function FmtPageList($fmt, $pagename, $opt) { global $GroupPattern, $FmtV, $FPLFunctions; # if (isset($_REQUEST['q']) && $_REQUEST['q']=='') $_REQUEST['q']="''"; $rq = htmlspecialchars(stripmagic(@$_REQUEST['q']), ENT_NOQUOTES); $FmtV['$Needle'] = $opt['o'] . ' ' . $rq; if (preg_match("!^({$GroupPattern}(\\|{$GroupPattern})*)?/!i", $rq, $match)) { $opt['group'] = @$match[1]; $rq = substr($rq, strlen(@$match[1]) + 1); } $opt = array_merge($opt, ParseArgs($opt['o'] . ' ' . $rq), @$_REQUEST); if (@($opt['req'] && !$opt['-'] && !$opt[''] && !$opt['+'] && !$opt['q'])) { return; } $GLOBALS['SearchIncl'] = array_merge((array) @$opt[''], (array) @$opt['+']); $GLOBALS['SearchExcl'] = (array) @$opt['-']; $GLOBALS['SearchGroup'] = @$opt['group']; $matches = array(); $fmtfn = @$FPLFunctions[$opt['fmt']]; if (!function_exists($fmtfn)) { $fmtfn = 'FPLByGroup'; } $out = $fmtfn($pagename, $matches, $opt); $FmtV['$MatchCount'] = count($matches); if ($fmt != '$MatchList') { $FmtV['$MatchList'] = $out; $out = FmtPageName($fmt, $pagename); } if ($out[0] == '<') { return '<div>' . Keep($out) . '</div>'; } PRR(); return $out; }
function HandleCrypt($pagename, $auth='read') { global $ScriptUrl,$HTMLStartFmt,$HTMLEndFmt; PrintFmt($pagename,$HTMLStartFmt); $passwd = stripmagic(@$_POST["passwd"]); echo FmtPageName( "<form action='{\$ScriptUrl}' method='POST'><p> Enter password to encrypt: <input type='text' name='passwd' value='" . PHSC($passwd, ENT_QUOTES) ."' /> <input type='submit' /> <input type='hidden' name='n' value='{\$FullName}' /> <input type='hidden' name='action' value='crypt' /></p></form>", $pagename); if ($passwd) { $crypt = pmcrypt($passwd); echo "<p class='vspace'>Encrypted password = $crypt</p>"; echo "<p class='vspace'>To set a site-wide password, insert the line below in your <i>config.php</i> file, <br />replacing <tt>'type'</tt> with one of <tt>'admin'</tt>, <tt>'read'</tt>, <tt>'edit'</tt>, or <tt>'attr'</tt>. <br />See <a href='$ScriptUrl?n=PmWiki.PasswordsAdmin'>PasswordsAdmin</a> for more details.</p> <pre class='vspace'> \$DefaultPasswords['type']='$crypt';</pre>"; } PrintFmt($pagename,$HTMLEndFmt); }
function FmtPageList($outfmt, $pagename, $opt) { global $GroupPattern, $FmtV, $FPLFormatOpt, $FPLFunctions; # get any form or url-submitted request $rq = htmlspecialchars(stripmagic(@$_REQUEST['q']), ENT_NOQUOTES); # build the search string $FmtV['$Needle'] = $opt['o'] . ' ' . $rq; # Handle "group/" at the beginning of the form-submitted request if (preg_match("!^({$GroupPattern}(\\|{$GroupPattern})*)?/!i", $rq, $match)) { $opt['group'] = @$match[1]; $rq = substr($rq, strlen(@$match[1]) + 1); } # merge markup options with form and url $opt = array_merge($opt, ParseArgs($opt['o'] . ' ' . $rq), @$_REQUEST); # non-posted blank search requests return nothing if (@($opt['req'] && !$opt['-'] && !$opt[''] && !$opt['+'] && !$opt['q'])) { return ''; } # terms and group to be included and excluded $GLOBALS['SearchIncl'] = array_merge((array) @$opt[''], (array) @$opt['+']); $GLOBALS['SearchExcl'] = (array) @$opt['-']; $GLOBALS['SearchGroup'] = @$opt['group']; $fmt = @$opt['fmt']; if (!$fmt) { $fmt = 'default'; } $fmtopt = @$FPLFormatOpt[$fmt]; if (!is_array($fmtopt)) { if ($fmtopt) { $fmtopt = array('fn' => $fmtopt); } elseif (@$FPLFunctions[$fmt]) { $fmtopt = array('fn' => $FPLFunctions[$fmt]); } else { $fmtopt = $FPLFormatOpt['default']; } } $fmtfn = @$fmtopt['fn']; if (!is_callable($fmtfn)) { $fmtfn = $FPLFormatOpt['default']['fn']; } $matches = array(); $opt = array_merge($fmtopt, $opt); $out = $fmtfn($pagename, $matches, $opt); $FmtV['$MatchCount'] = count($matches); if ($outfmt != '$MatchList') { $FmtV['$MatchList'] = $out; $out = FmtPageName($outfmt, $pagename); } $out = preg_replace('/^(<[^>]+>)(.*)/esm', "PSS('\$1').Keep(PSS('\$2'))", $out); return PRR($out); }
