ENANO_DEBUG; fixed bad table prefix in installer payload logic
Dan
diff
changeset
+ − 22
// define('ENANO_DEBUG', '');
311
a007145a0ff6
Deprecated debugConsole and removed all calls to it. Added a lot of comments to common.php. Added support for "anonymous pages" that are created when the Enano API is loaded from an external script. Fixed missing border-bottom on Type 2 sidebar blocks in Oxygen.
Dan
diff
changeset
+ − 23
81
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 24
// Set up gzip encoding before any output is sent
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 25
334
c72b545f1304
More localization work. Resolved major issue with JSON parser not parsing files over ~50KB. Switched JSON parser to the one from the Zend Framework (BSD licensed). Forced to split enano.json into five different files.
Dan
diff
changeset
+ − 26
$aggressive_optimize_html = true;
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 27
0
+ − 28
global $do_gzip;
334
c72b545f1304
More localization work. Resolved major issue with JSON parser not parsing files over ~50KB. Switched JSON parser to the one from the Zend Framework (BSD licensed). Forced to split enano.json into five different files.
Dan
diff
changeset
+ − 29
$do_gzip = true;
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 30
0
+ − 31
if(isset($_SERVER['PATH_INFO'])) $v = $_SERVER['PATH_INFO'];
+ − 32
elseif(isset($_GET['title'])) $v = $_GET['title'];
+ − 33
else $v = '';
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 34
80
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 35
if ( isset($_GET['nocompress']) )
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 36
$aggressive_optimize_html = false;
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 37
0
+ − 38
error_reporting(E_ALL);
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 39
0
+ − 40
if($aggressive_optimize_html || $do_gzip)
+ − 41
{
+ − 42
ob_start();
+ − 43
}
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 44
0
+ − 45
require('includes/common.php');
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 46
0
+ − 47
global $db, $session, $paths, $template, $plugins; // Common objects
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 48
307
+ − 49
if ( !isset($_GET['do']) )
+ − 50
{
+ − 51
$_GET['do'] = 'view';
+ − 52
}
0
+ − 53
switch($_GET['do'])
+ − 54
{
+ − 55
default:
285
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 56
die_friendly('Invalid action', '<p>The action "'.htmlspecialchars($_GET['do']).'" is not defined. Return to <a href="'.makeUrl($paths->page).'">viewing this page\'s text</a>.</p>');
0
+ − 57
break;
+ − 58
case 'view':
+ − 59
// echo PageUtils::getpage($paths->page, true, ( (isset($_GET['oldid'])) ? $_GET['oldid'] : false ));
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 60
$rev_id = ( (isset($_GET['oldid'])) ? intval($_GET['oldid']) : 0 );
322
+ − 61
$page = new PageProcessor( $paths->page_id, $paths->namespace, $rev_id );
0
+ − 62
$page->send_headers = true;
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 63
$pagepass = ( isset($_REQUEST['pagepass']) ) ? sha1($_REQUEST['pagepass']) : '';
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 64
$page->password = $pagepass;
61
+ − 65
$page->send(true);
0
+ − 66
break;
+ − 67
case 'comments':
+ − 68
$template->header();
+ − 69
$sub = ( isset ($_GET['sub']) ) ? $_GET['sub'] : false;
+ − 70
switch($sub)
+ − 71
{
+ − 72
case 'admin':
+ − 73
default:
+ − 74
$act = ( isset ($_GET['action']) ) ? $_GET['action'] : false;
+ − 75
$id = ( isset ($_GET['id']) ) ? intval($_GET['id']) : -1;
322
+ − 76
echo PageUtils::comments_html($paths->page_id, $paths->namespace, $act, Array('id'=>$id));
0
+ − 77
break;
+ − 78
case 'postcomment':
