This merge fixes all conflicts but is otherwise untested and might break
funktionality in the auth system somewhere. It NEEDS MAJOR TESTING!
Some refactoring of the auth plugins is still needed:
* move to PHP5 style
* fix comments
* add plugin.info.txt
* janschumann/master:
Refactored auth system: All auth methods are now introduced as plugins.
Bugfix: auth types are now correcty added
Setup auth system from plugins
Added Auth-Plugin-Prototype to autoload
Load auth types from plugins in settings_authtype class
Added prototype for Auth-Plugins
added plugin type 'auth'
Conflicts:
inc/auth.php
inc/auth/pgsql.class.php
inc/init.php
inc/load.php
lib/plugins/auth.php
lib/plugins/authad/auth.php
lib/plugins/authldap/auth.php
lib/plugins/authmysql/auth.php
lib/plugins/authplain/auth.php
Compressing a gzip file again for transport is standards compliant, but
some clients assume that the file is only compressed once then and don't
remove the outer compression layer. This could disable compression in
too many cases theses cases should be rare and shouldn't cause any
problems.
This new wrapper ensures types are correct and accessed parameters are
actually set (with custom default fallbacks).
The wrapper is available in the global $INPUT variable. It accesses
$_REQUEST by default. If POST or GET is required, the post and get
members can be used:
$INPUT->int('foo',false); // access $_REQUEST['foo'], default false
$INPUT->post->int('foo'); // access $_POST['foo'], default 0
$INPUT->get->int('foo'); // access $_GET['foo'], default 0
The codebase still needs to be updated to make use of this.
Some plugins want to dynamically switch the template based on users,
namspaces or the phase of the moon. Having fixed paths in a unchangable
constant prevents this.
This changes deprecates the DOKU_TPL* constants in favor of two new
tpl_* functions that return the correct paths based on the $conf
variables which can be changed from the DOKUWIKI_STARTED event.
This change disables the reporting of strict standard errors in PHP 5.4,
in PHP versions prior to 5.4 E_STRICT wasn't part of E_ALL so for
these versions this doesn't cause any change (however E_STRICT is
available in all versions of PHP 5 so this doesn't cause any problems).
See also FS#2427.
The title.idx file needs to have exactly the same length as the
page.idx. This patch creates the file with the correct length if it
doesn't exist yet.
If you upgrade in between you need to delete your data/index/title.idx
file
Classes are loaded throug PHP5's class autoloader, all other
includes are just loaded by default. This skips a lot of
require_once calls.
Parser and Plugin stuff isn't handled by the class loader yet.
Changes of behaviour are:
* Allow the user name, title & description \e2\80\9c0\e2\80\9d
* Default to Port 443 if using HTTPS
* Set $INFO['isadmin'] and $INFO['ismanager'] to \e2\80\9cfalse\e2\80\9d even if no user is
logged in
* Do not pass empty fragment field in the event data for event
ACTION_SHOW_REDIRECT
* Handle chunked encoding in HTTPClient
darcs-hash:20091104100115-e4919-5cf6397d4a457e3f98a8ca49fbdab03f2147721d.gz
Ignore-this: de9ef30fc53fbfc1caa74b55f97290a5
This should avoid problems on portbased virtual hosts.
This patch might log you out ;-)
darcs-hash:20090801222159-7ad00-808a91dd29af758ef10d7942888c2c22d8b8b888.gz
Ignore-this: ce01faedc6c3d9370362b0e1e39ded36
This fixes a security hole when register_globals is enabled. An exploit is
in the wild: http://www.milw0rm.com/exploits/8781
darcs-hash:20090526145030-7ad00-c0483e021f47898c8597f3bfbdd26c637f891d86.gz
- Avoid double compression when gzip_output is enabled
- Only compress when gzip_output is enabled
- Do not use x-sendfile for compressed content (content-encoding is not supported)
- Make sure the script terminates after using x-sendfile
- Moved gzip browser support check to init.php
darcs-hash:20090122215010-7ad00-765765d353ff78df5b8704086328c5c699bbe7e0.gz
- add mediameta and license config files into the cascade
- update the cache validity code in cache.php, css.php & js.php to use config_cascade
- redo inclusion of main config files to avoid suppression of errors in config files
- add getConfigFiles($type) function
- minor updates elsewhere to use config_cascade rather than hardcoded config file names
darcs-hash:20090122114457-f07c6-98ad5627fd5df93edf8dd03289b9cf6d81962afe.gz
This change add the global $config_cascade which holds the list of files to be
read for each configuration setting group. Dokuwiki adds in its configuration
file values after preload.php, giving preload.php to set its own configuration
cascade.
One side effect of the change is "local.protected.php" is part of the default
cascade, removing the need for it to be included at the bottom of local.php.
darcs-hash:20090118181204-f07c6-fea1c406da1bbdb0a52ab40914f11b835e797728.gz
There is a new media changelog now, with the flag RECENTS_MEDIA_CHANGES media changes can be requested from the getRecents()-function or the new getRecentsSince()-function, that returns all changes since a given timestamp and optionally before a given timestamp. The media upload and the XML-RPC-server have been changed to use these functions.