function PmWikiAuth($pagename, $level, $authprompt = true, $since = 0) { global $DefaultPasswords, $AllowPassword, $GroupAttributesFmt, $FmtV, $AuthPromptFmt, $PageStartFmt, $PageEndFmt, $AuthId; static $grouppasswd, $authpw; SDV($GroupAttributesFmt, '$Group/GroupAttributes'); SDV($AllowPassword, 'nopass'); $page = ReadPage($pagename, $since); if (!$page) { return false; } $groupattr = FmtPageName($GroupAttributesFmt, $pagename); if (!isset($grouppasswd[$groupattr])) { $grouppasswd[$groupattr] = array(); $gp = ReadPage($groupattr, READPAGE_CURRENT); foreach ($DefaultPasswords as $k => $v) { if (isset($gp["passwd{$k}"])) { $grouppasswd[$groupattr][$k] = explode(' ', $gp["passwd{$k}"]); } } } foreach ($DefaultPasswords as $k => $v) { if (isset($page["passwd{$k}"])) { $passwd[$k] = explode(' ', $page["passwd{$k}"]); $page['=pwsource'][$k] = 'page'; } else { if (isset($grouppasswd[$groupattr][$k])) { $passwd[$k] = $grouppasswd[$groupattr][$k]; $page['=pwsource'][$k] = 'group'; } else { $passwd[$k] = $v; if ($v) { $page['=pwsource'][$k] = 'site'; } } } } $page['=passwd'] = $passwd; if (!isset($authpw)) { $sid = session_id(); @session_start(); if (@$_POST['authpw']) { @$_SESSION['authpw'][$_POST['authpw']]++; } $authpw = array_keys((array) @$_SESSION['authpw']); if (!isset($AuthId)) { $AuthId = @$_SESSION['authid']; } if (!$sid) { session_write_close(); } } foreach ($passwd as $lv => $a) { if (!$a) { $page['=auth'][$lv]++; continue; } foreach ((array) $a as $pwchal) { if ($AuthId && strncmp($pwchal, 'id:', 3) == 0) { $idlist = explode(',', substr($pwchal, 3)); foreach ($idlist as $id) { if ($id == $AuthId || $id == '*') { $page['=auth'][$lv]++; continue 3; } if ($id == "-{$AuthId}") { continue 3; } } } if ($pwchal == '' || crypt($AllowPassword, $pwchal) == $pwchal) { $page['=auth'][$lv]++; continue 2; } foreach ($authpw as $pwresp) { if (crypt($pwresp, $pwchal) == $pwchal) { $page['=auth'][$lv]++; continue 3; } } } } if ($page['=auth']['admin']) { foreach ($passwd as $lv => $a) { $page['=auth'][$lv]++; } } if ($page['=auth'][$level]) { return $page; } if (!$authprompt) { return false; } PCache($pagename, $page); $postvars = ''; foreach ($_POST as $k => $v) { if ($k == 'authpw') { continue; } $v = str_replace('$', '$', htmlspecialchars(stripmagic($v), ENT_COMPAT)); $postvars .= "<input type='hidden' name='{$k}' value=\"{$v}\" />\n"; } $FmtV['$PostVars'] = $postvars; SDV($AuthPromptFmt, array(&$PageStartFmt, "<p><b>Password required</b></p>\n <form name='authform' action='{$_SERVER['REQUEST_URI']}' method='post'>\n Password: <input tabindex='1' type='password' name='authpw' value='' />\n <input type='submit' value='OK' />\$PostVars</form>\n <script language='javascript'><!--\n document.authform.authpw.focus() //--></script>", &$PageEndFmt)); PrintFmt($pagename, $AuthPromptFmt); exit; }
function FmtPageList($fmt, $pagename, $opt) { global $GroupPattern, $SearchPatterns, $FmtV, $FPLFunctions; $opt = array_merge(@$_REQUEST, $opt); if (!$opt['q']) { $opt['q'] = stripmagic(@$_REQUEST['q']); } if (!$opt['q']) { return; } $terms = preg_split('/((?<!\\S)[-+]?[\'"].*?[\'"](?!\\S)|\\S+)/', $opt['q'], -1, PREG_SPLIT_DELIM_CAPTURE | PREG_SPLIT_NO_EMPTY); if (preg_match("!^({$GroupPattern}(\\|{$GroupPattern})*)?/!i", @$terms[0], $match)) { $opt['group'] = @$match[1]; $terms[0] = str_replace(@$match[1] . '/', '', $terms[0]); } $excl = array(); $incl = array(); foreach ($terms as $t) { if (trim($t) == '') { continue; } if (preg_match('/^([^\'":=]*)[:=]([\'"]?)(.*?)\\2$/', $t, $match)) { $opt[$match[1]] = $match[3]; continue; } preg_match('/^([-+]?)([\'"]?)(.+?)\\2$/', $t, $match); if ($match[1] == '-') { $excl[] = $match[3]; } else { $incl[] = $match[3]; } } $show = isset($opt['list']) ? $opt['list'] : 'default'; $pats = (array) @$SearchPatterns[$show]; if (@$opt['group']) { array_unshift($pats, "/^({$opt['group']})\\./i"); } if (@$opt['trail']) { $t = ReadTrail($pagename, $opt['trail']); foreach ($t as $pagefile) { $pagelist[] = $pagefile['pagename']; } } else { $pagelist = ListPages($pats); } $matches = array(); $searchterms = count($excl) + count($incl); foreach ($pagelist as $pagefile) { $page = ReadPage($pagefile); Lock(0); if (!$page) { continue; } if ($searchterms) { $text = $pagefile . "\n" . @$page['text'] . "\n" . @$page['targets']; foreach ($excl as $t) { if (stristr($text, $t)) { continue 2; } } foreach ($incl as $t) { if (!stristr($text, $t)) { continue 2; } } } $matches[] = array('pagename' => $pagefile, 'size' => strlen(@$page['text']), 'author' => @$page['author'], 'time' => $page['time']); } sort($matches); $FmtV['$MatchCount'] = count($matches); $FmtV['$MatchSearched'] = count($pagelist); $FmtV['$Needle'] = $opt['q']; $fmtfn = @$FPLFunctions[$opt['fmt']]; if (!function_exists($fmtfn)) { $fmtfn = 'FPLByGroup'; } $FmtV['$MatchList'] = $fmtfn($pagename, $matches, $opt); return FmtPageName($fmt, $pagename); }
