Revision history for InheritACL
Deletions:
Additions:
if(strpos($referer, '/')) // remove handlers in referer
$referer = explode('/',$referer,2);
$referer = $referer[0];
if(strpos($referer, '?')) // remove parameters in referer (with mod_rewrite)
$referer = explode('?',$referer,2);
$referer = $referer[0];
if(strpos($referer, '&')) // remove parameters in referer (without mod_rewrite)
$referer = explode('&',$referer,2);
$referer = $referer[0];
$referer = explode('/',$referer,2);
$referer = $referer[0];
if(strpos($referer, '?')) // remove parameters in referer (with mod_rewrite)
$referer = explode('?',$referer,2);
$referer = $referer[0];
if(strpos($referer, '&')) // remove parameters in referer (without mod_rewrite)
$referer = explode('&',$referer,2);
$referer = $referer[0];
Deletions:
if(stripos($referer, '&edit')) sscanf($referer,"%s&edit",&$referer);
Revision [20008]
Edited on 2008-06-04 10:02:00 by MasinAlDujaili [disabling ACL inheritance if page exists, take 2]Additions:
if($inherit_acl && !$this->existsPage($this->GetPageTag())) $output .=
}HTTP_REFERER
if(isset($_SERVER['HTTP_REFERER']) && $inherit_acl && !$this->existsPage($this->GetPageTag()))
if($inherit_acl && !$this->existsPage($this->GetPageTag()))
}HTTP_REFERER
if(isset($_SERVER['HTTP_REFERER']) && $inherit_acl && !$this->existsPage($this->GetPageTag()))
if($inherit_acl && !$this->existsPage($this->GetPageTag()))
Deletions:
if(isset($_SERVER['HTTP_REFERER']) && $inherit_acl && !$this->GetPageTag())
if($inherit_acl && !$this->GetPageTag())
Revision [20007]
Edited on 2008-06-04 09:49:56 by MasinAlDujaili [disabling ACL inheritance if page exists]Additions:
if($inherit_acl && !$this->GetPageTag()) $output .=
if(isset($_SERVER['HTTP_REFERER']) && $inherit_acl && !$this->GetPageTag())
if($inherit_acl && !$this->GetPageTag())
if(isset($_SERVER['HTTP_REFERER']) && $inherit_acl && !$this->GetPageTag())
if($inherit_acl && !$this->GetPageTag())
Deletions:
if(isset($_SERVER['HTTP_REFERER']) && $inherit_acl)
if($inherit_acl)
Revision [20005]
Edited on 2008-06-04 05:02:58 by MasinAlDujaili [working versions, removed debug output]Additions:
>>Working for 1.1.6.2 to 1.1.6.4 (latest)>>As wished in [[http://wush.net/trac/wikka/ticket/139 #139]], a simple way for setting ACL at creation time might be useful. The idea is to take the ACL of the page where the link leading to page creation has been clicked by the user.
if($def_acl == $this->TrimACLs($acl)) return TRUE;
else return FALSE;
if($def_acl == $this->TrimACLs($acl)) return TRUE;
else return FALSE;
Deletions:
if($def_acl == $this->TrimACLs($acl))
$output .= "<p>Kein Unterschied</p>";
return TRUE;
$output .= "<p>Unterschied gefunden</p>";
return FALSE;
Additions:
What's new for v1.1.6.4? The modified extension uses the HTTP_REFERER information to determine the referring page. This means, the URLs of non-existing pages won't get ugly. Furthermore I put a checkbox in to turn inheriting ACLs off when creating a new page. It looks a lot nicer now. To do: The ACL editing block appears even when not creating a new page. I will care about this tomorrow. For previous versions I recommend to look at the revisions of this page before 2008-05-31.
I'll make it short, just posting the modified file /handlers/page/edit.php
<?php
/**
* Display a form to edit the current page.
*
* @package Handlers
* @subpackage Page
* @version $Id$
* @license http://www.gnu.org/copyleft/gpl.html GNU General Public License
* @filesource
*
* @author {@link http://wikkawiki.org/JsnX Jason Tourtelotte} (original code)
* @author {@link http://wikkawiki.org/Dartar Dario Taraborelli} (preliminary code cleanup, i18n)
* @author {@link http://wikkawiki.org/DotMG Mahefa Randimbisoa} (bugfixes)
*
* @uses Config::$edit_buttons_position
* @uses Config::$require_edit_note
* @uses Config::$gui_editor
* @uses Wakka::ClearLinkTable()
* @uses Wakka::Footer()
* @uses Wakka::Format()
* @uses Wakka::FormClose()
* @uses Wakka::FormOpen()
* @uses Wakka::GetUser()
* @uses Wakka::GetUserName()
* @uses Wakka::HasAccess()
* @uses Wakka::Header()
* @uses Wakka::Href()
* @uses Wakka::htmlspecialchars_ent()
* @uses Wakka::hsc_secure()
* @uses Wakka::LoadSingle()
* @uses Wakka::Redirect()
* @uses Wakka::SavePage()
* @uses Wakka::StartLinkTracking()
* @uses Wakka::StopLinkTracking()
* @uses Wakka::WriteLinkTable()
*
* @todo optimization using history.back();
* @todo use central regex library for validation;
* @todo replace $_REQUEST with either $_GET or $_POST (or both if really
* necessary) - #312 => NOT CLEAR here what to do; see also #449
*/
/**#@+
* Default value.
*/
if (!defined('VALID_PAGENAME_PATTERN')) define ('VALID_PAGENAME_PATTERN', '/^[A-Za-zÄÖÜßäöü]+[A-Za-z0-9ÄÖÜßäöü]*$/s'); //TODO use central regex library
if (!defined('MAX_TAG_LENGTH')) define ('MAX_TAG_LENGTH', 75);
if (!defined('MAX_EDIT_NOTE_LENGTH')) define ('MAX_EDIT_NOTE_LENGTH', 50);
/**
* Class attribute to enable styling as error.
*/
if (!defined('INPUT_ERROR_STYLE')) define('INPUT_ERROR_STYLE', 'class="highlight"');
/**#@-*/
/**#@+
* Internationalization (i18n).
*/
if (!defined('PREVIEW_HEADER')) define('PREVIEW_HEADER', 'Preview');
if (!defined('LABEL_EDIT_NOTE')) define('LABEL_EDIT_NOTE', 'Please add a note on your edit');
if (!defined('ERROR_INVALID_PAGENAME')) define('ERROR_INVALID_PAGENAME', 'This page name is invalid. Valid page names must start with a letter and contain only letters and numbers.');
if (!defined('ERROR_OVERWRITE_ALERT')) define('ERROR_OVERWRITE_ALERT', 'OVERWRITE ALERT: This page was modified by someone else while you were editing it.<br /> Please copy your changes and re-edit this page.');
if (!defined('ERROR_MISSING_EDIT_NOTE')) define('ERROR_MISSING_EDIT_NOTE', 'MISSING EDIT NOTE: Please fill in an edit note!');
if (!defined('ERROR_TAG_TOO_LONG')) define('ERROR_TAG_TOO_LONG', 'Tag too long! %d characters max.');
if (!defined('ERROR_NO_WRITE_ACCESS')) define('ERROR_NO_WRITE_ACCESS', 'You don\'t have write access to this page. You might need to register an account to be able to edit this page.');
if (!defined('ERROR_INVALID_PAGEID')) define('ERROR_INVALID_PAGEID', 'The revision id does not exist for the requested page');
if (!defined('MESSAGE_AUTO_RESIZE')) define('MESSAGE_AUTO_RESIZE', 'Clicking on %s will automatically truncate the tag to the correct size');
if (!defined('INPUT_SUBMIT_PREVIEW')) define('INPUT_SUBMIT_PREVIEW', 'Preview');
if (!defined('INPUT_SUBMIT_STORE')) define('INPUT_SUBMIT_STORE', 'Store');
if (!defined('INPUT_SUBMIT_REEDIT')) define('INPUT_SUBMIT_REEDIT', 'Re-edit');
if (!defined('INPUT_BUTTON_CANCEL')) define('INPUT_BUTTON_CANCEL', 'Cancel');
if (!defined('INPUT_SUBMIT_RENAME')) define('INPUT_SUBMIT_RENAME', 'Rename');
if (!defined('ACCESSKEY_STORE')) define('ACCESSKEY_STORE', 's');
if (!defined('ACCESSKEY_REEDIT')) define('ACCESSKEY_REEDIT', 'r');
if (!defined('ACCESSKEY_PREVIEW')) define('ACCESSKEY_PREVIEW', 'p');
if (!defined('SHOWCODE_LINK')) define('SHOWCODE_LINK', 'View formatting code for this page');
if (!defined('SHOWCODE_LINK_TITLE')) define('SHOWCODE_LINK_TITLE', 'Click to view page formatting code');
if (!defined('INHERIT_ACL_LABEL')) define('INHERIT_ACL_LABEL', 'Inherit ACLs (uncheck for default ACLs)');
if (!defined('INHERIT_ACL_LEGEND')) define('INHERIT_ACL_LEGEND', 'Inheritance of ACLs');
if (!defined('INHERIT_ACL_CAPTION')) define('INHERIT_ACL_CAPTION', 'Using ACLs from %s');
/**#@-*/
$note = '';
$inherit_acl = $this->GetConfigValue('inherit_acl');
if (isset($_POST['submit']) && ($_POST['submit'] == 'Preview') && ($user = $this->GetUser()) && ($user['doubleclickedit'] != 'N'))
{
$ondblclick = ' ondblclick=\'document.getElementById("reedit_id").click();\'';
//history.back() not working on IE. (changes are lost)
//however, history.back() works fine in FF, and this is the optimized choice
//TODO Optimization: Look $_SERVER['HTTP_USER_AGENT'] and use history.back() for good browsers like FF.
