| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
| |
darcs-hash:20061027004117-9b6ab-b7eda08e246e942a1ca4841b94abeda4c2ed722c.gz
|
| |
|
|
|
|
|
| |
- add $conf['fmode'] support, fixes bug #939
- fix problem with plugin list not being updated after download
darcs-hash:20061027013208-9b6ab-1a7640b40b5448a7afad42064fd00c2ccf743af0.gz
|
| |
|
|
| |
darcs-hash:20061026205002-7ad00-70f2acf8203e01d1df93e77ce7d8bdb1f4ddac7b.gz
|
| |
|
|
| |
darcs-hash:20061019101317-7ad00-c9a5b62a9d1e71c15875a8e39050bc931dbf4d03.gz
|
| |
|
|
| |
darcs-hash:20061019083731-c47a2-6d301513c4e313acdbb648e1e22e5b8ef45566da.gz
|
| |
|
|
|
|
|
|
| |
This patch is an enhancement to yesterday's changes. The ability to download
external content could be used for XSS attacks, when faking the sent MIME
type. This patch adds a check on the received data for valid images.
darcs-hash:20061018124942-7ad00-4e8bca7d3877e6a10c348b5d45499cf8adf8b087.gz
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch changes fetch.php ability to download external files. It now checks
for the returned MIME type and will only download images. For all other
MIME types a redirect is sent back to the browser. This reduces the risc of
being misused as open proxy.
Additionally the download facility is disabled completly by default by setting
the fetchsize option to 0. Users who want the feature need to overwrite the option
in their local.php.
Background: The ability to download external files is needed to resize external
images on the server side. When disabled, a redirect is sent to the browser which
will download the fullsize image and rescale it on the client side which is more
bandwidth and CPU intensive.
darcs-hash:20061017175329-7ad00-cd1b1bfa043a04540c51ca8380d28deaa14147d1.gz
|
| |
|
|
| |
darcs-hash:20061013113521-7ad00-1ab48718ab30e042971a6dd6ef595462185955e6.gz
|
| |
|
|
|
|
|
| |
- translated new strings in registermail.txt, config e usermanager plugins
- fixed changed parameter in config plugin
darcs-hash:20060829170241-57bea-24bf2cbfb341f25b1461cc7cd4fc442e0f44d511.gz
|
| |
|
|
|
|
| |
Fixes a header injection/XSS vulnerability
darcs-hash:20061008100523-7ad00-be06a942badb6a2a9ed862be003ee0050504b4b0.gz
|
| |
|
|
|
|
|
| |
This patch removes some commented code fragments and alternative
snippet generators
darcs-hash:20061008090624-7ad00-14bfee2ded6c6c8ef43ad02a4c02a5d95ee9daf7.gz
|
| |
|
|
|
|
|
| |
- change validation pattern to allow 3 or 4 octal digits and hence
setting of SUID, SGID and sticky bit on systems which support them
darcs-hash:20061005223141-9b6ab-80511ecc4780d6258f15f59087f9bab20d1f1340.gz
|
| |
|
|
| |
darcs-hash:20061002203925-9b6ab-ca7c87dc96fbc9572ef92a804d58715b0ab0b3e5.gz
|
| |
|
|
|
|
| |
Fixes a shell injection and a DOS vulnerability
darcs-hash:20060926200551-7ad00-5ef27940dda6e48e7e2f8743fc90fa80b7b5cdff.gz
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Cache
- add dependency for metadata renderer file
- check metadata for end of page life, "date valid end".
Metadata Renderer
- RSS syntax mode now sets rendered page expiry, "date valid end"
and includes the feed URL in "relation haspart".
Purgefile
For all wiki installations the purgefile records the earliest
time before which no cache purge (based on data consistency)
is required. Cache files older than this time MAY need to be
purged.
- remove purgeonadd configuration setting
darcs-hash:20060924202157-9b6ab-4531e91411c41914eeab2b6a8160c3d46b001cee.gz
|
| |
|
|
| |
darcs-hash:20060925182128-7ad00-99db9371c6986605eb4d990f819f09bf850ffaa1.gz
|
| |
|
|
| |
darcs-hash:20060924175824-7ad00-f8a6b8e38ef62aab5c6853b1c355df34259ebb7c.gz
|
| |
|
|
|
|
|
|
| |
The progressbar script used in the search accessed parts of the DOM before
it was completely parsed which caused problems in IE. This patch moves back
to document.write for outputting the image.
darcs-hash:20060924170354-7ad00-1e0247b00fc4da4dd30301f4b9389ef727496c4a.gz
|
| |
|
|
|
|
|
|
| |
- fix potential array key collisions
- restore ability to keep a minimum number ($conf['recent']) of recent changes
irregardless of date of change
darcs-hash:20060924162105-9b6ab-06350f04f9d9ac4c362f13787b682ef70887a1fc.gz
|
| |
|
|
| |
darcs-hash:20060924100606-7ad00-7e0bc1fa7778669ac352f8d8994acbb7517323cd.gz
|
| |
|
|
|
|
|
|
|
|
| |
This patch fixes a bug in indexer.php which resulted in the order
of the recent changes cache being reversed each time it was trimmed.
