function format_value()
{
if (isset($_FILES[$this->name])) {
require_once PLUGIN_DIR . 'attach.inc.php';
$base = $this->form->base;
$result = attach_upload($_FILES[$this->name], $base);
if (isset($result['result']) && $result['result']) {
// Upload success
return parent::format_value($base . '/' . $_FILES[$this->name]['name']);
}
}
// Filename not specified, or Fail to upload
return parent::format_value('');
}
function plugin_attach_action()
{
global $vars, $_attach_messages;
// Backward compatible
if (isset($vars['openfile'])) {
$vars['file'] = $vars['openfile'];
$vars['pcmd'] = 'open';
}
if (isset($vars['delfile'])) {
$vars['file'] = $vars['delfile'];
$vars['pcmd'] = 'delete';
}
$pcmd = isset($vars['pcmd']) ? $vars['pcmd'] : '';
$refer = isset($vars['refer']) ? $vars['refer'] : '';
$pass = isset($vars['pass']) ? $vars['pass'] : NULL;
$page = isset($vars['page']) ? $vars['page'] : '';
if ($refer != '' && is_pagename($refer)) {
if (in_array($pcmd, array('info', 'open', 'list'))) {
check_readable($refer);
} else {
check_editable($refer);
}
}
// Dispatch
if (isset($_FILES['attach_file'])) {
// Upload
return attach_upload($_FILES['attach_file'], $refer, $pass);
} else {
switch ($pcmd) {
case 'delete':
/*FALLTHROUGH*/
/*FALLTHROUGH*/
case 'freeze':
case 'unfreeze':
if (PKWK_READONLY) {
die_message('PKWK_READONLY prohibits editing');
}
}
switch ($pcmd) {
case 'info':
return attach_info();
case 'delete':
return attach_delete();
case 'open':
return attach_open();
case 'list':
return attach_list();
case 'freeze':
return attach_freeze(TRUE);
case 'unfreeze':
return attach_freeze(FALSE);
case 'rename':
return attach_rename();
case 'upload':
return attach_showform();
}
if ($page == '' || !is_page($page)) {
return attach_list();
} else {
return attach_showform();
}
}
}
function plugin_paint_action()
{
global $script, $vars, $pkwk_dtd, $_paint_messages;
// if (PKWK_READONLY) die_message('PKWK_READONLY prohibits editing');
if (auth::check_role('readonly')) {
die_message('PKWK_READONLY prohibits editing');
}
//戻り値を初期化
$retval['msg'] = $_paint_messages['msg_title'];
$retval['body'] = '';
if (array_key_exists('attach_file', $_FILES) and array_key_exists('refer', $vars)) {
$file = $_FILES['attach_file'];
//BBSPaiter.jarは、shift-jisで内容を送ってくる。面倒なのでページ名はエンコードしてから送信させるようにした。
$vars['page'] = $vars['refer'] = decode($vars['refer']);
$filename = $vars['filename'];
$filename = mb_convert_encoding($filename, SOURCE_ENCODING, 'auto');
//ファイル名置換
$attachname = preg_replace('/^[^\\.]+/', $filename, $file['name']);
//すでに存在した場合、 ファイル名に'_0','_1',...を付けて回避(姑息)
$count = '_0';
while (file_exists(UPLOAD_DIR . encode($vars['refer']) . '_' . encode($attachname))) {
$attachname = preg_replace('/^[^\\.]+/', $filename . $count++, $file['name']);
}
$file['name'] = $attachname;
if (!exist_plugin('attach') or !function_exists('attach_upload')) {
return array('msg' => 'attach.inc.php not found or not correct version.');
}
$retval = attach_upload($file, $vars['refer'], TRUE);
if ($retval['result'] == TRUE) {
$retval = paint_insert_ref($file['name']);
}
} else {
$message = '';
$refer = $s_refer = '';
if (array_key_exists('refer', $vars)) {
$refer = $vars['refer'];