}
?>
<div class="page"<?php echo $ondblclick;?>>
<?php
if (!(preg_match(VALID_PAGENAME_PATTERN, $this->tag))) { //TODO use central regex library
echo '<em class="error">'.ERROR_INVALID_PAGENAME.'</em>';
}
elseif ($this->HasAccess("write") && $this->HasAccess("read"))
{
$newtag = $output = '';
// rename action
if (isset($_POST['newtag']))
$newtag = $_POST['newtag'];
if ($newtag !== '') $this->Redirect($this->Href('edit', $newtag));
$body = '';
$id = $this->page['id'];
if($_GET['id'])
$page = $this->LoadPageById(mysql_real_escape_string($_GET['id']));
if($page['tag'] != $this->page['tag'])
$this->Redirect($this->Href(), ERROR_INVALID_PAGEID);
else
$body = $page['body'];
$id = $page['id'];
if ($_POST)
// strip CRLF line endings down to LF to achieve consistency ... plus it saves database space.
// Note: these codes must remain enclosed in double-quotes to work! -- JsnX
$body = str_replace("\r\n", "\n", $_POST['body']);
// replace each 4 consecutive spaces at the start of a line with a tab
#$body = preg_replace("/\n[ ]{4}/", "\n\t", $body); # @@@ FIXME: misses first line and multiple sets of four spaces - JW 2005-01-16
# JW FIXED 2005-07-12
$pattern = '/^(\t*) {4}/m'; # m modifier: match ^ at start of line *and* at start of string;
$replace = "$1\t";
while (preg_match($pattern,$body))
$body = preg_replace($pattern,$replace,$body);
// we don't need to escape here, we do that just before display (i.e., treat note just like body!)
if (isset($_POST['note']))
$note = trim($_POST['note']);
// only if saving:
if ($_POST['submit'] == 'Store')
// check for overwriting
if ($this->page)
if ($this->page['id'] != $_POST['previous'])
$error = ERROR_OVERWRITE_ALERT;
// check for edit note if required
if (($this->config['require_edit_note'] == 1) && $_POST['note'] == '')
$error .= ERROR_MISSING_EDIT_NOTE;
$highlight_note = INPUT_ERROR_STYLE;
// store
if($inherit_acl && isset($_POST['inherit_acl'])) // config option activated? form option existing?
if($_POST['inherit_acl']) // form option checked?
{
// only write ACLs if they differ from their default value
$save_acls = FALSE;
if (isset($_POST['read_acl'])) if(!$this->isDefaultACL('read_acl', $_POST['read_acl'])) $save_acls = TRUE;
if (isset($_POST['write_acl'])) if(!$this->isDefaultACL('write_acl', $_POST['write_acl'])) $save_acls = TRUE;
if (isset($_POST['comment_acl'])) if(!$this->isDefaultACL('comment_acl', $_POST['comment_acl'])) $save_acls = TRUE;
if($save_acls)
{
$this->SaveACL($this->tag, 'read', $this->TrimACLs($_POST['read_acl']));
$this->SaveACL($this->tag, 'write', $this->TrimACLs($_POST['write_acl']));
$this->SaveACL($this->tag, 'comment', $this->TrimACLs($_POST['comment_acl']));
}
}
// fetch fields
$previous = $this->page['id'];
if (isset($_POST['previous'])) $previous = $_POST['previous'];
if (empty($body)) $body = $this->page['body'];
// replace each 4 consecutive spaces at the start of a line with a tab
#$body = preg_replace("/\n[ ]{4}/", "\n\t", $body); # @@@ FIXME: misses first line and multiple sets of four spaces - JW 2005-01-16
# JW FIXED 2005-07-12
$pattern = '/^(\t*) {4}/m'; # m modifier: match ^ at start of line *and* at start of string;
$replace = "$1\t";
while (preg_match($pattern,$body))
$body = preg_replace($pattern,$replace,$body);
// derive maximum length for a page name from the table structure if possible
if ($result = mysql_query("describe ".$this->config['table_prefix']."pages tag")) {
$field = mysql_fetch_assoc($result);
if (preg_match("/varchar\((\d+)\)/", $field['Type'], $matches)) $maxtaglen = $matches[1];
else
$maxtaglen = MAX_TAG_LENGTH;
// PREVIEW screen
//check if ACLs have been cloned in the step before
if(isset($_POST['read_acl']) || isset($_POST['write_acl']) || isset($_POST['comment_acl']) || isset($_POST['inherit_acl']))
$inherit_acl = $inherit_acl;
// so we use hsc_secure() on the edit note (as on the body)
$preview_buttons .= '<input size="'.MAX_EDIT_NOTE_LENGTH.'" type="text" name="note" value="'.$this->hsc_secure($note).'" '.$highlight_note.'/>'.LABEL_EDIT_NOTE.'<br />'."\n";
// hence hsc_secure() instead of htmlspecialchars_ent() which UNescapes entities!
// JW/2007-02-20: why is this? wouldn't it be easier for the person editing to show actual characters instead of entities?
'<input type="hidden" name="body" value="'.$this->hsc_secure($body).'" />'."\n"; #427
'<input type="hidden" name="inherit_acl" value="'.$_POST['inherit_acl'].'" />'."\n".
'<input type="hidden" name="read_acl" value="'.$_POST['read_acl'].'" />'."\n".
'<input type="hidden" name="write_acl" value="'.$_POST['write_acl'].'" />'."\n".
'<input type="hidden" name="comment_acl" value="'.$_POST['comment_acl'].'" />'."\n";
// RENAME screen
elseif (!$this->page && strlen($this->tag) > $maxtaglen)
// truncate tag to feed a backlinks-handler with the correct value. may be omited. it only works if the link to a backlinks-handler is built in the footer.
$this->tag = substr($this->tag, 0, $maxtaglen);
$output = '<em class="error">'.sprintf(ERROR_TAG_TOO_LONG, $maxtaglen).'</em><br />'."\n";
$output .= sprintf(MESSAGE_AUTO_RESIZE, INPUT_SUBMIT_RENAME).'<br /><br />'."\n";
$output .= $this->FormOpen('edit');
$output .= '<input name="newtag" size="'.MAX_TAG_LENGTH.'" value="'.$this->htmlspecialchars_ent($this->tag).'" />';
$output .= '<input name="submit" type="submit" value="'.INPUT_SUBMIT_RENAME.'" />'."\n";
// EDIT Screen
else
if (!empty($error))
// TODO not clear if this is/was intended as a URL parameter (GET), or a check box on the edito form (POST) ....
// would be nice as a checkbox, provided it is acted upon only when user is actually submitting - NOT on preview or re-edit
if (isset($_REQUEST['appendcomment'])) #312, #449
if(isset($_SERVER['HTTP_REFERER']) && $inherit_acl)
// Referring page gets refined in multiple steps until we got what we want
$referer = $_SERVER['HTTP_REFERER'];
$base_url = $this->GetConfigValue('base_url');
$rewrite_mode = $this->GetConfigValue('rewrite_mode');
if(stripos($referer, $base_url)!==FALSE)
sscanf($referer, $base_url."%s", &$referer);
if($rewrite_mode)
if(stripos($referer, '/edit')) sscanf($referer,"%s/edit",&$referer);
else
if(stripos($referer, '&edit')) sscanf($referer,"%s&edit",&$referer);
$ref_page = $this->LoadPage($referer);
if($ref_page)
$ref_ACLs = $this->LoadAllACLs($ref_page['tag']);
else
$ref_ACLs['read_acl'] = $this->GetConfigValue('default_read_acl');
$ref_ACLs['write_acl'] = $this->GetConfigValue('default_write_acl');
$ref_ACLs['comment_acl'] = $this->GetConfigValue('default_comment_acl');
if(isset($_POST['read_acl'])) $ref_ACLs['read_acl'] = $_POST['read_acl'];
if(isset($_POST['write_acl'])) $ref_ACLs['write_acl'] = $_POST['write_acl'];
if(isset($_POST['comment_acl'])) $ref_ACLs['comment_acl'] = $_POST['comment_acl'];
// hence hsc_secure() instead of htmlspecialchars_ent() which UNescapes entities!
// JW/2007-02-20: why is this? wouldn't it be easier for the person editing to show actual characters instead of entities?
'<div id="textarea_container">'."\n".
