diff options
Diffstat (limited to 'lib/exe')
| -rw-r--r-- | lib/exe/ajax.php | 2 | ||||
| -rw-r--r-- | lib/exe/detail.php | 79 |
2 files changed, 39 insertions, 42 deletions
diff --git a/lib/exe/ajax.php b/lib/exe/ajax.php index 533b8f91c..e9c59ca5d 100644 --- a/lib/exe/ajax.php +++ b/lib/exe/ajax.php @@ -136,7 +136,7 @@ function ajax_lock(){ if(!$client) $client = clientIP(true); $draft = array('id' => $id, - 'prefix' => $_POST['prefix'], + 'prefix' => substr($_POST['prefix'], 0, -1), 'text' => $_POST['wikitext'], 'suffix' => $_POST['suffix'], 'date' => (int) $_POST['date'], diff --git a/lib/exe/detail.php b/lib/exe/detail.php index 3a04b7b09..35186f5dd 100644 --- a/lib/exe/detail.php +++ b/lib/exe/detail.php @@ -1,51 +1,48 @@ <?php - if(!defined('DOKU_INC')) define('DOKU_INC',dirname(__FILE__).'/../../'); - define('DOKU_MEDIADETAIL',1); - require_once(DOKU_INC.'inc/init.php'); - //close session - session_write_close(); - - $IMG = getID('media'); - $ID = cleanID($_REQUEST['id']); - - if($conf['allowdebug'] && $_REQUEST['debug']){ - print '<pre>'; - foreach(explode(' ','basedir userewrite baseurl useslash') as $x){ - print '$'."conf['$x'] = '".$conf[$x]."';\n"; - } - foreach(explode(' ','DOCUMENT_ROOT HTTP_HOST SCRIPT_FILENAME PHP_SELF '. - 'REQUEST_URI SCRIPT_NAME PATH_INFO PATH_TRANSLATED') as $x){ - print '$'."_SERVER['$x'] = '".$_SERVER[$x]."';\n"; - } - print "getID('media'): ".getID('media')."\n"; - print "getID('media',false): ".getID('media',false)."\n"; - print '</pre>'; - } - - $ERROR = false; - // check image permissions - $AUTH = auth_quickaclcheck($IMG); - if($AUTH >= AUTH_READ){ +if(!defined('DOKU_INC')) define('DOKU_INC',dirname(__FILE__).'/../../'); +define('DOKU_MEDIADETAIL',1); +require_once(DOKU_INC.'inc/init.php'); +//close session +session_write_close(); + +$IMG = getID('media'); +$ID = cleanID($_REQUEST['id']); + +if($conf['allowdebug'] && $_REQUEST['debug']){ + print '<pre>'; + foreach(explode(' ','basedir userewrite baseurl useslash') as $x){ + print '$'."conf['$x'] = '".$conf[$x]."';\n"; + } + foreach(explode(' ','DOCUMENT_ROOT HTTP_HOST SCRIPT_FILENAME PHP_SELF '. + 'REQUEST_URI SCRIPT_NAME PATH_INFO PATH_TRANSLATED') as $x){ + print '$'."_SERVER['$x'] = '".$_SERVER[$x]."';\n"; + } + print "getID('media'): ".getID('media')."\n"; + print "getID('media',false): ".getID('media',false)."\n"; + print '</pre>'; +} + +$ERROR = false; +// check image permissions +$AUTH = auth_quickaclcheck($IMG); +if($AUTH >= AUTH_READ){ // check if image exists $SRC = mediaFN($IMG); if(!@file_exists($SRC)){ - //doesn't exist! - + //doesn't exist! + header("HTTP/1.0 404 File not Found"); + $ERROR = 'File not found'; } - }else{ +}else{ // no auth $ERROR = p_locale_xhtml('denied'); - } - - /*if(!$ERROR){ - // load EXIF/IPTC/image details - $INFO = array(); - $INFO['std'][''] - imagesize - }*/ +} +// this makes some general infos available as well as the info about the +// "parent" page +$INFO = pageinfo(); - //start output and load template - header('Content-Type: text/html; charset=utf-8'); - include(template('detail.php')); +//start output and load template +header('Content-Type: text/html; charset=utf-8'); +include(template('detail.php')); |