include_once "{$lib}/class/file.php";
include_once "{$lib}/share/errorimage.php";
include_once "{$lib}/share/string.php";
// Dump the specified file into the data stream.
function dumpFile($file, $type)
{
header("Content-Type: {$type}");
header("Accept-Ranges: bytes");
header("Content-Length: " . filesize($file));
readfile($file);
exit;
}
// Sanity check:
$_REQUEST['file'] = pieGetOption(@$_REQUEST['file']);
$file = new File();
if (!$file->isValidName($_REQUEST['file'])) {
pieErrorImage();
}
if (!$file->exists($_REQUEST['file'])) {
pieErrorImage();
}
$_REQUEST['stamp'] = abs(intval(@$_REQUEST['stamp']));
$_REQUEST['size'] = abs(intval(@$_REQUEST['size']));
if (!$file->read($_REQUEST['file'], $_REQUEST['stamp'])) {
pieErrorImage();
}
// Check for alias:
while ($file->meta['type'] == "alias") {
if ($GLOBALS['pie']['auto_redirect']) {
header("Location: " . pieMakeString($GLOBALS['pie']['redirect_media_url'], array('file' => rawurlencode($file->meta['original']))));
exit;
function importPage($name, $source, $meta)
{
$page = new Page();
$file = new File();
$user = new User();
if ($_REQUEST['group']) {
$name = $_REQUEST['group'] . $GLOBALS['pie']['group_delimiter'] . $name;
}
if ($meta['user']) {
// Old style author.
$meta['author'] = $meta['user'];
unset($meta['user']);
}
// User mapping.
if (!$meta['author'] && $_REQUEST['author']) {
$meta['author'] = $_REQUEST['author'];
}
if (!$user->exists($meta['author']) && $_REQUEST['author']) {
$meta['author'] = $_REQUEST['author'];
}
if ($meta['links']) {
// Old style links.
$links = explode(" ", $meta['links']);
$p = array();
$f = array();
foreach ($links as $i) {
if ($file->isValidName($i)) {
$f[] = $i;
} else {
$p[] = $i;
}
}
if (count($p)) {
$meta['pages'] = implode(" ", $p);
}
if (count($f)) {
$meta['files'] = implode(" ", $f);
}
}
// Adapt character encoding.
if ($_REQUEST['contentencoding']) {
$page->source = mb_convert_encoding($source, "UTF-8", $_REQUEST['contentencoding']);
} else {
$page->source = $source;
}
if ($_REQUEST['contentencoding'] && $meta['comment']) {
$meta['comment'] = mb_convert_encoding($meta['comment'], "UTF-8", $_REQUEST['contentencoding']);
}
if ($_REQUEST['contentencoding'] && $meta['title']) {
$meta['title'] = mb_convert_encoding($meta['title'], "UTF-8", $_REQUEST['contentencoding']);
}
if ($_REQUEST['contentencoding'] && $meta['pages']) {
$meta['pages'] = mb_convert_encoding($meta['pages'], "UTF-8", $_REQUEST['contentencoding']);
}
if ($_REQUEST['contentencoding'] && $meta['files']) {
$meta['files'] = mb_convert_encoding($meta['files'], "UTF-8", $_REQUEST['contentencoding']);
}
// Adapt delimiters of alternate text in links.
if ($_REQUEST['delimiter']) {
$page->source = preg_replace('/(\\[\\[\\S+)\\s+([^\\[\\]]+\\]\\])/', '$1' . $GLOBALS['pie']['link_text_delimiter'] . '$2', $page->source);
}
$page->name = $name;
$page->meta = $meta;
return $page->write(false);
}
// Determine the state of operation depending on the provided input.
unset($original);
unset($alias);
if (@$_REQUEST['page']) {
$_REQUEST['page'] = pieGetOption($_REQUEST['page']);
$original = $_REQUEST['page'];
$resource = new Page();
if (!$resource->isValidName($original)) {
pieError("PageNameInvalid");
}
$context = 'page';
} elseif (@$_REQUEST['file']) {
$_REQUEST['file'] = pieGetOption($_REQUEST['file']);
$original = $_REQUEST['file'];
$resource = new File();
if (!$resource->isValidName($original)) {
pieError("FileNameInvalid");
}
$context = 'file';
} else {
pieError("ActionInvalid");
}
// Verify the alias:
if (@$_REQUEST['alias']) {
$_REQUEST['alias'] = pieGetOption($_REQUEST['alias']);
$_REQUEST['alias'] = pieBeautifyName($_REQUEST['alias']);
$alias = $_REQUEST['alias'];
if (!$resource->isValidName($alias)) {
pieError("AliasNameInvalid");
}
}
pieError("PageNotFound");
}
if (!$resource->read($_REQUEST['page'], 0)) {
pieError("SourceReadError");
}
if ($resource->meta['type'] == "alias") {
pieError("AliasRedirect", array('page' => htmlspecialchars($resource->meta['original']), 'alias' => htmlspecialchars($_REQUEST['page'])));
}
$context = 'page';
$history = $resource->history($_REQUEST['page']);
} elseif (@$_REQUEST['file']) {
// Preparations for files.
