define('PROTOCOL', 'http://');
break;
default:
define('PROTOCOL', 'https://');
break;
}
}
define("hu", PROTOCOL . $siteurl . '/');
// v1.0 experimental relative url global
define("rhu", preg_replace("/https?:\\/\\/.+(\\/.*)\\/?\$/U", "\$1", hu));
if (!empty($locale)) {
setlocale(LC_ALL, $locale);
}
$textarray = load_lang(LANG);
include txpath . '/include/txp_auth.php';
doAuth();
// individual user prefs
$prefs = get_user_prefs() + $prefs;
build_element_list($elements_main);
if ($elements_aux) {
build_element_list($elements_aux);
}
load_elements('init');
register_element_tabs();
$event = gps('event') ? gps('event') : 'article';
$step = gps('step');
if (!$dbversion or $dbversion != $thisversion or $txp_using_svn) {
define('TXP_UPDATE', 1);
include txpath . '/update/_update.php';
}
load_elements($event);
function doArticles($atts, $iscustom, $thing = null)
{
global $pretext, $prefs;
extract($pretext);
extract($prefs);
$customFields = getCustomFields();
$customlAtts = array_null(array_flip($customFields));
if ($iscustom) {
$extralAtts = array('category' => '', 'section' => '', 'excerpted' => '', 'author' => '', 'month' => '', 'expired' => $publish_expired_articles, 'id' => '', 'exclude' => '');
} else {
$extralAtts = array('listform' => '', 'searchform' => '', 'searchall' => 1, 'searchsticky' => 0, 'pageby' => '', 'pgonly' => 0);
}
// Getting attributes.
$theAtts = lAtts(array('form' => 'default', 'limit' => 10, 'sort' => '', 'sortby' => '', 'sortdir' => '', 'keywords' => '', 'time' => 'past', 'status' => STATUS_LIVE, 'allowoverride' => !$q and !$iscustom, 'offset' => 0, 'wraptag' => '', 'break' => '', 'label' => '', 'labeltag' => '', 'class' => '') + $customlAtts + $extralAtts, $atts);
// For the txp:article tag, some attributes are taken from globals;
// override them, then stash all filter attributes.
if (!$iscustom) {
$theAtts['category'] = $c ? $c : '';
$theAtts['section'] = $s && $s != 'default' ? $s : '';
$theAtts['author'] = !empty($author) ? $author : '';
$theAtts['month'] = !empty($month) ? $month : '';
$theAtts['frontpage'] = $s && $s == 'default' ? true : false;
$theAtts['excerpted'] = 0;
$theAtts['exclude'] = 0;
$theAtts['expired'] = $publish_expired_articles;
filterAtts($theAtts);
} else {
$theAtts['frontpage'] = false;
}
extract($theAtts);
// If a listform is specified, $thing is for doArticle() - hence ignore here.
if (!empty($listform)) {
$thing = '';
}
$pageby = empty($pageby) ? $limit : $pageby;
// Treat sticky articles differently wrt search filtering, etc.
$status = in_array(strtolower($status), array('sticky', STATUS_STICKY)) ? STATUS_STICKY : STATUS_LIVE;
$issticky = $status == STATUS_STICKY;
// Give control to search, if necessary.
if ($q && !$iscustom && !$issticky) {
include_once txpath . '/publish/search.php';
$s_filter = $searchall ? filterSearch() : '';
$q = trim($q);
$quoted = $q[0] === '"' && $q[strlen($q) - 1] === '"';
$q = doSlash($quoted ? trim(trim($q, '"')) : $q);
// Searchable article fields are limited to the columns of the
// textpattern table and a matching fulltext index must exist.
$cols = do_list_unique($searchable_article_fields);
if (empty($cols) or $cols[0] == '') {
$cols = array('Title', 'Body');
}
$match = ", MATCH (`" . join("`, `", $cols) . "`) AGAINST ('{$q}') AS score";
$search_terms = preg_replace('/\\s+/', ' ', str_replace(array('\\', '%', '_', '\''), array('\\\\', '\\%', '\\_', '\\\''), $q));
if ($quoted || empty($m) || $m === 'exact') {
for ($i = 0; $i < count($cols); $i++) {
$cols[$i] = "`{$cols[$i]}` LIKE '%{$search_terms}%'";
}
} else {
$colJoin = $m === 'any' ? "OR" : "AND";
$search_terms = explode(' ', $search_terms);
for ($i = 0; $i < count($cols); $i++) {
$like = array();
foreach ($search_terms as $search_term) {
$like[] = "`{$cols[$i]}` LIKE '%{$search_term}%'";
}
$cols[$i] = "(" . join(" {$colJoin} ", $like) . ")";
}
}
$cols = join(" OR ", $cols);
$search = " AND ({$cols}) {$s_filter}";
// searchall=0 can be used to show search results for the current
// section only.
