Go to most recent revision | Blame | Compare with Previous | Last modification | View Log | RSS feed
<?php/* encoding: iso-8859-1wakka.phpCopyright (c) 2002, Hendrik Mans <hendrik@mans.de>Copyright 2003 Carlo ZottmannCopyright 2002, 2003 David DELONCopyright 2002, 2003, 2004 Charles NÉPOTECopyright 2002, 2003 Patrick PAULCopyright 2003 Éric DELORDCopyright 2003 Éric FELDSTEINCopyright 2004 Jean-Christophe ANDRÉAll rights reserved.Redistribution and use in source and binary forms, with or withoutmodification, are permitted provided that the following conditionsare met:1. Redistributions of source code must retain the above copyrightnotice, this list of conditions and the following disclaimer.2. Redistributions in binary form must reproduce the above copyrightnotice, this list of conditions and the following disclaimer in thedocumentation and/or other materials provided with the distribution.3. The name of the author may not be used to endorse or promote productsderived from this software without specific prior written permission.THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS ORIMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIESOF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUTNOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANYTHEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OFTHIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.*//*Yes, most of the formatting used in this file is HORRIBLY BAD STYLE. However,most of the action happens outside of this file, and I really wanted the codeto look as small as what it does. Basically. Oh, I just suck. :)*/// do not change this line, you fool. In fact, don't change anything! Ever!define("WAKKA_VERSION", "0.1.1");define("WIKINI_VERSION", "0.4.3 + contributions");// start the compute timelist($g_usec, $g_sec) = explode(" ",microtime());define ("t_start", (float)$g_usec + (float)$g_sec);$t_SQL=0;class Wiki{var $dblink;var $page;var $tag;var $parameter = array();var $queryLog = array();var $interWiki = array();var $VERSION;var $CookiePath = '/';// constructorfunction Wiki($config){$this->config = $config;// some host do not allow mysql_pconnect$this->dblink = @mysql_connect ($this->config["mysql_host"],$this->config["mysql_user"],$this->config["mysql_password"]);if ($this->dblink){if (!@mysql_select_db($this->config["mysql_database"], $this->dblink)){@mysql_close($this->dblink);$this->dblink = false;}}$this->VERSION = WAKKA_VERSION;//determine le chemin pour le cookie$a = parse_url($this->GetConfigValue('base_url'));$this->CookiePath = dirname($a['path']);if ($this->CookiePath != '/') $this->CookiePath .= '/';}// DATABASEfunction Query($query){if($this->GetConfigValue("debug")) $start = $this->GetMicroTime();if (!$result = mysql_query($query, $this->dblink)){ob_end_clean();die("Query failed: ".$query." (".mysql_error().")");}if($this->GetConfigValue("debug")){$time = $this->GetMicroTime() - $start;$this->queryLog[] = array("query" => $query,"time" => $time);}return $result;}function LoadSingle($query) { if ($data = $this->LoadAll($query)) return $data[0]; }function LoadAll($query){$data=array();if ($r = $this->Query($query)){while ($row = mysql_fetch_assoc($r)) $data[] = $row;mysql_free_result($r);}return $data;}// MISCfunction GetMicroTime() { list($usec, $sec) = explode(" ",microtime()); return ((float)$usec + (float)$sec); }function IncludeBuffered($filename, $notfoundText = "", $vars = "", $path = ""){if ($path) $dirs = explode(":", $path);else $dirs = array("");foreach($dirs as $dir){if ($dir) $dir .= "/";$fullfilename = $dir.