changeset 5144:12d27670e274

merged moin/1.8
author Thomas Waldmann <tw AT waldmann-edv DOT de>
date Mon, 14 Sep 2009 02:47:11 +0200
parents b7c8c6eb7690 (current diff) 2d080ca7f8bd (diff)
children 262be8bcef0d
files .hgignore .hgtags MoinMoin/auth/openidrp.py MoinMoin/events/emailnotify.py MoinMoin/formatter/text_html.py MoinMoin/i18n/cs.MoinMoin.po MoinMoin/i18n/es.MoinMoin.po MoinMoin/i18n/fr.MoinMoin.po MoinMoin/i18n/nb.MoinMoin.po MoinMoin/i18n/pl.MoinMoin.po MoinMoin/macro/EmbedObject.py MoinMoin/mail/mailimport.py MoinMoin/script/migration/1080300.py MoinMoin/script/migration/1080400.py MoinMoin/script/migration/1080500.py MoinMoin/userprefs/suid.py MoinMoin/util/filesys.py MoinMoin/version.py MoinMoin/web/static/htdocs/applets/FCKeditor/_whatsnew.html MoinMoin/web/static/htdocs/applets/FCKeditor/editor/_source/fckeditorapi.js MoinMoin/web/static/htdocs/applets/FCKeditor/editor/dialog/fck_about.html MoinMoin/web/static/htdocs/applets/FCKeditor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.pl MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/asp/basexml.asp MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/asp/commands.asp MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/asp/connector.asp MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/asp/io.asp MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/asp/upload.asp MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/cfm/cf5_connector.cfm MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/cfm/cf5_upload.cfm MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/cfm/cf_basexml.cfm MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/cfm/cf_commands.cfm MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/cfm/cf_io.cfm MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/cfm/cf_upload.cfm MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/cfm/config.cfm MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/lasso/connector.lasso MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/lasso/upload.lasso MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/perl/basexml.pl MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/perl/commands.pl MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/perl/config.pl MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/perl/connector.cgi MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/perl/io.pl MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/perl/upload.cgi MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/perl/upload_fck.pl MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/perl/util.pl MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/php/basexml.php MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/php/commands.php MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/php/config.php MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/php/io.php MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/php/upload.php MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/py/connector.py MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/py/fckcommands.py MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/py/fckoutput.py MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/py/fckutil.py MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/py/upload.py MoinMoin/web/static/htdocs/applets/FCKeditor/editor/js/fckeditorcode_gecko.js MoinMoin/web/static/htdocs/applets/FCKeditor/editor/js/fckeditorcode_ie.js MoinMoin/web/static/htdocs/applets/FCKeditor/fckeditor.js MoinMoin/web/static/htdocs/applets/FCKeditor/fckeditor.pl MoinMoin/widget/browser.py MoinMoin/wikiutil.py docs/CHANGES docs/INSTALL.html docs/UPDATE.html moin.spec wiki/config/more_samples/ui_wikiconfig_snippet wiki/config/wikiconfig.py wiki/config/wikifarm/farmconfig.py wiki/data/meta wiki/server/moin.wsgi wiki/underlay.tar wikiconfig.py
diffstat 61 files changed, 2227 insertions(+), 1892 deletions(-) [+]
line wrap: on
line diff
--- a/.hgignore	Mon Sep 14 01:59:33 2009 +0200
+++ b/.hgignore	Mon Sep 14 02:47:11 2009 +0200
@@ -14,4 +14,5 @@
 ^.pydevproject
 ^.settings
 ^MANIFEST
+.DS_Store
 
--- a/.hgtags	Mon Sep 14 01:59:33 2009 +0200
+++ b/.hgtags	Mon Sep 14 02:47:11 2009 +0200
@@ -35,6 +35,7 @@
 1f0db10c207f697de8d496f298167d7de76f30ac 1.8.2
 f25e6286fe1306017cda1bc614f5a9f60b382670 1.8.3
 3010c1a941856920ee564297f16570126b0231c0 1.8.4
+294b97b991d3b394aa7cf16ce18b01d8a64e6ef0 1.8.5
 d706f5d4f4ecc935a69b0c6c5b90d47a643e82c4 1.9.0beta1
 a04008fe123371f144707ac237196fd7cc37ae90 1.9.0beta2
 47679e758f79d215bd748d2f1a3ec48f46dbadb3 1.9.0beta3
--- a/MoinMoin/auth/botbouncer.py	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/auth/botbouncer.py	Mon Sep 14 02:47:11 2009 +0200
@@ -20,7 +20,7 @@
         if kw.get('multistage'):
             uid = request.session.get('botbouncer.uid', None)
             if not uid:
-                return CancelLogin()
+                return CancelLogin(None)
             openid = request.session['botbouncer.id']
             del request.session['botbouncer.id']
             del request.session['botbouncer.uid']
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/MoinMoin/auth/cas.py	Mon Sep 14 02:47:11 2009 +0200
@@ -0,0 +1,121 @@
+# -*- coding: iso-8859-1 -*-
+"""
+    MoinMoin - CAS authentication
+
+    Jasig CAS (see http://www.jasig.org/cas) authentication module.
+
+    @copyright: 2009 MoinMoin:RichardLiao
+    @license: GNU GPL, see COPYING for details.
+"""
+
+import time, re
+import urlparse
+import urllib, urllib2
+
+from MoinMoin import log
+logging = log.getLogger(__name__)
+
+from MoinMoin.auth import BaseAuth
+from MoinMoin import user, wikiutil
+
+
+class PyCAS(object):
+    """A class for working with a CAS server."""
+
+    def __init__(self, server_url, renew=False, login_path='/login', logout_path='/logout',
+                 validate_path='/validate', coding='utf-8'):
+        self.server_url = server_url
+        self.renew = renew
+        self.login_path = login_path
+        self.logout_path = logout_path
+        self.validate_path = validate_path
+        self.coding = coding
+
+    def login_url(self, service):
+        """Return the login URL for the given service."""
+        url = self.server_url + self.login_path + '?service=' + urllib.quote_plus(service)
+        if self.renew:
+            url += "&renew=true"
+        return url
+
+    def logout_url(self, redirect_url=None):
+        """Return the logout URL."""
+        url = self.server_url + self.logout_path
+        if redirect_url:
+            url += '?url=' + urllib.quote_plus(redirect_url)
+        return url
+
+    def validate_url(self, service, ticket):
+        """Return the validation URL for the given service. (For CAS 1.0)"""
+        url = self.server_url + self.validate_path + '?service=' + urllib.quote_plus(service) + '&ticket=' + urllib.quote_plus(ticket)
+        if self.renew:
+            url += "&renew=true"
+        return url
+
+    def validate_ticket(self, service, ticket):
+        """Validate the given ticket against the given service."""
+        f = urllib2.urlopen(self.validate_url(service, ticket))
+        valid = f.readline()
+        valid = valid.strip() == 'yes'
+        user = f.readline().strip()
+        user = user.decode(self.coding)
+        return valid, user
+
+
+class CASAuth(BaseAuth):
+    """ handle login from CAS """
+    name = 'CAS'
+    login_inputs = ['username', 'password']
+    logout_possible = True
+
+    def __init__(self, auth_server, login_path="/login", logout_path="/logout", validate_path="/validate"):
+        BaseAuth.__init__(self)
+        self.cas = PyCAS(auth_server, login_path=login_path,
+                         validate_path=validate_path, logout_path=logout_path)
+
+    def request(self, request, user_obj, **kw):
+        ticket = request.args.get('ticket')
+        action = request.args.get("action", [])
+        logoutRequest = request.args.get('logoutRequest', [])
+        url = request.getBaseURL() + urllib.quote_plus(request.getPathinfo().encode('utf-8'))
+
+        # # handle logout request from CAS
+        # if logoutRequest:
+            # logoutRequestMatch = re.search("<samlp:SessionIndex>(.*)</samlp:SessionIndex>", logoutRequest[0])
+            # service_ticket = logoutRequestMatch.group(1)
+            # if service_ticket:
+                # # TODO: logout
+                # return self.logout(request, user_obj)
+
+        # authenticated user
+        if user_obj and user_obj.valid:
+            return user_obj, True
+
+        # anonymous
+        if not ticket and not "login" in action:
+            return user_obj, True
+
+        # valid ticket on CAS
+        if ticket:
+            valid, username = self.cas.validate_ticket(url, ticket[0])
+            if valid:
+                u = user.User(request, auth_username=username, auth_method=self.name)
+                u.valid = valid
+                # auto create user
+                u.create_or_update(True)
+                return u, True
+
+        # login
+        request.http_redirect(self.cas.login_url(url))
+
+        return user_obj, True
+
+    def logout(self, request, user_obj, **kw):
+        if self.name and user_obj and user_obj.auth_method == self.name:
+            url = request.getBaseURL() + urllib.quote_plus(request.getPathinfo().encode('utf-8'))
+            request.http_redirect(self.cas.logout_url(url))
+
+            user_obj.valid = False
+
+        return user_obj, True
+
--- a/MoinMoin/caching.py	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/caching.py	Mon Sep 14 02:47:11 2009 +0200
@@ -131,7 +131,7 @@
 
         return needsupdate
 
-    def lock(self, mode, timeout=1.0):
+    def lock(self, mode, timeout=10.0):
         """
         acquire a lock for <mode> ("r" or "w").
         we just raise a CacheError if this doesn't work.
@@ -143,11 +143,14 @@
         """
         lock_dir = os.path.join(self.arena_dir, '__lock__')
         if 'r' in mode:
-            self._lock = lock.LazyReadLock(lock_dir, 60.0)
+            _lock = lock.LazyReadLock(lock_dir, 60.0)
         elif 'w' in mode:
-            self._lock = lock.LazyWriteLock(lock_dir, 60.0)
-        acquired = self._lock.acquire(timeout)
-        if not acquired:
+            _lock = lock.LazyWriteLock(lock_dir, 60.0)
+        acquired = _lock.acquire(timeout)
+        if acquired:
+            self._lock = _lock
+        else:
+            self._lock = None
             err = "Can't acquire %s lock in %s" % (mode, lock_dir)
             logging.error(err)
             raise CacheError(err)
--- a/MoinMoin/config/__init__.py	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/config/__init__.py	Mon Sep 14 02:47:11 2009 +0200
@@ -75,7 +75,7 @@
 url_schemas = ['http', 'https', 'ftp', 'file',
                'mailto', 'nntp', 'news',
                'ssh', 'telnet', 'irc', 'ircs', 'xmpp', 'mumble',
-               'webcal', 'ed2k', 'rootz',
+               'webcal', 'ed2k', 'apt', 'rootz',
                'gopher',
                'notes',
               ]
--- a/MoinMoin/events/emailnotify.py	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/events/emailnotify.py	Mon Sep 14 02:47:11 2009 +0200
@@ -51,7 +51,12 @@
             'username': page.uid_override or user.getUserIdentification(request),
         }
 
-    return {'subject': subject, 'text': change['text'] + pagelink + change['diff']}
+    if change.has_key('comment'):
+        comment = _("Comment:") + "\n" + change['comment'] + "\n\n"
+    else:
+        comment = ''
+
+    return {'subject': subject, 'text': change['text'] + pagelink + comment + change['diff']}
 
 
 def send_notification(request, from_address, emails, data):
--- a/MoinMoin/formatter/text_html.py	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/formatter/text_html.py	Mon Sep 14 02:47:11 2009 +0200
@@ -602,7 +602,7 @@
 
     # Attachments ######################################################
 
-    def attachment_link(self, on, url=None, **kw):
+    def attachment_link(self, on, url=None, querystr=None, **kw):
         """ Link to an attachment.
 
             @param on: 1/True=start link, 0/False=end link
@@ -610,7 +610,8 @@
         """
         assert on in (0, 1, False, True) # make sure we get called the new way, not like the 1.5 api was
         _ = self.request.getText
-        querystr = kw.get('querystr', {})
+        if querystr is None:
+            querystr = {}
         assert isinstance(querystr, dict) # new in 1.6, only support dicts
         if 'do' not in querystr:
             querystr['do'] = 'view'
@@ -620,13 +621,14 @@
             fname = wikiutil.taintfilename(filename)
             if AttachFile.exists(self.request, pagename, fname):
                 target = AttachFile.getAttachUrl(pagename, fname, self.request, do=querystr['do'])
-                title = "attachment:%s" % url
-                css = 'attachment'
+                if not 'title' in kw:
+                    kw['title'] = "attachment:%s" % url
+                kw['css'] = 'attachment'
             else:
                 target = AttachFile.getAttachUrl(pagename, fname, self.request, do='upload_form')
-                title = _('Upload new attachment "%(filename)s"') % {'filename': fname}
-                css = 'attachment nonexistent'
-            return self.url(on, target, css=css, title=title)
+                kw['title'] = _('Upload new attachment "%(filename)s"') % {'filename': fname}
+                kw['css'] = 'attachment nonexistent'
+            return self.url(on, target, **kw)
         else:
             return self.url(on)
 
--- a/MoinMoin/macro/EmbedObject.py	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/macro/EmbedObject.py	Mon Sep 14 02:47:11 2009 +0200
@@ -201,8 +201,19 @@
         if mt.minor == 'pdf':
             width = width or '100%'
             height = height or '800px'
-
-        embed_src = '''
+            embed_src = '''
+<object %(ob_data)s %(ob_type)s %(ob_width)s %(ob_height)s %(ob_align)s>
+<p>%(alt)s</p>
+</object>''' % {
+    "ob_data": _check_object_value("data", url),
+    "ob_width": _check_object_value("width", width),
+    "ob_height": _check_object_value("height", height),
+    "ob_type": _check_object_value("type", mime_type),
+    "ob_align": _check_object_value("align", align),
+    "alt": wikiutil.escape(alt),
+}
+        else:
+            embed_src = '''
 <object %(ob_data)s %(ob_type)s %(ob_width)s %(ob_height)s %(ob_align)s>
 %(movie)s%(quality)s%(wmode)s%(autostart)s%(play)s%(loop)s%(menu)s<p>%(alt)s</p>
 </object>''' % {
--- a/MoinMoin/mail/mailimport.py	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/mail/mailimport.py	Mon Sep 14 02:47:11 2009 +0200
@@ -231,7 +231,8 @@
 
     for att in msg['attachments']:
         i = 0
-        while 1:
+        while i < 1000: # do not create a gazillion attachments if something
+                        # strange happens, give up after 1000.
             if i == 0:
                 fname = att.filename
             else:
@@ -243,13 +244,16 @@
                 else:
                     fname = att.filename + new_suffix
             try:
-                # get the fname again, it might have changed
-                fname, fsize = add_attachment(request, pagename, fname, att.data)
-                attachments.append(fname)
+                # att.data can be None for forwarded message content - we can
+                # just ignore it, the forwarded message's text will be present
+                # nevertheless
+                if att.data is not None:
+                    # get the fname again, it might have changed
+                    fname, fsize = add_attachment(request, pagename, fname, att.data)
+                    attachments.append(fname)
+                break
             except AttachmentAlreadyExists:
                 i += 1
-            else:
-                break
 
     # build an attachment link table for the page with the e-mail
     attachment_links = [""] + [u'''[[attachment:%s|%s]]''' % ("%s/%s" % (pagename, att), att) for att in attachments]
--- a/MoinMoin/mail/sendmail.py	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/mail/sendmail.py	Mon Sep 14 02:47:11 2009 +0200
@@ -106,6 +106,8 @@
     msg['Date'] = formatdate()
     msg['Message-ID'] = make_msgid()
     msg['Subject'] = Header(subject, charset)
+    # See RFC 3834 section 5:
+    msg['Auto-Submitted'] = 'auto-generated'
 
     if cfg.mail_sendmail:
         # Set the BCC.  This will be stripped later by sendmail.
--- a/MoinMoin/parser/_tests/test_text_csv.py	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/parser/_tests/test_text_csv.py	Mon Sep 14 02:47:11 2009 +0200
@@ -47,7 +47,7 @@
     def testdelimiters(self):
         """ parser.text_csv: delimiter , """
         result = self.parse('a,b')
-        assert '<td><strong>a</strong></td>' in  result and '<td><strong>b</strong></td>' in  result
+        assert '<td class="hcolumn0"><strong>a</strong></td>' in  result and '<td class="hcolumn1"><strong>b</strong></td>' in  result
 
     def testemptyline(self):
         """ parser.text_csv: empty line """
@@ -57,7 +57,7 @@
     def testnodelimiter(self):
         """ parser.text_csv: line without delimiter """
         result = self.parse('ABCDEFGHIJ')
-        assert '<td><strong>ABCDEFGHIJ</strong></td>' in  result
+        assert '<td class="hcolumn0"><strong>ABCDEFGHIJ</strong></td>' in  result
 
 coverage_modules = ['MoinMoin.parser.text_csv']
 
--- a/MoinMoin/script/migration/1080300.py	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/script/migration/1080300.py	Mon Sep 14 02:47:11 2009 +0200
@@ -9,5 +9,5 @@
 """
 
 def execute(script, data_dir, rev):
-    return 1089999
+    return 1080400
 
--- a/MoinMoin/script/migration/1080400.py	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/script/migration/1080400.py	Mon Sep 14 02:47:11 2009 +0200
@@ -9,5 +9,5 @@
 """
 
 def execute(script, data_dir, rev):
-    return 1089999
+    return 1080500
 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/MoinMoin/script/migration/1080500.py	Mon Sep 14 02:47:11 2009 +0200
@@ -0,0 +1,13 @@
+# -*- coding: iso-8859-1 -*-
+"""
+    MoinMoin - migration from base rev 1080500
+
+    Nothing to do, we just return the new data dir revision.
+
+    @copyright: 2009 by Thomas Waldmann
+    @license: GNU GPL, see COPYING for details.
+"""
+
+def execute(script, data_dir, rev):
+    return 1089999
+
--- a/MoinMoin/security/_tests/test_security.py	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/security/_tests/test_security.py	Mon Sep 14 02:47:11 2009 +0200
@@ -197,6 +197,10 @@
         """ security: applying acl by user name"""
         # This acl string...
         acl_rights = [
+            "-MinusGuy:read "
+            "+MinusGuy:read "
+            "+PlusGuy:read "
+            "-PlusGuy:read "
             "Admin1,Admin2:read,write,delete,revert,admin  "
             "Admin3:read,write,admin  "
             "JoeDoe:read,write  "
@@ -226,6 +230,10 @@
             # All other users - every one not mentioned in the acl lines
             ('All', ('read', )),
             ('Anonymous', ('read', )),
+            # we check whether ACL processing stops for a user/right match
+            # with ACL modifiers
+            ('MinusGuy', ()),
+            ('PlusGuy', ('read', )),
             )
 
         # Check rights
--- a/MoinMoin/userprefs/suid.py	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/userprefs/suid.py	Mon Sep 14 02:47:11 2009 +0200
@@ -80,7 +80,7 @@
                                           'assume the identity of another user.')))
 
         ticket = wikiutil.createTicket(self.request)
-        self.make_row('Select User', [self._user_select()], valign="top")
+        self.make_row(_('Select User'), [self._user_select()], valign="top")
         form.append(html.INPUT(type="hidden", name="ticket", value="%s" % ticket))
         if not self._only:
             buttons = [html.INPUT(type="submit", name="select_user",
--- a/MoinMoin/util/filesys.py	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/util/filesys.py	Mon Sep 14 02:47:11 2009 +0200
@@ -142,7 +142,7 @@
     """
     if sys.platform == 'win32':
         def wrapper(*args, **kwargs):
-            max_retries = 10
+            max_retries = 42
             retry = 0
             while True:
                 try:
--- a/MoinMoin/web/static/htdocs/applets/FCKeditor/_whatsnew.html	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/web/static/htdocs/applets/FCKeditor/_whatsnew.html	Mon Sep 14 02:47:11 2009 +0200
@@ -33,6 +33,13 @@
 	<h1>
 		FCKeditor ChangeLog - What's New?</h1>
 	<h3>
+		Version 2.6.4.1</h3>
+	<p>
+		Fixed Bugs:</p>
+	<ul>
+		<li><strong>Security release, upgrade is highly recommended.</strong></li>
+	</ul>
+	<h3>
 		Version 2.6.4</h3>
 	<p>
 		Fixed Bugs:</p>
--- a/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/_source/fckeditorapi.js	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/_source/fckeditorapi.js	Mon Sep 14 02:47:11 2009 +0200
@@ -40,8 +40,8 @@
 		// objects that aren't really FCKeditor instances.
 		var sScript =
 			'window.FCKeditorAPI = {' +
-				'Version : "2.6.4",' +
-				'VersionBuild : "21629",' +
+				'Version : "2.6.4.1",' +
+				'VersionBuild : "23187",' +
 				'Instances : window.FCKeditorAPI && window.FCKeditorAPI.Instances || {},' +
 
 				'GetInstance : function( name )' +
--- a/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/dialog/fck_about.html	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/dialog/fck_about.html	Mon Sep 14 02:47:11 2009 +0200
@@ -78,8 +78,8 @@
 								border-left: #000000 1px solid; border-bottom: #000000 1px solid">
 								<span fcklang="DlgAboutVersion">version</span>
 								<br />
-								<b>2.6.4</b><br />
-								Build 21629</td>
+								<b>2.6.4.1</b><br />
+								Build 23187</td>
 						</tr>
 					</table>
 				</td>
--- a/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.pl	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.pl	Mon Sep 14 02:47:11 2009 +0200
@@ -1,181 +1,181 @@
-#!/usr/bin/perl
-
-use CGI qw/ :standard /;
-use File::Temp qw/ tempfile tempdir /;
-
-# my $spellercss = '/speller/spellerStyle.css';					# by FredCK
-my $spellercss = '../spellerStyle.css';							# by FredCK
-# my $wordWindowSrc = '/speller/wordWindow.js';					# by FredCK
-my $wordWindowSrc = '../wordWindow.js';							# by FredCK
-my @textinputs = param( 'textinputs[]' ); # array
-# my $aspell_cmd = 'aspell';									# by FredCK (for Linux)
-my $aspell_cmd = '"C:\Program Files\Aspell\bin\aspell.exe"';	# by FredCK (for Windows)
-my $lang = 'en_US';
-# my $aspell_opts = "-a --lang=$lang --encoding=utf-8";			# by FredCK
-my $aspell_opts = "-a --lang=$lang --encoding=utf-8 -H --rem-sgml-check=alt";		# by FredCK
-my $input_separator = "A";
-
-# set the 'wordtext' JavaScript variable to the submitted text.
-sub printTextVar {
-	for( my $i = 0; $i <= $#textinputs; $i++ ) {
-	        print "textinputs[$i] = decodeURIComponent('" . escapeQuote( $textinputs[$i] ) . "')\n";
-	}
-}
-
-sub printTextIdxDecl {
-	my $idx = shift;
-	print "words[$idx] = [];\n";
-	print "suggs[$idx] = [];\n";
-}
-
-sub printWordsElem {
-	my( $textIdx, $wordIdx, $word ) = @_;
-	print "words[$textIdx][$wordIdx] = '" . escapeQuote( $word ) . "';\n";
-}
-
-sub printSuggsElem {
-	my( $textIdx, $wordIdx, @suggs ) = @_;
-	print "suggs[$textIdx][$wordIdx] = [";
-	for my $i ( 0..$#suggs ) {
-		print "'" . escapeQuote( $suggs[$i] ) . "'";
-		if( $i < $#suggs ) {
-			print ", ";
-		}
-	}
-	print "];\n";
-}
-
-sub printCheckerResults {
-	my $textInputIdx = -1;
-	my $wordIdx = 0;
-	my $unhandledText;
-	# create temp file
-	my $dir = tempdir( CLEANUP => 1 );
-	my( $fh, $tmpfilename ) = tempfile( DIR => $dir );
-
-	# temp file was created properly?
-
-	# open temp file, add the submitted text.
-	for( my $i = 0; $i <= $#textinputs; $i++ ) {
-		$text = url_decode( $textinputs[$i] );
-		# Strip all tags for the text. (by FredCK - #339 / #681)
-		$text =~ s/<[^>]+>/ /g;
-		@lines = split( /\n/, $text );
-		print $fh "\%\n"; # exit terse mode
-		print $fh "^$input_separator\n";
-		print $fh "!\n";  # enter terse mode
-		for my $line ( @lines ) {
-			# use carat on each line to escape possible aspell commands
-			print $fh "^$line\n";
-		}
-
-	}
-	# exec aspell command
-	my $cmd = "$aspell_cmd $aspell_opts < $tmpfilename 2>&1";
-	open ASPELL, "$cmd |" or handleError( "Could not execute `$cmd`\\n$!" ) and return;
-	# parse each line of aspell return
-	for my $ret ( <ASPELL> ) {
-		chomp( $ret );
-		# if '&', then not in dictionary but has suggestions
-		# if '#', then not in dictionary and no suggestions
-		# if '*', then it is a delimiter between text inputs
-		if( $ret =~ /^\*/ ) {
-			$textInputIdx++;
-			printTextIdxDecl( $textInputIdx );
-			$wordIdx = 0;
-
-		} elsif( $ret =~ /^(&|#)/ ) {
-			my @tokens = split( " ", $ret, 5 );
-			printWordsElem( $textInputIdx, $wordIdx, $tokens[1] );
-			my @suggs = ();
-			if( $tokens[4] ) {
-				@suggs = split( ", ", $tokens[4] );
-			}
-			printSuggsElem( $textInputIdx, $wordIdx, @suggs );
-			$wordIdx++;
-		} else {
-			$unhandledText .= $ret;
-		}
-	}
-	close ASPELL or handleError( "Error executing `$cmd`\\n$unhandledText" ) and return;
-}
-
-sub escapeQuote {
-	my $str = shift;
-	$str =~ s/'/\\'/g;
-	return $str;
-}
-
-sub handleError {
-	my $err = shift;
-	print "error = '" . escapeQuote( $err ) . "';\n";
-}
-
-sub url_decode {
-	local $_ = @_ ? shift : $_;
-	defined or return;
-	# change + signs to spaces
-	tr/+/ /;
-	# change hex escapes to the proper characters
-	s/%([a-fA-F0-9]{2})/pack "H2", $1/eg;
-	return $_;
-}
-
-# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
-# Display HTML
-# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
-
-print <<EOF;
-Content-type: text/html; charset=utf-8
-
-<html>
-<head>
-<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
-<link rel="stylesheet" type="text/css" href="$spellercss"/>
-<script src="$wordWindowSrc"></script>
-<script type="text/javascript">
-var suggs = new Array();
-var words = new Array();
-var textinputs = new Array();
-var error;
-EOF
-
-printTextVar();
-
-printCheckerResults();
-
-print <<EOF;
-var wordWindowObj = new wordWindow();
-wordWindowObj.originalSpellings = words;
-wordWindowObj.suggestions = suggs;
-wordWindowObj.textInputs = textinputs;
-
-
-function init_spell() {
-	// check if any error occured during server-side processing
-	if( error ) {
-		alert( error );
-	} else {
-		// call the init_spell() function in the parent frameset
-		if (parent.frames.length) {
-			parent.init_spell( wordWindowObj );
-		} else {
-			error = "This page was loaded outside of a frameset. ";
-			error += "It might not display properly";
-			alert( error );
-		}
-	}
-}
-
-</script>
-
-</head>
-<body onLoad="init_spell();">
-
-<script type="text/javascript">
-wordWindowObj.writeBody();
-</script>
-
-</body>
-</html>
-EOF
+#!/usr/bin/perl
+
+use CGI qw/ :standard /;
+use File::Temp qw/ tempfile tempdir /;
+
+# my $spellercss = '/speller/spellerStyle.css';					# by FredCK
+my $spellercss = '../spellerStyle.css';							# by FredCK
+# my $wordWindowSrc = '/speller/wordWindow.js';					# by FredCK
+my $wordWindowSrc = '../wordWindow.js';							# by FredCK
+my @textinputs = param( 'textinputs[]' ); # array
+# my $aspell_cmd = 'aspell';									# by FredCK (for Linux)
+my $aspell_cmd = '"C:\Program Files\Aspell\bin\aspell.exe"';	# by FredCK (for Windows)
+my $lang = 'en_US';
+# my $aspell_opts = "-a --lang=$lang --encoding=utf-8";			# by FredCK
+my $aspell_opts = "-a --lang=$lang --encoding=utf-8 -H --rem-sgml-check=alt";		# by FredCK
+my $input_separator = "A";
+
+# set the 'wordtext' JavaScript variable to the submitted text.
+sub printTextVar {
+	for( my $i = 0; $i <= $#textinputs; $i++ ) {
+	        print "textinputs[$i] = decodeURIComponent('" . escapeQuote( $textinputs[$i] ) . "')\n";
+	}
+}
+
+sub printTextIdxDecl {
+	my $idx = shift;
+	print "words[$idx] = [];\n";
+	print "suggs[$idx] = [];\n";
+}
+
+sub printWordsElem {
+	my( $textIdx, $wordIdx, $word ) = @_;
+	print "words[$textIdx][$wordIdx] = '" . escapeQuote( $word ) . "';\n";
+}
+
+sub printSuggsElem {
+	my( $textIdx, $wordIdx, @suggs ) = @_;
+	print "suggs[$textIdx][$wordIdx] = [";
+	for my $i ( 0..$#suggs ) {
+		print "'" . escapeQuote( $suggs[$i] ) . "'";
+		if( $i < $#suggs ) {
+			print ", ";
+		}
+	}
+	print "];\n";
+}
+
+sub printCheckerResults {
+	my $textInputIdx = -1;
+	my $wordIdx = 0;
+	my $unhandledText;
+	# create temp file
+	my $dir = tempdir( CLEANUP => 1 );
+	my( $fh, $tmpfilename ) = tempfile( DIR => $dir );
+
+	# temp file was created properly?
+
+	# open temp file, add the submitted text.
+	for( my $i = 0; $i <= $#textinputs; $i++ ) {
+		$text = url_decode( $textinputs[$i] );
+		# Strip all tags for the text. (by FredCK - #339 / #681)
+		$text =~ s/<[^>]+>/ /g;
+		@lines = split( /\n/, $text );
+		print $fh "\%\n"; # exit terse mode
+		print $fh "^$input_separator\n";
+		print $fh "!\n";  # enter terse mode
+		for my $line ( @lines ) {
+			# use carat on each line to escape possible aspell commands
+			print $fh "^$line\n";
+		}
+
+	}
+	# exec aspell command
+	my $cmd = "$aspell_cmd $aspell_opts < $tmpfilename 2>&1";
+	open ASPELL, "$cmd |" or handleError( "Could not execute `$cmd`\\n$!" ) and return;
+	# parse each line of aspell return
+	for my $ret ( <ASPELL> ) {
+		chomp( $ret );
+		# if '&', then not in dictionary but has suggestions
+		# if '#', then not in dictionary and no suggestions
+		# if '*', then it is a delimiter between text inputs
+		if( $ret =~ /^\*/ ) {
+			$textInputIdx++;
+			printTextIdxDecl( $textInputIdx );
+			$wordIdx = 0;
+
+		} elsif( $ret =~ /^(&|#)/ ) {
+			my @tokens = split( " ", $ret, 5 );
+			printWordsElem( $textInputIdx, $wordIdx, $tokens[1] );
+			my @suggs = ();
+			if( $tokens[4] ) {
+				@suggs = split( ", ", $tokens[4] );
+			}
+			printSuggsElem( $textInputIdx, $wordIdx, @suggs );
+			$wordIdx++;
+		} else {
+			$unhandledText .= $ret;
+		}
+	}
+	close ASPELL or handleError( "Error executing `$cmd`\\n$unhandledText" ) and return;
+}
+
+sub escapeQuote {
+	my $str = shift;
+	$str =~ s/'/\\'/g;
+	return $str;
+}
+
+sub handleError {
+	my $err = shift;
+	print "error = '" . escapeQuote( $err ) . "';\n";
+}
+
+sub url_decode {
+	local $_ = @_ ? shift : $_;
+	defined or return;
+	# change + signs to spaces
+	tr/+/ /;
+	# change hex escapes to the proper characters
+	s/%([a-fA-F0-9]{2})/pack "H2", $1/eg;
+	return $_;
+}
+
+# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
+# Display HTML
+# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
+
+print <<EOF;
+Content-type: text/html; charset=utf-8
+
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+<link rel="stylesheet" type="text/css" href="$spellercss"/>
+<script src="$wordWindowSrc"></script>
+<script type="text/javascript">
+var suggs = new Array();
+var words = new Array();
+var textinputs = new Array();
+var error;
+EOF
+
+printTextVar();
+
+printCheckerResults();
+
+print <<EOF;
+var wordWindowObj = new wordWindow();
+wordWindowObj.originalSpellings = words;
+wordWindowObj.suggestions = suggs;
+wordWindowObj.textInputs = textinputs;
+
+
+function init_spell() {
+	// check if any error occured during server-side processing
+	if( error ) {
+		alert( error );
+	} else {
+		// call the init_spell() function in the parent frameset
+		if (parent.frames.length) {
+			parent.init_spell( wordWindowObj );
+		} else {
+			error = "This page was loaded outside of a frameset. ";
+			error += "It might not display properly";
+			alert( error );
+		}
+	}
+}
+
+</script>
+
+</head>
+<body onLoad="init_spell();">
+
+<script type="text/javascript">
+wordWindowObj.writeBody();
+</script>
+
+</body>
+</html>
+EOF
--- a/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/asp/basexml.asp	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/asp/basexml.asp	Mon Sep 14 02:47:11 2009 +0200
@@ -56,7 +56,11 @@
 	' Create the XML document header.
 	Response.Write "<?xml version=""1.0"" encoding=""utf-8"" ?>"
 
+	If text <> "" then
 	Response.Write "<Connector><Error number=""" & number & """ text=""" & Server.HTMLEncode( text ) & """ /></Connector>"
+	else
+	Response.Write "<Connector><Error number=""" & number & """ /></Connector>"
+	end if
 
 	Response.End
 End Sub
--- a/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/asp/commands.asp	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/asp/commands.asp	Mon Sep 14 02:47:11 2009 +0200
@@ -130,7 +130,7 @@
 	End If
 
 	' Create the "Error" node.
-	Response.Write "<Error number=""" & sErrorNumber & """ originalNumber=""" & iErrNumber & """ originalDescription=""" & ConvertToXmlAttribute( sErrDescription ) & """ />"
+	Response.Write "<Error number=""" & sErrorNumber & """ />"
 End Sub
 
 Sub FileUpload( resourceType, currentFolder, sCommand )
@@ -192,7 +192,11 @@
 	sFileUrl = CombinePaths( GetResourceTypePath( resourceType, sCommand ) , currentFolder )
 	sFileUrl = CombinePaths( sFileUrl, sFileName )
 
-	SendUploadResults sErrorNumber, sFileUrl, sFileName, ""
+	If ( sErrorNumber = "0" or sErrorNumber = "201" ) then
+		SendUploadResults sErrorNumber, sFileUrl, sFileName, ""
+	Else
+		SendUploadResults sErrorNumber, "", "", ""
+	End If
 End Sub
 
