function do_highlight($formatter, $params = array())
{
if (isset($params['value'])) {
$expr = $params['value'];
} else {
if (isset($params['q'])) {
$expr = $params['q'];
}
}
$expr = _stripslashes($expr);
$formatter->send_header('', $params);
$formatter->send_title('', '', $params);
flush();
ob_start();
$formatter->send_page();
flush();
$out = ob_get_contents();
ob_end_clean();
if (isset($expr[0])) {
highlight_repl(null, true);
$highlight = _preg_search_escape($expr);
$out = preg_replace_callback('/((<[^>]*>)|(' . $highlight . '))/i', 'highlight_repl', $out);
echo $out;
} else {
echo $out;
}
$args['editable'] = 1;
$formatter->send_footer($args, $params);
}
public function index()
{
//note 普通的 http 通知方式
if (!defined('IN_UC')) {
error_reporting(0);
set_magic_quotes_runtime(0);
defined('MAGIC_QUOTES_GPC') || define('MAGIC_QUOTES_GPC', get_magic_quotes_gpc());
service("Passport");
$_DCACHE = $get = $post = array();
$code = @$_GET['code'];
parse_str(_authcode($code, 'DECODE', UC_KEY), $get);
if (MAGIC_QUOTES_GPC) {
$get = _stripslashes($get);
}
$timestamp = time();
if ($timestamp - $get['time'] > 3600) {
exit('Authracation has expiried');
}
if (empty($get)) {
exit('Invalid Request');
}
$action = $get['action'];
require_once DISCUZ_ROOT . './uc_client/lib/xml.class.php';
$post = xml_unserialize(file_get_contents('php://input'));
if (in_array($get['action'], array('test', 'deleteuser', 'renameuser', 'gettag', 'synlogin', 'synlogout', 'updatepw', 'updatebadwords', 'updatehosts', 'updateapps', 'updateclient', 'updatecredit', 'getcreditsettings', 'updatecreditsettings'))) {
exit($this->{$get}['action']($get, $post));
} else {
exit(API_RETURN_FAILED);
}
}
}
function do_autosave($formatter, $options)
{
global $DBInfo;
if (session_id() == '') {
// ip based
if ($DBInfo->user->id == 'Anonymous') {
$myid = md5($_SERVER['REMOTE_ADDR'] . '.' . 'MONIWIKI');
// IP based for Anonymous user XXX
} else {
$myid = md5($DBInfo->user->id . $_SERVER['REMOTE_ADDR'] . '.' . 'MONIWIKI');
}
} else {
if (0) {
if ($_SESSION['_autosave']) {
$myid = $_SESSION['_autosave'];
} else {
$myid = session_id();
$_SESSION['_autosave'] = $myid;
}
} else {
if ($DBInfo->user->id == 'Anonymous') {
$myid = md5($_SERVER['REMOTE_ADDR'] . '.' . 'MONIWIKI');
// IP based for Anonymous user XXX
} else {
$myid = md5($DBInfo->user->id . $_SERVER['REMOTE_ADDR'] . '.' . 'MONIWIKI');
}
}
}
$myid = md5($myid . $formatter->page->name);
if (isset($options['section'])) {
$myid .= '.' . $options['section'];
}
// XXX section support
$save = new Cache_text('autosave');
if (!empty($options['retrive'])) {
$saved = $save->fetch($myid);
$os = rtrim($saved);
$stamp = $save->mtime($myid);
echo $stamp . "\n" . $os;
return true;
} else {
if (!empty($options['remove'])) {
$save->remove($myid);
echo 'true';
return true;
}
}
$savetext = $options['savetext'];
$datestamp = substr($options['datestamp'], 0, 10);
// only 10-digits used
$savetext = preg_replace("/\r\n|\r/", "\n", $savetext);
$savetext = _stripslashes($savetext);
if ($save->exists($myid) and $save->mtime($myid) > $datestamp) {
echo 'false';
return false;
}
$save->update($myid, $savetext);
echo 'true';
return true;
}
function index()
{
/* 只提供普通的http通知方式 */
error_reporting(0);
set_magic_quotes_runtime(0);
$_DCACHE = $get = $post = array();
$code = @$_GET['code'];
parse_str(_authcode($code, 'DECODE', UC_KEY), $get);
$get = _stripslashes($get);
$timestamp = time();
if ($timestamp - $get['time'] > 3600) {
exit('Authracation has expiried');
}
if (empty($get)) {
exit('Invalid Request');
}
$action = $get['action'];
include ROOT_PATH . '/uc_client/lib/xml.class.php';
$post = xml_unserialize(file_get_contents('php://input'));
if (in_array($get['action'], array('test', 'deleteuser', 'renameuser', 'gettag', 'synlogin', 'synlogout', 'updatepw', 'updatebadwords', 'updatehosts', 'updateapps', 'updateclient', 'updatecredit', 'getcreditsettings', 'updatecreditsettings'))) {
exit($this->{$get}['action']($get, $post));
} else {
exit(API_RETURN_FAILED);
}
}
function _stripslashes(&$var)
{
if (is_array($var)) {
foreach ($var as $k => &$v) {
_stripslashes($v);
}
} else {
$var = stripslashes($var);
}
}
function _stripslashes($value)
{
if (is_array($value)) {
foreach ($value as $k => $v) {
$value[$k] = _stripslashes($v);
}
return $value;
}
return stripslashes($value);
}
function _stripslashes(&$val)
{
if (!is_array($val)) {
return stripslashes($val);
}
foreach ($val as $k => &$v) {
$val[$k] = _stripslashes($v);
}
return $val;
}
function _uc_stripslashes($string)
{
if (is_array($string)) {
foreach ($string as $key => $val) {
$string[$key] = _stripslashes($val);
}
} else {
$string = stripslashes($string);
}
return $string;
}
function User_nforge($id = '')
{
if ($id) {
$this->setID($id);
$u =& user_get_object_by_name($id);
} else {
$u =& user_get_object(user_getid());
if ($u and is_object($u) and !$u->isError()) {
global $DBInfo;
$id = $u->getUnixName();
}
if (!empty($id)) {
$this->setID($id);
$udb = new UserDB($DBInfo);
$tmp = $udb->getUser($id);
// get timezone and make timezone offset
$tz_offset = date('Z');
$update = 0;
if ($tz_offset != $tmp->info['tz_offset']) {
$update = 1;
}
if (!empty($DBInfo->use_homepage_url) and empty($tmp->info['home']) or $update or empty($tmp->info['nick']) or $tmp->info['nick'] != $u->data_array['realname']) {
// register user
$tmp->info['tz_offset'] = $tz_offset;
$tmp->info['nick'] = $u->data_array['realname'];
if (!empty($DBInfo->use_homepage_url)) {
$tmp->info['home'] = util_make_url_u($u->getID(), true);
}
$udb->saveUser($tmp);
}
} else {
$id = 'Anonymous';
$this->setID('Anonymous');
}
}
$this->css = isset($_COOKIE['MONI_CSS']) ? $_COOKIE['MONI_CSS'] : '';
$this->theme = isset($_COOKIE['MONI_THEME']) ? $_COOKIE['MONI_THEME'] : '';
$this->bookmark = isset($_COOKIE['MONI_BOOKMARK']) ? $_COOKIE['MONI_BOOKMARK'] : '';
$this->trail = isset($_COOKIE['MONI_TRAIL']) ? _stripslashes($_COOKIE['MONI_TRAIL']) : '';
$this->tz_offset = isset($_COOKIE['MONI_TZ']) ? _stripslashes($_COOKIE['MONI_TZ']) : '';
$this->nick = isset($_COOKIE['MONI_NICK']) ? _stripslashes($_COOKIE['MONI_NICK']) : '';
if ($this->tz_offset == '') {
$this->tz_offset = date('Z');
}
if (!empty($id) and $id != 'Anonymous') {
global $DBInfo;
$udb = new UserDB($DBInfo);
if (!$udb->_exists($id)) {
$dummy = $udb->saveUser($this);
}
}
}
/**
* @return Application Application object
* @desc Constructor - set global pathes, error reporting and maximum script execution time; register $_POST, $_GET, $_SESSION variables as $_GLOBALS.
*/
function Application()
{
// set timer ON for global execute time
$GLOBALS['start_time'] = getmicrotime();
// set up global template
$this->global_template = 'global';
// create empty array of app errors
$this->error = array();
// set GET, POST, SSESION variables global & strip slashes
if (is_array($_POST) and sizeof($_POST) > 0) {
foreach ($_POST as $key => $val) {
$val = _stripslashes($val);
$_POST[$key] = $val;
$GLOBALS[$key] = $val;
}
}
if (is_array($_GET) and sizeof($_GET) > 0) {
foreach ($_GET as $key => $val) {
$val = _stripslashes($val);
$_GET[$key] = $val;
$GLOBALS[$key] = $val;
}
}
if (is_array($_SESSION) and sizeof($_SESSION) > 0) {
foreach ($_SESSION as $key => $val) {
$val = _stripslashes($val);
$_SESSION[$key] = $val;
$GLOBALS[$key] = $val;
}
}
//
$this->user = false;
// load CP if needed
if (defined('CP_CLASS') && CP_CLASS == 1) {
$this->load('cp', 'class');
}
// set time limit & error level
error_reporting(ERROR_LEVEL);
set_time_limit(TIME_LIMIT);
// define global tpl path
if (ROOT_PATH != './' && ROOT_PATH != '') {
define('GLOBAL_TPL_PATH', '../' . ROOT_PATH . 'tpl/global/');
} else {
define('GLOBAL_TPL_PATH', 'global/');
}
$this->paging = false;
}
function do_markup($formatter, $options)
{
$formatter->section_edit = 0;
$formatter->sister_on = 0;
$formatter->perma_icon = '';
$formatter->get_javascripts();
// trash default javascripts
//$options['fixpath']=1;
$formatter->send_header("", $options);
$formatter->postfilters = array('fiximgpath');
if (!empty($options['preview'])) {
$formatter->wikimarkup = 2;
} else {
if (empty($options['all'])) {
$formatter->wikimarkup = 1;
}
}
if (!empty($options['value'])) {
$val = _stripslashes($options['value']);
$val = preg_replace('/(\\r\\n|\\n|\\r)/', "\n", $val);
// Win32 fix
$formatter->send_page($val, $options);
} else {
if (isset($options['section'])) {
$formatter->section_edit = 1;
$formatter->sect_num = $options['section'] - 1;
$raw_body = $formatter->page->get_raw_body($options);
$sections = _get_sections($raw_body);
if ($sections[$options['section']]) {
$raw_body = $sections[$options['section']];
$formatter->send_page($raw_body, $options);
}
} else {
$formatter->section_edit = 1;
$formatter->send_page('', $options);
}
#else ignore
}
print $formatter->get_javascripts();
return;
}
define('THINK_PATH', SITE_PATH . '/core/ThinkPHP');
set_magic_quotes_runtime(0);
defined('MAGIC_QUOTES_GPC') || define('MAGIC_QUOTES_GPC', get_magic_quotes_gpc());
require_once SITE_PATH . '/config/uc_config.inc.php';
//载入ThinkSNS配置
$tsconfig1 = (require_once SITE_PATH . '/config/config.inc.php');
$tsconfig2 = (require_once SITE_PATH . '/core/OpenSociax/convention.php');
$tsconfig = array_merge($tsconfig2, $tsconfig1);
$cookiepre = $tsconfig['COOKIE_PREFIX'];
$cookiedomain = $tsconfig['COOKIE_DOMAIN'];
$cookiepath = $tsconfig['COOKIE_PATH'];
$_DCACHE = $get = $post = array();
$code = @$_GET['code'];
