Ros-diffs December 2005

ros-diffs@reactos.org

40 participants
704 discussions

[turner] 19946: Change version and make DBG=0
by turner＠svn.reactos.com 07 Dec '05

07 Dec '05

Change version and make DBG=0 Modified: branches/ros-branch-0_2_9/config.template.xml Modified: branches/ros-branch-0_2_9/include/reactos/version.h _____ Modified: branches/ros-branch-0_2_9/config.template.xml --- branches/ros-branch-0_2_9/config.template.xml 2005-12-07 09:20:22 UTC (rev 19945) +++ branches/ros-branch-0_2_9/config.template.xml 2005-12-07 13:09:01 UTC (rev 19946) @@ -48,4 +48,4 @@ Whether to compile for debugging. No compiler optimizations will be performed. --> -<property name="DBG" value="1" /> +<property name="DBG" value="0" /> _____ Modified: branches/ros-branch-0_2_9/include/reactos/version.h --- branches/ros-branch-0_2_9/include/reactos/version.h 2005-12-07 09:20:22 UTC (rev 19945) +++ branches/ros-branch-0_2_9/include/reactos/version.h 2005-12-07 13:09:01 UTC (rev 19946) @@ -18,11 +18,11 @@ #define __VERSION_H #define KERNEL_VERSION_MAJOR 0 -#define KERNEL_VERSION_MINOR 3 -#define KERNEL_VERSION_PATCH_LEVEL 0 +#define KERNEL_VERSION_MINOR 2 +#define KERNEL_VERSION_PATCH_LEVEL 9 /* KERNEL_VERSION_BUILD_TYPE is L"SVN", L"RC1", L"RC2" or L"RELEASE" */ -#define KERNEL_VERSION_BUILD_TYPE L"SVN" +#define KERNEL_VERSION_BUILD_TYPE L"RC1" #endif

1 0

[gvg] 19945: Finish vendor import
by gvg＠svn.reactos.com 07 Dec '05

07 Dec '05

Finish vendor import Deleted: vendor/mediawiki/1.4.8/ Added: vendor/mediawiki/1.5.3/ Deleted: vendor/mediawiki/1.5.3/.cvsignore Added: vendor/mediawiki/1.5.3/.cvsignore Deleted: vendor/mediawiki/1.5.3/AdminSettings.sample Added: vendor/mediawiki/1.5.3/AdminSettings.sample Deleted: vendor/mediawiki/1.5.3/HISTORY Added: vendor/mediawiki/1.5.3/HISTORY Deleted: vendor/mediawiki/1.5.3/INSTALL Added: vendor/mediawiki/1.5.3/INSTALL Deleted: vendor/mediawiki/1.5.3/README Added: vendor/mediawiki/1.5.3/README Deleted: vendor/mediawiki/1.5.3/RELEASE-NOTES Added: vendor/mediawiki/1.5.3/RELEASE-NOTES Deleted: vendor/mediawiki/1.5.3/UPGRADE Added: vendor/mediawiki/1.5.3/UPGRADE Deleted: vendor/mediawiki/1.5.3/Version.php Deleted: vendor/mediawiki/1.5.3/config/index.php Added: vendor/mediawiki/1.5.3/config/index.php Added: vendor/mediawiki/1.5.3/docs/README Deleted: vendor/mediawiki/1.5.3/docs/deferred.doc Added: vendor/mediawiki/1.5.3/docs/deferred.txt Deleted: vendor/mediawiki/1.5.3/docs/design.doc Added: vendor/mediawiki/1.5.3/docs/design.txt Added: vendor/mediawiki/1.5.3/docs/export-0.1.xsd Added: vendor/mediawiki/1.5.3/docs/export-0.2.xsd Added: vendor/mediawiki/1.5.3/docs/export-0.3.xsd Added: vendor/mediawiki/1.5.3/docs/export-demo.xml Deleted: vendor/mediawiki/1.5.3/docs/globals.doc Added: vendor/mediawiki/1.5.3/docs/globals.txt Deleted: vendor/mediawiki/1.5.3/docs/hooks.doc Added: vendor/mediawiki/1.5.3/docs/hooks.txt Deleted: vendor/mediawiki/1.5.3/docs/language.doc Added: vendor/mediawiki/1.5.3/docs/language.txt Deleted: vendor/mediawiki/1.5.3/docs/linkcache.doc Added: vendor/mediawiki/1.5.3/docs/linkcache.txt Deleted: vendor/mediawiki/1.5.3/docs/memcached.doc Added: vendor/mediawiki/1.5.3/docs/memcached.txt Deleted: vendor/mediawiki/1.5.3/docs/schema.doc Added: vendor/mediawiki/1.5.3/docs/schema.txt Deleted: vendor/mediawiki/1.5.3/docs/skin.doc Added: vendor/mediawiki/1.5.3/docs/skin.txt Deleted: vendor/mediawiki/1.5.3/docs/title.doc Added: vendor/mediawiki/1.5.3/docs/title.txt Deleted: vendor/mediawiki/1.5.3/docs/user.doc Added: vendor/mediawiki/1.5.3/docs/user.txt Deleted: vendor/mediawiki/1.5.3/img_auth.php Added: vendor/mediawiki/1.5.3/img_auth.php Deleted: vendor/mediawiki/1.5.3/includes/Article.php Added: vendor/mediawiki/1.5.3/includes/Article.php Deleted: vendor/mediawiki/1.5.3/includes/AuthPlugin.php Added: vendor/mediawiki/1.5.3/includes/AuthPlugin.php Added: vendor/mediawiki/1.5.3/includes/BagOStuff.php Deleted: vendor/mediawiki/1.5.3/includes/Block.php Added: vendor/mediawiki/1.5.3/includes/Block.php Deleted: vendor/mediawiki/1.5.3/includes/BlockCache.php Added: vendor/mediawiki/1.5.3/includes/BlockCache.php Deleted: vendor/mediawiki/1.5.3/includes/CacheManager.php Added: vendor/mediawiki/1.5.3/includes/CacheManager.php Deleted: vendor/mediawiki/1.5.3/includes/CategoryPage.php Added: vendor/mediawiki/1.5.3/includes/CategoryPage.php Deleted: vendor/mediawiki/1.5.3/includes/ChangesList.php Added: vendor/mediawiki/1.5.3/includes/ChangesList.php Deleted: vendor/mediawiki/1.5.3/includes/Credits.php Added: vendor/mediawiki/1.5.3/includes/Credits.php Deleted: vendor/mediawiki/1.5.3/includes/Database.php Added: vendor/mediawiki/1.5.3/includes/Database.php Deleted: vendor/mediawiki/1.5.3/includes/DatabaseFunctions.php Added: vendor/mediawiki/1.5.3/includes/DatabaseFunctions.php Deleted: vendor/mediawiki/1.5.3/includes/DatabasePostgreSQL.php Added: vendor/mediawiki/1.5.3/includes/DatabasePostgreSQL.php Deleted: vendor/mediawiki/1.5.3/includes/DateFormatter.php Added: vendor/mediawiki/1.5.3/includes/DateFormatter.php Deleted: vendor/mediawiki/1.5.3/includes/DefaultSettings.php Added: vendor/mediawiki/1.5.3/includes/DefaultSettings.php Deleted: vendor/mediawiki/1.5.3/includes/Defines.php Added: vendor/mediawiki/1.5.3/includes/Defines.php Deleted: vendor/mediawiki/1.5.3/includes/DifferenceEngine.php Added: vendor/mediawiki/1.5.3/includes/DifferenceEngine.php Deleted: vendor/mediawiki/1.5.3/includes/EditPage.php Added: vendor/mediawiki/1.5.3/includes/EditPage.php Added: vendor/mediawiki/1.5.3/includes/Exif.php Added: vendor/mediawiki/1.5.3/includes/ExternalEdit.php Deleted: vendor/mediawiki/1.5.3/includes/ExternalStoreDB.php Added: vendor/mediawiki/1.5.3/includes/ExternalStoreDB.php Deleted: vendor/mediawiki/1.5.3/includes/Feed.php Added: vendor/mediawiki/1.5.3/includes/Feed.php Deleted: vendor/mediawiki/1.5.3/includes/FulltextStoplist.php Added: vendor/mediawiki/1.5.3/includes/FulltextStoplist.php Deleted: vendor/mediawiki/1.5.3/includes/GlobalFunctions.php Added: vendor/mediawiki/1.5.3/includes/GlobalFunctions.php Deleted: vendor/mediawiki/1.5.3/includes/Group.php Added: vendor/mediawiki/1.5.3/includes/Group.php Deleted: vendor/mediawiki/1.5.3/includes/HTMLForm.php Added: vendor/mediawiki/1.5.3/includes/HTMLForm.php Deleted: vendor/mediawiki/1.5.3/includes/HistoryBlob.php Added: vendor/mediawiki/1.5.3/includes/HistoryBlob.php Deleted: vendor/mediawiki/1.5.3/includes/Hooks.php Added: vendor/mediawiki/1.5.3/includes/Hooks.php Added: vendor/mediawiki/1.5.3/includes/HttpFunctions.php [truncated at 100 lines; 683 more skipped] _____ Copied: vendor/mediawiki/1.5.3 (from rev 19934, vendor/mediawiki/current) _____ Deleted: vendor/mediawiki/1.5.3/.cvsignore --- vendor/mediawiki/current/.cvsignore 2005-12-06 19:30:16 UTC (rev 19934) +++ vendor/mediawiki/1.5.3/.cvsignore 2005-12-07 09:20:22 UTC (rev 19945) @@ -1,8 +0,0 @@ -LocalSettings.php -AdminSettings.php -*~ -bin -.classpath -.project -project.index -.metadata* _____ Copied: vendor/mediawiki/1.5.3/.cvsignore (from rev 19939, vendor/mediawiki/current/.cvsignore) _____ Deleted: vendor/mediawiki/1.5.3/AdminSettings.sample --- vendor/mediawiki/current/AdminSettings.sample 2005-12-06 19:30:16 UTC (rev 19934) +++ vendor/mediawiki/1.5.3/AdminSettings.sample 2005-12-07 09:20:22 UTC (rev 19945) @@ -1,26 +0,0 @@ -<?php -/** - * This file should be copied to AdminSettings.php, and modified - * to reflect local settings. It is required for the maintenance - * scripts which run on the command line, as an extra security - * measure to allow using a separate user account with higher - * privileges to do maintenance work. - * - * Developers: Do not check AdminSettings.php into CVS! - * - * @package MediaWiki - */ - -/* - * This data is used by all database maintenance scripts - * (see directory maintenance/). The SQL user MUST BE - * MANUALLY CREATED or set to an existing user with - * necessary permissions. - * - * This is not to be confused with sysop accounts for the - * wiki. - */ -$wgDBadminuser = 'wikiadmin'; -$wgDBadminpassword = 'adminpass'; - -?> _____ Copied: vendor/mediawiki/1.5.3/AdminSettings.sample (from rev 19939, vendor/mediawiki/current/AdminSettings.sample) _____ Deleted: vendor/mediawiki/1.5.3/HISTORY --- vendor/mediawiki/current/HISTORY 2005-12-06 19:30:16 UTC (rev 19934) +++ vendor/mediawiki/1.5.3/HISTORY 2005-12-07 09:20:22 UTC (rev 19945) @@ -1,652 +0,0 @@ -Change notes from older releases. For current info see RELEASE-NOTES. - -Security reminder: MediaWiki does not require PHP's register_globals -setting since version 1.2.0. If you have it on, turn it *off* if you can. - -== Version 1.3.11, 2005-02-20 == - -MediaWiki 1.3.11 is a security release. - -A security audit found and fixed a number of problems. Users of MediaWiki -1.3.10 and earlier should upgrade to 1.3.11; users of 1.4 beta releases -should upgrade to 1.4rc1. - - -=== Cross-site scripting vulnerability === - -XSS injection points can be used to hijack session and authentication -cookies as well as more serious attacks. - -* Media: links output raw text into an attribute value, potentially - abusable for JavaScript injection. This has been corrected. -* Additional checks added to file upload to protect against MSIE and - Safari MIME-type autodetection bugs. - -As of 1.3.10/1.4beta6, per-user customized CSS and JavaScript is disabled -by default as a general precaution. Sites which want this ability may set -$wgAllowUserCss and $wgAllowUserJs in LocalSettings.php. - - -=== Cross-site request forgery === - -An attacker could use JavaScript-submitted forms to perform various -restricted actions by tricking an authenticated user into visiting -a malicious web page. A fix for page editing in 1.3.10/1.4beta6 has -been expanded in this release to other forms and functions. - -Authors of bot tools may need to update their code to include the -additional fields. - - -=== Directory traversal === - -An unchecked parameter in image deletion could allow an authenticated -administrator to delete arbitary files in directories writable by the -web server, and confirm existence of files not deletable. - - -== Version 1.3.10, 2005-02-03 == - -MediaWiki 1.3.10 is a security release. - -An attacker could craft a URL which, when visited by a particular -logged-in user, would execute arbitrary JavaScript code on the user's -browser in the wiki's site context. This attack has been blocked, and as -an extra precaution the user CSS and JavaScript subpage support is now -disabled by default. Sites which want this ability may set $wgAllowUserCss -and $wgAllowUserJs in LocalSettings.php. - -Additional protections have been added against off-site form submissions -hijacking user credentials. Authors of bot tools may need to update their -code to include additional fields. - -All wikis running 1.3.x are strongly urged to upgrade to 1.3.10. - -Changes from 1.3.9: -* Logged-in edits and preview of user CSS/JS are now locked to a session token. -* Per-user CSS and JavaScript subpage customizations now disabled by default. - They can be re-enabled via $wgAllowUserJs and $wgAllowUserCss. -* Removed .ogg from the default uploads whitelist as an extra precaution. - If your web server is configured to serve Ogg files with the correct - Content-Type header, you can re-add it in LocalSettings.php: - $wgFileExtensions[] = 'ogg'; - - - -== Version 1.3.9, 2004-12-12 == - -MediaWiki 1.3.9 is a security and bug fix release. - -A flaw in upload handling has been found which may allow upload and -execution of arbitrary scripts with the permissions of the web server. -Only wikis that have enabled uploads and have a vulnerable Apache -configuration will be affected, but to be safe all wikis should upgrade. - -Wikis with uploads available should either disable uploads or upgrade to -1.3.9 immediately; if other files are customized and require merging -changes, includes/SpecialUpload.php may be replaced individually to add -the fix. - -(It is also recommended to configure your web server to disable script -execution in the 'images' subdirectory where uploads are placed, which -prevents most attacks even if the wiki fails.) - -Changes from 1.3.8: -* Backported "Templates used in this page"-feature of EditPage -* Allow "MySkin" as a default skin. -* (bug 938) Parse namespaces correctly on self-interwiki links -* (bug 1010) fix broken Commons image link on Classic & Cologne Blue -* (bug 1004) Norsk language names for interwiki links changed, - Nauruan language name changed -* Enhance upload extension blacklist to protect against vulnerable - Apache configurations - - -== Version 1.3.8, 2004-11-15 == - -MediaWiki 1.3.8 is a bugfix release. Those running wikis with uploads -enabled are strongly recommended to upgrade as this fixes several problems -with overwriting previously-uploaded files. - -Changes from 1.3.7: -* (bug 506) fix array_key_exists() warning for IIS servers using - ISAPI mode -* (bug 718) fix bad charset in (file) cached pages -* use local numerals in category page (for Hindi et al) -* alias month abbreviations to month names in Hindi -* add localized numerals for Gujarati and Kannada -* fix Category and project namespaces for Hindi -* Don't output bogus timestamp on Special:Recentchanges if no entries -* Correct template include path which broke some but not all Windows installs -* Fix edit form submission problem with some PHP versions -* Disallow unreachable titles with %XX hex codes -* Allow page [[0]] to be renamed -* (bug 774) when saving with section=new, return to the anchor as with - existing numbered section edits -* Experimental shared upload overlay area (disabled by default) -* (bug 806) Removed some "Wikipedia" hardcoding in German localization -* User option localization fix for some extensions -* (bug 809) now try to load the mysql php extension if it isn't loaded -* (bug 848) fix error message in Special:Newpages RSS and Atom feeds -* (bug 26) fix cache headers on anon talk page notification -* (bug 874) added 'cgi' to wgFileBlacklist -* (bug 862) localize date and time format for Finnish -* (bug 548) Don't overwrite images until the user confirms it - - -== Version 1.3.7, 2004-10-18 == -Changes from 1.3.6: -* Fix protected-page related security issue. - - -== Version 1.3.6, 2004-10-14 == - -Changes from 1.3.5: -* (bug 296) Variables in user interface messages are no longer substituted - at install time, so changes to the site name etc should be easier to make -* (bug 149) Special:Recentchanges "changes from" link preserves limit -* (bug 433) tooltip for "Undelete" tab now labeled correctly -* (bug 439) unclickable "Move" tab no longer displays on protected pages -* (bug 484) graceful deletion of images where the actual file is missing -* (bug 686) fixed [[plural]]s in Catalan localization -* Fixed potential HTML/JavaScript injection attack in the UnicodeConverter - extension. (This extension is not enabled by default.) -* Fixed potential HTML/JavaScript injection attack via raw page views to - a maliciously crafted wiki page. -* (bug 187, bug 669) Fixed centered thumbnails, using <div> instead of - <span>. -* catch MySQL error 2000 during installation. -* (bug 704) Removed misleading LocalSettings.sample -* Fix cross site scripting bugs in SpecialIpblocklist, SpecialEmailuser -* Fix SQL injection and cross site scripting bugs in SpecialMaintenance -* Fix cross site scripting bugs and possible filename validation vulnerability - in ImagePage. -* and more of that sort - - -== Version 1.3.5, 2004-09-30 == - -Changes from 1.3.4: -* Clean up input validation in 'raw' page output mode which was a potential - cross-site scripting opportunity. - - -== Version 1.3.4, 2004-09-28 == - -************************** SECURITY NOTE! ****************************** - -As of 1.3.4, MediaWiki performs some screening of newly uploaded files for -validity. (Some) corrupt image files, and HTML files mistakenly or -maliciously masquerading as images, should now be rejected. - -These checks protect against Internet Explorer security holes relating -to type autodetection which are a potential cross-site scripting attack -vector, and also rejects at least one known version of the "JPEG virus" -which might attack unpatched clients. - -If you already have invalid files uploaded this will not protect against -them. If you have expanded the filetype whitelist or disabled the strict -type checking, other dangerous file types may still get through. You should -always be careful when allowing uploads! - - -Changes from 1.3.3: -* Fixed lots of template-related bugs, esp. for cases where template - variables are used for links, images, etc. -* Fixed transformation of page messages when viewing Special:Allmessages -* Handle "ISBN ISBN 1234" correctly -* Fixed warning on Category pages -* Fixed some bad error messages on login page -* Fixed history entry for initial main page on install -* Removed problematic { and } from legal title characters -* Strip leading blank from output in preformated text. -* Fixed problem when moving pages to titles with '#' in -* Optional $wgRawHtml for raw <html> sections. Use only on limited- - participation 'trusted' wikis, as it does not protect against cross-site - scripting attacks. For security, this option can only be enabled if in - $wgWhitelistEdit mode. -* Fixed problem where pages which were created as a redirect following - a move never showed on Special:Randompage. -* Fixed line spacing on printed table of contents -* Allow links to pages with names of the form [[RFC 1234]] -* Fixed broken edit links being shown for sections from included templates -* Verify that uploaded image files are of the claimed type. - - -== Version 1.3.3, 2004-09-09 == - -Changes from 1.3.2: -* Fix for long numeric page titles -* Fix Go search for "0", numeric almost-self-links -* Avoid caching of pages with "You have new messages" headers -* Fix for upgrades as non-root users from 1.2 command-line installs. -* Fix for $wgDebugDumpSql debug mode. -* $wgExtraNamespaces setting for configuring additional namespaces - (see note in DefaultSettings.php) -* 'recache' on query pages now disabled when miser mode is on; special case the - global settings in your LocalSettings.php to do automatic updates. -* Don't block UTF-8 titles containing byte 0xA0 (bug added in 1.3.2) -* Watch/unwatch tabs now shown on edit pages in MonoBook. -* Fix default skin in Irish localization (ga) -* Add Traditional Chinese localization (zh-tw) -* Changed default sortkey of subcategories. Don't include "Category:"-prefix - any longer -* More helpful info on spam catcher. -* Allow larger offsets for queries such as Special:Listusers -* Semicolon (;) added to French non-break space rules -* Possible fix for some install errors with path names permission problems. -* Removed [[Project:All system messages]], which has been superceded by - the much faster [[Special:Allmessages]]. This speeds up installation - considerably. - -== Version 1.3.2, 2004-08-30 == - -Changes from 1.3.1: -* Fix namespaced page creation links when no go match -* When cookies are disabled, don't show login screen twice -* Install should no longer die when PHP is pre-configured to compress output -* Fixed bug that caused long Japanese pages to time out with Tidy active -* When session.handler is set incorrectly, try automatic override to 'files' -* Watch/Unwatch links back to the affected page instead of Main Page -* Upload link no longer displayed on Monobook if uploading is disabled -* Special:Allmessages faster, shows correct original text, works in safe mode - - -== Version 1.3.1, 2004-08-14 == - -Changes from 1.3.0: -* Watchlist parameters now work with register_globals off -* Fixed parsing of ''italics'' and '''bold''' mark-up (again) -* Special:Allpages display is more sensible on smaller wikis -* Fixed XHTML parsing error in classic skins -* Moved pages update watchlist correctly -* Fixed rebuildall.php on case-sensitive Unix filesystems -* Disabled file cache compression by default due to incompatibility - with output buffer compression (ob_gzhandler) -* New magic word PAGENAMEE (URL-escaped version of PAGENAME) -* Installation avoids blank username; better message on missing XML module -* $wgWhitelistAccount no longer breaks all logins. - -== Version 1.3.0, 2004-08-11 == - -Look & layout: -* New default layout 'MonoBook' (available on PHP4 only currently) -* Print stylesheet now built-in to every page -* More or less correct XHTML 1.0 (served as text/html by default) - -Wiki features: -* Image captions can now include links and other basic formatting -* Image bounding box can be specified instead of width, e.g. as - 100x100px, making the image not wider than 100px and not higher - than 100px, keeping aspect ratio. -* Templates have been expanded with parameters, and separated from - the MediaWiki: localization scheme. -* Categories more or less work -* added a special page for listing users with sysop rights. - -Editing: -* Automatic merging of edit conflicts that don't directly interfere -* Edit summaries can now include basic formatting and links - -Metadata and output: -* Linked Creative Commons copyright metadata (optional) -* RSS 2.0 & Atom 0.3 feeds for Recent Changes, New Pages - -Optional modules: -* WikiHiero hieroglyphic module can be added (separate download) -* Timeline module can be added (separate download). - Requires ploticus. -* TeX now has an experimental MathML output mode (incomplete!) - -Installation and upgrading: -* The old install.php and update.php have been removed. In-place - installation introduced in 1.2 is now the standard installation - and upgrade method, see INSTALL and UPGRADE for directions. - -Database: -* The links table has been changed to use a cur_id for l_from. - The link tables must be converted on upgrade, which may entail - some downtime. - -Code and compatibility: -* Should now run clean with error reporting set to E_ALL. -* register_globals hack from 1.2 has been replaced with safer code -* Bundled PHPTAL 0.7.0 from http://phptal.sourceforge.net/ - (with some patches) -* Most image-related code moved to Image.php -* More fixes for PHP 4.1.2 (thanks to Asheesh Laroia) -* URL encoding fix for anchors -* All languages now available in UTF-8 mode -* Various other fixes - -=== Caveats === - -Some output, particularly involving user-supplied inline HTML, may not -produce 100% valid or well-formed XHTML output. Testers are welcome to -set $wgMimeType = "application/xhtml+xml"; to test for remaining problem -cases, but this is not recommended on live sites. (This must be set for -MathML to display properly in Mozilla.) - -The new 'MonoBook' skin is not compatible with PHP 5 due to bugs in the -underlying PHPTAL library. It will be automatically disabled when running -on PHP5; the older look and feel will be used instead. - - -== Version 1.2.6, 2004-05-24 == -* Spam blocker ($wgSpamRegex - refuses to save edits that match) -* Updated documentation about $wgWhitelistRead -* Ensure that searchindex table is created as MyISAM -* Interwiki cache timeout (memcached) -* Fix uploads on Windows with magic_quotes_gpc -* Some config fixes for Windows (slashes etc) -* Local interwiki URL redirects -* Fixed obscure deletion problem in squid mode on corrupt entries -* Language files updated to remove more hard-coded "Wikipedia" strings - -== Version 1.2.5, 2004-05-01 == -* Fixed install problem with blank root password -* Fixed Special:Emailuser/Username links -* Fixed main-page edit links on fuzzy search results -* Fixed wikipedia-interwiki.sql -* Fixed install with apache2filter (ugly URLs) -* IP in 'go' search brings up contributions -* Switch from broken & to ? on top-level wiki URL hack - -== Version 1.2.4, 2004-04-13 == - -* Fixed edit toolbar in Mozilla -* Diff links in Contributions for 'top' edits -* Fixed Nostalgia skin drop-down for register_globals off -* Backported optional open proxy blocker -* Backported $wgWhitelistRead -* $wgCapitalLinks option to force full case sensitivity in titles -* Cleaned up error handling when can't talk to database -* Disabled unsafe command-line installer (remove the "die()" call to use) - -== Version 1.2.3, 2004-04-02 == - -* Fixed an in-place install bug with non-root MySQL user -* Fixed history diff checkboxes bug on titles with ampersands -* Fixed printable link bug on special pages with parameters -* Fixed bug that broke IP blocking w/o memcached -* Turns off E_NOTICE warnings if PHP settings have them on - (you can grope in and turn this off if you like to debug) - -== Version 1.2.2, 2004-03-28 == - -* Fixed an upgrade bug introduced in 1.2.1. -* Disabled $wgUseCategoryMagic, which feature is incomplete broken - -== Version 1.2.1, 2004-03-27 == - -Installation, compatibility, security fixlets: -* Detect use of PHP as CGI and disable index.php/Title URLs -* Try to auto-create math tmp & output directories if not present -* Disable Asksql in default install ($wgAllowSysopQueries) -* Better handling of get_magic_quotes_gpc (apostrophe problems) -* French localisation no longer hard-codes "Wikipedia" name - -== Version 1.2.0 == - -New features in 1.2: -* Image resizing/thumbnail generation -* Stricter upload file extension blacklist and whitelist options -* More flexible blocking system; time period may be set -* Handier sysop account management. An account marked "bureaucrat" - may assign sysop access to other accounts via Special:Makesysop. - (The exact details of this may change in the future) -* Support for a squid cache with explicit purging of cached anon pages -* Optional compression of old revision text (requires zlib support) -* Fuzzy title search (experimental, requires memcached) -* Page rendering cache (experimental) -* Editing toolbar to demonstrate wiki syntax to newbies - (off by default in user preferences) -* Support for authenticated SMTP outgoing e-mail (experimental) -* It's now possible to assign sysop accounts from within the wiki. - An account with this ability must be labeled with the "bureaucrat" - privilege, such as the 'Developer' account created by the install. - -Fixes and tweaks: -* Now works with register_globals off! -* Works with short tags disabled. -* Should work out of the box on MySQL 3.2.x again. On 4.x set - $wgEnablePersistentLC = true; to turn on the link cache table - for a slight rendering speed boost. -* rebuildMessages.php can now selectively update new messages, or - overwrite everything. -* Various bug fixes. -* Other stuff we forgot. -* Documentation more out of date than ever before! - -=== Behavior changes === - -* wiki.phtml and redirect.phtml are now renamed to index.php and redirect.php - The old names are provided too for compatibility, but make sure they don't - conflict if you've been putting other files in your wiki. -* Uploaded filenames are more strictly checked than before. See bits in - DefaultSettings.php to tweak this behavior to your needs. -* Database messages are now enabled by default, so the interface messages can - be tweaked through the wiki with a sysop account. Disable this if you - don't want the performance hit. - -=== Database changes === - -An index was added to recentchanges table to speed up Newpages -(patch-rc-newindex.sql for manual updaters). - -Expiration date field has been added to ipblocks table -(patch-ipb_expiry.sql for manual updaters). - - -== Version 1.1.0, 2003-12-08 == - -This is the new production release. Any following 1.1.x releases are expected -to contain only bug fixes; developments of new features will go towards a 1.2.0 -release. - -New features in 1.1: -* New wiki table syntax: - http://meta.wikipedia.org/wiki/MediaWiki_User%27s_Guide:_Using_tables -* User-editable interface messages: - http://meta.wikipedia.org/wiki/MediaWiki_namespace -* XML-wrapped page source export with optional history: - http://meta.wikipedia.org/wiki/XML_import_and_export - (There is not yet an import function!) -* "Magic words" - -Fixes and tweaks: -* linkscc table caches link data for rendering; faster rebuildlinks.php -* Numerous bugs in Cologne Blue skin fixed -* Login gives warning about missing cookies -* Block log, protection log added; deletion log now includes undeletions -* Deletion & upload logs now escape comment text properly -* Problems with <nowiki> segments in section titles etc mitigated -* Contributions offset and minor edit bugs fixed -* Whatlinkshere now sorted alphabetically -* Various exciting new profiling options. -* Debug log is off by default. -* Various small bugs fixed. - -Internal changes: -* wfQuery has had a second parameter inserted, DB_READ or DB_WRITE. This value - is not actually used so far. -* Partial code for categories and Smarty template-based skins is in the tree - but disabled. -* Parts of Article.php have been moved to EditPage.php and ImagePage.php. - -New translations: -* fi - Finnish -* ia - Interlingua -* no - Norwegian -* sk - Slovak -* ta - Tamil - -=== Database changes === - -"linkscc" table added. If upgrading manually (rather than with update.php), -run maintenance/archives/patch-linkscc.sql to create the table. - -Older releases were dated snapshots from the old 'stable' branch: - -== mediawiki-20031118 == - -* Image deletion fixed. -* Deletion of image old revisions now restricted to sysops - (this is an irreversible action and not well logged) -* Fixed maintenance scripts broken by last release's security fix -* Many errors in rebuildlinks script fixed. - -== mediawiki-20031117 == - -* SECURITY FIX: stricter checking of include path -* Fixed user contributions next/prev bug -* Login cookies now have the database name prefixed to allow wikis - to coexist in the same domain. This will invalidate any old saved - password cookies. -* Update cache timestamp when talk pages are created -* Saving the login form in Mozilla no longer blanks password in prefs. -* Check existence of source page before performing a move. -* Detect invalid titles in Special:Allpages -* Q-encode headers on outgoing inter-user e-mail -* Updates to some translations. -* Added table of contents border/bg to Cologne Blue, Nostalgia skins -* Protected pages no longer appear unprotected when visited via redirect -* Swapped old Wikipedia logo for the MediaWiki sunflower logo -* install.php, update.php print warning on old PHP versions, - added compatibility functions that might or might not help - -No database changes since 20031107; upgrading should be clean. - - -== mediawiki-20031107 == - -* Fixed various bugs! -* Some speed improvements from tweaks to the table indexes -* Limited support for memcached (see below) -* New translations (see below) -* Interwiki link data now kept in database for flexibility -* Friendlier read-only source view if asked to edit a page when - the db is locked or the page is protected. -* Normal IP blocks auto-expire after 24 hours -* Optional support for blocking usernames -* Uploads disabled by default (see below) - - -=== Security note === - -Uploads are now disabled by default. If you've set up a secure configuration -you can reenable uploads by putting: - - $wgDisableUploads = false; - -into LocalSettings.php. - -Earlier versions of MediaWiki included a bug that potentially allows logged- -in users to delete arbitrary files in directories writable by the web server -user by manually feeding false form data; this is now fixed. - -As a reminder, disable PHP script execution in the upload directory! -You may also wish to serve HTML pages as plaintext to prevent cookie- -stealing JavaScript attacks. Example Apache config fragment: - - <Directory "/Library/MediaWiki/web/upload"> - # Ignore .htaccess files - AllowOverride None - - # Serve HTML as plaintext - AddType text/plain .html .htm .shtml - - # Don't run arbitrary PHP code. - php_admin_flag engine off - - # If you've other scripting languages, disable them too. - </Directory> - - -=== Database updates === - -If you're using update.php, the necessary database changes should -be made automatically. - -To manually upgrade your database from the 2003-08-29 release, run the -following SQL scripts from the maintenance subdirectory: - - archives/patch-ipblocks.sql - archives/patch-interwiki.sql - archives/patch-indexes.sql - interwiki.sql - -To copy in the Wikipedia language-prefix interwikis as well, add: - - wikipedia-interwiki.sql - - -=== Translations === - -New interface localization files are included for: - fy Frisian - ro Romanian - sl Slovene - sq Albanian - sr Serbian - - -=== Memcached === - -Memcached is a distributed cache system. See http://www.danga.com/memcached/ -MediaWiki can optionally use memcached to store some data between calls -to reduce load on the database. Currently this is limited to user and -talk page notification data, interwiki prefix/URL matches, and the -UTF-8 conversion tables. - -MediaWiki includes version 1.0.10 of the (GPL'd) PHP memcached client by -Ryan Gilfether; if memcached is disabled it acts as a dummy object with -minimal overhead. - -To use memcached you'll need PHP installed with sockets support (this is not -in the default configure options). See docs/memcached for some more details. - -Additionally, you can store login session data in memcached instead of the -local filesystem, which can help to enable load-balancing by letting login -sessions transparently work on multiple front-end web servers. (The primary -other issue is with uploads, which requires some care in handling.) - -To enable this, set $wgSessionsInMemcached = true; and set $wgCookieDomain -appropriately if exposing multiple hostnames. This system is new and may be -volatile; login sessions will fail dramatically if memcached is unavailable -when this option is turned on. - - -=== Online documentation === - -Documentation for both end-users and site administrators is currently being -built up on Meta-Wikipedia, and is covered under the GNU Free Documentation -License: - - http://meta.wikipedia.org/wiki/MediaWiki_User%27s_Guide - - -=== Mailing list === - -A MediaWiki-l mailing list has been set up distinct from the Wikipedia -wikitech-l list: - - http://mail.wikipedia.org/mailman/listinfo/mediawiki-l - - -=== UseModWiki import script === - -A stripped-down UseModWiki import script is available in the maintenance -subdirectory. It is incomplete and requires a lot of manual clean-up, but -does function for the brave and pure of heart. - - -=== Test suite removed === - -The unmaintained Java-based test suite has been removed from the tarball -release. If you really want it you can check it out from CVS. - - -== mediawiki-20030829 == - -First release under MediaWiki name. _____ Copied: vendor/mediawiki/1.5.3/HISTORY (from rev 19939, vendor/mediawiki/current/HISTORY) _____ Deleted: vendor/mediawiki/1.5.3/INSTALL --- vendor/mediawiki/current/INSTALL 2005-12-06 19:30:16 UTC (rev 19934) +++ vendor/mediawiki/1.5.3/INSTALL 2005-12-07 09:20:22 UTC (rev 19945) @@ -1,89 +0,0 @@ ---- -Installing MediaWiki ---- - -Starting with MediaWiki 1.2.0, it's possible to install -and configure the wiki "in-place", as long as you have -the necessary prerequesites available. - -In 1.3.0 the old command-line installer has been removed. -There is a command-line upgrade tool; see the file UPGRADE. - -Required software: -* Web server with PHP 4.1.2 or higher (4.3.x or 5.0.x is preferred) -* A MySQL server. 4.0.x is preferred, but 3.2.x should - work as well. - -********************************************************* - Read the file RELEASE-NOTES for notes on - MySQL 4.1 and other issues! -********************************************************* - -MediaWiki is developed and tested mainly on Unix/Linux -platforms, but should work on Windows as well. - -If your PHP is configured as a CGI plug-in rather than -an Apache module you may experience problems, as this -configuration is not well tested. safe_mode and other -non-standard PHP configurations may sometimes cause -problems as well. - -If you want math support see the instructions in math/README - -Don't forget to check the RELEASE-NOTES file... - -********************** WARNING ************************** - -REMEMBER: ALWAYS BACK UP YOUR DATABASE BEFORE ATTEMPTING -TO INSTALL OR UPGRADE!!! - -********************** WARNING ************************** - ----- -In-place web install ----- - -Decompress the MediaWiki installation archive either on -your server, or on your local machine and upload the -directory tree. Rename it from "mediawiki-1.x.x" to -something nice, like "wiki", since it'll be in your URL. - -To run the install script, you'll need to temporarily make -the 'config' subdirectory writable by the web server. The -simplest way to do this on a Unix/Linux system is to make -it world-writable: - - chmod a+w config - -Hop into your browser and surf into the wiki directory. -It'll direct you into the config script. Fill out the form... -remember you're probably not on an encrypted connection. -Gaaah! :) - -If all goes well, you should soon be told that it's set up -your wiki database and written a configuration file. There -should now be a 'LocalSettings.php' in the config directory; -move it back up to the main wiki directory, and the wiki -should now be working. - -Once the wiki is set up, you should remove the config -directory, or at least make it not world-writable (though -it will refuse to config again if the wiki is set up). - - ----- - -Don't forget that this is free software under development! -Chances are good there's a crucial step that hasn't made it -into the documentation. You should probably sign up for the -MediaWiki developers' mailing list; you can ask for help (please -provide enough information to work with, and preferably be aware -of what you're doing!) and keep track of major changes to the -software, including performance improvements and security patches. - -http://mail.wikipedia.org/mailman/listinfo/mediawiki-announce - -http://mail.wikipedia.org/mailman/listinfo/mediawiki-l (site admin support) - -http://mail.wikipedia.org/mailman/listinfo/wikitech-l (development) - _____ Copied: vendor/mediawiki/1.5.3/INSTALL (from rev 19939, vendor/mediawiki/current/INSTALL) _____ Deleted: vendor/mediawiki/1.5.3/README --- vendor/mediawiki/current/README 2005-12-06 19:30:16 UTC (rev 19934) +++ vendor/mediawiki/1.5.3/README 2005-12-07 09:20:22 UTC (rev 19945) @@ -1,87 +0,0 @@ -2005-07-09 - -MediaWiki ---------- - -MediaWiki is the software used for Wikipedia (http://www.wikipedia.org) and the -other Wikimedia Foundation websites. Compared to other wikis, it has an -excellent range of features and support for high-traffic websites (Wikipedia -peaks at 2500+ requests per second as of June 2005). However, it is generally -harder to install. Be sure to follow the INSTALL document closely. - -Installation on a Microsoft Windows system is not recommended, however it is -possible. Documentation for installation on Windows may be found at: - - http://meta.wikipedia.org/wiki/Running_MediaWiki_on_Windows - - -The MediaWiki software was written by: - * Lee Daniel Crocker - * Magnus Manske - * Jan Hidders - * Brion Vibber - * Axel Boldt - * Geoffrey T. Dairiki - * Tomasz Wegrzanowski - * Erik Moeller - * Tim Starling - * Gabriel Wicke - * Ashar Voultoiz - * Evan Prodromou - * Several others - -These developers hold the copyright to this work, and it is licensed under the -terms of the GNU General Public License, version 2 (see -http://www.fsf.org/licenses/gpl.html). Derivative works and later versions of -the code will also be considered free software licensed under the same terms. - -The newly-founded Wikimedia Foundation currently has no legal rights to the -software, although copyright may be assigned to it at a later date. Wikimedia -has not funded any of the development work. - -Sections of code written exclusively by Lee Crocker or Erik Moeller are also -released into the public domain, which does not impair the obligations of users -under the GPL for use of the whole code or other sections thereof. - -Many thanks to the Wikipedia regulars for testing and suggestions. - -The code is currently maintained at Sourceforge under the project "wikipedia", -module name "phase3". You can view the code in CVS there: - - http://wikipedia.sourceforge.net - -Please report bugs and make feature requests in our BugZilla system: - - http://bugzilla.wikipedia.org - -Documentation and discussion on new features may be found at: - - http://meta.wikimedia.org/wiki/MediaWiki_User%27s_Guide - http://meta.wikipedia.org/wiki/MediaWiki_development - -If you are setting up your own wiki based on this software, it is highly -recommended that you subscribe to mediawiki-l: - - http://mail.wikipedia.org/mailman/listinfo/mediawiki-l - -The mailing list is very low volume, and is intended primarily for -announcements of new versions, bug fixes, and security issues. - - -PHP - -The code is written in PHP. Version 4.3.2 or higher is recommended. There are -known issues with early 4.2.x releases. - -MySQL - -MediaWiki requires MySQL 3.23 or later, and PHP-MySQL. Version 4.0 or later is -strongly recommended. - -Operating system - -The code was written on and for Linux, and no attempt has been made to make it -portable to other OSs. The math support in particular has run-time dependencies -on things like TeTeX and GhostScript that are generally found in Linux but not -other OSs. However, we have had reports of successful installation on Windows, -albeit without TeX support. _____ Copied: vendor/mediawiki/1.5.3/README (from rev 19939, vendor/mediawiki/current/README) _____ Deleted: vendor/mediawiki/1.5.3/RELEASE-NOTES --- vendor/mediawiki/current/RELEASE-NOTES 2005-12-06 19:30:16 UTC (rev 19934) +++ vendor/mediawiki/1.5.3/RELEASE-NOTES 2005-12-07 09:20:22 UTC (rev 19945) @@ -1,781 +0,0 @@ -= MediaWiki release notes = - -Security reminder: MediaWiki does not require PHP's register_globals -setting since version 1.2.0. If you have it on, turn it *off* if you can. - -== MediaWiki 1.4.8 == - -(released 2005-08-23) - -MediaWiki 1.4.8 is a bug fix and security maintenance release. - -A flaw in the interaction between extensions and HTML attribute -sanitization was discovered which could allow unauthorized use -of offsite resources in style sheets, and possible exploitation -of a JavaScript injection feature on Microsoft Internet Explorer. - -This version expands the returned text and properly checks it -before output. - -Additionally, an update to skins/MonoBook.php ensures that sites -using the default MonoBook skin will display correctly in the -Internet Explorer 7 beta. (1.3 and 1.5 are not affected by this bug.) - - -== MediaWiki 1.4.7 == - -(released 2005-07-16) - -MediaWiki 1.4.7 is a bug fix release. Those affected by the following -problems in 1.4.6 should upgrade: - -* Watchlist breakage on MySQL 3.23.x and with table prefix enabled -* Possible breakage in watchlist, some image resizing modes on PHP 4.1.2 - -1.4.6 included a fix for a cross-site scripting vulnerability, so anyone -running older 1.4 releases is very strongly encouraged to upgrade as well. - -Note to upgraders: this version of MediaWiki is known to produce a large -number of notice-level warnings under the newly released PHP 4.4.0. -These appear however to be harmless; if you encounter them add this to -your LocalSettings.php to suppress the notices: - - error_reporting( E_ALL & ~E_NOTICE ); - -PHP 5.1.0beta3 is known to be incompatible at this time. - - -== MediaWiki 1.4.6 == - -(released 2005-07-07) - -MediaWiki 1.4.6 is a bug fix and security update release. - -Incorrect escaping of a parameter in the page move template could -be used to inject JavaScript code by getting a victim to visit a -maliciously constructed URL. Users of vulnerable releases are -recommended to upgrade to this release. - -Vulnerable versions: -* 1.5 preview series: n <= 1.5beta2 vulnerable, fixed in 1.5beta3 -* 1.4 stable series: 1.4beta6 <= n <= 1.4.5 vulnerable, fixed in 1.4.6 -* 1.3 legacy series: not vulnerable - -This release also includes fixes for some rare bug annoying HTTP errors, -a PHP 4.1.2 breakage bug, and works around some template limitations -introduced in 1.4.5. See the changelog at the end of this file for -a detailed list of bugs fixed. - - -== MediaWiki 1.4.5 == - -(released 2005-06-03) - -MediaWiki 1.4.5 is a security update and bugfix release. - -Incorrect handling of page template inclusions made it possible to -inject JavaScript code into HTML attributes, which could lead to -cross-site scripting attacks on a publicly editable wiki. - -Vulnerable releases and fix: -* 1.5 prerelease: fixed in 1.5alpha2 -* 1.4 stable series: fixed in 1.4.5 -* 1.3 legacy series: fixed in 1.3.13 -* 1.2 series no longer supported; upgrade to 1.4.5 strongly recommended - -This release also includes a number of bug fixes (see changelog below) -and merges some large-server load balancing patches from Wikipedia. - -An experimental rate limiter for page edits and moves can be enabled -with global, per-IP, per-subnet, or per-user bases. See configuration -options in includes/DefaultSettings.php - - -== MediaWiki 1.4.4 == - -(released 2005-05-04) - -MediaWiki 1.4.4 is a bugfix release for the 1.4 stable release series. - -Some bugs in the installer/updater and refreshLinks maintenance script -were introduced in the last release and have been corrected. - [truncated at 1000 lines; 138538 more skipped]

