0
+ − 1 <?php
73
0a74676a2f2f
Made the move to Loch Ness, and got some basic page grouping functionality working. TODO: fix some UI issues in Javascript ACL editor and change non-JS ACL editor to work with page groups too
Dan
diff
changeset
+ − 2
166
+ − 3 /*
0
+ − 4 * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
411
+ − 5 * Version 1.1.2
0
+ − 6 * Copyright (C) 2006-2007 Dan Fuhry
+ − 7 *
+ − 8 * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
+ − 9 * as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
+ − 10 *
+ − 11 * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ − 12 * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
+ − 13 *
246
+ − 14 * @package Enano
+ − 15 * @subpackage Frontend
+ − 16 *
0
+ − 17 */
246
+ − 18
311
a007145a0ff6
Deprecated debugConsole and removed all calls to it. Added a lot of comments to common.php. Added support for "anonymous pages" that are created when the Enano API is loaded from an external script. Fixed missing border-bottom on Type 2 sidebar blocks in Oxygen.
Dan
diff
changeset
+ − 19 define('ENANO_INTERFACE_INDEX', '');
372
5bd429428101
A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager
Dan
diff
changeset
+ − 20
5bd429428101
A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager
Dan
diff
changeset
+ − 21 // For the mighty and brave.
383
1030864dc319
Fixed SYSMSG tag in templates causing problems; commented out ENANO_DEBUG; fixed bad table prefix in installer payload logic
Dan
diff
changeset
+ − 22 // define('ENANO_DEBUG', '');
311
a007145a0ff6
Deprecated debugConsole and removed all calls to it. Added a lot of comments to common.php. Added support for "anonymous pages" that are created when the Enano API is loaded from an external script. Fixed missing border-bottom on Type 2 sidebar blocks in Oxygen.
Dan
diff
changeset
+ − 23
81
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 24 // Set up gzip encoding before any output is sent
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 25
334
c72b545f1304
More localization work. Resolved major issue with JSON parser not parsing files over ~50KB. Switched JSON parser to the one from the Zend Framework (BSD licensed). Forced to split enano.json into five different files.
Dan
diff
changeset
+ − 26 $aggressive_optimize_html = true;
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 27
0
+ − 28 global $do_gzip;
334
c72b545f1304
More localization work. Resolved major issue with JSON parser not parsing files over ~50KB. Switched JSON parser to the one from the Zend Framework (BSD licensed). Forced to split enano.json into five different files.
Dan
diff
changeset
+ − 29 $do_gzip = true;
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 30
0
+ − 31 if(isset($_SERVER['PATH_INFO'])) $v = $_SERVER['PATH_INFO'];
+ − 32 elseif(isset($_GET['title'])) $v = $_GET['title'];
+ − 33 else $v = '';
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 34
80
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 35 if ( isset($_GET['nocompress']) )
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 36 $aggressive_optimize_html = false;
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 37
0
+ − 38 error_reporting(E_ALL);
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 39
0
+ − 40 if($aggressive_optimize_html || $do_gzip)
+ − 41 {
+ − 42 ob_start();
+ − 43 }
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 44
0
+ − 45 require('includes/common.php');
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 46
0
+ − 47 global $db, $session, $paths, $template, $plugins; // Common objects
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 48
307
+ − 49 if ( !isset($_GET['do']) )
+ − 50 {
+ − 51 $_GET['do'] = 'view';
+ − 52 }
0
+ − 53 switch($_GET['do'])
+ − 54 {
+ − 55 default:
285
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 56 die_friendly('Invalid action', '<p>The action "'.htmlspecialchars($_GET['do']).'" is not defined. Return to <a href="'.makeUrl($paths->page).'">viewing this page\'s text</a>.</p>');
0
+ − 57 break;
+ − 58 case 'view':
+ − 59 // echo PageUtils::getpage($paths->page, true, ( (isset($_GET['oldid'])) ? $_GET['oldid'] : false ));
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 60 $rev_id = ( (isset($_GET['oldid'])) ? intval($_GET['oldid']) : 0 );
322
+ − 61 $page = new PageProcessor( $paths->page_id, $paths->namespace, $rev_id );
0
+ − 62 $page->send_headers = true;
32
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 63 $pagepass = ( isset($_REQUEST['pagepass']) ) ? sha1($_REQUEST['pagepass']) : '';
4d87aad3c4c0
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Dan
diff
changeset