$filename;if (file_exists($fullfilename)){if (is_array($vars)) extract($vars);ob_start();include($fullfilename);$output = ob_get_contents();ob_end_clean();return $output;}}if ($notfoundText) return $notfoundText;else return false;}// VARIABLESfunction GetPageTag() { return $this->tag; }function GetPageTime() { return $this->page["time"]; }function GetMethod() { return $this->method; }function GetConfigValue($name) { return $this->config[$name]; }function GetWakkaName() { return $this->GetConfigValue("wakka_name"); }function GetWakkaVersion() { return $this->VERSION; }function GetWikiNiVersion() { return WIKINI_VERSION; }// PAGESfunction LoadPage($tag, $time = "", $cache = 1) {// retrieve from cacheif (!$time && $cache && ($cachedPage = $this->GetCachedPage($tag))) { $page = $cachedPage;}// load pageif (!isset($page)) $page = $this->LoadSingle("select * from ".$this->config["table_prefix"]."pages where tag = '".mysql_escape_string($tag)."' ".($time ? "and time = '".mysql_escape_string($time)."'" : "and latest = 'Y'")." limit 1");// cache resultif (!$time) $this->CachePage($page);return $page;}function GetCachedPage($tag) {return (isset($this->pageCache[$tag]) ? $this->pageCache[$tag] : ''); }function CachePage($page) { $this->pageCache[$page["tag"]] = $page; }function SetPage($page) { $this->page = $page; if ($this->page["tag"]) $this->tag = $this->page["tag"]; }function LoadPageById($id) { return $this->LoadSingle("select * from ".$this->config["table_prefix"]."pages where id = '".mysql_escape_string($id)."' limit 1"); }function LoadRevisions($page) { return $this->LoadAll("select * from ".$this->config["table_prefix"]."pages where tag = '".mysql_escape_string($page)."' order by time desc"); }function LoadPagesLinkingTo($tag) { return $this->LoadAll("select from_tag as tag from ".$this->config["table_prefix"]."links where to_tag = '".mysql_escape_string($tag)."' order by tag"); }function LoadRecentlyChanged($limit=50) {$limit= (int) $limit;if ($pages = $this->LoadAll("select tag, time, user, owner from ".$this->config["table_prefix"]."pages where latest = 'Y' and comment_on = '' order by time desc limit $limit")){foreach ($pages as $page){$this->CachePage($page);}return $pages;}}function LoadAllPages() { return $this->LoadAll("select * from ".$this->config["table_prefix"]."pages where latest = 'Y' order by tag"); }function FullTextSearch($phrase) { return $this->LoadAll("select * from ".$this->config["table_prefix"]."pages where latest = 'Y' and match(tag, body) against('".mysql_escape_string($phrase)."')"); }function LoadWantedPages() { return $this->LoadAll("select distinct ".$this->config["table_prefix"]."links.to_tag as tag,count(".$this->config["table_prefix"]."links.from_tag) as count from ".$this->config["table_prefix"]."links left join ".$this->config["table_prefix"]."pages on ".$this->config["table_prefix"]."links.to_tag = ".$this->config["table_prefix"]."pages.tag where ".$this->config["table_prefix"]."pages.tag is NULL group by tag order by count desc"); }function LoadOrphanedPages() { return $this->LoadAll("select distinct tag from ".$this->config["table_prefix"]."pages left join ".$this->config["table_prefix"]."links on ".$this->config["table_prefix"]."pages.tag = ".$this->config["table_prefix"]."links.to_tag where ".$this->config["table_prefix"]."links.to_tag is NULL and ".$this->config["table_prefix"]."pages.comment_on = '' order by tag"); }function IsOrphanedPage($tag) { return $this->LoadAll("select distinct tag from ".$this->config["table_prefix"]."pages left join ".$this->config["table_prefix"]."links on ".$this->config["table_prefix"]."pages.tag = ".$this->config["table_prefix"]."links.to_tag where ".$this->config["table_prefix"]."links.to_tag is NULL and ".$this->config["table_prefix"]."pages.comment_on ='' and tag='".mysql_escape_string($tag)."'"); }function DeleteOrphanedPage($tag) {$this->Query("delete from ".