+ − 79
if(empty($_POST['name']) ||
+ − 80
empty($_POST['subj']) ||
+ − 81
empty($_POST['text'])
+ − 82
) { echo 'Invalid request'; break; }
+ − 83
$cid = ( isset($_POST['captcha_id']) ) ? $_POST['captcha_id'] : false;
+ − 84
$cin = ( isset($_POST['captcha_input']) ) ? $_POST['captcha_input'] : false;
322
+ − 85
PageUtils::addcomment($paths->page_id, $paths->namespace, $_POST['name'], $_POST['subj'], $_POST['text'], $cin, $cid); // All filtering, etc. is handled inside this method
+ − 86
echo PageUtils::comments_html($paths->page_id, $paths->namespace);
0
+ − 87
break;
+ − 88
case 'editcomment':
+ − 89
if(!isset($_GET['id']) || ( isset($_GET['id']) && !preg_match('#^([0-9]+)$#', $_GET['id']) )) { echo '<p>Invalid comment ID</p>'; break; }
+ − 90
$q = $db->sql_query('SELECT subject,comment_data,comment_id FROM '.table_prefix.'comments WHERE comment_id='.$_GET['id']);
+ − 91
if(!$q) $db->_die('The comment data could not be selected.');
+ − 92
$row = $db->fetchrow();
+ − 93
$db->free_result();
213
+ − 94
$row['subject'] = str_replace('\'', ''', $row['subject']);
0
+ − 95
echo '<form action="'.makeUrl($paths->page, 'do=comments&sub=savecomment').'" method="post">';
+ − 96
echo "<br /><div class='tblholder'><table border='0' width='100%' cellspacing='1' cellpadding='4'>
213
+ − 97
<tr><td class='row1'>" . $lang->get('comment_postform_field_subject') . "</td><td class='row1'><input type='text' name='subj' value='{$row['subject']}' /></td></tr>
+ − 98
<tr><td class='row2'>" . $lang->get('comment_postform_field_comment') . "</td><td class='row2'><textarea rows='10' cols='40' style='width: 98%;' name='text'>{$row['comment_data']}</textarea></td></tr>
+ − 99
<tr><td class='row1' colspan='2' class='row1' style='text-align: center;'><input type='hidden' name='id' value='{$row['comment_id']}' /><input type='submit' value='" . $lang->get('etc_save_changes') . "' /></td></tr>
0
+ − 100
</table></div>";
+ − 101
echo '</form>';
+ − 102
break;
+ − 103
case 'savecomment':
+ − 104
if(empty($_POST['subj']) || empty($_POST['text'])) { echo '<p>Invalid request</p>'; break; }
322
+ − 105
$r = PageUtils::savecomment_neater($paths->page_id, $paths->namespace, $_POST['subj'], $_POST['text'], (int)$_POST['id']);
0
+ − 106
if($r != 'good') { echo "<pre>$r</pre>"; break; }
322
+ − 107
echo PageUtils::comments_html($paths->page_id, $paths->namespace);
0
+ − 108
break;
+ − 109
case 'deletecomment':
+ − 110
if(!empty($_GET['id']))
+ − 111
{
322
+ − 112
PageUtils::deletecomment_neater($paths->page_id, $paths->namespace, (int)$_GET['id']);
0
+ − 113
}
322
+ − 114
echo PageUtils::comments_html($paths->page_id, $paths->namespace);
0
+ − 115
break;
+ − 116
}
+ − 117
$template->footer();
+ − 118
break;
+ − 119
case 'edit':
285
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 120
if(isset($_POST['_cancel']))
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 121
{
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 122
redirect(makeUrl($paths->page), '', '', 0);
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 123
break;
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 124
}
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 125
if(isset($_POST['_save']))
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 126
{
337
+ − 127
$captcha_valid = true;
+ − 128
if ( !$session->user_logged_in && getConfig('guest_edit_require_captcha') == '1' )
285
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 129
{
337
+ − 130
$captcha_valid = false;
+ − 131
if ( isset($_POST['captcha_id']) && isset($_POST['captcha_code']) )
+ − 132
{
+ − 133
$hash_correct = strtolower($session->get_captcha($_POST['captcha_id']));
+ − 134
$hash_input = strtolower($_POST['captcha_code']);
+ − 135
