This reverts commit fa7c70ff.

For locks and getRevisions there hasn't been any acl check. In many
other cases the id hadn't been cleaned before the acl check was done
which means that many acl rules that should be applied weren't applied.
So e.g. when you have read permissions for the root namespace but not
for a subnamespace you could add a leading ":" and the permissions for
the root namespace will be used instead of the permissions for the
subnamespace. This did not apply to writing pages and reading media
files, but writing and deleting media files have been concerned as well
as reading both plain and html versions of pages.

This only concerns installations where XML-RPC is enabled (default is
disabled) and XML-RPC is allowed for all or untrusted users.

This reverts commit 58a22bd0.

It was accidentally pushed to the repo.

This removes headers that are sent by PHP/the webserver anyway as they
are possibly wrong as e.g. when gzip compression is enabled in
inc/init.php (which does happen when the client supports gzip) the
content size is smaller than the one that was specified by the
content-length header and thus e.g. the Python XML-RPC client fails with
an error message because of the size mismatch. Additionally the content
encoding is now set to utf-8 in the http headers.

Sometimes (when using rewriting with the workaround for CGI mode
described at
http://www.besthostratings.com/articles/http-auth-php-cgi.html) the
HTTP_AUTHORIZATION variable is renamed, this change detects this
renaming and uses the renamed variable.

Not sure if this sympol is the best to use. I'm open for different
suggestions.

Template auhtors still can overwrite the symbol of course.

This makes it possible for plugin and template authors to overwrite or
extend the quicksearch JavaScript logic.

$NS is only used in lib/exe/{ajax,mediamanager}.php when no $ID context
is present. The two functions which use $NS in inc/template.php are only
called through those both endpoints, not through doku.php. In doku.php,
$ID is the only correct value, $NS is not kept synchronous with $ID.

Use getNS($ID) in functions which are called through doku.php.

This patch moves the shortening of namespaces in the quicksearch results
to JavaScript. This makes it independend from used template and will
always try to fill the width of the result pane correctly.

Things missing:

  * Make it work with RTL-languages
  * Check Browser compatibility (only tested in Chrome so far)

[+] New feature: Move the user to a new OU using user_move() function
[-] Bug fix: Prevent an 'undefined index' error in recursive_groups()
    when full PHP E_ALL logging is enabled
[-] Bug fix: user_groups() does not return primary group when objectsid
    is not given (Tracker ID:2931213)
[-] Bug fix: Undefined index in function user_info for non-existent
    users (Tracker ID:2922729)
[-] Bug fix: Force user_info to find objectCategory of person as if a
    sAMAccountName also exists in a group it will return that group.
    (Tracker ID:3006096)
[-] Bug fix: Return false for user_info if the user does not exist
[-] Bug fix: user_info, checks for for a "count" value that not exist in
    $entries array if "memberof" isn't passed in $fields array. (Tracker
    ID:2993172)
[-] Bug fix: In authenticate() if user authentication fails function
    returns and does not rebind with admin credentials - so the other
    funcions don't work anymore as $this->_bind === false. (Tracker
    ID:2987887)
[-] Bug fix: When calling $ldap->user_modify('user',
    array("expires"=>0)) the function fails due to the value being 0.
    Changed to isset (Tracker ID:3036726)

since we don't use setter/getters for the other options it doesn't make
sense to have them for the keep-alive function

As soon as something goes wrong while querying a http server
do not reuse the same connection again, its state is undefined.

In addition, check the connection for feof() before reusing it.

Using a static context for the connection pool allows connection
reuse throughout the whole application without additional changes
in other places.

The DokuHTTPClient is now able to keep connections alive. This
feature is enabled by default. It can be disabled with
    $client->setKeepAlive(false);
and asked with
    $client->isKeepAlive();.

Before this change metaFiles didn't return anything for ids where the
part without the namespace needs (utf-8) filename escaping.

This commit introduces a new define P_GET_FIRST_HEADING_METADATA_LIMIT
that can be set in preload.php in order to change the limit for how many
pages the first heading shall be loaded from metadata in
p_get_first_heading. Changing this is probably most interesting for
Wikis with a lot of pages where loading the title index costs a
significant amount of time and memory.

This makes sure that the indexer is also called for hidden pages so they
aren't missing in the title index and digest subscriptions work for
them, too. Hidden pages are already filtered from the search results.

This commit fixes two bugs that occurred when msg() was called after
html_msgarea() had already been called.
- the $MSG array is now cleared when it has been printed (otherwise $MSG
  has been printed again when another msg() call was done)
- headers_sent() didn't work for me, it always reported false although
  html_msgarea() had already been called which might be explainable with
  output buffering. This makes msg() now depend on the first call of
  html_msgarea() or headers_sent() in order to not to break msg() in
  ajax requests etc.

This change makes p_get_first_heading load the title index when more
than 11 requests that caused a call to p_get_metadata have already been
done. This means that small pages and the breadcrums won't trigger the
loading of the title index but for larger pages or the sitemap the title
index will be used. This is necessary because every call to
p_get_metadata can trigger the parsing and rendering of a whole page and
there can be many calls when useheading is activated and e.g. the
index/sitemap page is displayed.

Additionally this adds a small title cache that caches titles requested
from p_get_metadata.

Further tests should be done how this affects memory usage and how often
the index loading is triggered in order to see if that parameter should
be adjusted.

p_get_metadata has a $render parameter that has been disabled by the
restructuring of metadata rendering. This change reactivates it so
rendering metadata can be prevented. This is e.g. used in the search and
in some plugins like indexmenu that use p_get_first_heading. The default
of the parameter has been changed to true as otherwise the new caching
structure won't work as almost all calls to p_get_metadata don't set the
$render parameter.
The indexer call to p_get_first_heading has been changed to set $render
to true as in the indexer only one page will be rendered and the title
in the index should really be the current one.
This does not fix the problem that rendering pages with lots of links or
displaying the index can cause the parsing/rendering of a lot of pages.

Filenames can't contain ":" on windows and the lock directory contained
the unescaped page id. The lock function tries in an endless loop to
create the lock directory when it fails and the directory doesn't exist.
Just escaping the directory name won't work as then the filename length
limit will be quickly hit when using deep namespace structures with utf8
names. Thus using the md5sum seems to be the best solution. Perhaps the
lock function could also be changed to create a file with that name that
contains the id so the id can be retrieved for debugging purposes.