diff options
Diffstat (limited to 'lib/exe')
| -rw-r--r-- | lib/exe/ajax.php | 9 | ||||
| -rw-r--r-- | lib/exe/detail.php | 17 | ||||
| -rw-r--r-- | lib/exe/fetch.php | 263 | ||||
| -rw-r--r-- | lib/exe/indexer.php | 10 | ||||
| -rw-r--r-- | lib/exe/js.php | 3 | ||||
| -rw-r--r-- | lib/exe/mediamanager.php | 23 | ||||
| -rw-r--r-- | lib/exe/xmlrpc.php | 4 |
7 files changed, 114 insertions, 215 deletions
diff --git a/lib/exe/ajax.php b/lib/exe/ajax.php index 9989269cf..9769503a7 100644 --- a/lib/exe/ajax.php +++ b/lib/exe/ajax.php @@ -45,6 +45,8 @@ function ajax_qsearch(){ global $lang; global $INPUT; + $maxnumbersuggestions = 50; + $query = $INPUT->post->str('q'); if(empty($query)) $query = $INPUT->get->str('q'); if(empty($query)) return; @@ -57,6 +59,7 @@ function ajax_qsearch(){ print '<strong>'.$lang['quickhits'].'</strong>'; print '<ul>'; + $counter = 0; foreach($data as $id => $title){ if (useHeading('navigation')) { $name = $title; @@ -69,6 +72,12 @@ function ajax_qsearch(){ } } echo '<li>' . html_wikilink(':'.$id,$name) . '</li>'; + + $counter ++; + if($counter > $maxnumbersuggestions) { + echo '<li>...</li>'; + break; + } } print '</ul>'; } diff --git a/lib/exe/detail.php b/lib/exe/detail.php index e597db3a2..7008b126f 100644 --- a/lib/exe/detail.php +++ b/lib/exe/detail.php @@ -2,13 +2,18 @@ if(!defined('DOKU_INC')) define('DOKU_INC',dirname(__FILE__).'/../../'); define('DOKU_MEDIADETAIL',1); require_once(DOKU_INC.'inc/init.php'); -trigger_event('DETAIL_STARTED', $tmp=array()); -//close session -session_write_close(); $IMG = getID('media'); $ID = cleanID($INPUT->str('id')); +// this makes some general infos available as well as the info about the +// "parent" page +$INFO = array_merge(pageinfo(),mediainfo()); +trigger_event('DETAIL_STARTED', $tmp=array()); + +//close session
+session_write_close();
+ if($conf['allowdebug'] && $INPUT->has('debug')){ print '<pre>'; foreach(explode(' ','basedir userewrite baseurl useslash') as $x){ @@ -31,7 +36,7 @@ if($AUTH >= AUTH_READ){ $SRC = mediaFN($IMG); if(!@file_exists($SRC)){ //doesn't exist! - header("HTTP/1.0 404 File not Found"); + http_status(404); $ERROR = 'File not found'; } }else{ @@ -39,10 +44,6 @@ if($AUTH >= AUTH_READ){ $ERROR = p_locale_xhtml('denied'); } -// this makes some general infos available as well as the info about the -// "parent" page -$INFO = pageinfo(); - //start output and load template header('Content-Type: text/html; charset=utf-8'); include(template('detail.php')); diff --git a/lib/exe/fetch.php b/lib/exe/fetch.php index 52e7ebe1e..7a2250373 100644 --- a/lib/exe/fetch.php +++ b/lib/exe/fetch.php @@ -6,200 +6,93 @@ * @author Andreas Gohr <andi@splitbrain.org> */ - if(!defined('DOKU_INC')) define('DOKU_INC',dirname(__FILE__).'/../../'); - define('DOKU_DISABLE_GZIP_OUTPUT', 1); - require_once(DOKU_INC.'inc/init.php'); +if(!defined('DOKU_INC')) define('DOKU_INC', dirname(__FILE__).'/../../'); +if (!defined('DOKU_DISABLE_GZIP_OUTPUT')) define('DOKU_DISABLE_GZIP_OUTPUT', 1); +require_once(DOKU_INC.'inc/init.php'); +session_write_close(); //close session - //close session - session_write_close(); +require_once(DOKU_INC.'inc/fetch.functions.php'); - $mimetypes = getMimeTypes(); - - //get input - $MEDIA = stripctl(getID('media',false)); // no cleaning except control chars - maybe external - $CACHE = calc_cache($INPUT->str('cache')); - $WIDTH = $INPUT->int('w'); - $HEIGHT = $INPUT->int('h'); - $REV = &$INPUT->ref('rev'); - //sanitize revision - $REV = preg_replace('/[^0-9]/','',$REV); - - list($EXT,$MIME,$DL) = mimetype($MEDIA,false); - if($EXT === false){ - $EXT = 'unknown'; - $MIME = 'application/octet-stream'; - $DL = true; - } - - // check for permissions, preconditions and cache external files - list($STATUS, $STATUSMESSAGE) = checkFileStatus($MEDIA, $FILE, $REV); - - // prepare