if ($searchall) {
$section = '';
}
if (!$sort) {
$sort = "score DESC";
}
} else {
$match = $search = '';
if (!$sort) {
$sort = "Posted DESC";
}
}
// For backwards compatibility. sortby and sortdir are deprecated.
if ($sortby) {
trigger_error(gTxt('deprecated_attribute', array('{name}' => 'sortby')), E_USER_NOTICE);
if (!$sortdir) {
$sortdir = "DESC";
} else {
trigger_error(gTxt('deprecated_attribute', array('{name}' => 'sortdir')), E_USER_NOTICE);
}
$sort = "{$sortby} {$sortdir}";
} elseif ($sortdir) {
trigger_error(gTxt('deprecated_attribute', array('{name}' => 'sortdir')), E_USER_NOTICE);
$sort = "Posted {$sortdir}";
}
// Building query parts.
$frontpage = ($frontpage and (!$q or $issticky)) ? filterFrontPage() : '';
$category = join("','", doSlash(do_list_unique($category)));
$category = !$category ? '' : " AND (Category1 IN ('" . $category . "') OR Category2 IN ('" . $category . "'))";
$section = !$section ? '' : " AND Section IN ('" . join("','", doSlash(do_list_unique($section))) . "')";
$excerpted = !$excerpted ? '' : " AND Excerpt !=''";
$author = !$author ? '' : " AND AuthorID IN ('" . join("','", doSlash(do_list_unique($author))) . "')";
$month = !$month ? '' : " AND Posted LIKE '" . doSlash($month) . "%'";
$ids = $id ? array_map('intval', do_list_unique($id)) : array();
$exclude = $exclude ? array_map('intval', do_list_unique($exclude)) : array();
$id = (!$id ? '' : " AND ID IN (" . join(',', $ids) . ")") . (!$exclude ? '' : " AND ID NOT IN (" . join(',', $exclude) . ")");
switch ($time) {
case 'any':
$time = "";
break;
case 'future':
$time = " AND Posted > " . now('posted');
break;
default:
$time = " AND Posted <= " . now('posted');
}
if (!$expired) {
$time .= " AND (" . now('expires') . " <= Expires OR Expires = " . NULLDATETIME . ")";
}
$custom = '';
if ($customFields) {
foreach ($customFields as $cField) {
if (isset($atts[$cField])) {
$customPairs[$cField] = $atts[$cField];
}
}
if (!empty($customPairs)) {
$custom = buildCustomSql($customFields, $customPairs);
}
}
// Allow keywords for no-custom articles. That tagging mode, you know.
if ($keywords) {
$keys = doSlash(do_list_unique($keywords));
foreach ($keys as $key) {
$keyparts[] = "FIND_IN_SET('" . $key . "', Keywords)";
}
$keywords = " AND (" . join(' or ', $keyparts) . ")";
}
if ($q and $searchsticky) {
$statusq = " AND Status >= " . STATUS_LIVE;
} elseif ($id) {
$statusq = " AND Status >= " . STATUS_LIVE;
} else {
$statusq = " AND Status = " . intval($status);
}
$where = "1 = 1" . $statusq . $time . $search . $id . $category . $section . $excerpted . $month . $author . $keywords . $custom . $frontpage;
// Do not paginate if we are on a custom list.
if (!$iscustom and !$issticky) {
$grand_total = safe_count('textpattern', $where);
$total = $grand_total - $offset;
$numPages = ceil($total / $pageby);
$pg = !$pg ? 1 : $pg;
$pgoffset = $offset + ($pg - 1) * $pageby;
// Send paging info to txp:newer and txp:older.
$pageout['pg'] = $pg;
$pageout['numPages'] = $numPages;
$pageout['s'] = $s;
$pageout['c'] = $c;
$pageout['context'] = 'article';
$pageout['grand_total'] = $grand_total;
$pageout['total'] = $total;
global $thispage;
if (empty($thispage)) {
$thispage = $pageout;
}
if ($pgonly) {
return;
}
} else {
$pgoffset = $offset;
}
// Preserve order of custom article ids unless 'sort' attribute is set.
if (!empty($atts['id']) && empty($atts['sort'])) {
$safe_sort = "FIELD(id, " . join(',', $ids) . ")";
} else {
$safe_sort = doSlash($sort);
}
$rs = safe_rows_start("*, UNIX_TIMESTAMP(Posted) AS uPosted, UNIX_TIMESTAMP(Expires) AS uExpires, UNIX_TIMESTAMP(LastMod) AS uLastMod" . $match, 'textpattern', "{$where} ORDER BY {$safe_sort} LIMIT " . intval($pgoffset) . ", " . intval($limit));
// Get the form name.