+ − 64 $page->password = $pagepass;
61
+ − 65 $page->send(true);
0
+ − 66 break;
+ − 67 case 'comments':
+ − 68 $template->header();
+ − 69 $sub = ( isset ($_GET['sub']) ) ? $_GET['sub'] : false;
+ − 70 switch($sub)
+ − 71 {
+ − 72 case 'admin':
+ − 73 default:
+ − 74 $act = ( isset ($_GET['action']) ) ? $_GET['action'] : false;
+ − 75 $id = ( isset ($_GET['id']) ) ? intval($_GET['id']) : -1;
322
+ − 76 echo PageUtils::comments_html($paths->page_id, $paths->namespace, $act, Array('id'=>$id));
0
+ − 77 break;
+ − 78 case 'postcomment':
+ − 79 if(empty($_POST['name']) ||
+ − 80 empty($_POST['subj']) ||
+ − 81 empty($_POST['text'])
+ − 82 ) { echo 'Invalid request'; break; }
+ − 83 $cid = ( isset($_POST['captcha_id']) ) ? $_POST['captcha_id'] : false;
+ − 84 $cin = ( isset($_POST['captcha_input']) ) ? $_POST['captcha_input'] : false;
322
+ − 85 PageUtils::addcomment($paths->page_id, $paths->namespace, $_POST['name'], $_POST['subj'], $_POST['text'], $cin, $cid); // All filtering, etc. is handled inside this method
+ − 86 echo PageUtils::comments_html($paths->page_id, $paths->namespace);
0
+ − 87 break;
+ − 88 case 'editcomment':
+ − 89 if(!isset($_GET['id']) || ( isset($_GET['id']) && !preg_match('#^([0-9]+)$#', $_GET['id']) )) { echo '<p>Invalid comment ID</p>'; break; }
+ − 90 $q = $db->sql_query('SELECT subject,comment_data,comment_id FROM '.table_prefix.'comments WHERE comment_id='.$_GET['id']);
+ − 91 if(!$q) $db->_die('The comment data could not be selected.');
+ − 92 $row = $db->fetchrow();
+ − 93 $db->free_result();
213
+ − 94 $row['subject'] = str_replace('\'', ''', $row['subject']);
0
+ − 95 echo '<form action="'.makeUrl($paths->page, 'do=comments&sub=savecomment').'" method="post">';
+ − 96 echo "<br /><div class='tblholder'><table border='0' width='100%' cellspacing='1' cellpadding='4'>
213
+ − 97 <tr><td class='row1'>" . $lang->get('comment_postform_field_subject') . "</td><td class='row1'><input type='text' name='subj' value='{$row['subject']}' /></td></tr>
+ − 98 <tr><td class='row2'>" . $lang->get('comment_postform_field_comment') . "</td><td class='row2'><textarea rows='10' cols='40' style='width: 98%;' name='text'>{$row['comment_data']}</textarea></td></tr>
+ − 99 <tr><td class='row1' colspan='2' class='row1' style='text-align: center;'><input type='hidden' name='id' value='{$row['comment_id']}' /><input type='submit' value='" . $lang->get('etc_save_changes') . "' /></td></tr>
0
+ − 100 </table></div>";
+ − 101 echo '</form>';
+ − 102 break;
+ − 103 case 'savecomment':
+ − 104 if(empty($_POST['subj']) || empty($_POST['text'])) { echo '<p>Invalid request</p>'; break; }
322
+ − 105 $r = PageUtils::savecomment_neater($paths->page_id, $paths->namespace, $_POST['subj'], $_POST['text'], (int)$_POST['id']);
0
+ − 106 if($r != 'good') { echo "<pre>$r</pre>"; break; }
322
+ − 107 echo PageUtils::comments_html($paths->page_id, $paths->namespace);
0
+ − 108 break;
+ − 109 case 'deletecomment':
+ − 110 if(!empty($_GET['id']))
+ − 111 {
322
+ − 112 PageUtils::deletecomment_neater($paths->page_id, $paths->namespace, (int)$_GET['id']);
0
+ − 113 }
322
+ − 114 echo PageUtils::comments_html($paths->page_id, $paths->namespace);
0
+ − 115 break;
+ − 116 }
+ − 117 $template->footer();
+ − 118 break;
+ − 119 case 'edit':
285
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 120 if(isset($_POST['_cancel']))
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 121 {
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 122 redirect(makeUrl($paths->page), '', '', 0);
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 123 break;
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 124 }
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 125 if(isset($_POST['_save']))
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 126 {
337
+ − 127 $captcha_valid = true;
+ − 128 if ( !$session->user_logged_in && getConfig('guest_edit_require_captcha') == '1' )
285
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 129 {
337
+ − 130 $captcha_valid = false;
+ − 131 if ( isset($_POST['captcha_id']) && isset($_POST['captcha_code']) )
+ − 132 {
+ − 133 $hash_correct = strtolower($session->get_captcha($_POST['captcha_id']));
+ − 134 $hash_input = strtolower($_POST['captcha_code']);
+ − 135 if ( $hash_input === $hash_correct )
+ − 136 $captcha_valid = true;
+ − 137 }
+ − 138 }
+ − 139 if ( $captcha_valid )
+ − 140 {
+ − 141 $e = PageUtils::savepage($paths->page_id, $paths->namespace, $_POST['page_text'], $_POST['edit_summary'], isset($_POST['minor']));
+ − 142 if ( $e == 'good' )
+ − 143 {
+ − 144 redirect(makeUrl($paths->page), $lang->get('editor_msg_save_success_title'), $lang->get('editor_msg_save_success_body'), 3);