function BasicAuth($pagename, $level, $authprompt = true) { global $DefaultPasswords, $AllowPassword, $GroupAttributesFmt, $SessionAuthFmt, $HTMLStartFmt, $HTMLEndFmt; SDV($GroupAttributesFmt, '$Group/GroupAttributes'); SDV($AllowPassword, 'nopass'); $page = ReadPage($pagename); if (!$page) { return false; } $passwd = @$page["passwd{$level}"]; if ($passwd == "") { $grouppg = ReadPage(FmtPageName($GroupAttributesFmt, $pagename)); $passwd = @$grouppg["passwd{$level}"]; if ($passwd == '') { $passwd = @$DefaultPasswords[$level]; } if ($passwd == '') { $passwd = @$page["passwdread"]; } if ($passwd == '') { $passwd = @$grouppg["passwdread"]; } if ($passwd == '') { $passwd = @$DefaultPasswords['read']; } } if ($passwd == '') { return $page; } foreach ((array) $passwd as $p) { if (crypt($AllowPassword, $p) == $p) { return $page; } } @session_start(); if (@$_POST['authpw']) { @$_SESSION['authpw'][$_POST['authpw']]++; } $authpw = array_keys((array) @$_SESSION['authpw']); foreach (array_merge((array) $DefaultPasswords['admin'], (array) $passwd) as $pwchal) { foreach ($authpw as $pwresp) { if (@crypt($pwresp, $pwchal) == $pwchal) { return $page; } } } if (!$authprompt) { return false; } $postvars = ''; foreach ($_POST as $k => $v) { if ($k == 'authpw') { continue; } $v = str_replace('$', '$', htmlspecialchars(stripmagic($v), ENT_COMPAT)); $postvars .= "<input type='hidden' name='{$k}' value=\"{$v}\" />\n"; } SDV($SessionAuthFmt, array(&$HTMLStartFmt, "<p><b>Password required</b></p>\n <form name='authform' action='{$_SERVER['REQUEST_URI']}' method='post'>\n Password: <input tabindex='1' type='password' name='authpw' value='' />\n <input type='submit' value='OK' />{$postvars}</form>\n <script language='javascript'><!--\n document.authform.authpw.focus() //--></script>", &$HTMLEndFmt)); PrintFmt($pagename, $SessionAuthFmt); exit; }
function RequestArgs($req = NULL) { if (is_null($req)) $req = array_merge($_GET, $_POST); foreach ($req as $k => $v) $req[$k] = stripmagic($req[$k]); return $req; }
function RequestArgs($req = NULL) { if (is_null($req)) { $req = array_merge($_GET, $_POST); } foreach ($req as $k => $v) { if (is_array($v)) { $req[$k] = RequestArgs($v); } else { $req[$k] = stripmagic($req[$k]); } } return $req; }
function HandlePostAttr($pagename, $auth = 'attr') { global $PageAttributes, $EnablePostAttrClearSession; Lock(2); $page = RetrieveAuthPage($pagename, $auth, true); if (!$page) { Abort("?unable to read $pagename"); } foreach($PageAttributes as $attr=>$p) { $v = stripmagic(@$_POST[$attr]); if ($v == '') continue; if ($v=='clear') unset($page[$attr]); else if (strncmp($attr, 'passwd', 6) != 0) $page[$attr] = $v; else { $a = array(); preg_match_all('/"[^"]*"|\'[^\']*\'|\\S+/', $v, $match); foreach($match[0] as $pw) $a[] = preg_match('/^(@|\\w+:)/', $pw) ? $pw : crypt(preg_replace('/^([\'"])(.*)\\1$/', '$2', $pw)); if ($a) $page[$attr] = implode(' ',$a); } } WritePage($pagename,$page); Lock(0); if (IsEnabled($EnablePostAttrClearSession, 1)) { @session_start(); unset($_SESSION['authid']); unset($_SESSION['authlist']); $_SESSION['authpw'] = array(); } Redirect($pagename); exit; }
function HandleEdit($pagename) { global $IsPagePosted, $EditFields, $EditFunctions, $FmtV, $Now, $HandleEditFmt, $PageStartFmt, $PageEditFmt, $PagePreviewFmt, $PageEndFmt; $IsPagePosted = false; Lock(2); $page = RetrieveAuthPage($pagename, 'edit'); if (!$page) { Abort("?cannot edit {$pagename}"); } PCache($pagename, $page); $new = $page; foreach ((array) $EditFields as $k) { if (isset($_POST[$k])) { $new[$k] = str_replace("\r", '', stripmagic($_POST[$k])); } } foreach ((array) $EditFunctions as $fn) { $fn($pagename, $page, $new); } if ($IsPagePosted) { Redirect($pagename); return; } $FmtV['$DiffClassMinor'] = @$_POST['diffclass'] == 'minor' ? "checked='checked'" : ''; $FmtV['$EditText'] = str_replace('$', '$', htmlspecialchars(@$new['text'], ENT_NOQUOTES)); $FmtV['$EditBaseTime'] = $Now; SDV($HandleEditFmt, array(&$PageStartFmt, &$PageEditFmt, &$PagePreviewFmt, &$PageEndFmt)); PrintFmt($pagename, $HandleEditFmt); }
