function do_post_savepage($formatter, $options)
{
global $DBInfo;
if ($_SERVER['REQUEST_METHOD'] != 'POST' || !$DBInfo->security->writable($options)) {
$options['title'] = _("Page is not writable");
$options['button_preview'] = 1;
// force preview
}
if (isset($_FILES['upfile']) and is_array($_FILES) or isset($options['MYFILES']) and is_array($options['MYFILES'])) {
$retstr = false;
$options['retval'] =& $retstr;
include_once 'plugin/UploadFile.php';
do_uploadfile($formatter, $options);
}
$savetext = $options['savetext'];
$datestamp = $options['datestamp'];
$hash = $options['hash'];
$button_preview = !empty($options['button_preview']) ? 1 : 0;
if ($button_preview) {
$formatter->preview = 1;
}
$button_merge = !empty($options['button_merge']) ? 1 : 0;
$button_merge = !empty($options['manual_merge']) ? 2 : $button_merge;
$button_merge = !empty($options['force_merge']) ? 3 : $button_merge;
$button_diff = !empty($options['button_changes']) ? 1 : 0;
if ($button_diff) {
$button_preview = 1;
}
$savetext = preg_replace("/\r\n|\r/", "\n", $savetext);
$savetext = _stripslashes($savetext);
$comment = _stripslashes($options['comment']);
$comment = trim($comment);
$section_savetext = '';
if (isset($options['section'])) {
if ($formatter->page->exists()) {
$sections = _get_sections($formatter->page->get_raw_body());
if ($sections[$options['section']]) {
if (substr($savetext, -1) != "\n") {
$savetext .= "\n";
}
$sections[$options['section']] = $savetext;
}
$section_savetext = $savetext;
$savetext = implode('', $sections);
}
}
if ($savetext and $savetext[strlen($savetext) - 1] != "\n") {
$savetext .= "\n";
}
$new = md5($savetext);
$menu = $formatter->link_to("#editor", _("Goto Editor"), ' class="preview-anchor"');
$diff = '';
if ($formatter->page->exists()) {
# check difference
$body = $formatter->page->get_raw_body();
$body = preg_replace("/\r\n|\r/", "\n", $body);
$orig = md5($body);
if ($orig == $new) {
// same text. just update datestamp
unset($options['datestamp']);
$datestamp = $formatter->page->mtime();
}
# check datestamp
if ($formatter->page->mtime() > $datestamp) {
$options['msg'] = sprintf(_("Someone else saved the page while you edited %s"), $formatter->link_tag($formatter->page->urlname, "", _html_escape($options['page'])));
$options['preview'] = 1;
$options['conflict'] = 1;
if ($button_merge) {
$options['msg'] = sprintf(_("%s is merged with latest contents."), $formatter->link_tag($formatter->page->urlname, "", _html_escape($options['page'])));
$options['title'] = sprintf(_("%s is merged successfully"), _html_escape($options['page']));
$merge = $formatter->get_merge($savetext);
if (preg_grep('/^<<<<<<<$/', explode("\n", $merge))) {
$options['conflict'] = 2;
$options['title'] = sprintf(_("Merge conflicts are detected for %s !"), _html_escape($options['page']));
$options['msg'] = sprintf(_("Merge cancelled on %s."), $formatter->link_tag($formatter->page->urlname, "", _html_escape($options['page'])));
$merge = preg_replace('/^>>>>>>>$/m', "=== /!\\ >>>>>>> " . _("NEW") . ' ===', $merge);
$merge = preg_replace('/^<<<<<<<$/m', "=== /!\\ <<<<<<< " . _("OLD") . ' ===', $merge);
$merge = preg_replace('/^=======$/m', "=== ======= ===", $merge);
if ($button_merge > 1) {
unset($options['datestamp']);
unset($options['section']);
unset($section_savetext);
$datestamp = $formatter->page->mtime();
$options['conflict'] = 0;
if ($button_merge == 2) {
$options['title'] = sprintf(_("Get merge conflicts for %s"), _html_escape($options['page']));
$options['msg'] = sprintf(_("Please resolve conflicts manually."));
if ($merge) {
$savetext = $merge;
}
} else {
$options['title'] = sprintf(_("Force merging for %s !"), _html_escape($options['page']));
$options['msg'] = sprintf(_("Please be careful, you could damage useful information."));
}
}
} else {
$options['conflict'] = 0;
if ($merge) {
// successfully merged. reset datestamp
$savetext = $merge;
unset($options['datestamp']);
$datestamp = $formatter->page->mtime();
}
}
$button_preview = 1;
} else {
$options['title'] = _("Conflict error!");
$button_preview = 1;
}
if ($options['conflict'] and !empty($merge)) {
