", "index");
};*/
// do not change this line, you fool. In fact, don't change anything! Ever!
define("WAKKA_VERSION", "0.1.1");
define("WIKINI_VERSION", "0.4.4");
// start the compute time
list($g_usec, $g_sec) = explode(" ",microtime());
define ("t_start", (float)$g_usec + (float)$g_sec);
$t_SQL=0;
class p
{
var $dblink;
var $page;
var $tag;
var $parameter = array();
var $queryLog = array();
var $interwiki = array();
var $VERSION;
var $CookiePath = '/';
// constructor
function p($config)
{
$this->config = $config;
// some host do not allow mysql_pconnect
$this->dblink = @mysql_connect (
$this->config["mysql_host"],
$this->config["mysql_user"],
$this->config["mysql_password"]);
if ($this->dblink)
{
if (!@mysql_select_db($this->config["mysql_database"], $this->dblink))
{
@mysql_close($this->dblink);
$this->dblink = false;
}
}
$this->VERSION = WAKKA_VERSION;
//determine le chemin pour le cookie
$a = parse_url($this->GetConfigValue('base_url'));
$this->CookiePath = dirname($a['path']);
if ($this->CookiePath != '/') $this->CookiePath .= '/';
}
// DATABASE
function Query($query)
{
if($this->GetConfigValue("debug")) $start = $this->GetMicroTime();
if (!$result = mysql_query($query, $this->dblink))
{
ob_end_clean();
die("Query failed: ".$query." (".mysql_error().")");
}
if($this->GetConfigValue("debug"))
{
$time = $this->GetMicroTime() - $start;
$this->queryLog[] = array(
"query" => $query,
"time" => $time);
}
return $result;
}
function LoadSingle($query) { if ($data = $this->LoadAll($query)) return $data[0]; }
function LoadAll($query)
{
$data=array();
if ($r = $this->Query($query))
{
while ($row = mysql_fetch_assoc($r)) $data[] = $row;
mysql_free_result($r);
}
return $data;
}
// MISC
function GetMicroTime() { list($usec, $sec) = explode(" ",microtime()); return ((float)$usec + (float)$sec); }
function IncludeBuffered($filename, $notfoundText = "", $vars = "", $path = "")
{
if ($path) $dirs = explode(":", $path);
else $dirs = array("");
foreach($dirs as $dir)
{
if ($dir) $dir .= "/";
$fullfilename = $dir.$filename;
if (file_exists($fullfilename))
{
if (is_array($vars)) extract($vars);
ob_start();
include($fullfilename);
$output = ob_get_contents();
ob_end_clean();
return $output;
}
}
if ($notfoundText) return $notfoundText;
else return false;
}
// VARIABLES
function GetPageTag() { return $this->tag; }
function GetPageTime() { return $this->page["time"]; }
function GetMethod() { return $this->method; }
function GetConfigValue($name) { return $this->config[$name]; }
function GetindexName() { return $this->GetConfigValue("index_name"); }
function GetindexVersion() { return $this->VERSION; }
function GetWikiNiVersion() { return WIKINI_VERSION; }
// PAGES
function LoadPage($tag, $time = "", $cache = 1) {
// retrieve from cache
if (!$time && $cache && ($cachedPage = $this->GetCachedPage($tag))) { $page = $cachedPage;}
// load page
if (!isset($page)) $page = $this->LoadSingle("select * from ".$this->config["table_prefix"]."pages where tag = '".mysql_escape_string($tag)."' ".($time ? "and time = '".mysql_escape_string($time)."'" : "and latest = 'Y'")." limit 1");
// cache result
if (!$time) $this->CachePage($page);
return $page;
}
function GetCachedPage($tag) {return (isset($this->pageCache[$tag]) ? $this->pageCache[$tag] : ''); }
function CachePage($page) { $this->pageCache[$page["tag"]] = $page; }
function SetPage($page) { $this->page = $page; if ($this->page["tag"]) $this->tag = $this->page["tag"]; }
function LoadPageById($id) { return $this->LoadSingle("select * from ".$this->config["table_prefix"]."pages where id = '".mysql_escape_string($id)."' limit 1"); }
function LoadRevisions($page) { return $this->LoadAll("select * from ".$this->config["table_prefix"]."pages where tag = '".mysql_escape_string($page)."' order by time desc"); }
