Fix a minor information leak issue which will expose directories outside

the wiki root (not their contents though).

This commit actually upgraded the port to 2009-12-25b by adding the patch
file.

For details please consult:
	http://bugs.splitbrain.org/index.php?do=details&task_id=1847

Sponsored by:	iXsystems, Inc.

www/dokuwiki/Makefile

@@ -7,6 +7,7 @@
 
 PORTNAME=	dokuwiki
 PORTVERSION=	${DIST_VER:S/${PORTNAME}//:S/-//g}
+PORTREVISION=	1
 CATEGORIES=	www
 MASTER_SITES=	http://www.splitbrain.org/_media/projects/dokuwiki/ \
 		LOCAL/chinsan/${PORTNAME}

www/dokuwiki/files/patch-20091225b

@@ -0,0 +1,39 @@
+diff -u -r -N VERSION VERSION
+--- VERSION	2009-12-25 02:14:45.000000000 -0800
++++ VERSION	2010-01-13 09:21:13.000000000 -0800
+@@ -1 +1 @@
+-2009-12-25 "Lemming"
++2009-12-25b "Lemming"
+diff -u -r -N conf/msg conf/msg
+--- conf/msg	2009-12-25 02:14:41.000000000 -0800
++++ conf/msg	2010-01-13 08:25:37.000000000 -0800
+@@ -1,4 +1,4 @@
+-23
++24
+ The first line of this file contains a number, indicating
+ which notification messages should not be displayed. This
+ is the only information sent to dokuwiki.org when the
+diff -u -r -N lib/plugins/acl/ajax.php lib/plugins/acl/ajax.php
+--- lib/plugins/acl/ajax.php	2009-12-25 02:14:41.000000000 -0800
++++ lib/plugins/acl/ajax.php	2010-01-13 08:25:37.000000000 -0800
+@@ -16,9 +16,11 @@
+ require_once(DOKU_INC.'inc/common.php');
+ require_once(DOKU_INC.'inc/pageutils.php');
+ require_once(DOKU_INC.'inc/auth.php');
+-//close sesseion
++//close session
+ session_write_close();
+ 
++if(!auth_isadmin()) die('forbidden');
++
+ $ID    = getID();
+ 
+ if(!auth_isadmin) die('for admins only');
+@@ -42,6 +44,7 @@
+     if($ns == '*'){
+         $ns ='';
+     }
++    $ns  = cleanID($ns);
+     $lvl = count(explode(':',$ns));
+     $ns  = utf8_encodeFN(str_replace(':','/',$ns));
+