$this->config["table_prefix"]."pages where tag='".mysql_escape_string($tag)."' ");$this->Query("delete from ".$this->config["table_prefix"]."links where from_tag='".mysql_escape_string($tag)."' ");$this->Query("delete from ".$this->config["table_prefix"]."acls where page_tag='".mysql_escape_string($tag)."' ");$this->Query("delete from ".$this->config["table_prefix"]."referrers where page_tag='".mysql_escape_string($tag)."' ");}function SavePage($tag, $body, $comment_on = "") {// get current user$user = $this->GetUserName();//die($tag);// TODO: check write privilegeif ($this->HasAccess("write", $tag)){// is page new?if (!$oldPage = $this->LoadPage($tag)){// create default write acl. store empty write ACL for comments.$this->SaveAcl($tag, "write", ($comment_on ? "" : $this->GetConfigValue("default_write_acl")));// create default read acl$this->SaveAcl($tag, "read", $this->GetConfigValue("default_read_acl"));// create default comment acl.$this->SaveAcl($tag, "comment", $this->GetConfigValue("default_comment_acl"));// current user is owner; if user is logged in! otherwise, no owner.if ($this->GetUser()) $owner = $user;}else{// aha! page isn't new. keep owner!$owner = $oldPage["owner"];}// set all other revisions to old$this->Query("update ".$this->config["table_prefix"]."pages set latest = 'N' where tag = '".mysql_Escape_string($tag)."'");// add new revision$this->Query("insert into ".$this->config["table_prefix"]."pages set "."tag = '".mysql_escape_string($tag)."', ".($comment_on ? "comment_on = '".mysql_escape_string($comment_on)."', " : "")."time = now(), "."owner = '".mysql_escape_string($owner)."', "."user = '".mysql_escape_string($user)."', "."latest = 'Y', "."body = '".mysql_escape_string(chop($body))."'");}}function PurgePages() {if ($days = $this->GetConfigValue("pages_purge_time")) {// Selection of pages which can be deleted$pages = $this->LoadAll("select distinct tag, time from ".$this->config["table_prefix"]."pages where time < date_sub(now(), interval '".mysql_escape_string($days)."' day) and latest = 'N' order by time asc");foreach ($pages as $page) {// Deletion if there are more than 2 versions avalaible (TODO : parameter ?)$tags=$this->LoadAll("select distinct tag from ".$this->config["table_prefix"]."pages where tag = '".mysql_escape_string($page[tag])."' group by tag having count(*) > 2 order by tag");foreach ($tags as $tag) {$this->Query("delete from ".$this->config["table_prefix"]."pages where time = '".mysql_escape_string($page[time])."' and tag = '".mysql_escape_string($tag[tag])."'");}}}}// COOKIESfunction SetSessionCookie($name, $value) { SetCookie($name, $value, 0, $this->CookiePath); $_COOKIE[$name] = $value; }function SetPersistentCookie($name, $value, $remember = 0) { SetCookie($name, $value, time() + ($remember ? 90*24*60*60 : 60 * 60), $this->CookiePath); $_COOKIE[$name] = $value; }function DeleteCookie($name) { SetCookie($name, "", 1, $this->CookiePath); $_COOKIE[$name] = ""; }function GetCookie($name) { return $_COOKIE[$name]; }// HTTP/REQUEST/LINK RELATEDfunction SetMessage($message) { $_SESSION["message"] = $message; }function GetMessage(){if (isset($_SESSION["message"])) $message = $_SESSION["message"];else $message = "";$_SESSION["message"] = "";return $message;}function Redirect($url){header("Location: $url");exit;}// returns just PageName[/method].function MiniHref($method = "", $tag = ""){if (!$tag = trim($tag)) $tag = $this->tag;return $tag.($method ? "/".$method : "");}// returns the full url to a page/method.function Href($method = "", $tag = "", $params = ""){$href = $this->config["base_url"].$this->MiniHref($method, $tag);if ($params){$href .