function HandleThumbShoePostRename($pagename, $auth = 'edit')
{
global $WikiLibDirs;
global $ThumbShoePageSep;
global $HandleAuth, $UploadFileFmt, $LastModFile, $TimeFmt;
$newname = $_REQUEST['newname'];
if ($newname == '') {
Abort("?no new image name");
}
$newname = str_replace('.', '_', $newname);
$newpage = $_REQUEST['newpage'];
if ($newpage == '') {
Abort("?no new image page");
}
$newimgpage = $newpage . $ThumbShoePageSep . $newname;
$tsdir = '';
foreach ((array) $WikiLibDirs as $dir) {
if ($dir->exists($pagename) and $dir->iswrite) {
$tsdir = $dir;
break;
}
}
if (!$tsdir) {
Abort("Cannot rename {$pagename} to {$newimgpage}; cannot find page");
return;
}
## check authorization
if (!RetrieveAuthPage($newimgpage, $auth, TRUE, READPAGE_CURRENT)) {
Abort("?cannot rename image page from {$pagename} to {$newimgpage}");
}
$newnewpage = @$tsdir->rename($pagename, $newimgpage);
if ($newnewpage) {
Redirect($newnewpage);
}
}
function HandleRecipeCheck($pagename, $auth = 'admin')
{
global $RecipeListUrl, $Version, $RecipeInfo, $RecipeCheckFmt, $PageStartFmt, $PageEndFmt;
$page = RetrieveAuthPage($pagename, $auth, true, READPAGE_CURRENT);
if (!$page) {
Abort('?admin access required');
}
$cvinfo = GetRecipeList($RecipeListUrl);
if (!$cvinfo) {
$msg = "Unable to retrieve cookbook data from {$RecipeListUrl}\n";
$allow_url_fopen = ini_get('allow_url_fopen');
if (!$allow_url_fopen) {
$msg .= "\n <br /><br />It appears that your PHP environment isn't allowing\n the recipelist to be downloaded from pmwiki.org \n (allow_url_fopen = {$allow_url_fopen}).";
}
Abort($msg);
}
$rinfo['PmWiki:Upgrades'] = $Version;
ScanRecipeInfo('cookbook', $cvinfo);
foreach ((array) $RecipeInfo as $r => $v) {
if (!@$v['Version']) {
continue;
}
$r = preg_replace('/^(?!PmWiki:)(Cookbook[.:])?/', 'Cookbook:', $r);
$rinfo[$r] = $v['Version'];
}
$markup = "!!Recipe status for {\$PageUrl}\n" . RecipeTable($rinfo, $cvinfo);
$html = MarkupToHTML($pagename, $markup);
SDV($RecipeCheckFmt, array(&$PageStartFmt, $html, &$PageEndFmt));
PrintFmt($pagename, $RecipeCheckFmt);
}
function ThumbShoeHandleDelete($pagename, $auth = 'delete')
{
global $WikiLibDirs, $WikiDir, $LastModFile;
$page = RetrieveAuthPage($pagename, $auth, true, READPAGE_CURRENT);
if (!$page) {
Abort("?cannot delete {$pagename}");
return;
}
$deleted = false;
foreach ((array) $WikiLibDirs as $dir) {
if ($dir->exists($pagename) and $dir->iswrite) {
$dir->delete($pagename);
$deleted = true;
break;
}
}
if (!$deleted) {
// look in the default WikiDir
if ($WikiDir->exists($pagename)) {
$WikiDir->delete($pagename);
$deleted = true;
}
}
if ($deleted && $LastModFile) {
touch($LastModFile);
fixperms($LastModFile);
}
Redirect($pagename);
exit;
}
function HandlePostUpload($pagename)
{
global $UploadVerifyFunction, $UploadFileFmt, $LastModFile;
$page = RetrieveAuthPage($pagename, 'upload');
if (!$page) {
Abort("?cannot upload to {$pagename}");
}
$uploadfile = $_FILES['uploadfile'];
$upname = $_REQUEST['upname'];
if ($upname == '') {
$upname = $uploadfile['name'];
}
$upname = MakeUploadName($pagename, $upname);
if (!function_exists($UploadVerifyFunction)) {
Abort('?no UploadVerifyFunction available');
}
$filepath = FmtPageName("{$UploadFileFmt}/{$upname}", $pagename);
$result = $UploadVerifyFunction($pagename, $uploadfile, $filepath);
if ($result == '') {
$filedir = preg_replace('#/[^/]*$#', '', $filepath);
mkdirp($filedir);
if (!move_uploaded_file($uploadfile['tmp_name'], $filepath)) {
Abort("?cannot move uploaded file to {$filepath}");
return;
}
fixperms($filepath);
if ($LastModFile) {
touch($LastModFile);
fixperms($LastModFile);
}
$result = "upresult=success";
}
Redirect($pagename, "\$PageUrl?action=upload&upname={$upname}&{$result}");
}
/**
* Fetch the projects page and pass of the parsing to the projects lib.
