Merge branch 'master' into stable

* master: (413 commits)
  release preparation
  fixed strict violation in ACL plugin
  Fix issues from teams:i18n:translation-check in localizations
  ensure locale is set back to the original value
  skip FS#2867 test if \s doesn't match \xA0 after attempting to change the locale
  unittests for auth_loadACL
  translation update
  allow charset for SSO to be configured FS#2148
  Mailer: avoid overlong headers in content ids FS#2868
  translation update
  translation update
  replace \s, \S with [ \t], [^ \t] in regexs used with acls
  translation update
  translation update
  translation update
  translation update
  Fix handling of the legacy subscription action name
  remove obsolete opera handling and session closing
  remove no longer used ajax.php
  fix proxy CONNECT where HTTP 1.1 answer is given
  ...

1 files changed, 80 insertions, 52 deletions

diff --git a/inc/html.php b/inc/html.php
index fb39fcb3c..bbe29e371 100644
--- a/inc/html.php
+++ b/inc/html.php
@@ -428,7 +428,7 @@ function html_revisions($first=0, $media_id = false){
     global $conf;
     global $lang;
     $id = $ID;
-    /* we need to get one additionally log entry to be able to
+    /* we need to get one additional log entry to be able to
      * decide if this is the last page or is there another one.
      * see html_recent()
      */
@@ -575,18 +575,18 @@ function html_revisions($first=0, $media_id = false){
         if ($info['sum']) {
             $form->addElement(form_makeOpenTag('span', array('class' => 'sum')));
             if (!$media_id) $form->addElement(' – ');
-            $form->addElement(htmlspecialchars($info['sum']));
+            $form->addElement('<bdi>'.htmlspecialchars($info['sum']).'</bdi>');
             $form->addElement(form_makeCloseTag('span'));
         }
 
         $form->addElement(form_makeOpenTag('span', array('class' => 'user')));
         if($info['user']){
-            $form->addElement(editorinfo($info['user']));
+            $form->addElement('<bdi>'.editorinfo($info['user']).'</bdi>');
             if(auth_ismanager()){
-                $form->addElement(' ('.$info['ip'].')');
+                $form->addElement(' <bdo dir="ltr">('.$info['ip'].')</bdo>');
             }
         }else{
-            $form->addElement($info['ip']);
+            $form->addElement('<bdo dir="ltr">'.$info['ip'].'</bdo>');
         }
         $form->addElement(form_makeCloseTag('span'));
 
@@ -774,12 +774,12 @@ function html_recent($first=0, $show_changes='both'){
 
         $form->addElement(form_makeOpenTag('span', array('class' => 'user')));
         if($recent['user']){
-            $form->addElement(editorinfo($recent['user']));
+            $form->addElement('<bdi>'.editorinfo($recent['user']).'</bdi>');
             if(auth_ismanager()){
-                $form->addElement(' ('.$recent['ip'].')');
+                $form->addElement(' <bdo dir="ltr">('.$recent['ip'].')</bdo>');
             }
         }else{
-            $form->addElement($recent['ip']);
+            $form->addElement('<bdo dir="ltr">'.$recent['ip'].'</bdo>');
         }
         $form->addElement(form_makeCloseTag('span'));
 
@@ -854,12 +854,17 @@ function html_index($ns){
  * @author Andreas Gohr <andi@splitbrain.org>
  */
 function html_list_index($item){
-    global $ID;
+    global $ID, $conf;
+
+    // prevent searchbots needlessly following links
+    $nofollow = ($ID != $conf['start'] || $conf['sitemap']) ? ' rel="nofollow"' : '';
+
     $ret = '';
     $base = ':'.$item['id'];
     $base = substr($base,strrpos($base,':')+1);
     if($item['type']=='d'){
-        $ret .= '<a href="'.wl($ID,'idx='.rawurlencode($item['id'])).'" title="' . $item['id'] . '" class="idx_dir"><strong>';
+        // FS#2766, no need for search bots to follow namespace links in the index
+        $ret .= '<a href="'.wl($ID,'idx='.rawurlencode($item['id'])).'" title="' . $item['id'] . '" class="idx_dir"' . $nofollow . '><strong>';
         $ret .= $base;
         $ret .= '</strong></a>';
     }else{
@@ -1022,52 +1027,52 @@ function html_diff_head($l_rev, $r_rev, $id = null, $media = false, $inline = fa
     }else{
         $l_info   = getRevisionInfo($id,$l_rev,true, $media);
         if($l_info['user']){
-            $l_user = editorinfo($l_info['user']);
-            if(auth_ismanager()) $l_user .= ' ('.$l_info['ip'].')';
+            $l_user = '<bdi>'.editorinfo($l_info['user']).'</bdi>';
+            if(auth_ismanager()) $l_user .= ' <bdo dir="ltr">('.$l_info['ip'].')</bdo>';
         } else {
-            $l_user = $l_info['ip'];
+            $l_user = '<bdo dir="ltr">'.$l_info['ip'].'</bdo>';
         }
         $l_user  = '<span class="user">'.$l_user.'</span>';
-        $l_sum   = ($l_info['sum']) ? '<span class="sum">'.hsc($l_info['sum']).'</span>' : '';
+        $l_sum   = ($l_info['sum']) ? '<span class="sum"><bdi>'.hsc($l_info['sum']).'</bdi></span>' : '';
         if ($l_info['type']===DOKU_CHANGE_TYPE_MINOR_EDIT) $l_minor = 'class="minor"';
 