parse_str(_authcode($code, 'DECODE', UC_KEY), $get);
if (MAGIC_QUOTES_GPC) {
$get = _stripslashes($get);
}
//时间戳验证
$timestamp = time();
// if($timestamp - $get['time'] > 3600) {
// exit('Authracation has expiried');
// }
if (empty($get)) {
exit('Invalid Request');
}
$action = $get['action'];
require_once DISCUZ_ROOT . './uc_client/lib/xml.class.php';
$post = xml_unserialize(file_get_contents('php://input'));
// 调试用-写log
// $log_message = "============================ \n "
// .date('Y-m-d H:i:s')." \n ".$_SERVER['REQUEST_URI']
function do_msgfmt($formatter, $options)
{
global $DBInfo;
if ($_SERVER['REQUEST_METHOD'] == 'POST' && !$DBInfo->security->writable($options)) {
$options['title'] = _("Page is not writable");
return do_invalid($formatter, $options);
}
$po = '';
$domain = 'PoHello';
if (isset($options['msgid']) or isset($options['msgstr'])) {
# just check a single msgstr
header("Content-type: text/plain");
$date = date('Y-m-d h:i+0900');
$charset = strtoupper($DBInfo->charset);
if (_stripslashes($options['msgid']) != '""') {
$po = <<<POHEAD
msgid ""
msgstr ""
"Project-Id-Version: {$domain} 1.1\\n"
"POT-Creation-Date: {$date}\\n"
"PO-Revision-Date: {$date}\\n"
"Last-Translator: MoniWiki <nobody@localhost>\\n"
"Language-Team: moniwiki <ko@localhost>\\n"
"MIME-Version: 1.0\\n"
"Content-Type: text/plain; charset={$charset}\\n"
"Content-Transfer-Encoding: 8bit\\n"
#: src/test.c
POHEAD;
}
$po .= 'msgid ' . _stripslashes($options['msgid']) . "\n";
#$msg=preg_replace('/""(?!")/',"\"\n\"",
# _stripslashes($options['msgstr']));
$msg = _stripslashes($options['msgstr']);
$po .= 'msgstr ' . $msg . "\n";
$po .= "\n\n";
$ret = _pocheck($po, 1);
if ($ret == true) {
print "true\n" . $po;
}
return;
}
if ($options['po'] and $options['btn']) {
$formatter->send_header('', $options);
$formatter->send_title(sprintf(_("Translation of %s"), $options['page']), '', $options);
$comment = $options['comment'] ? _stripslashes($options['comment']) : "Translations are updated";
$po = preg_replace("/(\r\n|\r)/", "\n", _stripslashes($options['po']));
$formatter->page->write($po);
$ret = $DBInfo->savePage($formatter->page, $comment, $options);
if ($ret != -1) {
print "<h2>" . _("Translations are successfully updated.") . "</h2>";
} else {
print "<h2>" . _("Fail to save translations.") . "</h2>";
}
$formatter->send_footer('', $options);
return;
}
$msgkeys = array_keys($options);
$msgids = preg_grep('/^msgid-/', $msgkeys);
$msgstrs = preg_grep('/^msgstr-/', $msgkeys);
if (sizeof($msgids) != sizeof($msgstrs)) {
print "Invalid request.";
return;
}
$rawpo = $formatter->page->_get_raw_body();
$lines = explode("\n", $rawpo);
$po = '';
$comment = '';
$msgid = array();
$msgstr = array();
foreach ($lines as $l) {
if ($l[0] != 'm' and !preg_match('/^\\s*"/', $l)) {
if ($msgstr) {
$mid = implode("\n", $msgid);
$id = md5($mid);
$msg = preg_replace("/(\r\n|\r)/", "\n", _stripslashes($options['msgstr-' . $id]));
$sid = md5(rtrim($msg));
if ($options['md5sum-' . $id] and $options['md5sum-' . $id] != $sid) {
$comment = preg_replace('/#, fuzzy\\n/m', '', $comment);
$comment = str_replace(', fuzzy', '', $comment);
}
# fix msgstr
#$msg=preg_replace('/(?!<\\\\)"/','\\"',$msg);
$po .= $comment;
$po .= 'msgid ' . preg_replace('/(\\r\\n|\\r)/', "\n", _stripslashes($options['msgid-' . $id])) . "\n";
$po .= 'msgstr ' . $msg . "\n";
# init
$msgid = array();
$msgstr = array();
$comment = '';
}
if ($l[0] == '#' and $l[1] == ',') {
if ($comment) {
$po .= $comment;
$comment = '';
}
$comment .= $l . "\n";
} else {
if ($comment) {
$po .= $comment;
$comment = '';
}
$po .= $l . "\n";
continue;
}
} else {
if (preg_match('/^(msgid|msgstr)\\s+(".*")\\s*$/', $l, $m)) {
if ($m[1] == 'msgid') {
$msgid[] = $m[2];
continue;
}
$msgstr[] = $m[2];
} else {
if (preg_match('/^\\s*(".*")\\s*$/', $l, $m)) {
if ($msgstr) {
$msgstr[] = $m[1];
} else {
$msgid[] = $m[1];
}
} else {
$po .= $l . "\n";
}
}
}
}
$formatter->send_header('', $options);
$formatter->send_title(sprintf(_("Translation of %s"), $options['page']), '', $options);
$e = _pocheck($po);
#if ($e != true) return;
#print $po;
$url = $formatter->link_url($formatter->page->urlname);
print "<form method='post' action='{$url}'>\n" . "<input type='hidden' name='action' value='msgfmt' />\n";
print "<input type='submit' name='btn' value='Save Translation ?' /> ";
print "Summary:" . " <input type='text' size='60' name='comment' value='Translations are updated' />" . "<br />\n";
if ($options['patch']) {
include_once 'lib/difflib.php';
$rawpo = array_map(create_function('$a', 'return $a."\\n";'), explode("\n", $rawpo));
$newpo = array_map(create_function('$a', 'return $a."\\n";'), explode("\n", $po));
$diff = new Diff($rawpo, $newpo);
$f = new UnifiedDiffFormatter();
$f->trailing_cr = "";
$diffs = $f->format($diff);
$sz = sizeof(explode("\n", $diffs));
print "<textarea cols='80' rows='{$sz}' style='width:80%'>";
print $diffs;
print "</textarea>\n";
}
$po = _html_escape($po);
print "<input type='hidden' name='po' value=\"{$po}\" />\n";
print "</form>";
$formatter->send_footer('', $options);
return;
}
function _CommonFilter($str)
{
$str = str_replace(" ", " ", $str);
$str = preg_replace("/\\\$/", "$", $str);
// $str = preg_replace("/&#([0-9]+);/s", "&#\\1;" , $str );
$str = _stripslashes($str);
// $str = preg_replace( "/\\\(?!&#|\?#)/", "\" , $str );
return $str;
}
function ajax_chat($formatter, $options)
{
global $DBInfo;
$user =& $DBInfo->user;
# get cookie
$id = $user->id;
$nic = '';
$udb =& $DBInfo->udb;
if (!empty($options['nic'])) {
if (!$udb->_exists($options['nic'])) {
$nic = ' ' . $options['nic'];
} else {
if ($user->id == 'Anonymous') {
$nic = ' ' . $options['nic'] . '_' . substr(md5($_SERVER['REMOTE_ADDR']), 0, 4);
}
}
}
// %uD55C%uD558
$value = _stripslashes($options['value']);
$value = preg_replace('/%u([a-f0-9]{4})/i', '&#x\\1;', $value);
$nic = preg_replace('/%u([a-f0-9]{4})/i', '&#x\\1;', $nic);
$itemnum = _stripslashes($options['item']);
if ($itemnum > 50 or $itemnum <= 0) {
$itemnum = 20;
}
$room = escapeshellcmd(_stripslashes($options['room']));
if (!file_exists($DBInfo->upload_dir . '/Chat')) {
umask(00);
mkdir($DBInfo->upload_dir . '/Chat', 0777);
umask(022);
}
if ($room == 'chat') {
$log = $DBInfo->upload_dir . '/Chat/default.log';
} else {
$room = substr($room, 4);
$log = $DBInfo->upload_dir . '/Chat/' . $room . '.log';
}
if (!$value) {
if (!file_exists($log)) {
print 'false';
return;
}
$mtime = filemtime($log);
if (empty($options['laststamp']) or $mtime <= $options['laststamp']) {
print 'false';
return;
}
}
$lines = array();
$fp = fopen($log, 'a+');
while (is_resource($fp)) {
fseek($fp, 0, SEEK_END);
if ($value) {
fwrite($fp, time() . "\t" . $user->id . $nic . "\t" . rtrim($value) . "\n");
}
if (($fz = filesize($log)) == 0) {
break;
}
fseek($fp, 0, SEEK_END);
if ($fz < 512) {
fseek($fp, 0);
$ll = rtrim(fread($fp, 512));
$lines = explode("\n", $ll);
break;
}
$a = -1;
$end = 0;
$last = '';
$check = time();
$date_from = $check - 24 * 60 * 60;
// one day
while ($date_from < $check and !feof($fp)) {
$a -= 512;
// if (-$a > $fz) { $a=-$fz; print 'wwwww';}
fseek($fp, $a, SEEK_END);
$l = fread($fp, 512);
while (($p = strrpos($l, "\n")) !== false) {
$line = substr($l, $p + 1) . $last;
$l = substr($l, 0, $p);
$dumm = explode("\t", $line, 2);
$check = $dumm[0];
if ($date_from > $check) {
break;
}
$lines[] = $line;
if (sizeof($lines) >= $itemnum) {
$check = 0;
break;
}
$last = '';
}
$last = $l . $last;
}
fclose($fp);
$lines = array_reverse($lines);
break;
}
$debug = '';
#ob_start();
#print_r($_GET);
#$debug=ob_get_contents();
#ob_end_clean();
$out = '';
$formatter->set_wordrule();
if (!empty($formatter->use_smileys) and empty($formatter->smiley_rule)) {
$formatter->initSmileys();
}
$save = $formatter->sister_on;
$formatter->sister_on = 0;
$save2 = $formatter->nonexists;
$formatter->nonexists = 'always';
foreach ($lines as $line) {
list($time, $user, $msg) = explode("\t", $line, 3);
if (($p = strpos($user, ' ')) === false) {
if ($user != 'Anonymous') {
$user = '******' . $user . ']';
}
} else {
$user = '******' . $user . ']';
}
$line = '<span class="date">' . gmdate("H:i:s", $time + $options['tz_offset']) . '</span>' . '<span class="user"><' . $user . '></span>' . $msg;
if (!empty($formatter->smiley_rule)) {
$line = preg_replace_callback($formatter->smiley_rule, array(&$formatter, 'smiley_repl'), $line);
}
$out = '<li>' . preg_replace_callback("/(" . $formatter->wordrule . ")/", array(&$formatter, 'link_repl'), $line) . '</li>';
#$out.='<li>'.$line.'</li>';
}
$formatter->sister_on = $save;
$formatter->nonexists = $save2;
if (!empty($options['action_mode']) and $options['action_mode'] == 'ajax') {
$formatter->header('Expires', '0');
$formatter->header('Cache-Control', 'no-cache');
$formatter->header('Pragma', 'no-cache');
}
$stamp = '<span id="laststamp" style="display:none">' . time() . '</span>';
print '<ul>' . $debug . $out . '</ul>' . $stamp;
}
function forum_check_password($forum_fid)
{
$frame_top_target = html_get_top_frame_name();
if (!($db_forum_check_password = db_connect())) {
return false;
}
$webtag = get_webtag($webtag_search);
if (!is_numeric($forum_fid)) {
return false;
}
if ($forum_passhash = forum_get_password($forum_fid)) {
forum_get_saved_password($password, $passhash, $sesshash);
if ($sesshash == $forum_passhash) {
return true;
}
// If we got this far then the password verification failed or
// the user hasn't seen the password dialog before.