function FmtPageList($fmt, $pagename, $opt) { global $GroupPattern, $SearchPatterns, $FmtV, $FPLFunctions, $EnablePageListProtect; if (isset($_REQUEST['q']) && $_REQUEST['q'] == '') { $_REQUEST['q'] = "''"; } $opt = array_merge($opt, @$_REQUEST); $rq = htmlspecialchars(stripmagic(@$_REQUEST['q']), ENT_NOQUOTES); if (preg_match("!^({$GroupPattern}(\\|{$GroupPattern})*)?/!i", $rq, $match)) { $opt['group'] = @$match[1]; $rq = str_replace(@$match[1] . '/', '', $rq); } $needle = $opt['o'] . ' ' . $rq; $terms = preg_split('/((?<!\\S)[-+]?[\'"].*?[\'"](?!\\S)|\\S+)/', $needle, -1, PREG_SPLIT_DELIM_CAPTURE | PREG_SPLIT_NO_EMPTY); $excl = array(); $incl = array(); foreach ($terms as $t) { if (trim($t) == '') { continue; } if (preg_match('/^([^\'":=]*)[:=]([\'"]?)(.*?)\\2$/', $t, $match)) { $opt[$match[1]] = $match[3]; continue; } preg_match('/^([-+]?)([\'"]?)(.+?)\\2$/', $t, $match); if ($match[1] == '-') { $excl[] = $match[3]; } else { $incl[] = $match[3]; } } if (@$opt['req'] && !$incl && !$excl && !isset($_REQUEST['q'])) { return; } $show = isset($opt['list']) ? $opt['list'] : 'default'; $pats = (array) @$SearchPatterns[$show]; if (@$opt['group']) { array_unshift($pats, "/^({$opt['group']})\\./i"); } if (@$opt['trail']) { $t = ReadTrail($pagename, $opt['trail']); foreach ($t as $pagefile) { $pagelist[] = $pagefile['pagename']; } } else { $pagelist = ListPages($pats); } $matches = array(); $searchterms = count($excl) + count($incl); $plprotect = IsEnabled($EnablePageListProtect, 0); foreach ($pagelist as $pagefile) { if ($plprotect) { $page = RetrieveAuthPage($pagefile, 'read', false); } else { $page = ReadPage($pagefile); } Lock(0); if (!$page) { continue; } if ($searchterms) { $text = $pagefile . "\n" . @$page['text'] . "\n" . @$page['targets']; foreach ($excl as $t) { if (stristr($text, $t)) { continue 2; } } foreach ($incl as $t) { if (!stristr($text, $t)) { continue 2; } } } $matches[] = array('pagename' => $pagefile, 'size' => strlen(@$page['text']), 'author' => @$page['author'], 'time' => $page['time']); } sort($matches); $FmtV['$MatchCount'] = count($matches); $FmtV['$MatchSearched'] = count($pagelist); $FmtV['$Needle'] = $needle; $GLOBALS['SearchIncl'] = $incl; $GLOBALS['SearchExcl'] = $excl; $GLOBALS['SearchGroup'] = @$opt['group']; $fmtfn = @$FPLFunctions[$opt['fmt']]; if (!function_exists($fmtfn)) { $fmtfn = 'FPLByGroup'; } $FmtV['$MatchList'] = $fmtfn($pagename, $matches, $opt); return FmtPageName($fmt, $pagename); }
function HandleEdit($pagename) { global $PageEditFmt,$EditText,$EditFields,$EditFunctions,$IsPagePosted; $page = ReadPage($pagename); $new = $page; foreach((array)$EditFields as $k) if (isset($_POST[$k])) $new[$k]=str_replace("\r",'',stripmagic($_POST[$k])); foreach((array)$EditFunctions as $fn) $fn($pagename,$page,$new); if ($IsPagePosted) { Redirect($pagename); return; } $EditText = htmlspecialchars($new['text'],ENT_NOQUOTES); print FmtPageName($PageEditFmt,$pagename); }
type='hidden' name='action' value='edit' /><input type='hidden' name='n' value='{\$FullName}' /><input type='hidden' name='basetime' value='\$EditBaseTime' />")); SDVA($InputTags['e_textarea'], array( ':html' => "<textarea \$InputFormArgs onkeydown='if (event.keyCode==27) event.returnValue=false;' >\$EditText</textarea>", 'name' => 'text', 'id' => 'text', 'accesskey' => XL('ak_textedit'), 'rows' => XL('e_rows'), 'cols' => XL('e_cols'))); SDVA($InputTags['e_author'], array( ':html' => "<input type='text' \$InputFormArgs />", 'name' => 'author', 'value' => $Author)); SDVA($InputTags['e_changesummary'], array( ':html' => "<input type='text' \$InputFormArgs />", 'name' => 'csum', 'size' => '60', 'maxlength' => '100', 'value' => htmlspecialchars(stripmagic(@$_POST['csum']), ENT_QUOTES))); SDVA($InputTags['e_minorcheckbox'], array( ':html' => "<input type='checkbox' \$InputFormArgs />", 'name' => 'diffclass', 'value' => 'minor')); if (@$_POST['diffclass']=='minor') SDV($InputTags['e_minorcheckbox']['checked'], 'checked'); SDVA($InputTags['e_savebutton'], array( ':html' => "<input type='submit' \$InputFormArgs />", 'name' => 'post', 'value' => ' '.XL('Save').' ', 'accesskey' => XL('ak_save'))); SDVA($InputTags['e_saveeditbutton'], array( ':html' => "<input type='submit' \$InputFormArgs />", 'name' => 'postedit', 'value' => ' '.XL('Save and edit').' ', 'accesskey' => XL('ak_saveedit'))); SDVA($InputTags['e_savedraftbutton'], array(':html' => '')); SDVA($InputTags['e_previewbutton'], array(