 %>
--- a/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/asp/connector.asp	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/asp/connector.asp	Mon Sep 14 02:47:11 2009 +0200
@@ -57,7 +57,7 @@
 
 	' Check if it is an allowed resource type.
 	if ( Not IsAllowedType( sResourceType ) ) Then
-		SendError 1, "The """ & sResourceType & """ resource type isn't allowed"
+		SendError 1, "Invalid type specified"
 	end if
 
 	' File Upload doesn't have to Return XML, so it must be intercepted before anything.
--- a/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/asp/io.asp	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/asp/io.asp	Mon Sep 14 02:47:11 2009 +0200
@@ -175,6 +175,8 @@
 
 function GetCurrentFolder()
 	dim sCurrentFolder
+	dim oRegex
+
 	sCurrentFolder = Request.QueryString("CurrentFolder")
 	If ( sCurrentFolder = "" ) Then sCurrentFolder = "/"
 
@@ -187,6 +189,14 @@
 		SendError 102, ""
 	End If
 
+	Set oRegex = New RegExp
+	oRegex.Global		= True
+	oRegex.Pattern = "(/\.)|(//)|([\\:\*\?\""\<\>\|]|[\u0000-\u001F]|\u007F)"
+
+	if (oRegex.Test(sCurrentFolder)) Then
+		SendError 102, ""
+	End If
+
 	GetCurrentFolder = sCurrentFolder
 end function
 
--- a/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/asp/upload.asp	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/asp/upload.asp	Mon Sep 14 02:47:11 2009 +0200
@@ -48,7 +48,7 @@
 	sResourceType = Request.QueryString("Type")
 	If ( sResourceType = "" ) Then sResourceType = "File"
 
-	sCurrentFolder = GetCurrentFolder()
+	sCurrentFolder = "/"
 
 	' Is Upload enabled?
 	if ( Not IsAllowedCommand( sCommand ) ) then
--- a/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/cfm/cf5_connector.cfm	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/cfm/cf5_connector.cfm	Mon Sep 14 02:47:11 2009 +0200
@@ -102,8 +102,33 @@
 
 	rootPath = left( serverPath, Len(serverPath) - Len(userFilesPath) ) ;
 	xmlContent = ""; // append to this string to build content
+	invalidName = false;
 </cfscript>
 
+
+<cfif not config.enabled>
+
+	<cfset xmlContent = "<Error number=""1"" text=""This connector is disabled. Please check the 'editor/filemanager/connectors/cfm/config.cfm' file"" />">
+
+<cfelseif find("..",url.currentFolder) or find("\",url.currentFolder) or REFind('(/\.)|(//)|[[:cntrl:]]|([\\:\*\?\"<>])', url.currentFolder)>
+
+	<cfset invalidName = true>
+	<cfset xmlContent = "<Error number=""102"" />">
+
+<cfelseif isDefined("Config.ConfigAllowedCommands") and not ListFind(Config.ConfigAllowedCommands, url.command)>
+
+	<cfset invalidName = true>
+	<cfset xmlContent = '<Error number="1" text="The &quot;' & HTMLEditFormat(url.command) & '&quot; command isn''t allowed" />'>
+
+<cfelseif isDefined("Config.ConfigAllowedTypes") and not ListFind(Config.ConfigAllowedTypes, url.type)>
+
+	<cfset invalidName = true>
+	<cfset xmlContent = '<Error number="1" text="Invalid type specified" />'>
+
+</cfif>
+
+<cfset resourceTypeUrl = "">
+<cfif not len(xmlContent)>
 <cfset resourceTypeUrl = rereplace( replace( Config.FileTypesPath[url.type], fs, "/", "all"), "/$", "") >
 
 <cfif isDefined( "Config.FileTypesAbsolutePath" )
@@ -125,26 +150,9 @@
 <!--- get rid of double directory separators --->
 <cfset userFilesServerPath = replace( userFilesServerPath, fs & fs, fs, "all") >
 
-<cfif not config.enabled>
-
-	<cfset xmlContent = "<Error number=""1"" text=""This connector is disabled. Please check the 'editor/filemanager/connectors/cfm/config.cfm' file"" />">
-
-<cfelseif find("..",url.currentFolder) or find("\",url.currentFolder)>
-
-	<cfset xmlContent = "<Error number=""102"" />">
-
-<cfelseif isDefined("Config.ConfigAllowedCommands") and not ListFind(Config.ConfigAllowedCommands, url.command)>
-
-	<cfset xmlContent = '<Error number="1" text="The &quot;' & url.command & '&quot; command isn''t allowed" />'>
-
-<cfelseif isDefined("Config.ConfigAllowedTypes") and not ListFind(Config.ConfigAllowedTypes, url.type)>
-
-	<cfset xmlContent = '<Error number="1" text="The &quot;' & url.type & '&quot; type isn''t allowed" />'>
-
+<cfset resourceTypeDirectory = left( userFilesServerPath, Len(userFilesServerPath) - Len(url.currentFolder) )>
 </cfif>
 
-<cfset resourceTypeDirectory = left( userFilesServerPath, Len(userFilesServerPath) - Len(url.currentFolder) )>
-
 <cfif not len(xmlContent) and not directoryexists(resourceTypeDirectory)>
 	<!--- create directories in physical path if they don't already exist --->
 	<cfset currentPath = "">
@@ -263,6 +271,7 @@
 					newFolderName = reReplace(newFolderName, "_{2,}", "_", "all");
 					newFolderName = reReplace(newFolderName, "([^_]+)_+$", "\1", "all");
 					newFolderName = reReplace(newFolderName, "$_([^_]+)$", "\1", "all");
+					newFolderName = reReplace(newFolderName, '\.+', "_", "all" );
 				}
 			</cfscript>
 
@@ -271,7 +280,7 @@
 			<cfelseif directoryExists(currentFolderPath & newFolderName)>
 				<cfset errorNumber = 101>
 			<cfelseif reFind("^\.\.",newFolderName)>
-				<cfset errorNumber = 103>
+				<cfset errorNumber = 102>
 			<cfelse>
 				<cfset errorNumber = 0>
 
@@ -303,8 +312,14 @@
 </cfif>
 
 <cfscript>
-	xmlHeader = '<?xml version="1.0" encoding="utf-8" ?><Connector command="#url.command#" resourceType="#url.type#">';
-	xmlHeader = xmlHeader & '<CurrentFolder path="#url.currentFolder#" url="#resourceTypeUrl##url.currentFolder#" />';
+	xmlHeader = '<?xml version="1.0" encoding="utf-8" ?>';
+	if (invalidName) {
+		xmlHeader = xmlHeader & '<Connector>';
+	}
+	else {
+		xmlHeader = xmlHeader & '<Connector command="#url.command#" resourceType="#url.type#">';
+		xmlHeader = xmlHeader & '<CurrentFolder path="#url.currentFolder#" url="#resourceTypeUrl##url.currentFolder#" />';
+	}
 	xmlFooter = '</Connector>';
 </cfscript>
 
--- a/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/cfm/cf5_upload.cfm	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/cfm/cf5_upload.cfm	Mon Sep 14 02:47:11 2009 +0200
@@ -39,6 +39,10 @@
 <cfparam name="url.type" default="File">
 <cfparam name="url.currentFolder" default="/">
 
+<cfif url.command eq "QuickUpload">
+	<cfset url.currentFolder = "/">
+</cfif>
+
 <cfif not isDefined("config_included")>
 	<cfinclude template="config.cfm">
 </cfif>
@@ -75,6 +79,12 @@
 	<cfabort>
 </cfif>
 
+<cfif REFind('(/\.)|(//)|[[:cntrl:]]|([\\:\*\?\"<>])', url.currentFolder)>
+	<cfset SendUploadResults(102)>
+	<cfabort>
+</cfif>
+
+
 <cfscript>
 	userFilesPath = config.userFilesPath;
 
@@ -138,7 +148,7 @@
 		</cfcatch>
 		</cftry>
 	</cfif>
-<cfelse>
+<cfelseif url.command eq "FileUpload">
 	<cfset resourceTypeUrl = rereplace( replace( Config.FileTypesPath[url.type], fs, "/", "all"), "/$", "") >
 	<cfif isDefined( "Config.FileTypesAbsolutePath" )
 			and structkeyexists( Config.FileTypesAbsolutePath, url.type )
@@ -286,7 +296,7 @@
 
 <cfif errorNumber EQ 0>
 	<!--- file was uploaded succesfully --->
-	<cfset SendUploadResults(errorNumber, '#resourceTypeUrl##url.currentFolder##fileName#.#fileExt#', "", "")>
+	<cfset SendUploadResults(errorNumber, '#resourceTypeUrl##url.currentFolder##fileName#.#fileExt#', replace( fileName & "." & fileExt, "'", "\'", "ALL"), "")>
 	<cfabort>
 <cfelseif errorNumber EQ 201>
 	<!--- file was changed (201), submit the new filename --->
--- a/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/cfm/cf_basexml.cfm	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/cfm/cf_basexml.cfm	Mon Sep 14 02:47:11 2009 +0200
@@ -64,5 +64,9 @@
 <cffunction name="SendErrorNode" returntype="void" output="true">
 	<cfargument name="number" required="true" type="Numeric">
 	<cfargument name="text" required="true">
-	<cfoutput><Error number="#ARGUMENTS.number#" text="#htmleditformat(ARGUMENTS.text)#" /></cfoutput>
+	<cfif Len(ARGUMENTS.text)>
+		<cfoutput><Error number="#ARGUMENTS.number#" text="#htmleditformat(ARGUMENTS.text)#" /></cfoutput>
+	<cfelse>
+		<cfoutput><Error number="#ARGUMENTS.number#" /></cfoutput>
+	</cfif>
 </cffunction>
--- a/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/cfm/cf_commands.cfm	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/cfm/cf_commands.cfm	Mon Sep 14 02:47:11 2009 +0200
@@ -35,7 +35,7 @@
 	<cfset var sTempDir = "">
 	<cfset var sTempFilePath = "">
 	<cfset var errorNumber = 0>
-	<cfset var customMsg = 0>
+	<cfset var customMsg = "">
 	<cfset var counter = 0>
 	<cfset var destination = "">
 
@@ -226,5 +226,5 @@
 		</cftry>
 	</cfif>
 
-	<cfoutput><Error number="#errorNumber#" originalDescription="#HTMLEditFormat(sErrorMsg)#" /></cfoutput>
+	<cfoutput><Error number="#errorNumber#" /></cfoutput>
 </cffunction>
--- a/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/cfm/cf_io.cfm	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/cfm/cf_io.cfm	Mon Sep 14 02:47:11 2009 +0200
@@ -193,8 +193,12 @@
 	<!--- Ensure the folder path has no double-slashes, or mkdir may fail on certain platforms --->
 	<cfset sCurrentFolder = rereplace( sCurrentFolder, "//+", "/", "all" )>
 
-	<cfif find( "..", sCurrentFolder) or find( "\", sCurrentFolder) >
-		<cfset SendError( 102, "" )>
+	<cfif find( "..", sCurrentFolder) or find( "\", sCurrentFolder) or REFind('(/\.)|(//)|[[:cntrl:]]|([\\:\*\?\"<>])', sCurrentFolder)>
+		<cfif URL.Command eq "FileUpload" or URL.Command eq "QuickUpload">
+			<cfset SendUploadResults( 102, "", "", "") >
+		<cfelse>
+			<cfset SendError( 102, "" )>
+		</cfif>
 	</cfif>
 
 	<cfreturn sCurrentFolder>
@@ -265,6 +269,10 @@
 	<cfargument name="fileName" required="false" type="String" default="">
 	<cfargument name="customMsg" required="false" type="String" default="">
 
+	<cfif errorNumber and errorNumber neq 201>
+		<cfset fileUrl = "">
+		<cfset fileName = "">
+	</cfif>
 	<!--- Minified version of the document.domain automatic fix script (#1919).
 	The original script can be found at _dev/domain_fix_template.js --->
 	<cfoutput>
--- a/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/cfm/cf_upload.cfm	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/cfm/cf_upload.cfm	Mon Sep 14 02:47:11 2009 +0200
@@ -24,7 +24,6 @@
 --->
 
 <cfparam name="url.type" default="File">
-<cfparam name="url.currentFolder" default="/">
 
 <!--- note: no serverPath url parameter - see config.cfm if you need to set the serverPath manually --->
 
@@ -36,7 +35,7 @@
 <cffunction name="SendError" returntype="void" output="true">
 	<cfargument name="number" required="true" type="Numeric">
 	<cfargument name="text" required="true">
-	<cfreturn SendUploadResults( "#ARGUMENTS.number#", "", "", "ARGUMENTS.text" )>
+	<cfreturn SendUploadResults( "#ARGUMENTS.number#", "", "", "#ARGUMENTS.text#" )>
 </cffunction>
 
 <cfset REQUEST.Config = Config>
@@ -57,7 +56,7 @@
 	<cfset sType = URL.Type>
 </cfif>
 
-<cfset sCurrentFolder = GetCurrentFolder()>
+<cfset sCurrentFolder = "/">
 
 <!--- Is enabled the upload? --->
 <cfif not IsAllowedCommand( sCommand )>
--- a/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/cfm/config.cfm	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/cfm/config.cfm	Mon Sep 14 02:47:11 2009 +0200
@@ -28,7 +28,6 @@
 	// SECURITY: You must explicitly enable this "connector". (Set enabled to "true")
 	Config.Enabled = false ;
 
-
 	// Path to uploaded files relative to the document root.
 	Config.UserFilesPath = "/userfiles/" ;
 
--- a/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/lasso/connector.lasso	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/lasso/connector.lasso	Mon Sep 14 02:47:11 2009 +0200
@@ -38,8 +38,8 @@
     Convert query string parameters to variables and initialize output.
     */
 	var(
-		'Command'		=	action_param('Command'),
-		'Type'			=	action_param('Type'),
+		'Command'		=	(Encode_HTML: action_param('Command')),
+		'Type'			=	(Encode_HTML: action_param('Type')),
 		'CurrentFolder'	=	action_param('CurrentFolder'),
 		'ServerPath'	=	action_param('ServerPath'),
 		'NewFolderName'	=	action_param('NewFolderName'),
@@ -70,45 +70,16 @@
 	);
 		$__html_reply__ = '\
 <script type="text/javascript">
-(function()
-{
-	var d = document.domain ;
-
-	while ( true )
-	{
-		// Test if we can access a parent property.
-		try
-		{
-			var test = window.top.opener.document.domain ;
-			break ;
-		}
-		catch( e ) {}
-
-		// Remove a domain part: www.mytest.example.com => mytest.example.com => example.com ...
-		d = d.replace( /.*?(?:\\.|$)/, "" ) ;
-
-		if ( d.length == 0 )
-			break ;		// It was not able to detect the domain.
-
-		try
-		{
-			document.domain = d ;
-		}
-		catch (e)
-		{
-			break ;
-		}
-	}
-})() ;
+(function(){var d=document.domain;while (true){try{var A=window.parent.document.domain;break;}catch(e) {};d=d.replace(/.*?(?:\\.|$)/,\'\');if (d.length==0) break;try{document.domain=d;}catch (e){break;}}})();
 ';
 			if($uploadResult == '0' || $uploadResult == '201');
 			$__html_reply__ = $__html_reply__ + '\
-	window.parent.OnUploadCompleted(' + $uploadResult + ',\'' + $NewFilePath + '\',\'' + $NewFilePath->split('/')->last + '\');
+	window.parent.OnUploadCompleted(' + $uploadResult + ',"' + $NewFilePath + '","' + $NewFilePath->split('/')->last + '");
 </script>
 			';
 			else;
 			$__html_reply__ = $__html_reply__ + '\
-	window.parent.OnUploadCompleted(' + $uploadResult + ');
+	window.parent.OnUploadCompleted(' + $uploadResult + ',"","");
 </script>
 			';
 			/if;
@@ -125,7 +96,20 @@
 		+ $CurrentFolder
 	);
 
-	if($CurrentFolder->(Find: '..') || $CurrentFolder->(Find: '\\'));
+	$currentFolderURL = string_replace($currentFolderURL, -find='//', -replace='/');
+
+	if (!$config->find('Subdirectories')->find(action_param('Type')));
+		if($Command == 'FileUpload');
+			$responseType = 'html';
+			$uploadResult = '1';
+			fck_htmlreply(
+				-uploadResult=$uploadResult
+			);
+		else;
+			$errorNumber = 1;
+			$commandData += '<Error number="' + $errorNumber + '" text="Invalid type specified" />\n';
+		/if;
+	else if($CurrentFolder->(Find: '..') || (String_FindRegExp: $CurrentFolder, -Find='(/\\.)|(//)|[\\\\:\\*\\?\\""\\<\\>\\|]|\\000|[\u007F]|[\u0001-\u001F]'));
 		if($Command == 'FileUpload');
 			$responseType = 'html';
 			$uploadResult = '102';
@@ -142,7 +126,8 @@
     Build the appropriate response per the 'Command' parameter. Wrap the
     entire process in an inline for file tag permissions.
     */
-	inline($connection);
+		if($config->find('Enabled'));
+		inline($connection);
 		select($Command);
             /*.............................................................
             List all subdirectories in the 'Current Folder' directory.
@@ -166,7 +151,13 @@
 					if(#this->endswith('/'));
 						$folders += '\t\t<Folder name="' + #this->removetrailing('/')& + '" />\n';
 					else;
-						local('size') = file_getsize($currentFolderURL + #this) / 1024;
+						local('size') = file_getsize($currentFolderURL + #this);
+						if($size>0);
+							$size = $size/1024;
+							if ($size==0);
+								$size = 1;
+							/if;
+						/if;
 						$files += '\t\t<File name="' + #this + '" size="' + #size + '" />\n';
 					/if;
 				/iterate;
@@ -181,7 +172,7 @@
             Create a directory 'NewFolderName' within the 'Current Folder.'
             */
 			case('CreateFolder');
-				$NewFolderName = (String_ReplaceRegExp: $NewFolderName, -find='\\.|\\\\|\\/|\\||\\:|\\?|\\*|"|<|>', -replace='_');
+				$NewFolderName = (String_ReplaceRegExp: $NewFolderName, -find='\\.|\\\\|\\/|\\||\\:|\\?|\\*|"|<|>|\\000|[\u007F]|[\u0001-\u001F]', -replace='_');
 				var('newFolder' = $currentFolderURL + $NewFolderName + '/');
 				file_create($newFolder);
 
@@ -233,18 +224,23 @@
                     files. (Test.txt, Test(1).txt, Test(2).txt, etc.)
                     */
 					$NewFileName = $NewFile->find('OrigName');
-					$NewFileName = (String_ReplaceRegExp: $NewFileName, -find='\\\\|\\/|\\||\\:|\\?|\\*|"|<|>', -replace='_');
+					$NewFileName = (String_ReplaceRegExp: $NewFileName, -find='\\\\|\\/|\\||\\:|\\?|\\*|"|<|>|\\000|[\u007F]|[\u0001-\u001F]', -replace='_');
+					$NewFileName = (String_ReplaceRegExp: $NewFileName, -find='\\.(?![^.]*$)', -replace='_');
 					$OrigFilePath = $currentFolderURL + $NewFileName;
 					$NewFilePath = $OrigFilePath;
 					local('fileExtension') = '.' + $NewFile->find('OrigExtension');
-					#fileExtension = (String_ReplaceRegExp: #fileExtension, -find='\\\\|\\/|\\||\\:|\\?|\\*|"|<|>', -replace='_');
+					#fileExtension = (String_ReplaceRegExp: #fileExtension, -find='\\\\|\\/|\\||\\:|\\?|\\*|"|<|>|\\000|[\u007F]|[\u0001-\u001F]', -replace='_');
 					local('shortFileName') = $NewFileName->removetrailing(#fileExtension)&;
 
 
                     /*.....................................................
                     Make sure the file extension is allowed.
                     */
-					if($config->find('DeniedExtensions')->find($Type) >> $NewFile->find('OrigExtension'));
+					local('allowedExt') = $config->find('AllowedExtensions')->find($Type);
+					local('deniedExt') = $config->find('DeniedExtensions')->find($Type);
+					if($allowedExt->Size > 0 && $allowedExt !>> $NewFile->find('OrigExtension'));
+						$uploadResult = '202';
+					else($deniedExt->Size > 0 && $deniedExt >> $NewFile->find('OrigExtension'));
 						$uploadResult = '202';
 					else;
                         /*.................................................
@@ -277,8 +273,15 @@
 					-uploadResult=$uploadResult,
 					-NewFilePath=$NewFilePath
 				);
+			case;
+				$errorNumber = 1;
+				$commandData += '<Error number="' + $errorNumber + '" text="Command isn\'t allowed" />\n';
 		/select;
-	/inline;
+		/inline;
+		else;
+			$errorNumber = 1;
+			$commandData += '<Error number="' + $errorNumber + '" text="This file uploader is disabled. Please check the editor/filemanager/upload/lasso/config.lasso file." />\n';
+		/if;
 	/if;
 
     /*.....................................................................
@@ -309,11 +312,16 @@
 			Wrap the response as XML and output.
 		*/
 		$__html_reply__ = '\
-<?xml version="1.0" encoding="utf-8" ?>
-<Connector command="' + $Command + '" resourceType="' + $Type + '">';
+<?xml version="1.0" encoding="utf-8" ?>';
 
 		if($errorNumber != '102');
-			$__html_reply__ += '<CurrentFolder path="' + $CurrentFolder + '" url="' + $currentFolderURL + '" />';
+			$__html_reply__ += '<Connector command="' + (Encode_HTML: $Command) + '" resourceType="' + (Encode_HTML: $Type) + '">';
+		else;
+			$__html_reply__ += '<Connector>';
+		/if;
+
+		if($errorNumber != '102');
+			$__html_reply__ += '<CurrentFolder path="' + (Encode_HTML: $CurrentFolder) + '" url="' + (Encode_HTML: $currentFolderURL) + '" />';
 		/if;
 
 		$__html_reply__ += $commandData + '
--- a/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/lasso/upload.lasso	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/lasso/upload.lasso	Mon Sep 14 02:47:11 2009 +0200
@@ -32,8 +32,8 @@
     Convert query string parameters to variables and initialize output.
     */
 	var(
-		'Type'			=	action_param('Type'),
-		'CurrentFolder'	=	action_param('CurrentFolder'),
+		'Type'			=	(Encode_HTML: action_param('Type')),
+		'CurrentFolder'	=	"/",
 		'ServerPath'	=	action_param('ServerPath'),
 		'NewFile'		=	null,
 		'NewFileName'	=	string,
@@ -53,9 +53,11 @@
 
 	var('currentFolderURL' = $ServerPath
 		+ $config->find('Subdirectories')->find(action_param('Type'))
-		+ action_param('CurrentFolder')
+		+ $CurrentFolder
 	);
 
+	$currentFolderURL = string_replace($currentFolderURL, -find='//', -replace='/');
+
 	/*.....................................................................
 	Custom tag sets the HTML response.
 	*/
@@ -84,14 +86,14 @@
 
 		$__html_reply__ = $__html_reply__ + '\
 	window.parent.OnUploadCompleted(' + #errorNumber + ',"'
-		+ string_replace(#fileUrl, -find='"', -replace='\\"') + '","'
-		+ string_replace(#fileName, -find='"', -replace='\\"') + '","'
-		+ string_replace(#customMsg, -find='"', -replace='\\"') + '");
+		+ string_replace((Encode_HTML: #fileUrl), -find='"', -replace='\\"') + '","'
+		+ string_replace((Encode_HTML: #fileUrl->split('/')->last), -find='"', -replace='\\"') + '","'
+		+ string_replace((Encode_HTML: #customMsg), -find='"', -replace='\\"') + '");
 </script>
 		';
 	/define_tag;
 
-	if($CurrentFolder->(Find: '..') || $CurrentFolder->(Find: '\\'));
+	if($CurrentFolder->(Find: '..') || (String_FindRegExp: $CurrentFolder, -Find='(/\\.)|(//)|[\\\\:\\*\\?\\""\\<\\>\\|]|\\000|[\u007F]|[\u0001-\u001F]'));
 		$errorNumber = 102;
 	/if;
 
@@ -114,6 +116,8 @@
 				files. (Test.txt, Test(1).txt, Test(2).txt, etc.)
 				*/
 				$NewFileName = $NewFile->find('OrigName');
+				$NewFileName = (String_ReplaceRegExp: $NewFileName, -find='\\\\|\\/|\\||\\:|\\?|\\*|"|<|>|\\000|[\u007F]|[\u0001-\u001F]', -replace='_');
+				$NewFileName = (String_ReplaceRegExp: $NewFileName, -find='\\.(?![^.]*$)', -replace='_');
 				$OrigFilePath = $currentFolderURL + $NewFileName;
 				$NewFilePath = $OrigFilePath;
 				local('fileExtension') = '.' + $NewFile->find('OrigExtension');
@@ -124,7 +128,11 @@
 				Make sure the file extension is allowed.
 				*/
 