*/
function loadProjects()
{
$projectsPage = @RetrieveAuthPage('Projects.Featured', 'read', false, READPAGE_CURRENT);
if (!$projectsPage || !is_array($projectsPage) || !isset($projectsPage['text'])) {
return "No projects";
}
return parseProjects($projectsPage['text']);
}
function RetrievePageMarkup($pagelist)
{
foreach ($pagelist as $p) {
if (PageExists($p)) {
$page = RetrieveAuthPage($p, 'read', false, READPAGE_CURRENT);
return array($page['text'], $page['title']);
break;
}
}
return null;
}
function HandleGuestDelete($pagename, $auth)
{
global $WikiDir, $LastModFile;
$page = RetrieveAuthPage($pagename, $auth, true, READPAGE_CURRENT);
if (!$page) {
Abort("?cannot delete {$pagename}");
return;
}
$WikiDir->delete($pagename);
if ($LastModFile) {
touch($LastModFile);
fixperms($LastModFile);
}
Redirect(substr($pagename, 0, strlen($pagename) - 22));
}
function WikiGalleryThumbnail($pagename, $auth = "read")
{
global $WikiGallery_UseAuthorization, $WikiGalleryThumbProviders, $WikiGallery_DefaultGroup;
// get filename
if (!isset($_GET["image"])) {
Abort('no image given');
}
if (!isset($_GET["group"])) {
$group = $WikiGallery_DefaultGroup;
} else {
$group = $_GET["group"];
}
$path = WikiGallerySecurePath(urldecode($_GET["image"]));
// group exists?
if (!isset($WikiGalleryThumbProviders[$group])) {
Abort("Invalid gallery group \"{$group}\" given");
}
$provider =& $WikiGalleryThumbProviders[$group];
// get size
$width = intval(@$_GET["width"]);
$height = intval(@$_GET["height"]);
if ($width < 0 || $width > 1600) {
$width = 0;
}
if ($height < 0 || $height > 1200) {
$height = 0;
}
$resizeMode = urldecode(@$_GET["mode"]);
// check authorization
$pagename = fileNameToPageName($path);
if ($WikiGallery_UseAuthorization) {
$page = RetrieveAuthPage($pagename, $auth, true, READPAGE_CURRENT);
if (!$page) {
Abort('?cannot read $pagename');
}
PCache($pagename, $page);
}
// get image
$provider->thumb($path, $width, $height, $resizeMode);
exit;
}
function HandleApprove($pagename)
{
global $ApproveUrlPattern, $WhiteUrlPatterns, $ApprovedUrlPagesFmt, $action;
Lock(2);
$page = ReadPage($pagename);
$text = preg_replace('/[()]/', '', $page['text']);
preg_match_all("/{$ApproveUrlPattern}/", $text, $match);
ReadApprovedUrls($pagename);
$addpat = array();
foreach ($match[0] as $a) {
foreach ((array) $WhiteUrlPatterns as $pat) {
if (preg_match("!^{$pat}(/|\$)!", $a)) {
continue 2;
}
}
if ($action == 'approvesites') {
$a = preg_replace("!^([^:]+://[^/]+).*\$!", '$1', $a);
}
$addpat[] = $a;
}
if (count($addpat) > 0) {
$aname = FmtPageName($ApprovedUrlPagesFmt[0], $pagename);
$apage = RetrieveAuthPage($aname, 'edit');
if (!$apage) {
Abort("?cannot edit {$aname}");
}
$new = $apage;
if (substr($new['text'], -1, 1) != "\n") {
$new['text'] .= "\n";
}
foreach ($addpat as $pat) {
$new['text'] .= " {$pat}\n";
}
$_REQUEST['post'] = 'y';
PostPage($aname, $apage, $new);
}
Redirect($pagename);
}
function HandleUpgrade($pagename, $auth = 'ALWAYS') {
global $SiteGroup, $SiteAdminGroup, $StatusPageName, $ScriptUrl,
$AuthUserPageFmt, $VersionNum, $Version;
StopWatch('HandleUpgrade: begin');
$message = '';
$done = '';
## check for Site.* --> SiteAdmin.*
foreach(array('AuthUser', 'NotifyList', 'Blocklist', 'ApprovedUrls') as $n) {
$n0 = "$SiteGroup.$n"; $n1 = "$SiteAdminGroup.$n";
StopWatch("HandleUpgrade: checking $n0 -> $n1");
## checking AuthUser is special, because Site.AuthUser comes with the
## distribution.
if ($n == 'AuthUser') {
## if we already have a user-modified SiteAdmin.AuthUser, we can skip
SDV($AuthUserPageFmt, '$SiteAdminGroup.AuthUser');
$n1 = FmtPageName($AuthUserPageFmt, $pagename);
$page = ReadPage($n1, READPAGE_CURRENT);
if (@$page['time'] > 1000000000) continue;
## if there's not a user-modified Site.AuthUser, we can skip
$page = ReadPage($n0, READPAGE_CURRENT);
if (@$page['time'] == 1000000000) continue;
} else if (!PageExists($n0) || PageExists($n1)) continue;
if (@$_REQUEST['migrate'] == 'yes') {
## if the admin wants PmWiki to migrate, do it.
$page = RetrieveAuthPage($n0, 'admin', true);
StopWatch("HandleUpgrade: copying $n0 -> $n1");
if ($page) {
WritePage($n1, $page);
$done .= "<li>Copied $n0 to $n1</li>";
continue;
}
}
$message .= "<li>$n0 -> $n1</li>";
}
if ($message) {
$migrateurl = "$ScriptUrl?action=upgrade&migrate=yes";
$infourl = 'http://www.pmwiki.org/wiki/PmWiki/UpgradeToSiteAdmin';
$message =
"<h2>Upgrade notice -- SiteAdmin group</h2>
<p>This version of PmWiki expects several administrative pages
from the <em>Site</em> group to be found in a new <em>SiteAdmin</em> group.
