diff options
| author | Michael Hamann <michael@content-space.de> | 2011-01-23 20:33:32 +0100 |
|---|---|---|
| committer | Michael Hamann <michael@content-space.de> | 2011-01-23 20:33:32 +0100 |
| commit | fc756e0d4d88b37c01a9155e675a549430b00593 (patch) | |
| tree | 7adc185d2c349788961ff7cb8f9bcb25afbce485 /lib/exe | |
| parent | 8605afb1b4e2a6a9e11e21a7bf0775bbb0d5af03 (diff) | |
| parent | 820923f1328bcfe6002831570eb65238411c5b70 (diff) | |
| download | rpg-fc756e0d4d88b37c01a9155e675a549430b00593.tar.gz rpg-fc756e0d4d88b37c01a9155e675a549430b00593.tar.bz2 | |
Merge branch 'master' into indexer_improvements
Conflicts:
inc/fulltext.php
inc/indexer.php
lib/exe/indexer.php
Diffstat (limited to 'lib/exe')
| -rw-r--r-- | lib/exe/ajax.php | 458 | ||||
| -rw-r--r-- | lib/exe/css.php | 31 | ||||
| -rw-r--r-- | lib/exe/fetch.php | 2 | ||||
| -rw-r--r-- | lib/exe/indexer.php | 48 | ||||
| -rw-r--r-- | lib/exe/js.php | 2 | ||||
| -rw-r--r-- | lib/exe/opensearch.php | 2 | ||||
| -rw-r--r-- | lib/exe/xmlrpc.php | 45 |
7 files changed, 299 insertions, 289 deletions
diff --git a/lib/exe/ajax.php b/lib/exe/ajax.php index e9c59ca5d..1939a7bcb 100644 --- a/lib/exe/ajax.php +++ b/lib/exe/ajax.php @@ -8,7 +8,7 @@ //fix for Opera XMLHttpRequests if(!count($_POST) && !empty($HTTP_RAW_POST_DATA)){ - parse_str($HTTP_RAW_POST_DATA, $_POST); + parse_str($HTTP_RAW_POST_DATA, $_POST); } if(!defined('DOKU_INC')) define('DOKU_INC',dirname(__FILE__).'/../../'); @@ -20,25 +20,25 @@ header('Content-Type: text/html; charset=utf-8'); //call the requested function -if(isset($_POST['call'])) - $call = $_POST['call']; -else if(isset($_GET['call'])) - $call = $_GET['call']; -else - exit; - +if(isset($_POST['call'])){ + $call = $_POST['call']; +}else if(isset($_GET['call'])){ + $call = $_GET['call']; +}else{ + exit; +} $callfn = 'ajax_'.$call; if(function_exists($callfn)){ - $callfn(); + $callfn(); }else{ - $evt = new Doku_Event('AJAX_CALL_UNKNOWN', $call); - if ($evt->advise_before()) { - print "AJAX call '".htmlspecialchars($call)."' unknown!\n"; - exit; - } - $evt->advise_after(); - unset($evt); + $evt = new Doku_Event('AJAX_CALL_UNKNOWN', $call); + if ($evt->advise_before()) { + print "AJAX call '".htmlspecialchars($call)."' unknown!\n"; + exit; + } + $evt->advise_after(); + unset($evt); } /** @@ -47,33 +47,33 @@ if(function_exists($callfn)){ * @author Andreas Gohr <andi@splitbrain.org> */ function ajax_qsearch(){ - global $conf; - global $lang; - - $query = $_POST['q']; - if(empty($query)) $query = $_GET['q']; - if(empty($query)) return; - - $data = ft_pageLookup($query, true, useHeading('navigation')); - - if(!count($data)) return; - - print '<strong>'.$lang['quickhits'].'</strong>'; - print '<ul>'; - foreach($data as $id => $title){ - if (useHeading('navigation')) { - $name = $title; - } else { - $ns = getNS($id); - if($ns){ - $name = shorten(noNS($id), ' ('.$ns.')',30); - }else{ - $name = $id; + global $conf; + global $lang; + + $query = $_POST['q']; + if(empty($query)) $query = $_GET['q']; + if(empty($query)) return; + + $data = ft_pageLookup($query, true, useHeading('navigation')); + + if(!count($data)) return; + + print '<strong>'.$lang['quickhits'].'</strong>'; + print '<ul>'; + foreach($data as $id => $title){ + if (useHeading('navigation')) { + $name = $title; + } else { + $ns = getNS($id); + if($ns){ + $name = noNS($id).' ('.$ns.')'; + }else{ + $name = $id; + } } + echo '<li>' . html_wikilink(':'.$id,$name) . '</li>'; } - echo '<li>' . html_wikilink(':'.