$diff = $formatter->get_diff($merge);
} else {
$diff = $formatter->get_diff($savetext);
}
// get diff
} else {
if ($datestamp > time()) {
$options['msg'] = sprintf(_("Go back or return to %s"), $formatter->link_tag($formatter->page->urlname, "", _html_escape($options['page'])));
$formatter->send_header("", $options);
$formatter->send_title(_("Invalid access"), "", $options);
$formatter->send_footer();
return;
} else {
if (!empty($DBInfo->use_savepage_hash)) {
// check hash
$ticket = getTicket($datestamp . $DBInfo->user->id, $_SERVER['REMOTE_ADDR']);
if ($hash != md5($ticket)) {
$formatter->send_header("", $options);
$formatter->send_title(_("Invalid access"), "", $options);
$formatter->send_footer();
return;
}
}
}
}
}
if (empty($button_preview) && !empty($orig) && $orig == $new) {
$options['msg'] = sprintf(_("Go back or return to %s"), $formatter->link_tag($formatter->page->urlname, "", _html_escape($options['page'])));
$formatter->send_header("", $options);
$formatter->send_title(_("No difference found"), "", $options);
$formatter->send_footer();
return;
}
if ($comment && (function_exists('mb_strlen') and mb_strlen($comment, $DBInfo->charset) > 256) or strlen($comment) > 256) {
//$options['msg']=sprintf(_("Go back or return to %s"),$formatter->link_tag($formatter->page->urlname,"",_html_escape($options['page'])));
$options['title'] = _("Too long Comment");
$button_preview = 1;
}
// XXX captcha
$use_any = 0;
if (!empty($DBInfo->use_textbrowsers)) {
if (is_string($DBInfo->use_textbrowsers)) {
$use_any = preg_match('/' . $DBInfo->use_textbrowsers . '/', $_SERVER['HTTP_USER_AGENT']) ? 1 : 0;
} else {
$use_any = preg_match('/Lynx|w3m|links/', $_SERVER['HTTP_USER_AGENT']) ? 1 : 0;
}
}
$ok_ticket = 0;
if (!$button_preview and !$use_any and !empty($DBInfo->use_ticket) and $options['id'] == 'Anonymous') {
if ($options['__seed'] and $options['check']) {
$mycheck = getTicket($options['__seed'], $_SERVER['REMOTE_ADDR'], 4);
if ($mycheck == $options['check']) {
$ok_ticket = 1;
} else {
$options['msg'] = _("Invalid ticket !");
$button_preview = 1;
}
} else {
if (!$button_preview) {
$options['msg'] = _("You need a ticket !");
}
$button_preview = 1;
}
} else {
$ok_ticket = 1;
}
// XXX
if (!$button_preview and $DBInfo->spam_filter) {
$text = $savetext;
$fts = preg_split('/(\\||,)/', $DBInfo->spam_filter);
foreach ($fts as $ft) {
$text = $formatter->filter_repl($ft, $text, $options);
}
if ($text != $savetext) {
$button_preview = 1;
$options['msg'] = _("Sorry, can not save page because some messages are blocked in this wiki.");
} else {
if ($options['id'] == 'Anonymous' and !empty($comment) and !empty($DBInfo->spam_comment_filter)) {
// comment filter for anonymous users
$cmt = $comment;
$fts = preg_split('/(\\||,)/', $DBInfo->spam_comment_filter);
// bad comments file
$options['.badcontents'] = !empty($DBInfo->comments_badcontents) ? $DBInfo->comments_badcontents : null;
foreach ($fts as $ft) {
$cmt = $formatter->filter_repl($ft, $cmt, $options);
}
if ($cmt != $comment) {
$button_preview = 1;
$options['msg'] = _("Sorry, can not save page because some messages are blocked in this wiki.");
}
}
}
}
$formatter->page->set_raw_body($savetext);
// check license agreement
$ok_agreement = true;
if (!empty($DBInfo->use_agreement)) {
if ($options['id'] != 'Anonymous') {
$ok_agreement = !empty($DBInfo->user->info['join_agreement']) && $DBInfo->user->info['join_agreement'] == 'agree';
if ($ok_agreement && !empty($DBInfo->agreement_version)) {
$ok_agreement = $DBInfo->user->info['join_agreement_version'] == $DBInfo->agreement_version;
}
} else {
$ok_agreement = false;
}
}
if (empty($button_preview) && !$ok_agreement && empty($options['license_agree'])) {
$button_preview = 1;
if ($options['id'] == 'Anonymous') {
$options['msg'] = _("Anonymous user have to agree the contribution agreement for this wiki.");
} else {
$options['msg'] = _("Sorry, you have to agree the contribution agreement or the join agreement of this wiki.");
}
}
// check full permission to edit
$full_permission = true;