         $l_head_title = ($media) ? dformat($l_rev) : $id.' ['.dformat($l_rev).']';
-        $l_head = '<a class="wikilink1" href="'.$ml_or_wl($id,"rev=$l_rev").'">'.
-        $l_head_title.'</a>'.
+        $l_head = '<bdi><a class="wikilink1" href="'.$ml_or_wl($id,"rev=$l_rev").'">'.
+        $l_head_title.'</a></bdi>'.
         $head_separator.$l_user.' '.$l_sum;
     }
 
     if($r_rev){
         $r_info   = getRevisionInfo($id,$r_rev,true, $media);
         if($r_info['user']){
-            $r_user = editorinfo($r_info['user']);
-            if(auth_ismanager()) $r_user .= ' ('.$r_info['ip'].')';
+            $r_user = '<bdi>'.editorinfo($r_info['user']).'</bdi>';
+            if(auth_ismanager()) $r_user .= ' <bdo dir="ltr">('.$r_info['ip'].')</bdo>';
         } else {
-            $r_user = $r_info['ip'];
+            $r_user = '<bdo dir="ltr">'.$r_info['ip'].'</bdo>';
         }
         $r_user = '<span class="user">'.$r_user.'</span>';
-        $r_sum  = ($r_info['sum']) ? '<span class="sum">'.hsc($r_info['sum']).'</span>' : '';
+        $r_sum  = ($r_info['sum']) ? '<span class="sum"><bdi>'.hsc($r_info['sum']).'</bdi></span>' : '';
         if ($r_info['type']===DOKU_CHANGE_TYPE_MINOR_EDIT) $r_minor = 'class="minor"';
 
         $r_head_title = ($media) ? dformat($r_rev) : $id.' ['.dformat($r_rev).']';
-        $r_head = '<a class="wikilink1" href="'.$ml_or_wl($id,"rev=$r_rev").'">'.
-        $r_head_title.'</a>'.
+        $r_head = '<bdi><a class="wikilink1" href="'.$ml_or_wl($id,"rev=$r_rev").'">'.
+        $r_head_title.'</a></bdi>'.
         $head_separator.$r_user.' '.$r_sum;
     }elseif($_rev = @filemtime($media_or_wikiFN($id))){
         $_info   = getRevisionInfo($id,$_rev,true, $media);
         if($_info['user']){
-            $_user = editorinfo($_info['user']);
-            if(auth_ismanager()) $_user .= ' ('.$_info['ip'].')';
+            $_user = '<bdi>'.editorinfo($_info['user']).'</bdi>';
+            if(auth_ismanager()) $_user .= ' <bdo dir="ltr">('.$_info['ip'].')</bdo>';
         } else {
-            $_user = $_info['ip'];
+            $_user = '<bdo dir="ltr">'.$_info['ip'].'</bdo>';
         }
         $_user = '<span class="user">'.$_user.'</span>';
-        $_sum  = ($_info['sum']) ? '<span class="sum">'.hsc($_info['sum']).'</span>' : '';
+        $_sum  = ($_info['sum']) ? '<span class="sum"><bdi>'.hsc($_info['sum']).'</span></bdi>' : '';
         if ($_info['type']===DOKU_CHANGE_TYPE_MINOR_EDIT) $r_minor = 'class="minor"';
 
