function HandleThumbShoePostRename($pagename, $auth = 'edit') { global $WikiLibDirs; global $ThumbShoePageSep; global $HandleAuth, $UploadFileFmt, $LastModFile, $TimeFmt; $newname = $_REQUEST['newname']; if ($newname == '') { Abort("?no new image name"); } $newname = str_replace('.', '_', $newname); $newpage = $_REQUEST['newpage']; if ($newpage == '') { Abort("?no new image page"); } $newimgpage = $newpage . $ThumbShoePageSep . $newname; $tsdir = ''; foreach ((array) $WikiLibDirs as $dir) { if ($dir->exists($pagename) and $dir->iswrite) { $tsdir = $dir; break; } } if (!$tsdir) { Abort("Cannot rename {$pagename} to {$newimgpage}; cannot find page"); return; } ## check authorization if (!RetrieveAuthPage($newimgpage, $auth, TRUE, READPAGE_CURRENT)) { Abort("?cannot rename image page from {$pagename} to {$newimgpage}"); } $newnewpage = @$tsdir->rename($pagename, $newimgpage); if ($newnewpage) { Redirect($newnewpage); } }
function HandleRecipeCheck($pagename, $auth = 'admin') { global $RecipeListUrl, $Version, $RecipeInfo, $RecipeCheckFmt, $PageStartFmt, $PageEndFmt; $page = RetrieveAuthPage($pagename, $auth, true, READPAGE_CURRENT); if (!$page) { Abort('?admin access required'); } $cvinfo = GetRecipeList($RecipeListUrl); if (!$cvinfo) { $msg = "Unable to retrieve cookbook data from {$RecipeListUrl}\n"; $allow_url_fopen = ini_get('allow_url_fopen'); if (!$allow_url_fopen) { $msg .= "\n <br /><br />It appears that your PHP environment isn't allowing\n the recipelist to be downloaded from pmwiki.org \n (allow_url_fopen = {$allow_url_fopen})."; } Abort($msg); } $rinfo['PmWiki:Upgrades'] = $Version; ScanRecipeInfo('cookbook', $cvinfo); foreach ((array) $RecipeInfo as $r => $v) { if (!@$v['Version']) { continue; } $r = preg_replace('/^(?!PmWiki:)(Cookbook[.:])?/', 'Cookbook:', $r); $rinfo[$r] = $v['Version']; } $markup = "!!Recipe status for {\$PageUrl}\n" . RecipeTable($rinfo, $cvinfo); $html = MarkupToHTML($pagename, $markup); SDV($RecipeCheckFmt, array(&$PageStartFmt, $html, &$PageEndFmt)); PrintFmt($pagename, $RecipeCheckFmt); }
function ThumbShoeHandleDelete($pagename, $auth = 'delete') { global $WikiLibDirs, $WikiDir, $LastModFile; $page = RetrieveAuthPage($pagename, $auth, true, READPAGE_CURRENT); if (!$page) { Abort("?cannot delete {$pagename}"); return; } $deleted = false; foreach ((array) $WikiLibDirs as $dir) { if ($dir->exists($pagename) and $dir->iswrite) { $dir->delete($pagename); $deleted = true; break; } } if (!$deleted) { // look in the default WikiDir if ($WikiDir->exists($pagename)) { $WikiDir->delete($pagename); $deleted = true; } } if ($deleted && $LastModFile) { touch($LastModFile); fixperms($LastModFile); } Redirect($pagename); exit; }
function HandlePostUpload($pagename) { global $UploadVerifyFunction, $UploadFileFmt, $LastModFile; $page = RetrieveAuthPage($pagename, 'upload'); if (!$page) { Abort("?cannot upload to {$pagename}"); } $uploadfile = $_FILES['uploadfile']; $upname = $_REQUEST['upname']; if ($upname == '') { $upname = $uploadfile['name']; } $upname = MakeUploadName($pagename, $upname); if (!function_exists($UploadVerifyFunction)) { Abort('?no UploadVerifyFunction available'); } $filepath = FmtPageName("{$UploadFileFmt}/{$upname}", $pagename); $result = $UploadVerifyFunction($pagename, $uploadfile, $filepath); if ($result == '') { $filedir = preg_replace('#/[^/]*$#', '', $filepath); mkdirp($filedir); if (!move_uploaded_file($uploadfile['tmp_name'], $filepath)) { Abort("?cannot move uploaded file to {$filepath}"); return; } fixperms($filepath); if ($LastModFile) { touch($LastModFile); fixperms($LastModFile); } $result = "upresult=success"; } Redirect($pagename, "\$PageUrl?action=upload&upname={$upname}&{$result}"); }
/** * Fetch the projects page and pass of the parsing to the projects lib. */ function loadProjects() { $projectsPage = @RetrieveAuthPage('Projects.Featured', 'read', false, READPAGE_CURRENT); if (!$projectsPage || !is_array($projectsPage) || !isset($projectsPage['text'])) { return "No projects"; } return parseProjects($projectsPage['text']); }
