Ros-diffs December 2005

ros-diffs@reactos.org

40 participants
704 discussions

[turner] 19946: Change version and make DBG=0

by turner＠svn.reactos.com

Change version and make DBG=0 Modified: branches/ros-branch-0_2_9/config.template.xml Modified: branches/ros-branch-0_2_9/include/reactos/version.h _____ Modified: branches/ros-branch-0_2_9/config.template.xml --- branches/ros-branch-0_2_9/config.template.xml 2005-12-07 09:20:22 UTC (rev 19945) +++ branches/ros-branch-0_2_9/config.template.xml 2005-12-07 13:09:01 UTC (rev 19946) @@ -48,4 +48,4 @@ Whether to compile for debugging. No compiler optimizations will be performed. --> -<property name="DBG" value="1" /> +<property name="DBG" value="0" /> _____ Modified: branches/ros-branch-0_2_9/include/reactos/version.h --- branches/ros-branch-0_2_9/include/reactos/version.h 2005-12-07 09:20:22 UTC (rev 19945) +++ branches/ros-branch-0_2_9/include/reactos/version.h 2005-12-07 13:09:01 UTC (rev 19946) @@ -18,11 +18,11 @@ #define __VERSION_H #define KERNEL_VERSION_MAJOR 0 -#define KERNEL_VERSION_MINOR 3 -#define KERNEL_VERSION_PATCH_LEVEL 0 +#define KERNEL_VERSION_MINOR 2 +#define KERNEL_VERSION_PATCH_LEVEL 9 /* KERNEL_VERSION_BUILD_TYPE is L"SVN", L"RC1", L"RC2" or L"RELEASE" */ -#define KERNEL_VERSION_BUILD_TYPE L"SVN" +#define KERNEL_VERSION_BUILD_TYPE L"RC1" #endif

18 years, 9 months

[gvg] 19945: Finish vendor import

by gvg＠svn.reactos.com

Finish vendor import Deleted: vendor/mediawiki/1.4.8/ Added: vendor/mediawiki/1.5.3/ Deleted: vendor/mediawiki/1.5.3/.cvsignore Added: vendor/mediawiki/1.5.3/.cvsignore Deleted: vendor/mediawiki/1.5.3/AdminSettings.sample Added: vendor/mediawiki/1.5.3/AdminSettings.sample Deleted: vendor/mediawiki/1.5.3/HISTORY Added: vendor/mediawiki/1.5.3/HISTORY Deleted: vendor/mediawiki/1.5.3/INSTALL Added: vendor/mediawiki/1.5.3/INSTALL Deleted: vendor/mediawiki/1.5.3/README Added: vendor/mediawiki/1.5.3/README Deleted: vendor/mediawiki/1.5.3/RELEASE-NOTES Added: vendor/mediawiki/1.5.3/RELEASE-NOTES Deleted: vendor/mediawiki/1.5.3/UPGRADE Added: vendor/mediawiki/1.5.3/UPGRADE Deleted: vendor/mediawiki/1.5.3/Version.php Deleted: vendor/mediawiki/1.5.3/config/index.php Added: vendor/mediawiki/1.5.3/config/index.php Added: vendor/mediawiki/1.5.3/docs/README Deleted: vendor/mediawiki/1.5.3/docs/deferred.doc Added: vendor/mediawiki/1.5.3/docs/deferred.txt Deleted: vendor/mediawiki/1.5.3/docs/design.doc Added: vendor/mediawiki/1.5.3/docs/design.txt Added: vendor/mediawiki/1.5.3/docs/export-0.1.xsd Added: vendor/mediawiki/1.5.3/docs/export-0.2.xsd Added: vendor/mediawiki/1.5.3/docs/export-0.3.xsd Added: vendor/mediawiki/1.5.3/docs/export-demo.xml Deleted: vendor/mediawiki/1.5.3/docs/globals.doc Added: vendor/mediawiki/1.5.3/docs/globals.txt Deleted: vendor/mediawiki/1.5.3/docs/hooks.doc Added: vendor/mediawiki/1.5.3/docs/hooks.txt Deleted: vendor/mediawiki/1.5.3/docs/language.doc Added: vendor/mediawiki/1.5.3/docs/language.txt Deleted: vendor/mediawiki/1.5.3/docs/linkcache.doc Added: vendor/mediawiki/1.5.3/docs/linkcache.txt Deleted: vendor/mediawiki/1.5.3/docs/memcached.doc Added: vendor/mediawiki/1.5.3/docs/memcached.txt Deleted: vendor/mediawiki/1.5.3/docs/schema.doc Added: vendor/mediawiki/1.5.3/docs/schema.txt Deleted: vendor/mediawiki/1.5.3/docs/skin.doc Added: vendor/mediawiki/1.5.3/docs/skin.txt Deleted: vendor/mediawiki/1.5.3/docs/title.doc Added: vendor/mediawiki/1.5.3/docs/title.txt Deleted: vendor/mediawiki/1.5.3/docs/user.doc Added: vendor/mediawiki/1.5.3/docs/user.txt Deleted: vendor/mediawiki/1.5.3/img_auth.php Added: vendor/mediawiki/1.5.3/img_auth.php Deleted: vendor/mediawiki/1.5.3/includes/Article.php Added: vendor/mediawiki/1.5.3/includes/Article.php Deleted: vendor/mediawiki/1.5.3/includes/AuthPlugin.php Added: vendor/mediawiki/1.5.3/includes/AuthPlugin.php Added: vendor/mediawiki/1.5.3/includes/BagOStuff.php Deleted: vendor/mediawiki/1.5.3/includes/Block.php Added: vendor/mediawiki/1.5.3/includes/Block.php Deleted: vendor/mediawiki/1.5.3/includes/BlockCache.php Added: vendor/mediawiki/1.5.3/includes/BlockCache.php Deleted: vendor/mediawiki/1.5.3/includes/CacheManager.php Added: vendor/mediawiki/1.5.3/includes/CacheManager.php Deleted: vendor/mediawiki/1.5.3/includes/CategoryPage.php Added: vendor/mediawiki/1.5.3/includes/CategoryPage.php Deleted: vendor/mediawiki/1.5.3/includes/ChangesList.php Added: vendor/mediawiki/1.5.3/includes/ChangesList.php Deleted: vendor/mediawiki/1.5.3/includes/Credits.php Added: vendor/mediawiki/1.5.3/includes/Credits.php Deleted: vendor/mediawiki/1.5.3/includes/Database.php Added: vendor/mediawiki/1.5.3/includes/Database.php Deleted: vendor/mediawiki/1.5.3/includes/DatabaseFunctions.php Added: vendor/mediawiki/1.5.3/includes/DatabaseFunctions.php Deleted: vendor/mediawiki/1.5.3/includes/DatabasePostgreSQL.php Added: vendor/mediawiki/1.5.3/includes/DatabasePostgreSQL.php Deleted: vendor/mediawiki/1.5.3/includes/DateFormatter.php Added: vendor/mediawiki/1.5.3/includes/DateFormatter.php Deleted: vendor/mediawiki/1.5.3/includes/DefaultSettings.php Added: vendor/mediawiki/1.5.3/includes/DefaultSettings.php Deleted: vendor/mediawiki/1.5.3/includes/Defines.php Added: vendor/mediawiki/1.5.3/includes/Defines.php Deleted: vendor/mediawiki/1.5.3/includes/DifferenceEngine.php Added: vendor/mediawiki/1.5.3/includes/DifferenceEngine.php Deleted: vendor/mediawiki/1.5.3/includes/EditPage.php Added: vendor/mediawiki/1.5.3/includes/EditPage.php Added: vendor/mediawiki/1.5.3/includes/Exif.php Added: vendor/mediawiki/1.5.3/includes/ExternalEdit.php Deleted: vendor/mediawiki/1.5.3/includes/ExternalStoreDB.php Added: vendor/mediawiki/1.5.3/includes/ExternalStoreDB.php Deleted: vendor/mediawiki/1.5.3/includes/Feed.php Added: vendor/mediawiki/1.5.3/includes/Feed.php Deleted: vendor/mediawiki/1.5.3/includes/FulltextStoplist.php Added: vendor/mediawiki/1.5.3/includes/FulltextStoplist.php Deleted: vendor/mediawiki/1.5.3/includes/GlobalFunctions.php Added: vendor/mediawiki/1.5.3/includes/GlobalFunctions.php Deleted: vendor/mediawiki/1.5.3/includes/Group.php Added: vendor/mediawiki/1.5.3/includes/Group.php Deleted: vendor/mediawiki/1.5.3/includes/HTMLForm.php Added: vendor/mediawiki/1.5.3/includes/HTMLForm.php Deleted: vendor/mediawiki/1.5.3/includes/HistoryBlob.php Added: vendor/mediawiki/1.5.3/includes/HistoryBlob.php Deleted: vendor/mediawiki/1.5.3/includes/Hooks.php Added: vendor/mediawiki/1.5.3/includes/Hooks.php Added: vendor/mediawiki/1.5.3/includes/HttpFunctions.php [truncated at 100 lines; 683 more skipped] _____ Copied: vendor/mediawiki/1.5.3 (from rev 19934, vendor/mediawiki/current) _____ Deleted: vendor/mediawiki/1.5.3/.cvsignore --- vendor/mediawiki/current/.cvsignore 2005-12-06 19:30:16 UTC (rev 19934) +++ vendor/mediawiki/1.5.3/.cvsignore 2005-12-07 09:20:22 UTC (rev 19945) @@ -1,8 +0,0 @@ -LocalSettings.php -AdminSettings.php -*~ -bin -.classpath -.project -project.index -.metadata* _____ Copied: vendor/mediawiki/1.5.3/.cvsignore (from rev 19939, vendor/mediawiki/current/.cvsignore) _____ Deleted: vendor/mediawiki/1.5.3/AdminSettings.sample --- vendor/mediawiki/current/AdminSettings.sample 2005-12-06 19:30:16 UTC (rev 19934) +++ vendor/mediawiki/1.5.3/AdminSettings.sample 2005-12-07 09:20:22 UTC (rev 19945) @@ -1,26 +0,0 @@ -<?php -/** - * This file should be copied to AdminSettings.php, and modified - * to reflect local settings. It is required for the maintenance - * scripts which run on the command line, as an extra security - * measure to allow using a separate user account with higher - * privileges to do maintenance work. - * - * Developers: Do not check AdminSettings.php into CVS! - * - * @package MediaWiki - */ - -/* - * This data is used by all database maintenance scripts - * (see directory maintenance/). The SQL user MUST BE - * MANUALLY CREATED or set to an existing user with - * necessary permissions. - * - * This is not to be confused with sysop accounts for the - * wiki. - */ -$wgDBadminuser = 'wikiadmin'; -$wgDBadminpassword = 'adminpass'; - -?> _____ Copied: vendor/mediawiki/1.5.3/AdminSettings.sample (from rev 19939, vendor/mediawiki/current/AdminSettings.sample) _____ Deleted: vendor/mediawiki/1.5.3/HISTORY --- vendor/mediawiki/current/HISTORY 2005-12-06 19:30:16 UTC (rev 19934) +++ vendor/mediawiki/1.5.3/HISTORY 2005-12-07 09:20:22 UTC (rev 19945) @@ -1,652 +0,0 @@ -Change notes from older releases. For current info see RELEASE-NOTES. - -Security reminder: MediaWiki does not require PHP's register_globals -setting since version 1.2.0. If you have it on, turn it *off* if you can. - -== Version 1.3.11, 2005-02-20 == - -MediaWiki 1.3.11 is a security release. - -A security audit found and fixed a number of problems. Users of MediaWiki -1.3.10 and earlier should upgrade to 1.3.11; users of 1.4 beta releases -should upgrade to 1.4rc1. - - -=== Cross-site scripting vulnerability === - -XSS injection points can be used to hijack session and authentication -cookies as well as more serious attacks. - -* Media: links output raw text into an attribute value, potentially - abusable for JavaScript injection. This has been corrected. -* Additional checks added to file upload to protect against MSIE and - Safari MIME-type autodetection bugs. - -As of 1.3.10/1.4beta6, per-user customized CSS and JavaScript is disabled -by default as a general precaution. Sites which want this ability may set -$wgAllowUserCss and $wgAllowUserJs in LocalSettings.php. - - -=== Cross-site request forgery === - -An attacker could use JavaScript-submitted forms to perform various -restricted actions by tricking an authenticated user into visiting -a malicious web page. A fix for page editing in 1.3.10/1.4beta6 has -been expanded in this release to other forms and functions. - -Authors of bot tools may need to update their code to include the -additional fields. - - -=== Directory traversal === - -An unchecked parameter in image deletion could allow an authenticated -administrator to delete arbitary files in directories writable by the -web server, and confirm existence of files not deletable. - - -== Version 1.3.10, 2005-02-03 == - -MediaWiki 1.3.10 is a security release. - -An attacker could craft a URL which, when visited by a particular -logged-in user, would execute arbitrary JavaScript code on the user's -browser in the wiki's site context. This attack has been blocked, and as -an extra precaution the user CSS and JavaScript subpage support is now -disabled by default. Sites which want this ability may set $wgAllowUserCss -and $wgAllowUserJs in LocalSettings.php. - -Additional protections have been added against off-site form submissions -hijacking user credentials. Authors of bot tools may need to update their -code to include additional fields. - -All wikis running 1.3.x are strongly urged to upgrade to 1.3.10. - -Changes from 1.3.9: -* Logged-in edits and preview of user CSS/JS are now locked to a session token. -* Per-user CSS and JavaScript subpage customizations now disabled by default. - They can be re-enabled via $wgAllowUserJs and $wgAllowUserCss. -* Removed .ogg from the default uploads whitelist as an extra precaution. - If your web server is configured to serve Ogg files with the correct - Content-Type header, you can re-add it in LocalSettings.php: - $wgFileExtensions[] = 'ogg'; - - - -== Version 1.3.9, 2004-12-12 == - -MediaWiki 1.3.9 is a security and bug fix release. - -A flaw in upload handling has been found which may allow upload and -execution of arbitrary scripts with the permissions of the web server. -Only wikis that have enabled uploads and have a vulnerable Apache -configuration will be affected, but to be safe all wikis should upgrade. - -Wikis with uploads available should either disable uploads or upgrade to -1.3.9 immediately; if other files are customized and require merging -changes, includes/SpecialUpload.php may be replaced individually to add -the fix. - -(It is also recommended to configure your web server to disable script -execution in the 'images' subdirectory where uploads are placed, which -prevents most attacks even if the wiki fails.) - -Changes from 1.3.8: -* Backported "Templates used in this page"-feature of EditPage -* Allow "MySkin" as a default skin. -* (bug 938) Parse namespaces correctly on self-interwiki links -* (bug 1010) fix broken Commons image link on Classic & Cologne Blue -* (bug 1004) Norsk language names for interwiki links changed, - Nauruan language name changed -* Enhance upload extension blacklist to protect against vulnerable - Apache configurations - - -== Version 1.3.8, 2004-11-15 == - -MediaWiki 1.3.8 is a bugfix release. Those running wikis with uploads -enabled are strongly recommended to upgrade as this fixes several problems -with overwriting previously-uploaded files. - -Changes from 1.3.7: -* (bug 506) fix array_key_exists() warning for IIS servers using - ISAPI mode -* (bug 718) fix bad charset in (file) cached pages -* use local numerals in category page (for Hindi et al) -* alias month abbreviations to month names in Hindi -* add localized numerals for Gujarati and Kannada -* fix Category and project namespaces for Hindi -* Don't output bogus timestamp on Special:Recentchanges if no entries -* Correct template include path which broke some but not all Windows installs -* Fix edit form submission problem with some PHP versions -* Disallow unreachable titles with %XX hex codes -* Allow page [[0]] to be renamed -* (bug 774) when saving with section=new, return to the anchor as with - existing numbered section edits -* Experimental shared upload overlay area (disabled by default) -* (bug 806) Removed some "Wikipedia" hardcoding in German localization -* User option localization fix for some extensions -* (bug 809) now try to load the mysql php extension if it isn't loaded -* (bug 848) fix error message in Special:Newpages RSS and Atom feeds -* (bug 26) fix cache headers on anon talk page notification -* (bug 874) added 'cgi' to wgFileBlacklist -* (bug 862) localize date and time format for Finnish -* (bug 548) Don't overwrite images until the user confirms it - - -== Version 1.3.7, 2004-10-18 == -Changes from 1.3.6: -* Fix protected-page related security issue. - - -== Version 1.3.6, 2004-10-14 == - -Changes from 1.3.5: -* (bug 296) Variables in user interface messages are no longer substituted - at install time, so changes to the site name etc should be easier to make -* (bug 149) Special:Recentchanges "changes from" link preserves limit -* (bug 433) tooltip for "Undelete" tab now labeled correctly -* (bug 439) unclickable "Move" tab no longer displays on protected pages -* (bug 484) graceful deletion of images where the actual file is missing -* (bug 686) fixed [[plural]]s in Catalan localization -* Fixed potential HTML/JavaScript injection attack in the UnicodeConverter - extension. (This extension is not enabled by default.) -* Fixed potential HTML/JavaScript injection attack via raw page views to - a maliciously crafted wiki page. -* (bug 187, bug 669) Fixed centered thumbnails, using <div> instead of - <span>. -* catch MySQL error 2000 during installation. -* (bug 704) Removed misleading LocalSettings.sample -* Fix cross site scripting bugs in SpecialIpblocklist, SpecialEmailuser -* Fix SQL injection and cross site scripting bugs in SpecialMaintenance -* Fix cross site scripting bugs and possible filename validation vulnerability - in ImagePage. -* and more of that sort - - -== Version 1.3.5, 2004-09-30 == - -Changes from 1.3.4: -* Clean up input validation in 'raw' page output mode which was a potential - cross-site scripting opportunity. - - -== Version 1.3.4, 2004-09-28 == - -************************** SECURITY NOTE! ****************************** - -As of 1.3.4, MediaWiki performs some screening of newly uploaded files for -validity. (Some) corrupt image files, and HTML files mistakenly or -maliciously masquerading as images, should now be rejected. - -These checks protect against Internet Explorer security holes relating -to type autodetection which are a potential cross-site scripting attack -vector, and also rejects at least one known version of the "JPEG virus" -which might attack unpatched clients. - -If you already have invalid files uploaded this will not protect against -them. If you have expanded the filetype whitelist or disabled the strict -type checking, other dangerous file types may still get through. You should -always be careful when allowing uploads! - - -Changes from 1.3.3: -* Fixed lots of template-related bugs, esp. for cases where template - variables are used for links, images, etc. -* Fixed transformation of page messages when viewing Special:Allmessages -* Handle "ISBN ISBN 1234" correctly -* Fixed warning on Category pages -* Fixed some bad error messages on login page -* Fixed history entry for initial main page on install -* Removed problematic { and } from legal title characters -* Strip leading blank from output in preformated text. -* Fixed problem when moving pages to titles with '#' in -* Optional $wgRawHtml for raw <html> sections. Use only on limited- - participation 'trusted' wikis, as it does not protect against cross-site - scripting attacks. For security, this option can only be enabled if in - $wgWhitelistEdit mode. -* Fixed problem where pages which were created as a redirect following - a move never showed on Special:Randompage. -* Fixed line spacing on printed table of contents -* Allow links to pages with names of the form [[RFC 1234]] -* Fixed broken edit links being shown for sections from included templates -* Verify that uploaded image files are of the claimed type. - - -== Version 1.3.3, 2004-09-09 == - -Changes from 1.3.2: -* Fix for long numeric page titles -* Fix Go search for "0", numeric almost-self-links -* Avoid caching of pages with "You have new messages" headers -* Fix for upgrades as non-root users from 1.2 command-line installs. -* Fix for $wgDebugDumpSql debug mode. -* $wgExtraNamespaces setting for configuring additional namespaces - (see note in DefaultSettings.php) -* 'recache' on query pages now disabled when miser mode is on; special case the - global settings in your LocalSettings.php to do automatic updates. -* Don't block UTF-8 titles containing byte 0xA0 (bug added in 1.3.2) -* Watch/unwatch tabs now shown on edit pages in MonoBook. -* Fix default skin in Irish localization (ga) -* Add Traditional Chinese localization (zh-tw) -* Changed default sortkey of subcategories. Don't include "Category:"-prefix - any longer -* More helpful info on spam catcher. -* Allow larger offsets for queries such as Special:Listusers -* Semicolon (;) added to French non-break space rules -* Possible fix for some install errors with path names permission problems. -* Removed [[Project:All system messages]], which has been superceded by - the much faster [[Special:Allmessages]]. This speeds up installation - considerably. - -== Version 1.3.2, 2004-08-30 == - -Changes from 1.3.1: -* Fix namespaced page creation links when no go match -* When cookies are disabled, don't show login screen twice -* Install should no longer die when PHP is pre-configured to compress output -* Fixed bug that caused long Japanese pages to time out with Tidy active -* When session.handler is set incorrectly, try automatic override to 'files' -* Watch/Unwatch links back to the affected page instead of Main Page -* Upload link no longer displayed on Monobook if uploading is disabled -* Special:Allmessages faster, shows correct original text, works in safe mode - - -== Version 1.3.1, 2004-08-14 == - -Changes from 1.3.0: -* Watchlist parameters now work with register_globals off -* Fixed parsing of ''italics'' and '''bold''' mark-up (again) -* Special:Allpages display is more sensible on smaller wikis -* Fixed XHTML parsing error in classic skins -* Moved pages update watchlist correctly -* Fixed rebuildall.php on case-sensitive Unix filesystems -* Disabled file cache compression by default due to incompatibility - with output buffer compression (ob_gzhandler) -* New magic word PAGENAMEE (URL-escaped version of PAGENAME) -* Installation avoids blank username; better message on missing XML module -* $wgWhitelistAccount no longer breaks all logins. - -== Version 1.3.0, 2004-08-11 == - -Look & layout: -* New default layout 'MonoBook' (available on PHP4 only currently) -* Print stylesheet now built-in to every page -* More or less correct XHTML 1.0 (served as text/html by default) - -Wiki features: -* Image captions can now include links and other basic formatting -* Image bounding box can be specified instead of width, e.g. as - 100x100px, making the image not wider than 100px and not higher - than 100px, keeping aspect ratio. -* Templates have been expanded with parameters, and separated from - the MediaWiki: localization scheme. -* Categories more or less work -* added a special page for listing users with sysop rights. - -Editing: -* Automatic merging of edit conflicts that don't directly interfere -* Edit summaries can now include basic formatting and links - -Metadata and output: -* Linked Creative Commons copyright metadata (optional) -* RSS 2.0 & Atom 0.3 feeds for Recent Changes, New Pages - -Optional modules: -* WikiHiero hieroglyphic module can be added (separate download) -* Timeline module can be added (separate download). - Requires ploticus. -* TeX now has an experimental MathML output mode (incomplete!) - -Installation and upgrading: -* The old install.php and update.php have been removed. In-place - installation introduced in 1.2 is now the standard installation - and upgrade method, see INSTALL and UPGRADE for directions. - -Database: -* The links table has been changed to use a cur_id for l_from. - The link tables must be converted on upgrade, which may entail - some downtime. - -Code and compatibility: -* Should now run clean with error reporting set to E_ALL. -* register_globals hack from 1.2 has been replaced with safer code -* Bundled PHPTAL 0.7.0 from http://phptal.sourceforge.net/ - (with some patches) -* Most image-related code moved to Image.php -* More fixes for PHP 4.1.2 (thanks to Asheesh Laroia) -* URL encoding fix for anchors -* All languages now available in UTF-8 mode -* Various other fixes - -=== Caveats === - -Some output, particularly involving user-supplied inline HTML, may not -produce 100% valid or well-formed XHTML output. Testers are welcome to -set $wgMimeType = "application/xhtml+xml"; to test for remaining problem -cases, but this is not recommended on live sites. (This must be set for -MathML to display properly in Mozilla.) - -The new 'MonoBook' skin is not compatible with PHP 5 due to bugs in the -underlying PHPTAL library. It will be automatically disabled when running -on PHP5; the older look and feel will be used instead. - - -== Version 1.2.6, 2004-05-24 == -* Spam blocker ($wgSpamRegex - refuses to save edits that match) -* Updated documentation about $wgWhitelistRead -* Ensure that searchindex table is created as MyISAM -* Interwiki cache timeout (memcached) -* Fix uploads on Windows with magic_quotes_gpc -* Some config fixes for Windows (slashes etc) -* Local interwiki URL redirects -* Fixed obscure deletion problem in squid mode on corrupt entries -* Language files updated to remove more hard-coded "Wikipedia" strings - -== Version 1.2.5, 2004-05-01 == -* Fixed install problem with blank root password -* Fixed Special:Emailuser/Username links -* Fixed main-page edit links on fuzzy search results -* Fixed wikipedia-interwiki.sql -* Fixed install with apache2filter (ugly URLs) -* IP in 'go' search brings up contributions -* Switch from broken & to ? on top-level wiki URL hack - -== Version 1.2.4, 2004-04-13 == - -* Fixed edit toolbar in Mozilla -* Diff links in Contributions for 'top' edits -* Fixed Nostalgia skin drop-down for register_globals off -* Backported optional open proxy blocker -* Backported $wgWhitelistRead -* $wgCapitalLinks option to force full case sensitivity in titles -* Cleaned up error handling when can't talk to database -* Disabled unsafe command-line installer (remove the "die()" call to use) - -== Version 1.2.3, 2004-04-02 == - -* Fixed an in-place install bug with non-root MySQL user -* Fixed history diff checkboxes bug on titles with ampersands -* Fixed printable link bug on special pages with parameters -* Fixed bug that broke IP blocking w/o memcached -* Turns off E_NOTICE warnings if PHP settings have them on - (you can grope in and turn this off if you like to debug) - -== Version 1.2.2, 2004-03-28 == - -* Fixed an upgrade bug introduced in 1.2.1. -* Disabled $wgUseCategoryMagic, which feature is incomplete broken - -== Version 1.2.1, 2004-03-27 == - -Installation, compatibility, security fixlets: -* Detect use of PHP as CGI and disable index.php/Title URLs -* Try to auto-create math tmp & output directories if not present -* Disable Asksql in default install ($wgAllowSysopQueries) -* Better handling of get_magic_quotes_gpc (apostrophe problems) -* French localisation no longer hard-codes "Wikipedia" name - -== Version 1.2.0 == - -New features in 1.2: -* Image resizing/thumbnail generation -* Stricter upload file extension blacklist and whitelist options -* More flexible blocking system; time period may be set -* Handier sysop account management. An account marked "bureaucrat" - may assign sysop access to other accounts via Special:Makesysop. - (The exact details of this may change in the future) -* Support for a squid cache with explicit purging of cached anon pages -* Optional compression of old revision text (requires zlib support) -* Fuzzy title search (experimental, requires memcached) -* Page rendering cache (experimental) -* Editing toolbar to demonstrate wiki syntax to newbies - (off by default in user preferences) -* Support for authenticated SMTP outgoing e-mail (experimental) -* It's now possible to assign sysop accounts from within the wiki. - An account with this ability must be labeled with the "bureaucrat" - privilege, such as the 'Developer' account created by the install. - -Fixes and tweaks: -* Now works with register_globals off! -* Works with short tags disabled. -* Should work out of the box on MySQL 3.2.x again. On 4.x set - $wgEnablePersistentLC = true; to turn on the link cache table - for a slight rendering speed boost. -* rebuildMessages.php can now selectively update new messages, or - overwrite everything. -* Various bug fixes. -* Other stuff we forgot. -* Documentation more out of date than ever before! - -=== Behavior changes === - -* wiki.phtml and redirect.phtml are now renamed to index.php and redirect.php - The old names are provided too for compatibility, but make sure they don't - conflict if you've been putting other files in your wiki. -* Uploaded filenames are more strictly checked than before. See bits in - DefaultSettings.php to tweak this behavior to your needs. -* Database messages are now enabled by default, so the interface messages can - be tweaked through the wiki with a sysop account. Disable this if you - don't want the performance hit. - -=== Database changes === - -An index was added to recentchanges table to speed up Newpages -(patch-rc-newindex.sql for manual updaters). - -Expiration date field has been added to ipblocks table -(patch-ipb_expiry.sql for manual updaters). - - -== Version 1.1.0, 2003-12-08 == - -This is the new production release. Any following 1.1.x releases are expected -to contain only bug fixes; developments of new features will go towards a 1.2.0 -release. - -New features in 1.1: -* New wiki table syntax: - http://meta.wikipedia.org/wiki/MediaWiki_User%27s_Guide:_Using_tables -* User-editable interface messages: - http://meta.wikipedia.org/wiki/MediaWiki_namespace -* XML-wrapped page source export with optional history: - http://meta.wikipedia.org/wiki/XML_import_and_export - (There is not yet an import function!) -* "Magic words" - -Fixes and tweaks: -* linkscc table caches link data for rendering; faster rebuildlinks.php -* Numerous bugs in Cologne Blue skin fixed -* Login gives warning about missing cookies -* Block log, protection log added; deletion log now includes undeletions -* Deletion & upload logs now escape comment text properly -* Problems with <nowiki> segments in section titles etc mitigated -* Contributions offset and minor edit bugs fixed -* Whatlinkshere now sorted alphabetically -* Various exciting new profiling options. -* Debug log is off by default. -* Various small bugs fixed. - -Internal changes: -* wfQuery has had a second parameter inserted, DB_READ or DB_WRITE. This value - is not actually used so far. -* Partial code for categories and Smarty template-based skins is in the tree - but disabled. -* Parts of Article.php have been moved to EditPage.php and ImagePage.php. - -New translations: -* fi - Finnish -* ia - Interlingua -* no - Norwegian -* sk - Slovak -* ta - Tamil - -=== Database changes === - -"linkscc" table added. If upgrading manually (rather than with update.php), -run maintenance/archives/patch-linkscc.sql to create the table. - -Older releases were dated snapshots from the old 'stable' branch: - -== mediawiki-20031118 == - -* Image deletion fixed. -* Deletion of image old revisions now restricted to sysops - (this is an irreversible action and not well logged) -* Fixed maintenance scripts broken by last release's security fix -* Many errors in rebuildlinks script fixed. - -== mediawiki-20031117 == - -* SECURITY FIX: stricter checking of include path -* Fixed user contributions next/prev bug -* Login cookies now have the database name prefixed to allow wikis - to coexist in the same domain. This will invalidate any old saved - password cookies. -* Update cache timestamp when talk pages are created -* Saving the login form in Mozilla no longer blanks password in prefs. -* Check existence of source page before performing a move. -* Detect invalid titles in Special:Allpages -* Q-encode headers on outgoing inter-user e-mail -* Updates to some translations. -* Added table of contents border/bg to Cologne Blue, Nostalgia skins -* Protected pages no longer appear unprotected when visited via redirect -* Swapped old Wikipedia logo for the MediaWiki sunflower logo -* install.php, update.php print warning on old PHP versions, - added compatibility functions that might or might not help - -No database changes since 20031107; upgrading should be clean. - - -== mediawiki-20031107 == - -* Fixed various bugs! -* Some speed improvements from tweaks to the table indexes -* Limited support for memcached (see below) -* New translations (see below) -* Interwiki link data now kept in database for flexibility -* Friendlier read-only source view if asked to edit a page when - the db is locked or the page is protected. -* Normal IP blocks auto-expire after 24 hours -* Optional support for blocking usernames -* Uploads disabled by default (see below) - - -=== Security note === - -Uploads are now disabled by default. If you've set up a secure configuration -you can reenable uploads by putting: - - $wgDisableUploads = false; - -into LocalSettings.php. - -Earlier versions of MediaWiki included a bug that potentially allows logged- -in users to delete arbitrary files in directories writable by the web server -user by manually feeding false form data; this is now fixed. - -As a reminder, disable PHP script execution in the upload directory! -You may also wish to serve HTML pages as plaintext to prevent cookie- -stealing JavaScript attacks. Example Apache config fragment: - - <Directory "/Library/MediaWiki/web/upload"> - # Ignore .htaccess files - AllowOverride None - - # Serve HTML as plaintext - AddType text/plain .html .htm .shtml - - # Don't run arbitrary PHP code. - php_admin_flag engine off - - # If you've other scripting languages, disable them too. - </Directory> - - -=== Database updates === - -If you're using update.php, the necessary database changes should -be made automatically. - -To manually upgrade your database from the 2003-08-29 release, run the -following SQL scripts from the maintenance subdirectory: - - archives/patch-ipblocks.sql - archives/patch-interwiki.sql - archives/patch-indexes.sql - interwiki.sql - -To copy in the Wikipedia language-prefix interwikis as well, add: - - wikipedia-interwiki.sql - - -=== Translations === - -New interface localization files are included for: - fy Frisian - ro Romanian - sl Slovene - sq Albanian - sr Serbian - - -=== Memcached === - -Memcached is a distributed cache system. See http://www.danga.com/memcached/ -MediaWiki can optionally use memcached to store some data between calls -to reduce load on the database. Currently this is limited to user and -talk page notification data, interwiki prefix/URL matches, and the -UTF-8 conversion tables. - -MediaWiki includes version 1.0.10 of the (GPL'd) PHP memcached client by -Ryan Gilfether; if memcached is disabled it acts as a dummy object with -minimal overhead. - -To use memcached you'll need PHP installed with sockets support (this is not -in the default configure options). See docs/memcached for some more details. - -Additionally, you can store login session data in memcached instead of the -local filesystem, which can help to enable load-balancing by letting login -sessions transparently work on multiple front-end web servers. (The primary -other issue is with uploads, which requires some care in handling.) - -To enable this, set $wgSessionsInMemcached = true; and set $wgCookieDomain -appropriately if exposing multiple hostnames. This system is new and may be -volatile; login sessions will fail dramatically if memcached is unavailable -when this option is turned on. - - -=== Online documentation === - -Documentation for both end-users and site administrators is currently being -built up on Meta-Wikipedia, and is covered under the GNU Free Documentation -License: - - http://meta.wikipedia.org/wiki/MediaWiki_User%27s_Guide - - -=== Mailing list === - -A MediaWiki-l mailing list has been set up distinct from the Wikipedia -wikitech-l list: - - http://mail.wikipedia.org/mailman/listinfo/mediawiki-l - - -=== UseModWiki import script === - -A stripped-down UseModWiki import script is available in the maintenance -subdirectory. It is incomplete and requires a lot of manual clean-up, but -does function for the brave and pure of heart. - - -=== Test suite removed === - -The unmaintained Java-based test suite has been removed from the tarball -release. If you really want it you can check it out from CVS. - - -== mediawiki-20030829 == - -First release under MediaWiki name. _____ Copied: vendor/mediawiki/1.5.3/HISTORY (from rev 19939, vendor/mediawiki/current/HISTORY) _____ Deleted: vendor/mediawiki/1.5.3/INSTALL --- vendor/mediawiki/current/INSTALL 2005-12-06 19:30:16 UTC (rev 19934) +++ vendor/mediawiki/1.5.3/INSTALL 2005-12-07 09:20:22 UTC (rev 19945) @@ -1,89 +0,0 @@ ---- -Installing MediaWiki ---- - -Starting with MediaWiki 1.2.0, it's possible to install -and configure the wiki "in-place", as long as you have -the necessary prerequesites available. - -In 1.3.0 the old command-line installer has been removed. -There is a command-line upgrade tool; see the file UPGRADE. - -Required software: -* Web server with PHP 4.1.2 or higher (4.3.x or 5.0.x is preferred) -* A MySQL server. 4.0.x is preferred, but 3.2.x should - work as well. - -********************************************************* - Read the file RELEASE-NOTES for notes on - MySQL 4.1 and other issues! -********************************************************* - -MediaWiki is developed and tested mainly on Unix/Linux -platforms, but should work on Windows as well. - -If your PHP is configured as a CGI plug-in rather than -an Apache module you may experience problems, as this -configuration is not well tested. safe_mode and other -non-standard PHP configurations may sometimes cause -problems as well. - -If you want math support see the instructions in math/README - -Don't forget to check the RELEASE-NOTES file... - -********************** WARNING ************************** - -REMEMBER: ALWAYS BACK UP YOUR DATABASE BEFORE ATTEMPTING -TO INSTALL OR UPGRADE!!! - -********************** WARNING ************************** - ----- -In-place web install ----- - -Decompress the MediaWiki installation archive either on -your server, or on your local machine and upload the -directory tree. Rename it from "mediawiki-1.x.x" to -something nice, like "wiki", since it'll be in your URL. - -To run the install script, you'll need to temporarily make -the 'config' subdirectory writable by the web server. The -simplest way to do this on a Unix/Linux system is to make -it world-writable: - - chmod a+w config - -Hop into your browser and surf into the wiki directory. -It'll direct you into the config script. Fill out the form... -remember you're probably not on an encrypted connection. -Gaaah! :) - -If all goes well, you should soon be told that it's set up -your wiki database and written a configuration file. There -should now be a 'LocalSettings.php' in the config directory; -move it back up to the main wiki directory, and the wiki -should now be working. - -Once the wiki is set up, you should remove the config -directory, or at least make it not world-writable (though -it will refuse to config again if the wiki is set up). - - ----- - -Don't forget that this is free software under development! -Chances are good there's a crucial step that hasn't made it -into the documentation. You should probably sign up for the -MediaWiki developers' mailing list; you can ask for help (please -provide enough information to work with, and preferably be aware -of what you're doing!) and keep track of major changes to the -software, including performance improvements and security patches. - -http://mail.wikipedia.org/mailman/listinfo/mediawiki-announce - -http://mail.wikipedia.org/mailman/listinfo/mediawiki-l (site admin support) - -http://mail.wikipedia.org/mailman/listinfo/wikitech-l (development) - _____ Copied: vendor/mediawiki/1.5.3/INSTALL (from rev 19939, vendor/mediawiki/current/INSTALL) _____ Deleted: vendor/mediawiki/1.5.3/README --- vendor/mediawiki/current/README 2005-12-06 19:30:16 UTC (rev 19934) +++ vendor/mediawiki/1.5.3/README 2005-12-07 09:20:22 UTC (rev 19945) @@ -1,87 +0,0 @@ -2005-07-09 - -MediaWiki ---------- - -MediaWiki is the software used for Wikipedia (http://www.wikipedia.org) and the -other Wikimedia Foundation websites. Compared to other wikis, it has an -excellent range of features and support for high-traffic websites (Wikipedia -peaks at 2500+ requests per second as of June 2005). However, it is generally -harder to install. Be sure to follow the INSTALL document closely. - -Installation on a Microsoft Windows system is not recommended, however it is -possible. Documentation for installation on Windows may be found at: - - http://meta.wikipedia.org/wiki/Running_MediaWiki_on_Windows - - -The MediaWiki software was written by: - * Lee Daniel Crocker - * Magnus Manske - * Jan Hidders - * Brion Vibber - * Axel Boldt - * Geoffrey T. Dairiki - * Tomasz Wegrzanowski - * Erik Moeller - * Tim Starling - * Gabriel Wicke - * Ashar Voultoiz - * Evan Prodromou - * Several others - -These developers hold the copyright to this work, and it is licensed under the -terms of the GNU General Public License, version 2 (see -http://www.fsf.org/licenses/gpl.html). Derivative works and later versions of -the code will also be considered free software licensed under the same terms. - -The newly-founded Wikimedia Foundation currently has no legal rights to the -software, although copyright may be assigned to it at a later date. Wikimedia -has not funded any of the development work. - -Sections of code written exclusively by Lee Crocker or Erik Moeller are also -released into the public domain, which does not impair the obligations of users -under the GPL for use of the whole code or other sections thereof. - -Many thanks to the Wikipedia regulars for testing and suggestions. - -The code is currently maintained at Sourceforge under the project "wikipedia", -module name "phase3". You can view the code in CVS there: - - http://wikipedia.sourceforge.net - -Please report bugs and make feature requests in our BugZilla system: - - http://bugzilla.wikipedia.org - -Documentation and discussion on new features may be found at: - - http://meta.wikimedia.org/wiki/MediaWiki_User%27s_Guide - http://meta.wikipedia.org/wiki/MediaWiki_development - -If you are setting up your own wiki based on this software, it is highly -recommended that you subscribe to mediawiki-l: - - http://mail.wikipedia.org/mailman/listinfo/mediawiki-l - -The mailing list is very low volume, and is intended primarily for -announcements of new versions, bug fixes, and security issues. - - -PHP - -The code is written in PHP. Version 4.3.2 or higher is recommended. There are -known issues with early 4.2.x releases. - -MySQL - -MediaWiki requires MySQL 3.23 or later, and PHP-MySQL. Version 4.0 or later is -strongly recommended. - -Operating system - -The code was written on and for Linux, and no attempt has been made to make it -portable to other OSs. The math support in particular has run-time dependencies -on things like TeTeX and GhostScript that are generally found in Linux but not -other OSs. However, we have had reports of successful installation on Windows, -albeit without TeX support. _____ Copied: vendor/mediawiki/1.5.3/README (from rev 19939, vendor/mediawiki/current/README) _____ Deleted: vendor/mediawiki/1.5.3/RELEASE-NOTES --- vendor/mediawiki/current/RELEASE-NOTES 2005-12-06 19:30:16 UTC (rev 19934) +++ vendor/mediawiki/1.5.3/RELEASE-NOTES 2005-12-07 09:20:22 UTC (rev 19945) @@ -1,781 +0,0 @@ -= MediaWiki release notes = - -Security reminder: MediaWiki does not require PHP's register_globals -setting since version 1.2.0. If you have it on, turn it *off* if you can. - -== MediaWiki 1.4.8 == - -(released 2005-08-23) - -MediaWiki 1.4.8 is a bug fix and security maintenance release. - -A flaw in the interaction between extensions and HTML attribute -sanitization was discovered which could allow unauthorized use -of offsite resources in style sheets, and possible exploitation -of a JavaScript injection feature on Microsoft Internet Explorer. - -This version expands the returned text and properly checks it -before output. - -Additionally, an update to skins/MonoBook.php ensures that sites -using the default MonoBook skin will display correctly in the -Internet Explorer 7 beta. (1.3 and 1.5 are not affected by this bug.) - - -== MediaWiki 1.4.7 == - -(released 2005-07-16) - -MediaWiki 1.4.7 is a bug fix release. Those affected by the following -problems in 1.4.6 should upgrade: - -* Watchlist breakage on MySQL 3.23.x and with table prefix enabled -* Possible breakage in watchlist, some image resizing modes on PHP 4.1.2 - -1.4.6 included a fix for a cross-site scripting vulnerability, so anyone -running older 1.4 releases is very strongly encouraged to upgrade as well. - -Note to upgraders: this version of MediaWiki is known to produce a large -number of notice-level warnings under the newly released PHP 4.4.0. -These appear however to be harmless; if you encounter them add this to -your LocalSettings.php to suppress the notices: - - error_reporting( E_ALL & ~E_NOTICE ); - -PHP 5.1.0beta3 is known to be incompatible at this time. - - -== MediaWiki 1.4.6 == - -(released 2005-07-07) - -MediaWiki 1.4.6 is a bug fix and security update release. - -Incorrect escaping of a parameter in the page move template could -be used to inject JavaScript code by getting a victim to visit a -maliciously constructed URL. Users of vulnerable releases are -recommended to upgrade to this release. - -Vulnerable versions: -* 1.5 preview series: n <= 1.5beta2 vulnerable, fixed in 1.5beta3 -* 1.4 stable series: 1.4beta6 <= n <= 1.4.5 vulnerable, fixed in 1.4.6 -* 1.3 legacy series: not vulnerable - -This release also includes fixes for some rare bug annoying HTTP errors, -a PHP 4.1.2 breakage bug, and works around some template limitations -introduced in 1.4.5. See the changelog at the end of this file for -a detailed list of bugs fixed. - - -== MediaWiki 1.4.5 == - -(released 2005-06-03) - -MediaWiki 1.4.5 is a security update and bugfix release. - -Incorrect handling of page template inclusions made it possible to -inject JavaScript code into HTML attributes, which could lead to -cross-site scripting attacks on a publicly editable wiki. - -Vulnerable releases and fix: -* 1.5 prerelease: fixed in 1.5alpha2 -* 1.4 stable series: fixed in 1.4.5 -* 1.3 legacy series: fixed in 1.3.13 -* 1.2 series no longer supported; upgrade to 1.4.5 strongly recommended - -This release also includes a number of bug fixes (see changelog below) -and merges some large-server load balancing patches from Wikipedia. - -An experimental rate limiter for page edits and moves can be enabled -with global, per-IP, per-subnet, or per-user bases. See configuration -options in includes/DefaultSettings.php - - -== MediaWiki 1.4.4 == - -(released 2005-05-04) - -MediaWiki 1.4.4 is a bugfix release for the 1.4 stable release series. - -Some bugs in the installer/updater and refreshLinks maintenance script -were introduced in the last release and have been corrected. - [truncated at 1000 lines; 138538 more skipped]

