function plugin_amazon_action() { global $vars, $script, $edit_auth, $edit_auth_users; global $amazon_body, $asin, $asin_all; $qm = get_qm(); if (PKWK_READONLY) { die_message($qm->m['fmt_err_pkwk_readonly']); } $s_page = isset($vars['refer']) ? $vars['refer'] : ''; $asin_all = isset($vars['asin']) ? htmlspecialchars(rawurlencode(strip_bracket($vars['asin']))) : ''; if (!is_asin()) { $retvars['msg'] = $qm->m['plg_amazon']['review_title']; $retvars['refer'] =& $s_page; $retvars['body'] = plugin_amazon_convert(); return $retvars; } else { $r_page = $s_page . '/' . $asin; $r_page_url = rawurlencode($r_page); $auth_user = isset($_SERVER['PHP_AUTH_USER']) ? $_SERVER['PHP_AUTH_USER'] : ''; pkwk_headers_sent(); if ($edit_auth && ($auth_user == '' || !isset($edit_auth_users[$auth_user]) || $edit_auth_users[$auth_user] != $_SERVER['PHP_AUTH_PW'])) { // Edit-auth failed. Just look the page header('Location: ' . get_script_uri() . '?' . $r_page_url); } else { $title = plugin_amazon_get_asin_title(); if ($title == '' || preg_match('#^/#', $s_page)) { // Invalid page name header('Location: ' . get_script_uri() . '?' . rawurlencode($s_page)); } else { $body = '#amazon(' . $asin_all . ',,image)' . "\n" . '*' . $title . "\n" . $amazon_body; plugin_amazon_review_save($r_page, $body); header('Location: ' . get_script_uri() . '?cmd=edit&page=' . $r_page_url); } } exit; } }
function plugin_amazon_action() { global $vars, $script; global $amazon_body; global $_amazon_msg; $check = new amazon_check_asin(htmlspecialchars(rawurlencode(strip_bracket($vars['asin'])))); if (!$check->is_asin) { $retvars['msg'] = $_amazon_msg['msg_BookReviewEdit']; $retvars['refer'] = $vars['refer']; $s_page = $vars['refer']; $r_page = $s_page . '/' . $check->asin; $retvars['body'] = plugin_amazon_convert(); return $retvars; } $s_page = $vars['refer']; $r_page = $s_page . '/' . $check->asin; // $r_page_url = rawurlencode($r_page); if (!check_readable($r_page, false, false)) { header('Location: ' . get_page_location_uri($r_page)); } elseif (check_editable($r_page, false, false)) { $info = new amazon_getinfo($check->asin, 'heavy'); $title = $info->items['title']; if ($title == '' or preg_match('/^\\//', $s_page)) { header('Location: ' . get_script_absuri() . '?' . encode($s_page)); } $body = "#amazon({$check->asin},,image)\n*{$title}\n" . $amazon_body; amazon_review_save($r_page, $body); header('Location: ' . get_location_uri('edit', $r_page)); } else { return false; } die; }