= ($this->config["rewrite_mode"] ? "?" : "&").$params;} // ajout TElareturn $href;}function Link($tag, $method = "", $text = "", $track = 1) {$tag=htmlspecialchars($tag); //avoid xss$text=htmlspecialchars($text); //paranoiac againif (!$text) $text = $tag;// is this an interwiki link?if (preg_match("/^([A-Z][A-Z,a-z]+)[:]([A-Z,a-z,0-9]*)$/s", $tag, $matches)){$tag = $this->GetInterWikiUrl($matches[1], $matches[2]);return "<a href=\"$tag\">$text (interwiki)</a>";}// is this a full link? ie, does it contain non alpha-numeric characters?// Note : [:alnum:] is equivalent [0-9A-Za-z]// [^[:alnum:]] means : some caracters other than [0-9A-Za-z]// For example : "www.adress.com", "mailto:adress@domain.com", "http://www.adress.com"else if (preg_match("/[^[:alnum:]]/", $tag)){// check for email addressesif (preg_match("/^.+\@.+$/", $tag)){$tag = "mailto:".$tag;}// check for protocol-less URLselse if (!preg_match("/:\/\//", $tag)){$tag = "http://".$tag; //Very important for xss (avoid javascript:() hacking)}// is this an inline image (text!=tag and url ends png,gif,jpeg)if ($text!=$tag and preg_match("/.(gif|jpeg|png|jpg)$/i",$tag)){return "<img src=\"$tag\" alt=\"$text\" />";}else{return "<a href=\"$tag\">$text</a>";}}else{// it's a Wiki link!if (isset($_SESSION["linktracking"]) && $track) $this->TrackLinkTo($tag);return ($this->LoadPage($tag) ? "<a href=\"".$this->href($method, $tag)."\">".$text."</a>" : "<span class=\"missingpage\">".$text."</span><a href=\"".$this->href("edit", $tag)."\">?</a>");}}function ComposeLinkToPage($tag, $method = "", $text = "", $track = 1) {if (!$text) $text = $tag;$text = htmlentities($text);if (isset($_SESSION["linktracking"]) && $track)$this->TrackLinkTo($tag);return '<a href="'.$this->href($method, $tag).'">'.$text.'</a>';}// function PregPageLink($matches) { return $this->Link($matches[1]); }function IsWikiName($text) { return preg_match("/^[A-Z][a-z]+[A-Z,0-9][A-Z,a-z,0-9]*$/", $text); }function TrackLinkTo($tag) { $_SESSION["linktable"][] = $tag; }function GetLinkTable() { return $_SESSION["linktable"]; }function ClearLinkTable() { $_SESSION["linktable"] = array(); }function StartLinkTracking() { $_SESSION["linktracking"] = 1; }function StopLinkTracking() { $_SESSION["linktracking"] = 0; }function WriteLinkTable() {// delete old link table$this->Query("delete from ".$this->config["table_prefix"]."links where from_tag = '".mysql_escape_string($this->GetPageTag())."'");if ($linktable = $this->GetLinkTable()){$from_tag = mysql_escape_string($this->GetPageTag());foreach ($linktable as $to_tag){$lower_to_tag = strtolower($to_tag);if (!$written[$lower_to_tag]){$this->Query("insert into ".$this->config["table_prefix"]."links set from_tag = '".$from_tag."', to_tag = '".mysql_escape_string($to_tag)."'");$written[$lower_to_tag] = 1;}}}}function Header() { return $this->Action($this->GetConfigValue("header_action"), 1); }function Footer() { return $this->Action($this->GetConfigValue("footer_action"), 1); }// FORMSfunction FormOpen($method = "", $tag = "", $formMethod = "post") {/* Debut de la modif ACeditor */// ACEditor: id=\"ACEditor\" name=\"ACEditor\" ci-dessous le if a été ajouté (initialement, seule la ligne du else existait)// si l'url se termine par edit (expression régulière edit$), on est en mode édition et dans ce cas on donne les id et name au formulaire// Sinon surtout pas car ça marche plus dans la mesure ou plusieurs formulaires auraient ces ID et name et dans ce cas// il semble que le dernier soit considéré, c'est à dire pas le bon :o(if (ereg('edit$', $this->href($method, $tag))) {$result = "<form id=\"ACEditor\" name=\"ACEditor\" action=\"".$this->href($method, $tag)."\" method=\"".$formMethod."