function FmtPageList($outfmt, $pagename, $opt) { global $GroupPattern, $FmtV, $PageListArgPattern, $FPLFormatOpt, $FPLFunctions; # get any form or url-submitted request $rq = PHSC(stripmagic(@$_REQUEST['q']), ENT_NOQUOTES); # build the search string $FmtV['$Needle'] = $opt['o'] . ' ' . $rq; # Handle "group/" at the beginning of the form-submitted request if (preg_match("!^($GroupPattern(\\|$GroupPattern)*)?/!i", $rq, $match)) { $opt['group'] = @$match[1]; $rq = substr($rq, strlen(@$match[1])+1); } $opt = array_merge($opt, ParseArgs($opt['o'], $PageListArgPattern)); # merge markup options with form and url if (@$opt['request']) { $cleanrequest = array(); if(@$_REQUEST)foreach($_REQUEST as $k=>$v) $cleanrequest[$k] = stripmagic($v); $opt = array_merge($opt, ParseArgs($rq, $PageListArgPattern), $cleanrequest); } # non-posted blank search requests return nothing if (@($opt['req'] && !$opt['-'] && !$opt[''] && !$opt['+'] && !$opt['q'])) return ''; # terms and group to be included and excluded $GLOBALS['SearchIncl'] = array_merge((array)@$opt[''], (array)@$opt['+']); $GLOBALS['SearchExcl'] = (array)@$opt['-']; $GLOBALS['SearchGroup'] = @$opt['group']; $fmt = @$opt['fmt']; if (!$fmt) $fmt = 'default'; $fmtopt = @$FPLFormatOpt[$fmt]; if (!is_array($fmtopt)) { if ($fmtopt) $fmtopt = array('fn' => $fmtopt); elseif (@$FPLFunctions[$fmt]) $fmtopt = array('fn' => $FPLFunctions[$fmt]); else $fmtopt = $FPLFormatOpt['default']; } $fmtfn = @$fmtopt['fn']; if (!is_callable($fmtfn)) $fmtfn = $FPLFormatOpt['default']['fn']; $matches = array(); $opt = array_merge($fmtopt, $opt); $out = $fmtfn($pagename, $matches, $opt); $FmtV['$MatchCount'] = count($matches); if ($outfmt != '$MatchList') { $FmtV['$MatchList'] = $out; $out = FmtPageName($outfmt, $pagename); } if ($out[0] == '<') $out = Keep($out); return PRR($out); }
function FmtPageList($fmt, $pagename, $opt) { global $GroupPattern, $SearchPatterns, $FmtV, $FPLFunctions, $EnablePageListProtect; if (isset($_REQUEST['q']) && $_REQUEST['q'] == '') { $_REQUEST['q'] = "''"; } $opt = array_merge($opt, @$_REQUEST); $rq = htmlspecialchars(stripmagic(@$_REQUEST['q']), ENT_NOQUOTES); if (preg_match("!^({$GroupPattern}(\\|{$GroupPattern})*)?/!i", $rq, $match)) { $opt['group'] = @$match[1]; $rq = str_replace(@$match[1] . '/', '', $rq); } $needle = $opt['o'] . ' ' . $rq; $opt = array_merge($opt, ParseArgs($needle)); $excl = (array) @$opt['-']; $incl = array_merge((array) @$opt[''], (array) @$opt['+']); if (@$opt['req'] && !$incl && !$excl && !isset($_REQUEST['q'])) { return; } $show = isset($opt['list']) ? $opt['list'] : 'default'; $pats = (array) @$SearchPatterns[$show]; if (@$opt['group']) { array_unshift($pats, "/^({$opt['group']})\\./i"); } if (@$opt['trail']) { $t = ReadTrail($pagename, $opt['trail']); foreach ($t as $pagefile) { $pagelist[] = $pagefile['pagename']; } } else { $pagelist = ListPages($pats); } $matches = array(); $searchterms = count($excl) + count($incl); $plprotect = IsEnabled($EnablePageListProtect, 0); foreach ($pagelist as $pagefile) { if ($plprotect) { $page = RetrieveAuthPage($pagefile, 'read', false, READPAGE_CURRENT); } else { $page = ReadPage($pagefile, READPAGE_CURRENT); } if (!$page) { continue; } if ($searchterms) { $text = $pagefile . "\n" . @$page['text'] . "\n" . @$page['targets']; foreach ($excl as $t) { if (stristr($text, $t)) { continue 2; } } foreach ($incl as $t) { if (!stristr($text, $t)) { continue 2; } } } $matches[] = array('pagename' => $pagefile, 'size' => strlen(@$page['text']), 'author' => @$page['author'], 'time' => $page['time']); } sort($matches); $FmtV['$MatchCount'] = count($matches); $FmtV['$MatchSearched'] = count($pagelist); $FmtV['$Needle'] = $needle; $GLOBALS['SearchIncl'] = $incl; $GLOBALS['SearchExcl'] = $excl; $GLOBALS['SearchGroup'] = @$opt['group']; $fmtfn = @$FPLFunctions[$opt['fmt']]; if (!function_exists($fmtfn)) { $fmtfn = 'FPLByGroup'; } $FmtV['$MatchList'] = $fmtfn($pagename, $matches, $opt); return FmtPageName($fmt, $pagename); }
