# HG changeset patch # User Dan # Date 1201135002 18000 # Node ID b8fd21190ae162ead8fe0361109fd3ae8b8a3088 # Parent 62e1a6f3de84856443f508d86f43e2a280879fb3# Parent f725a16e4a2078f6be70a7b96f0471f0ddd9c702 Merging in a couple revisions from Nighthawk diff -r 62e1a6f3de84 -r b8fd21190ae1 includes/template.php --- a/includes/template.php Wed Jan 23 19:36:16 2008 -0500 +++ b/includes/template.php Wed Jan 23 19:36:42 2008 -0500 @@ -297,7 +297,7 @@ $tb .= $button->run(); } // Edit button - if($session->get_permissions('read') && ($paths->namespace != 'Special' && $paths->namespace != 'Admin') && ( $session->get_permissions('edit_page') && ( ( $paths->page_protected && $session->get_permissions('even_when_protected') ) || !$paths->page_protected ) ) ) + if($session->get_permissions('read') && ($paths->namespace != 'Special' && $paths->namespace != 'Admin' && $paths->namespace != 'Anonymous') && ( $session->get_permissions('edit_page') && ( ( $paths->page_protected && $session->get_permissions('even_when_protected') ) || !$paths->page_protected ) ) ) { $button->assign_vars(array( 'FLAGS' => 'onclick="if ( !KILL_SWITCH ) { void(ajaxEditor()); return false; }" title="Edit the contents of this page (alt-e)" accesskey="e"', diff -r 62e1a6f3de84 -r b8fd21190ae1 includes/wikiengine/Tables.php --- a/includes/wikiengine/Tables.php Wed Jan 23 19:36:16 2008 -0500 +++ b/includes/wikiengine/Tables.php Wed Jan 23 19:36:42 2008 -0500 @@ -280,11 +280,24 @@ // In Enano 1.0.3, added this cheapo hack to keep ampersands // from being double-sanitized. Thanks to markybob from #deluge. + + // htmlspecialchars() the "manual" way $encValue = strtr( $text, array( - '&' => '&' + '&' => '&', + '"' => '"', + '<' => '<', + '>' => '>', + ''' => "'" ) ); - $encValue = htmlspecialchars( $text ); + $encValue = strtr( $text, array( + '&' => '&', + '"' => '"', + '<' => '<', + '>' => '>', + "'" => ''' + ) ); + // Whitespace is normalized during attribute decoding, // so if we've been passed non-spaces we must encode them diff -r 62e1a6f3de84 -r b8fd21190ae1 install.php --- a/install.php Wed Jan 23 19:36:16 2008 -0500 +++ b/install.php Wed Jan 23 19:36:42 2008 -0500 @@ -495,20 +495,7 @@ $admin_user = str_replace('_', ' ', $admin_user); $admin_user = $db->escape($admin_user); - switch ( $_POST['db_driver'] ) - { - case 'mysql': - $schema_file = 'schema.sql'; - break; - case 'postgresql': - $schema_file = 'schema-pg.sql'; - break; - } - - if ( !isset($schema_file) ) - die('insanity'); - - $schema = file_get_contents($schema_file); + $schema = file_get_contents('schema.sql'); $schema = str_replace('{{SITE_NAME}}', $db->escape($_POST['sitename'] ), $schema); $schema = str_replace('{{SITE_DESC}}', $db->escape($_POST['sitedesc'] ), $schema); $schema = str_replace('{{COPYRIGHT}}', $db->escape($_POST['copyright'] ), $schema); @@ -1249,76 +1236,6 @@ Choose a database driver'; - echo '
The next step is to choose the database driver that Enano will use. In most cases this is MySQL, but there are certain - advantages to PostgreSQL, which is made available only experimentally.
'; - if ( @file_exists('/etc/enano-is-virt-appliance') ) - { - echo 'You\'re using the Enano virtual appliance.
Unless you configured the appliance manually, PostgreSQL support is not available. In 99% of cases you\'ll want to click MySQL below.