\">\n";} else {$result = "<form action=\"".$this->href($method, $tag)."\" method=\"".$formMethod."\">\n";}/* fin de la modif ACeditor */if (!$this->config["rewrite_mode"]) $result .= "<input type=\"hidden\" name=\"wiki\" value=\"".$this->MiniHref($method, $tag)."\" />\n";return $result;}function FormClose() {return "</form>\n";}// INTERWIKI STUFFfunction ReadInterWikiConfig() {if ($lines = file("interwiki.conf")){foreach ($lines as $line){if ($line = trim($line)){list($wikiName, $wikiUrl) = explode(" ", trim($line));$this->AddInterWiki($wikiName, $wikiUrl);}}}}function AddInterWiki($name, $url) {$this->interWiki[$name] = $url;}function GetInterWikiUrl($name, $tag) {if (isset($this->interWiki[$name])){return $this->interWiki[$name].$tag;} else {return 'http://'.$tag; //avoid xss by putting http:// in front of JavaScript:()}}// REFERRERSfunction LogReferrer($tag = "", $referrer = "") {// fill valuesif (!$tag = trim($tag)) $tag = $this->GetPageTag();if (!$referrer = trim($referrer) AND isset($_SERVER["HTTP_REFERER"])) $referrer = $_SERVER["HTTP_REFERER"];// check if it's coming from another siteif ($referrer && !preg_match("/^".preg_quote($this->GetConfigValue("base_url"), "/")."/", $referrer)){$this->Query("insert into ".$this->config["table_prefix"]."referrers set "."page_tag = '".mysql_escape_string($tag)."', "."referrer = '".mysql_escape_string($referrer)."', "."time = now()");}}function LoadReferrers($tag = "") {return $this->LoadAll("select referrer, count(referrer) as num from ".$this->config["table_prefix"]."referrers ".($tag = trim($tag) ? "where page_tag = '".mysql_escape_string($tag)."'" : "")." group by referrer order by num desc");}function PurgeReferrers() {if ($days = $this->GetConfigValue("referrers_purge_time")) {$this->Query("delete from ".$this->config["table_prefix"]."referrers where time < date_sub(now(), interval '".mysql_escape_string($days)."' day)");}}// PLUGINSfunction Action($action, $forceLinkTracking = 0){$action = trim($action); $vars=array();// stupid attributes checkif ((stristr($action, "=\"")) || (stristr($action, "/"))){// extract $action and $vars_temp ("raw" attributes)preg_match("/^([A-Za-z0-9]*)\/?(.*)$/", $action, $matches);list(, $action, $vars_temp) = $matches;// match all attributes (key and value)$this->parameter[$vars_temp]=$vars_temp;preg_match_all("/([A-Za-z0-9]*)=\"(.*)\"/U", $vars_temp, $matches);// prepare an array for extract() to work with (in $this->IncludeBuffered())if (is_array($matches)){for ($a = 0; $a < count($matches[1]); $a++){$vars[$matches[1][$a]] = $matches[2][$a];$this->parameter[$matches[1][$a]]=$matches[2][$a];}}}if (!$forceLinkTracking) $this->StopLinkTracking();$result = $this->IncludeBuffered(strtolower($action).".php", "<i>Action inconnue \"$action\"</i>", $vars, $this->config["action_path"]);$this->StartLinkTracking();if (isset($parameter)) unset($this->parameter[$parameter]);unset($this->parameter);return $result;}function Method($method) {if (!$handler = $this->page["handler"]) $handler = "page";$methodLocation = $handler."/".$method.".php";return $this->IncludeBuffered($methodLocation, "<i>Méthode inconnue \"$methodLocation\"</i>", "", $this->config["handler_path"]);}function Format($text, $formatter = "wakka") {return $this->IncludeBuffered("formatters/".$formatter.".php", "<i>Impossible de trouver le formateur \"$formatter\"</i>", compact("text"));}// USERS//============================= Lignes modifiées pour Tela Botanica ===================================function LoadUser($name, $password = 0) { return $this->LoadSingle("select * from ".$this->config["common_table_prefix"]."users where name = '".mysql_escape_string($name)."' ".($password === 0 ? "" : "and password = '".mysql_escape_string($password)."'")