On this site, the following pages appear to need to be relocated:</p>
<ul>$message</ul>
<p>For more information about this change, including the various
options for proceeding, see</p>
<blockquote><a target='_blank' href='$infourl'>$infourl</a></blockquote>
<form action='$ScriptUrl' method='post'>
<p>If you would like PmWiki to attempt to automatically copy
these pages into their new <br /> locations for you, try
<input type='hidden' name='action' value='upgrade' />
<input type='hidden' name='migrate' value='yes' />
<input type='submit' value='Relocate pages listed above' />
(admin password required) </p>
</form>
<p>If you want to configure PmWiki so that it continues to
look for the above pages in <em>$SiteGroup</em>, add the
following line near the top of <em>local/config.php</em>:</p>
<blockquote><pre>\$SiteAdminGroup = \$SiteGroup;</pre></blockquote>
$Version
";
print $message;
exit;
}
StopWatch("UpgradeCheck: writing $StatusPageName");
Lock(2);
SDV($StatusPageName, "$SiteAdminGroup.Status");
$page = ReadPage($StatusPageName);
$page['updatedto'] = $VersionNum;
WritePage($StatusPageName, $page);
if ($done) {
$done .= "<li>Updated $StatusPageName</li>";
echo "<h2>Upgrade to $Version ... ok</h2><ul>$done</ul>";
$GLOBALS['EnableRedirect'] = 0;
}
Redirect($pagename);
}
function HandleFeed($pagename, $auth = 'read')
{
global $FeedFmt, $action, $PCache, $FmtV, $ISOTimeFmt, $RSSTimeFmt, $FeedOpt, $FeedDescPatterns, $CategoryGroup, $EntitiesTable;
SDV($ISOTimeFmt, '%Y-%m-%dT%H:%M:%SZ');
SDV($RSSTimeFmt, 'D, d M Y H:i:s \\G\\M\\T');
SDV($FeedDescPatterns, array('/<[^>]*$/' => ' ', '/\\w+$/' => '', '/<[^>]+>/' => ''));
SDVA($FeedCategoryOpt, array('link' => $pagename, 'readf' => 1));
SDVA($FeedTrailOpt, array('trail' => $pagename, 'count' => 10, 'readf' => 1));
$f = $FeedFmt[$action];
$page = RetrieveAuthPage($pagename, $auth, true, READPAGE_CURRENT);
if (!$page) {
Abort("?cannot generate feed");
}
$feedtime = $page['time'];
# determine list of pages to display
if (@($_REQUEST['trail'] || $_REQUEST['group'] || $_REQUEST['link'])) {
$opt['readf'] = 1;
} else {
if ($action == 'dc') {
$opt = array();
} else {
if (preg_match("/^{$CategoryGroup}\\./", $pagename)) {
$opt = $FeedCategoryOpt;
} else {
$opt = $FeedTrailOpt;
}
}
}
if (!$opt) {
PCache($pagename, $page);
$pagelist = array(&$PCache[$pagename]);
} else {
$opt = array_merge($opt, @$_REQUEST);
$pagelist = MakePageList($pagename, $opt);
}
# process list of pages in feed
$rdfseq = '';
foreach ($pagelist as $page) {
$pn = $page['name'];
if (!PageExists($pn)) {
continue;
}
$pl[] = $pn;
if (@$opt['count'] && count($pl) >= $opt['count']) {
break;
}
$rdfseq .= FmtPageName("<rdf:li resource=\"\$PageUrl\" />\n", $pn);
if ($page['time'] > $feedtime) {
$feedtime = $page['time'];
}
}
$pagelist = $pl;
$FmtV['$FeedRDFSeq'] = $rdfseq;
$FmtV['$FeedISOTime'] = gmstrftime($ISOTimeFmt, $feedtime);
$FmtV['$FeedRSSTime'] = gmdate($RSSTimeFmt, $feedtime);
# format start of feed
$out = FmtPageName($f['feed']['_start'], $pagename);
# format feed elements
foreach ($f['feed'] as $k => $v) {
if ($k[0] == '_' || !$v) {
continue;
}
$x = FmtPageName($v, $pagename);
if (!$x) {
continue;
}
$out .= $v[0] == '<' ? $x : "<{$k}>{$x}</{$k}>\n";
}
# format items in feed
if (@$f['feed']['_items']) {
$out .= FmtPageName($f['feed']['_items'], $pagename);
}
foreach ($pagelist as $pn) {
$page =& $PCache[$pn];
$FmtV['$ItemDesc'] = @$page['description'] ? $page['description'] : trim(preg_replace(array_keys($FeedDescPatterns), array_values($FeedDescPatterns), @$page['excerpt']));
$FmtV['$ItemISOTime'] = gmstrftime($ISOTimeFmt, $page['time']);
$out .= FmtPageName($f['item']['_start'], $pn);
foreach ((array) @$f['item'] as $k => $v) {
if ($k[0] == '_' || !$v) {
continue;
}
if (is_callable($v)) {
$out .= $v($pn, $page, $k);
continue;
}
if (strpos($v, '$LastModifiedBy') !== false && !@$page['author']) {
continue;
}
if (strpos($v, '$Category') !== false) {
if (preg_match_all("/(?<=^|,){$CategoryGroup}\\.([^,]+)/", @$page['targets'], $match)) {