data for plugin events - $data = array('media' => $MEDIA, - 'file' => $FILE, - 'orig' => $FILE, - 'mime' => $MIME, - 'download' => $DL, - 'cache' => $CACHE, - 'ext' => $EXT, - 'width' => $WIDTH, - 'height' => $HEIGHT, - 'status' => $STATUS, - 'statusmessage' => $STATUSMESSAGE, - ); - - // handle the file status - $evt = new Doku_Event('FETCH_MEDIA_STATUS', $data); - if ( $evt->advise_before() ) { - // redirects - if($data['status'] > 300 && $data['status'] <= 304){ - send_redirect($data['statusmessage']); - } - // send any non 200 status - if($data['status'] != 200){ - header('HTTP/1.0 ' . $data['status'] . ' ' . $data['statusmessage']); - } - // die on errors - if($data['status'] > 203){ - print $data['statusmessage']; - exit; - } - } - $evt->advise_after(); - unset($evt); - - //handle image resizing/cropping - if((substr($MIME,0,5) == 'image') && $WIDTH){ - if($HEIGHT){ - $data['file'] = $FILE = media_crop_image($data['file'],$EXT,$WIDTH,$HEIGHT); - }else{ - $data['file'] = $FILE = media_resize_image($data['file'],$EXT,$WIDTH,$HEIGHT); - } - } - - // finally send the file to the client - $evt = new Doku_Event('MEDIA_SENDFILE', $data); - if ($evt->advise_before()) { - sendFile($data['file'],$data['mime'],$data['download'],$data['cache']); - } - // Do something after the download finished. - $evt->advise_after(); - -/* ------------------------------------------------------------------------ */ - -/** - * Set headers and send the file to the client - * - * @author Andreas Gohr <andi@splitbrain.org> - * @author Ben Coburn <btcoburn@silicodon.net> - */ -function sendFile($file,$mime,$dl,$cache){ - global $conf; - $fmtime = @filemtime($file); - // send headers - header("Content-Type: $mime"); - // smart http caching headers - if ($cache==-1) { - // cache - // cachetime or one hour - header('Expires: '.gmdate("D, d M Y H:i:s", time()+max($conf['cachetime'], 3600)).' GMT'); - header('Cache-Control: public, proxy-revalidate, no-transform, max-age='.max($conf['cachetime'], 3600)); - header('Pragma: public'); - } else if ($cache>0) { - // recache - // remaining cachetime + 10 seconds so the newly recached media is used - header('Expires: '.gmdate("D, d M Y H:i:s", $fmtime+$conf['cachetime']+10).' GMT'); - header('Cache-Control: public, proxy-revalidate, no-transform, max-age='.max($fmtime-time()+$conf['cachetime']+10, 0)); - header('Pragma: public'); - } else if ($cache==0) { - // nocache - header('Cache-Control: must-revalidate, no-transform, post-check=0, pre-check=0'); - header('Pragma: public'); - } - //send important headers first, script stops here if '304 Not Modified' response - http_conditionalRequest($fmtime); - - - //download or display? - if($dl){ - header('Content-Disposition: attachment; filename="'.utf8_basename($file).'";'); - }else{ - header('Content-Disposition: inline; filename="'.utf8_basename($file).'";'); - } - - //use x-sendfile header to pass the delivery to compatible webservers - if (http_sendfile($file)) exit; - - // send file contents - $fp = @fopen($file,"rb"); - if($fp){ - http_rangeRequest($fp,filesize($file),$mime); - }else{ - header("HTTP/1.0 500 Internal Server Error"); - print "Could not read $file - bad permissions?"; - } +if (defined('SIMPLE_TEST')) { + $INPUT = new Input(); } -/** - * Check for media for preconditions and return correct status code - * - * READ: MEDIA, MIME, EXT, CACHE - * WRITE: MEDIA, FILE, array( STATUS, STATUSMESSAGE ) - * - * @author Gerry Weissbach <gerry.w@gammaproduction.de> - * @param $media reference to the media id - * @param $file reference to the file variable - * @returns array(STATUS, STATUSMESSAGE) - */ -function checkFileStatus(&$media, &$file, $rev='') { - global $MIME, $EXT, $CACHE, $INPUT; - - //media to local file - if(preg_match('#^(https?)://#i',$media)){ - //check hash - if(substr(md5(auth_cookiesalt().