$_REQUEST['file'] = pieGetOption($_REQUEST['file']);
$resource = new File();
$resource->name = $_REQUEST['file'];
if (!$resource->isValidName($_REQUEST['file'])) {
pieError("FileNameInvalid");
}
if (!$resource->exists($_REQUEST['file'])) {
pieError("FileNotFound");
}
if (!$resource->read($_REQUEST['file'], 0)) {
pieError("FileReadError");
}
if ($resource->meta['type'] == "alias") {
pieError("AliasRedirect", array('file' => htmlspecialchars($resource->meta['original']), 'alias' => htmlspecialchars($_REQUEST['file'])));
}
$context = 'file';
$history = $resource->history($_REQUEST['file']);
} else {
pieError("PageNotFound");
$a = $m[1] * 1048576;
}
$b = ini_get("upload_max_filesize");
if (preg_match('/^(\\d+)[Mm]$/', $b, $m)) {
$b = $m[1] * 1048576;
}
$a = min($a, $b);
$b = pieMakeSize($a);
$data = array('maxsize' => $a, 'uploadsize' => $b);
if (@$_REQUEST['create']) {
$data['append'] = 'checked="checked" disabled="disabled" ';
} else {
$data['append'] = 'checked="checked" ';
}
$data['comment'] = $GLOBALS['pie']['locale']->key("InitialVersion");
if ($file->isValidName($name)) {
// A file name is being provided.
$name = pieBeautifyName($name);
if ($file->exists($name)) {
// An update of an existing file.
$file->read($name, 0);
if ($file->meta['author'] != $GLOBALS['pie']['user']) {
$data['append'] = 'checked="checked" disabled="disabled" ';
}
if ($file->meta['comment']) {
$data['comment'] = htmlspecialchars($file->meta['comment']);
} else {
unset($data['comment']);
}
}
}
if (!$object->isValidName($target)) {
pieError("PageNameInvalid");
}
if (!$object->exists($target)) {
pieError("PageNotFound");
}
if (!$object->read($target, 0)) {
pieError("SourceReadError");
}
// Lock the page.
if (!$object->lock($GLOBALS['pie']['user'])) {
pieError("PageLockError");
}
} elseif ($context == "file") {
$object = new File();
if (!$object->isValidName($target)) {
pieError("FileNameInvalid");
}
if (!$object->exists($target)) {
pieError("FileNotFound");
}
if (!$object->read($target, 0)) {
pieError("FileReadError");
}
} else {
pieError("ActionInvalid");
}
// Check permissions to delete the resource:
$history = $object->history($object->name);
if (@$_REQUEST['approve']) {
// The user asked to delete the resource, no matter what.
if (!$object->isValidName($source)) {
pieError("PageNameInvalid");
}
if (!$object->exists($source)) {
pieError("PageNotFound");
}
if (!$object->read($source, 0)) {
pieError("SourceReadError");
}
// Lock the page.
if (!$object->lock($GLOBALS['pie']['user'])) {
pieError("PageLockError");
}
} elseif ($context == "file") {
$object = new File();
if (!$object->isValidName($source)) {
pieError("FileNameInvalid");
}
if (!$object->exists($source)) {
pieError("FileNotFound");
}
if (!$object->read($source, 0)) {
pieError("FileReadError");
}
} else {
pieError("ActionInvalid");
}
// Validate the destination:
if (!isset($_REQUEST['newname'])) {
pieError("RenameForm", array('source' => $source));
}
pieHead();
// Verify the input.
if (@$_REQUEST['page'] && !@$_REQUEST['file']) {
$resource = pieGetOption($_REQUEST['page']);
$page = new Page();
if (!$page->isValidName($resource)) {
pieError("PageNameInvalid");
}
if (!$page->exists($resource)) {
pieError("PageNotFound");
}
$context = "page";
} elseif (@$_REQUEST['file'] && !@$_REQUEST['page']) {
$resource = pieGetOption($_REQUEST['file']);
$file = new File();
if (!$file->isValidName($resource)) {
pieError("FileNameInvalid");
}
if (!$file->exists($resource)) {
pieError("FileNotFound");
}
$context = "file";
} else {
pieError("ActionInvalid");
}
// Build the referer list.
if (($referers = pieRefererList($resource, $context)) === false) {
pieError("RefererError");
}
// Present the result.
if (!count($referers)) {
function checkFiles($list)
{
$f = new File();
$num = 0;
foreach ($list as $file) {
$name = decodeName($file);
$name = preg_replace('/\\s+\\d+$/', "", $name);
if (!$f->isValidName($name)) {
pieError("InvalidName", array('file' => htmlspecialchars($name)));
}
if ($f->exists($name)) {
pieError("FileExists", array('file' => htmlspecialchars($name)));
}
$num++;
}
return $num;
}
