function ewiki_mpi_addlink($action, $args, &$iii, &$s) { global $ewiki_id, $ewiki_action; $o = ""; #-- add URL if ($_REQUEST["link_save"]) { #-- check parameters $url = trim($_REQUEST["link_url"]); $text = ""; $title = $desc = ""; if (!strpos($url, "example.com") && strlen($url) > 12 && preg_match('#^https?://#', $url)) { $text = implode("", file($url)); if ($text) { preg_match('#<title[^>]*>([^<]+)</title>#ims', $text, $uu) and $title = $uu[1] or preg_match('#//([^/]+)#', $url, $uu) and $title = $uu[1]; preg_match('#<meta[^>]+name=["\']description["\'][^>]+content=["\']([^"\']+)["\']#ims', $text, $uu) and $desc = $uu[1] or preg_match('#<body[^>]+>(.+?)</body#ims', $text, $uu) and $desc = strip_tags($uu[1]); $desc = substr(preg_replace('/\\s+/', " ", $desc), 0, 300); } $add = ":{$title}:\n {$url} %%%\n {$desc}\n"; } #-- store bugreport if ($text) { $data = ewiki_db::GET($ewiki_id); $data["content"] = rtrim($data["content"]) . "\n" . $add; ewiki_data_update($data); $data["version"]++; ewiki_db::WRITE($data); #-- append to page output $iii[] = array($add, 0xffff, "core"); } } else { $url = ewiki_script("", $ewiki_id); $o .= <<<EOT <form style="border:2px #333370 solid; background:#7770B0; padding:5px;"class="BugReport" action="{$url}" method="POST" enctype="multipart/form-data"> <input type="hidden" name="id" value="{$ewiki_action}/{$ewiki_id}"> Link <input type="text" name="link_url" value="http://www.example.com/" size="50"> <input type="submit" name="link_save" value="hinzufügen"> </form> EOT; } return $o; }
function ewiki_editable_intermap($id, $data, $action) { global $ewiki_config; $o = ""; if (($url = $_REQUEST["add_url"]) && ($moni = $_REQUEST["add_moniker"])) { if (!preg_match('#^http[sz]?://(\\w{2,}\\.)+\\w{2,}(:\\d+)?[^\\[\\]\\"\\s]+$#', $url) || strpos($url, "example")) { $o .= "URL was rejected."; } elseif (!preg_match('#^([' . EWIKI_CHARS_U . ']+[' . EWIKI_CHARS_L . ']+){2,}[' . EWIKI_CHARS . ']+$#', $moni) || $moni == "WikiName") { $o .= "Choosen InterWiki moniker not acceptable."; } else { if ($ewiki_config["interwiki"][$moni]) { $o .= "(Note: eventually overriding earlier entry.)<br />"; } $data["content"] = "\n" . trim($data["content"]) . "\n" . ":{$moni}:{$url}" . "\n"; ewiki_data_update($data); $data["version"]++; if (ewiki_db::WRITE($data)) { $o .= "Map was updated."; } else { $o .= "Error occoured when saving your changes."; } } $o .= "<br />"; } $o .= ewiki_make_title($id, $id, 2); $o .= ewiki_page_view($id, $data, $action, 0); $o .= ewiki_t(<<<EOT <form class="intermap-append" action="{$_SERVER['REQUEST_URI']}" method="POST" enctype="multipart/form-data"> <hr> <input type="hidden" name="id" value="{$id}"> :<input name="add_moniker" value="WikiName" size="16">:<input name="add_url" value="http://www.example.com/..." size="42"> <br /> <input type="submit" value="_{add}"> </form> EOT ); return $o; }
function ewiki_page_edit($id, $data, $action) { global $ewiki_links, $ewiki_author, $ewiki_plugins, $ewiki_ring, $ewiki_errmsg; $content = optional_param('content', ''); $version = optional_param('version', ''); $preview = optional_param('preview', false); $save = optional_param('save', false); $hidden_postdata = array(); #-- previous version come back if (@$data["forced_version"]) { $current = ewiki_database("GET", array("id" => $id)); $data["version"] = $current["version"]; unset($current); /// Is this done for somewhere else? $_REQUEST['content'] = $_POST['content'] = $_GET['content'] = null; $_REQUEST['version'] = $_POST['version'] = $_GET['version'] = null; $content = ''; $version = ''; } #-- edit hacks if ($pf_a = @$ewiki_plugins["edit_hook"]) { foreach ($pf_a as $pf) { if ($output = $pf($id, $data, $hidden_postdata)) { return $output; } } } #-- permission checks if (isset($ewiki_ring)) { $ring = $ewiki_ring; } else { $ring = 3; } $flags = @$data["flags"]; if (!