1 0

[gvg] 19944: Upgrade to MediaWiki 1.5.3
by gvg＠svn.reactos.com 07 Dec '05

07 Dec '05

Upgrade to MediaWiki 1.5.3 Modified: trunk/web/reactos.org/htdocs/wiki/.cvsignore Modified: trunk/web/reactos.org/htdocs/wiki/AdminSettings.sample Modified: trunk/web/reactos.org/htdocs/wiki/HISTORY Modified: trunk/web/reactos.org/htdocs/wiki/INSTALL Modified: trunk/web/reactos.org/htdocs/wiki/README Modified: trunk/web/reactos.org/htdocs/wiki/RELEASE-NOTES Modified: trunk/web/reactos.org/htdocs/wiki/UPGRADE Deleted: trunk/web/reactos.org/htdocs/wiki/Version.php Modified: trunk/web/reactos.org/htdocs/wiki/config/index.php Added: trunk/web/reactos.org/htdocs/wiki/docs/README Deleted: trunk/web/reactos.org/htdocs/wiki/docs/deferred.doc Added: trunk/web/reactos.org/htdocs/wiki/docs/deferred.txt Deleted: trunk/web/reactos.org/htdocs/wiki/docs/design.doc Added: trunk/web/reactos.org/htdocs/wiki/docs/design.txt Added: trunk/web/reactos.org/htdocs/wiki/docs/export-0.1.xsd Added: trunk/web/reactos.org/htdocs/wiki/docs/export-0.2.xsd Added: trunk/web/reactos.org/htdocs/wiki/docs/export-0.3.xsd Added: trunk/web/reactos.org/htdocs/wiki/docs/export-demo.xml Deleted: trunk/web/reactos.org/htdocs/wiki/docs/globals.doc Added: trunk/web/reactos.org/htdocs/wiki/docs/globals.txt Deleted: trunk/web/reactos.org/htdocs/wiki/docs/hooks.doc Added: trunk/web/reactos.org/htdocs/wiki/docs/hooks.txt Deleted: trunk/web/reactos.org/htdocs/wiki/docs/language.doc Added: trunk/web/reactos.org/htdocs/wiki/docs/language.txt Deleted: trunk/web/reactos.org/htdocs/wiki/docs/linkcache.doc Added: trunk/web/reactos.org/htdocs/wiki/docs/linkcache.txt Deleted: trunk/web/reactos.org/htdocs/wiki/docs/memcached.doc Added: trunk/web/reactos.org/htdocs/wiki/docs/memcached.txt Deleted: trunk/web/reactos.org/htdocs/wiki/docs/schema.doc Added: trunk/web/reactos.org/htdocs/wiki/docs/schema.txt Deleted: trunk/web/reactos.org/htdocs/wiki/docs/skin.doc Added: trunk/web/reactos.org/htdocs/wiki/docs/skin.txt Deleted: trunk/web/reactos.org/htdocs/wiki/docs/title.doc Added: trunk/web/reactos.org/htdocs/wiki/docs/title.txt Deleted: trunk/web/reactos.org/htdocs/wiki/docs/user.doc Added: trunk/web/reactos.org/htdocs/wiki/docs/user.txt Modified: trunk/web/reactos.org/htdocs/wiki/img_auth.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/Article.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/AuthPlugin.php Added: trunk/web/reactos.org/htdocs/wiki/includes/BagOStuff.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/Block.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/BlockCache.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/CacheManager.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/CategoryPage.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/ChangesList.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/Credits.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/Database.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/DatabaseFunctions.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/DatabasePostgreSQL.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/DateFormatter.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/DefaultSettings.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/Defines.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/DifferenceEngine.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/EditPage.php Added: trunk/web/reactos.org/htdocs/wiki/includes/Exif.php Added: trunk/web/reactos.org/htdocs/wiki/includes/ExternalEdit.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/ExternalStoreDB.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/Feed.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/FulltextStoplist.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/GlobalFunctions.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/Group.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/HTMLForm.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/HistoryBlob.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/Hooks.php Added: trunk/web/reactos.org/htdocs/wiki/includes/HttpFunctions.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/Image.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/ImageGallery.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/ImagePage.php Deleted: trunk/web/reactos.org/htdocs/wiki/includes/Interwiki.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/LinkCache.php Added: trunk/web/reactos.org/htdocs/wiki/includes/Linker.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/LinksUpdate.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/LoadBalancer.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/LogPage.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/MagicWord.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/Math.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/MessageCache.php Deleted: trunk/web/reactos.org/htdocs/wiki/includes/MessageCacheHints.php Added: trunk/web/reactos.org/htdocs/wiki/includes/MimeMagic.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/Namespace.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/ObjectCache.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/OutputPage.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/PageHistory.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/Parser.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/ParserCache.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/ParserXML.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/Profiling.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/ProxyTools.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/QueryPage.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/RawPage.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/RecentChange.php Added: trunk/web/reactos.org/htdocs/wiki/includes/Revision.php Added: trunk/web/reactos.org/htdocs/wiki/includes/Sanitizer.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/SearchEngine.php Added: trunk/web/reactos.org/htdocs/wiki/includes/SearchMySQL.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/SearchMySQL3.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/SearchMySQL4.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/SearchTsearch2.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/SearchUpdate.php Modified: trunk/web/reactos.org/htdocs/wiki/includes/Setup.php [truncated at 100 lines; 393 more skipped] _____ Modified: trunk/web/reactos.org/htdocs/wiki/.cvsignore --- trunk/web/reactos.org/htdocs/wiki/.cvsignore 2005-12-07 08:50:27 UTC (rev 19943) +++ trunk/web/reactos.org/htdocs/wiki/.cvsignore 2005-12-07 09:17:03 UTC (rev 19944) @@ -6,3 +6,4 @@ .project project.index .metadata* +.settings _____ Modified: trunk/web/reactos.org/htdocs/wiki/AdminSettings.sample --- trunk/web/reactos.org/htdocs/wiki/AdminSettings.sample 2005-12-07 08:50:27 UTC (rev 19943) +++ trunk/web/reactos.org/htdocs/wiki/AdminSettings.sample 2005-12-07 09:17:03 UTC (rev 19944) @@ -23,4 +23,9 @@ $wgDBadminuser = 'wikiadmin'; $wgDBadminpassword = 'adminpass'; +/* + * Whether to enable the profileinfo.php script. + */ +$wgEnableProfileInfo = false; + ?> _____ Modified: trunk/web/reactos.org/htdocs/wiki/HISTORY --- trunk/web/reactos.org/htdocs/wiki/HISTORY 2005-12-07 08:50:27 UTC (rev 19943) +++ trunk/web/reactos.org/htdocs/wiki/HISTORY 2005-12-07 09:17:03 UTC (rev 19944) @@ -1,629 +1,582 @@ Change notes from older releases. For current info see RELEASE-NOTES. += MediaWiki release notes = + Security reminder: MediaWiki does not require PHP's register_globals setting since version 1.2.0. If you have it on, turn it *off* if you can. -== Version 1.3.11, 2005-02-20 == +== MediaWiki 1.4.3 == -MediaWiki 1.3.11 is a security release. +(released 2005-04-28) -A security audit found and fixed a number of problems. Users of MediaWiki -1.3.10 and earlier should upgrade to 1.3.11; users of 1.4 beta releases -should upgrade to 1.4rc1. +MediaWiki 1.4.3 is a bugfix release for the 1.4 stable release series. +Chiefly, this fixes a compatibility problem with PHP 5 and a minor link +table corruption bug on initial page save. -=== Cross-site scripting vulnerability === -XSS injection points can be used to hijack session and authentication -cookies as well as more serious attacks. +== MediaWiki 1.4.2 == -* Media: links output raw text into an attribute value, potentially - abusable for JavaScript injection. This has been corrected. -* Additional checks added to file upload to protect against MSIE and - Safari MIME-type autodetection bugs. +(released 2005-04-20) -As of 1.3.10/1.4beta6, per-user customized CSS and JavaScript is disabled -by default as a general precaution. Sites which want this ability may set -$wgAllowUserCss and $wgAllowUserJs in LocalSettings.php. +MediaWiki 1.4.2 is a security and bug fix release for the 1.4 stable release +series. +A cross-site scripting injection vulnerability was discovered, which +affects only MSIE clients and is only open if MediaWiki has been +manually configured to run output through HTML Tidy ($wgUseTidy). -=== Cross-site request forgery === +Several other bugs are fixed in this release, see the changelog below. -An attacker could use JavaScript-submitted forms to perform various -restricted actions by tricking an authenticated user into visiting -a malicious web page. A fix for page editing in 1.3.10/1.4beta6 has -been expanded in this release to other forms and functions. +All new installations are highly recommended to use 1.4.2 instead of +1.3.x; 1.3.x users should consider upgrading for bug fixes and new +features. Ealier 1.4.x release and beta users should upgrade to this +release for relevant bug fixes; see the changelog later in this file. -Authors of bot tools may need to update their code to include the -additional fields. +If you have trouble, remember to read this whole file and the online FAQ page +before asking for help: -=== Directory traversal === +http://meta.wikimedia.org/wiki/MediaWiki_FAQ -An unchecked parameter in image deletion could allow an authenticated -administrator to delete arbitary files in directories writable by the -web server, and confirm existence of files not deletable. +=== READ THIS FIRST: Upgrading === -== Version 1.3.10, 2005-02-03 == +If upgrading from an older release, see the notes in the file UPGRADE. +There are a couple of minor database changes from the beta releases, +and somewhat larger changes from 1.3.x. -MediaWiki 1.3.10 is a security release. +Upgrading from a previous 1.4.x stable release installation should +generally only require copying the new files over the old ones. -An attacker could craft a URL which, when visited by a particular -logged-in user, would execute arbitrary JavaScript code on the user's -browser in the wiki's site context. This attack has been blocked, and as -an extra precaution the user CSS and JavaScript subpage support is now -disabled by default. Sites which want this ability may set $wgAllowUserCss -and $wgAllowUserJs in LocalSettings.php. -Additional protections have been added against off-site form submissions -hijacking user credentials. Authors of bot tools may need to update their -code to include additional fields. +==== READ THIS FIRST, TOO: MySQL 4.1 AND 5.0 ==== -All wikis running 1.3.x are strongly urged to upgrade to 1.3.10. +MySQL 5.0 is a beta release, not yet ready for production use. If you +are using it, the notes below about 4.1 apply to you too. -Changes from 1.3.9: -* Logged-in edits and preview of user CSS/JS are now locked to a session token. -* Per-user CSS and JavaScript subpage customizations now disabled by default. - They can be re-enabled via $wgAllowUserJs and $wgAllowUserCss. -* Removed .ogg from the default uploads whitelist as an extra precaution. - If your web server is configured to serve Ogg files with the correct - Content-Type header, you can re-add it in LocalSettings.php: - $wgFileExtensions[] = 'ogg'; +If you have the choice of MySQL 4.0 or MySQL 4.1 and don't need 4.1 for +some other application, you should consider sticking with 4.0 for the +moment. 4.1 may require you to do extra fiddling to get things to work +due to changes that aren't fully backwards-compatible. +MySQL 4.1 has changed the authentication protocol in an incompatible +way; many PHP installations still use the older client libraries and +CANNOT CONNECT TO THE SERVER WITH A PASSWORD without some changes. +See: http://dev.mysql.com/doc/mysql/en/Old_client.html -== Version 1.3.9, 2004-12-12 == +If MySQL is set with utf-8 as the default character set, installation +may fail with "key too long" errors. Set the default charset to 'latin1' +for installation and it should work. -MediaWiki 1.3.9 is a security and bug fix release. +The mysqldump backup generator now applies an automatic conversion to +UTF-8, which may irretrivably corrupt your data. Pass the -charset option +with the original default charset (eg 'latin1') to skip the conversion. -A flaw in upload handling has been found which may allow upload and -execution of arbitrary scripts with the permissions of the web server. -Only wikis that have enabled uploads and have a vulnerable Apache -configuration will be affected, but to be safe all wikis should upgrade. -Wikis with uploads available should either disable uploads or upgrade to -1.3.9 immediately; if other files are customized and require merging -changes, includes/SpecialUpload.php may be replaced individually to add -the fix. +==== READ THIS FIRST IF RUNNING ON A WINDOWS SERVER ==== -(It is also recommended to configure your web server to disable script -execution in the 'images' subdirectory where uploads are placed, which -prevents most attacks even if the wiki fails.) +MediaWiki is tested and deployed primarily under the Apache web server +on Linux Unix systems. There are known to be problems running on +Microsoft's IIS which are not fully resolved. If you have a choice, +try running under Apache on Windows, or on a Unix/Linux box instead. -Changes from 1.3.8: -* Backported "Templates used in this page"-feature of EditPage -* Allow "MySkin" as a default skin. -* (bug 938) Parse namespaces correctly on self-interwiki links -* (bug 1010) fix broken Commons image link on Classic & Cologne Blue -* (bug 1004) Norsk language names for interwiki links changed, - Nauruan language name changed -* Enhance upload extension blacklist to protect against vulnerable - Apache configurations +If you're having trouble with blank pages on IIS and can't switch, +try the workaround suggested in this bug report: +http://bugzilla.wikimedia.org/show_bug.cgi?id=1763 -== Version 1.3.8, 2004-11-15 == +=== New features === -MediaWiki 1.3.8 is a bugfix release. Those running wikis with uploads -enabled are strongly recommended to upgrade as this fixes several problems -with overwriting previously-uploaded files. +* 'Recentchanges Patrol' to mark new edits that haven't yet been viewed. +* New, searchable deletion/upload/protection logs +* Image gallery generation (Special:Newimages and <gallery> tag) +* SVG rasterization support (requires external support tools) +* Users can select from the available localizations to override the + default user interface language. +* Traditional/Simplified Chinese conversion support +* rel="nofollow" support to combat linkspam -Changes from 1.3.7: -* (bug 506) fix array_key_exists() warning for IIS servers using - ISAPI mode -* (bug 718) fix bad charset in (file) cached pages -* use local numerals in category page (for Hindi et al) -* alias month abbreviations to month names in Hindi -* add localized numerals for Gujarati and Kannada -* fix Category and project namespaces for Hindi -* Don't output bogus timestamp on Special:Recentchanges if no entries -* Correct template include path which broke some but not all Windows installs -* Fix edit form submission problem with some PHP versions -* Disallow unreachable titles with %XX hex codes -* Allow page [[0]] to be renamed -* (bug 774) when saving with section=new, return to the anchor as with - existing numbered section edits -* Experimental shared upload overlay area (disabled by default) -* (bug 806) Removed some "Wikipedia" hardcoding in German localization -* User option localization fix for some extensions -* (bug 809) now try to load the mysql php extension if it isn't loaded -* (bug 848) fix error message in Special:Newpages RSS and Atom feeds -* (bug 26) fix cache headers on anon talk page notification -* (bug 874) added 'cgi' to wgFileBlacklist -* (bug 862) localize date and time format for Finnish -* (bug 548) Don't overwrite images until the user confirms it +The current implementation adds this attribute to _all_ external URL +links in wiki text (but not internal [[wiki links]] or interwiki links). +To disable the attribute for _all_ external links, add this line to your +LocalSettings.php: + $wgNoFollowLinks = false -== Version 1.3.7, 2004-10-18 == -Changes from 1.3.6: -* Fix protected-page related security issue. +For background information on nofollow see: + http://www.google.com/googleblog/2005/01/preventing-comment-spam.html -== Version 1.3.6, 2004-10-14 == -Changes from 1.3.5: -* (bug 296) Variables in user interface messages are no longer substituted - at install time, so changes to the site name etc should be easier to make -* (bug 149) Special:Recentchanges "changes from" link preserves limit -* (bug 433) tooltip for "Undelete" tab now labeled correctly -* (bug 439) unclickable "Move" tab no longer displays on protected pages -* (bug 484) graceful deletion of images where the actual file is missing -* (bug 686) fixed [[plural]]s in Catalan localization -* Fixed potential HTML/JavaScript injection attack in the UnicodeConverter - extension. (This extension is not enabled by default.) -* Fixed potential HTML/JavaScript injection attack via raw page views to - a maliciously crafted wiki page. -* (bug 187, bug 669) Fixed centered thumbnails, using <div> instead of - <span>. -* catch MySQL error 2000 during installation. -* (bug 704) Removed misleading LocalSettings.sample -* Fix cross site scripting bugs in SpecialIpblocklist, SpecialEmailuser -* Fix SQL injection and cross site scripting bugs in SpecialMaintenance -* Fix cross site scripting bugs and possible filename validation vulnerability - in ImagePage. -* and more of that sort +=== Installation and compatibility === +* The default MonoBook theme now works with PHP 5.0 +* Installation on systems with PHP's safe mode or other oddities + should work more reliably, as MonoBook no longer needs to + create a compiled template file for the wiki to run. +* A table prefix may be specified, to avoid conflicts with other + web applications forced to share a database. +* More thorough UTF-8 input validation; fixes non-ASCII uploaded + filenames from Safari. +* Command-line database upgrade script. -== Version 1.3.5, 2004-09-30 == -Changes from 1.3.4: -* Clean up input validation in 'raw' page output mode which was a potential - cross-site scripting opportunity. +=== Customizability === +* Default user options can now be overridden in LocalSettings. +* Skins system more modular: templates and CSS are now in /skins/ + New skins can be dropped into this directory and used immediately. +* More extension hooks have been added. +* Authentication plugin hook. +* More internal code documentation, generated with phpdoc: + http://www.mediawiki.org/docs/html/ -== Version 1.3.4, 2004-09-28 == -************************** SECURITY NOTE! ****************************** +=== Optimization === -As of 1.3.4, MediaWiki performs some screening of newly uploaded files for -validity. (Some) corrupt image files, and HTML files mistakenly or -maliciously masquerading as images, should now be rejected. +* For many operations, MediaWiki 1.4 should run faster and use + less memory than MediaWiki 1.3. Page rendering is up to twice + as fast. (Use a PHP accelerator such as Turck MMCache for best + results with any PHP application, though!) +* The parser cache no longer requires memcached, and is enabled + by default. This avoids a lot of re-rendering of pages that + have been shown recently, greatly speeding longer page views. +* Support for compiled PHP modules to speed up page diff and + Unicode validation/normalization. (Requires ability to compile + and load PHP extensions). -These checks protect against Internet Explorer security holes relating -to type autodetection which are a potential cross-site scripting attack -vector, and also rejects at least one known version of the "JPEG virus" -which might attack unpatched clients. -If you already have invalid files uploaded this will not protect against -them. If you have expanded the filetype whitelist or disabled the strict -type checking, other dangerous file types may still get through. You should -always be careful when allowing uploads! +=== What isn't ready yet === +* A new user/groups permissions scheme has been held back to 1.5. +* An experimental SOAP interface will be made available as an extension +* PostgreSQL support is largely working, minus search and the installer. + You can perform a manual installation. +* E-mail notification of watched page changes and verification of + user-submitted e-mail addresses is not yet included. +* Log pages are not automatically imported into the new log table + at upgrade time. A script to import old text log entries is + incomplete, but may be available in later point releases. +* Some localizations are still incomplete. -Changes from 1.3.3: -* Fixed lots of template-related bugs, esp. for cases where template - variables are used for links, images, etc. -* Fixed transformation of page messages when viewing Special:Allmessages -* Handle "ISBN ISBN 1234" correctly -* Fixed warning on Category pages -* Fixed some bad error messages on login page -* Fixed history entry for initial main page on install -* Removed problematic { and } from legal title characters -* Strip leading blank from output in preformated text. -* Fixed problem when moving pages to titles with '#' in -* Optional $wgRawHtml for raw <html> sections. Use only on limited- - participation 'trusted' wikis, as it does not protect against cross-site - scripting attacks. For security, this option can only be enabled if in - $wgWhitelistEdit mode. -* Fixed problem where pages which were created as a redirect following - a move never showed on Special:Randompage. -* Fixed line spacing on printed table of contents -* Allow links to pages with names of the form [[RFC 1234]] -* Fixed broken edit links being shown for sections from included templates -* Verify that uploaded image files are of the claimed type. -== Version 1.3.3, 2004-09-09 == +== Changelog == -Changes from 1.3.2: -* Fix for long numeric page titles -* Fix Go search for "0", numeric almost-self-links -* Avoid caching of pages with "You have new messages" headers -* Fix for upgrades as non-root users from 1.2 command-line installs. -* Fix for $wgDebugDumpSql debug mode. -* $wgExtraNamespaces setting for configuring additional namespaces - (see note in DefaultSettings.php) -* 'recache' on query pages now disabled when miser mode is on; special case the - global settings in your LocalSettings.php to do automatic updates. -* Don't block UTF-8 titles containing byte 0xA0 (bug added in 1.3.2) -* Watch/unwatch tabs now shown on edit pages in MonoBook. -* Fix default skin in Irish localization (ga) -* Add Traditional Chinese localization (zh-tw) -* Changed default sortkey of subcategories. Don't include "Category:"-prefix - any longer -* More helpful info on spam catcher. -* Allow larger offsets for queries such as Special:Listusers -* Semicolon (;) added to French non-break space rules -* Possible fix for some install errors with path names permission problems. -* Removed [[Project:All system messages]], which has been superceded by - the much faster [[Special:Allmessages]]. This speeds up installation - considerably. +=== Important security updates === -== Version 1.3.2, 2004-08-30 == +A security audit found and fixed a number of problems. Users of MediaWiki +1.3.10 and earlier should upgrade to 1.3.11; users of 1.4 beta releases +prior to 1.4rc1 should upgrade immediately. -Changes from 1.3.1: -* Fix namespaced page creation links when no go match -* When cookies are disabled, don't show login screen twice -* Install should no longer die when PHP is pre-configured to compress output -* Fixed bug that caused long Japanese pages to time out with Tidy active -* When session.handler is set incorrectly, try automatic override to 'files' -* Watch/Unwatch links back to the affected page instead of Main Page -* Upload link no longer displayed on Monobook if uploading is disabled -* Special:Allmessages faster, shows correct original text, works in safe mode +==== Cross-site scripting vulnerability ==== +XSS injection points can be used to hijack session and authentication +cookies as well as more serious attacks. -== Version 1.3.1, 2004-08-14 == +* Media: links output raw text into an attribute value, potentially + abusable for JavaScript injection. This has been corrected. +* Additional checks added to file upload to protect against MSIE and + Safari MIME-type autodetection bugs. -Changes from 1.3.0: -* Watchlist parameters now work with register_globals off -* Fixed parsing of ''italics'' and '''bold''' mark-up (again) -* Special:Allpages display is more sensible on smaller wikis -* Fixed XHTML parsing error in classic skins -* Moved pages update watchlist correctly -* Fixed rebuildall.php on case-sensitive Unix filesystems -* Disabled file cache compression by default due to incompatibility - with output buffer compression (ob_gzhandler) -* New magic word PAGENAMEE (URL-escaped version of PAGENAME) -* Installation avoids blank username; better message on missing XML module -* $wgWhitelistAccount no longer breaks all logins. +As of 1.3.10/1.4beta6, per-user customized CSS and JavaScript is disabled +by default as a general precaution. Sites which want this ability may set +$wgAllowUserCss and $wgAllowUserJs in LocalSettings.php. -== Version 1.3.0, 2004-08-11 == -Look & layout: -* New default layout 'MonoBook' (available on PHP4 only currently) -* Print stylesheet now built-in to every page -* More or less correct XHTML 1.0 (served as text/html by default) +==== Cross-site request forgery ==== -Wiki features: -* Image captions can now include links and other basic formatting -* Image bounding box can be specified instead of width, e.g. as - 100x100px, making the image not wider than 100px and not higher - than 100px, keeping aspect ratio. -* Templates have been expanded with parameters, and separated from - the MediaWiki: localization scheme. -* Categories more or less work -* added a special page for listing users with sysop rights. +An attacker could use JavaScript-submitted forms to perform various +restricted actions by tricking an authenticated user into visiting +a malicious web page. A fix for page editing in 1.3.10/1.4beta6 has +been expanded in this release to other forms and functions. -Editing: -* Automatic merging of edit conflicts that don't directly interfere -* Edit summaries can now include basic formatting and links +Authors of bot tools may need to update their code to include the +additional fields. -Metadata and output: -* Linked Creative Commons copyright metadata (optional) -* RSS 2.0 & Atom 0.3 feeds for Recent Changes, New Pages -Optional modules: -* WikiHiero hieroglyphic module can be added (separate download) -* Timeline module can be added (separate download). - Requires ploticus. -* TeX now has an experimental MathML output mode (incomplete!) +==== Directory traversal ==== -Installation and upgrading: -* The old install.php and update.php have been removed. In-place - installation introduced in 1.2 is now the standard installation - and upgrade method, see INSTALL and UPGRADE for directions. +An unchecked parameter in image deletion could allow an authenticated +administrator to delete arbitary files in directories writable by the +web server, and confirm existence of files not deletable. -Database: -* The links table has been changed to use a cur_id for l_from. - The link tables must be converted on upgrade, which may entail - some downtime. -Code and compatibility: -* Should now run clean with error reporting set to E_ALL. -* register_globals hack from 1.2 has been replaced with safer code -* Bundled PHPTAL 0.7.0 from http://phptal.sourceforge.net/ - (with some patches) -* Most image-related code moved to Image.php -* More fixes for PHP 4.1.2 (thanks to Asheesh Laroia) -* URL encoding fix for anchors -* All languages now available in UTF-8 mode -* Various other fixes +==== Older issues ==== -=== Caveats === +Note that 1.4 beta releases prior to beta 5 include an input validation +error which could lead to execution of arbitrary PHP code on the server. +Users of older betas should upgrade immediately to the current version. -Some output, particularly involving user-supplied inline HTML, may not -produce 100% valid or well-formed XHTML output. Testers are welcome to -set $wgMimeType = "application/xhtml+xml"; to test for remaining problem -cases, but this is not recommended on live sites. (This must be set for -MathML to display properly in Mozilla.) -The new 'MonoBook' skin is not compatible with PHP 5 due to bugs in the -underlying PHPTAL library. It will be automatically disabled when running -on PHP5; the older look and feel will be used instead. +Beta 6 also introduces the use of rel="nofollow" attributes on external +links in wiki pages to reduce the effectiveness of wiki spam. This will +cause participating search engines to ignore external URL links from wiki +pages for purposes of page relevancy ranking. -== Version 1.2.6, 2004-05-24 == -* Spam blocker ($wgSpamRegex - refuses to save edits that match) -* Updated documentation about $wgWhitelistRead -* Ensure that searchindex table is created as MyISAM -* Interwiki cache timeout (memcached) -* Fix uploads on Windows with magic_quotes_gpc -* Some config fixes for Windows (slashes etc) -* Local interwiki URL redirects -* Fixed obscure deletion problem in squid mode on corrupt entries -* Language files updated to remove more hard-coded "Wikipedia" strings +=== Misc bugs fixed in beta 1 === -== Version 1.2.5, 2004-05-01 == -* Fixed install problem with blank root password -* Fixed Special:Emailuser/Username links -* Fixed main-page edit links on fuzzy search results -* Fixed wikipedia-interwiki.sql -* Fixed install with apache2filter (ugly URLs) -* IP in 'go' search brings up contributions -* Switch from broken & to ? on top-level wiki URL hack +* (bug 95) Templates no longer limited to 5 inclusions per page +* New user preference for limiting the image size for images on image description + pages +* (bug 530) Allow user to preview article on first edit +* (bug 479) [[RFC 1234]] will now make an internal link +* (bug 511) PhpTal skins shown bogus 'What links here' etc on special pages +* (bug 770) Adding filter and username exact search match for Special:Listusers +* (bug 733) Installer die if it can not write LocalSettings.php +* (bug 705) Various special pages no more show the rss/atom feed links +* (bug 114) use category backlinks in Special:Recentchangeslinked -== Version 1.2.4, 2004-04-13 == +=== Beta 2 fixes === -* Fixed edit toolbar in Mozilla -* Diff links in Contributions for 'top' edits -* Fixed Nostalgia skin drop-down for register_globals off -* Backported optional open proxy blocker -* Backported $wgWhitelistRead -* $wgCapitalLinks option to force full case sensitivity in titles -* Cleaned up error handling when can't talk to database -* Disabled unsafe command-line installer (remove the "die()" call to use) +* (bug 987) Reverted bogus fix for bug 502 +* (bug 992) Fix enhanced recent changes in PHP5 +* (bug 1009) Fix Special:Makesysop when using table prefixes +* (bug 1010) fix broken Commons image link on Classic & Cologne Blue +* (bug 985) Fix auto-summary for section edits +* (bug 995) Close <a> tag +* (bug 1004) renamed norsk language links (twice) +* Login works again when using an old-style default skin +* Fix for load balancing mode, notify if using old settings format +* (bug 1014) Missing image size option on old accounts handled gracefully +* (bug 1027) Fix page moves with table prefix +* (bug 1018) Some pages fail with stub threshold enabled +* (bug 1024) Fix link to high-res image version on Image: pages +* (bug 1016) Fix handling of lines omitting Image: in a <gallery> tag +* security fix for image galleries +* (bug 1039) Avoid error message in certain message cache failure modes +* Fix string escaping with PostgreSQL +* (bug 1015) [partial] -- use comment formatter on image gallery text +* Allow customization of all UI languages +* use $wgForceUIMsgAsContentMsg to make regular UI messages act as content +* new user option for zh users to disable language conversion +* Defer message cache initialization, shaving a few ms off file cache hits +* Fixed Special:Allmessages when using table prefixes +* (bug 996) Fix $wgWhitelistRead to work again +* (bug 1028) fix page move over redirect to not fail on the unique index -== Version 1.2.3, 2004-04-02 == +=== Beta 3 fixes === -* Fixed an in-place install bug with non-root MySQL user -* Fixed history diff checkboxes bug on titles with ampersands -* Fixed printable link bug on special pages with parameters -* Fixed bug that broke IP blocking w/o memcached -* Turns off E_NOTICE warnings if PHP settings have them on - (you can grope in and turn this off if you like to debug) +* Hide RC patrol markers when patrol is disabled or not allowed to patrol. +* Fix language selection for upgraded accounts +* (bug 1076) navigation links in QueryPage should be translated by wgContLang. +* (bug 922) bogus DOS line endings in LanguageEl.php +* Fix index usage in contribs +* Caching and load limiting options for Recentchanges RSS/Atom feed +* (bug 1074) Add stock icons for non-image files in gallery/Newimages +* Add width and height attributes on thumbs in gallery/Newimages +* Enhance upload extension blacklist to protect against vulnerable + Apache configurations -== Version 1.2.2, 2004-03-28 == +=== Beta 4 fixes === -* Fixed an upgrade bug introduced in 1.2.1. -* Disabled $wgUseCategoryMagic, which feature is incomplete broken +* (bug 1090) Fix sitesupport links in CB/classic skins +* Gracefully ignore non-legal titles in a <gallery> +* Fix message page caching behavior when $wgCapitalLinks is turned off + after installation and the wiki is subsequently upgraded +* Database error messages include the database server name/address +* Paging support for large categories +* Fix image page scaling when thumbnail generation is disabled +* Select the content language in prefs when bogus interface language is set +* Fix interwiki links in edit comments +* Fix crash on banned user visit +* Avoid PHP warning messages when thumbnail not generated +* (bug 1157) List unblocks correctly in Special:Log +* Fix fatal errors in LanguageLi.php +* Undo overly bright, difficult to read colors in Cologne Blue +* (bug 1162) fix five-tilde date inserter +* Add raw signatures option for those who simply must have cute sigs +* (bug 1164) Let wikitext be used in Loginprompt and Loginend messages +* Add the dreaded <span> to the HTML whitelist +* (bug 1170) Fix Russian linktrail +* (bug 1168) Missing text on the bureaucrat log +* (bug 1180) Fix Makesysop on shared-user-table sites +* (bug 1178) Fix previous diff link when using 'oldid=0' +* (bug 1173) Stop blocked accounts from reverting/deleting images +* Keep generated stylesheets cache-separated for each user +* (bug 1175) Fix "preview on first edit" mode +* Fix revert bug caused by bug 1175 fix +* Fix CSS classes on minor, new, unpatrolled markers in enhanced RC +* Set MySQL 4 boolean search back to 'and' mode by default +* (bug 1193) Fix move-only page protection mode +* Fix zhtable Makefile to include the traditional manual table +* Add memcache timeout for the zh conversion tables +* Allow user customization of the zh conversion tables through + Mediawiki:zhconversiontable +* Add zh-min-man (back) to language names list +* Ported $wgCopyrightIcon setting from REL1_3A +* (bug 1218) Show the original image on image pages if the thumbnail would be + bigger than the original image +* (bug 1213) i18n of Special:Log labels +* (bug 1013) Fix jbo, minnan in language names list +* Added magic word MAG_NOTITLECONVERT to indicate that the title of the page + do not need to be converted. Useful in zh: +* (bug 1224) Use proper date messages for date reformatter +* (bug 1241) Don't show 'cont.' for first entry of the category list +* (bug 1240) Special:Preferences was broken in Slovenian locale when + $wgUseDynamicDates is enabled +* Added magic word MAG_NOCONTENTCONVERT to supress the conversion of the + content of an article. Useful in zh: +* write-lock for updating the zh conversion tables in memcache +* recursively parse subpages of MediaWiki:Zhconversiontable +* (bug 1144) Fix export for fy language +* make removal of an entry from zhconversiontable work +* (bug 752) Don't insert newline in link title for url with %0a +* Fix missing search box contents in MonoBook skin +* Add option to forward search directly to an external URL (eg google) +* Correctly highlight the fallback language variant when the selected + variant is disabled. Used in zh: only for now. -== Version 1.2.1, 2004-03-27 == +=== Beta 5 fixes === -Installation, compatibility, security fixlets: -* Detect use of PHP as CGI and disable index.php/Title URLs -* Try to auto-create math tmp & output directories if not present -* Disable Asksql in default install ($wgAllowSysopQueries) -* Better handling of get_magic_quotes_gpc (apostrophe problems) -* French localisation no longer hard-codes "Wikipedia" name +* (bug 1124) Fix ImageGallery XHTML compliance +* (bug 1186) news: in the middle of a word +* (bug 1283) Use underlining and borders to highlight additions/deletions + in diff-view +* Use user's local timezone in Special:Log display +* Show filename for images in gallery by default (restore beta 3 behaviour) +* (bug 1201) Double-escaping in brokenlinks, imagelinks, categorylinks, searchindex +* When using squid reverse proxy, cache the redirect to the Main_Page +* (bug 1302) Fix Norwegian language file +* (bug 1205) Fix broken article saving in PHP 5.1 +* (bug 1206) Implement CURRENTWEEK and CURRENTDOW magic keyword (will give + number of the week and number of the day). +* (bug 1204) Blocks do not expire automatically +* (bug 1184) expiry time of indefinite blocks shown as the current time +* (bug 1317) Fix external links in image captions +* (bug 1084) Fix logo not rendering centrally in IE +* (bug 288) Fix tabs wrapping in IE6 +* (bug 119) Fix full-width tabs with RTL text in IE +* (bug 1323) Fix logo rendering off-screen in IE with RTL language +* Show "block" link in Special:Recentchanges for logged in users, too, if + wgUserSysopBans is true. +* (bug 1326) Use content language for '1movedto2' in edit history +* zh: Fix warning when HTTP_ACCEPT_LANGUAGE is not set +* zh: Fix double conversion for zh-sg and zh-hk +* (bug 1132) Fix concatenation of link lists in refreshLinks +* (bug 1101) Fix memory leak in refreshLinks +* (bug 1339) Fix order of @imports in Cologne Blue CSS +* Don't try to create links without namespaces ([[Category:]] link bug) +* Memcached data compression fixes +* Several valid XHTML fixes +* (bug 624) Fix IE freezing rendering whilst waiting for CSS with MonoBook +* (bug 211) Fix tabbed preferences with XHTML MIME type +* Fix for script execution vulnerability. -== Version 1.2.0 == +=== Beta 6 fixes === -New features in 1.2: -* Image resizing/thumbnail generation -* Stricter upload file extension blacklist and whitelist options -* More flexible blocking system; time period may be set -* Handier sysop account management. An account marked "bureaucrat" - may assign sysop access to other accounts via Special:Makesysop. - (The exact details of this may change in the future) -* Support for a squid cache with explicit purging of cached anon pages -* Optional compression of old revision text (requires zlib support) -* Fuzzy title search (experimental, requires memcached) -* Page rendering cache (experimental) -* Editing toolbar to demonstrate wiki syntax to newbies - (off by default in user preferences) -* Support for authenticated SMTP outgoing e-mail (experimental) -* It's now possible to assign sysop accounts from within the wiki. - An account with this ability must be labeled with the "bureaucrat" - privilege, such as the 'Developer' account created by the install. +* (bug 1335) implement 'tooltip-watch' in Language.php +* Fix linktrail for nn: language +* (bug 1214) Fix prev/next links in Special:Log +* (bug 1354) Fix linktrail for fo: language +* (bug 512) Reload generated CSS on preference change +* (bug 63) Fix displaying as if logged in after logout +* Set default MediaWiki:Sitenotice to '-', avoiding extra database hits +* Skip message cache initialization on raw page view (quick hack) +* Fix notice errors in wfDebugDieBacktrace() in XML callbacks +* Suppress notice error on bogus timestamp input (returns epoch as before) +* Remove unnecessary initialization and double-caching of parser variables +* Call-tree output mode for profiling +* (bug 730) configurable $wgRCMaxAge; don't try to update purged RC entries +* Add $wgNoFollowLinks option to add rel="nofollow" on external links + (on by default) +* (bug 1130) Show actual title when moving page instead of encoded one. +* (bug 925) Fix headings containing <math> +* (bug 1131) Fix headings containing interwiki links +* (bug 1380) Update Nynorsk language file +* (bug 1232) Fix sorting of cached Special:Wantedpages in miser mode +* (bug 1217) Image within an image caption broke rendering +* (bug 1384) Make patrol signs have the same width for page moves as for edits +* (bug 1364) fix "clean up whitespace" in Title:SecureAndSplit +* (bug 1389) i18n for proxyblocker message +* Add fur/Furlan/Friulian to language names list +* Add TitleMoveComplete hook on page renames +* Allow simple comments for each translation rules in MW:Zhconversiontable +* (bug 1402) Make link color of tab subject page link on talk page indicate whether article exists +* (bug 1368) Fix SQL error on stopword/short word search w/ MySQL 3.x +* Translated Hebrew namespace names +* (bug 1429) Stop double-escaping of block comments; fix formatting +* (bug 829) Fix URL-escaping on block success +* (bug 1228) Fix double-escaping on & sequences in [enclosed] URLs +* (bug 1435) Fixed many CSS errors +* (bug 1457) Fix XHTML validation on category column list +* (bug 1458) Don't save if edit form submission is incomplete +* Logged-in edits and preview of user CSS/JS are now locked to a session token. +* Per-user CSS and JavaScript subpage customizations now disabled by default. + They can be re-enabled via $wgAllowUserJs and $wgAllowUserCss. +* Removed .ogg from the default uploads whitelist as an extra precaution. + If your web server is configured to serve Ogg files with the correct + Content-Type header, you can re-add it in LocalSettings.php: + $wgFileExtensions[] = 'ogg'; -Fixes and tweaks: -* Now works with register_globals off! -* Works with short tags disabled. -* Should work out of the box on MySQL 3.2.x again. On 4.x set - $wgEnablePersistentLC = true; to turn on the link cache table - for a slight rendering speed boost. -* rebuildMessages.php can now selectively update new messages, or - overwrite everything. -* Various bug fixes. -* Other stuff we forgot. -* Documentation more out of date than ever before! +=== RC1 fixes === -=== Behavior changes === +* Fix notice error on nonexistent template in wikitext system message +* (bug 1469) add missing <ul> tags on Special:Log +* (bug 1470) remove extra <ul> tags from Danish log messages +* Fix notice on purge w/ squid mode off +* (bug 1477) hide details of SQL error messages by default + Set $wgShowSQLErrors = true for debugging. +* (bug 1430) Don't check for template data when editing page that doesn't exist +* Recentchanges table purging fixed when using table prefix +* (bug 1431) Avoid redundant objectcache garbage collection +* (bug 1474) Switch to better-cached index for statistics page count +* Run Unicode normalization on all input fields +* Fix translation for allpagesformtext2 in LanguageZh_cn and LanguageZh_tw +* Block image revert without valid login +* (bug 1446) stub Bambara (bm) language file using French messages +* (bug 1432) Update Estonian localization +* (bug 1471) unclosed <p> tag in Danish messages +* convertLinks script fixes +* Corrections to template loop detection +* XHTML encoding fix for usernames containing & in Special:Emailuser +* (for zh) Search for variant links even when conversion is turned off, + to help prevent duplicate articles. +* Disallow ISO 8859-1 C1 characters and "no-break space" in user names + on Latin-1 wikis. +* Correct the name of the main page it LanguageIt +* Allow Special:Makesysop to work for usernames containing SQL special + characters. +* Fix annoying blue line in Safari on scaled-down images on description page +* Increase upload sanity checks +* Fix XSS bug in Media: links +* Add cross-site form submission protection to various actions +* Fix fatal error on some dubious page titles +* Stub threshold displays correctly again -* wiki.phtml and redirect.phtml are now renamed to index.php and redirect.php - The old names are provided too for compatibility, but make sure they don't - conflict if you've been putting other files in your wiki. -* Uploaded filenames are more strictly checked than before. See bits in - DefaultSettings.php to tweak this behavior to your needs. -* Database messages are now enabled by default, so the interface messages can - be tweaked through the wiki with a sysop account. Disable this if you - don't want the performance hit. -=== Database changes === +=== 1.4.0 final fixes === -An index was added to recentchanges table to speed up Newpages -(patch-rc-newindex.sql for manual updaters). +* (bug 65) Fix broken interwiki link encoding on Latin-1 wikis; force to UTF-8 +* (bug 563) Fix UTF-8 interwiki URL redirects via Latin-1 wikis +* (bug 1536) Fix page info +* Support os (Ossetic) as language code, using Russian localization base +* (bug 1610) Support non (Old Norse) as language code, using Icelandic localization base +* (bug 1618) Properly list custom namespaces in Special:Allpages +* (bug 1622) Remove trailing' >' when using category browser +* (bug 1570) Fix php 4.2.x error on conflict merging +* (bug 1585) Fix page title on post-login redirection page +* Run UTF-8 validation on old text in Recentchanges RSS diffs +* (bug 1642) fix a mime type typo in img_auth.php +* Automated interwiki redirects only for local interwikis +* Respect read-only mode on block removals +* Trim old illegal characters from syndication feeds +* Reduce message cache outage recovery delay from 1 day to 5 minutes +* (bug 1403) Update Finnish localization +* (bug 1478) Punjabi localization +* (bug 1667) Update script 5 second countdown. +* (bug 1057) Fix logging table encoding (error on MySQL 4.1) +* (bug 1680) Fix linktrail for fo +* (bug 1653) Removing hardcoded messages in Special:Allmessages +* (bug 1594) Render a hyphen in a formula as − in HTML +* (bug 1495) Fall back to default language MediaWiki: for custom messages +* (bug 1617) Show different error messages for "user does not + exist" and "wrong password" when using AuthPlugin +* (bug 1532), (bug 1544) Changed language names for + 'bn', 'bo', 'dv', 'dz', 'ht', 'ii', 'li', 'lo', 'ng', 'or', 'pa', 'si', + 'ti', 've' +* Fix editing on non-Esperanto wiki with user language pref set to Esperanto +* Make conversion table for zh-sg default to zh-cn, and zh-hk default to zh-tw +* Fix PHP notice in MonoBook when counters disabled +* (bug 1696) Update namespaces, dates in uk localization +* (bug 551) Installer warns about magic_quotes_runtime and magic_quotes_sybase + instead of trying to install with corrupt table files +* Installer no longer tries to move non-default MediaWiki: pages into Template: +* User-to-user email disabled by default ($wgEnableUserEmail) -Expiration date field has been added to ipblocks table -(patch-ipb_expiry.sql for manual updaters). +=== 1.4.1 fixes === -== Version 1.1.0, 2003-12-08 == +* (bug 1720) fix genitive month names for uk +* (bug 1704) fixed untranslateable string in Special:Log +* (bug 1638) Added Belrusian language file +* (bug 1736) typo in SpecialValidate.php +* (bug 73) Upload doesn't run edit updates on description page (links, + search index and categories) +* (bug 646) <math> fails to recognize \ll and \gg +* (bug 926) \div element from TeX not supported in <math> element +* (bug 1147) add \checkmark to whitelist in texutil.ml +* (bug 937) \limits function from LaTeX not supported in <math> element +* Support for manually converting article title to different Chinese + variants (for zh) +* (bug 1488, bug 1744) Fix encoding for preferences, dates in Latin-1 mode +* (bug 1042) Fix UTF-8 case conversion for PHP <4.3 with mbstring extension +* Fix code typo that broke article credits display +* Installation fixes for running under IIS +* (bug 1556) login page tab order. "remember" checkbox now come after password. +* SQL debug log fixlets +* (bug 1815) Fix namespace in old revision display with mismatched title +* (bug 1788) Fix link duplication when edit/upload comment includes newlines +* Change default on $wgSysopUserBans and $wgSysopRangeBans to true +* Fix link conversion for URL request +* (bug 1851) Updated download URL for the SCIM packages used by zhtable +* (bug 1853) Try stripping quotes from term for 'go' title match +* Fix missing function in Latin1 mode +* (bug 1860) Anchors of interwiki links did not get normalized +* (bug 1847) accept lowercase x in ISBN, do not accept invalid A-W,Y,Z +* Fix link conversion for URL request, hopefully without breaking the wiki +* (bug 1849) New option allows to consider categorized images as used on + Special:Unusedimages +* Localized category namespace for ka (Georgian) +* (bug 1107) Work around includes problem in installer when parent dir is not + readable by the web server +* (bug 1927) Incorrect escaping on wikitext message in Blockip -This is the new production release. Any following 1.1.x releases are expected -to contain only bug fixes; developments of new features will go towards a 1.2.0 -release. -New features in 1.1: -* New wiki table syntax: - http://meta.wikipedia.org/wiki/MediaWiki_User%27s_Guide:_Using_tables -* User-editable interface messages: - http://meta.wikipedia.org/wiki/MediaWiki_namespace -* XML-wrapped page source export with optional history: - http://meta.wikipedia.org/wiki/XML_import_and_export - (There is not yet an import function!) -* "Magic words" +=== 1.4.2 fixes === -Fixes and tweaks: -* linkscc table caches link data for rendering; faster rebuildlinks.php -* Numerous bugs in Cologne Blue skin fixed -* Login gives warning about missing cookies -* Block log, protection log added; deletion log now includes undeletions -* Deletion & upload logs now escape comment text properly -* Problems with <nowiki> segments in section titles etc mitigated -* Contributions offset and minor edit bugs fixed -* Whatlinkshere now sorted alphabetically -* Various exciting new profiling options. -* Debug log is off by default. -* Various small bugs fixed. +* Fix math options in Finnish localization +* Use in-process Tidy extension if available when $wgUseTidy is on +* (bug 1933) Fix PATH_INFO usage under IIS with PHP ISAPI module +* (bug 1188) <nowiki> in {{subst:}} includes fixed +* (bug 1936)  in {{subst:}} includes fixed +* Fix a potential MSIE JavaScript injection vector in Tidy mode -Internal changes: -* wfQuery has had a second parameter inserted, DB_READ or DB_WRITE. This value - is not actually used so far. -* Partial code for categories and Smarty template-based skins is in the tree - but disabled. -* Parts of Article.php have been moved to EditPage.php and ImagePage.php. -New translations: -* fi - Finnish -* ia - Interlingua -* no - Norwegian -* sk - Slovak -* ta - Tamil +=== 1.4.3 fixes === -=== Database changes === +* (bug 1636) Refs like ţ were misinterpreted as octal in some places +* (bug 1163) Special:Undelete showed oldest revision instead of newest +* (bug 1938) Fix escaping of illegal character references in link text +* (bug 1997) Fix for error on display of renamed items in Recentchanges on PHP5 +* (bug 1949) Profiling typo in rare error case +* (bug 1963) Fix deletion log link when $wgCapitalLinks is off +* (bug 1970) Don't show move tab for immobile pages +* (bug 1770) Page creation recorded links from the 'newarticletext' message +* Optional change to the site_stats table. When applied, this removes the need + for expensive queries in Special:Statistics. -"linkscc" table added. If upgrading manually (rather than with update.php), -run maintenance/archives/patch-linkscc.sql to create the table. -Older releases were dated snapshots from the old 'stable' branch: +=== 1.4.4 fixes === -== mediawiki-20031118 == +* (bug 725) Let dir="ltr" attribute work again in MonoBook on RTL languages +* (bug 2024) Skip JavaScript error for custom skins where .js message not set +* (bug 2025) Updated Indonesian localization +* (bug 2039) Updated Lithuanian localization -* Image deletion fixed. -* Deletion of image old revisions now restricted to sysops - (this is an irreversible action and not well logged) -* Fixed maintenance scripts broken by last release's security fix -* Many errors in rebuildlinks script fixed. -== mediawiki-20031117 == +=== Caveats === -* SECURITY FIX: stricter checking of include path -* Fixed user contributions next/prev bug -* Login cookies now have the database name prefixed to allow wikis - to coexist in the same domain. This will invalidate any old saved - password cookies. -* Update cache timestamp when talk pages are created -* Saving the login form in Mozilla no longer blanks password in prefs. -* Check existence of source page before performing a move. -* Detect invalid titles in Special:Allpages -* Q-encode headers on outgoing inter-user e-mail -* Updates to some translations. -* Added table of contents border/bg to Cologne Blue, Nostalgia skins -* Protected pages no longer appear unprotected when visited via redirect -* Swapped old Wikipedia logo for the MediaWiki sunflower logo -* install.php, update.php print warning on old PHP versions, - added compatibility functions that might or might not help +Some output, particularly involving user-supplied inline HTML, may not [truncated at 1000 lines; 121853 more skipped]