+ − 145 }
285
7846d45bd250
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan
diff
changeset
+ − 146 }
0
+ − 147 }
+ − 148 $template->header();
337
+ − 149 if ( isset($captcha_valid) )
+ − 150 {
+ − 151 echo '<div class="usermessage">' . $lang->get('editor_err_captcha_wrong') . '</div>';
+ − 152 }
0
+ − 153 if(isset($_POST['_preview']))
+ − 154 {
+ − 155 $text = $_POST['page_text'];
408
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 156 $edsumm = $_POST['edit_summary'];
0
+ − 157 echo PageUtils::genPreview($_POST['page_text']);
220
+ − 158 $text = htmlspecialchars($text);
408
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 159 $revid = 0;
0
+ − 160 }
220
+ − 161 else
+ − 162 {
408
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 163 $revid = ( isset($_GET['revid']) ) ? intval($_GET['revid']) : 0;
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 164 $page = new PageProcessor($paths->page_id, $paths->namespace, $revid);
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 165 $text = $page->fetch_source();
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 166 $edsumm = '';
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 167 // $text = RenderMan::getPage($paths->cpage['urlname_nons'], $paths->namespace, 0, false, false, false, false);
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 168 }
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 169 if ( $revid > 0 )
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 170 {
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 171 echo '<div class="usermessage">' . $lang->get('editor_msg_editing_old_revision') . '</div>';
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 172 // Retrieve information about this revision and the current one
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 173 $q = $db->sql_query('SELECT l1.author AS currentrev_author, l2.author AS oldrev_author FROM ' . table_prefix . 'logs AS l1
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 174 LEFT JOIN ' . table_prefix . 'logs AS l2
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 175 ON ( l2.time_id = ' . $revid . '
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 176 AND l2.log_type = \'page\'
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 177 AND l2.action = \'edit\'
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 178 AND l2.page_id = \'ACL_Tests\'
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 179 AND l2.namespace = \'Article\'
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 180 )
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 181 WHERE l1.log_type = \'page\'
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 182 AND l1.action = \'edit\'
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 183 AND l1.page_id = \'ACL_Tests\'
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 184 AND l1.namespace = \'Article\'
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 185 AND l1.time_id >= ' . $revid . '
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 186 ORDER BY l1.time_id DESC;');
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 187 if ( !$q )
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 188 $db->die_json();
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 189
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 190 $rev_count = $db->numrows() - 1;
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 191 $row = $db->fetchrow();
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 192 $undo_info = array(
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 193 'old_author' => $row['oldrev_author'],
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 194 'current_author' => $row['currentrev_author'],
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 195 'undo_count' => $rev_count,
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 196 'last_rev_id' => $revid
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 197 );
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 198 $db->free_result();
220
+ − 199 }
0
+ − 200 echo '
+ − 201 <form action="'.makeUrl($paths->page, 'do=edit').'" method="post" enctype="multipart/form-data">
+ − 202 <br />
+ − 203 <textarea name="page_text" rows="20" cols="60" style="width: 97%;">'.$text.'</textarea><br />
+ − 204 <br />
+ − 205 ';
408
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 206 $edsumm = ( $revid > 0 ) ? $lang->get('editor_reversion_edit_summary', $undo_info) : $edsumm;
7ecbe721217c
Modified editor and rename functions to go through the API when rolling back. This causes rollbacks to be logged.