if ($q and !$iscustom and !$issticky) {
$fname = $searchform ? $searchform : 'search_results';
} else {
$fname = !empty($listform) ? $listform : $form;
}
if ($rs) {
$count = 0;
$last = numRows($rs);
$articles = array();
while ($a = nextRow($rs)) {
++$count;
populateArticleData($a);
global $thisarticle, $uPosted, $limit;
$thisarticle['is_first'] = $count == 1;
$thisarticle['is_last'] = $count == $last;
// Article form preview.
if (txpinterface === 'admin' && ps('Form')) {
doAuth();
if (!has_privs('form')) {
txp_status_header('401 Unauthorized');
exit(hed('401 Unauthorized', 1) . graf(gTxt('restricted_area')));
}
$articles[] = parse(gps('Form'));
} elseif ($allowoverride and $a['override_form']) {
$articles[] = parse_form($a['override_form']);
} else {
$articles[] = $thing ? parse($thing) : parse_form($fname);
}
// Sending these to paging_link(); Required?
$uPosted = $a['uPosted'];
unset($GLOBALS['thisarticle']);
}
return doLabel($label, $labeltag) . doWrap($articles, $wraptag, $break, $class);
}
}
/**
* Ask the user whether he wants to trust this site
*/
function action_trust()
{
$info = getRequestInfo();
$trusted = isset($_POST['trust']);
return doAuth($info, $trusted, true, @$_POST['idSelect']);
}
/**
* Ask the user whether he wants to trust this site
*/
function action_trust()
{
global $store;
$info = getRequestInfo();
$trusted = isset($_POST['trust']);
if ($info && isset($_POST['remember'])) {
$store->setTrustedSite($info->trust_root);
}
return doAuth($info, $trusted, true);
}
} else {
debug("...not allowing");
$content = array("page", "Not a valid Wiki", "That (" . $request[0] . ") not a Wiki I am aware of, and current config forbids creation of arbitrary new wikis", "Aquarion (Admin)", date("r"));
}
} else {
debug("Loading wikipage " . $_EXTRAS['current']);
$content = wiki($request[0], $_EXTRAS['current']);
}
} else {
debug("Listing wikis");
$listOfwikis = $dataSource->listOfWikis();
foreach ($listOfwikis as $row) {
$out .= "# <a href=\"" . $row[0] . "\">" . $row[0] . "</a>, " . $row[1] . " pages\n";
}
$content = array("page", "Index of Wikis", $out, "Aquarion (Admin)", date("r"));
}
if (isset($_EXTRAS['reqUser'])) {
debug("Requiring auth " . $_EXTRAS['reqAuth']);
doAuth($_EXTRAS['reqUser'], "enter");
}
if (isset($_EXTRAS['reqAuth'])) {
debug("Requiring auth " . $_EXTRAS['reqAuth']);
doAuth($_EXTRAS['reqAuth'], "enter");
}
if (isset($_EXTRAS['reqUsers'])) {
debug("Requiring auth from users array");
doAuth($_EXTRAS['reqUsers'], "enter");
}
debug("Memory Track: " . number_format(memory_get_usage()));
echo page($content);
debug("Game over, No high score.");
function doArticles($atts, $iscustom, $thing = NULL)
{
global $pretext, $prefs;
extract($pretext);
extract($prefs);
$customFields = getCustomFields();
$customlAtts = array_null(array_flip($customFields));
//getting attributes
$theAtts = lAtts(array('form' => 'default', 'listform' => '', 'searchform' => '', 'limit' => 10, 'pageby' => '', 'category' => '', 'section' => '', 'excerpted' => '', 'author' => '', 'sort' => '', 'sortby' => '', 'sortdir' => '', 'month' => '', 'keywords' => '', 'expired' => $publish_expired_articles, 'frontpage' => '', 'id' => '', 'time' => 'past', 'status' => '4', 'pgonly' => 0, 'searchall' => 1, 'searchsticky' => 0, 'allowoverride' => !$q and !$iscustom, 'offset' => 0, 'wraptag' => '', 'break' => '', 'label' => '', 'labeltag' => '', 'class' => '') + $customlAtts, $atts);
// if an article ID is specified, treat it as a custom list
$iscustom = !empty($theAtts['id']) ? true : $iscustom;
//for the txp:article tag, some attributes are taken from globals;
//override them before extract
if (!$iscustom) {
$theAtts['category'] = $c ? $c : '';
$theAtts['section'] = $s && $s != 'default' ? $s : '';
$theAtts['author'] = !empty($author) ? $author : '';
$theAtts['month'] = !empty($month) ? $month : '';
$theAtts['frontpage'] = $s && $s == 'default' ? true : false;
$theAtts['excerpted'] = '';
}
extract($theAtts);
// if a listform is specified, $thing is for doArticle() - hence ignore here.
if (!empty($listform)) {
$thing = '';
}
$pageby = empty($pageby) ? $limit : $pageby;
// treat sticky articles differently wrt search filtering, etc
$status = in_array(strtolower($status), array('sticky', '5')) ? 5 : 4;
$issticky = $status == 5;
// give control to search, if necessary
if ($q && !$iscustom && !$issticky) {
include_once txpath . '/publish/search.php';
$s_filter = $searchall ? filterSearch() : '';
$q = trim($q);
$quoted = $q[0] === '"' && $q[strlen($q) - 1] === '"';
$q = doSlash($quoted ? trim(trim($q, '"')) : $q);
// searchable article fields are limited to the columns of
// the textpattern table and a matching fulltext index must exist.