($flags & EWIKI_DB_F_WRITEABLE)) { #-- perform auth $edit_ring = EWIKI_PROTECTED_MODE >= 2 ? 2 : NULL; if (EWIKI_PROTECTED_MODE && !ewiki_auth($id, $data, $action, $edit_ring, "FORCE")) { return $ewiki_errmsg; } #-- flag checking if ($flags & EWIKI_DB_F_READONLY and $ring >= 2) { return ewiki_t("CANNOTCHANGEPAGE"); } if ($flags and ($flags & EWIKI_DB_F_TYPE) != EWIKI_DB_F_TEXT and $ring >= 1) { return ewiki_t("CANNOTCHANGEPAGE"); } } #-- "Edit Me" $o = ewiki_make_title($id, ewiki_t("EDITTHISPAGE") . " '{$id}'", 2, $action, "", "_MAY_SPLIT=1"); #-- preview if ($preview) { $o .= $ewiki_plugins["edit_preview"][0]($data); } #-- save if ($save) { #-- normalize to UNIX newlines $content = str_replace("\r\n", "\n", $content); $content = str_replace("\r", "\n", $content); #-- check for concurrent version saving $error = 0; if (@$data["version"] >= 1 && $data["version"] != $version || $version < 1) { $pf = $ewiki_plugins["edit_patch"][0]; if (!$pf || !$pf($id, $data)) { $error = 1; $o .= ewiki_t("ERRVERSIONSAVE") . "<br /><br />"; } } if (!$error) { #-- new pages` flags if (!($set_flags = @$data["flags"] & EWIKI_DB_F_COPYMASK)) { $set_flags = 1; } if (EWIKI_ALLOW_HTML) { $set_flags |= EWIKI_DB_F_HTML; } #-- mk db entry $save = array("id" => $id, "version" => @$data["version"] + 1, "flags" => $set_flags, "content" => $content, "created" => ($uu = @$data["created"]) ? $uu : time(), "meta" => ($uu = @$data["meta"]) ? $uu : "", "hits" => ($uu = @$data["hits"]) ? $uu : "0"); ewiki_data_update($save); #-- edit storage hooks if ($pf_a = @$ewiki_plugins["edit_save"]) { foreach ($pf_a as $pf) { $pf($save, $data); } } #-- save if (!$save || !ewiki_database("WRITE", $save)) { $o .= $ewiki_errmsg ? $ewiki_errmsg : ewiki_t("ERRORSAVING"); } else { #-- prevent double saving, when ewiki_page() is re-called $_REQUEST = $_GET = $_POST = array(); $o = ewiki_t("THANKSFORCONTRIBUTION") . "<br /><br />"; $o .= ewiki_page($id); if (EWIKI_EDIT_REDIRECT) { $url = ewiki_script("", $id, "thankyou=1", 0, 0, EWIKI_HTTP_HEADERS ? ewiki_script_url() : 0); if (EWIKI_HTTP_HEADERS && !headers_sent()) { header("Status: 303 Redirect for GET"); header("Location: {$url}"); #header("URI: $url"); #header("Refresh: 0; URL=$url"); } else { $o .= '<meta http-equiv="Refresh" content="0; URL=' . s($url) . '">'; } } } } //@REWORK // header("Reload-Location: " . ewiki_script("", $id, "", 0, 0, ewiki_script_url()) ); } else { #-- Edit <form> $o .= ewiki_page_edit_form($id, $data, $hidden_postdata); #-- additional forms if ($pf_a = $ewiki_plugins["edit_form_final"]) { foreach ($pf_a as $pf) { $pf($o, $id, $data, $action); } } } return $o; }
function ewiki_mpi_tableeditor($action, $args, &$iii, &$s) { global $ewiki_id, $ewiki_data; #-- config $rel = 5 / 2; // favoured ratio width to height $SEP = "|"; // table cell separator ("|", or "||" for other Wikis); $add_empty_row = 1; $w_min = 7; $w_stretch = 1.17; // + 17% $w_max = 35; $h_min = 2; $h_max = 12; #-- analyze current table for cell sizes $t = array(); foreach (explode("\n", trim($args["_"])) as $row) { $t[] = explode($SEP, trim(trim($row), $SEP)); } $t_widths = array(); $t_heights = array(); $x = count($t[0]); $y = count($t); for ($row = 0; $row < $y; $row++) { for ($col = 0; $col < $x; $col++) { $len = strlen($t[$row][$col]); $w = sqrt($rel * $len); if ($w < $w_min) { $w = $w_min; } $h = max((int) ($len / $w), $h_min); $w = (int) ($w * $w_stretch); $h = min($h, $h_max); $w = min($w, $w_max); $t_widths[$col] = max($t_widths[$col], $w); $t_heights[$row] = max($t_heights[$row], $h); } } #-- store ----------------------------------------------------------- $o = '<div class="mpi TableEditor">'; if ($_REQUEST["te_save"]) { $data = ewiki_db::GET($ewiki_id); if ($data && $_REQUEST["te_d_ver"] == $data["version"]) { if (!preg_match_all('/<\\?plugin:?