It also adds sorting to both getRecents() and runTrimRecentChanges()
as a defensive measure against the order of the file being corrupted.
darcs-hash:20060923235109-9b6ab-0f4062c1b02449cce9382426174cd22d71387e5a.gz
|
| |
|
|
| |
darcs-hash:20060923203609-9b6ab-ecca679faa254a29772868508050fcf3206b0814.gz
|
| |
|
|
| |
darcs-hash:20060917140718-7ad00-ab1b95974ad63966c770f787112bc7c2e285c394.gz
|
| |
|
|
| |
darcs-hash:20060917075103-c47a2-de10540e0be698e3aeeab00f085bd212891cd750.gz
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds a feature to let DokuWiki automatically check if updates are
available or any other important messages (like security warnings) and then
display this info to the admin user.
DokuWiki will contact the URL http://www.splitbrain.org/lib/exe/msg.php
with a parameter telling it which messages it already know (read from
conf/msg) - the server side script then will return all new messages.
The messages will be displayed until DokuWiki was upgraded or conf/msg
was updated manually. Messages are cached and only checked once a day.
The messenger URL will probably change before the next release.
darcs-hash:20060916210229-7ad00-7ac592650e171ae4144b0eb47a751a4ca480f031.gz
|
| |
|
|
| |
darcs-hash:20060916145219-7ad00-2ca985138204b2547ef9e24d780c226af8073fcb.gz
|
| |
|
|
| |
darcs-hash:20060915150152-7ad00-9ee841597a011119b96964a1468b1f517fab857a.gz
|
| |
|
|
|
|
|
|
|
|
|
| |
- Improves handling of deleted revisions.
- Import plugin disables after import.
- Check act reports if plugin is still enabled after the import.
- Import correctly handles summaries without the minor prefix.
- Newlines and tabs are now striped out of type, sum,
and extra in the changelog.
darcs-hash:20060911014738-05dcb-2f6c9fdffb6346f7d3190610a72b290090b28097.gz
|
| |
|
|
|
|
|
|
| |
Suppress any errors from set_time_limit,
unlink, and file_exists functions.
see: http://www.freelists.org/archives/dokuwiki/09-2006/msg00004.html
darcs-hash:20060908193433-05dcb-013617431870ab5bfb2ce8c6e99ba5af13493228.gz
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch primarily updates p_cached_xhtml() and p_cached_instructions() to
allow their caching logic to be surrounded by an event trigger.
p_cached_xhtml() has been rewritten as the more general p_cached_output() to
support other render output formats besides 'xhtml'. All calls to
p_cached_xhtml() have been changed to refer to the new function.
New event:
name: PARSER_CACHE_USE
data: cache object (see below)
action: determine if cache file can be used
preventable: yes
result: bool, true to use cache file, false otherwise
Cache operations have been generalised in a new class, cache, extended to
cache_parser, cache_renderer & cache_instructions. Details can be found in
inc/cache.php
For handling of above event, key properties are:
- page, if present the wiki page id,
may not always be present, e.g. when called for locale xhtml files
- file, source file
- mode, renderer mode (e.g. 'xhtml') or 'i' for instructions
Other changes:
- cache class counts cache hits against attempts, results are stored in
{cache_dir}/cache_stats.txt
- adds metadata dependency to renderer page cache
- replaces purgefile dependency for renderer cache with metadata
'relation references' (internal link) dependency for wiki pages only
darcs-hash:20060911021418-9b6ab-19601ed194b8c8e45236ab72c3e23d78bf777e6c.gz
|
| |
|
|
|
|
|
| |
- main.php & detail.php
add check for being run by DokuWiki, die() if not.
darcs-hash:20060909093603-9b6ab-0f8e31e246adba8adc888dbba1f924ff0e455d63.gz
|
| |
|
|
| |
darcs-hash:20060904182033-7ad00-c72dfa5fa9f5c44e0fdf09db922a4915935169f7.gz
|
| |
|
|
| |
darcs-hash:20060903193759-d5083-276d7cb9622d9a009de2aedca8bfba880c3ffbdd.gz
|
| |
|
|
|
|
|
|
|
|
|
| |
This should fix an issue with IE6 and https where the window.onload magic
would raise a security warning. See
http://dean.edwards.name/weblog/2006/06/again/#comment5776
http://dean.edwards.name/weblog/2006/06/again/#comment5788
needs testing
darcs-hash:20060903162438-7ad00-b29cd50387d1fef95bb688910b41e6b64cfeebca.gz
|
| |
|
|
| |
darcs-hash:20060903081832-7ad00-9ea6aaaf2fb84fa543d3606e634e973711591597.gz
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch provides a rewritten changelog system that is designed to run
efficiently on both small and large wikis. The patch includes a plugin to
convert changelogs from the current format. The conversion is
non-destructive and happens automatically. For more information on the new
changelog format see "http://wiki.splitbrain.org/wiki:changelog".