1 0

[arty] 19943: Fix firefox exit. Implement a simple work queue for possibly dispatch level
by arty＠svn.reactos.com 07 Dec '05

07 Dec '05

Fix firefox exit. Implement a simple work queue for possibly dispatch level callbacks for cancel and close. Modified: trunk/reactos/drivers/lib/ip/network/receive.c Modified: trunk/reactos/drivers/lib/ip/transport/tcp/tcp.c Modified: trunk/reactos/drivers/net/tcpip/include/tcp.h Modified: trunk/reactos/drivers/net/tcpip/include/tcpip.h Modified: trunk/reactos/drivers/net/tcpip/include/titypes.h Modified: trunk/reactos/drivers/net/tcpip/tcpip/dispatch.c Modified: trunk/reactos/drivers/net/tcpip/tcpip/fileobjs.c Modified: trunk/reactos/drivers/net/tcpip/tcpip/main.c _____ Modified: trunk/reactos/drivers/lib/ip/network/receive.c --- trunk/reactos/drivers/lib/ip/network/receive.c 2005-12-07 00:06:27 UTC (rev 19942) +++ trunk/reactos/drivers/lib/ip/network/receive.c 2005-12-07 08:50:27 UTC (rev 19943) @@ -521,6 +521,8 @@ * IPPacket = Pointer to IP packet */ { + IP_ADDRESS Address; + TI_DbgPrint(DEBUG_IP, ("Received IPv4 datagram.\n")); IPPacket->HeaderSize = (((PIPv4_HEADER)IPPacket->Header)->VerIHL & 0x0F) << 2; @@ -562,7 +564,16 @@ /* FIXME: Should we allow packets to be received on the wrong interface? */ /* XXX Find out if this packet is destined for us */ - ProcessFragment(IF, IPPacket); + + if( AddrLocateADEv4( IPPacket->DstAddr.Address.IPv4Address, &Address ) ) { + ProcessFragment( IF, IPPacket ); + } else { + PNEIGHBOR_CACHE_ENTRY NCE; + + if((NCE = RouteGetRouteToDestination( &IPPacket->DstAddr ))) { + IPSendDatagram( IPPacket, NCE, NULL, NULL ); + } + } #if 0 } else { /* This packet is not destined for us. If we are a router, _____ Modified: trunk/reactos/drivers/lib/ip/transport/tcp/tcp.c --- trunk/reactos/drivers/lib/ip/transport/tcp/tcp.c 2005-12-07 00:06:27 UTC (rev 19942) +++ trunk/reactos/drivers/lib/ip/transport/tcp/tcp.c 2005-12-07 08:50:27 UTC (rev 19943) @@ -647,4 +647,8 @@ return STATUS_SUCCESS; } +void TCPMarkForDisconnect( PCONNECTION_ENDPOINT Context, BOOLEAN Marked ) { + Context->Disconnecting = Marked; +} + /* EOF */ _____ Modified: trunk/reactos/drivers/net/tcpip/include/tcp.h --- trunk/reactos/drivers/net/tcpip/include/tcp.h 2005-12-07 00:06:27 UTC (rev 19942) +++ trunk/reactos/drivers/net/tcpip/include/tcp.h 2005-12-07 08:50:27 UTC (rev 19943) @@ -38,6 +38,9 @@ #define TCPOPTLEN_MAX_SEG_SIZE 0x4 +#define TCP_CANCEL_DISCONNECT 0 +#define TCP_CANCEL_CLOSE 1 + /* Data offset; 32-bit words (leftmost 4 bits); convert to bytes */ #define TCP_DATA_OFFSET(DataOffset)(((DataOffset) & 0xF0) >> (4-2)) @@ -57,6 +60,13 @@ KEVENT Event; } SLEEPING_THREAD, *PSLEEPING_THREAD; +typedef struct _CANCEL_REQUEST { + LIST_ENTRY Entry; + PVOID Context; + PIRP Irp; + UINT Flags, Type; +} CANCEL_REQUEST, *PCANCEL_REQUEST; + /* Retransmission timeout constants */ /* Lower bound for retransmission timeout in TCP timer ticks */ @@ -176,4 +186,7 @@ NTSTATUS TCPShutdown( VOID); +void TCPMarkForDisconnect( + PCONNECTION_ENDPOINT Connection, BOOLEAN Marked ); + #endif /* __TCP_H */ _____ Modified: trunk/reactos/drivers/net/tcpip/include/tcpip.h --- trunk/reactos/drivers/net/tcpip/include/tcpip.h 2005-12-07 00:06:27 UTC (rev 19942) +++ trunk/reactos/drivers/net/tcpip/include/tcpip.h 2005-12-07 08:50:27 UTC (rev 19943) @@ -188,6 +188,9 @@ extern KSPIN_LOCK InterfaceListLock; extern LIST_ENTRY AddressFileListHead; extern KSPIN_LOCK AddressFileListLock; +extern LIST_ENTRY CancelQueue; +extern KSPIN_LOCK CancelQueueLock; +extern WORK_QUEUE_ITEM CancelQueueWork; extern NDIS_HANDLE GlobalPacketPool; extern NDIS_HANDLE GlobalBufferPool; extern KSPIN_LOCK EntityListLock; _____ Modified: trunk/reactos/drivers/net/tcpip/include/titypes.h --- trunk/reactos/drivers/net/tcpip/include/titypes.h 2005-12-07 00:06:27 UTC (rev 19942) +++ trunk/reactos/drivers/net/tcpip/include/titypes.h 2005-12-07 08:50:27 UTC (rev 19943) @@ -308,6 +308,8 @@ * notification service to the client */ UINT SignalState; /* Active signals from oskit */ BOOLEAN Signalled; /* Are we a member of the signal list */ + BOOLEAN Disconnecting; /* Cancelling an irp .. we need to leave it + * alone for now */ } CONNECTION_ENDPOINT, *PCONNECTION_ENDPOINT; _____ Modified: trunk/reactos/drivers/net/tcpip/tcpip/dispatch.c --- trunk/reactos/drivers/net/tcpip/tcpip/dispatch.c 2005-12-07 00:06:27 UTC (rev 19942) +++ trunk/reactos/drivers/net/tcpip/tcpip/dispatch.c 2005-12-07 08:50:27 UTC (rev 19943) @@ -12,6 +12,8 @@ #include "precomp.h" #include <pseh/pseh.h> +extern VOID DeleteConnectionEndpoint( PCONNECTION_ENDPOINT Endpoint ); + NTSTATUS DispPrepareIrpForCancel( PTRANSPORT_CONTEXT Context, PIRP Irp, @@ -135,7 +137,56 @@ TI_DbgPrint(DEBUG_IRP, ("Done Completing IRP\n")); } +VOID DDKAPI CancelQueuePassiveHandler( PVOID CancelRequestVoid ) +{ + KIRQL OldIrql; + PCANCEL_REQUEST CancelReq; + PLIST_ENTRY CqEntry; + KeAcquireSpinLock( &CancelQueueLock, &OldIrql ); + + TI_DbgPrint(DEBUG_IRP,("CANCEL QUEUE: Starting\n")); + + for( CqEntry = CancelQueue.Flink; + CqEntry != &CancelQueue; + ) { + CancelReq = CONTAINING_RECORD(CqEntry, CANCEL_REQUEST, Entry); + ExInterlockedRemoveHeadList( &CancelQueue, &CancelQueueLock ); + CqEntry = CancelQueue.Flink; + + KeReleaseSpinLock( &CancelQueueLock, OldIrql ); + + TI_DbgPrint(DEBUG_IRP,("CANCEL QUEUE: Executing %x\n", CancelReq)); + + switch( CancelReq->Type ) { + case TCP_CANCEL_DISCONNECT: + TCPDisconnect + ( CancelReq->Context, + CancelReq->Flags, + NULL, + NULL, + DispDataRequestComplete, + CancelReq->Irp ); + break; + + case TCP_CANCEL_CLOSE: + TCPClose( CancelReq->Context ); + DeleteConnectionEndpoint( CancelReq->Context ); + break; + } + + TCPMarkForDisconnect( CancelReq->Context, FALSE ); + + ExFreePool( CancelReq ); + + KeAcquireSpinLock( &CancelQueueLock, &OldIrql ); + } + + TI_DbgPrint(DEBUG_IRP,("CANCEL QUEUE: Ending\n")); + + KeReleaseSpinLock( &CancelQueueLock, OldIrql ); +} + VOID DDKAPI DispCancelRequest( PDEVICE_OBJECT Device, PIRP Irp) @@ -150,6 +201,7 @@ PTRANSPORT_CONTEXT TranContext; PFILE_OBJECT FileObject; UCHAR MinorFunction; + PCANCEL_REQUEST CancelRequest; /*NTSTATUS Status = STATUS_SUCCESS;*/ TI_DbgPrint(DEBUG_IRP, ("Called.\n")); @@ -169,23 +221,21 @@ /* Try canceling the request */ switch(MinorFunction) { case TDI_SEND: - TCPDisconnect - ( TranContext->Handle.ConnectionContext, - TDI_DISCONNECT_RELEASE, - NULL, - NULL, - DispDataRequestComplete, - Irp ); - break; - case TDI_RECEIVE: - TCPDisconnect - ( TranContext->Handle.ConnectionContext, - TDI_DISCONNECT_ABORT | TDI_DISCONNECT_RELEASE, - NULL, - NULL, - DispDataRequestComplete, - Irp ); + CancelRequest = ExAllocatePoolWithTag + ( sizeof(CANCEL_REQUEST), NonPagedPool, FOURCC('T','c','k','O') ); + TCPMarkForDisconnect( TranContext->Handle.ConnectionContext, TRUE ); + if( CancelRequest ) { + TI_DbgPrint(DEBUG_IRP,("CANCEL QUEUE:-> %x\n", CancelRequest)); + CancelRequest->Flags = TDI_DISCONNECT_RELEASE | + (MinorFunction == TDI_RECEIVE) ? TDI_DISCONNECT_ABORT : 0; + CancelRequest->Context = TranContext->Handle.ConnectionContext; + CancelRequest->Irp = Irp; + CancelRequest->Type = TCP_CANCEL_DISCONNECT; + ExInterlockedInsertTailList + ( &CancelQueue, &CancelRequest->Entry, &CancelQueueLock ); + ExQueueWorkItem( &CancelQueueWork, CriticalWorkQueue ); + } break; case TDI_SEND_DATAGRAM: _____ Modified: trunk/reactos/drivers/net/tcpip/tcpip/fileobjs.c --- trunk/reactos/drivers/net/tcpip/tcpip/fileobjs.c 2005-12-07 00:06:27 UTC (rev 19942) +++ trunk/reactos/drivers/net/tcpip/tcpip/fileobjs.c 2005-12-07 08:50:27 UTC (rev 19943) @@ -10,7 +10,6 @@ #include "precomp.h" - /* List of all address file objects managed by this driver */ LIST_ENTRY AddressFileListHead; KSPIN_LOCK AddressFileListLock; @@ -352,6 +351,7 @@ KIRQL OldIrql; PADDRESS_FILE AddrFile; NTSTATUS Status = STATUS_SUCCESS; + PCANCEL_REQUEST CancelReq; TI_DbgPrint(MID_TRACE, ("Called.\n")); @@ -369,8 +369,16 @@ switch (AddrFile->Protocol) { case IPPROTO_TCP: TCPFreePort( AddrFile->Port ); - if( AddrFile->Listener ) - TCPClose( AddrFile->Listener ); + if( AddrFile->Listener ) { + CancelReq = ExAllocatePoolWithTag + ( sizeof(CANCEL_REQUEST), NonPagedPool, FOURCC('T','c','l','s') ); + if( CancelReq ) { + CancelReq->Type = TCP_CANCEL_CLOSE; + CancelReq->Context = AddrFile->Listener; + AddrFile->Listener = NULL; + ExQueueWorkItem( &CancelQueueWork, CriticalWorkQueue ); + } + } break; case IPPROTO_UDP: @@ -466,15 +474,19 @@ { PCONNECTION_ENDPOINT Connection; NTSTATUS Status = STATUS_SUCCESS; + PCANCEL_REQUEST CancelReq; TI_DbgPrint(MID_TRACE, ("Called.\n")); Connection = Request->Handle.ConnectionContext; - TcpipRecursiveMutexEnter( &TCPLock, TRUE ); - TCPClose(Connection); - DeleteConnectionEndpoint(Connection); - TcpipRecursiveMutexLeave( &TCPLock ); + CancelReq = ExAllocatePoolWithTag + ( sizeof(CANCEL_REQUEST), NonPagedPool, FOURCC('T','c','l','s') ); + if( CancelReq ) { + CancelReq->Type = TCP_CANCEL_CLOSE; + CancelReq->Context = Connection; + ExQueueWorkItem( &CancelQueueWork, CriticalWorkQueue ); + } TI_DbgPrint(MAX_TRACE, ("Leaving.\n")); _____ Modified: trunk/reactos/drivers/net/tcpip/tcpip/main.c --- trunk/reactos/drivers/net/tcpip/tcpip/main.c 2005-12-07 00:06:27 UTC (rev 19942) +++ trunk/reactos/drivers/net/tcpip/tcpip/main.c 2005-12-07 08:50:27 UTC (rev 19943) @@ -14,7 +14,7 @@ #ifndef NDEBUG DWORD DebugTraceLevel = DEBUG_ULTRA & ~(DEBUG_LOCK | DEBUG_PBUFFER); #else -DWORD DebugTraceLevel = 0; +DWORD DebugTraceLevel = DEBUG_IRP; #endif /* NDEBUG */ PDEVICE_OBJECT TCPDeviceObject = NULL; @@ -35,6 +35,12 @@ KSPIN_LOCK IpWorkLock; WORK_QUEUE_ITEM IpWorkItem; +/* Cancel Queue */ +LIST_ENTRY CancelQueue; +KSPIN_LOCK CancelQueueLock; +WORK_QUEUE_ITEM CancelQueueWork; +extern VOID DDKAPI CancelQueuePassiveHandler( PVOID Context ); + VOID TiWriteErrorLog( PDRIVER_OBJECT DriverContext, NTSTATUS ErrorCode, @@ -809,6 +815,11 @@ InitializeListHead(&InterfaceListHead); KeInitializeSpinLock(&InterfaceListLock); + /* Initialize cancellation queue */ + InitializeListHead(&CancelQueue); + KeInitializeSpinLock(&CancelQueueLock); + ExInitializeWorkItem( &CancelQueueWork, CancelQueuePassiveHandler, NULL ); + /* Initialize network level protocol subsystem */ IPStartup(RegistryPath);