-				if($config->find('DeniedExtensions')->find($Type) >> $NewFile->find('OrigExtension'));
+				local('allowedExt') = $config->find('AllowedExtensions')->find($Type);
+				local('deniedExt') = $config->find('DeniedExtensions')->find($Type);
+				if($allowedExt->Size > 0 && $allowedExt !>> $NewFile->find('OrigExtension'));
+					$errorNumber = 202;
+				else($deniedExt->Size > 0 && $deniedExt >> $NewFile->find('OrigExtension'));
 					$errorNumber = 202;
 				else;
 					/*.....................................................
@@ -153,6 +161,9 @@
 					/select;
 				/if;
 			/if;
+			if ($errorNumber != 0 && $errorNumber != 201);
+				$NewFilePath = "";
+			/if;
 		/inline;
 	else;
 		$errorNumber = 1;
@@ -162,7 +173,6 @@
 	fck_sendresults(
 		-errorNumber=$errorNumber,
 		-fileUrl=$NewFilePath,
-		-fileName=$NewFileName,
 		-customMsg=$customMsg
 	);
 ]
--- a/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/perl/basexml.pl	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/perl/basexml.pl	Mon Sep 14 02:47:11 2009 +0200
@@ -1,63 +1,68 @@
-#####
-#  FCKeditor - The text editor for Internet - http://www.fckeditor.net
-#  Copyright (C) 2003-2009 Frederico Caldeira Knabben
-#
-#  == BEGIN LICENSE ==
-#
-#  Licensed under the terms of any of the following licenses at your
-#  choice:
-#
-#   - GNU General Public License Version 2 or later (the "GPL")
-#     http://www.gnu.org/licenses/gpl.html
-#
-#   - GNU Lesser General Public License Version 2.1 or later (the "LGPL")
-#     http://www.gnu.org/licenses/lgpl.html
-#
-#   - Mozilla Public License Version 1.1 or later (the "MPL")
-#     http://www.mozilla.org/MPL/MPL-1.1.html
-#
-#  == END LICENSE ==
-#
-#  This is the File Manager Connector for Perl.
-#####
-
-sub CreateXmlHeader
-{
-	local($command,$resourceType,$currentFolder) = @_;
-
-	# Create the XML document header.
-	print '<?xml version="1.0" encoding="utf-8" ?>';
-
-	# Create the main "Connector" node.
-	print '<Connector command="' . $command . '" resourceType="' . $resourceType . '">';
-
-	# Add the current folder node.
-	print '<CurrentFolder path="' . ConvertToXmlAttribute($currentFolder) . '" url="' . ConvertToXmlAttribute(GetUrlFromPath($resourceType,$currentFolder)) . '" />';
-}
-
-sub CreateXmlFooter
-{
-	print '</Connector>';
-}
-
-sub SendError
-{
-	local( $number, $text ) = @_;
-
-	print << "_HTML_HEAD_";
-Content-Type:text/xml; charset=utf-8
-Pragma: no-cache
-Cache-Control: no-cache
-Expires: Thu, 01 Dec 1994 16:00:00 GMT
-
-_HTML_HEAD_
-
-	# Create the XML document header
-	print '<?xml version="1.0" encoding="utf-8" ?>' ;
-
-	print '<Connector><Error number="' . $number . '" text="' . &specialchar_cnv( $text ) . '" /></Connector>' ;
-
-	exit ;
-}
-
-1;
+#####
+#  FCKeditor - The text editor for Internet - http://www.fckeditor.net
+#  Copyright (C) 2003-2009 Frederico Caldeira Knabben
+#
+#  == BEGIN LICENSE ==
+#
+#  Licensed under the terms of any of the following licenses at your
+#  choice:
+#
+#   - GNU General Public License Version 2 or later (the "GPL")
+#     http://www.gnu.org/licenses/gpl.html
+#
+#   - GNU Lesser General Public License Version 2.1 or later (the "LGPL")
+#     http://www.gnu.org/licenses/lgpl.html
+#
+#   - Mozilla Public License Version 1.1 or later (the "MPL")
+#     http://www.mozilla.org/MPL/MPL-1.1.html
+#
+#  == END LICENSE ==
+#
+#  This is the File Manager Connector for Perl.
+#####
+
+sub CreateXmlHeader
+{
+	local($command,$resourceType,$currentFolder) = @_;
+
+	# Create the XML document header.
+	print '<?xml version="1.0" encoding="utf-8" ?>';
+
+	# Create the main "Connector" node.
+	print '<Connector command="' . $command . '" resourceType="' . $resourceType . '">';
+
+	# Add the current folder node.
+	print '<CurrentFolder path="' . ConvertToXmlAttribute($currentFolder) . '" url="' . ConvertToXmlAttribute(GetUrlFromPath($resourceType,$currentFolder)) . '" />';
+}
+
+sub CreateXmlFooter
+{
+	print '</Connector>';
+}
+
+sub SendError
+{
+	local( $number, $text ) = @_;
+
+	print << "_HTML_HEAD_";
+Content-Type:text/xml; charset=utf-8
+Pragma: no-cache
+Cache-Control: no-cache
+Expires: Thu, 01 Dec 1994 16:00:00 GMT
+
+_HTML_HEAD_
+
+	# Create the XML document header
+	print '<?xml version="1.0" encoding="utf-8" ?>' ;
+
+	if ($text) {
+		print '<Connector><Error number="' . $number . '" text="' . &specialchar_cnv( $text ) . '" /></Connector>' ;
+	}
+	else {
+		print '<Connector><Error number="' . $number . '" /></Connector>' ;
+	}
+
+	exit ;
+}
+
+1;
--- a/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/perl/commands.pl	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/perl/commands.pl	Mon Sep 14 02:47:11 2009 +0200
@@ -1,187 +1,200 @@
-#####
-#  FCKeditor - The text editor for Internet - http://www.fckeditor.net
-#  Copyright (C) 2003-2009 Frederico Caldeira Knabben
-#
-#  == BEGIN LICENSE ==
-#
-#  Licensed under the terms of any of the following licenses at your
-#  choice:
-#
-#   - GNU General Public License Version 2 or later (the "GPL")
-#     http://www.gnu.org/licenses/gpl.html
-#
-#   - GNU Lesser General Public License Version 2.1 or later (the "LGPL")
-#     http://www.gnu.org/licenses/lgpl.html
-#
-#   - Mozilla Public License Version 1.1 or later (the "MPL")
-#     http://www.mozilla.org/MPL/MPL-1.1.html
-#
-#  == END LICENSE ==
-#
-#  This is the File Manager Connector for Perl.
-#####
-
-sub GetFolders
-{
-
-	local($resourceType, $currentFolder) = @_;
-
-	# Map the virtual path to the local server path.
-	$sServerDir = &ServerMapFolder($resourceType, $currentFolder);
-	print "<Folders>";			# Open the "Folders" node.
-
-	opendir(DIR,"$sServerDir");
-	@files = grep(!/^\.\.?$/,readdir(DIR));
-	closedir(DIR);
-
-	foreach $sFile (@files) {
-		if($sFile != '.' && $sFile != '..' && (-d "$sServerDir$sFile")) {
-			$cnv_filename = &ConvertToXmlAttribute($sFile);
-			print '<Folder name="' . $cnv_filename . '" />';
-		}
-	}
-	print "</Folders>";			# Close the "Folders" node.
-}
-
-sub GetFoldersAndFiles
-{
-
-	local($resourceType, $currentFolder) = @_;
-	# Map the virtual path to the local server path.
-	$sServerDir = &ServerMapFolder($resourceType,$currentFolder);
-
-	# Initialize the output buffers for "Folders" and "Files".
-	$sFolders	= '<Folders>';
-	$sFiles		= '<Files>';
-
-	opendir(DIR,"$sServerDir");
-	@files = grep(!/^\.\.?$/,readdir(DIR));
-	closedir(DIR);
-
-	foreach $sFile (@files) {
-		if($sFile ne '.' && $sFile ne '..') {
-			if(-d "$sServerDir$sFile") {
-				$cnv_filename = &ConvertToXmlAttribute($sFile);
-				$sFolders .= '<Folder name="' . $cnv_filename . '" />' ;
-			} else {
-				($iFileSize,$refdate,$filedate,$fileperm) = (stat("$sServerDir$sFile"))[7,8,9,2];
-				if($iFileSize > 0) {
-					$iFileSize = int($iFileSize / 1024);
-					if($iFileSize < 1) {
-						$iFileSize = 1;
-					}
-				}
-				$cnv_filename = &ConvertToXmlAttribute($sFile);
-				$sFiles	.= '<File name="' . $cnv_filename . '" size="' . $iFileSize . '" />' ;
-			}
-		}
-	}
-	print $sFolders ;
-	print '</Folders>';			# Close the "Folders" node.
-	print $sFiles ;
-	print '</Files>';			# Close the "Files" node.
-}
-
-sub CreateFolder
-{
-
-	local($resourceType, $currentFolder) = @_;
-	$sErrorNumber	= '0' ;
-	$sErrorMsg		= '' ;
-
-	if($FORM{'NewFolderName'} ne "") {
-		$sNewFolderName = $FORM{'NewFolderName'};
-		$sNewFolderName =~ s/\.|\\|\/|\||\:|\?|\*|\"|<|>|[[:cntrl:]]/_/g;
-		# Map the virtual path to the local server path of the current folder.
-		$sServerDir = &ServerMapFolder($resourceType, $currentFolder);
-		if(-w $sServerDir) {
-			$sServerDir .= $sNewFolderName;
-			$sErrorMsg = &CreateServerFolder($sServerDir);
-			if($sErrorMsg == 0) {
-				$sErrorNumber = '0';
-			} elsif($sErrorMsg eq 'Invalid argument' || $sErrorMsg eq 'No such file or directory') {
-				$sErrorNumber = '102';		#// Path too long.
-			} else {
-				$sErrorNumber = '110';
-			}
-		} else {
-			$sErrorNumber = '103';
-		}
-	} else {
-		$sErrorNumber = '102' ;
-	}
-	# Create the "Error" node.
-	$cnv_errmsg = &ConvertToXmlAttribute($sErrorMsg);
-	print '<Error number="' . $sErrorNumber . '" originalDescription="' . $cnv_errmsg . '" />';
-}
-
-sub FileUpload
-{
-eval("use File::Copy;");
-
-	local($resourceType, $currentFolder) = @_;
-
-	$sErrorNumber = '0' ;
-	$sFileName = '' ;
-	if($new_fname) {
-		# Map the virtual path to the local server path.
-		$sServerDir = &ServerMapFolder($resourceType,$currentFolder);
-
-		# Get the uploaded file name.
-		$sFileName = $new_fname;
-		$sFileName =~ s/\\|\/|\||\:|\?|\*|\"|<|>|[[:cntrl:]]/_/g;
-		$sOriginalFileName = $sFileName;
-
-		$iCounter = 0;
-		while(1) {
-			$sFilePath = $sServerDir . $sFileName;
-			if(-e $sFilePath) {
-				$iCounter++ ;
-				($path,$BaseName,$ext) = &RemoveExtension($sOriginalFileName);
-				$sFileName = $BaseName . '(' . $iCounter . ').' . $ext;
-				$sErrorNumber = '201';
-			} else {
-				copy("$img_dir/$new_fname","$sFilePath");
-				if (defined $CHMOD_ON_UPLOAD) {
-					if ($CHMOD_ON_UPLOAD) {
-						umask(000);
-						chmod($CHMOD_ON_UPLOAD,$sFilePath);
-					}
-				}
-				else {
-					umask(000);
-					chmod(0777,$sFilePath);
-				}
-				unlink("$img_dir/$new_fname");
-				last;
-			}
-		}
-	} else {
-		$sErrorNumber = '202' ;
-	}
-	$sFileName	=~ s/"/\\"/g;
-
-	SendUploadResults($sErrorNumber, $resourceType.$currentFolder.$sFileName, $sFileName, '');
-}
-
-sub SendUploadResults
-{
-
-	local($sErrorNumber, $sFileUrl, $sFileName, $customMsg) = @_;
-
-	# Minified version of the document.domain automatic fix script (#1919).
-	# The original script can be found at _dev/domain_fix_template.js
-	# Note: in Perl replace \ with \\ and $ with \$
-	print <<EOF;
-Content-type: text/html
-
-<script type="text/javascript">
-(function(){var d=document.domain;while (true){try{var A=window.parent.document.domain;break;}catch(e) {};d=d.replace(/.*?(?:\\.|\$)/,'');if (d.length==0) break;try{document.domain=d;}catch (e){break;}}})();
-
-EOF
-	print 'window.parent.OnUploadCompleted(' . $sErrorNumber . ',"' . JS_cnv($sFileUrl) . '","' . JS_cnv($sFileName) . '","' . JS_cnv($customMsg) . '") ;';
-	print '</script>';
-	exit ;
-}
-
-1;
+#####
+#  FCKeditor - The text editor for Internet - http://www.fckeditor.net
+#  Copyright (C) 2003-2009 Frederico Caldeira Knabben
+#
+#  == BEGIN LICENSE ==
+#
+#  Licensed under the terms of any of the following licenses at your
+#  choice:
+#
+#   - GNU General Public License Version 2 or later (the "GPL")
+#     http://www.gnu.org/licenses/gpl.html
+#
+#   - GNU Lesser General Public License Version 2.1 or later (the "LGPL")
+#     http://www.gnu.org/licenses/lgpl.html
+#
+#   - Mozilla Public License Version 1.1 or later (the "MPL")
+#     http://www.mozilla.org/MPL/MPL-1.1.html
+#
+#  == END LICENSE ==
+#
+#  This is the File Manager Connector for Perl.
+#####
+
+sub GetFolders
+{
+
+	local($resourceType, $currentFolder) = @_;
+
+	# Map the virtual path to the local server path.
+	$sServerDir = &ServerMapFolder($resourceType, $currentFolder);
+	print "<Folders>";			# Open the "Folders" node.
+
+	opendir(DIR,"$sServerDir");
+	@files = grep(!/^\.\.?$/,readdir(DIR));
+	closedir(DIR);
+
+	foreach $sFile (@files) {
+		if($sFile != '.' && $sFile != '..' && (-d "$sServerDir$sFile")) {
+			$cnv_filename = &ConvertToXmlAttribute($sFile);
+			print '<Folder name="' . $cnv_filename . '" />';
+		}
+	}
+	print "</Folders>";			# Close the "Folders" node.
+}
+
+sub GetFoldersAndFiles
+{
+
+	local($resourceType, $currentFolder) = @_;
+	# Map the virtual path to the local server path.
+	$sServerDir = &ServerMapFolder($resourceType,$currentFolder);
+
+	# Initialize the output buffers for "Folders" and "Files".
+	$sFolders	= '<Folders>';
+	$sFiles		= '<Files>';
+
+	opendir(DIR,"$sServerDir");
+	@files = grep(!/^\.\.?$/,readdir(DIR));
+	closedir(DIR);
+
+	foreach $sFile (@files) {
+		if($sFile ne '.' && $sFile ne '..') {
+			if(-d "$sServerDir$sFile") {
+				$cnv_filename = &ConvertToXmlAttribute($sFile);
+				$sFolders .= '<Folder name="' . $cnv_filename . '" />' ;
+			} else {
+				($iFileSize,$refdate,$filedate,$fileperm) = (stat("$sServerDir$sFile"))[7,8,9,2];
+				if($iFileSize > 0) {
+					$iFileSize = int($iFileSize / 1024);
+					if($iFileSize < 1) {
+						$iFileSize = 1;
+					}
+				}
+				$cnv_filename = &ConvertToXmlAttribute($sFile);
+				$sFiles	.= '<File name="' . $cnv_filename . '" size="' . $iFileSize . '" />' ;
+			}
+		}
+	}
+	print $sFolders ;
+	print '</Folders>';			# Close the "Folders" node.
+	print $sFiles ;
+	print '</Files>';			# Close the "Files" node.
+}
+
+sub CreateFolder
+{
+
+	local($resourceType, $currentFolder) = @_;
+	$sErrorNumber	= '0' ;
+	$sErrorMsg		= '' ;
+
+	if($FORM{'NewFolderName'} ne "") {
+		$sNewFolderName = $FORM{'NewFolderName'};
+		$sNewFolderName =~ s/\.|\\|\/|\||\:|\?|\*|\"|<|>|[[:cntrl:]]/_/g;
+		# Map the virtual path to the local server path of the current folder.
+		$sServerDir = &ServerMapFolder($resourceType, $currentFolder);
+		if(-w $sServerDir) {
+			$sServerDir .= $sNewFolderName;
+			$sErrorMsg = &CreateServerFolder($sServerDir);
+			if($sErrorMsg == 0) {
+				$sErrorNumber = '0';
+			} elsif($sErrorMsg eq 'Invalid argument' || $sErrorMsg eq 'No such file or directory') {
+				$sErrorNumber = '102';		#// Path too long.
+			} else {
+				$sErrorNumber = '110';
+			}
+		} else {
+			$sErrorNumber = '103';
+		}
+	} else {
+		$sErrorNumber = '102' ;
+	}
+	# Create the "Error" node.
+	$cnv_errmsg = &ConvertToXmlAttribute($sErrorMsg);
+	print '<Error number="' . $sErrorNumber . '" />';
+}
+
+sub FileUpload
+{
+eval("use File::Copy;");
+
+	local($resourceType, $currentFolder) = @_;
+	$allowedExtensions = $allowedExtensions{$resourceType};
+
+	$sErrorNumber = '0' ;
+	$sFileName = '' ;
+	if($new_fname) {
+		# Map the virtual path to the local server path.
+		$sServerDir = &ServerMapFolder($resourceType,$currentFolder);
+
+		# Get the uploaded file name.
+		$sFileName = $new_fname;
+		$sFileName =~ s/\\|\/|\||\:|\?|\*|\"|<|>|[[:cntrl:]]/_/g;
+		$sFileName =~ s/\.(?![^.]*$)/_/g;
+
+		$ext = '';
+		if($sFileName =~ /([^\\\/]*)\.(.*)$/) {
+			$ext  = $2;
+		}
+
+		$allowedRegex = qr/^($allowedExtensions)$/i;
+		if (!($ext =~ $allowedRegex)) {
+			SendUploadResults('202', '', '', '');
+		}
+
+		$sOriginalFileName = $sFileName;
+
+		$iCounter = 0;
+		while(1) {
+			$sFilePath = $sServerDir . $sFileName;
+			if(-e $sFilePath) {
+				$iCounter++ ;
+				($path,$BaseName,$ext) = &RemoveExtension($sOriginalFileName);
+				$sFileName = $BaseName . '(' . $iCounter . ').' . $ext;
+				$sErrorNumber = '201';
+			} else {
+				copy("$img_dir/$new_fname","$sFilePath");
+				if (defined $CHMOD_ON_UPLOAD) {
+					if ($CHMOD_ON_UPLOAD) {
+						umask(000);
+						chmod($CHMOD_ON_UPLOAD,$sFilePath);
+					}
+				}
+				else {
+					umask(000);
+					chmod(0777,$sFilePath);
+				}
+				unlink("$img_dir/$new_fname");
+				last;
+			}
+		}
+	} else {
+		$sErrorNumber = '202' ;
+	}
+	$sFileName	=~ s/"/\\"/g;
+
+	SendUploadResults($sErrorNumber, $GLOBALS{'UserFilesPath'}.$resourceType.$currentFolder.$sFileName, $sFileName, '');
+}
+
+sub SendUploadResults
+{
+
+	local($sErrorNumber, $sFileUrl, $sFileName, $customMsg) = @_;
+
+	# Minified version of the document.domain automatic fix script (#1919).
+	# The original script can be found at _dev/domain_fix_template.js
+	# Note: in Perl replace \ with \\ and $ with \$
+	print <<EOF;
+Content-type: text/html
+
+<script type="text/javascript">
+(function(){var d=document.domain;while (true){try{var A=window.parent.document.domain;break;}catch(e) {};d=d.replace(/.*?(?:\\.|\$)/,'');if (d.length==0) break;try{document.domain=d;}catch (e){break;}}})();
+
+EOF
+	print 'window.parent.OnUploadCompleted(' . $sErrorNumber . ',"' . JS_cnv($sFileUrl) . '","' . JS_cnv($sFileName) . '","' . JS_cnv($customMsg) . '") ;';
+	print '</script>';
+	exit ;
+}
+
+1;
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/perl/config.pl	Mon Sep 14 02:47:11 2009 +0200
@@ -0,0 +1,39 @@
+#####
+#  FCKeditor - The text editor for Internet - http://www.fckeditor.net
+#  Copyright (C) 2003-2009 Frederico Caldeira Knabben
+#
+#  == BEGIN LICENSE ==
+#
+#  Licensed under the terms of any of the following licenses at your
+#  choice:
+#
+#   - GNU General Public License Version 2 or later (the "GPL")
+#     http://www.gnu.org/licenses/gpl.html
+#
+#   - GNU Lesser General Public License Version 2.1 or later (the "LGPL")
+#     http://www.gnu.org/licenses/lgpl.html
+#
+#   - Mozilla Public License Version 1.1 or later (the "MPL")
+#     http://www.mozilla.org/MPL/MPL-1.1.html
+#
+#  == END LICENSE ==
+#
+#  This is the File Manager Connector for Perl.
+#####
+
+##
+# SECURITY: REMOVE/COMMENT THE FOLLOWING LINE TO ENABLE THIS CONNECTOR.
+##
+&SendError( 1, 'This connector is disabled. Please check the "editor/filemanager/connectors/perl/config.cgi" file' ) ;
+
+$GLOBALS{'UserFilesPath'} = '/userfiles/';
+
+# Map the "UserFiles" path to a local directory.
+$rootpath = &GetRootPath();
+$GLOBALS{'UserFilesDirectory'} = $rootpath . $GLOBALS{'UserFilesPath'};
+
+%allowedExtensions =  ("File", "7z|aiff|asf|avi|bmp|csv|doc|fla|flv|gif|gz|gzip|jpeg|jpg|mid|mov|mp3|mp4|mpc|mpeg|mpg|ods|odt|pdf|png|ppt|pxd|qt|ram|rar|rm|rmi|rmvb|rtf|sdc|sitd|swf|sxc|sxw|tar|tgz|tif|tiff|txt|vsd|wav|wma|wmv|xls|xml|zip",
+"Image", "bmp|gif|jpeg|jpg|png",
+"Flash", "swf|flv",
+"Media", "aiff|asf|avi|bmp|fla|flv|gif|jpeg|jpg|mid|mov|mp3|mp4|mpc|mpeg|mpg|png|qt|ram|rm|rmi|rmvb|swf|tif|tiff|wav|wma|wmv"
+);
--- a/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/perl/connector.cgi	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/perl/connector.cgi	Mon Sep 14 02:47:11 2009 +0200
@@ -1,136 +1,129 @@
-#!/usr/bin/env perl
-
-#####
-#  FCKeditor - The text editor for Internet - http://www.fckeditor.net
-#  Copyright (C) 2003-2009 Frederico Caldeira Knabben
-#
-#  == BEGIN LICENSE ==
-#
-#  Licensed under the terms of any of the following licenses at your
-#  choice:
-#
-#   - GNU General Public License Version 2 or later (the "GPL")
-#     http://www.gnu.org/licenses/gpl.html
-#
-#   - GNU Lesser General Public License Version 2.1 or later (the "LGPL")
-#     http://www.gnu.org/licenses/lgpl.html
-#
-#   - Mozilla Public License Version 1.1 or later (the "MPL")
-#     http://www.mozilla.org/MPL/MPL-1.1.html
-#
-#  == END LICENSE ==
-#
-#  This is the File Manager Connector for Perl.
-#####
-
-##
-# ATTENTION: To enable this connector, look for the "SECURITY" comment in this file.
-##
-
-## START: Hack for Windows (Not important to understand the editor code... Perl specific).
-if(Windows_check()) {
-	chdir(GetScriptPath($0));
-}
-
-sub Windows_check
-{
-	# IIS,PWS(NT/95)
-	$www_server_os = $^O;
-	# Win98 & NT(SP4)
-	if($www_server_os eq "") { $www_server_os= $ENV{'OS'}; }
-	# AnHTTPd/Omni/IIS
-	if($ENV{'SERVER_SOFTWARE'} =~ /AnWeb|Omni|IIS\//i) { $www_server_os= 'win'; }
-	# Win Apache
-	if($ENV{'WINDIR'} ne "") { $www_server_os= 'win'; }
-	if($www_server_os=~ /win/i) { return(1); }
-	return(0);
-}
-
-sub GetScriptPath {
-	local($path) = @_;
-	if($path =~ /[\:\/\\]/) { $path =~ s/(.*?)[\/\\][^\/\\]+$/$1/; } else { $path = '.'; }
-	$path;
-}
-## END: Hack for IIS
-
-require 'util.pl';
-require 'io.pl';
-require 'basexml.pl';
-require 'commands.pl';
-require 'upload_fck.pl';
-
-##
-# SECURITY: REMOVE/COMMENT THE FOLLOWING LINE TO ENABLE THIS CONNECTOR.
-##
-	&SendError( 1, 'This connector is disabled. Please check the "editor/filemanager/connectors/perl/connector.cgi" file' ) ;
-
-	&read_input();
-
-	if($FORM{'ServerPath'} ne "") {
-		$GLOBALS{'UserFilesPath'} = $FORM{'ServerPath'};
-		if(!($GLOBALS{'UserFilesPath'} =~ /\/$/)) {
-			$GLOBALS{'UserFilesPath'} .= '/' ;
-		}
-	} else {
-		$GLOBALS{'UserFilesPath'} = '/userfiles/';
-	}
-
-	# Map the "UserFiles" path to a local directory.
-	$rootpath = &GetRootPath();
-	$GLOBALS{'UserFilesDirectory'} = $rootpath . $GLOBALS{'UserFilesPath'};
-
-	&DoResponse();
-
-sub DoResponse
-{
-
-	if($FORM{'Command'} eq "" || $FORM{'Type'} eq "" || $FORM{'CurrentFolder'} eq "") {
-		return ;
-	}
-	# Get the main request informaiton.
-	$sCommand		= $FORM{'Command'};
-	$sResourceType	= $FORM{'Type'};
-	$sCurrentFolder	= $FORM{'CurrentFolder'};
-
-	# Check the current folder syntax (must begin and start with a slash).
-	if(!($sCurrentFolder =~ /\/$/)) {
-		$sCurrentFolder .= '/';
-	}
-	if(!($sCurrentFolder =~ /^\//)) {
-		$sCurrentFolder = '/' . $sCurrentFolder;
-	}
-
-	# Check for invalid folder paths (..)
-	if ( $sCurrentFolder =~ /(?:\.\.|\\)/ ) {
-		SendError( 102, "" ) ;
-	}
-
-	# File Upload doesn't have to Return XML, so it must be intercepted before anything.
-	if($sCommand eq 'FileUpload') {
-		FileUpload($sResourceType,$sCurrentFolder);
-		return ;
-	}
-
-	print << "_HTML_HEAD_";
-Content-Type:text/xml; charset=utf-8
-Pragma: no-cache
-Cache-Control: no-cache
-Expires: Thu, 01 Dec 1994 16:00:00 GMT
-
-_HTML_HEAD_
-
-	&CreateXmlHeader($sCommand,$sResourceType,$sCurrentFolder);
-
-	# Execute the required command.
-	if($sCommand eq 'GetFolders') {
-		&GetFolders($sResourceType,$sCurrentFolder);
-	} elsif($sCommand eq 'GetFoldersAndFiles') {
-		&GetFoldersAndFiles($sResourceType,$sCurrentFolder);
-	} elsif($sCommand eq 'CreateFolder') {
-		&CreateFolder($sResourceType,$sCurrentFolder);
-	}
-
-	&CreateXmlFooter();
-
-	exit ;
-}
+#!/usr/bin/env perl
+
+#####
+#  FCKeditor - The text editor for Internet - http://www.fckeditor.net
+#  Copyright (C) 2003-2009 Frederico Caldeira Knabben
+#
+#  == BEGIN LICENSE ==
+#
+#  Licensed under the terms of any of the following licenses at your
+#  choice:
+#
+#   - GNU General Public License Version 2 or later (the "GPL")
+#     http://www.gnu.org/licenses/gpl.html
+#
+#   - GNU Lesser General Public License Version 2.1 or later (the "LGPL")
+#     http://www.gnu.org/licenses/lgpl.html
+#
+#   - Mozilla Public License Version 1.1 or later (the "MPL")
+#     http://www.mozilla.org/MPL/MPL-1.1.html
+#
+#  == END LICENSE ==
+#
+#  This is the File Manager Connector for Perl.
+#####
+
+##
+# ATTENTION: To enable this connector, look for the "SECURITY" comment in config.pl.
+##
+
+## START: Hack for Windows (Not important to understand the editor code... Perl specific).
+if(Windows_check()) {
+	chdir(GetScriptPath($0));
+}
+
+sub Windows_check
+{
+	# IIS,PWS(NT/95)
+	$www_server_os = $^O;
+	# Win98 & NT(SP4)
+	if($www_server_os eq "") { $www_server_os= $ENV{'OS'}; }
+	# AnHTTPd/Omni/IIS
+	if($ENV{'SERVER_SOFTWARE'} =~ /AnWeb|Omni|IIS\//i) { $www_server_os= 'win'; }
+	# Win Apache
+	if($ENV{'WINDIR'} ne "") { $www_server_os= 'win'; }
+	if($www_server_os=~ /win/i) { return(1); }
+	return(0);
+}
+
+sub GetScriptPath {
+	local($path) = @_;
+	if($path =~ /[\:\/\\]/) { $path =~ s/(.*?)[\/\\][^\/\\]+$/$1/; } else { $path = '.'; }
+	$path;
+}
+## END: Hack for IIS
+
+require 'util.pl';
+require 'io.pl';
+require 'basexml.pl';
+require 'commands.pl';
+require 'upload_fck.pl';
+require 'config.pl';
+
+&read_input();
+&DoResponse();
+
+sub DoResponse
+{
+
+	if($FORM{'Command'} eq "" || $FORM{'Type'} eq "" || $FORM{'CurrentFolder'} eq "") {
+		return ;
+	}
+	# Get the main request informaiton.
+	$sCommand		= &specialchar_cnv($FORM{'Command'});
+	$sResourceType	= &specialchar_cnv($FORM{'Type'});
+	$sCurrentFolder	= $FORM{'CurrentFolder'};
+
+	if ( !($sCommand =~ /^(FileUpload|GetFolders|GetFoldersAndFiles|CreateFolder)$/) ) {
+		SendError( 1, "Command not allowed" ) ;
+	}
+
+	if ( !($sResourceType =~ /^(File|Image|Flash|Media)$/) ) {
+		SendError( 1, "Invalid type specified" ) ;
+	}
+
+	# Check the current folder syntax (must begin and start with a slash).
+	if(!($sCurrentFolder =~ /\/$/)) {
+		$sCurrentFolder .= '/';
+	}
+	if(!($sCurrentFolder =~ /^\//)) {
+		$sCurrentFolder = '/' . $sCurrentFolder;
+	}
+
+	# Check for invalid folder paths (..)
+	if ( $sCurrentFolder =~ /(?:\.\.|\\)/ ) {
+		SendError( 102, "" ) ;
+	}
+	if ( $sCurrentFolder =~ /(\/\.)|[[:cntrl:]]|(\/\/)|(\\\\)|([\:\*\?\"\<\>\|])/ ) {
+		SendError( 102, "" ) ;
+	}
+
+	# File Upload doesn't have to Return XML, so it must be intercepted before anything.
+	if($sCommand eq 'FileUpload') {
+		FileUpload($sResourceType,$sCurrentFolder);
+		return ;
+	}
+
+	print << "_HTML_HEAD_";
+Content-Type:text/xml; charset=utf-8
+Pragma: no-cache
+Cache-Control: no-cache
+Expires: Thu, 01 Dec 1994 16:00:00 GMT
+
+_HTML_HEAD_
+
+	&CreateXmlHeader($sCommand,$sResourceType,$sCurrentFolder);
+
+	# Execute the required command.
+	if($sCommand eq 'GetFolders') {
+		&GetFolders($sResourceType,$sCurrentFolder);
+	} elsif($sCommand eq 'GetFoldersAndFiles') {
+		&GetFoldersAndFiles($sResourceType,$sCurrentFolder);
+	} elsif($sCommand eq 'CreateFolder') {
+		&CreateFolder($sResourceType,$sCurrentFolder);
+	}
+
+	&CreateXmlFooter();
+
+	exit ;
+}
--- a/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/perl/io.pl	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/perl/io.pl	Mon Sep 14 02:47:11 2009 +0200
@@ -1,141 +1,141 @@
-#####
-#  FCKeditor - The text editor for Internet - http://www.fckeditor.net
-#  Copyright (C) 2003-2009 Frederico Caldeira Knabben
-#
-#  == BEGIN LICENSE ==
-#
-#  Licensed under the terms of any of the following licenses at your
-#  choice:
-#
-#   - GNU General Public License Version 2 or later (the "GPL")
-#     http://www.gnu.org/licenses/gpl.html
-#
-#   - GNU Lesser General Public License Version 2.1 or later (the "LGPL")
-#     http://www.gnu.org/licenses/lgpl.html
-#
-#   - Mozilla Public License Version 1.1 or later (the "MPL")
-#     http://www.mozilla.org/MPL/MPL-1.1.html
-#
-#  == END LICENSE ==
-#
-#  This is the File Manager Connector for Perl.
-#####
-
-sub GetUrlFromPath
-{
-	local($resourceType, $folderPath) = @_;
-
-	if($resourceType eq '') {
-		$rmpath = &RemoveFromEnd($GLOBALS{'UserFilesPath'},'/');
-		return("$rmpath$folderPath");
-	} else {
-		return("$GLOBALS{'UserFilesPath'}$resourceType$folderPath");
-	}
-}
-
-sub RemoveExtension
-{
-	local($fileName) = @_;
-	local($path, $base, $ext);
-	if($fileName !~ /\./) {
-		$fileName .= '.';
-	}
-	if($fileName =~ /([^\\\/]*)\.(.*)$/) {
-		$base = $1;
-		$ext  = $2;
-		if($fileName =~ /(.*)$base\.$ext$/) {
-			$path = $1;
-		}
-	}
-	return($path,$base,$ext);
-
-}
-
-sub ServerMapFolder
-{
-	local($resourceType,$folderPath) = @_;
-
-	# Get the resource type directory.
-	$sResourceTypePath = $GLOBALS{'UserFilesDirectory'} . $resourceType . '/';
-
-	# Ensure that the directory exists.
-	&CreateServerFolder($sResourceTypePath);
-
-	# Return the resource type directory combined with the required path.
-	$rmpath = &RemoveFromStart($folderPath,'/');
-	return("$sResourceTypePath$rmpath");
-}
-
-sub GetParentFolder
-{
-	local($folderPath) = @_;
-
-	$folderPath =~ s/[\/][^\/]+[\/]?$//g;
-	return $folderPath;
-}
-
-sub CreateServerFolder
-{
-	local($folderPath) = @_;
-
-	$sParent = &GetParentFolder($folderPath);
-	# Check if the parent exists, or create it.
-	if(!(-e $sParent)) {
-		$sErrorMsg = &CreateServerFolder($sParent);
-		if($sErrorMsg == 1) {
-			return(1);
-		}
-	}
-	if(!(-e $folderPath)) {
-		if (defined $CHMOD_ON_FOLDER_CREATE && !$CHMOD_ON_FOLDER_CREATE) {
-			mkdir("$folderPath");
-		}
-		else {
-			umask(000);
-			if (defined $CHMOD_ON_FOLDER_CREATE) {
-				mkdir("$folderPath",$CHMOD_ON_FOLDER_CREATE);
-			}
-			else {
-				mkdir("$folderPath",0777);
-			}
-		}
-
-		return(0);
-	} else {
-		return(1);
-	}
-}
-
-sub GetRootPath
-{
-#use Cwd;
-
-#	my $dir = getcwd;
-#	print $dir;
-#	$dir  =~ s/$ENV{'DOCUMENT_ROOT'}//g;
-#	print $dir;
-#	return($dir);
-
-#	$wk = $0;
-#	$wk =~ s/\/connector\.cgi//g;
-#	if($wk) {
-#		$current_dir = $wk;
-#	} else {
-#		$current_dir = `pwd`;
-#	}
-#	return($current_dir);
-use Cwd;
-
-	if($ENV{'DOCUMENT_ROOT'}) {
-		$dir = $ENV{'DOCUMENT_ROOT'};
-	} else {
-		my $dir = getcwd;
-		$workdir =~ s/\/connector\.cgi//g;
-		$dir  =~ s/$workdir//g;
-	}
-	return($dir);
-
-
-
-}
-1;
+#####
+#  FCKeditor - The text editor for Internet - http://www.fckeditor.net
+#  Copyright (C) 2003-2009 Frederico Caldeira Knabben
+#
+#  == BEGIN LICENSE ==
+#
+#  Licensed under the terms of any of the following licenses at your
+#  choice:
+#
+#   - GNU General Public License Version 2 or later (the "GPL")
+#     http://www.gnu.org/licenses/gpl.html
+#
+#   - GNU Lesser General Public License Version 2.1 or later (the "LGPL")
+#     http://www.gnu.org/licenses/lgpl.html
+#
+#   - Mozilla Public License Version 1.1 or later (the "MPL")
+#     http://www.mozilla.org/MPL/MPL-1.1.html
+#
+#  == END LICENSE ==
+#
+#  This is the File Manager Connector for Perl.
+#####
+
+sub GetUrlFromPath
+{
+	local($resourceType, $folderPath) = @_;
+
+	if($resourceType eq '') {
+		$rmpath = &RemoveFromEnd($GLOBALS{'UserFilesPath'},'/');
+		return("$rmpath$folderPath");
+	} else {
+		return("$GLOBALS{'UserFilesPath'}$resourceType$folderPath");
+	}
+}
+
+sub RemoveExtension
+{
+	local($fileName) = @_;
+	local($path, $base, $ext);
+	if($fileName !~ /\./) {
+		$fileName .= '.';
+	}
+	if($fileName =~ /([^\\\/]*)\.(.*)$/) {
+		$base = $1;
+		$ext  = $2;
+		if($fileName =~ /(.*)$base\.$ext$/) {
+			$path = $1;
+		}
+	}
+	return($path,$base,$ext);
+
+}
+
+sub ServerMapFolder
+{
+	local($resourceType,$folderPath) = @_;
+
+	# Get the resource type directory.
+	$sResourceTypePath = $GLOBALS{'UserFilesDirectory'} . $resourceType . '/';
+
+	# Ensure that the directory exists.
+	&CreateServerFolder($sResourceTypePath);
+
+	# Return the resource type directory combined with the required path.
+	$rmpath = &RemoveFromStart($folderPath,'/');
+	return("$sResourceTypePath$rmpath");
+}
+
+sub GetParentFolder
+{
+	local($folderPath) = @_;
+
+	$folderPath =~ s/[\/][^\/]+[\/]?$//g;
+	return $folderPath;
+}
+
+sub CreateServerFolder
+{
+	local($folderPath) = @_;
+
+	$sParent = &GetParentFolder($folderPath);
+	# Check if the parent exists, or create it.
+	if(!(-e $sParent)) {
+		$sErrorMsg = &CreateServerFolder($sParent);
+		if($sErrorMsg == 1) {
+			return(1);
+		}
+	}
+	if(!(-e $folderPath)) {
+		if (defined $CHMOD_ON_FOLDER_CREATE && !$CHMOD_ON_FOLDER_CREATE) {
+			mkdir("$folderPath");
+		}
+		else {
+			umask(000);
+			if (defined $CHMOD_ON_FOLDER_CREATE) {
+				mkdir("$folderPath",$CHMOD_ON_FOLDER_CREATE);
+			}
+			else {
+				mkdir("$folderPath",0777);
+			}
+		}
+
+		return(0);
+	} else {
+		return(1);
+	}
+}
+
+sub GetRootPath
+{
+#use Cwd;
+
+#	my $dir = getcwd;
+#	print $dir;
+#	$dir  =~ s/$ENV{'DOCUMENT_ROOT'}//g;
+#	print $dir;
+#	return($dir);
+
+#	$wk = $0;
+#	$wk =~ s/\/connector\.cgi//g;
+#	if($wk) {
+#		$current_dir = $wk;
+#	} else {
+#		$current_dir = `pwd`;
+#	}
+#	return($current_dir);
+use Cwd;
+
+	if($ENV{'DOCUMENT_ROOT'}) {
+		$dir = $ENV{'DOCUMENT_ROOT'};
+	} else {
+		my $dir = getcwd;
+		$workdir =~ s/\/connector\.cgi//g;
+		$dir  =~ s/$workdir//g;
+	}
+	return($dir);
+
+
+
+}
+1;
--- a/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/perl/upload.cgi	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/perl/upload.cgi	Mon Sep 14 02:47:11 2009 +0200
@@ -1,117 +1,87 @@
-#!/usr/bin/env perl
-
-#####
-#  FCKeditor - The text editor for Internet - http://www.fckeditor.net
-#  Copyright (C) 2003-2009 Frederico Caldeira Knabben
-#
-#  == BEGIN LICENSE ==
-#
-#  Licensed under the terms of any of the following licenses at your
-#  choice:
-#
-#   - GNU General Public License Version 2 or later (the "GPL")
-#     http://www.gnu.org/licenses/gpl.html
-#
-#   - GNU Lesser General Public License Version 2.1 or later (the "LGPL")
-#     http://www.gnu.org/licenses/lgpl.html
-#
-#   - Mozilla Public License Version 1.1 or later (the "MPL")
-#     http://www.mozilla.org/MPL/MPL-1.1.html
-#
-#  == END LICENSE ==
-#
-#  This is the File Manager Connector for Perl.
-#####
-
-##
-# ATTENTION: To enable this connector, look for the "SECURITY" comment in this file.
-##
-
-## START: Hack for Windows (Not important to understand the editor code... Perl specific).
-if(Windows_check()) {
-	chdir(GetScriptPath($0));
-}
-
-sub Windows_check
-{
-	# IIS,PWS(NT/95)
-	$www_server_os = $^O;
-	# Win98 & NT(SP4)
-	if($www_server_os eq "") { $www_server_os= $ENV{'OS'}; }
-	# AnHTTPd/Omni/IIS
-	if($ENV{'SERVER_SOFTWARE'} =~ /AnWeb|Omni|IIS\//i) { $www_server_os= 'win'; }
-	# Win Apache
-	if($ENV{'WINDIR'} ne "") { $www_server_os= 'win'; }
-	if($www_server_os=~ /win/i) { return(1); }
-	return(0);
-}
-
-sub GetScriptPath {
-	local($path) = @_;
-	if($path =~ /[\:\/\\]/) { $path =~ s/(.*?)[\/\\][^\/\\]+$/$1/; } else { $path = '.'; }
-	$path;
-}
-## END: Hack for IIS
-
-require 'util.pl';
-require 'io.pl';
-require 'basexml.pl';
-require 'commands.pl';
-require 'upload_fck.pl';
-
-##
-# SECURITY: REMOVE/COMMENT THE FOLLOWING LINE TO ENABLE THIS CONNECTOR.
-##
-	&SendUploadResults(1, '', '', 'This connector is disabled. Please check the "editor/filemanager/connectors/perl/upload.cgi" file' ) ;
-
-	&read_input();
-
-	if($FORM{'ServerPath'} ne "") {
-		$GLOBALS{'UserFilesPath'} = $FORM{'ServerPath'};
-		if(!($GLOBALS{'UserFilesPath'} =~ /\/$/)) {
-			$GLOBALS{'UserFilesPath'} .= '/' ;
-		}
-	} else {
-		$GLOBALS{'UserFilesPath'} = '/userfiles/';
-	}
-
-	# Map the "UserFiles" path to a local directory.
-	$rootpath = &GetRootPath();
-	$GLOBALS{'UserFilesDirectory'} = $rootpath . $GLOBALS{'UserFilesPath'};
-
-	&DoResponse();
-
-sub DoResponse
-{
-	# Get the main request information.
-	$sCommand		= 'FileUpload'; #$FORM{'Command'};
-	$sResourceType	= $FORM{'Type'};
-	$sCurrentFolder	= $FORM{'CurrentFolder'};
-
-	if ($sResourceType eq '') {
-		$sResourceType = 'File' ;
-	}
-	if ($sCurrentFolder eq '') {
-		$sCurrentFolder = '/' ;
-	}
-
-	# Check the current folder syntax (must begin and start with a slash).
-	if(!($sCurrentFolder =~ /\/$/)) {
-		$sCurrentFolder .= '/';
-	}
-	if(!($sCurrentFolder =~ /^\//)) {
-		$sCurrentFolder = '/' . $sCurrentFolder;
-	}
-
-	# Check for invalid folder paths (..)
-	if ( $sCurrentFolder =~ /(?:\.\.|\\)/ ) {
-		SendError( 102, "" ) ;
-	}
-
-	# File Upload doesn't have to Return XML, so it must be intercepted before anything.
-	if($sCommand eq 'FileUpload') {
-		FileUpload($sResourceType,$sCurrentFolder);
-		return ;
-	}
-
-}
+#!/usr/bin/env perl
+
+#####
+#  FCKeditor - The text editor for Internet - http://www.fckeditor.net
+#  Copyright (C) 2003-2009 Frederico Caldeira Knabben
+#
+#  == BEGIN LICENSE ==
+#
+#  Licensed under the terms of any of the following licenses at your
+#  choice:
+#
+#   - GNU General Public License Version 2 or later (the "GPL")
+#     http://www.gnu.org/licenses/gpl.html
+#
+#   - GNU Lesser General Public License Version 2.1 or later (the "LGPL")
+#     http://www.gnu.org/licenses/lgpl.html
+#
+#   - Mozilla Public License Version 1.1 or later (the "MPL")
+#     http://www.mozilla.org/MPL/MPL-1.1.html
+#
+#  == END LICENSE ==
+#
+#  This is the File Manager Connector for Perl.
+#####
+
+##
+# ATTENTION: To enable this connector, look for the "SECURITY" comment in config.pl.
+##
+
+## START: Hack for Windows (Not important to understand the editor code... Perl specific).
+if(Windows_check()) {
+	chdir(GetScriptPath($0));
+}
+
+sub Windows_check
+{
+	# IIS,PWS(NT/95)
+	$www_server_os = $^O;
+	# Win98 & NT(SP4)
+	if($www_server_os eq "") { $www_server_os= $ENV{'OS'}; }
+	# AnHTTPd/Omni/IIS
+	if($ENV{'SERVER_SOFTWARE'} =~ /AnWeb|Omni|IIS\//i) { $www_server_os= 'win'; }
+	# Win Apache
+	if($ENV{'WINDIR'} ne "") { $www_server_os= 'win'; }
+	if($www_server_os=~ /win/i) { return(1); }
+	return(0);
+}
+
+sub GetScriptPath {
+	local($path) = @_;
+	if($path =~ /[\:\/\\]/) { $path =~ s/(.*?)[\/\\][^\/\\]+$/$1/; } else { $path = '.'; }
+	$path;
+}
+## END: Hack for IIS
+
+require 'util.pl';
+require 'io.pl';
+require 'basexml.pl';
+require 'commands.pl';
+require 'upload_fck.pl';
+require 'config.pl';
+
+&read_input();
+&DoResponse();
+
+sub DoResponse
+{
+	# Get the main request information.
+	$sCommand		= 'FileUpload';
+	$sResourceType	= &specialchar_cnv($FORM{'Type'});
+	$sCurrentFolder	= "/";
+
+	if ($sResourceType eq '') {
+		$sResourceType = 'File' ;
+	}
+
+	if ( !($sResourceType =~ /^(File|Image|Flash|Media)$/) ) {
+		SendError( 1, "Invalid type specified" ) ;
+	}
+
+	# File Upload doesn't have to Return XML, so it must be intercepted before anything.
+	if($sCommand eq 'FileUpload') {
+		FileUpload($sResourceType,$sCurrentFolder);
+		return ;
+	}
+
+}
--- a/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/perl/upload_fck.pl	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/perl/upload_fck.pl	Mon Sep 14 02:47:11 2009 +0200
@@ -1,686 +1,686 @@
-#####
-#  FCKeditor - The text editor for Internet - http://www.fckeditor.net
-#  Copyright (C) 2003-2009 Frederico Caldeira Knabben
-#
-#  == BEGIN LICENSE ==
-#
-#  Licensed under the terms of any of the following licenses at your
-#  choice:
-#
-#   - GNU General Public License Version 2 or later (the "GPL")
-#     http://www.gnu.org/licenses/gpl.html
-#
-#   - GNU Lesser General Public License Version 2.1 or later (the "LGPL")
-#     http://www.gnu.org/licenses/lgpl.html
-#
-#   - Mozilla Public License Version 1.1 or later (the "MPL")
-#     http://www.mozilla.org/MPL/MPL-1.1.html
-#
-#  == END LICENSE ==
-#
-#  This is the File Manager Connector for Perl.
-#####
-
-# image data save dir
-$img_dir	= './temp/';
-
-
-# File size max(unit KB)
-$MAX_CONTENT_SIZE =  30000;
-
-# After file is uploaded, sometimes it is required to change its permissions
-# so that it was possible to access it at the later time.
-# If possible, it is recommended to set more restrictive permissions, like 0755.
-# Set to 0 to disable this feature.
-$CHMOD_ON_UPLOAD = 0777;
-
-# See comments above.
-# Used when creating folders that does not exist.
-$CHMOD_ON_FOLDER_CREATE = 0755;
-
-# Filelock (1=use,0=not use)
-$PM{'flock'}		= '1';
-
-
-# upload Content-Type list
-my %UPLOAD_CONTENT_TYPE_LIST = (
-	'image/(x-)?png'						=>	'png',	# PNG image
-	'image/p?jpe?g'							=>	'jpg',	# JPEG image
-	'image/gif'								=>	'gif',	# GIF image
-	'image/x-xbitmap'						=>	'xbm',	# XBM image
-
-	'image/(x-(MS-)?)?bmp'					=>	'bmp',	# Windows BMP image
-	'image/pict'							=>	'pict',	# Macintosh PICT image
-	'image/tiff'							=>	'tif',	# TIFF image
-	'application/pdf'						=>	'pdf',	# PDF image
-	'application/x-shockwave-flash'			=>	'swf',	# Shockwave Flash
-
-	'video/(x-)?msvideo'					=>	'avi',	# Microsoft Video
-	'video/quicktime'						=>	'mov',	# QuickTime Video
-	'video/mpeg'							=>	'mpeg',	# MPEG Video
-	'video/x-mpeg2'							=>	'mpv2', # MPEG2 Video
-
-	'audio/(x-)?midi?'						=>	'mid',	# MIDI Audio
-	'audio/(x-)?wav'						=>	'wav',	# WAV Audio
-	'audio/basic'							=>	'au',	# ULAW Audio
-	'audio/mpeg'							=>	'mpga',	# MPEG Audio
-
-	'application/(x-)?zip(-compressed)?'	=>	'zip',	# ZIP Compress