foreach ($match[1] as $c) {
$FmtV['$Category'] = $c;
$out .= FmtPageName($v, $pn);
}
}
continue;
}
$x = FmtPageName($v, $pn);
if (!$x) {
continue;
}
$out .= $v[0] == '<' ? $x : "<{$k}>{$x}</{$k}>\n";
}
$out .= FmtPageName($f['item']['_end'], $pn);
}
$out .= FmtPageName($f['feed']['_end'], $pagename);
foreach ((array) @$f['feed']['_header'] as $fmt) {
header(FmtPageName($fmt, $pagename));
}
print str_replace(array_keys($EntitiesTable), array_values($EntitiesTable), $out);
}
function HandleDiff($pagename, $auth = 'read')
{
global $HandleDiffFmt, $PageStartFmt, $PageDiffFmt, $PageEndFmt;
$page = RetrieveAuthPage($pagename, $auth, true);
if (!$page) {
Abort("?cannot diff {$pagename}");
}
PCache($pagename, $page);
SDV($HandleDiffFmt, array(&$PageStartFmt, &$PageDiffFmt, "<div id='wikidiff'>", 'function:PrintDiff', '</div>', &$PageEndFmt));
PrintFmt($pagename, $HandleDiffFmt);
}
function HandlePostAttr($pagename)
{
global $PageAttributes, $EnablePostAttrClearSession;
Lock(2);
$page = RetrieveAuthPage($pagename, 'attr', true, READPAGE_CURRENT);
if (!$page) {
Abort("?unable to read {$pagename}");
}
foreach ($PageAttributes as $attr => $p) {
$v = @$_POST[$attr];
if ($v == '') {
continue;
}
if ($v == 'clear') {
unset($page[$attr]);
} else {
if (strncmp($attr, 'passwd', 6) != 0) {
$page[$attr] = $v;
} else {
$a = array();
foreach (preg_split('/\\s+/', $v, -1, PREG_SPLIT_NO_EMPTY) as $pw) {
$a[] = preg_match('/^\\w+:/', $pw) ? $pw : crypt($pw);
}
if ($a) {
$page[$attr] = implode(' ', $a);
}
}
}
}
WritePage($pagename, $page);
Lock(0);
if (IsEnabled($EnablePostAttrClearSession, 1)) {
@session_start();
unset($_SESSION['authid']);
$_SESSION['authpw'] = array();
}
Redirect($pagename);
exit;
}
function HandlePostAttr($pagename, $auth = 'attr')
{
global $PageAttributes, $EnablePostAttrClearSession;
Lock(2);
$page = RetrieveAuthPage($pagename, $auth, true);
if (!$page) {
Abort("?unable to read {$pagename}");
}
foreach ($PageAttributes as $attr => $p) {
$v = stripmagic(@$_POST[$attr]);
if ($v == '') {
continue;
}
if ($v == 'clear') {
unset($page[$attr]);
} else {
if (strncmp($attr, 'passwd', 6) != 0) {
$page[$attr] = $v;
} else {
$a = array();
preg_match_all('/"[^"]*"|\'[^\']*\'|\\S+/', $v, $match);
foreach ($match[0] as $pw) {
$a[] = preg_match('/^\\w+:/', $pw) ? $pw : crypt(preg_replace('/^([\'"])(.*)\\1$/', '$2', $pw));
}
if ($a) {
$page[$attr] = implode(' ', $a);
}
}
}
}
WritePage($pagename, $page);
Lock(0);
if (IsEnabled($EnablePostAttrClearSession, 1)) {
@session_start();
unset($_SESSION['authid']);
$_SESSION['authpw'] = array();
}
Redirect($pagename);
exit;
}
function HandleSearchA($pagename, $level = 'read') {
global $PageSearchForm, $FmtV, $HandleSearchFmt,
$PageStartFmt, $PageEndFmt;
SDV($HandleSearchFmt,array(&$PageStartFmt, '$PageText', &$PageEndFmt));
SDV($PageSearchForm, '$[{$SiteGroup}/Search]');
$form = RetrieveAuthPage($pagename, $level, true, READPAGE_CURRENT);
if (!$form) Abort("?unable to read $pagename");
PCache($pagename, $form);
$text = preg_replace('/\\[([=@])(.*?)\\1\\]/s', ' ', @$form['text']);
if (!preg_match('/\\(:searchresults(\\s.*?)?:\\)/', $text))
foreach((array)$PageSearchForm as $formfmt) {
$form = ReadPage(FmtPageName($formfmt, $pagename), READPAGE_CURRENT);
if ($form['text']) break;
}
$text = @$form['text'];
if (!$text) $text = '(:searchresults:)';
$FmtV['$PageText'] = MarkupToHTML($pagename,$text);
PrintFmt($pagename, $HandleSearchFmt);
}
function MakePageList($pagename, $opt)
{
global $MakePageListOpt, $SearchPatterns, $EnablePageListProtect, $PCache, $FmtV;
StopWatch('MakePageList begin');
SDVA($MakePageListOpt, array('list' => 'default'));
$opt = array_merge($MakePageListOpt, $opt);
$readf = $opt['readf'];
# we have to read the page if order= is anything but name
$order = $opt['order'];
$readf |= $order && $order != 'name' && $order != '-name';
$pats = (array) $SearchPatterns[$opt['list']];
if ($opt['group']) {
array_unshift($pats, "/^({$opt['group']})\\./i");