$s_refer = htmlspecialchars($vars['refer']);
}
$url = get_page_uri($refer);
$link = "<p><a href=\"{$url}\">{$s_refer}</a></p>";
$w = PAINT_APPLET_WIDTH;
$h = PAINT_APPLET_HEIGHT;
//ウインドウモード :)
if ($w < 50 and $h < 50) {
$w = $h = 0;
$retval['msg'] = '';
$vars['page'] = $vars['refer'];
$vars['cmd'] = 'read';
$retval['body'] = convert_html(get_source($vars['refer']));
$link = '';
}
//XSS脆弱性問題 - 外部から来た変数をエスケープ
$width = empty($vars['width']) ? PAINT_DEFAULT_WIDTH : $vars['width'];
$height = empty($vars['height']) ? PAINT_DEFAULT_HEIGHT : $vars['height'];
$f_w = (is_numeric($width) and $width > 0) ? $width : PAINT_DEFAULT_WIDTH;
$f_h = (is_numeric($height) and $height > 0) ? $height : PAINT_DEFAULT_HEIGHT;
$f_refer = array_key_exists('refer', $vars) ? encode($vars['refer']) : '';
// BBSPainter.jarがshift-jisに変換するのを回避
$f_digest = array_key_exists('digest', $vars) ? htmlspecialchars($vars['digest']) : '';
$f_no = (array_key_exists('paint_no', $vars) and is_numeric($vars['paint_no'])) ? $vars['paint_no'] + 0 : 0;
if ($f_w > PAINT_MAX_WIDTH) {
$f_w = PAINT_MAX_WIDTH;
}
if ($f_h > PAINT_MAX_HEIGHT) {
$f_h = PAINT_MAX_HEIGHT;
}
$retval['body'] .= <<<EOD
<div>
{$link}
{$message}
<applet codebase="." archive="BBSPainter.jar" code="Main.class" width="{$w}" height="{$h}">
<param name="size" value="{$f_w},{$f_h}" />
<param name="action" value="{$script}" />
<param name="image" value="attach_file" />
<param name="form1" value="filename={$_paint_messages['field_filename']}=!" />
<param name="form2" value="yourname={$_paint_messages['field_name']}" />
<param name="comment" value="msg={$_paint_messages['field_comment']}" />
<param name="param1" value="plugin=paint" />
<param name="param2" value="refer={$f_refer}" />
<param name="param3" value="digest={$f_digest}" />
<param name="param4" value="max_file_size=1000000" />
<param name="param5" value="paint_no={$f_no}" />
<param name="enctype" value="multipart/form-data" />
<param name="return.URL" value="{$url}" />
</applet>
</div>
EOD;
// XHTML 1.0 Transitional
if (!isset($pkwk_dtd) || $pkwk_dtd == PKWK_DTD_XHTML_1_1) {
$pkwk_dtd = PKWK_DTD_XHTML_1_0_TRANSITIONAL;
}
}
return $retval;
}
function format_value($str)
{
if (array_key_exists($this->name, $_FILES)) {
require_once PLUGIN_DIR . 'attach.inc.php';
$result = attach_upload($_FILES[$this->name], $this->page);
if ($result['result']) {
return parent::format_value($this->page . '/' . $_FILES[$this->name]['name']);
}
}
// ファイルが指定されていないか、アップロードに失敗
return parent::format_value('');
}
} else {
if ($subject == '' && $message == '') {
showmessage('post_sm_isnull');
}
}
if ($editedby && $timestamp - $orig['dateline'] > 60 && $adminid != 1) {
include_once language('misc');
$editor = $isanonymous && $isorigauthor ? $language['anonymous'] : $discuz_user;
$edittime = gmdate($_DCACHE['settings']['dateformat'] . ' ' . $_DCACHE['settings']['timeformat'], $timestamp + $timeoffset * 3600);
eval("\$message = \"{$language['post_edit']}\".\$message;");
}
$bbcodeoff = checkbbcodes($message, !empty($bbcodeoff));
$smileyoff = checksmilies($message, !empty($smileyoff));
$tagoff = $isfirstpost ? !empty($tagoff) : 0;
$htmlon = bindec(($tagstatus && $tagoff ? 1 : 0) . ($allowhtml && !empty($htmlon) ? 1 : 0));