1 0

[greatlrd] 19942: take care of Bug#: 1084
by greatlrd＠svn.reactos.com 07 Dec '05

07 Dec '05

take care of Bug#: 1084 Modified: trunk/reactos/subsys/system/cmd/dir.c _____ Modified: trunk/reactos/subsys/system/cmd/dir.c --- trunk/reactos/subsys/system/cmd/dir.c 2005-12-06 22:53:48 UTC (rev 19941) +++ trunk/reactos/subsys/system/cmd/dir.c 2005-12-07 00:06:27 UTC (rev 19942) @@ -1130,11 +1130,14 @@ return 1; } + /* In bare format we don't print results */ if (lpFlags->bBareFormat) return 0; /* Print recursive specific results */ + + /* Take this code offline to fix /S does not print duoble info */ if (lpFlags->bRecursive) { ConvertULargeInteger(u64Bytes, szBuffer, sizeof(szBuffer), lpFlags->bTSeperator); @@ -1144,8 +1147,22 @@ ConOutPrintfPaging(FALSE,szMsg,ulFiles, szBuffer); else ConOutPrintf(szMsg,ulFiles, szBuffer); + + if (ulFiles > 0) + { + ConvertULargeInteger(u64Bytes, szBuffer, 20, lpFlags->bTSeperator); + LoadString(CMD_ModuleHandle, STRING_DIR_HELP8, szMsg, RC_STRING_MAX_SIZE); + if(lpFlags->bPause) + ConOutPrintfPaging(FALSE,szMsg,ulFiles, szBuffer); + else + ConOutPrintf(szMsg,ulFiles, szBuffer); + } - + + } + else + { + /* Print File Summary */ /* Condition to print summary is: If we are not in bare format and if we have results! */ @@ -1159,7 +1176,8 @@ ConOutPrintf(szMsg,ulFiles, szBuffer); } - + +} /* Print total directories and freespace */ szRoot[0] = szPath[0]; GetUserDiskFreeSpace(szRoot, &uliFree);

1 0

[greatlrd] 19941: Bugfix EnumDisplayDevicesA when it convert the struct DISPLAY_DEVICE to unicode it use ansi side of it. and that why it did fail.
by greatlrd＠svn.reactos.com 06 Dec '05

06 Dec '05

Bugfix EnumDisplayDevicesA when it convert the struct DISPLAY_DEVICE to unicode it use ansi side of it. and that why it did fail. Modified: trunk/reactos/lib/user32/misc/display.c _____ Modified: trunk/reactos/lib/user32/misc/display.c --- trunk/reactos/lib/user32/misc/display.c 2005-12-06 20:18:59 UTC (rev 19940) +++ trunk/reactos/lib/user32/misc/display.c 2005-12-06 22:53:48 UTC (rev 19941) @@ -61,7 +61,7 @@ return FALSE; } - DisplayDeviceW.cb = lpDisplayDevice->cb; + DisplayDeviceW.cb = sizeof(DISPLAY_DEVICEW); rc = NtUserEnumDisplayDevices ( &Device, iDevNum,

1 0

[frik85] 19940: RosCMS update:
by frik85＠svn.reactos.com 06 Dec '05

06 Dec '05

RosCMS update: * "group Members" interface: fixed a small bug Modified: trunk/web/reactos.org/htdocs/roscms/inc/admin_user_group_members.php _____ Modified: trunk/web/reactos.org/htdocs/roscms/inc/admin_user_group_members.php --- trunk/web/reactos.org/htdocs/roscms/inc/admin_user_group_members.php 2005-12-06 19:59:09 UTC (rev 19939) +++ trunk/web/reactos.org/htdocs/roscms/inc/admin_user_group_members.php 2005-12-06 20:18:59 UTC (rev 19940) @@ -178,11 +178,13 @@ FROM usergroup_members $ros_cms_intern_users_filt $ros_cms_intern_users_lang ORDER BY '$ros_cms_intern_users_sortby' $ros_cms_intern_users_sort LIMIT ". $roscms_SET_curpos ." , ". $roscms_intern_items_per_page ." ;") ; + } else { + //AND user_account_hidden != 0 $query_page = mysql_query("SELECT * FROM usergroup_members - $ros_cms_intern_users_filt AND user_account_hidden != 0 $ros_cms_intern_users_lang + $ros_cms_intern_users_filt $ros_cms_intern_users_lang ORDER BY '$ros_cms_intern_users_sortby' $ros_cms_intern_users_sort LIMIT ". $roscms_SET_curpos ." , ". $roscms_intern_items_per_page ." ;") ; } @@ -206,7 +208,7 @@ $farbe = $farbe2; } ?>"> - <div align="center"><a href="?page=admin&sec=usrgrpmbr&sec2=edit&sec3=<?php echo $result_page['usergroupmember_usergroupid']; ?>&db_id=<?php echo $result_page['usergroupmember_userid']; ?>"><img src="images/view.gif" alt="Edit Membership" width="19" height="18" border="0"></a> <a href="?page=admin&sec=usrgrpmbr&sec2=add&sec3=new&db_id= <?php echo $result_page['usergroupmember_userid']; ?>"><img src="images/tool.gif" alt="Add Membership" width="19" height="18" border="0"></a> <a href="?page=admin&sec=usrgrpmbr&sec2=delete&sec3=<?php echo $result_page['usergroupmember_usergroupid']; ?>&db_id=<?php echo $result_page['usergroupmember_userid']; ?>"><img src="images/delete.gif" alt="Add Membership" width="19" height="18" border="0"></a></div></td> + <div align="center"><a href="?page=admin&sec=usrgrpmbr&sec2=edit&sec3=<?php echo $result_page['usergroupmember_usergroupid']; ?>&db_id=<?php echo $result_page['usergroupmember_userid']; ?>"><img src="images/view.gif" alt="Edit Membership" width="19" height="18" border="0"></a> <a href="?page=admin&sec=usrgrpmbr&sec2=add&sec3=new&db_id= <?php echo $result_page['usergroupmember_userid']; ?>"><img src="images/tool.gif" alt="Add Membership" width="19" height="18" border="0"></a> <a href="?page=admin&sec=usrgrpmbr&sec2=delete&sec3=<?php echo $result_page['usergroupmember_usergroupid']; ?>&db_id=<?php echo $result_page['usergroupmember_userid']; ?>"><img src="images/delete.gif" alt="Delete Membership" width="19" height="18" border="0"></a></div></td> <td width="7%" valign="middle" bgcolor="<?php echo $farbe; ?>"> <div align="center"><font face="Arial, Helvetica, sans-serif"><?php echo "<b>".$result_page['usergroupmember_userid']."</b>"; ?></font></div></td> <td width="10%" valign="middle" bgcolor="<?php echo $farbe; ?>"><font face="Arial, Helvetica, sans-serif"><?php $query_usra = mysql_query("SELECT user_id, user_name FROM users WHERE user_id = '".$result_page['usergroupmember_userid']."'") or die('DB error (membership script)!');