Structure
In short the changelog is now stored in per-page changelog files, with a
recent changes cache. The recent changes cache is kept in
"/data/meta/_dokuwiki.changes" and trimmed daily. The per-page changelogs
are kept in "/data/meta/<ns>/<page_id>.changes" files. To preserve
revision information for revisions stored in the attic, the "*.changes"
files are not removed when their page is deleted. This allows the full
life-cycle of page creation, deletion, and reversion to be tracked.
Format
The changelog line format now uses a general "line type" field in place of
the special "minor" change syntax. There is also an extra field that can
be used to store arbitrary data associated with special line types. The
reverted line type (R) is a good example. There the extra field holds the
revision date used as the source for reverting the page. See the wiki for
the complete syntax description.
Code Notes
The changelog functions have been rewritten to load the whole file only if
it is small. For larger files, the function loads only the relevant
chunk(s). Parsed changelog lines are cached in memory to speed future
function calls.
getRevisionInfo
A binary search is used to locate the chunk expected to contain the
requested revision. The whole chunk is parsed, and adjacent lines are
optimistically cached to speed consecutive calls.
getRevisions
Reads the changelog file backwards (newest first) in chunks until the
requested number of lines have been read. Parsed changelog lines are
cached for subsequent calls to getRevisionInfo. Because revisions are read
from the changelog they are no longer guaranteed to exist in the attic.
(Note: Even with lines of arbitrary length getRevisionInfo and
getRevisions never split changelog lines while reading. This is done by
sliding the "file pointer" forward to the end of a line after each blind
seek.)
isMinor
Removed. To detect a minor edit check the type as follows:
$parsed_logline['type']
darcs-hash:20060830182753-05dcb-1c5ea17f581197a33732a8d11da223d809c03506.gz
|
| |
|
|
|
|
|
|
| |
This patch no longer uses htmlspecialchars on $conf['title'] when
used in the page title - instead strip_tags is applied. This streamlines
the use of $conf['title']
darcs-hash:20060826180943-7ad00-c8cc155c1e92fad05b85f77841834f782cbf6281.gz
|
| |
|
|
|
|
|
|
|
| |
- add $conf['compression'] meta data and en lang strings
- remove $conf['usegzip'] meta data and en lang strings
Other language strings will need to be updated.
darcs-hash:20060825223047-9b6ab-b0c8c6af57847690a6d398d0bd98af9a51911c21.gz
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- add capability to send notification emails to users on
creation and password modification (bug#640)
- add success and fail messages for new user addition
- fix bug when modification of username wasn't allowed,
'Edit user' fields weren't populated
- fix (php5 only?) bug where default group wasn't given to
a new user if no groups were specified
- added explanatory notes concerning default group and
password notification emails
This patch adds several new strings to the plugin's lang.php
darcs-hash:20060823115626-9b6ab-ea98ef630c79b28b52141957deb3efc307a9291d.gz
|
| |
|
|
| |
darcs-hash:20060818142400-7ad00-b90e76acbfc37f99d4317fea26d063f67ffb4488.gz
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Allows action plugins to support custom ajax calls.
The event data is the call name from $_POST['call'].
When handling a custom ajax call, remember to use
$event->preventDefault();
to avoid having the
'AJAX call <call> unknown!'
message appended to the output.
darcs-hash:20060809194501-05dcb-0082e4f2a83fc8657fc7cdcf32d44aac8d1a6b99.gz
|
| |
|
|
| |
darcs-hash:20060808131143-9b6ab-1bf57f66c6d1b10305f1bf190c7d507130f84eaa.gz
|
| |
|
|
| |
darcs-hash:20060807205738-7ad00-5492ba5fe3e854f9dc233254535e4e897847353c.gz
|
| |
|
|
| |
darcs-hash:20060807200813-7ad00-ca46ec6eca59cc368fbace6f7de337e4d1e997a5.gz
|
| |
|
|
|
|
| |
fix ordering of plugins for php5
darcs-hash:20060807132242-9b6ab-2dc8e4508dc721908ec6453fc09acec1de23687d.gz
|
| |
|
|
|
|
|
| |
This patch makes sure all languages files have UNIX style line endings
and use correct UTF-8 encoding
darcs-hash:20060806143836-7ad00-2d9c48c5be303565ce461ec977c8792df61fbdd1.gz
|
| |
|
|
|
|
| |
completed IT translation for new release of Dokuwiki
darcs-hash:20060806094947-57bea-f82fb29ada061db880bbab84d7cee79711f3e49b.gz
|
| |
|
|
| |
darcs-hash:20060805150015-d5083-4ac2de4b475c70d386745aefd606ffb396cf8f92.gz
|
| |
|
|
| |
darcs-hash:20060805141743-d5083-35b1edef7cd407f93b593e0a1cbbf1f548e86add.gz
|
| |
|
|
| |
darcs-hash:20060731224944-072b4-a965cc88f22614bde7d57fa2d714c749933d66f8.gz
|