18 years, 9 months

[gvg] 19944: Upgrade to MediaWiki 1.5.3

by gvg＠svn.reactos.com

Upgrade to MediaWiki 1.5.3 Modified: trunk/web/reactos.org/htdocs/wiki/.cvsignore Modified: trunk/web/reactos.org/htdocs/wiki/AdminSettings.sample Modified: trunk/web/reactos.org/htdocs/wiki/HISTORY Modified: trunk/web/reactos.org/htdocs/wiki/INSTALL Modified: trunk/web/reactos.org/htdocs/wiki/README Modified: trunk/web/reactos.org/htdocs/wiki/RELEASE-NOTES Modified: trunk/web/reactos.org/htdocs/wiki/UPGRADE Deleted: trunk/web/reactos.org/htdocs/wiki/Version.php Modified: trunk/web/reactos.org/htdocs/wiki/config/index.php Added: trunk/web/reactos.org/htdocs/wiki/docs/README Deleted: trunk/web/reactos.org/htdocs/wiki/docs/deferred.doc Added: trunk/web/reactos.org/htdocs/wiki/docs/deferred.txt Deleted: trunk/web/reactos.org/htdocs/wiki/docs/design.doc Added: trunk/web/reactos.org/htdocs/wiki/docs/design.txt Added: trunk/web/reactos.org/htdocs/wiki/docs/export-0.1.xsd Added: trunk/web/reactos.org/htdocs/wiki/docs/export-0.2.xsd Added: trunk/web/reactos.org/htdocs/wiki/docs/export-0.3.xsd Added: trunk/web/reactos.org/htdocs/wiki/docs/export-demo.xml Deleted: trunk/web/reactos.org/htdocs/wiki/docs/globals.doc Added: trunk/web/reactos.org/htdocs/wiki/docs/globals.txt Deleted: trunk/web/reactos.org/htdocs/wiki/docs/hooks.doc Added: trunk/web/reactos.org/htdocs/wiki/docs/hooks.txt Deleted: trunk/web/reactos.org/htdocs/wiki/docs/language.doc Added: trunk/web/reactos.org/htdocs/wiki/docs/language.txt Deleted: trunk/web/reactos.org/htdocs/wiki/docs/linkcache.doc Added: trunk/web/reactos.org/htdocs/wiki/docs/linkcache.txt Deleted: trunk/web/reactos.org/htdocs/wiki/docs/memcached.doc Added: trunk/web/reactos.org/htdocs/wiki/docs/memcached.txt Deleted: trunk/web/reactos.org/htdocs/wiki/docs/schema.doc Added: trunk/web/reactos.org/htdocs/wiki/docs/schema.txt Deleted: trunk/web/reactos.org/htdocs/wiki/docs/skin.doc Added: trunk/web/reactos.org/htdocs/wiki/docs/skin.txt Deleted: trunk/web/reactos.org/htdocs/wiki/docs/title.doc Added: trunk/web/reactos.org/htdocs/wiki/docs/title.txt Deleted: trunk/web/reactos.org/htdocs/wiki/docs/user.doc Added: trunk/web/reactos.org/htdocs/wiki/docs/user.txt Modified: trunk/web/reactos.org/htdocs/wiki/img_auth.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/Article.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/AuthPlugin.php Added: trunk/web/reactos.org/htdocs/wiki/includes/BagOStuff.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/Block.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/BlockCache.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/CacheManager.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/CategoryPage.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/ChangesList.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/Credits.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/Database.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/DatabaseFunctions.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/DatabasePostgreSQL.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/DateFormatter.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/DefaultSettings.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/Defines.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/DifferenceEngine.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/EditPage.php Added: trunk/web/reactos.org/htdocs/wiki/includes/Exif.php Added: trunk/web/reactos.org/htdocs/wiki/includes/ExternalEdit.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/ExternalStoreDB.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/Feed.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/FulltextStoplist.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/GlobalFunctions.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/Group.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/HTMLForm.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/HistoryBlob.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/Hooks.php Added: trunk/web/reactos.org/htdocs/wiki/includes/HttpFunctions.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/Image.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/ImageGallery.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/ImagePage.php Deleted: trunk/web/reactos.org/htdocs/wiki/includes/Interwiki.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/LinkCache.php Added: trunk/web/reactos.org/htdocs/wiki/includes/Linker.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/LinksUpdate.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/LoadBalancer.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/LogPage.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/MagicWord.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/Math.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/MessageCache.php Deleted: trunk/web/reactos.org/htdocs/wiki/includes/MessageCacheHints.php Added: trunk/web/reactos.org/htdocs/wiki/includes/MimeMagic.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/Namespace.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/ObjectCache.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/OutputPage.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/PageHistory.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/Parser.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/ParserCache.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/ParserXML.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/Profiling.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/ProxyTools.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/QueryPage.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/RawPage.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/RecentChange.php Added: trunk/web/reactos.org/htdocs/wiki/includes/Revision.php Added: trunk/web/reactos.org/htdocs/wiki/includes/Sanitizer.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/SearchEngine.php Added: trunk/web/reactos.org/htdocs/wiki/includes/SearchMySQL.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/SearchMySQL3.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/SearchMySQL4.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/SearchTsearch2.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/SearchUpdate.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/Setup.php [truncated at 100 lines; 393 more skipped] _____ Modified: trunk/web/reactos.org/htdocs/wiki/.cvsignore --- trunk/web/reactos.org/htdocs/wiki/.cvsignore 2005-12-07 08:50:27 UTC (rev 19943) +++ trunk/web/reactos.org/htdocs/wiki/.cvsignore 2005-12-07 09:17:03 UTC (rev 19944) @@ -6,3 +6,4 @@ .project project.index .metadata* +.settings _____ Modified: trunk/web/reactos.org/htdocs/wiki/AdminSettings.sample --- trunk/web/reactos.org/htdocs/wiki/AdminSettings.sample 2005-12-07 08:50:27 UTC (rev 19943) +++ trunk/web/reactos.org/htdocs/wiki/AdminSettings.sample 2005-12-07 09:17:03 UTC (rev 19944) @@ -23,4 +23,9 @@ $wgDBadminuser = 'wikiadmin'; $wgDBadminpassword = 'adminpass'; +/* + * Whether to enable the profileinfo.php script. + */ +$wgEnableProfileInfo = false; + ?> _____ Modified: trunk/web/reactos.org/htdocs/wiki/HISTORY --- trunk/web/reactos.org/htdocs/wiki/HISTORY 2005-12-07 08:50:27 UTC (rev 19943) +++ trunk/web/reactos.org/htdocs/wiki/HISTORY 2005-12-07 09:17:03 UTC (rev 19944) @@ -1,629 +1,582 @@ Change notes from older releases. For current info see RELEASE-NOTES. += MediaWiki release notes = + Security reminder: MediaWiki does not require PHP's register_globals setting since version 1.2.0. If you have it on, turn it *off* if you can. -== Version 1.3.11, 2005-02-20 == +== MediaWiki 1.4.3 == -MediaWiki 1.3.11 is a security release. +(released 2005-04-28) -A security audit found and fixed a number of problems. Users of MediaWiki -1.3.10 and earlier should upgrade to 1.3.11; users of 1.4 beta releases -should upgrade to 1.4rc1. +MediaWiki 1.4.3 is a bugfix release for the 1.4 stable release series. +Chiefly, this fixes a compatibility problem with PHP 5 and a minor link +table corruption bug on initial page save. -=== Cross-site scripting vulnerability === -XSS injection points can be used to hijack session and authentication -cookies as well as more serious attacks. +== MediaWiki 1.4.2 == -* Media: links output raw text into an attribute value, potentially - abusable for JavaScript injection. This has been corrected. -* Additional checks added to file upload to protect against MSIE and - Safari MIME-type autodetection bugs. +(released 2005-04-20) -As of 1.3.10/1.4beta6, per-user customized CSS and JavaScript is disabled -by default as a general precaution. Sites which want this ability may set -$wgAllowUserCss and $wgAllowUserJs in LocalSettings.php. +MediaWiki 1.4.2 is a security and bug fix release for the 1.4 stable release +series. +A cross-site scripting injection vulnerability was discovered, which +affects only MSIE clients and is only open if MediaWiki has been +manually configured to run output through HTML Tidy ($wgUseTidy). -=== Cross-site request forgery === +Several other bugs are fixed in this release, see the changelog below. -An attacker could use JavaScript-submitted forms to perform various -restricted actions by tricking an authenticated user into visiting -a malicious web page. A fix for page editing in 1.3.10/1.4beta6 has -been expanded in this release to other forms and functions. +All new installations are highly recommended to use 1.4.2 instead of +1.3.x; 1.3.x users should consider upgrading for bug fixes and new +features. Ealier 1.4.x release and beta users should upgrade to this +release for relevant bug fixes; see the changelog later in this file. -Authors of bot tools may need to update their code to include the -additional fields. +If you have trouble, remember to read this whole file and the online FAQ page +before asking for help: -=== Directory traversal === +http://meta.wikimedia.org/wiki/MediaWiki_FAQ -An unchecked parameter in image deletion could allow an authenticated -administrator to delete arbitary files in directories writable by the -web server, and confirm existence of files not deletable. +=== READ THIS FIRST: Upgrading === -== Version 1.3.10, 2005-02-03 == +If upgrading from an older release, see the notes in the file UPGRADE. +There are a couple of minor database changes from the beta releases, +and somewhat larger changes from 1.3.x. -MediaWiki 1.3.10 is a security release. +Upgrading from a previous 1.4.x stable release installation should +generally only require copying the new files over the old ones. -An attacker could craft a URL which, when visited by a particular -logged-in user, would execute arbitrary JavaScript code on the user's -browser in the wiki's site context. This attack has been blocked, and as -an extra precaution the user CSS and JavaScript subpage support is now -disabled by default. Sites which want this ability may set $wgAllowUserCss -and $wgAllowUserJs in LocalSettings.php. -Additional protections have been added against off-site form submissions -hijacking user credentials. Authors of bot tools may need to update their -code to include additional fields. +==== READ THIS FIRST, TOO: MySQL 4.1 AND 5.0 ==== -All wikis running 1.3.x are strongly urged to upgrade to 1.3.10. +MySQL 5.0 is a beta release, not yet ready for production use. If you +are using it, the notes below about 4.1 apply to you too. -Changes from 1.3.9: -* Logged-in edits and preview of user CSS/JS are now locked to a session token. -* Per-user CSS and JavaScript subpage customizations now disabled by default. - They can be re-enabled via $wgAllowUserJs and $wgAllowUserCss. -* Removed .ogg from the default uploads whitelist as an extra precaution. - If your web server is configured to serve Ogg files with the correct - Content-Type header, you can re-add it in LocalSettings.php: - $wgFileExtensions[] = 'ogg'; +If you have the choice of MySQL 4.0 or MySQL 4.1 and don't need 4.1 for +some other application, you should consider sticking with 4.0 for the +moment. 4.1 may require you to do extra fiddling to get things to work +due to changes that aren't fully backwards-compatible. +MySQL 4.1 has changed the authentication protocol in an incompatible +way; many PHP installations still use the older client libraries and +CANNOT CONNECT TO THE SERVER WITH A PASSWORD without some changes. +See: http://dev.mysql.com/doc/mysql/en/Old_client.html -== Version 1.3.9, 2004-12-12 == +If MySQL is set with utf-8 as the default character set, installation +may fail with "key too long" errors. Set the default charset to 'latin1' +for installation and it should work. -MediaWiki 1.3.9 is a security and bug fix release. +The mysqldump backup generator now applies an automatic conversion to +UTF-8, which may irretrivably corrupt your data. Pass the -charset option +with the original default charset (eg 'latin1') to skip the conversion. -A flaw in upload handling has been found which may allow upload and -execution of arbitrary scripts with the permissions of the web server. -Only wikis that have enabled uploads and have a vulnerable Apache -configuration will be affected, but to be safe all wikis should upgrade. -Wikis with uploads available should either disable uploads or upgrade to -1.3.9 immediately; if other files are customized and require merging -changes, includes/SpecialUpload.php may be replaced individually to add -the fix. +==== READ THIS FIRST IF RUNNING ON A WINDOWS SERVER ==== -(It is also recommended to configure your web server to disable script -execution in the 'images' subdirectory where uploads are placed, which -prevents most attacks even if the wiki fails.) +MediaWiki is tested and deployed primarily under the Apache web server +on Linux Unix systems. There are known to be problems running on +Microsoft's IIS which are not fully resolved. If you have a choice, +try running under Apache on Windows, or on a Unix/Linux box instead. -Changes from 1.3.8: -* Backported "Templates used in this page"-feature of EditPage -* Allow "MySkin" as a default skin. -* (bug 938) Parse namespaces correctly on self-interwiki links -* (bug 1010) fix broken Commons image link on Classic & Cologne Blue -* (bug 1004) Norsk language names for interwiki links changed, - Nauruan language name changed -* Enhance upload extension blacklist to protect against vulnerable - Apache configurations +If you're having trouble with blank pages on IIS and can't switch, +try the workaround suggested in this bug report: +http://bugzilla.wikimedia.org/show_bug.cgi?id=1763 -== Version 1.3.8, 2004-11-15 == +=== New features === -MediaWiki 1.3.8 is a bugfix release. Those running wikis with uploads -enabled are strongly recommended to upgrade as this fixes several problems -with overwriting previously-uploaded files. +* 'Recentchanges Patrol' to mark new edits that haven't yet been viewed. +* New, searchable deletion/upload/protection logs +* Image gallery generation (Special:Newimages and <gallery> tag) +* SVG rasterization support (requires external support tools) +* Users can select from the available localizations to override the + default user interface language. +* Traditional/Simplified Chinese conversion support +* rel="nofollow" support to combat linkspam -Changes from 1.3.7: -* (bug 506) fix array_key_exists() warning for IIS servers using - ISAPI mode -* (bug 718) fix bad charset in (file) cached pages -* use local numerals in category page (for Hindi et al) -* alias month abbreviations to month names in Hindi -* add localized numerals for Gujarati and Kannada -* fix Category and project namespaces for Hindi -* Don't output bogus timestamp on Special:Recentchanges if no entries -* Correct template include path which broke some but not all Windows installs -* Fix edit form submission problem with some PHP versions -* Disallow unreachable titles with %XX hex codes -* Allow page [[0]] to be renamed -* (bug 774) when saving with section=new, return to the anchor as with - existing numbered section edits -* Experimental shared upload overlay area (disabled by default) -* (bug 806) Removed some "Wikipedia" hardcoding in German localization -* User option localization fix for some extensions -* (bug 809) now try to load the mysql php extension if it isn't loaded -* (bug 848) fix error message in Special:Newpages RSS and Atom feeds -* (bug 26) fix cache headers on anon talk page notification -* (bug 874) added 'cgi' to wgFileBlacklist -* (bug 862) localize date and time format for Finnish -* (bug 548) Don't overwrite images until the user confirms it +The current implementation adds this attribute to _all_ external URL +links in wiki text (but not internal [[wiki links]] or interwiki links). +To disable the attribute for _all_ external links, add this line to your +LocalSettings.php: + $wgNoFollowLinks = false -== Version 1.3.7, 2004-10-18 == -Changes from 1.3.6: -* Fix protected-page related security issue. +For background information on nofollow see: + http://www.google.com/googleblog/2005/01/preventing-comment-spam.html -== Version 1.3.6, 2004-10-14 == -Changes from 1.3.5: -* (bug 296) Variables in user interface messages are no longer substituted - at install time, so changes to the site name etc should be easier to make -* (bug 149) Special:Recentchanges "changes from" link preserves limit -* (bug 433) tooltip for "Undelete" tab now labeled correctly -* (bug 439) unclickable "Move" tab no longer displays on protected pages -* (bug 484) graceful deletion of images where the actual file is missing -* (bug 686) fixed [[plural]]s in Catalan localization -* Fixed potential HTML/JavaScript injection attack in the UnicodeConverter - extension. (This extension is not enabled by default.) -* Fixed potential HTML/JavaScript injection attack via raw page views to - a maliciously crafted wiki page. -* (bug 187, bug 669) Fixed centered thumbnails, using <div> instead of - <span>. -* catch MySQL error 2000 during installation. -* (bug 704) Removed misleading LocalSettings.sample -* Fix cross site scripting bugs in SpecialIpblocklist, SpecialEmailuser -* Fix SQL injection and cross site scripting bugs in SpecialMaintenance -* Fix cross site scripting bugs and possible filename validation vulnerability - in ImagePage. -* and more of that sort +=== Installation and compatibility === +* The default MonoBook theme now works with PHP 5.0 +* Installation on systems with PHP's safe mode or other oddities + should work more reliably, as MonoBook no longer needs to + create a compiled template file for the wiki to run. +* A table prefix may be specified, to avoid conflicts with other + web applications forced to share a database. +* More thorough UTF-8 input validation; fixes non-ASCII uploaded + filenames from Safari. +* Command-line database upgrade script. -== Version 1.3.5, 2004-09-30 == -Changes from 1.3.4: -* Clean up input validation in 'raw' page output mode which was a potential - cross-site scripting opportunity. +=== Customizability === +* Default user options can now be overridden in LocalSettings. +* Skins system more modular: templates and CSS are now in /skins/ + New skins can be dropped into this directory and used immediately. +* More extension hooks have been added. +* Authentication plugin hook. +* More internal code documentation, generated with phpdoc: + http://www.mediawiki.org/docs/html/ -== Version 1.3.4, 2004-09-28 == -************************** SECURITY NOTE! ****************************** +=== Optimization === -As of 1.3.4, MediaWiki performs some screening of newly uploaded files for -validity. (Some) corrupt image files, and HTML files mistakenly or -maliciously masquerading as images, should now be rejected. +* For many operations, MediaWiki 1.4 should run faster and use + less memory than MediaWiki 1.3. Page rendering is up to twice + as fast. (Use a PHP accelerator such as Turck MMCache for best + results with any PHP application, though!) +* The parser cache no longer requires memcached, and is enabled + by default. This avoids a lot of re-rendering of pages that + have been shown recently, greatly speeding longer page views. +* Support for compiled PHP modules to speed up page diff and + Unicode validation/normalization. (Requires ability to compile + and load PHP extensions). -These checks protect against Internet Explorer security holes relating -to type autodetection which are a potential cross-site scripting attack -vector, and also rejects at least one known version of the "JPEG virus" -which might attack unpatched clients. -If you already have invalid files uploaded this will not protect against -them. If you have expanded the filetype whitelist or disabled the strict -type checking, other dangerous file types may still get through. You should -always be careful when allowing uploads! +=== What isn't ready yet === +* A new user/groups permissions scheme has been held back to 1.5. +* An experimental SOAP interface will be made available as an extension +* PostgreSQL support is largely working, minus search and the installer. + You can perform a manual installation. +* E-mail notification of watched page changes and verification of + user-submitted e-mail addresses is not yet included. +* Log pages are not automatically imported into the new log table + at upgrade time. A script to import old text log entries is + incomplete, but may be available in later point releases. +* Some localizations are still incomplete. -Changes from 1.3.3: -* Fixed lots of template-related bugs, esp. for cases where template - variables are used for links, images, etc. -* Fixed transformation of page messages when viewing Special:Allmessages -* Handle "ISBN ISBN 1234" correctly -* Fixed warning on Category pages -* Fixed some bad error messages on login page -* Fixed history entry for initial main page on install -* Removed problematic { and } from legal title characters -* Strip leading blank from output in preformated text. -* Fixed problem when moving pages to titles with '#' in -* Optional $wgRawHtml for raw <html> sections. Use only on limited- - participation 'trusted' wikis, as it does not protect against cross-site - scripting attacks. For security, this option can only be enabled if in - $wgWhitelistEdit mode. -* Fixed problem where pages which were created as a redirect following - a move never showed on Special:Randompage. -* Fixed line spacing on printed table of contents -* Allow links to pages with names of the form [[RFC 1234]] -* Fixed broken edit links being shown for sections from included templates -* Verify that uploaded image files are of the claimed type. -== Version 1.3.3, 2004-09-09 == +== Changelog == -Changes from 1.3.2: -* Fix for long numeric page titles -* Fix Go search for "0", numeric almost-self-links -* Avoid caching of pages with "You have new messages" headers -* Fix for upgrades as non-root users from 1.2 command-line installs. -* Fix for $wgDebugDumpSql debug mode. -* $wgExtraNamespaces setting for configuring additional namespaces - (see note in DefaultSettings.php) -* 'recache' on query pages now disabled when miser mode is on; special case the - global settings in your LocalSettings.php to do automatic updates. -* Don't block UTF-8 titles containing byte 0xA0 (bug added in 1.3.2) -* Watch/unwatch tabs now shown on edit pages in MonoBook. -* Fix default skin in Irish localization (ga) -* Add Traditional Chinese localization (zh-tw) -* Changed default sortkey of subcategories. Don't include "Category:"-prefix - any longer -* More helpful info on spam catcher. -* Allow larger offsets for queries such as Special:Listusers -* Semicolon (;) added to French non-break space rules -* Possible fix for some install errors with path names permission problems. -* Removed [[Project:All system messages]], which has been superceded by - the much faster [[Special:Allmessages]]. This speeds up installation - considerably. +=== Important security updates === -== Version 1.3.2, 2004-08-30 == +A security audit found and fixed a number of problems. Users of MediaWiki +1.3.10 and earlier should upgrade to 1.3.11; users of 1.4 beta releases +prior to 1.4rc1 should upgrade immediately. -Changes from 1.3.1: -* Fix namespaced page creation links when no go match -* When cookies are disabled, don't show login screen twice -* Install should no longer die when PHP is pre-configured to compress output -* Fixed bug that caused long Japanese pages to time out with Tidy active -* When session.handler is set incorrectly, try automatic override to 'files' -* Watch/Unwatch links back to the affected page instead of Main Page -* Upload link no longer displayed on Monobook if uploading is disabled -* Special:Allmessages faster, shows correct original text, works in safe mode +==== Cross-site scripting vulnerability ==== +XSS injection points can be used to hijack session and authentication +cookies as well as more serious attacks. -== Version 1.3.1, 2004-08-14 == +* Media: links output raw text into an attribute value, potentially + abusable for JavaScript injection. This has been corrected. +* Additional checks added to file upload to protect against MSIE and + Safari MIME-type autodetection bugs. -Changes from 1.3.0: -* Watchlist parameters now work with register_globals off -* Fixed parsing of ''italics'' and '''bold''' mark-up (again) -* Special:Allpages display is more sensible on smaller wikis -* Fixed XHTML parsing error in classic skins -* Moved pages update watchlist correctly -* Fixed rebuildall.php on case-sensitive Unix filesystems -* Disabled file cache compression by default due to incompatibility - with output buffer compression (ob_gzhandler) -* New magic word PAGENAMEE (URL-escaped version of PAGENAME) -* Installation avoids blank username; better message on missing XML module -* $wgWhitelistAccount no longer breaks all logins. +As of 1.3.10/1.4beta6, per-user customized CSS and JavaScript is disabled +by default as a general precaution. Sites which want this ability may set +$wgAllowUserCss and $wgAllowUserJs in LocalSettings.php. -== Version 1.3.0, 2004-08-11 == -Look & layout: -* New default layout 'MonoBook' (available on PHP4 only currently) -* Print stylesheet now built-in to every page -* More or less correct XHTML 1.0 (served as text/html by default) +==== Cross-site request forgery ==== -Wiki features: -* Image captions can now include links and other basic formatting -* Image bounding box can be specified instead of width, e.g. as - 100x100px, making the image not wider than 100px and not higher - than 100px, keeping aspect ratio. -* Templates have been expanded with parameters, and separated from - the MediaWiki: localization scheme. -* Categories more or less work -* added a special page for listing users with sysop rights. +An attacker could use JavaScript-submitted forms to perform various +restricted actions by tricking an authenticated user into visiting +a malicious web page. A fix for page editing in 1.3.10/1.4beta6 has +been expanded in this release to other forms and functions. -Editing: -* Automatic merging of edit conflicts that don't directly interfere -* Edit summaries can now include basic formatting and links +Authors of bot tools may need to update their code to include the +additional fields. -Metadata and output: -* Linked Creative Commons copyright metadata (optional) -* RSS 2.0 & Atom 0.3 feeds for Recent Changes, New Pages -Optional modules: -* WikiHiero hieroglyphic module can be added (separate download) -* Timeline module can be added (separate download). - Requires ploticus. -* TeX now has an experimental MathML output mode (incomplete!) +==== Directory traversal ==== -Installation and upgrading: -* The old install.php and update.php have been removed. In-place - installation introduced in 1.2 is now the standard installation - and upgrade method, see INSTALL and UPGRADE for directions. +An unchecked parameter in image deletion could allow an authenticated +administrator to delete arbitary files in directories writable by the +web server, and confirm existence of files not deletable. -Database: -* The links table has been changed to use a cur_id for l_from. - The link tables must be converted on upgrade, which may entail - some downtime. -Code and compatibility: -* Should now run clean with error reporting set to E_ALL. -* register_globals hack from 1.2 has been replaced with safer code -* Bundled PHPTAL 0.7.0 from http://phptal.sourceforge.net/ - (with some patches) -* Most image-related code moved to Image.php -* More fixes for PHP 4.1.2 (thanks to Asheesh Laroia) -* URL encoding fix for anchors -* All languages now available in UTF-8 mode -* Various other fixes +==== Older issues ==== -=== Caveats === +Note that 1.4 beta releases prior to beta 5 include an input validation +error which could lead to execution of arbitrary PHP code on the server. +Users of older betas should upgrade immediately to the current version. -Some output, particularly involving user-supplied inline HTML, may not -produce 100% valid or well-formed XHTML output. Testers are welcome to -set $wgMimeType = "application/xhtml+xml"; to test for remaining problem -cases, but this is not recommended on live sites. (This must be set for -MathML to display properly in Mozilla.) -The new 'MonoBook' skin is not compatible with PHP 5 due to bugs in the -underlying PHPTAL library. It will be automatically disabled when running -on PHP5; the older look and feel will be used instead. +Beta 6 also introduces the use of rel="nofollow" attributes on external +links in wiki pages to reduce the effectiveness of wiki spam. This will +cause participating search engines to ignore external URL links from wiki +pages for purposes of page relevancy ranking. -== Version 1.2.6, 2004-05-24 == -* Spam blocker ($wgSpamRegex - refuses to save edits that match) -* Updated documentation about $wgWhitelistRead -* Ensure that searchindex table is created as MyISAM -* Interwiki cache timeout (memcached) -* Fix uploads on Windows with magic_quotes_gpc -* Some config fixes for Windows (slashes etc) -* Local interwiki URL redirects -* Fixed obscure deletion problem in squid mode on corrupt entries -* Language files updated to remove more hard-coded "Wikipedia" strings +=== Misc bugs fixed in beta 1 === -== Version 1.2.5, 2004-05-01 == -* Fixed install problem with blank root password -* Fixed Special:Emailuser/Username links -* Fixed main-page edit links on fuzzy search results -* Fixed wikipedia-interwiki.sql -* Fixed install with apache2filter (ugly URLs) -* IP in 'go' search brings up contributions -* Switch from broken & to ? on top-level wiki URL hack +* (bug 95) Templates no longer limited to 5 inclusions per page +* New user preference for limiting the image size for images on image description + pages +* (bug 530) Allow user to preview article on first edit +* (bug 479) [[RFC 1234]] will now make an internal link +* (bug 511) PhpTal skins shown bogus 'What links here' etc on special pages +* (bug 770) Adding filter and username exact search match for Special:Listusers +* (bug 733) Installer die if it can not write LocalSettings.php +* (bug 705) Various special pages no more show the rss/atom feed links +* (bug 114) use category backlinks in Special:Recentchangeslinked -== Version 1.2.4, 2004-04-13 == +=== Beta 2 fixes === -* Fixed edit toolbar in Mozilla -* Diff links in Contributions for 'top' edits -* Fixed Nostalgia skin drop-down for register_globals off -* Backported optional open proxy blocker -* Backported $wgWhitelistRead -* $wgCapitalLinks option to force full case sensitivity in titles -* Cleaned up error handling when can't talk to database -* Disabled unsafe command-line installer (remove the "die()" call to use) +* (bug 987) Reverted bogus fix for bug 502 +* (bug 992) Fix enhanced recent changes in PHP5 +* (bug 1009) Fix Special:Makesysop when using table prefixes +* (bug 1010) fix broken Commons image link on Classic & Cologne Blue +* (bug 985) Fix auto-summary for section edits +* (bug 995) Close <a> tag +* (bug 1004) renamed norsk language links (twice) +* Login works again when using an old-style default skin +* Fix for load balancing mode, notify if using old settings format +* (bug 1014) Missing image size option on old accounts handled gracefully +* (bug 1027) Fix page moves with table prefix +* (bug 1018) Some pages fail with stub threshold enabled +* (bug 1024) Fix link to high-res image version on Image: pages +* (bug 1016) Fix handling of lines omitting Image: in a <gallery> tag +* security fix for image galleries +* (bug 1039) Avoid error message in certain message cache failure modes +* Fix string escaping with PostgreSQL +* (bug 1015) [partial] -- use comment formatter on image gallery text +* Allow customization of all UI languages +* use $wgForceUIMsgAsContentMsg to make regular UI messages act as content +* new user option for zh users to disable language conversion +* Defer message cache initialization, shaving a few ms off file cache hits +* Fixed Special:Allmessages when using table prefixes +* (bug 996) Fix $wgWhitelistRead to work again +* (bug 1028) fix page move over redirect to not fail on the unique index -== Version 1.2.3, 2004-04-02 == +=== Beta 3 fixes === -* Fixed an in-place install bug with non-root MySQL user -* Fixed history diff checkboxes bug on titles with ampersands -* Fixed printable link bug on special pages with parameters -* Fixed bug that broke IP blocking w/o memcached -* Turns off E_NOTICE warnings if PHP settings have them on - (you can grope in and turn this off if you like to debug) +* Hide RC patrol markers when patrol is disabled or not allowed to patrol. +* Fix language selection for upgraded accounts +* (bug 1076) navigation links in QueryPage should be translated by wgContLang. +* (bug 922) bogus DOS line endings in LanguageEl.php +* Fix index usage in contribs +* Caching and load limiting options for Recentchanges RSS/Atom feed +* (bug 1074) Add stock icons for non-image files in gallery/Newimages +* Add width and height attributes on thumbs in gallery/Newimages +* Enhance upload extension blacklist to protect against vulnerable + Apache configurations -== Version 1.2.2, 2004-03-28 == +=== Beta 4 fixes === -* Fixed an upgrade bug introduced in 1.2.1. -* Disabled $wgUseCategoryMagic, which feature is incomplete broken +* (bug 1090) Fix sitesupport links in CB/classic skins +* Gracefully ignore non-legal titles in a <gallery> +* Fix message page caching behavior when $wgCapitalLinks is turned off + after installation and the wiki is subsequently upgraded +* Database error messages include the database server name/address +* Paging support for large categories +* Fix image page scaling when thumbnail generation is disabled +* Select the content language in prefs when bogus interface language is set +* Fix interwiki links in edit comments +* Fix crash on banned user visit +* Avoid PHP warning messages when thumbnail not generated +* (bug 1157) List unblocks correctly in Special:Log +* Fix fatal errors in LanguageLi.php +* Undo overly bright, difficult to read colors in Cologne Blue +* (bug 1162) fix five-tilde date inserter +* Add raw signatures option for those who simply must have cute sigs +* (bug 1164) Let wikitext be used in Loginprompt and Loginend messages +* Add the dreaded <span> to the HTML whitelist +* (bug 1170) Fix Russian linktrail +* (bug 1168) Missing text on the bureaucrat log +* (bug 1180) Fix Makesysop on shared-user-table sites +* (bug 1178) Fix previous diff link when using 'oldid=0' +* (bug 1173) Stop blocked accounts from reverting/deleting images +* Keep generated stylesheets cache-separated for each user +* (bug 1175) Fix "preview on first edit" mode +* Fix revert bug caused by bug 1175 fix +* Fix CSS classes on minor, new, unpatrolled markers in enhanced RC +* Set MySQL 4 boolean search back to 'and' mode by default +* (bug 1193) Fix move-only page protection mode +* Fix zhtable Makefile to include the traditional manual table +* Add memcache timeout for the zh conversion tables +* Allow user customization of the zh conversion tables through + Mediawiki:zhconversiontable +* Add zh-min-man (back) to language names list +* Ported $wgCopyrightIcon setting from REL1_3A +* (bug 1218) Show the original image on image pages if the thumbnail would be + bigger than the original image +* (bug 1213) i18n of Special:Log labels +* (bug 1013) Fix jbo, minnan in language names list +* Added magic word MAG_NOTITLECONVERT to indicate that the title of the page + do not need to be converted. Useful in zh: +* (bug 1224) Use proper date messages for date reformatter +* (bug 1241) Don't show 'cont.' for first entry of the category list +* (bug 1240) Special:Preferences was broken in Slovenian locale when + $wgUseDynamicDates is enabled +* Added magic word MAG_NOCONTENTCONVERT to supress the conversion of the + content of an article. Useful in zh: +* write-lock for updating the zh conversion tables in memcache +* recursively parse subpages of MediaWiki:Zhconversiontable +* (bug 1144) Fix export for fy language +* make removal of an entry from zhconversiontable work +* (bug 752) Don't insert newline in link title for url with %0a +* Fix missing search box contents in MonoBook skin +* Add option to forward search directly to an external URL (eg google) +* Correctly highlight the fallback language variant when the selected + variant is disabled. Used in zh: only for now. -== Version 1.2.1, 2004-03-27 == +=== Beta 5 fixes === -Installation, compatibility, security fixlets: -* Detect use of PHP as CGI and disable index.php/Title URLs -* Try to auto-create math tmp & output directories if not present -* Disable Asksql in default install ($wgAllowSysopQueries) -* Better handling of get_magic_quotes_gpc (apostrophe problems) -* French localisation no longer hard-codes "Wikipedia" name +* (bug 1124) Fix ImageGallery XHTML compliance +* (bug 1186) news: in the middle of a word +* (bug 1283) Use underlining and borders to highlight additions/deletions + in diff-view +* Use user's local timezone in Special:Log display +* Show filename for images in gallery by default (restore beta 3 behaviour) +* (bug 1201) Double-escaping in brokenlinks, imagelinks, categorylinks, searchindex +* When using squid reverse proxy, cache the redirect to the Main_Page +* (bug 1302) Fix Norwegian language file +* (bug 1205) Fix broken article saving in PHP 5.1 +* (bug 1206) Implement CURRENTWEEK and CURRENTDOW magic keyword (will give + number of the week and number of the day). +* (bug 1204) Blocks do not expire automatically +* (bug 1184) expiry time of indefinite blocks shown as the current time +* (bug 1317) Fix external links in image captions +* (bug 1084) Fix logo not rendering centrally in IE +* (bug 288) Fix tabs wrapping in IE6 +* (bug 119) Fix full-width tabs with RTL text in IE +* (bug 1323) Fix logo rendering off-screen in IE with RTL language +* Show "block" link in Special:Recentchanges for logged in users, too, if + wgUserSysopBans is true. +* (bug 1326) Use content language for '1movedto2' in edit history +* zh: Fix warning when HTTP_ACCEPT_LANGUAGE is not set +* zh: Fix double conversion for zh-sg and zh-hk +* (bug 1132) Fix concatenation of link lists in refreshLinks +* (bug 1101) Fix memory leak in refreshLinks +* (bug 1339) Fix order of @imports in Cologne Blue CSS +* Don't try to create links without namespaces ([[Category:]] link bug) +* Memcached data compression fixes +* Several valid XHTML fixes +* (bug 624) Fix IE freezing rendering whilst waiting for CSS with MonoBook +* (bug 211) Fix tabbed preferences with XHTML MIME type +* Fix for script execution vulnerability. -== Version 1.2.0 == +=== Beta 6 fixes === -New features in 1.2: -* Image resizing/thumbnail generation -* Stricter upload file extension blacklist and whitelist options -* More flexible blocking system; time period may be set -* Handier sysop account management. An account marked "bureaucrat" - may assign sysop access to other accounts via Special:Makesysop. - (The exact details of this may change in the future) -* Support for a squid cache with explicit purging of cached anon pages -* Optional compression of old revision text (requires zlib support) -* Fuzzy title search (experimental, requires memcached) -* Page rendering cache (experimental) -* Editing toolbar to demonstrate wiki syntax to newbies - (off by default in user preferences) -* Support for authenticated SMTP outgoing e-mail (experimental) -* It's now possible to assign sysop accounts from within the wiki. - An account with this ability must be labeled with the "bureaucrat" - privilege, such as the 'Developer' account created by the install. +* (bug 1335) implement 'tooltip-watch' in Language.php +* Fix linktrail for nn: language +* (bug 1214) Fix prev/next links in Special:Log +* (bug 1354) Fix linktrail for fo: language +* (bug 512) Reload generated CSS on preference change +* (bug 63) Fix displaying as if logged in after logout +* Set default MediaWiki:Sitenotice to '-', avoiding extra database hits +* Skip message cache initialization on raw page view (quick hack) +* Fix notice errors in wfDebugDieBacktrace() in XML callbacks +* Suppress notice error on bogus timestamp input (returns epoch as before) +* Remove unnecessary initialization and double-caching of parser variables +* Call-tree output mode for profiling +* (bug 730) configurable $wgRCMaxAge; don't try to update purged RC entries +* Add $wgNoFollowLinks option to add rel="nofollow" on external links + (on by default) +* (bug 1130) Show actual title when moving page instead of encoded one. +* (bug 925) Fix headings containing <math> +* (bug 1131) Fix headings containing interwiki links +* (bug 1380) Update Nynorsk language file +* (bug 1232) Fix sorting of cached Special:Wantedpages in miser mode +* (bug 1217) Image within an image caption broke rendering +* (bug 1384) Make patrol signs have the same width for page moves as for edits +* (bug 1364) fix "clean up whitespace" in Title:SecureAndSplit +* (bug 1389) i18n for proxyblocker message +* Add fur/Furlan/Friulian to language names list +* Add TitleMoveComplete hook on page renames +* Allow simple comments for each translation rules in MW:Zhconversiontable +* (bug 1402) Make link color of tab subject page link on talk page indicate whether article exists +* (bug 1368) Fix SQL error on stopword/short word search w/ MySQL 3.x +* Translated Hebrew namespace names +* (bug 1429) Stop double-escaping of block comments; fix formatting +* (bug 829) Fix URL-escaping on block success +* (bug 1228) Fix double-escaping on & sequences in [enclosed] URLs +* (bug 1435) Fixed many CSS errors +* (bug 1457) Fix XHTML validation on category column list +* (bug 1458) Don't save if edit form submission is incomplete +* Logged-in edits and preview of user CSS/JS are now locked to a session token. +* Per-user CSS and JavaScript subpage customizations now disabled by default. + They can be re-enabled via $wgAllowUserJs and $wgAllowUserCss. +* Removed .ogg from the default uploads whitelist as an extra precaution. + If your web server is configured to serve Ogg files with the correct + Content-Type header, you can re-add it in LocalSettings.php: + $wgFileExtensions[] = 'ogg'; -Fixes and tweaks: -* Now works with register_globals off! -* Works with short tags disabled. -* Should work out of the box on MySQL 3.2.x again. On 4.x set - $wgEnablePersistentLC = true; to turn on the link cache table - for a slight rendering speed boost. -* rebuildMessages.php can now selectively update new messages, or - overwrite everything. -* Various bug fixes. -* Other stuff we forgot. -* Documentation more out of date than ever before! +=== RC1 fixes === -=== Behavior changes === +* Fix notice error on nonexistent template in wikitext system message +* (bug 1469) add missing <ul> tags on Special:Log +* (bug 1470) remove extra <ul> tags from Danish log messages +* Fix notice on purge w/ squid mode off +* (bug 1477) hide details of SQL error messages by default + Set $wgShowSQLErrors = true for debugging. +* (bug 1430) Don't check for template data when editing page that doesn't exist +* Recentchanges table purging fixed when using table prefix +* (bug 1431) Avoid redundant objectcache garbage collection +* (bug 1474) Switch to better-cached index for statistics page count +* Run Unicode normalization on all input fields +* Fix translation for allpagesformtext2 in LanguageZh_cn and LanguageZh_tw +* Block image revert without valid login +* (bug 1446) stub Bambara (bm) language file using French messages +* (bug 1432) Update Estonian localization +* (bug 1471) unclosed <p> tag in Danish messages +* convertLinks script fixes +* Corrections to template loop detection +* XHTML encoding fix for usernames containing & in Special:Emailuser +* (for zh) Search for variant links even when conversion is turned off, + to help prevent duplicate articles. +* Disallow ISO 8859-1 C1 characters and "no-break space" in user names + on Latin-1 wikis. +* Correct the name of the main page it LanguageIt +* Allow Special:Makesysop to work for usernames containing SQL special + characters. +* Fix annoying blue line in Safari on scaled-down images on description page +* Increase upload sanity checks +* Fix XSS bug in Media: links +* Add cross-site form submission protection to various actions +* Fix fatal error on some dubious page titles +* Stub threshold displays correctly again -* wiki.phtml and redirect.phtml are now renamed to index.php and redirect.php - The old names are provided too for compatibility, but make sure they don't - conflict if you've been putting other files in your wiki. -* Uploaded filenames are more strictly checked than before. See bits in - DefaultSettings.php to tweak this behavior to your needs. -* Database messages are now enabled by default, so the interface messages can - be tweaked through the wiki with a sysop account. Disable this if you - don't want the performance hit. -=== Database changes === +=== 1.4.0 final fixes === -An index was added to recentchanges table to speed up Newpages -(patch-rc-newindex.sql for manual updaters). +* (bug 65) Fix broken interwiki link encoding on Latin-1 wikis; force to UTF-8 +* (bug 563) Fix UTF-8 interwiki URL redirects via Latin-1 wikis +* (bug 1536) Fix page info +* Support os (Ossetic) as language code, using Russian localization base +* (bug 1610) Support non (Old Norse) as language code, using Icelandic localization base +* (bug 1618) Properly list custom namespaces in Special:Allpages +* (bug 1622) Remove trailing' >' when using category browser +* (bug 1570) Fix php 4.2.x error on conflict merging +* (bug 1585) Fix page title on post-login redirection page +* Run UTF-8 validation on old text in Recentchanges RSS diffs +* (bug 1642) fix a mime type typo in img_auth.php +* Automated interwiki redirects only for local interwikis +* Respect read-only mode on block removals +* Trim old illegal characters from syndication feeds +* Reduce message cache outage recovery delay from 1 day to 5 minutes +* (bug 1403) Update Finnish localization +* (bug 1478) Punjabi localization +* (bug 1667) Update script 5 second countdown. +* (bug 1057) Fix logging table encoding (error on MySQL 4.1) +* (bug 1680) Fix linktrail for fo +* (bug 1653) Removing hardcoded messages in Special:Allmessages +* (bug 1594) Render a hyphen in a formula as − in HTML +* (bug 1495) Fall back to default language MediaWiki: for custom messages +* (bug 1617) Show different error messages for "user does not + exist" and "wrong password" when using AuthPlugin +* (bug 1532), (bug 1544) Changed language names for + 'bn', 'bo', 'dv', 'dz', 'ht', 'ii', 'li', 'lo', 'ng', 'or', 'pa', 'si', + 'ti', 've' +* Fix editing on non-Esperanto wiki with user language pref set to Esperanto +* Make conversion table for zh-sg default to zh-cn, and zh-hk default to zh-tw +* Fix PHP notice in MonoBook when counters disabled +* (bug 1696) Update namespaces, dates in uk localization +* (bug 551) Installer warns about magic_quotes_runtime and magic_quotes_sybase + instead of trying to install with corrupt table files +* Installer no longer tries to move non-default MediaWiki: pages into Template: +* User-to-user email disabled by default ($wgEnableUserEmail) -Expiration date field has been added to ipblocks table -(patch-ipb_expiry.sql for manual updaters). +=== 1.4.1 fixes === -== Version 1.1.0, 2003-12-08 == +* (bug 1720) fix genitive month names for uk +* (bug 1704) fixed untranslateable string in Special:Log +* (bug 1638) Added Belrusian language file +* (bug 1736) typo in SpecialValidate.php +* (bug 73) Upload doesn't run edit updates on description page (links, + search index and categories) +* (bug 646) <math> fails to recognize \ll and \gg +* (bug 926) \div element from TeX not supported in <math> element +* (bug 1147) add \checkmark to whitelist in texutil.ml +* (bug 937) \limits function from LaTeX not supported in <math> element +* Support for manually converting article title to different Chinese + variants (for zh) +* (bug 1488, bug 1744) Fix encoding for preferences, dates in Latin-1 mode +* (bug 1042) Fix UTF-8 case conversion for PHP <4.3 with mbstring extension +* Fix code typo that broke article credits display +* Installation fixes for running under IIS +* (bug 1556) login page tab order. "remember" checkbox now come after password. +* SQL debug log fixlets +* (bug 1815) Fix namespace in old revision display with mismatched title +* (bug 1788) Fix link duplication when edit/upload comment includes newlines +* Change default on $wgSysopUserBans and $wgSysopRangeBans to true +* Fix link conversion for URL request +* (bug 1851) Updated download URL for the SCIM packages used by zhtable +* (bug 1853) Try stripping quotes from term for 'go' title match +* Fix missing function in Latin1 mode +* (bug 1860) Anchors of interwiki links did not get normalized +* (bug 1847) accept lowercase x in ISBN, do not accept invalid A-W,Y,Z +* Fix link conversion for URL request, hopefully without breaking the wiki +* (bug 1849) New option allows to consider categorized images as used on + Special:Unusedimages +* Localized category namespace for ka (Georgian) +* (bug 1107) Work around includes problem in installer when parent dir is not + readable by the web server +* (bug 1927) Incorrect escaping on wikitext message in Blockip -This is the new production release. Any following 1.1.x releases are expected -to contain only bug fixes; developments of new features will go towards a 1.2.0 -release. -New features in 1.1: -* New wiki table syntax: - http://meta.wikipedia.org/wiki/MediaWiki_User%27s_Guide:_Using_tables -* User-editable interface messages: - http://meta.wikipedia.org/wiki/MediaWiki_namespace -* XML-wrapped page source export with optional history: - http://meta.wikipedia.org/wiki/XML_import_and_export - (There is not yet an import function!) -* "Magic words" +=== 1.4.2 fixes === -Fixes and tweaks: -* linkscc table caches link data for rendering; faster rebuildlinks.php -* Numerous bugs in Cologne Blue skin fixed -* Login gives warning about missing cookies -* Block log, protection log added; deletion log now includes undeletions -* Deletion & upload logs now escape comment text properly -* Problems with <nowiki> segments in section titles etc mitigated -* Contributions offset and minor edit bugs fixed -* Whatlinkshere now sorted alphabetically -* Various exciting new profiling options. -* Debug log is off by default. -* Various small bugs fixed. +* Fix math options in Finnish localization +* Use in-process Tidy extension if available when $wgUseTidy is on +* (bug 1933) Fix PATH_INFO usage under IIS with PHP ISAPI module +* (bug 1188) <nowiki> in {{subst:}} includes fixed +* (bug 1936)  in {{subst:}} includes fixed +* Fix a potential MSIE JavaScript injection vector in Tidy mode -Internal changes: -* wfQuery has had a second parameter inserted, DB_READ or DB_WRITE. This value - is not actually used so far. -* Partial code for categories and Smarty template-based skins is in the tree - but disabled. -* Parts of Article.php have been moved to EditPage.php and ImagePage.php. -New translations: -* fi - Finnish -* ia - Interlingua -* no - Norwegian -* sk - Slovak -* ta - Tamil +=== 1.4.3 fixes === -=== Database changes === +* (bug 1636) Refs like ţ were misinterpreted as octal in some places +* (bug 1163) Special:Undelete showed oldest revision instead of newest +* (bug 1938) Fix escaping of illegal character references in link text +* (bug 1997) Fix for error on display of renamed items in Recentchanges on PHP5 +* (bug 1949) Profiling typo in rare error case +* (bug 1963) Fix deletion log link when $wgCapitalLinks is off +* (bug 1970) Don't show move tab for immobile pages +* (bug 1770) Page creation recorded links from the 'newarticletext' message +* Optional change to the site_stats table. When applied, this removes the need + for expensive queries in Special:Statistics. -"linkscc" table added. If upgrading manually (rather than with update.php), -run maintenance/archives/patch-linkscc.sql to create the table. -Older releases were dated snapshots from the old 'stable' branch: +=== 1.4.4 fixes === -== mediawiki-20031118 == +* (bug 725) Let dir="ltr" attribute work again in MonoBook on RTL languages +* (bug 2024) Skip JavaScript error for custom skins where .js message not set +* (bug 2025) Updated Indonesian localization +* (bug 2039) Updated Lithuanian localization -* Image deletion fixed. -* Deletion of image old revisions now restricted to sysops - (this is an irreversible action and not well logged) -* Fixed maintenance scripts broken by last release's security fix -* Many errors in rebuildlinks script fixed. -== mediawiki-20031117 == +=== Caveats === -* SECURITY FIX: stricter checking of include path -* Fixed user contributions next/prev bug -* Login cookies now have the database name prefixed to allow wikis - to coexist in the same domain. This will invalidate any old saved - password cookies. -* Update cache timestamp when talk pages are created -* Saving the login form in Mozilla no longer blanks password in prefs. -* Check existence of source page before performing a move. -* Detect invalid titles in Special:Allpages -* Q-encode headers on outgoing inter-user e-mail -* Updates to some translations. -* Added table of contents border/bg to Cologne Blue, Nostalgia skins -* Protected pages no longer appear unprotected when visited via redirect -* Swapped old Wikipedia logo for the MediaWiki sunflower logo -* install.php, update.php print warning on old PHP versions, - added compatibility functions that might or might not help +Some output, particularly involving user-supplied inline HTML, may not [truncated at 1000 lines; 121853 more skipped]

