summaryrefslogtreecommitdiff
path: root/lib/exe
Commit message (Collapse)AuthorAge
* Use md5sum of id and client ip as temporary filename in XML-RPCMichael Hamann2010-03-16
| | | | | | | | | | | | Before this patch the temporary filename was the uncleaned id. This allowed everyone with upload-privileges (on the whole wiki) and XML-RPC privileges on a XML-RPC-enabled DokuWiki to (over)write any file PHP is allowed to write with any content he wants. If you have XML-RPC enabled and users with XML-RPC and upload privileges you don't trust in a way you would allow them to write any file PHP may write, consider this as an important security fix. By default XML-RPC is disabled, so if you don't know what I'm talking about you are probably not affected by the problem.
* removed dead leftover code from media searchAndreas Gohr2010-03-12
|
* Merge branch 'requireall'Andreas Gohr2010-03-12
|\ | | | | | | | | Conflicts: inc/fulltext.php
| * removed require's in lib/exe/*Andreas Gohr2010-02-01
| |
* | Move & rename HTML_PAGE_FROMTEMPLATE to common.phpAdrian Lang2010-03-10
| | | | | | | | | | The new COMMON_PAGE_FROMTEMPLATE is triggered by pageTemplate AFTER the template has been read but before performing the template replacements.
* | added dokuwiki.search XMLRPC call FS#1882Andreas Gohr2010-02-28
| |
* | honor sneaky_index config in link manager FS#1907Andreas Gohr2010-02-28
| |
* | Send 403 instead of 401 in fetch.php FS#1904Andreas Gohr2010-02-24
| |
* | Changed FETCH_MEDIA_4XERROR to FETCH_MEDIA_STATUSAndreas Gohr2010-02-23
| |
* | Added FETCH_MEDIA_4XERROR eventGerry Weißbach2010-02-23
| |
* | Disable locking when locktime is zeroDaniel Calviño Sánchez2010-02-15
| |
* | Correct subscribe config parameter nameAdrian Lang2010-02-08
| |
* | Fix documentation for subscribe_timeAdrian Lang2010-02-08
|/
* Fix $info var reference in digest sendAdrian Lang2010-01-20
| | | | darcs-hash:20091130135040-e4919-40b6614fe28ea07dc5796661ddda6d005264ddbc.gz
* wrong function name fixedAndreas Gohr2010-01-20
| | | | | | Ignore-this: b74163181c2e41d3be022a6185f3e1c1 darcs-hash:20091124115805-6e07b-e808cf44a00a65ff8c70cc7e8de4dfedadf96cbd.gz
* correctly handle permissions in digest mailerAndreas Gohr2010-01-20
| | | | | | Ignore-this: c34455078907459a846cf7f00e2b586b darcs-hash:20091123161603-6e07b-927477d6ca50e665228487eb0d3ce9787dbe455b.gz
* Add events to subscription.Adrian Lang2010-01-20
|
* New mail subscription with digestAdrian Lang2010-01-20
|
* Factor out timer and delay managementAdrian Lang2010-01-12
| | | | darcs-hash:20091201115019-e4919-fe83e3d69eb997d0c04064b46117690824fe4daf.gz
* Allow hyphens and underscores in javascript include filenamesAdrian Lang2010-01-12
| | | | darcs-hash:20091119142845-e4919-5394617fd83d4de22673491b868f7040c25fb290.gz
* do not trim XMLRPC values FS#1824Andreas Gohr2009-12-19
| | | | | | | | Ignore-this: f43d3f070cfae4040e0e70648d0e541a The XMLRPC backend will not trim whitespaces or newlines from string values anymore. darcs-hash:20091219151652-7ad00-94d6cb26ff6396e09f107cf09dccb5423680c5c9.gz
* Set php setting for Flash multi uploader FS#1641Andreas Gohr2009-11-28
| | | | | | Ignore-this: c389f8d2428f3e0bba2d1c736ef9ee78 darcs-hash:20091128170811-7ad00-8ef06583981a7cdab32b96278590a5aa82cedb74.gz
* Security Fix: do not allow skipacl in XMLRPCAndreas Gohr2009-11-16
| | | | | | | | | | | | | Ignore-this: 517a7546aab86c5370cccf1aa2171490 Parameters passed to dokuwiki.getPagelist and wiki.getAttachments could contain the option "skipacl" which would prevent ACL checking. This could leak information about usually non-readable files (like filenames, sizes and so on). The content of the files was not accessible. XMLRPC is disabled by default. darcs-hash:20091116220523-7ad00-0fa8a9a7a52076619c6836738f9a1f00a6dafe27.gz
* fixed message on deleting a file successfullyAndreas Gohr2009-11-15
| | | | | | Ignore-this: 76fa6cff9e537289d6c017faa7d48a52 darcs-hash:20091115153844-7ad00-137d4253cbd9fd2dab888c22a3170bd70b90958e.gz