'<textarea id="body" name="body" rows="100" cols="20">'.$this->hsc_secure($body).'</textarea>'."\n". #427
'</div>'."\n";
// add Edit note
// so we use hsc_secure on the edit note (as on the body)
$output .= '<input size="'.MAX_EDIT_NOTE_LENGTH.'" type="text" name="note" value="'.$this->hsc_secure($note).'" '.$highlight_note.'/> '.LABEL_EDIT_NOTE.'<br />'."\n";
if($inherit_acl)
$output .= '<fieldset><legend>'.INHERIT_ACL_LEGEND.'</legend>'."\n".
'<input name="inherit_acl" type="checkbox" value="inherit_acl" id="inherit_acl"';
if(isset($_POST['inherit_acl'])) $output .= $_POST['inherit_acl'] ? 'checked="checked"' : '';
else $output .= 'checked="checked"';
$output .= ' /><label for="inherit_acl">'.INHERIT_ACL_LABEL.'</label>'."\n".
'<table class="acls">'."\n".
'<tr>'."\n".
'<td>'."\n".
'<strong><label for="read_acl">'.READ_ACL_LABEL.'</label></strong><br />'."\n".
'<textarea id="read_acl" name="read_acl" rows="4" cols="20">'.$ref_ACLs['read_acl'].'</textarea>'."\n".
'</td>'."\n".
'<td>'."\n".
'<strong><label for="write_acl">'.WRITE_ACL_LABEL.'</label></strong><br />'."\n".
'<textarea id="write_acl" name="write_acl" rows="4" cols="20">'.$ref_ACLs['write_acl'].'</textarea>'."\n".
'</td>'."\n".
'<td>'."\n".
'<strong><label for="comment_acl">'.COMMENT_ACL_LABEL.'</label></strong><br />'."\n".
'<textarea id="comment_acl" name="comment_acl" rows="4" cols="20">'.$ref_ACLs['comment_acl'].'</textarea>'."\n".
'</td>'."\n".
'</tr>'."\n".
'<caption>'.sprintf(INHERIT_ACL_CAPTION,$referer).'</caption>'."\n".
'</table>'."\n".
'</fieldset>'."\n";
if ($this->config['gui_editor'] == 1)
$output .= '<script type="text/javascript" src="3rdparty/plugins/wikkaedit/wikkaedit_data.js"></script>'."\n";
$output .= '<script type="text/javascript" src="3rdparty/plugins/wikkaedit/wikkaedit_search.js"></script>'."\n";
$output .= '<script type="text/javascript" src="3rdparty/plugins/wikkaedit/wikkaedit.js"></script>'."\n";
echo $output;
}
else
{
$message = '<em class="error">'.ERROR_NO_WRITE_ACCESS.'</em><br />'."\n".
"<br />\n".
'<a href="'.$this->Href('showcode').'" title="'.SHOWCODE_LINK_TITLE.'">'.SHOWCODE_LINK.'</a>'.
"<br />\n";
echo $message;
}
?>
</div>
Currently, Wikka might complain, that there's no function called 'isDefaultACL()'. That's because there's none, unless you paste this
function isDefaultACL($acl_type, $acl) // check if ACLs are the same as default
$def_acl = $this->TrimACLs($this->GetConfigValue('default_'.$acl_type));
if($def_acl == $this->TrimACLs($acl))
$output .= "<p>Kein Unterschied</p>";
return TRUE;
else
$output .= "<p>Unterschied gefunden</p>";
return FALSE;
into /libs/Wakka.class.php. I put it near the other functions concerning ACLs.
I'll make it short, just posting the modified file /handlers/page/edit.php
<?php
/**
* Display a form to edit the current page.
*
* @package Handlers
* @subpackage Page
* @version $Id$
* @license http://www.gnu.org/copyleft/gpl.html GNU General Public License
* @filesource
*
* @author {@link http://wikkawiki.org/JsnX Jason Tourtelotte} (original code)
* @author {@link http://wikkawiki.org/Dartar Dario Taraborelli} (preliminary code cleanup, i18n)
* @author {@link http://wikkawiki.org/DotMG Mahefa Randimbisoa} (bugfixes)
*
* @uses Config::$edit_buttons_position
* @uses Config::$require_edit_note
* @uses Config::$gui_editor
* @uses Wakka::ClearLinkTable()
* @uses Wakka::Footer()
* @uses Wakka::Format()
* @uses Wakka::FormClose()
* @uses Wakka::FormOpen()
* @uses Wakka::GetUser()
* @uses Wakka::GetUserName()
* @uses Wakka::HasAccess()
* @uses Wakka::Header()
* @uses Wakka::Href()
* @uses Wakka::htmlspecialchars_ent()
* @uses Wakka::hsc_secure()
* @uses Wakka::LoadSingle()
* @uses Wakka::Redirect()
* @uses Wakka::SavePage()
* @uses Wakka::StartLinkTracking()
* @uses Wakka::StopLinkTracking()
* @uses Wakka::WriteLinkTable()
*
* @todo optimization using history.back();
* @todo use central regex library for validation;
* @todo replace $_REQUEST with either $_GET or $_POST (or both if really
* necessary) - #312 => NOT CLEAR here what to do; see also #449
*/
/**#@+
* Default value.
*/
if (!defined('VALID_PAGENAME_PATTERN')) define ('VALID_PAGENAME_PATTERN', '/^[A-Za-zÄÖÜßäöü]+[A-Za-z0-9ÄÖÜßäöü]*$/s'); //TODO use central regex library
if (!defined('MAX_TAG_LENGTH')) define ('MAX_TAG_LENGTH', 75);
if (!defined('MAX_EDIT_NOTE_LENGTH')) define ('MAX_EDIT_NOTE_LENGTH', 50);
/**
* Class attribute to enable styling as error.
*/
if (!defined('INPUT_ERROR_STYLE')) define('INPUT_ERROR_STYLE', 'class="highlight"');
/**#@-*/
/**#@+
* Internationalization (i18n).
*/
if (!defined('PREVIEW_HEADER')) define('PREVIEW_HEADER', 'Preview');
if (!defined('LABEL_EDIT_NOTE')) define('LABEL_EDIT_NOTE', 'Please add a note on your edit');
if (!defined('ERROR_INVALID_PAGENAME')) define('ERROR_INVALID_PAGENAME', 'This page name is invalid. Valid page names must start with a letter and contain only letters and numbers.');
if (!defined('ERROR_OVERWRITE_ALERT')) define('ERROR_OVERWRITE_ALERT', 'OVERWRITE ALERT: This page was modified by someone else while you were editing it.<br /> Please copy your changes and re-edit this page.');
if (!defined('ERROR_MISSING_EDIT_NOTE')) define('ERROR_MISSING_EDIT_NOTE', 'MISSING EDIT NOTE: Please fill in an edit note!');
if (!defined('ERROR_TAG_TOO_LONG')) define('ERROR_TAG_TOO_LONG', 'Tag too long! %d characters max.');
if (!defined('ERROR_NO_WRITE_ACCESS')) define('ERROR_NO_WRITE_ACCESS', 'You don\'t have write access to this page. You might need to register an account to be able to edit this page.');
if (!defined('ERROR_INVALID_PAGEID')) define('ERROR_INVALID_PAGEID', 'The revision id does not exist for the requested page');
if (!defined('MESSAGE_AUTO_RESIZE')) define('MESSAGE_AUTO_RESIZE', 'Clicking on %s will automatically truncate the tag to the correct size');
if (!defined('INPUT_SUBMIT_PREVIEW')) define('INPUT_SUBMIT_PREVIEW', 'Preview');
if (!defined('INPUT_SUBMIT_STORE')) define('INPUT_SUBMIT_STORE', 'Store');
if (!defined('INPUT_SUBMIT_REEDIT')) define('INPUT_SUBMIT_REEDIT', 'Re-edit');
if (!defined('INPUT_BUTTON_CANCEL')) define('INPUT_BUTTON_CANCEL', 'Cancel');
if (!defined('INPUT_SUBMIT_RENAME')) define('INPUT_SUBMIT_RENAME', 'Rename');
if (!defined('ACCESSKEY_STORE')) define('ACCESSKEY_STORE', 's');
if (!defined('ACCESSKEY_REEDIT')) define('ACCESSKEY_REEDIT', 'r');
if (!defined('ACCESSKEY_PREVIEW')) define('ACCESSKEY_PREVIEW', 'p');
if (!defined('SHOWCODE_LINK')) define('SHOWCODE_LINK', 'View formatting code for this page');
if (!defined('SHOWCODE_LINK_TITLE')) define('SHOWCODE_LINK_TITLE', 'Click to view page formatting code');
if (!defined('INHERIT_ACL_LABEL')) define('INHERIT_ACL_LABEL', 'Inherit ACLs (uncheck for default ACLs)');
if (!defined('INHERIT_ACL_LEGEND')) define('INHERIT_ACL_LEGEND', 'Inheritance of ACLs');
if (!defined('INHERIT_ACL_CAPTION')) define('INHERIT_ACL_CAPTION', 'Using ACLs from %s');
/**#@-*/
$note = '';
$inherit_acl = $this->GetConfigValue('inherit_acl');
if (isset($_POST['submit']) && ($_POST['submit'] == 'Preview') && ($user = $this->GetUser()) && ($user['doubleclickedit'] != 'N'))
{
$ondblclick = ' ondblclick=\'document.getElementById("reedit_id").click();\'';
//history.back() not working on IE. (changes are lost)
//however, history.back() works fine in FF, and this is the optimized choice
//TODO Optimization: Look $_SERVER['HTTP_USER_AGENT'] and use history.back() for good browsers like FF.