}
# inclp/exclp contain words to be included/excluded.
$inclp = array();
$exclp = array();
foreach ((array) @$opt[''] as $i) {
$inclp[] = '/' . preg_quote($i, '/') . '/i';
}
foreach ((array) @$opt['+'] as $i) {
$inclp[] = '/' . preg_quote($i, '/') . '/i';
}
foreach ((array) @$opt['-'] as $i) {
$exclp[] = '!' . preg_quote($i, '!') . '/i';
}
$searchterms = count($inclp) + count($exclp);
$readf += $searchterms;
# forced read if incl/excl
# link= (backlinks)
if (@$opt['link']) {
$linkpat = "/,{$opt['link']},/";
# find in target= attribute
$readf = 1;
# forced read
}
if (@$opt['trail']) {
$trail = ReadTrail($pagename, $opt['trail']);
foreach ($trail as $tstop) {
$pn = $tstop['pagename'];
$list[] = $pn;
$tstop['parentnames'] = array();
PCache($pn, $tstop);
}
foreach ($trail as $tstop) {
$PCache[$tstop['pagename']]['parentnames'][] = $trail[$tstop['parent']]['pagename'];
}
} else {
$list = ListPages($pats);
}
if (IsEnabled($EnablePageListProtect, 0)) {
$readf = 1000;
}
$matches = array();
$FmtV['$MatchSearched'] = count($list);
foreach ((array) $list as $pn) {
if ($readf) {
$page = $readf == 1000 ? RetrieveAuthPage($pn, 'read', false, READPAGE_CURRENT) : ReadPage($pn, READPAGE_CURRENT);
if (!$page) {
continue;
}
if ($linkpat && !preg_match($linkpat, ",{$page['targets']},")) {
continue;
}
if ($searchterms) {
$text = $pn . "\n" . @$page['targets'] . "\n" . @$page['text'];
foreach ($inclp as $i) {
if (!preg_match($i, $text)) {
continue 2;
}
}
foreach ($exclp as $i) {
if (preg_match($i, $text)) {
continue 2;
}
}
}
$page['size'] = strlen(@$page['text']);
} else {
$page = array();
}
$page['pagename'] = $page['name'] = $pn;
PCache($pn, $page);
$matches[] =& $PCache[$pn];
}
SortPageList($matches, $order);
StopWatch('MakePageList end');
return $matches;
}
/**
* Handle the .draw file format
*/
function HandlePostDrawing_draw($pagename)
{
global $UploadVerifyFunction, $UploadFileFmt, $LastModFile, $Now;
global $RecentChangesFmt, $IsPagePosted, $EnableDrawingRecentChanges;
$page = RetrieveAuthPage($pagename, 'upload');
if (!$page) {
Abort("?cannot upload to {$pagename}");
}
$uploadImage = $_FILES['uploadImage'];
$uploadDrawing = $_FILES['uploadDrawing'];
$uploadMap = $_FILES['uploadMap'];
$drawingBaseTime = $_POST['drawingbasetime'];
// The time the user began editing this drawing.
$imageupname = $uploadImage['name'];
$drawingupname = $uploadDrawing['name'];
$mapupname = $uploadMap['name'];
$imageupname = MakeUploadName($pagename, $imageupname);
$drawingupname = MakeUploadName($pagename, $drawingupname);
$mapupname = MakeUploadName($pagename, $mapupname);
$imageFilePath = FmtPageName("{$UploadFileFmt}/{$imageupname}", $pagename);
$drawingFilePath = FmtPageName("{$UploadFileFmt}/{$drawingupname}", $pagename);
$mapFilePath = FmtPageName("{$UploadFileFmt}/{$mapupname}", $pagename);
if (file_exists($drawingFilePath)) {
// Only worth checking timestamps if a drawing actually currently exists!
if (filemtime($drawingFilePath) > $drawingBaseTime) {
// Assign a new timestamp to the client... hopefully this time they'll be ok...
header("PmWikiDraw-DrawingChanged: {$Now}");
exit;
}
}
// If we've got to here then we can assume its safe to overwrite the current file
// Note: we should do the history archival/recent changes stuff here.
if ($EnableDrawingRecentChanges == true && isset($_POST['drawingname'])) {
$imageModified = $_POST['drawingname'];
$RecentChangesFmt = array('Main.AllRecentChanges' => '* [[$Group/$Name]] Drawing - ' . $imageModified . ' modified . . . $CurrentTime', '$Group.RecentChanges' => '* [[$Group/$Name]] Drawing - ' . $imageModified . ' modified . . . $CurrentTime');
$IsPagePosted = true;
$x = "";
$y = "";
PostRecentChanges($pagename, $x, $y);
$IsPagePosted = false;
}
$filedir = preg_replace('#/[^/]*$#', '', $imageFilePath);
mkdirp($filedir);
if (!move_uploaded_file($uploadImage['tmp_name'], $imageFilePath)) {
Abort("?cannot move uploaded image to {$imageFilePath}");
return;
}
fixperms($imageFilePath, 0444);
if ($LastModFile) {
touch($LastModFile);
fixperms($LastModFile);
}
$filedir = preg_replace('#/[^/]*$#', '', $drawingFilePath);
mkdirp($filedir);
if (!move_uploaded_file($uploadDrawing['tmp_name'], $drawingFilePath)) {
Abort("?cannot move uploaded drawing to {$drawingFilePath}");
return;
}
fixperms($drawingFilePath, 0444);
if ($LastModFile) {
touch($LastModFile);
fixperms($LastModFile);
}
$filedir = preg_replace('#/[^/]*$#', '', $mapFilePath);
mkdirp($filedir);
if (!move_uploaded_file($uploadMap['tmp_name'], $mapFilePath)) {
Abort("?cannot move uploaded map to {$mapFilePath}");
return;
}
fixperms($mapFilePath, 0444);
if ($LastModFile) {
touch($LastModFile);
fixperms($LastModFile);
}
// Sets the drawingBaseTime header for incremental save support.
