diff options
Diffstat (limited to 'lib/exe')
| -rw-r--r-- | lib/exe/ajax.php | 22 | ||||
| -rw-r--r-- | lib/exe/js.php | 6 |
2 files changed, 20 insertions, 8 deletions
diff --git a/lib/exe/ajax.php b/lib/exe/ajax.php index 7d594dc04..1056a05f8 100644 --- a/lib/exe/ajax.php +++ b/lib/exe/ajax.php @@ -123,11 +123,21 @@ function ajax_suggestions() { function ajax_lock(){ global $conf; global $lang; - $id = cleanID($_POST['id']); - if(empty($id)) return; + global $ID; + global $INFO; + + $ID = cleanID($_POST['id']); + if(empty($ID)) return; + + $INFO = pageinfo(); + + if (!$INFO['writable']) { + echo 'Permission denied'; + return; + } - if(!checklock($id)){ - lock($id); + if(!checklock($ID)){ + lock($ID); echo 1; } @@ -135,14 +145,14 @@ function ajax_lock(){ $client = $_SERVER['REMOTE_USER']; if(!$client) $client = clientIP(true); - $draft = array('id' => $id, + $draft = array('id' => $ID, 'prefix' => substr($_POST['prefix'], 0, -1), 'text' => $_POST['wikitext'], 'suffix' => $_POST['suffix'], 'date' => (int) $_POST['date'], 'client' => $client, ); - $cname = getCacheName($draft['client'].$id,'.draft'); + $cname = getCacheName($draft['client'].$ID,'.draft'); if(io_saveFile($cname,serialize($draft))){ echo $lang['draftdate'].' '.dformat(); } diff --git a/lib/exe/js.php b/lib/exe/js.php index 183ae6d4c..a3efff700 100644 --- a/lib/exe/js.php +++ b/lib/exe/js.php @@ -124,7 +124,7 @@ function js_out(){ js_runonstart("initSizeCtl('size__ctl','wiki__text')"); js_runonstart("initToolbar('tool__bar','wiki__text',toolbar)"); if($conf['locktime'] != 0){ - js_runonstart("locktimer.init(".($conf['locktime'] - 60).",'".js_escape($lang['willexpire'])."',".$conf['usedraft'].")"); + js_runonstart("locktimer.init(".($conf['locktime'] - 60).",'".js_escape($lang['willexpire'])."',".$conf['usedraft'].", 'wiki__text')"); } js_runonstart('scrollToMarker()'); js_runonstart('focusMarker()'); @@ -199,9 +199,11 @@ function js_cacheok($cache,$files){ $ctime = @filemtime($cache); if(!$ctime) return false; //There is no cache + global $config_cascade; + // some additional files to check $files = array_merge($files, getConfigFiles('main')); - $files[] = DOKU_CONF.'userscript.js'; + $files[] = $config_cascade['userscript']['default']; $files[] = __FILE__; // now walk the files |