18 years, 9 months

[arty] 19943: Fix firefox exit. Implement a simple work queue for possibly dispatch level

by arty＠svn.reactos.com

Fix firefox exit. Implement a simple work queue for possibly dispatch level callbacks for cancel and close. Modified: trunk/reactos/drivers/lib/ip/network/receive.c Modified: trunk/reactos/drivers/lib/ip/transport/tcp/tcp.c Modified: trunk/reactos/drivers/net/tcpip/include/tcp.h Modified: trunk/reactos/drivers/net/tcpip/include/tcpip.h Modified: trunk/reactos/drivers/net/tcpip/include/titypes.h Modified: trunk/reactos/drivers/net/tcpip/tcpip/dispatch.c Modified: trunk/reactos/drivers/net/tcpip/tcpip/fileobjs.c Modified: trunk/reactos/drivers/net/tcpip/tcpip/main.c _____ Modified: trunk/reactos/drivers/lib/ip/network/receive.c --- trunk/reactos/drivers/lib/ip/network/receive.c 2005-12-07 00:06:27 UTC (rev 19942) +++ trunk/reactos/drivers/lib/ip/network/receive.c 2005-12-07 08:50:27 UTC (rev 19943) @@ -521,6 +521,8 @@ * IPPacket = Pointer to IP packet */ { + IP_ADDRESS Address; + TI_DbgPrint(DEBUG_IP, ("Received IPv4 datagram.\n")); IPPacket->HeaderSize = (((PIPv4_HEADER)IPPacket->Header)->VerIHL & 0x0F) << 2; @@ -562,7 +564,16 @@ /* FIXME: Should we allow packets to be received on the wrong interface? */ /* XXX Find out if this packet is destined for us */ - ProcessFragment(IF, IPPacket); + + if( AddrLocateADEv4( IPPacket->DstAddr.Address.IPv4Address, &Address ) ) { + ProcessFragment( IF, IPPacket ); + } else { + PNEIGHBOR_CACHE_ENTRY NCE; + + if((NCE = RouteGetRouteToDestination( &IPPacket->DstAddr ))) { + IPSendDatagram( IPPacket, NCE, NULL, NULL ); + } + } #if 0 } else { /* This packet is not destined for us. If we are a router, _____ Modified: trunk/reactos/drivers/lib/ip/transport/tcp/tcp.c --- trunk/reactos/drivers/lib/ip/transport/tcp/tcp.c 2005-12-07 00:06:27 UTC (rev 19942) +++ trunk/reactos/drivers/lib/ip/transport/tcp/tcp.c 2005-12-07 08:50:27 UTC (rev 19943) @@ -647,4 +647,8 @@ return STATUS_SUCCESS; } +void TCPMarkForDisconnect( PCONNECTION_ENDPOINT Context, BOOLEAN Marked ) { + Context->Disconnecting = Marked; +} + /* EOF */ _____ Modified: trunk/reactos/drivers/net/tcpip/include/tcp.h --- trunk/reactos/drivers/net/tcpip/include/tcp.h 2005-12-07 00:06:27 UTC (rev 19942) +++ trunk/reactos/drivers/net/tcpip/include/tcp.h 2005-12-07 08:50:27 UTC (rev 19943) @@ -38,6 +38,9 @@ #define TCPOPTLEN_MAX_SEG_SIZE 0x4 +#define TCP_CANCEL_DISCONNECT 0 +#define TCP_CANCEL_CLOSE 1 + /* Data offset; 32-bit words (leftmost 4 bits); convert to bytes */ #define TCP_DATA_OFFSET(DataOffset)(((DataOffset) & 0xF0) >> (4-2)) @@ -57,6 +60,13 @@ KEVENT Event; } SLEEPING_THREAD, *PSLEEPING_THREAD; +typedef struct _CANCEL_REQUEST { + LIST_ENTRY Entry; + PVOID Context; + PIRP Irp; + UINT Flags, Type; +} CANCEL_REQUEST, *PCANCEL_REQUEST; + /* Retransmission timeout constants */ /* Lower bound for retransmission timeout in TCP timer ticks */ @@ -176,4 +186,7 @@ NTSTATUS TCPShutdown( VOID); +void TCPMarkForDisconnect( + PCONNECTION_ENDPOINT Connection, BOOLEAN Marked ); + #endif /* __TCP_H */ _____ Modified: trunk/reactos/drivers/net/tcpip/include/tcpip.h --- trunk/reactos/drivers/net/tcpip/include/tcpip.h 2005-12-07 00:06:27 UTC (rev 19942) +++ trunk/reactos/drivers/net/tcpip/include/tcpip.h 2005-12-07 08:50:27 UTC (rev 19943) @@ -188,6 +188,9 @@ extern KSPIN_LOCK InterfaceListLock; extern LIST_ENTRY AddressFileListHead; extern KSPIN_LOCK AddressFileListLock; +extern LIST_ENTRY CancelQueue; +extern KSPIN_LOCK CancelQueueLock; +extern WORK_QUEUE_ITEM CancelQueueWork; extern NDIS_HANDLE GlobalPacketPool; extern NDIS_HANDLE GlobalBufferPool; extern KSPIN_LOCK EntityListLock; _____ Modified: trunk/reactos/drivers/net/tcpip/include/titypes.h --- trunk/reactos/drivers/net/tcpip/include/titypes.h 2005-12-07 00:06:27 UTC (rev 19942) +++ trunk/reactos/drivers/net/tcpip/include/titypes.h 2005-12-07 08:50:27 UTC (rev 19943) @@ -308,6 +308,8 @@ * notification service to the client */ UINT SignalState; /* Active signals from oskit */ BOOLEAN Signalled; /* Are we a member of the signal list */ + BOOLEAN Disconnecting; /* Cancelling an irp .. we need to leave it + * alone for now */ } CONNECTION_ENDPOINT, *PCONNECTION_ENDPOINT; _____ Modified: trunk/reactos/drivers/net/tcpip/tcpip/dispatch.c --- trunk/reactos/drivers/net/tcpip/tcpip/dispatch.c 2005-12-07 00:06:27 UTC (rev 19942) +++ trunk/reactos/drivers/net/tcpip/tcpip/dispatch.c 2005-12-07 08:50:27 UTC (rev 19943) @@ -12,6 +12,8 @@ #include "precomp.h" #include <pseh/pseh.h> +extern VOID DeleteConnectionEndpoint( PCONNECTION_ENDPOINT Endpoint ); + NTSTATUS DispPrepareIrpForCancel( PTRANSPORT_CONTEXT Context, PIRP Irp, @@ -135,7 +137,56 @@ TI_DbgPrint(DEBUG_IRP, ("Done Completing IRP\n")); } +VOID DDKAPI CancelQueuePassiveHandler( PVOID CancelRequestVoid ) +{ + KIRQL OldIrql; + PCANCEL_REQUEST CancelReq; + PLIST_ENTRY CqEntry; + KeAcquireSpinLock( &CancelQueueLock, &OldIrql ); + + TI_DbgPrint(DEBUG_IRP,("CANCEL QUEUE: Starting\n")); + + for( CqEntry = CancelQueue.Flink; + CqEntry != &CancelQueue; + ) { + CancelReq = CONTAINING_RECORD(CqEntry, CANCEL_REQUEST, Entry); + ExInterlockedRemoveHeadList( &CancelQueue, &CancelQueueLock ); + CqEntry = CancelQueue.Flink; + + KeReleaseSpinLock( &CancelQueueLock, OldIrql ); + + TI_DbgPrint(DEBUG_IRP,("CANCEL QUEUE: Executing %x\n", CancelReq)); + + switch( CancelReq->Type ) { + case TCP_CANCEL_DISCONNECT: + TCPDisconnect + ( CancelReq->Context, + CancelReq->Flags, + NULL, + NULL, + DispDataRequestComplete, + CancelReq->Irp ); + break; + + case TCP_CANCEL_CLOSE: + TCPClose( CancelReq->Context ); + DeleteConnectionEndpoint( CancelReq->Context ); + break; + } + + TCPMarkForDisconnect( CancelReq->Context, FALSE ); + + ExFreePool( CancelReq ); + + KeAcquireSpinLock( &CancelQueueLock, &OldIrql ); + } + + TI_DbgPrint(DEBUG_IRP,("CANCEL QUEUE: Ending\n")); + + KeReleaseSpinLock( &CancelQueueLock, OldIrql ); +} + VOID DDKAPI DispCancelRequest( PDEVICE_OBJECT Device, PIRP Irp) @@ -150,6 +201,7 @@ PTRANSPORT_CONTEXT TranContext; PFILE_OBJECT FileObject; UCHAR MinorFunction; + PCANCEL_REQUEST CancelRequest; /*NTSTATUS Status = STATUS_SUCCESS;*/ TI_DbgPrint(DEBUG_IRP, ("Called.\n")); @@ -169,23 +221,21 @@ /* Try canceling the request */ switch(MinorFunction) { case TDI_SEND: - TCPDisconnect - ( TranContext->Handle.ConnectionContext, - TDI_DISCONNECT_RELEASE, - NULL, - NULL, - DispDataRequestComplete, - Irp ); - break; - case TDI_RECEIVE: - TCPDisconnect - ( TranContext->Handle.ConnectionContext, - TDI_DISCONNECT_ABORT | TDI_DISCONNECT_RELEASE, - NULL, - NULL, - DispDataRequestComplete, - Irp ); + CancelRequest = ExAllocatePoolWithTag + ( sizeof(CANCEL_REQUEST), NonPagedPool, FOURCC('T','c','k','O') ); + TCPMarkForDisconnect( TranContext->Handle.ConnectionContext, TRUE ); + if( CancelRequest ) { + TI_DbgPrint(DEBUG_IRP,("CANCEL QUEUE:-> %x\n", CancelRequest)); + CancelRequest->Flags = TDI_DISCONNECT_RELEASE | + (MinorFunction == TDI_RECEIVE) ? TDI_DISCONNECT_ABORT : 0; + CancelRequest->Context = TranContext->Handle.ConnectionContext; + CancelRequest->Irp = Irp; + CancelRequest->Type = TCP_CANCEL_DISCONNECT; + ExInterlockedInsertTailList + ( &CancelQueue, &CancelRequest->Entry, &CancelQueueLock ); + ExQueueWorkItem( &CancelQueueWork, CriticalWorkQueue ); + } break; case TDI_SEND_DATAGRAM: _____ Modified: trunk/reactos/drivers/net/tcpip/tcpip/fileobjs.c --- trunk/reactos/drivers/net/tcpip/tcpip/fileobjs.c 2005-12-07 00:06:27 UTC (rev 19942) +++ trunk/reactos/drivers/net/tcpip/tcpip/fileobjs.c 2005-12-07 08:50:27 UTC (rev 19943) @@ -10,7 +10,6 @@ #include "precomp.h" - /* List of all address file objects managed by this driver */ LIST_ENTRY AddressFileListHead; KSPIN_LOCK AddressFileListLock; @@ -352,6 +351,7 @@ KIRQL OldIrql; PADDRESS_FILE AddrFile; NTSTATUS Status = STATUS_SUCCESS; + PCANCEL_REQUEST CancelReq; TI_DbgPrint(MID_TRACE, ("Called.\n")); @@ -369,8 +369,16 @@ switch (AddrFile->Protocol) { case IPPROTO_TCP: TCPFreePort( AddrFile->Port ); - if( AddrFile->Listener ) - TCPClose( AddrFile->Listener ); + if( AddrFile->Listener ) { + CancelReq = ExAllocatePoolWithTag + ( sizeof(CANCEL_REQUEST), NonPagedPool, FOURCC('T','c','l','s') ); + if( CancelReq ) { + CancelReq->Type = TCP_CANCEL_CLOSE; + CancelReq->Context = AddrFile->Listener; + AddrFile->Listener = NULL; + ExQueueWorkItem( &CancelQueueWork, CriticalWorkQueue ); + } + } break; case IPPROTO_UDP: @@ -466,15 +474,19 @@ { PCONNECTION_ENDPOINT Connection; NTSTATUS Status = STATUS_SUCCESS; + PCANCEL_REQUEST CancelReq; TI_DbgPrint(MID_TRACE, ("Called.\n")); Connection = Request->Handle.ConnectionContext; - TcpipRecursiveMutexEnter( &TCPLock, TRUE ); - TCPClose(Connection); - DeleteConnectionEndpoint(Connection); - TcpipRecursiveMutexLeave( &TCPLock ); + CancelReq = ExAllocatePoolWithTag + ( sizeof(CANCEL_REQUEST), NonPagedPool, FOURCC('T','c','l','s') ); + if( CancelReq ) { + CancelReq->Type = TCP_CANCEL_CLOSE; + CancelReq->Context = Connection; + ExQueueWorkItem( &CancelQueueWork, CriticalWorkQueue ); + } TI_DbgPrint(MAX_TRACE, ("Leaving.\n")); _____ Modified: trunk/reactos/drivers/net/tcpip/tcpip/main.c --- trunk/reactos/drivers/net/tcpip/tcpip/main.c 2005-12-07 00:06:27 UTC (rev 19942) +++ trunk/reactos/drivers/net/tcpip/tcpip/main.c 2005-12-07 08:50:27 UTC (rev 19943) @@ -14,7 +14,7 @@ #ifndef NDEBUG DWORD DebugTraceLevel = DEBUG_ULTRA & ~(DEBUG_LOCK | DEBUG_PBUFFER); #else -DWORD DebugTraceLevel = 0; +DWORD DebugTraceLevel = DEBUG_IRP; #endif /* NDEBUG */ PDEVICE_OBJECT TCPDeviceObject = NULL; @@ -35,6 +35,12 @@ KSPIN_LOCK IpWorkLock; WORK_QUEUE_ITEM IpWorkItem; +/* Cancel Queue */ +LIST_ENTRY CancelQueue; +KSPIN_LOCK CancelQueueLock; +WORK_QUEUE_ITEM CancelQueueWork; +extern VOID DDKAPI CancelQueuePassiveHandler( PVOID Context ); + VOID TiWriteErrorLog( PDRIVER_OBJECT DriverContext, NTSTATUS ErrorCode, @@ -809,6 +815,11 @@ InitializeListHead(&InterfaceListHead); KeInitializeSpinLock(&InterfaceListLock); + /* Initialize cancellation queue */ + InitializeListHead(&CancelQueue); + KeInitializeSpinLock(&CancelQueueLock); + ExInitializeWorkItem( &CancelQueueWork, CancelQueuePassiveHandler, NULL ); + /* Initialize network level protocol subsystem */ IPStartup(RegistryPath);