* don't check filesize but rely on error on upload FS#1716Andreas Gohr2009-11-15
| | | | | | Ignore-this: adff36f3e49963a6682b5faabf6cb63e darcs-hash:20091115153119-7ad00-2c20c420faeea08c113a76acc05917621f361880.gz
* Fix js_compress regexp detectionPierre Paysant-Le Roux2009-11-05
| | | | | | Ignore-this: ffb20375a09483502d61241d76877a8d darcs-hash:20091105213452-533a7-f09aca121cf24a8b6ad2d3448d058a846cb52182.gz
* Emit less E_NOTICEs and E_STRICTsAdrian Lang2009-11-04
| | | | | | | | | | | | | Changes of behaviour are: * Allow the user name, title & description \e2\80\9c0\e2\80\9d * Default to Port 443 if using HTTPS * Set $INFO['isadmin'] and $INFO['ismanager'] to \e2\80\9cfalse\e2\80\9d even if no user is logged in * Do not pass empty fragment field in the event data for event ACTION_SHOW_REDIRECT * Handle chunked encoding in HTTPClient darcs-hash:20091104100115-e4919-5cf6397d4a457e3f98a8ca49fbdab03f2147721d.gz
* Remove spellchecker css include since it does not existAdrian Lang2009-10-28
| | | | darcs-hash:20091028090548-e4919-00a3fec308ce29b5bac24ee1038081a3bc06f62f.gz
* LinkWizard: don't add a title when useheading is used for content FS#1745Andreas Gohr2009-11-02
| | | | | | Ignore-this: 48f0da3ab0bf0178197b16e63143e1ca darcs-hash:20091102130115-6e07b-d10e1c076791cdeb08b87ec76d6be8730228c8fb.gz
* save compressed css/js caches with io_saveFile and check for gzip supportAndreas Gohr2009-10-18
| | | | | | Ignore-this: 77e61d0082fe6eb8f43059fb5da67eee darcs-hash:20091018203240-7ad00-4530a8b64af79bc844f50e3c0988e466fb09351c.gz
* Updated Microsoft sitemap ping URL for bingAndreas Gohr2009-10-14
| | | | | | Ignore-this: bab31d8f21840cf36b3e6fbe9c0b1b63 darcs-hash:20091014112449-6e07b-c298b41cfee8940c01f515b399fcf1a2da0fb237.gz
* New dformat() function for fuzzy date supportAndreas Gohr2009-10-07
| | | | | | | | | | | | | | | | | | Ignore-this: 7193cd788fee2c05a9068bf6edd5dc17 It is now possible to use the %f placeholder in $conf['dformat'] to add a fuzzy age string. Template developers and plugin authors should replace their strftime + $conf['dformat'] calls with calls to the new dformat() function. Example: %Y/%m/%d %H:%M (%f) produces dates like this: 2009/09/16 10:36 (3 weeks ago) darcs-hash:20091007133614-6e07b-677108d1b43928ef8fd886813e43514507b5e073.gz
* Whitespace cleanup FS#1709furun2009-10-16
| | | | | | Ignore-this: 27ea52110bce929b2c61ed8faba67cfc darcs-hash:20091016205526-c0bf4-35eba4e65d37980a667ba982f7f1ea5b7b07f01c.gz
* do not display full path names in JS comments FS#1770Andreas Gohr2009-10-06
| | | | | | Ignore-this: e25dcba3daa9d89efbeb1bfdfe0f24bb darcs-hash:20091006201146-7ad00-ca35f4e0bd96cbe008fb77ae8391de2a74b9fc49.gz
* require a hash in fetch.php for external URLs FS#1769Andreas Gohr2009-10-06
| | | | | | | | | | Ignore-this: a66fc8874fb8e04b1258f2e71e35ed90 To avoid fetch.php being abused as anonymous forwarder or even proxy, now a hash is needed for external ressources. This hash is automatically added by the ml() function. darcs-hash:20091006182001-7ad00-adf5f6275b0d7f76543f76d6196f1531b8c09e1c.gz
* Use all available icons for file links (FS#1759)Tom N Harris2009-09-26
| | | | | | | | | All PNG and GIF images in the lib/images/fileicons directory will be used for media file links. The conf/mime.conf file continues to restrict which file types may be uploaded. File types not in the configuration list are download-only. darcs-hash:20090925231746-6942e-299a52772f67e265a8702bda3686f495e4337a8f.gz
* Search capabilities for the media manager added.sarnowski2009-08-24
| | | | darcs-hash:20090824112230-8c5bd-7b8d8ba14e7533c1035b7b732983a0e3de8251a1.gz
* Prevent unnecessary updates of the changelog (FS#1758)Mykola Ostrovskyy2009-09-20
| | | | | | Ignore-this: 5653cc47ce2ee6412ba82c82eb2b45fe darcs-hash:20090920171954-40dc4-0c4249b424314a930cdcbe710796db2820330aef.gz