header("PmWikiDraw-DrawingBaseTime: " . filemtime($drawingFilePath));
exit;
}
function HandleSearchA($pagename, $level = 'read')
{
global $PageSearchForm, $FmtV, $HandleSearchFmt, $PageStartFmt, $PageEndFmt;
SDV($HandleSearchFmt, array(&$PageStartFmt, '$PageText', &$PageEndFmt));
SDV($PageSearchForm, '$[$SiteGroup/Search]');
PCache($pagename, RetrieveAuthPage($pagename, 'read'));
$form = ReadPage(FmtPageName($PageSearchForm, $pagename), READPAGE_CURRENT);
$text = @$form['text'];
if (!$text) {
$text = '(:searchresults:)';
}
$FmtV['$PageText'] = MarkupToHTML($pagename, $text);
PrintFmt($pagename, $HandleSearchFmt);
}
function HandleRss($pagename)
{
global $RssMaxItems, $RssSourceSize, $RssDescSize, $RssChannelFmt, $RssChannelDesc, $RssTimeFmt, $RssChannelBuildDate, $RssItemsRDFList, $RssItemsRDFListFmt, $RssItems, $RssItemFmt, $HandleRssFmt, $FmtV;
$t = ReadTrail($pagename, $pagename);
$page = RetrieveAuthPage($pagename, 'read', false);
if (!$page) {
Abort("?cannot read {$pagename}");
}
$cbgmt = $page['time'];
$r = array();
for ($i = 0; $i < count($t) && count($r) < $RssMaxItems; $i++) {
if (!PageExists($t[$i]['pagename'])) {
continue;
}
$page = RetrieveAuthPage($t[$i]['pagename'], 'read', false);
Lock(0);
if (!$page) {
continue;
}
$text = MarkupToHTML($t[$i]['pagename'], substr($page['text'], 0, $RssSourceSize));
$text = entityencode(preg_replace("/<.*?>/s", "", $text));
preg_match("/^(.{0,{$RssDescSize}}\\s)/s", $text, $match);
$r[] = array('name' => $t[$i]['pagename'], 'time' => $page['time'], 'desc' => $match[1] . " ...", 'author' => $page['author']);
if ($page['time'] > $cbgmt) {
$cbgmt = $page['time'];
}
}
SDV($RssChannelBuildDate, entityencode(gmdate('D, d M Y H:i:s \\G\\M\\T', $cbgmt)));
SDV($RssChannelDesc, entityencode(FmtPageName('$Group.$Title', $pagename)));
foreach ($r as $page) {
$FmtV['$RssItemPubDate'] = gmstrftime($RssTimeFmt, $page['time']);
$FmtV['$RssItemDesc'] = $page['desc'];
$FmtV['$RssItemAuthor'] = $page['author'];
$RssItemsRDFList[] = entityencode(FmtPageName($RssItemsRDFListFmt, $page['name']));
$RssItems[] = entityencode(FmtPageName($RssItemFmt, $page['name']));
}
header("Content-type: text/xml");
PrintFmt($pagename, $HandleRssFmt);
exit;
}
function HandleRss($pagename)
{
global $RssMaxItems, $RssSourceSize, $RssDescSize, $RssChannelFmt, $RssChannelDesc, $RssTimeFmt, $RssChannelBuildDate, $RssItemsRDFList, $RssItemsRDFListFmt, $RssItems, $RssItemFmt, $RssItemDesc, $RssItemPubDate, $GCount, $HandleRssFmt;
$t = ReadTrail($pagename, $pagename);
$page = RetrieveAuthPage($pagename, false);
$cbgmt = $page['time'];
$r = array();
for ($i = 0; $i < count($t) && count($r) < $RssMaxItems; $i++) {
if (!PageExists($t[$i]['pagename'])) {
continue;
}
$page = RetrieveAuthPage($t[$i]['pagename'], false);
$text = MarkupToHTML($t[$i]['pagename'], substr($page['text'], 0, $RssSourceSize));
$text = rssencode(preg_replace("/<.*?>/s", "", $text));
preg_match("/^(.{0,{$RssDescSize}}\\s)/s", $text, $match);
$r[] = array('name' => $t[$i]['pagename'], 'time' => $page['time'], 'desc' => $match[1] . " ...");
if ($page['time'] > $cbgmt) {
$cbgmt = $page['time'];
}
}
SDV($RssChannelBuildDate, rssencode(gmstrftime($RssTimeFmt, $cbgmt)));
SDV($RssChannelDesc, rssencode(FmtPageName('$Group.$Title', $pagename)));
foreach ($r as $page) {
$RssItemPubDate = gmstrftime($RssTimeFmt, $page['time']);
$RssItemDesc = $page['desc'];
$GCount = 0;
$RssItemsRDFList[] = rssencode(FmtPageName($RssItemsRDFListFmt, $page['name']));
$RssItems[] = rssencode(FmtPageName($RssItemFmt, $page['name']));
}
header("Content-type: text/xml");
PrintFmt($pagename, $HandleRssFmt);
exit;
}
function FmtPageList($fmt, $pagename, $opt)
{
global $GroupPattern, $SearchPatterns, $FmtV, $FPLFunctions, $EnablePageListProtect;
if (isset($_REQUEST['q']) && $_REQUEST['q'] == '') {
$_REQUEST['q'] = "''";
}
$opt = array_merge($opt, @$_REQUEST);
$rq = htmlspecialchars(stripmagic(@$_REQUEST['q']), ENT_NOQUOTES);
if (preg_match("!^({$GroupPattern}(\\|{$GroupPattern})*)?/!i", $rq, $match)) {
$opt['group'] = @$match[1];