$lang = load_language_file();
html_draw_top();
echo "<h1>{$lang['passwdprotectedforum']}</h1>\n";
if (isset($_COOKIE["bh_{$webtag}_sesshash"]) && strlen(trim(_stripslashes($_COOKIE["bh_{$webtag}_sesshash"]))) > 0) {
bh_setcookie("bh_{$webtag}_sesshash", "", time() - YEAR_IN_SECONDS);
html_display_error_msg($lang['usernameorpasswdnotvalid'], '550', 'center');
}
echo "<br />\n";
echo "<div align=\"center\">\n";
echo " <form method=\"post\" action=\"forum_password.php\" target=\"", html_get_top_frame_name(), "\">\n";
echo " ", form_input_hidden('webtag', _htmlentities($webtag)), "\n";
echo " ", form_input_hidden('final_uri', _htmlentities(get_request_uri())), "\n";
echo " <table cellpadding=\"0\" cellspacing=\"0\" width=\"550\">\n";
if ($password_protected_message = forum_get_setting('password_protected_message', false)) {
echo " <tr>\n";
echo " <td align=\"left\">", fix_html($password_protected_message), "</td>\n";
echo " </tr>\n";
} else {
echo " <tr>\n";
echo " <td align=\"center\">{$lang['passwdprotectedwarning']}</td>\n";
echo " </tr>\n";
}
echo " <tr>\n";
echo " <td align=\"left\"> </td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"center\">\n";
echo " <table class=\"box\" width=\"400\">\n";
echo " <tr>\n";
echo " <td class=\"posthead\" align=\"center\">\n";
echo " <table class=\"posthead\" width=\"100%\">\n";
echo " <tr>\n";
echo " <td align=\"left\" class=\"subhead\" colspan=\"2\">{$lang['enterpasswd']}</td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " <table class=\"posthead\" width=\"90%\">\n";
echo " <tr>\n";
echo " <td align=\"left\">{$lang['passwd']}:</td>\n";
echo " <td align=\"left\">", form_input_password('forum_password', _htmlentities($password), 40, false, "autocomplete=\"off\""), form_input_hidden("forum_passhash", _htmlentities($passhash)), "</td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"left\"> </td>\n";
echo " <td align=\"left\">", form_checkbox('remember_password', 'Y', $lang['rememberpassword'], strlen($password) > 0 && strlen($passhash) > 0), "</td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"left\" colspan=\"2\"> </td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"left\"> </td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"center\">", form_submit("submit", $lang['logon']), " ", form_submit("cancel", $lang['cancel']), "</td>\n";
echo " </tr>\n";
if (bh_session_check_perm(USER_PERM_ADMIN_TOOLS, 0) || bh_session_check_perm(USER_PERM_FORUM_TOOLS, 0)) {
echo " <tr>\n";
echo " <td align=\"left\"> </td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"center\">{$lang['adminforumclosedtip']}</td>\n";
echo " </tr>\n";
}
echo " </table>\n";
echo " </form>\n";
echo "</div>\n";
html_draw_bottom();
exit;
}
return true;
}
function do_revoke($formatter, $options)
{
global $DBInfo;
if ($_SERVER['REQUEST_METHOD'] == 'POST' && !$DBInfo->security->writable($options)) {
$options['title'] = _("Page is not writable");
return do_invalid($formatter, $options);
}
$is_new = false;
if (!$formatter->page->exists()) {
$is_new = true;
}
if ($is_new) {
$formatter->send_header('', $options);
$title = _("You can't revoke already deleted page.");
$formatter->send_title($title, '', $options);
$formatter->send_footer('', $options);
return;
}
// check revocable
$params = array();
$retval = array();
$params['retval'] =& $retval;
macro_Stat($formatter, $value, $params);
$is_ok = false;
if ($retval['first_author'] == $options['id'] || in_array($options['id'], $DBInfo->members)) {
$is_ok = true;
}
// get the site specific hash code
$ticket = $formatter->page->mtime() . getTicket($DBInfo->user->id, $_SERVER['REMOTE_ADDR']);
$hash = md5($ticket);
$formatter->send_header('', $options);
if ($is_ok && $_SERVER['REQUEST_METHOD'] == 'POST' && $hash == $options['hash']) {
// simple comment check
$comment = _stripslashes($options['comment']);
$comment = trim($comment);
$default = _("Revoke");
if (isset($comment[0]) && ($p = strpos($comment, $default)) === 0) {
$comment = substr($comment, strlen($default));
$comment = trim($comment);
$comment = ltrim($comment, ': ');
}
$options['comment'] = isset($comment[0]) ? $default . ': ' . $comment : $default;
$options['.revoke'] = true;
$ret = $DBInfo->deletePage($formatter->page, $options);
if ($ret == -1) {
if (!empty($options['retval']['msg'])) {
$title = $options['retval']['msg'];
} else {
$title = sprintf(_("Fail to revoke \"%s\""), _html_escape($formatter->page->name));
}
} else {
$title = sprintf(_("\"%s\" is successfully revoked !"), _html_escape($formatter->page->name));
}
$formatter->send_title($title, '', $options);
$formatter->send_footer('', $options);
return;
}
$pagename = $formatter->page->name;
$lab = _("Summary");
if (!$is_ok) {
$title = _("You are not the first author of this page or do not have enough revoke permission");
$formatter->send_title($title, '', $options);
$formatter->send_footer('', $options);
return;
}
if ($retval['first_author'] == $options['id']) {
$title = _("You are the first author of this page");
} else {
$title = _("Do you want to revoke this page?");
}
$formatter->send_title($title, '', $options);
$comment = _("Revoke");
print "<form method='post'>\n {$lab} : <input name='comment' size='80' value='{$comment}: ' /><br />\n";
$btn = _("Revoke page");
$msg = sprintf(_("Only WikiMaster can %s this page"), _("revoke"));
if ($DBInfo->security->is_protected("revoke", $options)) {
print _("Password") . ": <input type='password' name='passwd' size='20' value='' />\n{$msg}<br />\n";
}
print "\n <input type='hidden' name='action' value='revoke' />\n <input type='hidden' name='hash' value='{$hash}' />\n <input type='submit' value='{$btn}' />{$extra}\n </form>";
$formatter->send_footer('', $options);
return;
}
function _parse_rlog($formatter, $log, $options = array())
{
global $DBInfo;
$tz_offset = $formatter->tz_offset;
if (!empty($DBInfo->wikimasters) and is_array($DBInfo->wikimasters) and in_array($options['id'], $DBInfo->wikimasters)) {
$admin = 1;
}
if (!empty($options['info_actions'])) {
$actions = $options['info_actions'];
} else {
if (isset($DBInfo->info_actions)) {
$actions = $DBInfo->info_actions;
} else {
$actions = array('recall' => 'view', 'raw' => 'source', 'diff' => 'diff');
}
}
if (!$formatter->page->exists() && !in_array('revert', $actions)) {
$actions['revert'] = 'revert';
}
if (!empty($DBInfo->use_avatar)) {
if (is_string($DBInfo->use_avatar)) {
$type = $DBInfo->use_avatar;
} else {
$type = 'identicon';
}
$avatarlink = qualifiedUrl($formatter->link_url('', '?action=' . $type . '&seed='));
}
$ipicon = '<img src="' . $DBInfo->imgs_dir . '/misc/ip.png" />';
$members = $DBInfo->members;
// do not check admin member users
$user = $DBInfo->user;
$ismember = $user->is_member;
$diff_action = null;
if (isset($actions['diff'])) {
$diff_action = _($actions['diff']);
unset($actions['diff']);
}
$state = 0;
$flag = 0;
$time_current = time();
$simple = !empty($options['simple']) ? 1 : 0;
$url = $formatter->link_url($formatter->page->urlname);
$diff_btn = _("Compare");
$out = "<div class='wikiInfo'>\n";
if (!empty($options['title'])) {
$out .= $options['title'];
} else {
$out .= "<h2>" . _("Revision History") . "</h2>\n";
}
$out .= "<form id='infoform' method='get' action='{$url}'>";
$out .= "<div><table class='info'><thead><tr>\n";
$out .= "<th>" . _("Ver.") . "</th><th>" . _("Date") . "</th>" . "<th>" . _("Changes") . "</th>" . "<th>" . _("Editor") . "</th>" . "<th><button type='submit'><span>{$diff_btn}</span></button></th>\n";
if (!$simple) {
if (!empty($actions)) {
$out .= "<th>" . _("View") . "</th>";
}
if (isset($admin)) {
$out .= "<th>" . _("admin.") . "</th>";
}
}
$out .= "</tr>\n</thead>\n";
$out .= "<tbody>\n";
$users = array();
$rr = 0;
#foreach ($lines as $line) {
$count = 0;
$showcount = (!empty($options['count']) and $options['count'] > 5) ? $options['count'] : 10;
$line = '';
$ok = 0;
$log .= "\n";
// hack
$ii = 0;
for (; !empty($line) or !empty($log); list($line, $log) = explode("\n", $log, 2)) {
if (!$state) {
if (!preg_match("/^---/", $line)) {
continue;
} else {
$state = 1;
continue;
}
}
if ($state == 1 and $ok == 1) {
if (!empty($options['action'])) {
$act = $options['action'];
} else {
$act = 'info';
}
$lnk = $formatter->link_to('?action=' . $act . '&rev=' . $rev, _("Show next revisions"), ' class="button small"');
$out .= '<tr><td colspan="2"></td><td colspan="' . (!empty($admin) ? 5 : 4) . '">' . $lnk . '</td></tr>';
break;
}
switch ($state) {
case 1:
$rr++;
preg_match("/^revision ([0-9a-f\\.]+)\\s*/", $line, $match);
$rev = $match[1];
if (isset($match[2]) and preg_match("/\\./", $match[2])) {
$state = 0;
break;
}
$state = 2;
break;
case 2:
$change = '';
$inf = preg_replace("/date:\\s([0-9\\/:\\s]+)(;\\s+author:.*;\\s+state:.*;)?/", "\\1", $line);
if (strstr($inf, 'lines:') !== FALSE) {
list($inf, $change) = explode('lines:', $inf, 2);
}
if (!empty($options['ago'])) {
if (preg_match('/^[0-9]+$/', $inf)) {
$rrev = '#' . $rr;
$ed_time = $inf;
$inf = gmdate("Y-m-d H:i:s", $ed_time + $tz_offset);
} else {
$ed_time = strtotime($inf . ' GMT');
}
$time_diff = (int) ($time_current - $ed_time) / 60;
if ($time_diff > 1440 * 31) {
$inf = gmdate("Y-m-d H:i:s", strtotime($inf . ' GMT') + $tz_offset);
} else {
if (($time_diff = $time_diff / 60) > 24) {
$day = (int) ($time_diff / 24);
if ($day == 1) {
$inf = _("Yesterday");
} else {
$inf = sprintf(_("%s days ago"), (int) ($time_diff / 24));
}
} else {
if ($time_diff > 1) {
$inf = sprintf(_("%s hours ago"), (int) $time_diff);
} else {
$inf = sprintf(_("%s min ago"), $time_diff % 60);
}
}
}
} else {
if (preg_match('/^[0-9]+$/', $inf)) {
$rrev = '#' . $rr;
$ed_time = $inf;
$inf = gmdate("Y-m-d H:i:s", $inf + $tz_offset);
} else {
if ($tz_offset != '') {
$inf = gmdate("Y-m-d H:i:s", strtotime($inf . ' GMT') + $tz_offset);
} else {
$inf = date("Y-m-d H:i:s", strtotime($inf));
}
// localtime
}
}
$inf = $formatter->link_to("?action=recall&rev={$rev}", $inf);
$change = preg_replace("/\\+(\\d+)\\s\\-(\\d+)/", "<span class='diff-added'><span>+\\1</span></span><span class='diff-removed'><span>-\\2</span></span>", $change);
$state = 3;
break;
case 3:
$dummy = explode(';;', $line, 3);
$ip = $dummy[0];
$realip = $lastip = $ip;
if (($p = strpos($ip, ',')) !== false) {
// IP addresses via proxies
$realip = substr($ip, 0, $p);
$tmp = explode(',', $ip);
$lastip = $ip = array_pop($tmp);
}
$user = trim($dummy[1]);
if (($p = strpos($user, ' ')) !== false) {
// XXX
$user = substr($user, 0, $p);
} else {
if (substr($user, 0, 9) == 'Anonymous') {
$user = '******';
}
}
if (!empty($DBInfo->use_avatar)) {
$crypted = crypt($ip, $ip);
$mylnk = preg_replace('/seed=/', 'seed=' . $crypted, $avatarlink);
$avatar = '<img src="' . $mylnk . '" style="width:16px;height:16px;vertical-align:middle" alt="avatar" />';
} else {
$avatar = '';
}
if ($user and $user != 'Anonymous') {
if (array_key_exists($user, $users)) {
$ip = $users[$user];
} else {
if (!empty($DBInfo->use_nick)) {
$u = $DBInfo->udb->getUser($user);
if (!empty($u->info['nick'])) {
if ($DBInfo->interwiki['User']) {
$ip = $formatter->link_repl('[wiki:User:'******' ' . $u->info['nick'] . ']');
} else {
if (!empty($u->info['home'])) {
$ip = $formatter->link_repl('[' . $u->info['home'] . ' ' . $u->info['nick'] . ']');
} else {
$ip = $formatter->link_repl('[wiki:' . $user . ' ' . $u->info['nick'] . ']');
}
}
}
$ip = $avatar . $ip;
$users[$user] = $ip;
} else {
if (strpos($user, ' ') !== false) {