$media),0,6) !== $INPUT->str('hash')){ - return array( 412, 'Precondition Failed'); +// BEGIN main + $mimetypes = getMimeTypes(); + + //get input + $MEDIA = stripctl(getID('media', false)); // no cleaning except control chars - maybe external + $CACHE = calc_cache($INPUT->str('cache')); + $WIDTH = $INPUT->int('w'); + $HEIGHT = $INPUT->int('h'); + $REV = & $INPUT->ref('rev'); + //sanitize revision + $REV = preg_replace('/[^0-9]/', '', $REV); + + list($EXT, $MIME, $DL) = mimetype($MEDIA, false); + if($EXT === false) { + $EXT = 'unknown'; + $MIME = 'application/octet-stream'; + $DL = true; } - //handle external images - if(strncmp($MIME,'image/',6) == 0) $file = media_get_from_URL($media,$EXT,$CACHE); - if(!$file){ - //download failed - redirect to original URL - return array( 302, $media ); + + // check for permissions, preconditions and cache external files + list($STATUS, $STATUSMESSAGE) = checkFileStatus($MEDIA, $FILE, $REV, $WIDTH, $HEIGHT); + + // prepare data for plugin events + $data = array( + 'media' => $MEDIA, + 'file' => $FILE, + 'orig' => $FILE, + 'mime' => $MIME, + 'download' => $DL, + 'cache' => $CACHE, + 'ext' => $EXT, + 'width' => $WIDTH, + 'height' => $HEIGHT, + 'status' => $STATUS, + 'statusmessage' => $STATUSMESSAGE, + 'ispublic' => media_ispublic($MEDIA), + ); + + // handle the file status + $evt = new Doku_Event('FETCH_MEDIA_STATUS', $data); + if($evt->advise_before()) { + // redirects + if($data['status'] > 300 && $data['status'] <= 304) { + send_redirect($data['statusmessage']); + } + // send any non 200 status + if($data['status'] != 200) { + http_status($data['status'], $data['statusmessage']); + } + // die on errors + if($data['status'] > 203) { + print $data['statusmessage']; + if (defined('SIMPLE_TEST')) return; + exit; + } } - }else{ - $media = cleanID($media); - if(empty($media)){ - return array( 400, 'Bad request' ); + $evt->advise_after(); + unset($evt); + + //handle image resizing/cropping + if((substr($MIME, 0, 5) == 'image') && $WIDTH) { + if($HEIGHT) { + $data['file'] = $FILE = media_crop_image($data['file'], $EXT, $WIDTH, $HEIGHT); + } else { + $data['file'] = $FILE = media_resize_image($data['file'], $EXT, $WIDTH, $HEIGHT); + } } - //check permissions (namespace only) - if(auth_quickaclcheck(getNS($media).':X') < AUTH_READ){ - return array( 403, 'Forbidden' ); + // finally send the file to the client + $evt = new Doku_Event('MEDIA_SENDFILE', $data); + if($evt->advise_before()) { + sendFile($data['file'], $data['mime'], $data['download'], $data['cache'], $data['ispublic']); } - $file = mediaFN($media, $rev); - } - - //check file existance - if(!@file_exists($file)){ - return array( 404, 'Not Found' ); - } + // Do something after the download finished. + $evt->advise_after(); // will not be emitted on 304 or x-sendfile - return array(200, null); -} - -/** - * Returns the wanted cachetime in seconds - * - * Resolves named constants - * - * @author Andreas Gohr <andi@splitbrain.org> - */ -function calc_cache($cache){ - global $conf; - - if(strtolower($cache) == 'nocache') return 0; //never cache - if(strtolower($cache) == 'recache') return $conf['cachetime']; //use standard cache - return -1; //cache endless -} +// END DO main //Setup VIM: ex: et ts=2 : diff --git a/lib/exe/indexer.php b/lib/exe/indexer.php index 27576f76d..57bee8925 100644 --- a/lib/exe/indexer.php +++ b/lib/exe/indexer.php @@ -16,15 +16,16 @@ if(!defined('NL')) define('NL',"\n"); // check if user abort worked, if yes send output early $defer = !@ignore_user_abort() || $conf['broken_iua']; -if(!$defer){ +$output = $INPUT->has('debug') && $conf['allowdebug']; +if(!$defer && !$output){ sendGIF(); // send gif } $ID = cleanID($INPUT->str('id')); // Catch any possible output (e.g. errors) -$output = $INPUT->has('debug') && $conf['allowdebug']; if(!