if ( $hash_input === $hash_correct )
+ − 136
$captcha_valid = true;
+ − 137
}
+ − 138
}
+ − 139
if ( $captcha_valid )
+ − 140
{
+ − 141
$e = PageUtils::savepage($paths->page_id, $paths->namespace, $_POST['page_text'], $_POST['edit_summary'], isset($_POST['minor']));
+ − 142
if ( $e == 'good' )
+ − 143
{
+ − 144
redirect(makeUrl($paths->page), $lang->get('editor_msg_save_success_title'), $lang->get('editor_msg_save_success_body'), 3);
+ − 145
}
285
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 146
}
0
+ − 147
}
+ − 148
$template->header();
337
+ − 149
if ( isset($captcha_valid) )
+ − 150
{
+ − 151
echo '<div class="usermessage">' . $lang->get('editor_err_captcha_wrong') . '</div>';
+ − 152
}
0
+ − 153
if(isset($_POST['_preview']))
+ − 154
{
+ − 155
$text = $_POST['page_text'];
408
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 156
$edsumm = $_POST['edit_summary'];
0
+ − 157
echo PageUtils::genPreview($_POST['page_text']);
220
+ − 158
$text = htmlspecialchars($text);
408
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 159
$revid = 0;
0
+ − 160
}
220
+ − 161
else
+ − 162
{
408
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 163
$revid = ( isset($_GET['revid']) ) ? intval($_GET['revid']) : 0;
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 164
$page = new PageProcessor($paths->page_id, $paths->namespace, $revid);
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 165
$text = $page->fetch_source();
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 166
$edsumm = '';
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 167
// $text = RenderMan::getPage($paths->cpage['urlname_nons'], $paths->namespace, 0, false, false, false, false);
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 168
}
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 169
if ( $revid > 0 )
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 170
{
468
+ − 171
$time = $page->revision_time;
408
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 172
// Retrieve information about this revision and the current one
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 173
$q = $db->sql_query('SELECT l1.author AS currentrev_author, l2.author AS oldrev_author FROM ' . table_prefix . 'logs AS l1
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 174
LEFT JOIN ' . table_prefix . 'logs AS l2
468
+ − 175
ON ( l2.log_id = ' . $revid . '
408
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 176
AND l2.log_type = \'page\'
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 177
AND l2.action = \'edit\'
468
+ − 178
AND l2.page_id = \'' . $db->escape($paths->page_id) . '\'
+ − 179
AND l2.namespace = \'' . $db->escape($paths->namespace) . '\'
+ − 180
AND l1.is_draft != 1
408
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 181
)
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 182
WHERE l1.log_type = \'page\'
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 183
AND l1.action = \'edit\'
468
+ − 184
AND l1.page_id = \'' . $db->escape($paths->page_id) . '\'
+ − 185
AND l1.namespace = \'' . $db->escape($paths->namespace) . '\'
+ − 186
AND l1.time_id > ' . $time . '
+ − 187
AND l1.is_draft != 1
408
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 188
ORDER BY l1.time_id DESC;');
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 189
if ( !$q )
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 190
$db->die_json();
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 191
468
+ − 192
if ( $db->numrows() > 0 )
+ − 193
{
+ − 194
echo '<div class="usermessage">' . $lang->get('editor_msg_editing_old_revision') . '</div>';
+ − 195
+ − 196
$rev_count = $db->numrows() - 2;
+ − 197
$row = $db->fetchrow();
+ − 198
$undo_info = array(
+ − 199
'old_author' => $row['oldrev_author'],
