function macro_Subscribe($formatter, $value, $options = array()) { global $DBInfo; $user = $DBInfo->user; # get cookie if ($user->id != 'Anonymous') { $udb =& $DBInfo->udb; $userinfo = $udb->getUser($user->id); $email = $userinfo->info['email']; } else { $title = _("Please login or make your ID."); return $title; } if (!$userinfo->info['subscribed_pages']) { return _("You did'nt subscribed any pages yet."); } #$page_list=_preg_search_escape($userinfo->info['subscribed_pages']); $page_list = $userinfo->info['subscribed_pages']; if (!trim($page_list)) { return _("You did'nt subscribed any pages yet."); } $page_lists = explode("\t", $page_list); $page_rule = '^' . join("\$|^", $page_lists) . '$'; $out = macro_TitleSearch($formatter, $page_rule, $ret); if ($ret['hits'] > 0) { return '<div class="subscribePages">' . $out . '</div>'; } return _("No subscribed pages found."); }
function do_titlesearch($formatter, $options) { global $DBInfo; $ret = array(); if (isset($options['noexact'])) { $ret['noexact'] = $options['noexact']; } if (isset($options['noexpr'])) { $ret['noexpr'] = $options['noexpr']; } $out = macro_TitleSearch($formatter, $options['value'], $ret); if ($ret['hits'] == 1 and (empty($DBInfo->titlesearch_noredirect) or !empty($ret['exact']))) { $options['value'] = $ret['value']; $options['redirect'] = 1; do_goto($formatter, $options); return true; } if (!$ret['hits'] and !empty($options['check'])) { return false; } if ($ret['hits'] == 0) { $ret2['form'] = 1; $out2 = $formatter->macro_repl('FullSearch', $options['value'], $ret2); } $formatter->send_header("", $options); $options['msgtype'] = 'search'; $formatter->send_title($ret['msg'], $formatter->link_url("FindPage"), $options); if (!empty($options['check'])) { $page = $formatter->page->urlname; $button = $formatter->link_to("?action=edit", $formatter->icon['create'] . _("Create this page")); print "<h2>" . $button; print sprintf(_(" or click %s to fullsearch this page.\n"), $formatter->link_to("?action=fullsearch&value={$page}", _("title"))) . "</h2>"; } print $ret['form']; if (!empty($ret['hits'])) { print $out; } if ($ret['hits']) { printf(_("Found %s matching %s out of %s total pages") . "<br />", $ret['hits'], $ret['hits'] == 1 ? _("page") : _("pages"), $ret['all']); } if ($ret['hits'] == 0) { print '<h2>' . _("Please try to fulltext search") . "</h2>\n"; print $out2; } else { $value = _urlencode($options['value']); print '<h2>' . sprintf(_("You can also click %s to fulltext search.\n"), $formatter->link_to("?action=fullsearch&value={$value}", _("here"))) . "</h2>\n"; } $args['noaction'] = 1; $formatter->send_footer($args, $options); return true; }
function wiki_main($options) { global $DBInfo, $Config; $pagename = isset($options['pagename'][0]) ? $options['pagename'] : $DBInfo->frontpage; # get primary variables if (isset($_SERVER['REQUEST_METHOD']) and $_SERVER['REQUEST_METHOD'] == 'POST') { // reset some reserved variables if (isset($_POST['retstr'])) { unset($_POST['retstr']); } if (isset($_POST['header'])) { unset($_POST['header']); } # hack for TWiki plugin $action = ''; if (!empty($_FILES['filepath']['name'])) { $action = 'draw'; } if (isset($GLOBALS['HTTP_RAW_POST_DATA'])) { # hack for Oekaki: PageName----action----filename list($pagename, $action, $value) = explode('----', $pagename, 3); $options['value'] = $value; } else { $value = !empty($_POST['value']) ? $_POST['value'] : ''; $action = !empty($_POST['action']) ? $_POST['action'] : $action; if (empty($action)) { $dum = explode('----', $pagename, 3); if (isset($dum[0][0]) && isset($dum[1][0])) { $pagename = trim($dum[0]); $action = trim($dum[1]); $value = isset($dum[2][0]) ? $dum[2] : ''; } } } $goto = !empty($_POST['goto']) ? $_POST['goto'] : ''; $popup = !empty($_POST['popup']) ? 