$id,$name) . '</li>'; - } - print '</ul>'; + print '</ul>'; } /** @@ -83,36 +83,36 @@ function ajax_qsearch(){ * @author Mike Frysinger <vapier@gentoo.org> */ function ajax_suggestions() { - global $conf; - global $lang; - - $query = cleanID($_POST['q']); - if(empty($query)) $query = cleanID($_GET['q']); - if(empty($query)) return; - - $data = array(); - $data = ft_pageLookup($query); - if(!count($data)) return; - $data = array_keys($data); - - // limit results to 15 hits - $data = array_slice($data, 0, 15); - $data = array_map('trim',$data); - $data = array_map('noNS',$data); - $data = array_unique($data); - sort($data); - - /* now construct a json */ - $suggestions = array( - $query, // the original query - $data, // some suggestions - array(), // no description - array() // no urls - ); - $json = new JSON(); - - header('Content-Type: application/x-suggestions+json'); - print $json->encode($suggestions); + global $conf; + global $lang; + + $query = cleanID($_POST['q']); + if(empty($query)) $query = cleanID($_GET['q']); + if(empty($query)) return; + + $data = array(); + $data = ft_pageLookup($query); + if(!count($data)) return; + $data = array_keys($data); + + // limit results to 15 hits + $data = array_slice($data, 0, 15); + $data = array_map('trim',$data); + $data = array_map('noNS',$data); + $data = array_unique($data); + sort($data); + + /* now construct a json */ + $suggestions = array( + $query, // the original query + $data, // some suggestions + array(), // no description + array() // no urls + ); + $json = new JSON(); + + header('Content-Type: application/x-suggestions+json'); + print $json->encode($suggestions); } /** @@ -121,32 +121,32 @@ function ajax_suggestions() { * Andreas Gohr <andi@splitbrain.org> */ function ajax_lock(){ - global $conf; - global $lang; - $id = cleanID($_POST['id']); - if(empty($id)) return; - - if(!checklock($id)){ - lock($id); - echo 1; - } - - if($conf['usedraft'] && $_POST['wikitext']){ - $client = $_SERVER['REMOTE_USER']; - if(!$client) $client = clientIP(true); + global $conf; + global $lang; + $id = cleanID($_POST['id']); + if(empty($id)) return; + + if(!checklock($id)){ + lock($id); + echo 1; + } - $draft = array('id' => $id, - 'prefix' => substr($_POST['prefix'], 0, -1), - 'text' => $_POST['wikitext'], - 'suffix' => $_POST['suffix'], - 'date' => (int) $_POST['date'], - 'client' => $client, - ); - $cname = getCacheName($draft['client'].$id,'.draft'); - if(io_saveFile($cname,serialize($draft))){ - echo $lang['draftdate'].' '.dformat(); + if($conf['usedraft'] && $_POST['wikitext']){ + $client = $_SERVER['REMOTE_USER']; + if(!$client) $client = clientIP(true); + + $draft = array('id' => $id, + 'prefix' => substr($_POST['prefix'], 0, -1), + 'text' => $_POST['wikitext'], + 'suffix' => $_POST['suffix'], + 'date' => (int) $_POST['date'], + 'client' => $client, + ); + $cname = getCacheName($draft['client'].$id,'.draft'); + if(io_saveFile($cname,serialize($draft))){ + echo $lang['draftdate'].' '.dformat(); + } } - } } @@ -156,14 +156,14 @@ function ajax_lock(){ * @author Andreas Gohr <andi@splitbrain.org> */ function ajax_draftdel(){ - $id = cleanID($_REQUEST['id']); - if(empty($id)) return; + $id = cleanID($_REQUEST['id']); + if(empty($id)) return; - $client = $_SERVER['REMOTE_USER']; - if(!$client) $client = clientIP(true); + $client = $_SERVER['REMOTE_USER']; + if(!$client) $client = clientIP(true); - $cname = getCacheName($client.$id,'.draft'); - @unlink($cname); + $cname = getCacheName($client.