function RetrievePageMarkup($pagelist) { foreach ($pagelist as $p) { if (PageExists($p)) { $page = RetrieveAuthPage($p, 'read', false, READPAGE_CURRENT); return array($page['text'], $page['title']); break; } } return null; }
function HandleGuestDelete($pagename, $auth) { global $WikiDir, $LastModFile; $page = RetrieveAuthPage($pagename, $auth, true, READPAGE_CURRENT); if (!$page) { Abort("?cannot delete {$pagename}"); return; } $WikiDir->delete($pagename); if ($LastModFile) { touch($LastModFile); fixperms($LastModFile); } Redirect(substr($pagename, 0, strlen($pagename) - 22)); }
function WikiGalleryThumbnail($pagename, $auth = "read") { global $WikiGallery_UseAuthorization, $WikiGalleryThumbProviders, $WikiGallery_DefaultGroup; // get filename if (!isset($_GET["image"])) { Abort('no image given'); } if (!isset($_GET["group"])) { $group = $WikiGallery_DefaultGroup; } else { $group = $_GET["group"]; } $path = WikiGallerySecurePath(urldecode($_GET["image"])); // group exists? if (!isset($WikiGalleryThumbProviders[$group])) { Abort("Invalid gallery group \"{$group}\" given"); } $provider =& $WikiGalleryThumbProviders[$group]; // get size $width = intval(@$_GET["width"]); $height = intval(@$_GET["height"]); if ($width < 0 || $width > 1600) { $width = 0; } if ($height < 0 || $height > 1200) { $height = 0; } $resizeMode = urldecode(@$_GET["mode"]); // check authorization $pagename = fileNameToPageName($path); if ($WikiGallery_UseAuthorization) { $page = RetrieveAuthPage($pagename, $auth, true, READPAGE_CURRENT); if (!$page) { Abort('?cannot read $pagename'); } PCache($pagename, $page); } // get image $provider->thumb($path, $width, $height, $resizeMode); exit; }
function HandleApprove($pagename) { global $ApproveUrlPattern, $WhiteUrlPatterns, $ApprovedUrlPagesFmt, $action; Lock(2); $page = ReadPage($pagename); $text = preg_replace('/[()]/', '', $page['text']); preg_match_all("/{$ApproveUrlPattern}/", $text, $match); ReadApprovedUrls($pagename); $addpat = array(); foreach ($match[0] as $a) { foreach ((array) $WhiteUrlPatterns as $pat) { if (preg_match("!^{$pat}(/|\$)!", $a)) { continue 2; } } if ($action == 'approvesites') { $a = preg_replace("!^([^:]+://[^/]+).*\$!", '$1', $a); } $addpat[] = $a; } if (count($addpat) > 0) { $aname = FmtPageName($ApprovedUrlPagesFmt[0], $pagename); $apage = RetrieveAuthPage($aname, 'edit'); if (!$apage) { Abort("?cannot edit {$aname}"); } $new = $apage; if (substr($new['text'], -1, 1) != "\n") { $new['text'] .= "\n"; } foreach ($addpat as $pat) { $new['text'] .= " {$pat}\n"; } $_REQUEST['post'] = 'y'; PostPage($aname, $apage, $new); } Redirect($pagename); }
function HandleUpgrade($pagename, $auth = 'ALWAYS') { global $SiteGroup, $SiteAdminGroup, $StatusPageName, $ScriptUrl, $AuthUserPageFmt, $VersionNum, $Version; StopWatch('HandleUpgrade: begin'); $message = ''; $done = ''; ## check for Site.* --> SiteAdmin.* foreach(array('AuthUser', 'NotifyList', 'Blocklist', 'ApprovedUrls') as $n) { $n0 = "$SiteGroup.$n"; $n1 = "$SiteAdminGroup.$n"; StopWatch("HandleUpgrade: checking $n0 -> $n1"); ## checking AuthUser is special, because Site.AuthUser comes with the ## distribution. if ($n == 'AuthUser') { ## if we already have a user-modified SiteAdmin.AuthUser, we can skip SDV($AuthUserPageFmt, '$SiteAdminGroup.AuthUser'); $n1 = FmtPageName($AuthUserPageFmt, $pagename); $page = ReadPage($n1, READPAGE_CURRENT); if (@$page['time'] > 1000000000) continue; ## if there's not a user-modified Site.AuthUser, we can skip $page = ReadPage($n0, READPAGE_CURRENT); if (@$page['time'] == 1000000000) continue; } else if (!PageExists($n0) || PageExists($n1)) continue; if (@$_REQUEST['migrate'] == 'yes') { ## if the admin wants PmWiki to migrate, do it. $page = RetrieveAuthPage($n0, 'admin', true); StopWatch("HandleUpgrade: copying $n0 -> $n1"); if ($page) { WritePage($n1, $page); $done .= "<li>Copied $n0 to $n1</li>"; continue; } } $message .