1 : 0; } else { // reset some reserved variables if (isset($_GET['retstr'])) { unset($_GET['retstr']); } if (isset($_GET['header'])) { unset($_GET['header']); } $action = !empty($_GET['action']) ? $_GET['action'] : ''; $value = isset($_GET['value'][0]) ? $_GET['value'] : ''; $goto = isset($_GET['goto'][0]) ? $_GET['goto'] : ''; $rev = !empty($_GET['rev']) ? $_GET['rev'] : ''; if ($options['id'] == 'Anonymous') { $refresh = 0; } else { $refresh = !empty($_GET['refresh']) ? $_GET['refresh'] : ''; } $popup = !empty($_GET['popup']) ? 1 : 0; } // parse action // action=foobar, action=foobar/macro, action=foobar/json etc. $full_action = $action; $action_mode = ''; if (($p = strpos($action, '/')) !== false) { $full_action = strtr($action, '/', '-'); $action_mode = substr($action, $p + 1); $action = substr($action, 0, $p); } $options['page'] = $pagename; $options['action'] =& $action; unset($options['call']); // reserved FIXME // check pagename length $key = $DBInfo->pageToKeyname($pagename); if (!empty($options['action']) && strlen($key) > 255) { $i = 252; // 252 + reserved 3 (.??) = 255 $newname = $DBInfo->keyToPagename(substr($key, 0, 252)); $j = mb_strlen($newname, $Config['charset']); $j--; do { $newname = mb_substr($pagename, 0, $j, $Config['charset']); $key = $DBInfo->pageToKeyname($newname); } while (strlen($key) > 248 && --$j > 0); $options['page'] = $newname; $options['orig_pagename'] = $pagename; // original page name $pagename = $newname; } else { $options['orig_pagename'] = ''; } if (function_exists('local_pre_check')) { local_pre_check($action, $options); } // load ruleset if (!empty($Config['config_ruleset'])) { $ruleset_file = 'config/ruleset.' . $Config['config_ruleset'] . '.php'; if (file_exists($ruleset_file)) { $ruleset = load_ruleset($ruleset_file); $Config['ruleset'] = $ruleset; } // is it robot ? if (!empty($ruleset['allowedrobot'])) { if (empty($_SERVER['HTTP_USER_AGENT'])) { $options['is_robot'] = 1; } else { $options['is_robot'] = is_allowed_robot($ruleset['allowedrobot'], $_SERVER['HTTP_USER_AGENT']); } } // setup staff members if (!empty($ruleset['staff'])) { $DBInfo->members = array_merge($DBInfo->members, $ruleset['staff']); } } $page = $DBInfo->getPage($pagename); $page->is_static = false; // FIXME $pis = array(); // get PI cache if ($page->exists()) { $page->pi = $pis = $page->get_instructions('', array('refresh' => $refresh)); // set some PIs for robot if (!empty($options['is_robot'])) { $DBInfo->use_sectionedit = 0; # disable section edit $page->is_static = true; } else { if ($_SERVER['REQUEST_METHOD'] == 'GET' or $_SERVER['REQUEST_METHOD'] == 'HEAD') { if (empty($action) and empty($refresh)) { $page->is_static = empty($pis['#nocache']) && empty($pis['#dynamic']); } } } } // HEAD support for robots if (empty($action) and !empty($_SERVER['REQUEST_METHOD']) and $_SERVER['REQUEST_METHOD'] == 'HEAD') { if (!$page->exists()) { header("HTTP/1.1 404 Not found"); header("Status: 404 Not found"); } else { if ($page->is_static or is_static_action($options)) { $mtime = $page->mtime(); $etag = $page->etag($options); $lastmod = gmdate('D, d M Y H:i:s \\G\\M\\T', $mtime); header('Last-Modified: ' . $lastmod); if (!empty($action)) { $etag = '"' . $etag . '"'; header('ETag: ' . $etag); } // checksum request if (isset($_SERVER['HTTP_X_GET_CHECKSUM'])) { header('X-Checksum: md5-' . md5($page->get_raw_body())); } } } return; } if (is_static_action($options) or !empty($DBInfo->use_conditional_get) and $page->is_static) { $mtime = $page->mtime(); $etag = $page->etag($options); $lastmod = gmdate('D, d M Y H:i:s \\G\\M\\T', $mtime); $need = http_need_cond_request($mtime, $lastmod, $etag); if (!