$ip = $avatar . $formatter->link_repl($user);
$users[$user] = $ip;
} else {
if (empty($DBInfo->no_wikihomepage)) {
if (empty($DBInfo->use_hostname) or $DBInfo->hasPage($user)) {
$ip = $avatar . $formatter->link_tag($user);
} else {
$ip = $avatar . $user;
}
$users[$user] = $ip;
}
}
}
}
}
if (empty($users[$user])) {
$rip = $ip;
$u = $user;
if ($u == 'Anonymous') {
$u = $ip;
}
if (isset($DBInfo->interwiki['Whois'])) {
$wip = "<a href='" . $DBInfo->interwiki['Whois'] . "{$ip}' target='_blank'>{$ipicon}</a>";
} else {
$wip = "<a href='?action=whois&q=" . $ip . "' target='_blank'>{$ipicon}</a>";
}
if ($ismember) {
if (!empty($DBInfo->use_admin_user_url)) {
$u = '<a href="' . $DBInfo->use_admin_user_url . $u . '">' . $u . '</a>';
}
if (!in_array($user, $members)) {
$ip = $u . $wip;
} else {
$ip = $u;
}
} else {
if (empty($DBInfo->show_hosts)) {
$ip = $user;
} else {
if (!empty($DBInfo->mask_hostname)) {
if ($user == 'Anonymous') {
$ip = _mask_hostname($ip);
} else {
$ip = $user;
}
} else {
if (!empty($members) and in_array($u, $members)) {
$ip = $user;
} else {
if (!empty($avatar)) {
if ($user == 'Anonymous') {
$u = _($user);
}
$ip = $u;
} else {
$ip = $u . $wip;
}
}
}
}
}
$ip = $avatar . $ip;
if ($user != 'Anonymous') {
$users[$user] = $ip;
} else {
$users[$rip] = $ip;
}
}
$comment = !empty($dummy[2]) ? _stripslashes($dummy[2]) : '';
if ($realip != $lastip) {
$via = '<span class="via-proxy">' . $realip . '</span>';
$comment = isset($comment[0]) ? $via . ' ' . $comment : $via;
}
$state = 4;
break;
case 4:
if (!$rev) {
break;
}
$rowspan = 1;
if (!$simple and $comment) {
$rowspan = 2;
}
$rrev = !empty($rrev) ? $rrev : $formatter->link_to("?action=recall&rev={$rev}", $rev);
$alt = $ii++ % 2 == 0 ? ' class="alt"' : '';
$out .= "<tr{$alt}>\n";
$out .= "<th class='rev' valign='top' rowspan={$rowspan}>{$rrev}</th><td nowrap='nowrap' class='date'>{$inf}</td><td class='change'>{$change}</td><td class='author'>{$ip} </td>";
$rrev = '';
$achecked = "";
$bchecked = "";
if ($flag == 1) {
$achecked = "checked ";
} else {
if (!$flag) {
$bchecked = "checked ";
}
}
$onclick = "onclick='ToggleRev(this)'";
$out .= "<th nowrap='nowrap' class='check'><input type='radio' name='rev' value='{$rev}' {$achecked} {$onclick} />\n";
$out .= "<input type='radio' name='rev2' value='{$rev}' {$bchecked} {$onclick} /></th>";
if (!$simple) {
$out .= "<td nowrap='nowrap' class='view'>";
foreach ($actions as $k => $v) {
$k = is_numeric($k) ? $v : $k;
$out .= $formatter->link_to("?action={$k}&rev={$rev}", _($v), ' class="button-small"') . ' ';
}
if ($flag) {
if ($diff_action) {
$out .= " " . $formatter->link_to("?action=diff&rev={$rev}", $diff_action, ' class="button-small"');
}
$out .= "</td>";
if (isset($admin)) {
$out .= "<td><input type='checkbox' name='range[{$flag}]' value='{$rev}' /></td>";
}
} else {
$out .= "</td>";
if (isset($admin)) {
$out .= "<td><input type='image' src='{$DBInfo->imgs_dir}/smile/checkmark.png' onClick=\"ToggleAll('infoform');return false;\"/></td>";
}
}
}
$out .= "</tr>\n";
if (!$simple and $comment) {
$out .= "<tr class='log'><td colspan='" . (!empty($admin) ? 6 : 5) . "'><p>{$comment} </p></td></tr>\n";
}
$state = 1;
$flag++;
$count++;
if ((empty($options['all']) or $options['all'] != 1) and $count >= $showcount) {
$ok = 1;
}
break;
}
}
if (!$simple and !empty($admin)) {
$out .= "<tr><td colspan='" . (!empty($admin) ? 7 : 6) . "' align='right'><input type='checkbox' name='show' checked='checked' />" . _("show only") . ' ';
if ($DBInfo->security->is_protected("rcspurge", $options)) {
$out .= "<input type='password' name='passwd'>";
}
$out .= "<input type='submit' name='rcspurge' value='" . _("purge") . "'></td></tr>";
}
$out .= "<input type='hidden' name='action' value='diff'/>\n</tbody></table></div></form>\n";
$out .= "<script type='text/javascript' src='{$DBInfo->url_prefix}/local/checkbox.js'></script></div>\n";
return $out;
}
function do_bbs($formatter, $options = array())
{
global $DBInfo;
$err = '';
$args = array();
if ($options['mode'] == 'rss') {
#$formatter->send_header("Content-Type: text/xml",$options);
header("Content-Type: application/xml");
print macro_BBS($formatter, '', $options);
return;
}
# load a config file
$bname = $formatter->page->name;
$conf0 = array();
if (file_exists('config/bbs.' . $bname . '.php')) {
$confname = 'bbs.' . $bname . '.php';
$conf0 = _load_php_vars('config/bbs.default.php');
} else {
$confname = 'bbs.default.php';
}
$conf = _load_php_vars('config/' . $confname);
$conf = array_merge($conf0, $conf);
# check valid IP
$check_ip = true;
if ($conf['allowed_ip'] and in_array($options['mode'], array('edit', 'delete', 'new'))) {
include_once 'lib/checkip.php';
if (!check_ip($conf['allowed_ip'], $_SERVER['REMOTE_ADDR'])) {
$options['title'] = sprintf(_("Your IP address is not allowed to %s at this BBS"), $options["mode"]);
$check_ip = false;
}
}
$check_pass = false;
$MyBBS = macro_BBS($formatter, '', array('new' => 1));
if ($options['id'] != 'Anonymous' and $options['mode'] == 'edit' and $options['no']) {
$body = $MyBBS->getPage($options['no']);
if ($body != null) {
include_once 'lib/metadata.php';
list($metas, $dummy) = _get_metadata($body);
if ($metas['Name'] == $options['id']) {
# XXX
$check_pass = true;
}
}
}
# password check
while ($options['no'] and ($options['mode'] == 'delete' or $options['mode'] == 'edit') and $_SERVER['REQUEST_METHOD'] == "POST") {
# check admin(WikiMaster) password
if (!$check_pass) {
if ($DBInfo->admin_passwd) {
$check_pass = $DBInfo->admin_passwd == crypt($options['pass'], $DBInfo->admin_passwd);
} else {
$check_pass = false;
}
}
# check admin(BBSMaster) password
if (!$check_pass and $conf['admin_passwd']) {
$check_pass = $conf['admin_passwd'] == crypt($options['pass'], $conf['admin_passwd']);
}
while ($check_ip and $check_pass and $options['mode'] == 'delete') {
if (($p = strpos($options['no'], ' ')) !== false) {
$nids = explode(" ", $options['no']);
} else {
$nids = array($options['no']);
}
for ($i = 0, $sz = sizeof($nids); $i < $sz; $i++) {
if ($MyBBS->hasPage($nids[$i])) {
$MyBBS->deletePage($nids[$i]);
} else {
$MyBBS->deleteIndex($nids[$i]);
}
}
$query = $options['p'] ? '&p=' . $options['p'] : '';
$myrefresh = '';
if ($DBInfo->use_save_refresh) {
$sec = $DBInfo->use_save_refresh - 1;
$lnk = $formatter->link_url($formatter->page->urlname, '?' . ($query ? $query : 'action=show'));
$myrefresh = 'Refresh: ' . $sec . '; url=' . qualifiedURL($lnk);
}
$options['msg'] = _("Successfully deleted.");
$header = array("Expires: " . gmdate("D, d M Y H:i:s", 0) . " GMT");
if ($myrefresh) {
$header[] = $myrefresh;
}
$formatter->send_header($header, $options);
$formatter->send_title("", "", $options);
$formatter->send_footer("", $options);
return;
}
break;
}
while ($options['mode'] == 'comment' and $options['savetext'] and $_SERVER['REQUEST_METHOD'] == "POST") {
$query = 'no=' . $options['no'] . ($options['p'] ? '&p=' . $options['p'] : '');
$myrefresh = '';
if ($DBInfo->use_save_refresh) {
$sec = $DBInfo->use_save_refresh - 1;
$lnk = $formatter->link_url($formatter->page->urlname, '?' . $query);
$myrefresh = 'Refresh: ' . $sec . '; url=' . qualifiedURL($lnk);
}
$header = array("Expires: " . gmdate("D, d M Y H:i:s", 0) . " GMT");
if ($myrefresh) {
$header[] = $myrefresh;
}
$p = new WikiPage($options['page'] . ':' . $options['no'], $options);
$formatter->page = $p;
$options['page'] = $options['page'] . ':' . $options['no'];
$options['minor'] = 1;
# do not log
$formatter->send_header($header, $options);
$options['action_mode'] = 'ajax';
$options['call'] = 1;
$ret = $formatter->ajax_repl('comment', $options);
if ($ret == false) {
$options['msg'] = _("Fail to post comment.");
}
unset($options['action_mode']);
$formatter->send_title("", "", $options);
$formatter->send_footer("", $options);
return;
break;
}
if ($options['mode'] == 'delete') {
$msg = sprintf(_("The article %s will be deleted."), $options['no']);
$url = $formatter->link_url($formatter->page->urlname, '');
$header = array("Expires: " . gmdate("D, d M Y H:i:s", 0) . " GMT");
$formatter->send_header($header, $options);
$formatter->send_title("", "", $options);
print <<<EOF
<div class='deleteDialog'>
<form method='post' action='{$url}' >
<strong>{$msg}</strong>
<table border='0' width='20%'>
<tbody>
<tr><th>Password:</th><td><input type='password' style="width:200px" name='pass' /></td></tr>
</tbody>
</table>
<input type='hidden' name='no' value='{$options['no']}' />
<input type='hidden' name='p' value='{$options['p']}' />
<input type='hidden' name='action' value='bbs' />
<input type='hidden' name='mode' value='delete' />
</form>
</div>
EOF;
$formatter->send_footer("", $options);
return;
} else {
if ($options['mode'] == 'edit') {
$button_preview = $options['button_preview'];
while ($_SERVER['REQUEST_METHOD'] == "POST") {
$savetext = $options['savetext'];
$datestamp = $options['datestamp'];
$subject = $options['subject'];
# strip some tags from the subject
$subject = preg_replace("%</?(marquee|embed|object|script|form|frame|iframe|img|a|)[^>]*>%", '', $subject);
$args['subject'] = _stripslashes($subject);
if ($options['id'] == 'Anonymous') {
$name = $options['name'];
$name = strip_tags($name);
$pass = $options['pass'];
$home = $options['homepage'];
# check a homepage address
if (!empty($home)) {
if (!preg_match('/^((ftp|http|news):\\/\\/)[a-z0-9][a-z0-9_\\-]+\\.[a-z0-9\\-\\.]+.*/', $home)) {
$options['msg'] = _("Invalid HomePage address.");
break;
} else {
if (!eregi("^(ftp|http|news):\\/\\/", $home)) {
$home = "http://" . $home;
}
}
}
# check email address
$email = $options['email'];
$args['name'] = _stripslashes($name);
$args['pass'] = _stripslashes($pass);
$args['home'] = _stripslashes($home);
$args['email'] = _stripslashes($email);
if (!$name) {
$options['msg'] = _("No Name error.");
break;
}
} else {
$args['name'] = $options['id'];
}
$args['no'] = $options['no'] ? $options['no'] : 0;
if ($options['no'] and !$check_pass) {
break;
}
# edit mode
if (!$check_ip) {
break;
}
# not allowed IPs
if (!$args['subject'] or !$savetext) {
$options['msg'] = _("No Subject error.");
break;
}
if ($button_preview) {
break;
}
$savetext = preg_replace("/\r\n|\r/", "\n", $savetext);
if ($savetext and $DBInfo->spam_filter) {
$text = $savetext;
$fts = preg_split('/(\\||,)/', $DBInfo->spam_filter);
foreach ($fts as $ft) {
$text = $formatter->filter_repl($ft, $text, $options);
}
if ($text != $savetext) {
$options['msg'] = _("Sorry, can not save page because some messages are blocked in this wiki.");
break;
}
}
$savetext = rtrim($savetext) . "\n";
$args['text'] = _stripslashes($savetext);
$MyBBS = macro_BBS($formatter, '', array('new' => 1));
$myrefresh = '';
if ($DBInfo->use_save_refresh) {
$sec = $DBInfo->use_save_refresh - 1;
$lnk = $formatter->link_url($formatter->page->urlname, "?action=show");
$myrefresh = 'Refresh: ' . $sec . '; url=' . qualifiedURL($lnk);
}
$header = array("Expires: " . gmdate("D, d M Y H:i:s", 0) . " GMT");
$options['msg'] = _("New post added successfully");
if ($myrefresh) {
$header[] = $myrefresh;
}
$formatter->send_header($header, $options);
$formatter->send_title("", "", $options);
if ($MyBBS->use_attach) {
# XXX
$args['call'] = 1;
$lists = array();
$lists = $formatter->macro_repl('Attachments', '', $args);
unset($args['call']);
if (!empty($lists)) {
$args['attach'] = $lists;
}
}
$MyBBS->savePage($args);
$formatter->send_footer("", $options);