-
-	'text/html'								=>	'html', # HTML
-	'text/plain'							=>	'txt',	# TEXT
-	'(?:application|text)/(?:rtf|richtext)'	=>	'rtf',	# RichText
-
-	'application/msword'					=>	'doc',	# Microsoft Word
-	'application/vnd.ms-excel'				=>	'xls',	# Microsoft Excel
-
-	''
-);
-
-# Upload is permitted.
-# A regular expression is possible.
-my %UPLOAD_EXT_LIST = (
-	'png'					=>	'PNG image',
-	'p?jpe?g|jpe|jfif|pjp'	=>	'JPEG image',
-	'gif'					=>	'GIF image',
-	'xbm'					=>	'XBM image',
-
-	'bmp|dib|rle'			=>	'Windows BMP image',
-	'pi?ct'					=>	'Macintosh PICT image',
-	'tiff?'					=>	'TIFF image',
-	'pdf'					=>	'PDF image',
-	'swf'					=>	'Shockwave Flash',
-
-	'avi'					=>	'Microsoft Video',
-	'moo?v|qt'				=>	'QuickTime Video',
-	'm(p(e?gv?|e|v)|1v)'	=>	'MPEG Video',
-	'mp(v2|2v)'				=>	'MPEG2 Video',
-
-	'midi?|kar|smf|rmi|mff'	=>	'MIDI Audio',
-	'wav'					=>	'WAVE Audio',
-	'au|snd'				=>	'ULAW Audio',
-	'mp(e?ga|2|a|3)|abs'	=>	'MPEG Audio',
-
-	'zip'					=>	'ZIP Compress',
-	'lzh'					=>	'LZH Compress',
-	'cab'					=>	'CAB Compress',
-
-	'd?html?'				=>	'HTML',
-	'rtf|rtx'				=>	'RichText',
-	'txt|text'				=>	'Text',
-
-	''
-);
-
-
-# sjis or euc
-my $CHARCODE = 'sjis';
-
-$TRANS_2BYTE_CODE = 0;
-
-##############################################################################
-# Summary
-#
-# Form Read input
-#
-# Parameters
-# Returns
-# Memo
-##############################################################################
-sub read_input
-{
-eval("use File::Copy;");
-eval("use File::Path;");
-
-	my ($FORM) = @_;
-
-	if (defined $CHMOD_ON_FOLDER_CREATE && !$CHMOD_ON_FOLDER_CREATE) {
-		mkdir("$img_dir");
-	}
-	else {
-		umask(000);
-		if (defined $CHMOD_ON_FOLDER_CREATE) {
-			mkdir("$img_dir",$CHMOD_ON_FOLDER_CREATE);
-		}
-		else {
-			mkdir("$img_dir",0777);
-		}
-	}
-
-	undef $img_data_exists;
-	undef @NEWFNAMES;
-	undef @NEWFNAME_DATA;
-
-	if($ENV{'CONTENT_LENGTH'} > 10000000 || $ENV{'CONTENT_LENGTH'} > $MAX_CONTENT_SIZE * 1024) {
-		&upload_error(
-			'Size Error',
-			sprintf(
-				"Transmitting size is too large.MAX <strong>%d KB</strong> Now Size <strong>%d KB</strong>(<strong>%d bytes</strong> Over)",
-				$MAX_CONTENT_SIZE,
-				int($ENV{'CONTENT_LENGTH'} / 1024),
-				$ENV{'CONTENT_LENGTH'} - $MAX_CONTENT_SIZE * 1024
-			)
-		);
-	}
-
-	my $Buffer;
-	if($ENV{'CONTENT_TYPE'} =~ /multipart\/form-data/) {
-		# METHOD POST only
-		return	unless($ENV{'CONTENT_LENGTH'});
-
-		binmode(STDIN);
-		# STDIN A pause character is detected.'(MacIE3.0 boundary of $ENV{'CONTENT_TYPE'} cannot be trusted.)
-		my $Boundary = <STDIN>;
-		$Boundary =~ s/\x0D\x0A//;
-		$Boundary = quotemeta($Boundary);
-		while(<STDIN>) {
-			if(/^\s*Content-Disposition:/i) {
-				my($name,$ContentType,$FileName);
-				# form data get
-				if(/\bname="([^"]+)"/i || /\bname=([^\s:;]+)/i) {
-					$name = $1;
-					$name	=~ tr/+/ /;
-					$name	=~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
-					&Encode(\$name);
-				}
-				if(/\bfilename="([^"]*)"/i || /\bfilename=([^\s:;]*)/i) {
-					$FileName = $1 || 'unknown';
-				}
-				# head read
-				while(<STDIN>) {
-					last	if(! /\w/);
-					if(/^\s*Content-Type:\s*"([^"]+)"/i || /^\s*Content-Type:\s*([^\s:;]+)/i) {
-						$ContentType = $1;
-					}
-				}
-				# body read
-				$value = "";
-				while(<STDIN>) {
-					last	if(/^$Boundary/o);
-					$value .= $_;
-				};
-				$lastline = $_;
-				$value =~s /\x0D\x0A$//;
-				if($value ne '') {
-					if($FileName || $ContentType) {
-						$img_data_exists = 1;
-						(
-							$FileName,		#
-							$Ext,			#
-							$Length,		#
-							$ImageWidth,	#
-							$ImageHeight,	#
-							$ContentName	#
-						) = &CheckContentType(\$value,$FileName,$ContentType);
-
-						$FORM{$name}	= $FileName;
-						$new_fname		= $FileName;
-						push(@NEWFNAME_DATA,"$FileName\t$Ext\t$Length\t$ImageWidth\t$ImageHeight\t$ContentName");
-
-						# Multi-upload correspondence
-						push(@NEWFNAMES,$new_fname);
-						open(OUT,">$img_dir/$new_fname");
-						binmode(OUT);
-						eval "flock(OUT,2);" if($PM{'flock'} == 1);
-						print OUT $value;
-						eval "flock(OUT,8);" if($PM{'flock'} == 1);
-						close(OUT);
-
-					} elsif($name) {
-						$value	=~ tr/+/ /;
-						$value	=~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
-						&Encode(\$value,'trans');
-						$FORM{$name} .= "\0"			if(defined($FORM{$name}));
-						$FORM{$name} .= $value;
-					}
-				}
-			};
-			last if($lastline =~ /^$Boundary\-\-/o);
-		}
-	} elsif($ENV{'CONTENT_LENGTH'}) {
-		read(STDIN,$Buffer,$ENV{'CONTENT_LENGTH'});
-	}
-	foreach(split(/&/,$Buffer),split(/&/,$ENV{'QUERY_STRING'})) {
-		my($name, $value) = split(/=/);
-		$name	=~ tr/+/ /;
-		$name	=~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
-		$value	=~ tr/+/ /;
-		$value	=~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
-
-		&Encode(\$name);
-		&Encode(\$value,'trans');
-		$FORM{$name} .= "\0"			if(defined($FORM{$name}));
-		$FORM{$name} .= $value;
-
-	}
-
-}
-
-##############################################################################
-# Summary
-#
-#	CheckContentType
-#
-# Parameters
-# Returns
-# Memo
-##############################################################################
-sub CheckContentType
-{
-
-	my($DATA,$FileName,$ContentType) = @_;
-	my($Ext,$ImageWidth,$ImageHeight,$ContentName,$Infomation);
-	my $DataLength = length($$DATA);
-
-	# An unknown file type
-
-	$_ = $ContentType;
-	my $UnknownType = (
-		!$_
-		|| /^application\/(x-)?macbinary$/i
-		|| /^application\/applefile$/i
-		|| /^application\/octet-stream$/i
-		|| /^text\/plane$/i
-		|| /^x-unknown-content-type/i
-	);
-
-	# MacBinary(Mac Unnecessary data are deleted.)
-	if($UnknownType || $ENV{'HTTP_USER_AGENT'} =~ /Macintosh|Mac_/) {
-		if($DataLength > 128 && !unpack("C",substr($$DATA,0,1)) && !unpack("C",substr($$DATA,74,1)) && !unpack("C",substr($$DATA,82,1)) ) {
-			my $MacBinary_ForkLength = unpack("N", substr($$DATA, 83, 4));		# ForkLength Get
-			my $MacBinary_FileName = quotemeta(substr($$DATA, 2, unpack("C",substr($$DATA, 1, 1))));
-			if($MacBinary_FileName && $MacBinary_ForkLength && $DataLength >= $MacBinary_ForkLength + 128
-					&& ($FileName =~ /$MacBinary_FileName/i || substr($$DATA,102,4) eq 'mBIN')) {	# DATA TOP 128byte MacBinary!!
-				$$DATA				= substr($$DATA,128,$MacBinary_ForkLength);
-				my $ResourceLength	= $DataLength - $MacBinary_ForkLength - 128;
-				$DataLength			= $MacBinary_ForkLength;
-			}
-		}
-	}
-
-	# A file name is changed into EUC.
-#	&jcode::convert(\$FileName,'euc',$FormCodeDefault);
-#	&jcode::h2z_euc(\$FileName);
-	$FileName =~ s/^.*\\//;					# Windows, Mac
-	$FileName =~ s/^.*\///;					# UNIX
-	$FileName =~ s/&/&amp;/g;
-	$FileName =~ s/"/&quot;/g;
-	$FileName =~ s/</&lt;/g;
-	$FileName =~ s/>/&gt;/g;
-#
-#	if($CHARCODE ne 'euc') {
-#		&jcode::convert(\$FileName,$CHARCODE,'euc');
-#	}
-
-	# An extension is extracted and it changes into a small letter.
-	my $FileExt;
-	if($FileName =~ /\.(\w+)$/) {
-		$FileExt = $1;
-		$FileExt =~ tr/A-Z/a-z/;
-	}
-
-	# Executable file detection (ban on upload)
-	if($$DATA =~ /^MZ/) {
-		$Ext = 'exe';
-	}
-	# text
-	if(!$Ext && ($UnknownType || $ContentType =~ /^text\//i || $ContentType =~ /^application\/(?:rtf|richtext)$/i || $ContentType =~ /^image\/x-xbitmap$/i)
-				&& ! $$DATA =~ /[\000-\006\177\377]/) {
-#		$$DATA =~ s/\x0D\x0A/\n/g;
-#		$$DATA =~ tr/\x0D\x0A/\n\n/;
-#
-#		if(
-#			$$DATA =~ /<\s*SCRIPT(?:.|\n)*?>/i
-#				|| $$DATA =~ /<\s*(?:.|\n)*?\bONLOAD\s*=(?:.|\n)*?>/i
-#				|| $$DATA =~ /<\s*(?:.|\n)*?\bONCLICK\s*=(?:.|\n)*?>/i
-#				) {
-#			$Infomation = '(JavaScript contains)';
-#		}
-#		if($$DATA =~ /<\s*TABLE(?:.|\n)*?>/i
-#				|| $$DATA =~ /<\s*BLINK(?:.|\n)*?>/i
-#				|| $$DATA =~ /<\s*MARQUEE(?:.|\n)*?>/i
-#				|| $$DATA =~ /<\s*OBJECT(?:.|\n)*?>/i
-#				|| $$DATA =~ /<\s*EMBED(?:.|\n)*?>/i
-#				|| $$DATA =~ /<\s*FRAME(?:.|\n)*?>/i
-#				|| $$DATA =~ /<\s*APPLET(?:.|\n)*?>/i
-#				|| $$DATA =~ /<\s*FORM(?:.|\n)*?>/i
-#				|| $$DATA =~ /<\s*(?:.|\n)*?\bSRC\s*=(?:.|\n)*?>/i
-#				|| $$DATA =~ /<\s*(?:.|\n)*?\bDYNSRC\s*=(?:.|\n)*?>/i
-#				) {
-#			$Infomation = '(the HTML tag which is not safe is included)';
-#		}
-
-		if($FileExt =~ /^txt$/i || $FileExt =~ /^cgi$/i || $FileExt =~ /^pl$/i) {								# Text File
-			$Ext = 'txt';
-		} elsif($ContentType =~ /^text\/html$/i || $FileExt =~ /html?/i || $$DATA =~ /<\s*HTML(?:.|\n)*?>/i) {	# HTML File
-			$Ext = 'html';
-		} elsif($ContentType =~ /^image\/x-xbitmap$/i || $FileExt =~ /^xbm$/i) {								# XBM(x-BitMap) Image
-			my $XbmName = $1;
-			my ($XbmWidth, $XbmHeight);
-			if($$DATA =~ /\#define\s*$XbmName\_width\s*(\d+)/i) {
-				$XbmWidth = $1;
-			}
-			if($$DATA =~ /\#define\s*$XbmName\_height\s*(\d+)/i) {
-				$XbmHeight = $1;
-			}
-			if($XbmWidth && $XbmHeight) {
-				$Ext = 'xbm';
-				$ImageWidth		= $XbmWidth;
-				$ImageHeight	= $XbmHeight;
-			}
-		} else {		#
-			$Ext = 'txt';
-		}
-	}
-
-	# image
-	if(!$Ext && ($UnknownType || $ContentType =~ /^image\//i)) {
-		# PNG
-		if($$DATA =~ /^\x89PNG\x0D\x0A\x1A\x0A/) {
-			if(substr($$DATA, 12, 4) eq 'IHDR') {
-				$Ext = 'png';
-				($ImageWidth, $ImageHeight) = unpack("N2", substr($$DATA, 16, 8));
-			}
-		} elsif($$DATA =~ /^GIF8(?:9|7)a/) {															# GIF89a(modified), GIF89a, GIF87a
-			$Ext = 'gif';
-			($ImageWidth, $ImageHeight) = unpack("v2", substr($$DATA, 6, 4));
-		} elsif($$DATA =~ /^II\x2a\x00\x08\x00\x00\x00/ || $$DATA =~ /^MM\x00\x2a\x00\x00\x00\x08/) {	# TIFF
-			$Ext = 'tif';
-		} elsif($$DATA =~ /^BM/) {																		# BMP
-			$Ext = 'bmp';
-		} elsif($$DATA =~ /^\xFF\xD8\xFF/ || $$DATA =~ /JFIF/) {										# JPEG
-			my $HeaderPoint = index($$DATA, "\xFF\xD8\xFF", 0);
-			my $Point = $HeaderPoint + 2;
-			while($Point < $DataLength) {
-				my($Maker, $MakerType, $MakerLength) = unpack("C2n",substr($$DATA,$Point,4));
-				if($Maker != 0xFF || $MakerType == 0xd9 || $MakerType == 0xda) {
-					last;
-				} elsif($MakerType >= 0xC0 && $MakerType <= 0xC3) {
-					$Ext = 'jpg';
-					($ImageHeight, $ImageWidth) = unpack("n2", substr($$DATA, $Point + 5, 4));
-					if($HeaderPoint > 0) {
-						$$DATA = substr($$DATA, $HeaderPoint);
-						$DataLength = length($$DATA);
-					}
-					last;
-				} else {
-					$Point += $MakerLength + 2;
-				}
-			}
-		}
-	}
-
-	# audio
-	if(!$Ext && ($UnknownType || $ContentType =~ /^audio\//i)) {
-		# MIDI Audio
-		if($$DATA =~ /^MThd/) {
-			$Ext = 'mid';
-		} elsif($$DATA =~ /^\x2esnd/) {		# ULAW Audio
-			$Ext = 'au';
-		} elsif($$DATA =~ /^RIFF/ || $$DATA =~ /^ID3/ && $$DATA =~ /RIFF/) {
-			my $HeaderPoint = index($$DATA, "RIFF", 0);
-			$_ = substr($$DATA, $HeaderPoint + 8, 8);
-			if(/^WAVEfmt $/) {
-				# WAVE
-				if(unpack("V",substr($$DATA, $HeaderPoint + 16, 4)) == 16) {
-					$Ext = 'wav';
-				} else {					# RIFF WAVE MP3
-					$Ext = 'mp3';
-				}
-			} elsif(/^RMIDdata$/) {			# RIFF MIDI
-				$Ext = 'rmi';
-			} elsif(/^RMP3data$/) {			# RIFF MP3
-				$Ext = 'rmp';
-			}
-			if($ContentType =~ /^audio\//i) {
-				$Infomation .= '(RIFF '. substr($$DATA, $HeaderPoint + 8, 4). ')';
-			}
-		}
-	}
-
-	# a binary file
-	unless ($Ext) {
-		# PDF image
-		if($$DATA =~ /^\%PDF/) {
-			# Picture size is not measured.
-			$Ext = 'pdf';
-		} elsif($$DATA =~ /^FWS/) {		# Shockwave Flash
-			$Ext = 'swf';
-		} elsif($$DATA =~ /^RIFF/ || $$DATA =~ /^ID3/ && $$DATA =~ /RIFF/) {
-			my $HeaderPoint = index($$DATA, "RIFF", 0);
-			$_ = substr($$DATA,$HeaderPoint + 8, 8);
-			# AVI
-			if(/^AVI LIST$/) {
-				$Ext = 'avi';
-			}
-			if($ContentType =~ /^video\//i) {
-				$Infomation .= '(RIFF '. substr($$DATA, $HeaderPoint + 8, 4). ')';
-			}
-		} elsif($$DATA =~ /^PK/) {			# ZIP Compress File
-			$Ext = 'zip';
-		} elsif($$DATA =~ /^MSCF/) {		# CAB Compress File
-			$Ext = 'cab';
-		} elsif($$DATA =~ /^Rar\!/) {		# RAR Compress File
-			$Ext = 'rar';
-		} elsif(substr($$DATA, 2, 5) =~ /^\-lh(\d+|d)\-$/) {		# LHA Compress File
-			$Infomation .= "(lh$1)";
-			$Ext = 'lzh';
-		} elsif(substr($$DATA, 325, 25) eq "Apple Video Media Handler" || substr($$DATA, 325, 30) eq "Apple \x83\x72\x83\x66\x83\x49\x81\x45\x83\x81\x83\x66\x83\x42\x83\x41\x83\x6E\x83\x93\x83\x68\x83\x89") {
-			# QuickTime
-			$Ext = 'mov';
-		}
-	}
-
-	# Header analysis failure
-	unless ($Ext) {
-		# It will be followed if it applies for the MIME type from the browser.
-		foreach (keys %UPLOAD_CONTENT_TYPE_LIST) {
-			next unless ($_);
-			if($ContentType =~ /^$_$/i) {
-				$Ext = $UPLOAD_CONTENT_TYPE_LIST{$_};
-				$ContentName = &CheckContentExt($Ext);
-				if(
-					grep {$_ eq $Ext;} (
-						'png',
-						'gif',
-						'jpg',
-						'xbm',
-						'tif',
-						'bmp',
-						'pdf',
-						'swf',
-						'mov',
-						'zip',
-						'cab',
-						'lzh',
-						'rar',
-						'mid',
-						'rmi',
-						'au',
-						'wav',
-						'avi',
-						'exe'
-					)
-				) {
-					$Infomation .= ' / Header analysis failure';
-				}
-				if($Ext ne $FileExt && &CheckContentExt($FileExt) eq $ContentName) {
-					$Ext = $FileExt;
-				}
-				last;
-			}
-		}
-		# a MIME type is unknown--It judges from an extension.
-		unless ($Ext) {
-			$ContentName = &CheckContentExt($FileExt);
-			if($ContentName) {
-				$Ext = $FileExt;
-				$Infomation .= ' /	MIME type is unknown('. $ContentType. ')';
-				last;
-			}
-		}
-	}
-
-#	$ContentName = &CheckContentExt($Ext)	unless($ContentName);
-#	if($Ext && $ContentName) {
-#		$ContentName .=  $Infomation;
-#	} else {
-#		&upload_error(
-#			'Extension Error',
-#			"$FileName A not corresponding extension ($Ext)<BR>The extension which can be responded ". join(',', sort values(%UPLOAD_EXT_LIST))
-#		);
-#	}
-
-#	# SSI Tag Deletion
-#	if($Ext =~ /.?html?/ && $$DATA =~ /<\!/) {
-#		foreach (
-#			'config',
-#			'echo',
-#			'exec',
-#			'flastmod',
-#			'fsize',
-#			'include'
-#		) {
-#			$$DATA =~ s/\#\s*$_/\&\#35\;$_/ig
-#		}
-#	}
-
-	return (
-		$FileName,
-		$Ext,
-		int($DataLength / 1024 + 1),
-		$ImageWidth,
-		$ImageHeight,
-		$ContentName
-	);
-}
-
-##############################################################################
-# Summary
-#
-# Extension discernment
-#
-# Parameters
-# Returns
-# Memo
-##############################################################################
-
-sub CheckContentExt
-{
-
-	my($Ext) = @_;
-	my $ContentName;
-	foreach (keys %UPLOAD_EXT_LIST) {
-		next	unless ($_);
-		if($_ && $Ext =~ /^$_$/) {
-			$ContentName = $UPLOAD_EXT_LIST{$_};
-			last;
-		}
-	}
-	return $ContentName;
-
-}
-
-##############################################################################
-# Summary
-#
-# Form decode
-#
-# Parameters
-# Returns
-# Memo
-##############################################################################
-sub Encode
-{
-
-	my($value,$Trans) = @_;
-
-#	my $FormCode = &jcode::getcode($value) || $FormCodeDefault;
-#	$FormCodeDefault ||= $FormCode;
-#
-#	if($Trans && $TRANS_2BYTE_CODE) {
-#		if($FormCode ne 'euc') {
-#			&jcode::convert($value, 'euc', $FormCode);
-#		}
-#		&jcode::tr(
-#			$value,
-#			"\xA3\xB0-\xA3\xB9\xA3\xC1-\xA3\xDA\xA3\xE1-\xA3\xFA",
-#			'0-9A-Za-z'
-#		);
-#		if($CHARCODE ne 'euc') {
-#			&jcode::convert($value,$CHARCODE,'euc');
-#		}
-#	} else {
-#		if($CHARCODE ne $FormCode) {
-#			&jcode::convert($value,$CHARCODE,$FormCode);
-#		}
-#	}
-#	if($CHARCODE eq 'euc') {
-#		&jcode::h2z_euc($value);
-#	} elsif($CHARCODE eq 'sjis') {
-#		&jcode::h2z_sjis($value);
-#	}
-
-}
-
-##############################################################################
-# Summary
-#
-# Error Msg
-#
-# Parameters
-# Returns
-# Memo
-##############################################################################
-
-sub upload_error
-{
-
-	local($error_message)	= $_[0];
-	local($error_message2)	= $_[1];
-
-	print "Content-type: text/html\n\n";
-	print<<EOF;
-<HTML>
-<HEAD>
-<TITLE>Error Message</TITLE></HEAD>
-<BODY>
-<table border="1" cellspacing="10" cellpadding="10">
-	<TR bgcolor="#0000B0">
-	<TD bgcolor="#0000B0" NOWRAP><font size="-1" color="white"><B>Error Message</B></font></TD>
-	</TR>
-</table>
-<UL>
-<H4> $error_message </H4>
-$error_message2 <BR>
-</UL>
-</BODY>
-</HTML>
-EOF
-	&rm_tmp_uploaded_files; 		# Image Temporary deletion
-	exit;
-}
-
-##############################################################################
-# Summary
-#
-# Image Temporary deletion
-#
-# Parameters
-# Returns
-# Memo
-##############################################################################
-
-sub rm_tmp_uploaded_files
-{
-	if($img_data_exists == 1){
-		sleep 1;
-		foreach $fname_list(@NEWFNAMES) {
-			if(-e "$img_dir/$fname_list") {
-				unlink("$img_dir/$fname_list");
-			}
-		}
-	}
-
-}
-1;
+#####
+#  FCKeditor - The text editor for Internet - http://www.fckeditor.net
+#  Copyright (C) 2003-2009 Frederico Caldeira Knabben
+#
+#  == BEGIN LICENSE ==
+#
+#  Licensed under the terms of any of the following licenses at your
+#  choice:
+#
+#   - GNU General Public License Version 2 or later (the "GPL")
+#     http://www.gnu.org/licenses/gpl.html
+#
+#   - GNU Lesser General Public License Version 2.1 or later (the "LGPL")
+#     http://www.gnu.org/licenses/lgpl.html
+#
+#   - Mozilla Public License Version 1.1 or later (the "MPL")
+#     http://www.mozilla.org/MPL/MPL-1.1.html
+#
+#  == END LICENSE ==
+#
+#  This is the File Manager Connector for Perl.
+#####
+
+# image data save dir
+$img_dir	= './temp/';
+
+
+# File size max(unit KB)
+$MAX_CONTENT_SIZE =  30000;
+
+# After file is uploaded, sometimes it is required to change its permissions
+# so that it was possible to access it at the later time.
+# If possible, it is recommended to set more restrictive permissions, like 0755.
+# Set to 0 to disable this feature.
+$CHMOD_ON_UPLOAD = 0777;
+
+# See comments above.
+# Used when creating folders that does not exist.
+$CHMOD_ON_FOLDER_CREATE = 0755;
+
+# Filelock (1=use,0=not use)
+$PM{'flock'}		= '1';
+
+
+# upload Content-Type list
+my %UPLOAD_CONTENT_TYPE_LIST = (
+	'image/(x-)?png'						=>	'png',	# PNG image
+	'image/p?jpe?g'							=>	'jpg',	# JPEG image
+	'image/gif'								=>	'gif',	# GIF image
+	'image/x-xbitmap'						=>	'xbm',	# XBM image
+
+	'image/(x-(MS-)?)?bmp'					=>	'bmp',	# Windows BMP image
+	'image/pict'							=>	'pict',	# Macintosh PICT image
+	'image/tiff'							=>	'tif',	# TIFF image
+	'application/pdf'						=>	'pdf',	# PDF image
+	'application/x-shockwave-flash'			=>	'swf',	# Shockwave Flash
+
+	'video/(x-)?msvideo'					=>	'avi',	# Microsoft Video
+	'video/quicktime'						=>	'mov',	# QuickTime Video
+	'video/mpeg'							=>	'mpeg',	# MPEG Video
+	'video/x-mpeg2'							=>	'mpv2', # MPEG2 Video
+
+	'audio/(x-)?midi?'						=>	'mid',	# MIDI Audio
+	'audio/(x-)?wav'						=>	'wav',	# WAV Audio
+	'audio/basic'							=>	'au',	# ULAW Audio
+	'audio/mpeg'							=>	'mpga',	# MPEG Audio
+
+	'application/(x-)?zip(-compressed)?'	=>	'zip',	# ZIP Compress
+
+	'text/html'								=>	'html', # HTML
+	'text/plain'							=>	'txt',	# TEXT
+	'(?:application|text)/(?:rtf|richtext)'	=>	'rtf',	# RichText
+
+	'application/msword'					=>	'doc',	# Microsoft Word
+	'application/vnd.ms-excel'				=>	'xls',	# Microsoft Excel
+
+	''
+);
+
+# Upload is permitted.
+# A regular expression is possible.
+my %UPLOAD_EXT_LIST = (
+	'png'					=>	'PNG image',
+	'p?jpe?g|jpe|jfif|pjp'	=>	'JPEG image',
+	'gif'					=>	'GIF image',
+	'xbm'					=>	'XBM image',
+
+	'bmp|dib|rle'			=>	'Windows BMP image',
+	'pi?ct'					=>	'Macintosh PICT image',
+	'tiff?'					=>	'TIFF image',
+	'pdf'					=>	'PDF image',
+	'swf'					=>	'Shockwave Flash',
+
+	'avi'					=>	'Microsoft Video',
+	'moo?v|qt'				=>	'QuickTime Video',
+	'm(p(e?gv?|e|v)|1v)'	=>	'MPEG Video',
+	'mp(v2|2v)'				=>	'MPEG2 Video',
+
+	'midi?|kar|smf|rmi|mff'	=>	'MIDI Audio',
+	'wav'					=>	'WAVE Audio',
+	'au|snd'				=>	'ULAW Audio',
+	'mp(e?ga|2|a|3)|abs'	=>	'MPEG Audio',
+
+	'zip'					=>	'ZIP Compress',
+	'lzh'					=>	'LZH Compress',
+	'cab'					=>	'CAB Compress',
+
+	'd?html?'				=>	'HTML',
+	'rtf|rtx'				=>	'RichText',
+	'txt|text'				=>	'Text',
+
+	''
+);
+
+
+# sjis or euc
+my $CHARCODE = 'sjis';
+
+$TRANS_2BYTE_CODE = 0;
+
+##############################################################################
+# Summary
+#
+# Form Read input
+#
+# Parameters
+# Returns
+# Memo
+##############################################################################
+sub read_input
+{
+eval("use File::Copy;");
+eval("use File::Path;");
+
+	my ($FORM) = @_;
+
+	if (defined $CHMOD_ON_FOLDER_CREATE && !$CHMOD_ON_FOLDER_CREATE) {
+		mkdir("$img_dir");
+	}
+	else {
+		umask(000);
+		if (defined $CHMOD_ON_FOLDER_CREATE) {
+			mkdir("$img_dir",$CHMOD_ON_FOLDER_CREATE);
+		}
+		else {
+			mkdir("$img_dir",0777);
+		}
+	}
+
+	undef $img_data_exists;
+	undef @NEWFNAMES;
+	undef @NEWFNAME_DATA;
+
+	if($ENV{'CONTENT_LENGTH'} > 10000000 || $ENV{'CONTENT_LENGTH'} > $MAX_CONTENT_SIZE * 1024) {
+		&upload_error(
+			'Size Error',
+			sprintf(
+				"Transmitting size is too large.MAX <strong>%d KB</strong> Now Size <strong>%d KB</strong>(<strong>%d bytes</strong> Over)",
+				$MAX_CONTENT_SIZE,
+				int($ENV{'CONTENT_LENGTH'} / 1024),
+				$ENV{'CONTENT_LENGTH'} - $MAX_CONTENT_SIZE * 1024
+			)
+		);
+	}
+
+	my $Buffer;
+	if($ENV{'CONTENT_TYPE'} =~ /multipart\/form-data/) {
+		# METHOD POST only
+		return	unless($ENV{'CONTENT_LENGTH'});
+
+		binmode(STDIN);
+		# STDIN A pause character is detected.'(MacIE3.0 boundary of $ENV{'CONTENT_TYPE'} cannot be trusted.)
+		my $Boundary = <STDIN>;
+		$Boundary =~ s/\x0D\x0A//;
+		$Boundary = quotemeta($Boundary);
+		while(<STDIN>) {
+			if(/^\s*Content-Disposition:/i) {
+				my($name,$ContentType,$FileName);
+				# form data get
+				if(/\bname="([^"]+)"/i || /\bname=([^\s:;]+)/i) {
+					$name = $1;
+					$name	=~ tr/+/ /;
+					$name	=~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
+					&Encode(\$name);
+				}
+				if(/\bfilename="([^"]*)"/i || /\bfilename=([^\s:;]*)/i) {
+					$FileName = $1 || 'unknown';
+				}
+				# head read
+				while(<STDIN>) {
+					last	if(! /\w/);
+					if(/^\s*Content-Type:\s*"([^"]+)"/i || /^\s*Content-Type:\s*([^\s:;]+)/i) {
+						$ContentType = $1;
+					}
+				}
+				# body read
+				$value = "";
+				while(<STDIN>) {
+					last	if(/^$Boundary/o);
+					$value .= $_;
+				};
+				$lastline = $_;
+				$value =~s /\x0D\x0A$//;
+				if($value ne '') {
+					if($FileName || $ContentType) {
+						$img_data_exists = 1;
+						(
+							$FileName,		#
+							$Ext,			#
+							$Length,		#
+							$ImageWidth,	#
+							$ImageHeight,	#
+							$ContentName	#
+						) = &CheckContentType(\$value,$FileName,$ContentType);
+
+						$FORM{$name}	= $FileName;
+						$new_fname		= $FileName;
+						push(@NEWFNAME_DATA,"$FileName\t$Ext\t$Length\t$ImageWidth\t$ImageHeight\t$ContentName");
+
+						# Multi-upload correspondence
+						push(@NEWFNAMES,$new_fname);
+						open(OUT,">$img_dir/$new_fname");
+						binmode(OUT);
+						eval "flock(OUT,2);" if($PM{'flock'} == 1);
+						print OUT $value;
+						eval "flock(OUT,8);" if($PM{'flock'} == 1);
+						close(OUT);
+
+					} elsif($name) {
+						$value	=~ tr/+/ /;
+						$value	=~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
+						&Encode(\$value,'trans');
+						$FORM{$name} .= "\0"			if(defined($FORM{$name}));
+						$FORM{$name} .= $value;
+					}
+				}
+			};
+			last if($lastline =~ /^$Boundary\-\-/o);
+		}
+	} elsif($ENV{'CONTENT_LENGTH'}) {
+		read(STDIN,$Buffer,$ENV{'CONTENT_LENGTH'});
+	}
+	foreach(split(/&/,$Buffer),split(/&/,$ENV{'QUERY_STRING'})) {
+		my($name, $value) = split(/=/);
+		$name	=~ tr/+/ /;
+		$name	=~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
+		$value	=~ tr/+/ /;
+		$value	=~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
+
+		&Encode(\$name);
+		&Encode(\$value,'trans');
+		$FORM{$name} .= "\0"			if(defined($FORM{$name}));
+		$FORM{$name} .= $value;
+
+	}
+
+}
+
+##############################################################################
+# Summary
+#
+#	CheckContentType
+#
+# Parameters
+# Returns
+# Memo
+##############################################################################
+sub CheckContentType
+{
+
+	my($DATA,$FileName,$ContentType) = @_;
+	my($Ext,$ImageWidth,$ImageHeight,$ContentName,$Infomation);
+	my $DataLength = length($$DATA);
+
+	# An unknown file type
+
+	$_ = $ContentType;
+	my $UnknownType = (
+		!$_
+		|| /^application\/(x-)?macbinary$/i
+		|| /^application\/applefile$/i
+		|| /^application\/octet-stream$/i
+		|| /^text\/plane$/i
+		|| /^x-unknown-content-type/i
+	);
+
+	# MacBinary(Mac Unnecessary data are deleted.)
+	if($UnknownType || $ENV{'HTTP_USER_AGENT'} =~ /Macintosh|Mac_/) {
+		if($DataLength > 128 && !unpack("C",substr($$DATA,0,1)) && !unpack("C",substr($$DATA,74,1)) && !unpack("C",substr($$DATA,82,1)) ) {
+			my $MacBinary_ForkLength = unpack("N", substr($$DATA, 83, 4));		# ForkLength Get
+			my $MacBinary_FileName = quotemeta(substr($$DATA, 2, unpack("C",substr($$DATA, 1, 1))));
+			if($MacBinary_FileName && $MacBinary_ForkLength && $DataLength >= $MacBinary_ForkLength + 128
+					&& ($FileName =~ /$MacBinary_FileName/i || substr($$DATA,102,4) eq 'mBIN')) {	# DATA TOP 128byte MacBinary!!
+				$$DATA				= substr($$DATA,128,$MacBinary_ForkLength);
+				my $ResourceLength	= $DataLength - $MacBinary_ForkLength - 128;
+				$DataLength			= $MacBinary_ForkLength;
+			}
+		}
+	}
+
+	# A file name is changed into EUC.
+#	&jcode::convert(\$FileName,'euc',$FormCodeDefault);
+#	&jcode::h2z_euc(\$FileName);
+	$FileName =~ s/^.*\\//;					# Windows, Mac
+	$FileName =~ s/^.*\///;					# UNIX
+	$FileName =~ s/&/&amp;/g;
+	$FileName =~ s/"/&quot;/g;
+	$FileName =~ s/</&lt;/g;
+	$FileName =~ s/>/&gt;/g;
+#
+#	if($CHARCODE ne 'euc') {
+#		&jcode::convert(\$FileName,$CHARCODE,'euc');
+#	}
+
+	# An extension is extracted and it changes into a small letter.
+	my $FileExt;
+	if($FileName =~ /\.(\w+)$/) {
+		$FileExt = $1;
+		$FileExt =~ tr/A-Z/a-z/;
+	}
+
+	# Executable file detection (ban on upload)
+	if($$DATA =~ /^MZ/) {
+		$Ext = 'exe';
+	}
+	# text
+	if(!$Ext && ($UnknownType || $ContentType =~ /^text\//i || $ContentType =~ /^application\/(?:rtf|richtext)$/i || $ContentType =~ /^image\/x-xbitmap$/i)
+				&& ! $$DATA =~ /[\000-\006\177\377]/) {
+#		$$DATA =~ s/\x0D\x0A/\n/g;
+#		$$DATA =~ tr/\x0D\x0A/\n\n/;
+#
+#		if(
+#			$$DATA =~ /<\s*SCRIPT(?:.|\n)*?>/i
+#				|| $$DATA =~ /<\s*(?:.|\n)*?\bONLOAD\s*=(?:.|\n)*?>/i
+#				|| $$DATA =~ /<\s*(?:.|\n)*?\bONCLICK\s*=(?:.|\n)*?>/i
+#				) {
+#			$Infomation = '(JavaScript contains)';
+#		}
+#		if($$DATA =~ /<\s*TABLE(?:.|\n)*?>/i
+#				|| $$DATA =~ /<\s*BLINK(?:.|\n)*?>/i
+#				|| $$DATA =~ /<\s*MARQUEE(?:.|\n)*?>/i
+#				|| $$DATA =~ /<\s*OBJECT(?:.|\n)*?>/i
+#				|| $$DATA =~ /<\s*EMBED(?:.|\n)*?>/i
+#				|| $$DATA =~ /<\s*FRAME(?:.|\n)*?>/i
+#				|| $$DATA =~ /<\s*APPLET(?:.|\n)*?>/i
+#				|| $$DATA =~ /<\s*FORM(?:.|\n)*?>/i
+#				|| $$DATA =~ /<\s*(?:.|\n)*?\bSRC\s*=(?:.|\n)*?>/i
+#				|| $$DATA =~ /<\s*(?:.|\n)*?\bDYNSRC\s*=(?:.|\n)*?>/i
+#				) {
+#			$Infomation = '(the HTML tag which is not safe is included)';
+#		}
+
+		if($FileExt =~ /^txt$/i || $FileExt =~ /^cgi$/i || $FileExt =~ /^pl$/i) {								# Text File
+			$Ext = 'txt';
+		} elsif($ContentType =~ /^text\/html$/i || $FileExt =~ /html?/i || $$DATA =~ /<\s*HTML(?:.|\n)*?>/i) {	# HTML File
+			$Ext = 'html';
+		} elsif($ContentType =~ /^image\/x-xbitmap$/i || $FileExt =~ /^xbm$/i) {								# XBM(x-BitMap) Image
+			my $XbmName = $1;
+			my ($XbmWidth, $XbmHeight);
+			if($$DATA =~ /\#define\s*$XbmName\_width\s*(\d+)/i) {
+				$XbmWidth = $1;
+			}
+			if($$DATA =~ /\#define\s*$XbmName\_height\s*(\d+)/i) {
+				$XbmHeight = $1;
+			}
+			if($XbmWidth && $XbmHeight) {
+				$Ext = 'xbm';
+				$ImageWidth		= $XbmWidth;
+				$ImageHeight	= $XbmHeight;
+			}
+		} else {		#
+			$Ext = 'txt';
+		}
+	}
+
+	# image
+	if(!$Ext && ($UnknownType || $ContentType =~ /^image\//i)) {
+		# PNG
+		if($$DATA =~ /^\x89PNG\x0D\x0A\x1A\x0A/) {
+			if(substr($$DATA, 12, 4) eq 'IHDR') {
+				$Ext = 'png';
+				($ImageWidth, $ImageHeight) = unpack("N2", substr($$DATA, 16, 8));
+			}
+		} elsif($$DATA =~ /^GIF8(?:9|7)a/) {															# GIF89a(modified), GIF89a, GIF87a
+			$Ext = 'gif';
+			($ImageWidth, $ImageHeight) = unpack("v2", substr($$DATA, 6, 4));
+		} elsif($$DATA =~ /^II\x2a\x00\x08\x00\x00\x00/ || $$DATA =~ /^MM\x00\x2a\x00\x00\x00\x08/) {	# TIFF
+			$Ext = 'tif';
+		} elsif($$DATA =~ /^BM/) {																		# BMP
+			$Ext = 'bmp';
+		} elsif($$DATA =~ /^\xFF\xD8\xFF/ || $$DATA =~ /JFIF/) {										# JPEG
+			my $HeaderPoint = index($$DATA, "\xFF\xD8\xFF", 0);
+			my $Point = $HeaderPoint + 2;
+			while($Point < $DataLength) {
+				my($Maker, $MakerType, $MakerLength) = unpack("C2n",substr($$DATA,$Point,4));
+				if($Maker != 0xFF || $MakerType == 0xd9 || $MakerType == 0xda) {
+					last;
+				} elsif($MakerType >= 0xC0 && $MakerType <= 0xC3) {
+					$Ext = 'jpg';
+					($ImageHeight, $ImageWidth) = unpack("n2", substr($$DATA, $Point + 5, 4));
+					if($HeaderPoint > 0) {
+						$$DATA = substr($$DATA, $HeaderPoint);
+						$DataLength = length($$DATA);
+					}
+					last;
+				} else {
+					$Point += $MakerLength + 2;
+				}
+			}
+		}
+	}
+
+	# audio
+	if(!$Ext && ($UnknownType || $ContentType =~ /^audio\//i)) {
+		# MIDI Audio
+		if($$DATA =~ /^MThd/) {
+			$Ext = 'mid';
+		} elsif($$DATA =~ /^\x2esnd/) {		# ULAW Audio
+			$Ext = 'au';
+		} elsif($$DATA =~ /^RIFF/ || $$DATA =~ /^ID3/ && $$DATA =~ /RIFF/) {
+			my $HeaderPoint = index($$DATA, "RIFF", 0);
+			$_ = substr($$DATA, $HeaderPoint + 8, 8);
+			if(/^WAVEfmt $/) {
+				# WAVE
+				if(unpack("V",substr($$DATA, $HeaderPoint + 16, 4)) == 16) {
+					$Ext = 'wav';
+				} else {					# RIFF WAVE MP3
+					$Ext = 'mp3';
+				}
+			} elsif(/^RMIDdata$/) {			# RIFF MIDI
+				$Ext = 'rmi';
+			} elsif(/^RMP3data$/) {			# RIFF MP3
+				$Ext = 'rmp';
+			}
+			if($ContentType =~ /^audio\//i) {
+				$Infomation .= '(RIFF '. substr($$DATA, $HeaderPoint + 8, 4). ')';
+			}
+		}
+	}
+
+	# a binary file
+	unless ($Ext) {
+		# PDF image
+		if($$DATA =~ /^\%PDF/) {
+			# Picture size is not measured.
+			$Ext = 'pdf';
+		} elsif($$DATA =~ /^FWS/) {		# Shockwave Flash
+			$Ext = 'swf';
+		} elsif($$DATA =~ /^RIFF/ || $$DATA =~ /^ID3/ && $$DATA =~ /RIFF/) {
+			my $HeaderPoint = index($$DATA, "RIFF", 0);
+			$_ = substr($$DATA,$HeaderPoint + 8, 8);
+			# AVI
+			if(/^AVI LIST$/) {
+				$Ext = 'avi';
+			}
+			if($ContentType =~ /^video\//i) {
+				$Infomation .= '(RIFF '. substr($$DATA, $HeaderPoint + 8, 4). ')';
+			}
+		} elsif($$DATA =~ /^PK/) {			# ZIP Compress File
+			$Ext = 'zip';
+		} elsif($$DATA =~ /^MSCF/) {		# CAB Compress File
+			$Ext = 'cab';
+		} elsif($$DATA =~ /^Rar\!/) {		# RAR Compress File
+			$Ext = 'rar';
+		} elsif(substr($$DATA, 2, 5) =~ /^\-lh(\d+|d)\-$/) {		# LHA Compress File
+			$Infomation .= "(lh$1)";
+			$Ext = 'lzh';
+		} elsif(substr($$DATA, 325, 25) eq "Apple Video Media Handler" || substr($$DATA, 325, 30) eq "Apple \x83\x72\x83\x66\x83\x49\x81\x45\x83\x81\x83\x66\x83\x42\x83\x41\x83\x6E\x83\x93\x83\x68\x83\x89") {
+			# QuickTime
+			$Ext = 'mov';
+		}
+	}
+
+	# Header analysis failure
+	unless ($Ext) {
+		# It will be followed if it applies for the MIME type from the browser.
+		foreach (keys %UPLOAD_CONTENT_TYPE_LIST) {
+			next unless ($_);
+			if($ContentType =~ /^$_$/i) {
+				$Ext = $UPLOAD_CONTENT_TYPE_LIST{$_};
+				$ContentName = &CheckContentExt($Ext);
+				if(
+					grep {$_ eq $Ext;} (
+						'png',
+						'gif',
+						'jpg',
+						'xbm',
+						'tif',
+						'bmp',
+						'pdf',
+						'swf',
+						'mov',
+						'zip',
+						'cab',
+						'lzh',
+						'rar',
+						'mid',
+						'rmi',
+						'au',
+						'wav',
+						'avi',
+						'exe'
+					)
+				) {
+					$Infomation .= ' / Header analysis failure';
+				}
+				if($Ext ne $FileExt && &CheckContentExt($FileExt) eq $ContentName) {
+					$Ext = $FileExt;
+				}
+				last;
+			}
+		}
+		# a MIME type is unknown--It judges from an extension.
+		unless ($Ext) {
+			$ContentName = &CheckContentExt($FileExt);
+			if($ContentName) {
+				$Ext = $FileExt;
+				$Infomation .= ' /	MIME type is unknown('. $ContentType. ')';
+				last;
+			}
+		}
+	}
+
+#	$ContentName = &CheckContentExt($Ext)	unless($ContentName);
+#	if($Ext && $ContentName) {
+#		$ContentName .=  $Infomation;
+#	} else {
+#		&upload_error(
+#			'Extension Error',
+#			"$FileName A not corresponding extension ($Ext)<BR>The extension which can be responded ". join(',', sort values(%UPLOAD_EXT_LIST))
+#		);
+#	}
+
+#	# SSI Tag Deletion
+#	if($Ext =~ /.?html?/ && $$DATA =~ /<\!/) {
+#		foreach (
+#			'config',
+#			'echo',
+#			'exec',
+#			'flastmod',
+#			'fsize',
+#			'include'
+#		) {
+#			$$DATA =~ s/\#\s*$_/\&\#35\;$_/ig
+#		}
+#	}
+
+	return (
+		$FileName,
+		$Ext,
+		int($DataLength / 1024 + 1),
+		$ImageWidth,
+		$ImageHeight,
+		$ContentName
+	);
+}
+
+##############################################################################
+# Summary
+#
+# Extension discernment
+#
+# Parameters
+# Returns
+# Memo
+##############################################################################
+
+sub CheckContentExt
+{
+
+	my($Ext) = @_;
+	my $ContentName;
+	foreach (keys %UPLOAD_EXT_LIST) {
+		next	unless ($_);
+		if($_ && $Ext =~ /^$_$/) {
+			$ContentName = $UPLOAD_EXT_LIST{$_};
+			last;
+		}
+	}
+	return $ContentName;
+
+}
+
+##############################################################################
+# Summary
+#
+# Form decode
+#
+# Parameters
+# Returns
+# Memo
+##############################################################################
+sub Encode
+{
+
+	my($value,$Trans) = @_;
+
+#	my $FormCode = &jcode::getcode($value) || $FormCodeDefault;
+#	$FormCodeDefault ||= $FormCode;
+#
+#	if($Trans && $TRANS_2BYTE_CODE) {
+#		if($FormCode ne 'euc') {
+#			&jcode::convert($value, 'euc', $FormCode);
+#		}
+#		&jcode::tr(
+#			$value,
+#			"\xA3\xB0-\xA3\xB9\xA3\xC1-\xA3\xDA\xA3\xE1-\xA3\xFA",
+#			'0-9A-Za-z'
+#		);
+#		if($CHARCODE ne 'euc') {
+#			&jcode::convert($value,$CHARCODE,'euc');
+#		}
+#	} else {
+#		if($CHARCODE ne $FormCode) {
+#			&jcode::convert($value,$CHARCODE,$FormCode);
+#		}
+#	}
+#	if($CHARCODE eq 'euc') {
+#		&jcode::h2z_euc($value);
+#	} elsif($CHARCODE eq 'sjis') {
+#		&jcode::h2z_sjis($value);
+#	}
+
+}
+
+##############################################################################
+# Summary
+#
+# Error Msg
+#
+# Parameters
+# Returns
+# Memo
+##############################################################################
+
+sub upload_error
+{
+
+	local($error_message)	= $_[0];
+	local($error_message2)	= $_[1];
+
+	print "Content-type: text/html\n\n";
+	print<<EOF;
+<HTML>
+<HEAD>
+<TITLE>Error Message</TITLE></HEAD>
+<BODY>
+<table border="1" cellspacing="10" cellpadding="10">
+	<TR bgcolor="#0000B0">
+	<TD bgcolor="#0000B0" NOWRAP><font size="-1" color="white"><B>Error Message</B></font></TD>
+	</TR>
+</table>
+<UL>
+<H4> $error_message </H4>
+$error_message2 <BR>
+</UL>
+</BODY>
+</HTML>
+EOF
+	&rm_tmp_uploaded_files; 		# Image Temporary deletion
+	exit;
+}
+
+##############################################################################
+# Summary
+#
+# Image Temporary deletion
+#
+# Parameters
+# Returns
+# Memo
+##############################################################################
+
+sub rm_tmp_uploaded_files
+{
+	if($img_data_exists == 1){
+		sleep 1;
+		foreach $fname_list(@NEWFNAMES) {
+			if(-e "$img_dir/$fname_list") {
+				unlink("$img_dir/$fname_list");
+			}
+		}
+	}
+
+}
+1;
--- a/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/perl/util.pl	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/perl/util.pl	Mon Sep 14 02:47:11 2009 +0200
@@ -1,68 +1,66 @@
-#####
-#  FCKeditor - The text editor for Internet - http://www.fckeditor.net
-#  Copyright (C) 2003-2009 Frederico Caldeira Knabben
-#
-#  == BEGIN LICENSE ==
-#
-#  Licensed under the terms of any of the following licenses at your
-#  choice:
-#
-#   - GNU General Public License Version 2 or later (the "GPL")
-#     http://www.gnu.org/licenses/gpl.html
-#
-#   - GNU Lesser General Public License Version 2.1 or later (the "LGPL")
-#     http://www.gnu.org/licenses/lgpl.html
-#
-#   - Mozilla Public License Version 1.1 or later (the "MPL")
-#     http://www.mozilla.org/MPL/MPL-1.1.html
-#
-#  == END LICENSE ==
-#
-#  This is the File Manager Connector for Perl.
-#####
-
-sub RemoveFromStart
-{
-	local($sourceString, $charToRemove) = @_;
-	$sPattern = '^' . $charToRemove . '+' ;
-	$sourceString =~ s/^$charToRemove+//g;
-	return $sourceString;
-}
-
-sub RemoveFromEnd
-{
-	local($sourceString, $charToRemove) = @_;
-	$sPattern = $charToRemove . '+$' ;
-	$sourceString =~ s/$charToRemove+$//g;
-	return $sourceString;
-}
-
-sub ConvertToXmlAttribute
-{
-	local($value) = @_;
-	return $value;
-#	return utf8_encode(htmlspecialchars($value));
-
-}
-
-sub specialchar_cnv
-{
-	local($ch) = @_;
-
-	$ch =~ s/&/&amp;/g;		# &
-	$ch =~ s/\"/&quot;/g;	#"
-	$ch =~ s/\'/&#39;/g;	# '
-	$ch =~ s/</&lt;/g;		# <
-	$ch =~ s/>/&gt;/g;		# >
-	return($ch);
-}
-
-sub JS_cnv
-{
-	local($ch) = @_;
-
-	$ch =~ s/\"/\\\"/g;	#"
-	return($ch);
-}
-
-1;
+#####
+#  FCKeditor - The text editor for Internet - http://www.fckeditor.net
+#  Copyright (C) 2003-2009 Frederico Caldeira Knabben
+#
+#  == BEGIN LICENSE ==
+#
+#  Licensed under the terms of any of the following licenses at your
+#  choice:
+#
+#   - GNU General Public License Version 2 or later (the "GPL")
+#     http://www.gnu.org/licenses/gpl.html
+#
+#   - GNU Lesser General Public License Version 2.1 or later (the "LGPL")
+#     http://www.gnu.org/licenses/lgpl.html
+#
+#   - Mozilla Public License Version 1.1 or later (the "MPL")
+#     http://www.mozilla.org/MPL/MPL-1.1.html
+#
+#  == END LICENSE ==
+#
+#  This is the File Manager Connector for Perl.
+#####
+
+sub RemoveFromStart
+{
+	local($sourceString, $charToRemove) = @_;
+	$sPattern = '^' . $charToRemove . '+' ;
+	$sourceString =~ s/^$charToRemove+//g;
+	return $sourceString;
+}
+
+sub RemoveFromEnd
+{
+	local($sourceString, $charToRemove) = @_;
+	$sPattern = $charToRemove . '+$' ;
+	$sourceString =~ s/$charToRemove+$//g;
+	return $sourceString;
+}
+
+sub ConvertToXmlAttribute
+{
+	local($value) = @_;
+	return(&specialchar_cnv($value));
+}
+
+sub specialchar_cnv
+{
+	local($ch) = @_;
+
+	$ch =~ s/&/&amp;/g;		# &
+	$ch =~ s/\"/&quot;/g;	#"
+	$ch =~ s/\'/&#39;/g;	# '
+	$ch =~ s/</&lt;/g;		# <
+	$ch =~ s/>/&gt;/g;		# >
+	return($ch);
+}
+
+sub JS_cnv
+{
+	local($ch) = @_;
+
+	$ch =~ s/\"/\\\"/g;	#"
+	return($ch);
+}
+
+1;
--- a/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/php/basexml.php	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/php/basexml.php	Mon Sep 14 02:47:11 2009 +0200
@@ -65,6 +65,9 @@
 