$uattachment = $allowpostattach && ($uattachments = attach_upload('attachupdate', 1)) ? 1 : 0;
if ($uattachment) {
$query = $db->query("SELECT aid, tid, pid, uid, attachment, thumb, remote FROM {$tablepre}attachments WHERE pid='{$pid}'");
while ($attach = $db->fetch_array($query)) {
$paid = 'paid' . $attach['aid'];
$attachfileadd = '';
if ($uattachment && isset($uattachments[$paid])) {
dunlink($attach['attachment'], $attach['thumb'], $attach['remote']);
$attachfileadd = 'dateline=\'' . $timestamp . '\',
filename=\'' . $uattachments[$paid]['name'] . '\',
filetype=\'' . $uattachments[$paid]['type'] . '\',
filesize=\'' . $uattachments[$paid]['size'] . '\',
attachment=\'' . $uattachments[$paid]['attachment'] . '\',
thumb=\'' . $uattachments[$paid]['thumb'] . '\',
isimage=\'-' . $uattachments[$paid]['isimage'] . '\',
remote=\'' . $uattachments[$paid]['remote'] . '\',
function plugin_csv2newpage_upload($refer)
{
global $vars;
$start_line_no = empty($vars['start_line_no']) ? 0 : $vars['start_line_no'];
if (empty($_FILES['attach_file'])) {
return array('msg' => 'no attach_file', 'body' => 'Set attach file');
}
$file = $_FILES['attach_file'];
$attachname = $file['name'];
$filename = preg_replace('/\\..+$/', '', $attachname, 1);
//すでに存在した場合、 ファイル名に'_0','_1',...を付けて回避(姑息)
$count = '_0';
while (file_exists(UPLOAD_DIR . encode($refer) . '_' . encode($attachname))) {
$attachname = preg_replace('/^[^\\.]+/', $filename . $count++, $file['name']);
}
$file['name'] = $attachname;
if (!exist_plugin('attach')) {
return array('msg' => 'plugin not found', 'body' => 'The attach plugin is not found.');
}
$pass = empty($vars['pass']) ? NULL : md5($vars['pass']);
$retval = attach_upload($file, $refer, $pass);
if ($retval['result'] != TRUE) {
return array('msg' => 'cannot upload', 'body' => 'cannot upload: ' . $attachname . ',' . $retval);
}
$realfile = UPLOAD_DIR . encode($refer) . '_' . encode($attachname);
if (!is_file($realfile)) {
return array('msg' => 'not found the attached file', 'body' => "The attached file:'{$attachname}' does not exist in '{$refer}'.<br />({$realfile})");
}
$postdata_old = file($realfile);
$line = join('', $postdata_old);
$code = mb_detect_encoding($line);
$line = mb_convert_encoding($line, SOURCE_ENCODING, $code);
$csvlines = preg_split("/\r?\n/", $line);
if ($start_line_no) {
array_splice($csvlines, 0, $start_line_no);
}
return $csvlines;
}
if (empty($vid) || empty($vsubject) || empty($vtag)) {
showmessage('video_required_invalid');
}
}
$sortid = $special && $forum['threadsorts']['types'][$sortid] ? 0 : $sortid;
$typeexpiration = intval($typeexpiration);
if ($forum['threadsorts']['expiration'][$typeid] && !$typeexpiration) {
showmessage('threadtype_expiration_invalid');
}
$optiondata = array();
if ($forum['threadsorts']['types'][$sortid] && !$forum['allowspecialonly']) {
$optiondata = threadsort_validator($typeoption);
}
$author = !$isanonymous ? $discuz_user : '';
$moderated = $digest || $displayorder > 0 ? 1 : 0;
$attachment = $allowpostattach && ($attachments = attach_upload()) ? $imageexists ? 2 : 1 : 0;
$subscribed = !empty($emailnotify) && $discuz_uid ? 1 : 0;