}
?>
<div class="page"<?php echo $ondblclick;?>>
<?php
if (!(preg_match(VALID_PAGENAME_PATTERN, $this->tag))) { //TODO use central regex library
echo '<em class="error">'.ERROR_INVALID_PAGENAME.'</em>';
}
elseif ($this->HasAccess("write") && $this->HasAccess("read"))
{
$newtag = $output = '';
// rename action
if (isset($_POST['newtag']))
$newtag = $_POST['newtag'];
if ($newtag !== '') $this->Redirect($this->Href('edit', $newtag));
$body = '';
$id = $this->page['id'];
if($_GET['id'])
$page = $this->LoadPageById(mysql_real_escape_string($_GET['id']));
if($page['tag'] != $this->page['tag'])
$this->Redirect($this->Href(), ERROR_INVALID_PAGEID);
else
$body = $page['body'];
$id = $page['id'];
if ($_POST)
// strip CRLF line endings down to LF to achieve consistency ... plus it saves database space.
// Note: these codes must remain enclosed in double-quotes to work! -- JsnX
$body = str_replace("\r\n", "\n", $_POST['body']);
// replace each 4 consecutive spaces at the start of a line with a tab
#$body = preg_replace("/\n[ ]{4}/", "\n\t", $body); # @@@ FIXME: misses first line and multiple sets of four spaces - JW 2005-01-16
# JW FIXED 2005-07-12
$pattern = '/^(\t*) {4}/m'; # m modifier: match ^ at start of line *and* at start of string;
$replace = "$1\t";
while (preg_match($pattern,$body))
$body = preg_replace($pattern,$replace,$body);
// we don't need to escape here, we do that just before display (i.e., treat note just like body!)
if (isset($_POST['note']))
$note = trim($_POST['note']);
// only if saving:
if ($_POST['submit'] == 'Store')
// check for overwriting
if ($this->page)
if ($this->page['id'] != $_POST['previous'])
$error = ERROR_OVERWRITE_ALERT;
// check for edit note if required
if (($this->config['require_edit_note'] == 1) && $_POST['note'] == '')
$error .= ERROR_MISSING_EDIT_NOTE;
$highlight_note = INPUT_ERROR_STYLE;
// store
if($inherit_acl && isset($_POST['inherit_acl'])) // config option activated? form option existing?
if($_POST['inherit_acl']) // form option checked?
{
// only write ACLs if they differ from their default value
$save_acls = FALSE;
if (isset($_POST['read_acl'])) if(!$this->isDefaultACL('read_acl', $_POST['read_acl'])) $save_acls = TRUE;
if (isset($_POST['write_acl'])) if(!$this->isDefaultACL('write_acl', $_POST['write_acl'])) $save_acls = TRUE;
if (isset($_POST['comment_acl'])) if(!$this->isDefaultACL('comment_acl', $_POST['comment_acl'])) $save_acls = TRUE;
if($save_acls)
{
$this->SaveACL($this->tag, 'read', $this->TrimACLs($_POST['read_acl']));
$this->SaveACL($this->tag, 'write', $this->TrimACLs($_POST['write_acl']));
$this->SaveACL($this->tag, 'comment', $this->TrimACLs($_POST['comment_acl']));
}
}
// fetch fields
$previous = $this->page['id'];
if (isset($_POST['previous'])) $previous = $_POST['previous'];
if (empty($body)) $body = $this->page['body'];
// replace each 4 consecutive spaces at the start of a line with a tab
#$body = preg_replace("/\n[ ]{4}/", "\n\t", $body); # @@@ FIXME: misses first line and multiple sets of four spaces - JW 2005-01-16
# JW FIXED 2005-07-12
$pattern = '/^(\t*) {4}/m'; # m modifier: match ^ at start of line *and* at start of string;
$replace = "$1\t";
while (preg_match($pattern,$body))
$body = preg_replace($pattern,$replace,$body);
// derive maximum length for a page name from the table structure if possible
if ($result = mysql_query("describe ".$this->config['table_prefix']."pages tag")) {
$field = mysql_fetch_assoc($result);
if (preg_match("/varchar\((\d+)\)/", $field['Type'], $matches)) $maxtaglen = $matches[1];
else
$maxtaglen = MAX_TAG_LENGTH;
// PREVIEW screen
//check if ACLs have been cloned in the step before
if(isset($_POST['read_acl']) || isset($_POST['write_acl']) || isset($_POST['comment_acl']) || isset($_POST['inherit_acl']))
$inherit_acl = $inherit_acl;
// so we use hsc_secure() on the edit note (as on the body)
$preview_buttons .= '<input size="'.MAX_EDIT_NOTE_LENGTH.'" type="text" name="note" value="'.$this->hsc_secure($note).'" '.$highlight_note.'/>'.LABEL_EDIT_NOTE.'<br />'."\n";
// hence hsc_secure() instead of htmlspecialchars_ent() which UNescapes entities!
// JW/2007-02-20: why is this? wouldn't it be easier for the person editing to show actual characters instead of entities?
'<input type="hidden" name="body" value="'.$this->hsc_secure($body).'" />'."\n"; #427
'<input type="hidden" name="inherit_acl" value="'.$_POST['inherit_acl'].'" />'."\n".
'<input type="hidden" name="read_acl" value="'.$_POST['read_acl'].'" />'."\n".
'<input type="hidden" name="write_acl" value="'.$_POST['write_acl'].'" />'."\n".
'<input type="hidden" name="comment_acl" value="'.$_POST['comment_acl'].'" />'."\n";
// RENAME screen
elseif (!$this->page && strlen($this->tag) > $maxtaglen)
// truncate tag to feed a backlinks-handler with the correct value. may be omited. it only works if the link to a backlinks-handler is built in the footer.
$this->tag = substr($this->tag, 0, $maxtaglen);
$output = '<em class="error">'.sprintf(ERROR_TAG_TOO_LONG, $maxtaglen).'</em><br />'."\n";
$output .= sprintf(MESSAGE_AUTO_RESIZE, INPUT_SUBMIT_RENAME).'<br /><br />'."\n";
$output .= $this->FormOpen('edit');
$output .= '<input name="newtag" size="'.MAX_TAG_LENGTH.'" value="'.$this->htmlspecialchars_ent($this->tag).'" />';
$output .= '<input name="submit" type="submit" value="'.INPUT_SUBMIT_RENAME.'" />'."\n";
// EDIT Screen
else
if (!empty($error))
// TODO not clear if this is/was intended as a URL parameter (GET), or a check box on the edito form (POST) ....
// would be nice as a checkbox, provided it is acted upon only when user is actually submitting - NOT on preview or re-edit
if (isset($_REQUEST['appendcomment'])) #312, #449
if(isset($_SERVER['HTTP_REFERER']) && $inherit_acl)
// Referring page gets refined in multiple steps until we got what we want
$referer = $_SERVER['HTTP_REFERER'];
$base_url = $this->GetConfigValue('base_url');
$rewrite_mode = $this->GetConfigValue('rewrite_mode');
if(stripos($referer, $base_url)!==FALSE)
sscanf($referer, $base_url."%s", &$referer);
if($rewrite_mode)
if(stripos($referer, '/edit')) sscanf($referer,"%s/edit",&$referer);
else
if(stripos($referer, '&edit')) sscanf($referer,"%s&edit",&$referer);
$ref_page = $this->LoadPage($referer);
if($ref_page)
$ref_ACLs = $this->LoadAllACLs($ref_page['tag']);
else
$ref_ACLs['read_acl'] = $this->GetConfigValue('default_read_acl');
$ref_ACLs['write_acl'] = $this->GetConfigValue('default_write_acl');
$ref_ACLs['comment_acl'] = $this->GetConfigValue('default_comment_acl');
if(isset($_POST['read_acl'])) $ref_ACLs['read_acl'] = $_POST['read_acl'];
if(isset($_POST['write_acl'])) $ref_ACLs['write_acl'] = $_POST['write_acl'];
if(isset($_POST['comment_acl'])) $ref_ACLs['comment_acl'] = $_POST['comment_acl'];
// hence hsc_secure() instead of htmlspecialchars_ent() which UNescapes entities!
// JW/2007-02-20: why is this? wouldn't it be easier for the person editing to show actual characters instead of entities?
'<div id="textarea_container">'."\n".