if (!empty($DBInfo->no_full_edit_permission) or $options['id'] == 'Anonymous' && !empty($DBInfo->anonymous_no_full_edit_permission)) {
$full_permission = false;
}
// members always have full permission to edit
if (in_array($options['id'], $DBInfo->members)) {
$full_permission = true;
}
$minorfix = false;
$options['editinfo'] = array();
if (!$full_permission || !empty($DBInfo->use_abusefilter)) {
// get diff
if (!isset($diff[0])) {
$diff = $formatter->get_diff($savetext);
}
// get total line numbers
// test \n or \r or \r\n
$crlf = "\n";
if (preg_match("/(\r|\r\n|\n)\$/", $body, $match)) {
$crlf = $match[1];
}
// count crlf
$nline = substr_count($body, $crlf);
// count diff lines, chars
$changes = diffcount_lines($diff, $DBInfo->charset);
// set return values
$added = $changes[0];
$deleted = $changes[1];
$added_chars = $changes[2];
$deleted_chars = $changes[3];
// check minorfix
$minorfix = $changes[4];
$editinfo = array('add_lines' => $added, 'del_lines' => $deleted, 'add_chars' => $added_chars, 'del_chars' => $deleted_chars);
$options['editinfo'] = $editinfo;
if (!$button_diff) {
$diff = '';
}
}
if (!$full_permission) {
$restricted = false;
$delete_lines_restricted_ratio = !empty($DBInfo->allowed_max_lines_delete_ratio) ? $DBInfo->allowed_max_lines_delete_ratio : 0.5;
if ($deleted > 0 && $deleted / $nline > $delete_lines_restricted_ratio) {
$restricted = true;
}
// check the maximum number of characters allowed to add/delete
$max_chars_add = !empty($DBInfo->allowed_max_chars_add) ? $DBInfo->allowed_max_chars_add : 300;
$max_chars_del = !empty($DBInfo->allowed_max_chars_delete) ? $DBInfo->allowed_max_chars_delete : 180;
if (!$restricted && ($added_chars > $max_chars_add || $deleted_chars > $max_chars_del)) {
$restricted = true;
}
if ($restricted) {
$options['title'] = _("You do not have full permission to edit this page on this wiki.");
if ($options['id'] == 'Anonymous') {
$options['msg'] = _("Anonymous user is restricted to delete a lot amount of page on this wiki.");
} else {
$options['msg'] = _("You are restricted to delete a lot amount of page on this wiki.");
}
$button_preview = true;
}
}
if ($button_preview) {
if (empty($options['title'])) {
$options['title'] = sprintf(_("Preview of %s"), _html_escape($options['page']));
}
// http://stackoverflow.com/questions/1547884
$header = '';
if (!empty($DBInfo->preview_no_xss_protection)) {
$header = 'X-XSS-Protection: 0';
}
$formatter->send_header($header, $options);
$formatter->send_title("", "", $options);
$options['preview'] = 1;
$options['datestamp'] = $datestamp;
$savetext = $section_savetext ? $section_savetext : $savetext;
$options['savetext'] = $savetext;
$formatter->preview = 1;
$has_form = false;
$options['has_form'] =& $has_form;
$options['.minorfix'] = $minorfix;
print '<div id="editor_area_wrap">' . macro_EditText($formatter, '', $options);
echo $formatter->get_javascripts();
if ($has_form and !empty($DBInfo->use_jsbuttons)) {
$msg = _("Save");
$onclick = ' onclick="submit_all_forms()"';
$onclick1 = ' onclick="check_uploadform(this)"';
echo "<div id='save-buttons'>\n";
echo "<button type='button'{$onclick} tabindex='10'><span>{$msg}</span></button>\n";
echo "<button type='button'{$onclick1} tabindex='11' name='button_preview' value='1'><span>" . _("Preview") . '</span></button>';
if ($formatter->page->exists()) {
echo "\n<button type='button'{$onclick1} tabindex='12' name='button_changes' value='1'><span>" . _("Show changes") . '</span></button>';
}
if ($button_preview) {
echo ' ' . $formatter->link_to('#preview', _("Skip to preview"), ' class="preview-anchor"');
}
echo "</div>\n";
}
print '</div>';
# XXX
print $DBInfo->hr;
print $menu;
if ($button_diff and !isset($diff[0])) {
$diff = $formatter->get_diff($options['section'] ? implode('', $sections) : $savetext);
// get diff
// strip diff header
if (($p = strpos($diff, '@@')) !== false) {
$diff = substr($diff, $p);
}
}
if (isset($diff[0])) {
echo "<div id='wikiDiffPreview'>\n";
echo $formatter->processor_repl('diff', $diff, $options);
//echo $formatter->macro_repl('Diff','',array('text'=>$diff,'type'=>'fancy'));
echo "</div>\n";
}
print "<div id='wikiPreview'>\n";