$cols = do_list($searchable_article_fields);
if (empty($cols) or $cols[0] == '') {
$cols = array('Title', 'Body');
}
$match = ', match (`' . join('`, `', $cols) . "`) against ('{$q}') as score";
$search_terms = preg_replace('/\\s+/', ' ', str_replace(array('\\', '%', '_', '\''), array('\\\\', '\\%', '\\_', '\\\''), $q));
if ($quoted || empty($m) || $m === 'exact') {
for ($i = 0; $i < count($cols); $i++) {
$cols[$i] = "`{$cols[$i]}` like '%{$search_terms}%'";
}
} else {
$colJoin = $m === 'any' ? 'or' : 'and';
$search_terms = explode(' ', $search_terms);
for ($i = 0; $i < count($cols); $i++) {
$like = array();
foreach ($search_terms as $search_term) {
$like[] = "`{$cols[$i]}` like '%{$search_term}%'";
}
$cols[$i] = '(' . join(' ' . $colJoin . ' ', $like) . ')';
}
}
$cols = join(' or ', $cols);
$search = " and ({$cols}) {$s_filter}";
// searchall=0 can be used to show search results for the current section only
if ($searchall) {
$section = '';
}
if (!$sort) {
$sort = 'score desc';
}
} else {
$match = $search = '';
if (!$sort) {
$sort = 'Posted desc';
}
}
// for backwards compatibility
// sortby and sortdir are deprecated
if ($sortby) {
trigger_error(gTxt('deprecated_attribute', array('{name}' => 'sortby')), E_USER_NOTICE);
if (!$sortdir) {
$sortdir = 'desc';
} else {
trigger_error(gTxt('deprecated_attribute', array('{name}' => 'sortdir')), E_USER_NOTICE);
}
$sort = "{$sortby} {$sortdir}";
} elseif ($sortdir) {
trigger_error(gTxt('deprecated_attribute', array('{name}' => 'sortdir')), E_USER_NOTICE);
$sort = "Posted {$sortdir}";
}
//Building query parts
$frontpage = ($frontpage and (!$q or $issticky)) ? filterFrontPage() : '';
$category = join("','", doSlash(do_list($category)));
$category = !$category ? '' : " and (Category1 IN ('" . $category . "') or Category2 IN ('" . $category . "'))";
$section = !$section ? '' : " and Section IN ('" . join("','", doSlash(do_list($section))) . "')";
$excerpted = $excerpted == 'y' || $excerpted == '1' ? " and Excerpt !=''" : '';
$author = !$author ? '' : " and AuthorID IN ('" . join("','", doSlash(do_list($author))) . "')";
$month = !$month ? '' : " and Posted like '" . doSlash($month) . "%'";
$ids = array_map('intval', do_list($id));
$id = !$id ? '' : " and ID IN (" . join(',', $ids) . ")";
switch ($time) {
case 'any':
$time = "";
break;
case 'future':
$time = " and Posted > now()";
break;
default:
$time = " and Posted <= now()";
}
if (!$expired) {
$time .= " and (now() <= Expires or Expires = " . NULLDATETIME . ")";
}
$custom = '';
if ($customFields) {
foreach ($customFields as $cField) {
if (isset($atts[$cField])) {
$customPairs[$cField] = $atts[$cField];
}
}
if (!empty($customPairs)) {
$custom = buildCustomSql($customFields, $customPairs);
}
}
//Allow keywords for no-custom articles. That tagging mode, you know
if ($keywords) {
$keys = doSlash(do_list($keywords));
foreach ($keys as $key) {
$keyparts[] = "FIND_IN_SET('" . $key . "',Keywords)";
}
$keywords = " and (" . join(' or ', $keyparts) . ")";
}
if ($q and $searchsticky) {
$statusq = ' and Status >= 4';
} elseif ($id) {
$statusq = ' and Status >= 4';
} else {
$statusq = ' and Status = ' . intval($status);
}
$where = "1=1" . $statusq . $time . $search . $id . $category . $section . $excerpted . $month . $author . $keywords . $custom . $frontpage;
//do not paginate if we are on a custom list
if (!$iscustom and !$issticky) {
$grand_total = safe_count('textpattern', $where);
$total = $grand_total - $offset;
$numPages = ceil($total / $pageby);
$pg = !$pg ? 1 : $pg;
$pgoffset = $offset + ($pg - 1) * $pageby;
// send paging info to txp:newer and txp:older
$pageout['pg'] = $pg;
$pageout['numPages'] = $numPages;
$pageout['s'] = $s;
$pageout['c'] = $c;
$pageout['context'] = 'article';
$pageout['grand_total'] = $grand_total;
$pageout['total'] = $total;
global $thispage;
if (empty($thispage)) {
$thispage = $pageout;
}
if ($pgonly) {
return;
}
} else {
$pgoffset = $offset;
}
// preserve order of custom article ids unless 'sort' attribute is set
