summaryrefslogtreecommitdiff
path: root/lib/exe/xmlrpc.php
Commit message (Collapse)AuthorAge
* make use of auth_isMember() in XMLRPC authentication check FS#2287Andreas Gohr2011-07-10
|
* Merge branch 'master' into indexer_rewriteMichael Hamann2011-02-24
|\ | | | | | | | | | | | | Conflicts: inc/fulltext.php inc/indexer.php lib/exe/indexer.php
| * Use common media_save in media_upload and putAttachmentAdrian Lang2011-02-06
| | | | | | | | | | | | | | | | Changes: * XML-RPC now correctly allows leading and trailing _ * Error messages from XML-RPC are correct * MEDIA_UPLOAD_FINISH has a sixth param specifying the move function * Not having upload rights when using media_upload throws a msg
| * XML-RPC deleteAttachment now uses media_deleteAdrian Lang2011-02-06
| | | | | | | | | | | | | | | | Functionality changes: * deleteAttachment now triggers MEDIA_DELETE_FILE (closes FS#1568) * deletion success msg in mediamanager is correct, even when the ns dir was deleted * media_delete changed quite a bit
* | Merge branch 'master' into indexer_improvementsMichael Hamann2011-01-23
|\| | | | | | | | | | | | | Conflicts: inc/fulltext.php inc/indexer.php lib/exe/indexer.php
| * Fix several security issues in the XML-RPC interfaceMichael Hamann2011-01-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | For locks and getRevisions there hasn't been any acl check. In many other cases the id hadn't been cleaned before the acl check was done which means that many acl rules that should be applied weren't applied. So e.g. when you have read permissions for the root namespace but not for a subnamespace you could add a leading ":" and the permissions for the root namespace will be used instead of the permissions for the subnamespace. This did not apply to writing pages and reading media files, but writing and deleting media files have been concerned as well as reading both plain and html versions of pages. This only concerns installations where XML-RPC is enabled (default is disabled) and XML-RPC is allowed for all or untrusted users.
| * Remove enc=utf-8 in VIM modeline as it is not allowed in VIM 7.3Michael Hamann2010-11-29
| | | | | | | | | | | | As of VIM 7.3 it is no longer possible to specify the encoding in the modeline. This gives an error message whenever such a file is opened, thus this commit removes the enc setting from the modeline.
| * Added XMLRPC dokuwiki:appendPageHakan Sandell2010-11-13
| |
* | Indexer v3 Rewrite part two, update uses of indexerTom N Harris2010-12-29
| |
* | Use a different indexer version when external tokenizer is enabledTom N Harris2010-11-17
|/
* Add title index to the indexer files, improve indexer callsAdrian Lang2010-06-16
|
* added cleanID to xmlrpc call wiki.getBackLinksDominik Eckelmann2010-05-26
|
* Adding getTitle to the XML-RPC APIGeorges-Etienne Legendre2010-04-18
|
* Fix #1943: full text search XML-RPC call should return the $pages instead of ↵Georges-Etienne Legendre2010-04-18
| | | | $data
* Use md5sum of id and client ip as temporary filename in XML-RPCMichael Hamann2010-03-16
| | | | | | | | | | | | Before this patch the temporary filename was the uncleaned id. This allowed everyone with upload-privileges (on the whole wiki) and XML-RPC privileges on a XML-RPC-enabled DokuWiki to (over)write any file PHP is allowed to write with any content he wants. If you have XML-RPC enabled and users with XML-RPC and upload privileges you don't trust in a way you would allow them to write any file PHP may write, consider this as an important security fix. By default XML-RPC is disabled, so if you don't know what I'm talking about you are probably not affected by the problem.
* Merge branch 'requireall'Andreas Gohr2010-03-12
|\ | | | | | | | | Conflicts: inc/fulltext.php
| * removed require's in lib/exe/*Andreas Gohr2010-02-01
| |
* | Move & rename HTML_PAGE_FROMTEMPLATE to common.phpAdrian Lang2010-03-10
| | | | | | | | | | The new COMMON_PAGE_FROMTEMPLATE is triggered by pageTemplate AFTER the template has been read but before performing the template replacements.