#$formatter->preview=1;
$formatter->send_page($savetext);
$formatter->preview = 0;
print $DBInfo->hr;
print "</div>\n";
print $menu;
} else {
// check minorfix
$options['.minorfix'] = $minorfix;
if (empty($DBInfo->use_autodetect_minoredit)) {
unset($options['.minorfix']);
}
if (!empty($options['category'])) {
$savetext .= "----\n[[" . $options['category'] . "]]\n";
}
$options['minor'] = !empty($DBInfo->use_minoredit) ? $options['minor'] : 0;
if ($options['minor']) {
$user = $DBInfo->user;
# get from COOKIE VARS
if ($DBInfo->owners and in_array($user->id, $DBInfo->owners)) {
$options['minor'] = 1;
} else {
$options['minor'] = 0;
}
}
$formatter->page->write($savetext);
$retval = array();
$options['retval'] =& $retval;
$ret = $DBInfo->savePage($formatter->page, $comment, $options);
if ($ret != -1 and $DBInfo->notify and $options['minor'] != 1) {
$options['noaction'] = 1;
if (!function_exists('mail')) {
$options['msg'] = sprintf(_("mail does not supported by default.")) . "<br />";
} else {
$ret2 = wiki_notify($formatter, $options);
if ($ret2) {
$options['msg'] = sprintf(_("Sent notification mail.")) . "<br />";
} else {
$options['msg'] = sprintf(_("No subscribers found.")) . "<br />";
}
}
}
if ($ret == -1) {
if (!empty($options['retval']['msg'])) {
$msg = $options['retval']['msg'];
} else {
$msg = sprintf(_("%s is not editable"), $formatter->link_tag($formatter->page->urlname, "", _html_escape($options['page'])));
}
$options['title'] = $msg;
} else {
$options['title'] = sprintf(_("%s is saved"), $formatter->link_tag($formatter->page->urlname, "?action=show", _html_escape($options['page'])));
}
$myrefresh = '';
if (!empty($DBInfo->use_save_refresh)) {
$lnk = $formatter->link_url($formatter->page->urlname, "?action=show");
if (!empty($options['section'])) {
$lnk .= '#sect-' . $options['section'];
}
if ($DBInfo->use_save_refresh > 0 || $ret == -1) {
$sec = $DBInfo->use_save_refresh - 1;
if ($sec < 0) {
$sec = 3;
}
$myrefresh = 'Refresh: ' . $sec . '; url=' . qualifiedURL($lnk);
} else {
$myrefresh = array('Status: 302', 'Location: ' . qualifiedURL($lnk));
}
}
$formatter->send_header($myrefresh, $options);
if (is_array($myrefresh)) {
return;
}
$formatter->send_title("", "", $options);
$opt['pagelinks'] = 1;
$opt['refresh'] = 1;
$formatter->page->pi = null;
// call get_instruction() again
# re-generates pagelinks
print "<div id='wikiContent'>\n";
$formatter->send_page("", $opt);
print "</div>\n";
}
$args['editable'] = 0;
$formatter->send_footer($args, $options);
}
function do_man_get($formatter, $options)
{
global $DBInfo;
$supported = array('C', 'bg', 'de', 'en', 'fr', 'hu', 'ja', 'pt', 'ru', 'sr', 'cs', 'de_DE', 'es', 'fr_FR', 'id', 'ko', 'nl', 'pt_BR', 'sk', 'sv', 'da', 'el', 'fi', 'hr', 'it', 'pl', 'ro', 'sl');
if (!$options['man']) {
$options['title'] = _("No manpage selected");
do_invalid($formatter, $options);
return;
}
$LANG = '';
if ($options['lang'] and in_array($options['lang'], $supported)) {
$LANG = 'LANG=' . $options['lang'];
}
if ($options['sec'] != intval($options['sec'])) {
unset($options['sec']);
}
$cmd = $LANG . " man {$options['sec']} -a -w {$options['man']}";
$formatter->errlog();
$fp = popen(escapeshellcmd($cmd) . $formatter->LOG, 'r');
if (is_resource($fp)) {
$fnames = array();
while ($l = fgets($fp, 1024)) {
if (preg_match('/\\.gz$/', $l)) {
$fnames[] = trim($l);
}
}
pclose($fp);
}
$err = $formatter->get_errlog();
if ($err) {
$err = '<pre class="errlog">' . $err . '</pre>';
}
if (!$fnames) {
$options['title'] = _("No manpage found");
$options['msg'] = $err;
// XXX
do_invalid($formatter, $options);
return;
}
$sz = count($fnames);
$man = array();
if ($sz >= 1) {
foreach ($fnames as $fname) {
$man[] = $tmp = preg_replace("/\\.gz\$/", "", basename($fname));
}
$options['page'] = "ManPage/{$man['0']}";
$fname = $fnames[0];
}
if ($DBInfo->hasPage($options['page'])) {
$options['value'] = $options['page'];
do_goto($formatter, $options);
return;
}
if (function_exists('gzfile')) {
$raw = gzfile($fname);
$raw = join('', $raw);
} else {
exec("zcat {$fname}", $raw);
$raw = join("\n", $raw);
}
if ($sz > 1) {
$lnk = array();