+ − 200
'current_author' => $row['currentrev_author'],
+ − 201
'undo_count' => max($rev_count, 1),
+ − 202
'last_rev_id' => $revid
+ − 203
);
+ − 204
}
+ − 205
else
+ − 206
{
+ − 207
$revid = 0;
+ − 208
}
408
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 209
$db->free_result();
220
+ − 210
}
0
+ − 211
echo '
+ − 212
<form action="'.makeUrl($paths->page, 'do=edit').'" method="post" enctype="multipart/form-data">
+ − 213
<br />
+ − 214
<textarea name="page_text" rows="20" cols="60" style="width: 97%;">'.$text.'</textarea><br />
+ − 215
<br />
+ − 216
';
408
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 217
$edsumm = ( $revid > 0 ) ? $lang->get('editor_reversion_edit_summary', $undo_info) : $edsumm;
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 218
echo $lang->get('editor_lbl_edit_summary') . ' <input name="edit_summary" type="text" size="40" value="' . htmlspecialchars($edsumm) . '" /><br /><label><input type="checkbox" name="minor" /> ' . $lang->get('editor_lbl_minor_edit_field') . '</label><br />';
337
+ − 219
if ( !$session->user_logged_in && getConfig('guest_edit_require_captcha') == '1' )
+ − 220
{
+ − 221
echo '<br /><table border="0"><tr><td>';
+ − 222
echo '<b>' . $lang->get('editor_lbl_field_captcha') . '</b><br />'
+ − 223
. '<br />'
+ − 224
. $lang->get('editor_msg_captcha_pleaseenter') . '<br /><br />'
+ − 225
. $lang->get('editor_msg_captcha_blind');
+ − 226
echo '</td><td>';
+ − 227
$hash = $session->make_captcha();
+ − 228
echo '<img src="' . makeUrlNS('Special', "Captcha/$hash") . '" onclick="this.src+=\'/a\'" style="cursor: pointer;" /><br />';
+ − 229
echo '<input type="hidden" name="captcha_id" value="' . $hash . '" />';
+ − 230
echo $lang->get('editor_lbl_field_captcha_code') . ' <input type="text" name="captcha_code" value="" size="9" />';
+ − 231
echo '</td></tr></table>';
+ − 232
}
0
+ − 233
echo '<br />
220
+ − 234
<input type="submit" name="_save" value="' . $lang->get('editor_btn_save') . '" style="font-weight: bold;" />
+ − 235
<input type="submit" name="_preview" value="' . $lang->get('editor_btn_preview') . '" />
+ − 236
<input type="submit" name="_revert" value="' . $lang->get('editor_btn_revert') . '" />
+ − 237
<input type="submit" name="_cancel" value="' . $lang->get('editor_btn_cancel') . '" />
0
+ − 238
</form>
+ − 239
';
160
+ − 240
if ( getConfig('wiki_edit_notice') == '1' )
+ − 241
{
+ − 242
$notice = getConfig('wiki_edit_notice_text');
+ − 243
echo RenderMan::render($notice);
+ − 244
}
0
+ − 245
$template->footer();
+ − 246
break;
+ − 247
case 'viewsource':
+ − 248
$template->header();
322
+ − 249
$text = RenderMan::getPage($paths->page_id, $paths->namespace, 0, false, false, false, false);
391
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 250
$text = htmlspecialchars($text);
0
+ − 251
echo '
+ − 252
<form action="'.makeUrl($paths->page, 'do=edit').'" method="post">
+ − 253
<br />
+ − 254
<textarea readonly="readonly" name="page_text" rows="20" cols="60" style="width: 97%;">'.$text.'</textarea>';
+ − 255
echo '<br />
220
+ − 256
<input type="submit" name="_cancel" value="' . $lang->get('editor_btn_closeviewer') . '" />
0
+ − 257
</form>
+ − 258
';
+ − 259
$template->footer();
+ − 260
break;
+ − 261
case 'history':
322
+ − 262
$hist = PageUtils::histlist($paths->page_id, $paths->namespace);
0
+ − 263
$template->header();
+ − 264
echo $hist;
+ − 265
$template->footer();
+ − 266
break;
+ − 267
case 'rollback':
+ − 268
$id = (isset($_GET['id'])) ? $_GET['id'] : false;
+ − 269
if(!$id || !preg_match('#^([0-9]+)$#', $id)) die_friendly('Invalid action ID', '<p>The URL parameter "id" is not an integer. Exiting to prevent nasties like SQL injection, etc.</p>');
481
+ − 270
+ − 271