return;
}
#print _bbs_edit_form();
#print macro_BBSForm($formatter);
$formatter->send_header("", $options);
$formatter->send_title("", "", $options);
if ($options['savetext']) {
$formatter->_raw_body = $options['savetext'];
if ($options['no']) {
$hidden = "<input type='hidden' name='no' value='{$options['no']}' />\n" . "<input type='hidden' name='p' value='{$options['p']}' />";
}
} else {
if ($options['no']) {
$MyBBS = macro_BBS($formatter, '', array('new' => 1));
$nid = $options['no'];
if ($nid and $MyBBS->hasPage($nid)) {
$fields = array('Name', 'Subject', 'Date', 'Email', 'HomePage', 'IP', 'Keywords');
include_once 'lib/metadata.php';
$body = $MyBBS->getPage($nid);
$boundary = strtoupper(md5("COMMENT"));
# XXX
list($body, $comments) = explode('----' . $boundary . "\n", $body, 2);
# XXX
if ($body != null) {
list($metas, $nbody) = _get_metadata($body);
if ($nbody) {
$body = $nbody;
}
$args['name'] = $metas['Name'];
$args['subject'] = $metas['Subject'];
$args['home'] = $metas['HomePage'];
$args['email'] = $metas['Email'];
$args['text'] = $body;
$formatter->_raw_body = $body;
$hidden = "<input type='hidden' name='no' value='{$nid}' />\n" . "<input type='hidden' name='p' value='{$options['p']}' />";
}
}
} else {
$formatter->_raw_body = "";
}
}
if ($options['id'] == 'Anonymous') {
$formatter->_extra_form = <<<EOF
<div>
<table border='0' width='100%'>
<col width='10%' /><col width='10%' /><col width='10%' /><col width='70%' />
<tbody>
<tr><th>Subject:</th><td colspan='3'><input type='text' style="width:80%" name='subject' value='{$args['subject']}' /></td></tr>
<tr><th>Name:</th><td><input type='text' name='name' value='{$args['name']}' /></td>
<th>Password:</th><td><input type='password' name='pass' /></td></tr>
<tr><th>Email:</th><td colspan='3'><input type='text' style="width:50%" name='email' value='{$args['email']}' /></td></tr>
<tr><th>HomePage:</th><td colspan='3'><input type='text'style="width:50%" name='homepage' value='{$args['home']}' /></td></tr>
</tbody>
</table>
{$hidden}
</div>
EOF;
} else {
if (!$check_pass and !empty($options['no']) and $options['mode'] == 'edit') {
$pass_form = "<tr><th>Password:</th><td><input type='password' name='pass' /></td></tr>";
}
$formatter->_extra_form = <<<EOF
<div>
<table border='0' width='100%'>
<col width='20%' /><col width='80%' />
<tbody>
<tr><th>Subject:</th><td><input type='text' style="width:80%" name='subject' value='{$args['subject']}' /></td></tr>
{$pass_form}
</tbody>
</table>
{$hidden}
</div>
EOF;
}
$formatter->_mtime = 0;
$options['simple'] = 2;
$options['nocategories'] = 1;
$options['minor'] = 1;
# do not show a minor checkbox
print macro_EditText($formatter, $value, $options);
$formatter->_raw_body = null;
$formatter->_extra_form = null;
} else {
$formatter->send_header("", $options);
$formatter->send_title("", "", $options);
print macro_BBS($formatter, 'no=' . $options['no']);
}
}
$formatter->send_footer("", $options);
return;
}
function _getFormConfig($config, $mode = 0)
{
$conf = array();
while (list($key, $val) = each($config)) {
$val = _stripslashes($val);
$val = str_replace(array("\r\n", "\r"), array("\n", "\n"), $val);
if (!isset($val)) {
$val = "''";
}
if (!$mode) {
@eval("\$dum={$val};");
@eval("\${$key}={$val};");
$conf[$key] = $dum;
} else {
$conf[$key] = $val;
}
#print("$mode:\$$key=$val;<br/>");
}
return $conf;
}
function WikiUser($id = "")
{
global $Config;
if (!empty($Config['cookie_expires'])) {
$this->cookie_expires = $Config['cookie_expires'];
}
if ($id && $id != 'Anonymous') {
$this->setID($id);
return;
}
$id = '';
if (isset($_COOKIE['MONI_ID'])) {
$this->ticket = substr($_COOKIE['MONI_ID'], 0, 32);
$id = urldecode(substr($_COOKIE['MONI_ID'], 33));
}
$ret = $this->setID($id);
if ($ret) {
$this->getGroup();
}
$this->css = isset($_COOKIE['MONI_CSS']) ? $_COOKIE['MONI_CSS'] : '';
$this->theme = isset($_COOKIE['MONI_THEME']) ? $_COOKIE['MONI_THEME'] : '';
$this->bookmark = isset($_COOKIE['MONI_BOOKMARK']) ? $_COOKIE['MONI_BOOKMARK'] : '';
$this->trail = isset($_COOKIE['MONI_TRAIL']) ? _stripslashes($_COOKIE['MONI_TRAIL']) : '';
$this->tz_offset = isset($_COOKIE['MONI_TZ']) ? _stripslashes($_COOKIE['MONI_TZ']) : '';
$this->nick = isset($_COOKIE['MONI_NICK']) ? _stripslashes($_COOKIE['MONI_NICK']) : '';
$this->verified_email = isset($_COOKIE['MONI_VERIFIED_EMAIL']) ? _stripslashes($_COOKIE['MONI_VERIFIED_EMAIL']) : '';
if ($this->tz_offset == '') {
$this->tz_offset = date('Z');
}
}
function do_rss_rc($formatter, $options)
{
global $DBInfo, $Config;
// get members to hide log
$members = $DBInfo->members;
$days = !empty($DBInfo->rc_days) ? $DBInfo->rc_days : RSS_DEFAULT_DAYS;
$options['quick'] = 1;
if (!empty($options['c'])) {
$options['items'] = $options['c'];
}
$lines = $DBInfo->editlog_raw_lines($days, $options);
if (!empty($DBInfo->rss_rc_options)) {
$opts = $DBInfo->rss_rc_options;
$opts = explode(',', $opts);
foreach ($opts as $opt) {
$options[$opt] = 1;
// FIXME
}
}
// HTTP conditional get
$mtime = $DBInfo->mtime();
$lastmod = gmdate('D, d M Y H:i:s \\G\\M\\T', $mtime);
$cache_ttl = !empty($DBInfo->rss_rc_ttl) ? $DBInfo->rss_rc_ttl : 60;
/* 60 seconds */
// make etag based on some options and mtime.
$check_opts = array('quick', 'items', 'oe', 'diffs', 'raw', 'nomsg', 'summary');
$check = array();
foreach ($check_opts as $c) {
if (isset($options[$c])) {
$check[$c] = $options[$c];
}
}
$etag = md5($mtime . $DBInfo->logo_img . serialize($check) . $cache_ttl . $options['id']);
$headers = array();
$headers[] = 'Pragma: cache';
$maxage = $cache_ttl;
$public = 'public';
if ($options['id'] != 'Anonymous') {
$public = 'private';
}
$headers[] = 'Cache-Control: ' . $public . ', max-age=' . $maxage;
$headers[] = 'Last-Modified: ' . $lastmod;
$headers[] = 'ETag: "' . $etag . '"';
$need = http_need_cond_request($mtime, $lastmod, $etag);
if (!$need) {
$headers[] = 'HTTP/1.0 304 Not Modified';
}
foreach ($headers as $h) {
header($h);
}
if (!$need) {
@ob_end_clean();
return;
}
$cache = new Cache_Text('rss_rc');
$cache_delay = min($cache_ttl, 30);
$mtime = $cache->mtime($etag);
$val = false;
if (empty($formatter->refresh)) {
if (($val = $cache->fetch($etag)) !== false and $DBInfo->checkUpdated($mtime, $cache_delay)) {
header("Content-Type: text/xml");
echo $val;
return;
}
}
// need to update cache
if ($val !== false and $cache->exists($etag . '.lock')) {
header("Content-Type: text/xml");
echo $val . '<!-- cached at ' . date('Y-m-d H:i:s', $mtime) . ' -->';
return;
}
if ($cache->exists($etag . '.lock')) {
header("Content-Type: text/xml");
echo '';
return;
}
$cache->update($etag . '.lock', array('lock'), 5);
// 5s lock
$time_current = time();
# $secs_per_day= 60*60*24;
# $days_to_show= 30;
# $time_cutoff= $time_current - ($days_to_show * $secs_per_day);
$URL = qualifiedURL($formatter->prefix);
$img_url = qualifiedURL($DBInfo->logo_img);
$url = qualifiedUrl($formatter->link_url("RecentChanges"));
$channel = <<<CHANNEL
<channel rdf:about="{$URL}">
<title>{$DBInfo->sitename}</title>
<link>{$url}</link>
<description>RecentChanges at {$DBInfo->sitename}</description>
<image rdf:resource="{$img_url}"></image>
<items>
<rdf:Seq>
CHANNEL;
$items = "";
$ratchet_day = FALSE;
if (!$lines) {
$lines = array();
}
foreach ($lines as $line) {
$parts = explode("\t", $line);
$page_name = $DBInfo->keyToPagename($parts[0]);
// hide log
if (!empty($members) && !in_array($options['id'], $members) && !empty($Config['ruleset']['hidelog'])) {
if (in_array($page_name, $Config['ruleset']['hidelog'])) {
continue;
}
}
$addr = $parts[1];
$ed_time = $parts[2];
$user = $parts[4];
$log = _stripslashes($parts[5]);
$act = rtrim($parts[6]);
# if ($ed_time < $time_cutoff)
# break;
$url = qualifiedUrl($formatter->link_url(_rawurlencode($page_name)));
$diff_url = qualifiedUrl($formatter->link_url(_rawurlencode($page_name), '?action=diff'));
$extra = "<br /><a href='{$diff_url}'>" . _("show changes") . "</a>\n";
if (!$DBInfo->hasPage($page_name)) {
$status = 'deleted';
$html = '<![CDATA[' . "<a href='{$url}'>" . $page_name . "</a> is deleted" . ']]>' . "\n";
} else {
$status = 'updated';
if (!empty($options['diffs'])) {
$p = new WikiPage($page_name);
$f = new Formatter($p);
$options['raw'] = 1;
$options['nomsg'] = 1;
$html = $f->macro_repl('Diff', '', $options);
if (!$html) {
ob_start();
$f->send_page('', array('fixpath' => 1));
#$f->send_page('');
$html = ob_get_contents();
ob_end_clean();
$extra = '';
}
$html = str_replace(']', ']', $html);
$html = "<![CDATA[" . $html . $extra . "]]>";
#$html=strtr($html.$extra,array('&'=>'&','<'=>'<'));
} else {
if (!empty($options['summary'])) {
$p = new WikiPage($page_name);
$f = new Formatter($p);
$f->section_edit = 0;
$f->sister_on = 0;
$f->perma_icon = '';
$options['nomsg'] = 1;
$b = $p->_get_raw_body();
$chunks = preg_split('/\\n#{4,}/', $b);
# summary breaker is ####
ob_start();
if ($chunks) {
$f->send_page($chunks[0], array('fixpath' => 1));
} else {
$f->send_page('', array('fixpath' => 1));
}
#$f->send_page('');
$html = ob_get_contents();
ob_end_clean();
$chunks = preg_split('/<!-- break -->/', $html);
# <!-- break -->
if ($chunks[0]) {
$html = $chunks[0];
}
$html = str_replace(']', ']', $html);
$html = "<![CDATA[" . $html . "]]>";
} else {
$html = str_replace('&', '&', $log);
}
}
}
$zone = "+00:00";
$date = gmdate("Y-m-d\\TH:i:s", $ed_time) . $zone;
#$datetag = gmdate("YmdHis",$ed_time);
$channel .= "<rdf:li rdf:resource=\"{$url}\"></rdf:li>\n";
$valid_page_name = preg_replace('/&(?!#?\\w+;)/', '&', _html_escape($page_name));
$items .= "<item rdf:about=\"{$url}\">\n";
$items .= " <title>{$valid_page_name}</title>\n";
$items .= " <link>{$url}</link>\n";
$items .= " <description>{$html}</description>\n";
$items .= " <dc:date>{$date}</dc:date>\n";
$items .= "<dc:creator>{$user}</dc:creator>\n";
$items .= "<dc:contributor>{$user}</dc:contributor>\n";
# $items.=" <dc:contributor>\n <rdf:Description>\n"
# ." <rdf:value>$user</rdf:value>\n"
# ." </rdf:Description>\n </dc:contributor>\n";
$items .= " <wiki:status>{$status}</wiki:status>\n";
$items .= " <wiki:diff>{$diff_url}</wiki:diff>\n";
$items .= "</item>\n";
}
$url = qualifiedUrl($formatter->link_url($DBInfo->frontpage));
$channel .= <<<FOOT
</rdf:Seq>
</items>
</channel>
<image rdf:about="{$img_url}">
<title>{$DBInfo->sitename}</title>
<link>{$url}</link>
<url>{$img_url}</url>
</image>
FOOT;
$url = qualifiedUrl($formatter->link_url("FindPage"));
$form = <<<FORM
<textinput>
<title>Search</title>
<link>{$url}</link>
<name>goto</name>
</textinput>
FORM;
$new = "";
if (!empty($options['oe']) and strtolower($options['oe']) != $DBInfo->charset) {
$charset = $options['oe'];
if (function_exists('iconv')) {
$out = $head . $channel . $items . $form;
$new = iconv($DBInfo->charset, $charset, $out);
if (!$new) {
$charset = $DBInfo->charset;
}
}
} else {
$charset = $DBInfo->charset;
}
$head = <<<HEAD
<?xml version="1.0" encoding="{$charset}"?>
<?xml-stylesheet href="{$DBInfo->url_prefix}/css/_feed.css" type="text/css"?>
<rdf:RDF xmlns="http://purl.org/rss/1.0/"
\txmlns:wiki="http://purl.org/rss/1.0/modules/wiki/"
\txmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
\txmlns:xlink="http://www.w3.org/1999/xlink"
\txmlns:dc="http://purl.org/dc/elements/1.1/">
<!--
Add "diffs=1" to add change diffs to the description of each items.
Add "summary=1" to add summary to the description of each items.
Add "oe=utf-8" to convert the charset of this rss to UTF-8.