if (!empty($atts['id']) && empty($atts['sort'])) {
$safe_sort = 'field(id, ' . join(',', $ids) . ')';
} else {
$safe_sort = doSlash($sort);
}
$rs = safe_rows_start("*, unix_timestamp(Posted) as uPosted, unix_timestamp(Expires) as uExpires, unix_timestamp(LastMod) as uLastMod" . $match, 'textpattern', $where . ' order by ' . $safe_sort . ' limit ' . intval($pgoffset) . ', ' . intval($limit));
// get the form name
if ($q and !$iscustom and !$issticky) {
$fname = $searchform ? $searchform : 'search_results';
} else {
$fname = $listform ? $listform : $form;
}
if ($rs) {
$count = 0;
$last = numRows($rs);
$articles = array();
while ($a = nextRow($rs)) {
++$count;
populateArticleData($a);
global $thisarticle, $uPosted, $limit;
$thisarticle['is_first'] = $count == 1;
$thisarticle['is_last'] = $count == $last;
filterAtts($theAtts);
// article form preview
if (txpinterface === 'admin' && ps('Form')) {
doAuth();
if (!has_privs('form')) {
txp_status_header('401 Unauthorized');
exit(hed('401 Unauthorized', 1) . graf(gTxt('restricted_area')));
}
$articles[] = parse(gps('Form'));
} elseif ($allowoverride and $a['override_form']) {
$articles[] = parse_form($a['override_form']);
} else {
$articles[] = $thing ? parse($thing) : parse_form($fname);
}
// sending these to paging_link(); Required?
$uPosted = $a['uPosted'];
unset($GLOBALS['thisarticle']);
}
return doLabel($label, $labeltag) . doWrap($articles, $wraptag, $break, $class);
}
}
function wiki($wiki, $article)
{
global $dataSource;
global $_CONFIG;
global $_EXTRAS;
$out = '';
//if ($_CONFIG['oneWiki']){
$base = $_CONFIG['base'];
$url = $_CONFIG['base'] . "/{$article}";
//} else {
// $base = $_CONFIG['base']."/".$wiki;
// $url = $_CONFIG['base']."/$wiki/$article";
//}
$content = array($wiki, $article, "", "aqWiki (Admin)", date("r"));
if (!isset($_GET['action'])) {
$_GET['action'] = false;
}
switch ($_GET['action']) {
case "viewrev":
if (!$_GET['id']) {
panic("View Revision", "Parameters incorrect");
}
$id = $_GET['id'];
$pages = $dataSource->getPage($article);
debug("Found " . count($pages) . " pages");
$row = $pages[$id];
$content[2] = '<div class="info"><b>Note:</b> This is a <i>specific revision</i> of this page, and may be outdated, The current version is ((here|' . $article . ')). You can see the differences between this and the current revision <a href="' . $url . '?action=diff&from=' . $id . '">here</a></div>';
if (in_array($_EXTRAS['me'], $_EXTRAS['admins'])) {
$content[2] .= '<div class="adminFunctions">Admin Actions:
<a href="' . $url . '?action=revert&id=' . $id . '">Revert back to this version</a>
</div>';
}
$content[2] .= $row['content'];
#."\n\n [ \"Edit This Page\":$url?action=edit | \"View Source\":$url?action=src ]";
$content[3] = $row['creator'];
$content[4] = date("r", $row['created']);
$limit = 3;
$current = 0;
$_EXTRAS['versions'] = '';
foreach ($pages as $row) {
$line = date("r", $row['created']) . " - \"" . $row['creator'] . "\":{$base}/~" . $row['creator'];
if ($row['comment']) {
$line .= " : " . $row['comment'];
}
if ($row['revision'] == $id) {
$_EXTRAS['versions'] .= "# " . $line . " [ Current ]\n";
} else {
$_EXTRAS['versions'] .= "# " . $line . " [ <a href=\"" . $url . "?action=viewrev&id=" . $row['revision'] . "\" title=\"View this revision\">View</a> |" . " <a href=\"" . $url . "?action=diff&from=" . $id . "&to=" . $row['revision'] . "\"\" title=\"View differences between this and the current revision\">Diff</a> ]\n";
}
$current++;
if ($id < $row['revision']) {
// Nothing happens
} elseif ($current >= $limit && $_GET['action'] != "allrev") {
if ($id == $row['revision']) {
$limit += 6;
} else {
$_EXTRAS['versions'] .= "# \"Show rest of revisions\":" . $url . "?action=allrev\n";
break;
}
}
}
$content[2] .= $out;
break;
case "diff":
$content[2] = "These are the differences between two versions of (({$article})). Lines styled <span class=\"added\">" . "like this</span> have been added to the entry, lines <span class=\"removed\">like this</span> have been removed.\n\n";