$id = intval($id);
+ − 272
+ − 273
$page = new PageProcessor($paths->page_id, $paths->namespace);
+ − 274
$result = $page->rollback_log_entry($id);
+ − 275
+ − 276
if ( $result['success'] )
+ − 277
{
+ − 278
$result = $lang->get("page_msg_rb_success_{$result['action']}", array('dateline' => $result['dateline']));
+ − 279
}
+ − 280
else
+ − 281
{
+ − 282
$result = $lang->get("page_err_{$result['error']}", array('action' => @$result['action']));
+ − 283
}
+ − 284
0
+ − 285
$template->header();
481
+ − 286
echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a></p>';
0
+ − 287
$template->footer();
+ − 288
break;
+ − 289
case 'catedit':
+ − 290
if(isset($_POST['__enanoSaveButton']))
+ − 291
{
+ − 292
unset($_POST['__enanoSaveButton']);
322
+ − 293
$val = PageUtils::catsave($paths->page_id, $paths->namespace, $_POST);
0
+ − 294
if($val == 'GOOD')
+ − 295
{
+ − 296
header('Location: '.makeUrl($paths->page)); echo '<html><head><title>Redirecting...</title></head><body>If you haven\'t been redirected yet, <a href="'.makeUrl($paths->page).'">click here</a>.'; break;
+ − 297
} else {
+ − 298
die_friendly('Error saving category information', '<p>'.$val.'</p>');
+ − 299
}
+ − 300
}
+ − 301
elseif(isset($_POST['__enanoCatCancel']))
+ − 302
{
+ − 303
header('Location: '.makeUrl($paths->page)); echo '<html><head><title>Redirecting...</title></head><body>If you haven\'t been redirected yet, <a href="'.makeUrl($paths->page).'">click here</a>.'; break;
+ − 304
}
+ − 305
$template->header();
322
+ − 306
$c = PageUtils::catedit_raw($paths->page_id, $paths->namespace);
0
+ − 307
echo $c[1];
+ − 308
$template->footer();
+ − 309
break;
+ − 310
case 'moreoptions':
+ − 311
$template->header();
220
+ − 312
echo '<div class="menu_nojs" style="width: 150px; padding: 0;"><ul style="display: block;"><li><div class="label">' . $lang->get('ajax_lbl_moreoptions_nojs') . '</div><div style="clear: both;"></div></li>'.$template->toolbar_menu.'</ul></div>';
0
+ − 313
$template->footer();
+ − 314
break;
+ − 315
case 'protect':
+ − 316
if (!isset($_REQUEST['level'])) die_friendly('Invalid request', '<p>No protection level specified</p>');
+ − 317
if(!empty($_POST['reason']))
+ − 318
{
+ − 319
if(!preg_match('#^([0-2]*){1}$#', $_POST['level'])) die_friendly('Error protecting page', '<p>Request validation failed</p>');
322
+ − 320
PageUtils::protect($paths->page_id, $paths->namespace, intval($_POST['level']), $_POST['reason']);
220
+ − 321
+ − 322
die_friendly($lang->get('page_protect_lbl_success_title'), '<p>' . $lang->get('page_protect_lbl_success_body', array( 'page_link' => makeUrl($paths->page) )) . '</p>');
0
+ − 323
}
+ − 324
$template->header();
+ − 325
?>
+ − 326
<form action="<?php echo makeUrl($paths->page, 'do=protect'); ?>" method="post">
+ − 327
<input type="hidden" name="level" value="<?php echo $_REQUEST['level']; ?>" />
220
+ − 328
<?php if(isset($_POST['reason'])) echo '<p style="color: red;">' . $lang->get('page_protect_err_need_reason') . '</p>'; ?>
+ − 329
<p><?php echo $lang->get('page_protect_lbl_reason'); ?></p>
0
+ − 330
<p><input type="text" name="reason" size="40" /><br />
220
+ − 331
<?php echo $lang->get('page_protect_lbl_level'); ?> <b><?php
0
+ − 332
switch($_REQUEST['level'])
+ − 333
{
+ − 334
case '0':
220
+ − 335
echo $lang->get('page_protect_lbl_level_none');
0
+ − 336
break;
+ − 337
case '1':
220
+ − 338
echo $lang->get('page_protect_lbl_level_full');
0
+ − 339
break;
+ − 340
case '2':
220
+ − 341
echo $lang->get('page_protect_lbl_level_semi');
0
+ − 342
break;
+ − 343
default:
+ − 344
echo 'None;</b> Warning: request validation will fail after clicking submit<b>';
+ − 345
}
+ − 346
?></b></p>
220
+ − 347