18 years, 9 months

[greatlrd] 19942: take care of Bug#: 1084

by greatlrd＠svn.reactos.com

take care of Bug#: 1084 Modified: trunk/reactos/subsys/system/cmd/dir.c _____ Modified: trunk/reactos/subsys/system/cmd/dir.c --- trunk/reactos/subsys/system/cmd/dir.c 2005-12-06 22:53:48 UTC (rev 19941) +++ trunk/reactos/subsys/system/cmd/dir.c 2005-12-07 00:06:27 UTC (rev 19942) @@ -1130,11 +1130,14 @@ return 1; } + /* In bare format we don't print results */ if (lpFlags->bBareFormat) return 0; /* Print recursive specific results */ + + /* Take this code offline to fix /S does not print duoble info */ if (lpFlags->bRecursive) { ConvertULargeInteger(u64Bytes, szBuffer, sizeof(szBuffer), lpFlags->bTSeperator); @@ -1144,8 +1147,22 @@ ConOutPrintfPaging(FALSE,szMsg,ulFiles, szBuffer); else ConOutPrintf(szMsg,ulFiles, szBuffer); + + if (ulFiles > 0) + { + ConvertULargeInteger(u64Bytes, szBuffer, 20, lpFlags->bTSeperator); + LoadString(CMD_ModuleHandle, STRING_DIR_HELP8, szMsg, RC_STRING_MAX_SIZE); + if(lpFlags->bPause) + ConOutPrintfPaging(FALSE,szMsg,ulFiles, szBuffer); + else + ConOutPrintf(szMsg,ulFiles, szBuffer); + } - + + } + else + { + /* Print File Summary */ /* Condition to print summary is: If we are not in bare format and if we have results! */ @@ -1159,7 +1176,8 @@ ConOutPrintf(szMsg,ulFiles, szBuffer); } - + +} /* Print total directories and freespace */ szRoot[0] = szPath[0]; GetUserDiskFreeSpace(szRoot, &uliFree);

18 years, 9 months

[greatlrd] 19941: Bugfix EnumDisplayDevicesA when it convert the struct DISPLAY_DEVICE to unicode it use ansi side of it. and that why it did fail.

by greatlrd＠svn.reactos.com

Bugfix EnumDisplayDevicesA when it convert the struct DISPLAY_DEVICE to unicode it use ansi side of it. and that why it did fail. Modified: trunk/reactos/lib/user32/misc/display.c _____ Modified: trunk/reactos/lib/user32/misc/display.c --- trunk/reactos/lib/user32/misc/display.c 2005-12-06 20:18:59 UTC (rev 19940) +++ trunk/reactos/lib/user32/misc/display.c 2005-12-06 22:53:48 UTC (rev 19941) @@ -61,7 +61,7 @@ return FALSE; } - DisplayDeviceW.cb = lpDisplayDevice->cb; + DisplayDeviceW.cb = sizeof(DISPLAY_DEVICEW); rc = NtUserEnumDisplayDevices ( &Device, iDevNum,

18 years, 9 months

[frik85] 19940: RosCMS update:

by frik85＠svn.reactos.com

RosCMS update: * "group Members" interface: fixed a small bug Modified: trunk/web/reactos.org/htdocs/roscms/inc/admin_user_group_members.php _____ Modified: trunk/web/reactos.org/htdocs/roscms/inc/admin_user_group_members.php --- trunk/web/reactos.org/htdocs/roscms/inc/admin_user_group_members.php 2005-12-06 19:59:09 UTC (rev 19939) +++ trunk/web/reactos.org/htdocs/roscms/inc/admin_user_group_members.php 2005-12-06 20:18:59 UTC (rev 19940) @@ -178,11 +178,13 @@ FROM usergroup_members $ros_cms_intern_users_filt $ros_cms_intern_users_lang ORDER BY '$ros_cms_intern_users_sortby' $ros_cms_intern_users_sort LIMIT ". $roscms_SET_curpos ." , ". $roscms_intern_items_per_page ." ;") ; + } else { + //AND user_account_hidden != 0 $query_page = mysql_query("SELECT * FROM usergroup_members - $ros_cms_intern_users_filt AND user_account_hidden != 0 $ros_cms_intern_users_lang + $ros_cms_intern_users_filt $ros_cms_intern_users_lang ORDER BY '$ros_cms_intern_users_sortby' $ros_cms_intern_users_sort LIMIT ". $roscms_SET_curpos ." , ". $roscms_intern_items_per_page ." ;") ; } @@ -206,7 +208,7 @@ $farbe = $farbe2; } ?>"> - <div align="center"><a href="?page=admin&sec=usrgrpmbr&sec2=edit&sec3=<?php echo $result_page['usergroupmember_usergroupid']; ?>&db_id=<?php echo $result_page['usergroupmember_userid']; ?>"><img src="images/view.gif" alt="Edit Membership" width="19" height="18" border="0"></a> <a href="?page=admin&sec=usrgrpmbr&sec2=add&sec3=new&db_id= <?php echo $result_page['usergroupmember_userid']; ?>"><img src="images/tool.gif" alt="Add Membership" width="19" height="18" border="0"></a> <a href="?page=admin&sec=usrgrpmbr&sec2=delete&sec3=<?php echo $result_page['usergroupmember_usergroupid']; ?>&db_id=<?php echo $result_page['usergroupmember_userid']; ?>"><img src="images/delete.gif" alt="Add Membership" width="19" height="18" border="0"></a></div></td> + <div align="center"><a href="?page=admin&sec=usrgrpmbr&sec2=edit&sec3=<?php echo $result_page['usergroupmember_usergroupid']; ?>&db_id=<?php echo $result_page['usergroupmember_userid']; ?>"><img src="images/view.gif" alt="Edit Membership" width="19" height="18" border="0"></a> <a href="?page=admin&sec=usrgrpmbr&sec2=add&sec3=new&db_id= <?php echo $result_page['usergroupmember_userid']; ?>"><img src="images/tool.gif" alt="Add Membership" width="19" height="18" border="0"></a> <a href="?page=admin&sec=usrgrpmbr&sec2=delete&sec3=<?php echo $result_page['usergroupmember_usergroupid']; ?>&db_id=<?php echo $result_page['usergroupmember_userid']; ?>"><img src="images/delete.gif" alt="Delete Membership" width="19" height="18" border="0"></a></div></td> <td width="7%" valign="middle" bgcolor="<?php echo $farbe; ?>"> <div align="center"><font face="Arial, Helvetica, sans-serif"><?php echo "<b>".$result_page['usergroupmember_userid']."</b>"; ?></font></div></td> <td width="10%" valign="middle" bgcolor="<?php echo $farbe; ?>"><font face="Arial, Helvetica, sans-serif"><?php $query_usra = mysql_query("SELECT user_id, user_name FROM users WHERE user_id = '".$result_page['usergroupmember_userid']."'") or die('DB error (membership script)!');