'<textarea id="body" name="body" rows="100" cols="20">'.$this->hsc_secure($body).'</textarea>'."\n". #427
'</div>'."\n";
// add Edit note
// so we use hsc_secure on the edit note (as on the body)
$output .= '<input size="'.MAX_EDIT_NOTE_LENGTH.'" type="text" name="note" value="'.$this->hsc_secure($note).'" '.$highlight_note.'/> '.LABEL_EDIT_NOTE.'<br />'."\n";
if($inherit_acl)
$output .= '<fieldset><legend>'.INHERIT_ACL_LEGEND.'</legend>'."\n".
'<input name="inherit_acl" type="checkbox" value="inherit_acl" id="inherit_acl"';
if(isset($_POST['inherit_acl'])) $output .= $_POST['inherit_acl'] ? 'checked="checked"' : '';
else $output .= 'checked="checked"';
$output .= ' /><label for="inherit_acl">'.INHERIT_ACL_LABEL.'</label>'."\n".
'<table class="acls">'."\n".
'<tr>'."\n".
'<td>'."\n".
'<strong><label for="read_acl">'.READ_ACL_LABEL.'</label></strong><br />'."\n".
'<textarea id="read_acl" name="read_acl" rows="4" cols="20">'.$ref_ACLs['read_acl'].'</textarea>'."\n".
'</td>'."\n".
'<td>'."\n".
'<strong><label for="write_acl">'.WRITE_ACL_LABEL.'</label></strong><br />'."\n".
'<textarea id="write_acl" name="write_acl" rows="4" cols="20">'.$ref_ACLs['write_acl'].'</textarea>'."\n".
'</td>'."\n".
'<td>'."\n".
'<strong><label for="comment_acl">'.COMMENT_ACL_LABEL.'</label></strong><br />'."\n".
'<textarea id="comment_acl" name="comment_acl" rows="4" cols="20">'.$ref_ACLs['comment_acl'].'</textarea>'."\n".
'</td>'."\n".
'</tr>'."\n".
'<caption>'.sprintf(INHERIT_ACL_CAPTION,$referer).'</caption>'."\n".
'</table>'."\n".
'</fieldset>'."\n";
if ($this->config['gui_editor'] == 1)
$output .= '<script type="text/javascript" src="3rdparty/plugins/wikkaedit/wikkaedit_data.js"></script>'."\n";
$output .= '<script type="text/javascript" src="3rdparty/plugins/wikkaedit/wikkaedit_search.js"></script>'."\n";
$output .= '<script type="text/javascript" src="3rdparty/plugins/wikkaedit/wikkaedit.js"></script>'."\n";
echo $output;
}
else
{
$message = '<em class="error">'.ERROR_NO_WRITE_ACCESS.'</em><br />'."\n".
"<br />\n".
'<a href="'.$this->Href('showcode').'" title="'.SHOWCODE_LINK_TITLE.'">'.SHOWCODE_LINK.'</a>'.
"<br />\n";
echo $message;
}
?>
</div>
Currently, Wikka might complain, that there's no function called 'isDefaultACL()'. That's because there's none, unless you paste this
function isDefaultACL($acl_type, $acl) // check if ACLs are the same as default
$def_acl = $this->TrimACLs($this->GetConfigValue('default_'.$acl_type));
if($def_acl == $this->TrimACLs($acl))
$output .= "<p>Kein Unterschied</p>";
return TRUE;
else
$output .= "<p>Unterschied gefunden</p>";
return FALSE;
into /libs/Wakka.class.php. I put it near the other functions concerning ACLs.
Deletions:
Almost at the end of the Link() function in libs/wakka.class.php you'll find this line
return ($linkedPage ? "<a href=\"".$this->Href($method, $linkedPage['tag'])."\" title=\"$title\">".$text."</a>" : "<a class=\"missingpage\" href=\"".$this->Href("edit", $tag)."\" title=\"Create this page\">".$text."</a>");%%
Might look somewhat different, as I have tuned it a little bit to fit my needs (memo: create a test installation with a native 1.1.6.2). Replace the line with this line (fit it to your installation as needed):
return ($linkedPage ? "<a href=\"".$this->Href($method, $linkedPage['tag'])."\" title=\"$title\">".$text."</a>" : "<a class=\"missingpage\" href=\"".$this->Href("edit", $tag, "page=".$this->GetPageTag())."\" title=\"Create this page\">".$text."</a>");%%
If a page is not existing in the Wikka database, it gets a link with the edit handler appended to it. I further append the tag of the current page to it.
In ##handlers/page/edit.php## find around l.45 our initialization stuff:
and replace by:
$inherit_acl = $this->config['inherit_acl'];
From above, next in line is around line 100 (original file) the part of storing the page with its new ACLs:
Replace this with:
if($inherit_acl)
if (isset($_POST['read_acl'])) $this->SaveACL($this->tag, 'read', $this->TrimACLs($_POST['read_acl']));
if (isset($_POST['write_acl'])) $this->SaveACL($this->tag, 'write', $this->TrimACLs($_POST['write_acl']));
if (isset($_POST['comment_acl'])) $this->SaveACL($this->tag, 'comment', $this->TrimACLs($_POST['comment_acl']));
Next is the preview part. We find it in the original file at around line 140:
// so we use htmlspecialchars on the edit note (as on the body)
$preview_buttons .= '<input size="'.MAX_EDIT_NOTE_LENGTH.'" type="text" name="note" value="'.htmlspecialchars($note).'" '.$highlight_note.'/>'.LABEL_EDIT_NOTE.'<br />'."\n";
// hence htmlspecialchars() instead of htmlspecialchars_ent() which UNescapes entities!
'<input type="hidden" name="body" value="'.htmlspecialchars($body).'" />'."\n";
Replace it with this piece of code:
//check if ACLs have been cloned in the step before and copy them to more readable variables
if(isset($_POST['read_acl']) || isset($_POST['write_acl']) || isset($_POST['comment_acl']))
$read_acl = $_POST['read_acl'];
$write_acl = $_POST['write_acl'];
$comment_acl = $_POST['comment_acl'];
// so we use htmlspecialchars on the edit note (as on the body)
$preview_buttons .= '<input size="'.MAX_EDIT_NOTE_LENGTH.'" type="text" name="note" value="'.htmlspecialchars($note).'" '.$highlight_note.'/>'.LABEL_EDIT_NOTE.'<br />'."\n";
// hence htmlspecialchars() instead of htmlspecialchars_ent() which UNescapes entities!
'<input type="hidden" name="body" value="'.htmlspecialchars($body).'" />'."\n";
'<input type="hidden" name="read_acl" value="'.$read_acl.'" />'."\n".
'<input type="hidden" name="write_acl" value="'.$write_acl.'" />'."\n".
'<input type="hidden" name="comment_acl" value="'.$comment_acl.'" />'."\n";
At this point, it doesn't matter if there has been activated inheriting of ACLs -- it's just for transporting the information we might or might not need to the preview and back.
The last part is the longest. We find it in the original ##handlers/page/edit.php## at around line 180
else # edit page
if ($error)
if (isset($_REQUEST['appendcomment']))
// hence htmlspecialchars() instead of htmlspecialchars_ent() which UNescapes entities!
'<textarea id="body" name="body">'.htmlspecialchars($body).'</textarea><br />'."\n";
//note add Edit
// so we use htmlspecialchars on the edit note (as on the body)
$output .= '<input size="'.MAX_EDIT_NOTE_LENGTH.'" type="text" name="note" value="'.htmlspecialchars($note).'" '.$highlight_note.'/> '.LABEL_EDIT_NOTE.'<br />'."\n";
$output .= '<input name="submit" type="submit" value="'.INPUT_SUBMIT_STORE.'" accesskey="'.ACCESSKEY_STORE.'" /> <input name="submit" type="submit" value="'.INPUT_SUBMIT_PREVIEW.'" accesskey="'.ACCESSKEY_PREVIEW.'" /> <input type="button" value="'.INPUT_BUTTON_CANCEL.'" onclick="document.location=\''.$this->Href('').'\';" />'."\n".
$this->FormClose();
if ($this->config['gui_editor'] == 1)
$output .= '<script type="text/javascript" src="3rdparty/plugins/wikiedit/protoedit.js"></script>'."\n".
'<script type="text/javascript" src="3rdparty/plugins/wikiedit/wikiedit2.js"></script>'."\n";
$output .= '<script type="text/javascript">'." wE = new WikiEdit(); wE.init('body','WikiEdit','editornamecss');".'</script>'."\n";
There is a lot of modifications of which some might be unneccessary. Perhaps someone finds ways to optimize this.
else # edit page
if ($error)
if (isset($_REQUEST['appendcomment']))
// has a referring page been appended?