= "<li>$n0 -> $n1</li>"; } if ($message) { $migrateurl = "$ScriptUrl?action=upgrade&migrate=yes"; $infourl = 'http://www.pmwiki.org/wiki/PmWiki/UpgradeToSiteAdmin'; $message = "<h2>Upgrade notice -- SiteAdmin group</h2> <p>This version of PmWiki expects several administrative pages from the <em>Site</em> group to be found in a new <em>SiteAdmin</em> group. On this site, the following pages appear to need to be relocated:</p> <ul>$message</ul> <p>For more information about this change, including the various options for proceeding, see</p> <blockquote><a target='_blank' href='$infourl'>$infourl</a></blockquote> <form action='$ScriptUrl' method='post'> <p>If you would like PmWiki to attempt to automatically copy these pages into their new <br /> locations for you, try <input type='hidden' name='action' value='upgrade' /> <input type='hidden' name='migrate' value='yes' /> <input type='submit' value='Relocate pages listed above' /> (admin password required) </p> </form> <p>If you want to configure PmWiki so that it continues to look for the above pages in <em>$SiteGroup</em>, add the following line near the top of <em>local/config.php</em>:</p> <blockquote><pre>\$SiteAdminGroup = \$SiteGroup;</pre></blockquote> $Version "; print $message; exit; } StopWatch("UpgradeCheck: writing $StatusPageName"); Lock(2); SDV($StatusPageName, "$SiteAdminGroup.Status"); $page = ReadPage($StatusPageName); $page['updatedto'] = $VersionNum; WritePage($StatusPageName, $page); if ($done) { $done .= "<li>Updated $StatusPageName</li>"; echo "<h2>Upgrade to $Version ... ok</h2><ul>$done</ul>"; $GLOBALS['EnableRedirect'] = 0; } Redirect($pagename); }
function HandleFeed($pagename, $auth = 'read') { global $FeedFmt, $action, $PCache, $FmtV, $ISOTimeFmt, $RSSTimeFmt, $FeedOpt, $FeedDescPatterns, $CategoryGroup, $EntitiesTable; SDV($ISOTimeFmt, '%Y-%m-%dT%H:%M:%SZ'); SDV($RSSTimeFmt, 'D, d M Y H:i:s \\G\\M\\T'); SDV($FeedDescPatterns, array('/<[^>]*$/' => ' ', '/\\w+$/' => '', '/<[^>]+>/' => '')); SDVA($FeedCategoryOpt, array('link' => $pagename, 'readf' => 1)); SDVA($FeedTrailOpt, array('trail' => $pagename, 'count' => 10, 'readf' => 1)); $f = $FeedFmt[$action]; $page = RetrieveAuthPage($pagename, $auth, true, READPAGE_CURRENT); if (!$page) { Abort("?cannot generate feed"); } $feedtime = $page['time']; # determine list of pages to display if (@($_REQUEST['trail'] || $_REQUEST['group'] || $_REQUEST['link'])) { $opt['readf'] = 1; } else { if ($action == 'dc') { $opt = array(); } else { if (preg_match("/^{$CategoryGroup}\\./", $pagename)) { $opt = $FeedCategoryOpt; } else { $opt = $FeedTrailOpt; } } } if (!$opt) { PCache($pagename, $page); $pagelist = array(&$PCache[$pagename]); } else { $opt = array_merge($opt, @$_REQUEST); $pagelist = MakePageList($pagename, $opt); } # process list of pages in feed $rdfseq = ''; foreach ($pagelist as $page) { $pn = $page['name']; if (!PageExists($pn)) { continue; } $pl[] = $pn; if (@$opt['count'] && count($pl) >= $opt['count']) { break; } $rdfseq .= FmtPageName("<rdf:li resource=\"\$PageUrl\" />\n", $pn); if ($page['time'] > $feedtime) { $feedtime = $page['time']; } } $pagelist = $pl; $FmtV['$FeedRDFSeq'] = $rdfseq; $FmtV['$FeedISOTime'] = gmstrftime($ISOTimeFmt, $feedtime); $FmtV['$FeedRSSTime'] = gmdate($RSSTimeFmt, $feedtime); # format start of feed $out = FmtPageName($f['feed']['_start'], $pagename); # format feed elements foreach ($f['feed'] as $k => $v) { if ($k[0] == '_' || !$v) { continue; } $x = FmtPageName($v, $pagename); if (!$x) { continue; } $out .= $v[0] == '<' ? $x : "<{$k}>{$x}</{$k}>\n"; } # format items in feed if (@$f['feed']['_items']) { $out .= FmtPageName($f['feed']['_items'], $pagename); } foreach ($pagelist as $pn) { $page =& $PCache[$pn]; $FmtV['$ItemDesc'] = @$page['description'] ? $page['description'] : trim(preg_replace(array_keys($FeedDescPatterns), array_values($FeedDescPatterns), @$page['excerpt'])); $FmtV['$ItemISOTime'] = gmstrftime($ISOTimeFmt, $page['time']); $out .= FmtPageName($f['item']['_start'], $pn); foreach ((array) @$f['item'] as $k => $v) { if ($k[0] == '_' || !$v) { continue; } if (is_callable($v)) { $out .= $v($pn, $page, $k); continue; } if (strpos($v, '$LastModifiedBy') !== false && !@$page['author']) { continue; } if (strpos($v, '$Category') !== false) { if (preg_match_all("/(?<=^|,){$CategoryGroup}\\.([^,]+)/", @$page['targets'], $match)) { foreach ($match[1] as $c) { $FmtV['$Category'] = $c; $out .= FmtPageName($v, $pn); } } continue; } $x = FmtPageName($v, $pn); if (!$x) { continue; } $out .= $v[0] == '<' ? $x : "<{$k}>{$x}</{$k}>\n"; } $out .= FmtPageName($f['item']['_end'], $pn); } $out .= FmtPageName($f['feed']['_end'], $pagename); foreach ((array) @$f['feed']['_header'] as $fmt) { header(FmtPageName($fmt, $pagename)); } print str_replace(array_keys($EntitiesTable), array_values($EntitiesTable), $out); }