-->
HEAD;
header("Content-Type: text/xml");
if ($new) {
$out = $head . $new;
} else {
$out = $head . $channel . $items . $form;
}
$out .= "</rdf:RDF>\n";
echo $out;
$cache->update($etag, $out);
$cache->remove($etag . '.lock');
}
/**
* @return mixed
* @param string $sql
* @desc run custom SQL query
*/
function query($sql)
{
//execute and save time for debug
$start_time = getmicrotime();
$res = mysql_query($sql);
$GLOBALS['SQLS'][] = array('sql' => $sql, 'time' => getmicrotime() - $start_time);
//
if (!$res) {
//error MYSQL ERROR
$this->__logging($sql);
$this->error = array('message' => mysql_error());
return false;
}
$sql_type = strtolower(substr(trim($sql), 0, 5));
if ($sql_type == 'inser') {
$return = mysql_insert_id();
}
if ($sql_type == 'selec' || $sql_type == 'show ') {
//fetch result
while ($row = mysql_fetch_array($res, MYSQL_ASSOC)) {
$return[] = _stripslashes($row);
}
if (sizeof($return) == 0) {
$return = false;
}
//
mysql_free_result($res);
}
return isset($return) ? $return : true;
}
function do_comment($formatter, $options = array())
{
global $DBInfo;
if (!$DBInfo->security->writable($options)) {
$formatter->preview = 1;
$options['title'] = _("Page is not writable");
return do_invalid($formatter, $options);
} else {
if (!$DBInfo->hasPage($options['page'])) {
$options['err'] = _("You are not allowed to add a comment.");
$options['title'] = _("Page does not exists");
return do_invalid($formatter, $options);
}
}
if (!empty($options['usemeta'])) {
$use_meta = 1;
}
$cols = get_textarea_cols();
$rows = (!empty($options['rows']) and $options['rows'] > 5) ? $options['rows'] : 8;
$cols = (!empty($options['cols']) and $options['cols'] > 60) ? $options['cols'] : $cols;
$url = $formatter->link_url($formatter->page->urlname);
$button_preview = !empty($options['button_preview']) ? $options['button_preview'] : 0;
$use_any = 0;
if (!empty($DBInfo->use_textbrowsers)) {
if (is_string($DBInfo->use_textbrowsers)) {
$use_any = preg_match('/' . $DBInfo->use_textbrowsers . '/', $_SERVER['HTTP_USER_AGENT']) ? 1 : 0;
} else {
$use_any = preg_match('/Lynx|w3m|links/', $_SERVER['HTTP_USER_AGENT']) ? 1 : 0;
}
}
$ok_ticket = 0;
if (empty($use_any) and !empty($DBInfo->use_ticket) and $options['id'] == 'Anonymous') {
if ($options['__seed'] and $options['check']) {
$mycheck = getTicket($options['__seed'], $_SERVER['REMOTE_ADDR'], 4);
if ($mycheck == $options['check']) {
$ok_ticket = 1;
} else {
$options['msg'] = _("Invalid ticket !");
$button_preview = 1;
}
} else {
if (!$button_preview) {
$options['msg'] = _("You need a ticket !");
}
$button_preview = 1;
}
} else {
$ok_ticket = 1;
}
if ($options['savetext']) {
$savetext = _stripslashes($options['savetext']);
$savetext = str_replace("\r", "", $savetext);
$savetext = rtrim($savetext);
#$savetext=str_replace("<","<",$savetext);
}
if (!empty($savetext) and empty($button_preview) and !empty($DBInfo->spam_filter)) {
$text = $savetext;
$fts = preg_split('/(\\||,)/', $DBInfo->spam_filter);
foreach ($fts as $ft) {
$text = $formatter->filter_repl($ft, $text, $options);
}
if ($text != $savetext) {
$button_preview = 1;
$options['msg'] = _("Sorry, can not save page because some messages are blocked in this wiki.");
}
}
if (!empty($button_preview) && !empty($options['savetext'])) {
if (empty($options['action_mode']) or $options['action_mode'] != 'ajax') {
$formatter->send_header("", $options);
$formatter->send_title(_("Preview comment"), "", $options);
$formatter->send_page($savetext . "\n----");
$options['savetext'] = $savetext;
print macro_Comment($formatter, '', $options);
print $formatter->macro_repl('EditHints');
$formatter->send_footer("", $options);
}
return false;
} else {
if (empty($savetext)) {
if (empty($options['action_mode']) or $options['action_mode'] != 'ajax') {
$formatter->send_header("", $options);
$formatter->send_title(_("Add comment"), "", $options);
print macro_Comment($formatter, '', $options);
print $formatter->macro_repl('EditHints');
$formatter->send_footer("", $options);
}
return false;
}
}
$datestamp = $options['datestamp'];
if ($formatter->page->mtime() > $datestamp) {
$options['msg'] = '';
if (empty($options['action_mode']) or $options['action_mode'] != 'ajax') {
$formatter->send_header('', $options);
$formatter->send_title(_("Error: Don't make a clone!"), '', $options);
$formatter->send_footer('', $options);
}
return false;
}
$body = $formatter->page->get_raw_body();
if ($options['id'] == 'Anonymous') {
$id = $options['name'] ? _stripslashes($options['name']) : $_SERVER['REMOTE_ADDR'];
} else {
$id = $options['id'];
}
if (!empty($use_meta)) {
$date = gmdate('Y-m-d H:i:s') . ' GMT';
$savetext = rtrim($savetext) . "\n";
$boundary = strtoupper(md5("COMMENT"));
# XXX
$idx = 1;
if (preg_match_all('/-{4}(?:' . $boundary . ')?\\nComment-Id:\\s*(\\d+)\\n/m', $body, $m)) {
$idx = $m[1][sizeof($m[1]) - 1] + 1;
}
if ($options['id'] != 'Anonymous') {
$id = '@USERNAME@';
}
$meta = <<<META
Comment-Id: {$idx}
From: {$id}
Date: {$date}
META;
$savetext = "----" . $boundary . "\n{$meta}\n\n{$savetext}\n";
} else {
if (!empty($options['nosig'])) {
$savetext = "----\n{$savetext}\n";
} else {
if ($options['id'] == 'Anonymous') {
$savetext = "----\n{$savetext} -- {$id} @DATE@\n";
} else {
$savetext = "----\n{$savetext} @SIG@\n";
}
}
}
while ($options['comment_id']) {
list($nth, $dum, $v) = explode(',', base64_decode($options['comment_id']), 3);
if ($v) {
$check = '[[' . $dum . '(' . $v . ')]]';
} else {
$check = '[[' . $dum . ']]';
}
if ($v) {
$check2 = '<<' . $dum . '(' . $v . ')>>';
} else {
$check2 = '<<' . $dum . '>>';
}
if (is_numeric($nth)) {
$raw = str_replace("\n", "", $body);
$chunk = preg_split("/({{{.+}}})/U", $raw, -1, PREG_SPLIT_DELIM_CAPTURE);
// FIXME
$nc = '';
$k = 1;
$i = 1;
foreach ($chunk as $c) {
if ($k % 2) {
$nc .= $c;
} else {
$nc .= "" . $i . "";
$blocks[$i] = str_replace("", "\n", $c);
++$i;
}
$k++;
}
$nc = str_replace("", "\n", $nc);
if (preg_match_all('/(?!\\!)(?:\\<\\<|\\[\\[)Comment(?:.*?)(?:\\]\\]|>>)/', $nc, $m)) {
if (count($m[0]) == 1) {
break;
}
}
$chunk = preg_split('/((?!\\!)(?:\\<\\<|\\[\\[).+(?:\\]\\]|>>))/U', $nc, -1, PREG_SPLIT_DELIM_CAPTURE);
$nnc = '';
$ii = 1;
$matched = 0;
for ($j = 0, $sz = sizeof($chunk); $j < $sz; ++$j) {
if (($j + 1) % 2) {
$nnc .= $chunk[$j];
} else {
if ($nth == $ii) {
$new = $savetext . $chunk[$j];
if ($check != $chunk[$j] and $check2 != $chunk[$j]) {
break;
}
$nnc .= $new;
$matched = 1;
} else {
$nnc .= $chunk[$j];
}
++$ii;
}
}
if (!empty($blocks)) {
$formatter->_array_callback($blocks, true);
$nnc = preg_replace_callback("/(\\d+)/", array(&$formatter, '_array_callback'), $nnc);
}
}
if (!empty($matched)) {
$body = $nnc;
}
break;
}
if (empty($matched)) {
if ($options['comment_id'] and preg_match("/^((?:\\[\\[|\\<\\<)Comment\\(" . $options['comment_id'] . "\\)(?:\\]\\]|>>))/m", $body, $m)) {
$str = $m[1];
$body = preg_replace('/' . preg_quote($str) . '/', $savetext . $str, $body, 1);
} else {
if (preg_match("/\n##Comment\n/i", $body)) {
$body = preg_replace("/\n##Comment\n/i", "\n##Comment\n{$savetext}", $body, 1);
} else {
if (preg_match("/^((\\[\\[|\\<\\<)Comment(\\([^\\)]*\\))?(\\]\\]|>>)/m", $body)) {
$body = preg_replace("/^((\\[\\[|\\<\\<)Comment(\\([^\\)]*\\))?(\\]\\]|>>))/m", $savetext . "\\1", $body, 1);
} else {
$body .= $savetext;
}
}
}
}
$formatter->page->write($body);
$DBInfo->savePage($formatter->page, "Comment added", $options);
if ($options['action_mode'] == 'ajax') {
return true;
}
$options['msg'] = sprintf(_("%s is commented successfully"), $formatter->link_tag($formatter->page->urlname, "?action=show", $options['page']));
$title = _("Comment added successfully");
$myrefresh = '';
if ($DBInfo->use_save_refresh) {
$sec = $DBInfo->use_save_refresh - 1;
$lnk = $formatter->link_url($formatter->page->urlname, "?action=show");
$myrefresh = 'Refresh: ' . $sec . '; url=' . qualifiedURL($lnk);
}
$formatter->send_header($myrefresh, $options);
$formatter->send_title($title, '', $options);
$opt['pagelinks'] = 1;
# re-generates pagelinks
$formatter->send_page('', $opt);
$formatter->send_footer('', $options);
return;
}
// COMPRESS OUTPUT IF INSTRUCTED
//
if ($_config['compress_output'] && $_system['gzip']) {
ob_start('ob_gzhandler');
}
//
// STRIP SLASHES FROM GPC IF NECESSARY
//
if ($_system['stripslashes']) {
function _stripslashes($value)
{
return is_array($value) ? array_map('_stripslashes', $value) : (is_string($value) ? stripslashes($value) : $value);
}
$_GET = _stripslashes($_GET);
$_POST = _stripslashes($_POST);
$_COOKIE = _stripslashes($_COOKIE);
}
//
// FIGURE OUT WHAT TO DO (POST URL-form submit, GET form request, regular request, basic auth, cookie manager, show URL-form)
//
if (isset($_POST[$_config['url_var_name']]) && !isset($_GET[$_config['url_var_name']])) {
header('Location: ' . $_script_url . '?' . $_config['url_var_name'] . '=' . encode_url($_POST[$_config['url_var_name']]) . '&' . $_config['flags_var_name'] . '=' . base_convert($_iflags, 2, 16));
exit(0);
}
if (isset($_GET[$_config['get_form_name']])) {
$_url = decode_url($_GET[$_config['get_form_name']]);
$qstr = strpos($_url, '?') !== false ? strpos($_url, '?') === strlen($_url) - 1 ? '' : '&' : '?';
$arr = explode('&', $_SERVER['QUERY_STRING']);
if (preg_match('#^\\Q' . $_config['get_form_name'] . '\\E#', $arr[0])) {
array_shift($arr);
}
function do_merge($formatter, $params = array())
{
global $DBInfo;
if ($_SERVER['REQUEST_METHOD'] == 'POST' && !$DBInfo->security->writable($params)) {
$params['title'] = _("Page is not writable");
return do_invalid($formatter, $params);
}
// check full permission to edit
$full_permission = true;
if (!empty($DBInfo->no_full_edit_permission) or $params['id'] == 'Anonymous' && !empty($DBInfo->anonymous_no_full_edit_permission)) {
$full_permission = false;
}
// members always have full permission to edit
if (in_array($params['id'], $DBInfo->members)) {
$full_permission = true;
}
$is_new = !$formatter->page->exists();
if (!$is_new and !$full_permission) {
$formatter->send_header('', $params);
$title = _("You do not have full permission to merge this page.");
$formatter->send_title($title, '', $params);
$formatter->send_footer('', $params);
return;
}
$pagename = isset($params['name'][0]) ? $params['name'] : '';
$formatter->send_header('', $params);
$force = 1;
if (isset($_POST['name'][0]) and $DBInfo->hasPage($_POST['name'])) {
$force = 0;
if ($_POST['force']) {
$force = 1;
}
}
// validate rev
if (!empty($params['rev'])) {
$info = $formatter->page->get_info($params['rev']);
if (empty($info[0])) {
unset($params['rev']);
if (!empty($_POST['rev'])) {
unset($_POST['rev']);
}
}
}
if (!empty($_POST['rev']) and isset($_POST['name'][0]) and $pagename !== $formatter->page->name and $DBInfo->hasPage($pagename)) {
if (!empty($DBInfo->version_class)) {
$REMOTE_ADDR = $_SERVER['REMOTE_ADDR'];
$user =& $DBInfo->user;
$comment = _stripslashes($params['comment']);
$tag = '{MERGE}';
if (!empty($comment)) {
$comment = $tag . ': ' . $comment . ': ';
} else {
$comment = $tag . ': ';
}
$log = $REMOTE_ADDR . ';;' . $user->id . ';;' . $comment;
$version = $DBInfo->lazyLoad('version', $DBInfo);
if (!method_exists($version, 'merge')) {
// check merge method
$formatter->send_title(_("No merge method available."), '', $params);
$formatter->send_footer('', $params);
return;
}
$params['log'] = $log;
$ret = array();
$params['retval'] =& $ret;
// merge RCS revisions
$merged = $version->merge($pagename, $formatter->page->name, $params);
if (!$force) {
$fname = tempnam($DBInfo->vartmp_dir, 'MERGED');
$fp = fopen($fname . ',v', 'w');
if (is_resource($fp)) {
fwrite($fp, $merged);
fclose($fp);
}
// parse rlog
require_once dirname(__FILE__) . '/Info.php';
$out = $version->rlog($fname . ',v', '');
$params['simple'] = true;
$info = _parse_rlog($formatter, $out, $params);
@unlink($fname);
@unlink($fname . ',v');
} else {
if ($merged !== false) {
// $params['retval']['comment'] has merged versions information
$log = $comment . $params['retval']['comment'];
$DBInfo->addLogEntry($pagename, $REMOTE_ADDR, $log, 'MERGE');
$indexer = $DBInfo->lazyLoad('titleindexer');
if ($is_new) {
$indexer->addPage($pagename);
} else {
$indexer->update($pagename);
}
$info = '';
}
}
} else {
$formatter->send_title(_("No version control available."), '', $params);
$formatter->send_footer('', $params);
return;
}
$params['.title'] = _("Merge result.");
$formatter->send_title(sprintf(_("%s is successfully merged."), $formatter->page->name), '', $params);
if (!$force) {
echo '<h3>' . _("This is a testing merge. Please confirm force option to merge it.") . '</h3>';
}
echo $info;
$formatter->send_footer('', $params);
return;
} else {
if (!isset($params['name'][0]) || !$DBInfo->hasPage($params['name'])) {
$title = _("Please select the original page to merge.");
} else {
if (empty($params['rev'])) {
$title = _("Please select the revision to merge from.");