$ref_page = '';
if (isset($_GET['page']) && $inherit_acl)
$ref_page = $this->LoadPage($_GET['page']);
if($ref_page)
$ref_ACLs = $this->LoadAllACLs($ref_page['tag']);
$read_acl = $ref_ACLs['read_acl'];
$write_acl = $ref_ACLs['write_acl'];
$comment_acl = $ref_ACLs['comment_acl'];
else
$read_acl = $this->GetConfigValue('default_read_acl');
$write_acl = $this->GetConfigValue('default_write_acl');
$comment_acl = $this->GetConfigValue('default_comment_acl');
// has ACLs been posted? if so copy them to a new variable
elseif(isset($_POST['read_acl']) || isset($_POST['write_acl']) || isset($_POST['comment_acl']))
$read_acl = $_POST['read_acl'];
$write_acl = $_POST['write_acl'];
$comment_acl = $_POST['comment_acl'];
else // disable ACLs editing
$read_acl = $this->ACLs['read_acl'];
$write_acl = $this->ACLs['write_acl'];
$comment_acl = $this->ACLs['comment_acl'];
// hence htmlspecialchars() instead of htmlspecialchars_ent() which UNescapes entities!
'<textarea id="body" name="body">'.htmlspecialchars($body).'</textarea><br />'."\n";
//note add Edit
// so we use htmlspecialchars on the edit note (as on the body)
$output .= '<input size="'.MAX_EDIT_NOTE_LENGTH.'" type="text" name="note" value="'.htmlspecialchars($note).'" '.$highlight_note.'/> '.LABEL_EDIT_NOTE.'<br />'."\n";
if($inherit_acl) $output .= '<table class="acls">'."\n".
'<tr>'."\n".
'<td>'."\n".
'<strong>'.READ_ACL_LABEL.'</strong><br />'."\n".
'<textarea name="read_acl" rows="4" cols="20">'.$read_acl.'</textarea>'."\n".
'</td>'."\n".
'<td>'."\n".
'<strong>'.WRITE_ACL_LABEL.'</strong><br />'."\n".
'<textarea name="write_acl" rows="4" cols="20">'.$write_acl.'</textarea>'."\n".
'</td>'."\n".
'<td>'."\n".
'<strong>'.COMMENT_ACL_LABEL.'</strong><br />'."\n".
'<textarea name="comment_acl" rows="4" cols="20">'.$comment_acl.'</textarea>'."\n".
'</td>'."\n".
'</tr>'."\n".
'</table>'."\n";
if ($this->config['gui_editor'] == 1)
$output .= '<script type="text/javascript" src="3rdparty/plugins/wikiedit/protoedit.js"></script>'."\n".
'<script type="text/javascript" src="3rdparty/plugins/wikiedit/wikiedit2.js"></script>'."\n";
$output .= '<script type="text/javascript">'." wE = new WikiEdit(); wE.init('body','WikiEdit','editornamecss');".'</script>'."\n";
Revision [19566]
Edited on 2008-02-18 11:36:42 by PaulP [revert my changes for 1.1.6.4 (which didn't work)]Additions:
From above, next in line is around line 100 (original file) the part of storing the page with its new ACLs:
Deletions:
//Store
Revision [19561]
Edited on 2008-02-13 16:49:29 by PaulP [revert my changes for 1.1.6.4 (which didn't work)]Additions:
From above, next in line is around line 150 (original file) the part of storing the page with its new ACLs:
//Store
//Store
Deletions:
Revision [18979]
Edited on 2008-01-28 00:13:29 by MasinAlDujaili [Modified links pointing to docs server]No Differences
Additions:
In ##handlers/page/edit.php## find around l.45 our initialization stuff:
//initialization
$error = '';
$highlight_note = '';
$ondblclick = ''; //#123
and replace by:
// ACL stuff
if (!defined('READ_ACL_LABEL')) define('READ_ACL_LABEL', 'Read ACL:');
if (!defined('WRITE_ACL_LABEL')) define('WRITE_ACL_LABEL', 'Write ACL:');
if (!defined('COMMENT_ACL_LABEL')) define('COMMENT_ACL_LABEL', 'Comment ACL:');
//initialization
$error = '';
$highlight_note = '';
$ondblclick = ''; //#123
$inherit_acl = $this->config['inherit_acl'];
From above, next in line is around line 100 (original file) the part of storing the page with its new ACLs:
if (!$error)
{
// only save if new body differs from old body
if ($body != $this->page['body']) {
// add page (revisions)
$this->SavePage($this->tag, $body, $note);
// now we render it internally so we can write the updated link table.
$this->ClearLinkTable();
$this->StartLinkTracking();
$dummy = $this->Header();
$dummy .= $this->Format($body);
$dummy .= $this->Footer();
$this->StopLinkTracking();
$this->WriteLinkTable();
$this->ClearLinkTable();
}
// forward
$this->Redirect($this->Href());
}
Replace this with:
if (!$error)
{
// only save if new body differs from old body
if ($body != $this->page['body']) {
// add page (revisions)
$this->SavePage($this->tag, $body, $note);
// now we render it internally so we can write the updated link table.
$this->ClearLinkTable();
$this->StartLinkTracking();
$dummy = $this->Header();
$dummy .= $this->Format($body);
$dummy .= $this->Footer();
$this->StopLinkTracking();
$this->WriteLinkTable();
$this->ClearLinkTable();
}
// Clone ACLs if requested
if($inherit_acl)
{
if (isset($_POST['read_acl'])) $this->SaveACL($this->tag, 'read', $this->TrimACLs($_POST['read_acl']));
if (isset($_POST['write_acl'])) $this->SaveACL($this->tag, 'write', $this->TrimACLs($_POST['write_acl']));
if (isset($_POST['comment_acl'])) $this->SaveACL($this->tag, 'comment', $this->TrimACLs($_POST['comment_acl']));
}
// forward
$this->Redirect($this->Href());
}
Next is the preview part. We find it in the original file at around line 140:
if (isset($_POST['submit']) && $_POST['submit'] == INPUT_SUBMIT_PREVIEW) # preview output
{
$preview_buttons = '<hr />'."\n";
// We need to escape ALL entity refs before display so we display them _as_ entities instead of interpreting them
// so we use htmlspecialchars on the edit note (as on the body)
if ($this->config['require_edit_note'] != 2) //check if edit_notes are enabled
{
$preview_buttons .= '<input size="'.MAX_EDIT_NOTE_LENGTH.'" type="text" name="note" value="'.htmlspecialchars($note).'" '.$highlight_note.'/>'.LABEL_EDIT_NOTE.'<br />'."\n";
}
$preview_buttons .= '<input name="submit" type="submit" value="'.INPUT_SUBMIT_STORE.'" accesskey="'.ACCESSKEY_STORE.'" />'."\n".
'<input name="submit" type="submit" value="'.INPUT_SUBMIT_REEDIT.'" accesskey="'.ACCESSKEY_REEDIT.'" id="reedit_id" />'."\n".
'<input type="button" value="'.INPUT_BUTTON_CANCEL.'" onclick="document.location=\''.$this->href('').'\';" />'."\n";
$output .= '<div class="previewhead">'.PREVIEW_HEADER.'</div>'."\n";
$output .= $this->Format($body);
$this->FormOpen('edit')."\n".
'<input type="hidden" name="body" value="'.htmlspecialchars($body).'" />'."\n";
$output .= "<br />\n".$preview_buttons.$this->FormClose()."\n";
}
Replace it with this piece of code:
if (isset($_POST['submit']) && $_POST['submit'] == INPUT_SUBMIT_PREVIEW) # preview output
{
//check if ACLs have been cloned in the step before and copy them to more readable variables
if(isset($_POST['read_acl']) || isset($_POST['write_acl']) || isset($_POST['comment_acl']))
{
$read_acl = $_POST['read_acl'];
$write_acl = $_POST['write_acl'];
$comment_acl = $_POST['comment_acl'];
}
else //disable inheriting of ACLs
{
$inherit_acl = 0;
}
$preview_buttons = '<hr />'."\n";
// We need to escape ALL entity refs before display so we display them _as_ entities instead of interpreting them
// so we use htmlspecialchars on the edit note (as on the body)
if ($this->config['require_edit_note'] != 2) //check if edit_notes are enabled
{
$preview_buttons .= '<input size="'.MAX_EDIT_NOTE_LENGTH.'" type="text" name="note" value="'.htmlspecialchars($note).'" '.$highlight_note.'/>'.LABEL_EDIT_NOTE.'<br />'."\n";
}
$preview_buttons .= '<input name="submit" type="submit" value="'.INPUT_SUBMIT_STORE.'" accesskey="'.ACCESSKEY_STORE.'" />'."\n".
'<input name="submit" type="submit" value="'.INPUT_SUBMIT_REEDIT.'" accesskey="'.ACCESSKEY_REEDIT.'" id="reedit_id" />'."\n".
'<input type="button" value="'.INPUT_BUTTON_CANCEL.'" onclick="document.location=\''.$this->href('').'\';" />'."\n";
$output .= '<div class="previewhead">'.PREVIEW_HEADER.'</div>'."\n";
$output .= $this->Format($body);
$this->FormOpen('edit')."\n".
'<input type="hidden" name="body" value="'.htmlspecialchars($body).'" />'."\n";
if($inherit_acl) $output .=
'<input type="hidden" name="read_acl" value="'.$read_acl.'" />'."\n".
'<input type="hidden" name="write_acl" value="'.$write_acl.'" />'."\n".