Dan
diff
changeset
+ − 207 echo $lang->get('editor_lbl_edit_summary') . ' <input name="edit_summary" type="text" size="40" value="' . htmlspecialchars($edsumm) . '" /><br /><label><input type="checkbox" name="minor" /> ' . $lang->get('editor_lbl_minor_edit_field') . '</label><br />';
337
+ − 208 if ( !$session->user_logged_in && getConfig('guest_edit_require_captcha') == '1' )
+ − 209 {
+ − 210 echo '<br /><table border="0"><tr><td>';
+ − 211 echo '<b>' . $lang->get('editor_lbl_field_captcha') . '</b><br />'
+ − 212 . '<br />'
+ − 213 . $lang->get('editor_msg_captcha_pleaseenter') . '<br /><br />'
+ − 214 . $lang->get('editor_msg_captcha_blind');
+ − 215 echo '</td><td>';
+ − 216 $hash = $session->make_captcha();
+ − 217 echo '<img src="' . makeUrlNS('Special', "Captcha/$hash") . '" onclick="this.src+=\'/a\'" style="cursor: pointer;" /><br />';
+ − 218 echo '<input type="hidden" name="captcha_id" value="' . $hash . '" />';
+ − 219 echo $lang->get('editor_lbl_field_captcha_code') . ' <input type="text" name="captcha_code" value="" size="9" />';
+ − 220 echo '</td></tr></table>';
+ − 221 }
0
+ − 222 echo '<br />
220
+ − 223 <input type="submit" name="_save" value="' . $lang->get('editor_btn_save') . '" style="font-weight: bold;" />
+ − 224 <input type="submit" name="_preview" value="' . $lang->get('editor_btn_preview') . '" />
+ − 225 <input type="submit" name="_revert" value="' . $lang->get('editor_btn_revert') . '" />
+ − 226 <input type="submit" name="_cancel" value="' . $lang->get('editor_btn_cancel') . '" />
0
+ − 227 </form>
+ − 228 ';
160
+ − 229 if ( getConfig('wiki_edit_notice') == '1' )
+ − 230 {
+ − 231 $notice = getConfig('wiki_edit_notice_text');
+ − 232 echo RenderMan::render($notice);
+ − 233 }
0
+ − 234 $template->footer();
+ − 235 break;
+ − 236 case 'viewsource':
+ − 237 $template->header();
322
+ − 238 $text = RenderMan::getPage($paths->page_id, $paths->namespace, 0, false, false, false, false);
391
85f91037cd4f
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
Dan
diff
changeset
+ − 239 $text = htmlspecialchars($text);
0
+ − 240 echo '
+ − 241 <form action="'.makeUrl($paths->page, 'do=edit').'" method="post">
+ − 242 <br />
+ − 243 <textarea readonly="readonly" name="page_text" rows="20" cols="60" style="width: 97%;">'.$text.'</textarea>';
+ − 244 echo '<br />
220
+ − 245 <input type="submit" name="_cancel" value="' . $lang->get('editor_btn_closeviewer') . '" />
0
+ − 246 </form>
+ − 247 ';
+ − 248 $template->footer();
+ − 249 break;
+ − 250 case 'history':
322
+ − 251 $hist = PageUtils::histlist($paths->page_id, $paths->namespace);
0
+ − 252 $template->header();
+ − 253 echo $hist;
+ − 254 $template->footer();
+ − 255 break;
+ − 256 case 'rollback':
+ − 257 $id = (isset($_GET['id'])) ? $_GET['id'] : false;
+ − 258 if(!$id || !preg_match('#^([0-9]+)$#', $id)) die_friendly('Invalid action ID', '<p>The URL parameter "id" is not an integer. Exiting to prevent nasties like SQL injection, etc.</p>');
+ − 259 $rb = PageUtils::rollback( (int) $id );
+ − 260 $template->header();
+ − 261 echo '<p>'.$rb.' <a href="'.makeUrl($paths->page).'">Return to the page</a>.</p>';
+ − 262 $template->footer();
+ − 263 break;
+ − 264 case 'catedit':
+ − 265 if(isset($_POST['__enanoSaveButton']))
+ − 266 {
+ − 267 unset($_POST['__enanoSaveButton']);
322
+ − 268 $val = PageUtils::catsave($paths->page_id, $paths->namespace, $_POST);
0
+ − 269 if($val == 'GOOD')
+ − 270 {