." limit 1"); }function LoadUsers() { return $this->LoadAll("select * from ".$this->config["common_table_prefix"]."users order by name"); }//===============================================================================================function GetUserName() { if ($user = $this->GetUser()) $name = $user["name"]; else if (!$name = gethostbyaddr($_SERVER["REMOTE_ADDR"])) $name = $_SERVER["REMOTE_ADDR"]; return $name; }function UserName() { /* deprecated! */ return $this->GetUserName(); }function GetUser() { return (isset($_SESSION["user"]) ? $_SESSION["user"] : '');}function SetUser($user, $remember=0) { $_SESSION["user"] = $user; $this->SetPersistentCookie("name", $user["name"], $remember); $this->SetPersistentCookie("password", $user["password"], $remember); $this->SetPersistentCookie("remember", $remember, $remember); }function LogoutUser() { $_SESSION["user"] = ""; $this->DeleteCookie("name"); $this->DeleteCookie("password"); }function UserWantsComments() { if (!$user = $this->GetUser()) return false; return ($user["show_comments"] == "Y"); }function GetParameter($parameter, $default = '') { return (isset($this->parameter[$parameter]) ? $this->parameter[$parameter] : $default); }// COMMENTSfunction LoadComments($tag) { return $this->LoadAll("select * from ".$this->config["table_prefix"]."pages where comment_on = '".mysql_escape_string($tag)."' and latest = 'Y' order by time"); }function LoadRecentComments() { return $this->LoadAll("select * from ".$this->config["table_prefix"]."pages where comment_on != '' and latest = 'Y' order by time desc"); }function LoadRecentlyCommented($limit = 50) {// NOTE: this is really stupid. Maybe my SQL-Fu is too weak, but apparently there is no easier way to simply select// all comment pages sorted by their first revision's (!) time. ugh!// load ids of the first revisions of latest comments. err, huh?$pages=array();$comments=array();if ($ids = $this->LoadAll("select min(id) as id from ".$this->config["table_prefix"]."pages where comment_on != '' group by tag order by id desc")){// load complete commentsforeach ($ids as $id){$comment = $this->LoadSingle("select * from ".$this->config["table_prefix"]."pages where id = '".$id["id"]."' limit 1");$num=0;if (!isset($comments[$comment["comment_on"]])) $comments[$comment["comment_on"]]='';if (!$comments[$comment["comment_on"]] && $num < $limit){$comments[$comment["comment_on"]] = $comment;$num++;}}// now load pagesif ($comments){// now using these ids, load the actual pagesforeach ($comments as $comment){$page = $this->LoadPage($comment["comment_on"]);$page["comment_user"] = $comment["user"];$page["comment_time"] = $comment["time"];$page["comment_tag"] = $comment["tag"];$pages[] = $page;}}}// load tags of pages//return $this->LoadAll("select comment_on as tag, max(time) as time, tag as comment_tag, user from ".$this->config["table_prefix"]."pages where comment_on != '' group by comment_on order by time desc");return $pages;}// ACCESS CONTROL// returns true if logged in user is owner of current page, or page specified in $tagfunction UserIsOwner($tag = "") {// check if user is logged inif (!$this->GetUser()) return false;// set default tagif (!$tag = trim($tag)) $tag = $this->GetPageTag();// check if user is ownerif ($this->GetPageOwner($tag) == $this->GetUserName()) return true;}function GetPageOwner($tag = "", $time = "") { if (!$tag = trim($tag)) $tag = $this->GetPageTag(); if ($page = $this->LoadPage($tag, $time)) return $page["owner"]; }function SetPageOwner($tag, $user) {// check if user existsif (!$this->LoadUser($user)) return;// updated latest revision with new owner$this->Query("update ".