$id,'.draft'); + @unlink($cname); } /** @@ -172,22 +172,22 @@ function ajax_draftdel(){ * @author Andreas Gohr <andi@splitbrain.org> */ function ajax_medians(){ - global $conf; - - // wanted namespace - $ns = cleanID($_POST['ns']); - $dir = utf8_encodeFN(str_replace(':','/',$ns)); - - $lvl = count(explode(':',$ns)); - - $data = array(); - search($data,$conf['mediadir'],'search_index',array('nofiles' => true),$dir); - foreach($data as $item){ - $item['level'] = $lvl+1; - echo media_nstree_li($item); - echo media_nstree_item($item); - echo '</li>'; - } + global $conf; + + // wanted namespace + $ns = cleanID($_POST['ns']); + $dir = utf8_encodeFN(str_replace(':','/',$ns)); + + $lvl = count(explode(':',$ns)); + + $data = array(); + search($data,$conf['mediadir'],'search_index',array('nofiles' => true),$dir); + foreach($data as $item){ + $item['level'] = $lvl+1; + echo media_nstree_li($item); + echo media_nstree_item($item); + echo '</li>'; + } } /** @@ -196,11 +196,11 @@ function ajax_medians(){ * @author Andreas Gohr <andi@splitbrain.org> */ function ajax_medialist(){ - global $conf; - global $NS; + global $conf; + global $NS; - $NS = $_POST['ns']; - tpl_mediaContent(true); + $NS = $_POST['ns']; + tpl_mediaContent(true); } /** @@ -209,24 +209,24 @@ function ajax_medialist(){ * @author Andreas Gohr <andi@splitbrain.org> */ function ajax_index(){ - global $conf; - - // wanted namespace - $ns = cleanID($_POST['idx']); - $dir = utf8_encodeFN(str_replace(':','/',$ns)); - - $lvl = count(explode(':',$ns)); - - $data = array(); - search($data,$conf['datadir'],'search_index',array('ns' => $ns),$dir); - foreach($data as $item){ - $item['level'] = $lvl+1; - echo html_li_index($item); - echo '<div class="li">'; - echo html_list_index($item); - echo '</div>'; - echo '</li>'; - } + global $conf; + + // wanted namespace + $ns = cleanID($_POST['idx']); + $dir = utf8_encodeFN(str_replace(':','/',$ns)); + + $lvl = count(explode(':',$ns)); + + $data = array(); + search($data,$conf['datadir'],'search_index',array('ns' => $ns),$dir); + foreach($data as $item){ + $item['level'] = $lvl+1; + echo html_li_index($item); + echo '<div class="li">'; + echo html_list_index($item); + echo '</div>'; + echo '</li>'; + } } /** @@ -235,108 +235,106 @@ function ajax_index(){ * @author Andreas Gohr <gohr@cosmocode.de> */ function ajax_linkwiz(){ - global $conf; - global $lang; - - $q = ltrim($_POST['q'],':'); - $id = noNS($q); - $ns = getNS($q); - - $ns = cleanID($ns); - $id = cleanID($id); - - $nsd = utf8_encodeFN(str_replace(':','/',$ns)); - $idd = utf8_encodeFN(str_replace(':','/',$id)); - - $data = array(); - if($q && !$ns){ - - // use index to lookup matching pages - $pages = array(); - $pages = ft_pageLookup($id,true); - - // result contains matches in pages and namespaces - // we now extract the matching namespaces to show - // them seperately - $dirs = array(); - - - foreach($pages as $pid => $title){ - if(strpos(noNS($pid),$id) === false){ - // match was in the namespace - $dirs[getNS($pid)] = 1; // assoc array avoids dupes - }else{ - // it is a matching page, add it to the result - $data[] = array( - 'id' => $pid, - 'title' => $title, - 'type' => 'f', - ); - } - unset($pages[$pid]); - } - foreach($dirs as $dir => $junk){ - $data[] = array( - 'id' => $dir, - 'type' => 'd', - ); - } + global $conf; + global $lang; + + $q = ltrim($_POST['q'],':'); + $id = noNS($q); + $ns = getNS($q); + + $ns = cleanID($ns); + $id = cleanID($id); + + $nsd = utf8_encodeFN(str_replace(':','/',$ns)); + $idd = utf8_encodeFN(str_replace(':','/',$id)); + + $data = array(); + if($q && !$ns){ + + // use index to lookup matching pages + $pages = array(); + $pages = ft_pageLookup($id,true); + + // result contains matches in pages and namespaces + // we now extract the matching namespaces to show + // them seperately + $dirs = array(); + + foreach($pages as $pid => $title){ + if(strpos(noNS($pid),$id) === false){ + // match was in the namespace + $dirs[getNS($pid)] = 1; // assoc array avoids dupes + }else{ + // it is a matching page, add it to the result + $data[] = array( + 'id' => $pid, + 'title' => $title, + 'type' => 'f', + ); + } + unset($pages[$pid]); + } + foreach($dirs as $dir => $junk){ + $data[] = array( + 'id' => $dir, + 'type' => 'd', + ); + } - }else{ - - $opts = array( - 'depth' => 1, - 'listfiles' => true, - 'listdirs' => true, - 'pagesonly' => true, - 'firsthead' => true, - 'sneakyacl' => $conf['sneaky_index'], - ); - if($id) $opts['filematch'] = '^.