From ba9418bca378a6759305e3b388926df4f5a0af9c Mon Sep 17 00:00:00 2001 From: Hakan Sandell Date: Sat, 13 Nov 2010 18:20:28 +0100 Subject: Added XMLRPC dokuwiki:appendPage --- lib/exe/xmlrpc.php | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) (limited to 'lib/exe') diff --git a/lib/exe/xmlrpc.php b/lib/exe/xmlrpc.php index f06792361..8c2bec6f9 100644 --- a/lib/exe/xmlrpc.php +++ b/lib/exe/xmlrpc.php @@ -7,7 +7,7 @@ if(isset($HTTP_RAW_POST_DATA)) $HTTP_RAW_POST_DATA = trim($HTTP_RAW_POST_DATA); /** * Increased whenever the API is changed */ -define('DOKU_XMLRPC_API_VERSION',4); +define('DOKU_XMLRPC_API_VERSION',5); require_once(DOKU_INC.'inc/init.php'); session_write_close(); //close session @@ -143,6 +143,13 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { true ); + $this->addCallback( + 'dokuwiki.appendPage', + 'this:appendPage', + array('int', 'string', 'string', 'struct'), + 'Append text to a wiki page.' + ); + /* Wiki API v2 http://www.jspwiki.org/wiki/WikiRPCInterface2 */ $this->addCallback( 'wiki.getRPCVersionSupported', @@ -577,6 +584,17 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { return 0; } + /** + * Appends text to a wiki page. + */ + function appendPage($id, $text, $params) { + $currentpage = $this->rawPage($id); + if (!is_string($currentpage)) { + return $currentpage; + } + return $this->putPage($id, $currentpage.$text, $params); + } + /** * Uploads a file to the wiki. * -- cgit v1.2.3 From 98214867894eba512bf47cba3439ccba3968f49b Mon Sep 17 00:00:00 2001 From: Michael Hamann Date: Mon, 22 Nov 2010 21:12:02 +0100 Subject: Render metadata when needed This changes fundamentally when metadata is rendered. This commit introduces a new cache file for every page that just contains a timestamp and is updated whenever the metadata of that page is rendered. Metadata is rendered when p_get_metadata is called and the last rendering has been before a page, metadata, configuration or renderer update or purge is set like in the xhtml renderer cache. Metadata is no longer automatically rendered when the xhtml renderer cache isn't used but will still be rendered when needed as p_get_metadata is called in the cache. Metadata is also no longer rendered in the indexer script when missing as that is already done by pageinfo() before anything else is done so the indexer script won't be called when there is no metadata file. --- lib/exe/indexer.php | 46 ---------------------------------------------- 1 file changed, 46 deletions(-) (limited to 'lib/exe') diff --git a/lib/exe/indexer.php b/lib/exe/indexer.php index 3fa81715b..bf5bad2e7 100644 --- a/lib/exe/indexer.php +++ b/lib/exe/indexer.php @@ -34,7 +34,6 @@ $tmp = array(); // No event data $evt = new Doku_Event('INDEXER_TASKS_RUN', $tmp); if ($evt->advise_before()) { runIndexer() or - metaUpdate() or runSitemapper() or sendDigest() or runTrimRecentChanges() or @@ -174,51 +173,6 @@ function runIndexer(){ return true; } -/** - * Will render the metadata for the page if not exists yet - * - * This makes sure pages which are created from outside DokuWiki will - * gain their data when viewed for the first time. - */ -function metaUpdate(){ - global $ID; - print "metaUpdate(): started".NL; - - if(!$ID) return false; - $file = metaFN($ID, '.meta'); - echo "meta file: $file".NL; - - // rendering needed? - if (@file_exists($file)) return false; - if (!page_exists($ID)) return false; - - global $conf; - - // gather some additional info from changelog - $info = io_grep($conf['changelog'], - '/^(\d+)\t(\d+\.