} else {
if ($DBInfo->hasPage($formatter->page->name)) {
$title = _("Are you really want to merge this page ?");
}
}
}
$params['.title'] = _("Merge Page history.");
$formatter->send_title($title, '', $params);
}
$pname = _html_escape($pagename);
$lab = _("Summary");
$rev = !empty($params['rev']) ? _html_escape($params['rev']) : '';
if (!empty($rev) && isset($pagename[0]) && $DBInfo->hasPage($pagename)) {
$extra = '<input type="checkbox" name="force" />' . _("Force overwrite") . '<br />';
$placeholder = sprintf(_("Merge [[%s]] with [[%s]] from r%s: "), $pname, _html_escape($formatter->page->name), $rev);
echo "<form method='post'>\n{$lab}: <input name='comment' size='80' value='{$comment}' placeholder='{$placeholder}' /><br />\n";
$btn = sprintf(_("Merge [[%s]] to [[%s]]:"), _html_escape($formatter->page->name), $pname);
$msg = sprintf(_("Only WikiMaster can %s this page"), _("merge"));
if ($DBInfo->security->is_protected("merge", $params)) {
echo _("Password") . ": <input type='password' name='passwd' size='20' value='' />\n{$msg}<br />\n";
}
echo <<<FORM
<input type='hidden' name='name' value='{$pname}' />
<input type='hidden' name='action' value='merge' />
<input type='hidden' name='rev' value='{$rev}' />
<input type='submit' value='{$btn}' />{$extra}
</form>
FORM;
} else {
$btn = _("Select Page to Merge");
echo <<<FORM
<form method='get'>
<input name='name' value='{$pname}' />
<input type='hidden' name='action' value='merge' />
<input type='submit' value='{$btn}' />{$extra}
</form>
FORM;
}
if (isset($pagename[0]) && $pagename !== $formatter->page->name && $DBInfo->hasPage($pagename)) {
echo macro_Merge($formatter, $pagename, $params);
}
$formatter->send_footer('', $params);
return;
}
function do_ImportTable($formatter, $params = array())
{
global $DBInfo;
global $HTTP_USER_AGENT;
$COLS_MSIE = 80;
$COLS_OTHER = 85;
$cols = preg_match('/MSIE/', $HTTP_USER_AGENT) ? $COLS_MSIE : $COLS_OTHER;
$rows = $params['rows'] > 5 ? $params['rows'] : 8;
$cols = $params['cols'] > 60 ? $params['cols'] : $cols;
$url = $formatter->link_url($formatter->page->urlname);
if (!empty($params['tablecontent']) || $params['editor']) {
$tabletext = trim(_stripslashes($params['tablecontent']));
$editor = trim(_stripslashes($params['editor']));
$tabletext = !empty($tabletext) ? $tabletext : $editor;
$tabletext = str_replace("\r", '', $tabletext);
$lines = explode("\n", $tabletext);
// check tab mode
$tabmode = false;
if (strpos($tabletext, '<table ') !== false) {
$tabmode = false;
$tabletext = strtr($tabletext, "\t", ' ');
}
if (strpos($tabletext, "\t") !== false) {
$tabmode = true;
} else {
// preserve table attributes
$tabletext = preg_replace('/(<)([\\:\\(\\)\\|\\-_\\^v]|width|bgcolor|' . 'colspan|rowspan|#|' . 'table(?:width|style|border|bgcolor)|style|rowbgcolor)/', "\\2", $tabletext);
// remove some tags
$tabletext = strip_tags($tabletext, '<table><td><th><tr><br><img><hr><a><b><i><sub><sup><del><tt><u><strong>');
// convert basic wiki tags
$tabletext = str_ireplace(array('<b>', '</b>', '<i>', '</i>', '<strong>', '</strong>', '<sub>', '</sub>', '<sup>', '</sup>', '<del>', '</del>', '<hr>'), array("'''", "'''", "''", "''", "'''", "'''", ',,', ',,', '^^', '^^', '~~', '~~', "\n----\n"), $tabletext);
// BR macro
$tabletext = preg_replace('@<br\\s*[^>]*>\\n?@is', '[[BR]]', $tabletext);
// images
$tabletext = preg_replace('@<img\\s[^>]*src=(\'|")?(?:https?)?//([^\'"]+)(?1)[^>]*>@is', 'http://\\2', $tabletext);
// href
$tabletext = preg_replace_callback('@<a\\s([^>]*)>([^<]*)</a>@is', '_a_callback', $tabletext);
// remove some table tags
$tabletext = preg_replace('@<(?:tr|/td|/th|/table)[^>]*>\\s*@is', '', $tabletext);
$tabletext = preg_replace('@\\s*<tr>\\s*@is', '', $tabletext);
// parse td attributes
$tabletext = preg_replace_callback('@(<t(?:d|h)([^>]*)>)@i', '_td_callback', $tabletext);
// table attributes
$tabletext = preg_replace_callback('@<table([^>]*)>\\s*\\|\\|@is', '_table_callback', $tabletext);
$tabletext = preg_replace('@</tr>\\s*@is', "||\n", $tabletext);
// revert <
$tabletext = str_replace("", '<', $tabletext);
$lines = explode("\n", $tabletext);
}
// trash empty last line
$end = end($lines);
if (!isset($end[0])) {
array_pop($lines);
}
// count maximum tabs
if ($tabmode) {
$maxtab = 1;
for ($i = 0, $sz = count($lines); $i < $sz; $i++) {
$line = $lines[$i];
// from excel or tab separated table contents
$tabs[$i] = substr_count($line, "\t");
$line = preg_replace("/\t(?=\t)/", ' || ', $line);
$line = str_replace("\t", '||', $line);
$lines[$i] = '||' . $line . '||';
if ($tabs[$i] > $maxtab) {
$maxtab = $tabs[$i];
}
}
for ($i = 0, $sz = count($tabs); $i < $sz; $i++) {
if ($tabs[$i] < $maxtab) {
$tab = str_repeat('||', $maxtab - $tabs[$i]);
$lines[$i] = $tab . $lines[$i];
}
}
}
$tabletext = implode("\n", $lines);
}
if (!empty($tabletext)) {
$formatter->send_header('', $params);
$formatter->send_title(_("Preview"), '', $params);
$formatter->send_page($tabletext . "\n----");
$params['tablecontent'] = $tabletext;
$params['editor'] = $editor;
echo macro_ImportTable($formatter, '', $params);
$formatter->send_footer('', $params);
} else {
if (!$tabletext) {
$formatter->send_header('', $params);
$formatter->send_title(_("Import Tables"), '', $params);
echo macro_ImportTable($formatter, '', $params);
$formatter->send_footer('', $params);
}
}
}
function do_sendping($formatter, $options)
{
global $DBInfo, $_release;
if (!$formatter->page->exists()) {
$options['msg'] = _("Error: Page Not found !");
do_invalid($formatter, $options);
return;
}
if (strtolower($DBInfo->charset) == 'utf-8') {
$checked = 'checked="checked"';
}
if (!$options['trackback_url']) {
$url = $formatter->link_url($formatter->page->urlname);
$raw_body = $formatter->page->_get_raw_body();
if ($options['value']) {
$lines = explode("\n", $raw_body);
$count = count($lines);
# add comment
for ($i = 0; $i < $count; $i++) {
if (preg_match("/^({{{)?#!blog (.*)\$/", $lines[$i], $match)) {
if (md5($match[2]) == $options['value']) {
list($tag, $user, $date, $title) = explode(" ", $lines[$i], 4);
$found = 1;
if ($match[1]) {
$end_tag = '}}}';
}
break;
}
}
}
if ($found) {
# a blog page with multiple entries
$i++;
if ($end_tag) {
for (; $i < $count; $i++) {
if (preg_match("/^}}}\$/", $lines[$i])) {
break;
} else {
if (preg_match("/^----\$/", $lines[$i])) {
break;
}
}
$excerpt .= $lines[$i] . "\n";
}
} else {
# a blog page with a single entry
list($dummy, $entry) = explode("\n", $raw_body, 2);
list($excerpt, $comments) = explode("\n----\n", $entry, 2);
}
} else {
$options['msg'] = _("Error: No entry found!");
do_invalid($formatter, $options);
return;
}
} else {
# a plain wiki page
$excerpt = substr($raw_body, 0, 400);
$title = $options['page'];
}
$COLS_MSIE = 80;
$COLS_OTHER = 85;
$cols = preg_match('/MSIE/', $_SERVER['HTTP_USER_AGENT']) ? $COLS_MSIE : $COLS_OTHER;
$rows = $options['rows'] > 5 ? $options['rows'] : 8;
$cols = $options['cols'] > 60 ? $options['cols'] : $cols;
$formatter->send_header("", $options);
$formatter->send_title(_("Send TrackBack ping"), "", $options);
$msg1 = _("TrackBack Ping URL");
print "<form method='post' action='{$url}'>\n";
print "<b>{$msg1}</b>: <input name='trackback_url' size='60' maxlength='256' style='width:200' /><br />\n";
if ($options['value']) {
$options['value'] = _html_escape($options['value']);
print "<input type='hidden' name='value' value=\"{$options['value']}\" />\n";
}
$msg2 = _("Title");
$title = _html_escape($title);
print "<b>{$msg2}</b>: <input name='title' value=\"{$title}\" size='70' maxlength='70' style='width:200' /><br />\n";
if ($DBInfo->use_resizer > 1) {
echo <<<JS
<script type="text/javascript" src="{$DBInfo->url_prefix}/local/textarea.js"></script>
JS;
}
print <<<FORM
<div class="resizable-textarea" style='position:relative'><!-- IE hack -->
<textarea class="wiki resizable" id="content" wrap="virtual" name="excerpt"
rows="{$rows}" cols="{$cols}" class="wiki">{$excerpt}</textarea></div>
FORM;
$mb_msg = _("mb encoded");
$send_msg = _("Send ping");
$reset = _("Reset");
print <<<FORM2
<b>{$mb_msg}</b> <input type="checkbox" name="mbencode" {$checked} />
<input type="hidden" name="action" value="sendping" />
<span class="button"><input class="button" type="submit" value="{$send_msg}" /></span>
<span class="button"><input class="button" type="reset" value="{$reset}" /></span>
</form>
FORM2;
$formatter->send_footer("", $options);
return;
}
# send Trackback ping
$trackback_url = $options['trackback_url'];
$title = urlencode(_stripslashes($options['title']));
$blog_name = urlencode($DBInfo->sitename . ":{$options['id']}");
$excerpt = _stripslashes($options['excerpt']);
if ($options['mbencode']) {
if ($checked and function_exists('iconv') and strtolower($DBInfo->charset) != 'utf-8') {
$excerpt = iconv($DBInfo->charset, 'utf-8', $excerpt);
}
if (function_exists('mb_encode_numericentity')) {
$new = mb_encode_numericentity($excerpt, $DBInfo->convmap, 'utf-8');
if ($new) {
$excerpt = $new;
}
$new = mb_encode_numericentity($title, $DBInfo->convmap, 'utf-8');
if ($new) {
$title = $new;
}
} else {
include_once 'lib/compat.php';
$new = utf8_mb_encode($excerpt);
if ($new) {
$excerpt = $new;
}
$new = utf8_mb_encode($title);
if ($new) {
$title = $new;
}
}
}
$excerpt = urlencode($excerpt);
$url = $formatter->link_url($options['page'], "#{$options['value']}");
$url = urlencode(qualifiedUrl($url));
$query_string = "title={$title}&url={$url}&blog_name={$blog_name}&excerpt={$excerpt}";
if (strstr($trackback_url, '?')) {
$trackback_url .= "&" . $query_string;
$fp = @fopen($trackback_url, 'r');
$result = @fread($fp, 4096);
@fclose($fp);
/* debug code
$debug_file = 'trackback.log';
$fp = fopen($debug_file, 'a');
fwrite($fp, "\n*****\nTrackback URL query:\n\n$trackback_url\n\nResponse:\n\n");
fwrite($fp, $result);
fwrite($fp, "\n\n");
fclose($fp);
*/
} else {
$trackback_url = parse_url($trackback_url);
$http_request = 'POST ' . $trackback_url['path'] . " HTTP/1.0\r\n";
$http_request .= 'Host: ' . $trackback_url['host'] . "\r\n";
$http_request .= 'Content-Type: application/x-www-form-urlencoded' . "\r\n";
$http_request .= 'Content-Length: ' . strlen($query_string) . "\r\n";
$http_request .= "\r\n";
$http_request .= $query_string;
$fs = @fsockopen($trackback_url['host'], 80);
@fputs($fs, $http_request);
/* debug code
$debug_file = 'trackback.log';
$fp = fopen($debug_file, 'a');
fwrite($fp, "\n*****\nRequest:\n\n$http_request\n\nResponse:\n\n");
while(!@feof($fs)) {
fwrite($fp, @fgets($fs, 4096));
}
fwrite($fp, "\n\n");
fclose($fp);
*/
@fclose($fs);
}
$formatter->send_header("", $options);
$formatter->send_title(_("Trackback sent"), "", $options);
#$formatter->send_page("Return: $result");
print "Return: {$result}";
$formatter->send_footer("", $options);
return;
}
function do_keywords($formatter, $options)
{
global $DBInfo;
$supported_lang = array('ko');
$page = $formatter->page->name;
if (empty($options['update']) and !empty($options['value'])) {
$page = $options['value'];
}
if (!$DBInfo->hasPage($page)) {
$options['err'] = _("You are not able to add keywords.");
$options['title'] = _("Page does not exists");
do_invalid($formatter, $options);
return;
}
if (!empty($options['update']) or !empty($options['refresh'])) {
$lk = $DBInfo->getPage(LOCAL_KEYWORDS);
$force_charset = '';
if ($DBInfo->force_charset) {
$force_charset = '; charset=' . $DBInfo->charset;
}
$formatter->send_header("Content-type: text/plain" . $force_charset);
if (!$lk->exists()) {
print sprintf(_("%s is not found."), LOCAL_KEYWORDS);
return;
}
$raw = $lk->get_raw_body();
# update keylinks of LocalKeywords
$kc = new Cache_text('keylinks');
$lines = explode("\n", $raw);
$all_keys = array();
foreach ($lines as $l) {
$l = trim($l);
if ($l[0] == '#' or !$l) {
continue;
}
$ws = preg_split('/((?<!\\S)(["\'])[^\\2]+?\\2(?!\\S)|\\S+)/', $l, -1, PREG_SPLIT_DELIM_CAPTURE | PREG_SPLIT_NO_EMPTY);
$ws = array_flip(array_unique($ws));
unset($ws['"']);
// delete delims
unset($ws["'"]);
unset($ws[' ']);
$ws = array_flip($ws);
$ws = array_map(create_function('$a', 'return preg_replace("/^([\\"\'])(.*)\\\\1$/","\\\\2",$a);'), $ws);
// delete ",'
$ws = array_unique($ws);
$all_keys = array_merge($all_keys, $ws);
foreach ($ws as $k) {
$rels = array_diff($ws, array($k));
$krels = $kc->fetch($k);
if (is_array($krels)) {
if ($nrels = array_diff($rels, $krels)) {
$rs = array_unique(array_merge($nrels, $krels));
$kc->update($k, $rs);
print "***** updated {$k}\n";
}
} else {
if (sizeof($rels) > 1 and is_array($rels)) {
$kc->update($k, $rels);
print "***** save {$k}\n";
}
}
}
}
print_r($all_keys);
print "OK";
return;
}
$args = array();
$formatter->send_header('', $options);
if (empty($options['suggest']) and (!empty($options['key']) and is_array($options['key']) or !empty($options['keywords']))) {
if (!empty($options['keywords'])) {
// following keyword list are acceptable separated with spaces.