function LoadPagesLinkingTo($tag) { return $this->LoadAll("select from_tag as tag from ".$this->config["table_prefix"]."links where to_tag = '".mysql_escape_string($tag)."' order by tag"); }
function LoadRecentlyChanged($limit=50) {
$limit= (int) $limit;
if ($pages = $this->LoadAll("select tag, time, user, owner from ".$this->config["table_prefix"]."pages where latest = 'Y' and comment_on = '' order by time desc limit $limit"))
{
foreach ($pages as $page)
{
$this->CachePage($page);
}
return $pages;
}
}
function LoadAllPages() { return $this->LoadAll("select * from ".$this->config["table_prefix"]."pages where latest = 'Y' order by tag"); }
function FullTextSearch($q) { return $this->LoadAll("select * from ".$this->config["table_prefix"]."pages where latest = 'Y' and match(tag, body) against('".mysql_escape_string($q)."')"); }
function LoadWantedPages() { return $this->LoadAll("select distinct ".$this->config["table_prefix"]."links.to_tag as tag,count(".$this->config["table_prefix"]."links.from_tag) as count from ".$this->config["table_prefix"]."links left join ".$this->config["table_prefix"]."pages on ".$this->config["table_prefix"]."links.to_tag = ".$this->config["table_prefix"]."pages.tag where ".$this->config["table_prefix"]."pages.tag is NULL group by tag order by count desc"); }
function LoadOrphanedPages() { return $this->LoadAll("select distinct tag from ".$this->config["table_prefix"]."pages left join ".$this->config["table_prefix"]."links on ".$this->config["table_prefix"]."pages.tag = ".$this->config["table_prefix"]."links.to_tag where ".$this->config["table_prefix"]."links.to_tag is NULL and ".$this->config["table_prefix"]."pages.comment_on = '' order by tag"); }
function IsOrphanedPage($tag) { return $this->LoadAll("select distinct tag from ".$this->config["table_prefix"]."pages left join ".$this->config["table_prefix"]."links on ".$this->config["table_prefix"]."pages.tag = ".$this->config["table_prefix"]."links.to_tag where ".$this->config["table_prefix"]."links.to_tag is NULL and ".$this->config["table_prefix"]."pages.comment_on ='' and tag='".mysql_escape_string($tag)."'"); }
function DeleteOrphanedPage($tag) {
$this->Query("delete from ".$this->config["table_prefix"]."pages where tag='".mysql_escape_string($tag)."' ");
$this->Query("delete from ".$this->config["table_prefix"]."links where from_tag='".mysql_escape_string($tag)."' ");
$this->Query("delete from ".$this->config["table_prefix"]."acls where page_tag='".mysql_escape_string($tag)."' ");
$this->Query("delete from ".$this->config["table_prefix"]."referrers where page_tag='".mysql_escape_string($tag)."' ");
}
function SavePage($tag, $body, $comment_on = "") {
// get current user
$user = $this->GetUserName();
//die($tag);
// TODO: check write privilege
if ($comment_on ? $this->HasAccess("comment", $comment_on)
: $this->HasAccess("write", $tag))
{
// is page new?
if (!$oldPage = $this->LoadPage($tag))
{
// create default write acl. store empty write ACL for comments.
$this->SaveAcl($tag, "write", ($comment_on ? "" : $this->GetConfigValue("default_write_acl")));
// create default read acl
$this->SaveAcl($tag, "read", $this->GetConfigValue("default_read_acl"));
// create default comment acl.
$this->SaveAcl($tag, "comment", $this->GetConfigValue("default_comment_acl"));
// current user is owner; if user is logged in! otherwise, no owner.
if ($this->GetUser()) $owner = $user;
else $owner = '';
}
else
{
// aha! page isn't new. keep owner!
$owner = $oldPage["owner"];
}
// set all other revisions to old
$this->Query("update ".$this->config["table_prefix"]."pages set latest = 'N' where tag = '".mysql_Escape_string($tag)."'");
// add new revision
$this->Query("insert into ".$this->config["table_prefix"]."pages set ".
"tag = '".mysql_escape_string($tag)."', ".
($comment_on ? "comment_on = '".mysql_escape_string($comment_on)."', " : "").
"time = now(), ".
"owner = '".mysql_escape_string($owner)."', ".