\d+\.\d+\.\d+)\t'.preg_quote($ID,'/').'\t([^\t]+)\t([^\t\n]+)/', - 0,true); - - $meta = array(); - if(!empty($info)){ - $meta['date']['created'] = $info[0][1]; - foreach($info as $item){ - if($item[4] != '*'){ - $meta['date']['modified'] = $item[1]; - if($item[3]){ - $meta['contributor'][$item[3]] = $item[3]; - } - } - } - } - - $meta = p_render_metadata($ID, $meta); - p_save_metadata($ID, $meta); - - echo "metaUpdate(): finished".NL; - return true; -} - /** * Builds a Google Sitemap of all public pages known to the indexer * -- cgit v1.2.3 From e3776c06c37cc197709dac60892604dfea894ac2 Mon Sep 17 00:00:00 2001 From: Michael Hamann Date: Mon, 29 Nov 2010 01:34:36 +0100 Subject: Remove enc=utf-8 in VIM modeline as it is not allowed in VIM 7.3 As of VIM 7.3 it is no longer possible to specify the encoding in the modeline. This gives an error message whenever such a file is opened, thus this commit removes the enc setting from the modeline. --- lib/exe/ajax.php | 2 +- lib/exe/css.php | 2 +- lib/exe/fetch.php | 2 +- lib/exe/indexer.php | 2 +- lib/exe/js.php | 2 +- lib/exe/opensearch.php | 2 +- lib/exe/xmlrpc.php | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) (limited to 'lib/exe') diff --git a/lib/exe/ajax.php b/lib/exe/ajax.php index e9c59ca5d..e514762fd 100644 --- a/lib/exe/ajax.php +++ b/lib/exe/ajax.php @@ -339,4 +339,4 @@ function ajax_linkwiz(){ } -//Setup VIM: ex: et ts=2 enc=utf-8 : +//Setup VIM: ex: et ts=2 : diff --git a/lib/exe/css.php b/lib/exe/css.php index 76f40c7bb..e64ebc22a 100644 --- a/lib/exe/css.php +++ b/lib/exe/css.php @@ -330,4 +330,4 @@ function css_comment_cb($matches){ return $matches[0]; } -//Setup VIM: ex: et ts=4 enc=utf-8 : +//Setup VIM: ex: et ts=4 : diff --git a/lib/exe/fetch.php b/lib/exe/fetch.php index 680fd9ae4..3ad4f1937 100644 --- a/lib/exe/fetch.php +++ b/lib/exe/fetch.php @@ -198,4 +198,4 @@ function calc_cache($cache){ return -1; //cache endless } -//Setup VIM: ex: et ts=2 enc=utf-8 : +//Setup VIM: ex: et ts=2 : diff --git a/lib/exe/indexer.php b/lib/exe/indexer.php index bf5bad2e7..58b0d0787 100644 --- a/lib/exe/indexer.php +++ b/lib/exe/indexer.php @@ -302,6 +302,6 @@ function sendGIF(){ // Thinks it's got the whole image } -//Setup VIM: ex: et ts=4 enc=utf-8 : +//Setup VIM: ex: et ts=4 : // No trailing PHP closing tag - no output please! // See Note at http://www.php.net/manual/en/language.basic-syntax.instruction-separation.php diff --git a/lib/exe/js.php b/lib/exe/js.php index f9682e1e9..117021308 100644 --- a/lib/exe/js.php +++ b/lib/exe/js.php @@ -396,4 +396,4 @@ function js_compress($s){ return trim($result); } -//Setup VIM: ex: et ts=4 enc=utf-8 : +//Setup VIM: ex: et ts=4 : diff --git a/lib/exe/opensearch.php b/lib/exe/opensearch.php index f16b4f681..03a1632c4 100644 --- a/lib/exe/opensearch.php +++ b/lib/exe/opensearch.php @@ -35,4 +35,4 @@ echo ' '.NL; echo ''.NL; -//Setup VIM: ex: et ts=4 enc=utf-8 : +//Setup VIM: ex: et ts=4 : diff --git a/lib/exe/xmlrpc.php b/lib/exe/xmlrpc.php index 8c2bec6f9..d232930a3 100644 --- a/lib/exe/xmlrpc.php +++ b/lib/exe/xmlrpc.php @@ -968,4 +968,4 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { $server = new dokuwiki_xmlrpc_server(); -// vim:ts=4:sw=4:et:enc=utf-8: +// vim:ts=4:sw=4:et: -- cgit