function HandleDiff($pagename, $auth = 'read') { global $HandleDiffFmt, $PageStartFmt, $PageDiffFmt, $PageEndFmt; $page = RetrieveAuthPage($pagename, $auth, true); if (!$page) { Abort("?cannot diff {$pagename}"); } PCache($pagename, $page); SDV($HandleDiffFmt, array(&$PageStartFmt, &$PageDiffFmt, "<div id='wikidiff'>", 'function:PrintDiff', '</div>', &$PageEndFmt)); PrintFmt($pagename, $HandleDiffFmt); }
function HandlePostAttr($pagename) { global $PageAttributes, $EnablePostAttrClearSession; Lock(2); $page = RetrieveAuthPage($pagename, 'attr', true, READPAGE_CURRENT); if (!$page) { Abort("?unable to read {$pagename}"); } foreach ($PageAttributes as $attr => $p) { $v = @$_POST[$attr]; if ($v == '') { continue; } if ($v == 'clear') { unset($page[$attr]); } else { if (strncmp($attr, 'passwd', 6) != 0) { $page[$attr] = $v; } else { $a = array(); foreach (preg_split('/\\s+/', $v, -1, PREG_SPLIT_NO_EMPTY) as $pw) { $a[] = preg_match('/^\\w+:/', $pw) ? $pw : crypt($pw); } if ($a) { $page[$attr] = implode(' ', $a); } } } } WritePage($pagename, $page); Lock(0); if (IsEnabled($EnablePostAttrClearSession, 1)) { @session_start(); unset($_SESSION['authid']); $_SESSION['authpw'] = array(); } Redirect($pagename); exit; }
function HandlePostAttr($pagename, $auth = 'attr') { global $PageAttributes, $EnablePostAttrClearSession; Lock(2); $page = RetrieveAuthPage($pagename, $auth, true); if (!$page) { Abort("?unable to read {$pagename}"); } foreach ($PageAttributes as $attr => $p) { $v = stripmagic(@$_POST[$attr]); if ($v == '') { continue; } if ($v == 'clear') { unset($page[$attr]); } else { if (strncmp($attr, 'passwd', 6) != 0) { $page[$attr] = $v; } else { $a = array(); preg_match_all('/"[^"]*"|\'[^\']*\'|\\S+/', $v, $match); foreach ($match[0] as $pw) { $a[] = preg_match('/^\\w+:/', $pw) ? $pw : crypt(preg_replace('/^([\'"])(.*)\\1$/', '$2', $pw)); } if ($a) { $page[$attr] = implode(' ', $a); } } } } WritePage($pagename, $page); Lock(0); if (IsEnabled($EnablePostAttrClearSession, 1)) { @session_start(); unset($_SESSION['authid']); $_SESSION['authpw'] = array(); } Redirect($pagename); exit; }
function HandleSearchA($pagename, $level = 'read') { global $PageSearchForm, $FmtV, $HandleSearchFmt, $PageStartFmt, $PageEndFmt; SDV($HandleSearchFmt,array(&$PageStartFmt, '$PageText', &$PageEndFmt)); SDV($PageSearchForm, '$[{$SiteGroup}/Search]'); $form = RetrieveAuthPage($pagename, $level, true, READPAGE_CURRENT); if (!$form) Abort("?unable to read $pagename"); PCache($pagename, $form); $text = preg_replace('/\\[([=@])(.*?)\\1\\]/s', ' ', @$form['text']); if (!preg_match('/\\(:searchresults(\\s.*?)?:\\)/', $text)) foreach((array)$PageSearchForm as $formfmt) { $form = ReadPage(FmtPageName($formfmt, $pagename), READPAGE_CURRENT); if ($form['text']) break; } $text = @$form['text']; if (!$text) $text = '(:searchresults:)'; $FmtV['$PageText'] = MarkupToHTML($pagename,$text); PrintFmt($pagename, $HandleSearchFmt); }
function MakePageList($pagename, $opt) { global $MakePageListOpt, $SearchPatterns, $EnablePageListProtect, $PCache, $FmtV; StopWatch('MakePageList begin'); SDVA($MakePageListOpt, array('list' => 'default')); $opt = array_merge($MakePageListOpt, $opt); $readf = $opt['readf']; # we have to read the page if order= is anything but name $order = $opt['order']; $readf |= $order && $order != 'name' && $order != '-name'; $pats = (array) $SearchPatterns[$opt['list']]; if ($opt['group']) { array_unshift($pats, "/^({$opt['group']})\\./i"); } # inclp/exclp contain words to be included/excluded. $inclp = array(); $exclp = array(); foreach ((array) @$opt[''] as $i) { $inclp[] = '/' . preg_quote($i, '/') . '/i'; } foreach ((array) @$opt['+'] as $i) { $inclp[] = '/' . preg_quote($i, '/') . '/i'; } foreach ((array) @$opt['-'] as $i) { $exclp[] = '!' . preg_quote($i, '!') . '/i'; } $searchterms = count($inclp) + count($exclp); $readf += $searchterms; # forced read if incl/excl # link= (backlinks) if (@$opt['link']) { $linkpat = "/,{$opt['link']},/"; # find in target= attribute $readf = 1; # forced read } if (@$opt['trail']) { $trail = ReadTrail($pagename, $opt['trail']); foreach ($trail as $tstop) { $pn = $tstop['pagename']; $list[] = $pn; $tstop['parentnames'] = array(); PCache($pn, $tstop); } foreach ($trail as $tstop) { $PCache[$tstop['pagename']]['parentnames'][] = $trail[$tstop['parent']]['pagename']; } } else { $list = ListPages($pats); } if (IsEnabled($EnablePageListProtect, 0)) { $readf = 1000; } $matches = array(); $FmtV['$MatchSearched'] = count($list); foreach ((array) $list as $pn) { if ($readf) { $page = $readf == 1000 ? RetrieveAuthPage($pn, 'read', false, READPAGE_CURRENT) : ReadPage($pn, READPAGE_CURRENT); if (!$page) { continue; } if ($linkpat && !preg_match($linkpat, ",{$page['targets']},")) { continue; } if ($searchterms) { $text = $pn . "\n" . @$page['targets'] . "\n" . @$page['text']; foreach ($inclp as $i) { if (!preg_match($i, $text)) { continue 2; } } foreach ($exclp as $i) { if (preg_match($i, $text)) { continue 2; } } } $page['size'] = strlen(@$page['text']); } else { $page = array(); } $page['pagename'] = $page['name'] = $pn; PCache($pn, $page); $matches[] =& $PCache[$pn]; } SortPageList($matches, $order); StopWatch('MakePageList end'); return $matches; }
/** * Handle the .draw file format */ function HandlePostDrawing_draw($pagename) { global $UploadVerifyFunction, $UploadFileFmt, $LastModFile, $Now; global $RecentChangesFmt, $IsPagePosted, $EnableDrawingRecentChanges; $page = RetrieveAuthPage($pagename, 'upload'); if (!$page) { Abort("?cannot upload to {$pagename}"); } $uploadImage = $_FILES['uploadImage']; $uploadDrawing = $_FILES['uploadDrawing']; $uploadMap = $_FILES['uploadMap']; $drawingBaseTime = $_POST['drawingbasetime']; // The time the user began editing this drawing. $imageupname = $uploadImage['name']; $drawingupname = $uploadDrawing['name']; $mapupname = $uploadMap['name']; $imageupname = MakeUploadName($pagename, $imageupname); $drawingupname = MakeUploadName($pagename, $drawingupname); $mapupname = MakeUploadName($pagename, $mapupname); $imageFilePath = FmtPageName("{$UploadFileFmt}/{$imageupname}", $pagename); $drawingFilePath = FmtPageName("{$UploadFileFmt}/{$drawingupname}", $pagename); $mapFilePath = FmtPageName("{$UploadFileFmt}/{$mapupname}", $pagename); if (file_exists($drawingFilePath)) { // Only worth checking timestamps if a drawing actually currently exists! if (filemtime($drawingFilePath) > $drawingBaseTime) { // Assign a new timestamp to the client... hopefully this time they'll be ok... header("PmWikiDraw-DrawingChanged: {$Now}"); exit; } } // If we've got to here then we can assume its safe to overwrite the current file // Note: we should do the history archival/recent changes stuff here. if ($EnableDrawingRecentChanges == true && isset($_POST['drawingname'])) { $imageModified = $_POST['drawingname']; $RecentChangesFmt = array('Main.AllRecentChanges' => '* [[$Group/$Name]] Drawing - ' . $imageModified . ' modified . . . $CurrentTime', '$Group.RecentChanges' => '* [[$Group/$Name]] Drawing - ' . $imageModified . ' modified . . . $CurrentTime'); $IsPagePosted = true; $x = ""; $y = ""; PostRecentChanges($pagename, $x, $y); $IsPagePosted = false; } $filedir = preg_replace('#/[^/]*$#', '', $imageFilePath); mkdirp($filedir); if (!move_uploaded_file($uploadImage['tmp_name'], $imageFilePath)) { Abort("?cannot move uploaded image to {$imageFilePath}"); return; } fixperms($imageFilePath, 0444); if ($LastModFile) { touch($LastModFile); fixperms($LastModFile); } $filedir = preg_replace('#/[^/]*$#', '', $drawingFilePath); mkdirp($filedir); if (!move_uploaded_file($uploadDrawing['tmp_name'], $drawingFilePath)) { Abort("?cannot move uploaded drawing to {$drawingFilePath}"); return; } fixperms($drawingFilePath, 0444); if ($LastModFile) { touch($LastModFile); fixperms($LastModFile); } $filedir = preg_replace('#/[^/]*$#', '', $mapFilePath); mkdirp($filedir); if (!move_uploaded_file($uploadMap['tmp_name'], $mapFilePath)) { Abort("?cannot move uploaded map to {$mapFilePath}"); return; } fixperms($mapFilePath, 0444); if ($LastModFile) { touch($LastModFile); fixperms($LastModFile); } // Sets the drawingBaseTime header for incremental save support. header("PmWikiDraw-DrawingBaseTime: " . filemtime($drawingFilePath)); exit; }