$db->query("INSERT INTO {$tablepre}threads (fid, readperm, price, iconid, typeid, sortid, author, authorid, subject, dateline, lastpost, lastposter, displayorder, digest, special, attachment, subscribed, moderated)\r\n\t\tVALUES ('{$fid}', '{$readperm}', '{$price}', '{$iconid}', '{$typeid}', '{$sortid}', '{$author}', '{$discuz_uid}', '{$subject}', '{$timestamp}', '{$timestamp}', '{$author}', '{$displayorder}', '{$digest}', '{$special}', '{$attachment}', '{$subscribed}', '{$moderated}')");
$tid = $db->insert_id();
if ($subscribed) {
$db->query("REPLACE INTO {$tablepre}subscriptions (uid, tid, lastpost, lastnotify)\r\n\t\t\tVALUES ('{$discuz_uid}', '{$tid}', '{$timestamp}', '{$timestamp}')", 'UNBUFFERED');
}
if ($special == 3 && $allowpostreward) {
$db->query("INSERT INTO {$tablepre}rewardlog (tid, authorid, netamount, dateline) VALUES ('{$tid}', '{$discuz_uid}', {$realprice}, '{$timestamp}')");
}
$db->query("REPLACE INTO {$tablepre}mythreads (uid, tid, dateline, special) VALUES ('{$discuz_uid}', '{$tid}', '{$timestamp}', '{$special}')", 'UNBUFFERED');
if ($moderated) {
updatemodlog($tid, $displayorder > 0 ? 'STK' : 'DIG');
updatemodworks($displayorder > 0 ? 'STK' : 'DIG', 1);
}
if ($special == 1) {
/**
* 画像を添付するためのもの
*/
function plugin_show_action()
{
global $script, $vars, $username;
global $html_transitional;
$qm = get_qm();
//check auth
$editable = edit_auth($vars['refer'], FALSE, FALSE);
if (!$editable) {
return array('msg' => $qm->m['plg_attachref']['title_ntc_admin'], 'body' => '<p>' . $qm->m['plg_attachref']['ntc_admin'] . '</p>');
}
//戻り値を初期化
$retval['msg'] = $qm->m['plg_attachref']['title'];
$retval['body'] = '';
if (array_key_exists('attach_file', $_FILES) and array_key_exists('refer', $vars) and is_page($vars['refer'])) {
$file = $_FILES['attach_file'];
$attachname = $file['name'];
$filename = preg_replace('/\\..+$/', '', $attachname, 1);
//! swfuを持っていたら (管理者のみ)--------------------------------------------
if ($editable && has_swfu()) {
//アップロードするファイル名を決める(日本語ダメ、重複もダメ)
$upload_name = $file['name'];
if (preg_match('/^[-_.+a-zA-Z0-9]+$/', $upload_name)) {
while (!$overwrite && file_exists(SWFU_IMAGE_DIR . $upload_name)) {
$upload_name = 's_' . $upload_name;
}
$upload_file = SWFU_IMAGE_DIR . $upload_name;
$fname = $upload_name;
$disp = $qm->m['plg_attachref']['img_desc'];
} else {
$matches = array();
if (!preg_match('/[^.]+\\.(.*)$/', $upload_name, $matches)) {
echo 'invalid file name : ' . $upload_name;
exit(0);
}
$ext = $matches[1];
$tmp_name = tempnam(SWFU_IMAGE_DIR, 'auto_');
$upname = $tmp_name . '.' . $ext;
$disp = $upload_name;
rename($tmp_name, $upname);
$upload_file = SWFU_IMAGE_DIR . basename($upname);
$fname = basename($upname);
}
move_uploaded_file($file['tmp_name'], $upload_file);
chmod($upload_file, 0666);
//regist db
$stat = stat($upload_file);
$data = array('name' => $fname, 'description' => $disp, 'created' => $stat['mtime'], 'size' => $stat['size'], 'page_name' => $vars['refer']);
require_once SWFU_TEXTSQL_PATH;
$db = new CTextDB(SWFU_IMAGEDB_PATH);
$db->insert($data);
$retval = show_insert_ref(SWFU_IMAGE_DIR . $fname);
return $retval;
}
// open qhm用 attachフォルダにファイルを置く
//すでに存在した場合、 ファイル名に'_0','_1',...を付けて回避(姑息)
$count = '_0';
while (file_exists('./attach/' . encode($vars['refer']) . '_' . encode($attachname))) {
$attachname = preg_replace('/^[^\\.]+/', $filename . $count++, $file['name']);
}
$file['name'] = $attachname;
require_once PLUGIN_DIR . "attach.inc.php";
if (!exist_plugin('attach') or !function_exists('attach_upload')) {
return array('msg' => $qm->m['plg_attachref']['err_notfound']);
}
$pass = array_key_exists('pass', $vars) ? $vars['pass'] : NULL;
$retval = attach_upload($file, $vars['refer'], $pass);
if ($retval['result'] == TRUE) {
$retval = show_insert_ref($file['name']);
}
} else {
$retval = show_showform();
// XHTML 1.0 Transitional
$html_transitional = TRUE;
}
return $retval;
}
function plugin_attach_action()
{
global $vars, $_attach_messages, $_string;
// Backward compatible
if (isset($vars['openfile'])) {
$vars['file'] = $vars['openfile'];
$vars['pcmd'] = 'open';
}
if (isset($vars['delfile'])) {
$vars['file'] = $vars['delfile'];
$vars['pcmd'] = 'delete';
}
$pcmd = isset($vars['pcmd']) ? $vars['pcmd'] : NULL;
$refer = isset($vars['refer']) ? $vars['refer'] : NULL;
$pass = isset($vars['pass']) ? $vars['pass'] : NULL;
$page = isset($vars['page']) ? $vars['page'] : $refer;
if (!empty($page)) {
$wiki = Factory::Wiki($page);
if ($wiki->isValied()) {
// メソッドによってパーミッションを分ける
if (in_array($pcmd, array('info', 'open', 'list'))) {
// 読み込み許可
$wiki->checkReadable();
} else {
// 書き込み許可があるか
$wiki->checkEditable();
}
}
}
if (in_array($pcmd, array('delete', 'freeze', 'unfreeze'))) {
if (Auth::check_role('readonly')) {
Utility::dieMessage($_string['error_prohibit']);
}
}
switch ($pcmd) {
case 'info':
return attach_info();
case 'delete':
return attach_delete();
case 'open':
return attach_open();
case 'list':
return attach_list($page);
case 'freeze':
return attach_freeze(TRUE);
case 'unfreeze':
return attach_freeze(FALSE);
case 'rename':
return attach_rename();
default:
case 'upload':
return attach_showform();
case 'form':
return array('msg' => str_replace('$1', $refer, $_attach_messages['msg_upload']), 'body' => attach_form($refer));
case 'post':
return attach_upload($page, $pass);
case 'progress':
return PluginRenderer::getUploadProgress();
}
return empty($page) || !$wiki->isValied() ? attach_list() : attach_showform();
}
break;
}
}
}
$typeid = isset($typeid) ? $typeid : 0;
$tradetypeid = isset($tradetypeid) ? $tradetypeid : 0;
$iconid = !empty($iconid) && isset($_DCACHE['icons'][$iconid]) ? $iconid : 0;
$displayorder = $modnewthreads ? -2 : ($forum['ismoderator'] && !empty($sticktopic) ? 1 : 0);
$digest = $forum['ismoderator'] && !empty($addtodigest) ? 1 : 0;
$blog = $allowuseblog && $forum['allowshare'] && !empty($addtoblog) ? 1 : 0;
$readperm = $allowsetreadperm ? $readperm : 0;
$isanonymous = $isanonymous && $allowanonymous ? 1 : 0;
$threadmessage = $counterdesc . "\t\t\t" . $aboutcounter;
$author = !$isanonymous ? $discuz_user : '';
$moderated = $digest || $displayorder > 0 ? 1 : 0;
$attachment = $allowpostattach && ($attachments = attach_upload()) ? 1 : 0;
$subscribed = !empty($emailnotify) && $discuz_uid ? 1 : 0;
$supe_pushstatus = $supe['status'] && $forum['supe_pushsetting']['status'] == 1 && !$modnewthreads ? '1' : '0';
$sgidadd1 = $sgidadd2 = '';