* added MEDIAMANAGER_CONTENT_OUTPUT eventAndreas Gohr2009-08-30
| | | | | | Ignore-this: 1742cf72bee0a1ac1898109ba5afc962 darcs-hash:20090830111438-7ad00-120e8fa9ce41e4317676dc2e9d5cf113a418ec44.gz
* More Link wizard cleanupAndreas Gohr2009-08-14
| | | | | | Ignore-this: 100b66fbe26d82dfd6cffba751cf6992 darcs-hash:20090814114056-7ad00-f5dc711f467f9f6d8904bb6b08d7daac4e675ec2.gz
* simplify JavaScript loadingAndreas Gohr2009-08-12
| | | | | | | | | | | | | | | | | | | | | Ignore-this: 7637977e042ed8ba7e9e9097f9e9f03f This patch removes the differences between the JavaScript loaded in edit and view modes. * increases the amount of JavaScript that is loaded initially * decreases the number of requests * only one cache for all javascript * all javascript is available in view mode The last point is the most important as it makes a lot of functionality available to plugins working in the view mode. The discussion plugin now can reuse the toolbar code for example. Note: development is part of ICKE 2.0 project http://www.icke-projekt.de darcs-hash:20090812194007-6e07b-c8a71dedf506065a95d8b84b55aafce67810236c.gz
* Link Wizard addedAndreas Gohr2009-08-12
| | | | | | | | | | | | | | | | | Ignore-this: c15561aa909f921f7845576378851b93 This adds a new link wizard to the toolbar which helps users to find the page the want to link to. Pages can be found by a simple page name search or by browsing the existing namespaces. This is the first checkin. Some cleanup and MSIE compatibility checks remain. note: development was part of the ICKE 2.0 project see http://www.icke-projekt.de for info darcs-hash:20090812102302-6e07b-fcc564fcaf2ed6aa832918870dd0f92607748687.gz
* Script lib for draggable DOM objectsAndreas Gohr2009-08-12
| | | | | | | | | | | | Ignore-this: 907af01f2757cc494d2c54d8e4d7b9d1 This adds a simple object that can be attached to positioned DOM objects to make them draggable. This is useful for inplace dialogs. note: development was part of the ICKE 2.0 project see http://www.icke-projekt.de for info darcs-hash:20090812102055-6e07b-88451d4d67877224950a289b9cd415544f4c2755.gz
* fix printf calls in mediamanager FS#1711Christian Marg2009-06-05
| | | | | | Ignore-this: a8fb901f3bea94cd3052555e05e70486 darcs-hash:20090605150728-b686a-5543ff58c5cd3c0f48e260aaf4d3c7b365c2be6a.gz
* Multiple enhancements in the flash uploaderAndreas Gohr2009-06-05
| | | | | | Ignore-this: 9f05194de64b5e5d47fa45bb45814f8d darcs-hash:20090604230010-7ad00-118e3b31589f882440eaa35509bf2126cf49d9a9.gz
* more javascript refactoringAndreas Gohr2009-05-28
| | | | | | Ignore-this: 10badc0f97ef80fcd366ae4622c43ff1 darcs-hash:20090528121543-7ad00-df34efabe84c632df9ef0c6fd691c991d2c3ac82.gz
* start of toolbar javascript refactoringAndreas Gohr2009-05-15
| | | | | | Ignore-this: 81ef7a71e6910751bf5d6c1b592978c4 darcs-hash:20090515173045-7ad00-e62f075dab9ec4dfa555554f4f50792ceccb97d7.gz
* restrict XMLRPC to configurable groups and usersAndreas Gohr2009-05-16
| | | | | | | | | Ignore-this: 1370cee84d44bb35ae7c0c988ed8f1ff This patch adds a config option to define users or groups that may access the XMLRPC API. ACLs are still checked on top of this intial access control. darcs-hash:20090516114351-7ad00-155fb6c74c29f5f84e79544a534369eec0403ff0.gz
* fixed GET support in lib/exe/ajax.php FS#1679Andreas Gohr2009-05-04
| | | | | | Ignore-this: e77d9d77e6a02bb18b0cf7043a7eb3cb darcs-hash:20090504181055-7ad00-f8bf902e0c93f45eb6ca33fd5b32c9f8bb85512e.gz
* Support for multirange requests for media FS#1630Andreas Gohr2009-03-13
| | | | | | | | | | | Ignore-this: 50de569608231b910a62327d2f3af1de This patch moves all HTTP sending related functions to inc/httputils.php Handling of range requests was rewritten completely to support mutirange requests. This should fix problems with Adobe Reader but needs testing. darcs-hash:20090313190247-7ad00-e6ec1f81acb9f7ac651357dd034c2689aea6868d.gz
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-06 22:35:49 +0000