panicsteve / w2wiki Goto Github PK
View Code? Open in Web Editor NEWA web-based, wiki-like notepad that you host yourself
License: MIT License
A web-based, wiki-like notepad that you host yourself
License: MIT License
Big fan of your wiki, thanks for sharing!
Since I saw no license hint, I was wondering under which conditions you are releasing this code? I love what you've done and have started to adapt it to my use case already (see codeling/w2wiki); I'm feeling a bit queasy though because of the missing license information - would it be possible to add some hint regarding that? Thanks!
Is it possible to delete a page via the interface? Maybe something like a "Delete" button next to the "Edit" one?
Hi Steve,
First thing first, love your w2wiki so much and thank you so much for creating a simple but elegant solution.
This behaviour happens when I did as below
I tried to remove that stripslashes call and all content looks fine. Any rationale for that call?
Cheers,
Nam
A link to [[A#B]] renders as w2wiki.org/index.php/A#B, and is eventually written to a file called "A".
The title says it all really. The demo at http://stevenf.com/w2demo/ no longer works
Looking at this recent commit, I wondered why only links and images should be specially treated for html entities; what specific forms of XSS are prevented by that?
The wiki in its current form allows for HTML to be entered as far as my tests are concerned; entering
<script>alert('Hello');</script>
on a page brings up an alert box...
Doesn't the htmlentities
handling need to happen earlier (on $inText
at the start of toHTML
)? The one happening right before the end of toHTML
doesn't do anything ($inText
isn't used anymore after that), and would break the previously inserted images/links etc. anyway...
I've tried a fix in my fork: codeling@77cb75d
and it seems to at least prevent the simple XSS shown above.
I get warnings printed to my nginx error log on every page load. The page loads fine, it's just nice to remove this to make logs more readable.
2022/04/21 13:56:37 [error] 15114#15114: *324651 FastCGI sent in stderr: "PHP message: PHP Notice: Undefined variable: text in /var/www/lexicon1/index.php on line 490" while reading response header from upstream, client: ::ffff:174.101.140.242, server: lexicon.za3k.com, request: "GET /index.php/LexiconOne HTTP/1.1", upstream: "fastcgi://unix:/var/run/php/php7.3-fpm.sock:", host: "lexicon.za3k.com"
HI
Could you please add a password function for edit pages / save changes, not only to access the wiki ?
CHEERS
You just updated the markdown libraries to add PHP 8 support. Unfortunately, this broke PHP 7.3 support. PHP 7.3 is the latest available in debian buster (one version ago, which I'm running), though 7.4 is available in the latest stable. The problems introduced were:
public string
, protected int
etc are not available in 7.3. Many instancesreadme.txt
still says this supports PHP 4. Could you update the docs or fix the problem? Happy to provide a PR if you're okay patching the library as a solution, which is what I did.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.