foreach ($fnames as $f) {
$tmp = preg_match("@/([^/]+)?/man./([^/]+).(.)\\.gz\$@", $f, $m);
$lang = 'en';
if ($m) {
if ($m[1] != 'man') {
$lang = $m[1];
}
$myman = $m[2];
$mysec = $m[3];
$tag = '';
if ($lang) {
$tag = $lang == 'ko' ? '(' . $lang . ')' : '';
$lang = '&lang=' . $lang;
}
$lnk[] = $formatter->link_tag('ManPage/' . $myman . '.' . $mysec, '?action=man_get&man=' . $myman . '&sec=' . $mysec . $lang, $myman . '.' . $mysec) . $tag;
}
}
if (sizeof($lnk) > 0) {
$options['msgtitle'] = implode(', ', $lnk);
}
}
if ($DBInfo->man_charset and $DBInfo->man_charset != $DBInfo->charset) {
if (function_exists('iconv')) {
$ignore = '//IGNORE';
// XXX
$raw = iconv($DBInfo->man_charset, $DBInfo->charset . $ignore, $raw);
}
}
if ($DBInfo->man_filter) {
$raw = $formatter->filter_repl('simplere', $raw, array('page' => $DBInfo->man_filter));
}
$options['savetext'] = $raw;
if ($options['edit']) {
$formatter->send_header("", $options);
$formatter->send_title("", "", $options);
print macro_EditText($formatter, $raw, $options);
} else {
if ($options['raw']) {
$formatter->send_header("content-type: text/plain", $options);
print $raw;
return;
} else {
$formatter->send_header("", $options);
$formatter->send_title("", "", $options);
print $formatter->processor_repl('man', $raw, $options);
$extra = '';
if ($options['sec']) {
$extra = '&sec=' . $options['sec'];
}
if ($options['lang']) {
$extra = '&lang=' . $options['lang'];
}
$formatter->actions[] = '?action=man_get&man=' . $options['man'] . $extra . '&edit=1 ' . _("Edit man page");
}
}
$formatter->send_footer('', $options);
return;
// vim:et:sts=4:
}
function do_bbs($formatter, $options = array())
{
global $DBInfo;
$err = '';
$args = array();
if ($options['mode'] == 'rss') {
#$formatter->send_header("Content-Type: text/xml",$options);
header("Content-Type: application/xml");
print macro_BBS($formatter, '', $options);
return;
}
# load a config file
$bname = $formatter->page->name;
$conf0 = array();
if (file_exists('config/bbs.' . $bname . '.php')) {
$confname = 'bbs.' . $bname . '.php';
$conf0 = _load_php_vars('config/bbs.default.php');
} else {
$confname = 'bbs.default.php';
}
$conf = _load_php_vars('config/' . $confname);
$conf = array_merge($conf0, $conf);
# check valid IP
$check_ip = true;
if ($conf['allowed_ip'] and in_array($options['mode'], array('edit', 'delete', 'new'))) {
include_once 'lib/checkip.php';
if (!check_ip($conf['allowed_ip'], $_SERVER['REMOTE_ADDR'])) {
$options['title'] = sprintf(_("Your IP address is not allowed to %s at this BBS"), $options["mode"]);
$check_ip = false;
}
}
$check_pass = false;
$MyBBS = macro_BBS($formatter, '', array('new' => 1));
if ($options['id'] != 'Anonymous' and $options['mode'] == 'edit' and $options['no']) {
$body = $MyBBS->getPage($options['no']);
if ($body != null) {
include_once 'lib/metadata.php';
list($metas, $dummy) = _get_metadata($body);
if ($metas['Name'] == $options['id']) {
# XXX
$check_pass = true;
}
}
}
# password check
while ($options['no'] and ($options['mode'] == 'delete' or $options['mode'] == 'edit') and $_SERVER['REQUEST_METHOD'] == "POST") {
# check admin(WikiMaster) password
if (!$check_pass) {
if ($DBInfo->admin_passwd) {
$check_pass = $DBInfo->admin_passwd == crypt($options['pass'], $DBInfo->admin_passwd);
} else {
$check_pass = false;
}
}
# check admin(BBSMaster) password
if (!$check_pass and $conf['admin_passwd']) {
$check_pass = $conf['admin_passwd'] == crypt($options['pass'], $conf['admin_passwd']);
}
while ($check_ip and $check_pass and $options['mode'] == 'delete') {
if (($p = strpos($options['no'], ' ')) !== false) {
$nids = explode(" ", $options['no']);
} else {
$nids = array($options['no']);
}
for ($i = 0, $sz = sizeof($nids); $i < $sz; $i++) {
if ($MyBBS->hasPage($nids[$i])) {
$MyBBS->deletePage($nids[$i]);
} else {
$MyBBS->deleteIndex($nids[$i]);
}
}
$query = $options['p'] ? '&p=' . $options['p'] : '';
$myrefresh = '';
if ($DBInfo->use_save_refresh) {
$sec = $DBInfo->use_save_refresh - 1;
$lnk = $formatter->link_url($formatter->page->urlname, '?' . ($query ? $query : 'action=show'));