 function SendError( $number, $text )
 {
+	if ( $_GET['Command'] == 'FileUpload' )
+		SendUploadResults( $number, "", "", $text ) ;
+
 	if ( isset( $GLOBALS['HeaderSent'] ) && $GLOBALS['HeaderSent'] )
 	{
 		SendErrorNode( $number, $text ) ;
@@ -88,6 +91,9 @@
 
 function SendErrorNode(  $number, $text )
 {
-	echo '<Error number="' . $number . '" text="' . htmlspecialchars( $text ) . '" />' ;
+	if ($text)
+		echo '<Error number="' . $number . '" text="' . htmlspecialchars( $text ) . '" />' ;
+	else
+		echo '<Error number="' . $number . '" />' ;
 }
 ?>
--- a/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/php/commands.php	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/php/commands.php	Mon Sep 14 02:47:11 2009 +0200
@@ -30,16 +30,18 @@
 	// Array that will hold the folders names.
 	$aFolders	= array() ;
 
-	$oCurrentFolder = opendir( $sServerDir ) ;
+	$oCurrentFolder = @opendir( $sServerDir ) ;
 
-	while ( $sFile = readdir( $oCurrentFolder ) )
+	if ($oCurrentFolder !== false)
 	{
-		if ( $sFile != '.' && $sFile != '..' && is_dir( $sServerDir . $sFile ) )
-			$aFolders[] = '<Folder name="' . ConvertToXmlAttribute( $sFile ) . '" />' ;
+		while ( $sFile = readdir( $oCurrentFolder ) )
+		{
+			if ( $sFile != '.' && $sFile != '..' && is_dir( $sServerDir . $sFile ) )
+				$aFolders[] = '<Folder name="' . ConvertToXmlAttribute( $sFile ) . '" />' ;
+		}
+		closedir( $oCurrentFolder ) ;
 	}
 
-	closedir( $oCurrentFolder ) ;
-
 	// Open the "Folders" node.
 	echo "<Folders>" ;
 
@@ -60,29 +62,34 @@
 	$aFolders	= array() ;
 	$aFiles		= array() ;
 
-	$oCurrentFolder = opendir( $sServerDir ) ;
+	$oCurrentFolder = @opendir( $sServerDir ) ;
 
-	while ( $sFile = readdir( $oCurrentFolder ) )
+	if ($oCurrentFolder !== false)
 	{
-		if ( $sFile != '.' && $sFile != '..' )
+		while ( $sFile = readdir( $oCurrentFolder ) )
 		{
-			if ( is_dir( $sServerDir . $sFile ) )
-				$aFolders[] = '<Folder name="' . ConvertToXmlAttribute( $sFile ) . '" />' ;
-			else
+			if ( $sFile != '.' && $sFile != '..' )
 			{
-				$iFileSize = @filesize( $sServerDir . $sFile ) ;
-				if ( !$iFileSize ) {
-					$iFileSize = 0 ;
+				if ( is_dir( $sServerDir . $sFile ) )
+					$aFolders[] = '<Folder name="' . ConvertToXmlAttribute( $sFile ) . '" />' ;
+				else
+				{
+					$iFileSize = @filesize( $sServerDir . $sFile ) ;
+					if ( !$iFileSize ) {
+						$iFileSize = 0 ;
+					}
+					if ( $iFileSize > 0 )
+					{
+						$iFileSize = round( $iFileSize / 1024 ) ;
+						if ( $iFileSize < 1 )
+							$iFileSize = 1 ;
+					}
+
+					$aFiles[] = '<File name="' . ConvertToXmlAttribute( $sFile ) . '" size="' . $iFileSize . '" />' ;
 				}
-				if ( $iFileSize > 0 )
-				{
-					$iFileSize = round( $iFileSize / 1024 ) ;
-					if ( $iFileSize < 1 ) $iFileSize = 1 ;
-				}
-
-				$aFiles[] = '<File name="' . ConvertToXmlAttribute( $sFile ) . '" size="' . $iFileSize . '" />' ;
 			}
 		}
+		closedir( $oCurrentFolder ) ;
 	}
 
 	// Send the folders
@@ -152,7 +159,7 @@
 		$sErrorNumber = '102' ;
 
 	// Create the "Error" node.
-	echo '<Error number="' . $sErrorNumber . '" originalDescription="' . ConvertToXmlAttribute( $sErrorMsg ) . '" />' ;
+	echo '<Error number="' . $sErrorNumber . '" />' ;
 }
 
 function FileUpload( $resourceType, $currentFolder, $sCommand )
--- a/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/php/config.php	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/php/config.php	Mon Sep 14 02:47:11 2009 +0200
@@ -29,7 +29,6 @@
 //		authenticated users can access this file or use some kind of session checking.
 $Config['Enabled'] = false ;
 
-
 // Path to user files relative to the document root.
 $Config['UserFilesPath'] = '/userfiles/' ;
 
--- a/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/php/io.php	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/php/io.php	Mon Sep 14 02:47:11 2009 +0200
@@ -245,6 +245,9 @@
 	if ( strpos( $sCurrentFolder, '..' ) || strpos( $sCurrentFolder, "\\" ))
 		SendError( 102, '' ) ;
 
+	if ( preg_match(",(/\.)|[[:cntrl:]]|(//)|(\\\\)|([\:\*\?\"\<\>\|]),", $sCurrentFolder))
+		SendError( 102, '' ) ;
+
 	return $sCurrentFolder ;
 }
 
@@ -286,6 +289,11 @@
 (function(){var d=document.domain;while (true){try{var A=window.parent.document.domain;break;}catch(e) {};d=d.replace(/.*?(?:\.|$)/,'');if (d.length==0) break;try{document.domain=d;}catch (e){break;}}})();
 EOF;
 
+	if ($errorNumber && $errorNumber != 201) {
+		$fileUrl = "";
+		$fileName = "";
+	}
+
 	$rpl = array( '\\' => '\\\\', '"' => '\\"' ) ;
 	echo 'window.parent.OnUploadCompleted(' . $errorNumber . ',"' . strtr( $fileUrl, $rpl ) . '","' . strtr( $fileName, $rpl ) . '", "' . strtr( $customMsg, $rpl ) . '") ;' ;
 	echo '</script>' ;
--- a/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/php/upload.php	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/php/upload.php	Mon Sep 14 02:47:11 2009 +0200
@@ -43,7 +43,7 @@
 // The file type (from the QueryString, by default 'File').
 $sType = isset( $_GET['Type'] ) ? $_GET['Type'] : 'File' ;
 
-$sCurrentFolder	= GetCurrentFolder() ;
+$sCurrentFolder	= "/" ;
 
 // Is enabled the upload?
 if ( ! IsAllowedCommand( $sCommand ) )
--- a/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/py/connector.py	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/py/connector.py	Mon Sep 14 02:47:11 2009 +0200
@@ -56,7 +56,10 @@
 		currentFolder = getCurrentFolder(self.request.get("CurrentFolder"))
 		# Check for invalid paths
 		if currentFolder is None:
-			return self.sendError(102, "")
+			if (command == "FileUpload"):
+				return self.sendUploadResults( errorNo = 102, customMsg = "" )
+			else:
+				return self.sendError(102, "")
 
 		# Check if it is an allowed command
 		if ( not command in Config.ConfigAllowedCommands ):
@@ -79,7 +82,7 @@
 		# Ensure that the directory exists.
 		if not os.path.exists(self.userFilesFolder):
 			try:
-				self.createServerFoldercreateServerFolder( self.userFilesFolder )
+				self.createServerFolder( self.userFilesFolder )
 			except:
 				return self.sendError(1, "This connector couldn\'t access to local user\'s files directories.  Please check the UserFilesAbsolutePath in \"editor/filemanager/connectors/py/config.py\" and try again. ")
 
--- a/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/py/fckcommands.py	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/py/fckcommands.py	Mon Sep 14 02:47:11 2009 +0200
@@ -71,9 +71,13 @@
 						)
 			elif os.path.isfile(someObjectPath):
 				size = os.path.getsize(someObjectPath)
-				files += """<File name="%s" size="%s" />""" % (
+				if size > 0:
+					size = round(size/1024)
+					if size < 1:
+						size = 1
+				files += """<File name="%s" size="%d" />""" % (
 						convertToXmlAttribute(someObject),
-						os.path.getsize(someObjectPath)
+						size
 						)
 		# Close the folders / files node
 		folders += """</Folders>"""
@@ -163,7 +167,7 @@
 					newFilePath = os.path.join (currentFolderPath,newFileName)
 					if os.path.exists(newFilePath):
 						i += 1
-						newFileName = "%s(%04d).%s" % (
+						newFileName = "%s(%d).%s" % (
 								newFileNameOnly, i, newFileExtension
 								)
 						errorNo= 201 # file renamed
@@ -189,10 +193,10 @@
 								os.chmod( newFilePath, permissions )
 								os.umask( oldumask )
 
