<?php
authorize();
$ArticleID = Wiki::alias_to_id($_GET['alias']);
$DB->query("SELECT MinClassEdit FROM wiki_articles WHERE ID = {$ArticleID}");
list($MinClassEdit) = $DB->next_record();
if ($MinClassEdit > $LoggedUser['EffectiveClass']) {
error(403);
}
$DB->query("DELETE FROM wiki_aliases WHERE Alias='" . Wiki::normalize_alias($_GET['alias']) . "'");
Wiki::flush_article($ArticleID);
Wiki::flush_aliases();
if (check_perms('admin_manage_wiki')) {
$Read = $_POST['minclassread'];
$Edit = $_POST['minclassedit'];
if (!is_number($Read)) {
error(0);
//int?
}
if (!is_number($Edit)) {
error(0);
}
if ($Edit > $LoggedUser['EffectiveClass']) {
error('You can\'t restrict articles above your own level');
}
if ($Edit < $Read) {
$Edit = $Read;
//Human error fix.
}
} else {
$Read = 100;
$Edit = 100;
}
$DB->query("\n\tINSERT INTO wiki_articles\n\t\t(Revision, Title, Body, MinClassRead, MinClassEdit, Date, Author)\n\tVALUES\n\t\t('1', '{$P['title']}', '{$P['body']}', '{$Read}', '{$Edit}', '" . sqltime() . "', '{$LoggedUser['ID']}')");
$ArticleID = $DB->inserted_id();
$TitleAlias = Wiki::normalize_alias($_POST['title']);
$Dupe = Wiki::alias_to_id($_POST['title']);
if ($TitleAlias != '' && $Dupe === false) {
$DB->query("\n\t\tINSERT INTO wiki_aliases (Alias, ArticleID)\n\t\tVALUES ('" . db_string($TitleAlias) . "', '{$ArticleID}')");
Wiki::flush_aliases();
}
Misc::write_log("Wiki article {$ArticleID} (" . $_POST['title'] . ") was created by " . $LoggedUser['Username']);
header("Location: wiki.php?action=article&id={$ArticleID}");
$SQL .= implode("%' AND {$Type} LIKE '%", $Words);
$SQL .= "%' ";
}
$SQL .= "\n\tORDER BY {$Order} {$Way}\n\tLIMIT {$Limit} ";
$RS = $DB->query($SQL);
$DB->query("\n\tSELECT FOUND_ROWS()");
list($NumResults) = $DB->next_record();
View::show_header('Search articles');
$DB->set_query_id($RS);
?>
<div class="thin">
<div class="header">
<h2>Search articles</h2>
<div class="linkbox">
<a href="wiki.php?action=create&alias=<?php
echo display_str(Wiki::normalize_alias($_GET['search']));
?>
" class="brackets">Create an article</a>
</div>
</div>
<div>
<form action="" method="get">
<div>
<input type="hidden" name="action" value="search" />
<input type="hidden" name="nojump" value="1" />
</div>
<table cellpadding="6" cellspacing="1" border="0" class="layout border" width="100%">
<tr>
<td class="label"><label for="search"><strong>Search for:</strong></label></td>
<td colspan="3">
<input type="search" name="search" id="search" size="70" value="<?php
//No article found
View::show_header('No article found');
?>
<div class="thin">
<div class="header">
<h2>No article found</h2>
</div>
<div class="box pad" style="padding: 10px 10px 10px 20px;">
There is no article matching the name you requested.
<ul>
<li><a href="wiki.php?action=search&search=<?php
echo display_str($_GET['name']);
?>
">Search</a> for an article similar to this.</li>
<li><a href="wiki.php?action=create&alias=<?php
echo display_str(Wiki::normalize_alias($_GET['name']));
?>
">Create</a> an article in its place.</li>
</ul>
</div>
</div>
<?php
View::show_footer();
die;
}
$Article = Wiki::get_article($ArticleID);
list($Revision, $Title, $Body, $Read, $Edit, $Date, $AuthorID, $AuthorName, $Aliases, $UserIDs) = array_shift($Article);
if ($Read > $LoggedUser['EffectiveClass']) {
error('You must be a higher user class to view this wiki article');
}
$TextBody = Text::full_format($Body, false);
<?php
authorize();
if (!isset($_POST['article']) || !is_number($_POST['article'])) {
error(0);
}
$ArticleID = (int) $_POST['article'];
$DB->query("SELECT MinClassEdit FROM wiki_articles WHERE ID = {$ArticleID}");
list($MinClassEdit) = $DB->next_record();
if ($MinClassEdit > $LoggedUser['EffectiveClass']) {
error(403);
}
$NewAlias = Wiki::normalize_alias($_POST['alias']);
$Dupe = Wiki::alias_to_id($_POST['alias']);
if ($NewAlias != '' && $NewAlias != 'addalias' && $Dupe === false) {
//Not null, and not dupe
$DB->query("INSERT INTO wiki_aliases (Alias, UserID, ArticleID) VALUES ('{$NewAlias}', '{$LoggedUser['ID']}', '{$ArticleID}')");
} else {
error('The alias you attempted to add was either null or already in the database.');
}
Wiki::flush_aliases();
Wiki::flush_article($ArticleID);
header('Location: wiki.php?action=article&id=' . $ArticleID);