$rq = str_replace(@$match[1] . '/', '', $rq);
}
$needle = $opt['o'] . ' ' . $rq;
$terms = preg_split('/((?<!\\S)[-+]?[\'"].*?[\'"](?!\\S)|\\S+)/', $needle, -1, PREG_SPLIT_DELIM_CAPTURE | PREG_SPLIT_NO_EMPTY);
$excl = array();
$incl = array();
foreach ($terms as $t) {
if (trim($t) == '') {
continue;
}
if (preg_match('/^([^\'":=]*)[:=]([\'"]?)(.*?)\\2$/', $t, $match)) {
$opt[$match[1]] = $match[3];
continue;
}
preg_match('/^([-+]?)([\'"]?)(.+?)\\2$/', $t, $match);
if ($match[1] == '-') {
$excl[] = $match[3];
} else {
$incl[] = $match[3];
}
}
if (@$opt['req'] && !$incl && !$excl && !isset($_REQUEST['q'])) {
return;
}
$show = isset($opt['list']) ? $opt['list'] : 'default';
$pats = (array) @$SearchPatterns[$show];
if (@$opt['group']) {
array_unshift($pats, "/^({$opt['group']})\\./i");
}
if (@$opt['trail']) {
$t = ReadTrail($pagename, $opt['trail']);
foreach ($t as $pagefile) {
$pagelist[] = $pagefile['pagename'];
}
} else {
$pagelist = ListPages($pats);
}
$matches = array();
$searchterms = count($excl) + count($incl);
$plprotect = IsEnabled($EnablePageListProtect, 0);
foreach ($pagelist as $pagefile) {
if ($plprotect) {
$page = RetrieveAuthPage($pagefile, 'read', false);
} else {
$page = ReadPage($pagefile);
}
Lock(0);
if (!$page) {
continue;
}
if ($searchterms) {
$text = $pagefile . "\n" . @$page['text'] . "\n" . @$page['targets'];
foreach ($excl as $t) {
if (stristr($text, $t)) {
continue 2;
}
}
foreach ($incl as $t) {
if (!stristr($text, $t)) {
continue 2;
}
}
}
$matches[] = array('pagename' => $pagefile, 'size' => strlen(@$page['text']), 'author' => @$page['author'], 'time' => $page['time']);
}
sort($matches);
$FmtV['$MatchCount'] = count($matches);
$FmtV['$MatchSearched'] = count($pagelist);
$FmtV['$Needle'] = $needle;
$GLOBALS['SearchIncl'] = $incl;
$GLOBALS['SearchExcl'] = $excl;
$GLOBALS['SearchGroup'] = @$opt['group'];
$fmtfn = @$FPLFunctions[$opt['fmt']];
if (!function_exists($fmtfn)) {
$fmtfn = 'FPLByGroup';
}
$FmtV['$MatchList'] = $fmtfn($pagename, $matches, $opt);
return FmtPageName($fmt, $pagename);
}
function HandleRefCount($pagename, $auth='read') {
global $HandleRefCountFmt,$PageStartFmt,$PageEndFmt;
$page = RetrieveAuthPage($pagename, $auth, true, READPAGE_CURRENT);
if (!$page) Abort('?unauthorized');
PCache($pagename, $page);
SDV($HandleRefCountFmt,array(&$PageStartFmt,
'function:PrintRefCount',&$PageEndFmt));
PrintFmt($pagename,$HandleRefCountFmt);
}
function HandleSearchA($pagename, $level = 'read')
{
global $PageSearchForm, $FmtV, $HandleSearchFmt, $PageStartFmt, $PageEndFmt;
SDV($HandleSearchFmt, array(&$PageStartFmt, '$PageText', &$PageEndFmt));
SDV($PageSearchForm, '$[$SiteGroup/Search]');
$form = RetrieveAuthPage($pagename, 'read', true, READPAGE_CURRENT);
PCache($pagename, $form);
if (!preg_match('/\\(:searchresults(\\s.*?)?:\\)/', $form['text'])) {
foreach ((array) $PageSearchForm as $formfmt) {
$form = ReadPage(FmtPageName($formfmt, $pagename), READPAGE_CURRENT);
if ($form['text']) {
break;
}
}
}
$text = @$form['text'];
if (!$text) {
$text = '(:searchresults:)';
}
$FmtV['$PageText'] = MarkupToHTML($pagename, $text);
PrintFmt($pagename, $HandleSearchFmt);
}
function InputDefault($pagename, $type, $args)
{
global $InputValues, $PageTextVarPatterns, $PCache;
$args = ParseArgs($args);
$args[''] = (array) @$args[''];
$name = isset($args['name']) ? $args['name'] : array_shift($args['']);
$name = preg_replace('/^\\$:/', 'ptv_', $name);
$value = isset($args['value']) ? $args['value'] : array_shift($args['']);
if (!isset($InputValues[$name])) {
$InputValues[$name] = $value;
}
if (@$args['request']) {
$req = array_merge($_GET, $_POST);
foreach ($req as $k => $v) {
if (!isset($InputValues[$k])) {
$InputValues[$k] = PHSC(stripmagic($v), ENT_NOQUOTES);
}
}
}
$source = @$args['source'];
if ($source) {
$source = MakePageName($pagename, $source);
$page = RetrieveAuthPage($source, 'read', false, READPAGE_CURRENT);
if ($page) {
foreach ((array) $PageTextVarPatterns as $pat) {
if (preg_match_all($pat, IsEnabled($PCache[$source]['=preview'], $page['text']), $match, PREG_SET_ORDER)) {