$from = isset($_GET['from']) ? $_GET['from'] : false;
$to = isset($_GET['to']) ? $_GET['to'] : false;
$_EXTRAS['textarea'] = $dataSource->diff($article, $from, $to);
$content[2] .= "[[TEXTAREA]]";
break;
case "newUser":
/*mysql> describe users;
+---------------+------------------+-------------------+
| Field | Type | Collation |
+---------------+------------------+-------------------+
| id | int(10) unsigned | binary |
| username | varchar(64) | latin1_swedish_ci |
| real_name | tinytext | latin1_swedish_ci |
| email | tinytext | latin1_swedish_ci |
| birthday | date | latin1_swedish_ci |
| password | tinytext | latin1_swedish_ci |
| location | int(11) | binary |
| last_access | timestamp | latin1_swedish_ci |
| date_creation | timestamp | latin1_swedish_ci |
| access_level | int(11) | binary |
+---------------+------------------+-------------------+
10 rows in set (0.05 sec)
*/
$form = '<form class="shiny" method=post action="' . $_SERVER['REQUEST_URI'] . '"><h2>New User</h2>' . "\n\n" . '|Username|<input type="text" name="username" value="' . $_POST['username'] . '">|(Must not be blank)|' . "\n" . '|Display Name|<input type="text" name="name" value="' . $_POST['name'] . '">|(Must not be blank)<br>|' . "\n" . '|e-Mail|<input type="text" name="email" value="' . $_POST['email'] . '">|(Must not be blank)<br>|' . "\n" . '|Password|<input type="password" name="password">|(Must not be blank)<br>|' . "\n" . '|Repeat Password |<input type="password" name="password2">| (Must match above) |' . "\n\n";
if (isset($_CONFIG['recaptcha_public_key'])) {
require_once 'recaptchalib.php';
$public_key = $_CONFIG['recaptcha_public_key'];
$form .= '<aqWikiNoProcess>' . recaptcha_get_html($public_key) . "</aqWikiNoProcess>\n\n";
}
$form .= '<input type="submit" name="submit" value="Create User">' . "\n\n" . '</form>';
#print_r($_POST);
if ($_POST['submit']) {
$errors = array();
if ($_POST['username'] == "") {
$errors[] = "Username cannot be blank";
} elseif (strstr($_POST['username'], ",")) {
$errors[] = "Username cannot contain commas";
} elseif (isset($_EXTRAS['reservedUsers']) && in_array($_POST['username'], $_EXTRAS['reservedUsers'])) {
$errors[] = "Username invalid";
} elseif (!$dataSource->unique("users", "username", $_POST['username'])) {
$errors[] = "Username must be unique";
}
if ($_POST['email'] == "") {
$errors[] = "email cannot be blank";
} elseif (!$dataSource->unique("users", "email", $_POST['email'])) {
$errors[] = "email must be unique";
}
if ($_POST['name'] == "") {
$errors[] = "Display Name cannot be blank";
} elseif (!$dataSource->unique("users", "real_name", $_POST['name'])) {
$errors[] = "Display Name must be unique";
}
if ($_POST['password'] == "") {
$errors[] = "password cannot be blank";
} elseif ($_POST['password'] != $_POST['password2']) {
$errors[] = "passwords must match";
}
if (isset($_CONFIG['recaptcha_private_key'])) {
$privatekey = $_CONFIG['recaptcha_private_key'];
$resp = recaptcha_check_answer($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]);
if (!$resp->is_valid) {
$errors[] = "Captcha invalid";
}
}
if (count($errors) == 0) {
$dataSource->newUser($_POST['username'], $_POST['name'], $_POST['password'], $_POST['email']);
sendAdminEmail('New User Created', $_POST);
$out = "h2. New user created\n\n";
$out .= "Hi, " . $_POST['name'] . ", Welcome to this aqWiki install.\n\n";
$url = parse_url($_SERVER['REQUEST_URI']);
$out .= "You should now \"login\":" . $url['path'] . "?action=login";
} else {
$out = "h2. Error in user creation\n\n";
foreach ($errors as $error) {
$out .= "* " . $error . "\n";
}
$out .= "\n\n" . $form;
}
} else {
$out = "h2. New user\n\n";
$out .= $form;
}
$content[2] = $out;
break;
case "edit":
if ($_EXTRAS['reqEdit']) {
doAuth($_EXTRAS['reqEdit'], "edit a page");
}
if ($_EXTRAS['restrictNewPages']) {
doAuth($_EXTRAS['restrictNewPages'], "create a new page");
}
$form = true;
$text = false;
switch ($_POST['submit']) {