function HandleSearchA($pagename, $level = 'read') { global $PageSearchForm, $FmtV, $HandleSearchFmt, $PageStartFmt, $PageEndFmt; SDV($HandleSearchFmt, array(&$PageStartFmt, '$PageText', &$PageEndFmt)); SDV($PageSearchForm, '$[$SiteGroup/Search]'); PCache($pagename, RetrieveAuthPage($pagename, 'read')); $form = ReadPage(FmtPageName($PageSearchForm, $pagename), READPAGE_CURRENT); $text = @$form['text']; if (!$text) { $text = '(:searchresults:)'; } $FmtV['$PageText'] = MarkupToHTML($pagename, $text); PrintFmt($pagename, $HandleSearchFmt); }
function HandleRss($pagename) { global $RssMaxItems, $RssSourceSize, $RssDescSize, $RssChannelFmt, $RssChannelDesc, $RssTimeFmt, $RssChannelBuildDate, $RssItemsRDFList, $RssItemsRDFListFmt, $RssItems, $RssItemFmt, $HandleRssFmt, $FmtV; $t = ReadTrail($pagename, $pagename); $page = RetrieveAuthPage($pagename, 'read', false); if (!$page) { Abort("?cannot read {$pagename}"); } $cbgmt = $page['time']; $r = array(); for ($i = 0; $i < count($t) && count($r) < $RssMaxItems; $i++) { if (!PageExists($t[$i]['pagename'])) { continue; } $page = RetrieveAuthPage($t[$i]['pagename'], 'read', false); Lock(0); if (!$page) { continue; } $text = MarkupToHTML($t[$i]['pagename'], substr($page['text'], 0, $RssSourceSize)); $text = entityencode(preg_replace("/<.*?>/s", "", $text)); preg_match("/^(.{0,{$RssDescSize}}\\s)/s", $text, $match); $r[] = array('name' => $t[$i]['pagename'], 'time' => $page['time'], 'desc' => $match[1] . " ...", 'author' => $page['author']); if ($page['time'] > $cbgmt) { $cbgmt = $page['time']; } } SDV($RssChannelBuildDate, entityencode(gmdate('D, d M Y H:i:s \\G\\M\\T', $cbgmt))); SDV($RssChannelDesc, entityencode(FmtPageName('$Group.$Title', $pagename))); foreach ($r as $page) { $FmtV['$RssItemPubDate'] = gmstrftime($RssTimeFmt, $page['time']); $FmtV['$RssItemDesc'] = $page['desc']; $FmtV['$RssItemAuthor'] = $page['author']; $RssItemsRDFList[] = entityencode(FmtPageName($RssItemsRDFListFmt, $page['name'])); $RssItems[] = entityencode(FmtPageName($RssItemFmt, $page['name'])); } header("Content-type: text/xml"); PrintFmt($pagename, $HandleRssFmt); exit; }
function HandleRss($pagename) { global $RssMaxItems, $RssSourceSize, $RssDescSize, $RssChannelFmt, $RssChannelDesc, $RssTimeFmt, $RssChannelBuildDate, $RssItemsRDFList, $RssItemsRDFListFmt, $RssItems, $RssItemFmt, $RssItemDesc, $RssItemPubDate, $GCount, $HandleRssFmt; $t = ReadTrail($pagename, $pagename); $page = RetrieveAuthPage($pagename, false); $cbgmt = $page['time']; $r = array(); for ($i = 0; $i < count($t) && count($r) < $RssMaxItems; $i++) { if (!PageExists($t[$i]['pagename'])) { continue; } $page = RetrieveAuthPage($t[$i]['pagename'], false); $text = MarkupToHTML($t[$i]['pagename'], substr($page['text'], 0, $RssSourceSize)); $text = rssencode(preg_replace("/<.*?>/s", "", $text)); preg_match("/^(.{0,{$RssDescSize}}\\s)/s", $text, $match); $r[] = array('name' => $t[$i]['pagename'], 'time' => $page['time'], 'desc' => $match[1] . " ..."); if ($page['time'] > $cbgmt) { $cbgmt = $page['time']; } } SDV($RssChannelBuildDate, rssencode(gmstrftime($RssTimeFmt, $cbgmt))); SDV($RssChannelDesc, rssencode(FmtPageName('$Group.$Title', $pagename))); foreach ($r as $page) { $RssItemPubDate = gmstrftime($RssTimeFmt, $page['time']); $RssItemDesc = $page['desc']; $GCount = 0; $RssItemsRDFList[] = rssencode(FmtPageName($RssItemsRDFListFmt, $page['name'])); $RssItems[] = rssencode(FmtPageName($RssItemFmt, $page['name'])); } header("Content-type: text/xml"); PrintFmt($pagename, $HandleRssFmt); exit; }