function TEFormMarkup($pagename, $arg) { global $ExtractFormOpt, $InputValues; $opt = ParseArgs($arg); $PageUrl = PageVar($pagename, '$PageUrl'); $opt = array_merge($ExtractFormOpt, $opt); $opt['action'] = 'search'; $opt['fmt'] = 'extract'; foreach ($opt as $key => $val) { if (!is_array($val)) { if (!isset($InputValues[$key])) { $InputValues[$key] = $opt[$val]; } } } $req = array_merge($_GET, $_POST); foreach ($req as $k => $v) { if (!isset($InputValues[$k])) { $InputValues[$k] = htmlspecialchars(stripmagic($v), ENT_NOQUOTES); } } if (!$InputValues['q']) { $InputValues['q'] = $opt['pattern']; } if (!$InputValues['page']) { $InputValues['page'] = $opt['defaultpage']; } $checkword = $InputValues['word'] ? "checked=1" : ''; $checkcase = $InputValues['case'] ? "checked=1" : ''; $checkregex = $InputValues['regex'] ? "checked=1" : ''; //form $out = "<form class='wikisearch' action='{$PageUrl}' method='post' >"; $out .= "\n<table>"; if ($opt['pattern']) { $out .= "<input type='hidden' name='q' value='{$InputValues['q']}' /> \n"; } else { $out .= "<tr><td>{$opt['searchlabel']} </td><td><input type='{$type1}' name='q' value='{$InputValues['q']}' class='inputbox searchbox' size='{$opt['size']}' /> </td></tr> \n"; } if ($opt['page']) { $out .= "<input type='hidden' name='page' value='{$InputValues['page']}' /> \n"; } else { $out .= "<tr><td>{$opt['pageslabel']} </td><td><input type='text' name='page' value='{$InputValues['page']}' class='inputbox searchbox' size='{$opt['size']}' /> </td></tr> \n"; } if (!$opt['pattern']) { $out .= "<tr><td></td><td><input type='checkbox' name='word' value='1' {$checkword}/> {$opt['wordlabel']}</td></tr>"; $out .= "<tr><td></td><td><input type='checkbox' name='case' value='1' {$checkcase}/> {$opt['caselabel']}</td></tr>"; } if ($opt['regex']) { $out .= "<tr><td></td><td><input type='checkbox' name='regex' value='1' {$checkregex}/> {$opt['regexlabel']}</td></tr>"; } $out .= "<tr><td></td><td> <input type='submit' class='inputbutton searchbutton' value='{$opt['button']}' /></td></tr></table> \n"; foreach ($opt as $k => $v) { if ($v == '' || is_array($v)) { continue; } if (in_array($k, array('pattern', 'page', 'defaultpage', 'q', 'label', 'value', 'size', 'searchlabel', 'pageslabel', 'wordlabel', 'caselabel', 'regexlabel', 'regex'))) { continue; } $k = str_replace("'", "'", $k); $v = str_replace("'", "'", $v); $out .= "\n<input type='hidden' name='" . $k . "' value='" . $v . "' />"; } $out .= "</form>"; return Keep($out); }
function InputDefault($pagename, $type, $args) { global $InputValues, $PageTextVarPatterns; $args = ParseArgs($args); $args[''] = (array) @$args['']; $name = isset($args['name']) ? $args['name'] : array_shift($args['']); $name = str_replace('/^\\$:/', 'ptv_', $name); $value = isset($args['value']) ? $args['value'] : array_shift($args['']); if (!isset($InputValues[$name])) { $InputValues[$name] = $value; } if (@$args['request']) { $req = array_merge($_GET, $_POST); foreach ($req as $k => $v) { if (!isset($InputValues[$k])) { $InputValues[$k] = htmlspecialchars(stripmagic($v), ENT_NOQUOTES); } } } if (@$args['source']) { $source = MakePageName($pagename, $args['source']); $page = RetrieveAuthPage($source, 'read', false, READPAGE_CURRENT); if ($page) { foreach ((array) $PageTextVarPatterns as $pat) { if (preg_match_all($pat, $page['text'], $match, PREG_SET_ORDER)) { foreach ($match as $m) { if (!isset($InputValues['ptv_' . $m[1]])) { $InputValues['ptv_' . $m[1]] = htmlspecialchars(Qualify($source, $m[2]), ENT_NOQUOTES); } } } } } } return ''; }