+ − 271 header('Location: '.makeUrl($paths->page)); echo '<html><head><title>Redirecting...</title></head><body>If you haven\'t been redirected yet, <a href="'.makeUrl($paths->page).'">click here</a>.'; break;
+ − 272 } else {
+ − 273 die_friendly('Error saving category information', '<p>'.$val.'</p>');
+ − 274 }
+ − 275 }
+ − 276 elseif(isset($_POST['__enanoCatCancel']))
+ − 277 {
+ − 278 header('Location: '.makeUrl($paths->page)); echo '<html><head><title>Redirecting...</title></head><body>If you haven\'t been redirected yet, <a href="'.makeUrl($paths->page).'">click here</a>.'; break;
+ − 279 }
+ − 280 $template->header();
322
+ − 281 $c = PageUtils::catedit_raw($paths->page_id, $paths->namespace);
0
+ − 282 echo $c[1];
+ − 283 $template->footer();
+ − 284 break;
+ − 285 case 'moreoptions':
+ − 286 $template->header();
220
+ − 287 echo '<div class="menu_nojs" style="width: 150px; padding: 0;"><ul style="display: block;"><li><div class="label">' . $lang->get('ajax_lbl_moreoptions_nojs') . '</div><div style="clear: both;"></div></li>'.$template->toolbar_menu.'</ul></div>';
0
+ − 288 $template->footer();
+ − 289 break;
+ − 290 case 'protect':
+ − 291 if (!isset($_REQUEST['level'])) die_friendly('Invalid request', '<p>No protection level specified</p>');
+ − 292 if(!empty($_POST['reason']))
+ − 293 {
+ − 294 if(!preg_match('#^([0-2]*){1}$#', $_POST['level'])) die_friendly('Error protecting page', '<p>Request validation failed</p>');
322
+ − 295 PageUtils::protect($paths->page_id, $paths->namespace, intval($_POST['level']), $_POST['reason']);
220
+ − 296
+ − 297 die_friendly($lang->get('page_protect_lbl_success_title'), '<p>' . $lang->get('page_protect_lbl_success_body', array( 'page_link' => makeUrl($paths->page) )) . '</p>');
0
+ − 298 }
+ − 299 $template->header();
+ − 300 ?>
+ − 301 <form action="<?php echo makeUrl($paths->page, 'do=protect'); ?>" method="post">
+ − 302 <input type="hidden" name="level" value="<?php echo $_REQUEST['level']; ?>" />
220
+ − 303 <?php if(isset($_POST['reason'])) echo '<p style="color: red;">' . $lang->get('page_protect_err_need_reason') . '</p>'; ?>
+ − 304 <p><?php echo $lang->get('page_protect_lbl_reason'); ?></p>
0
+ − 305 <p><input type="text" name="reason" size="40" /><br />
220
+ − 306 <?php echo $lang->get('page_protect_lbl_level'); ?> <b><?php
0
+ − 307 switch($_REQUEST['level'])
+ − 308 {
+ − 309 case '0':
220
+ − 310 echo $lang->get('page_protect_lbl_level_none');
0
+ − 311 break;
+ − 312 case '1':
220
+ − 313 echo $lang->get('page_protect_lbl_level_full');
0
+ − 314 break;
+ − 315 case '2':
220
+ − 316 echo $lang->get('page_protect_lbl_level_semi');
0
+ − 317 break;
+ − 318 default:
+ − 319 echo 'None;</b> Warning: request validation will fail after clicking submit<b>';
+ − 320 }
+ − 321 ?></b></p>
220
+ − 322 <p><input type="submit" value="<?php echo htmlspecialchars($lang->get('page_protect_btn_submit')) ?>" style="font-weight: bold;" /></p>
0
+ − 323 </form>
+ − 324 <?php
+ − 325 $template->footer();
+ − 326 break;
+ − 327 case 'rename':
+ − 328 if(!empty($_POST['newname']))
+ − 329 {
322
+ − 330 $r = PageUtils::rename($paths->page_id, $paths->namespace, $_POST['newname']);
304
+ − 331 die_friendly($lang->get('page_rename_success_title'), '<p>'.nl2br($r).' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>');
0
+ − 332 }
+ − 333 $template->header();
+ − 334 ?>
+ − 335 <form action="<?php echo makeUrl($paths->page, 'do=rename'); ?>" method="post">
220
+ − 336 <?php if(isset($_POST['newname'])) echo '<p style="color: red;">' . $lang->get('page_rename_err_need_name') . '</p>'; ?>
+ − 337 <p><?php echo $lang->get('page_rename_lbl'); ?></p>