18 years, 9 months

[gvg] 19939: MediaWiki 1.5.3 vendor drop

by gvg＠svn.reactos.com

MediaWiki 1.5.3 vendor drop Modified: vendor/mediawiki/current/.cvsignore Modified: vendor/mediawiki/current/AdminSettings.sample Modified: vendor/mediawiki/current/HISTORY Modified: vendor/mediawiki/current/INSTALL Modified: vendor/mediawiki/current/README Modified: vendor/mediawiki/current/RELEASE-NOTES Modified: vendor/mediawiki/current/UPGRADE Deleted: vendor/mediawiki/current/Version.php Modified: vendor/mediawiki/current/config/index.php Added: vendor/mediawiki/current/docs/README Deleted: vendor/mediawiki/current/docs/deferred.doc Added: vendor/mediawiki/current/docs/deferred.txt Deleted: vendor/mediawiki/current/docs/design.doc Added: vendor/mediawiki/current/docs/design.txt Added: vendor/mediawiki/current/docs/export-0.1.xsd Added: vendor/mediawiki/current/docs/export-0.2.xsd Added: vendor/mediawiki/current/docs/export-0.3.xsd Added: vendor/mediawiki/current/docs/export-demo.xml Deleted: vendor/mediawiki/current/docs/globals.doc Added: vendor/mediawiki/current/docs/globals.txt Deleted: vendor/mediawiki/current/docs/hooks.doc Added: vendor/mediawiki/current/docs/hooks.txt Deleted: vendor/mediawiki/current/docs/language.doc Added: vendor/mediawiki/current/docs/language.txt Deleted: vendor/mediawiki/current/docs/linkcache.doc Added: vendor/mediawiki/current/docs/linkcache.txt Deleted: vendor/mediawiki/current/docs/memcached.doc Added: vendor/mediawiki/current/docs/memcached.txt Deleted: vendor/mediawiki/current/docs/schema.doc Added: vendor/mediawiki/current/docs/schema.txt Deleted: vendor/mediawiki/current/docs/skin.doc Added: vendor/mediawiki/current/docs/skin.txt Deleted: vendor/mediawiki/current/docs/title.doc Added: vendor/mediawiki/current/docs/title.txt Deleted: vendor/mediawiki/current/docs/user.doc Added: vendor/mediawiki/current/docs/user.txt Modified: vendor/mediawiki/current/img_auth.php Modified: vendor/mediawiki/current/includes/Article.php Modified: vendor/mediawiki/current/includes/AuthPlugin.php Added: vendor/mediawiki/current/includes/BagOStuff.php Modified: vendor/mediawiki/current/includes/Block.php Modified: vendor/mediawiki/current/includes/BlockCache.php Modified: vendor/mediawiki/current/includes/CacheManager.php Modified: vendor/mediawiki/current/includes/CategoryPage.php Modified: vendor/mediawiki/current/includes/ChangesList.php Modified: vendor/mediawiki/current/includes/Credits.php Modified: vendor/mediawiki/current/includes/Database.php Modified: vendor/mediawiki/current/includes/DatabaseFunctions.php Modified: vendor/mediawiki/current/includes/DatabasePostgreSQL.php Modified: vendor/mediawiki/current/includes/DateFormatter.php Modified: vendor/mediawiki/current/includes/DefaultSettings.php Modified: vendor/mediawiki/current/includes/Defines.php Modified: vendor/mediawiki/current/includes/DifferenceEngine.php Modified: vendor/mediawiki/current/includes/EditPage.php Added: vendor/mediawiki/current/includes/Exif.php Added: vendor/mediawiki/current/includes/ExternalEdit.php Modified: vendor/mediawiki/current/includes/ExternalStoreDB.php Modified: vendor/mediawiki/current/includes/Feed.php Modified: vendor/mediawiki/current/includes/FulltextStoplist.php Modified: vendor/mediawiki/current/includes/GlobalFunctions.php Modified: vendor/mediawiki/current/includes/Group.php Modified: vendor/mediawiki/current/includes/HTMLForm.php Modified: vendor/mediawiki/current/includes/HistoryBlob.php Modified: vendor/mediawiki/current/includes/Hooks.php Added: vendor/mediawiki/current/includes/HttpFunctions.php Modified: vendor/mediawiki/current/includes/Image.php Modified: vendor/mediawiki/current/includes/ImageGallery.php Modified: vendor/mediawiki/current/includes/ImagePage.php Deleted: vendor/mediawiki/current/includes/Interwiki.php Modified: vendor/mediawiki/current/includes/LinkCache.php Added: vendor/mediawiki/current/includes/Linker.php Modified: vendor/mediawiki/current/includes/LinksUpdate.php Modified: vendor/mediawiki/current/includes/LoadBalancer.php Modified: vendor/mediawiki/current/includes/LogPage.php Modified: vendor/mediawiki/current/includes/MagicWord.php Modified: vendor/mediawiki/current/includes/Math.php Modified: vendor/mediawiki/current/includes/MessageCache.php Deleted: vendor/mediawiki/current/includes/MessageCacheHints.php Added: vendor/mediawiki/current/includes/MimeMagic.php Modified: vendor/mediawiki/current/includes/Namespace.php Modified: vendor/mediawiki/current/includes/ObjectCache.php Modified: vendor/mediawiki/current/includes/OutputPage.php Modified: vendor/mediawiki/current/includes/PageHistory.php Modified: vendor/mediawiki/current/includes/Parser.php Modified: vendor/mediawiki/current/includes/ParserCache.php Modified: vendor/mediawiki/current/includes/ParserXML.php Modified: vendor/mediawiki/current/includes/Profiling.php Modified: vendor/mediawiki/current/includes/ProxyTools.php Modified: vendor/mediawiki/current/includes/QueryPage.php Modified: vendor/mediawiki/current/includes/RawPage.php Modified: vendor/mediawiki/current/includes/RecentChange.php Added: vendor/mediawiki/current/includes/Revision.php Added: vendor/mediawiki/current/includes/Sanitizer.php Modified: vendor/mediawiki/current/includes/SearchEngine.php Added: vendor/mediawiki/current/includes/SearchMySQL.php Modified: vendor/mediawiki/current/includes/SearchMySQL3.php Modified: vendor/mediawiki/current/includes/SearchMySQL4.php Modified: vendor/mediawiki/current/includes/SearchTsearch2.php Modified: vendor/mediawiki/current/includes/SearchUpdate.php Modified: vendor/mediawiki/current/includes/Setup.php [truncated at 100 lines; 432 more skipped] _____ Modified: vendor/mediawiki/current/.cvsignore --- vendor/mediawiki/current/.cvsignore 2005-12-06 19:57:28 UTC (rev 19938) +++ vendor/mediawiki/current/.cvsignore 2005-12-06 19:59:09 UTC (rev 19939) @@ -6,3 +6,4 @@ .project project.index .metadata* +.settings _____ Modified: vendor/mediawiki/current/AdminSettings.sample --- vendor/mediawiki/current/AdminSettings.sample 2005-12-06 19:57:28 UTC (rev 19938) +++ vendor/mediawiki/current/AdminSettings.sample 2005-12-06 19:59:09 UTC (rev 19939) @@ -23,4 +23,9 @@ $wgDBadminuser = 'wikiadmin'; $wgDBadminpassword = 'adminpass'; +/* + * Whether to enable the profileinfo.php script. + */ +$wgEnableProfileInfo = false; + ?> _____ Modified: vendor/mediawiki/current/HISTORY --- vendor/mediawiki/current/HISTORY 2005-12-06 19:57:28 UTC (rev 19938) +++ vendor/mediawiki/current/HISTORY 2005-12-06 19:59:09 UTC (rev 19939) @@ -1,629 +1,582 @@ Change notes from older releases. For current info see RELEASE-NOTES. += MediaWiki release notes = + Security reminder: MediaWiki does not require PHP's register_globals setting since version 1.2.0. If you have it on, turn it *off* if you can. -== Version 1.3.11, 2005-02-20 == +== MediaWiki 1.4.3 == -MediaWiki 1.3.11 is a security release. +(released 2005-04-28) -A security audit found and fixed a number of problems. Users of MediaWiki -1.3.10 and earlier should upgrade to 1.3.11; users of 1.4 beta releases -should upgrade to 1.4rc1. +MediaWiki 1.4.3 is a bugfix release for the 1.4 stable release series. +Chiefly, this fixes a compatibility problem with PHP 5 and a minor link +table corruption bug on initial page save. -=== Cross-site scripting vulnerability === -XSS injection points can be used to hijack session and authentication -cookies as well as more serious attacks. +== MediaWiki 1.4.2 == -* Media: links output raw text into an attribute value, potentially - abusable for JavaScript injection. This has been corrected. -* Additional checks added to file upload to protect against MSIE and - Safari MIME-type autodetection bugs. +(released 2005-04-20) -As of 1.3.10/1.4beta6, per-user customized CSS and JavaScript is disabled -by default as a general precaution. Sites which want this ability may set -$wgAllowUserCss and $wgAllowUserJs in LocalSettings.php. +MediaWiki 1.4.2 is a security and bug fix release for the 1.4 stable release +series. +A cross-site scripting injection vulnerability was discovered, which +affects only MSIE clients and is only open if MediaWiki has been +manually configured to run output through HTML Tidy ($wgUseTidy). -=== Cross-site request forgery === +Several other bugs are fixed in this release, see the changelog below. -An attacker could use JavaScript-submitted forms to perform various -restricted actions by tricking an authenticated user into visiting -a malicious web page. A fix for page editing in 1.3.10/1.4beta6 has -been expanded in this release to other forms and functions. +All new installations are highly recommended to use 1.4.2 instead of +1.3.x; 1.3.x users should consider upgrading for bug fixes and new +features. Ealier 1.4.x release and beta users should upgrade to this +release for relevant bug fixes; see the changelog later in this file. -Authors of bot tools may need to update their code to include the -additional fields. +If you have trouble, remember to read this whole file and the online FAQ page +before asking for help: -=== Directory traversal === +http://meta.wikimedia.org/wiki/MediaWiki_FAQ -An unchecked parameter in image deletion could allow an authenticated -administrator to delete arbitary files in directories writable by the -web server, and confirm existence of files not deletable. +=== READ THIS FIRST: Upgrading === -== Version 1.3.10, 2005-02-03 == +If upgrading from an older release, see the notes in the file UPGRADE. +There are a couple of minor database changes from the beta releases, +and somewhat larger changes from 1.3.x. -MediaWiki 1.3.10 is a security release. +Upgrading from a previous 1.4.x stable release installation should +generally only require copying the new files over the old ones. -An attacker could craft a URL which, when visited by a particular -logged-in user, would execute arbitrary JavaScript code on the user's -browser in the wiki's site context. This attack has been blocked, and as -an extra precaution the user CSS and JavaScript subpage support is now -disabled by default. Sites which want this ability may set $wgAllowUserCss -and $wgAllowUserJs in LocalSettings.php. -Additional protections have been added against off-site form submissions -hijacking user credentials. Authors of bot tools may need to update their -code to include additional fields. +==== READ THIS FIRST, TOO: MySQL 4.1 AND 5.0 ==== -All wikis running 1.3.x are strongly urged to upgrade to 1.3.10. +MySQL 5.0 is a beta release, not yet ready for production use. If you +are using it, the notes below about 4.1 apply to you too. -Changes from 1.3.9: -* Logged-in edits and preview of user CSS/JS are now locked to a session token. -* Per-user CSS and JavaScript subpage customizations now disabled by default. - They can be re-enabled via $wgAllowUserJs and $wgAllowUserCss. -* Removed .ogg from the default uploads whitelist as an extra precaution. - If your web server is configured to serve Ogg files with the correct - Content-Type header, you can re-add it in LocalSettings.php: - $wgFileExtensions[] = 'ogg'; +If you have the choice of MySQL 4.0 or MySQL 4.1 and don't need 4.1 for +some other application, you should consider sticking with 4.0 for the +moment. 4.1 may require you to do extra fiddling to get things to work +due to changes that aren't fully backwards-compatible. +MySQL 4.1 has changed the authentication protocol in an incompatible +way; many PHP installations still use the older client libraries and +CANNOT CONNECT TO THE SERVER WITH A PASSWORD without some changes. +See: http://dev.mysql.com/doc/mysql/en/Old_client.html -== Version 1.3.9, 2004-12-12 == +If MySQL is set with utf-8 as the default character set, installation +may fail with "key too long" errors. Set the default charset to 'latin1' +for installation and it should work. -MediaWiki 1.3.9 is a security and bug fix release. +The mysqldump backup generator now applies an automatic conversion to +UTF-8, which may irretrivably corrupt your data. Pass the -charset option +with the original default charset (eg 'latin1') to skip the conversion. -A flaw in upload handling has been found which may allow upload and -execution of arbitrary scripts with the permissions of the web server. -Only wikis that have enabled uploads and have a vulnerable Apache -configuration will be affected, but to be safe all wikis should upgrade. -Wikis with uploads available should either disable uploads or upgrade to -1.3.9 immediately; if other files are customized and require merging -changes, includes/SpecialUpload.php may be replaced individually to add -the fix. +==== READ THIS FIRST IF RUNNING ON A WINDOWS SERVER ==== -(It is also recommended to configure your web server to disable script -execution in the 'images' subdirectory where uploads are placed, which -prevents most attacks even if the wiki fails.) +MediaWiki is tested and deployed primarily under the Apache web server +on Linux Unix systems. There are known to be problems running on +Microsoft's IIS which are not fully resolved. If you have a choice, +try running under Apache on Windows, or on a Unix/Linux box instead. -Changes from 1.3.8: -* Backported "Templates used in this page"-feature of EditPage -* Allow "MySkin" as a default skin. -* (bug 938) Parse namespaces correctly on self-interwiki links -* (bug 1010) fix broken Commons image link on Classic & Cologne Blue -* (bug 1004) Norsk language names for interwiki links changed, - Nauruan language name changed -* Enhance upload extension blacklist to protect against vulnerable - Apache configurations +If you're having trouble with blank pages on IIS and can't switch, +try the workaround suggested in this bug report: +http://bugzilla.wikimedia.org/show_bug.cgi?id=1763 -== Version 1.3.8, 2004-11-15 == +=== New features === -MediaWiki 1.3.8 is a bugfix release. Those running wikis with uploads -enabled are strongly recommended to upgrade as this fixes several problems -with overwriting previously-uploaded files. +* 'Recentchanges Patrol' to mark new edits that haven't yet been viewed. +* New, searchable deletion/upload/protection logs +* Image gallery generation (Special:Newimages and <gallery> tag) +* SVG rasterization support (requires external support tools) +* Users can select from the available localizations to override the + default user interface language. +* Traditional/Simplified Chinese conversion support +* rel="nofollow" support to combat linkspam -Changes from 1.3.7: -* (bug 506) fix array_key_exists() warning for IIS servers using - ISAPI mode -* (bug 718) fix bad charset in (file) cached pages -* use local numerals in category page (for Hindi et al) -* alias month abbreviations to month names in Hindi -* add localized numerals for Gujarati and Kannada -* fix Category and project namespaces for Hindi -* Don't output bogus timestamp on Special:Recentchanges if no entries -* Correct template include path which broke some but not all Windows installs -* Fix edit form submission problem with some PHP versions -* Disallow unreachable titles with %XX hex codes -* Allow page [[0]] to be renamed -* (bug 774) when saving with section=new, return to the anchor as with - existing numbered section edits -* Experimental shared upload overlay area (disabled by default) -* (bug 806) Removed some "Wikipedia" hardcoding in German localization -* User option localization fix for some extensions -* (bug 809) now try to load the mysql php extension if it isn't loaded -* (bug 848) fix error message in Special:Newpages RSS and Atom feeds -* (bug 26) fix cache headers on anon talk page notification -* (bug 874) added 'cgi' to wgFileBlacklist -* (bug 862) localize date and time format for Finnish -* (bug 548) Don't overwrite images until the user confirms it +The current implementation adds this attribute to _all_ external URL +links in wiki text (but not internal [[wiki links]] or interwiki links). +To disable the attribute for _all_ external links, add this line to your +LocalSettings.php: + $wgNoFollowLinks = false -== Version 1.3.7, 2004-10-18 == -Changes from 1.3.6: -* Fix protected-page related security issue. +For background information on nofollow see: + http://www.google.com/googleblog/2005/01/preventing-comment-spam.html -== Version 1.3.6, 2004-10-14 == -Changes from 1.3.5: -* (bug 296) Variables in user interface messages are no longer substituted - at install time, so changes to the site name etc should be easier to make -* (bug 149) Special:Recentchanges "changes from" link preserves limit -* (bug 433) tooltip for "Undelete" tab now labeled correctly -* (bug 439) unclickable "Move" tab no longer displays on protected pages -* (bug 484) graceful deletion of images where the actual file is missing -* (bug 686) fixed [[plural]]s in Catalan localization -* Fixed potential HTML/JavaScript injection attack in the UnicodeConverter - extension. (This extension is not enabled by default.) -* Fixed potential HTML/JavaScript injection attack via raw page views to - a maliciously crafted wiki page. -* (bug 187, bug 669) Fixed centered thumbnails, using <div> instead of - <span>. -* catch MySQL error 2000 during installation. -* (bug 704) Removed misleading LocalSettings.sample -* Fix cross site scripting bugs in SpecialIpblocklist, SpecialEmailuser -* Fix SQL injection and cross site scripting bugs in SpecialMaintenance -* Fix cross site scripting bugs and possible filename validation vulnerability - in ImagePage. -* and more of that sort +=== Installation and compatibility === +* The default MonoBook theme now works with PHP 5.0 +* Installation on systems with PHP's safe mode or other oddities + should work more reliably, as MonoBook no longer needs to + create a compiled template file for the wiki to run. +* A table prefix may be specified, to avoid conflicts with other + web applications forced to share a database. +* More thorough UTF-8 input validation; fixes non-ASCII uploaded + filenames from Safari. +* Command-line database upgrade script. -== Version 1.3.5, 2004-09-30 == -Changes from 1.3.4: -* Clean up input validation in 'raw' page output mode which was a potential - cross-site scripting opportunity. +=== Customizability === +* Default user options can now be overridden in LocalSettings. +* Skins system more modular: templates and CSS are now in /skins/ + New skins can be dropped into this directory and used immediately. +* More extension hooks have been added. +* Authentication plugin hook. +* More internal code documentation, generated with phpdoc: + http://www.mediawiki.org/docs/html/ -== Version 1.3.4, 2004-09-28 == -************************** SECURITY NOTE! ****************************** +=== Optimization === -As of 1.3.4, MediaWiki performs some screening of newly uploaded files for -validity. (Some) corrupt image files, and HTML files mistakenly or -maliciously masquerading as images, should now be rejected. +* For many operations, MediaWiki 1.4 should run faster and use + less memory than MediaWiki 1.3. Page rendering is up to twice + as fast. (Use a PHP accelerator such as Turck MMCache for best + results with any PHP application, though!) +* The parser cache no longer requires memcached, and is enabled + by default. This avoids a lot of re-rendering of pages that + have been shown recently, greatly speeding longer page views. +* Support for compiled PHP modules to speed up page diff and + Unicode validation/normalization. (Requires ability to compile + and load PHP extensions). -These checks protect against Internet Explorer security holes relating -to type autodetection which are a potential cross-site scripting attack -vector, and also rejects at least one known version of the "JPEG virus" -which might attack unpatched clients. -If you already have invalid files uploaded this will not protect against -them. If you have expanded the filetype whitelist or disabled the strict -type checking, other dangerous file types may still get through. You should -always be careful when allowing uploads! +=== What isn't ready yet === +* A new user/groups permissions scheme has been held back to 1.5. +* An experimental SOAP interface will be made available as an extension +* PostgreSQL support is largely working, minus search and the installer. + You can perform a manual installation. +* E-mail notification of watched page changes and verification of + user-submitted e-mail addresses is not yet included. +* Log pages are not automatically imported into the new log table + at upgrade time. A script to import old text log entries is + incomplete, but may be available in later point releases. +* Some localizations are still incomplete. -Changes from 1.3.3: -* Fixed lots of template-related bugs, esp. for cases where template - variables are used for links, images, etc. -* Fixed transformation of page messages when viewing Special:Allmessages -* Handle "ISBN ISBN 1234" correctly -* Fixed warning on Category pages -* Fixed some bad error messages on login page -* Fixed history entry for initial main page on install -* Removed problematic { and } from legal title characters -* Strip leading blank from output in preformated text. -* Fixed problem when moving pages to titles with '#' in -* Optional $wgRawHtml for raw <html> sections. Use only on limited- - participation 'trusted' wikis, as it does not protect against cross-site - scripting attacks. For security, this option can only be enabled if in - $wgWhitelistEdit mode. -* Fixed problem where pages which were created as a redirect following - a move never showed on Special:Randompage. -* Fixed line spacing on printed table of contents -* Allow links to pages with names of the form [[RFC 1234]] -* Fixed broken edit links being shown for sections from included templates -* Verify that uploaded image files are of the claimed type. -== Version 1.3.3, 2004-09-09 == +== Changelog == -Changes from 1.3.2: -* Fix for long numeric page titles -* Fix Go search for "0", numeric almost-self-links -* Avoid caching of pages with "You have new messages" headers -* Fix for upgrades as non-root users from 1.2 command-line installs. -* Fix for $wgDebugDumpSql debug mode. -* $wgExtraNamespaces setting for configuring additional namespaces - (see note in DefaultSettings.php) -* 'recache' on query pages now disabled when miser mode is on; special case the - global settings in your LocalSettings.php to do automatic updates. -* Don't block UTF-8 titles containing byte 0xA0 (bug added in 1.3.2) -* Watch/unwatch tabs now shown on edit pages in MonoBook. -* Fix default skin in Irish localization (ga) -* Add Traditional Chinese localization (zh-tw) -* Changed default sortkey of subcategories. Don't include "Category:"-prefix - any longer -* More helpful info on spam catcher. -* Allow larger offsets for queries such as Special:Listusers -* Semicolon (;) added to French non-break space rules -* Possible fix for some install errors with path names permission problems. -* Removed [[Project:All system messages]], which has been superceded by - the much faster [[Special:Allmessages]]. This speeds up installation - considerably. +=== Important security updates === -== Version 1.3.2, 2004-08-30 == +A security audit found and fixed a number of problems. Users of MediaWiki +1.3.10 and earlier should upgrade to 1.3.11; users of 1.4 beta releases +prior to 1.4rc1 should upgrade immediately. -Changes from 1.3.1: -* Fix namespaced page creation links when no go match -* When cookies are disabled, don't show login screen twice -* Install should no longer die when PHP is pre-configured to compress output -* Fixed bug that caused long Japanese pages to time out with Tidy active -* When session.handler is set incorrectly, try automatic override to 'files' -* Watch/Unwatch links back to the affected page instead of Main Page -* Upload link no longer displayed on Monobook if uploading is disabled -* Special:Allmessages faster, shows correct original text, works in safe mode +==== Cross-site scripting vulnerability ==== +XSS injection points can be used to hijack session and authentication +cookies as well as more serious attacks. -== Version 1.3.1, 2004-08-14 == +* Media: links output raw text into an attribute value, potentially + abusable for JavaScript injection. This has been corrected. +* Additional checks added to file upload to protect against MSIE and + Safari MIME-type autodetection bugs. -Changes from 1.3.0: -* Watchlist parameters now work with register_globals off -* Fixed parsing of ''italics'' and '''bold''' mark-up (again) -* Special:Allpages display is more sensible on smaller wikis -* Fixed XHTML parsing error in classic skins -* Moved pages update watchlist correctly -* Fixed rebuildall.php on case-sensitive Unix filesystems -* Disabled file cache compression by default due to incompatibility - with output buffer compression (ob_gzhandler) -* New magic word PAGENAMEE (URL-escaped version of PAGENAME) -* Installation avoids blank username; better message on missing XML module -* $wgWhitelistAccount no longer breaks all logins. +As of 1.3.10/1.4beta6, per-user customized CSS and JavaScript is disabled +by default as a general precaution. Sites which want this ability may set +$wgAllowUserCss and $wgAllowUserJs in LocalSettings.php. -== Version 1.3.0, 2004-08-11 == -Look & layout: -* New default layout 'MonoBook' (available on PHP4 only currently) -* Print stylesheet now built-in to every page -* More or less correct XHTML 1.0 (served as text/html by default) +==== Cross-site request forgery ==== -Wiki features: -* Image captions can now include links and other basic formatting -* Image bounding box can be specified instead of width, e.g. as - 100x100px, making the image not wider than 100px and not higher - than 100px, keeping aspect ratio. -* Templates have been expanded with parameters, and separated from - the MediaWiki: localization scheme. -* Categories more or less work -* added a special page for listing users with sysop rights. +An attacker could use JavaScript-submitted forms to perform various +restricted actions by tricking an authenticated user into visiting +a malicious web page. A fix for page editing in 1.3.10/1.4beta6 has +been expanded in this release to other forms and functions. -Editing: -* Automatic merging of edit conflicts that don't directly interfere -* Edit summaries can now include basic formatting and links +Authors of bot tools may need to update their code to include the +additional fields. -Metadata and output: -* Linked Creative Commons copyright metadata (optional) -* RSS 2.0 & Atom 0.3 feeds for Recent Changes, New Pages -Optional modules: -* WikiHiero hieroglyphic module can be added (separate download) -* Timeline module can be added (separate download). - Requires ploticus. -* TeX now has an experimental MathML output mode (incomplete!) +==== Directory traversal ==== -Installation and upgrading: -* The old install.php and update.php have been removed. In-place - installation introduced in 1.2 is now the standard installation - and