v1.2.3 From f7d780b9b82a664525120a90a8b1cb25be57d0e0 Mon Sep 17 00:00:00 2001 From: Gabriel Birke Date: Sun, 9 Jan 2011 13:18:19 +0100 Subject: Preserve @import statements in CSS --- lib/exe/css.php | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) (limited to 'lib/exe') diff --git a/lib/exe/css.php b/lib/exe/css.php index e64ebc22a..eb2d96513 100644 --- a/lib/exe/css.php +++ b/lib/exe/css.php @@ -122,6 +122,9 @@ function css_out(){ // apply style replacements $css = css_applystyle($css,$tplinc); + + // place all @import statements at the top of the file + $css = css_moveimports($css); // compress whitespace and comments if($conf['compress']){ @@ -265,6 +268,7 @@ function css_loadfile($file,$location=''){ if(!$location) return $css; $css = preg_replace('#(url\([ \'"]*)((?!/|http://|https://| |\'|"))#','\\1'.$location.'\\3',$css); + $css = preg_replace('#(@import\s+[\'"])((?!/|http://|https://))#', '\\1'.$location.'\\2"', $css); return $css; } @@ -296,6 +300,29 @@ function css_pluginstyles($mode='screen'){ return $list; } +/** + * Move all @import statements in a combined stylesheet to the top so they + * aren't ignored by the browser. + * + * @author Gabriel Birke + */ +function css_moveimports($css) +{ + if(!preg_match_all('/@import\s+(?:url\([^)]+\)|"[^"]+")\s*[^;]*;\s*/', $css, $matches, PREG_OFFSET_CAPTURE)) { + return $css; + } + $newCss = ""; + $imports = ""; + $offset = 0; + foreach($matches[0] as $match) { + $newCss .= substr($css, $offset, $match[1] - $offset); + $imports .= $match[0]; + $offset = $match[1] + strlen($match[0]); + } + $newCss .= substr($css, $offset); + return $imports.$newCss; +} + /** * Very simple CSS optimizer * -- cgit v1.2.3 From 6e0b4b67444b8434ed2c351ea0e36008667251d5 Mon Sep 17 00:00:00 2001 From: Michael Hamann Date: Sun, 9 Jan 2011 14:52:50 +0100 Subject: Fixed css_loadfile and removed unneeded complexity, added testcases --- lib/exe/css.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'lib/exe') diff --git a/lib/exe/css.php b/lib/exe/css.php index eb2d96513..4db81de0b 100644 --- a/lib/exe/css.php +++ b/lib/exe/css.php @@ -267,8 +267,8 @@ function css_loadfile($file,$location=''){ $css = io_readFile($file); if(!$location) return $css; - $css = preg_replace('#(url\([ \'"]*)((?!/|http://|https://| |\'|"))#','\\1'.$location.'\\3',$css); - $css = preg_replace('#(@import\s+[\'"])((?!/|http://|https://))#', '\\1'.$location.'\\2"', $css); + $css = preg_replace('#(url\([ \'"]*)(?!/|http://|https://| |\'|")#','\\1'.$location,$css); + $css = preg_replace('#(@import\s+[\'"])(?!/|http://|https://)#', '\\1'.$location, $css); return $css; } -- cgit v1.2.3 From d0b9cae13d5b6d7dc15d57fff452054235ca8662 Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Fri, 14 Jan 2011 11:19:43 +0100 Subject: coding style fix --- lib/exe/ajax.php | 456 +++++++++++++++++++++++++++---------------------------- 1 file changed, 227 insertions(+), 229 deletions(-) (limited to 'lib/exe') diff --git a/lib/exe/ajax.php b/lib/exe/ajax.php index e514762fd..540399a59 100644 --- a/lib/exe/ajax.php +++ b/lib/exe/ajax.php @@ -8,7 +8,7 @@ //fix for Opera XMLHttpRequests if(!count($_POST) && !empty($HTTP_RAW_POST_DATA)){ - parse_str($HTTP_RAW_POST_DATA, $_POST); + parse_str($HTTP_RAW_POST_DATA, $_POST); } if(!defined('DOKU_INC')) define('DOKU_INC',dirname(__FILE__).'