function FmtPageList($fmt, $pagename, $opt) { global $GroupPattern, $SearchPatterns, $FmtV, $FPLFunctions, $EnablePageListProtect; if (isset($_REQUEST['q']) && $_REQUEST['q'] == '') { $_REQUEST['q'] = "''"; } $opt = array_merge($opt, @$_REQUEST); $rq = htmlspecialchars(stripmagic(@$_REQUEST['q']), ENT_NOQUOTES); if (preg_match("!^({$GroupPattern}(\\|{$GroupPattern})*)?/!i", $rq, $match)) { $opt['group'] = @$match[1]; $rq = str_replace(@$match[1] . '/', '', $rq); } $needle = $opt['o'] . ' ' . $rq; $terms = preg_split('/((?<!\\S)[-+]?[\'"].*?[\'"](?!\\S)|\\S+)/', $needle, -1, PREG_SPLIT_DELIM_CAPTURE | PREG_SPLIT_NO_EMPTY); $excl = array(); $incl = array(); foreach ($terms as $t) { if (trim($t) == '') { continue; } if (preg_match('/^([^\'":=]*)[:=]([\'"]?)(.*?)\\2$/', $t, $match)) { $opt[$match[1]] = $match[3]; continue; } preg_match('/^([-+]?)([\'"]?)(.+?)\\2$/', $t, $match); if ($match[1] == '-') { $excl[] = $match[3]; } else { $incl[] = $match[3]; } } if (@$opt['req'] && !$incl && !$excl && !isset($_REQUEST['q'])) { return; } $show = isset($opt['list']) ? $opt['list'] : 'default'; $pats = (array) @$SearchPatterns[$show]; if (@$opt['group']) { array_unshift($pats, "/^({$opt['group']})\\./i"); } if (@$opt['trail']) { $t = ReadTrail($pagename, $opt['trail']); foreach ($t as $pagefile) { $pagelist[] = $pagefile['pagename']; } } else { $pagelist = ListPages($pats); } $matches = array(); $searchterms = count($excl) + count($incl); $plprotect = IsEnabled($EnablePageListProtect, 0); foreach ($pagelist as $pagefile) { if ($plprotect) { $page = RetrieveAuthPage($pagefile, 'read', false); } else { $page = ReadPage($pagefile); } Lock(0); if (!$page) { continue; } if ($searchterms) { $text = $pagefile . "\n" . @$page['text'] . "\n" . @$page['targets']; foreach ($excl as $t) { if (stristr($text, $t)) { continue 2; } } foreach ($incl as $t) { if (!stristr($text, $t)) { continue 2; } } } $matches[] = array('pagename' => $pagefile, 'size' => strlen(@$page['text']), 'author' => @$page['author'], 'time' => $page['time']); } sort($matches); $FmtV['$MatchCount'] = count($matches); $FmtV['$MatchSearched'] = count($pagelist); $FmtV['$Needle'] = $needle; $GLOBALS['SearchIncl'] = $incl; $GLOBALS['SearchExcl'] = $excl; $GLOBALS['SearchGroup'] = @$opt['group']; $fmtfn = @$FPLFunctions[$opt['fmt']]; if (!function_exists($fmtfn)) { $fmtfn = 'FPLByGroup'; } $FmtV['$MatchList'] = $fmtfn($pagename, $matches, $opt); return FmtPageName($fmt, $pagename); }
function HandleRefCount($pagename, $auth='read') { global $HandleRefCountFmt,$PageStartFmt,$PageEndFmt; $page = RetrieveAuthPage($pagename, $auth, true, READPAGE_CURRENT); if (!$page) Abort('?unauthorized'); PCache($pagename, $page); SDV($HandleRefCountFmt,array(&$PageStartFmt, 'function:PrintRefCount',&$PageEndFmt)); PrintFmt($pagename,$HandleRefCountFmt); }
function HandleSearchA($pagename, $level = 'read') { global $PageSearchForm, $FmtV, $HandleSearchFmt, $PageStartFmt, $PageEndFmt; SDV($HandleSearchFmt, array(&$PageStartFmt, '$PageText', &$PageEndFmt)); SDV($PageSearchForm, '$[$SiteGroup/Search]'); $form = RetrieveAuthPage($pagename, 'read', true, READPAGE_CURRENT); PCache($pagename, $form); if (!preg_match('/\\(:searchresults(\\s.*?)?:\\)/', $form['text'])) { foreach ((array) $PageSearchForm as $formfmt) { $form = ReadPage(FmtPageName($formfmt, $pagename), READPAGE_CURRENT); if ($form['text']) { break; } } } $text = @$form['text']; if (!$text) { $text = '(:searchresults:)'; } $FmtV['$PageText'] = MarkupToHTML($pagename, $text); PrintFmt($pagename, $HandleSearchFmt); }
function InputDefault($pagename, $type, $args) { global $InputValues, $PageTextVarPatterns, $PCache; $args = ParseArgs($args); $args[''] = (array) @$args['']; $name = isset($args['name']) ? $args['name'] : array_shift($args['']); $name = preg_replace('/^\\$:/', 'ptv_', $name); $value = isset($args['value']) ? $args['value'] : array_shift($args['']); if (!isset($InputValues[$name])) { $InputValues[$name] = $value; } if (@$args['request']) { $req = array_merge($_GET, $_POST); foreach ($req as $k => $v) { if (!isset($InputValues[$k])) { $InputValues[$k] = PHSC(stripmagic($v), ENT_NOQUOTES); } } } $source = @$args['source']; if ($source) { $source = MakePageName($pagename, $source); $page = RetrieveAuthPage($source, 'read', false, READPAGE_CURRENT); if ($page) { foreach ((array) $PageTextVarPatterns as $pat) { if (preg_match_all($pat, IsEnabled($PCache[$source]['=preview'], $page['text']), $match, PREG_SET_ORDER)) { foreach ($match as $m) { # if (!isset($InputValues['ptv_'.$m[2]])) PITS:01337 $InputValues['ptv_' . $m[2]] = PHSC(Qualify($source, $m[3]), ENT_NOQUOTES); } } } } } return ''; }