         $r_head_title = ($media) ? dformat($_rev) : $id.' ['.dformat($_rev).']';
-        $r_head  = '<a class="wikilink1" href="'.$ml_or_wl($id).'">'.
-        $r_head_title.'</a> '.
+        $r_head  = '<bdi><a class="wikilink1" href="'.$ml_or_wl($id).'">'.
+        $r_head_title.'</a></bdi> '.
         '('.$lang['current'].')'.
         $head_separator.$_user.' '.$_sum;
     }else{
@@ -1235,20 +1240,20 @@ function html_diff($text='',$intro=true,$type=null){
 }
 
 function html_insert_softbreaks($diffhtml) {
-  // search the diff html string for both:
-  // - html tags, so these can be ignored
-  // - long strings of characters without breaking characters
-  return preg_replace_callback('/<[^>]*>|[^<> ]{12,}/','html_softbreak_callback',$diffhtml);
+    // search the diff html string for both:
+    // - html tags, so these can be ignored
+    // - long strings of characters without breaking characters
+    return preg_replace_callback('/<[^>]*>|[^<> ]{12,}/','html_softbreak_callback',$diffhtml);
 }
 
 function html_softbreak_callback($match){
-  // if match is an html tag, return it intact
-  if ($match[0]{0} == '<') return $match[0];
+    // if match is an html tag, return it intact
+    if ($match[0]{0} == '<') return $match[0];
 
-  // its a long string without a breaking character,
-  // make certain characters into breaking characters by inserting a
-  // breaking character (zero length space, U+200B / #8203) in front them.
-  $regex = <<< REGEX
+    // its a long string without a breaking character,
+    // make certain characters into breaking characters by inserting a
+    // breaking character (zero length space, U+200B / #8203) in front them.
+    $regex = <<< REGEX
 (?(?=                                 # start a conditional expression with a positive look ahead ...
 &\#?\\w{1,6};)                        # ... for html entities - we don't want to split them (ok to catch some invalid combinations)
 &\#?\\w{1,6};                         # yes pattern - a quicker match for the html entity, since we know we have one
@@ -1257,7 +1262,7 @@ function html_softbreak_callback($match){
 )+                                    # end conditional expression
 REGEX;
 
-  return preg_replace('<'.$regex.'>xu','\0&#8203;',$match[0]);
+    return preg_replace('<'.$regex.'>xu','\0&#8203;',$match[0]);
 }
 
 /**
@@ -1318,19 +1323,22 @@ function html_register(){
     global $conf;
     global $INPUT;
 
+    $base_attrs = array('size'=>50,'required'=>'required');
+    $email_attrs = $base_attrs + array('type'=>'email','class'=>'edit');
+
     print p_locale_xhtml('register');
     print '<div class="centeralign">'.NL;
     $form = new Doku_Form(array('id' => 'dw__register'));
     $form->startFieldset($lang['btn_register']);
     $form->addHidden('do', 'register');
     $form->addHidden('save', '1');
-    $form->addElement(form_makeTextField('login', $INPUT->post->str('login'), $lang['user'], '', 'block', array('size'=>'50')));
+    $form->addElement(form_makeTextField('login', $INPUT->post->str('login'), $lang['user'], '', 'block', $base_attrs));
     if (!$conf['autopasswd']) {
-        $form->addElement(form_makePasswordField('pass', $lang['pass'], '', 'block', array('size'=>'50')));
-        $form->addElement(form_makePasswordField('passchk', $lang['passchk'], '', 'block', array('size'=>'50')));
+        $form->addElement(form_makePasswordField('pass', $lang['pass'], '', 'block', $base_attrs));
+        $form->addElement(form_makePasswordField('passchk', $lang['passchk'], '', 'block', $base_attrs));
     }
-    $form->addElement(form_makeTextField('fullname', $INPUT->post->str('fullname'), $lang['fullname'], '', 'block', array('size'=>'50')));
-    $form->addElement(form_makeTextField('email', $INPUT->post->str('email'), $lang['email'], '', 'block', array('size'=>'50')));
+    $form->addElement(form_makeTextField('fullname', $INPUT->post->str('fullname'), $lang['fullname'], '', 'block', $base_attrs));
+    $form->addElement(form_makeField('email','email', $INPUT->post->str('email'), $lang['email'], '', 'block', $email_attrs));
     $form->addElement(form_makeButton('submit', '', $lang['btn_register']));
     $form->endFieldset();
     html_form('register', $form);
@@ -1353,10 +1361,10 @@ function html_updateprofile(){
     global $auth;
 
     print p_locale_xhtml('updateprofile');
+    print '<div class="centeralign">'.NL;
 
