give better error message in HTTPClient for failed crypto setup

translation update

Speed up indexer on lighttpd by using tpl_flush()

use correct host in proxy tests

Add english description for new authldap options

Add description for modPass-Option

Added file-in-use reference to page

Added file-in-use reference to page

Added file-in-use reference to page

Added english translation for file-in-use reference

Added file-in-use reference to page

Added german translation for file-in-use reference

Added file-in-use reference to page

Added german translation for file-in-use reference

Escape user strings given to adLDAP

Explain functions in docstrings

Clean up code, add phpdoc comments, some refactoring, etc.

Disable the ``last`` button when filtering groups

Since we cannot effectively filter for groups and have to work with
incremental prefetching, the ``last`` button is mostly broken/buggy.
Hence it is

Disable the ``last`` button when filtering groups

Since we cannot effectively filter for groups and have to work with
incremental prefetching, the ``last`` button is mostly broken/buggy.
Hence it is disabled in this usecase.

show more ...

When filtering for group implement prefetching

Create and use ad search for user, name and email

Get total number of users in ad, needed for paging

send JavaScript with correct mimetype

While Browsers (IE of course) still fail to accept the correct
application/javascript mimetype in the type attribute of the script
element, we should serve the

send JavaScript with correct mimetype

While Browsers (IE of course) still fail to accept the correct
application/javascript mimetype in the type attribute of the script
element, we should serve the scripts with the correct Content-Type
header at least. This is especially important as the default
configuration of mod_deflate expects application/javascript and will not
compress text/javascript.

show more ...

Two new authldap config options: 'userkey' denotes the LDAP
attribute holding the username, 'modPass' allows to disable
password changing by the user.

Adding user and groups as optional parameters to wiki.aclCheck

Reverting changes so as to use already existing function, and adding admin check

remove additional sidebar bottom margin in phone mode

translation update

check permissions in ACL plugin's RPC API component. #1056

Security Fix

Severity: Medium
Type: Remote Priviledge Escalation
Remote: yes

Vulnerability Details:

This fixes a security hole in

check permissions in ACL plugin's RPC API component. #1056

Security Fix

Severity: Medium
Type: Remote Priviledge Escalation
Remote: yes

Vulnerability Details:

This fixes a security hole in the ACL plugins remote API component. The
plugin failed to check for superuser permissions before executing ACL
addition or deletion. This means everybody with permissions to call the
XMLRPC API also had permissions to set up their own ACL rules and thus
circumventing any existing rules.

Risk Assessment:

The XMLRPC API in DokuWiki is marked experimental and off by default. It
also implements an additional safeguard by giving access to a configured
circle of users and groups only. So only a minor number of DokuWiki
installations will be affected at all.
For affected installations the risk is high if users with access to the
API are not to be trusted.
Thus the overall severity of medium.

Resolution:

Installations applying this commit are safe. A hotfix is about to be
released. Meanwhile users are advised to disable the XMLRPC API in the
config manager.

show more ...

Fixing bugs found by scrutinizer