/../../'); @@ -20,25 +20,25 @@ header('Content-Type: text/html; charset=utf-8'); //call the requested function -if(isset($_POST['call'])) - $call = $_POST['call']; -else if(isset($_GET['call'])) - $call = $_GET['call']; -else - exit; - +if(isset($_POST['call'])){ + $call = $_POST['call']; +}else if(isset($_GET['call'])){ + $call = $_GET['call']; +}else{ + exit; +} $callfn = 'ajax_'.$call; if(function_exists($callfn)){ - $callfn(); + $callfn(); }else{ - $evt = new Doku_Event('AJAX_CALL_UNKNOWN', $call); - if ($evt->advise_before()) { - print "AJAX call '".htmlspecialchars($call)."' unknown!\n"; - exit; - } - $evt->advise_after(); - unset($evt); + $evt = new Doku_Event('AJAX_CALL_UNKNOWN', $call); + if ($evt->advise_before()) { + print "AJAX call '".htmlspecialchars($call)."' unknown!\n"; + exit; + } + $evt->advise_after(); + unset($evt); } /** @@ -47,33 +47,33 @@ if(function_exists($callfn)){ * @author Andreas Gohr */ function ajax_qsearch(){ - global $conf; - global $lang; - - $query = $_POST['q']; - if(empty($query)) $query = $_GET['q']; - if(empty($query)) return; - - $data = ft_pageLookup($query, true, useHeading('navigation')); - - if(!count($data)) return; - - print ''.$lang['quickhits'].''; - print '
    '; - foreach($data as $id => $title){ - if (useHeading('navigation')) { - $name = $title; - } else { - $ns = getNS($id); - if($ns){ - $name = shorten(noNS($id), ' ('.$ns.')',30); - }else{ - $name = $id; + global $conf; + global $lang; + + $query = $_POST['q']; + if(empty($query)) $query = $_GET['q']; + if(empty($query)) return; + + $data = ft_pageLookup($query, true, useHeading('navigation')); + + if(!count($data)) return; + + print ''.$lang['quickhits'].''; + print '
      '; + foreach($data as $id => $title){ + if (useHeading('navigation')) { + $name = $title; + } else { + $ns = getNS($id); + if($ns){ + $name = shorten(noNS($id), ' ('.$ns.')',30); + }else{ + $name = $id; + } } + echo '
    • ' . html_wikilink(':'.$id,$name) . '
      • '; } - echo '
    • ' . html_wikilink(':'.$id,$name) . '
      • '; - } - print '
    '; + print '
'; } /** @@ -83,36 +83,36 @@ function ajax_qsearch(){ * @author Mike Frysinger */ function ajax_suggestions() { - global $conf; - global $lang; - - $query = cleanID($_POST['q']); - if(empty($query)) $query = cleanID($_GET['q']); - if(empty($query)) return; - - $data = array(); - $data = ft_pageLookup($query); - if(!count($data)) return; - $data = array_keys($data); - - // limit results to 15 hits - $data = array_slice($data, 0, 15); - $data = array_map('trim',$data); - $data = array_map('noNS',$data); - $data = array_unique($data); - sort($data); - - /* now construct a json */ - $suggestions = array( - $query, // the original query - $data, // some suggestions - array(), // no description - array() // no urls - ); - $json = new JSON(); - - header('Content-Type: application/x-suggestions+json'); - print $json->encode($suggestions); + global $conf; + global $lang; + + $query = cleanID($_POST['q']); + if(empty($query)) $query = cleanID($_GET['q']); + if(empty($query)) return; + + $data = array(); + $data = ft_pageLookup($query); + if(!count($data)) return; + $data = array_keys($data); + + // limit results to 15 hits + $data = array_slice($data, 0, 15); + $data = array_map('trim',$data); + $data = array_map('noNS',$data); + $data = array_unique($data); + sort($data); + + /* now construct a json */ + $suggestions = array( + $query, // the original query + $data, // some suggestions + array(), // no description + array() // no urls + ); + $json = new JSON(); + + header('Content-Type: application/x-suggestions+json'); + print $json->encode($suggestions); } /** @@ -121,32 +121,32 @@ function ajax_suggestions() { * Andreas Gohr */ function ajax_lock(){ - global $conf; - global $lang; - $id = cleanID($_POST['id']); - if(empty($id)) return; - - if(!checklock($id)){ - lock($id); - echo 1; - } - - if($conf['usedraft'] && $_POST['wikitext']){ - $client = $_SERVER['REMOTE_USER']; - if(!$client) $client = clientIP(true); + global $conf; + global $lang; + $id = cleanID($_POST['id']); + if(empty($id)) return; + + if(!checklock($id)){ + lock($id); + echo 1; + } - $draft = array('id' => $id, - 'prefix' => substr($_POST['prefix'], 0, -1), - 'text' => $_POST['wikitext'], - 'suffix' => $_POST['suffix'], - 'date' => (int) $_POST['date'], - 'client' => $client, - ); - $cname = getCacheName($draft['client'].$id,'.draft'); - if(io_saveFile($cname,serialize($draft))){ - echo $lang['draftdate'].' '.dformat(); + if($conf['usedraft'] && $_POST['wikitext']){ + $client = $_SERVER['REMOTE_USER']; + if(!$client) $client = clientIP(true); + + $draft = array('id' => $id, + 'prefix' => substr($_POST['prefix'], 0, -1), + 'text' => $_POST['wikitext'], + 'suffix' => $_POST['suffix'], + 'date' => (int) $_POST['date'], + 'client' => $client, + ); + $cname = getCacheName($draft['client'].$id,'.draft'); + if(io_saveFile($cname,serialize($draft))){ + echo $lang['draftdate'].' '.dformat(); + } } - } } @@ -156,14 +156,14 @@ function ajax_lock(){ * @author Andreas Gohr */ function ajax_draftdel(){ - $id = cleanID($_REQUEST['id']); - if(empty($id)) return; + $id = cleanID($_REQUEST['id']); + if(empty($id)) return; - $client = $_SERVER['REMOTE_USER']; - if(!$client) $client = clientIP(true); + $client = $_SERVER['REMOTE_USER']; + if(!$client) $client = clientIP(true); - $cname = getCacheName($client.$id,'.draft'); - @unlink($cname); + $cname = getCacheName($client.$id,'.draft'); + @unlink($cname); } /** @@ -172,22 +172,22 @@ function ajax_draftdel(){ * @author Andreas Gohr */ function ajax_medians(){ - global $conf; - - // wanted namespace - $ns = cleanID($_POST['ns']); - $dir = utf8_encodeFN(str_replace(':','/',$ns)); - - $lvl = count(explode(':',$ns)); - - $data = array(); - search($data,$conf['mediadir'],'search_index',array('nofiles' => true),$dir); - foreach($data as $item){ - $item['level'] = $lvl+1; - echo media_nstree_li($item); - echo media_nstree_item($item); - echo ''; - } + global $conf; + + // wanted namespace + $ns = cleanID($_POST['ns']); + $dir = utf8_encodeFN(str_replace(':','/',$ns)); + + $lvl = count(explode(':',$ns)); + + $data = array(); + search($data,$conf['mediadir'],'search_index',array('nofiles' => true),$dir); + foreach($data as $item){ + $item['level'] = $lvl+1; + echo media_nstree_li($item); + echo media_nstree_item($item); + echo ''; + } } /** @@ -196,11 +196,11 @@ function ajax_medians(){ * @author Andreas Gohr */ function ajax_medialist(){ - global $conf; - global $NS; + global $conf; + global $NS; - $NS = $_POST['ns']; - tpl_mediaContent(true); + $NS = $_POST['ns']; + tpl_mediaContent(true); } /** @@ -209,24 +209,24 @@ function ajax_medialist(){ * @author Andreas Gohr */ function ajax_index(){ - global $conf; - - // wanted namespace - $ns = cleanID($_POST['idx']); - $dir = utf8_encodeFN(str_replace(':','/',$ns)); - - $lvl = count(explode(':',$ns)); - - $data = array(); - search($data,$conf['datadir'],'search_index',array('ns' => $ns),$dir); - foreach($data as $item){ - $item['level'] = $lvl+1; - echo html_li_index($item); - echo '