Additionally, the event MEDIA_UPLOAD_FINISH has been extended, it has a new $data-attribute (the 5th), that contains a boolean if the file does already exist and will be overwritten.
darcs-hash:20090118154345-074e0-5d9a90d269e86d8c6a156ecce5cf63115c827433.gz
In most (all) calls to fullpath() the existance of the resulting path is not
important or is checked externally, so checking inside fullpath() is a waste
of CPU cycles.
darcs-hash:20081213083355-7ad00-4987a85950a13e5d3c527b3b17b1092e0fa1c567.gz
When act_redirect is executed (post data was received and mode show is called)
all undisplayed messages (from calls to msg()) are saved in the session now.
These messages are then revived in inc/init.php. This makes sure no errors
that occured before the redirect are lost.
darcs-hash:20080929203831-7ad00-d0869fd3093f57c1ea64ccbaf05d7fd98f68c5e1.gz
The fullpath function now correctly handles windows drive letter paths and UNC
paths making sure that those are not destroyed with upper dir .. notation.
Unit tests where added.
darcs-hash:20080914134744-7ad00-9abf5931d910a0b12979b1f69b090e8ecd568c71.gz
This patch adds the httponly option to the PHP session cookies and DokuWiki's
auth cookie when supported by the PHP version.
It also adds a new config option 'securecookie' which is enabled by default.
It makes sure the browser will not sent a cookie set via HTTPS over a
non-secured connection. This option has to be disabled for wikis that only
protect the login with SSL but not the whole wiki.
darcs-hash:20080912224922-7ad00-d5275147ba9d17a9f6defa8a51ca720da74ba8a0.gz
This patch readds the possibilities previously gained by the DOKUWIKI_INIT event
by adding support for including a file named inc/preload.php. When available, it
will be included before any defines for dokuwiki are set.
darcs-hash:20080627222629-7ad00-a663ded7ac08369f011e1f63e1c60fa81ec05b51.gz
This patch adds a new event DOKUWIKI_INIT to the event system. The event is
triggered in inc/init.php right after DOKU_INC has been defined and allows
action plugins to interfere with DokuWiki s init process.
darcs-hash:20080622144154-23886-5153094bd78c2cea7f97e24c7b41cac6c641f49f.gz
This patch fixes use of UNC path in $conf['savedir'] and calling of /bin/ scripts.
darcs-hash:20080412124628-51399-9f85214fa4d787d5ad3a3b3c1ca655a29efc07e4.gz
This patch replaces the use of the date() function with the strftime()
function. The latter will respect a set locale and will use localized
strings for things like month names.
Because the format options for strftime differ from the ones used in date,
DokuWiki will rest the value of $conf['dformat'] if it contains an old
date format string (detected by missing % characters).
Plugins or templates using the $conf['dformat'] need to be updated.
darcs-hash:20080223124045-7ad00-6afb2b839afc58781463e25577e06adb675fff79.gz
The use of realpath() to clean up relative file names caused some
trouble in certain setups relying on symlinks or having restricitve
file structure setups.
This patch replaces all realpath() calls with a PHP only replacement
which should solve those problems.
darcs-hash:20070930184250-7ad00-512ff04c95f57fc9eaf104f80372237a3c94286f.gz
This patch introduces a tpl_toc() function which can be used to freely place
the Table of Contents in a template. When used, tpl_content should be called
with a parameter of false to supress the automatic TOC placement.
Note: if tpl_toc() us run *before* tpl_content(), TOCs will not work in the
preview. A work around is to run tpl_content() in a output buffer first.
This patch also adds a getTOC() function for admin plugins which allows plugin
authors to put create their own TOC which will be placed correctly in the
template. A convenience function html_mktocitem() is available.
The config manager was adjusted to make ue of this new feature, but some bugs
might remain.
darcs-hash:20070805132405-7ad00-77d2c3cdf66cc62b2d408cc6580f938636a109af.gz
Introduces a DOKU_REL constant always pointing to the DokuWiki directory regardless
of the used canonical setting.
darcs-hash:20070603191451-7ad00-a5227a3632b3337f5da90551d3166d9b5db56638.gz
if a subdir is not setup properly, then init_paths() in inc/init.php will use
the pretty name ("datadir" instead of "pages"; "olddir" instead of "attic").
attached patch simply includes the actual directory name in the output so
people dont have to look it up in the source
code.
darcs-hash:20061211194244-5224c-2d22eeb08d770108d1d993783e95d11bef0e8855.gz
Key changes:
- metadata stored on disk in two arrays, 'current' & 'persistent'
- p_set_metadata has an additional parameter, $persistent, which defaults to true
- metadata set within the renderer defaults to non-persistent
- new event hook, PARSER_METADATA_RENDER, which wraps around metadata rendering process. For
full details of this event refer to the event list documentation at splitbrain.