"user = '".mysql_escape_string($user)."', ".
"latest = 'Y', ".
"body = '".mysql_escape_string(chop($body))."'");
}
include("update_rss.php");
}
function PurgePages() {
if ($days = $this->GetConfigValue("pages_purge_time")) {
// Selection of pages which can be deleted
$pages = $this->LoadAll("select distinct tag, time from ".$this->config["table_prefix"]."pages where time < date_sub(now(), interval '".mysql_escape_string($days)."' day) and latest = 'N' order by time asc");
foreach ($pages as $page) {
// Deletion if there are more than 2 versions avalaible (TODO : parameter ?)
$tags=$this->LoadAll("select distinct tag from ".$this->config["table_prefix"]."pages where tag = '".mysql_escape_string($page['tag'])."' group by tag having count(*) > 2 order by tag");
foreach ($tags as $tag) {
$this->Query("delete from ".$this->config["table_prefix"]."pages where time = '".mysql_escape_string($page['time'])."' and tag = '".mysql_escape_string($tag['tag'])."'");
}
}
}
}
// COOKIES
function SetSessionCookie($name, $value) { SetCookie($name, $value, 0, $this->CookiePath); $_COOKIE[$name] = $value; }
function SetPersistentCookie($name, $value, $remember = 0) { SetCookie($name, $value, time() + ($remember ? 90*24*60*60 : 60 * 60), $this->CookiePath); $_COOKIE[$name] = $value; }
function DeleteCookie($name) { SetCookie($name, "", 1, $this->CookiePath); $_COOKIE[$name] = ""; }
function GetCookie($name) { return $_COOKIE[$name]; }
// HTTP/REQUEST/LINK RELATED
function SetMessage($message) { $_SESSION["message"] = $message; }
function GetMessage()
{
if (isset($_SESSION["message"])) $message = $_SESSION["message"];
else $message = "";
$_SESSION["message"] = "";
return $message;
}
function Redirect($url)
{
header("Location: $url");
exit;
}
// returns just PageName[/method].
function MiniHref($method = "", $tag = "")
{
if (!$tag = trim($tag)) $tag = $this->tag;
return $tag.($method ? "/".$method : "");
}
// returns the full url to a page/method.
function Href($method = "", $tag = "", $params = "")
{
$href = $this->config["base_url"].$this->MiniHref($method, $tag);
if ($params)
{
$href .= ($this->config["rewrite_mode"] ? "?" : "&").$params;
}
return $href;
}
function Link($tag, $method = "", $text = "", $track = 1)
{
$tag=htmlspecialchars($tag); //avoid xss
$text=htmlspecialchars($text); //paranoiac again
$text = preg_replace('/&(\\#[xX][a-fA-F0-9]+|\\#[0-9]+|[a-zA-Z0-9]+);/', '&$1;', $text);
if (!$text) $text = $tag;
// is this an interwiki link?
if (preg_match("/^([A-Z][A-Z,a-z]+)[:]([A-Z,a-z,0-9]*)$/s", $tag, $matches))
{
$tag = $this->GetinterwikiUrl($matches[1], $matches[2]);
return "<a href=\"$tag\">$text (interwiki)</a>";
}
// is this a full link? ie, does it contain non alpha-numeric characters?
// Note : [:alnum:] is equivalent [0-9A-Za-z]
// [^[:alnum:]] means : some caracters other than [0-9A-Za-z]
// For example : "www.adress.com", "mailto:adress@domain.com", "http://www.adress.com"
else if (preg_match("/[^[:alnum:]]/", $tag))
{
// check for email addresses
if (preg_match("/^[\w.-]+\@[\w.-]+$/", $tag))
{
$tag = "mailto:".$tag;
}
// check for protocol-less URLs
else if (!preg_match("/:\/\//", $tag))
{
$tag = "http://".$tag; //Very important for xss (avoid javascript:() hacking)
}
// is this an inline image (text!=tag and url ends png,gif,jpeg)
if ($text!=$tag and preg_match("/.(gif|jpeg|png|jpg)$/i",$tag))
{
return "<img src=\"$tag\" alt=\"$text\" />";
}
else
{
return "<a href=\"$tag\">$text</a>";
}
}
else
{
// it's a wiki link!