## We don't bother to load it if we're not editing. if ($action != 'edit') { return; } SDV($PageEditForm, '$SiteGroup.EditForm'); SDV($PageEditFmt, '$EditForm'); if (@$_REQUEST['editform']) { $PageEditForm = $_REQUEST['editform']; $PageEditFmt = '$EditForm'; } $Conditions['e_preview'] = '(boolean)$_POST["preview"]'; XLSDV('en', array('ak_save' => 's', 'ak_saveedit' => 'u', 'ak_preview' => 'p', 'ak_textedit' => ',', 'e_rows' => '25', 'e_cols' => '60')); # (:e_preview:) displays the preview of formatted text. Markup('e_preview', 'directives', '/^\\(:e_preview:\\)/e', "Keep(\$GLOBALS['FmtV']['\$PreviewText'])"); # If we didn't load guiedit.php, then set (:e_guibuttons:) to # simply be empty. Markup('e_guibuttons', 'directives', '/\\(:e_guibuttons:\\)/', ''); SDVA($InputTags['e_form'], array(':html' => "<form action='{\$PageUrl}?action=edit' method='post'><input \n type='hidden' name='action' value='edit' /><input \n type='hidden' name='n' value='{\$FullName}' /><input \n type='hidden' name='basetime' value='\$EditBaseTime' />")); SDVA($InputTags['e_textarea'], array(':html' => "<textarea \$InputFormArgs \n onkeydown='if (event.keyCode==27) event.returnValue=false;' \n >\$EditText</textarea>", 'name' => 'text', 'id' => 'text', 'accesskey' => XL('ak_textedit'), 'rows' => XL('e_rows'), 'cols' => XL('e_cols'))); SDVA($InputTags['e_author'], array(':html' => "<input type='text' \$InputFormArgs />", 'name' => 'author', 'value' => $Author)); SDVA($InputTags['e_changesummary'], array(':html' => "<input type='text' \$InputFormArgs />", 'name' => 'csum', 'size' => '60', 'maxlength' => '100', 'value' => htmlspecialchars(stripmagic(@$_POST['csum']), ENT_QUOTES))); SDVA($InputTags['e_minorcheckbox'], array(':html' => "<input type='checkbox' \$InputFormArgs />", 'name' => 'diffclass', 'value' => 'minor')); if (@$_POST['diffclass'] == 'minor') { SDV($InputTags['e_minorcheckbox']['checked'], 'checked'); } SDVA($InputTags['e_savebutton'], array(':html' => "<input type='submit' \$InputFormArgs />", 'name' => 'post', 'value' => ' ' . XL('Save') . ' ', 'accesskey' => XL('ak_save'))); SDVA($InputTags['e_saveeditbutton'], array(':html' => "<input type='submit' \$InputFormArgs />", 'name' => 'postedit', 'value' => ' ' . XL('Save and edit') . ' ', 'accesskey' => XL('ak_saveedit'))); SDVA($InputTags['e_savedraftbutton'], array(':html' => '')); SDVA($InputTags['e_previewbutton'], array(':html' => "<input type='submit' \$InputFormArgs />", 'name' => 'preview', 'value' => ' ' . XL('Preview') . ' ', 'accesskey' => XL('ak_preview'))); SDVA($InputTags['e_cancelbutton'], array(':html' => "<input type='submit' \$InputFormArgs />", 'name' => 'cancel', 'value' => ' ' . XL('Cancel') . ' ')); SDVA($InputTags['e_resetbutton'], array(':html' => "<input type='reset' \$InputFormArgs />", 'value' => ' ' . XL('Reset') . ' '));
To configure a .htpasswd-formatted file for authentication, do $AuthUser['htpasswd'] = '/path/to/.htpasswd'; prior to including this script. Individual username/password combinations can also be placed directly in the $AuthUser array, such as: $AuthUser['pmichaud'] = crypt('secret'); To authenticate against an LDAP server, put the url for the server in $AuthUser['ldap'], as in: $AuthUser['ldap'] = 'ldap://ldap.example.com/ou=People,o=example?uid'; */ # let Site.AuthForm know that we're doing user-based authorization $EnableAuthUser = 1; if (@$_POST['authid']) { AuthUserId($pagename, stripmagic(@$_POST['authid']), stripmagic(@$_POST['authpw'])); } else { SessionAuth($pagename); } function AuthUserId($pagename, $id, $pw = NULL) { global $AuthUser, $AuthUserPageFmt, $AuthUserFunctions, $AuthId, $MessagesFmt; foreach ((array) $AuthUser as $k => $v) { $auth[$k] = (array) $v; } $authid = ''; # load information from Site.AuthUser (or page in $AuthUserPageFmt) SDV($AuthUserPageFmt, '$SiteGroup.AuthUser'); SDVA($AuthUserFunctions, array('htpasswd' => 'AuthUserHtPasswd', 'ldap' => 'AuthUserLDAP', $id => 'AuthUserConfig')); $pn = FmtPageName($AuthUserPageFmt, $pagename); $apage = ReadPage($pn, READPAGE_CURRENT);
function QualifyUnqualifiedLinks($ngroup, $ogroup, $link) { global $GroupPattern, $WikiWordPattern; $link = htmlentities(stripmagic($link)); if (preg_match("/^\\[[=@]/", $link)) { return $link; } preg_match("/^(\\[\\[(.*?)\\]\\])|([`:\\/\$])?\\b(({$GroupPattern}([\\/.]))?{$WikiWordPattern})\$/", $link, $m); return $m[0][0] == '[' ? '[[' . QualifyFLink($ngroup, $ogroup, $m[2]) . ']]' : QualifyWLink($ngroup, $ogroup, $m[3], $m[4]); }