$this->config["table_prefix"]."pages set owner = '".mysql_escape_string($user)."' where tag = '".mysql_escape_string($tag)."' and latest = 'Y' limit 1");}function LoadAcl($tag, $privilege, $useDefaults = 1) {if ((!$acl = $this->LoadSingle("select * from ".$this->config["table_prefix"]."acls where page_tag = '".mysql_escape_string($tag)."' and privilege = '".mysql_escape_string($privilege)."' limit 1")) && $useDefaults){$acl = array("page_tag" => $tag, "privilege" => $privilege, "list" => $this->GetConfigValue("default_".$privilege."_acl"));}return $acl;}function SaveAcl($tag, $privilege, $list) {if ($this->LoadAcl($tag, $privilege, 0)) $this->Query("update ".$this->config["table_prefix"]."acls set list = '".mysql_escape_string(trim(str_replace("\r", "", $list)))."' where page_tag = '".mysql_escape_string($tag)."' and privilege = '".mysql_escape_string($privilege)."' limit 1");else $this->Query("insert into ".$this->config["table_prefix"]."acls set list = '".mysql_escape_string(trim(str_replace("\r", "", $list)))."', page_tag = '".mysql_escape_string($tag)."', privilege = '".mysql_escape_string($privilege)."'");}// returns true if $user (defaults to current user) has access to $privilege on $page_tag (defaults to current page)function HasAccess($privilege, $tag = "", $user = "") {// set defaultsif (!$tag = trim($tag)) $tag = $this->GetPageTag();if (!$user = $this->GetUserName());// load acl$acl = $this->LoadAcl($tag, $privilege);// if current user is owner, return true. owner can do anything!if ($this->UserIsOwner($tag)) return true;// fine fine... now go through aclforeach (explode("\n", $acl["list"]) as $line){$line = trim($line);// check for inversion character "!"if (preg_match("/^[!](.*)$/", $line, $matches)){$negate = 1;$line = $matches[1];}else{$negate = 0;}// if there's still anything left... lines with just a "!" don't count!if ($line){switch ($line[0]){// commentscase "#":break;// everyonecase "*":return !$negate;// aha! a user entry.case "+":if (!$this->LoadUser($user)){return $negate;}else{return !$negate;}default:if ($line == $user){return !$negate;}}}}// tough luck.return false;}// MAINTENANCEfunction Maintenance() {// purge referrers$this->PurgeReferrers();// purge old page revisions$this->PurgePages();}// THE BIG EVIL NASTY ONE!function Run($tag, $method = "") {if(!($this->GetMicroTime()%3)) $this->Maintenance();$this->ReadInterWikiConfig();// do our stuff!if (!$this->method = trim($method)) $this->method = "show";if (!$this->tag = trim($tag)) $this->Redirect($this->href("", $this->config["root_page"]));if ((!$this->GetUser() && isset($_COOKIE["name"])) && ($user = $this->LoadUser($_COOKIE["name"], $_COOKIE["password"]))) $this->SetUser($user, $_COOKIE["remember"]);$this->SetPage($this->LoadPage($tag, (isset($_REQUEST["time"]) ? $_REQUEST["time"] :'')));$this->LogReferrer();//correction pour un support plus facile de nouveaux handlersprint($this->Method($this->method));}}// stupid version checkif (!isset($_REQUEST)) die('$_REQUEST[] not found. Wakka requires PHP 4.1.0 or higher!');// workaround for the amazingly annoying magic quotes.function magicQuotesSuck(&$a){if (is_array($a)){foreach ($a as $k => $v){if (is_array($v))magicQuotesSuck($a[$k]);else$a[$k] = stripslashes($v);}}}set_magic_quotes_runtime(0);if (get_magic_quotes_gpc()){magicQuotesSuck($_POST);magicQuotesSuck($_GET);magicQuotesSuck($_COOKIE);}// default configuration values$wakkaConfig= array();$wakkaDefaultConfig = array('wakka_version' => '','wikini_version' => '','debug' => 'no',"mysql_host" => "localhost","mysql_database" => "wikini","mysql_user" => "wikini","mysql_password" => '',"table_prefix" => "wikini_","root_page" => "PagePrincipale","wakka_name" => "MonSiteWikiNi","base_url" => "http://".$_SERVER["SERVER_NAME"].