\\s*TableEditor/i', $data["content"], $uu)) { $o .= "Could not detect the exact position of the TableEditor inside the page. Not saved.<br />"; } elseif (count($uu[0]) >= 2) { $o .= "There can only be <b>one</b> TableEditor call in a page!<br />"; } else { $src = ""; $t = $_REQUEST["te_d"]; foreach ($t as $y => $row) { $empty = 1; foreach ($row as $x => $cell) { $t[$y][$x] = trim(strtr($cell, "\r\n\t\f", " ")); $empty = $empty && empty($t[$y][$x]); } if ($empty) { unset($t[$y]); continue; } $src .= "{$SEP} " . implode(" {$SEP} ", $t[$y]) . " {$SEP}\n"; } $data["content"] = preg_replace('/<\\?plugin:?\\s*TableEditor.+?\\?>/is', "<?plugin TableEditor\n\n{$src}\n?>", $data["content"]); ewiki_data_update($data); $data["version"]++; ewiki_db::WRITE($data); } } else { $o .= ewiki_t("ERRVERSIONSAVE") . "<br />\n"; } } #-- output start ---------------------------------------------------- $o .= '<form action="' . $_SERVER["REQUEST_URI"] . '" method="POST" enctype="multipart/form-data">' . '<input type="hidden" name="te_d_ver" value="' . $ewiki_data["version"] . '">' . '<input type="hidden" name="id" value="' . htmlentities($ewiki_id) . '">'; #-- print <textarea> table variant if ($_REQUEST["te_load"]) { $o .= '<input type="submit" name="te_save" value="SaveTable"><br />'; $o .= '<table border="1" cellspacing="1" cellpadding="2">'; if ($add_empty_row) { $y++; } for ($row = 0; $row < $y; $row++) { for ($col = 0; $col < $x; $col++) { $t[$row][$col] = "<textarea style=\"border:none;background:transparent;\" name=\"te_d[{$row}][{$col}]\" cols=\"{$t_widths[$col]}\" rows=\"{$t_heights[$row]}\" wrap=\"soft\">" . htmlentities(trim($t[$row][$col])) . "</textarea>"; } $o .= '<tr><td>' . implode('</td><td>', $t[$row]) . '</td></tr>' . "\n"; } $o .= "</table>\n"; } else { #-- insert <html> form at current position $o .= '<input type="submit" name="te_load" value="TableEditor"><br />'; $in = $s["in"]; $iii[$in][0] = "WILL BE REPLACED with \$o..."; #-- mk table markup, insert into $iii $src = "\n\n"; foreach ($t as $row) { $src .= "{$SEP} " . implode(" {$SEP} ", $row) . " {$SEP}\n"; } $src .= "\n"; $iii = array_merge(array_slice($iii, 0, $in + 1), array(array($src, 0x137f, "core")), array_slice($iii, $in + 1)); // the following return($o); will insert the <form> into // the current input buffer $iii[$in][0] later } $o .= "</form></div>\n"; return $o; }
function ewiki_xpi_plugin_control_centre() { ewiki_xpi_load_registry($registry, $registry_hash); #-- title $o = '<div class="xpi-settings"><h4>plugin control</h4>'; #-- delete plugins if ($access && ($uu = $_REQUEST["xpi_rm"])) { foreach ($uu as $id => $del) { if ($del) { $id = rawurldecode($id); $dat = ewiki_db::GET($id); $vZ = $dat["version"]; for ($v = 1; $v <= $vZ; $v++) { ewiki_db::DELETE($id, $v); } unset($registry[$id]); $vZ += 0; $o .= "<b>i</b>: Purged {$vZ} versions of '{$id}' and removed xpi registry entry.<br /><br />"; ewiki_log("uninstalled .xpi/.jpi plugin '{$id}'", 0); } } $_REQUEST["setup_xpi"] = 1; } #-- update config settings if ($_REQUEST["setup_xpi"]) { if ($access) { foreach ($registry as $id => $uu) { $registry[$id]["state"] = $_REQUEST["xpi_set"][rawurlencode($id)] ? 