$myrefresh = 'Refresh: ' . $sec . '; url=' . qualifiedURL($lnk);
}
$options['msg'] = _("Successfully deleted.");
$header = array("Expires: " . gmdate("D, d M Y H:i:s", 0) . " GMT");
if ($myrefresh) {
$header[] = $myrefresh;
}
$formatter->send_header($header, $options);
$formatter->send_title("", "", $options);
$formatter->send_footer("", $options);
return;
}
break;
}
while ($options['mode'] == 'comment' and $options['savetext'] and $_SERVER['REQUEST_METHOD'] == "POST") {
$query = 'no=' . $options['no'] . ($options['p'] ? '&p=' . $options['p'] : '');
$myrefresh = '';
if ($DBInfo->use_save_refresh) {
$sec = $DBInfo->use_save_refresh - 1;
$lnk = $formatter->link_url($formatter->page->urlname, '?' . $query);
$myrefresh = 'Refresh: ' . $sec . '; url=' . qualifiedURL($lnk);
}
$header = array("Expires: " . gmdate("D, d M Y H:i:s", 0) . " GMT");
if ($myrefresh) {
$header[] = $myrefresh;
}
$p = new WikiPage($options['page'] . ':' . $options['no'], $options);
$formatter->page = $p;
$options['page'] = $options['page'] . ':' . $options['no'];
$options['minor'] = 1;
# do not log
$formatter->send_header($header, $options);
$options['action_mode'] = 'ajax';
$options['call'] = 1;
$ret = $formatter->ajax_repl('comment', $options);
if ($ret == false) {
$options['msg'] = _("Fail to post comment.");
}
unset($options['action_mode']);
$formatter->send_title("", "", $options);
$formatter->send_footer("", $options);
return;
break;
}
if ($options['mode'] == 'delete') {
$msg = sprintf(_("The article %s will be deleted."), $options['no']);
$url = $formatter->link_url($formatter->page->urlname, '');
$header = array("Expires: " . gmdate("D, d M Y H:i:s", 0) . " GMT");
$formatter->send_header($header, $options);
$formatter->send_title("", "", $options);
print <<<EOF
<div class='deleteDialog'>
<form method='post' action='{$url}' >
<strong>{$msg}</strong>
<table border='0' width='20%'>
<tbody>
<tr><th>Password:</th><td><input type='password' style="width:200px" name='pass' /></td></tr>
</tbody>
</table>
<input type='hidden' name='no' value='{$options['no']}' />
<input type='hidden' name='p' value='{$options['p']}' />
<input type='hidden' name='action' value='bbs' />
<input type='hidden' name='mode' value='delete' />
</form>
</div>
EOF;
$formatter->send_footer("", $options);
return;
} else {
if ($options['mode'] == 'edit') {
$button_preview = $options['button_preview'];
while ($_SERVER['REQUEST_METHOD'] == "POST") {
$savetext = $options['savetext'];
$datestamp = $options['datestamp'];
$subject = $options['subject'];
# strip some tags from the subject
$subject = preg_replace("%</?(marquee|embed|object|script|form|frame|iframe|img|a|)[^>]*>%", '', $subject);
$args['subject'] = _stripslashes($subject);
if ($options['id'] == 'Anonymous') {
$name = $options['name'];
$name = strip_tags($name);
$pass = $options['pass'];
$home = $options['homepage'];
# check a homepage address
if (!empty($home)) {
if (!preg_match('/^((ftp|http|news):\\/\\/)[a-z0-9][a-z0-9_\\-]+\\.[a-z0-9\\-\\.]+.*/', $home)) {
$options['msg'] = _("Invalid HomePage address.");
break;
} else {
if (!eregi("^(ftp|http|news):\\/\\/", $home)) {
$home = "http://" . $home;
}
}
}
# check email address
$email = $options['email'];
$args['name'] = _stripslashes($name);
$args['pass'] = _stripslashes($pass);
$args['home'] = _stripslashes($home);
$args['email'] = _stripslashes($email);
if (!$name) {
$options['msg'] = _("No Name error.");
break;
}
} else {
$args['name'] = $options['id'];
}
$args['no'] = $options['no'] ? $options['no'] : 0;
if ($options['no'] and !$check_pass) {
break;
}
# edit mode
if (!$check_ip) {
break;
}
# not allowed IPs
if (!$args['subject'] or !$savetext) {
$options['msg'] = _("No Subject error.");
break;
}
if ($button_preview) {
break;
}
$savetext = preg_replace("/\r\n|\r/", "\n", $savetext);
if ($savetext and $DBInfo->spam_filter) {
$text = $savetext;
$fts = preg_split('/(\\||,)/', $DBInfo->spam_filter);
foreach ($fts as $ft) {
$text = $formatter->filter_repl($ft, $text, $options);
}
if ($text != $savetext) {
$options['msg'] = _("Sorry, can not save page because some messages are blocked in this wiki.");
break;
}
}
$savetext = rtrim($savetext) . "\n";
$args['text'] = _stripslashes($savetext);
$MyBBS = macro_BBS($formatter, '', array('new' => 1));
$myrefresh = '';
if ($DBInfo->use_save_refresh) {
$sec = $DBInfo->use_save_refresh - 1;
$lnk = $formatter->link_url($formatter->page->urlname, "?action=show");
$myrefresh = 'Refresh: ' . $sec . '; url=' . qualifiedURL($lnk);
}
$header = array("Expires: " . gmdate("D, d M Y H:i:s", 0) . " GMT");
$options['msg'] = _("New post added successfully");
if ($myrefresh) {
$header[] = $myrefresh;
}
$formatter->send_header($header, $options);
$formatter->send_title("", "", $options);
if ($MyBBS->use_attach) {
# XXX
$args['call'] = 1;
$lists = array();
$lists = $formatter->macro_repl('Attachments', '', $args);
unset($args['call']);
if (!empty($lists)) {
$args['attach'] = $lists;
}
}
$MyBBS->savePage($args);
$formatter->send_footer("", $options);
return;
}
#print _bbs_edit_form();
#print macro_BBSForm($formatter);
$formatter->send_header("", $options);
$formatter->send_title("", "", $options);
if ($options['savetext']) {
$formatter->_raw_body = $options['savetext'];
if ($options['no']) {
$hidden = "<input type='hidden' name='no' value='{$options['no']}' />\n" . "<input type='hidden' name='p' value='{$options['p']}' />";
}
} else {
if ($options['no']) {
$MyBBS = macro_BBS($formatter, '', array('new' => 1));
$nid = $options['no'];
if ($nid and $MyBBS->hasPage($nid)) {
$fields = array('Name', 'Subject', 'Date', 'Email', 'HomePage', 'IP', 'Keywords');
include_once 'lib/metadata.php';
$body = $MyBBS->getPage($nid);
$boundary = strtoupper(md5("COMMENT"));
# XXX
list($body, $comments) = explode('----' . $boundary . "\n", $body, 2);
# XXX
if ($body != null) {
list($metas, $nbody) = _get_metadata($body);
if ($nbody) {
$body = $nbody;
}
$args['name'] = $metas['Name'];
$args['subject'] = $metas['Subject'];
$args['home'] = $metas['HomePage'];
$args['email'] = $metas['Email'];
$args['text'] = $body;
$formatter->_raw_body = $body;
$hidden = "<input type='hidden' name='no' value='{$nid}' />\n" . "<input type='hidden' name='p' value='{$options['p']}' />";
}
}
} else {
$formatter->_raw_body = "";
}
}
if ($options['id'] == 'Anonymous') {
$formatter->_extra_form = <<<EOF
<div>
<table border='0' width='100%'>
<col width='10%' /><col width='10%' /><col width='10%' /><col width='70%' />
<tbody>
<tr><th>Subject:</th><td colspan='3'><input type='text' style="width:80%" name='subject' value='{$args['subject']}' /></td></tr>
<tr><th>Name:</th><td><input type='text' name='name' value='{$args['name']}' /></td>
<th>Password:</th><td><input type='password' name='pass' /></td></tr>
<tr><th>Email:</th><td colspan='3'><input type='text' style="width:50%" name='email' value='{$args['email']}' /></td></tr>
<tr><th>HomePage:</th><td colspan='3'><input type='text'style="width:50%" name='homepage' value='{$args['home']}' /></td></tr>
</tbody>
</table>
{$hidden}
</div>
EOF;
} else {
if (!$check_pass and !empty($options['no']) and $options['mode'] == 'edit') {
$pass_form = "<tr><th>Password:</th><td><input type='password' name='pass' /></td></tr>";
}
$formatter->_extra_form = <<<EOF
<div>
<table border='0' width='100%'>
<col width='20%' /><col width='80%' />
<tbody>
<tr><th>Subject:</th><td><input type='text' style="width:80%" name='subject' value='{$args['subject']}' /></td></tr>
{$pass_form}
</tbody>
</table>
{$hidden}
</div>
EOF;
}
$formatter->_mtime = 0;
$options['simple'] = 2;
$options['nocategories'] = 1;
$options['minor'] = 1;
# do not show a minor checkbox
print macro_EditText($formatter, $value, $options);
$formatter->_raw_body = null;
$formatter->_extra_form = null;
} else {
$formatter->send_header("", $options);
$formatter->send_title("", "", $options);
print macro_BBS($formatter, 'no=' . $options['no']);
}
}
$formatter->send_footer("", $options);
return;
}
function macro_ImportUrl($formatter, $value = '', $options = array())
{
$value = $value ? $value : $options['url'];
if (!$value) {
return <<<EOF
<div>
<form method='get' action=''>
<input type='hidden' name='action' value='importurl' />
<input name='url' value='http://' size='60' />