     $fullname = $INPUT->post->str('fullname', $INFO['userinfo']['name'], true);
     $email = $INPUT->post->str('email', $INFO['userinfo']['mail'], true);
-    print '<div class="centeralign">'.NL;
     $form = new Doku_Form(array('id' => 'dw__register'));
     $form->startFieldset($lang['profile']);
     $form->addHidden('do', 'profile');
@@ -1365,9 +1373,9 @@ function html_updateprofile(){
     $attr = array('size'=>'50');
     if (!$auth->canDo('modName')) $attr['disabled'] = 'disabled';
     $form->addElement(form_makeTextField('fullname', $fullname, $lang['fullname'], '', 'block', $attr));
-    $attr = array('size'=>'50');
+    $attr = array('size'=>'50', 'class'=>'edit');
     if (!$auth->canDo('modMail')) $attr['disabled'] = 'disabled';
-    $form->addElement(form_makeTextField('email', $email, $lang['email'], '', 'block', $attr));
+    $form->addElement(form_makeField('email','email', $email, $lang['email'], '', 'block', $attr));
     $form->addElement(form_makeTag('br'));
     if ($auth->canDo('modPass')) {
         $form->addElement(form_makePasswordField('newpass', $lang['newpass'], '', 'block', array('size'=>'50')));
@@ -1375,12 +1383,30 @@ function html_updateprofile(){
     }
     if ($conf['profileconfirm']) {
         $form->addElement(form_makeTag('br'));
-        $form->addElement(form_makePasswordField('oldpass', $lang['oldpass'], '', 'block', array('size'=>'50')));
+        $form->addElement(form_makePasswordField('oldpass', $lang['oldpass'], '', 'block', array('size'=>'50', 'required' => 'required')));
     }
     $form->addElement(form_makeButton('submit', '', $lang['btn_save']));
     $form->addElement(form_makeButton('reset', '', $lang['btn_reset']));
+
     $form->endFieldset();
     html_form('updateprofile', $form);
+
+    if ($auth->canDo('delUser') && actionOK('profile_delete')) {
+        $form_profiledelete = new Doku_Form(array('id' => 'dw__profiledelete'));
+        $form_profiledelete->startFieldset($lang['profdeleteuser']);
+        $form_profiledelete->addHidden('do', 'profile_delete');
+        $form_profiledelete->addHidden('delete', '1');
+        $form_profiledelete->addElement(form_makeCheckboxField('confirm_delete', '1', $lang['profconfdelete'],'dw__confirmdelete','', array('required' => 'required')));
+        if ($conf['profileconfirm']) {
+            $form_profiledelete->addElement(form_makeTag('br'));
+            $form_profiledelete->addElement(form_makePasswordField('oldpass', $lang['oldpass'], '', 'block', array('size'=>'50', 'required' => 'required')));
+        }
+        $form_profiledelete->addElement(form_makeButton('submit', '', $lang['btn_deleteuser']));
+        $form_profiledelete->endFieldset();
+
+        html_form('profiledelete', $form_profiledelete);
+    }
+
     print '</div>'.NL;
 }
 
@@ -1488,7 +1514,7 @@ function html_edit(){
         echo 'textChanged = ' . ($mod ? 'true' : 'false');
         echo '/*!]]>*/</script>' . NL;
     } ?>
-    <div class="editBox">
+    <div class="editBox" role="application">
 
     <div class="toolbar group">
         <div id="draft__status"><?php if(!empty($INFO['draft'])) echo $lang['draftdate'].' '.dformat();?></div>
@@ -1603,7 +1629,9 @@ function html_debug(){
 
     if($auth){
         print '<b>Auth backend capabilities:</b><pre>';
-        print_r($auth->cando);
+        foreach ($auth->getCapabilities() as $cando){
+            print '   '.str_pad($cando,16) . ' => ' . (int)$auth->canDo($cando) . NL;
+        }
         print '</pre>';
     }
 
@@ -1633,7 +1661,7 @@ function html_admin(){
     global $ID;
     global $INFO;
     global $conf;
-    /** @var auth_basic $auth */
+    /** @var DokuWiki_Auth_Plugin $auth */
     global $auth;
 
     // build menu of admin functions from the plugins that handle them
@@ -1641,7 +1669,7 @@ function html_admin(){
     $menu = array();
     foreach ($pluginlist as $p) {
         /** @var DokuWiki_Admin_Plugin $obj */
-        if($obj =& plugin_load('admin',$p) === null) continue;
+        if(($obj = plugin_load('admin',$p)) === null) continue;
 
         // check permissions
         if($obj->forAdminOnly() && !$INFO['isadmin']) continue;