'; - echo html_list_index($item); - echo '
'; - echo ''; - } + global $conf; + + // wanted namespace + $ns = cleanID($_POST['idx']); + $dir = utf8_encodeFN(str_replace(':','/',$ns)); + + $lvl = count(explode(':',$ns)); + + $data = array(); + search($data,$conf['datadir'],'search_index',array('ns' => $ns),$dir); + foreach($data as $item){ + $item['level'] = $lvl+1; + echo html_li_index($item); + echo '
'; + echo html_list_index($item); + echo '
'; + echo ''; + } } /** @@ -235,107 +235,105 @@ function ajax_index(){ * @author Andreas Gohr */ function ajax_linkwiz(){ - global $conf; - global $lang; - - $q = ltrim($_POST['q'],':'); - $id = noNS($q); - $ns = getNS($q); - - $ns = cleanID($ns); - $id = cleanID($id); - - $nsd = utf8_encodeFN(str_replace(':','/',$ns)); - $idd = utf8_encodeFN(str_replace(':','/',$id)); - - $data = array(); - if($q && !$ns){ - - // use index to lookup matching pages - $pages = array(); - $pages = ft_pageLookup($id,true); - - // result contains matches in pages and namespaces - // we now extract the matching namespaces to show - // them seperately - $dirs = array(); - - - foreach($pages as $pid => $title){ - if(strpos(noNS($pid),$id) === false){ - // match was in the namespace - $dirs[getNS($pid)] = 1; // assoc array avoids dupes - }else{ - // it is a matching page, add it to the result - $data[] = array( - 'id' => $pid, - 'title' => $title, - 'type' => 'f', - ); - } - unset($pages[$pid]); - } - foreach($dirs as $dir => $junk){ - $data[] = array( - 'id' => $dir, - 'type' => 'd', - ); - } + global $conf; + global $lang; + + $q = ltrim($_POST['q'],':'); + $id = noNS($q); + $ns = getNS($q); + + $ns = cleanID($ns); + $id = cleanID($id); + + $nsd = utf8_encodeFN(str_replace(':','/',$ns)); + $idd = utf8_encodeFN(str_replace(':','/',$id)); + + $data = array(); + if($q && !$ns){ + + // use index to lookup matching pages + $pages = array(); + $pages = ft_pageLookup($id,true); + + // result contains matches in pages and namespaces + // we now extract the matching namespaces to show + // them seperately + $dirs = array(); + + foreach($pages as $pid => $title){ + if(strpos(noNS($pid),$id) === false){ + // match was in the namespace + $dirs[getNS($pid)] = 1; // assoc array avoids dupes + }else{ + // it is a matching page, add it to the result + $data[] = array( + 'id' => $pid, + 'title' => $title, + 'type' => 'f', + ); + } + unset($pages[$pid]); + } + foreach($dirs as $dir => $junk){ + $data[] = array( + 'id' => $dir, + 'type' => 'd', + ); + } - }else{ - - $opts = array( - 'depth' => 1, - 'listfiles' => true, - 'listdirs' => true, - 'pagesonly' => true, - 'firsthead' => true, - 'sneakyacl' => $conf['sneaky_index'], - ); - if($id) $opts['filematch'] = '^.*\/'.$id; - if($id) $opts['dirmatch'] = '^.*\/'.$id; - search($data,$conf['datadir'],'search_universal',$opts,$nsd); - - // add back to upper - if($ns){ - array_unshift($data,array( - 'id' => getNS($ns), - 'type' => 'u', - )); - } - } + }else{ - // fixme sort results in a useful way ? + $opts = array( + 'depth' => 1, + 'listfiles' => true, + 'listdirs' => true, + 'pagesonly' => true, + 'firsthead' => true, + 'sneakyacl' => $conf['sneaky_index'], + ); + if($id) $opts['filematch'] = '^.*\/'.$id; + if($id) $opts['dirmatch'] = '^.*\/'.$id; + search($data,$conf['datadir'],'search_universal',$opts,$nsd); + + // add back to upper + if($ns){ + array_unshift($data,array( + 'id' => getNS($ns), + 'type' => 'u', + )); + } + } - if(!count($data)){ - echo $lang['nothingfound']; - exit; - } + // fixme sort results in a useful way ? - // output the found data - $even = 1; - foreach($data as $item){ - $even *= -1; //zebra + if(!count($data)){ + echo $lang['nothingfound']; + exit; + } - if(($item['type'] == 'd' || $item['type'] == 'u') && $item['id']) $item['id'] .= ':'; - $link = wl($item['id']); + // output the found data + $even = 1; + foreach($data as $item){ + $even *= -1; //zebra - echo '
'; + if(($item['type'] == 'd' || $item['type'] == 'u') && $item['id']) $item['id'] .= ':'; + $link = wl($item['id']); + echo '
'; - if($item['type'] == 'u'){ - $name = $lang['upperns']; - }else{ - $name = htmlspecialchars($item['id']); - } + if($item['type'] == 'u'){ + $name = $lang['upperns']; + }else{ + $name = htmlspecialchars($item['id']); + } - echo ''.$name.''; + echo ''.$name.''; - if($item['title']){ - echo ''.htmlspecialchars($item['title']).''; + if($item['title']){ + echo ''.htmlspecialchars($item['title']).''; + } + echo '
'; } - echo '
'; - } } -- cgit v1.2.3 From d83e78edb7657053f07161bbace2dba26ee83905 Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Sat, 15 Jan 2011 09:46:17 +0100 Subject: added missing change for path length shortener in ajax backend --- lib/exe/ajax.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/exe') diff --git a/lib/exe/ajax.php b/lib/exe/ajax.php index 540399a59..1939a7bcb 100644 --- a/lib/exe/ajax.php +++ b/lib/exe/ajax.php @@ -66,7 +66,7 @@ function ajax_qsearch(){ } else { $ns = getNS($id); if($ns){ - $name = shorten(noNS($id), ' ('.$ns.')',30); + $name = noNS($id).' ('.$ns.')'; }else{ $name = $id; } -- cgit v1.2.3 From eff795ac6482d5885761f6688ce183c66becd7e1 Mon Sep 17 00:00:00 2001 From: Michael Hamann Date: Sun, 16 Jan 2011 13:30:49 +0100 Subject: Fix several security issues in the XML-RPC interface For locks and getRevisions there hasn't been any acl check. In many other cases the id hadn't been cleaned before the acl check was done which means that many acl rules that should be applied weren't applied. So e.g. when you have read permissions for the root namespace but not for a subnamespace you could add a leading ":" and the permissions for the root namespace will be used instead of the permissions for the subnamespace. This did not apply to writing pages and reading media files, but writing and deleting media files have been concerned as well as reading both plain and html versions of pages. This only concerns installations where XML-RPC is enabled (default is disabled) and XML-RPC is allowed for all or untrusted users. --- lib/exe/xmlrpc.php | 23 ++++++++++++++++++----- 1 file changed, 18 insertions(+), 5 deletions(-) (limited to 'lib/exe') diff --git a/lib/exe/xmlrpc.php b/lib/exe/xmlrpc.php index d232930a3..d40e338b2 100644 --- a/lib/exe/xmlrpc.php +++ b/lib/exe/xmlrpc.php @@ -296,6 +296,7 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { * Return a raw wiki page */ function rawPage($id,$rev=''){ + $id = cleanID($id); if(auth_quickaclcheck($id) < AUTH_READ){ return new IXR_Error(1, 'You are not allowed to read this page'); } @@ -351,6 +352,7 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { * Return a wiki page rendered to html */ function htmlPage($id,$rev=''){ + $id = cleanID($id); if(auth_quickaclcheck($id) < AUTH_READ){ return new IXR_Error(1, 'You are not allowed to read this page'); } @@ -488,6 +490,7 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { * Return some basic data about a page */ function pageInfo($id,$rev=''){ + $id = cleanID($id); if(auth_quickaclcheck($id) < AUTH_READ){ return new IXR_Error(1, 'You are not allowed to read this page'); } @@ -601,6 +604,7 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { * Michael Klier */ function putAttachment($id, $file, $params) { + $id = cleanID($id); global $conf; global $lang; @@ -668,6 +672,7 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { * @author Gina Haeussge */ function deleteAttachment($id){ + $id = cleanID($id); $auth = auth_quickaclcheck(getNS($id).':*'); if($auth < AUTH_DELETE) return new IXR_ERROR(1, "You don't have permissions to delete files."); global $conf; @@ -725,6 +730,7 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { * Returns the permissions of a given wiki page */ function aclCheck($id) { + $id = cleanID($id); return auth_quickaclcheck($id); } @@ -734,13 +740,14 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { * @author Michael Klier */ function listLinks($id) { + $id = cleanID($id); if(auth_quickaclcheck($id) < AUTH_READ){ return new IXR_Error(1, 'You are not allowed to read this page'); } $links = array(); // resolve page instructions - $ins = p_cached_instructions(wikiFN(cleanID($id))); + $ins = p_cached_instructions(wikiFN($id)); // instantiate new Renderer - needed for interwiki links include(DOKU_INC.'inc/parser/xhtml.php'); @@ -848,6 +855,10 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { * @author Michael Klier */ function pageVersions($id, $first) { + $id = cleanID($id); + if(auth_quickaclcheck($id) < AUTH_READ){ + return new IXR_Error(1, 'You are not allowed to read this page'); + } global $conf; $versions = array(); @@ -923,7 +934,8 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { $unlockfail = array(); foreach((array) $set['lock'] as $id){ - if(checklock($id)){ + $id = cleanID($id); + if(auth_quickaclcheck($id) < AUTH_EDIT || checklock($id)){ $lockfail[] = $id; }else{ lock($id); @@ -932,10 +944,11 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { } foreach((array) $set['unlock'] as $id){ - if(unlock($id)){ - $unlocked[] = $id; - }else{ + $id = cleanID($id); + if(auth_quickaclcheck($id) < AUTH_EDIT || !unlock($id)){ $unlockfail[] = $id; + }else{ + $unlocked[] = $id; } } -- cgit v1.2.3 From 1b052f5cb72bee256af579602cbbed59492b2759 Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Sun, 16 Jan 2011 19:29:03 +0100 Subject: increase indexer version to reforce rebuild for the new title index --- lib/exe/indexer.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/exe') diff --git a/lib/exe/indexer.php b/lib/exe/indexer.php index 58b0d0787..eec8c968c 100644 --- a/lib/exe/indexer.php +++ b/lib/exe/indexer.php @@ -12,7 +12,7 @@ session_write_close(); //close session if(!defined('NL')) define('NL',"\n"); // Version tag used to force rebuild on upgrade -define('INDEXER_VERSION', 2); +define('INDEXER_VERSION', 3); // keep running after browser closes connection @ignore_user_abort(true); -- cgit v1.2.3