if (isset($_SESSION["linktracking"]) && $track) $this->TrackLinkTo($tag);
return ($this->LoadPage($tag) ? "<a href=\"".$this->href($method, $tag)."\">".$text."</a>" : "<span class=\"missingpage\">".$text."</span><a href=\"".$this->href("edit", $tag)."\">?</a>");
}
}
function ComposeLinkToPage($tag, $method = "", $text = "", $track = 1) {
if (!$text) $text = $tag;
$text = htmlentities($text);
if (isset($_SESSION["linktracking"]) && $track)
$this->TrackLinkTo($tag);
return '<a href="'.$this->href($method, $tag).'">'.$text.'</a>';
}
// function PregPageLink($matches) { return $this->Link($matches[1]); }
function IspName($text) { return preg_match("/^[A-Z][a-z]+[A-Z,0-9][A-Z,a-z,0-9]*$/", $text); }
function TrackLinkTo($tag) { $_SESSION["linktable"][] = $tag; }
function GetLinkTable() { return $_SESSION["linktable"]; }
function ClearLinkTable() { $_SESSION["linktable"] = array(); }
function StartLinkTracking() { $_SESSION["linktracking"] = 1; }
function StopLinkTracking() { $_SESSION["linktracking"] = 0; }
function WriteLinkTable() {
// delete old link table
$this->Query("delete from ".$this->config["table_prefix"]."links where from_tag = '".mysql_escape_string($this->GetPageTag())."'");
if ($linktable = $this->GetLinkTable())
{
$from_tag = mysql_escape_string($this->GetPageTag());
foreach ($linktable as $to_tag)
{
$lower_to_tag = strtolower($to_tag);
if (!isset($written[$lower_to_tag]))
{
$this->Query("insert into ".$this->config["table_prefix"]."links set from_tag = '".$from_tag."', to_tag = '".mysql_escape_string($to_tag)."'");
$written[$lower_to_tag] = 1;
}
}
}
}
function Header() { return $this->Action($this->GetConfigValue("header_action"), 1); }
function Footer() { return $this->Action($this->GetConfigValue("footer_action"), 1); }
// FORMS
function FormOpen($method = "", $tag = "", $formMethod = "post") {
if (isset($_REQUEST["q"])) {
$result = "<form action=\"?q=".$_REQUEST["q"]."\" method=\"".$formMethod."\">\n";
}else{
$result = "<form action=\"".$this->href($method, $tag)."\" method=\"".$formMethod."\">\n";
if (!$this->config["rewrite_mode"]) $result .= "<input type=\"hidden\" name=\"p\" value=\"".$this->MiniHref($method, $tag)."\" />\n";
}
return $result;
}
/*
// FORMS
function FormOpen($method = "", $tag = "", $formMethod = "post", $enctype="multipart/form-data") {
/*avant la modif ACeditor
$result = "<form action=\"".$this->href($method, $tag)."\" method=\"".$formMethod."\" enctype=\"".$enctype."\">\n";
*/
/* Debut de la modif ACeditor * /
if (ereg('edit$', $this->href($method, $tag))) {
$result = "<form id=\"ACEditor\" name=\"ACEditor\" action=\"".$this->href($method, $tag)."\" method=\"".$formMethod."\">\n";
} else {
//$result = "<form action=\"".$this->href($method, $tag)."\" method=\"".$formMethod."\">\n";* /
if (isset($_REQUEST["q"])) {
$result = "<form action=\"?q=".$_REQUEST["q"]."\" method=\"".$formMethod."\">\n";
}else{
$result = "<form action=\"".$this->href($method, $tag)."\" method=\"".$formMethod."\">\n";
if (!$this->config["rewrite_mode"]) $result .= "<input type=\"hidden\" name=\"p\" value=\"".$this->MiniHref($method, $tag)."\" />\n";
}
//}
/* fin de la modif ACeditor * /
return $result;
}*/
function FormClose() {
return "</form>\n";
}
// interwiki STUFF
function ReadinterwikiConfig() {
if ($lines = file("interwiki.conf"))
{
foreach ($lines as $line)
{
if ($line = trim($line))
{
list($pName, $pUrl) = explode(" ", trim($line));
$this->Addinterwiki($pName, $pUrl);
}
}
}
}
function Addinterwiki($name, $url) {
$this->interwiki[$name] = $url;
}
function GetinterwikiUrl($name, $tag) {
if (isset($this->interwiki[$name]))
{
return $this->interwiki[$name].$tag;
} else {
return 'http://'.$tag; //avoid xss by putting http:// in front of JavaScript:()
}
}
// REFERRERS
function LogReferrer($tag = "", $referrer = "") {
// fill values
if (!$tag = trim($tag)) $tag = $this->GetPageTag();
if (!$referrer = trim($referrer) AND isset($_SERVER["HTTP_REFERER"])) $referrer = $_SERVER["HTTP_REFERER"];
// check if it's coming from another site
if ($referrer && !preg_match("/^".preg_quote($this->GetConfigValue("base_url"), "/")."/", $referrer))
{
// avoid XSS (with urls like "javascript:alert()" and co)
// by forcing http/https prefix
// NB.: this does NOT exempt to htmlspecialchars() the collected URIs !