'<input type="hidden" name="comment_acl" value="'.$comment_acl.'" />'."\n";
$output .= "<br />\n".$preview_buttons.$this->FormClose()."\n";
}
At this point, it doesn't matter if there has been activated inheriting of ACLs -- it's just for transporting the information we might or might not need to the preview and back.
The last part is the longest. We find it in the original ##handlers/page/edit.php## at around line 180
else # edit page
{
// display form
if ($error)
{
$output .= '<em class="error">'.$error.'</em>'."\n";
}
// append a comment?
if (isset($_REQUEST['appendcomment']))
{
$body = trim($body)."\n\n----\n\n--".$this->GetUserName().' ('.strftime("%c").')';
}
if ($this->config['require_edit_note'] != 2) //check if edit_notes are enabled
{
$output .= '<input size="'.MAX_EDIT_NOTE_LENGTH.'" type="text" name="note" value="'.htmlspecialchars($note).'" '.$highlight_note.'/> '.LABEL_EDIT_NOTE.'<br />'."\n";
}
//finish
$output .= '<input name="submit" type="submit" value="'.INPUT_SUBMIT_STORE.'" accesskey="'.ACCESSKEY_STORE.'" /> <input name="submit" type="submit" value="'.INPUT_SUBMIT_PREVIEW.'" accesskey="'.ACCESSKEY_PREVIEW.'" /> <input type="button" value="'.INPUT_BUTTON_CANCEL.'" onclick="document.location=\''.$this->Href('').'\';" />'."\n".
$this->FormClose();
if ($this->config['gui_editor'] == 1)
{
$output .= '<script type="text/javascript" src="3rdparty/plugins/wikiedit/protoedit.js"></script>'."\n".
'<script type="text/javascript" src="3rdparty/plugins/wikiedit/wikiedit2.js"></script>'."\n";
$output .= '<script type="text/javascript">'." wE = new WikiEdit(); wE.init('body','WikiEdit','editornamecss');".'</script>'."\n";
}
}
There is a lot of modifications of which some might be unneccessary. Perhaps someone finds ways to optimize this.
else # edit page
{
// display form
if ($error)
{
$output .= '<em class="error">'.$error.'</em>'."\n";
}
// append a comment?
if (isset($_REQUEST['appendcomment']))
{
$body = trim($body)."\n\n----\n\n--".$this->GetUserName().' ('.strftime("%c").')';
}
// has a referring page been appended?
if (isset($_GET['page']) && $inherit_acl)
{
$ref_page = $this->LoadPage($_GET['page']);
if($ref_page)
{
$ref_ACLs = $this->LoadAllACLs($ref_page['tag']);
$read_acl = $ref_ACLs['read_acl'];
$write_acl = $ref_ACLs['write_acl'];
$comment_acl = $ref_ACLs['comment_acl'];
}
else
{
$read_acl = $this->GetConfigValue('default_read_acl');
$write_acl = $this->GetConfigValue('default_write_acl');
$comment_acl = $this->GetConfigValue('default_comment_acl');
}
}
// has ACLs been posted? if so copy them to a new variable
elseif(isset($_POST['read_acl']) || isset($_POST['write_acl']) || isset($_POST['comment_acl']))
{
$read_acl = $_POST['read_acl'];
$write_acl = $_POST['write_acl'];
$comment_acl = $_POST['comment_acl'];
}
else // disable ACLs editing
{
$read_acl = $this->ACLs['read_acl'];
$write_acl = $this->ACLs['write_acl'];
$comment_acl = $this->ACLs['comment_acl'];
$inherit_acl = 0;
}
if ($this->config['require_edit_note'] != 2) //check if edit_notes are enabled
{
$output .= '<input size="'.MAX_EDIT_NOTE_LENGTH.'" type="text" name="note" value="'.htmlspecialchars($note).'" '.$highlight_note.'/> '.LABEL_EDIT_NOTE.'<br />'."\n";
}
//finish
$output .= '<input name="submit" type="submit" value="'.INPUT_SUBMIT_STORE.'" accesskey="'.ACCESSKEY_STORE.'" /> <input name="submit" type="submit" value="'.INPUT_SUBMIT_PREVIEW.'" accesskey="'.ACCESSKEY_PREVIEW.'" /> <input type="button" value="'.INPUT_BUTTON_CANCEL.'" onclick="document.location=\''.$this->Href('').'\';" />'."\n";
if($inherit_acl) $output .= '<table class="acls">'."\n".
'<tr>'."\n".
'<td>'."\n".
'<strong>'.READ_ACL_LABEL.'</strong><br />'."\n".
'<textarea name="read_acl" rows="4" cols="20">'.$read_acl.'</textarea>'."\n".
'</td>'."\n".
'<td>'."\n".
'<strong>'.WRITE_ACL_LABEL.'</strong><br />'."\n".
'<textarea name="write_acl" rows="4" cols="20">'.$write_acl.'</textarea>'."\n".
'</td>'."\n".
'<td>'."\n".
'<strong>'.COMMENT_ACL_LABEL.'</strong><br />'."\n".
'<textarea name="comment_acl" rows="4" cols="20">'.$comment_acl.'</textarea>'."\n".
'</td>'."\n".
'</tr>'."\n".
'</table>'."\n";
$output .= $this->FormClose();
if ($this->config['gui_editor'] == 1)
{
$output .= '<script type="text/javascript" src="3rdparty/plugins/wikiedit/protoedit.js"></script>'."\n".
'<script type="text/javascript" src="3rdparty/plugins/wikiedit/wikiedit2.js"></script>'."\n";
$output .= '<script type="text/javascript">'." wE = new WikiEdit(); wE.init('body','WikiEdit','editornamecss');".'</script>'."\n";
}
}
What I almost forgot: You might want to disable this feature, thus you can extend your ##wikka.config.php## with this line, where 1 means on and 0 means off:
'inherit_acl' => '1',
In fact, without this line you won't get anything different.
//initialization
$error = '';
$highlight_note = '';
$ondblclick = ''; //#123
and replace by:
// ACL stuff
if (!defined('READ_ACL_LABEL')) define('READ_ACL_LABEL', 'Read ACL:');
if (!defined('WRITE_ACL_LABEL')) define('WRITE_ACL_LABEL', 'Write ACL:');
if (!defined('COMMENT_ACL_LABEL')) define('COMMENT_ACL_LABEL', 'Comment ACL:');
//initialization
$error = '';
$highlight_note = '';
$ondblclick = ''; //#123
$inherit_acl = $this->config['inherit_acl'];
From above, next in line is around line 100 (original file) the part of storing the page with its new ACLs:
if (!$error)
{
// only save if new body differs from old body
if ($body != $this->page['body']) {
// add page (revisions)
$this->SavePage($this->tag, $body, $note);
// now we render it internally so we can write the updated link table.
$this->ClearLinkTable();
$this->StartLinkTracking();
$dummy = $this->Header();
$dummy .= $this->Format($body);
$dummy .= $this->Footer();
$this->StopLinkTracking();
$this->WriteLinkTable();
$this->ClearLinkTable();
}
// forward
$this->Redirect($this->Href());
}
Replace this with:
if (!$error)
{
// only save if new body differs from old body
if ($body != $this->page['body']) {
// add page (revisions)
$this->SavePage($this->tag, $body, $note);
// now we render it internally so we can write the updated link table.
$this->ClearLinkTable();
$this->StartLinkTracking();
$dummy = $this->Header();
$dummy .= $this->Format($body);
$dummy .= $this->Footer();
$this->StopLinkTracking();
$this->WriteLinkTable();
$this->ClearLinkTable();
}
// Clone ACLs if requested
if($inherit_acl)
{
if (isset($_POST['read_acl'])) $this->SaveACL($this->tag, 'read', $this->TrimACLs($_POST['read_acl']));
if (isset($_POST['write_acl'])) $this->SaveACL($this->tag, 'write', $this->TrimACLs($_POST['write_acl']));
if (isset($_POST['comment_acl'])) $this->SaveACL($this->tag, 'comment', $this->TrimACLs($_POST['comment_acl']));
}
// forward
$this->Redirect($this->Href());
}
Next is the preview part. We find it in the original file at around line 140:
if (isset($_POST['submit']) && $_POST['submit'] == INPUT_SUBMIT_PREVIEW) # preview output
{
$preview_buttons = '<hr />'."\n";
// We need to escape ALL entity refs before display so we display them _as_ entities instead of interpreting them
// so we use htmlspecialchars on the edit note (as on the body)
if ($this->config['require_edit_note'] != 2) //check if edit_notes are enabled
{
$preview_buttons .= '<input size="'.MAX_EDIT_NOTE_LENGTH.'" type="text" name="note" value="'.htmlspecialchars($note).'" '.$highlight_note.'/>'.LABEL_EDIT_NOTE.'<br />'."\n";
}
$preview_buttons .= '<input name="submit" type="submit" value="'.INPUT_SUBMIT_STORE.'" accesskey="'.ACCESSKEY_STORE.'" />'."\n".