1 : 0; } $registry_hash["content"] = serialize($registry); ewiki_data_update($registry_hash); $registry_hash["version"]++; ewiki_db::WRITE($registry_hash); } else { $o .= "You have no privileges to change the status of installed .xpi plugins.<br />\n"; } } #-- enable/disable checkboxes $o .= '<table border="0" cellspacing="1" cellpadding="2">'; foreach ($registry as $dat) { $enabled = $dat["state"] == 1; $hard = $dat["type"] == "page"; $title = $hard ? ewiki_link($dat["id"]) : $dat["id"]; $o .= '<tr>' . '<td><tt>' . $dat["type"] . '</tt></td>' . '<td class="xs-check"><input type="checkbox" name="xpi_set[' . rawurlencode($dat["id"]) . ']" value="1"' . ($enabled ? " checked" : "") . ($hard ? " disabled" : "") . '></td>' . '<td class="xs-id">' . $title . '</td>' . '<td><small>' . htmlentities($dat["description"]) . '</small></td>' . '<td>' . $dat["author"] . ", " . $dat["license"] . '</td>' . '<td class="xs-check"><input type="submit" name="xpi_rm[' . rawurlencode($dat["id"]) . ']" value="rm" title="uninstall plugin"' . ($access ? "" : " disabled") . '></td>' . '</tr>'; } $o .= '</table>'; $o .= '<br /><input type="submit" name="setup_xpi" value="configure"' . ($access ? "" : " disabled") . '>'; $o .= '</form></div>'; return $o; }
function ewiki_shutdown_referer_log($id, &$data, $action, $args = NULL) { global $ewiki_config; $iw = $ewiki_config["interwiki"]; #-- the referer url $ref = strtok($_SERVER["HTTP_REFERER"], "# "); $this1 = EWIKI_SERVER . $_SERVER["REQUEST_URI"]; $this2 = ewiki_script("", $id); #-- pattern of ourselfs $host = $_SERVER["HTTP_HOST"]; $pat = substr($host, strpos($host, ".") + 1); if (!strpos($pat, ".")) { $pat = $host; } #-- reject if self-referring if (strpos($ref, $host) || strpos($ref, $_SERVER["SERVER_NAME"])) { return false; } #-- reject search engine links if (strpos($ref, "?") && strpos($ref, "q=")) { return false; } #-- link already on page? $sref = trim($ref, "/"); $sref = substr($sref, strpos($sref, ".") + 1); $sref = strtolower($sref); if (strpos(strtolower($data["refs"]), $sref)) { return false; } #-- forgery test 1 if (strpos(urldecode($ref), $pat) || strpos(urldecode(urldecode($ref)), $pat)) { ewiki_log("forged REFERER '{$ref}' to {$this1}"); return -1; } #-- already banned? if (function_exists("ewiki_banned_link") && ewiki_banned_link($ref)) { ewiki_log("banned REFERER '{$ref}' to {$this1}"); return -1; } #-- special cases if (!strpos(trim(substr($ref, 10), "/"), "/")) { $likely_fake = 1; // link from server root dir? } elseif (strpos($ref, "slashdot")) { $from_sd = 1; } #-- decode InterWiki URLs into "prefix:PageName" representation if ($link = ewiki_url2wiki($ref)) { if (stristr($data["refs"], $link)) { // already in page return false; } } else { $link = $ref; } #-- retrieve page to check for link existence $R = ewiki_http_query("GET", $ref, NULL, array(), "cookies.txt"); if (!stristr($R[0], $this1) && !stristr($R[0], $this2) && !strpos($R[0], EWIKI_NAME . ":{$id}")) { ewiki_log("faked REFERER '{$ref}' to {$this1}"); if ($likely_fake && ($abuse = $_SERVER["HTTP_FROM"])) { mail($abuse, "REFERER Header Abuse", "Dear 'search-engine' maintainer,\n\nYou misused the HTTP Referer: header for marketing purposes.\nThis informational mail is meant to annoy you likewise.\n\n", "X-From: {$_SERVER['SERVER_ADMIN']}\nX-Mailer: ewiki:refererlog\n"); } return -1; } #-- all tests passed, add link $data = ewiki_db::GET($id); if ($data["version"]++) { $data["content"] = trim($data["content"]) . "\n- {$link}\n"; ewiki_data_update($data); $data["author"] = "RefererLog; " . $data["author"]; if (!EWIKI_REFERER_NOISE) { $data["flags"] |= EWIKI_DB_F_MINOR; } ewiki_db::WRITE($data); } }