<p><input type="submit" value="<?php echo htmlspecialchars($lang->get('page_protect_btn_submit')) ?>" style="font-weight: bold;" /></p>
0
+ − 348
</form>
+ − 349
<?php
+ − 350
$template->footer();
+ − 351
break;
+ − 352
case 'rename':
+ − 353
if(!empty($_POST['newname']))
+ − 354
{
322
+ − 355
$r = PageUtils::rename($paths->page_id, $paths->namespace, $_POST['newname']);
304
+ − 356
die_friendly($lang->get('page_rename_success_title'), '<p>'.nl2br($r).' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>');
0
+ − 357
}
+ − 358
$template->header();
+ − 359
?>
+ − 360
<form action="<?php echo makeUrl($paths->page, 'do=rename'); ?>" method="post">
220
+ − 361
<?php if(isset($_POST['newname'])) echo '<p style="color: red;">' . $lang->get('page_rename_err_need_name') . '</p>'; ?>
+ − 362
<p><?php echo $lang->get('page_rename_lbl'); ?></p>
0
+ − 363
<p><input type="text" name="newname" size="40" /></p>
220
+ − 364
<p><input type="submit" value="<?php echo htmlspecialchars($lang->get('page_rename_btn_submit')); ?>" style="font-weight: bold;" /></p>
0
+ − 365
</form>
+ − 366
<?php
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 367
$template->footer();
0
+ − 368
break;
+ − 369
case 'flushlogs':
220
+ − 370
if(!$session->get_permissions('clear_logs'))
+ − 371
{
+ − 372
die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>');
+ − 373
}
0
+ − 374
if(isset($_POST['_downthejohn']))
+ − 375
{
+ − 376
$template->header();
322
+ − 377
$result = PageUtils::flushlogs($paths->page_id, $paths->namespace);
220
+ − 378
echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>';
0
+ − 379
$template->footer();
+ − 380
break;
+ − 381
}
+ − 382
$template->header();
+ − 383
?>
+ − 384
<form action="<?php echo makeUrl($paths->page, 'do=flushlogs'); ?>" method="post">
220
+ − 385
<?php echo $lang->get('page_flushlogs_warning_stern'); ?>
+ − 386
<p><input type="submit" name="_downthejohn" value="<?php echo htmlspecialchars($lang->get('page_flushlogs_btn_submit')); ?>" style="color: red; font-weight: bold;" /></p>
0
+ − 387
</form>
+ − 388
<?php
+ − 389
$template->footer();
+ − 390
break;
+ − 391
case 'delvote':
+ − 392
if(isset($_POST['_ballotbox']))
+ − 393
{
+ − 394
$template->header();
322
+ − 395
$result = PageUtils::delvote($paths->page_id, $paths->namespace);
220
+ − 396
echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>';
0
+ − 397
$template->footer();
+ − 398
break;
+ − 399
}
+ − 400
$template->header();
+ − 401
?>
+ − 402
<form action="<?php echo makeUrl($paths->page, 'do=delvote'); ?>" method="post">
220
+ − 403
<?php
+ − 404
echo $lang->get('page_delvote_warning_stern');
+ − 405
echo '<p>';
+ − 406
switch($paths->cpage['delvotes'])
+ − 407
{
+ − 408
case 0: echo $lang->get('page_delvote_count_zero'); break;
+ − 409
case 1: echo $lang->get('page_delvote_count_one'); break;
+ − 410
default: echo $lang->get('page_delvote_count_plural', array('delvotes' => $paths->cpage['delvotes'])); break;
+ − 411
}
+ − 412
echo '</p>';
+ − 413
?>
+ − 414
<p><input type="submit" name="_ballotbox" value="<?php echo htmlspecialchars($lang->get('page_delvote_btn_submit')); ?>" /></p>
0
+ − 415
</form>
+ − 416
<?php
+ − 417
$template->footer();
+ − 418
break;
+ − 419
case 'resetvotes':
220
+ − 420
if(!$session->get_permissions('vote_reset'))
+ − 421
{
+ − 422
die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>');
+ − 423
}
0
+ − 424
if(isset($_POST['_youmaylivealittlelonger']))
+ − 425
{
+ − 426
$template->header();
322
+ − 427
$result = PageUtils::resetdelvotes($paths->page_id, $paths->namespace);
220
+ − 428
echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>';
0
+ − 429
$template->footer();
+ − 430
break;
+ − 431
}
+ − 432
$template->header();
+ − 433
?>
+ − 434
<form action="<?php echo makeUrl($paths->page, 'do=resetvotes'); ?>" method="post">