'<input name="submit" type="submit" value="'.INPUT_SUBMIT_REEDIT.'" accesskey="'.ACCESSKEY_REEDIT.'" id="reedit_id" />'."\n".
'<input type="button" value="'.INPUT_BUTTON_CANCEL.'" onclick="document.location=\''.$this->href('').'\';" />'."\n";
$output .= '<div class="previewhead">'.PREVIEW_HEADER.'</div>'."\n";
$output .= $this->Format($body);
$this->FormOpen('edit')."\n".
'<input type="hidden" name="body" value="'.htmlspecialchars($body).'" />'."\n";
$output .= "<br />\n".$preview_buttons.$this->FormClose()."\n";
}
Replace it with this piece of code:
if (isset($_POST['submit']) && $_POST['submit'] == INPUT_SUBMIT_PREVIEW) # preview output
{
//check if ACLs have been cloned in the step before and copy them to more readable variables
if(isset($_POST['read_acl']) || isset($_POST['write_acl']) || isset($_POST['comment_acl']))
{
$read_acl = $_POST['read_acl'];
$write_acl = $_POST['write_acl'];
$comment_acl = $_POST['comment_acl'];
}
else //disable inheriting of ACLs
{
$inherit_acl = 0;
}
$preview_buttons = '<hr />'."\n";
// We need to escape ALL entity refs before display so we display them _as_ entities instead of interpreting them
// so we use htmlspecialchars on the edit note (as on the body)
if ($this->config['require_edit_note'] != 2) //check if edit_notes are enabled
{
$preview_buttons .= '<input size="'.MAX_EDIT_NOTE_LENGTH.'" type="text" name="note" value="'.htmlspecialchars($note).'" '.$highlight_note.'/>'.LABEL_EDIT_NOTE.'<br />'."\n";
}
$preview_buttons .= '<input name="submit" type="submit" value="'.INPUT_SUBMIT_STORE.'" accesskey="'.ACCESSKEY_STORE.'" />'."\n".
'<input name="submit" type="submit" value="'.INPUT_SUBMIT_REEDIT.'" accesskey="'.ACCESSKEY_REEDIT.'" id="reedit_id" />'."\n".
'<input type="button" value="'.INPUT_BUTTON_CANCEL.'" onclick="document.location=\''.$this->href('').'\';" />'."\n";
$output .= '<div class="previewhead">'.PREVIEW_HEADER.'</div>'."\n";
$output .= $this->Format($body);
$this->FormOpen('edit')."\n".
'<input type="hidden" name="body" value="'.htmlspecialchars($body).'" />'."\n";
if($inherit_acl) $output .=
'<input type="hidden" name="read_acl" value="'.$read_acl.'" />'."\n".
'<input type="hidden" name="write_acl" value="'.$write_acl.'" />'."\n".
'<input type="hidden" name="comment_acl" value="'.$comment_acl.'" />'."\n";
$output .= "<br />\n".$preview_buttons.$this->FormClose()."\n";
}
At this point, it doesn't matter if there has been activated inheriting of ACLs -- it's just for transporting the information we might or might not need to the preview and back.
The last part is the longest. We find it in the original ##handlers/page/edit.php## at around line 180
else # edit page
{
// display form
if ($error)
{
$output .= '<em class="error">'.$error.'</em>'."\n";
}
// append a comment?
if (isset($_REQUEST['appendcomment']))
{
$body = trim($body)."\n\n----\n\n--".$this->GetUserName().' ('.strftime("%c").')';
}
if ($this->config['require_edit_note'] != 2) //check if edit_notes are enabled
{
$output .= '<input size="'.MAX_EDIT_NOTE_LENGTH.'" type="text" name="note" value="'.htmlspecialchars($note).'" '.$highlight_note.'/> '.LABEL_EDIT_NOTE.'<br />'."\n";
}
//finish
$output .= '<input name="submit" type="submit" value="'.INPUT_SUBMIT_STORE.'" accesskey="'.ACCESSKEY_STORE.'" /> <input name="submit" type="submit" value="'.INPUT_SUBMIT_PREVIEW.'" accesskey="'.ACCESSKEY_PREVIEW.'" /> <input type="button" value="'.INPUT_BUTTON_CANCEL.'" onclick="document.location=\''.$this->Href('').'\';" />'."\n".
$this->FormClose();
if ($this->config['gui_editor'] == 1)
{
$output .= '<script type="text/javascript" src="3rdparty/plugins/wikiedit/protoedit.js"></script>'."\n".
'<script type="text/javascript" src="3rdparty/plugins/wikiedit/wikiedit2.js"></script>'."\n";
$output .= '<script type="text/javascript">'." wE = new WikiEdit(); wE.init('body','WikiEdit','editornamecss');".'</script>'."\n";
}
}
There is a lot of modifications of which some might be unneccessary. Perhaps someone finds ways to optimize this.
else # edit page
{
// display form
if ($error)
{
$output .= '<em class="error">'.$error.'</em>'."\n";
}
// append a comment?
if (isset($_REQUEST['appendcomment']))
{
$body = trim($body)."\n\n----\n\n--".$this->GetUserName().' ('.strftime("%c").')';
}
// has a referring page been appended?
if (isset($_GET['page']) && $inherit_acl)
{
$ref_page = $this->LoadPage($_GET['page']);
if($ref_page)
{
$ref_ACLs = $this->LoadAllACLs($ref_page['tag']);
$read_acl = $ref_ACLs['read_acl'];
$write_acl = $ref_ACLs['write_acl'];
$comment_acl = $ref_ACLs['comment_acl'];
}
else
{
$read_acl = $this->GetConfigValue('default_read_acl');
$write_acl = $this->GetConfigValue('default_write_acl');
$comment_acl = $this->GetConfigValue('default_comment_acl');
}
}
// has ACLs been posted? if so copy them to a new variable
elseif(isset($_POST['read_acl']) || isset($_POST['write_acl']) || isset($_POST['comment_acl']))
{
$read_acl = $_POST['read_acl'];
$write_acl = $_POST['write_acl'];
$comment_acl = $_POST['comment_acl'];
}
else // disable ACLs editing
{
$read_acl = $this->ACLs['read_acl'];
$write_acl = $this->ACLs['write_acl'];
$comment_acl = $this->ACLs['comment_acl'];
$inherit_acl = 0;
}
if ($this->config['require_edit_note'] != 2) //check if edit_notes are enabled
{
$output .= '<input size="'.MAX_EDIT_NOTE_LENGTH.'" type="text" name="note" value="'.htmlspecialchars($note).'" '.$highlight_note.'/> '.LABEL_EDIT_NOTE.'<br />'."\n";
}
//finish
$output .= '<input name="submit" type="submit" value="'.INPUT_SUBMIT_STORE.'" accesskey="'.ACCESSKEY_STORE.'" /> <input name="submit" type="submit" value="'.INPUT_SUBMIT_PREVIEW.'" accesskey="'.ACCESSKEY_PREVIEW.'" /> <input type="button" value="'.INPUT_BUTTON_CANCEL.'" onclick="document.location=\''.$this->Href('').'\';" />'."\n";
if($inherit_acl) $output .= '<table class="acls">'."\n".
'<tr>'."\n".
'<td>'."\n".
'<strong>'.READ_ACL_LABEL.'</strong><br />'."\n".
'<textarea name="read_acl" rows="4" cols="20">'.$read_acl.'</textarea>'."\n".
'</td>'."\n".
'<td>'."\n".
'<strong>'.WRITE_ACL_LABEL.'</strong><br />'."\n".
'<textarea name="write_acl" rows="4" cols="20">'.$write_acl.'</textarea>'."\n".
'</td>'."\n".
'<td>'."\n".
'<strong>'.COMMENT_ACL_LABEL.'</strong><br />'."\n".
'<textarea name="comment_acl" rows="4" cols="20">'.$comment_acl.'</textarea>'."\n".
'</td>'."\n".
'</tr>'."\n".
'</table>'."\n";
$output .= $this->FormClose();
if ($this->config['gui_editor'] == 1)
{
$output .= '<script type="text/javascript" src="3rdparty/plugins/wikiedit/protoedit.js"></script>'."\n".
'<script type="text/javascript" src="3rdparty/plugins/wikiedit/wikiedit2.js"></script>'."\n";
$output .= '<script type="text/javascript">'." wE = new WikiEdit(); wE.init('body','WikiEdit','editornamecss');".'</script>'."\n";
}
}
What I almost forgot: You might want to disable this feature, thus you can extend your ##wikka.config.php## with this line, where 1 means on and 0 means off:
'inherit_acl' => '1',
In fact, without this line you won't get anything different.
Deletions:
Replace it with this code block:
if (isset($_GET['page']) $ref_page = $_GET['page'];
'<input type="hidden" name="previous" value="'.$previous.'" />'."\n";
if ($ref_page != '') $output .= '<input type="hidden" name="page" value="'.$ref_page.'" />'."\n";
**This code is not tested!** It's still under development; I publish this just for review by more experienced developers.
In our next episode we will see how I'll incredibly fail at cloning the ACL. Coming soon to a Wiki near you!
