Revert "tmp" for inc/html.php as it breaks the diff output

This reverts commit fa7c70ff4d7f9999466436e7d559eb0c81571779.

Fix getBaseURL for literal IPv6 addresses in URLs (RFC 2732) + test case

increase indexer version to reforce rebuild for the new title index

increased msg count

Fix several security issues in the XML-RPC interface

For locks and getRevisions there hasn't been any acl check. In many
other cases the id hadn't been cleaned before the acl check was done
which me

Fix several security issues in the XML-RPC interface

For locks and getRevisions there hasn't been any acl check. In many
other cases the id hadn't been cleaned before the acl check was done
which means that many acl rules that should be applied weren't applied.
So e.g. when you have read permissions for the root namespace but not
for a subnamespace you could add a leading ":" and the permissions for
the root namespace will be used instead of the permissions for the
subnamespace. This did not apply to writing pages and reading media
files, but writing and deleting media files have been concerned as well
as reading both plain and html versions of pages.

This only concerns installations where XML-RPC is enabled (default is
disabled) and XML-RPC is allowed for all or untrusted users.

show more ...

Revert "tmp: disable notices in doku.php"

This reverts commit 58a22bd0570451af9e62b659343dd47a26bacb3f.

It was accidentally pushed to the repo.

Remove superfluous headers, fix XML-RPC with gzip enabled

This removes headers that are sent by PHP/the webserver anyway as they
are possibly wrong as e.g. when gzip compression is enabled in
inc/in

Remove superfluous headers, fix XML-RPC with gzip enabled

This removes headers that are sent by PHP/the webserver anyway as they
are possibly wrong as e.g. when gzip compression is enabled in
inc/init.php (which does happen when the client supports gzip) the
content size is smaller than the one that was specified by the
content-length header and thus e.g. the Python XML-RPC client fails with
an error message because of the size mismatch. Additionally the content
encoding is now set to utf-8 in the http headers.

show more ...

Handle renamed authorization variables

Sometimes (when using rewriting with the workaround for CGI mode
described at
http://www.besthostratings.com/articles/http-auth-php-cgi.html) the
HTTP_AUTHORIZ

Handle renamed authorization variables

Sometimes (when using rewriting with the workaround for CGI mode
described at
http://www.besthostratings.com/articles/http-auth-php-cgi.html) the
HTTP_AUTHORIZATION variable is renamed, this change detects this
renaming and uses the renamed variable.

show more ...

Added hmd5 and pmd5 as passcrypt choices in config manager

Added support for Wordpress' password hashing FS#2134

added unit test for kmd5 password hashing

don't use » for non hierarchical breadcrumbs FS#2135

Not sure if this sympol is the best to use. I'm open for different
suggestions.

Template auhtors still can overwrite the symbol of course.

made ajax quicksearch its own object

This makes it possible for plugin and template authors to overwrite or
extend the quicksearch JavaScript logic.

added missing change for path length shortener in ajax backend

Deprecate $NS in doku.php

$NS is only used in lib/exe/{ajax,mediamanager}.php when no $ID context
is present. The two functions which use $NS in inc/template.php are only
called through those both e

Deprecate $NS in doku.php

$NS is only used in lib/exe/{ajax,mediamanager}.php when no $ID context
is present. The two functions which use $NS in inc/template.php are only
called through those both endpoints, not through doku.php. In doku.php,
$ID is the only correct value, $NS is not kept synchronous with $ID.

Use getNS($ID) in functions which are called through doku.php.

show more ...

correctly(?) shorten namespaces for RTL langunages in quicksearch

shorten quicksearch namespaces in JavaScript

This patch moves the shortening of namespaces in the quicksearch results
to JavaScript. This makes it independend from used template and will
always try

shorten quicksearch namespaces in JavaScript

This patch moves the shortening of namespaces in the quicksearch results
to JavaScript. This makes it independend from used template and will
always try to fill the width of the result pane correctly.

Things missing:

* Make it work with RTL-languages
* Check Browser compatibility (only tested in Chrome so far)

show more ...

German (informal) language update

German language update

coding style fix

updated adLDAP library to 3.3.2

[+] New feature: Move the user to a new OU using user_move() function
[-] Bug fix: Prevent an 'undefined index' error in recursive_groups()
when full PHP E_ALL lo

updated adLDAP library to 3.3.2

[+] New feature: Move the user to a new OU using user_move() function
[-] Bug fix: Prevent an 'undefined index' error in recursive_groups()
when full PHP E_ALL logging is enabled
[-] Bug fix: user_groups() does not return primary group when objectsid
is not given (Tracker ID:2931213)
[-] Bug fix: Undefined index in function user_info for non-existent
users (Tracker ID:2922729)
[-] Bug fix: Force user_info to find objectCategory of person as if a
sAMAccountName also exists in a group it will return that group.
(Tracker ID:3006096)
[-] Bug fix: Return false for user_info if the user does not exist
[-] Bug fix: user_info, checks for for a "count" value that not exist in
$entries array if "memberof" isn't passed in $fields array. (Tracker
ID:2993172)
[-] Bug fix: In authenticate() if user authentication fails function
returns and does not rebind with admin credentials - so the other
funcions don't work anymore as $this->_bind === false. (Tracker
ID:2987887)
[-] Bug fix: When calling $ldap->user_modify('user',
array("expires"=>0)) the function fails due to the value being 0.
Changed to isset (Tracker ID:3036726)

show more ...

Hebrew language update

fixed brackets

removed setter/getter to match coding style

since we don't use setter/getters for the other options it doesn't make
sense to have them for the keep-alive function

do not reuse errornous http connections

As soon as something goes wrong while querying a http server
do not reuse the same connection again, its state is undefined.

In addition, check the connectio

do not reuse errornous http connections

As soon as something goes wrong while querying a http server
do not reuse the same connection again, its state is undefined.

In addition, check the connection for feof() before reusing it.

show more ...