if (!preg_match('`^https?://`', $referrer)) return;
$this->Query("insert into ".$this->config["table_prefix"]."referrers set ".
"page_tag = '".mysql_escape_string($tag)."', ".
"referrer = '".mysql_escape_string($referrer)."', ".
"time = now()");
}
}
function LoadReferrers($tag = "") {
return $this->LoadAll("select referrer, count(referrer) as num from ".$this->config["table_prefix"]."referrers ".($tag = trim($tag) ? "where page_tag = '".mysql_escape_string($tag)."'" : "")." group by referrer order by num desc");
}
function PurgeReferrers() {
if ($days = $this->GetConfigValue("referrers_purge_time")) {
$this->Query("delete from ".$this->config["table_prefix"]."referrers where time < date_sub(now(), interval '".mysql_escape_string($days)."' day)");
}
}
// PLUGINS
function Action($action, $forceLinkTracking = 0)
{
$action = trim($action); $vars=array();
// stupid attributes check
if ((stristr($action, "=\"")) || (stristr($action, "/")))
{
// extract $action and $vars_temp ("raw" attributes)
preg_match("/^([A-Za-z0-9]*)\/?(.*)$/", $action, $matches);
list(, $action, $vars_temp) = $matches;
// match all attributes (key and value)
$this->parameter[$vars_temp]=$vars_temp;
preg_match_all("/([A-Za-z0-9]*)=\"(.*)\"/U", $vars_temp, $matches);
// prepare an array for extract() to work with (in $this->IncludeBuffered())
if (is_array($matches))
{
for ($a = 0; $a < count($matches[1]); $a++)
{
$vars[$matches[1][$a]] = $matches[2][$a];
$this->parameter[$matches[1][$a]]=$matches[2][$a];
}
}
}
if (!$forceLinkTracking) $this->StopLinkTracking();
$result = $this->IncludeBuffered(strtolower($action).".php", "<i>Action inconnue \"$action\"</i>", $vars, $this->config["action_path"]);
$this->StartLinkTracking();
if (isset($parameter)) unset($this->parameter[$parameter]);
unset($this->parameter);
return $result;
}
function Method($method) {
if (!$handler = $this->page["handler"]) $handler = "page";
$methodLocation = $handler."/".$method.".php";
return $this->IncludeBuffered($methodLocation, "<i>Méthode inconnue \"$methodLocation\"</i>", "", $this->config["handler_path"]);
}
function Format($text, $formatter = "index") {
return $this->IncludeBuffered("formatters/".$formatter.".php", "<i>Impossible de trouver le formateur \"$formatter\"</i>", compact("text"));
}
// USERS
function LoadUser($name, $password = 0) { return $this->LoadSingle("select * from ".$this->config["table_prefix"]."users where name = '".mysql_escape_string($name)."' ".($password === 0 ? "" : "and password = '".mysql_escape_string($password)."'")." limit 1"); }
function LoadUsers() { return $this->LoadAll("select * from ".$this->config["table_prefix"]."users order by name"); }
function GetUserName() { if ($user = $this->GetUser()) $name = $user["name"]; else if (!$name = gethostbyaddr($_SERVER["REMOTE_ADDR"])) $name = $_SERVER["REMOTE_ADDR"]; return $name; }
function UserName() { /* deprecated! */ return $this->GetUserName(); }
function GetUser() { return (isset($_SESSION["user"]) ? $_SESSION["user"] : '');}
function SetUser($user, $remember=0) { $_SESSION["user"] = $user; $this->SetPersistentCookie("name", $user["name"], $remember); $this->SetPersistentCookie("password", $user["password"], $remember); $this->SetPersistentCookie("remember", $remember, $remember); }
function LogoutUser() { $_SESSION["user"] = ""; $this->DeleteCookie("name"); $this->DeleteCookie("password"); }
function UserWantsComments() { if (!$user = $this->GetUser()) return false; return ($user["show_comments"] == "Y"); }
function GetParameter($parameter, $default = '') { return (isset($this->parameter[$parameter]) ? $this->parameter[$parameter] : $default); }
// COMMENTS
function LoadComments($tag) { return $this->LoadAll("select * from ".$this->config["table_prefix"]."pages where comment_on = '".mysql_escape_string($tag)."' and latest = 'Y' order by time"); }