-						newFileUrl = self.webUserFilesFolder + currentFolder + newFileName
+						newFileUrl = combinePaths(self.webUserFilesFolder, currentFolder) + newFileName
 
 						return self.sendUploadResults( errorNo , newFileUrl, newFileName )
 			else:
-				return self.sendUploadResults( errorNo = 203, customMsg = "Extension not allowed" )
+				return self.sendUploadResults( errorNo = 202, customMsg = "" )
 		else:
 			return self.sendUploadResults( errorNo = 202, customMsg = "No File" )
--- a/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/py/fckoutput.py	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/py/fckoutput.py	Mon Sep 14 02:47:11 2009 +0200
@@ -95,7 +95,10 @@
 				"""</Connector>""" )
 
 	def sendErrorNode(self, number, text):
-		return """<Error number="%s" text="%s" />""" % (number, convertToXmlAttribute(text))
+		if number != 1:
+			return """<Error number="%s" />""" % (number)
+		else:
+			return """<Error number="%s" text="%s" />""" % (number, convertToXmlAttribute(text))
 
 class BaseHtmlMixin(object):
 	def sendUploadResults( self, errorNo = 0, fileUrl = '', fileName = '', customMsg = '' ):
--- a/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/py/fckutil.py	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/py/fckutil.py	Mon Sep 14 02:47:11 2009 +0200
@@ -62,17 +62,17 @@
 def sanitizeFolderName( newFolderName ):
 	"Do a cleanup of the folder name to avoid possible problems"
 	# Remove . \ / | : ? * " < > and control characters
-	return re.sub( '(?u)\\.|\\\\|\\/|\\||\\:|\\?|\\*|"|<|>|[^\u0000-\u001f\u007f-\u009f]', '_', newFolderName )
+	return re.sub( '\\.|\\\\|\\/|\\||\\:|\\?|\\*|"|<|>|[\x00-\x1f\x7f-\x9f]', '_', newFolderName )
 
 def sanitizeFileName( newFileName ):
 	"Do a cleanup of the file name to avoid possible problems"
 	# Replace dots in the name with underscores (only one dot can be there... security issue).
 	if ( Config.ForceSingleExtension ): # remove dots
-		newFileName = re.sub ( '/\\.(?![^.]*$)/', '_', newFileName ) ;
+		newFileName = re.sub ( '\\.(?![^.]*$)', '_', newFileName ) ;
 	newFileName = newFileName.replace('\\','/')		# convert windows to unix path
 	newFileName = os.path.basename (newFileName)	# strip directories
 	# Remove \ / | : ? *
-	return re.sub ( '(?u)/\\\\|\\/|\\||\\:|\\?|\\*|"|<|>|[^\u0000-\u001f\u007f-\u009f]/', '_', newFileName )
+	return re.sub ( '\\\\|\\/|\\||\\:|\\?|\\*|"|<|>|[\x00-\x1f\x7f-\x9f]/', '_', newFileName )
 
 def getCurrentFolder(currentFolder):
 	if not currentFolder:
@@ -92,6 +92,10 @@
 	if '..' in currentFolder or '\\' in currentFolder:
 		return None
 
+	# Check for invalid folder paths (..)
+	if re.search( '(/\\.)|(//)|([\\\\:\\*\\?\\""\\<\\>\\|]|[\x00-\x1F]|[\x7f-\x9f])', currentFolder ):
+		return None
+
 	return currentFolder
 