$output) ob_start(); +else header('Content-Type: text/plain'); // run one of the jobs $tmp = array(); // No event data @@ -192,11 +193,6 @@ function sendDigest() { * @author Harry Fuecks <fuecks@gmail.com> */ function sendGIF(){ - global $INPUT; - if($INPUT->has('debug')){ - header('Content-Type: text/plain'); - return; - } $img = base64_decode('R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAEALAAAAAABAAEAAAIBTAA7'); header('Content-Type: image/gif'); header('Content-Length: '.strlen($img)); diff --git a/lib/exe/js.php b/lib/exe/js.php index 42979eeed..4ff48133e 100644 --- a/lib/exe/js.php +++ b/lib/exe/js.php @@ -43,6 +43,7 @@ function js_out(){ DOKU_INC."lib/scripts/jquery/jquery$min.js", DOKU_INC.'lib/scripts/jquery/jquery.cookie.js', DOKU_INC."lib/scripts/jquery/jquery-ui$min.js", + DOKU_INC."lib/scripts/jquery/jquery-migrate$min.js", DOKU_INC."lib/scripts/fileuploader.js", DOKU_INC."lib/scripts/fileuploaderextended.js", DOKU_INC.'lib/scripts/helpers.js', @@ -61,7 +62,7 @@ function js_out(){ DOKU_INC.'lib/scripts/locktimer.js', DOKU_INC.'lib/scripts/linkwiz.js', DOKU_INC.'lib/scripts/media.js', - DOKU_INC.'lib/scripts/compatibility.js', +# deprecated DOKU_INC.'lib/scripts/compatibility.js', # disabled for FS#1958 DOKU_INC.'lib/scripts/hotkeys.js', DOKU_INC.'lib/scripts/behaviour.js', DOKU_INC.'lib/scripts/page.js', diff --git a/lib/exe/mediamanager.php b/lib/exe/mediamanager.php index 04dd178cc..66e5ddc82 100644 --- a/lib/exe/mediamanager.php +++ b/lib/exe/mediamanager.php @@ -7,15 +7,12 @@ require_once(DOKU_INC.'inc/init.php'); - trigger_event('MEDIAMANAGER_STARTED',$tmp=array()); - session_write_close(); //close session - global $INPUT; // handle passed message if($INPUT->str('msg1')) msg(hsc($INPUT->str('msg1')),1); if($INPUT->str('err')) msg(hsc($INPUT->str('err')),-1); - + global $DEL; // get namespace to display (either direct or from deletion order) if($INPUT->str('delete')){ $DEL = cleanID($INPUT->str('delete')); @@ -29,33 +26,35 @@ $NS = getNS($IMG); }else{ $NS = cleanID($INPUT->str('ns')); + $IMG = null; } - // check auth - $AUTH = auth_quickaclcheck("$NS:*"); + global $INFO; + $INFO = !empty($INFO) ? array_merge($INFO, mediainfo()) : mediainfo(); + $AUTH = $INFO['perm']; // shortcut for historical reasons + + trigger_event('MEDIAMANAGER_STARTED',$tmp=array());
+ session_write_close(); //close session
// do not display the manager if user does not have read access if($AUTH < AUTH_READ && !$fullscreen) { - header('HTTP/1.0 403 Forbidden'); + http_status(403); die($lang['accessdenied']); } - // create the given namespace (just for beautification) - if($AUTH >= AUTH_UPLOAD) { io_createNamespace("$NS:xxx", 'media'); } - // handle flash upload if(isset($_FILES['Filedata'])){ $_FILES['upload'] =& $_FILES['Filedata']; $JUMPTO = media_upload($NS,$AUTH); if($JUMPTO == false){ - header("HTTP/1.0 400 Bad Request"); + http_status(400); echo 'Upload failed'; } echo 'ok'; exit; } - // give info on PHP catched upload errors + // give info on PHP caught upload errors if($_FILES['upload']['error']){ switch($_FILES['upload']['error']){ case 1: diff --git a/lib/exe/xmlrpc.php b/lib/exe/xmlrpc.php index 5e6c197d0..c09daa17c 100644 --- a/lib/exe/xmlrpc.php +++ b/lib/exe/xmlrpc.php @@ -29,10 +29,10 @@ class dokuwiki_xmlrpc_server extends IXR_Server { return $result; } catch (RemoteAccessDeniedException $e) { if (!isset($_SERVER['REMOTE_USER'])) { - header('HTTP/1.1 401 Unauthorized'); + http_status(401); return new IXR_Error(-32603, "server error. not authorized to call method $methodname"); } else { - header('HTTP/1.1 403 Forbidden'); + http_status(403); return new IXR_Error(-32604, "server error. forbidden to call the method $methodname"); } } catch (RemoteException $e) { |