$need) { @ob_end_clean(); $headers = array(); $headers[] = 'HTTP/1.0 304 Not Modified'; $headers[] = 'Last-Modified: ' . $lastmod; foreach ($headers as $header) { header($header); } return; } } $formatter = new Formatter($page, $options); $formatter->refresh = !empty($refresh) ? $refresh : ''; $formatter->popup = !empty($popup) ? $popup : ''; $formatter->tz_offset = $options['tz_offset']; // check blocklist/whitelist for block_actions $act = strtolower($action); while (!empty($DBInfo->block_actions) && !empty($ruleset) && in_array($act, $DBInfo->block_actions)) { require_once 'lib/checkip.php'; // check whitelist if (isset($ruleset['whitelist']) && check_ip($ruleset['whitelist'], $_SERVER['REMOTE_ADDR'])) { break; } $res = null; // check blacklist if (isset($ruleset['blacklist']) && check_ip($ruleset['blacklist'], $_SERVER['REMOTE_ADDR']) || isset($ruleset['blacklist.ranges']) && search_network($ruleset['blacklist.ranges'], $_SERVER['REMOTE_ADDR'])) { $res = true; } else { if (!empty($DBInfo->use_dynamic_blacklist)) { require_once 'plugin/ipinfo.php'; $blacklist = get_cached_temporary_blacklist(); $retval = array(); $ret = array('retval' => &$retval); $res = search_network($blacklist, $_SERVER['REMOTE_ADDR'], $ret); if ($res !== false) { // retrieve found $ac = new Cache_Text('ipblock'); $info = $ac->fetch($retval, 0, $ret); if ($info !== false) { if (!$info['suspended']) { // whitelist IP break; } $res = true; } else { $ac->remove($retval); // expired IP entry. $res = false; } } } } // show warning message if ($res) { $options['notice'] = _("Your IP is in the blacklist"); $options['msg'] = _("Please contact WikiMasters"); $options['msgtype'] = 'warn'; if (!empty($DBInfo->edit_actions) and in_array($act, $DBInfo->edit_actions)) { $options['action'] = $action = 'edit'; } else { if ($act != 'edit') { $options['action'] = $action = 'show'; } } break; } // check kiwirian if (isset($ruleset['kiwirian']) && in_array($options['id'], $ruleset['kiwirian'])) { $options['title'] = _("You are blocked in this wiki"); $options['msg'] = _("Please contact WikiMasters"); do_invalid($formatter, $options); return false; } break; } // set robot class if (!empty($options['is_robot'])) { if (!empty($DBInfo->security_class_robot)) { $class = 'Security_' . $DBInfo->security_class_robot; include_once 'plugin/security/' . $DBInfo->security_class_robot . '.php'; } else { $class = 'Security_robot'; include_once 'plugin/security/robot.php'; } $DBInfo->security = new $class($DBInfo); // is it allowed to robot ? if (!$DBInfo->security->is_allowed($action, $options)) { $action = 'show'; if (!empty($action_mode)) { return '[]'; } } $DBInfo->extra_macros = ''; } while (empty($action) or $action == 'show') { if (isset($value[0])) { # ?value=Hello $options['value'] = $value; do_goto($formatter, $options); return true; } else { if (isset($goto[0])) { # ?goto=Hello $options['value'] = $goto; do_goto($formatter, $options); return true; } } if (!$page->exists()) { if (isset($options['retstr'])) { return false; } if (!empty($DBInfo->auto_search) && $action != 'show' && ($p = getPlugin($DBInfo->auto_search))) { $action = $DBInfo->auto_search; break; } $msg_404 = ''; $formatter->header("HTTP/1.1 404 Not found"); if (empty($Config['no_404'])) { $msg_404 = "Status: 404 Not found"; } # for IE if (!empty($options['is_robot']) or !empty($Config['nofancy_404'])) { $formatter->header($msg_404); echo '<html><head></head><body><h1>' . $msg_404 . '</h1></body></html>'; return true; } $formatter->send_header($msg_404, $options); if (empty($DBInfo->metadb)) { $DBInfo->initMetaDB(); } $twins = $DBInfo->metadb->getTwinPages($page->name, 2); if ($twins) { $formatter->send_title('', '', $options); $twins = "\n" . implode("\n", $twins); $formatter->send_page(_("See