function HandlePostAttr($pagename) { global $PageAttributes; $page = RetrieveAuthPage($pagename, 'attr'); if (!$page) { Abort("?unable to read {$pagename}"); } foreach ($PageAttributes as $attr => $p) { $newpw = @$_POST[$attr]; if ($newpw == 'clear') { unset($page[$attr]); } else { if ($newpw > '') { $page[$attr] = crypt($newpw); } } } WritePage($pagename, $page); Redirect($pagename); exit; }
function UploadAuth($pagename, $auth, $cache=0){ global $GroupAttributesFmt, $EnableUploadGroupAuth; if (IsEnabled($EnableUploadGroupAuth,0)){ SDV($GroupAttributesFmt,'$Group/GroupAttributes'); $pn_upload = FmtPageName($GroupAttributesFmt, $pagename); } else $pn_upload = $pagename; $page = RetrieveAuthPage($pn_upload, $auth, true, READPAGE_CURRENT); if(!$page) Abort("?No '$auth' permissions for $pagename"); if($cache) PCache($pn_upload,$page); return true; }
function HandleLoginA($pagename, $auth = 'login') { global $AuthId, $DefaultPasswords; unset($DefaultPasswords['admin']); $prompt = @(!$_POST['authpw'] || ($AuthId != $_POST['authid'])); $page = RetrieveAuthPage($pagename, $auth, $prompt, READPAGE_CURRENT); Redirect($pagename); }
function HandlePostAttr($pagename) { global $PageAttributes, $EnablePostAttrClearSession; $page = RetrieveAuthPage($pagename, 'attr'); if (!$page) { Abort("?unable to read {$pagename}"); } foreach ($PageAttributes as $attr => $p) { $newpw = @$_POST[$attr]; if ($newpw == 'clear') { unset($page[$attr]); } else { if ($newpw > '') { $page[$attr] = crypt($newpw); } } } WritePage($pagename, $page); if (IsEnabled($EnablePostAttrClearSession, 1)) { $_SESSION['authpw'] = array(); } Redirect($pagename); exit; }
function HandlePostUpload($pagename, $auth = 'upload') { global $UploadVerifyFunction, $UploadFileFmt, $LastModFile, $EnableUploadVersions, $Now; $page = RetrieveAuthPage($pagename, $auth, true, READPAGE_CURRENT); if (!$page) Abort("?cannot upload to $pagename"); $uploadfile = $_FILES['uploadfile']; $upname = $_REQUEST['upname']; if ($upname=='') $upname=$uploadfile['name']; $upname = MakeUploadName($pagename,$upname); if (!function_exists($UploadVerifyFunction)) Abort('?no UploadVerifyFunction available'); $filepath = FmtPageName("$UploadFileFmt/$upname",$pagename); $result = $UploadVerifyFunction($pagename,$uploadfile,$filepath); if ($result=='') { $filedir = preg_replace('#/[^/]*$#','',$filepath); mkdirp($filedir); if (IsEnabled($EnableUploadVersions, 0)) @rename($filepath, "$filepath,$Now"); if (!move_uploaded_file($uploadfile['tmp_name'],$filepath)) { Abort("?cannot move uploaded file to $filepath"); return; } fixperms($filepath,0444); if ($LastModFile) { touch($LastModFile); fixperms($LastModFile); } $result = "upresult=success"; } Redirect($pagename,"{\$PageUrl}?action=upload&uprname=$upname&$result"); }
function InputDefault($pagename, $type, $args) { global $InputValues, $PageTextVarPatterns; $args = ParseArgs($args); $args[''] = (array)@$args['']; $name = (isset($args['name'])) ? $args['name'] : array_shift($args['']); $name = str_replace('/^\\$:/', 'ptv_', $name); $value = (isset($args['value'])) ? $args['value'] : array_shift($args['']); if (!isset($InputValues[$name])) $InputValues[$name] = $value; if (@$args['request']) { $req = array_merge($_GET, $_POST); foreach($req as $k => $v) if (!isset($InputValues[$k])) $InputValues[$k] = htmlspecialchars(stripmagic($v), ENT_NOQUOTES); } $source = @$args['source']; if ($source) { $source = MakePageName($pagename, $source); $page = RetrieveAuthPage($source, 'read', false, READPAGE_CURRENT); if ($page) { foreach((array)$PageTextVarPatterns as $pat) if (preg_match_all($pat, $page['text'], $match, PREG_SET_ORDER)) foreach($match as $m) if (!isset($InputValues['ptv_'.$m[1]])) $InputValues['ptv_'.$m[2]] = htmlspecialchars(Qualify($source, $m[3]), ENT_NOQUOTES); } } return ''; }