foreach ($match as $m) {
# if (!isset($InputValues['ptv_'.$m[2]])) PITS:01337
$InputValues['ptv_' . $m[2]] = PHSC(Qualify($source, $m[3]), ENT_NOQUOTES);
}
}
}
}
}
return '';
}
function HandlePostAttr($pagename)
{
global $PageAttributes;
$page = RetrieveAuthPage($pagename, 'attr');
if (!$page) {
Abort("?unable to read {$pagename}");
}
foreach ($PageAttributes as $attr => $p) {
$newpw = @$_POST[$attr];
if ($newpw == 'clear') {
unset($page[$attr]);
} else {
if ($newpw > '') {
$page[$attr] = crypt($newpw);
}
}
}
WritePage($pagename, $page);
Redirect($pagename);
exit;
}
function UploadAuth($pagename, $auth, $cache=0){
global $GroupAttributesFmt, $EnableUploadGroupAuth;
if (IsEnabled($EnableUploadGroupAuth,0)){
SDV($GroupAttributesFmt,'$Group/GroupAttributes');
$pn_upload = FmtPageName($GroupAttributesFmt, $pagename);
} else $pn_upload = $pagename;
$page = RetrieveAuthPage($pn_upload, $auth, true, READPAGE_CURRENT);
if(!$page) Abort("?No '$auth' permissions for $pagename");
if($cache) PCache($pn_upload,$page);
return true;
}
function HandleLoginA($pagename, $auth = 'login') {
global $AuthId, $DefaultPasswords;
unset($DefaultPasswords['admin']);
$prompt = @(!$_POST['authpw'] || ($AuthId != $_POST['authid']));
$page = RetrieveAuthPage($pagename, $auth, $prompt, READPAGE_CURRENT);
Redirect($pagename);
}
function HandlePostAttr($pagename)
{
global $PageAttributes, $EnablePostAttrClearSession;
$page = RetrieveAuthPage($pagename, 'attr');
if (!$page) {
Abort("?unable to read {$pagename}");
}
foreach ($PageAttributes as $attr => $p) {
$newpw = @$_POST[$attr];
if ($newpw == 'clear') {
unset($page[$attr]);
} else {
if ($newpw > '') {
$page[$attr] = crypt($newpw);
}
}
}
WritePage($pagename, $page);
if (IsEnabled($EnablePostAttrClearSession, 1)) {
$_SESSION['authpw'] = array();
}
Redirect($pagename);
exit;
}
function HandlePostUpload($pagename, $auth = 'upload') {
global $UploadVerifyFunction, $UploadFileFmt, $LastModFile,
$EnableUploadVersions, $Now;
$page = RetrieveAuthPage($pagename, $auth, true, READPAGE_CURRENT);
if (!$page) Abort("?cannot upload to $pagename");
$uploadfile = $_FILES['uploadfile'];
$upname = $_REQUEST['upname'];
if ($upname=='') $upname=$uploadfile['name'];
$upname = MakeUploadName($pagename,$upname);
if (!function_exists($UploadVerifyFunction))
Abort('?no UploadVerifyFunction available');
$filepath = FmtPageName("$UploadFileFmt/$upname",$pagename);
$result = $UploadVerifyFunction($pagename,$uploadfile,$filepath);
if ($result=='') {
$filedir = preg_replace('#/[^/]*$#','',$filepath);
mkdirp($filedir);
if (IsEnabled($EnableUploadVersions, 0))
@rename($filepath, "$filepath,$Now");
if (!move_uploaded_file($uploadfile['tmp_name'],$filepath))
{ Abort("?cannot move uploaded file to $filepath"); return; }
fixperms($filepath,0444);
if ($LastModFile) { touch($LastModFile); fixperms($LastModFile); }
$result = "upresult=success";
}
Redirect($pagename,"{\$PageUrl}?action=upload&uprname=$upname&$result");
}
function InputDefault($pagename, $type, $args) {
global $InputValues, $PageTextVarPatterns;
$args = ParseArgs($args);
$args[''] = (array)@$args[''];
$name = (isset($args['name'])) ? $args['name'] : array_shift($args['']);
$name = str_replace('/^\\$:/', 'ptv_', $name);
$value = (isset($args['value'])) ? $args['value'] : array_shift($args['']);
if (!isset($InputValues[$name])) $InputValues[$name] = $value;
if (@$args['request']) {
$req = array_merge($_GET, $_POST);
foreach($req as $k => $v)
if (!isset($InputValues[$k]))
$InputValues[$k] = htmlspecialchars(stripmagic($v), ENT_NOQUOTES);
}
$source = @$args['source'];
if ($source) {
$source = MakePageName($pagename, $source);
$page = RetrieveAuthPage($source, 'read', false, READPAGE_CURRENT);
if ($page) {
foreach((array)$PageTextVarPatterns as $pat)
if (preg_match_all($pat, $page['text'], $match, PREG_SET_ORDER))
foreach($match as $m)
if (!isset($InputValues['ptv_'.$m[1]]))
$InputValues['ptv_'.$m[2]] =
htmlspecialchars(Qualify($source, $m[3]), ENT_NOQUOTES);
}
}
return '';
}
