# HG changeset patch
# User Dan
# Date 1196279163 18000
# Node ID 39c132e69781eb0c2dfc359879c4769e98017e54
# Parent  b3cfaf0a505c4ac1ea7c1155daec386f6b7f8955
Hopefully now all calls to escape() are replaced with ajaxEscape() in response to Tomasz's forum post; remove deprecated version of show_category_info() from functions.php

diff -r b3cfaf0a505c -r 39c132e69781 includes/clientside/static/ajax.js
--- a/includes/clientside/static/ajax.js	Sun Nov 25 17:53:03 2007 -0500
+++ b/includes/clientside/static/ajax.js	Wed Nov 28 14:46:03 2007 -0500
@@ -234,7 +234,7 @@
   document.getElementById('protbtn_1').style.textDecoration = 'none';
   document.getElementById('protbtn_2').style.textDecoration = 'none';
   document.getElementById('protbtn_'+l).style.textDecoration = 'underline';
-  ajaxPost(stdAjaxPrefix+'&_mode=protect', 'reason='+escape(r)+'&level='+l, function() {
+  ajaxPost(stdAjaxPrefix+'&_mode=protect', 'reason='+ajaxEscape(r)+'&level='+l, function() {
     if(ajax.readyState == 4) {
       unsetAjaxLoading();
       if(ajax.responseText != 'good')
@@ -251,7 +251,7 @@
   r = prompt('What title should this page be renamed to?\nNote: This does not and will never change the URL of this page, that must be done from the admin panel.');
   if(!r || r=='') return;
   setAjaxLoading();
-  ajaxPost(stdAjaxPrefix+'&_mode=rename', 'newtitle='+escape(r), function() {
+  ajaxPost(stdAjaxPrefix+'&_mode=rename', 'newtitle='+ajaxEscape(r), function() {
     if(ajax.readyState == 4) {
       unsetAjaxLoading();
       alert(ajax.responseText);
@@ -289,7 +289,7 @@
     return;
   }
   setAjaxLoading();
-  ajaxPost(stdAjaxPrefix+'&_mode=deletepage', 'reason=' + escape(reason), function() {
+  ajaxPost(stdAjaxPrefix+'&_mode=deletepage', 'reason=' + ajaxEscape(reason), function() {
     if(ajax.readyState == 4) {
       unsetAjaxLoading();
       alert(ajax.responseText);
@@ -661,7 +661,7 @@
     return true;
   }
   
-  ajaxPost(stdAjaxPrefix + '&_mode=change_theme', 'theme_id=' + escape(theme_id) + '&style_id=' + escape(style_id), function()
+  ajaxPost(stdAjaxPrefix + '&_mode=change_theme', 'theme_id=' + ajaxEscape(theme_id) + '&style_id=' + ajaxEscape(style_id), function()
     {
       if ( ajax.readyState == 4 )
       {
diff -r b3cfaf0a505c -r 39c132e69781 includes/functions.php
--- a/includes/functions.php	Sun Nov 25 17:53:03 2007 -0500
+++ b/includes/functions.php	Wed Nov 28 14:46:03 2007 -0500
@@ -552,94 +552,6 @@
  * Prints out the categorization box found on most regular pages. Doesn't take or return anything, but assumes that the page information is already set in $paths.
  */
 