if ($iscircle) {
$sgidadd1 = ', sgid';
$sgidadd2 = ", '{$sgid}'";
}
$db->query("INSERT INTO {$tablepre}threads (fid, readperm, price, iconid, typeid, author, authorid, subject, dateline, lastpost, lastposter, displayorder, digest, blog, special, attachment, subscribed, moderated, supe_pushstatus, replies {$sgidadd1})\r\n\tVALUES ('{$fid}', '{$readperm}', '{$price}', '{$iconid}', '{$typeid}', '{$author}', '{$discuz_uid}', '{$subject}', '{$timestamp}', '{$timestamp}', '{$author}', '{$displayorder}', '{$digest}', '{$blog}', '{$special}', '{$attachment}', '{$subscribed}', '{$moderated}', '{$supe_pushstatus}', '1' {$sgidadd2})");
$tid = $db->insert_id();
if ($subscribed) {
$db->query("REPLACE INTO {$tablepre}subscriptions (uid, tid, lastpost, lastnotify)\r\n\t\tVALUES ('{$discuz_uid}', '{$tid}', '{$timestamp}', '{$timestamp}')", 'UNBUFFERED');
}
$db->query("REPLACE INTO {$tablepre}mythreads (uid, tid, dateline, special) VALUES ('{$discuz_uid}', '{$tid}', '{$timestamp}', '{$special}')", 'UNBUFFERED');
if ($moderated) {
updatemodlog($tid, $displayorder > 0 ? 'STK' : 'DIG');
if (!empty($_FILES['tradeattach']['tmp_name'][0])) {
$_FILES['attach'] = array_merge_recursive((array) $_FILES['attach'], $_FILES['tradeattach']);
}
}
$attachnum = 0;
if ($allowpostattach && !empty($_FILES['attach']) && is_array($_FILES['attach'])) {
foreach ($_FILES['attach']['name'] as $attachname) {
if ($attachname != '') {
$attachnum++;
}
}
$attachnum && checklowerlimit($postattachcredits, $attachnum);
} else {
$_FILES = array();
}
$attachments = $attachnum ? attach_upload() : array();
$attachment = empty($attachments) ? 0 : ($imageexists ? 2 : 1);
$subscribed = $thread['subscribed'] && $timestamp - $thread['lastpost'] < 7776000;
$newsubscribed = !empty($emailnotify) && $discuz_uid;
if ($subscribed && !$modnewreplies) {
$db->query("UPDATE {$tablepre}subscriptions SET lastpost='{$timestamp}' WHERE tid='{$tid}' AND uid<>'{$discuz_uid}'", 'UNBUFFERED');
}
if ($newsubscribed) {
$db->query("REPLACE INTO {$tablepre}subscriptions (uid, tid, lastpost, lastnotify)\r\n\t\t\tVALUES ('{$discuz_uid}', '{$tid}', '" . ($modnewreplies ? $thread['lastpost'] : $timestamp) . "', '{$timestamp}')", 'UNBUFFERED');
}
$bbcodeoff = checkbbcodes($message, !empty($bbcodeoff));
$smileyoff = checksmilies($message, !empty($smileyoff));
$parseurloff = !empty($parseurloff);
$htmlon = $allowhtml && !empty($htmlon) ? 1 : 0;
$usesig = !empty($usesig) ? 1 : 0;
$isanonymous = $allowanonymous && !empty($isanonymous) ? 1 : 0;
$depict = $type == 'image' ? "Image File " : 'All Support Formats ';
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?><parameter><allowsExtend><extend depict=\"$depict\">$attachextensions</extend></allowsExtend><language>$xmllang</language><config><userid>$discuz_uid</userid><hash>$swfhash</hash><maxupload>$maxattachsize</maxupload></config></parameter>";
} elseif($operation == 'upload') {
$uid = intval($_POST['uid']);
$aid = 0;
$isimage = 0;
$simple = !empty($simple) ? $simple : 0;
$groupid = intval($db->result_first("SELECT groupid FROM {$tablepre}members WHERE uid='$uid'"));
@include DISCUZ_ROOT.'./forumdata/cache/usergroup_'.$groupid.'.php';