* | added dokuwiki.search XMLRPC call FS#1882Andreas Gohr2010-02-28
|/
* do not trim XMLRPC values FS#1824Andreas Gohr2009-12-19
| | | | | | | | Ignore-this: f43d3f070cfae4040e0e70648d0e541a The XMLRPC backend will not trim whitespaces or newlines from string values anymore. darcs-hash:20091219151652-7ad00-94d6cb26ff6396e09f107cf09dccb5423680c5c9.gz
* Security Fix: do not allow skipacl in XMLRPCAndreas Gohr2009-11-16
| | | | | | | | | | | | | Ignore-this: 517a7546aab86c5370cccf1aa2171490 Parameters passed to dokuwiki.getPagelist and wiki.getAttachments could contain the option "skipacl" which would prevent ACL checking. This could leak information about usually non-readable files (like filenames, sizes and so on). The content of the files was not accessible. XMLRPC is disabled by default. darcs-hash:20091116220523-7ad00-0fa8a9a7a52076619c6836738f9a1f00a6dafe27.gz
* restrict XMLRPC to configurable groups and usersAndreas Gohr2009-05-16
| | | | | | | | | Ignore-this: 1370cee84d44bb35ae7c0c988ed8f1ff This patch adds a config option to define users or groups that may access the XMLRPC API. ACLs are still checked on top of this intial access control. darcs-hash:20090516114351-7ad00-155fb6c74c29f5f84e79544a534369eec0403ff0.gz
* removed debug statementsAndreas Gohr2009-03-08
| | | | | | Ignore-this: c7d706a81320fb2bf80a399e5fcc259a darcs-hash:20090308112249-7ad00-488e7b5cc87ad3727a161b9625892709d4f25fc0.gz
* Support login in XMLRCP and added API version infoAndreas Gohr2009-03-03
| | | | | | | | | | | | A simple version number was added to the XMLRPC API to make it easy for clients to check if the remote endpoint supports certain features. The login function will take credentials and set cookies on successful login. This is useful when HTTP Basic auth is not available. darcs-hash:20090303193608-7ad00-45b1cd7a5165656796df25ed5c4ebc6e8ef7f95a.gz
* Fixed media size in getRecentMediaChanges XML-RPC call.michael2009-02-27
| | | | | | Ignore-this: 6477d59a1da2f51295326537fa8e14bf darcs-hash:20090227220304-074e0-24e77eb6641c0b43c30a941146487facf2f2277f.gz
* streamlined media listingAndreas Gohr2009-02-23
| | | | | | | Some parameters of media_search where changed, parts using this function need to be identified and fixed. darcs-hash:20090223172746-7ad00-d07951739fba17d0c8925b28b947f7cbb7fc7e1a.gz
* XMLRPC lock or unlock a whole bunch of pagesAndreas Gohr2009-02-20
| | | | | | Ignore-this: d7bb2a80532df444e1ee8e60e3a7b653 darcs-hash:20090220184624-7ad00-2ed594f166e29bcc69d7ecbfe017251764981dd8.gz
* additional custom dokuwiki.* methods in XMLRPCAndreas Gohr2009-02-19
| | | | darcs-hash:20090219214505-7ad00-c547bfbf1f7c12cf7509e0ea66222980c6fa11bc.gz
* Media changelog addedmichael2009-01-18
| | | | | | | | There is a new media changelog now, with the flag RECENTS_MEDIA_CHANGES media changes can be requested from the getRecents()-function or the new getRecentsSince()-function, that returns all changes since a given timestamp and optionally before a given timestamp. The media upload and the XML-RPC-server have been changed to use these functions. Additionally, the event MEDIA_UPLOAD_FINISH has been extended, it has a new $data-attribute (the 5th), that contains a boolean if the file does already exist and will be overwritten. darcs-hash:20090118154345-074e0-5d9a90d269e86d8c6a156ecce5cf63115c827433.gz
* Make content-disposition configurable in mime.conf FS#1541Andreas Gohr2008-12-02
| | | | | | | | | | | | | With this patch it is possible to define if a file should be served as download or be displayed inside the browser (if supported) by configuring it in conf/mime.conf Mimetypes that should be served with a "Content-Disposition: attachment" header need to be prefixed with a exclamation mark. All others will be served inline. This will also fix a Problem with Flash 10. darcs-hash:20081202210322-7ad00-6e7ef30aff9322cd135311be77809187da121f3b.gz