 def mapServerPath( environ, url):
--- a/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/py/upload.py	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/filemanager/connectors/py/upload.py	Mon Sep 14 02:47:11 2009 +0200
@@ -41,7 +41,7 @@
 		command = 'QuickUpload'
 		# The file type (from the QueryString, by default 'File').
 		resourceType  = self.request.get('Type','File')
-		currentFolder = getCurrentFolder(self.request.get("CurrentFolder",""))
+		currentFolder = "/"
 		# Check for invalid paths
 		if currentFolder is None:
 			return self.sendUploadResults(102, '', '', "")
--- a/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/js/fckeditorcode_gecko.js	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/js/fckeditorcode_gecko.js	Mon Sep 14 02:47:11 2009 +0200
@@ -35,7 +35,7 @@
 var FCKDomTools={MoveChildren:function(A,B,C){if (A==B) return;var D;if (C){while ((D=A.lastChild)) B.insertBefore(A.removeChild(D),B.firstChild);}else{while ((D=A.firstChild)) B.appendChild(A.removeChild(D));}},MoveNode:function(A,B,C){if (C) B.insertBefore(FCKDomTools.RemoveNode(A),B.firstChild);else B.appendChild(FCKDomTools.RemoveNode(A));},TrimNode:function(A){this.LTrimNode(A);this.RTrimNode(A);},LTrimNode:function(A){var B;while ((B=A.firstChild)){if (B.nodeType==3){var C=B.nodeValue.LTrim();var D=B.nodeValue.length;if (C.length==0){A.removeChild(B);continue;}else if (C.length<D){B.splitText(D-C.length);A.removeChild(A.firstChild);}};break;}},RTrimNode:function(A){var B;while ((B=A.lastChild)){if (B.nodeType==3){var C=B.nodeValue.RTrim();var D=B.nodeValue.length;if (C.length==0){B.parentNode.removeChild(B);continue;}else if (C.length<D){B.splitText(C.length);A.lastChild.parentNode.removeChild(A.lastChild);}};break;};if (!FCKBrowserInfo.IsIE&&!FCKBrowserInfo.IsOpera){B=A.lastChild;if (B&&B.nodeType==1&&B.nodeName.toLowerCase()=='br'){B.parentNode.removeChild(B);}}},RemoveNode:function(A,B){if (B){var C;while ((C=A.firstChild)) A.parentNode.insertBefore(A.removeChild(C),A);};return A.parentNode.removeChild(A);},GetFirstChild:function(A,B){if (typeof (B)=='string') B=[B];var C=A.firstChild;while(C){if (C.nodeType==1&&C.tagName.Equals.apply(C.tagName,B)) return C;C=C.nextSibling;};return null;},GetLastChild:function(A,B){if (typeof (B)=='string') B=[B];var C=A.lastChild;while(C){if (C.nodeType==1&&(!B||C.tagName.Equals(B))) return C;C=C.previousSibling;};return null;},GetPreviousSourceElement:function(A,B,C,D){if (!A) return null;if (C&&A.nodeType==1&&A.nodeName.IEquals(C)) return null;if (A.previousSibling) A=A.previousSibling;else return this.GetPreviousSourceElement(A.parentNode,B,C,D);while (A){if (A.nodeType==1){if (C&&A.nodeName.IEquals(C)) break;if (!D||!A.nodeName.IEquals(D)) return A;}else if (B&&A.nodeType==3&&A.nodeValue.RTrim().length>0) break;if (A.lastChild) A=A.lastChild;else return this.GetPreviousSourceElement(A,B,C,D);};return null;},GetNextSourceElement:function(A,B,C,D,E){while((A=this.GetNextSourceNode(A,E))){if (A.nodeType==1){if (C&&A.nodeName.IEquals(C)) break;if (D&&A.nodeName.IEquals(D)) return this.GetNextSourceElement(A,B,C,D);return A;}else if (B&&A.nodeType==3&&A.nodeValue.RTrim().length>0) break;};return null;},GetNextSourceNode:function(A,B,C,D){if (!A) return null;var E;if (!B&&A.firstChild) E=A.firstChild;else{if (D&&A==D) return null;E=A.nextSibling;if (!E&&(!D||D!=A.parentNode)) return this.GetNextSourceNode(A.parentNode,true,C,D);};if (C&&E&&E.nodeType!=C) return this.GetNextSourceNode(E,false,C,D);return E;},GetPreviousSourceNode:function(A,B,C,D){if (!A) return null;var E;if (!B&&A.lastChild) E=A.lastChild;else{if (D&&A==D) return null;E=A.previousSibling;if (!E&&(!D||D!=A.parentNode)) return this.GetPreviousSourceNode(A.parentNode,true,C,D);};if (C&&E&&E.nodeType!=C) return this.GetPreviousSourceNode(E,false,C,D);return E;},InsertAfterNode:function(A,B){return A.parentNode.insertBefore(B,A.nextSibling);},GetParents:function(A){var B=[];while (A){B.unshift(A);A=A.parentNode;};return B;},GetCommonParents:function(A,B){var C=this.GetParents(A);var D=this.GetParents(B);var E=[];for (var i=0;i<C.length;i++){if (C[i]==D[i]) E.push(C[i]);};return E;},GetCommonParentNode:function(A,B,C){var D={};if (!C.pop) C=[C];while (C.length>0) D[C.pop().toLowerCase()]=1;var E=this.GetCommonParents(A,B);var F=null;while ((F=E.pop())){if (D[F.nodeName.toLowerCase()]) return F;};return null;},GetIndexOf:function(A){var B=A.parentNode?A.parentNode.firstChild:null;var C=-1;while (B){C++;if (B==A) return C;B=B.nextSibling;};return-1;},PaddingNode:null,EnforcePaddingNode:function(A,B){try{if (!A||!A.body) return;}catch (e){return;};this.CheckAndRemovePaddingNode(A,B,true);try{if (A.body.lastChild&&(A.body.lastChild.nodeType!=1||A.body.lastChild.tagName.toLowerCase()==B.toLowerCase())) return;}catch (e){return;};var C=A.createElement(B);if (FCKBrowserInfo.IsGecko&&FCKListsLib.NonEmptyBlockElements[B]) FCKTools.AppendBogusBr(C);this.PaddingNode=C;if (A.body.childNodes.length==1&&A.body.firstChild.nodeType==1&&A.body.firstChild.tagName.toLowerCase()=='br'&&(A.body.firstChild.getAttribute('_moz_dirty')!=null||A.body.firstChild.getAttribute('type')=='_moz')) A.body.replaceChild(C,A.body.firstChild);else A.body.appendChild(C);},CheckAndRemovePaddingNode:function(A,B,C){var D=this.PaddingNode;if (!D) return;try{if (D.parentNode!=A.body||D.tagName.toLowerCase()!=B||(D.childNodes.length>1)||(D.firstChild&&D.firstChild.nodeValue!='\xa0'&&String(D.firstChild.tagName).toLowerCase()!='br')){this.PaddingNode=null;return;}}catch (e){this.PaddingNode=null;return;};if (!C){if (D.parentNode.childNodes.length>1) D.parentNode.removeChild(D);this.PaddingNode=null;}},HasAttribute:function(A,B){if (A.hasAttribute) return A.hasAttribute(B);else{var C=A.attributes[B];return (C!=undefined&&C.specified);}},HasAttributes:function(A){var B=A.attributes;for (var i=0;i<B.length;i++){if (FCKBrowserInfo.IsIE&&B[i].nodeName=='class'){if (A.className.length>0) return true;}else if (B[i].specified) return true;};return false;},RemoveAttribute:function(A,B){if (FCKBrowserInfo.IsIE&&B.toLowerCase()=='class') B='className';return A.removeAttribute(B,0);},RemoveAttributes:function (A,B){for (var i=0;i<B.length;i++) this.RemoveAttribute(A,B[i]);},GetAttributeValue:function(A,B){var C=B;if (typeof B=='string') B=A.attributes[B];else C=B.nodeName;if (B&&B.specified){if (C=='style') return A.style.cssText;else if (C=='class'||C.indexOf('on')==0) return B.nodeValue;else{return A.getAttribute(C,2);}};return null;},Contains:function(A,B){if (A.contains&&B.nodeType==1) return A.contains(B);while ((B=B.parentNode)){if (B==A) return true;};return false;},BreakParent:function(A,B,C){var D=C||new FCKDomRange(FCKTools.GetElementWindow(A));D.SetStart(A,4);D.SetEnd(B,4);var E=D.ExtractContents();D.InsertNode(A.parentNode.removeChild(A));E.InsertAfterNode(A);D.Release(!!C);},GetNodeAddress:function(A,B){var C=[];while (A&&A!=FCKTools.GetElementDocument(A).documentElement){var D=A.parentNode;var E=-1;for(var i=0;i<D.childNodes.length;i++){var F=D.childNodes[i];if (B===true&&F.nodeType==3&&F.previousSibling&&F.previousSibling.nodeType==3) continue;E++;if (D.childNodes[i]==A) break;};C.unshift(E);A=A.parentNode;};return C;},GetNodeFromAddress:function(A,B,C){var D=A.documentElement;for (var i=0;i<B.length;i++){var E=B[i];if (!C){D=D.childNodes[E];continue;};var F=-1;for (var j=0;j<D.childNodes.length;j++){var G=D.childNodes[j];if (C===true&&G.nodeType==3&&G.previousSibling&&G.previousSibling.nodeType==3) continue;F++;if (F==E){D=G;break;}}};return D;},CloneElement:function(A){A=A.cloneNode(false);A.removeAttribute('id',false);return A;},ClearElementJSProperty:function(A,B){if (FCKBrowserInfo.IsIE) A.removeAttribute(B);else delete A[B];},SetElementMarker:function (A,B,C,D){var E=String(parseInt(Math.random()*0xffffffff,10));B._FCKMarkerId=E;B[C]=D;if (!A[E]) A[E]={ 'element':B,'markers':{} };A[E]['markers'][C]=D;},ClearElementMarkers:function(A,B,C){var D=B._FCKMarkerId;if (!D) return;this.ClearElementJSProperty(B,'_FCKMarkerId');for (var j in A[D]['markers']) this.ClearElementJSProperty(B,j);if (C) delete A[D];},ClearAllMarkers:function(A){for (var i in A) this.ClearElementMarkers(A,A[i]['element'],true);},ListToArray:function(A,B,C,D,E){if (!A.nodeName.IEquals(['ul','ol'])) return [];if (!D) D=0;if (!C) C=[];for (var i=0;i<A.childNodes.length;i++){var F=A.childNodes[i];if (!F.nodeName.IEquals('li')) continue;var G={ 'parent':A,'indent':D,'contents':[] };if (!E){G.grandparent=A.parentNode;if (G.grandparent&&G.grandparent.nodeName.IEquals('li')) G.grandparent=G.grandparent.parentNode;}else G.grandparent=E;if (B) this.SetElementMarker(B,F,'_FCK_ListArray_Index',C.length);C.push(G);for (var j=0;j<F.childNodes.length;j++){var H=F.childNodes[j];if (H.nodeName.IEquals(['ul','ol'])) this.ListToArray(H,B,C,D+1,G.grandparent);else G.contents.push(H);}};return C;},ArrayToList:function(A,B,C){if (C==undefined) C=0;if (!A||A.length<C+1) return null;var D=FCKTools.GetElementDocument(A[C].parent);var E=D.createDocumentFragment();var F=null;var G=C;var H=Math.max(A[C].indent,0);var I=null;while (true){var J=A[G];if (J.indent==H){if (!F||A[G].parent.nodeName!=F.nodeName){F=A[G].parent.cloneNode(false);E.appendChild(F);};I=D.createElement('li');F.appendChild(I);for (var i=0;i<J.contents.length;i++) I.appendChild(J.contents[i].cloneNode(true));G++;}else if (J.indent==Math.max(H,0)+1){var K=this.ArrayToList(A,null,G);I.appendChild(K.listNode);G=K.nextIndex;}else if (J.indent==-1&&C==0&&J.grandparent){var I;if (J.grandparent.nodeName.IEquals(['ul','ol'])) I=D.createElement('li');else{if (FCKConfig.EnterMode.IEquals(['div','p'])&&!J.grandparent.nodeName.IEquals('td')) I=D.createElement(FCKConfig.EnterMode);else I=D.createDocumentFragment();};for (var i=0;i<J.contents.length;i++) I.appendChild(J.contents[i].cloneNode(true));if (I.nodeType==11){if (I.lastChild&&I.lastChild.getAttribute&&I.lastChild.getAttribute('type')=='_moz') I.removeChild(I.lastChild);I.appendChild(D.createElement('br'));};if (I.nodeName.IEquals(FCKConfig.EnterMode)&&I.firstChild){this.TrimNode(I);if (FCKListsLib.BlockBoundaries[I.firstChild.nodeName.toLowerCase()]){var M=D.createDocumentFragment();while (I.firstChild) M.appendChild(I.removeChild(I.firstChild));I=M;}};if (FCKBrowserInfo.IsGeckoLike&&I.nodeName.IEquals(['div','p'])) FCKTools.AppendBogusBr(I);E.appendChild(I);F=null;G++;}else return null;if (A.length<=G||Math.max(A[G].indent,0)<H){break;}};if (B){var N=E.firstChild;while (N){if (N.nodeType==1) this.ClearElementMarkers(B,N);N=this.GetNextSourceNode(N);}};return { 'listNode':E,'nextIndex':G };},GetNextSibling:function(A,B){A=A.nextSibling;while (A&&!B&&A.nodeType!=1&&(A.nodeType!=3||A.nodeValue.length==0)) A=A.nextSibling;return A;},GetPreviousSibling:function(A,B){A=A.previousSibling;while (A&&!B&&A.nodeType!=1&&(A.nodeType!=3||A.nodeValue.length==0)) A=A.previousSibling;return A;},CheckIsEmptyElement:function(A,B){var C=A.firstChild;var D;while (C){if (C.nodeType==1){if (D||!FCKListsLib.InlineNonEmptyElements[C.nodeName.toLowerCase()]) return false;if (!B||B(C)===true) D=C;}else if (C.nodeType==3&&C.nodeValue.length>0) return false;C=C.nextSibling;};return D?this.CheckIsEmptyElement(D,B):true;},SetElementStyles:function(A,B){var C=A.style;for (var D in B) C[D]=B[D];},SetOpacity:function(A,B){if (FCKBrowserInfo.IsIE){B=Math.round(B*100);A.style.filter=(B>100?'':'progid:DXImageTransform.Microsoft.Alpha(opacity='+B+')');}else A.style.opacity=B;},GetCurrentElementStyle:function(A,B){if (FCKBrowserInfo.IsIE) return A.currentStyle[B];else return A.ownerDocument.defaultView.getComputedStyle(A,'').getPropertyValue(B);},GetPositionedAncestor:function(A){var B=A;while (B!=FCKTools.GetElementDocument(B).documentElement){if (this.GetCurrentElementStyle(B,'position')!='static') return B;if (B==FCKTools.GetElementDocument(B).documentElement&&currentWindow!=w) B=currentWindow.frameElement;else B=B.parentNode;};return null;},ScrollIntoView:function(A,B){var C=FCKTools.GetElementWindow(A);var D=FCKTools.GetViewPaneSize(C).Height;var E=D*-1;if (B===false){E+=A.offsetHeight||0;E+=parseInt(this.GetCurrentElementStyle(A,'marginBottom')||0,10)||0;};var F=FCKTools.GetDocumentPosition(C,A);E+=F.y;var G=FCKTools.GetScrollPosition(C).Y;if (E>0&&(E>G||E<G-D)) C.scrollTo(0,E);},CheckIsEditable:function(A){var B=A.nodeName.toLowerCase();var C=FCK.DTD[B]||FCK.DTD.span;return (C['#']&&!FCKListsLib.NonEditableElements[B]);},GetSelectedDivContainers:function(){var A=[];var B=new FCKDomRange(FCK.EditorWindow);B.MoveToSelection();var C=B.GetTouchedStartNode();var D=B.GetTouchedEndNode();var E=C;if (C==D){while (D.nodeType==1&&D.lastChild) D=D.lastChild;D=FCKDomTools.GetNextSourceNode(D);}while (E&&E!=D){if (E.nodeType!=3||!/^[ \t\n]*$/.test(E.nodeValue)){var F=new FCKElementPath(E);var G=F.BlockLimit;if (G&&G.nodeName.IEquals('div')&&A.IndexOf(G)==-1) A.push(G);};E=FCKDomTools.GetNextSourceNode(E);};return A;}};
 var FCKTools={};FCKTools.CreateBogusBR=function(A){var B=A.createElement('br');B.setAttribute('type','_moz');return B;};FCKTools.FixCssUrls=function(A,B){if (!A||A.length==0) return B;return B.replace(/url\s*\(([\s'"]*)(.*?)([\s"']*)\)/g,function(match,opener,path,closer){if (/^\/|^\w?:/.test(path)) return match;else return 'url('+opener+A+path+closer+')';});};FCKTools._GetUrlFixedCss=function(A,B){var C=A.match(/^([^|]+)\|([\s\S]*)/);if (C) return FCKTools.FixCssUrls(C[1],C[2]);else return A;};FCKTools.AppendStyleSheet=function(A,B){if (!B) return [];if (typeof(B)=='string'){if (/[\\\/\.][^{}]*$/.test(B)){return this.AppendStyleSheet(A,B.split(','));}else return [this.AppendStyleString(A,FCKTools._GetUrlFixedCss(B))];}else{var C=[];for (var i=0;i<B.length;i++) C.push(this._AppendStyleSheet(A,B[i]));return C;}};FCKTools.GetStyleHtml=(function(){var A=function(styleDef,markTemp){if (styleDef.length==0) return '';var B=markTemp?' _fcktemp="true"':'';return '<style type="text/css"'+B+'>'+styleDef+'</style>';};var C=function(cssFileUrl,markTemp){if (cssFileUrl.length==0) return '';var B=markTemp?' _fcktemp="true"':'';return '<link href="'+cssFileUrl+'" type="text/css" rel="stylesheet" '+B+'/>';};return function(cssFileOrArrayOrDef,markTemp){if (!cssFileOrArrayOrDef) return '';if (typeof(cssFileOrArrayOrDef)=='string'){if (/[\\\/\.][^{}]*$/.test(cssFileOrArrayOrDef)){return this.GetStyleHtml(cssFileOrArrayOrDef.split(','),markTemp);}else return A(this._GetUrlFixedCss(cssFileOrArrayOrDef),markTemp);}else{var E='';for (var i=0;i<cssFileOrArrayOrDef.length;i++) E+=C(cssFileOrArrayOrDef[i],markTemp);return E;}}})();FCKTools.GetElementDocument=function (A){return A.ownerDocument||A.document;};FCKTools.GetElementWindow=function(A){return this.GetDocumentWindow(this.GetElementDocument(A));};FCKTools.GetDocumentWindow=function(A){if (FCKBrowserInfo.IsSafari&&!A.parentWindow) this.FixDocumentParentWindow(window.top);return A.parentWindow||A.defaultView;};FCKTools.FixDocumentParentWindow=function(A){if (A.document) A.document.parentWindow=A;for (var i=0;i<A.frames.length;i++) FCKTools.FixDocumentParentWindow(A.frames[i]);};FCKTools.HTMLEncode=function(A){if (!A) return '';A=A.replace(/&/g,'&amp;');A=A.replace(/</g,'&lt;');A=A.replace(/>/g,'&gt;');return A;};FCKTools.HTMLDecode=function(A){if (!A) return '';A=A.replace(/&gt;/g,'>');A=A.replace(/&lt;/g,'<');A=A.replace(/&amp;/g,'&');return A;};FCKTools._ProcessLineBreaksForPMode=function(A,B,C,D,E){var F=0;var G="<p>";var H="</p>";var I="<br />";if (C){G="<li>";H="</li>";F=1;}while (D&&D!=A.FCK.EditorDocument.body){if (D.tagName.toLowerCase()=='p'){F=1;break;};D=D.parentNode;};for (var i=0;i<B.length;i++){var c=B.charAt(i);if (c=='\r') continue;if (c!='\n'){E.push(c);continue;};var n=B.charAt(i+1);if (n=='\r'){i++;n=B.charAt(i+1);};if (n=='\n'){i++;if (F) E.push(H);E.push(G);F=1;}else E.push(I);}};FCKTools._ProcessLineBreaksForDivMode=function(A,B,C,D,E){var F=0;var G="<div>";var H="</div>";if (C){G="<li>";H="</li>";F=1;}while (D&&D!=A.FCK.EditorDocument.body){if (D.tagName.toLowerCase()=='div'){F=1;break;};D=D.parentNode;};for (var i=0;i<B.length;i++){var c=B.charAt(i);if (c=='\r') continue;if (c!='\n'){E.push(c);continue;};if (F){if (E[E.length-1]==G){E.push("&nbsp;");};E.push(H);};E.push(G);F=1;};if (F) E.push(H);};FCKTools._ProcessLineBreaksForBrMode=function(A,B,C,D,E){var F=0;var G="<br />";var H="";if (C){G="<li>";H="</li>";F=1;};for (var i=0;i<B.length;i++){var c=B.charAt(i);if (c=='\r') continue;if (c!='\n'){E.push(c);continue;};if (F&&H.length) E.push (H);E.push(G);F=1;}};FCKTools.ProcessLineBreaks=function(A,B,C){var D=B.EnterMode.toLowerCase();var E=[];var F=0;var G=new A.FCKDomRange(A.FCK.EditorWindow);G.MoveToSelection();var H=G._Range.startContainer;while (H&&H.nodeType!=1) H=H.parentNode;if (H&&H.tagName.toLowerCase()=='li') F=1;if (D=='p') this._ProcessLineBreaksForPMode(A,C,F,H,E);else if (D=='div') this._ProcessLineBreaksForDivMode(A,C,F,H,E);else if (D=='br') this._ProcessLineBreaksForBrMode(A,C,F,H,E);return E.join("");};FCKTools.AddSelectOption=function(A,B,C){var D=FCKTools.GetElementDocument(A).createElement("OPTION");D.text=B;D.value=C;A.options.add(D);return D;};FCKTools.RunFunction=function(A,B,C,D){if (A) this.SetTimeout(A,0,B,C,D);};FCKTools.SetTimeout=function(A,B,C,D,E){return (E||window).setTimeout(function(){if (D) A.apply(C,[].concat(D));else A.apply(C);},B);};FCKTools.SetInterval=function(A,B,C,D,E){return (E||window).setInterval(function(){A.apply(C,D||[]);},B);};FCKTools.ConvertStyleSizeToHtml=function(A){return A.EndsWith('%')?A:parseInt(A,10);};FCKTools.ConvertHtmlSizeToStyle=function(A){return A.EndsWith('%')?A:(A+'px');};FCKTools.GetElementAscensor=function(A,B){var e=A;var C=","+B.toUpperCase()+",";while (e){if (C.indexOf(","+e.nodeName.toUpperCase()+",")!=-1) return e;e=e.parentNode;};return null;};FCKTools.CreateEventListener=function(A,B){var f=function(){var C=[];for (var i=0;i<arguments.length;i++) C.push(arguments[i]);A.apply(this,C.concat(B));};return f;};FCKTools.IsStrictMode=function(A){return ('CSS1Compat'==(A.compatMode||(FCKBrowserInfo.IsSafari?'CSS1Compat':null)));};FCKTools.ArgumentsToArray=function(A,B,C){B=B||0;C=C||A.length;var D=[];for (var i=B;i<B+C&&i<A.length;i++) D.push(A[i]);return D;};FCKTools.CloneObject=function(A){var B=function() {};B.prototype=A;return new B;};FCKTools.AppendBogusBr=function(A){if (!A) return;var B=this.GetLastItem(A.getElementsByTagName('br'));if (!B||(B.getAttribute('type',2)!='_moz'&&B.getAttribute('_moz_dirty')==null)){var C=this.GetElementDocument(A);if (FCKBrowserInfo.IsOpera) A.appendChild(C.createTextNode(''));else A.appendChild(this.CreateBogusBR(C));}};FCKTools.GetLastItem=function(A){if (A.length>0) return A[A.length-1];return null;};FCKTools.GetDocumentPosition=function(w,A){var x=0;var y=0;var B=A;var C=null;var D=FCKTools.GetElementWindow(B);while (B&&!(D==w&&(B==w.document.body||B==w.document.documentElement))){x+=B.offsetLeft-B.scrollLeft;y+=B.offsetTop-B.scrollTop;if (!FCKBrowserInfo.IsOpera){var E=C;while (E&&E!=B){x-=E.scrollLeft;y-=E.scrollTop;E=E.parentNode;}};C=B;if (B.offsetParent) B=B.offsetParent;else{if (D!=w){B=D.frameElement;C=null;if (B) D=B.contentWindow.parent;}else B=null;}};if (FCKDomTools.GetCurrentElementStyle(w.document.body,'position')!='static'||(FCKBrowserInfo.IsIE&&FCKDomTools.GetPositionedAncestor(A)==null)){x+=w.document.body.offsetLeft;y+=w.document.body.offsetTop;};return { "x":x,"y":y };};FCKTools.GetWindowPosition=function(w,A){var B=this.GetDocumentPosition(w,A);var C=FCKTools.GetScrollPosition(w);B.x-=C.X;B.y-=C.Y;return B;};FCKTools.ProtectFormStyles=function(A){if (!A||A.nodeType!=1||A.tagName.toLowerCase()!='form') return [];var B=[];var C=['style','className'];for (var i=0;i<C.length;i++){var D=C[i];if (A.elements.namedItem(D)){var E=A.elements.namedItem(D);B.push([E,E.nextSibling]);A.removeChild(E);}};return B;};FCKTools.RestoreFormStyles=function(A,B){if (!A||A.nodeType!=1||A.tagName.toLowerCase()!='form') return;if (B.length>0){for (var i=B.length-1;i>=0;i--){var C=B[i][0];var D=B[i][1];if (D) A.insertBefore(C,D);else A.appendChild(C);}}};FCKTools.GetNextNode=function(A,B){if (A.firstChild) return A.firstChild;else if (A.nextSibling) return A.nextSibling;else{var C=A.parentNode;while (C){if (C==B) return null;if (C.nextSibling) return C.nextSibling;else C=C.parentNode;}};return null;};FCKTools.GetNextTextNode=function(A,B,C){node=this.GetNextNode(A,B);if (C&&node&&C(node)) return null;while (node&&node.nodeType!=3){node=this.GetNextNode(node,B);if (C&&node&&C(node)) return null;};return node;};FCKTools.Merge=function(){var A=arguments;var o=A[0];for (var i=1;i<A.length;i++){var B=A[i];for (var p in B) o[p]=B[p];};return o;};FCKTools.IsArray=function(A){return (A instanceof Array);};FCKTools.AppendLengthProperty=function(A,B){var C=0;for (var n in A) C++;return A[B||'length']=C;};FCKTools.NormalizeCssText=function(A){var B=document.createElement('span');B.style.cssText=A;return B.style.cssText;};FCKTools.Bind=function(A,B){return function(){ return B.apply(A,arguments);};};FCKTools.GetVoidUrl=function(){if (FCK_IS_CUSTOM_DOMAIN) return "javascript: void( function(){document.open();document.write('<html><head><title></title></head><body></body></html>');document.domain = '"+FCK_RUNTIME_DOMAIN+"';document.close();}() ) ;";if (FCKBrowserInfo.IsIE){if (FCKBrowserInfo.IsIE7||!FCKBrowserInfo.IsIE6) return "";else return "javascript: '';";};return "javascript: void(0);";};FCKTools.ResetStyles=function(A){A.style.cssText='margin:0;padding:0;border:0;background-color:transparent;background-image:none;';};
 FCKTools.CancelEvent=function(e){if (e) e.preventDefault();};FCKTools.DisableSelection=function(A){if (FCKBrowserInfo.IsGecko) A.style.MozUserSelect='none';else if (FCKBrowserInfo.IsSafari) A.style.KhtmlUserSelect='none';else A.style.userSelect='none';};FCKTools._AppendStyleSheet=function(A,B){var e=A.createElement('LINK');e.rel='stylesheet';e.type='text/css';e.href=B;A.getElementsByTagName("HEAD")[0].appendChild(e);return e;};FCKTools.AppendStyleString=function(A,B){if (!B) return null;var e=A.createElement("STYLE");e.appendChild(A.createTextNode(B));A.getElementsByTagName("HEAD")[0].appendChild(e);return e;};FCKTools.ClearElementAttributes=function(A){for (var i=0;i<A.attributes.length;i++){A.removeAttribute(A.attributes[i].name,0);}};FCKTools.GetAllChildrenIds=function(A){var B=[];var C=function(parent){for (var i=0;i<parent.childNodes.length;i++){var D=parent.childNodes[i].id;if (D&&D.length>0) B[B.length]=D;C(parent.childNodes[i]);}};C(A);return B;};FCKTools.RemoveOuterTags=function(e){var A=e.ownerDocument.createDocumentFragment();for (var i=0;i<e.childNodes.length;i++) A.appendChild(e.childNodes[i].cloneNode(true));e.parentNode.replaceChild(A,e);};FCKTools.CreateXmlObject=function(A){switch (A){case 'XmlHttp':return new XMLHttpRequest();case 'DOMDocument':var B=(new DOMParser()).parseFromString('<tmp></tmp>','text/xml');FCKDomTools.RemoveNode(B.firstChild);return B;};return null;};FCKTools.GetScrollPosition=function(A){return { X:A.pageXOffset,Y:A.pageYOffset };};FCKTools.AddEventListener=function(A,B,C){A.addEventListener(B,C,false);};FCKTools.RemoveEventListener=function(A,B,C){A.removeEventListener(B,C,false);};FCKTools.AddEventListenerEx=function(A,B,C,D){A.addEventListener(B,function(e){C.apply(A,[e].concat(D||[]));},false);};FCKTools.GetViewPaneSize=function(A){return { Width:A.innerWidth,Height:A.innerHeight };};FCKTools.SaveStyles=function(A){var B=FCKTools.ProtectFormStyles(A);var C={};if (A.className.length>0){C.Class=A.className;A.className='';};var D=A.getAttribute('style');if (D&&D.length>0){C.Inline=D;A.setAttribute('style','',0);};FCKTools.RestoreFormStyles(A,B);return C;};FCKTools.RestoreStyles=function(A,B){var C=FCKTools.ProtectFormStyles(A);A.className=B.Class||'';if (B.Inline) A.setAttribute('style',B.Inline,0);else A.removeAttribute('style',0);FCKTools.RestoreFormStyles(A,C);};FCKTools.RegisterDollarFunction=function(A){A.$=function(id){return A.document.getElementById(id);};};FCKTools.AppendElement=function(A,B){return A.appendChild(A.ownerDocument.createElement(B));};FCKTools.GetElementPosition=function(A,B){var c={ X:0,Y:0 };var C=B||window;var D=FCKTools.GetElementWindow(A);var E=null;while (A){var F=D.getComputedStyle(A,'').position;if (F&&F!='static'&&A.style.zIndex!=FCKConfig.FloatingPanelsZIndex) break;c.X+=A.offsetLeft-A.scrollLeft;c.Y+=A.offsetTop-A.scrollTop;if (!FCKBrowserInfo.IsOpera){var G=E;while (G&&G!=A){c.X-=G.scrollLeft;c.Y-=G.scrollTop;G=G.parentNode;}};E=A;if (A.offsetParent) A=A.offsetParent;else{if (D!=C){A=D.frameElement;E=null;if (A) D=FCKTools.GetElementWindow(A);}else{c.X+=A.scrollLeft;c.Y+=A.scrollTop;break;}}};return c;};
-var FCKeditorAPI;function InitializeAPI(){var A=window.parent;if (!(FCKeditorAPI=A.FCKeditorAPI)){var B='window.FCKeditorAPI = {Version : "2.6.4",VersionBuild : "21629",Instances : window.FCKeditorAPI && window.FCKeditorAPI.Instances || {},GetInstance : function( name ){return this.Instances[ name ];},_FormSubmit : function(){for ( var name in FCKeditorAPI.Instances ){var oEditor = FCKeditorAPI.Instances[ name ] ;if ( oEditor.GetParentForm && oEditor.GetParentForm() == this )oEditor.UpdateLinkedField() ;}this._FCKOriginalSubmit() ;},_FunctionQueue	: window.FCKeditorAPI && window.FCKeditorAPI._FunctionQueue || {Functions : new Array(),IsRunning : false,Add : function( f ){this.Functions.push( f );if ( !this.IsRunning )this.StartNext();},StartNext : function(){var aQueue = this.Functions ;if ( aQueue.length > 0 ){this.IsRunning = true;aQueue[0].call();}else this.IsRunning = false;},Remove : function( f ){var aQueue = this.Functions;var i = 0, fFunc;while( (fFunc = aQueue[ i ]) ){if ( fFunc == f )aQueue.splice( i,1 );i++ ;}this.StartNext();}}}';if (A.execScript) A.execScript(B,'JavaScript');else{if (FCKBrowserInfo.IsGecko10){eval.call(A,B);}else if(FCKBrowserInfo.IsAIR){FCKAdobeAIR.FCKeditorAPI_Evaluate(A,B);}else if (FCKBrowserInfo.IsSafari){var C=A.document;var D=C.createElement('script');D.appendChild(C.createTextNode(B));C.documentElement.appendChild(D);}else A.eval(B);};FCKeditorAPI=A.FCKeditorAPI;FCKeditorAPI.__Instances=FCKeditorAPI.Instances;};FCKeditorAPI.Instances[FCK.Name]=FCK;};function _AttachFormSubmitToAPI(){var A=FCK.GetParentForm();if (A){FCKTools.AddEventListener(A,'submit',FCK.UpdateLinkedField);if (!A._FCKOriginalSubmit&&(typeof(A.submit)=='function'||(!A.submit.tagName&&!A.submit.length))){A._FCKOriginalSubmit=A.submit;A.submit=FCKeditorAPI._FormSubmit;}}};function FCKeditorAPI_Cleanup(){if (window.FCKConfig&&FCKConfig.MsWebBrowserControlCompat&&!window.FCKUnloadFlag) return;delete FCKeditorAPI.Instances[FCK.Name];};function FCKeditorAPI_ConfirmCleanup(){if (window.FCKConfig&&FCKConfig.MsWebBrowserControlCompat) window.FCKUnloadFlag=true;};FCKTools.AddEventListener(window,'unload',FCKeditorAPI_Cleanup);FCKTools.AddEventListener(window,'beforeunload',FCKeditorAPI_ConfirmCleanup);
+var FCKeditorAPI;function InitializeAPI(){var A=window.parent;if (!(FCKeditorAPI=A.FCKeditorAPI)){var B='window.FCKeditorAPI = {Version : "2.6.4.1",VersionBuild : "23187",Instances : window.FCKeditorAPI && window.FCKeditorAPI.Instances || {},GetInstance : function( name ){return this.Instances[ name ];},_FormSubmit : function(){for ( var name in FCKeditorAPI.Instances ){var oEditor = FCKeditorAPI.Instances[ name ] ;if ( oEditor.GetParentForm && oEditor.GetParentForm() == this )oEditor.UpdateLinkedField() ;}this._FCKOriginalSubmit() ;},_FunctionQueue	: window.FCKeditorAPI && window.FCKeditorAPI._FunctionQueue || {Functions : new Array(),IsRunning : false,Add : function( f ){this.Functions.push( f );if ( !this.IsRunning )this.StartNext();},StartNext : function(){var aQueue = this.Functions ;if ( aQueue.length > 0 ){this.IsRunning = true;aQueue[0].call();}else this.IsRunning = false;},Remove : function( f ){var aQueue = this.Functions;var i = 0, fFunc;while( (fFunc = aQueue[ i ]) ){if ( fFunc == f )aQueue.splice( i,1 );i++ ;}this.StartNext();}}}';if (A.execScript) A.execScript(B,'JavaScript');else{if (FCKBrowserInfo.IsGecko10){eval.call(A,B);}else if(FCKBrowserInfo.IsAIR){FCKAdobeAIR.FCKeditorAPI_Evaluate(A,B);}else if (FCKBrowserInfo.IsSafari){var C=A.document;var D=C.createElement('script');D.appendChild(C.createTextNode(B));C.documentElement.appendChild(D);}else A.eval(B);};FCKeditorAPI=A.FCKeditorAPI;FCKeditorAPI.__Instances=FCKeditorAPI.Instances;};FCKeditorAPI.Instances[FCK.Name]=FCK;};function _AttachFormSubmitToAPI(){var A=FCK.GetParentForm();if (A){FCKTools.AddEventListener(A,'submit',FCK.UpdateLinkedField);if (!A._FCKOriginalSubmit&&(typeof(A.submit)=='function'||(!A.submit.tagName&&!A.submit.length))){A._FCKOriginalSubmit=A.submit;A.submit=FCKeditorAPI._FormSubmit;}}};function FCKeditorAPI_Cleanup(){if (window.FCKConfig&&FCKConfig.MsWebBrowserControlCompat&&!window.FCKUnloadFlag) return;delete FCKeditorAPI.Instances[FCK.Name];};function FCKeditorAPI_ConfirmCleanup(){if (window.FCKConfig&&FCKConfig.MsWebBrowserControlCompat) window.FCKUnloadFlag=true;};FCKTools.AddEventListener(window,'unload',FCKeditorAPI_Cleanup);FCKTools.AddEventListener(window,'beforeunload',FCKeditorAPI_ConfirmCleanup);
 var FCKImagePreloader=function(){this._Images=[];};FCKImagePreloader.prototype={AddImages:function(A){if (typeof(A)=='string') A=A.split(';');this._Images=this._Images.concat(A);},Start:function(){var A=this._Images;this._PreloadCount=A.length;for (var i=0;i<A.length;i++){var B=document.createElement('img');FCKTools.AddEventListenerEx(B,'load',_FCKImagePreloader_OnImage,this);FCKTools.AddEventListenerEx(B,'error',_FCKImagePreloader_OnImage,this);B.src=A[i];_FCKImagePreloader_ImageCache.push(B);}}};var _FCKImagePreloader_ImageCache=[];function _FCKImagePreloader_OnImage(A,B){if ((--B._PreloadCount)==0&&B.OnComplete) B.OnComplete();};
 var FCKRegexLib={AposEntity:/&apos;/gi,ObjectElements:/^(?:IMG|TABLE|TR|TD|TH|INPUT|SELECT|TEXTAREA|HR|OBJECT|A|UL|OL|LI)$/i,NamedCommands:/^(?:Cut|Copy|Paste|Print|SelectAll|RemoveFormat|Unlink|Undo|Redo|Bold|Italic|Underline|StrikeThrough|Subscript|Superscript|JustifyLeft|JustifyCenter|JustifyRight|JustifyFull|Outdent|Indent|InsertOrderedList|InsertUnorderedList|InsertHorizontalRule)$/i,BeforeBody:/(^[\s\S]*\<body[^\>]*\>)/i,AfterBody:/(\<\/body\>[\s\S]*$)/i,ToReplace:/___fcktoreplace:([\w]+)/ig,MetaHttpEquiv:/http-equiv\s*=\s*["']?([^"' ]+)/i,HasBaseTag:/<base /i,HasBodyTag:/<body[\s|>]/i,HtmlOpener:/<html\s?[^>]*>/i,HeadOpener:/<head\s?[^>]*>/i,HeadCloser:/<\/head\s*>/i,FCK_Class:/\s*FCK__[^ ]*(?=\s+|$)/,ElementName:/(^[a-z_:][\w.\-:]*\w$)|(^[a-z_]$)/,ForceSimpleAmpersand:/___FCKAmp___/g,SpaceNoClose:/\/>/g,EmptyParagraph:/^<(p|div|address|h\d|center)(?=[ >])[^>]*>\s*(<\/\1>)?$/,EmptyOutParagraph:/^<(p|div|address|h\d|center)(?=[ >])[^>]*>(?:\s*|&nbsp;)(<\/\1>)?$/,TagBody:/></,GeckoEntitiesMarker:/#\?-\:/g,ProtectUrlsImg:/<img(?=\s).*?\ssrc=((?:(?:\s*)("|').*?\2)|(?:[^"'][^ >]+))/gi,ProtectUrlsA:/<a(?=\s).*?\shref=((?:(?:\s*)("|').*?\2)|(?:[^"'][^ >]+))/gi,ProtectUrlsArea:/<area(?=\s).*?\shref=((?:(?:\s*)("|').*?\2)|(?:[^"'][^ >]+))/gi,Html4DocType:/HTML 4\.0 Transitional/i,DocTypeTag:/<!DOCTYPE[^>]*>/i,HtmlDocType:/DTD HTML/,TagsWithEvent:/<[^\>]+ on\w+[\s\r\n]*=[\s\r\n]*?('|")[\s\S]+?\>/g,EventAttributes:/\s(on\w+)[\s\r\n]*=[\s\r\n]*?('|")([\s\S]*?)\2/g,ProtectedEvents:/\s\w+_fckprotectedatt="([^"]+)"/g,StyleProperties:/\S+\s*:/g,InvalidSelfCloseTags:/(<(?!base|meta|link|hr|br|param|img|area|input)([a-zA-Z0-9:]+)[^>]*)\/>/gi,StyleVariableAttName:/#\(\s*("|')(.+?)\1[^\)]*\s*\)/g,RegExp:/^\/(.*)\/([gim]*)$/,HtmlTag:/<[^\s<>](?:"[^"]*"|'[^']*'|[^<])*>/};
 var FCKListsLib={BlockElements:{ address:1,blockquote:1,center:1,div:1,dl:1,fieldset:1,form:1,h1:1,h2:1,h3:1,h4:1,h5:1,h6:1,hr:1,marquee:1,noscript:1,ol:1,p:1,pre:1,script:1,table:1,ul:1 },NonEmptyBlockElements:{ p:1,div:1,form:1,h1:1,h2:1,h3:1,h4:1,h5:1,h6:1,address:1,pre:1,ol:1,ul:1,li:1,td:1,th:1 },InlineChildReqElements:{ abbr:1,acronym:1,b:1,bdo:1,big:1,cite:1,code:1,del:1,dfn:1,em:1,font:1,i:1,ins:1,label:1,kbd:1,q:1,samp:1,small:1,span:1,strike:1,strong:1,sub:1,sup:1,tt:1,u:1,'var':1 },InlineNonEmptyElements:{ a:1,abbr:1,acronym:1,b:1,bdo:1,big:1,cite:1,code:1,del:1,dfn:1,em:1,font:1,i:1,ins:1,label:1,kbd:1,q:1,samp:1,small:1,span:1,strike:1,strong:1,sub:1,sup:1,tt:1,u:1,'var':1 },EmptyElements:{ base:1,col:1,meta:1,link:1,hr:1,br:1,param:1,img:1,area:1,input:1 },PathBlockElements:{ address:1,blockquote:1,dl:1,h1:1,h2:1,h3:1,h4:1,h5:1,h6:1,p:1,pre:1,li:1,dt:1,de:1 },PathBlockLimitElements:{ body:1,div:1,td:1,th:1,caption:1,form:1 },StyleBlockElements:{ address:1,div:1,h1:1,h2:1,h3:1,h4:1,h5:1,h6:1,p:1,pre:1 },StyleObjectElements:{ img:1,hr:1,li:1,table:1,tr:1,td:1,embed:1,object:1,ol:1,ul:1 },NonEditableElements:{ button:1,option:1,script:1,iframe:1,textarea:1,object:1,embed:1,map:1,applet:1 },BlockBoundaries:{ p:1,div:1,h1:1,h2:1,h3:1,h4:1,h5:1,h6:1,hr:1,address:1,pre:1,ol:1,ul:1,li:1,dt:1,de:1,table:1,thead:1,tbody:1,tfoot:1,tr:1,th:1,td:1,caption:1,col:1,colgroup:1,blockquote:1,body:1 },ListBoundaries:{ p:1,div:1,h1:1,h2:1,h3:1,h4:1,h5:1,h6:1,hr:1,address:1,pre:1,ol:1,ul:1,li:1,dt:1,de:1,table:1,thead:1,tbody:1,tfoot:1,tr:1,th:1,td:1,caption:1,col:1,colgroup:1,blockquote:1,body:1,br:1 }};
--- a/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/js/fckeditorcode_ie.js	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/web/static/htdocs/applets/FCKeditor/editor/js/fckeditorcode_ie.js	Mon Sep 14 02:47:11 2009 +0200
@@ -36,7 +36,7 @@
 var FCKDomTools={MoveChildren:function(A,B,C){if (A==B) return;var D;if (C){while ((D=A.lastChild)) B.insertBefore(A.removeChild(D),B.firstChild);}else{while ((D=A.firstChild)) B.appendChild(A.removeChild(D));}},MoveNode:function(A,B,C){if (C) B.insertBefore(FCKDomTools.RemoveNode(A),B.firstChild);else B.appendChild(FCKDomTools.RemoveNode(A));},TrimNode:function(A){this.LTrimNode(A);this.RTrimNode(A);},LTrimNode:function(A){var B;while ((B=A.firstChild)){if (B.nodeType==3){var C=B.nodeValue.LTrim();var D=B.nodeValue.length;if (C.length==0){A.removeChild(B);continue;}else if (C.length<D){B.splitText(D-C.length);A.removeChild(A.firstChild);}};break;}},RTrimNode:function(A){var B;while ((B=A.lastChild)){if (B.nodeType==3){var C=B.nodeValue.RTrim();var D=B.nodeValue.length;if (C.length==0){B.parentNode.removeChild(B);continue;}else if (C.length<D){B.splitText(C.length);A.lastChild.parentNode.removeChild(A.lastChild);}};break;};if (!FCKBrowserInfo.IsIE&&!FCKBrowserInfo.IsOpera){B=A.lastChild;if (B&&B.nodeType==1&&B.nodeName.toLowerCase()=='br'){B.parentNode.removeChild(B);}}},RemoveNode:function(A,B){if (B){var C;while ((C=A.firstChild)) A.parentNode.insertBefore(A.removeChild(C),A);};return A.parentNode.removeChild(A);},GetFirstChild:function(A,B){if (typeof (B)=='string') B=[B];var C=A.firstChild;while(C){if (C.nodeType==1&&C.tagName.Equals.apply(C.tagName,B)) return C;C=C.nextSibling;};return null;},GetLastChild:function(A,B){if (typeof (B)=='string') B=[B];var C=A.lastChild;while(C){if (C.nodeType==1&&(!B||C.tagName.Equals(B))) return C;C=C.previousSibling;};return null;},GetPreviousSourceElement:function(A,B,C,D){if (!A) return null;if (C&&A.nodeType==1&&A.nodeName.IEquals(C)) return null;if (A.previousSibling) A=A.previousSibling;else return this.GetPreviousSourceElement(A.parentNode,B,C,D);while (A){if (A.nodeType==1){if (C&&A.nodeName.IEquals(C)) break;if (!D||!A.nodeName.IEquals(D)) return A;}else if (B&&A.nodeType==3&&A.nodeValue.RTrim().length>0) break;if (A.lastChild) A=A.lastChild;else return this.GetPreviousSourceElement(A,B,C,D);};return null;},GetNextSourceElement:function(A,B,C,D,E){while((A=this.GetNextSourceNode(A,E))){if (A.nodeType==1){if (C&&A.nodeName.IEquals(C)) break;if (D&&A.nodeName.IEquals(D)) return this.GetNextSourceElement(A,B,C,D);return A;}else if (B&&A.nodeType==3&&A.nodeValue.RTrim().length>0) break;};return null;},GetNextSourceNode:function(A,B,C,D){if (!A) return null;var E;if (!B&&A.firstChild) E=A.firstChild;else{if (D&&A==D) return null;E=A.nextSibling;if (!E&&(!D||D!=A.parentNode)) return this.GetNextSourceNode(A.parentNode,true,C,D);};if (C&&E&&E.nodeType!=C) return this.GetNextSourceNode(E,false,C,D);return E;},GetPreviousSourceNode:function(A,B,C,D){if (!A) return null;var E;if (!B&&A.lastChild) E=A.lastChild;else{if (D&&A==D) return null;E=A.previousSibling;if (!E&&(!D||D!=A.parentNode)) return this.GetPreviousSourceNode(A.parentNode,true,C,D);};if (C&&E&&E.nodeType!=C) return this.GetPreviousSourceNode(E,false,C,D);return E;},InsertAfterNode:function(A,B){return A.parentNode.insertBefore(B,A.nextSibling);},GetParents:function(A){var B=[];while (A){B.unshift(A);A=A.parentNode;};return B;},GetCommonParents:function(A,B){var C=this.GetParents(A);var D=this.GetParents(B);var E=[];for (var i=0;i<C.length;i++){if (C[i]==D[i]) E.push(C[i]);};return E;},GetCommonParentNode:function(A,B,C){var D={};if (!C.pop) C=[C];while (C.length>0) D[C.pop().toLowerCase()]=1;var E=this.GetCommonParents(A,B);var F=null;while ((F=E.pop())){if (D[F.nodeName.toLowerCase()]) return F;};return null;},GetIndexOf:function(A){var B=A.parentNode?A.parentNode.firstChild:null;var C=-1;while (B){C++;if (B==A) return C;B=B.nextSibling;};return-1;},PaddingNode:null,EnforcePaddingNode:function(A,B){try{if (!A||!A.body) return;}catch (e){return;};this.CheckAndRemovePaddingNode(A,B,true);try{if (A.body.lastChild&&(A.body.lastChild.nodeType!=1||A.body.lastChild.tagName.toLowerCase()==B.toLowerCase())) return;}catch (e){return;};var C=A.createElement(B);if (FCKBrowserInfo.IsGecko&&FCKListsLib.NonEmptyBlockElements[B]) FCKTools.AppendBogusBr(C);this.PaddingNode=C;if (A.body.childNodes.length==1&&A.body.firstChild.nodeType==1&&A.body.firstChild.tagName.toLowerCase()=='br'&&(A.body.firstChild.getAttribute('_moz_dirty')!=null||A.body.firstChild.getAttribute('type')=='_moz')) A.body.replaceChild(C,A.body.firstChild);else A.body.appendChild(C);},CheckAndRemovePaddingNode:function(A,B,C){var D=this.PaddingNode;if (!D) return;try{if (D.parentNode!=A.body||D.tagName.toLowerCase()!=B||(D.childNodes.length>1)||(D.firstChild&&D.firstChild.nodeValue!='\xa0'&&String(D.firstChild.tagName).toLowerCase()!='br')){this.PaddingNode=null;return;}}catch (e){this.PaddingNode=null;return;};if (!C){if (D.parentNode.childNodes.length>1) D.parentNode.removeChild(D);this.PaddingNode=null;}},HasAttribute:function(A,B){if (A.hasAttribute) return A.hasAttribute(B);else{var C=A.attributes[B];return (C!=undefined&&C.specified);}},HasAttributes:function(A){var B=A.attributes;for (var i=0;i<B.length;i++){if (FCKBrowserInfo.IsIE&&B[i].nodeName=='class'){if (A.className.length>0) return true;}else if (B[i].specified) return true;};return false;},RemoveAttribute:function(A,B){if (FCKBrowserInfo.IsIE&&B.toLowerCase()=='class') B='className';return A.removeAttribute(B,0);},RemoveAttributes:function (A,B){for (var i=0;i<B.length;i++) this.RemoveAttribute(A,B[i]);},GetAttributeValue:function(A,B){var C=B;if (typeof B=='string') B=A.attributes[B];else C=B.nodeName;if (B&&B.specified){if (C=='style') return A.style.cssText;else if (C=='class'||C.indexOf('on')==0) return B.nodeValue;else{return A.getAttribute(C,2);}};return null;},Contains:function(A,B){if (A.contains&&B.nodeType==1) return A.contains(B);while ((B=B.parentNode)){if (B==A) return true;};return false;},BreakParent:function(A,B,C){var D=C||new FCKDomRange(FCKTools.GetElementWindow(A));D.SetStart(A,4);D.SetEnd(B,4);var E=D.ExtractContents();D.InsertNode(A.parentNode.removeChild(A));E.InsertAfterNode(A);D.Release(!!C);},GetNodeAddress:function(A,B){var C=[];while (A&&A!=FCKTools.GetElementDocument(A).documentElement){var D=A.parentNode;var E=-1;for(var i=0;i<D.childNodes.length;i++){var F=D.childNodes[i];if (B===true&&F.nodeType==3&&F.previousSibling&&F.previousSibling.nodeType==3) continue;E++;if (D.childNodes[i]==A) break;};C.unshift(E);A=A.parentNode;};return C;},GetNodeFromAddress:function(A,B,C){var D=A.documentElement;for (var i=0;i<B.length;i++){var E=B[i];if (!C){D=D.childNodes[E];continue;};var F=-1;for (var j=0;j<D.childNodes.length;j++){var G=D.childNodes[j];if (C===true&&G.nodeType==3&&G.previousSibling&&G.previousSibling.nodeType==3) continue;F++;if (F==E){D=G;break;}}};return D;},CloneElement:function(A){A=A.cloneNode(false);A.removeAttribute('id',false);return A;},ClearElementJSProperty:function(A,B){if (FCKBrowserInfo.IsIE) A.removeAttribute(B);else delete A[B];},SetElementMarker:function (A,B,C,D){var E=String(parseInt(Math.random()*0xffffffff,10));B._FCKMarkerId=E;B[C]=D;if (!A[E]) A[E]={ 'element':B,'markers':{} };A[E]['markers'][C]=D;},ClearElementMarkers:function(A,B,C){var D=B._FCKMarkerId;if (!D) return;this.ClearElementJSProperty(B,'_FCKMarkerId');for (var j in A[D]['markers']) this.ClearElementJSProperty(B,j);if (C) delete A[D];},ClearAllMarkers:function(A){for (var i in A) this.ClearElementMarkers(A,A[i]['element'],true);},ListToArray:function(A,B,C,D,E){if (!A.nodeName.IEquals(['ul','ol'])) return [];if (!D) D=0;if (!C) C=[];for (var i=0;i<A.childNodes.length;i++){var F=A.childNodes[i];if (!F.nodeName.IEquals('li')) continue;var G={ 'parent':A,'indent':D,'contents':[] };if (!E){G.grandparent=A.parentNode;if (G.grandparent&&G.grandparent.nodeName.IEquals('li')) G.grandparent=G.grandparent.parentNode;}else G.grandparent=E;if (B) this.SetElementMarker(B,F,'_FCK_ListArray_Index',C.length);C.push(G);for (var j=0;j<F.childNodes.length;j++){var H=F.childNodes[j];if (H.nodeName.IEquals(['ul','ol'])) this.ListToArray(H,B,C,D+1,G.grandparent);else G.contents.push(H);}};return C;},ArrayToList:function(A,B,C){if (C==undefined) C=0;if (!A||A.length<C+1) return null;var D=FCKTools.GetElementDocument(A[C].parent);var E=D.createDocumentFragment();var F=null;var G=C;var H=Math.max(A[C].indent,0);var I=null;while (true){var J=A[G];if (J.indent==H){if (!F||A[G].parent.nodeName!=F.nodeName){F=A[G].parent.cloneNode(false);E.appendChild(F);};I=D.createElement('li');F.appendChild(I);for (var i=0;i<J.contents.length;i++) I.appendChild(J.contents[i].cloneNode(true));G++;}else if (J.indent==Math.max(H,0)+1){var K=this.ArrayToList(A,null,G);I.appendChild(K.listNode);G=K.nextIndex;}else if (J.indent==-1&&C==0&&J.grandparent){var I;if (J.grandparent.nodeName.IEquals(['ul','ol'])) I=D.createElement('li');else{if (FCKConfig.EnterMode.IEquals(['div','p'])&&!J.grandparent.nodeName.IEquals('td')) I=D.createElement(FCKConfig.EnterMode);else I=D.createDocumentFragment();};for (var i=0;i<J.contents.length;i++) I.appendChild(J.contents[i].cloneNode(true));if (I.nodeType==11){if (I.lastChild&&I.lastChild.getAttribute&&I.lastChild.getAttribute('type')=='_moz') I.removeChild(I.lastChild);I.appendChild(D.createElement('br'));};if (I.nodeName.IEquals(FCKConfig.EnterMode)&&I.firstChild){this.TrimNode(I);if (FCKListsLib.BlockBoundaries[I.firstChild.nodeName.toLowerCase()]){var M=D.createDocumentFragment();while (I.firstChild) M.appendChild(I.removeChild(I.firstChild));I=M;}};if (FCKBrowserInfo.IsGeckoLike&&I.nodeName.IEquals(['div','p'])) FCKTools.AppendBogusBr(I);E.appendChild(I);F=null;G++;}else return null;if (A.length<=G||Math.max(A[G].indent,0)<H){break;}};if (B){var N=E.firstChild;while (N){if (N.nodeType==1) this.ClearElementMarkers(B,N);N=this.GetNextSourceNode(N);}};return { 'listNode':E,'nextIndex':G };},GetNextSibling:function(A,B){A=A.nextSibling;while (A&&!B&&A.nodeType!=1&&(A.nodeType!=3||A.nodeValue.length==0)) A=A.nextSibling;return A;},GetPreviousSibling:function(A,B){A=A.previousSibling;while (A&&!B&&A.nodeType!=1&&(A.nodeType!=3||A.nodeValue.length==0)) A=A.previousSibling;return A;},CheckIsEmptyElement:function(A,B){var C=A.firstChild;var D;while (C){if (C.nodeType==1){if (D||!FCKListsLib.InlineNonEmptyElements[C.nodeName.toLowerCase()]) return false;if (!B||B(C)===true) D=C;}else if (C.nodeType==3&&C.nodeValue.length>0) return false;C=C.nextSibling;};return D?this.CheckIsEmptyElement(D,B):true;},SetElementStyles:function(A,B){var C=A.style;for (var D in B) C[D]=B[D];},SetOpacity:function(A,B){if (FCKBrowserInfo.IsIE){B=Math.round(B*100);A.style.filter=(B>100?'':'progid:DXImageTransform.Microsoft.Alpha(opacity='+B+')');}else A.style.opacity=B;},GetCurrentElementStyle:function(A,B){if (FCKBrowserInfo.IsIE) return A.currentStyle[B];else return A.ownerDocument.defaultView.getComputedStyle(A,'').getPropertyValue(B);},GetPositionedAncestor:function(A){var B=A;while (B!=FCKTools.GetElementDocument(B).documentElement){if (this.GetCurrentElementStyle(B,'position')!='static') return B;if (B==FCKTools.GetElementDocument(B).documentElement&&currentWindow!=w) B=currentWindow.frameElement;else B=B.parentNode;};return null;},ScrollIntoView:function(A,B){var C=FCKTools.GetElementWindow(A);var D=FCKTools.GetViewPaneSize(C).Height;var E=D*-1;if (B===false){E+=A.offsetHeight||0;E+=parseInt(this.GetCurrentElementStyle(A,'marginBottom')||0,10)||0;};var F=FCKTools.GetDocumentPosition(C,A);E+=F.y;var G=FCKTools.GetScrollPosition(C).Y;if (E>0&&(E>G||E<G-D)) C.scrollTo(0,E);},CheckIsEditable:function(A){var B=A.nodeName.toLowerCase();var C=FCK.DTD[B]||FCK.DTD.span;return (C['#']&&!FCKListsLib.NonEditableElements[B]);},GetSelectedDivContainers:function(){var A=[];var B=new FCKDomRange(FCK.EditorWindow);B.MoveToSelection();var C=B.GetTouchedStartNode();var D=B.GetTouchedEndNode();var E=C;if (C==D){while (D.nodeType==1&&D.lastChild) D=D.lastChild;D=FCKDomTools.GetNextSourceNode(D);}while (E&&E!=D){if (E.nodeType!=3||!/^[ \t\n]*$/.test(E.nodeValue)){var F=new FCKElementPath(E);var G=F.BlockLimit;if (G&&G.nodeName.IEquals('div')&&A.IndexOf(G)==-1) A.push(G);};E=FCKDomTools.GetNextSourceNode(E);};return A;}};
 var FCKTools={};FCKTools.CreateBogusBR=function(A){var B=A.createElement('br');B.setAttribute('type','_moz');return B;};FCKTools.FixCssUrls=function(A,B){if (!A||A.length==0) return B;return B.replace(/url\s*\(([\s'"]*)(.*?)([\s"']*)\)/g,function(match,opener,path,closer){if (/^\/|^\w?:/.test(path)) return match;else return 'url('+opener+A+path+closer+')';});};FCKTools._GetUrlFixedCss=function(A,B){var C=A.match(/^([^|]+)\|([\s\S]*)/);if (C) return FCKTools.FixCssUrls(C[1],C[2]);else return A;};FCKTools.AppendStyleSheet=function(A,B){if (!B) return [];if (typeof(B)=='string'){if (/[\\\/\.][^{}]*$/.test(B)){return this.AppendStyleSheet(A,B.split(','));}else return [this.AppendStyleString(A,FCKTools._GetUrlFixedCss(B))];}else{var C=[];for (var i=0;i<B.length;i++) C.push(this._AppendStyleSheet(A,B[i]));return C;}};FCKTools.GetStyleHtml=(function(){var A=function(styleDef,markTemp){if (styleDef.length==0) return '';var B=markTemp?' _fcktemp="true"':'';return '<style type="text/css"'+B+'>'+styleDef+'</style>';};var C=function(cssFileUrl,markTemp){if (cssFileUrl.length==0) return '';var B=markTemp?' _fcktemp="true"':'';return '<link href="'+cssFileUrl+'" type="text/css" rel="stylesheet" '+B+'/>';};return function(cssFileOrArrayOrDef,markTemp){if (!cssFileOrArrayOrDef) return '';if (typeof(cssFileOrArrayOrDef)=='string'){if (/[\\\/\.][^{}]*$/.test(cssFileOrArrayOrDef)){return this.GetStyleHtml(cssFileOrArrayOrDef.split(','),markTemp);}else return A(this._GetUrlFixedCss(cssFileOrArrayOrDef),markTemp);}else{var E='';for (var i=0;i<cssFileOrArrayOrDef.length;i++) E+=C(cssFileOrArrayOrDef[i],markTemp);return E;}}})();FCKTools.GetElementDocument=function (A){return A.ownerDocument||A.document;};FCKTools.GetElementWindow=function(A){return this.GetDocumentWindow(this.GetElementDocument(A));};FCKTools.GetDocumentWindow=function(A){if (FCKBrowserInfo.IsSafari&&!A.parentWindow) this.FixDocumentParentWindow(window.top);return A.parentWindow||A.defaultView;};FCKTools.FixDocumentParentWindow=function(A){if (A.document) A.document.parentWindow=A;for (var i=0;i<A.frames.length;i++) FCKTools.FixDocumentParentWindow(A.frames[i]);};FCKTools.HTMLEncode=function(A){if (!A) return '';A=A.replace(/&/g,'&amp;');A=A.replace(/</g,'&lt;');A=A.replace(/>/g,'&gt;');return A;};FCKTools.HTMLDecode=function(A){if (!A) return '';A=A.replace(/&gt;/g,'>');A=A.replace(/&lt;/g,'<');A=A.replace(/&amp;/g,'&');return A;};FCKTools._ProcessLineBreaksForPMode=function(A,B,C,D,E){var F=0;var G="<p>";var H="</p>";var I="<br />";if (C){G="<li>";H="</li>";F=1;}while (D&&D!=A.FCK.EditorDocument.body){if (D.tagName.toLowerCase()=='p'){F=1;break;};D=D.parentNode;};for (var i=0;i<B.length;i++){var c=B.charAt(i);if (c=='\r') continue;if (c!='\n'){E.push(c);continue;};var n=B.charAt(i+1);if (n=='\r'){i++;n=B.charAt(i+1);};if (n=='\n'){i++;if (F) E.push(H);E.push(G);F=1;}else E.push(I);}};FCKTools._ProcessLineBreaksForDivMode=function(A,B,C,D,E){var F=0;var G="<div>";var H="</div>";if (C){G="<li>";H="</li>";F=1;}while (D&&D!=A.FCK.EditorDocument.body){if (D.tagName.toLowerCase()=='div'){F=1;break;};D=D.parentNode;};for (var i=0;i<B.length;i++){var c=B.charAt(i);if (c=='\r') continue;if (c!='\n'){E.push(c);continue;};if (F){if (E[E.length-1]==G){E.push("&nbsp;");};E.push(H);};E.push(G);F=1;};if (F) E.push(H);};FCKTools._ProcessLineBreaksForBrMode=function(A,B,C,D,E){var F=0;var G="<br />";var H="";if (C){G="<li>";H="</li>";F=1;};for (var i=0;i<B.length;i++){var c=B.charAt(i);if (c=='\r') continue;if (c!='\n'){E.push(c);continue;};if (F&&H.length) E.push (H);E.push(G);F=1;}};FCKTools.ProcessLineBreaks=function(A,B,C){var D=B.EnterMode.toLowerCase();var E=[];var F=0;var G=new A.FCKDomRange(A.FCK.EditorWindow);G.MoveToSelection();var H=G._Range.startContainer;while (H&&H.nodeType!=1) H=H.parentNode;if (H&&H.tagName.toLowerCase()=='li') F=1;if (D=='p') this._ProcessLineBreaksForPMode(A,C,F,H,E);else if (D=='div') this._ProcessLineBreaksForDivMode(A,C,F,H,E);else if (D=='br') this._ProcessLineBreaksForBrMode(A,C,F,H,E);return E.join("");};FCKTools.AddSelectOption=function(A,B,C){var D=FCKTools.GetElementDocument(A).createElement("OPTION");D.text=B;D.value=C;A.options.add(D);return D;};FCKTools.RunFunction=function(A,B,C,D){if (A) this.SetTimeout(A,0,B,C,D);};FCKTools.SetTimeout=function(A,B,C,D,E){return (E||window).setTimeout(function(){if (D) A.apply(C,[].concat(D));else A.apply(C);},B);};FCKTools.SetInterval=function(A,B,C,D,E){return (E||window).setInterval(function(){A.apply(C,D||[]);},B);};FCKTools.ConvertStyleSizeToHtml=function(A){return A.EndsWith('%')?A:parseInt(A,10);};FCKTools.ConvertHtmlSizeToStyle=function(A){return A.EndsWith('%')?A:(A+'px');};FCKTools.GetElementAscensor=function(A,B){var e=A;var C=","+B.toUpperCase()+",";while (e){if (C.indexOf(","+e.nodeName.toUpperCase()+",")!=-1) return e;e=e.parentNode;};return null;};FCKTools.CreateEventListener=function(A,B){var f=function(){var C=[];for (var i=0;i<arguments.length;i++) C.push(arguments[i]);A.apply(this,C.concat(B));};return f;};FCKTools.IsStrictMode=function(A){return ('CSS1Compat'==(A.compatMode||(FCKBrowserInfo.IsSafari?'CSS1Compat':null)));};FCKTools.ArgumentsToArray=function(A,B,C){B=B||0;C=C||A.length;var D=[];for (var i=B;i<B+C&&i<A.length;i++) D.push(A[i]);return D;};FCKTools.CloneObject=function(A){var B=function() {};B.prototype=A;return new B;};FCKTools.AppendBogusBr=function(A){if (!A) return;var B=this.GetLastItem(A.getElementsByTagName('br'));if (!B||(B.getAttribute('type',2)!='_moz'&&B.getAttribute('_moz_dirty')==null)){var C=this.GetElementDocument(A);if (FCKBrowserInfo.IsOpera) A.appendChild(C.createTextNode(''));else A.appendChild(this.CreateBogusBR(C));}};FCKTools.GetLastItem=function(A){if (A.length>0) return A[A.length-1];return null;};FCKTools.GetDocumentPosition=function(w,A){var x=0;var y=0;var B=A;var C=null;var D=FCKTools.GetElementWindow(B);while (B&&!(D==w&&(B==w.document.body||B==w.document.documentElement))){x+=B.offsetLeft-B.scrollLeft;y+=B.offsetTop-B.scrollTop;if (!FCKBrowserInfo.IsOpera){var E=C;while (E&&E!=B){x-=E.scrollLeft;y-=E.scrollTop;E=E.parentNode;}};C=B;if (B.offsetParent) B=B.offsetParent;else{if (D!=w){B=D.frameElement;C=null;if (B) D=B.contentWindow.parent;}else B=null;}};if (FCKDomTools.GetCurrentElementStyle(w.document.body,'position')!='static'||(FCKBrowserInfo.IsIE&&FCKDomTools.GetPositionedAncestor(A)==null)){x+=w.document.body.offsetLeft;y+=w.document.body.offsetTop;};return { "x":x,"y":y };};FCKTools.GetWindowPosition=function(w,A){var B=this.GetDocumentPosition(w,A);var C=FCKTools.GetScrollPosition(w);B.x-=C.X;B.y-=C.Y;return B;};FCKTools.ProtectFormStyles=function(A){if (!A||A.nodeType!=1||A.tagName.toLowerCase()!='form') return [];var B=[];var C=['style','className'];for (var i=0;i<C.length;i++){var D=C[i];if (A.elements.namedItem(D)){var E=A.elements.namedItem(D);B.push([E,E.nextSibling]);A.removeChild(E);}};return B;};FCKTools.RestoreFormStyles=function(A,B){if (!A||A.nodeType!=1||A.tagName.toLowerCase()!='form') return;if (B.length>0){for (var i=B.length-1;i>=0;i--){var C=B[i][0];var D=B[i][1];if (D) A.insertBefore(C,D);else A.appendChild(C);}}};FCKTools.GetNextNode=function(A,B){if (A.firstChild) return A.firstChild;else if (A.nextSibling) return A.nextSibling;else{var C=A.parentNode;while (C){if (C==B) return null;if (C.nextSibling) return C.nextSibling;else C=C.parentNode;}};return null;};FCKTools.GetNextTextNode=function(A,B,C){node=this.GetNextNode(A,B);if (C&&node&&C(node)) return null;while (node&&node.nodeType!=3){node=this.GetNextNode(node,B);if (C&&node&&C(node)) return null;};return node;};FCKTools.Merge=function(){var A=arguments;var o=A[0];for (var i=1;i<A.length;i++){var B=A[i];for (var p in B) o[p]=B[p];};return o;};FCKTools.IsArray=function(A){return (A instanceof Array);};FCKTools.AppendLengthProperty=function(A,B){var C=0;for (var n in A) C++;return A[B||'length']=C;};FCKTools.NormalizeCssText=function(A){var B=document.createElement('span');B.style.cssText=A;return B.style.cssText;};FCKTools.Bind=function(A,B){return function(){ return B.apply(A,arguments);};};FCKTools.GetVoidUrl=function(){if (FCK_IS_CUSTOM_DOMAIN) return "javascript: void( function(){document.open();document.write('<html><head><title></title></head><body></body></html>');document.domain = '"+FCK_RUNTIME_DOMAIN+"';document.close();}() ) ;";if (FCKBrowserInfo.IsIE){if (FCKBrowserInfo.IsIE7||!FCKBrowserInfo.IsIE6) return "";else return "javascript: '';";};return "javascript: void(0);";};FCKTools.ResetStyles=function(A){A.style.cssText='margin:0;padding:0;border:0;background-color:transparent;background-image:none;';};
 FCKTools.CancelEvent=function(e){return false;};FCKTools._AppendStyleSheet=function(A,B){return A.createStyleSheet(B).owningElement;};FCKTools.AppendStyleString=function(A,B){if (!B) return null;var s=A.createStyleSheet("");s.cssText=B;return s;};FCKTools.ClearElementAttributes=function(A){A.clearAttributes();};FCKTools.GetAllChildrenIds=function(A){var B=[];for (var i=0;i<A.all.length;i++){var C=A.all[i].id;if (C&&C.length>0) B[B.length]=C;};return B;};FCKTools.RemoveOuterTags=function(e){e.insertAdjacentHTML('beforeBegin',e.innerHTML);e.parentNode.removeChild(e);};FCKTools.CreateXmlObject=function(A){var B;switch (A){case 'XmlHttp':if (document.location.protocol!='file:') try { return new XMLHttpRequest();} catch (e) {};B=['MSXML2.XmlHttp','Microsoft.XmlHttp'];break;case 'DOMDocument':B=['MSXML2.DOMDocument','Microsoft.XmlDom'];break;};for (var i=0;i<2;i++){try { return new ActiveXObject(B[i]);}catch (e){}};if (FCKLang.NoActiveX){alert(FCKLang.NoActiveX);FCKLang.NoActiveX=null;};return null;};FCKTools.DisableSelection=function(A){A.unselectable='on';var e,i=0;while ((e=A.all[i++])){switch (e.tagName){case 'IFRAME':case 'TEXTAREA':case 'INPUT':case 'SELECT':break;default:e.unselectable='on';}}};FCKTools.GetScrollPosition=function(A){var B=A.document;var C={ X:B.documentElement.scrollLeft,Y:B.documentElement.scrollTop };if (C.X>0||C.Y>0) return C;return { X:B.body.scrollLeft,Y:B.body.scrollTop };};FCKTools.AddEventListener=function(A,B,C){A.attachEvent('on'+B,C);};FCKTools.RemoveEventListener=function(A,B,C){A.detachEvent('on'+B,C);};FCKTools.AddEventListenerEx=function(A,B,C,D){var o={};o.Source=A;o.Params=D||[];o.Listener=function(ev){return C.apply(o.Source,[ev].concat(o.Params));};if (FCK.IECleanup) FCK.IECleanup.AddItem(null,function() { o.Source=null;o.Params=null;});A.attachEvent('on'+B,o.Listener);A=null;D=null;};FCKTools.GetViewPaneSize=function(A){var B;var C=A.document.documentElement;if (C&&C.clientWidth) B=C;else B=A.document.body;if (B) return { Width:B.clientWidth,Height:B.clientHeight };else return { Width:0,Height:0 };};FCKTools.SaveStyles=function(A){var B=FCKTools.ProtectFormStyles(A);var C={};if (A.className.length>0){C.Class=A.className;A.className='';};var D=A.style.cssText;if (D.length>0){C.Inline=D;A.style.cssText='';};FCKTools.RestoreFormStyles(A,B);return C;};FCKTools.RestoreStyles=function(A,B){var C=FCKTools.ProtectFormStyles(A);A.className=B.Class||'';A.style.cssText=B.Inline||'';FCKTools.RestoreFormStyles(A,C);};FCKTools.RegisterDollarFunction=function(A){A.$=A.document.getElementById;};FCKTools.AppendElement=function(A,B){return A.appendChild(this.GetElementDocument(A).createElement(B));};FCKTools.ToLowerCase=function(A){return A.toLowerCase();};
-var FCKeditorAPI;function InitializeAPI(){var A=window.parent;if (!(FCKeditorAPI=A.FCKeditorAPI)){var B='window.FCKeditorAPI = {Version : "2.6.4",VersionBuild : "21629",Instances : window.FCKeditorAPI && window.FCKeditorAPI.Instances || {},GetInstance : function( name ){return this.Instances[ name ];},_FormSubmit : function(){for ( var name in FCKeditorAPI.Instances ){var oEditor = FCKeditorAPI.Instances[ name ] ;if ( oEditor.GetParentForm && oEditor.GetParentForm() == this )oEditor.UpdateLinkedField() ;}this._FCKOriginalSubmit() ;},_FunctionQueue	: window.FCKeditorAPI && window.FCKeditorAPI._FunctionQueue || {Functions : new Array(),IsRunning : false,Add : function( f ){this.Functions.push( f );if ( !this.IsRunning )this.StartNext();},StartNext : function(){var aQueue = this.Functions ;if ( aQueue.length > 0 ){this.IsRunning = true;aQueue[0].call();}else this.IsRunning = false;},Remove : function( f ){var aQueue = this.Functions;var i = 0, fFunc;while( (fFunc = aQueue[ i ]) ){if ( fFunc == f )aQueue.splice( i,1 );i++ ;}this.StartNext();}}}';if (A.execScript) A.execScript(B,'JavaScript');else{if (FCKBrowserInfo.IsGecko10){eval.call(A,B);}else if(FCKBrowserInfo.IsAIR){FCKAdobeAIR.FCKeditorAPI_Evaluate(A,B);}else if (FCKBrowserInfo.IsSafari){var C=A.document;var D=C.createElement('script');D.appendChild(C.createTextNode(B));C.documentElement.appendChild(D);}else A.eval(B);};FCKeditorAPI=A.FCKeditorAPI;FCKeditorAPI.__Instances=FCKeditorAPI.Instances;};FCKeditorAPI.Instances[FCK.Name]=FCK;};function _AttachFormSubmitToAPI(){var A=FCK.GetParentForm();if (A){FCKTools.AddEventListener(A,'submit',FCK.UpdateLinkedField);if (!A._FCKOriginalSubmit&&(typeof(A.submit)=='function'||(!A.submit.tagName&&!A.submit.length))){A._FCKOriginalSubmit=A.submit;A.submit=FCKeditorAPI._FormSubmit;}}};function FCKeditorAPI_Cleanup(){if (window.FCKConfig&&FCKConfig.MsWebBrowserControlCompat&&!window.FCKUnloadFlag) return;delete FCKeditorAPI.Instances[FCK.Name];};function FCKeditorAPI_ConfirmCleanup(){if (window.FCKConfig&&FCKConfig.MsWebBrowserControlCompat) window.FCKUnloadFlag=true;};FCKTools.AddEventListener(window,'unload',FCKeditorAPI_Cleanup);FCKTools.AddEventListener(window,'beforeunload',FCKeditorAPI_ConfirmCleanup);
+var FCKeditorAPI;function InitializeAPI(){var A=window.parent;if (!(FCKeditorAPI=A.FCKeditorAPI)){var B='window.FCKeditorAPI = {Version : "2.6.4.1",VersionBuild : "23187",Instances : window.FCKeditorAPI && window.FCKeditorAPI.Instances || {},GetInstance : function( name ){return this.Instances[ name ];},_FormSubmit : function(){for ( var name in FCKeditorAPI.Instances ){var oEditor = FCKeditorAPI.Instances[ name ] ;if ( oEditor.GetParentForm && oEditor.GetParentForm() == this )oEditor.UpdateLinkedField() ;}this._FCKOriginalSubmit() ;},_FunctionQueue	: window.FCKeditorAPI && window.FCKeditorAPI._FunctionQueue || {Functions : new Array(),IsRunning : false,Add : function( f ){this.Functions.push( f );if ( !this.IsRunning )this.StartNext();},StartNext : function(){var aQueue = this.Functions ;if ( aQueue.length > 0 ){this.IsRunning = true;aQueue[0].call();}else this.IsRunning = false;},Remove : function( f ){var aQueue = this.Functions;var i = 0, fFunc;while( (fFunc = aQueue[ i ]) ){if ( fFunc == f )aQueue.splice( i,1 );i++ ;}this.StartNext();}}}';if (A.execScript) A.execScript(B,'JavaScript');else{if (FCKBrowserInfo.IsGecko10){eval.call(A,B);}else if(FCKBrowserInfo.IsAIR){FCKAdobeAIR.FCKeditorAPI_Evaluate(A,B);}else if (FCKBrowserInfo.IsSafari){var C=A.document;var D=C.createElement('script');D.appendChild(C.createTextNode(B));C.documentElement.appendChild(D);}else A.eval(B);};FCKeditorAPI=A.FCKeditorAPI;FCKeditorAPI.__Instances=FCKeditorAPI.Instances;};FCKeditorAPI.Instances[FCK.Name]=FCK;};function _AttachFormSubmitToAPI(){var A=FCK.GetParentForm();if (A){FCKTools.AddEventListener(A,'submit',FCK.UpdateLinkedField);if (!A._FCKOriginalSubmit&&(typeof(A.submit)=='function'||(!A.submit.tagName&&!A.submit.length))){A._FCKOriginalSubmit=A.submit;A.submit=FCKeditorAPI._FormSubmit;}}};function FCKeditorAPI_Cleanup(){if (window.FCKConfig&&FCKConfig.MsWebBrowserControlCompat&&!window.FCKUnloadFlag) return;delete FCKeditorAPI.Instances[FCK.Name];};function FCKeditorAPI_ConfirmCleanup(){if (window.FCKConfig&&FCKConfig.MsWebBrowserControlCompat) window.FCKUnloadFlag=true;};FCKTools.AddEventListener(window,'unload',FCKeditorAPI_Cleanup);FCKTools.AddEventListener(window,'beforeunload',FCKeditorAPI_ConfirmCleanup);
 var FCKImagePreloader=function(){this._Images=[];};FCKImagePreloader.prototype={AddImages:function(A){if (typeof(A)=='string') A=A.split(';');this._Images=this._Images.concat(A);},Start:function(){var A=this._Images;this._PreloadCount=A.length;for (var i=0;i<A.length;i++){var B=document.createElement('img');FCKTools.AddEventListenerEx(B,'load',_FCKImagePreloader_OnImage,this);FCKTools.AddEventListenerEx(B,'error',_FCKImagePreloader_OnImage,this);B.src=A[i];_FCKImagePreloader_ImageCache.push(B);}}};var _FCKImagePreloader_ImageCache=[];function _FCKImagePreloader_OnImage(A,B){if ((--B._PreloadCount)==0&&B.OnComplete) B.OnComplete();};
 var FCKRegexLib={AposEntity:/&apos;/gi,ObjectElements:/^(?:IMG|TABLE|TR|TD|TH|INPUT|SELECT|TEXTAREA|HR|OBJECT|A|UL|OL|LI)$/i,NamedCommands:/^(?:Cut|Copy|Paste|Print|SelectAll|RemoveFormat|Unlink|Undo|Redo|Bold|Italic|Underline|StrikeThrough|Subscript|Superscript|JustifyLeft|JustifyCenter|JustifyRight|JustifyFull|Outdent|Indent|InsertOrderedList|InsertUnorderedList|InsertHorizontalRule)$/i,BeforeBody:/(^[\s\S]*\<body[^\>]*\>)/i,AfterBody:/(\<\/body\>[\s\S]*$)/i,ToReplace:/___fcktoreplace:([\w]+)/ig,MetaHttpEquiv:/http-equiv\s*=\s*["']?([^"' ]+)/i,HasBaseTag:/<base /i,HasBodyTag:/<body[\s|>]/i,HtmlOpener:/<html\s?[^>]*>/i,HeadOpener:/<head\s?[^>]*>/i,HeadCloser:/<\/head\s*>/i,FCK_Class:/\s*FCK__[^ ]*(?=\s+|$)/,ElementName:/(^[a-z_:][\w.\-:]*\w$)|(^[a-z_]$)/,ForceSimpleAmpersand:/___FCKAmp___/g,SpaceNoClose:/\/>/g,EmptyParagraph:/^<(p|div|address|h\d|center)(?=[ >])[^>]*>\s*(<\/\1>)?$/,EmptyOutParagraph:/^<(p|div|address|h\d|center)(?=[ >])[^>]*>(?:\s*|&nbsp;)(<\/\1>)?$/,TagBody:/></,GeckoEntitiesMarker:/#\?-\:/g,ProtectUrlsImg:/<img(?=\s).*?\ssrc=((?:(?:\s*)("|').*?\2)|(?:[^"'][^ >]+))/gi,ProtectUrlsA:/<a(?=\s).*?\shref=((?:(?:\s*)("|').*?\2)|(?:[^"'][^ >]+))/gi,ProtectUrlsArea:/<area(?=\s).*?\shref=((?:(?:\s*)("|').*?\2)|(?:[^"'][^ >]+))/gi,Html4DocType:/HTML 4\.0 Transitional/i,DocTypeTag:/<!DOCTYPE[^>]*>/i,HtmlDocType:/DTD HTML/,TagsWithEvent:/<[^\>]+ on\w+[\s\r\n]*=[\s\r\n]*?('|")[\s\S]+?\>/g,EventAttributes:/\s(on\w+)[\s\r\n]*=[\s\r\n]*?('|")([\s\S]*?)\2/g,ProtectedEvents:/\s\w+_fckprotectedatt="([^"]+)"/g,StyleProperties:/\S+\s*:/g,InvalidSelfCloseTags:/(<(?!base|meta|link|hr|br|param|img|area|input)([a-zA-Z0-9:]+)[^>]*)\/>/gi,StyleVariableAttName:/#\(\s*("|')(.+?)\1[^\)]*\s*\)/g,RegExp:/^\/(.*)\/([gim]*)$/,HtmlTag:/<[^\s<>](?:"[^"]*"|'[^']*'|[^<])*>/};
 var FCKListsLib={BlockElements:{ address:1,blockquote:1,center:1,div:1,dl:1,fieldset:1,form:1,h1:1,h2:1,h3:1,h4:1,h5:1,h6:1,hr:1,marquee:1,noscript:1,ol:1,p:1,pre:1,script:1,table:1,ul:1 },NonEmptyBlockElements:{ p:1,div:1,form:1,h1:1,h2:1,h3:1,h4:1,h5:1,h6:1,address:1,pre:1,ol:1,ul:1,li:1,td:1,th:1 },InlineChildReqElements:{ abbr:1,acronym:1,b:1,bdo:1,big:1,cite:1,code:1,del:1,dfn:1,em:1,font:1,i:1,ins:1,label:1,kbd:1,q:1,samp:1,small:1,span:1,strike:1,strong:1,sub:1,sup:1,tt:1,u:1,'var':1 },InlineNonEmptyElements:{ a:1,abbr:1,acronym:1,b:1,bdo:1,big:1,cite:1,code:1,del:1,dfn:1,em:1,font:1,i:1,ins:1,label:1,kbd:1,q:1,samp:1,small:1,span:1,strike:1,strong:1,sub:1,sup:1,tt:1,u:1,'var':1 },EmptyElements:{ base:1,col:1,meta:1,link:1,hr:1,br:1,param:1,img:1,area:1,input:1 },PathBlockElements:{ address:1,blockquote:1,dl:1,h1:1,h2:1,h3:1,h4:1,h5:1,h6:1,p:1,pre:1,li:1,dt:1,de:1 },PathBlockLimitElements:{ body:1,div:1,td:1,th:1,caption:1,form:1 },StyleBlockElements:{ address:1,div:1,h1:1,h2:1,h3:1,h4:1,h5:1,h6:1,p:1,pre:1 },StyleObjectElements:{ img:1,hr:1,li:1,table:1,tr:1,td:1,embed:1,object:1,ol:1,ul:1 },NonEditableElements:{ button:1,option:1,script:1,iframe:1,textarea:1,object:1,embed:1,map:1,applet:1 },BlockBoundaries:{ p:1,div:1,h1:1,h2:1,h3:1,h4:1,h5:1,h6:1,hr:1,address:1,pre:1,ol:1,ul:1,li:1,dt:1,de:1,table:1,thead:1,tbody:1,tfoot:1,tr:1,th:1,td:1,caption:1,col:1,colgroup:1,blockquote:1,body:1 },ListBoundaries:{ p:1,div:1,h1:1,h2:1,h3:1,h4:1,h5:1,h6:1,hr:1,address:1,pre:1,ol:1,ul:1,li:1,dt:1,de:1,table:1,thead:1,tbody:1,tfoot:1,tr:1,th:1,td:1,caption:1,col:1,colgroup:1,blockquote:1,body:1,br:1 }};
--- a/MoinMoin/web/static/htdocs/applets/FCKeditor/fckeditor.js	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/web/static/htdocs/applets/FCKeditor/fckeditor.js	Mon Sep 14 02:47:11 2009 +0200
@@ -59,8 +59,8 @@
  */
 FCKeditor.MinWidth = 750 ;
 