0
+ − 338 <p><input type="text" name="newname" size="40" /></p>
220
+ − 339 <p><input type="submit" value="<?php echo htmlspecialchars($lang->get('page_rename_btn_submit')); ?>" style="font-weight: bold;" /></p>
0
+ − 340 </form>
+ − 341 <?php
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 342 $template->footer();
0
+ − 343 break;
+ − 344 case 'flushlogs':
220
+ − 345 if(!$session->get_permissions('clear_logs'))
+ − 346 {
+ − 347 die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>');
+ − 348 }
0
+ − 349 if(isset($_POST['_downthejohn']))
+ − 350 {
+ − 351 $template->header();
322
+ − 352 $result = PageUtils::flushlogs($paths->page_id, $paths->namespace);
220
+ − 353 echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>';
0
+ − 354 $template->footer();
+ − 355 break;
+ − 356 }
+ − 357 $template->header();
+ − 358 ?>
+ − 359 <form action="<?php echo makeUrl($paths->page, 'do=flushlogs'); ?>" method="post">
220
+ − 360 <?php echo $lang->get('page_flushlogs_warning_stern'); ?>
+ − 361 <p><input type="submit" name="_downthejohn" value="<?php echo htmlspecialchars($lang->get('page_flushlogs_btn_submit')); ?>" style="color: red; font-weight: bold;" /></p>
0
+ − 362 </form>
+ − 363 <?php
+ − 364 $template->footer();
+ − 365 break;
+ − 366 case 'delvote':
+ − 367 if(isset($_POST['_ballotbox']))
+ − 368 {
+ − 369 $template->header();
322
+ − 370 $result = PageUtils::delvote($paths->page_id, $paths->namespace);
220
+ − 371 echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>';
0
+ − 372 $template->footer();
+ − 373 break;
+ − 374 }
+ − 375 $template->header();
+ − 376 ?>
+ − 377 <form action="<?php echo makeUrl($paths->page, 'do=delvote'); ?>" method="post">
220
+ − 378 <?php
+ − 379 echo $lang->get('page_delvote_warning_stern');
+ − 380 echo '<p>';
+ − 381 switch($paths->cpage['delvotes'])
+ − 382 {
+ − 383 case 0: echo $lang->get('page_delvote_count_zero'); break;
+ − 384 case 1: echo $lang->get('page_delvote_count_one'); break;
+ − 385 default: echo $lang->get('page_delvote_count_plural', array('delvotes' => $paths->cpage['delvotes'])); break;
+ − 386 }
+ − 387 echo '</p>';
+ − 388 ?>
+ − 389 <p><input type="submit" name="_ballotbox" value="<?php echo htmlspecialchars($lang->get('page_delvote_btn_submit')); ?>" /></p>
0
+ − 390 </form>
+ − 391 <?php
+ − 392 $template->footer();
+ − 393 break;
+ − 394 case 'resetvotes':
220
+ − 395 if(!$session->get_permissions('vote_reset'))
+ − 396 {
+ − 397 die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>');
+ − 398 }
0
+ − 399 if(isset($_POST['_youmaylivealittlelonger']))
+ − 400 {
+ − 401 $template->header();
322
+ − 402 $result = PageUtils::resetdelvotes($paths->page_id, $paths->namespace);
220
+ − 403 echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>';
0
+ − 404 $template->footer();
+ − 405 break;
+ − 406 }
+ − 407 $template->header();
+ − 408 ?>
+ − 409 <form action="<?php echo makeUrl($paths->page, 'do=resetvotes'); ?>" method="post">
220
+ − 410 <p><?php echo $lang->get('ajax_delvote_reset_confirm'); ?></p>
+ − 411 <p><input type="submit" name="_youmaylivealittlelonger" value="<?php echo htmlspecialchars($lang->get('page_delvote_reset_btn_submit')); ?>" /></p>
0
+ − 412 </form>
+ − 413 <?php
+ − 414 $template->footer();
+ − 415 break;
+ − 416 case 'deletepage':
220
+ − 417 if(!$session->get_permissions('delete_page'))
+ − 418 {
+ − 419 die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>');
+ − 420 }
0
+ − 421 if(isset($_POST['_adiossucker']))
+ − 422 {
28