* Added perms and size to getRecentChanges in XML-RPCMichael Hamann2008-08-24
| | | | darcs-hash:20080824100938-fdd0b-c44a74e698eab59347b315881728c6a063e8b740.gz
* XMLRPC: Fixed identation, added deleteAttachment, changed params of ↵Gina Haeussge2008-08-24
| | | | | | putAttachment to fit Wiki RPC specs darcs-hash:20080824100043-2b4f5-4ad6d86abcf6bc816a47bfd902e37684483ff43e.gz
* XMLRPC: Fixed lastModified property for getAllPages and getAttachmentsGina Haeussge2008-08-24
| | | | darcs-hash:20080824092446-2b4f5-8424c621fcca7f765feaccea88c1e6664ce94209.gz
* XMLRPC: new event XMLRPC_CALLBACK_REGISTERMichael Klier2008-08-24
| | | | | | | | | By using this event, action plugins can register their own callback methods in DokuWikis XML-RPC server, and extend it's functionality. The event data is the server instance. Plugins can also remove already registered callbacks or replace them with their own methods. darcs-hash:20080824080457-23886-b49b897592ce6717f0980f6044bae2d51fd73336.gz
* XMLRPC: extended listPages()Michael Klier2008-08-24
| | | | darcs-hash:20080824090633-23886-57dd768012053858ec86eab235698b7f297661ea.gz
* XMLRPC: Cleanup in callback registrationsGina Haeussge2008-08-23
| | | | darcs-hash:20080823173152-2b4f5-8aaed82a8122f0901878326fc17a889c22bc1b79.gz
* XMLRPC: Return permissions and date of last modification for filesGina Haeussge2008-08-23
| | | | darcs-hash:20080823173120-2b4f5-8efab03fd182909ea192f739a228ffad64938eda.gz
* XMLRPC: Added options for recursion and filtering in listAttachmentsGina Haeussge2008-08-23
| | | | darcs-hash:20080823140755-2b4f5-f7d4ce991c38cc6a42e0013e738e291a3d134a43.gz
* XMLRPC: Added getAttachmentInfoGina Haeussge2008-08-23
| | | | darcs-hash:20080823140622-2b4f5-cb7dbe63f0142fedf39fdb5cfd1abedb10a6fa56.gz
* XMLRPC: Fixed parameter type of listAttachmentsGina Haeussge2008-08-23
| | | | darcs-hash:20080823140514-2b4f5-32b2010ecf506250e10ed68704e0c31d99920585.gz
* XMLRPC: Added method getAttachment for retrieving a media file from the wikiGina Haeussge2008-08-23
| | | | darcs-hash:20080823100440-2b4f5-a134b64fe552e5151ac7adce0292e90b62d8c747.gz
* XMLRPC: Make getAttachments recursiveGina Haeussge2008-08-23
| | | | darcs-hash:20080823100400-2b4f5-6327f95d079589a33d0e7881df3436fde1db89e1.gz
* XMLRPC: run indexer on putPage()Michael Klier2008-08-13
| | | | darcs-hash:20080813200614-23886-ad320ca14e120d8206ee5ffdfb4ac087e0aa6929.gz
* XML-RPC: added putAttachment()Michael Klier2008-07-13
| | | | darcs-hash:20080713165645-23886-2caca899a42016be8df0797b21d1adef70544cc4.gz
* XML-RPC: added getAttachments()Michael Klier2008-07-13
| | | | darcs-hash:20080713165210-23886-d28593ac62f3471a4dc4a5410263edb0e48986bc.gz
* XML-RPC: added aclCheck()Michael Klier2008-07-13
| | | | darcs-hash:20080713123837-23886-d2cabfd6bb00928f21a64ca317719831efaec3ae.gz
* FS#1386, replace AUTH_WRITE with AUTH_EDITChris Smith2008-04-17
| | | | darcs-hash:20080417094010-f07c6-383f554d1e06f7fa9946994c5b5b7860b2d5d5db.gz
* XMLRPC: getPage() should honour namespace templatesMichael Klier2008-03-31
| | | | darcs-hash:20080331095402-23886-20331db4e1975c3fbc9c4c59e8688f62d7367390.gz
* XMLRPC: pageVersions() should return the current version tooMichael Klier2008-03-11
| | | | darcs-hash:20080310233733-23886-79cb51e12374a51ac2595298bf331e1525962a2f.gz
* XMLRPC: new function pageVersions()Michael Klier2008-03-05
| | | | | | | This function can be used to retrieve a list of revisions for a given wiki page. darcs-hash:20080305195532-23886-dee2ffff8dcdc21532fb62674edce8a74d6c5525.gz
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-23 03:49:27 +0000