diff --git a/inc/RemoteAPICore.php b/inc/RemoteAPICore.php
index 9da4932107aba85e5dc0007ed16a0a65dfb02958..36c5188815caf0d9430637aab438261a37458e7b 100644
--- a/inc/RemoteAPICore.php
+++ b/inc/RemoteAPICore.php
@@ -169,7 +169,7 @@ class RemoteAPICore {
* @return page text.
*/
function rawPage($id,$rev=''){
- $id = cleanID($id);
+ $id = $this->resolvePageId($id);
if(auth_quickaclcheck($id) < AUTH_READ){
throw new RemoteAccessDeniedException('You are not allowed to read this file', 111);
}
@@ -228,7 +228,7 @@ class RemoteAPICore {
* Return a wiki page rendered to html
*/
function htmlPage($id,$rev=''){
- $id = cleanID($id);
+ $id = $this->resolvePageId($id);
if(auth_quickaclcheck($id) < AUTH_READ){
throw new RemoteAccessDeniedException('You are not allowed to read this page', 111);
}
@@ -356,14 +356,14 @@ class RemoteAPICore {
* Return a list of backlinks
*/
function listBackLinks($id){
- return ft_backlinks(cleanID($id));
+ return ft_backlinks($this->resolvePageId($id));
}
/**
* Return some basic data about a page
*/
function pageInfo($id,$rev=''){
- $id = cleanID($id);
+ $id = $this->resolvePageId($id);
if(auth_quickaclcheck($id) < AUTH_READ){
throw new RemoteAccessDeniedException('You are not allowed to read this page', 111);
}
@@ -394,7 +394,7 @@ class RemoteAPICore {
global $TEXT;
global $lang;
- $id = cleanID($id);
+ $id = $this->resolvePageId($id);
$TEXT = cleanText($text);
$sum = $params['sum'];
$minor = $params['minor'];
@@ -507,7 +507,7 @@ class RemoteAPICore {
* Returns the permissions of a given wiki page
*/
function aclCheck($id) {
- $id = cleanID($id);
+ $id = $this->resolvePageId($id);
return auth_quickaclcheck($id);
}
@@ -517,7 +517,7 @@ class RemoteAPICore {
* @author Michael Klier <chi@chimeric.de>
*/
function listLinks($id) {
- $id = cleanID($id);
+ $id = $this->resolvePageId($id);
if(auth_quickaclcheck($id) < AUTH_READ){
throw new RemoteAccessDeniedException('You are not allowed to read this page', 111);
}
@@ -633,7 +633,7 @@ class RemoteAPICore {
* @author Michael Klier <chi@chimeric.de>
*/
function pageVersions($id, $first) {
- $id = cleanID($id);
+ $id = $this->resolvePageId($id);
if(auth_quickaclcheck($id) < AUTH_READ) {
throw new RemoteAccessDeniedException('You are not allowed to read this page', 111);
}
@@ -711,7 +711,7 @@ class RemoteAPICore {
$unlockfail = array();
foreach((array) $set['lock'] as $id){
- $id = cleanID($id);
+ $id = $this->resolvePageId($id);
if(auth_quickaclcheck($id) < AUTH_EDIT || checklock($id)){
$lockfail[] = $id;
}else{
@@ -721,7 +721,7 @@ class RemoteAPICore {
}
foreach((array) $set['unlock'] as $id){
- $id = cleanID($id);
+ $id = $this->resolvePageId($id);
if(auth_quickaclcheck($id) < AUTH_EDIT || !unlock($id)){
$unlockfail[] = $id;
}else{
@@ -764,6 +764,14 @@ class RemoteAPICore {
return $ok;
}
+ private function resolvePageId($id) {
+ $id = cleanID($id);
+ if(empty($id)) {
+ global $conf;
+ $id = cleanID($conf['start']);
+ }
+ return $id;
+ }
}
diff --git a/lib/exe/xmlrpc.php b/lib/exe/xmlrpc.php
index cf3682f11b6f3c7e506bff7dc8144001d00b5055..5e6c197d03769b15723733b133251dffe6c71379 100644
--- a/lib/exe/xmlrpc.php
+++ b/lib/exe/xmlrpc.php
@@ -30,10 +30,11 @@ class dokuwiki_xmlrpc_server extends IXR_Server {
} catch (RemoteAccessDeniedException $e) {
if (!isset($_SERVER['REMOTE_USER'])) {
header('HTTP/1.1 401 Unauthorized');
+ return new IXR_Error(-32603, "server error. not authorized to call method $methodname");
} else {
header('HTTP/1.1 403 Forbidden');
+ return new IXR_Error(-32604, "server error. forbidden to call the method $methodname");
}
- return new IXR_Error(-32603, "server error. not authorized to call method $methodname");
} catch (RemoteException $e) {
return new IXR_Error($e->getCode(), $e->getMessage());
}