function LoadRecentComments() { return $this->LoadAll("select * from ".$this->config["table_prefix"]."pages where comment_on != '' and latest = 'Y' order by time desc"); }
function LoadRecentlyCommented($limit = 50) {
$pages = array();
// NOTE: this is really stupid. Maybe my SQL-Fu is too weak, but apparently there is no easier way to simply select
// all comment pages sorted by their first revision's (!) time. ugh!
// load ids of the first revisions of latest comments. err, huh?
$pages=array();
$comments=array();
if ($ids = $this->LoadAll("select min(id) as id from ".$this->config["table_prefix"]."pages where comment_on != '' group by tag order by id desc"))
{
// load complete comments
$num=0;
foreach ($ids as $id)
{
$comment = $this->LoadSingle("select * from ".$this->config["table_prefix"]."pages where id = '".$id["id"]."' limit 1");
if (!isset($comments[$comment["comment_on"]]) && $num < $limit)
{
$comments[$comment["comment_on"]] = $comment;
$num++;
}
}
// now load pages
if ($comments)
{
// now using these ids, load the actual pages
foreach ($comments as $comment)
{
$page = $this->LoadPage($comment["comment_on"]);
$page["comment_user"] = $comment["user"];
$page["comment_time"] = $comment["time"];
$page["comment_tag"] = $comment["tag"];
$pages[] = $page;
}
}
}
// load tags of pages
//return $this->LoadAll("select comment_on as tag, max(time) as time, tag as comment_tag, user from ".$this->config["table_prefix"]."pages where comment_on != '' group by comment_on order by time desc");
return $pages;
}
// ACCESS CONTROL
// returns true if logged in user is owner of current page, or page specified in $tag
function UserIsOwner($tag = "") {
// check if user is logged in
if (!$this->GetUser()) return false;
// set default tag
if (!$tag = trim($tag)) $tag = $this->GetPageTag();
// check if user is owner
if ($this->GetPageOwner($tag) == $this->GetUserName()) return true;
}
function GetPageOwner($tag = "", $time = "") { if (!$tag = trim($tag)) $tag = $this->GetPageTag(); if ($page = $this->LoadPage($tag, $time)) return $page["owner"]; }
function SetPageOwner($tag, $user) {
// check if user exists
if (!$this->LoadUser($user)) return;
// updated latest revision with new owner
$this->Query("update ".$this->config["table_prefix"]."pages set owner = '".mysql_escape_string($user)."' where tag = '".mysql_escape_string($tag)."' and latest = 'Y' limit 1");
}
function LoadAcl($tag, $privilege, $useDefaults = 1) {
if ((!$acl = $this->LoadSingle("select * from ".$this->config["table_prefix"]."acls where page_tag = '".mysql_escape_string($tag)."' and privilege = '".mysql_escape_string($privilege)."' limit 1")) && $useDefaults)
{
$acl = array("page_tag" => $tag, "privilege" => $privilege, "list" => $this->GetConfigValue("default_".$privilege."_acl"));
}
return $acl;
}
function SaveAcl($tag, $privilege, $list) {
if ($this->LoadAcl($tag, $privilege, 0)) $this->Query("update ".$this->config["table_prefix"]."acls set list = '".mysql_escape_string(trim(str_replace("\r", "", $list)))."' where page_tag = '".mysql_escape_string($tag)."' and privilege = '".mysql_escape_string($privilege)."' limit 1");
else $this->Query("insert into ".$this->config["table_prefix"]."acls set list = '".mysql_escape_string(trim(str_replace("\r", "", $list)))."', page_tag = '".mysql_escape_string($tag)."', privilege = '".mysql_escape_string($privilege)."'");
}
// returns true if $user (defaults to current user) has access to $privilege on $page_tag (defaults to current page)
function HasAccess($privilege, $tag = "", $user = "") {
// set defaults
if (!$tag = trim($tag)) $tag = $this->GetPageTag();
if (!$user = $this->GetUserName());
// load acl
$acl = $this->LoadAcl($tag, $privilege);
// if current user is owner, return true. owner can do anything!