by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. See pmwiki.php for full details. This script handles author tracking. */ SDV($AuthorCookieExpires, $Now + 60 * 60 * 24 * 30); SDV($AuthorCookieDir, '/'); SDV($AuthorGroup, 'Profiles'); SDV($AuthorRequiredFmt, "<h3 class='wikimessage'>\$[An author name is required.]</h3>"); Markup('[[~', '<[[', '/\\[\\[~(.*?)\\]\\]/', "[[{$AuthorGroup}/\$1]]"); if (!isset($Author)) { if (isset($_POST['author'])) { $Author = htmlspecialchars(stripmagic($_POST['author']), ENT_QUOTES); setcookie('author', $Author, $AuthorCookieExpires, $AuthorCookieDir); } else { $Author = htmlspecialchars(stripmagic(@$_COOKIE['author']), ENT_QUOTES); } $Author = preg_replace('/(^[^[:alpha:]]+)|[^-\\w ]/', '', $Author); } if (!isset($AuthorPage)) { $AuthorPage = FmtPageName('$AuthorGroup/$Name', MakePageName($pagename, $Author)); } SDV($AuthorLink, $Author ? "[[~{$Author}]]" : '?'); if (IsEnabled($EnableAuthorSignature, 1)) { $ROSPatterns['/~~~~/'] = '[[~$Author]] $CurrentTime'; $ROSPatterns['/~~~/'] = '[[~$Author]]'; Markup('~~~~', '<links', '/~~~~/', "[[~{$Author}]] {$CurrentTime}"); Markup('~~~', '>~~~~', '/~~~/', "[[~{$Author}]]"); } if (IsEnabled($EnablePostAuthorRequired, 0)) { array_unshift($EditFunctions, 'RequireAuthor');
This script handles author tracking. */ SDV($AuthorNameChars, "- '\\w\\x80-\\xff"); SDV($AuthorCookie, $CookiePrefix . 'author'); SDV($AuthorCookieExpires, $Now + 60 * 60 * 24 * 30); SDV($AuthorCookieDir, '/'); SDV($AuthorGroup, 'Profiles'); SDV($AuthorRequiredFmt, "<h3 class='wikimessage'>\$[An author name is required.]</h3>"); Markup('[[~', '<[[', '/\\[\\[~(.*?)\\]\\]/', "[[{$AuthorGroup}/\$1]]"); $LogoutCookies[] = $AuthorCookie; if (!isset($Author)) { if (isset($_POST['author'])) { $x = stripmagic($_POST['author']); setcookie($AuthorCookie, $x, $AuthorCookieExpires, $AuthorCookieDir); } elseif (@$_COOKIE[$AuthorCookie]) { $x = stripmagic(@$_COOKIE[$AuthorCookie]); } else { $x = @$AuthId; } $Author = htmlspecialchars(preg_replace("/[^{$AuthorNameChars}]/", '', $x), ENT_QUOTES); } if (!isset($AuthorPage)) { $AuthorPage = FmtPageName('$AuthorGroup/$Name', MakePageName($pagename, $Author)); } SDV($AuthorLink, $Author ? "[[~{$Author}]]" : '?'); if (IsEnabled($EnableAuthorSignature, 1)) { $ROSPatterns['/(?<!~)~~~~(?!~)/'] = '[[~$Author]] $CurrentTime'; $ROSPatterns['/(?<!~)~~~(?!~)/'] = '[[~$Author]]'; Markup('~~~~', '<links', '/(?<!~)~~~~(?!~)/', "[[~{$Author}]] {$CurrentTime}"); Markup('~~~', '>~~~~', '/(?<!~)~~~(?!~)/', "[[~{$Author}]]"); }
Individual username/password combinations can also be placed directly in the $AuthUser array, such as: $AuthUser['pmichaud'] = crypt('secret'); To authenticate against an LDAP server, put the url for the server in $AuthUser['ldap'], as in: $AuthUser['ldap'] = 'ldap://ldap.example.com/ou=People,o=example?uid'; */ # let Site.AuthForm know that we're doing user-based authorization $EnableAuthUser = 1; if (@$_POST['authid']) AuthUserId($pagename, stripmagic(@$_POST['authid']), stripmagic(@$_POST['authpw'])); else SessionAuth($pagename); function AuthUserId($pagename, $id, $pw=NULL) { global $AuthUser, $AuthUserPageFmt, $AuthUserFunctions, $AuthId, $MessagesFmt; $auth = array(); foreach((array)$AuthUser as $k=>$v) $auth[$k] = (array)$v; $authid = ''; # load information from SiteAdmin.AuthUser (or page in $AuthUserPageFmt) SDV($AuthUserPageFmt, '$SiteAdminGroup.AuthUser'); SDVA($AuthUserFunctions, array( 'htpasswd' => 'AuthUserHtPasswd', 'ldap' => 'AuthUserLDAP',
``` {(CODE)} == Rendered HTML == ''' <div class='demo'> {(HTML)} ''' </div> % </div class=body> ''' </div> EOF; # create the form page $x = new T2T($page); # change the %%mtime $x->mtime = filemtime(__FILE__); $x->go(); $html = $x->fullhtml; # for including in an HTML page: $html = $x->bodyhtml; # for a complete HTML page: $html = $x->fullhtml; $search = array('{(CODE)}', '{(HTML)}', '{(TEXT)}'); $replace = array("The result will appear here.", "The result will appear here.", ''); if (@$_POST['text']) { $text = stripmagic($_POST['text']); $z = new T2T($text); $z->go(); $fullhtml = $z->fullhtml; $onlybody = $z->bodyhtml; $replace = array(htmlspecialchars($fullhtml), $onlybody, htmlspecialchars($text)); } $html = str_replace($search, $replace, $html); echo $html;