| Commit message (Collapse) | Author | Age |
|---|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Like ids namespaces are now preg_quoted in the acl check (and therefore
the escaping of "*" has been removed). When plugins call the ACL check
function with strange ids the regex fails otherwise (in the case of the
include plugin errors like "Warning: preg_grep() [function.preg-grep]:
Compilation failed: missing terminating ] for character class at offset
47" have been reported by two users).
I've run the acl tests after this change and everything passes so this
shouldn't break anything but please test this especially with protected
wikis as this change modifies the code that handles namespace
permissions. Furthermore permissions for a namespace foobar are no
longer applied to namespaces with names like foo.ar, I hope nobody has
used that "feature".
When you are using per-user namespaces, user registration is open and
either write or read protection for these namespaces is important to
you this is a security fix for you: When someone wants to get access to
the namespace of a user "foo.bar" he can register as "fooxbar" (where
"x" is an arbitrary character) and will have access to the user
namespace of the user "foo.bar" as when a page in "foo.bar" is checked
it will match the rule for "fooxbar".
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This function abstracts checking a given user and her groups against a
given member list (as used in the superuser and manager options).
It is also used in auth_isManager() and auth_isAdmin(), unlike the
previous function, this one skips the nameencode step as it should be
unnessary here (all input is given decoded).
The test cases where extended by some non-ID user and group names.
People with non-plain auth backends should check that their
administrator and manager setups still work as expected
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This makes it possible to have modes that do accept headers
(baseonly) in the parser.
Related test cases are still running through but I'm not 100% sure
I did not break something here. So it should be tested a bit more.
This patch will allow plugins to wrap multiple sections, however it
also makes it possible to easily break XHTML validity, because
headers also open and close sections, so plugin authors need to be
aware!
In case you wonder: this patch is not about allowing formatting
inside headers.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
This reverts commit 4871414204799044c31aa2764c4b4ca020e2331d.
Additionally there is a new fix for FS#2107 that doesn't introduce a lot
of checks but instead ensures that the configuration option can't be set
to negative values when the configuration manager is used.
|
| | |
|
| |\ |
|
| | | |
|
| |/
|
|
|
|
|
|
|
| |
20:51:05 <glen> what is the difference between $INFO['userinfo'] and $USERINFO?
20:52:17 <splitbrain> none really
20:52:33 <glen> yet one works ($USERINFO) and the other doesn't in my setup
20:52:59 <splitbrain> $INFO isn't available everywhere
20:53:27 <splitbrain> or might not have been set yet (if you're fetching an early action hook)
20:53:27 <glen> yeah, mail headers setup failed for me
|
| |
|
|
| |
out of DW to make it smaller (eg. FTP upload)
|
| |
|
|
|
|
| |
As of VIM 7.3 it is no longer possible to specify the encoding in the
modeline. This gives an error message whenever such a file is opened,
thus this commit removes the enc setting from the modeline.
|
| |
|
|
|
|
| |
This fixes an infinite loop in breadcrumbs() and makes the behaviors in
all places where breadcrumbs are used consistent so that non-numeric
values, values < 0 and 0 are treated the same way.
|
| |
|
|
| |
See http://forum.dokuwiki.org/post/22120
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This changes fundamentally when metadata is rendered. This commit
introduces a new cache file for every page that just contains a
timestamp and is updated whenever the metadata of that page is rendered.
Metadata is rendered when p_get_metadata is called and the last
rendering has been before a page, metadata, configuration or renderer
update or purge is set like in the xhtml renderer cache.
Metadata is no longer automatically rendered when the xhtml renderer
cache isn't used but will still be rendered when needed as
p_get_metadata is called in the cache.
Metadata is also no longer rendered in the indexer script when missing
as that is already done by pageinfo() before anything else is done so
the indexer script won't be called when there is no metadata file.
|
| |
|
|
|
|
| |
Suggested by: MQ <antinvidia gmail com>
Signed-off-by: Xin LI <delphij@FreeBSD.org>
|
| |
|
|
| |
SimplePie1.2) to continue to display correctly feeds with =
|
| | |
|
| | |
|
| |\ |
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| | |
This patch only adds the capability to the Difference Engine lib, not to
the user interface, yet.
|
| | | |
|
| | |\ |
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
This patch does two things: It makes sure the native json_decode() will
honor the JSON_LOOSETYPE option of the class and it also adds way
to skip the use of the native function completely. The latter is
necessary for slightly non-standard JSON data.
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | | |
p_purge_metadata now updates the metadata cache and the INFO array like the other metadata writing functions
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | | |
|