if ($this->UserIsOwner($tag)) return true;
// fine fine... now go through acl
foreach (explode("\n", $acl["list"]) as $line)
{
$line = trim($line);
// check for inversion character "!"
if (preg_match("/^[!](.*)$/", $line, $matches))
{
$negate = 1;
$line = $matches[1];
}
else
{
$negate = 0;
}
// if there's still anything left... lines with just a "!" don't count!
if ($line)
{
switch ($line[0])
{
// comments
case "#":
break;
// everyone
case "*":
return !$negate;
// aha! a user entry.
case "+":
if (!$this->LoadUser($user))
{
return $negate;
}
else
{
return !$negate;
}
default:
if ($line == $user)
{
return !$negate;
}
}
}
}
// tough luck.
return false;
}
// MAINTENANCE
function Maintenance() {
// purge referrers
$this->PurgeReferrers();
// purge old page revisions
$this->PurgePages();
}
// THE BIG EVIL NASTY ONE!
function Run($tag, $method = "") {
if(!($this->GetMicroTime()%3)) $this->Maintenance();
$this->ReadinterwikiConfig();
// do our stuff!
if (!$this->method = trim($method)) $this->method = "show";
if (!$this->tag = trim($tag)) $this->Redirect($this->href("", $this->config["root_page"]));
if ((!$this->GetUser() && isset($_COOKIE["name"])) && ($user = $this->LoadUser($_COOKIE["name"], $_COOKIE["password"]))) $this->SetUser($user, $_COOKIE["remember"]);
$this->SetPage($this->LoadPage($tag, (isset($_REQUEST["time"]) ? $_REQUEST["time"] :'')));
$this->LogReferrer();
//correction pour un support plus facile de nouveaux handlers
print($this->Method($this->method));
}
}
// stupid version check
if (!isset($_REQUEST)) die('$_REQUEST[] not found. index requires PHP 4.1.0 or higher!');
// workaround for the amazingly annoying magic quotes.
function magicQuotesSuck(&$a)
{
if (is_array($a))
{
foreach ($a as $k => $v)
{
if (is_array($v))
magicQuotesSuck($a[$k]);
else
$a[$k] = stripslashes($v);
}
}
}
set_magic_quotes_runtime(0);
if (get_magic_quotes_gpc())
{
magicQuotesSuck($_POST);
magicQuotesSuck($_GET);
magicQuotesSuck($_COOKIE);
}
// default configuration values
$indexConfig= array();
$indexDefaultConfig = array(
'WAKKA_VERSION' => '',
'WIKINI_VERSION' => '',
'debug' => 'no',
"mysql_host" => "localhost",
"mysql_database" => "WikiNi",
"mysql_user" => "WikiNi",
"mysql_password" => '',
"table_prefix" => "WikiNi_",
"root_page" => "accueil",
"index_name" => "MonSiteWikiNi",
"base_url" => "http://".$_SERVER["SERVER_NAME"].($_SERVER["SERVER_PORT"] != 80 ? ":".$_SERVER["SERVER_PORT"] : "").$_SERVER["REQUEST_URI"].(preg_match("/".preg_quote("index.php")."$/", $_SERVER["REQUEST_URI"]) ? "?p=" : ""),
"rewrite_mode" => (preg_match("/".preg_quote("index.php")."$/", $_SERVER["REQUEST_URI"]) ? "0" : "1"),
'meta_keywords' => '',
'meta_description' => '',
"action_path" => "actions",
"handler_path" => "handlers",
"header_action" => "header",
"footer_action" => "footer",
"navigation_links" => "adminmenus adminpages adminusers admincoms,recherche,faq,adminzone connexion crédits contact,adminzone",
"referrers_purge_time" => 24,
"pages_purge_time" => 90,
"default_write_acl" => "ChristophePineau",
"default_read_acl" => "*",
"default_comment_acl" => "+",
"preview_before_save" => "0",
'allow_raw_html' => false);
// load config
if (!$configfile = GetEnv("index_CONFIG")) $configfile = "index.config.php";
if (file_exists($configfile)) include($configfile);
$indexConfigLocation = $configfile;
$indexConfig = array_merge($indexDefaultConfig, $indexConfig);
// check for locking
if (file_exists("locked")) {
// read password from lockfile
$lines = file("locked");
$lockpw = trim($lines[0]);
// is authentification given?