- /*
-function show_category_info()
-{
-  global $db, $session, $paths, $template, $plugins; // Common objects
-  dc_here('functions: showing category info');
-  // if($template->no_headers && !strpos($_SERVER['REQUEST_URI'], 'ajax.php')) return '';
-  if ( $paths->namespace == 'Category' )
-  {
-    $q = $db->sql_query('SELECT page_id,namespace FROM '.table_prefix.'categories WHERE category_id=\''.$paths->cpage['urlname_nons'].'\' AND namespace=\'Category\' ORDER BY page_id;');
-    if(!$q) $db->_die('The category information could not be selected.');
-    $ticker = -1;
-    echo '<h3>Subcategories</h3>';
-    if($db->numrows() < 1) echo '<p>There are no subcategories in this category.</p>';
-    echo '<table border="0" cellspacing="1" cellpadding="4">';
-    while($row = $db->fetchrow())
-    {
-      $ticker++;
-      if ( $ticker == 3 )
-      {
-        $ticker = 0;
-      }
-      if ( $ticker == 0 )
-      {
-        echo '<tr>';
-      }
-      echo '<td style="width: 200px;"><a href="' . makeUrlNS($row['namespace'], $row['page_id']) . '">' . htmlspecialchars($paths->pages[$paths->nslist[$row['namespace']].$row['page_id']]['name']) . '</a></td>';
-      if ( $ticker == 2 )
-      {
-        echo '</tr>';
-      }
-    }
-    $db->free_result();
-    if($ticker) echo '</tr>';
-    echo '</table>';
-
-    $q = $db->sql_query('SELECT page_id,namespace FROM '.table_prefix.'categories WHERE category_id=\''.$paths->cpage['urlname_nons'].'\' AND namespace!=\'Category\' ORDER BY page_id;');
-    if ( !$q )
-    {
-      $db->_die('The category information could not be selected.');
-    }
-    $ticker = -1;
-    echo '<h3>Pages</h3>';
-    if ( $db->numrows() < 1 )
-    {
-      echo '<p>There are no pages in this category.</p>';
-    }
-    echo '<table border="0" cellspacing="1" cellpadding="4">';
-    while($row = $db->fetchrow())
-    {
-      $ticker += ( $ticker == 3 ) ? -3 : 1;
-      if ( $ticker == 0 )
-      {
-        echo '<tr>';
-      }
-      echo '<td style="width: 200px;"><a href="'.makeUrlNS($row['namespace'], $row['page_id']).'">'.htmlspecialchars($paths->pages[$paths->nslist[$row['namespace']].$row['page_id']]['name']).'</a></td>';
-      if ( $ticker == 2 )
-      {
-        echo '</tr>';
-      }
-    }
-    $db->free_result();
-    if($ticker) echo '</tr>';
-    echo '</table><br /><br />';
-  }
-  $q = $db->sql_query('SELECT category_id FROM '.table_prefix.'categories WHERE page_id=\''.$paths->cpage['urlname_nons'].'\' AND namespace=\''.$paths->namespace.'\'');
-  if(!$q) $db->_die('The error seems to have occurred during selection of category data.');
-  if($db->numrows() > 0) {
-    echo '<div class="mdg-comment" style="margin-left: 0;">Categories: ';
-    $i=0;
-    while($r = $db->fetchrow())
-    {
-      if($i>0) echo ', ';
-      $i++;
-      echo '<a href="'.makeUrlNS('Category', $r['category_id']).'">'.$paths->pages[$paths->nslist['Category'].$r['category_id']]['name'].'</a>';
-    }
-    if( ( $paths->wiki_mode && !$paths->page_protected ) || ( $session->get_permissions('edit_cat') && $session->get_permissions('even_when_protected') ) ) echo ' [ <a href="'.makeUrl($paths->page, 'do=catedit', true).'" onclick="ajaxCatEdit(); return false;">edit categorization</a> ]</div>';
-  } 
-  else
-  {
-    echo '<div class="mdg-comment" style="margin-left: 0;">Categories: ';
-    echo '(Uncategorized)';
-    if( ( $paths->wiki_mode && !$paths->page_protected ) || ( $session->get_permissions('edit_cat') && $session->get_permissions('even_when_protected') ) ) echo ' [ <a href="'.makeUrl($paths->page, 'do=catedit', true).'" onclick="ajaxCatEdit(); return false;">edit categorization</a> ]</div>';
-    else echo '</div>';
-  }
-  $db->free_result();
-}
-*/
-
 function show_category_info()
 {
   global $db, $session, $paths, $template, $plugins; // Common objects
diff -r b3cfaf0a505c -r 39c132e69781 themes/oxygen/header.tpl
--- a/themes/oxygen/header.tpl	Sun Nov 25 17:53:03 2007 -0500
+++ b/themes/oxygen/header.tpl	Wed Nov 28 14:46:03 2007 -0500
@@ -94,7 +94,7 @@
         elem1.appendChild(document.createTextNode(value));
         elem1.style.display = 'block';
         if(!value || value=='') return;
-        ajaxPost(stdAjaxPrefix+'&_mode=rename', 'newtitle='+escape(value), function() {
+        ajaxPost(stdAjaxPrefix+'&_mode=rename', 'newtitle='+ajaxEscape(value), function() {
           if(ajax.readyState == 4) {
             alert(ajax.responseText);
           }
diff -r b3cfaf0a505c -r 39c132e69781 themes/stpatty/header.tpl
--- a/themes/stpatty/header.tpl	Sun Nov 25 17:53:03 2007 -0500
+++ b/themes/stpatty/header.tpl	Wed Nov 28 14:46:03 2007 -0500
@@ -45,7 +45,7 @@
         elem1.appendChild(document.createTextNode(value));
         elem1.style.display = 'block';
         if(!value || value=='') return;
-        ajaxPost(stdAjaxPrefix+'&_mode=rename', 'newtitle='+escape(value), function() {
+        ajaxPost(stdAjaxPrefix+'&_mode=rename', 'newtitle='+ajaxEscape(value), function() {
           if(ajax.readyState == 4) {
             alert(ajax.responseText);
           }