case "Preview":
$out = $_POST['content'];
$text = stripslashes($_POST['content']);
break;
case "Spell Check":
$checker = new Spellchecker();
$text = strip_tags(textile($_POST['content']));
$num_errors = $checker->check($text);
if ($num_errors > 0) {
$out .= "h3. Spell Check\n\n";
#$out .= "Items <span class=\"spellCorrect\">like this</span> could be errors, hover over for suggestions. Items <span class=\"spellNoSuggest\">like this</span> arn't in the dictionary, and the spell checker has no idea.\n\n";
$errors = $checker->getErrors();
$oldtext = $text;
foreach ($errors as $word => $suggestions) {
/*$title = trim(implode(', ', $suggestions));
if ($title == ""){
$span = '<|-|'.$title.'|-|>'.$word.'</-|>';
} else {
$span = '<|||'.$title.'|||>'.$word.'</||>';
}*/
$suggs = implode(' ', $suggestions);
if ($suggs != " ") {
$errorlist .= "*" . $word . ":* " . $suggs . "\n\n";
} else {
$noidea[] = $word;
}
# $text = str_replace($word, $span, $text);
#$text = preg_replace("/(\W|^)$word(\W|\$)/i", "$1$span$2", $text);
}
/*
//if ($title == ""){
$text = str_replace('<|-|', '<span class="spellNoSuggest"', $text);
$text = str_replace('|-|>', '>', $text);
$text = str_replace('</-|>', '</span>', $text);
//} else {
$text = str_replace('<|||', '<span class="spellCorrect" title="', $text);
$text = str_replace('|||>', '">', $text);
$text = str_replace('</||>', '</span>', $text);
//}*/
}
if ($noidea) {
$errorlist .= "*No idea about:* " . implode(' ', $noidea) . "\n\n";
}
#$out .= $text;
$out .= $errorlist . "\n";
$text = stripslashes($_POST['content']);
break;
case "Post":
$page = array_shift($dataSource->getPage($article));
if ($page['rev_created'] > $_POST['edittime']) {
$content[2] .= collision_detection($page, $_POST);
$text = $_POST['content'];
//$form = false;
} else {
$dataSource->post($article, $_POST['content'], $_POST['comment']);
$form = false;
header("location: {$url}");
}
}
if ($text) {
$_EXTRAS['textarea'] = $text;
} elseif (!$dataSource->pageExists($article)) {
$_POST['comment'] = "Start of a brand new world";
$_EXTRAS['textarea'] = "";
} else {
$_EXTRAS['textarea'] = stripslashes($dataSource->getContent($article));
}
preg_match_all("/\\[\\[LOCKED\\|(.*?)\\]\\]/", $_EXTRAS['textarea'], $matches);
foreach ($matches[0] as $index => $match) {
$users = $matches[1][$index];
doAuth($users, "view this");
}
if ($form) {
$out .= "<form method=post action=\"" . $_SERVER['REQUEST_URI'] . "\" class=\"shiny wikiedit\">";
$out .= '<h2>Editing "' . $content[1] . '"</h2>';
$out .= "<p>You should read the ((help)). If you are having problems with the formatting, post it and add a note explaining the problem to ((formattingProblems)) and I'll dive in and fix it. If you believe you've found a bug in the wiki software, post your problem to \"the bug tracker\":http://trac.aqxs.net/aqwiki/newticket and I'll dive in and fix that too.</p>\n";
//$out .= "<label for=\"creator\">Author</label>\n";
//$out .= $_EXTRAS['me']."<br>\n";
$out .= "<label for=\"content\">Content of page \"" . $content[1] . "\"</label>\n";
$out .= "<textarea name=\"content\" id=\"content\" rows=\"30\" cols=\"72\">[[TEXTAREA]]</textarea>\n<br>\n";
$out .= "<label for=\"comment\">Comment</label>\n";
$out .= "<input type=\"text\" name=\"comment\" id=\"comment\" size=\"72\" value=\"" . $_POST['comment'] . "\"><br>\n";
$out .= "<input class=\"submit\" type=\"hidden\" name=\"edittime\" value=\"" . time() . "\">\n";
$out .= "<input class=\"submit\" type=\"submit\" name=\"submit\" value=\"Post\"> ";
$out .= "<input class=\"submit\" type=\"submit\" name=\"submit\" value=\"Preview\"> ";
$out .= "<input class=\"submit\" type=\"submit\" name=\"submit\" value=\"Spell Check\"> ";
$out .= "<input class=\"submit\" type=\"reset\" name=\"revert\" value=\"Revert to pre-editing\">\n";
$out .= "</form>";
$content[2] .= $out;
break;
}
case "allrev":
if (!$dataSource->pageExists($article)) {
$content[2] = 'Error: Page doesn\'t exist. What are you playing at?';
break;
}