-FCKeditor.prototype.Version			= '2.6.4' ;
-FCKeditor.prototype.VersionBuild	= '21629' ;
+FCKeditor.prototype.Version			= '2.6.4.1' ;
+FCKeditor.prototype.VersionBuild	= '23187' ;
 
 FCKeditor.prototype.Create = function()
 {
--- a/MoinMoin/web/static/htdocs/applets/FCKeditor/fckeditor.pl	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/web/static/htdocs/applets/FCKeditor/fckeditor.pl	Mon Sep 14 02:47:11 2009 +0200
@@ -1,143 +1,143 @@
-#####
-#  FCKeditor - The text editor for Internet - http://www.fckeditor.net
-#  Copyright (C) 2003-2009 Frederico Caldeira Knabben
-#
-#  == BEGIN LICENSE ==
-#
-#  Licensed under the terms of any of the following licenses at your
-#  choice:
-#
-#   - GNU General Public License Version 2 or later (the "GPL")
-#     http://www.gnu.org/licenses/gpl.html
-#
-#   - GNU Lesser General Public License Version 2.1 or later (the "LGPL")
-#     http://www.gnu.org/licenses/lgpl.html
-#
-#   - Mozilla Public License Version 1.1 or later (the "MPL")
-#     http://www.mozilla.org/MPL/MPL-1.1.html
-#
-#  == END LICENSE ==
-#
-#  This is the integration file for Perl.
-#####
-
-#my $InstanceName;
-#my $BasePath;
-#my $Width;
-#my $Height;
-#my $ToolbarSet;
-#my $Value;
-#my %Config;
-
-sub FCKeditor
-{
-
-	local($instanceName) = @_;
-	$InstanceName	= $instanceName;
-	$BasePath		= '/fckeditor/';
-	$Width			= '100%';
-	$Height			= '200';
-	$ToolbarSet		= 'Default';
-	$Value			= '';
-}
-
-sub Create
-{
-	print &CreateHtml();
-}
-
-sub specialchar_cnv
-{
-
-	local($ch) = @_;
-
-	$ch =~ s/&/&amp;/g;		# &
-	$ch =~ s/\"/&quot;/g;	#"
-	$ch =~ s/\'/&#39;/g;	# '
-	$ch =~ s/</&lt;/g;		# <
-	$ch =~ s/>/&gt;/g;		# >
-	return($ch);
-}
-
-sub CreateHtml
-{
-
-	$HtmlValue = &specialchar_cnv($Value);
-	$Html = '' ;
-	if(&IsCompatible()) {
-		$Link = $BasePath . "editor/fckeditor.html?InstanceName=$InstanceName";
-		if($ToolbarSet ne '') {
-			$Link .= "&amp;Toolbar=$ToolbarSet";
-		}
-		#// Render the linked hidden field.
-		$Html .= "<input type=\"hidden\" id=\"$InstanceName\" name=\"$InstanceName\" value=\"$HtmlValue\" style=\"display:none\" />" ;
-
-		#// Render the configurations hidden field.
-		$cfgstr = &GetConfigFieldString();
-		$wk = $InstanceName."___Config";
-		$Html .= "<input type=\"hidden\" id=\"$wk\" value=\"$cfgstr\" style=\"display:none\" />" ;
-
-		#// Render the editor IFRAME.
-		$wk = $InstanceName."___Frame";
-		$Html .= "<iframe id=\"$wk\" src=\"$Link\" width=\"$Width\" height=\"$Height\" frameborder=\"0\" scrolling=\"no\"></iframe>";
-	} else {
-		if($Width =~ /\%/g){
-			$WidthCSS = $Width;
-		} else {
-			$WidthCSS = $Width . 'px';
-		}
-		if($Height =~ /\%/g){
-			$HeightCSS = $Height;
-		} else {
-			$HeightCSS = $Height . 'px';
-		}
-		$Html .= "<textarea name=\"$InstanceName\" rows=\"4\" cols=\"40\" style=\"width: $WidthCSS; height: $HeightCSS\">$HtmlValue</textarea>";
-	}
-	return($Html);
-}
-
-sub IsCompatible
-{
-
-	$sAgent = $ENV{'HTTP_USER_AGENT'};
-	if(($sAgent =~ /MSIE/i) && !($sAgent =~ /mac/i) && !($sAgent =~ /Opera/i)) {
-		$iVersion = substr($sAgent,index($sAgent,'MSIE') + 5,3);
-		return($iVersion >= 5.5) ;
-	} elsif($sAgent =~ /Gecko\//i) {
-		$iVersion = substr($sAgent,index($sAgent,'Gecko/') + 6,8);
-		return($iVersion >= 20030210) ;
-	} elsif($sAgent =~ /Opera\//i) {
-		$iVersion = substr($sAgent,index($sAgent,'Opera/') + 6,4);
-		return($iVersion >= 9.5) ;
-	} elsif($sAgent =~ /AppleWebKit\/(\d+)/i) {
-		return($1 >= 522) ;
-	} else {
-		return(0);		# 2.0 PR fix
-	}
-}
-
-sub GetConfigFieldString
-{
-	$sParams = '';
-	$bFirst = 0;
-	foreach $sKey (keys %Config) {
-		$sValue = $Config{$sKey};
-		if($bFirst == 1) {
-			$sParams .= '&amp;';
-		} else {
-			$bFirst = 1;
-		}
-		$k = &specialchar_cnv($sKey);
-		$v = &specialchar_cnv($sValue);
-		if($sValue eq "true") {
-			$sParams .= "$k=true";
-		} elsif($sValue eq "false") {
-			$sParams .= "$k=false";
-		} else {
-			$sParams .= "$k=$v";
-		}
-	}
-	return($sParams);
-}
-
-1;
+#####
+#  FCKeditor - The text editor for Internet - http://www.fckeditor.net
+#  Copyright (C) 2003-2009 Frederico Caldeira Knabben
+#
+#  == BEGIN LICENSE ==
+#
+#  Licensed under the terms of any of the following licenses at your
+#  choice:
+#
+#   - GNU General Public License Version 2 or later (the "GPL")
+#     http://www.gnu.org/licenses/gpl.html
+#
+#   - GNU Lesser General Public License Version 2.1 or later (the "LGPL")
+#     http://www.gnu.org/licenses/lgpl.html
+#
+#   - Mozilla Public License Version 1.1 or later (the "MPL")
+#     http://www.mozilla.org/MPL/MPL-1.1.html
+#
+#  == END LICENSE ==
+#
+#  This is the integration file for Perl.
+#####
+
+#my $InstanceName;
+#my $BasePath;
+#my $Width;
+#my $Height;
+#my $ToolbarSet;
+#my $Value;
+#my %Config;
+
+sub FCKeditor
+{
+
+	local($instanceName) = @_;
+	$InstanceName	= $instanceName;
+	$BasePath		= '/fckeditor/';
+	$Width			= '100%';
+	$Height			= '200';
+	$ToolbarSet		= 'Default';
+	$Value			= '';
+}
+
+sub Create
+{
+	print &CreateHtml();
+}
+
+sub specialchar_cnv
+{
+
+	local($ch) = @_;
+
+	$ch =~ s/&/&amp;/g;		# &
+	$ch =~ s/\"/&quot;/g;	#"
+	$ch =~ s/\'/&#39;/g;	# '
+	$ch =~ s/</&lt;/g;		# <
+	$ch =~ s/>/&gt;/g;		# >
+	return($ch);
+}
+
+sub CreateHtml
+{
+
+	$HtmlValue = &specialchar_cnv($Value);
+	$Html = '' ;
+	if(&IsCompatible()) {
+		$Link = $BasePath . "editor/fckeditor.html?InstanceName=$InstanceName";
+		if($ToolbarSet ne '') {
+			$Link .= "&amp;Toolbar=$ToolbarSet";
+		}
+		#// Render the linked hidden field.
+		$Html .= "<input type=\"hidden\" id=\"$InstanceName\" name=\"$InstanceName\" value=\"$HtmlValue\" style=\"display:none\" />" ;
+
+		#// Render the configurations hidden field.
+		$cfgstr = &GetConfigFieldString();
+		$wk = $InstanceName."___Config";
+		$Html .= "<input type=\"hidden\" id=\"$wk\" value=\"$cfgstr\" style=\"display:none\" />" ;
+
+		#// Render the editor IFRAME.
+		$wk = $InstanceName."___Frame";
+		$Html .= "<iframe id=\"$wk\" src=\"$Link\" width=\"$Width\" height=\"$Height\" frameborder=\"0\" scrolling=\"no\"></iframe>";
+	} else {
+		if($Width =~ /\%/g){
+			$WidthCSS = $Width;
+		} else {
+			$WidthCSS = $Width . 'px';
+		}
+		if($Height =~ /\%/g){
+			$HeightCSS = $Height;
+		} else {
+			$HeightCSS = $Height . 'px';
+		}
+		$Html .= "<textarea name=\"$InstanceName\" rows=\"4\" cols=\"40\" style=\"width: $WidthCSS; height: $HeightCSS\">$HtmlValue</textarea>";
+	}
+	return($Html);
+}
+
+sub IsCompatible
+{
+
+	$sAgent = $ENV{'HTTP_USER_AGENT'};
+	if(($sAgent =~ /MSIE/i) && !($sAgent =~ /mac/i) && !($sAgent =~ /Opera/i)) {
+		$iVersion = substr($sAgent,index($sAgent,'MSIE') + 5,3);
+		return($iVersion >= 5.5) ;
+	} elsif($sAgent =~ /Gecko\//i) {
+		$iVersion = substr($sAgent,index($sAgent,'Gecko/') + 6,8);
+		return($iVersion >= 20030210) ;
+	} elsif($sAgent =~ /Opera\//i) {
+		$iVersion = substr($sAgent,index($sAgent,'Opera/') + 6,4);
+		return($iVersion >= 9.5) ;
+	} elsif($sAgent =~ /AppleWebKit\/(\d+)/i) {
+		return($1 >= 522) ;
+	} else {
+		return(0);		# 2.0 PR fix
+	}
+}
+
+sub GetConfigFieldString
+{
+	$sParams = '';
+	$bFirst = 0;
+	foreach $sKey (keys %Config) {
+		$sValue = $Config{$sKey};
+		if($bFirst == 1) {
+			$sParams .= '&amp;';
+		} else {
+			$bFirst = 1;
+		}
+		$k = &specialchar_cnv($sKey);
+		$v = &specialchar_cnv($sValue);
+		if($sValue eq "true") {
+			$sParams .= "$k=true";
+		} elsif($sValue eq "false") {
+			$sParams .= "$k=false";
+		} else {
+			$sParams .= "$k=$v";
+		}
+	}
+	return($sParams);
+}
+
+1;
--- a/MoinMoin/widget/browser.py	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/widget/browser.py	Mon Sep 14 02:47:11 2009 +0200
@@ -129,7 +129,8 @@
                 col = self.data.columns[idx]
                 if col.hidden:
                     continue
-                result.append(fmt.table_cell(1))
+                cell_attrs = {'class': 'hcolumn%d' % idx}
+                result.append(fmt.table_cell(1, cell_attrs))
                 result.append(fmt.strong(1))
                 result.append(col.label or col.name)
                 result.append(fmt.strong(0))
@@ -183,11 +184,12 @@
                 for idx in range(len(row)):
                     if self.data.columns[idx].hidden:
                         continue
+                    cell_attrs = {'class': 'column%d' % idx}
                     if isinstance(row[idx], tuple):
-                        result.append(fmt.table_cell(1, abbr=unicode(row[idx][1])))
+                        result.append(fmt.table_cell(1, cell_attrs, abbr=unicode(row[idx][1])))
                         result.append(unicode(row[idx][0]))
                     else:
-                        result.append(fmt.table_cell(1))
+                        result.append(fmt.table_cell(1, cell_attrs))
                         result.append(unicode(row[idx]))
                     result.append(fmt.table_cell(0))
                 result.append(fmt.table_row(0))
--- a/MoinMoin/wikiutil.py	Mon Sep 14 01:59:33 2009 +0200
+++ b/MoinMoin/wikiutil.py	Mon Sep 14 02:47:11 2009 +0200
@@ -859,6 +859,10 @@
  '.conf': 'text/plain',
  '.irc': 'text/plain',
  '.md5': 'text/plain',
+ '.csv': 'text/csv',
+ '.flv': 'video/x-flv',
+ '.wmv': 'video/x-ms-wmv',
+ '.swf': 'application/x-shockwave-flash',
 }
 [mimetypes.add_type(mimetype, ext, True) for ext, mimetype in MIMETYPES_MORE.items()]
 
--- a/docs/CHANGES	Mon Sep 14 01:59:33 2009 +0200
+++ b/docs/CHANGES	Mon Sep 14 02:47:11 2009 +0200
@@ -208,9 +208,37 @@
       See HelpOnAuthentication.
 
 
-Version 1.8.current:
+Version 1.8.5:
+  Bug fixes:
+    * Attachment links: fix processing of attributes (e.g. 'target', 'title')
+    * Upgrade FCKeditor from 2.6.4 to 2.6.4.1.
+    * PDF embedding: fix html, works better with PDF browser plugins now.
+    * Fix typo in rightsidebar CSS.
+    * Action revert: avoids reverting to a deleted current revision.
+    * Action diff: enable prev/next button only in the range of given revisions.
+    * Add a Auto-Submitted: auto-generated header to generated mails.
+    * Include comment in email notifies.
+    * mailimport: fix endless looping while trying to import a forwarded mail.
+    * fuid: keep same fake_mtime for intervals of max_staleness duration.
+    * Fixes a bug with empty list items in the GUI editor.
+    * Improve filesys.rename compatibility code (win32).
+    * Fix locking for CacheEntry.
+    * Xapian indexing: catch exception when a bad zip file is encountered.
+    * openidrp / botbouncer: fix param count for CancelLogin().
+
+  New features:
+    * Added CAS authentication.
+    * Added httponly cookie support and use it for session cookie.
+
   Other changes:
-    * moin maint cleancache purges now also drafts
+    * HTTP auth: added debug logging.
+    * Minor LDAP auth improvements.
+    * Data browser widget:
+      * Add (h)column<idx> css class to make it styleable.
+      * Include only necessary autofilter options.
+    * moin maint cleancache purges now drafts, too.
+    * Add gopher and apt protocols to url_schemas.
+    * Add .csv, .flv, .swf to MIMETYPES_MORE.
 
 
 Version 1.8.4: