<?php
authorize();
$ArticleID = Wiki::alias_to_id($_GET['alias']);
$DB->query("SELECT MinClassEdit FROM wiki_articles WHERE ID = {$ArticleID}");
list($MinClassEdit) = $DB->next_record();
if ($MinClassEdit > $LoggedUser['EffectiveClass']) {
error(403);
}
$DB->query("DELETE FROM wiki_aliases WHERE Alias='" . Wiki::normalize_alias($_GET['alias']) . "'");
Wiki::flush_article($ArticleID);
Wiki::flush_aliases();
if (check_perms('admin_manage_wiki')) {
$Read = $_POST['minclassread'];
$Edit = $_POST['minclassedit'];
if (!is_number($Read)) {
error(0);
//int?
}
if (!is_number($Edit)) {
error(0);
}
if ($Edit > $LoggedUser['EffectiveClass']) {
error('You can\'t restrict articles above your own level');
}
if ($Edit < $Read) {
$Edit = $Read;
//Human error fix.
}
} else {
$Read = 100;
$Edit = 100;
}
$DB->query("\n\tINSERT INTO wiki_articles\n\t\t(Revision, Title, Body, MinClassRead, MinClassEdit, Date, Author)\n\tVALUES\n\t\t('1', '{$P['title']}', '{$P['body']}', '{$Read}', '{$Edit}', '" . sqltime() . "', '{$LoggedUser['ID']}')");
$ArticleID = $DB->inserted_id();
$TitleAlias = Wiki::normalize_alias($_POST['title']);
$Dupe = Wiki::alias_to_id($_POST['title']);
if ($TitleAlias != '' && $Dupe === false) {
$DB->query("\n\t\tINSERT INTO wiki_aliases (Alias, ArticleID)\n\t\tVALUES ('" . db_string($TitleAlias) . "', '{$ArticleID}')");
Wiki::flush_aliases();
}
Misc::write_log("Wiki article {$ArticleID} (" . $_POST['title'] . ") was created by " . $LoggedUser['Username']);
header("Location: wiki.php?action=article&id={$ArticleID}");
<?php
if (empty($_GET['nojump'])) {
$ArticleID = Wiki::alias_to_id($_GET['search']);
if ($ArticleID) {
//Found the article!
header('Location: wiki.php?action=article&id=' . $ArticleID);
die;
}
}
define('ARTICLES_PER_PAGE', 25);
list($Page, $Limit) = Format::page_limit(ARTICLES_PER_PAGE);
$OrderVals = array('Title', 'Created', 'Edited');
$WayVals = array('Ascending', 'Descending');
$TypeTable = array('Title' => 'Title', 'Body' => 'Body');
$OrderTable = array('Title' => 'Title', 'Created' => 'ID', 'Edited' => 'Date');
$WayTable = array('Ascending' => 'ASC', 'Descending' => 'DESC');
// What are we looking for? Let's make sure it isn't dangerous.
$Search = db_string(trim($_GET['search']));
if (!in_array($Type, array('Title', 'Body'))) {
$Type = 'Title';
}
// Break search string down into individual words
$Words = explode(' ', $Search);
$Type = $TypeTable[$_GET['type']];
if (!$Type) {
$Type = 'Title';
}
$Order = $OrderTable[$_GET['order']];
if (!$Order) {
$Order = 'ID';
<?php
if (!empty($_GET['id']) && is_number($_GET['id'])) {
//Visiting article via ID
$ArticleID = $_GET['id'];
} elseif ($_GET['name'] != '') {
//Retrieve article ID via alias.
$ArticleID = Wiki::alias_to_id($_GET['name']);
} else {
json_die("failure");
}
if (!$ArticleID) {
//No article found
json_die("failure", "article not found");
}
$Article = Wiki::get_article($ArticleID, false);
if (!$Article) {
json_die("failure", "article not found");
}
list($Revision, $Title, $Body, $Read, $Edit, $Date, $AuthorID, $AuthorName, $Aliases, $UserIDs) = array_shift($Article);
if ($Read > $LoggedUser['EffectiveClass']) {
json_die("failure", "higher user class required to view article");
}
Text::$TOC = true;
$TextBody = Text::full_format($Body, false);
json_die("success", array('title' => $Title, 'bbBody' => $Body, 'body' => $TextBody, 'aliases' => $Aliases, 'authorID' => (int) $AuthorID, 'authorName' => $AuthorName, 'date' => $Date, 'revision' => (int) $Revision));
<?php
authorize();
if (!isset($_POST['article']) || !is_number($_POST['article'])) {
error(0);
}
$ArticleID = (int) $_POST['article'];
$DB->query("SELECT MinClassEdit FROM wiki_articles WHERE ID = {$ArticleID}");
list($MinClassEdit) = $DB->next_record();
if ($MinClassEdit > $LoggedUser['EffectiveClass']) {
error(403);
}
$NewAlias = Wiki::normalize_alias($_POST['alias']);
$Dupe = Wiki::alias_to_id($_POST['alias']);
if ($NewAlias != '' && $NewAlias != 'addalias' && $Dupe === false) {
//Not null, and not dupe
$DB->query("INSERT INTO wiki_aliases (Alias, UserID, ArticleID) VALUES ('{$NewAlias}', '{$LoggedUser['ID']}', '{$ArticleID}')");
} else {
error('The alias you attempted to add was either null or already in the database.');
}
Wiki::flush_aliases();
Wiki::flush_article($ArticleID);
header('Location: wiki.php?action=article&id=' . $ArticleID);