TwinPages : ") . $twins); echo "<br />" . $formatter->link_to("?action=edit", $formatter->icon['create'] . _("Create this page")); } else { $oldver = ''; if ($DBInfo->version_class) { $version = $DBInfo->lazyLoad('version', $DBInfo); $oldver = $version->rlog($formatter->page->name, '', '', '-z'); } $button = $formatter->link_to("?action=edit", $formatter->icon['create'] . _("Create this page")); if ($oldver) { $formatter->send_title(sprintf(_("%s has saved revisions"), $page->name), "", $options); $searchval = _html_escape($options['page']); echo '<h2>' . sprintf(_("%s or click %s to fulltext search.\n"), $button, $formatter->link_to("?action=fullsearch&value={$searchval}", _("here"))) . '</h2>'; $options['info_actions'] = array('recall' => 'view', 'revert' => 'revert'); $options['title'] = '<h3>' . sprintf(_("Old Revisions of the %s"), _html_escape($page->name)) . '</h3>'; #if (empty($formatter->wordrule)) $formatter->set_wordrule(); echo $formatter->macro_repl('Info', '', $options); } else { $formatter->send_title(sprintf(_("%s is not found in this Wiki"), $page->name), "", $options); $searchval = _html_escape($options['page']); if (!empty($DBInfo->default_fullsearch)) { $fullsearch = $DBInfo->default_fullsearch; if (strpos($fullsearch, '%s') !== false) { $fullsearch = sprintf($fullsearch, $searchval); } else { $fullsearch .= $searchval; } $fullsearch = '<a href="' . $fullsearch . '">' . _("here") . '</a>'; } else { $fullsearch = $formatter->link_to("?action=fullsearch&value=" . $searchval, _("here")); } echo '<h2>' . sprintf(_("%s or click %s to fulltext search.\n"), $button, $fullsearch) . '</h2>'; $err = array(); echo $formatter->macro_repl('LikePages', $page->name, $err); if (!empty($err['extra'])) { echo $err['extra']; } echo '<h2>' . _("Please try to search with another word") . '</h2>'; $ret = array('call' => 1); $ret = $formatter->macro_repl('TitleSearch', '', $ret); #if ($ret['hits'] == 0) echo "<div class='searchResult'>" . $ret['form'] . "</div>"; } echo "<hr />\n"; $options['linkto'] = "?action=edit&template="; $options['limit'] = -1; $tmpls = macro_TitleSearch($formatter, $DBInfo->template_regex, $options); if ($tmpls) { echo sprintf(_("%s or alternativly, use one of these templates:\n"), $button); echo $tmpls; } else { echo "<h3>" . _("You have no templates") . "</h3>"; } echo sprintf(_("To create your own templates, add a page with '%s' pattern.\n"), $DBInfo->template_regex); } $args['editable'] = 1; $formatter->send_footer($args, $options); return; } # display this page if (isset($_GET['redirect']) and !empty($DBInfo->use_redirect_msg) and $action == 'show') { $redirect = $_GET['redirect']; $options['msg'] = '<h3>' . sprintf(_("Redirected from page \"%s\""), $formatter->link_tag(_rawurlencode($redirect), '?action=show', $redirect)) . "</h3>"; } if (empty($action)) { $options['pi'] = 1; } # protect a recursivly called #redirect if (!empty($DBInfo->control_read) and !$DBInfo->security->is_allowed('read', $options)) { do_invalid($formatter, $options); return; } $formatter->pi = $formatter->page->get_instructions(); if (!empty($DBInfo->body_attr)) { $options['attr'] = $DBInfo->body_attr; } $ret = $formatter->send_header('', $options); if (empty($options['is_robot'])) { if ($DBInfo->use_counter) { $DBInfo->counter->incCounter($pagename, $options); } if (!empty($DBInfo->use_referer) and isset($_SERVER['HTTP_REFERER'])) { log_referer($_SERVER['HTTP_REFERER'], $pagename); } } $formatter->send_title("", "", $options); $formatter->write("<div id='wikiContent'>\n"); if (isset($options['timer']) and is_object($options['timer'])) { $options['timer']->Check("init"); } // force #nocache for #redirect pages if (isset($formatter->pi['#redirect'][0])) { $formatter->pi['#nocache'] = 1; } $extra_out = ''; $options['pagelinks'] = 1; if (!empty($Config['cachetime']) and $Config['cachetime'] > 0 and empty($formatter->pi['#nocache'])) { $cache = new Cache_text('pages', array('ext' => 'html')); $mcache = new Cache_text('dynamic_macros'); $mtime = $cache->mtime($pagename); $now = time(); $check = $now - $mtime; $_macros = null; if ($cache->mtime($pagename) < $formatter->page->mtime()) { $formatter->refresh = 1; } // force update $delay = !empty($DBInfo->default_delaytime) ? $DBInfo->default_delaytime : 0; if (empty($formatter->refresh) and $DBInfo->checkUpdated($mtime, $delay) and $check < $Config['cachetime']) { if ($mcache->exists($pagename)) { $_macros = $mcache->fetch($pagename); } if (empty($_macros)) { $out = ''; #$out = $cache->fetch($pagename); $cache->fetch($pagename, '', array('print' => 1)); } else { $out = $cache->fetch($pagename); } $mytime = gmdate("Y-m-d H:i:s", $mtime + $options['tz_offset']); $extra_out = "<!-- Cached at {$mytime} -->"; } else { $formatter->_macrocache = 1; ob_start(); $formatter->send_page('', $options); flush(); $out = ob_get_contents(); ob_end_clean(); $formatter->_macrocache = 0; $_macros = $formatter->_dynamic_macros; if (!empty($_macros)) { $mcache->update($pagename, $_macros); } if (isset($out[0])) { $cache->update($pagename, $out); } } if (!empty($_macros)) { $mrule = array(); $mrepl = array(); foreach ($_macros as $m => $v) { if (!is_array($v)) { continue; } $mrule[] = '@@' . $v[0] . '@@'; $options['mid'] = $v[1]; $mrepl[] = $formatter->macro_repl($m, '', $options); // XXX } echo $formatter->get_javascripts(); $out = str_replace($mrule, $mrepl, $out); // no more dynamic macros found if (empty($formatter->_dynamic_macros)) { // update contents $cache->update($pagename, $out); // remove dynamic macros cache $mcache->remove($pagename); } } if ($options['id'] != 'Anonymous') { $args['refresh'] = 1; } // add refresh menu } else { ob_start(); $formatter->send_page('', $options); flush(); $out = ob_get_contents(); ob_end_clean(); } // fixup to use site specific thumbwidth if (!empty($Config['site_thumb_width']) and $Config['site_thumb_width'] != $DBInfo->thumb_width) { $opts = array('thumb_width' => $Config['site_thumb_width']); $out = $formatter->postfilter_repl('imgs_for_mobile', $out, $opts); } echo $out, $extra_out; // automatically set #dynamic PI if (empty($formatter->pi['#dynamic']) and !empty($formatter->_dynamic_macros)) { $pis = $formatter->pi; if (empty($pis['raw'])) { // empty PIs $pis = array(); } else { if (isset($pis['#format']) and !preg_match('/#format\\s/', $pis['raw'])) { // #format not found in PIs unset($pis['#format']); } } $pis['#dynamic'] = 1; // internal instruction $pi_cache = new Cache_text('PI'); $pi_cache->update($formatter->page->name, $pis); } else { if (empty($formatter->_dynamic_macros) and !empty($formatter->pi['#dynamic'])) { $pi_cache = new Cache_text('PI'); $pi_cache->remove($formatter->page->name); // reset PI $mcache->remove($pagename); // remove macro cache if (isset($out[0])) { $cache->update($pagename, $out); } // update cache content } } if (isset($options['timer']) and is_object($options['timer'])) { $options['timer']->Check("send_page"); } $formatter->write("<!-- wikiContent --></div>\n"); if (!empty($DBInfo->extra_macros) and $formatter->pi['#format'] == $DBInfo->default_markup) { if (!empty($formatter->pi['#nocomment'])) { $options['nocomment'] = 1; $options['notoolbar'] = 1; } $options['mid'] = 'dummy'; echo '<div id="wikiExtra">' . "\n"; $mout = ''; $extra = array(); if (is_array($DBInfo->extra_macros)) { $extra = $DBInfo->extra_macros; } else { $extra[] = $DBInfo->extra_macros; } // XXX if (!empty($formatter->pi['#comment'])) { array_unshift($extra, 'Comment'); } foreach ($extra as $macro) { $mout .