1 0

[gvg] 19939: MediaWiki 1.5.3 vendor drop
by gvg＠svn.reactos.com 06 Dec '05

06 Dec '05

MediaWiki 1.5.3 vendor drop Modified: vendor/mediawiki/current/.cvsignore Modified: vendor/mediawiki/current/AdminSettings.sample Modified: vendor/mediawiki/current/HISTORY Modified: vendor/mediawiki/current/INSTALL Modified: vendor/mediawiki/current/README Modified: vendor/mediawiki/current/RELEASE-NOTES Modified: vendor/mediawiki/current/UPGRADE Deleted: vendor/mediawiki/current/Version.php Modified: vendor/mediawiki/current/config/index.php Added: vendor/mediawiki/current/docs/README Deleted: vendor/mediawiki/current/docs/deferred.doc Added: vendor/mediawiki/current/docs/deferred.txt Deleted: vendor/mediawiki/current/docs/design.doc Added: vendor/mediawiki/current/docs/design.txt Added: vendor/mediawiki/current/docs/export-0.1.xsd Added: vendor/mediawiki/current/docs/export-0.2.xsd Added: vendor/mediawiki/current/docs/export-0.3.xsd Added: vendor/mediawiki/current/docs/export-demo.xml Deleted: vendor/mediawiki/current/docs/globals.doc Added: vendor/mediawiki/current/docs/globals.txt Deleted: vendor/mediawiki/current/docs/hooks.doc Added: vendor/mediawiki/current/docs/hooks.txt Deleted: vendor/mediawiki/current/docs/language.doc Added: vendor/mediawiki/current/docs/language.txt Deleted: vendor/mediawiki/current/docs/linkcache.doc Added: vendor/mediawiki/current/docs/linkcache.txt Deleted: vendor/mediawiki/current/docs/memcached.doc Added: vendor/mediawiki/current/docs/memcached.txt Deleted: vendor/mediawiki/current/docs/schema.doc Added: vendor/mediawiki/current/docs/schema.txt Deleted: vendor/mediawiki/current/docs/skin.doc Added: vendor/mediawiki/current/docs/skin.txt Deleted: vendor/mediawiki/current/docs/title.doc Added: vendor/mediawiki/current/docs/title.txt Deleted: vendor/mediawiki/current/docs/user.doc Added: vendor/mediawiki/current/docs/user.txt Modified: vendor/mediawiki/current/img_auth.php Modified: vendor/mediawiki/current/includes/Article.php Modified: vendor/mediawiki/current/includes/AuthPlugin.php Added: vendor/mediawiki/current/includes/BagOStuff.php Modified: vendor/mediawiki/current/includes/Block.php Modified: vendor/mediawiki/current/includes/BlockCache.php Modified: vendor/mediawiki/current/includes/CacheManager.php Modified: vendor/mediawiki/current/includes/CategoryPage.php Modified: vendor/mediawiki/current/includes/ChangesList.php Modified: vendor/mediawiki/current/includes/Credits.php Modified: vendor/mediawiki/current/includes/Database.php Modified: vendor/mediawiki/current/includes/DatabaseFunctions.php Modified: vendor/mediawiki/current/includes/DatabasePostgreSQL.php Modified: vendor/mediawiki/current/includes/DateFormatter.php Modified: vendor/mediawiki/current/includes/DefaultSettings.php Modified: vendor/mediawiki/current/includes/Defines.php Modified: vendor/mediawiki/current/includes/DifferenceEngine.php Modified: vendor/mediawiki/current/includes/EditPage.php Added: vendor/mediawiki/current/includes/Exif.php Added: vendor/mediawiki/current/includes/ExternalEdit.php Modified: vendor/mediawiki/current/includes/ExternalStoreDB.php Modified: vendor/mediawiki/current/includes/Feed.php Modified: vendor/mediawiki/current/includes/FulltextStoplist.php Modified: vendor/mediawiki/current/includes/GlobalFunctions.php Modified: vendor/mediawiki/current/includes/Group.php Modified: vendor/mediawiki/current/includes/HTMLForm.php Modified: vendor/mediawiki/current/includes/HistoryBlob.php Modified: vendor/mediawiki/current/includes/Hooks.php Added: vendor/mediawiki/current/includes/HttpFunctions.php Modified: vendor/mediawiki/current/includes/Image.php Modified: vendor/mediawiki/current/includes/ImageGallery.php Modified: vendor/mediawiki/current/includes/ImagePage.php Deleted: vendor/mediawiki/current/includes/Interwiki.php Modified: vendor/mediawiki/current/includes/LinkCache.php Added: vendor/mediawiki/current/includes/Linker.php Modified: vendor/mediawiki/current/includes/LinksUpdate.php Modified: vendor/mediawiki/current/includes/LoadBalancer.php Modified: vendor/mediawiki/current/includes/LogPage.php Modified: vendor/mediawiki/current/includes/MagicWord.php Modified: vendor/mediawiki/current/includes/Math.php Modified: vendor/mediawiki/current/includes/MessageCache.php Deleted: vendor/mediawiki/current/includes/MessageCacheHints.php Added: vendor/mediawiki/current/includes/MimeMagic.php Modified: vendor/mediawiki/current/includes/Namespace.php Modified: vendor/mediawiki/current/includes/ObjectCache.php Modified: vendor/mediawiki/current/includes/OutputPage.php Modified: vendor/mediawiki/current/includes/PageHistory.php Modified: vendor/mediawiki/current/includes/Parser.php Modified: vendor/mediawiki/current/includes/ParserCache.php Modified: vendor/mediawiki/current/includes/ParserXML.php Modified: vendor/mediawiki/current/includes/Profiling.php Modified: vendor/mediawiki/current/includes/ProxyTools.php Modified: vendor/mediawiki/current/includes/QueryPage.php Modified: vendor/mediawiki/current/includes/RawPage.php Modified: vendor/mediawiki/current/includes/RecentChange.php Added: vendor/mediawiki/current/includes/Revision.php Added: vendor/mediawiki/current/includes/Sanitizer.php Modified: vendor/mediawiki/current/includes/SearchEngine.php Added: vendor/mediawiki/current/includes/SearchMySQL.php Modified: vendor/mediawiki/current/includes/SearchMySQL3.php Modified: vendor/mediawiki/current/includes/SearchMySQL4.php Modified: vendor/mediawiki/current/includes/SearchTsearch2.php Modified: vendor/mediawiki/current/includes/SearchUpdate.php Modified: vendor/mediawiki/current/includes/Setup.php [truncated at 100 lines; 432 more skipped] _____ Modified: vendor/mediawiki/current/.cvsignore --- vendor/mediawiki/current/.cvsignore 2005-12-06 19:57:28 UTC (rev 19938) +++ vendor/mediawiki/current/.cvsignore 2005-12-06 19:59:09 UTC (rev 19939) @@ -6,3 +6,4 @@ .project project.index .metadata* +.settings _____ Modified: vendor/mediawiki/current/AdminSettings.sample --- vendor/mediawiki/current/AdminSettings.sample 2005-12-06 19:57:28 UTC (rev 19938) +++ vendor/mediawiki/current/AdminSettings.sample 2005-12-06 19:59:09 UTC (rev 19939) @@ -23,4 +23,9 @@ $wgDBadminuser = 'wikiadmin'; $wgDBadminpassword = 'adminpass'; +/* + * Whether to enable the profileinfo.php script. + */ +$wgEnableProfileInfo = false; + ?> _____ Modified: vendor/mediawiki/current/HISTORY --- vendor/mediawiki/current/HISTORY 2005-12-06 19:57:28 UTC (rev 19938) +++ vendor/mediawiki/current/HISTORY 2005-12-06 19:59:09 UTC (rev 19939) @@ -1,629 +1,582 @@ Change notes from older releases. For current info see RELEASE-NOTES. += MediaWiki release notes = + Security reminder: MediaWiki does not require PHP's register_globals setting since version 1.2.0. If you have it on, turn it *off* if you can. -== Version 1.3.11, 2005-02-20 == +== MediaWiki 1.4.3 == -MediaWiki 1.3.11 is a security release. +(released 2005-04-28) -A security audit found and fixed a number of problems. Users of MediaWiki -1.3.10 and earlier should upgrade to 1.3.11; users of 1.4 beta releases -should upgrade to 1.4rc1. +MediaWiki 1.4.3 is a bugfix release for the 1.4 stable release series. +Chiefly, this fixes a compatibility problem with PHP 5 and a minor link +table corruption bug on initial page save. -=== Cross-site scripting vulnerability === -XSS injection points can be used to hijack session and authentication -cookies as well as more serious attacks. +== MediaWiki 1.4.2 == -* Media: links output raw text into an attribute value, potentially - abusable for JavaScript injection. This has been corrected. -* Additional checks added to file upload to protect against MSIE and - Safari MIME-type autodetection bugs. +(released 2005-04-20) -As of 1.3.10/1.4beta6, per-user customized CSS and JavaScript is disabled -by default as a general precaution. Sites which want this ability may set -$wgAllowUserCss and $wgAllowUserJs in LocalSettings.php. +MediaWiki 1.4.2 is a security and bug fix release for the 1.4 stable release +series. +A cross-site scripting injection vulnerability was discovered, which +affects only MSIE clients and is only open if MediaWiki has been +manually configured to run output through HTML Tidy ($wgUseTidy). -=== Cross-site request forgery === +Several other bugs are fixed in this release, see the changelog below. -An attacker could use JavaScript-submitted forms to perform various -restricted actions by tricking an authenticated user into visiting -a malicious web page. A fix for page editing in 1.3.10/1.4beta6 has -been expanded in this release to other forms and functions. +All new installations are highly recommended to use 1.4.2 instead of +1.3.x; 1.3.x users should consider upgrading for bug fixes and new +features. Ealier 1.4.x release and beta users should upgrade to this +release for relevant bug fixes; see the changelog later in this file. -Authors of bot tools may need to update their code to include the -additional fields. +If you have trouble, remember to read this whole file and the online FAQ page +before asking for help: -=== Directory traversal === +http://meta.wikimedia.org/wiki/MediaWiki_FAQ -An unchecked parameter in image deletion could allow an authenticated -administrator to delete arbitary files in directories writable by the -web server, and confirm existence of files not deletable. +=== READ THIS FIRST: Upgrading === -== Version 1.3.10, 2005-02-03 == +If upgrading from an older release, see the notes in the file UPGRADE. +There are a couple of minor database changes from the beta releases, +and somewhat larger changes from 1.3.x. -MediaWiki 1.3.10 is a security release. +Upgrading from a previous 1.4.x stable release installation should +generally only require copying the new files over the old ones. -An attacker could craft a URL which, when visited by a particular -logged-in user, would execute arbitrary JavaScript code on the user's -browser in the wiki's site context. This attack has been blocked, and as -an extra precaution the user CSS and JavaScript subpage support is now -disabled by default. Sites which want this ability may set $wgAllowUserCss -and $wgAllowUserJs in LocalSettings.php. -Additional protections have been added against off-site form submissions -hijacking user credentials. Authors of bot tools may need to update their -code to include additional fields. +==== READ THIS FIRST, TOO: MySQL 4.1 AND 5.0 ==== -All wikis running 1.3.x are strongly urged to upgrade to 1.3.10. +MySQL 5.0 is a beta release, not yet ready for production use. If you +are using it, the notes below about 4.1 apply to you too. -Changes from 1.3.9: -* Logged-in edits and preview of user CSS/JS are now locked to a session token. -* Per-user CSS and JavaScript subpage customizations now disabled by default. - They can be re-enabled via $wgAllowUserJs and $wgAllowUserCss. -* Removed .ogg from the default uploads whitelist as an extra precaution. - If your web server is configured to serve Ogg files with the correct - Content-Type header, you can re-add it in LocalSettings.php: - $wgFileExtensions[] = 'ogg'; +If you have the choice of MySQL 4.0 or MySQL 4.1 and don't need 4.1 for +some other application, you should consider sticking with 4.0 for the +moment. 4.1 may require you to do extra fiddling to get things to work +due to changes that aren't fully backwards-compatible. +MySQL 4.1 has changed the authentication protocol in an incompatible +way; many PHP installations still use the older client libraries and +CANNOT CONNECT TO THE SERVER WITH A PASSWORD without some changes. +See: http://dev.mysql.com/doc/mysql/en/Old_client.html -== Version 1.3.9, 2004-12-12 == +If MySQL is set with utf-8 as the default character set, installation +may fail with "key too long" errors. Set the default charset to 'latin1' +for installation and it should work. -MediaWiki 1.3.9 is a security and bug fix release. +The mysqldump backup generator now applies an automatic conversion to +UTF-8, which may irretrivably corrupt your data. Pass the -charset option +with the original default charset (eg 'latin1') to skip the conversion. -A flaw in upload handling has been found which may allow upload and -execution of arbitrary scripts with the permissions of the web server. -Only wikis that have enabled uploads and have a vulnerable Apache -configuration will be affected, but to be safe all wikis should upgrade. -Wikis with uploads available should either disable uploads or upgrade to -1.3.9 immediately; if other files are customized and require merging -changes, includes/SpecialUpload.php may be replaced individually to add -the fix. +==== READ THIS FIRST IF RUNNING ON A WINDOWS SERVER ==== -(It is also recommended to configure your web server to disable script -execution in the 'images' subdirectory where uploads are placed, which -prevents most attacks even if the wiki fails.) +MediaWiki is tested and deployed primarily under the Apache web server +on Linux Unix systems. There are known to be problems running on +Microsoft's IIS which are not fully resolved. If you have a choice, +try running under Apache on Windows, or on a Unix/Linux box instead. -Changes from 1.3.8: -* Backported "Templates used in this page"-feature of EditPage -* Allow "MySkin" as a default skin. -* (bug 938) Parse namespaces correctly on self-interwiki links -* (bug 1010) fix broken Commons image link on Classic & Cologne Blue -* (bug 1004) Norsk language names for interwiki links changed, - Nauruan language name changed -* Enhance upload extension blacklist to protect against vulnerable - Apache configurations +If you're having trouble with blank pages on IIS and can't switch, +try the workaround suggested in this bug report: +http://bugzilla.wikimedia.org/show_bug.cgi?id=1763 -== Version 1.3.8, 2004-11-15 == +=== New features === -MediaWiki 1.3.8 is a bugfix release. Those running wikis with uploads -enabled are strongly recommended to upgrade as this fixes several problems -with overwriting previously-uploaded files. +* 'Recentchanges Patrol' to mark new edits that haven't yet been viewed. +* New, searchable deletion/upload/protection logs +* Image gallery generation (Special:Newimages and <gallery> tag) +* SVG rasterization support (requires external support tools) +* Users can select from the available localizations to override the + default user interface language. +* Traditional/Simplified Chinese conversion support +* rel="nofollow" support to combat linkspam -Changes from 1.3.7: -* (bug 506) fix array_key_exists() warning for IIS servers using - ISAPI mode -* (bug 718) fix bad charset in (file) cached pages -* use local numerals in category page (for Hindi et al) -* alias month abbreviations to month names in Hindi -* add localized numerals for Gujarati and Kannada -* fix Category and project namespaces for Hindi -* Don't output bogus timestamp on Special:Recentchanges if no entries -* Correct template include path which broke some but not all Windows installs -* Fix edit form submission problem with some PHP versions -* Disallow unreachable titles with %XX hex codes -* Allow page [[0]] to be renamed -* (bug 774) when saving with section=new, return to the anchor as with - existing numbered section edits -* Experimental shared upload overlay area (disabled by default) -* (bug 806) Removed some "Wikipedia" hardcoding in German localization -* User option localization fix for some extensions -* (bug 809) now try to load the mysql php extension if it isn't loaded -* (bug 848) fix error message in Special:Newpages RSS and Atom feeds -* (bug 26) fix cache headers on anon talk page notification -* (bug 874) added 'cgi' to wgFileBlacklist -* (bug 862) localize date and time format for Finnish -* (bug 548) Don't overwrite images until the user confirms it +The current implementation adds this attribute to _all_ external URL +links in wiki text (but not internal [[wiki links]] or interwiki links). +To disable the attribute for _all_ external links, add this line to your +LocalSettings.php: + $wgNoFollowLinks = false -== Version 1.3.7, 2004-10-18 == -Changes from 1.3.6: -* Fix protected-page related security issue. +For background information on nofollow see: + http://www.google.com/googleblog/2005/01/preventing-comment-spam.html -== Version 1.3.6, 2004-10-14 == -Changes from 1.3.5: -* (bug 296) Variables in user interface messages are no longer substituted - at install time, so changes to the site name etc should be easier to make -* (bug 149) Special:Recentchanges "changes from" link preserves limit -* (bug 433) tooltip for "Undelete" tab now labeled correctly -* (bug 439) unclickable "Move" tab no longer displays on protected pages -* (bug 484) graceful deletion of images where the actual file is missing -* (bug 686) fixed [[plural]]s in Catalan localization -* Fixed potential HTML/JavaScript injection attack in the UnicodeConverter - extension. (This extension is not enabled by default.) -* Fixed potential HTML/JavaScript injection attack via raw page views to - a maliciously crafted wiki page. -* (bug 187, bug 669) Fixed centered thumbnails, using <div> instead of - <span>. -* catch MySQL error 2000 during installation. -* (bug 704) Removed misleading LocalSettings.sample -* Fix cross site scripting bugs in SpecialIpblocklist, SpecialEmailuser -* Fix SQL injection and cross site scripting bugs in SpecialMaintenance -* Fix cross site scripting bugs and possible filename validation vulnerability - in ImagePage. -* and more of that sort +=== Installation and compatibility === +* The default MonoBook theme now works with PHP 5.0 +* Installation on systems with PHP's safe mode or other oddities + should work more reliably, as MonoBook no longer needs to + create a compiled template file for the wiki to run. +* A table prefix may be specified, to avoid conflicts with other + web applications forced to share a database. +* More thorough UTF-8 input validation; fixes non-ASCII uploaded + filenames from Safari. +* Command-line database upgrade script. -== Version 1.3.5, 2004-09-30 == -Changes from 1.3.4: -* Clean up input validation in 'raw' page output mode which was a potential - cross-site scripting opportunity. +=== Customizability === +* Default user options can now be overridden in LocalSettings. +* Skins system more modular: templates and CSS are now in /skins/ + New skins can be dropped into this directory and used immediately. +* More extension hooks have been added. +* Authentication plugin hook. +* More internal code documentation, generated with phpdoc: + http://www.mediawiki.org/docs/html/ -== Version 1.3.4, 2004-09-28 == -************************** SECURITY NOTE! ****************************** +=== Optimization === -As of 1.3.4, MediaWiki performs some screening of newly uploaded files for -validity. (Some) corrupt image files, and HTML files mistakenly or -maliciously masquerading as images, should now be rejected. +* For many operations, MediaWiki 1.4 should run faster and use + less memory than MediaWiki 1.3. Page rendering is up to twice + as fast. (Use a PHP accelerator such as Turck MMCache for best + results with any PHP application, though!) +* The parser cache no longer requires memcached, and is enabled + by default. This avoids a lot of re-rendering of pages that + have been shown recently, greatly speeding longer page views. +* Support for compiled PHP modules to speed up page diff and + Unicode validation/normalization. (Requires ability to compile + and load PHP extensions). -These checks protect against Internet Explorer security holes relating -to type autodetection which are a potential cross-site scripting attack -vector, and also rejects at least one known version of the "JPEG virus" -which might attack unpatched clients. -If you already have invalid files uploaded this will not protect against -them. If you have expanded the filetype whitelist or disabled the strict -type checking, other dangerous file types may still get through. You should -always be careful when allowing uploads! +=== What isn't ready yet === +* A new user/groups permissions scheme has been held back to 1.5. +* An experimental SOAP interface will be made available as an extension +* PostgreSQL support is largely working, minus search and the installer. + You can perform a manual installation. +* E-mail notification of watched page changes and verification of + user-submitted e-mail addresses is not yet included. +* Log pages are not automatically imported into the new log table + at upgrade time. A script to import old text log entries is + incomplete, but may be available in later point releases. +* Some localizations are still incomplete. -Changes from 1.3.3: -* Fixed lots of template-related bugs, esp. for cases where template - variables are used for links, images, etc. -* Fixed transformation of page messages when viewing Special:Allmessages -* Handle "ISBN ISBN 1234" correctly -* Fixed warning on Category pages -* Fixed some bad error messages on login page -* Fixed history entry for initial main page on install -* Removed problematic { and } from legal title characters -* Strip leading blank from output in preformated text. -* Fixed problem when moving pages to titles with '#' in -* Optional $wgRawHtml for raw <html> sections. Use only on limited- - participation 'trusted' wikis, as it does not protect against cross-site - scripting attacks. For security, this option can only be enabled if in - $wgWhitelistEdit mode. -* Fixed problem where pages which were created as a redirect following - a move never showed on Special:Randompage. -* Fixed line spacing on printed table of contents -* Allow links to pages with names of the form [[RFC 1234]] -* Fixed broken edit links being shown for sections from included templates -* Verify that uploaded image files are of the claimed type. -== Version 1.3.3, 2004-09-09 == +== Changelog == -Changes from 1.3.2: -* Fix for long numeric page titles -* Fix Go search for "0", numeric almost-self-links -* Avoid caching of pages with "You have new messages" headers -* Fix for upgrades as non-root users from 1.2 command-line installs. -* Fix for $wgDebugDumpSql debug mode. -* $wgExtraNamespaces setting for configuring additional namespaces - (see note in DefaultSettings.php) -* 'recache' on query pages now disabled when miser mode is on; special case the - global settings in your LocalSettings.php to do automatic updates. -* Don't block UTF-8 titles containing byte 0xA0 (bug added in 1.3.2) -* Watch/unwatch tabs now shown on edit pages in MonoBook. -* Fix default skin in Irish localization (ga) -* Add Traditional Chinese localization (zh-tw) -* Changed default sortkey of subcategories. Don't include "Category:"-prefix - any longer -* More helpful info on spam catcher. -* Allow larger offsets for queries such as Special:Listusers -* Semicolon (;) added to French non-break space rules -* Possible fix for some install errors with path names permission problems. -* Removed [[Project:All system messages]], which has been superceded by - the much faster [[Special:Allmessages]]. This speeds up installation - considerably. +=== Important security updates === -== Version 1.3.2, 2004-08-30 == +A security audit found and fixed a number of problems. Users of MediaWiki +1.3.10 and earlier should upgrade to 1.3.11; users of 1.4 beta releases +prior to 1.4rc1 should upgrade immediately. -Changes from 1.3.1: -* Fix namespaced page creation links when no go match -* When cookies are disabled, don't show login screen twice -* Install should no longer die when PHP is pre-configured to compress output -* Fixed bug that caused long Japanese pages to time out with Tidy active -* When session.handler is set incorrectly, try automatic override to 'files' -* Watch/Unwatch links back to the affected page instead of Main Page -* Upload link no longer displayed on Monobook if uploading is disabled -* Special:Allmessages faster, shows correct original text, works in safe mode +==== Cross-site scripting vulnerability ==== +XSS injection points can be used to hijack session and authentication +cookies as well as more serious attacks. -== Version 1.3.1, 2004-08-14 == +* Media: links output raw text into an attribute value, potentially + abusable for JavaScript injection. This has been corrected. +* Additional checks added to file upload to protect against MSIE and + Safari MIME-type autodetection bugs. -Changes from 1.3.0: -* Watchlist parameters now work with register_globals off -* Fixed parsing of ''italics'' and '''bold''' mark-up (again) -* Special:Allpages display is more sensible on smaller wikis -* Fixed XHTML parsing error in classic skins -* Moved pages update watchlist correctly -* Fixed rebuildall.php on case-sensitive Unix filesystems -* Disabled file cache compression by default due to incompatibility - with output buffer compression (ob_gzhandler) -* New magic word PAGENAMEE (URL-escaped version of PAGENAME) -* Installation avoids blank username; better message on missing XML module -* $wgWhitelistAccount no longer breaks all logins. +As of 1.3.10/1.4beta6, per-user customized CSS and JavaScript is disabled +by default as a general precaution. Sites which want this ability may set +$wgAllowUserCss and $wgAllowUserJs in LocalSettings.php. -== Version 1.3.0, 2004-08-11 == -Look & layout: -* New default layout 'MonoBook' (available on PHP4 only currently) -* Print stylesheet now built-in to every page -* More or less correct XHTML 1.0 (served as text/html by default) +==== Cross-site request forgery ==== -Wiki features: -* Image captions can now include links and other basic formatting -* Image bounding box can be specified instead of width, e.g. as - 100x100px, making the image not wider than 100px and not higher - than 100px, keeping aspect ratio. -* Templates have been expanded with parameters, and separated from - the MediaWiki: localization scheme. -* Categories more or less work -* added a special page for listing users with sysop rights. +An attacker could use JavaScript-submitted forms to perform various +restricted actions by tricking an authenticated user into visiting +a malicious web page. A fix for page editing in 1.3.10/1.4beta6 has +been expanded in this release to other forms and functions. -Editing: -* Automatic merging of edit conflicts that don't directly interfere -* Edit summaries can now include basic formatting and links +Authors of bot tools may need to update their code to include the +additional fields. -Metadata and output: -* Linked Creative Commons copyright metadata (optional) -* RSS 2.0 & Atom 0.3 feeds for Recent Changes, New Pages -Optional modules: -* WikiHiero hieroglyphic module can be added (separate download) -* Timeline module can be added (separate download). - Requires ploticus. -* TeX now has an experimental MathML output mode (incomplete!) +==== Directory traversal ==== -Installation and upgrading: -* The old install.php and update.php have been removed. In-place - installation introduced in 1.2 is now the standard installation - and upgrade method, see INSTALL and UPGRADE for directions. +An unchecked parameter in image deletion could allow an authenticated +administrator to delete arbitary files in directories writable by the +web server, and confirm existence of files not deletable. -Database: -* The links table has been changed to use a cur_id for l_from. - The link tables must be converted on upgrade, which may entail - some downtime. -Code and compatibility: -* Should now run clean with error reporting set to E_ALL. -* register_globals hack from 1.2 has been replaced with safer code -* Bundled PHPTAL 0.7.0 from http://phptal.sourceforge.net/ - (with some patches) -* Most image-related code moved to Image.php -* More fixes for PHP 4.1.2 (thanks to Asheesh Laroia) -* URL encoding fix for anchors -* All languages now available in UTF-8 mode -* Various other fixes +==== Older issues ==== -=== Caveats === +Note that 1.4 beta releases prior to beta 5 include an input validation +error which could lead to execution of arbitrary PHP code on the server. +Users of older betas should upgrade immediately to the current version. -Some output, particularly involving user-supplied inline HTML, may not -produce 100% valid or well-formed XHTML output. Testers are welcome to -set $wgMimeType = "application/xhtml+xml"; to test for remaining problem -cases, but this is not recommended on live sites. (This must be set for -MathML to display properly in Mozilla.) -The new 'MonoBook' skin is not compatible with PHP 5 due to bugs in the -underlying PHPTAL library. It will be automatically disabled when running -on PHP5; the older look and feel will be used instead. +Beta 6 also introduces the use of rel="nofollow" attributes on external +links in wiki pages to reduce the effectiveness of wiki spam. This will +cause participating search engines to ignore external URL links from wiki +pages for purposes of page relevancy ranking. -== Version 1.2.6, 2004-05-24 == -* Spam blocker ($wgSpamRegex - refuses to save edits that match) -* Updated documentation about $wgWhitelistRead -* Ensure that searchindex table is created as MyISAM -* Interwiki cache timeout (memcached) -* Fix uploads on Windows with magic_quotes_gpc -* Some config fixes for Windows (slashes etc) -* Local interwiki URL redirects -* Fixed obscure deletion problem in squid mode on corrupt entries -* Language files updated to remove more hard-coded "Wikipedia" strings +=== Misc bugs fixed in beta 1 === -== Version 1.2.5, 2004-05-01 == -* Fixed install problem with blank root password -* Fixed Special:Emailuser/Username links -* Fixed main-page edit links on fuzzy search results -* Fixed wikipedia-interwiki.sql -* Fixed install with apache2filter (ugly URLs) -* IP in 'go' search brings up contributions -* Switch from broken & to ? on top-level wiki URL hack +* (bug 95) Templates no longer limited to 5 inclusions per page +* New user preference for limiting the image size for images on image description + pages +* (bug 530) Allow user to preview article on first edit +* (bug 479) [[RFC 1234]] will now make an internal link +* (bug 511) PhpTal skins shown bogus 'What links here' etc on special pages +* (bug 770) Adding filter and username exact search match for Special:Listusers +* (bug 733) Installer die if it can not write LocalSettings.php +* (bug 705) Various special pages no more show the rss/atom feed links +* (bug 114) use category backlinks in Special:Recentchangeslinked -== Version 1.2.4, 2004-04-13 == +=== Beta 2 fixes === -* Fixed edit toolbar in Mozilla -* Diff links in Contributions for 'top' edits -* Fixed Nostalgia skin drop-down for register_globals off -* Backported optional open proxy blocker -* Backported $wgWhitelistRead -* $wgCapitalLinks option to force full case sensitivity in titles -* Cleaned up error handling when can't talk to database -* Disabled unsafe command-line installer (remove the "die()" call to use) +* (bug 987) Reverted bogus fix for bug 502 +* (bug 992) Fix enhanced recent changes in PHP5 +* (bug 1009) Fix Special:Makesysop when using table prefixes +* (bug 1010) fix broken Commons image link on Classic & Cologne Blue +* (bug 985) Fix auto-summary for section edits +* (bug 995) Close <a> tag +* (bug 1004) renamed norsk language links (twice) +* Login works again when using an old-style default skin +* Fix for load balancing mode, notify if using old settings format +* (bug 1014) Missing image size option on old accounts handled gracefully +* (bug 1027) Fix page moves with table prefix +* (bug 1018) Some pages fail with stub threshold enabled +* (bug 1024) Fix link to high-res image version on Image: pages +* (bug 1016) Fix handling of lines omitting Image: in a <gallery> tag +* security fix for image galleries +* (bug 1039) Avoid error message in certain message cache failure modes +* Fix string escaping with PostgreSQL +* (bug 1015) [partial] -- use comment formatter on image gallery text +* Allow customization of all UI languages +* use $wgForceUIMsgAsContentMsg to make regular UI messages act as content +* new user option for zh users to disable language conversion +* Defer message cache initialization, shaving a few ms off file cache hits +* Fixed Special:Allmessages when using table prefixes +* (bug 996) Fix $wgWhitelistRead to work again +* (bug 1028) fix page move over redirect to not fail on the unique index -== Version 1.2.3, 2004-04-02 == +=== Beta 3 fixes === -* Fixed an in-place install bug with non-root MySQL user -* Fixed history diff checkboxes bug on titles with ampersands -* Fixed printable link bug on special pages with parameters -* Fixed bug that broke IP blocking w/o memcached -* Turns off E_NOTICE warnings if PHP settings have them on - (you can grope in and turn this off if you like to debug) +* Hide RC patrol markers when patrol is disabled or not allowed to patrol. +* Fix language selection for upgraded accounts +* (bug 1076) navigation links in QueryPage should be translated by wgContLang. +* (bug 922) bogus DOS line endings in LanguageEl.php +* Fix index usage in contribs +* Caching and load limiting options for Recentchanges RSS/Atom feed +* (bug 1074) Add stock icons for non-image files in gallery/Newimages +* Add width and height attributes on thumbs in gallery/Newimages +* Enhance upload extension blacklist to protect against vulnerable + Apache configurations -== Version 1.2.2, 2004-03-28 == +=== Beta 4 fixes === -* Fixed an upgrade bug introduced in 1.2.1. -* Disabled $wgUseCategoryMagic, which feature is incomplete broken +* (bug 1090) Fix sitesupport links in CB/classic skins +* Gracefully ignore non-legal titles in a <gallery> +* Fix message page caching behavior when $wgCapitalLinks is turned off + after installation and the wiki is subsequently upgraded +* Database error messages include the database server name/address +* Paging support for large categories +* Fix image page scaling when thumbnail generation is disabled +* Select the content language in prefs when bogus interface language is set +* Fix interwiki links in edit comments +* Fix crash on banned user visit +* Avoid PHP warning messages when thumbnail not generated +* (bug 1157) List unblocks correctly in Special:Log +* Fix fatal errors in LanguageLi.php +* Undo overly bright, difficult to read colors in Cologne Blue +* (bug 1162) fix five-tilde date inserter +* Add raw signatures option for those who simply must have cute sigs +* (bug 1164) Let wikitext be used in Loginprompt and Loginend messages +* Add the dreaded <span> to the HTML whitelist +* (bug 1170) Fix Russian linktrail +* (bug 1168) Missing text on the bureaucrat log +* (bug 1180) Fix Makesysop on shared-user-table sites +* (bug 1178) Fix previous diff link when using 'oldid=0' +* (bug 1173) Stop blocked accounts from reverting/deleting images +* Keep generated stylesheets cache-separated for each user +* (bug 1175) Fix "preview on first edit" mode +* Fix revert bug caused by bug 1175 fix +* Fix CSS classes on minor, new, unpatrolled markers in enhanced RC +* Set MySQL 4 boolean search back to 'and' mode by default +* (bug 1193) Fix move-only page protection mode +* Fix zhtable Makefile to include the traditional manual table +* Add memcache timeout for the zh conversion tables +* Allow user customization of the zh conversion tables through + Mediawiki:zhconversiontable +* Add zh-min-man (back) to language names list +* Ported $wgCopyrightIcon setting from REL1_3A +* (bug 1218) Show the original image on image pages if the thumbnail would be + bigger than the original image +* (bug 1213) i18n of Special:Log labels +* (bug 1013) Fix jbo, minnan in language names list +* Added magic word MAG_NOTITLECONVERT to indicate that the title of the page + do not need to be converted. Useful in zh: +* (bug 1224) Use proper date messages for date reformatter +* (bug 1241) Don't show 'cont.' for first entry of the category list +* (bug 1240) Special:Preferences was broken in Slovenian locale when + $wgUseDynamicDates is enabled +* Added magic word MAG_NOCONTENTCONVERT to supress the conversion of the + content of an article. Useful in zh: +* write-lock for updating the zh conversion tables in memcache +* recursively parse subpages of MediaWiki:Zhconversiontable +* (bug 1144) Fix export for fy language +* make removal of an entry from zhconversiontable work +* (bug 752) Don't insert newline in link title for url with %0a +* Fix missing search box contents in MonoBook skin +* Add option to forward search directly to an external URL (eg google) +* Correctly highlight the fallback language variant when the selected + variant is disabled. Used in zh: only for now. -== Version 1.2.1, 2004-03-27 == +=== Beta 5 fixes === -Installation, compatibility, security fixlets: -* Detect use of PHP as CGI and disable index.php/Title URLs -* Try to auto-create math tmp & output directories if not present -* Disable Asksql in default install ($wgAllowSysopQueries) -* Better handling of get_magic_quotes_gpc (apostrophe problems) -* French localisation no longer hard-codes "Wikipedia" name +* (bug 1124) Fix ImageGallery XHTML compliance +* (bug 1186) news: in the middle of a word +* (bug 1283) Use underlining and borders to highlight additions/deletions + in diff-view +* Use user's local timezone in Special:Log display +* Show filename for images in gallery by default (restore beta 3 behaviour) +* (bug 1201) Double-escaping in brokenlinks, imagelinks, categorylinks, searchindex +* When using squid reverse proxy, cache the redirect to the Main_Page +* (bug 1302) Fix Norwegian language file +* (bug 1205) Fix broken article saving in PHP 5.1 +* (bug 1206) Implement CURRENTWEEK and CURRENTDOW magic keyword (will give + number of the week and number of the day). +* (bug 1204) Blocks do not expire automatically +* (bug 1184) expiry time of indefinite blocks shown as the current time +* (bug 1317) Fix external links in image captions +* (bug 1084) Fix logo not rendering centrally in IE +* (bug 288) Fix tabs wrapping in IE6 +* (bug 119) Fix full-width tabs with RTL text in IE +* (bug 1323) Fix logo rendering off-screen in IE with RTL language +* Show "block" link in Special:Recentchanges for logged in users, too, if + wgUserSysopBans is true. +* (bug 1326) Use content language for '1movedto2' in edit history +* zh: Fix warning when HTTP_ACCEPT_LANGUAGE is not set +* zh: Fix double conversion for zh-sg and zh-hk +* (bug 1132) Fix concatenation of link lists in refreshLinks +* (bug 1101) Fix memory leak in refreshLinks +* (bug 1339) Fix order of @imports in Cologne Blue CSS +* Don't try to create links without namespaces ([[Category:]] link bug) +* Memcached data compression fixes +* Several valid XHTML fixes +* (bug 624) Fix IE freezing rendering whilst waiting for CSS with MonoBook +* (bug 211) Fix tabbed preferences with XHTML MIME type +* Fix for script execution vulnerability. -== Version 1.2.0 == +=== Beta 6 fixes === -New features in 1.2: -* Image resizing/thumbnail generation -* Stricter upload file extension blacklist and whitelist options -* More flexible blocking system; time period may be set -* Handier sysop account management. An account marked "bureaucrat" - may assign sysop access to other accounts via Special:Makesysop. - (The exact details of this may change in the future) -* Support for a squid cache with explicit purging of cached anon pages -* Optional compression of old revision text (requires zlib support) -* Fuzzy title search (experimental, requires memcached) -* Page rendering cache (experimental) -* Editing toolbar to demonstrate wiki syntax to newbies - (off by default in user preferences) -* Support for authenticated SMTP outgoing e-mail (experimental) -* It's now possible to assign sysop accounts from within the wiki. - An account with this ability must be labeled with the "bureaucrat" - privilege, such as the 'Developer' account created by the install. +* (bug 1335) implement 'tooltip-watch' in Language.php +* Fix linktrail for nn: language +* (bug 1214) Fix prev/next links in Special:Log +* (bug 1354) Fix linktrail for fo: language +* (bug 512) Reload generated CSS on preference change +* (bug 63) Fix displaying as if logged in after logout +* Set default MediaWiki:Sitenotice to '-', avoiding extra database hits +* Skip message cache initialization on raw page view (quick hack) +* Fix notice errors in wfDebugDieBacktrace() in XML callbacks +* Suppress notice error on bogus timestamp input (returns epoch as before) +* Remove unnecessary initialization and double-caching of parser variables +* Call-tree output mode for profiling +* (bug 730) configurable $wgRCMaxAge; don't try to update purged RC entries +* Add $wgNoFollowLinks option to add rel="nofollow" on external links + (on by default) +* (bug 1130) Show actual title when moving page instead of encoded one. +* (bug 925) Fix headings containing <math> +* (bug 1131) Fix headings containing interwiki links +* (bug 1380) Update Nynorsk language file +* (bug 1232) Fix sorting of cached Special:Wantedpages in miser mode +* (bug 1217) Image within an image caption broke rendering +* (bug 1384) Make patrol signs have the same width for page moves as for edits +* (bug 1364) fix "clean up whitespace" in Title:SecureAndSplit +* (bug 1389) i18n for proxyblocker message +* Add fur/Furlan/Friulian to language names list +* Add TitleMoveComplete hook on page renames +* Allow simple comments for each translation rules in MW:Zhconversiontable +* (bug 1402) Make link color of tab subject page link on talk page indicate whether article exists +* (bug 1368) Fix SQL error on stopword/short word search w/ MySQL 3.x +* Translated Hebrew namespace names +* (bug 1429) Stop double-escaping of block comments; fix formatting +* (bug 829) Fix URL-escaping on block success +* (bug 1228) Fix double-escaping on & sequences in [enclosed] URLs +* (bug 1435) Fixed many CSS errors +* (bug 1457) Fix XHTML validation on category column list +* (bug 1458) Don't save if edit form submission is incomplete +* Logged-in edits and preview of user CSS/JS are now locked to a session token. +* Per-user CSS and JavaScript subpage customizations now disabled by default. + They can be re-enabled via $wgAllowUserJs and $wgAllowUserCss. +* Removed .ogg from the default uploads whitelist as an extra precaution. + If your web server is configured to serve Ogg files with the correct + Content-Type header, you can re-add it in LocalSettings.php: + $wgFileExtensions[] = 'ogg'; -Fixes and tweaks: -* Now works with register_globals off! -* Works with short tags disabled. -* Should work out of the box on MySQL 3.2.x again. On 4.x set - $wgEnablePersistentLC = true; to turn on the link cache table - for a slight rendering speed boost. -* rebuildMessages.php can now selectively update new messages, or - overwrite everything. -* Various bug fixes. -* Other stuff we forgot. -* Documentation more out of date than ever before! +=== RC1 fixes === -=== Behavior changes === +* Fix notice error on nonexistent template in wikitext system message +* (bug 1469) add missing <ul> tags on Special:Log +* (bug 1470) remove extra <ul> tags from Danish log messages +* Fix notice on purge w/ squid mode off +* (bug 1477) hide details of SQL error messages by default + Set $wgShowSQLErrors = true for debugging. +* (bug 1430) Don't check for template data when editing page that doesn't exist +* Recentchanges table purging fixed when using table prefix +* (bug 1431) Avoid redundant objectcache garbage collection +* (bug 1474) Switch to better-cached index for statistics page count +* Run Unicode normalization on all input fields +* Fix translation for allpagesformtext2 in LanguageZh_cn and LanguageZh_tw +* Block image revert without valid login +* (bug 1446) stub Bambara (bm) language file using French messages +* (bug 1432) Update Estonian localization +* (bug 1471) unclosed <p> tag in Danish messages +* convertLinks script fixes +* Corrections to template loop detection +* XHTML encoding fix for usernames containing & in Special:Emailuser +* (for zh) Search for variant links even when conversion is turned off, + to help prevent duplicate articles. +* Disallow ISO 8859-1 C1 characters and "no-break space" in user names + on Latin-1 wikis. +* Correct the name of the main page it LanguageIt +* Allow Special:Makesysop to work for usernames containing SQL special + characters. +* Fix annoying blue line in Safari on scaled-down images on description page +* Increase upload sanity checks +* Fix XSS bug in Media: links +* Add cross-site form submission protection to various actions +* Fix fatal error on some dubious page titles +* Stub threshold displays correctly again -* wiki.phtml and redirect.phtml are now renamed to index.php and redirect.php - The old names are provided too for compatibility, but make sure they don't - conflict if you've been putting other files in your wiki. -* Uploaded filenames are more strictly checked than before. See bits in - DefaultSettings.php to tweak this behavior to your needs. -* Database messages are now enabled by default, so the interface messages can - be tweaked through the wiki with a sysop account. Disable this if you - don't want the performance hit. -=== Database changes === +=== 1.4.0 final fixes === -An index was added to recentchanges table to speed up Newpages -(patch-rc-newindex.sql for manual updaters). +* (bug 65) Fix broken interwiki link encoding on Latin-1 wikis; force to UTF-8 +* (bug 563) Fix UTF-8 interwiki URL redirects via Latin-1 wikis +* (bug 1536) Fix page info +* Support os (Ossetic) as language code, using Russian localization base +* (bug 1610) Support non (Old Norse) as language code, using Icelandic localization base +* (bug 1618) Properly list custom namespaces in Special:Allpages +* (bug 1622) Remove trailing' >' when using category browser +* (bug 1570) Fix php 4.2.x error on conflict merging +* (bug 1585) Fix page title on post-login redirection page +* Run UTF-8 validation on old text in Recentchanges RSS diffs +* (bug 1642) fix a mime type typo in img_auth.php +* Automated interwiki redirects only for local interwikis +* Respect read-only mode on block removals +* Trim old illegal characters from syndication feeds +* Reduce message cache outage recovery delay from 1 day to 5 minutes +* (bug 1403) Update Finnish localization +* (bug 1478) Punjabi localization +* (bug 1667) Update script 5 second countdown. +* (bug 1057) Fix logging table encoding (error on MySQL 4.1) +* (bug 1680) Fix linktrail for fo +* (bug 1653) Removing hardcoded messages in Special:Allmessages +* (bug 1594) Render a hyphen in a formula as − in HTML +* (bug 1495) Fall back to default language MediaWiki: for custom messages +* (bug 1617) Show different error messages for "user does not + exist" and "wrong password" when using AuthPlugin +* (bug 1532), (bug 1544) Changed language names for + 'bn', 'bo', 'dv', 'dz', 'ht', 'ii', 'li', 'lo', 'ng', 'or', 'pa', 'si', + 'ti', 've' +* Fix editing on non-Esperanto wiki with user language pref set to Esperanto +* Make conversion table for zh-sg default to zh-cn, and zh-hk default to zh-tw +* Fix PHP notice in MonoBook when counters disabled +* (bug 1696) Update namespaces, dates in uk localization +* (bug 551) Installer warns about magic_quotes_runtime and magic_quotes_sybase + instead of trying to install with corrupt table files +* Installer no longer tries to move non-default MediaWiki: pages into Template: +* User-to-user email disabled by default ($wgEnableUserEmail) -Expiration date field has been added to ipblocks table -(patch-ipb_expiry.sql for manual updaters). +=== 1.4.1 fixes === -== Version 1.1.0, 2003-12-08 == +* (bug 1720) fix genitive month names for uk +* (bug 1704) fixed untranslateable string in Special:Log +* (bug 1638) Added Belrusian language file +* (bug 1736) typo in SpecialValidate.php +* (bug 73) Upload doesn't run edit updates on description page (links, + search index and categories) +* (bug 646) <math> fails to recognize \ll and \gg +* (bug 926) \div element from TeX not supported in <math> element +* (bug 1147) add \checkmark to whitelist in texutil.ml +* (bug 937) \limits function from LaTeX not supported in <math> element +* Support for manually converting article title to different Chinese + variants (for zh) +* (bug 1488, bug 1744) Fix encoding for preferences, dates in Latin-1 mode +* (bug 1042) Fix UTF-8 case conversion for PHP <4.3 with mbstring extension +* Fix code typo that broke article credits display +* Installation fixes for running under IIS +* (bug 1556) login page tab order. "remember" checkbox now come after password. +* SQL debug log fixlets +* (bug 1815) Fix namespace in old revision display with mismatched title +* (bug 1788) Fix link duplication when edit/upload comment includes newlines +* Change default on $wgSysopUserBans and $wgSysopRangeBans to true +* Fix link conversion for URL request +* (bug 1851) Updated download URL for the SCIM packages used by zhtable +* (bug 1853) Try stripping quotes from term for 'go' title match +* Fix missing function in Latin1 mode +* (bug 1860) Anchors of interwiki links did not get normalized +* (bug 1847) accept lowercase x in ISBN, do not accept invalid A-W,Y,Z +* Fix link conversion for URL request, hopefully without breaking the wiki +* (bug 1849) New option allows to consider categorized images as used on + Special:Unusedimages +* Localized category namespace for ka (Georgian) +* (bug 1107) Work around includes problem in installer when parent dir is not + readable by the web server +* (bug 1927) Incorrect escaping on wikitext message in Blockip -This is the new production release. Any following 1.1.x releases are expected -to contain only bug fixes; developments of new features will go towards a 1.2.0 -release. -New features in 1.1: -* New wiki table syntax: - http://meta.wikipedia.org/wiki/MediaWiki_User%27s_Guide:_Using_tables -* User-editable interface messages: - http://meta.wikipedia.org/wiki/MediaWiki_namespace -* XML-wrapped page source export with optional history: - http://meta.wikipedia.org/wiki/XML_import_and_export - (There is not yet an import function!) -* "Magic words" +=== 1.4.2 fixes === -Fixes and tweaks: -* linkscc table caches link data for rendering; faster rebuildlinks.php -* Numerous bugs in Cologne Blue skin fixed -* Login gives warning about missing cookies -* Block log, protection log added; deletion log now includes undeletions -* Deletion & upload logs now escape comment text properly -* Problems with <nowiki> segments in section titles etc mitigated -* Contributions offset and minor edit bugs fixed -* Whatlinkshere now sorted alphabetically -* Various exciting new profiling options. -* Debug log is off by default. -* Various small bugs fixed. +* Fix math options in Finnish localization +* Use in-process Tidy extension if available when $wgUseTidy is on +* (bug 1933) Fix PATH_INFO usage under IIS with PHP ISAPI module +* (bug 1188) <nowiki> in {{subst:}} includes fixed +* (bug 1936)  in {{subst:}} includes fixed +* Fix a potential MSIE JavaScript injection vector in Tidy mode -Internal changes: -* wfQuery has had a second parameter inserted, DB_READ or DB_WRITE. This value - is not actually used so far. -* Partial code for categories and Smarty template-based skins is in the tree - but disabled. -* Parts of Article.php have been moved to EditPage.php and ImagePage.php. -New translations: -* fi - Finnish -* ia - Interlingua -* no - Norwegian -* sk - Slovak -* ta - Tamil +=== 1.4.3 fixes === -=== Database changes === +* (bug 1636) Refs like ţ were misinterpreted as octal in some places +* (bug 1163) Special:Undelete showed oldest revision instead of newest +* (bug 1938) Fix escaping of illegal character references in link text +* (bug 1997) Fix for error on display of renamed items in Recentchanges on PHP5 +* (bug 1949) Profiling typo in rare error case +* (bug 1963) Fix deletion log link when $wgCapitalLinks is off +* (bug 1970) Don't show move tab for immobile pages +* (bug 1770) Page creation recorded links from the 'newarticletext' message +* Optional change to the site_stats table. When applied, this removes the need + for expensive queries in Special:Statistics. -"linkscc" table added. If upgrading manually (rather than with update.php), -run maintenance/archives/patch-linkscc.sql to create the table. -Older releases were dated snapshots from the old 'stable' branch: +=== 1.4.4 fixes === -== mediawiki-20031118 == +* (bug 725) Let dir="ltr" attribute work again in MonoBook on RTL languages +* (bug 2024) Skip JavaScript error for custom skins where .js message not set +* (bug 2025) Updated Indonesian localization +* (bug 2039) Updated Lithuanian localization -* Image deletion fixed. -* Deletion of image old revisions now restricted to sysops - (this is an irreversible action and not well logged) -* Fixed maintenance scripts broken by last release's security fix -* Many errors in rebuildlinks script fixed. -== mediawiki-20031117 == +=== Caveats === -* SECURITY FIX: stricter checking of include path -* Fixed user contributions next/prev bug -* Login cookies now have the database name prefixed to allow wikis - to coexist in the same domain. This will invalidate any old saved - password cookies. -* Update cache timestamp when talk pages are created -* Saving the login form in Mozilla no longer blanks password in prefs. -* Check existence of source page before performing a move. -* Detect invalid titles in Special:Allpages -* Q-encode headers on outgoing inter-user e-mail -* Updates to some translations. -* Added table of contents border/bg to Cologne Blue, Nostalgia skins -* Protected pages no longer appear unprotected when visited via redirect -* Swapped old Wikipedia logo for the MediaWiki sunflower logo -* install.php, update.php print warning on old PHP versions, - added compatibility functions that might or might not help +Some output, particularly involving user-supplied inline HTML, may not [truncated at 1000 lines; 143240 more skipped]