<input type='submit' value='html 2 wiki' />
</form>
</div>
EOF;
}
if (!preg_match('/^(http|ftp|https):\\/\\//', $value)) {
return false;
}
$fp = fopen("{$value}", "r");
if (!$fp) {
return false;
}
while ($data = fread($fp, 4096)) {
$html_data .= $data;
}
fclose($fp);
# only use <body> contents
preg_match("/<\\s*body[^>]*>(.*)<\\/\\s*body\\s*>/is", $html_data, $m);
if ($m) {
$html_data = $m[1];
}
# fix_url($value,$dummy);
# fix_url('http://hello.com/',$dummy);
# fix_url('http://hello.com',$dummy);
# remove some tags
$out = preg_replace("@<(script|style)[^>]*>.*</\\1>@is", "", $html_data);
# remove empty tags
$out = preg_replace("@<(h.|).[^>]*></\\1>@i", "", $out);
# strip tags
$out = strip_tags($out, '<pre><hr><td><tr><a><b><i><u><h1><h2><h3><h4><h5><li><img>');
# fix some "\n" important sytaxes
$out = preg_replace(array("/(?!\n)(\\s*<h.[^>]*>)/i", "/((<\\/h.\\s*>)(?:[ ]*)(?!\n))/i"), array("\n\\1", "\\2\n"), $out);
$splits = preg_split('/(<pre\\s*[^>]*>|<\\/pre>)/', $out, -1, PREG_SPLIT_DELIM_CAPTURE);
$wiki = '';
$base_url = $value;
if (($p = strrpos($value, '/')) !== false) {
$base_url = substr($value, 0, $p);
}
_fix_url_callback($base_url, true);
_fix_url_callback2($base_url, true);
foreach ($splits as $split) {
if (preg_match('/^<pre\\s/i', $split)) {
$state = 'p';
if (preg_match("/<pre\\s*class=.wikiSyntax.[^>]*>/i", $split)) {
$pre = '{{{#!vim';
} else {
if (preg_match("/<pre\\s*class=.wiki.>/i", $split)) {
$pre = '{{{';
} else {
$pre = '{{{#!';
}
}
continue;
} else {
if (preg_match('/^<\\/pre>/i', $split)) {
$state = '';
$pre .= "}}}\n";
$pre = str_replace(array(""", '<', '>', '&', '<b>', '</b>'), array('"', '<', '>', '&', '', ''), $pre);
$wiki .= $pre;
$pre = '';
continue;
}
}
if ($pre) {
$pre .= $split;
continue;
}
# remove leading spaces
$out = preg_replace("/\n[ ]+/", "\n", $split);
$out = preg_replace("/\r/", "", $out);
#$out= preg_replace("/<img\s*[^>]*src=(['\"])?((http|ftp)[^'\"]+)\\1[^>]*>/i",
# "\\2",$out);
$out = preg_replace_callback("/<img\\s*[^>]*src=(['\"])?([^'\"]+)\\1[^>]*>/i", '_fix_url_callback', $out);
$out = preg_replace("/<li[^>]*>/i", " * ", $out);
$out = preg_replace("/<\\/li>\n*/i", "\n", $out);
$out = preg_replace("/<td\\s*[^>]*>/i", "||", $out);
$out = preg_replace("/<\\/td>\n*/i", "", $out);
$out = preg_replace("/<tr\\s*[^>]*>/i", "", $out);
$out = preg_replace("/<\\/tr>\n*/i", "||\n", $out);
$out = preg_replace("/<hr\\s*[^>]*>/i", "----\n", $out);
#
$out = str_replace(array(""", '<', '>', '&'), array('"', '<', '>', '&'), $out);
# for rendered wiki page
#$out= preg_replace("/<pre\s*class=.wiki.>/i","{{{",$out);
#$out= preg_replace("/<pre\s*[^>]*>/i","{{{#!vim config",$out);
#$out= preg_replace("/<\/pre>/i","}}}\n",$out);
# remove id tag and perma links
$out = preg_replace("/<a\\s*id=[^>]+>[^<]*<\\/a>/i", "", $out);
$out = preg_replace("/<a\\s*[^>]*href=['\"]#[^>]+>[^<]*<\\/a>/i", "", $out);
$out = preg_replace("/<a\\s*[^>]*href=['\"]#[^>]+>[^<]*<\\/a>/i", "", $out);
# remove ?WikiName links
$out = preg_replace("/<a\\s*[^>]*href=['\"][^>]+>\\?<\\/a>/i", "", $out);
# remove hrefs with a blank link
$out = preg_replace("/<a\\s*[^>]*href=['\"][^>]+><\\/a>/i", "", $out);
# url
$out = preg_replace_callback("/<a\\s*[^>]*href=['\"]([^'\"]+)['\"][^>]*>([^<]+)<\\/a>/i", '_fix_url_callback2', $out);
# heading
$out = preg_replace_callback("/<h(\\d)[^>]*>(?:\\d+\\.?\\d*)*([^<]+)<\\/h\\d>/i", '_heading_callback', $out);
# paragraph
$out = preg_replace("/\n{3,}/", "\n\n", $out);
$out = preg_replace("/<b>([^<]+)<\\/b>/i", "'''\\1'''", $out);
$out = preg_replace("/<i>([^<]+)<\\/i>/i", "''\\1''", $out);
$out = preg_replace("/<u>([^<]+)<\\/u>/i", "__\\1__", $out);
$wiki .= $out;
}
#$wiki=preg_replace(array("/\007\s/","/\007/"),array(" ",""),$wiki);
return $wiki;
$options['savetext'] = $out;
$options['button_preview'] = 1;
$formatter->send_header("", $options);
$formatter->send_title(_("Import URL"), "", $options);
#$ret= macro_Test($formatter,$options[value]);
#$formatter->send_page($ret);
print macro_EditText($formatter, $value, $options);
$formatter->send_footer("", $options);
return;
}