+ − 423 $reason = ( isset($_POST['reason']) ) ? $_POST['reason'] : false;
+ − 424 if ( empty($reason) )
220
+ − 425 $error = $lang->get('ajax_delete_prompt_reason');
28
+ − 426 else
+ − 427 {
+ − 428 $template->header();
322
+ − 429 $result = PageUtils::deletepage($paths->page_id, $paths->namespace, $reason);
220
+ − 430 echo '<p>'.$result.' <a href="'.makeUrl($paths->page).'">' . $lang->get('etc_return_to_page') . '</a>.</p>';
28
+ − 431 $template->footer();
+ − 432 break;
+ − 433 }
0
+ − 434 }
+ − 435 $template->header();
+ − 436 ?>
+ − 437 <form action="<?php echo makeUrl($paths->page, 'do=deletepage'); ?>" method="post">
220
+ − 438 <?php echo $lang->get('page_delete_warning_stern'); ?>
28
+ − 439 <?php if ( isset($error) ) echo "<p>$error</p>"; ?>
220
+ − 440 <p><?php echo $lang->get('page_delete_lbl_reason'); ?> <input type="text" name="reason" size="50" /></p>
+ − 441 <p><input type="submit" name="_adiossucker" value="<?php echo htmlspecialchars($lang->get('page_delete_btn_submit')); ?>" style="color: red; font-weight: bold;" /></p>
0
+ − 442 </form>
+ − 443 <?php
+ − 444 $template->footer();
+ − 445 break;
+ − 446 case 'setwikimode':
220
+ − 447 if(!$session->get_permissions('set_wiki_mode'))
+ − 448 {
+ − 449 die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>');
+ − 450 }
97
+ − 451 if ( isset($_POST['finish']) )
+ − 452 {
+ − 453 $level = intval($_POST['level']);
+ − 454 if ( !in_array($level, array(0, 1, 2) ) )
+ − 455 {
+ − 456 die_friendly('Invalid request', '<p>Level not specified</p>');
+ − 457 }
322
+ − 458 $q = $db->sql_query('UPDATE '.table_prefix.'pages SET wiki_mode=' . $level . ' WHERE urlname=\'' . $db->escape($paths->page_id) . '\' AND namespace=\'' . $paths->namespace . '\';');
97
+ − 459 if ( !$q )
+ − 460 $db->_die();
220
+ − 461 redirect(makeUrl($paths->page), htmlspecialchars($paths->cpage['name']), $lang->get('page_wikimode_success_redirect'), 2);
97
+ − 462 }
+ − 463 else
+ − 464 {
+ − 465 $template->header();
+ − 466 if(!isset($_GET['level']) || ( isset($_GET['level']) && !preg_match('#^([0-9])$#', $_GET['level']))) die_friendly('Invalid request', '<p>Level not specified</p>');
+ − 467 $level = intval($_GET['level']);
+ − 468 if ( !in_array($level, array(0, 1, 2) ) )
+ − 469 {
+ − 470 die_friendly('Invalid request', '<p>Level not specified</p>');
+ − 471 }
+ − 472 echo '<form action="' . makeUrl($paths->page, 'do=setwikimode', true) . '" method="post">';
+ − 473 echo '<input type="hidden" name="finish" value="foo" />';
+ − 474 echo '<input type="hidden" name="level" value="' . $level . '" />';
220
+ − 475 $level_txt = ( $level == 0 ) ? 'page_wikimode_level_off' : ( ( $level == 1 ) ? 'page_wikimode_level_on' : 'page_wikimode_level_global' );
+ − 476 $blurb = ( $level == 0 || ( $level == 2 && getConfig('wiki_mode') != '1' ) ) ? 'page_wikimode_blurb_disable' : 'page_wikimode_blurb_enable';
97
+ − 477 ?>
220
+ − 478 <h3><?php echo $lang->get('page_wikimode_heading'); ?></h3>
+ − 479 <p><?php echo $lang->get($level_txt) . ' ' . $lang->get($blurb); ?></p>
+ − 480 <p><?php echo $lang->get('page_wikimode_warning'); ?></p>
+ − 481 <p><input type="submit" value="<?php echo htmlspecialchars($lang->get('page_wikimode_btn_submit')); ?>" /></p>
97
+ − 482 <?php
+ − 483 echo '</form>';
+ − 484 $template->footer();
+ − 485 }
0
+ − 486 break;
+ − 487 case 'diff':
+ − 488 $template->header();
+ − 489 $id1 = ( isset($_GET['diff1']) ) ? (int)$_GET['diff1'] : false;
+ − 490 $id2 = ( isset($_GET['diff2']) ) ? (int)$_GET['diff2'] : false;