220
+ − 435
<p><?php echo $lang->get('ajax_delvote_reset_confirm'); ?></p>
+ − 436
<p><input type="submit" name="_youmaylivealittlelonger" value="<?php echo htmlspecialchars($lang->get('page_delvote_reset_btn_submit')); ?>" /></p>
0
+ − 437
</form>
+ − 438
<?php
+ − 439
$template->footer();
+ − 440
break;
+ − 441
case 'deletepage':
220
+ − 442
if(!$session->get_permissions('delete_page'))
+ − 443
{
+ − 444
die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>');
+ − 445
}
0
+ − 446
if(isset($_POST['_adiossucker']))
+ − 447
{
28
+ − 448
$reason = ( isset($_POST['reason']) ) ? $_POST['reason'] : false;
+ − 449
if ( empty($reason) )
220
+ − 450
$error = $lang->get('ajax_delete_prompt_reason');
28
+ − 451
else
+ − 452
{
+ − 453
$template->header();
322
+ − 454
$result = PageUtils::deletepage($paths->page_id, $paths->namespace, $reason);
220
+ − 455
echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>';
28
+ − 456
$template->footer();
+ − 457
break;
+ − 458
}
0
+ − 459
}
+ − 460
$template->header();
+ − 461
?>
+ − 462
<form action="<?php echo makeUrl($paths->page, 'do=deletepage'); ?>" method="post">
220
+ − 463
<?php echo $lang->get('page_delete_warning_stern'); ?>
28
+ − 464
<?php if ( isset($error) ) echo "<p>$error</p>"; ?>
220
+ − 465
<p><?php echo $lang->get('page_delete_lbl_reason'); ?> <input type="text" name="reason" size="50" /></p>
+ − 466
<p><input type="submit" name="_adiossucker" value="<?php echo htmlspecialchars($lang->get('page_delete_btn_submit')); ?>" style="color: red; font-weight: bold;" /></p>
0
+ − 467
</form>
+ − 468
<?php
+ − 469
$template->footer();
+ − 470
break;
+ − 471
case 'setwikimode':
220
+ − 472
if(!$session->get_permissions('set_wiki_mode'))
+ − 473
{
+ − 474
die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>');
+ − 475
}
97
+ − 476
if ( isset($_POST['finish']) )
+ − 477
{
+ − 478
$level = intval($_POST['level']);
+ − 479
if ( !in_array($level, array(0, 1, 2) ) )
+ − 480
{
+ − 481
die_friendly('Invalid request', '<p>Level not specified</p>');
+ − 482
}
322
+ − 483
$q = $db->sql_query('UPDATE '.table_prefix.'pages SET wiki_mode=' . $level . ' WHERE urlname=\'' . $db->escape($paths->page_id) . '\' AND namespace=\'' . $paths->namespace . '\';');
97
+ − 484
if ( !$q )
+ − 485
$db->_die();
220
+ − 486
redirect(makeUrl($paths->page), htmlspecialchars($paths->cpage['name']), $lang->get('page_wikimode_success_redirect'), 2);
97
+ − 487
}
+ − 488
else
+ − 489
{
+ − 490
$template->header();
+ − 491
if(!isset($_GET['level']) || ( isset($_GET['level']) && !preg_match('#^([0-9])$#', $_GET['level']))) die_friendly('Invalid request', '<p>Level not specified</p>');
+ − 492
$level = intval($_GET['level']);
+ − 493
if ( !in_array($level, array(0, 1, 2) ) )
+ − 494
{
+ − 495
die_friendly('Invalid request', '<p>Level not specified</p>');
+ − 496
}
+ − 497
echo '<form action="' . makeUrl($paths->page, 'do=setwikimode', true) . '" method="post">';
+ − 498
echo '<input type="hidden" name="finish" value="foo" />';
+ − 499
echo '<input type="hidden" name="level" value="' . $level . '" />';
220
+ − 500
$level_txt = ( $level == 0 ) ? 'page_wikimode_level_off' : ( ( $level == 1 ) ? 'page_wikimode_level_on' : 'page_wikimode_level_global' );
+ − 501
$blurb = ( $level == 0 || ( $level == 2 && getConfig('wiki_mode') != '1' ) ) ? 'page_wikimode_blurb_disable' : 'page_wikimode_blurb_enable';
97
+ − 502
?>
220
+ − 503
<h3><?php echo $lang->get('page_wikimode_heading'); ?></h3>
+ − 504
<p><?php echo $lang->get($level_txt) . ' ' . $lang->get($blurb); ?></p>
+ − 505
<p><?php echo $lang->get('page_wikimode_warning'); ?></p>
+ − 506
<p><input type="submit" value="<?php echo htmlspecialchars($lang->get('page_wikimode_btn_submit')); ?>" /></p>