*\/'.$id; - if($id) $opts['dirmatch'] = '^.*\/'.$id; - search($data,$conf['datadir'],'search_universal',$opts,$nsd); - - // add back to upper - if($ns){ - array_unshift($data,array( - 'id' => getNS($ns), - 'type' => 'u', - )); - } - } + }else{ - // fixme sort results in a useful way ? + $opts = array( + 'depth' => 1, + 'listfiles' => true, + 'listdirs' => true, + 'pagesonly' => true, + 'firsthead' => true, + 'sneakyacl' => $conf['sneaky_index'], + ); + if($id) $opts['filematch'] = '^.*\/'.$id; + if($id) $opts['dirmatch'] = '^.*\/'.$id; + search($data,$conf['datadir'],'search_universal',$opts,$nsd); + + // add back to upper + if($ns){ + array_unshift($data,array( + 'id' => getNS($ns), + 'type' => 'u', + )); + } + } - if(!count($data)){ - echo $lang['nothingfound']; - exit; - } + // fixme sort results in a useful way ? - // output the found data - $even = 1; - foreach($data as $item){ - $even *= -1; //zebra + if(!count($data)){ + echo $lang['nothingfound']; + exit; + } - if(($item['type'] == 'd' || $item['type'] == 'u') && $item['id']) $item['id'] .= ':'; - $link = wl($item['id']); + // output the found data + $even = 1; + foreach($data as $item){ + $even *= -1; //zebra - echo '<div class="'.(($even > 0)?'even':'odd').' type_'.$item['type'].'">'; + if(($item['type'] == 'd' || $item['type'] == 'u') && $item['id']) $item['id'] .= ':'; + $link = wl($item['id']); + echo '<div class="'.(($even > 0)?'even':'odd').' type_'.$item['type'].'">'; - if($item['type'] == 'u'){ - $name = $lang['upperns']; - }else{ - $name = htmlspecialchars($item['id']); - } + if($item['type'] == 'u'){ + $name = $lang['upperns']; + }else{ + $name = htmlspecialchars($item['id']); + } - echo '<a href="'.$link.'" title="'.htmlspecialchars($item['id']).'" class="wikilink1">'.$name.'</a>'; + echo '<a href="'.$link.'" title="'.htmlspecialchars($item['id']).'" class="wikilink1">'.$name.'</a>'; - if($item['title']){ - echo '<span>'.htmlspecialchars($item['title']).'</span>'; + if($item['title']){ + echo '<span>'.htmlspecialchars($item['title']).'</span>'; + } + echo '</div>'; } - echo '</div>'; - } } -//Setup VIM: ex: et ts=2 enc=utf-8 : +//Setup VIM: ex: et ts=2 : diff --git a/lib/exe/css.php b/lib/exe/css.php index 76f40c7bb..4db81de0b 100644 --- a/lib/exe/css.php +++ b/lib/exe/css.php @@ -122,6 +122,9 @@ function css_out(){ // apply style replacements $css = css_applystyle($css,$tplinc); + + // place all @import statements at the top of the file + $css = css_moveimports($css); // compress whitespace and comments if($conf['compress']){ @@ -264,7 +267,8 @@ function css_loadfile($file,$location=''){ $css = io_readFile($file); if(!$location) return $css; - $css = preg_replace('#(url\([ \'"]*)((?!/|http://|https://| |\'|"))#','\\1'.$location.'\\3',$css); + $css = preg_replace('#(url\([ \'"]*)(?!/|http://|https://| |\'|")#','\\1'.$location,$css); + $css = preg_replace('#(@import\s+[\'"])(?!/|http://|https://)#', '\\1'.$location, $css); return $css; } @@ -297,6 +301,29 @@ function css_pluginstyles($mode='screen'){ } /** + * Move all @import statements in a combined stylesheet to the top so they + * aren't ignored by the browser. + * + * @author Gabriel Birke <birke@d-scribe.de> + */ +function css_moveimports($css) +{ + if(!preg_match_all('/@import\s+(?:url\([^)]+\)|"[^"]+")\s*[^;]*;\s*/', $css, $matches, PREG_OFFSET_CAPTURE)) { + return $css; + } + $newCss = ""; + $imports = ""; + $offset = 0; + foreach($matches[0] as $match) { + $newCss .