= $formatter->macro_repl($macro, '', $options); } echo $formatter->get_javascripts(); echo $mout; echo '</div>' . "\n"; } $args['editable'] = 1; $formatter->send_footer($args, $options); return; } $act = $action; if (!empty($DBInfo->myplugins) and array_key_exists($action, $DBInfo->myplugins)) { $act = $DBInfo->myplugins[$action]; } if ($act) { $options['noindex'] = true; $options['custom'] = ''; $options['help'] = ''; $options['value'] = $value; $a_allow = $DBInfo->security->is_allowed($act, $options); if (!empty($action_mode)) { $myopt = $options; $myopt['explicit'] = 1; $f_allow = $DBInfo->security->is_allowed($full_action, $myopt); # check if hello/ajax is defined or not if ($f_allow === false) { $f_allow = $a_allow; } # follow action permission if it is not defined explicitly. if (!$f_allow) { if ($action_mode == 'ajax') { return ajax_invalid($formatter, array('title' => _("Invalid ajax action."))); } return do_invalid($formatter, array('title' => _("Invalid macro action."))); } } else { if (!$a_allow) { if ($options['custom'] != '' and method_exists($DBInfo->security, $options['custom'])) { $options['action'] = $action; if ($action) { call_user_func(array(&$DBInfo->security, $options['custom']), $formatter, $options); } return; } $msg = sprintf(_("You are not allowed to '%s'"), $action); $formatter->send_header("Status: 406 Not Acceptable", $options); $formatter->send_title($msg, "", $options); if ($options['err']) { $formatter->send_page($options['err']); } if ($options['help'] and method_exists($DBInfo->security, $options['help'])) { echo "<div id='wikiHelper'>"; echo call_user_func(array($DBInfo->security, $options['help']), $formatter, $options); echo "</div>\n"; } $formatter->send_footer('', $options); return; } else { if ($_SERVER['REQUEST_METHOD'] == "POST" and $DBInfo->security->is_protected($act, $options) and !$DBInfo->security->is_valid_password($_POST['passwd'], $options)) { # protect some POST actions and check a password $title = sprintf(_("Fail to \"%s\" !"), $action); $formatter->send_header("", $options); $formatter->send_title($title, "", $options); $formatter->send_page("== " . _("Please enter the valid password") . " =="); $formatter->send_footer("", $options); return; } } } $options['action_mode'] = ''; if (!empty($action_mode) and in_array($action_mode, array('ajax', 'macro'))) { if ($_SERVER['REQUEST_METHOD'] == "POST") { $options = array_merge($_POST, $options); } else { $options = array_merge($_GET, $options); } $options['action_mode'] = $action_mode; if ($action_mode == 'ajax') { $formatter->ajax_repl($action, $options); } else { if (!empty($DBInfo->use_macro_as_action)) { # XXX echo $formatter->macro_repl($action, $options['value'], $options); } else { do_invalid($formatter, $options); } } return; } // is it valid action ? $plugin = $pn = getPlugin($action); if ($plugin === '') { // action not found $plugin = $action; } if (!function_exists("do_post_" . $plugin) and !function_exists("do_" . $plugin) and $pn) { include_once "plugin/{$pn}.php"; } if (function_exists("do_" . $plugin)) { if ($_SERVER['REQUEST_METHOD'] == "POST") { $options = array_merge($_POST, $options); } else { $options = array_merge($_GET, $options); } call_user_func("do_{$plugin}", $formatter, $options); return; } else { if (function_exists("do_post_" . $plugin)) { if ($_SERVER['REQUEST_METHOD'] == "POST") { $options = array_merge($_POST, $options); } else { # do_post_* set some primary variables as $options $options['value'] = isset($_GET['value'][0]) ? $_GET['value'] : ''; } call_user_func("do_post_{$plugin}", $formatter, $options); return; } } do_invalid($formatter, $options); return; } }