($_SERVER["SERVER_PORT"] != 80 ? ":".$_SERVER["SERVER_PORT"] : "").$_SERVER["REQUEST_URI"].(preg_match("/".preg_quote("wakka.php")."$/", $_SERVER["REQUEST_URI"]) ? "?wiki=" : ""),"rewrite_mode" => (preg_match("/".preg_quote("wakka.php")."$/", $_SERVER["REQUEST_URI"]) ? "0" : "1"),'meta_keywords' => '','meta_description' => '',"action_path" => "actions","handler_path" => "handlers","header_action" => "header","footer_action" => "footer","navigation_links" => "DerniersChangements :: DerniersCommentaires :: ParametresUtilisateur","referrers_purge_time" => 24,"pages_purge_time" => 90,"default_write_acl" => "*","default_read_acl" => "*","default_comment_acl" => "*","menu_page" => "PageMenu","preview_before_save" => "0");// load configif (!$configfile = GetEnv("WAKKA_CONFIG")) $configfile = "wakka.config.php";if (file_exists($configfile)) include($configfile);$wakkaConfigLocation = $configfile;$wakkaConfig = array_merge($wakkaDefaultConfig, $wakkaConfig);// check for lockingif (file_exists("locked")) {// read password from lockfile$lines = file("locked");$lockpw = trim($lines[0]);// is authentification given?if (isset($_SERVER["PHP_AUTH_USER"])) {if (!(($_SERVER["PHP_AUTH_USER"] == "admin") && ($_SERVER["PHP_AUTH_PW"] == $lockpw))) {$ask = 1;}} else {$ask = 1;}if ($ask) {header("WWW-Authenticate: Basic realm=\"".$wakkaConfig["wakka_name"]." Install/Upgrade Interface\"");header("HTTP/1.0 401 Unauthorized");echo "Ce site est en cours de mise à jour. Veuillez essayer plus tard." ;exit;}}// compare versions, start installer if necessaryif ($wakkaConfig["wakka_version"] && (!$wakkaConfig["wikini_version"])) { $wakkaConfig["wikini_version"]=$wakkaConfig["wakka_version"]; }if (($wakkaConfig["wakka_version"] != WAKKA_VERSION) || ($wakkaConfig["wikini_version"] != WIKINI_VERSION)) {// start installerif (!isset($_REQUEST["installAction"]) OR !$installAction = trim($_REQUEST["installAction"])) $installAction = "default";include("setup/header.php");if (file_exists("setup/".$installAction.".php")) include("setup/".$installAction.".php"); else echo "<i>Invalid action</i>" ;include("setup/footer.php");exit;}// configuration du cookie de session//determine le chemin pour le cookie$a = parse_url($wakkaConfig['base_url']);$CookiePath = dirname($a['path']);if ($CookiePath != '/') $CookiePath .= '/';$a = session_get_cookie_params();session_set_cookie_params($a['lifetime'],$CookiePath);unset($a);unset($CookiePath);// start sessionsession_start();// fetch wakka locationif (!isset($_REQUEST["wiki"])) $_REQUEST["wiki"] = '';$wiki = $_REQUEST["wiki"];// remove leading slash$wiki = preg_replace("/^\//", "", $wiki);// split into page/methodif (preg_match("#^(.+?)/([A-Za-z0-9_]*)$#", $wiki, $matches)) list(, $page, $method) = $matches;else if (preg_match("#^(.*)$#", $wiki, $matches)) list(, $page) = $matches;// create wiki object$wiki = new Wiki($wakkaConfig);// check for database accessif (!$wiki->dblink){echo "<p>Pour des raisons indépendantes de notre volonté, le contenu de ce Wiki est temporairement inaccessible. Veuillez réessayer ultérieurement, merci de votre compréhension.</p>";exit;}function compress_output($output){return gzencode($output);}// Check if the browser supports gzip encoding, HTTP_ACCEPT_ENCODINGif (strstr ($HTTP_SERVER_VARS['HTTP_ACCEPT_ENCODING'], 'gzip') && function_exists('gzencode') ){// Start output buffering, and register compress_output() (see// below)ob_start ("compress_output");// Tell the browser the content is compressed with gzipheader ("Content-Encoding: gzip");}// go!if (!isset($method)) $method='';// Security (quick hack) : Check method syntaxif (!(preg_match('#^[A-Za-z0-9_]*$#',$method))) {$method='';}$wiki->Run($page, $method);?>