// Chemistry "Physical Chemistry" "Bio Chemistry" ...
$keywords = _stripslashes($options['keywords']);
$ws = preg_split('/((?<!\\S)(["\'])[^\\2]+?\\2(?!\\S)|\\S+)/', $keywords, -1, PREG_SPLIT_DELIM_CAPTURE | PREG_SPLIT_NO_EMPTY);
$ws = array_flip(array_unique($ws));
unset($ws['"']);
// delete delims
unset($ws["'"]);
unset($ws[' ']);
$ws = array_flip($ws);
$ws = array_map(create_function('$a', 'return preg_replace("/^([\\"\'])(.*)\\\\1$/","\\\\2",$a);'), $ws);
// delete ",'
if (!is_array($options['key'])) {
$options['key'] = array();
}
$options['key'] = array_merge($options['key'], $ws);
}
if (!empty($options['common'])) {
$raw = "#format plain";
$lang = $formatter->pi['#language'] ? $formatter->pi['#language'] : '';
$lang = $options['lang'] ? $options['lang'] : $lang;
if (in_array($lang, $supported_lang)) {
$common_word_page = LOCAL_KEYWORDS . '/CommonWords' . ucfirst($lang);
} else {
$common_word_page = LOCAL_KEYWORDS . '/CommonWords';
}
if ($DBInfo->hasPage($common_word_page)) {
$p = $DBInfo->getPage($common_word_page);
if (!$p->exists()) {
$dict = array();
} else {
$raw = $p->get_raw_body();
$raw = rtrim($raw);
$lines = explode("\n", $raw);
$body = '';
foreach ($lines as $line) {
if ($line[0] == '#' or $line == '') {
continue;
}
$body .= $line . "\n";
}
$body = rtrim($body);
$dict = explode("\n", $body);
}
$commons = array_diff(array_values($options['key']), $dict);
} else {
$p = $DBInfo->getPage($common_word_page);
$commons = $options['key'];
}
if (!empty($commons)) {
sort($commons);
$raw .= "\n" . implode("\n", $commons);
$p->write($raw);
$DBInfo->savePage($p, "Common words are added", $options);
}
$formatter->send_title(sprintf(_("Common words are updated"), $options['page']), '', $options);
$formatter->send_footer($args, $options);
return;
}
$cache = new Cache_text('keyword');
$keys = $options['key'];
$keys = array_flip($keys);
unset($keys['']);
$cache->update($page, array_keys($keys));
# update 'keylinks' caches
#$kc=new Cache_text('keylinks');
#foreach ($options['key'] as $k) {
# // XXX
# $kv=unserialize($kc->fetch($k));
# if (!in_array($page,$kv)) {
# $kv[]=$page;
# $kc->update($k,serialize($kv));
# }
#}
$raw = "#format plain";
$lk = $DBInfo->getPage(LOCAL_KEYWORDS);
if (!$lk->exists()) {
$dict = array();
} else {
$raw = $lk->get_raw_body();
$raw = rtrim($raw);
$lines = explode("\n", $raw);
$body = '';
foreach ($lines as $line) {
if ($line[0] == '#' or $line == '') {
continue;
}
$body .= $line . "\n";
}
$body = rtrim($body);
}
if (!empty($options['key'])) {
// XXX
$ks = array_map(create_function('$a', 'return (strpos($a," ") !== false) ? "\\"$a\\"":$a;'), $options['key']);
$raw .= "\n" . implode(' ', $ks) . "\n";
$lk->write($raw);
$DBInfo->savePage($lk, "Keywords are added", $options);
}
$formatter->send_title(sprintf(_("Keywords for %s are updated"), $page), '', $options);
$ret = '';
foreach ($keys as $key => $val) {
$ret .= $key . ',';
}
$ret = substr($ret, 0, strlen($ret) - 1);
print "<tt>#keywords {$ret}</tt>\n";
if (!empty($DBInfo->use_keywords) or !empty($options['update'])) {
# auto update the page with selected keywords.
$body = $formatter->page->get_raw_body();
$pi = $formatter->page->get_instructions($dum);
if (!empty($pi['#keywords'])) {
$tag = preg_quote($pi['#keywords']);
$nbody = preg_replace('/^#keywords\\s+' . $tag . '/', '#keywords ' . $ret, $body, 1);
if ($nbody != $body) {
$ok = 1;
}
} else {
$nbody = '#keywords ' . $ret . "\n" . $body;
$ok = 2;
}
if (!empty($ok)) {
if ($ok == 1) {
$comment = "Keywords are updated";
} else {
$comment = "Keywords are added";
}
$formatter->page->write($nbody);
$DBInfo->savePage($formatter->page, $comment, $options);
print "<h2>" . _("Keywords are updated") . "</h2>";
} else {
print "<h2>" . _("There are no changes found") . "</h2>";
}
} else {
# user confirmation
$link = $formatter->link_url(_rawurlencode($page), '');
$keys = explode(',', $ret);
$ret = '';
foreach ($keys as $key) {
if ($key and strpos($key, ' ') !== false) {
$key = '"' . $key . '"';
}
$ret .= $key . ' ';
}
$btn = _("Update with these Keywords");
$form = "<form method='post' action='{$link}'>";
$form .= '<input type="hidden" name="action" value="keywords" />';
$form .= '<input type="hidden" name="update" value="1" />';
$form .= '<input type="hidden" name="keywords" value=\'' . $ret . '\' />';
$form .= "<input type='submit' value='{$btn}' />\n";
$form .= "</form>";
print $form;
}
$formatter->send_footer($args, $options);
return;
}
if (!empty($options['all']) or !empty($options['tour'])) {
if (!empty($optiopns['sort']) and $options['sort'] == 'freq') {
$sort = 'freq';
}
$formatter->send_title('', '', $options);
$myq = '?' . $_SERVER['QUERY_STRING'];
$myq = preg_replace('/&sort=[^&]+/i', '', $myq);
if ($sort != 'freq') {
$myq .= '&sort=freq';
$txt = _("alphabetically");
$ltxt = _("by frequency");
} else {
$txt = _("by size");
$ltxt = _("alphabetically");
}
$link = $formatter->link_tag(_rawurlencode($page), $myq, $ltxt);
print "<h2>";
print sprintf(_("Keywords list %s (or %s)"), $txt, $link);
print "</h2>\n";
if (!$options['limit']) {
$options['limit'] = 0;
}
} else {
$formatter->send_title(sprintf(_("Select keywords for %s"), $options['page']), '', $options);
$options['merge'] = 1;
$options['add'] = 1;
}
print macro_KeyWords($formatter, $options['page'], $options);
//$args['editable']=1;
$formatter->send_footer($args, $options);
}
function do_fullsearch($formatter, $options)
{
global $Config;
$ret =& $options;
$qnext = '';
if (!empty($options['offset']) and is_numeric($options['offset'])) {
if ($options['offset'] > 0) {
$qnext = '&offset=' . $options['offset'];
}
}
$options['value'] = _stripslashes($options['value']);
if (!isset($options['value'][0])) {
$options['value'] = $formatter->page->name;
}
if (!empty($options['backlinks'])) {
$title = sprintf(_("BackLinks search for \"%s\""), $options['value']);
} else {
if (!empty($options['keywords'])) {
$title = sprintf(_("KeyWords search for \"%s\""), $options['value']);
} else {
$title = sprintf(_("Full text search for \"%s\""), $options['value']);
}
}
if (!empty($options['backlinks'])) {
$options['.title'] = sprintf(_("BackLinks of %s"), _html_escape($options['value']));
}
$out = macro_FullSearch($formatter, $options['value'], $ret);
$options['msg'] = !empty($ret['msg']) ? $ret['msg'] : '';
$options['msgtype'] = 'search';
$formatter->send_header("", $options);
$formatter->send_title($title, $formatter->link_url("FindPage"), $options);
if (!empty($ret['form'])) {
print $ret['form'];
}
print $out;
$qext = '';
if (!empty($options['backlinks'])) {
$qext = '&backlinks=1';
} else {
if (!empty($options['keywords'])) {
$qext = '&keywords=1';
}
}
$offset = '';
if (isset($options['value'][0])) {
$val = _html_escape($options['value']);
printf(_("Found %s matching %s out of %s total pages"), $ret['hit'], $ret['hit'] == 1 ? _("page") : _("pages"), $ret['all']);
if (!empty($ret['next'])) {
$limit = isset($DBInfo->fullsearch_page_limit[0]) ? $DBInfo->fullsearch_page_limit : 5000;
// 5000 pages
if (isset($ret['searched'])) {
$limit = $ret['searched'];
}
printf(_(" (%s pages are searched)") . '<br />', $limit);
} else {
echo '<br />';
}
if (empty($ret['context'])) {
$tag = $formatter->link_to("?action=fullsearch&value={$val}{$qext}{$qnext}&context=20", _("Show Context."));
print $tag . '<br />';
}
if ($options['id'] != 'Anonymous') {
if (!empty($ret['next']) and $ret['next'] < $ret['all']) {
$qoff = '&offset=' . $ret['next'];
$tag = $formatter->link_to("?action=fullsearch{$qext}&value={$val}{$qoff}", _("Search next results"));
echo $tag;
}
if (empty($options['backlinks']) and empty($options['keywords']) or !empty($Config['show_refresh'])) {
$tag = $formatter->link_to("?action=fullsearch{$qext}&value={$val}{$qnext}&refresh=1", _("Refresh"));
printf(_(" (%s search results)"), $tag);
}
}
}
$value = _urlencode($options['value']);
print '<h2>' . sprintf(_("You can also click %s to search title.\n"), $formatter->link_to("?action=titlesearch&value={$value}", _("here"))) . "</h2>\n";
$args['noaction'] = 1;
$formatter->send_footer($args, $options);
}