upgrade method, see INSTALL and UPGRADE for directions. +An unchecked parameter in image deletion could allow an authenticated +administrator to delete arbitary files in directories writable by the +web server, and confirm existence of files not deletable. -Database: -* The links table has been changed to use a cur_id for l_from. - The link tables must be converted on upgrade, which may entail - some downtime. -Code and compatibility: -* Should now run clean with error reporting set to E_ALL. -* register_globals hack from 1.2 has been replaced with safer code -* Bundled PHPTAL 0.7.0 from http://phptal.sourceforge.net/ - (with some patches) -* Most image-related code moved to Image.php -* More fixes for PHP 4.1.2 (thanks to Asheesh Laroia) -* URL encoding fix for anchors -* All languages now available in UTF-8 mode -* Various other fixes +==== Older issues ==== -=== Caveats === +Note that 1.4 beta releases prior to beta 5 include an input validation +error which could lead to execution of arbitrary PHP code on the server. +Users of older betas should upgrade immediately to the current version. -Some output, particularly involving user-supplied inline HTML, may not -produce 100% valid or well-formed XHTML output. Testers are welcome to -set $wgMimeType = "application/xhtml+xml"; to test for remaining problem -cases, but this is not recommended on live sites. (This must be set for -MathML to display properly in Mozilla.) -The new 'MonoBook' skin is not compatible with PHP 5 due to bugs in the -underlying PHPTAL library. It will be automatically disabled when running -on PHP5; the older look and feel will be used instead. +Beta 6 also introduces the use of rel="nofollow" attributes on external +links in wiki pages to reduce the effectiveness of wiki spam. This will +cause participating search engines to ignore external URL links from wiki +pages for purposes of page relevancy ranking. -== Version 1.2.6, 2004-05-24 == -* Spam blocker ($wgSpamRegex - refuses to save edits that match) -* Updated documentation about $wgWhitelistRead -* Ensure that searchindex table is created as MyISAM -* Interwiki cache timeout (memcached) -* Fix uploads on Windows with magic_quotes_gpc -* Some config fixes for Windows (slashes etc) -* Local interwiki URL redirects -* Fixed obscure deletion problem in squid mode on corrupt entries -* Language files updated to remove more hard-coded "Wikipedia" strings +=== Misc bugs fixed in beta 1 === -== Version 1.2.5, 2004-05-01 == -* Fixed install problem with blank root password -* Fixed Special:Emailuser/Username links -* Fixed main-page edit links on fuzzy search results -* Fixed wikipedia-interwiki.sql -* Fixed install with apache2filter (ugly URLs) -* IP in 'go' search brings up contributions -* Switch from broken & to ? on top-level wiki URL hack +* (bug 95) Templates no longer limited to 5 inclusions per page +* New user preference for limiting the image size for images on image description + pages +* (bug 530) Allow user to preview article on first edit +* (bug 479) [[RFC 1234]] will now make an internal link +* (bug 511) PhpTal skins shown bogus 'What links here' etc on special pages +* (bug 770) Adding filter and username exact search match for Special:Listusers +* (bug 733) Installer die if it can not write LocalSettings.php +* (bug 705) Various special pages no more show the rss/atom feed links +* (bug 114) use category backlinks in Special:Recentchangeslinked -== Version 1.2.4, 2004-04-13 == +=== Beta 2 fixes === -* Fixed edit toolbar in Mozilla -* Diff links in Contributions for 'top' edits -* Fixed Nostalgia skin drop-down for register_globals off -* Backported optional open proxy blocker -* Backported $wgWhitelistRead -* $wgCapitalLinks option to force full case sensitivity in titles -* Cleaned up error handling when can't talk to database -* Disabled unsafe command-line installer (remove the "die()" call to use) +* (bug 987) Reverted bogus fix for bug 502 +* (bug 992) Fix enhanced recent changes in PHP5 +* (bug 1009) Fix Special:Makesysop when using table prefixes +* (bug 1010) fix broken Commons image link on Classic & Cologne Blue +* (bug 985) Fix auto-summary for section edits +* (bug 995) Close <a> tag +* (bug 1004) renamed norsk language links (twice) +* Login works again when using an old-style default skin +* Fix for load balancing mode, notify if using old settings format +* (bug 1014) Missing image size option on old accounts handled gracefully +* (bug 1027) Fix page moves with table prefix +* (bug 1018) Some pages fail with stub threshold enabled +* (bug 1024) Fix link to high-res image version on Image: pages +* (bug 1016) Fix handling of lines omitting Image: in a <gallery> tag +* security fix for image galleries +* (bug 1039) Avoid error message in certain message cache failure modes +* Fix string escaping with PostgreSQL +* (bug 1015) [partial] -- use comment formatter on image gallery text +* Allow customization of all UI languages +* use $wgForceUIMsgAsContentMsg to make regular UI messages act as content +* new user option for zh users to disable language conversion +* Defer message cache initialization, shaving a few ms off file cache hits +* Fixed Special:Allmessages when using table prefixes +* (bug 996) Fix $wgWhitelistRead to work again +* (bug 1028) fix page move over redirect to not fail on the unique index -== Version 1.2.3, 2004-04-02 == +=== Beta 3 fixes === -* Fixed an in-place install bug with non-root MySQL user -* Fixed history diff checkboxes bug on titles with ampersands -* Fixed printable link bug on special pages with parameters -* Fixed bug that broke IP blocking w/o memcached -* Turns off E_NOTICE warnings if PHP settings have them on - (you can grope in and turn this off if you like to debug) +* Hide RC patrol markers when patrol is disabled or not allowed to patrol. +* Fix language selection for upgraded accounts +* (bug 1076) navigation links in QueryPage should be translated by wgContLang. +* (bug 922) bogus DOS line endings in LanguageEl.php +* Fix index usage in contribs +* Caching and load limiting options for Recentchanges RSS/Atom feed +* (bug 1074) Add stock icons for non-image files in gallery/Newimages +* Add width and height attributes on thumbs in gallery/Newimages +* Enhance upload extension blacklist to protect against vulnerable + Apache configurations -== Version 1.2.2, 2004-03-28 == +=== Beta 4 fixes === -* Fixed an upgrade bug introduced in 1.2.1. -* Disabled $wgUseCategoryMagic, which feature is incomplete broken +* (bug 1090) Fix sitesupport links in CB/classic skins +* Gracefully ignore non-legal titles in a <gallery> +* Fix message page caching behavior when $wgCapitalLinks is turned off + after installation and the wiki is subsequently upgraded +* Database error messages include the database server name/address +* Paging support for large categories +* Fix image page scaling when thumbnail generation is disabled +* Select the content language in prefs when bogus interface language is set +* Fix interwiki links in edit comments +* Fix crash on banned user visit +* Avoid PHP warning messages when thumbnail not generated +* (bug 1157) List unblocks correctly in Special:Log +* Fix fatal errors in LanguageLi.php +* Undo overly bright, difficult to read colors in Cologne Blue +* (bug 1162) fix five-tilde date inserter +* Add raw signatures option for those who simply must have cute sigs +* (bug 1164) Let wikitext be used in Loginprompt and Loginend messages +* Add the dreaded <span> to the HTML whitelist +* (bug 1170) Fix Russian linktrail +* (bug 1168) Missing text on the bureaucrat log +* (bug 1180) Fix Makesysop on shared-user-table sites +* (bug 1178) Fix previous diff link when using 'oldid=0' +* (bug 1173) Stop blocked accounts from reverting/deleting images +* Keep generated stylesheets cache-separated for each user +* (bug 1175) Fix "preview on first edit" mode +* Fix revert bug caused by bug 1175 fix +* Fix CSS classes on minor, new, unpatrolled markers in enhanced RC +* Set MySQL 4 boolean search back to 'and' mode by default +* (bug 1193) Fix move-only page protection mode +* Fix zhtable Makefile to include the traditional manual table +* Add memcache timeout for the zh conversion tables +* Allow user customization of the zh conversion tables through + Mediawiki:zhconversiontable +* Add zh-min-man (back) to language names list +* Ported $wgCopyrightIcon setting from REL1_3A +* (bug 1218) Show the original image on image pages if the thumbnail would be + bigger than the original image +* (bug 1213) i18n of Special:Log labels +* (bug 1013) Fix jbo, minnan in language names list +* Added magic word MAG_NOTITLECONVERT to indicate that the title of the page + do not need to be converted. Useful in zh: +* (bug 1224) Use proper date messages for date reformatter +* (bug 1241) Don't show 'cont.' for first entry of the category list +* (bug 1240) Special:Preferences was broken in Slovenian locale when + $wgUseDynamicDates is enabled +* Added magic word MAG_NOCONTENTCONVERT to supress the conversion of the + content of an article. Useful in zh: +* write-lock for updating the zh conversion tables in memcache +* recursively parse subpages of MediaWiki:Zhconversiontable +* (bug 1144) Fix export for fy language +* make removal of an entry from zhconversiontable work +* (bug 752) Don't insert newline in link title for url with %0a +* Fix missing search box contents in MonoBook skin +* Add option to forward search directly to an external URL (eg google) +* Correctly highlight the fallback language variant when the selected + variant is disabled. Used in zh: only for now. -== Version 1.2.1, 2004-03-27 == +=== Beta 5 fixes === -Installation, compatibility, security fixlets: -* Detect use of PHP as CGI and disable index.php/Title URLs -* Try to auto-create math tmp & output directories if not present -* Disable Asksql in default install ($wgAllowSysopQueries) -* Better handling of get_magic_quotes_gpc (apostrophe problems) -* French localisation no longer hard-codes "Wikipedia" name +* (bug 1124) Fix ImageGallery XHTML compliance +* (bug 1186) news: in the middle of a word +* (bug 1283) Use underlining and borders to highlight additions/deletions + in diff-view +* Use user's local timezone in Special:Log display +* Show filename for images in gallery by default (restore beta 3 behaviour) +* (bug 1201) Double-escaping in brokenlinks, imagelinks, categorylinks, searchindex +* When using squid reverse proxy, cache the redirect to the Main_Page +* (bug 1302) Fix Norwegian language file +* (bug 1205) Fix broken article saving in PHP 5.1 +* (bug 1206) Implement CURRENTWEEK and CURRENTDOW magic keyword (will give + number of the week and number of the day). +* (bug 1204) Blocks do not expire automatically +* (bug 1184) expiry time of indefinite blocks shown as the current time +* (bug 1317) Fix external links in image captions +* (bug 1084) Fix logo not rendering centrally in IE +* (bug 288) Fix tabs wrapping in IE6 +* (bug 119) Fix full-width tabs with RTL text in IE +* (bug 1323) Fix logo rendering off-screen in IE with RTL language +* Show "block" link in Special:Recentchanges for logged in users, too, if + wgUserSysopBans is true. +* (bug 1326) Use content language for '1movedto2' in edit history +* zh: Fix warning when HTTP_ACCEPT_LANGUAGE is not set +* zh: Fix double conversion for zh-sg and zh-hk +* (bug 1132) Fix concatenation of link lists in refreshLinks +* (bug 1101) Fix memory leak in refreshLinks +* (bug 1339) Fix order of @imports in Cologne Blue CSS +* Don't try to create links without namespaces ([[Category:]] link bug) +* Memcached data compression fixes +* Several valid XHTML fixes +* (bug 624) Fix IE freezing rendering whilst waiting for CSS with MonoBook +* (bug 211) Fix tabbed preferences with XHTML MIME type +* Fix for script execution vulnerability. -== Version 1.2.0 == +=== Beta 6 fixes === -New features in 1.2: -* Image resizing/thumbnail generation -* Stricter upload file extension blacklist and whitelist options -* More flexible blocking system; time period may be set -* Handier sysop account management. An account marked "bureaucrat" - may assign sysop access to other accounts via Special:Makesysop. - (The exact details of this may change in the future) -* Support for a squid cache with explicit purging of cached anon pages -* Optional compression of old revision text (requires zlib support) -* Fuzzy title search (experimental, requires memcached) -* Page rendering cache (experimental) -* Editing toolbar to demonstrate wiki syntax to newbies - (off by default in user preferences) -* Support for authenticated SMTP outgoing e-mail (experimental) -* It's now possible to assign sysop accounts from within the wiki. - An account with this ability must be labeled with the "bureaucrat" - privilege, such as the 'Developer' account created by the install. +* (bug 1335) implement 'tooltip-watch' in Language.php +* Fix linktrail for nn: language +* (bug 1214) Fix prev/next links in Special:Log +* (bug 1354) Fix linktrail for fo: language +* (bug 512) Reload generated CSS on preference change +* (bug 63) Fix displaying as if logged in after logout +* Set default MediaWiki:Sitenotice to '-', avoiding extra database hits +* Skip message cache initialization on raw page view (quick hack) +* Fix notice errors in wfDebugDieBacktrace() in XML callbacks +* Suppress notice error on bogus timestamp input (returns epoch as before) +* Remove unnecessary initialization and double-caching of parser variables +* Call-tree output mode for profiling +* (bug 730) configurable $wgRCMaxAge; don't try to update purged RC entries +* Add $wgNoFollowLinks option to add rel="nofollow" on external links + (on by default) +* (bug 1130) Show actual title when moving page instead of encoded one. +* (bug 925) Fix headings containing <math> +* (bug 1131) Fix headings containing interwiki links +* (bug 1380) Update Nynorsk language file +* (bug 1232) Fix sorting of cached Special:Wantedpages in miser mode +* (bug 1217) Image within an image caption broke rendering +* (bug 1384) Make patrol signs have the same width for page moves as for edits +* (bug 1364) fix "clean up whitespace" in Title:SecureAndSplit +* (bug 1389) i18n for proxyblocker message +* Add fur/Furlan/Friulian to language names list +* Add TitleMoveComplete hook on page renames +* Allow simple comments for each translation rules in MW:Zhconversiontable +* (bug 1402) Make link color of tab subject page link on talk page indicate whether article exists +* (bug 1368) Fix SQL error on stopword/short word search w/ MySQL 3.x +* Translated Hebrew namespace names +* (bug 1429) Stop double-escaping of block comments; fix formatting +* (bug 829) Fix URL-escaping on block success +* (bug 1228) Fix double-escaping on & sequences in [enclosed] URLs +* (bug 1435) Fixed many CSS errors +* (bug 1457) Fix XHTML validation on category column list +* (bug 1458) Don't save if edit form submission is incomplete +* Logged-in edits and preview of user CSS/JS are now locked to a session token. +* Per-user CSS and JavaScript subpage customizations now disabled by default. + They can be re-enabled via $wgAllowUserJs and $wgAllowUserCss. +* Removed .ogg from the default uploads whitelist as an extra precaution. + If your web server is configured to serve Ogg files with the correct + Content-Type header, you can re-add it in LocalSettings.php: + $wgFileExtensions[] = 'ogg'; -Fixes and tweaks: -* Now works with register_globals off! -* Works with short tags disabled. -* Should work out of the box on MySQL 3.2.x again. On 4.x set - $wgEnablePersistentLC = true; to turn on the link cache table - for a slight rendering speed boost. -* rebuildMessages.php can now selectively update new messages, or - overwrite everything. -* Various bug fixes. -* Other stuff we forgot. -* Documentation more out of date than ever before! +=== RC1 fixes === -=== Behavior changes === +* Fix notice error on nonexistent template in wikitext system message +* (bug 1469) add missing <ul> tags on Special:Log +* (bug 1470) remove extra <ul> tags from Danish log messages +* Fix notice on purge w/ squid mode off +* (bug 1477) hide details of SQL error messages by default + Set $wgShowSQLErrors = true for debugging. +* (bug 1430) Don't check for template data when editing page that doesn't exist +* Recentchanges table purging fixed when using table prefix +* (bug 1431) Avoid redundant objectcache garbage collection +* (bug 1474) Switch to better-cached index for statistics page count +* Run Unicode normalization on all input fields +* Fix translation for allpagesformtext2 in LanguageZh_cn and LanguageZh_tw +* Block image revert without valid login +* (bug 1446) stub Bambara (bm) language file using French messages +* (bug 1432) Update Estonian localization +* (bug 1471) unclosed <p> tag in Danish messages +* convertLinks script fixes +* Corrections to template loop detection +* XHTML encoding fix for usernames containing & in Special:Emailuser +* (for zh) Search for variant links even when conversion is turned off, + to help prevent duplicate articles. +* Disallow ISO 8859-1 C1 characters and "no-break space" in user names + on Latin-1 wikis. +* Correct the name of the main page it LanguageIt +* Allow Special:Makesysop to work for usernames containing SQL special + characters. +* Fix annoying blue line in Safari on scaled-down images on description page +* Increase upload sanity checks +* Fix XSS bug in Media: links +* Add cross-site form submission protection to various actions +* Fix fatal error on some dubious page titles +* Stub threshold displays correctly again -* wiki.phtml and redirect.phtml are now renamed to index.php and redirect.php - The old names are provided too for compatibility, but make sure they don't - conflict if you've been putting other files in your wiki. -* Uploaded filenames are more strictly checked than before. See bits in - DefaultSettings.php to tweak this behavior to your needs. -* Database messages are now enabled by default, so the interface messages can - be tweaked through the wiki with a sysop account. Disable this if you - don't want the performance hit. -=== Database changes === +=== 1.4.0 final fixes === -An index was added to recentchanges table to speed up Newpages -(patch-rc-newindex.sql for manual updaters). +* (bug 65) Fix broken interwiki link encoding on Latin-1 wikis; force to UTF-8 +* (bug 563) Fix UTF-8 interwiki URL redirects via Latin-1 wikis +* (bug 1536) Fix page info +* Support os (Ossetic) as language code, using Russian localization base +* (bug 1610) Support non (Old Norse) as language code, using Icelandic localization base +* (bug 1618) Properly list custom namespaces in Special:Allpages +* (bug 1622) Remove trailing' >' when using category browser +* (bug 1570) Fix php 4.2.x error on conflict merging +* (bug 1585) Fix page title on post-login redirection page +* Run UTF-8 validation on old text in Recentchanges RSS diffs +* (bug 1642) fix a mime type typo in img_auth.php +* Automated interwiki redirects only for local interwikis +* Respect read-only mode on block removals +* Trim old illegal characters from syndication feeds +* Reduce message cache outage recovery delay from 1 day to 5 minutes +* (bug 1403) Update Finnish localization +* (bug 1478) Punjabi localization +* (bug 1667) Update script 5 second countdown. +* (bug 1057) Fix logging table encoding (error on MySQL 4.1) +* (bug 1680) Fix linktrail for fo +* (bug 1653) Removing hardcoded messages in Special:Allmessages +* (bug 1594) Render a hyphen in a formula as − in HTML +* (bug 1495) Fall back to default language MediaWiki: for custom messages +* (bug 1617) Show different error messages for "user does not + exist" and "wrong password" when using AuthPlugin +* (bug 1532), (bug 1544) Changed language names for + 'bn', 'bo', 'dv', 'dz', 'ht', 'ii', 'li', 'lo', 'ng', 'or', 'pa', 'si', + 'ti', 've' +* Fix editing on non-Esperanto wiki with user language pref set to Esperanto +* Make conversion table for zh-sg default to zh-cn, and zh-hk default to zh-tw +* Fix PHP notice in MonoBook when counters disabled +* (bug 1696) Update namespaces, dates in uk localization +* (bug 551) Installer warns about magic_quotes_runtime and magic_quotes_sybase + instead of trying to install with corrupt table files +* Installer no longer tries to move non-default MediaWiki: pages into Template: +* User-to-user email disabled by default ($wgEnableUserEmail) -Expiration date field has been added to ipblocks table -(patch-ipb_expiry.sql for manual updaters). +=== 1.4.1 fixes === -== Version 1.1.0, 2003-12-08 == +* (bug 1720) fix genitive month names for uk +* (bug 1704) fixed untranslateable string in Special:Log +* (bug 1638) Added Belrusian language file +* (bug 1736) typo in SpecialValidate.php +* (bug 73) Upload doesn't run edit updates on description page (links, + search index and categories) +* (bug 646) <math> fails to recognize \ll and \gg +* (bug 926) \div element from TeX not supported in <math> element +* (bug 1147) add \checkmark to whitelist in texutil.ml +* (bug 937) \limits function from LaTeX not supported in <math> element +* Support for manually converting article title to different Chinese + variants (for zh) +* (bug 1488, bug 1744) Fix encoding for preferences, dates in Latin-1 mode +* (bug 1042) Fix UTF-8 case conversion for PHP <4.3 with mbstring extension +* Fix code typo that broke article credits display +* Installation fixes for running under IIS +* (bug 1556) login page tab order. "remember" checkbox now come after password. +* SQL debug log fixlets +* (bug 1815) Fix namespace in old revision display with mismatched title +* (bug 1788) Fix link duplication when edit/upload comment includes newlines +* Change default on $wgSysopUserBans and $wgSysopRangeBans to true +* Fix link conversion for URL request +* (bug 1851) Updated download URL for the SCIM packages used by zhtable +* (bug 1853) Try stripping quotes from term for 'go' title match +* Fix missing function in Latin1 mode +* (bug 1860) Anchors of interwiki links did not get normalized +* (bug 1847) accept lowercase x in ISBN, do not accept invalid A-W,Y,Z +* Fix link conversion for URL request, hopefully without breaking the wiki +* (bug 1849) New option allows to consider categorized images as used on + Special:Unusedimages +* Localized category namespace for ka (Georgian) +* (bug 1107) Work around includes problem in installer when parent dir is not + readable by the web server +* (bug 1927) Incorrect escaping on wikitext message in Blockip -This is the new production release. Any following 1.1.x releases are expected -to contain only bug fixes; developments of new features will go towards a 1.2.0 -release. -New features in 1.1: -* New wiki table syntax: - http://meta.wikipedia.org/wiki/MediaWiki_User%27s_Guide:_Using_tables -* User-editable interface messages: - http://meta.wikipedia.org/wiki/MediaWiki_namespace -* XML-wrapped page source export with optional history: - http://meta.wikipedia.org/wiki/XML_import_and_export - (There is not yet an import function!) -* "Magic words" +=== 1.4.2 fixes === -Fixes and tweaks: -* linkscc table caches link data for rendering; faster rebuildlinks.php -* Numerous bugs in Cologne Blue skin fixed -* Login gives warning about missing cookies -* Block log, protection log added; deletion log now includes undeletions -* Deletion & upload logs now escape comment text properly -* Problems with <nowiki> segments in section titles etc mitigated -* Contributions offset and minor edit bugs fixed -* Whatlinkshere now sorted alphabetically -* Various exciting new profiling options. -* Debug log is off by default. -* Various small bugs fixed. +* Fix math options in Finnish localization +* Use in-process Tidy extension if available when $wgUseTidy is on +* (bug 1933) Fix PATH_INFO usage under IIS with PHP ISAPI module +* (bug 1188) <nowiki> in {{subst:}} includes fixed +* (bug 1936)  in {{subst:}} includes fixed +* Fix a potential MSIE JavaScript injection vector in Tidy mode -Internal changes: -* wfQuery has had a second parameter inserted, DB_READ or DB_WRITE. This value - is not actually used so far. -* Partial code for categories and Smarty template-based skins is in the tree - but disabled. -* Parts of Article.php have been moved to EditPage.php and ImagePage.php. -New translations: -* fi - Finnish -* ia - Interlingua -* no - Norwegian -* sk - Slovak -* ta - Tamil +=== 1.4.3 fixes === -=== Database changes === +* (bug 1636) Refs like ţ were misinterpreted as octal in some places +* (bug 1163) Special:Undelete showed oldest revision instead of newest +* (bug 1938) Fix escaping of illegal character references in link text +* (bug 1997) Fix for error on display of renamed items in Recentchanges on PHP5 +* (bug 1949) Profiling typo in rare error case +* (bug 1963) Fix deletion log link when $wgCapitalLinks is off +* (bug 1970) Don't show move tab for immobile pages +* (bug 1770) Page creation recorded links from the 'newarticletext' message +* Optional change to the site_stats table. When applied, this removes the need + for expensive queries in Special:Statistics. -"linkscc" table added. If upgrading manually (rather than with update.php), -run maintenance/archives/patch-linkscc.sql to create the table. -Older releases were dated snapshots from the old 'stable' branch: +=== 1.4.4 fixes === -== mediawiki-20031118 == +* (bug 725) Let dir="ltr" attribute work again in MonoBook on RTL languages +* (bug 2024) Skip JavaScript error for custom skins where .js message not set +* (bug 2025) Updated Indonesian localization +* (bug 2039) Updated Lithuanian localization -* Image deletion fixed. -* Deletion of image old revisions now restricted to sysops - (this is an irreversible action and not well logged) -* Fixed maintenance scripts broken by last release's security fix -* Many errors in rebuildlinks script fixed. -== mediawiki-20031117 == +=== Caveats === -* SECURITY FIX: stricter checking of include path -* Fixed user contributions next/prev bug -* Login cookies now have the database name prefixed to allow wikis - to coexist in the same domain. This will invalidate any old saved - password cookies. -* Update cache timestamp when talk pages are created -* Saving the login form in Mozilla no longer blanks password in prefs. -* Check existence of source page before performing a move. -* Detect invalid titles in Special:Allpages -* Q-encode headers on outgoing inter-user e-mail -* Updates to some translations. -* Added table of contents border/bg to Cologne Blue, Nostalgia skins -* Protected pages no longer appear unprotected when visited via redirect -* Swapped old Wikipedia logo for the MediaWiki sunflower logo -* install.php, update.php print warning on old PHP versions, - added compatibility functions that might or might not help +Some output, particularly involving user-supplied inline HTML, may not [truncated at 1000 lines; 143240 more skipped]