97
+ − 507
<?php
+ − 508
echo '</form>';
+ − 509
$template->footer();
+ − 510
}
0
+ − 511
break;
+ − 512
case 'diff':
+ − 513
$template->header();
+ − 514
$id1 = ( isset($_GET['diff1']) ) ? (int)$_GET['diff1'] : false;
+ − 515
$id2 = ( isset($_GET['diff2']) ) ? (int)$_GET['diff2'] : false;
+ − 516
if(!$id1 || !$id2) { echo '<p>Invalid request.</p>'; $template->footer(); break; }
+ − 517
if(!preg_match('#^([0-9]+)$#', (string)$_GET['diff1']) ||
+ − 518
!preg_match('#^([0-9]+)$#', (string)$_GET['diff2'] )) { echo '<p>SQL injection attempt</p>'; $template->footer(); break; }
322
+ − 519
echo PageUtils::pagediff($paths->page_id, $paths->namespace, $id1, $id2);
0
+ − 520
$template->footer();
+ − 521
break;
91
+ − 522
case 'detag':
+ − 523
if ( $session->user_level < USER_LEVEL_ADMIN )
+ − 524
{
220
+ − 525
die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>');
91
+ − 526
}
+ − 527
if ( $paths->page_exists )
+ − 528
{
220
+ − 529
die_friendly($lang->get('etc_invalid_request_short'), '<p>' . $lang->get('page_detag_err_page_exists') . '</p>');
91
+ − 530
}
322
+ − 531
$q = $db->sql_query('DELETE FROM '.table_prefix.'tags WHERE page_id=\'' . $db->escape($paths->page_id) . '\' AND namespace=\'' . $paths->namespace . '\';');
91
+ − 532
if ( !$q )
+ − 533
$db->_die('Detag query, index.php:'.__LINE__);
220
+ − 534
die_friendly($lang->get('page_detag_success_title'), '<p>' . $lang->get('page_detag_success_body') . '</p>');
91
+ − 535
break;
0
+ − 536
case 'aclmanager':
+ − 537
$data = ( isset($_POST['data']) ) ? $_POST['data'] : Array('mode' => 'listgroups');
+ − 538
PageUtils::aclmanager($data);
+ − 539
break;
286
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 540
case 'sql_report':
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 541
$rev_id = ( (isset($_GET['oldid'])) ? intval($_GET['oldid']) : 0 );
322
+ − 542
$page = new PageProcessor( $paths->page_id, $paths->namespace, $rev_id );
286
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 543
$page->send_headers = true;
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 544
$pagepass = ( isset($_REQUEST['pagepass']) ) ? sha1($_REQUEST['pagepass']) : '';
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 545
$page->password = $pagepass;
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 546
$page->send(true);
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 547
ob_end_clean();
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 548
ob_start();
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 549
$db->sql_report();
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 550
break;
0
+ − 551
}
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 552
0
+ − 553
//
+ − 554
// Optimize HTML by replacing newlines with spaces (excludes <pre>, <script>, and <style> blocks)
+ − 555
//
+ − 556
if ($aggressive_optimize_html)
+ − 557
{
+ − 558
// Load up the HTML
+ − 559
$html = ob_get_contents();
286
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 560
@ob_end_clean();
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 561
80
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 562
$html = aggressive_optimize_html($html);
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 563
0
+ − 564
// Re-enable output buffering to allow the Gzip function (below) to work
+ − 565
ob_start();
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 566
0
+ − 567
// Done, send it to the user
+ − 568
echo( $html );
+ − 569
}
80
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 570
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 571
$db->close();
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 572
gzip_output();
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 573
0
+ − 574
?>