$content[2] = '<form method="GET" action="' . $url . '" style="width: auto;">';
$content[2] .= '<h2>Viewing all revisions for ((' . $article . "))</h2>\n\n";
$content[2] .= 'Select the <input type="radio" /> boxes to compare two revisions' . "\n\n";
$pages = $dataSource->getPage($article);
$pages = array_reverse($pages);
foreach ($pages as $row) {
$line = '<input type="radio" name="from" value="' . $row['revision'] . '">';
$line .= '<input type="radio" name="to" value="' . $row['revision'] . '">';
$line .= date("Y-m-d H:i", $row['created']) . " - " . userlink($row['creator']);
if ($row['comment']) {
$line .= " : " . $row['comment'];
}
$content[2] .= "# " . $line . " [ <a href=\"" . $url . "?action=viewrev&id=" . $row['revision'] . "\" title=\"View this revision\">View</a> |" . " <a href=\"" . $url . "?action=diff&from=" . $row['revision'] . "\"\" title=\"View differences between this and the current revision\">Diff</a> ]\n";
}
$content[2] .= '<input type="submit" value="Compare Revisions">
<input type="hidden" value="diff" name="action">
</form>';
break;
case "revert":
if (!in_array($_EXTRAS['me'], $_EXTRAS['admins'])) {
panic('AqWiki Reversion', 'You\'re not an admin, you can\'t do this shit');
}
if (!$_GET['id']) {
die("Parameters incorrect");
}
$id = $_GET['id'];
$pages = $dataSource->getPage($article);
$oldVersion = $pages[$id];
//die($oldVersion['content']);
$dataSource->post($article, $oldVersion['content'], 'reverted back to version ' . $id);
$form = false;
$content[2] = 'Reverted ((' . $article . ')) back to version ' . $id;
break;
default:
$_EXTRAS['versions'] = "";
if (!$dataSource->pageExists($article)) {
if ($_EXTRAS['restrictNewPages'] || $_EXTRAS['reqEdit']) {
if ($_EXTRAS['restrictNewPages'] == "register") {
$message = "any registered users";
} else {
$message = "only certain users";
}
if (!isset($_EXTRAS['newPageMessage'])) {
$npm = "This page doesn't exist yet. [[TYPES]] can create new pages. Do you want to do so?\n\n\"Go On Then\":[[EDITURL]]";
} else {
$npm = $_EXTRAS['newPageMessage'];
}
$content[2] = str_replace(array("[[TYPES]]", "[[EDITURL]]"), array($message, $url . "?action=edit"), $npm);
} else {
$content[2] = "This page doesn't exist yet, Would you like to create it?\n\n\"Go On Then\":" . $url . "?action=edit";
}
} else {
$_EXTRAS['nearby'] = $dataSource->nearby($article);
$pages = $dataSource->getPage($article);
$row = array_shift($pages);
if (strcmp($row['wiki'], $wiki) != 0) {
$base = $_CONFIG['base'] . "/" . $row['wiki'];
$url = $base . "/" . $article;
header("location: " . $url);
}
$content[2] = $row['content'];
$content[3] = $row['creator'];
$content[4] = date("r", $row['created']);
$line = date("r", $row['created']) . " - " . userlink($row['creator']);
if ($row['comment']) {
$line .= " : " . $row['comment'];
}
if ($_EXTRAS['current'] != $article) {
$pages = $dataSource->getPage($_EXTRAS['current']);
$row = array_shift($pages);
}
$_EXTRAS['versions'] .= "# " . $line . " [ Current ]\n";
$limit = 10;
$current = 0;
foreach ($pages as $row) {
$line = date("Y-m-d\tH:i", $row['created']) . " - " . userlink($row['creator']);
if ($row['comment']) {
$line .= " : " . $row['comment'];
}
$_EXTRAS['versions'] .= "# " . $line . " [ <a href=\"" . $url . "?action=viewrev&id=" . $row['revision'] . "\" title=\"View this revision\">View</a> |" . " <a href=\"" . $url . "?action=diff&from=" . $row['revision'] . "\"\" title=\"View differences between this and the current revision\">Diff</a> ]\n";
$current++;
if ($_GET['action'] != "allrev" && $current > $limit) {
$_EXTRAS['versions'] .= "# \"Show list of revisions\":" . $url . "?action=allrev\n";
break;
}
}
#$content[2] .= $out;
}
}
return $content;
}
/**
* Ask the user whether he wants to trust this site
*/
function action_trust()
{
$info = getRequestInfo();
$trusted = isset($_POST['trust']);
if ($info && isset($_POST['remember'])) {
$sites = getSessionSites();
$sites[$info->trust_root] = $trusted;
setSessionSites($sites);
}
return doAuth($info, $trusted, true);
}