The patch includes automatic conversion of metadata in current form to the new format
For more details also see http://www.freelists.org/archives/dokuwiki/11-2006/msg00221.html
and any follow-up messages.
darcs-hash:20061126152144-9b6ab-a4e40c221e0274b13da07dc2fc1d2100f5f3a50e.gz
A modification to the indexer that sorts words based on length. This should make
searching a little bit more efficient. After the patch is applied, your old index
will be automatically converted to the new format (when you visit a page). The
new index format is:
1. Index files are stored in savedir/index
2. Word lists are stored as wlen.idx. This used to be word.idx.
3. Word indexes are stored as ilen.idx. This used to be index.idx.
4. The page list, page.idx, is simply copied to the new location.
Any plugins you have, such as the blog plugin, that read the index files need to
be updated.
darcs-hash:20061112194900-2b9f0-a975498ccf0a1d39c6df73b79bcd028d5e81c389.gz
This patch changes the DOKU_COOKIE define to be based on the DOKU_URL define.
DOKU_COOKIE is now used as session key as well, making sessions no longer
dependend on the title option. This should fix problems with multiple
wikis on the same host (using the same title) and wikis accessed through
different URLs.
darcs-hash:20061003121546-7ad00-aea4c256b7752815ed422ce74a659152a601d267.gz
actions which concern multiple pages (e.g. search, backlinks, recents)
end up repeatedly encoding the current user's name and groups. This
change caches the results of the encoding allowing them to be reused.
darcs-hash:20060923161206-9b6ab-a3ec8f1c2ec284d84b9ff85cba1e56165b2967a7.gz
This patch provides a rewritten changelog system that is designed to run
efficiently on both small and large wikis. The patch includes a plugin to
convert changelogs from the current format. The conversion is
non-destructive and happens automatically. For more information on the new
changelog format see "http://wiki.splitbrain.org/wiki:changelog".
Structure
In short the changelog is now stored in per-page changelog files, with a
recent changes cache. The recent changes cache is kept in
"/data/meta/_dokuwiki.changes" and trimmed daily. The per-page changelogs
are kept in "/data/meta/<ns>/<page_id>.changes" files. To preserve
revision information for revisions stored in the attic, the "*.changes"
files are not removed when their page is deleted. This allows the full
life-cycle of page creation, deletion, and reversion to be tracked.
Format
The changelog line format now uses a general "line type" field in place of
the special "minor" change syntax. There is also an extra field that can
be used to store arbitrary data associated with special line types. The
reverted line type (R) is a good example. There the extra field holds the
revision date used as the source for reverting the page. See the wiki for
the complete syntax description.
Code Notes
The changelog functions have been rewritten to load the whole file only if
it is small. For larger files, the function loads only the relevant
chunk(s). Parsed changelog lines are cached in memory to speed future
function calls.
getRevisionInfo
A binary search is used to locate the chunk expected to contain the
requested revision. The whole chunk is parsed, and adjacent lines are
optimistically cached to speed consecutive calls.
getRevisions
Reads the changelog file backwards (newest first) in chunks until the
requested number of lines have been read. Parsed changelog lines are
cached for subsequent calls to getRevisionInfo. Because revisions are read
from the changelog they are no longer guaranteed to exist in the attic.
(Note: Even with lines of arbitrary length getRevisionInfo and
getRevisions never split changelog lines while reading. This is done by
sliding the "file pointer" forward to the end of a line after each blind
seek.)
isMinor
Removed. To detect a minor edit check the type as follows:
$parsed_logline['type']
darcs-hash:20060830182753-05dcb-1c5ea17f581197a33732a8d11da223d809c03506.gz
- remove initialisation of caches in inc/pageutils.php
- add global declaration to init.php to support init.php
being included from within a function, e.g. unit testing
;-)
- minor change to utf8_substr, remove non-essential brackets
added as part of an earlier patch
darcs-hash:20060829134806-9b6ab-ab15191344a83be664c412403dc84a24fa2253a2.gz
Update to 'add function result caching for cleanID and wikiFN'.
Makes certain that arrays exist for the caches, without checking on each function call.
Properly create multidimensional arrays in wikiFN().
darcs-hash:20060828071205-05dcb-7c8dbdb5ea4e7b73808ec3bd9222df1b837d3a1f.gz
This updates the availability check of the choosen compression method. If bzip2
is configured but not available it falls back to gzip if available.
darcs-hash:20060825144739-7ad00-9f7ce54fd1dbf0d7a8272393e9bc02d862b28fff.gz
- Adds a constant DOKU_E_LEVEL for globally overriding the error reporting level.
- Adds a file based switch for enabling E_ALL errors without changing the code.
This is convenient for developers debugging new patches. It also ensures that
the new patch will not accidentally record manual changes to the error reporting
level. To enable E_ALL errors globally, create the file 'conf/report_e_all'.
darcs-hash:20060707232525-05dcb-0f24e53783f546a83268fe40b0d8b68f4d6ccfa6.gz