18 years, 9 months

[frik85] 19938: RosCMS update:

by frik85＠svn.reactos.com

RosCMS update: * improve pages and content "view/edit/save" functions * improve "group members" interface * and some minor changes Modified: trunk/web/reactos.org/htdocs/roscms/inc/admin.php Modified: trunk/web/reactos.org/htdocs/roscms/inc/admin_content_edit.php Modified: trunk/web/reactos.org/htdocs/roscms/inc/admin_pages_edit.php Modified: trunk/web/reactos.org/htdocs/roscms/inc/admin_pages_save.php Modified: trunk/web/reactos.org/htdocs/roscms/inc/admin_user_accounts.php Added: trunk/web/reactos.org/htdocs/roscms/inc/admin_user_group_members.php Added: trunk/web/reactos.org/htdocs/roscms/inc/admin_user_group_members_edit.ph p Deleted: trunk/web/reactos.org/htdocs/roscms/inc/admin_user_group_memebers.php Modified: trunk/web/reactos.org/htdocs/roscms/inc/inc_description_table.php Modified: trunk/web/reactos.org/htdocs/roscms/inc/website_status.php _____ Modified: trunk/web/reactos.org/htdocs/roscms/inc/admin.php --- trunk/web/reactos.org/htdocs/roscms/inc/admin.php 2005-12-06 19:43:53 UTC (rev 19937) +++ trunk/web/reactos.org/htdocs/roscms/inc/admin.php 2005-12-06 19:57:28 UTC (rev 19938) @@ -147,7 +147,24 @@ include("inc/admin_user_groups.php"); break; case "usrgrpmbr": - include("inc/admin_user_group_memebers.php"); + if ($rpm_sec2=="view" || $rpm_sec2=="") { + include("inc/admin_user_group_members.php"); + } + else if ($rpm_sec2=="edit") { + include("inc/admin_user_group_members_edit.php"); + } + else if ($rpm_sec2=="add") { + include("inc/admin_user_group_members_edit.php"); + } + else if ($rpm_sec2=="save") { + include("inc/admin_user_group_members_edit.php"); + } + else if ($rpm_sec2=="insert") { + include("inc/admin_user_group_members_edit.php"); + } + else if ($rpm_sec2=="delete") { + include("inc/admin_user_group_members_edit.php"); + } break; case "sessions": include("inc/admin_user_sessions.php"); _____ Modified: trunk/web/reactos.org/htdocs/roscms/inc/admin_content_edit.php --- trunk/web/reactos.org/htdocs/roscms/inc/admin_content_edit.php 2005-12-06 19:43:53 UTC (rev 19937) +++ trunk/web/reactos.org/htdocs/roscms/inc/admin_content_edit.php 2005-12-06 19:57:28 UTC (rev 19938) @@ -66,7 +66,7 @@ <td width="85%" bgcolor="#E2E2E2"> <div align="left"><font face="Arial, Helvetica, sans-serif"> [#cont_ <input name="txt_contentid" type="text" id="txt_contentid" value="<?php echo $result_content['content_name']; ?>" size="50" maxlength="50"> - ]   (e.g. "media")</font></div></td> + ]   (e.g. "about")</font></div></td> </tr> <tr> <td valign="top" bgcolor="#5984C3"> <div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Language</strong></font></div></td> @@ -182,9 +182,35 @@ </optgroup> </select> </td> </tr> + <tr> + <td valign="top" bgcolor="#5984C3"><div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Type</strong></font></div></td> + <td valign="top" bgcolor="#EEEEEE"><font face="Arial, Helvetica, sans-serif"> + <input name="txt_content_type" type="text" id="txt_content_type" value="<?php echo $result_content['content_type']; ?>" size="30" maxlength="30"> +("default", "layout", ...) </font></td> + </tr> + <tr> + <td valign="top" bgcolor="#5984C3"><div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Description</strong></font></div></td> + <td valign="top" bgcolor="#E2E2E2"><font face="Arial, Helvetica, sans-serif"> + <input name="txt_content_desc" type="text" id="txt_content_desc" value="<?php echo $result_content['content_description']; ?>" size="50" maxlength="255"> + </font></td> + </tr> + <tr> + <td valign="top" bgcolor="#5984C3"><div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Username</strong></font></div></td> + <td valign="top" bgcolor="#EEEEEE"><font face="Arial, Helvetica, sans-serif"><?php + + if ($result_content['content_usrname_id']) { + $query_user_name = mysql_query("SELECT * + FROM `users` + WHERE `user_id` = ". $result_content['content_usrname_id'] ." ;") ; + $result_user_name = mysql_fetch_array($query_user_name); + + echo "<b>".$result_user_name['user_name']."</b> (".$result_user_name['user_fullname'].") <a href='?page=user&sec=profil&sec2=".$result_content['content_usrn ame_id']."' target='_blank'>[Profile]</a>"; + } + ?></font></td> + </tr> <tr> <td valign="top" bgcolor="#5984C3"><div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Date</strong></font></div></td> - <td valign="top" bgcolor="#EEEEEE"><font face="Arial, Helvetica, sans-serif"> + <td valign="top" bgcolor="#E2E2E2"><font face="Arial, Helvetica, sans-serif"> <?php echo $result_content['content_date']; ?> @@ -192,7 +218,7 @@ </tr> <tr> <td valign="top" bgcolor="#5984C3"><div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Time</strong></font></div></td> - <td valign="top" bgcolor="#E2E2E2"><font face="Arial, Helvetica, sans-serif"> + <td valign="top" bgcolor="#EEEEEE"><font face="Arial, Helvetica, sans-serif"> <?php echo $result_content['content_time']; ?> @@ -303,6 +329,8 @@ $content_act=""; $content_extra=""; $content_savemode=""; + $content_typea=""; + $content_desca=""; if (array_key_exists("txt_contentid", $_POST)) $content_contentid=$_POST['txt_contentid']; if (array_key_exists("txt_langa", $_POST)) $content_langa=$_POST['txt_langa']; @@ -310,7 +338,10 @@ if (array_key_exists("content_active", $_POST)) $content_act=$_POST['content_active']; if (array_key_exists("txt_extra", $_POST)) $content_extra=$_POST['txt_extra']; if (array_key_exists("content_rad_opt", $_POST)) $content_savemode=$_POST['content_rad_opt']; + if (array_key_exists("txt_content_type", $_POST)) $content_typea=$_POST['txt_content_type']; + if (array_key_exists("txt_content_desc", $_POST)) $content_desca=$_POST['txt_content_desc']; + //echo "<br>".$content_act; if ($content_langa == "") { $content_langa = "all"; @@ -363,7 +394,7 @@ if ($content_savemode == "update") { - $content_description = date("Y-m-d H:i:s")." [".$roscms_intern_account_id."] "; + $content_description = date("Y-m-d H:i:s")." [".$roscms_intern_account_id."] | ".$content_desca; $content_posta="UPDATE `content` SET `content_name` = '". mysql_escape_string($content_contentid) ."', `content_lang` = '". mysql_escape_string($content_langa) ."', @@ -371,12 +402,14 @@ `content_text` = '". mysql_real_escape_string($content_data) ."', `content_visible` = '". mysql_escape_string($content_vis) ."', `content_active` = '". mysql_escape_string($content_act) ."', - `content_description` = '". mysql_escape_string($content_description) ."' + `content_description` = '". mysql_escape_string($content_description) ."', + `content_type` = '". mysql_escape_string($content_description) ."' WHERE `content_id` = '$rpm_db_id' LIMIT 1 ;"; //`content_active` = '1', //`content_usrname_id` = '$roscms_intern_account_id', //`content_date` = CURDATE( ) , //`content_time` = CURTIME( ) + $content_post_lista=mysql_query($content_posta); } elseif ($content_savemode == "translate") { _____ Modified: trunk/web/reactos.org/htdocs/roscms/inc/admin_pages_edit.php --- trunk/web/reactos.org/htdocs/roscms/inc/admin_pages_edit.php 2005-12-06 19:43:53 UTC (rev 19937) +++ trunk/web/reactos.org/htdocs/roscms/inc/admin_pages_edit.php 2005-12-06 19:57:28 UTC (rev 19938) @@ -122,9 +122,9 @@ ?> </font></td> </tr> - <tr> + <tr> <td valign="top" bgcolor="#5984C3"><div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Visible</strong></font></div></td> - <td valign="top" bgcolor="#EEEEEE"><font face="Arial, Helvetica, sans-serif"> + <td valign="top" bgcolor="#E2E2E2"><font face="Arial, Helvetica, sans-serif"> <?php if ($result_page['page_visible'] == 1) { echo ' <input name="page_visible" type="radio" value="yes" checked> yes   <input type="radio" name="page_visible" value="no"> no'; @@ -133,6 +133,19 @@ echo ' <input name="page_visible" type="radio" value="yes"> yes   <input type="radio" name="page_visible" value="no" checked> no'; } ?> +</font></td> + </tr> + <tr> + <td valign="top" bgcolor="#5984C3"><div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Active</strong></font></div></td> + <td valign="top" bgcolor="#EEEEEE"><font face="Arial, Helvetica, sans-serif"> + <?php + if ($result_page['page_active'] == 1) { + echo ' <input name="page_active" type="radio" value="yes" checked> yes   <input type="radio" name="page_active" value="no"> no'; + } + else { + echo ' <input name="page_active" type="radio" value="yes"> yes   <input type="radio" name="page_active" value="no" checked> no'; + } + ?> </font></td> </tr> <tr> @@ -158,6 +171,12 @@ </optgroup> </select> </td> </tr> + <tr> + <td valign="top" bgcolor="#5984C3"><div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Extention</strong></font></div></td> + <td valign="top" bgcolor="#E2E2E2"><font face="Arial, Helvetica, sans-serif"> + <input name="txt_pageextent" type="text" id="txt_pageextent" value="<?php echo $result_page['pages_extention']; ?>" size="10" maxlength="10"> +("default", "xml", ...) </font></td> + </tr> <tr> <td valign="top" bgcolor="#5984C3"><div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Date</strong></font></div></td> <td valign="top" bgcolor="#EEEEEE"><font face="Arial, Helvetica, sans-serif"> _____ Modified: trunk/web/reactos.org/htdocs/roscms/inc/admin_pages_save.php --- trunk/web/reactos.org/htdocs/roscms/inc/admin_pages_save.php 2005-12-06 19:43:53 UTC (rev 19937) +++ trunk/web/reactos.org/htdocs/roscms/inc/admin_pages_save.php 2005-12-06 19:57:28 UTC (rev 19938) @@ -50,7 +50,10 @@ $page_savemode=$_POST['page_rad_opt']; $page_pagetitle=$_POST['txt_pagetitle']; $page_pagedesc=$_POST['txt_pagedesc']; + $page_pageextention=$_POST['txt_pageextent']; + $page_pageactive=$_POST['page_active']; + if ($page_langa == "") { $page_langa = "all"; } @@ -61,6 +64,13 @@ else { $page_vis="0"; } + + if ($page_pageactive == "yes") { + $page_pageactive="1"; + } + else { + $page_pageactive="0"; + } $page_data=$_POST['textarea_pages']; @@ -73,6 +83,8 @@ `page_description` = '". mysql_real_escape_string($page_pagedesc) ."', `page_text` = '". mysql_real_escape_string($page_data) ."', `page_visible` = '". mysql_real_escape_string($page_vis) ."', + `pages_extention` = '". mysql_real_escape_string($page_pageextention) ."', + `page_active` = '". mysql_real_escape_string($page_pageactive) ."', `page_date` = CURDATE( ) , `page_time` = CURTIME( ) WHERE `page_id` = '$rpm_db_id' LIMIT 1 ;"; //`page_active` = '1', _____ Modified: trunk/web/reactos.org/htdocs/roscms/inc/admin_user_accounts.php --- trunk/web/reactos.org/htdocs/roscms/inc/admin_user_accounts.php 2005-12-06 19:43:53 UTC (rev 19937) +++ trunk/web/reactos.org/htdocs/roscms/inc/admin_user_accounts.php 2005-12-06 19:57:28 UTC (rev 19938) @@ -168,9 +168,62 @@ else { echo '<a href="?page=admin&sec=users&sec2=view&sort=language&filt ='.$rpm_filt.'&opt='.$rpm_opt.'&langid='.$rpm_lang_id.'">languag e</a>'; } + echo ' | '; + if ($rpm_sort == "occupation") { + echo '<b>occupation</b>'; + $ros_cms_intern_users_sortby="user_occupation"; + $ros_cms_intern_users_sort="ASC"; + } + else { + echo '<a href="?page=admin&sec=users&sec2=view&sort=occupation&fi lt='.$rpm_filt.'&opt='.$rpm_opt.'&langid='.$rpm_lang_id.'">occup ation</a>'; + } + echo ' | '; + if ($rpm_sort == "counter") { + echo '<b>counter</b>'; + $ros_cms_intern_users_sortby="user_login_counter"; + $ros_cms_intern_users_sort="DESC"; + } + else { + echo '<a href="?page=admin&sec=users&sec2=view&sort=counter&filt= '.$rpm_filt.'&opt='.$rpm_opt.'&langid='.$rpm_lang_id.'">counter< /a>'; + } echo '</p>'; ?> + +<?php + +// Setting: +$roscms_intern_items_per_page = 50; + + +$roscms_SET_curpos = ""; +if (array_key_exists("curpos", $_GET)) $roscms_SET_curpos=htmlspecialchars($_GET["curpos"]); +if (!$roscms_SET_curpos) { + $roscms_SET_curpos = 0; +} + +$query_count_cat=mysql_query("SELECT COUNT('user_id') + FROM `users` + WHERE `user_account_enabled` = 'yes' + AND `user_account_hidden` = 'no' + ORDER BY `user_name` ASC ;"); +$result_count_cat = mysql_fetch_row($query_count_cat); + + echo "<p align='center'>"; + $j=0; + for ($i=0; $i < $result_count_cat[0]; $i += $roscms_intern_items_per_page) { + $j++; + if ($roscms_SET_curpos == $i) { + echo "<b>".$j."</b> "; + } + else { + echo "<a href='?page=admin&sec=users&sec2=view&sort=".$rpm_sort."&amp ;filt=".$rpm_filt."&opt=".$rpm_opt."&langid=".$rpm_lang_id."&amp ;curpos=".$i."'>".$j."</a> "; + } + } + $j=0; + echo "</p>"; + +?> <table width="100%" border="0" cellpadding="1" cellspacing="1"> <tr bgcolor="#5984C3"> <td width="9%"> <div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Action</strong></font></div></td> @@ -192,13 +245,13 @@ $query_page = mysql_query("SELECT * FROM users $ros_cms_intern_users_filt $ros_cms_intern_users_lang - ORDER BY '$ros_cms_intern_users_sortby' $ros_cms_intern_users_sort") ; + ORDER BY '$ros_cms_intern_users_sortby' $ros_cms_intern_users_sort LIMIT ". $roscms_SET_curpos ." , ". $roscms_intern_items_per_page ." ;") ; } else { $query_page = mysql_query("SELECT * FROM users $ros_cms_intern_users_filt AND user_account_hidden != 0 $ros_cms_intern_users_lang - ORDER BY '$ros_cms_intern_users_sortby' $ros_cms_intern_users_sort") ; + ORDER BY '$ros_cms_intern_users_sortby' $ros_cms_intern_users_sort LIMIT ". $roscms_SET_curpos ." , ". $roscms_intern_items_per_page ." ;") ; } $farbe1=$roscms_intern_color1; @@ -220,8 +273,8 @@ echo $farbe2; $farbe = $farbe2; } - ?>" title="RosCMS action buttons:

* View account
* Delete account
* Email
* Website"> - <div align="center"><img src="images/view.gif" alt="View" width="19" height="18" border="0">  + ?>"> + <div align="center"><a href="<?php echo "?page=user&sec=profil&sec2=".$result_page['user_id']; ?>"><img src="images/view.gif" alt="Profil" width="19" height="18" border="0"></a>  <?php if ($result_page['user_email'] != "") { ?> @@ -289,6 +342,20 @@ } // end while ?> </table> +<p align="center"><b><?php + + echo ($roscms_SET_curpos+1)." to "; + + if (($roscms_SET_curpos + $roscms_intern_items_per_page) > $result_count_cat[0]) { + echo $result_count_cat[0]; + } + else { + echo ($roscms_SET_curpos + $roscms_intern_items_per_page); + } + + echo " of ".$result_count_cat[0]; + +?></b></p> <?php $roscms_infotable = "user"; include("inc/inc_description_table.php"); _____ Added: trunk/web/reactos.org/htdocs/roscms/inc/admin_user_group_members.php --- trunk/web/reactos.org/htdocs/roscms/inc/admin_user_group_members.php 2005-12-06 19:43:53 UTC (rev 19937) +++ trunk/web/reactos.org/htdocs/roscms/inc/admin_user_group_members.php 2005-12-06 19:57:28 UTC (rev 19938) @@ -0,0 +1,251 @@ +<?php + + // To prevent hacking activity: + if ( !defined('ROSCMS_SYSTEM') OR !defined('ROSCMS_SYSTEM_ADMIN') ) + { + if ( !defined('ROSCMS_SYSTEM_LOG') ) { + define ("ROSCMS_SYSTEM_LOG", "Hacking attempt"); + } + $seclog_section="roscms_admin_interface"; + $seclog_level="50"; + $seclog_reason="Hacking attempt: admin_users.php"; + define ("ROSCMS_SYSTEM", "Hacking attempt"); + include('securitylog.php'); // open security log + die("Hacking attempt"); + } + +?> +<div class="contentSmall"> <span class="contentSmallTitle">Admin Interface - Group Members</span> + <ul> + <li><strong>Group Members</strong></li> + </ul> + <p>Action: <a href="?page=admin&sec=usrgrpmbr&sec2=add&sec3=new&db_id= new">New Membership</a> | <a href="?page=admin&sec=usrgrpmbr&sec2=view">reset + filters & sort</a></p> + <?php + + + if ($rpm_lang_id == "") { + $rpm_lang_id="all"; + } + //echo '<p>Language: '; + //echo '<b>All</b>'; + $ros_cms_intern_users_lang = " "; + //echo '</p>'; + + if ($rpm_filt == "") { + $rpm_filt="active"; + } + //echo '<p>Filter: '; + //echo '<b>active</b>'; + $ros_cms_intern_users_filt = " "; + //echo '</p>'; + + if ($rpm_filt == "") { + $rpm_filt="active"; + } + echo '<p>Filter: '; + if ($rpm_filt == "active") { + echo '<b>all</b>'; + $ros_cms_intern_users_filt = " "; + } + else { + echo '<a href="?page=admin&sec=usrgrpmbr&sec2=view&sort='.$rpm_sort.' &filt=active&langid='.$rpm_lang_id.'">all</a>'; + } + echo ' | '; + if ($rpm_filt == "sadmin") { + echo '<b>super admin</b>'; + $ros_cms_intern_users_filt = " WHERE `usergroupmember_usergroupid` = 'ros_sadmin' "; + } + else { + echo '<a href="?page=admin&sec=usrgrpmbr&sec2=view&sort='.$rpm_sort.' &filt=sadmin&langid='.$rpm_lang_id.'">super admin</a>'; + } + echo ' | '; + if ($rpm_filt == "admin") { + echo '<b>admin</b>'; + $ros_cms_intern_users_filt = " WHERE `usergroupmember_usergroupid` = 'ros_admin' "; + } + else { + echo '<a href="?page=admin&sec=usrgrpmbr&sec2=view&sort='.$rpm_sort.' &filt=admin&langid='.$rpm_lang_id.'">admin</a>'; + } + echo ' | '; + if ($rpm_filt == "dev") { + echo '<b>developer</b>'; + $ros_cms_intern_users_filt = " WHERE `usergroupmember_usergroupid` = 'developer' "; + } + else { + echo '<a href="?page=admin&sec=usrgrpmbr&sec2=view&sort='.$rpm_sort.' &filt=dev&langid='.$rpm_lang_id.'">developer</a>'; + } + echo ' | '; + if ($rpm_filt == "mod") { + echo '<b>moderator</b>'; + $ros_cms_intern_users_filt = " WHERE `usergroupmember_usergroupid` = 'moderator' "; + } + else { + echo '<a href="?page=admin&sec=usrgrpmbr&sec2=view&sort='.$rpm_sort.' &filt=mod&langid='.$rpm_lang_id.'">moderator</a>'; + } + echo ' | '; + if ($rpm_filt == "trans") { + echo '<b>translator</b>'; + $ros_cms_intern_users_filt = " WHERE `usergroupmember_usergroupid` = 'translator' "; + } + else { + echo '<a href="?page=admin&sec=usrgrpmbr&sec2=view&sort='.$rpm_sort.' &filt=trans&langid='.$rpm_lang_id.'">translator</a>'; + } + echo ' | '; + if ($rpm_filt == "user") { + echo '<b>normal user</b>'; + $ros_cms_intern_users_filt = " WHERE `usergroupmember_usergroupid` = 'user' "; + } + else { + echo '<a href="?page=admin&sec=usrgrpmbr&sec2=view&sort='.$rpm_sort.' &filt=user&langid='.$rpm_lang_id.'">normal user</a>'; + } + + if ($rpm_sort == "") { + $rpm_sort="id"; + } + echo '<p>Sorted by: '; + if ($rpm_sort == "id") { + echo '<b>user ID</b>'; + $ros_cms_intern_users_sortby="usergroupmember_userid"; + $ros_cms_intern_users_sort="ASC"; + } + else { + echo '<a href="?page=admin&sec=usrgrpmbr&sec2=view&sort=id&filt=' .$rpm_filt.'&opt='.$rpm_opt.'&langid='.$rpm_lang_id.'">user ID</a>'; + } + echo ' | '; + if ($rpm_sort == "group") { + echo '<b>group ID</b>'; + $ros_cms_intern_users_sortby="usergroupmember_usergroupid"; + $ros_cms_intern_users_sort="ASC"; + } + else { + echo '<a href="?page=admin&sec=usrgrpmbr&sec2=view&sort=group&fil t='.$rpm_filt.'&opt='.$rpm_opt.'&langid='.$rpm_lang_id.'">group ID</a>'; + } + echo '</p>'; + +?> +<?php + +// Setting: +$roscms_intern_items_per_page = 50; + + +$roscms_SET_curpos = ""; +if (array_key_exists("curpos", $_GET)) $roscms_SET_curpos=htmlspecialchars($_GET["curpos"]); +if (!$roscms_SET_curpos) { + $roscms_SET_curpos = 0; +} + +$query_count_cat=mysql_query("SELECT COUNT('usergroupmember_userid') + FROM `usergroup_members` + " . $ros_cms_intern_users_filt . " + ORDER BY `usergroupmember_userid` ASC ;"); +$result_count_cat = mysql_fetch_row($query_count_cat); + + echo "<p align='center'>"; + $j=0; + for ($i=0; $i < $result_count_cat[0]; $i += $roscms_intern_items_per_page) { + $j++; + if ($roscms_SET_curpos == $i) { + echo "<b>".$j."</b> "; + } + else { + echo "<a href='?page=admin&sec=usrgrpmbr&sec2=view&sort=".$rpm_sort." &filt=".$rpm_filt."&opt=".$rpm_opt."&langid=".$rpm_lang_id." &curpos=".$i."'>".$j."</a> "; + } + } + $j=0; + echo "</p>"; + +?> +<table width="100%" border="0" cellpadding="1" cellspacing="1"> + <tr bgcolor="#5984C3"> + <td width="6%"> + <div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Action</strong></font></div></td> + <td width="4%" bgcolor="#5984C3"> + <div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>ID</strong></font></div></td> + <td width="20%" bgcolor="#5984C3"> + <div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Nick</strong></font></div></td> + <td width="20%"> + <div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Usergroup</strong></font></div></td> + <td width="50%" bgcolor="#5984C3"> + <div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Usergroup + description</strong></font></div></td> + </tr> + <?php + + if($roscms_intern_account_level==100) { + $query_page = mysql_query("SELECT * + FROM usergroup_members + $ros_cms_intern_users_filt $ros_cms_intern_users_lang + ORDER BY '$ros_cms_intern_users_sortby' $ros_cms_intern_users_sort LIMIT ". $roscms_SET_curpos ." , ". $roscms_intern_items_per_page ." ;") ; + } + else { + $query_page = mysql_query("SELECT * + FROM usergroup_members + $ros_cms_intern_users_filt AND user_account_hidden != 0 $ros_cms_intern_users_lang + ORDER BY '$ros_cms_intern_users_sortby' $ros_cms_intern_users_sort LIMIT ". $roscms_SET_curpos ." , ". $roscms_intern_items_per_page ." ;") ; + } + + $farbe1="#E2E2E2"; + $farbe2="#EEEEEE"; + $zaehler="0"; + //$farbe="#CCCCC"; + + while($result_page = mysql_fetch_array($query_page)) { // users +?> + <tr> + <td width="9%" valign="middle" bgcolor="<?php + $zaehler++; + if ($zaehler == "1") { + echo $farbe1; + $farbe = $farbe1; + } + elseif ($zaehler == "2") { + $zaehler="0"; + echo $farbe2; + $farbe = $farbe2; + } + ?>"> + <div align="center"><a href="?page=admin&sec=usrgrpmbr&sec2=edit&sec3=<?php echo $result_page['usergroupmember_usergroupid']; ?>&db_id=<?php echo $result_page['usergroupmember_userid']; ?>"><img src="images/view.gif" alt="Edit Membership" width="19" height="18" border="0"></a> <a href="?page=admin&sec=usrgrpmbr&sec2=add&sec3=new&db_id= <?php echo $result_page['usergroupmember_userid']; ?>"><img src="images/tool.gif" alt="Add Membership" width="19" height="18" border="0"></a> <a href="?page=admin&sec=usrgrpmbr&sec2=delete&sec3=<?php echo $result_page['usergroupmember_usergroupid']; ?>&db_id=<?php echo $result_page['usergroupmember_userid']; ?>"><img src="images/delete.gif" alt="Add Membership" width="19" height="18" border="0"></a></div></td> + <td width="7%" valign="middle" bgcolor="<?php echo $farbe; ?>"> <div align="center"><font face="Arial, Helvetica, sans-serif"><?php echo "<b>".$result_page['usergroupmember_userid']."</b>"; ?></font></div></td> + <td width="10%" valign="middle" bgcolor="<?php echo $farbe; ?>"><font face="Arial, Helvetica, sans-serif"><?php + $query_usra = mysql_query("SELECT user_id, user_name FROM users WHERE user_id = '".$result_page['usergroupmember_userid']."'") or die('DB error (membership script)!'); + $result_usra = mysql_fetch_array($query_usra); // or die('DB error (show_sessions script)'); + + echo $result_usra['user_name']." <a href='?page=user&sec=profil&sec2=".$result_page['usergroupmember _userid']."'>[Profil]</a>"; ?> + </font></td> + <td width="13%" valign="middle" bgcolor="<?php echo $farbe; ?>" title="<?php echo $result_page['usergroupmember_usergroupid']; ?>"><div align="left"><font face="Arial, Helvetica, sans-serif"> + <?php + //echo "SELECT usrgroup_name_id, usrgroup_name FROM usergroups WHERE usrgroup_name_id = '".$result_page['usergroupmember_usergroupid']."'<br>"; + $query_grpb = mysql_query("SELECT usrgroup_name_id, usrgroup_name, usrgroup_description FROM usergroups WHERE usrgroup_name_id = '".$result_page['usergroupmember_usergroupid']."'") or die('DB error (membership script)!'); + $result_grpb = mysql_fetch_array($query_grpb) or die('DB error (membership script)'); + + echo $result_grpb['usrgroup_name']; + ?> + </font></div></td> + <td width="15%" valign="middle" bgcolor="<?php echo $farbe; ?>"> <font face="Arial, Helvetica, sans-serif"><?php + echo substr(htmlentities($result_grpb['usrgroup_description'], ENT_QUOTES), 0, 50)."..."; + ?></font></tr> + <?php + } // end while +?> + </table> +<p align="center"><b><?php + + echo ($roscms_SET_curpos+1)." to "; + + if (($roscms_SET_curpos + $roscms_intern_items_per_page) > $result_count_cat[0]) { + echo $result_count_cat[0]; + } + else { + echo ($roscms_SET_curpos + $roscms_intern_items_per_page); + } + + echo " of ".$result_count_cat[0]; + +?></b></p> + <?php + $roscms_infotable = "user"; + include("inc/inc_description_table.php"); +?> +</div> Property changes on: trunk/web/reactos.org/htdocs/roscms/inc/admin_user_group_members.php ___________________________________________________________________ Name: svn:eol-style + native _____ Added: trunk/web/reactos.org/htdocs/roscms/inc/admin_user_group_members_edit.ph p --- trunk/web/reactos.org/htdocs/roscms/inc/admin_user_group_members_edit.ph p 2005-12-06 19:43:53 UTC (rev 19937) +++ trunk/web/reactos.org/htdocs/roscms/inc/admin_user_group_members_edit.ph p 2005-12-06 19:57:28 UTC (rev 19938) @@ -0,0 +1,176 @@ +<?php +if ($rpm_sec2=="delete") { +?> +<div class="contentSmall"> <span class="contentSmallTitle">Admin Interface - Group Members - Delete Membership</span> + <ul> + <li><strong><a href="?page=admin&sec=usrgrpmbr&sec2=view">Group Members</a></strong> + <ul> + <li>Delete Membership</li> + </ul> + </li> + </ul> +<?php + $spdas="DELETE FROM `usergroup_members` WHERE `usergroupmember_userid` = ".mysql_real_escape_string($rpm_db_id)." AND `usergroupmember_usergroupid` = '".mysql_real_escape_string($rpm_sec3)."' LIMIT 1;"; + $spdaslists=mysql_query($spdas); + echo "<p>The group membership '".$rpm_sec3."' for the user '".$rpm_db_id."' has been deleted!</p>"; +} +else { +?> + +<div class="contentSmall"> <span class="contentSmallTitle">Admin Interface - Group Members - <?php if ($rpm_sec2=="edit") { echo "Edit"; } elseif ($rpm_sec2=="add") { echo "Add"; } ?> Membership</span> + <ul> + <li><strong><a href="?page=admin&sec=usrgrpmbr&sec2=view">Group Members</a></strong> + <ul> + <li><?php if ($rpm_sec2=="edit") { echo "Edit"; } elseif ($rpm_sec2=="add") { echo "Add"; } ?> Membership</li> + </ul> + </li> + </ul> +<?php + + $query_contenta = mysql_query("SELECT * FROM users WHERE user_id = '".$roscms_intern_account_id."'") ; + + $farbe="#E2E2E2"; + + $result_contenta = mysql_fetch_array($query_contenta); + + if ($rpm_sec2=="save") { + $save_account_member_usrid=""; + $save_account_member_usrgrp=""; + + if (array_key_exists("usrid", $_POST)) $save_account_member_usrid=$_POST['usrid']; + if (array_key_exists("usrgrp", $_POST)) $save_account_member_usrgrp=$_POST['usrgrp']; + + if ($save_account_member_usrgrp == "ros_sadmin" && $roscms_intern_usrgrp_sadmin != true) { + die("Not possible! You will need a higher account membership level!"); + } + if ($save_account_member_usrgrp == "ros_admin" && ($roscms_intern_usrgrp_sadmin != true || $roscms_intern_usrgrp_admin != true)) { + die("Not possible! You will need a higher account membership level!"); + } + + if ($save_account_member_usrid && $save_account_member_usrgrp && $rpm_sec3) { + $content_posta="UPDATE `usergroup_members` SET `usergroupmember_usergroupid` = '". mysql_real_escape_string($save_account_member_usrgrp) ."' + WHERE `usergroupmember_userid` =". mysql_real_escape_string($save_account_member_usrid) ." + AND CONVERT( `usergroupmember_usergroupid` USING utf8 ) = '". mysql_real_escape_string($rpm_sec3) ."' + LIMIT 1 ;"; + $content_post_lista=mysql_query($content_posta); + echo "<p><b>saved</b></p>"; + $rpm_db_id = $save_account_member_usrid; + } + } + if ($rpm_sec2=="insert") { + $save_account_member_usrid=""; + $save_account_member_usrgrp=""; + $save_account_member_usridname=""; + + if (array_key_exists("usrid", $_POST)) $save_account_member_usrid=$_POST['usrid']; + if (array_key_exists("usridname", $_POST)) $save_account_member_usridname=$_POST['usridname']; + if (array_key_exists("usrgrp", $_POST)) $save_account_member_usrgrp=$_POST['usrgrp']; + + if ($save_account_member_usridname == "1") { + $accountinfo_query = @mysql_query("SELECT user_name, user_id FROM users WHERE user_name = '".mysql_real_escape_string($save_account_member_usrid)."'") or die('DB error (admin group members edit interface)!'); + $accountinfo_result = @mysql_fetch_array($accountinfo_query); + if ($accountinfo_result['user_id']) { + $save_account_member_usrid = $accountinfo_result['user_id']; + } + else { + die("<blink>Username not found!</blink>"); + } + } + + if ($save_account_member_usrgrp == "ros_sadmin" && $roscms_intern_usrgrp_sadmin != true) { + die("Not possible! You will need a higher account membership level!"); + } + if ($save_account_member_usrgrp == "ros_admin" && ($roscms_intern_usrgrp_sadmin != true || $roscms_intern_usrgrp_admin != true)) { + die("Not possible! You will need a higher account membership level!"); + } + + if ($save_account_member_usrid && $save_account_member_usrgrp && $rpm_sec3) { + $content_postb="INSERT INTO `usergroup_members` ( `usergroupmember_userid` , `usergroupmember_usergroupid` ) + VALUES ( + '". mysql_real_escape_string($save_account_member_usrid) ."', '". mysql_real_escape_string($save_account_member_usrgrp) ."') ;"; + $content_post_listb=mysql_query($content_postb); + echo "<p><b>saved (".$save_account_member_usrid." -> ".$save_account_member_usrgrp.")</b></p>"; + $rpm_db_id = $save_account_member_usrid; + } + } +?> + <form name="cms_content" method="post" action="?page=admin&sec=usrgrpmbr&sec2=<?php if ($rpm_sec2=="edit") { echo "save"; } elseif ($rpm_sec2=="add") { echo "insert"; } ?>&sec3=<?php echo $rpm_sec3; ?>"> + <table width="600" border="0" cellpadding="1" cellspacing="1"> + <tr> + <td width="15%" valign="top" bgcolor="#5984C3"><div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>User + ID </strong></font></div></td> + <td width="85%" valign="top" bgcolor="#E2E2E2"><font face="Arial, Helvetica, sans-serif"> + <?php + if ($rpm_db_id == "new") { + ?> + <input name="usrid" type="text" id="usrid" size="30" maxlength="50"> + <input name="usridname" type="hidden" id="usridname" value="1"> + <?php + } + else { + $query_usra = mysql_query("SELECT user_id, user_name FROM users WHERE user_id = '". $rpm_db_id ."'") or die('DB error (admin membership script)!'); + $result_usra = mysql_fetch_array($query_usra); // or die('DB error (user_group_members_edit)'); + + echo "<b>".$rpm_db_id."</b> (".$result_usra['user_name'].")"; ?> + <input name="usrid" type="hidden" id="usrid" value="<?php echo $rpm_db_id; ?>"> + <?php + } + ?> + </font></td> + </tr> + <tr> + <td valign="top" bgcolor="#5984C3"><div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Usergroup</strong></font></div></td> + <td valign="top" bgcolor="#EEEEEE"><font face="Arial, Helvetica, sans-serif"> + <select id="usrgrp" size="1" name="usrgrp" class="selectbox"> + <?php + $sql_lang="SELECT * + FROM `usergroup_members` + WHERE `usergroupmember_userid` = ". $rpm_db_id ." + AND `usergroupmember_usergroupid` = '". $rpm_sec3 ."' + LIMIT 1 "; + $sql_query_lang=mysql_query($sql_lang); + $myrow_lang=mysql_fetch_array($sql_query_lang); // Languages + ?> + <optgroup label="usergroups"> + <?php + + // User Groups + $sql_langa="SELECT * + FROM `usergroups` + ORDER BY `usrgroup_securitylevel` ASC "; + $sql_query_langa=mysql_query($sql_langa); + while($myrow_langa=mysql_fetch_array($sql_query_langa)) { + echo '<option value="'.$myrow_langa['usrgroup_name_id'].'"'; + //echo "<br>=>".$myrow_lang['usergroupmember_userid']." == ".$myrow_langa['usrgroup_name_id']; + if ($myrow_lang['usergroupmember_usergroupid'] == $myrow_langa['usrgroup_name_id']) { + echo ' selected="selected"'; + } + echo '>'.$myrow_langa['usrgroup_name'].'</option>'; + } + ?> + </optgroup> + </select> + </font></td> + </tr> + </table> + <br /> + <input type="submit" name="Submit" value="Save"> + </form> + <p> </p> + <?php + if ($rpm_db_id != "new") { + + echo "<p><b>".$result_usra['user_name']." is currently member of the following usergroups:</b></p><ul>"; + + $query_page = mysql_query("SELECT * + FROM `usergroup_members` + WHERE `usergroupmember_userid` = $rpm_db_id + ORDER BY `usergroupmember_usergroupid` ASC ;") ; + while($result_page = mysql_fetch_array($query_page)) { + echo "<li>".$result_page['usergroupmember_usergroupid']."</li>"; + } + echo "</ul>"; + } +} +?> +</div> Property changes on: trunk/web/reactos.org/htdocs/roscms/inc/admin_user_group_members_edit.ph p ___________________________________________________________________ Name: svn:eol-style + native _____ Deleted: trunk/web/reactos.org/htdocs/roscms/inc/admin_user_group_memebers.php --- trunk/web/reactos.org/htdocs/roscms/inc/admin_user_group_memebers.php 2005-12-06 19:43:53 UTC (rev 19937) +++ trunk/web/reactos.org/htdocs/roscms/inc/admin_user_group_memebers.php 2005-12-06 19:57:28 UTC (rev 19938) @@ -1,164 +0,0 @@ -<?php - /* - RosCMS - ReactOS Content Management System - Copyright (C) 2005 Klemens Friedl <frik85(a)reactos.org> - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - */ - - // To prevent hacking activity: - if ( !defined('ROSCMS_SYSTEM') OR !defined('ROSCMS_SYSTEM_ADMIN') ) - { - if ( !defined('ROSCMS_SYSTEM_LOG') ) { - define ("ROSCMS_SYSTEM_LOG", "Hacking attempt"); - } - $seclog_section="roscms_admin_interface"; - $seclog_level="50"; - $seclog_reason="Hacking attempt: admin_users.php"; - define ("ROSCMS_SYSTEM", "Hacking attempt"); - include('securitylog.php'); // open security log - die("Hacking attempt"); - } - -?> -<div class="contentSmall"> <span class="contentSmallTitle">Admin Interface - Group Members</span> - <ul> - <li><strong>Group Members</strong></li> - </ul> - - - <p>Action: <a href="#">New Membership</a> | <a href="?page=admin&sec=usrgrpmbr&sec2=view">reset - filters & sort</a></p> -<?php - - - if ($rpm_lang_id == "") { - $rpm_lang_id="all"; - } - echo '<p>Language: '; - echo '<b>All</b>'; - $ros_cms_intern_users_lang = " "; - echo '</p>'; - - if ($rpm_filt == "") { - $rpm_filt="active"; - } - echo '<p>Filter: '; - echo '<b>active</b>'; - $ros_cms_intern_users_filt = " "; - echo '</p>'; - - if ($rpm_sort == "") { - $rpm_sort="id"; - } - echo '<p>Sorted by: '; - if ($rpm_sort == "id") { - echo '<b>user ID</b>'; - $ros_cms_intern_users_sortby="usergroupmember_userid"; - $ros_cms_intern_users_sort="ASC"; - } - else { - echo '<a href="?page=admin&sec=usrgrpmbr&sec2=view&sort=id&filt=' .$rpm_filt.'&opt='.$rpm_opt.'&langid='.$rpm_lang_id.'">user ID</a>'; - } - echo ' | '; - if ($rpm_sort == "group") { - echo '<b>group ID</b>'; - $ros_cms_intern_users_sortby="usergroupmember_usergroupid"; - $ros_cms_intern_users_sort="ASC"; - } - else { - echo '<a href="?page=admin&sec=usrgrpmbr&sec2=view&sort=group&fil t='.$rpm_filt.'&opt='.$rpm_opt.'&langid='.$rpm_lang_id.'">group ID</a>'; - } - echo '</p>'; - -?> - <table width="100%" border="0" cellpadding="1" cellspacing="1"> - <tr bgcolor="#5984C3"> - <td width="6%"> - <div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Action</strong></font></div></td> - <td width="4%" bgcolor="#5984C3"> - <div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>ID</strong></font></div></td> - <td width="20%" bgcolor="#5984C3"> - <div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Nick</strong></font></div></td> - <td width="20%"> - <div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Usergroup</strong></font></div></td> - <td width="50%" bgcolor="#5984C3"> - <div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Usergroup - description</strong></font></div></td> - </tr> - <?php - - if($roscms_intern_account_level==100) { - $query_page = mysql_query("SELECT * - FROM usergroup_members - $ros_cms_intern_users_filt $ros_cms_intern_users_lang - ORDER BY '$ros_cms_intern_users_sortby' $ros_cms_intern_users_sort") ; - } - else { - $query_page = mysql_query("SELECT * - FROM usergroup_members - $ros_cms_intern_users_filt AND user_account_hidden != 0 $ros_cms_intern_users_lang - ORDER BY '$ros_cms_intern_users_sortby' $ros_cms_intern_users_sort") ; - } - - $farbe1=$roscms_intern_color1; - $farbe2=$roscms_intern_color2; - $zaehler="0"; - //$farbe="#CCCCC"; - - while($result_page = mysql_fetch_array($query_page)) { // users -?> - <tr> - <td width="9%" valign="middle" bgcolor="<?php - $zaehler++; - if ($zaehler == "1") { - echo $farbe1; - $farbe = $farbe1; - } - elseif ($zaehler == "2") { - $zaehler="0"; - echo $farbe2; - $farbe = $farbe2; - } - ?>" title="RosCMS action buttons:

* View account
* Delete account
* Email
* Website"> - <div align="center"><img src="images/view.gif" alt="View" width="19" height="18" border="0"></div></td> - <td width="7%" valign="middle" bgcolor="<?php echo $farbe; ?>"> <div align="center"><font face="Arial, Helvetica, sans-serif"><?php echo "<b>".$result_page['usergroupmember_userid']."</b>"; ?></font></div></td> - <td width="10%" valign="middle" bgcolor="<?php echo $farbe; ?>"><font face="Arial, Helvetica, sans-serif"><?php - $query_usra = mysql_query("SELECT user_id, user_name FROM users WHERE user_id = '".$result_page['usergroupmember_userid']."'") or die('DB error (membership script)!'); - $result_usra = mysql_fetch_array($query_usra) or die('DB error (show_sessions script)'); - - echo $result_usra['user_name']; ?> - </font></td> - <td width="13%" valign="middle" bgcolor="<?php echo $farbe; ?>" title="<?php echo $result_page['usergroupmember_usergroupid']; ?>"><div align="left"><font face="Arial, Helvetica, sans-serif"> - <?php - //echo "SELECT usrgroup_name_id, usrgroup_name FROM usergroups WHERE usrgroup_name_id = '".$result_page['usergroupmember_usergroupid']."'<br>"; - $query_grpb = mysql_query("SELECT usrgroup_name_id, usrgroup_name, usrgroup_description FROM usergroups WHERE usrgroup_name_id = '".$result_page['usergroupmember_usergroupid']."'") or die('DB error (membership script)!'); - $result_grpb = mysql_fetch_array($query_grpb) or die('DB error (membership script)'); - - echo $result_grpb['usrgroup_name']; - ?> - </font></div></td> - <td width="15%" valign="middle" bgcolor="<?php echo $farbe; ?>"> <font face="Arial, Helvetica, sans-serif"><?php - echo substr(htmlentities($result_grpb['usrgroup_description'], ENT_QUOTES), 0, 50)."..."; - ?></font></tr> - <?php - } // end while -?> - </table> - <?php - $roscms_infotable = "user"; - include("inc/inc_description_table.php"); -?> -</div> _____ Modified: trunk/web/reactos.org/htdocs/roscms/inc/inc_description_table.php --- trunk/web/reactos.org/htdocs/roscms/inc/inc_description_table.php 2005-12-06 19:43:53 UTC (rev 19937) +++ trunk/web/reactos.org/htdocs/roscms/inc/inc_description_table.php 2005-12-06 19:57:28 UTC (rev 19938) @@ -30,7 +30,7 @@ <td width="50%" valign="top"> <table width="100%" border="0"> <tr> <td width="25" valign="top"><img src="images/view.gif" width="19" height="18" border="0"></td> - <td valign="middle"><font size="1"><strong>View</strong> entry</font></td> + <td valign="middle"><font size="1"><strong>View/Edit</strong> entry</font></td> </tr> <tr> <td valign="top"><img src="images/tool.gif" width="19" height="18" border="0"></td> @@ -96,8 +96,12 @@ <td width="50%" valign="top"> <table width="100%" border="0"> <tr> <td width="25" valign="top"><img src="images/view.gif" width="19" height="18" border="0"></td> - <td valign="middle"><font size="1"><strong>View</strong> entry</font></td> + <td valign="middle"><font size="1"><strong>View/Edit</strong> entry</font></td> </tr> + <tr> + <td valign="top"><img src="images/tool.gif" width="19" height="18" border="0"></td> + <td valign="middle"><font size="1"><strong>Add</strong> entry</font></td> + </tr> <tr> <td valign="top"><img src="images/delete.gif" width="19" height="18"></td> <td valign="middle"><font size="1"><strong>Delete</strong> entry</font></td> _____ Modified: trunk/web/reactos.org/htdocs/roscms/inc/website_status.php --- trunk/web/reactos.org/htdocs/roscms/inc/website_status.php 2005-12-06 19:43:53 UTC (rev 19937) +++ trunk/web/reactos.org/htdocs/roscms/inc/website_status.php 2005-12-06 19:57:28 UTC (rev 19938) @@ -40,7 +40,7 @@ <td width="200"> <div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Title</strong></font></div></td> <td width="250"><div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Description</strong></font></div></td> - <td width="150"><div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Filename</strong></font></div></td> + <td width="200"><div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Name</strong></font></div></td> <td width="150"> <div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Language</strong></font></div></td> <td width="150"><div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Date & Time </strong></font></div></td> @@ -53,7 +53,7 @@ AND `content_visible` = 1 AND `content_type` = 'default' ORDER BY `content_id` DESC - LIMIT 0 , 10 ;") ; + LIMIT 0 , 15 ;") ; $color=""; $color1=$roscms_intern_color1; $color2=$roscms_intern_color2; @@ -74,7 +74,7 @@ [truncated at 1000 lines; 61 more skipped]

18 years, 9 months

[gvg] 19937: Tag 1.4.8

by gvg＠svn.reactos.com

Tag 1.4.8 Added: vendor/mediawiki/1.4.8/ _____ Copied: vendor/mediawiki/1.4.8 (from rev 19934, vendor/mediawiki/current)

18 years, 9 months

← Newer
1
...
53
54
55
56
57
58
59
...
71
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Ros-diffs December 2005