if (isset($_SERVER["PHP_AUTH_USER"])) {
if (!(($_SERVER["PHP_AUTH_USER"] == "admin") && ($_SERVER["PHP_AUTH_PW"] == $lockpw))) {
$ask = 1;
}
} else {
$ask = 1;
}
if ($ask) {
header("WWW-Authenticate: Basic realm=\"".$indexConfig["index_name"]." Install/Upgrade Interface\"");
header("HTTP/1.0 401 Unauthorized");
echo "Ce site est en cours de mise à jour. Veuillez essayer plus tard." ;
exit;
}
}
// compare versions, start installer if necessary
if ($indexConfig["WAKKA_VERSION"] && (!$indexConfig["WIKINI_VERSION"])) { $indexConfig["WIKINI_VERSION"]=$indexConfig["WAKKA_VERSION"]; }
if (($indexConfig["WAKKA_VERSION"] != WAKKA_VERSION) || ($indexConfig["WIKINI_VERSION"] != WIKINI_VERSION)) {
// start installer
if (!isset($_REQUEST["installAction"]) OR !$installAction = trim($_REQUEST["installAction"])) $installAction = "default";
include("setup/header.php");
if (file_exists("setup/".$installAction.".php")) include("setup/".$installAction.".php"); else echo "<i>Invalid action</i>" ;
include("setup/footer.php");
exit;
}
// configuration du cookie de session
//determine le chemin pour le cookie
$a = parse_url($indexConfig['base_url']);
$CookiePath = dirname($a['path']);
if ($CookiePath != '/') $CookiePath .= '/';
$a = session_get_cookie_params();
session_set_cookie_params($a['lifetime'],$CookiePath);
unset($a);
unset($CookiePath);
// start session
session_start();
// fetch index location
if (!isset($_REQUEST["p"])) $_REQUEST["p"] = '';
if (isset($_REQUEST["q"])) $_REQUEST["p"] = 'recherche';
$p = $_REQUEST["p"];
if(file_exists("handlers/page/$p.php")){$method=$p;}
// remove leading slash
$p = preg_replace("/^\//", "", $p);
// split into page/method
if (preg_match("#^(.+?)/([A-Za-z0-9_]*)$#", $p, $matches)) list(, $page, $method) = $matches;
else if (preg_match("#^(.*)$#", $p, $matches)) list(, $page) = $matches;
// create p object
$p = new p($indexConfig);
// check for database access
if (!$p->dblink)
{
echo "<p>Pour des raisons indépendantes de notre volonté, le contenu de ce wiki est temporairement inaccessible. Veuillez réessayer ultérieurement, merci de votre compréhension.</p>";
exit;
}
// Check if the server is configured to automatically compress the output
if (!ini_get('zlib.output_compression') && !ini_get('zlib.output_handler'))
{
// Check if we can use ob_gzhandler (requires the zlib extension)
if (function_exists('ob_gzhandler'))
{
// let ob_gzhandler do the dirty job
ob_start('ob_gzhandler');
}
// else let do the dirty job ourselves...
elseif (!empty($_SERVER['HTTP_ACCEPT_ENCODING']) && strstr($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') && function_exists('gzencode'))
{
ob_start ('gzencode');
// Tell the browser the content is compressed with gzip
header ("Content-Encoding: gzip");
}
}
// go!
if (!isset($method)) $method='';
// Security (quick hack) : Check method syntax
if (!(preg_match('#^[A-Za-z0-9_]*$#',$method))) {
$method='';
}
$p->Run($page, $method);?>