= substr($css, $offset, $match[1] - $offset); + $imports .= $match[0]; + $offset = $match[1] + strlen($match[0]); + } + $newCss .= substr($css, $offset); + return $imports.$newCss; +} + +/** * Very simple CSS optimizer * * @author Andreas Gohr <andi@splitbrain.org> @@ -330,4 +357,4 @@ function css_comment_cb($matches){ return $matches[0]; } -//Setup VIM: ex: et ts=4 enc=utf-8 : +//Setup VIM: ex: et ts=4 : diff --git a/lib/exe/fetch.php b/lib/exe/fetch.php index 680fd9ae4..3ad4f1937 100644 --- a/lib/exe/fetch.php +++ b/lib/exe/fetch.php @@ -198,4 +198,4 @@ function calc_cache($cache){ return -1; //cache endless } -//Setup VIM: ex: et ts=2 enc=utf-8 : +//Setup VIM: ex: et ts=2 : diff --git a/lib/exe/indexer.php b/lib/exe/indexer.php index a5a7d6b2a..95e2af05b 100644 --- a/lib/exe/indexer.php +++ b/lib/exe/indexer.php @@ -31,7 +31,6 @@ $tmp = array(); // No event data $evt = new Doku_Event('INDEXER_TASKS_RUN', $tmp); if ($evt->advise_before()) { runIndexer() or - metaUpdate() or runSitemapper() or sendDigest() or runTrimRecentChanges() or @@ -139,51 +138,6 @@ function runIndexer(){ } /** - * Will render the metadata for the page if not exists yet - * - * This makes sure pages which are created from outside DokuWiki will - * gain their data when viewed for the first time. - */ -function metaUpdate(){ - global $ID; - print "metaUpdate(): started".NL; - - if(!$ID) return false; - $file = metaFN($ID, '.meta'); - echo "meta file: $file".NL; - - // rendering needed? - if (@file_exists($file)) return false; - if (!page_exists($ID)) return false; - - global $conf; - - // gather some additional info from changelog - $info = io_grep($conf['changelog'], - '/^(\d+)\t(\d+\.\d+\.\d+\.\d+)\t'.preg_quote($ID,'/').'\t([^\t]+)\t([^\t\n]+)/', - 0,true); - - $meta = array(); - if(!empty($info)){ - $meta['date']['created'] = $info[0][1]; - foreach($info as $item){ - if($item[4] != '*'){ - $meta['date']['modified'] = $item[1]; - if($item[3]){ - $meta['contributor'][$item[3]] = $item[3]; - } - } - } - } - - $meta = p_render_metadata($ID, $meta); - p_save_metadata($ID, $meta); - - echo "metaUpdate(): finished".NL; - return true; -} - -/** * Builds a Google Sitemap of all public pages known to the indexer * * The map is placed in the root directory named sitemap.xml.gz - This @@ -312,6 +266,6 @@ function sendGIF(){ // Thinks it's got the whole image } -//Setup VIM: ex: et ts=4 enc=utf-8 : +//Setup VIM: ex: et ts=4 : // No trailing PHP closing tag - no output please! // See Note at http://www.php.net/manual/en/language.basic-syntax.instruction-separation.php diff --git a/lib/exe/js.php b/lib/exe/js.php index f9682e1e9..117021308 100644 --- a/lib/exe/js.php +++ b/lib/exe/js.php @@ -396,4 +396,4 @@ function js_compress($s){ return trim($result); } -//Setup VIM: ex: et ts=4 enc=utf-8 : +//Setup VIM: ex: et ts=4 : diff --git a/lib/exe/opensearch.php b/lib/exe/opensearch.php index f16b4f681..03a1632c4 100644 --- a/lib/exe/opensearch.php +++ b/lib/exe/opensearch.php @@ -35,4 +35,4 @@ echo ' <Url type="application/x-suggestions+json" template="'. DOKU_URL.'lib/exe/ajax.php?call=suggestions&q={searchTerms}" />'.NL; echo '</OpenSearchDescription>'.NL; -//Setup VIM: ex: et ts=4 enc=utf-8 : +//Setup VIM: ex: et ts=4 : diff --git a/lib/exe/xmlrpc.php b/lib/exe/xmlrpc.php index 84068f96e..3d275cb2b 100644 --- a/lib/exe/xmlrpc.php +++ b/lib/exe/xmlrpc.php @@ -7,7 +7,7 @@ if(isset($HTTP_RAW_POST_DATA)) $HTTP_RAW_POST_DATA = trim($HTTP_RAW_POST_DATA); /** * Increased whenever the API is changed */ -define('DOKU_XMLRPC_API_VERSION',4); +define('DOKU_XMLRPC_API_VERSION',5); require_once(DOKU_INC.'inc/init.php'); session_write_close(); //close session @@ -143,6 +143,13 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { true ); + $this->addCallback( + 'dokuwiki.appendPage', + 'this:appendPage', + array('int', 'string', 'string', 'struct'), + 'Append text to a wiki page.' + ); + /* Wiki API v2 http://www.jspwiki.org/wiki/WikiRPCInterface2 */ $this->addCallback( 'wiki.getRPCVersionSupported', @@ -289,6 +296,7 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { * Return a raw wiki page */ function rawPage($id,$rev=''){ + $id = cleanID($id); if(auth_quickaclcheck($id) < AUTH_READ){ return new IXR_Error(1, 'You are not allowed to read this page'); } @@ -344,6 +352,7 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { * Return a wiki page rendered to html */ function htmlPage($id,$rev=''){ + $id = cleanID($id); if(auth_quickaclcheck($id) < AUTH_READ){ return new IXR_Error(1, 'You are not allowed to read this page'); } @@ -480,6 +489,7 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { * Return some basic data about a page */ function pageInfo($id,$rev=''){ + $id = cleanID($id); if(auth_quickaclcheck($id) < AUTH_READ){ return new IXR_Error(1, 'You are not allowed to read this page'); } @@ -557,11 +567,23 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { } /** + * Appends text to a wiki page. + */ + function appendPage($id, $text, $params) { + $currentpage = $this->rawPage($id); + if (!is_string($currentpage)) { + return $currentpage; + } + return $this->putPage($id, $currentpage.$text, $params); + } + + /** * Uploads a file to the wiki. * * Michael Klier <chi@chimeric.de> */ function putAttachment($id, $file, $params) { + $id = cleanID($id); global $conf; global $lang; @@ -629,6 +651,7 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { * @author Gina Haeussge <osd@foosel.net> */ function deleteAttachment($id){ + $id = cleanID($id); $auth = auth_quickaclcheck(getNS($id).':*'); if($auth < AUTH_DELETE) return new IXR_ERROR(1, "You don't have permissions to delete files."); global $conf; @@ -686,6 +709,7 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { * Returns the permissions of a given wiki page */ function aclCheck($id) { + $id = cleanID($id); return auth_quickaclcheck($id); } @@ -695,13 +719,14 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { * @author Michael Klier <chi@chimeric.de> */ function listLinks($id) { + $id = cleanID($id); if(auth_quickaclcheck($id) < AUTH_READ){ return new IXR_Error(1, 'You are not allowed to read this page'); } $links = array(); // resolve page instructions - $ins = p_cached_instructions(wikiFN(cleanID($id))); + $ins = p_cached_instructions(wikiFN($id)); // instantiate new Renderer - needed for interwiki links include(DOKU_INC.'inc/parser/xhtml.php'); @@ -809,6 +834,10 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { * @author Michael Klier <chi@chimeric.de> */ function pageVersions($id, $first) { + $id = cleanID($id); + if(auth_quickaclcheck($id) < AUTH_READ){ + return new IXR_Error(1, 'You are not allowed to read this page'); + } global $conf; $versions = array(); @@ -884,7 +913,8 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { $unlockfail = array(); foreach((array) $set['lock'] as $id){ - if(checklock($id)){ + $id = cleanID($id); + if(auth_quickaclcheck($id) < AUTH_EDIT || checklock($id)){ $lockfail[] = $id; }else{ lock($id); @@ -893,10 +923,11 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { } foreach((array) $set['unlock'] as $id){ - if(unlock($id)){ - $unlocked[] = $id; - }else{ + $id = cleanID($id); + if(auth_quickaclcheck($id) < AUTH_EDIT || !unlock($id)){ $unlockfail[] = $id; + }else{ + $unlocked[] = $id; } } @@ -929,4 +960,4 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { $server = new dokuwiki_xmlrpc_server(); -// vim:ts=4:sw=4:et:enc=utf-8: +// vim:ts=4:sw=4:et: |