+ − 491 if(!$id1 || !$id2) { echo '<p>Invalid request.</p>'; $template->footer(); break; }
+ − 492 if(!preg_match('#^([0-9]+)$#', (string)$_GET['diff1']) ||
+ − 493 !preg_match('#^([0-9]+)$#', (string)$_GET['diff2'] )) { echo '<p>SQL injection attempt</p>'; $template->footer(); break; }
322
+ − 494 echo PageUtils::pagediff($paths->page_id, $paths->namespace, $id1, $id2);
0
+ − 495 $template->footer();
+ − 496 break;
91
+ − 497 case 'detag':
+ − 498 if ( $session->user_level < USER_LEVEL_ADMIN )
+ − 499 {
220
+ − 500 die_friendly($lang->get('etc_access_denied_short'), '<p>' . $lang->get('etc_access_denied') . '</p>');
91
+ − 501 }
+ − 502 if ( $paths->page_exists )
+ − 503 {
220
+ − 504 die_friendly($lang->get('etc_invalid_request_short'), '<p>' . $lang->get('page_detag_err_page_exists') . '</p>');
91
+ − 505 }
322
+ − 506 $q = $db->sql_query('DELETE FROM '.table_prefix.'tags WHERE page_id=\'' . $db->escape($paths->page_id) . '\' AND namespace=\'' . $paths->namespace . '\';');
91
+ − 507 if ( !$q )
+ − 508 $db->_die('Detag query, index.php:'.__LINE__);
220
+ − 509 die_friendly($lang->get('page_detag_success_title'), '<p>' . $lang->get('page_detag_success_body') . '</p>');
91
+ − 510 break;
0
+ − 511 case 'aclmanager':
+ − 512 $data = ( isset($_POST['data']) ) ? $_POST['data'] : Array('mode' => 'listgroups');
+ − 513 PageUtils::aclmanager($data);
+ − 514 break;
286
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 515 case 'sql_report':
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 516 $rev_id = ( (isset($_GET['oldid'])) ? intval($_GET['oldid']) : 0 );
322
+ − 517 $page = new PageProcessor( $paths->page_id, $paths->namespace, $rev_id );
286
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 518 $page->send_headers = true;
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 519 $pagepass = ( isset($_REQUEST['pagepass']) ) ? sha1($_REQUEST['pagepass']) : '';
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 520 $page->password = $pagepass;
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 521 $page->send(true);
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 522 ob_end_clean();
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 523 ob_start();
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 524 $db->sql_report();
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 525 break;
0
+ − 526 }
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 527
0
+ − 528 //
+ − 529 // Optimize HTML by replacing newlines with spaces (excludes <pre>, <script>, and <style> blocks)
+ − 530 //
+ − 531 if ($aggressive_optimize_html)
+ − 532 {
+ − 533 // Load up the HTML
+ − 534 $html = ob_get_contents();
286
b2f985e4cef3
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan
diff
changeset
+ − 535 @ob_end_clean();
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 536
80
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 537 $html = aggressive_optimize_html($html);
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 538
0
+ − 539 // Re-enable output buffering to allow the Gzip function (below) to work
+ − 540 ob_start();
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 541
0
+ − 542 // Done, send it to the user
+ − 543 echo( $html );
+ − 544 }
80
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 545
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 546 $db->close();
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 547 gzip_output();
42
45ebe475ff75
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
Dan
diff
changeset
+ − 548
0
+ − 549 ?>