1 0

[frik85] 19938: RosCMS update:
by frik85＠svn.reactos.com 06 Dec '05

06 Dec '05

RosCMS update: * improve pages and content "view/edit/save" functions * improve "group members" interface * and some minor changes Modified: trunk/web/reactos.org/htdocs/roscms/inc/admin.php Modified: trunk/web/reactos.org/htdocs/roscms/inc/admin_content_edit.php Modified: trunk/web/reactos.org/htdocs/roscms/inc/admin_pages_edit.php Modified: trunk/web/reactos.org/htdocs/roscms/inc/admin_pages_save.php Modified: trunk/web/reactos.org/htdocs/roscms/inc/admin_user_accounts.php Added: trunk/web/reactos.org/htdocs/roscms/inc/admin_user_group_members.php Added: trunk/web/reactos.org/htdocs/roscms/inc/admin_user_group_members_edit.ph p Deleted: trunk/web/reactos.org/htdocs/roscms/inc/admin_user_group_memebers.php Modified: trunk/web/reactos.org/htdocs/roscms/inc/inc_description_table.php Modified: trunk/web/reactos.org/htdocs/roscms/inc/website_status.php _____ Modified: trunk/web/reactos.org/htdocs/roscms/inc/admin.php --- trunk/web/reactos.org/htdocs/roscms/inc/admin.php 2005-12-06 19:43:53 UTC (rev 19937) +++ trunk/web/reactos.org/htdocs/roscms/inc/admin.php 2005-12-06 19:57:28 UTC (rev 19938) @@ -147,7 +147,24 @@ include("inc/admin_user_groups.php"); break; case "usrgrpmbr": - include("inc/admin_user_group_memebers.php"); + if ($rpm_sec2=="view" || $rpm_sec2=="") { + include("inc/admin_user_group_members.php"); + } + else if ($rpm_sec2=="edit") { + include("inc/admin_user_group_members_edit.php"); + } + else if ($rpm_sec2=="add") { + include("inc/admin_user_group_members_edit.php"); + } + else if ($rpm_sec2=="save") { + include("inc/admin_user_group_members_edit.php"); + } + else if ($rpm_sec2=="insert") { + include("inc/admin_user_group_members_edit.php"); + } + else if ($rpm_sec2=="delete") { + include("inc/admin_user_group_members_edit.php"); + } break; case "sessions": include("inc/admin_user_sessions.php"); _____ Modified: trunk/web/reactos.org/htdocs/roscms/inc/admin_content_edit.php --- trunk/web/reactos.org/htdocs/roscms/inc/admin_content_edit.php 2005-12-06 19:43:53 UTC (rev 19937) +++ trunk/web/reactos.org/htdocs/roscms/inc/admin_content_edit.php 2005-12-06 19:57:28 UTC (rev 19938) @@ -66,7 +66,7 @@ <td width="85%" bgcolor="#E2E2E2"> <div align="left"><font face="Arial, Helvetica, sans-serif"> [#cont_ <input name="txt_contentid" type="text" id="txt_contentid" value="<?php echo $result_content['content_name']; ?>" size="50" maxlength="50"> - ]   (e.g. "media")</font></div></td> + ]   (e.g. "about")</font></div></td> </tr> <tr> <td valign="top" bgcolor="#5984C3"> <div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Language</strong></font></div></td> @@ -182,9 +182,35 @@ </optgroup> </select> </td> </tr> + <tr> + <td valign="top" bgcolor="#5984C3"><div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Type</strong></font></div></td> + <td valign="top" bgcolor="#EEEEEE"><font face="Arial, Helvetica, sans-serif"> + <input name="txt_content_type" type="text" id="txt_content_type" value="<?php echo $result_content['content_type']; ?>" size="30" maxlength="30"> +("default", "layout", ...) </font></td> + </tr> + <tr> + <td valign="top" bgcolor="#5984C3"><div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Description</strong></font></div></td> + <td valign="top" bgcolor="#E2E2E2"><font face="Arial, Helvetica, sans-serif"> + <input name="txt_content_desc" type="text" id="txt_content_desc" value="<?php echo $result_content['content_description']; ?>" size="50" maxlength="255"> + </font></td> + </tr> + <tr> + <td valign="top" bgcolor="#5984C3"><div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Username</strong></font></div></td> + <td valign="top" bgcolor="#EEEEEE"><font face="Arial, Helvetica, sans-serif"><?php + + if ($result_content['content_usrname_id']) { + $query_user_name = mysql_query("SELECT * + FROM `users` + WHERE `user_id` = ". $result_content['content_usrname_id'] ." ;") ; + $result_user_name = mysql_fetch_array($query_user_name); + + echo "<b>".$result_user_name['user_name']."</b> (".$result_user_name['user_fullname'].") <a href='?page=user&sec=profil&sec2=".$result_content['content_usrn ame_id']."' target='_blank'>[Profile]</a>"; + } + ?></font></td> + </tr> <tr> <td valign="top" bgcolor="#5984C3"><div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Date</strong></font></div></td> - <td valign="top" bgcolor="#EEEEEE"><font face="Arial, Helvetica, sans-serif"> + <td valign="top" bgcolor="#E2E2E2"><font face="Arial, Helvetica, sans-serif"> <?php echo $result_content['content_date']; ?> @@ -192,7 +218,7 @@ </tr> <tr> <td valign="top" bgcolor="#5984C3"><div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Time</strong></font></div></td> - <td valign="top" bgcolor="#E2E2E2"><font face="Arial, Helvetica, sans-serif"> + <td valign="top" bgcolor="#EEEEEE"><font face="Arial, Helvetica, sans-serif"> <?php echo $result_content['content_time']; ?> @@ -303,6 +329,8 @@ $content_act=""; $content_extra=""; $content_savemode=""; + $content_typea=""; + $content_desca=""; if (array_key_exists("txt_contentid", $_POST)) $content_contentid=$_POST['txt_contentid']; if (array_key_exists("txt_langa", $_POST)) $content_langa=$_POST['txt_langa']; @@ -310,7 +338,10 @@ if (array_key_exists("content_active", $_POST)) $content_act=$_POST['content_active']; if (array_key_exists("txt_extra", $_POST)) $content_extra=$_POST['txt_extra']; if (array_key_exists("content_rad_opt", $_POST)) $content_savemode=$_POST['content_rad_opt']; + if (array_key_exists("txt_content_type", $_POST)) $content_typea=$_POST['txt_content_type']; + if (array_key_exists("txt_content_desc", $_POST)) $content_desca=$_POST['txt_content_desc']; + //echo "<br>".$content_act; if ($content_langa == "") { $content_langa = "all"; @@ -363,7 +394,7 @@ if ($content_savemode == "update") { - $content_description = date("Y-m-d H:i:s")." [".$roscms_intern_account_id."] "; + $content_description = date("Y-m-d H:i:s")." [".$roscms_intern_account_id."] | ".$content_desca; $content_posta="UPDATE `content` SET `content_name` = '". mysql_escape_string($content_contentid) ."', `content_lang` = '". mysql_escape_string($content_langa) ."', @@ -371,12 +402,14 @@ `content_text` = '". mysql_real_escape_string($content_data) ."', `content_visible` = '". mysql_escape_string($content_vis) ."', `content_active` = '". mysql_escape_string($content_act) ."', - `content_description` = '". mysql_escape_string($content_description) ."' + `content_description` = '". mysql_escape_string($content_description) ."', + `content_type` = '". mysql_escape_string($content_description) ."' WHERE `content_id` = '$rpm_db_id' LIMIT 1 ;"; //`content_active` = '1', //`content_usrname_id` = '$roscms_intern_account_id', //`content_date` = CURDATE( ) , //`content_time` = CURTIME( ) + $content_post_lista=mysql_query($content_posta); } elseif ($content_savemode == "translate") { _____ Modified: trunk/web/reactos.org/htdocs/roscms/inc/admin_pages_edit.php --- trunk/web/reactos.org/htdocs/roscms/inc/admin_pages_edit.php 2005-12-06 19:43:53 UTC (rev 19937) +++ trunk/web/reactos.org/htdocs/roscms/inc/admin_pages_edit.php 2005-12-06 19:57:28 UTC (rev 19938) @@ -122,9 +122,9 @@ ?> </font></td> </tr> - <tr> + <tr> <td valign="top" bgcolor="#5984C3"><div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Visible</strong></font></div></td> - <td valign="top" bgcolor="#EEEEEE"><font face="Arial, Helvetica, sans-serif"> + <td valign="top" bgcolor="#E2E2E2"><font face="Arial, Helvetica, sans-serif"> <?php if ($result_page['page_visible'] == 1) { echo ' <input name="page_visible" type="radio" value="yes" checked> yes   <input type="radio" name="page_visible" value="no"> no'; @@ -133,6 +133,19 @@ echo ' <input name="page_visible" type="radio" value="yes"> yes   <input type="radio" name="page_visible" value="no" checked> no'; } ?> +</font></td> + </tr> + <tr> + <td valign="top" bgcolor="#5984C3"><div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Active</strong></font></div></td> + <td valign="top" bgcolor="#EEEEEE"><font face="Arial, Helvetica, sans-serif"> + <?php + if ($result_page['page_active'] == 1) { + echo ' <input name="page_active" type="radio" value="yes" checked> yes   <input type="radio" name="page_active" value="no"> no'; + } + else { + echo ' <input name="page_active" type="radio" value="yes"> yes   <input type="radio" name="page_active" value="no" checked> no'; + } + ?> </font></td> </tr> <tr> @@ -158,6 +171,12 @@ </optgroup> </select> </td> </tr> + <tr> + <td valign="top" bgcolor="#5984C3"><div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Extention</strong></font></div></td> + <td valign="top" bgcolor="#E2E2E2"><font face="Arial, Helvetica, sans-serif"> + <input name="txt_pageextent" type="text" id="txt_pageextent" value="<?php echo $result_page['pages_extention']; ?>" size="10" maxlength="10"> +("default", "xml", ...) </font></td> + </tr> <tr> <td valign="top" bgcolor="#5984C3"><div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Date</strong></font></div></td> <td valign="top" bgcolor="#EEEEEE"><font face="Arial, Helvetica, sans-serif"> _____ Modified: trunk/web/reactos.org/htdocs/roscms/inc/admin_pages_save.php --- trunk/web/reactos.org/htdocs/roscms/inc/admin_pages_save.php 2005-12-06 19:43:53 UTC (rev 19937) +++ trunk/web/reactos.org/htdocs/roscms/inc/admin_pages_save.php 2005-12-06 19:57:28 UTC (rev 19938) @@ -50,7 +50,10 @@ $page_savemode=$_POST['page_rad_opt']; $page_pagetitle=$_POST['txt_pagetitle']; $page_pagedesc=$_POST['txt_pagedesc']; + $page_pageextention=$_POST['txt_pageextent']; + $page_pageactive=$_POST['page_active']; + if ($page_langa == "") { $page_langa = "all"; } @@ -61,6 +64,13 @@ else { $page_vis="0"; } + + if ($page_pageactive == "yes") { + $page_pageactive="1"; + } + else { + $page_pageactive="0"; + } $page_data=$_POST['textarea_pages']; @@ -73,6 +83,8 @@ `page_description` = '". mysql_real_escape_string($page_pagedesc) ."', `page_text` = '". mysql_real_escape_string($page_data) ."', `page_visible` = '". mysql_real_escape_string($page_vis) ."', + `pages_extention` = '". mysql_real_escape_string($page_pageextention) ."', + `page_active` = '". mysql_real_escape_string($page_pageactive) ."', `page_date` = CURDATE( ) , `page_time` = CURTIME( ) WHERE `page_id` = '$rpm_db_id' LIMIT 1 ;"; //`page_active` = '1', _____ Modified: trunk/web/reactos.org/htdocs/roscms/inc/admin_user_accounts.php --- trunk/web/reactos.org/htdocs/roscms/inc/admin_user_accounts.php 2005-12-06 19:43:53 UTC (rev 19937) +++ trunk/web/reactos.org/htdocs/roscms/inc/admin_user_accounts.php 2005-12-06 19:57:28 UTC (rev 19938) @@ -168,9 +168,62 @@ else { echo '<a href="?page=admin&sec=users&sec2=view&sort=language&filt ='.$rpm_filt.'&opt='.$rpm_opt.'&langid='.$rpm_lang_id.'">languag e</a>'; } + echo ' | '; + if ($rpm_sort == "occupation") { + echo '<b>occupation</b>'; + $ros_cms_intern_users_sortby="user_occupation"; + $ros_cms_intern_users_sort="ASC"; + } + else { + echo '<a href="?page=admin&sec=users&sec2=view&sort=occupation&fi lt='.$rpm_filt.'&opt='.$rpm_opt.'&langid='.$rpm_lang_id.'">occup ation</a>'; + } + echo ' | '; + if ($rpm_sort == "counter") { + echo '<b>counter</b>'; + $ros_cms_intern_users_sortby="user_login_counter"; + $ros_cms_intern_users_sort="DESC"; + } + else { + echo '<a href="?page=admin&sec=users&sec2=view&sort=counter&filt= '.$rpm_filt.'&opt='.$rpm_opt.'&langid='.$rpm_lang_id.'">counter< /a>'; + } echo '</p>'; ?> + +<?php + +// Setting: +$roscms_intern_items_per_page = 50; + + +$roscms_SET_curpos = ""; +if (array_key_exists("curpos", $_GET)) $roscms_SET_curpos=htmlspecialchars($_GET["curpos"]); +if (!$roscms_SET_curpos) { + $roscms_SET_curpos = 0; +} + +$query_count_cat=mysql_query("SELECT COUNT('user_id') + FROM `users` + WHERE `user_account_enabled` = 'yes' + AND `user_account_hidden` = 'no' + ORDER BY `user_name` ASC ;"); +$result_count_cat = mysql_fetch_row($query_count_cat); + + echo "<p align='center'>"; + $j=0; + for ($i=0; $i < $result_count_cat[0]; $i += $roscms_intern_items_per_page) { + $j++; + if ($roscms_SET_curpos == $i) { + echo "<b>".$j."</b> "; + } + else { + echo "<a href='?page=admin&sec=users&sec2=view&sort=".$rpm_sort."&amp ;filt=".$rpm_filt."&opt=".$rpm_opt."&langid=".$rpm_lang_id."&amp ;curpos=".$i."'>".$j."</a> "; + } + } + $j=0; + echo "</p>"; + +?> <table width="100%" border="0" cellpadding="1" cellspacing="1"> <tr bgcolor="#5984C3"> <td width="9%"> <div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Action</strong></font></div></td> @@ -192,13 +245,13 @@ $query_page = mysql_query("SELECT * FROM users $ros_cms_intern_users_filt $ros_cms_intern_users_lang - ORDER BY '$ros_cms_intern_users_sortby' $ros_cms_intern_users_sort") ; + ORDER BY '$ros_cms_intern_users_sortby' $ros_cms_intern_users_sort LIMIT ". $roscms_SET_curpos ." , ". $roscms_intern_items_per_page ." ;") ; } else { $query_page = mysql_query("SELECT * FROM users $ros_cms_intern_users_filt AND user_account_hidden != 0 $ros_cms_intern_users_lang - ORDER BY '$ros_cms_intern_users_sortby' $ros_cms_intern_users_sort") ; + ORDER BY '$ros_cms_intern_users_sortby' $ros_cms_intern_users_sort LIMIT ". $roscms_SET_curpos ." , ". $roscms_intern_items_per_page ." ;") ; } $farbe1=$roscms_intern_color1; @@ -220,8 +273,8 @@ echo $farbe2; $farbe = $farbe2; } - ?>" title="RosCMS action buttons:

* View account
* Delete account
* Email
* Website"> - <div align="center"><img src="images/view.gif" alt="View" width="19" height="18" border="0">  + ?>"> + <div align="center"><a href="<?php echo "?page=user&sec=profil&sec2=".$result_page['user_id']; ?>"><img src="images/view.gif" alt="Profil" width="19" height="18" border="0"></a>  <?php if ($result_page['user_email'] != "") { ?> @@ -289,6 +342,20 @@ } // end while ?> </table> +<p align="center"><b><?php + + echo ($roscms_SET_curpos+1)." to "; + + if (($roscms_SET_curpos + $roscms_intern_items_per_page) > $result_count_cat[0]) { + echo $result_count_cat[0]; + } + else { + echo ($roscms_SET_curpos + $roscms_intern_items_per_page); + } + + echo " of ".$result_count_cat[0]; + +?></b></p> <?php $roscms_infotable = "user"; include("inc/inc_description_table.php"); _____ Added: trunk/web/reactos.org/htdocs/roscms/inc/admin_user_group_members.php --- trunk/web/reactos.org/htdocs/roscms/inc/admin_user_group_members.php 2005-12-06 19:43:53 UTC (rev 19937) +++ trunk/web/reactos.org/htdocs/roscms/inc/admin_user_group_members.php 2005-12-06 19:57:28 UTC (rev 19938) @@ -0,0 +1,251 @@ +<?php + + // To prevent hacking activity: + if ( !defined('ROSCMS_SYSTEM') OR !defined('ROSCMS_SYSTEM_ADMIN') ) + { + if ( !defined('ROSCMS_SYSTEM_LOG') ) { + define ("ROSCMS_SYSTEM_LOG", "Hacking attempt"); + } + $seclog_section="roscms_admin_interface"; + $seclog_level="50"; + $seclog_reason="Hacking attempt: admin_users.php"; + define ("ROSCMS_SYSTEM", "Hacking attempt"); + include('securitylog.php'); // open security log + die("Hacking attempt"); + } + +?> +<div class="contentSmall"> <span class="contentSmallTitle">Admin Interface - Group Members</span> + <ul> + <li><strong>Group Members</strong></li> + </ul> + <p>Action: <a href="?page=admin&sec=usrgrpmbr&sec2=add&sec3=new&db_id= new">New Membership</a> | <a href="?page=admin&sec=usrgrpmbr&sec2=view">reset + filters & sort</a></p> + <?php + + + if ($rpm_lang_id == "") { + $rpm_lang_id="all"; + } + //echo '<p>Language: '; + //echo '<b>All</b>'; + $ros_cms_intern_users_lang = " "; + //echo '</p>'; + + if ($rpm_filt == "") { + $rpm_filt="active"; + } + //echo '<p>Filter: '; + //echo '<b>active</b>'; + $ros_cms_intern_users_filt = " "; + //echo '</p>'; + + if ($rpm_filt == "") { + $rpm_filt="active"; + } + echo '<p>Filter: '; + if ($rpm_filt == "active") { + echo '<b>all</b>'; + $ros_cms_intern_users_filt = " "; + } + else { + echo '<a href="?page=admin&sec=usrgrpmbr&sec2=view&sort='.$rpm_sort.' &filt=active&langid='.$rpm_lang_id.'">all</a>'; + } + echo ' | '; + if ($rpm_filt == "sadmin") { + echo '<b>super admin</b>'; + $ros_cms_intern_users_filt = " WHERE `usergroupmember_usergroupid` = 'ros_sadmin' "; + } + else { + echo '<a href="?page=admin&sec=usrgrpmbr&sec2=view&sort='.$rpm_sort.' &filt=sadmin&langid='.$rpm_lang_id.'">super admin</a>'; + } + echo ' | '; + if ($rpm_filt == "admin") { + echo '<b>admin</b>'; + $ros_cms_intern_users_filt = " WHERE `usergroupmember_usergroupid` = 'ros_admin' "; + } + else { + echo '<a href="?page=admin&sec=usrgrpmbr&sec2=view&sort='.$rpm_sort.' &filt=admin&langid='.$rpm_lang_id.'">admin</a>'; + } + echo ' | '; + if ($rpm_filt == "dev") { + echo '<b>developer</b>'; + $ros_cms_intern_users_filt = " WHERE `usergroupmember_usergroupid` = 'developer' "; + } + else { + echo '<a href="?page=admin&sec=usrgrpmbr&sec2=view&sort='.$rpm_sort.' &filt=dev&langid='.$rpm_lang_id.'">developer</a>'; + } + echo ' | '; + if ($rpm_filt == "mod") { + echo '<b>moderator</b>'; + $ros_cms_intern_users_filt = " WHERE `usergroupmember_usergroupid` = 'moderator' "; + } + else { + echo '<a href="?page=admin&sec=usrgrpmbr&sec2=view&sort='.$rpm_sort.' &filt=mod&langid='.$rpm_lang_id.'">moderator</a>'; + } + echo ' | '; + if ($rpm_filt == "trans") { + echo '<b>translator</b>'; + $ros_cms_intern_users_filt = " WHERE `usergroupmember_usergroupid` = 'translator' "; + } + else { + echo '<a href="?page=admin&sec=usrgrpmbr&sec2=view&sort='.$rpm_sort.' &filt=trans&langid='.$rpm_lang_id.'">translator</a>'; + } + echo ' | '; + if ($rpm_filt == "user") { + echo '<b>normal user</b>'; + $ros_cms_intern_users_filt = " WHERE `usergroupmember_usergroupid` = 'user' "; + } + else { + echo '<a href="?page=admin&sec=usrgrpmbr&sec2=view&sort='.$rpm_sort.' &filt=user&langid='.$rpm_lang_id.'">normal user</a>'; + } + + if ($rpm_sort == "") { + $rpm_sort="id"; + } + echo '<p>Sorted by: '; + if ($rpm_sort == "id") { + echo '<b>user ID</b>'; + $ros_cms_intern_users_sortby="usergroupmember_userid"; + $ros_cms_intern_users_sort="ASC"; + } + else { + echo '<a href="?page=admin&sec=usrgrpmbr&sec2=view&sort=id&filt=' .$rpm_filt.'&opt='.$rpm_opt.'&langid='.$rpm_lang_id.'">user ID</a>'; + } + echo ' | '; + if ($rpm_sort == "group") { + echo '<b>group ID</b>'; + $ros_cms_intern_users_sortby="usergroupmember_usergroupid"; + $ros_cms_intern_users_sort="ASC"; + } + else { + echo '<a href="?page=admin&sec=usrgrpmbr&sec2=view&sort=group&fil t='.$rpm_filt.'&opt='.$rpm_opt.'&langid='.$rpm_lang_id.'">group ID</a>'; + } + echo '</p>'; + +?> +<?php + +// Setting: +$roscms_intern_items_per_page = 50; + + +$roscms_SET_curpos = ""; +if (array_key_exists("curpos", $_GET)) $roscms_SET_curpos=htmlspecialchars($_GET["curpos"]); +if (!$roscms_SET_curpos) { + $roscms_SET_curpos = 0; +} + +$query_count_cat=mysql_query("SELECT COUNT('usergroupmember_userid') + FROM `usergroup_members` + " . $ros_cms_intern_users_filt . " + ORDER BY `usergroupmember_userid` ASC ;"); +$result_count_cat = mysql_fetch_row($query_count_cat); + + echo "<p align='center'>"; + $j=0; + for ($i=0; $i < $result_count_cat[0]; $i += $roscms_intern_items_per_page) { + $j++; + if ($roscms_SET_curpos == $i) { + echo "<b>".$j."</b> "; + } + else { + echo "<a href='?page=admin&sec=usrgrpmbr&sec2=view&sort=".$rpm_sort." &filt=".$rpm_filt."&opt=".$rpm_opt."&langid=".$rpm_lang_id." &curpos=".$i."'>".$j."</a> "; + } + } + $j=0; + echo "</p>"; + +?> +<table width="100%" border="0" cellpadding="1" cellspacing="1"> + <tr bgcolor="#5984C3"> + <td width="6%"> + <div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Action</strong></font></div></td> + <td width="4%" bgcolor="#5984C3"> + <div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>ID</strong></font></div></td> + <td width="20%" bgcolor="#5984C3"> + <div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Nick</strong></font></div></td> + <td width="20%"> + <div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Usergroup</strong></font></div></td> + <td width="50%" bgcolor="#5984C3"> + <div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Usergroup + description</strong></font></div></td> + </tr> + <?php + + if($roscms_intern_account_level==100) { + $query_page = mysql_query("SELECT * + FROM usergroup_members + $ros_cms_intern_users_filt $ros_cms_intern_users_lang + ORDER BY '$ros_cms_intern_users_sortby' $ros_cms_intern_users_sort LIMIT ". $roscms_SET_curpos ." , ". $roscms_intern_items_per_page ." ;") ; + } + else { + $query_page = mysql_query("SELECT * + FROM usergroup_members + $ros_cms_intern_users_filt AND user_account_hidden != 0 $ros_cms_intern_users_lang + ORDER BY '$ros_cms_intern_users_sortby' $ros_cms_intern_users_sort LIMIT ". $roscms_SET_curpos ." , ". $roscms_intern_items_per_page ." ;") ; + } + + $farbe1="#E2E2E2"; + $farbe2="#EEEEEE"; + $zaehler="0"; + //$farbe="#CCCCC"; + + while($result_page = mysql_fetch_array($query_page)) { // users +?> + <tr> + <td width="9%" valign="middle" bgcolor="<?php + $zaehler++; + if ($zaehler == "1") { + echo $farbe1; + $farbe = $farbe1; + } + elseif ($zaehler == "2") { + $zaehler="0"; + echo $farbe2; + $farbe = $farbe2; + } + ?>"> + <div align="center"><a href="?page=admin&sec=usrgrpmbr&sec2=edit&sec3=<?php echo $result_page['usergroupmember_usergroupid']; ?>&db_id=<?php echo $result_page['usergroupmember_userid']; ?>"><img src="images/view.gif" alt="Edit Membership" width="19" height="18" border="0"></a> <a href="?page=admin&sec=usrgrpmbr&sec2=add&sec3=new&db_id= <?php echo $result_page['usergroupmember_userid']; ?>"><img src="images/tool.gif" alt="Add Membership" width="19" height="18" border="0"></a> <a href="?page=admin&sec=usrgrpmbr&sec2=delete&sec3=<?php echo $result_page['usergroupmember_usergroupid']; ?>&db_id=<?php echo $result_page['usergroupmember_userid']; ?>"><img src="images/delete.gif" alt="Add Membership" width="19" height="18" border="0"></a></div></td> + <td width="7%" valign="middle" bgcolor="<?php echo $farbe; ?>"> <div align="center"><font face="Arial, Helvetica, sans-serif"><?php echo "<b>".$result_page['usergroupmember_userid']."</b>"; ?></font></div></td> + <td width="10%" valign="middle" bgcolor="<?php echo $farbe; ?>"><font face="Arial, Helvetica, sans-serif"><?php + $query_usra = mysql_query("SELECT user_id, user_name FROM users WHERE user_id = '".$result_page['usergroupmember_userid']."'") or die('DB error (membership script)!'); + $result_usra = mysql_fetch_array($query_usra); // or die('DB error (show_sessions script)'); + + echo $result_usra['user_name']." <a href='?page=user&sec=profil&sec2=".$result_page['usergroupmember _userid']."'>[Profil]</a>"; ?> + </font></td> + <td width="13%" valign="middle" bgcolor="<?php echo $farbe; ?>" title="<?php echo $result_page['usergroupmember_usergroupid']; ?>"><div align="left"><font face="Arial, Helvetica, sans-serif"> + <?php + //echo "SELECT usrgroup_name_id, usrgroup_name FROM usergroups WHERE usrgroup_name_id = '".$result_page['usergroupmember_usergroupid']."'<br>"; + $query_grpb = mysql_query("SELECT usrgroup_name_id, usrgroup_name, usrgroup_description FROM usergroups WHERE usrgroup_name_id = '".$result_page['usergroupmember_usergroupid']."'") or die('DB error (membership script)!'); + $result_grpb = mysql_fetch_array($query_grpb) or die('DB error (membership script)'); + + echo $result_grpb['usrgroup_name']; + ?> + </font></div></td> + <td width="15%" valign="middle" bgcolor="<?php echo $farbe; ?>"> <font face="Arial, Helvetica, sans-serif"><?php + echo substr(htmlentities($result_grpb['usrgroup_description'], ENT_QUOTES), 0, 50)."..."; + ?></font></tr> + <?php + } // end while +?> + </table> +<p align="center"><b><?php + + echo ($roscms_SET_curpos+1)." to "; + + if (($roscms_SET_curpos + $roscms_intern_items_per_page) > $result_count_cat[0]) { + echo $result_count_cat[0]; + } + else { + echo ($roscms_SET_curpos + $roscms_intern_items_per_page); + } + + echo " of ".$result_count_cat[0]; + +?></b></p> + <?php + $roscms_infotable = "user"; + include("inc/inc_description_table.php"); +?> +</div> Property changes on: trunk/web/reactos.org/htdocs/roscms/inc/admin_user_group_members.php ___________________________________________________________________ Name: svn:eol-style + native _____ Added: trunk/web/reactos.org/htdocs/roscms/inc/admin_user_group_members_edit.ph p --- trunk/web/reactos.org/htdocs/roscms/inc/admin_user_group_members_edit.ph p 2005-12-06 19:43:53 UTC (rev 19937) +++ trunk/web/reactos.org/htdocs/roscms/inc/admin_user_group_members_edit.ph p 2005-12-06 19:57:28 UTC (rev 19938) @@ -0,0 +1,176 @@ +<?php +if ($rpm_sec2=="delete") { +?> +<div class="contentSmall"> <span class="contentSmallTitle">Admin Interface - Group Members - Delete Membership</span> + <ul> + <li><strong><a href="?page=admin&sec=usrgrpmbr&sec2=view">Group Members</a></strong> + <ul> + <li>Delete Membership</li> + </ul> + </li> + </ul> +<?php + $spdas="DELETE FROM `usergroup_members` WHERE `usergroupmember_userid` = ".mysql_real_escape_string($rpm_db_id)." AND `usergroupmember_usergroupid` = '".mysql_real_escape_string($rpm_sec3)."' LIMIT 1;"; + $spdaslists=mysql_query($spdas); + echo "<p>The group membership '".$rpm_sec3."' for the user '".$rpm_db_id."' has been deleted!</p>"; +} +else { +?> + +<div class="contentSmall"> <span class="contentSmallTitle">Admin Interface - Group Members - <?php if ($rpm_sec2=="edit") { echo "Edit"; } elseif ($rpm_sec2=="add") { echo "Add"; } ?> Membership</span> + <ul> + <li><strong><a href="?page=admin&sec=usrgrpmbr&sec2=view">Group Members</a></strong> + <ul> + <li><?php if ($rpm_sec2=="edit") { echo "Edit"; } elseif ($rpm_sec2=="add") { echo "Add"; } ?> Membership</li> + </ul> + </li> + </ul> +<?php + + $query_contenta = mysql_query("SELECT * FROM users WHERE user_id = '".$roscms_intern_account_id."'") ; + + $farbe="#E2E2E2"; + + $result_contenta = mysql_fetch_array($query_contenta); + + if ($rpm_sec2=="save") { + $save_account_member_usrid=""; + $save_account_member_usrgrp=""; + + if (array_key_exists("usrid", $_POST)) $save_account_member_usrid=$_POST['usrid']; + if (array_key_exists("usrgrp", $_POST)) $save_account_member_usrgrp=$_POST['usrgrp']; + + if ($save_account_member_usrgrp == "ros_sadmin" && $roscms_intern_usrgrp_sadmin != true) { + die("Not possible! You will need a higher account membership level!"); + } + if ($save_account_member_usrgrp == "ros_admin" && ($roscms_intern_usrgrp_sadmin != true || $roscms_intern_usrgrp_admin != true)) { + die("Not possible! You will need a higher account membership level!"); + } + + if ($save_account_member_usrid && $save_account_member_usrgrp && $rpm_sec3) { + $content_posta="UPDATE `usergroup_members` SET `usergroupmember_usergroupid` = '". mysql_real_escape_string($save_account_member_usrgrp) ."' + WHERE `usergroupmember_userid` =". mysql_real_escape_string($save_account_member_usrid) ." + AND CONVERT( `usergroupmember_usergroupid` USING utf8 ) = '". mysql_real_escape_string($rpm_sec3) ."' + LIMIT 1 ;"; + $content_post_lista=mysql_query($content_posta); + echo "<p><b>saved</b></p>"; + $rpm_db_id = $save_account_member_usrid; + } + } + if ($rpm_sec2=="insert") { + $save_account_member_usrid=""; + $save_account_member_usrgrp=""; + $save_account_member_usridname=""; + + if (array_key_exists("usrid", $_POST)) $save_account_member_usrid=$_POST['usrid']; + if (array_key_exists("usridname", $_POST)) $save_account_member_usridname=$_POST['usridname']; + if (array_key_exists("usrgrp", $_POST)) $save_account_member_usrgrp=$_POST['usrgrp']; + + if ($save_account_member_usridname == "1") { + $accountinfo_query = @mysql_query("SELECT user_name, user_id FROM users WHERE user_name = '".mysql_real_escape_string($save_account_member_usrid)."'") or die('DB error (admin group members edit interface)!'); + $accountinfo_result = @mysql_fetch_array($accountinfo_query); + if ($accountinfo_result['user_id']) { + $save_account_member_usrid = $accountinfo_result['user_id']; + } + else { + die("<blink>Username not found!</blink>"); + } + } + + if ($save_account_member_usrgrp == "ros_sadmin" && $roscms_intern_usrgrp_sadmin != true) { + die("Not possible! You will need a higher account membership level!"); + } + if ($save_account_member_usrgrp == "ros_admin" && ($roscms_intern_usrgrp_sadmin != true || $roscms_intern_usrgrp_admin != true)) { + die("Not possible! You will need a higher account membership level!"); + } + + if ($save_account_member_usrid && $save_account_member_usrgrp && $rpm_sec3) { + $content_postb="INSERT INTO `usergroup_members` ( `usergroupmember_userid` , `usergroupmember_usergroupid` ) + VALUES ( + '". mysql_real_escape_string($save_account_member_usrid) ."', '". mysql_real_escape_string($save_account_member_usrgrp) ."') ;"; + $content_post_listb=mysql_query($content_postb); + echo "<p><b>saved (".$save_account_member_usrid." -> ".$save_account_member_usrgrp.")</b></p>"; + $rpm_db_id = $save_account_member_usrid; + } + } +?> + <form name="cms_content" method="post" action="?page=admin&sec=usrgrpmbr&sec2=<?php if ($rpm_sec2=="edit") { echo "save"; } elseif ($rpm_sec2=="add") { echo "insert"; } ?>&sec3=<?php echo $rpm_sec3; ?>"> + <table width="600" border="0" cellpadding="1" cellspacing="1"> + <tr> + <td width="15%" valign="top" bgcolor="#5984C3"><div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>User + ID </strong></font></div></td> + <td width="85%" valign="top" bgcolor="#E2E2E2"><font face="Arial, Helvetica, sans-serif"> + <?php + if ($rpm_db_id == "new") { + ?> + <input name="usrid" type="text" id="usrid" size="30" maxlength="50"> + <input name="usridname" type="hidden" id="usridname" value="1"> + <?php + } + else { + $query_usra = mysql_query("SELECT user_id, user_name FROM users WHERE user_id = '". $rpm_db_id ."'") or die('DB error (admin membership script)!'); + $result_usra = mysql_fetch_array($query_usra); // or die('DB error (user_group_members_edit)'); + + echo "<b>".$rpm_db_id."</b> (".$result_usra['user_name'].")"; ?> + <input name="usrid" type="hidden" id="usrid" value="<?php echo $rpm_db_id; ?>"> + <?php + } + ?> + </font></td> + </tr> + <tr> + <td valign="top" bgcolor="#5984C3"><div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Usergroup</strong></font></div></td> + <td valign="top" bgcolor="#EEEEEE"><font face="Arial, Helvetica, sans-serif"> + <select id="usrgrp" size="1" name="usrgrp" class="selectbox"> + <?php + $sql_lang="SELECT * + FROM `usergroup_members` + WHERE `usergroupmember_userid` = ". $rpm_db_id ." + AND `usergroupmember_usergroupid` = '". $rpm_sec3 ."' + LIMIT 1 "; + $sql_query_lang=mysql_query($sql_lang); + $myrow_lang=mysql_fetch_array($sql_query_lang); // Languages + ?> + <optgroup label="usergroups"> + <?php + + // User Groups + $sql_langa="SELECT * + FROM `usergroups` + ORDER BY `usrgroup_securitylevel` ASC "; + $sql_query_langa=mysql_query($sql_langa); + while($myrow_langa=mysql_fetch_array($sql_query_langa)) { + echo '<option value="'.$myrow_langa['usrgroup_name_id'].'"'; + //echo "<br>=>".$myrow_lang['usergroupmember_userid']." == ".$myrow_langa['usrgroup_name_id']; + if ($myrow_lang['usergroupmember_usergroupid'] == $myrow_langa['usrgroup_name_id']) { + echo ' selected="selected"'; + } + echo '>'.$myrow_langa['usrgroup_name'].'</option>'; + } + ?> + </optgroup> + </select> + </font></td> + </tr> + </table> + <br /> + <input type="submit" name="Submit" value="Save"> + </form> + <p> </p> + <?php + if ($rpm_db_id != "new") { + + echo "<p><b>".$result_usra['user_name']." is currently member of the following usergroups:</b></p><ul>"; + + $query_page = mysql_query("SELECT * + FROM `usergroup_members` + WHERE `usergroupmember_userid` = $rpm_db_id + ORDER BY `usergroupmember_usergroupid` ASC ;") ; + while($result_page = mysql_fetch_array($query_page)) { + echo "<li>".$result_page['usergroupmember_usergroupid']."</li>"; + } + echo "</ul>"; + } +} +?> +</div> Property changes on: trunk/web/reactos.org/htdocs/roscms/inc/admin_user_group_members_edit.ph p ___________________________________________________________________ Name: svn:eol-style + native _____ Deleted: trunk/web/reactos.org/htdocs/roscms/inc/admin_user_group_memebers.php --- trunk/web/reactos.org/htdocs/roscms/inc/admin_user_group_memebers.php 2005-12-06 19:43:53 UTC (rev 19937) +++ trunk/web/reactos.org/htdocs/roscms/inc/admin_user_group_memebers.php 2005-12-06 19:57:28 UTC (rev 19938) @@ -1,164 +0,0 @@ -<?php - /* - RosCMS - ReactOS Content Management System - Copyright (C) 2005 Klemens Friedl <frik85(a)reactos.org> - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - */ - - // To prevent hacking activity: - if ( !defined('ROSCMS_SYSTEM') OR !defined('ROSCMS_SYSTEM_ADMIN') ) - { - if ( !defined('ROSCMS_SYSTEM_LOG') ) { - define ("ROSCMS_SYSTEM_LOG", "Hacking attempt"); - } - $seclog_section="roscms_admin_interface"; - $seclog_level="50"; - $seclog_reason="Hacking attempt: admin_users.php"; - define ("ROSCMS_SYSTEM", "Hacking attempt"); - include('securitylog.php'); // open security log - die("Hacking attempt"); - } - -?> -<div class="contentSmall"> <span class="contentSmallTitle">Admin Interface - Group Members</span> - <ul> - <li><strong>Group Members</strong></li> - </ul> - - - <p>Action: <a href="#">New Membership</a> | <a href="?page=admin&sec=usrgrpmbr&sec2=view">reset - filters & sort</a></p> -<?php - - - if ($rpm_lang_id == "") { - $rpm_lang_id="all"; - } - echo '<p>Language: '; - echo '<b>All</b>'; - $ros_cms_intern_users_lang = " "; - echo '</p>'; - - if ($rpm_filt == "") { - $rpm_filt="active"; - } - echo '<p>Filter: '; - echo '<b>active</b>'; - $ros_cms_intern_users_filt = " "; - echo '</p>'; - - if ($rpm_sort == "") { - $rpm_sort="id"; - } - echo '<p>Sorted by: '; - if ($rpm_sort == "id") { - echo '<b>user ID</b>'; - $ros_cms_intern_users_sortby="usergroupmember_userid"; - $ros_cms_intern_users_sort="ASC"; - } - else { - echo '<a href="?page=admin&sec=usrgrpmbr&sec2=view&sort=id&filt=' .$rpm_filt.'&opt='.$rpm_opt.'&langid='.$rpm_lang_id.'">user ID</a>'; - } - echo ' | '; - if ($rpm_sort == "group") { - echo '<b>group ID</b>'; - $ros_cms_intern_users_sortby="usergroupmember_usergroupid"; - $ros_cms_intern_users_sort="ASC"; - } - else { - echo '<a href="?page=admin&sec=usrgrpmbr&sec2=view&sort=group&fil t='.$rpm_filt.'&opt='.$rpm_opt.'&langid='.$rpm_lang_id.'">group ID</a>'; - } - echo '</p>'; - -?> - <table width="100%" border="0" cellpadding="1" cellspacing="1"> - <tr bgcolor="#5984C3"> - <td width="6%"> - <div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Action</strong></font></div></td> - <td width="4%" bgcolor="#5984C3"> - <div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>ID</strong></font></div></td> - <td width="20%" bgcolor="#5984C3"> - <div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Nick</strong></font></div></td> - <td width="20%"> - <div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Usergroup</strong></font></div></td> - <td width="50%" bgcolor="#5984C3"> - <div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Usergroup - description</strong></font></div></td> - </tr> - <?php - - if($roscms_intern_account_level==100) { - $query_page = mysql_query("SELECT * - FROM usergroup_members - $ros_cms_intern_users_filt $ros_cms_intern_users_lang - ORDER BY '$ros_cms_intern_users_sortby' $ros_cms_intern_users_sort") ; - } - else { - $query_page = mysql_query("SELECT * - FROM usergroup_members - $ros_cms_intern_users_filt AND user_account_hidden != 0 $ros_cms_intern_users_lang - ORDER BY '$ros_cms_intern_users_sortby' $ros_cms_intern_users_sort") ; - } - - $farbe1=$roscms_intern_color1; - $farbe2=$roscms_intern_color2; - $zaehler="0"; - //$farbe="#CCCCC"; - - while($result_page = mysql_fetch_array($query_page)) { // users -?> - <tr> - <td width="9%" valign="middle" bgcolor="<?php - $zaehler++; - if ($zaehler == "1") { - echo $farbe1; - $farbe = $farbe1; - } - elseif ($zaehler == "2") { - $zaehler="0"; - echo $farbe2; - $farbe = $farbe2; - } - ?>" title="RosCMS action buttons:

* View account
* Delete account
* Email
* Website"> - <div align="center"><img src="images/view.gif" alt="View" width="19" height="18" border="0"></div></td> - <td width="7%" valign="middle" bgcolor="<?php echo $farbe; ?>"> <div align="center"><font face="Arial, Helvetica, sans-serif"><?php echo "<b>".$result_page['usergroupmember_userid']."</b>"; ?></font></div></td> - <td width="10%" valign="middle" bgcolor="<?php echo $farbe; ?>"><font face="Arial, Helvetica, sans-serif"><?php - $query_usra = mysql_query("SELECT user_id, user_name FROM users WHERE user_id = '".$result_page['usergroupmember_userid']."'") or die('DB error (membership script)!'); - $result_usra = mysql_fetch_array($query_usra) or die('DB error (show_sessions script)'); - - echo $result_usra['user_name']; ?> - </font></td> - <td width="13%" valign="middle" bgcolor="<?php echo $farbe; ?>" title="<?php echo $result_page['usergroupmember_usergroupid']; ?>"><div align="left"><font face="Arial, Helvetica, sans-serif"> - <?php - //echo "SELECT usrgroup_name_id, usrgroup_name FROM usergroups WHERE usrgroup_name_id = '".$result_page['usergroupmember_usergroupid']."'<br>"; - $query_grpb = mysql_query("SELECT usrgroup_name_id, usrgroup_name, usrgroup_description FROM usergroups WHERE usrgroup_name_id = '".$result_page['usergroupmember_usergroupid']."'") or die('DB error (membership script)!'); - $result_grpb = mysql_fetch_array($query_grpb) or die('DB error (membership script)'); - - echo $result_grpb['usrgroup_name']; - ?> - </font></div></td> - <td width="15%" valign="middle" bgcolor="<?php echo $farbe; ?>"> <font face="Arial, Helvetica, sans-serif"><?php - echo substr(htmlentities($result_grpb['usrgroup_description'], ENT_QUOTES), 0, 50)."..."; - ?></font></tr> - <?php - } // end while -?> - </table> - <?php - $roscms_infotable = "user"; - include("inc/inc_description_table.php"); -?> -</div> _____ Modified: trunk/web/reactos.org/htdocs/roscms/inc/inc_description_table.php --- trunk/web/reactos.org/htdocs/roscms/inc/inc_description_table.php 2005-12-06 19:43:53 UTC (rev 19937) +++ trunk/web/reactos.org/htdocs/roscms/inc/inc_description_table.php 2005-12-06 19:57:28 UTC (rev 19938) @@ -30,7 +30,7 @@ <td width="50%" valign="top"> <table width="100%" border="0"> <tr> <td width="25" valign="top"><img src="images/view.gif" width="19" height="18" border="0"></td> - <td valign="middle"><font size="1"><strong>View</strong> entry</font></td> + <td valign="middle"><font size="1"><strong>View/Edit</strong> entry</font></td> </tr> <tr> <td valign="top"><img src="images/tool.gif" width="19" height="18" border="0"></td> @@ -96,8 +96,12 @@ <td width="50%" valign="top"> <table width="100%" border="0"> <tr> <td width="25" valign="top"><img src="images/view.gif" width="19" height="18" border="0"></td> - <td valign="middle"><font size="1"><strong>View</strong> entry</font></td> + <td valign="middle"><font size="1"><strong>View/Edit</strong> entry</font></td> </tr> + <tr> + <td valign="top"><img src="images/tool.gif" width="19" height="18" border="0"></td> + <td valign="middle"><font size="1"><strong>Add</strong> entry</font></td> + </tr> <tr> <td valign="top"><img src="images/delete.gif" width="19" height="18"></td> <td valign="middle"><font size="1"><strong>Delete</strong> entry</font></td> _____ Modified: trunk/web/reactos.org/htdocs/roscms/inc/website_status.php --- trunk/web/reactos.org/htdocs/roscms/inc/website_status.php 2005-12-06 19:43:53 UTC (rev 19937) +++ trunk/web/reactos.org/htdocs/roscms/inc/website_status.php 2005-12-06 19:57:28 UTC (rev 19938) @@ -40,7 +40,7 @@ <td width="200"> <div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Title</strong></font></div></td> <td width="250"><div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Description</strong></font></div></td> - <td width="150"><div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Filename</strong></font></div></td> + <td width="200"><div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Name</strong></font></div></td> <td width="150"> <div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Language</strong></font></div></td> <td width="150"><div align="center"><font color="#FFFFFF" face="Arial, Helvetica, sans-serif"><strong>Date & Time </strong></font></div></td> @@ -53,7 +53,7 @@ AND `content_visible` = 1 AND `content_type` = 'default' ORDER BY `content_id` DESC - LIMIT 0 , 10 ;") ; + LIMIT 0 , 15 ;") ; $color=""; $color1=$roscms_intern_color1; $color2=$roscms_intern_color2; @@ -74,7 +74,7 @@ [truncated at 1000 lines; 61 more skipped]

1 0

[gvg] 19937: Tag 1.4.8
by gvg＠svn.reactos.com 06 Dec '05

06 Dec '05

Tag 1.4.8 Added: vendor/mediawiki/1.4.8/ _____ Copied: vendor/mediawiki/1.4.8 (from rev 19934, vendor/mediawiki/current)

1 0

← Newer
1
...
53
54
55
56
57
58
59
...
71
Older →

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Ros-diffs December 2005