As in wikiFN cleaning the id should be optional, but still the default, in mediaFN as well.

when a form was submitted with an empty input, that data should still
overwrite the preset value.

This should fix the test problems errors in #1527. When requesting a
HTTPS URI from a HTTP only proxy, the initial connection is *not* TLS
secured. The URI scheme is only relevant when directly connecting.

This also changes the (wrong) assumption that everything on port 443 is
always TLS secured. Only the URI scheme should decide that.

This is to ensure that we use SSL/TLS if a custom port is defined an no
proxy is used.

Fixes #1526

The header() method of PHP is vulnerable to HTTP Response Splitting
attacks.

This change makes sure the URL passed to send_redirect (and thus to
header()) does not contain any control characters that would be needed
to execute such an attack.

Cleaning input is recommended anyway.

New Python Django application default to PBKDF2 with SHA256 as a
password mechanism. This adds support for that mechanism in our
password hasher class. This will be needed in the tests for the new
PDO auth plugin.

As discussed in #1471, an uninitialized variable will always be
implicitly created when passed to the blank() function. Calling isset()
is thus a no-op. A warning about this behavior has been added to the
function comment.

This makes the saveWikiText() function a little easier to read and moves
external edit handling to its own function. Behavior stays the same
(tests are unchanged).

In addition a new event COMMON_WIKIPAGE_SAVE is introduced that makes
intercepting and acting on page saves much easier than possible before.

Developers can:

* prevent saves by either preventing the default action or overwriting
  the contentChanged field in a BEFORE hook
* enforce saves even when no content changed by overwriting the
  contentChanged field in a BEFORE hook
* Adjust the saved content by modifying the newContent field in a BEFORE
  hook
* Adjust the stored change log information (summary, type, extras) in an
  AFTER hook
* Easily know if a page was deleted, created or edited by inspecting the
  changeType field
* what ever they want before or after a wiki page is saved

You really never want to search the whole filesystem, so something must
have gone wrong. Better abort than go on.

The opening tag of the button was self closing, creating invalid HTML.

See https://forum.dokuwiki.org/thread/13346 for initial report

Just translation of lang array items in inc/lang main php file

4th translations session - stopwords

Third translation session of inc/lang

Second translation

The token login was introduced for the flash uploader. Since it has been
removed there is no need for this code anymore.

Instead of having various function_exists checks all over the place,
this introduces the constants DOKU_HAS_GZIP and DOKU_HAS_BZIP. All
non-3rdparty parts of the code using gz* functions should now check if
zlib is actually available.