$swfhash = md5(substr(md5($_DCACHE['settings']['authkey']), 8).$uid);
$statusid = -1;
if(!$_FILES['Filedata']['error'] && $_POST['hash'] == $swfhash) {
require_once './include/post.func.php';
$attachments = attach_upload('Filedata');
if($attachments) {
if(is_array($attachments)) {
$attach = $attachments[0];
$isimage = $attach['isimage'];
if(!$simple) {
require_once DISCUZ_ROOT.'include/chinese.class.php';
$c = new Chinese('utf8', $charset);
$attach['name'] = addslashes($c->Convert(urldecode($attach['name'])));
if($type != 'image' && $isimage) $isimage = -1;
} elseif($simple == 1 && $type != 'image' && $isimage) {
$isimage = -1;
} elseif($simple == 2 && $type == 'image' && !$isimage) {
dunlink($attach['attachment'], $attach['thumb'], $attach['remote']);
echo "DISCUZUPLOAD|1|4|0|0|";
exit;
function plugin_attachref_action()
{
global $vars;
global $_attachref_messages;
$retval['msg'] = $_attachref_messages['msg_title'];
$retval['body'] = '';
$refer = isset($vars['refer']) ? $vars['refer'] : false;
if (isset($_FILES[PLUGIN_ATTACH_FILE_FIELD_NAME]) && $refer !== false) {
$wiki = Factory::Wiki($refer);
if (!$wiki->isValied()) {
Utility::dieMessage('#attachref : invalied page.');
}
$file = $_FILES[PLUGIN_ATTACH_FILE_FIELD_NAME];
$attachname = $file['name'][0];
$filename = preg_replace('/\\..+$/', '', $attachname, 1);
// If exist file, add a name '_0', '_1', ...
$count = '_0';
while (file_exists(UPLOAD_DIR . encode($refer) . '_' . encode($attachname))) {
$attachname = preg_replace('/^[^\\.]+/', $filename . $count++, $attachname);
}
$file['name'][0] = $attachname;
$attach_filename = attachref_get_attach_filename($file);
$pass = isset($vars['pass']) ? md5($vars['pass']) : NULL;
$retval = attach_upload($refer, $pass);
if ($retval['result'] == TRUE) {
$retval = attachref_insert_ref($attach_filename);
}
Utility::redirect($wiki->uri());
} else {
$retval = attachref_showform();
}
return $retval;
}
function plugin_attachref_action()
{
global $script, $vars;
global $_attachref_messages;
global $pkwk_dtd;
$retval['msg'] = $_attachref_messages['msg_title'];
$retval['body'] = '';
if (isset($_FILES['attach_file']) && isset($vars['refer']) && is_page($vars['refer'])) {
$file = $_FILES['attach_file'];
$attachname = $file['name'];
$filename = preg_replace('/\\..+$/', '', $attachname, 1);
// If exist file, add a name '_0', '_1', ...
$count = '_0';
while (file_exists(UPLOAD_DIR . encode($vars['refer']) . '_' . encode($attachname))) {
$attachname = preg_replace('/^[^\\.]+/', $filename . $count++, $file['name']);
}
$file['name'] = $attachname;
require_once PLUGIN_DIR . 'attach.inc.php';
if (!exist_plugin('attach') or !function_exists('attach_upload')) {
return array('msg' => 'attach.inc.php not found or not correct version.');
}
$attach_filename = attachref_get_attach_filename($file);
$pass = isset($vars['pass']) ? md5($vars['pass']) : NULL;
$retval = attach_upload($file, $vars['refer'], $pass);
if ($retval['result'] == TRUE) {
$retval = attachref_insert_ref($attach_filename);
}
} else {
$retval = attachref_showform();
// XHTML 1.0 Transitional
if (!isset($pkwk_dtd) || $pkwk_dtd == PKWK_DTD_XHTML_1_1) {
$pkwk_dtd = PKWK_DTD_XHTML_1_0_TRANSITIONAL;
}
}
return $retval;
}
