function plugin_commentx_action() { global $vars, $post; // Petit SPAM Check (Client(Browser)-Server Ticket Check) $spam = FALSE; if (isset($post['encode_hint']) && $post['encode_hint'] != '') { if (PKWK_ENCODING_HINT != $post['encode_hint']) { $spam = TRUE; } } else { if (PKWK_ENCODING_HINT != '') { $spam = TRUE; } } if (method_exists('auth', 'check_role')) { // Plus! if (auth::check_role('readonly')) { die_message('PKWK_READONLY prohibits editing'); } if (!is_page($vars['refer']) && auth::is_check_role(PKWK_CREATE_PAGE)) { die_message(_('PKWK_CREATE_PAGE prohibits editing')); } } else { if (PKWK_READONLY) { die_message('PKWK_READONLY prohibits editing'); } } // If SPAM, goto jail. if ($spam) { return plugin_commentx_honeypot(); } return plugin_commentx_write(); }
function plugin_newpage_action() { global $vars; $_btn_edit = _('Edit'); $_msg_newpage = _('New page'); // if (PKWK_READONLY) die_message('PKWK_READONLY prohibits editing'); if (auth::check_role('readonly')) { die_message(_('PKWK_READONLY prohibits editing')); } if (auth::is_check_role(PKWK_CREATE_PAGE)) { die_message(_('PKWK_CREATE_PAGE prohibits editing')); } if ($vars['page'] == '') { $retvars['msg'] = $_msg_newpage; $retvars['body'] = plugin_newpage_convert(); return $retvars; } else { $page = strip_bracket($vars['page']); if (isset($vars['refer'])) { $r_page = get_fullname($page, $vars['refer']); $r_refer = 'refer=' . $vars['refer']; } else { $r_page = $page; $r_refer = ''; } pkwk_headers_sent(); header('Location: ' . get_page_location_uri($r_page, $r_refer)); exit; } }
function plugin_edit_action() { // global $vars, $_title_edit, $load_template_func; global $vars, $load_template_func; // if (PKWK_READONLY) die_message( _('PKWK_READONLY prohibits editing') ); if (auth::check_role('readonly')) { die_message(_('PKWK_READONLY prohibits editing')); } if (PKWK_READONLY == ROLE_AUTH && auth::get_role_level() > ROLE_AUTH) { die_message(_('PKWK_READONLY prohibits editing')); } if (isset($vars['realview'])) { return plugin_edit_realview(); } $page = isset($vars['page']) ? $vars['page'] : ''; check_editable($page, true, true); if (!is_page($page) && auth::is_check_role(PKWK_CREATE_PAGE)) { die_message(_('PKWK_CREATE_PAGE prohibits editing')); } if (isset($vars['preview']) || $load_template_func && isset($vars['template'])) { return plugin_edit_preview(); } else { if (isset($vars['write'])) { return plugin_edit_write(); } else { if (isset($vars['cancel'])) { return plugin_edit_cancel(); } } } $source = get_source($page); auth::is_role_page($source); $postdata = $vars['original'] = join('', $source); if (!empty($vars['id'])) { $postdata = plugin_edit_parts($vars['id'], $source); if ($postdata === FALSE) { unset($vars['id']); // なかったことに :) $postdata = $vars['original']; } } if ($postdata == '') { $postdata = auto_template($page); } return array('msg' => _('Edit of $1'), 'body' => edit_form($page, $postdata)); }
function plugin_role_convert() { global $_role_msg; $role = auth::get_role_level(); if ($role == 0) { return ''; } $argv = func_get_args(); $i = count($argv); if ($i < 2) { return role_list($role); } $msg = $argv[$i - 1]; if (!auth::is_check_role($argv[0])) { return convert_html(str_replace("\r", "\n", $msg)); } return ''; }
function plugin_pcomment_action() { global $post, $vars; // if (PKWK_READONLY) die_message('PKWK_READONLY prohibits editing'); if (auth::check_role('readonly')) { die_message('PKWK_READONLY prohibits editing'); } // Petit SPAM Check (Client(Browser)-Server Ticket Check) $b = FALSE; if (!isset($post['encode_hint']) && PKWK_ENCODING_HINT == '') { $b = TRUE; } elseif (isset($post['encode_hint']) && $post['encode_hint'] == PKWK_ENCODING_HINT) { $b = TRUE; } if ($b === FALSE) { honeypot_write(); return array('msg' => '', 'body' => ''); // Do nothing } if (!isset($vars['msg']) || $vars['msg'] == '') { return array(); } // Validate if (is_spampost(array('msg'))) { honeypot_write(); return array('msg' => '', 'body' => ''); // Do nothing } $refer = isset($vars['refer']) ? $vars['refer'] : ''; if (!is_page($refer) && auth::is_check_role(PKWK_CREATE_PAGE)) { die_message(_('PKWK_CREATE_PAGE prohibits editing')); } $retval = plugin_pcomment_insert(); if ($retval['collided']) { $vars['page'] = $refer; return $retval; } pkwk_headers_sent(); header('Location: ' . get_page_location_uri($refer)); exit; }
function plugin_tracker_action() { global $post, $vars, $now; // if (PKWK_READONLY) die_message('PKWK_READONLY prohibits editing'); if (auth::check_role('readonly')) { die_message(_('PKWK_READONLY prohibits editing')); } if (auth::is_check_role(PKWK_CREATE_PAGE)) { die_message(_('PKWK_CREATE_PAGE prohibits editing')); } $base = isset($post['_base']) ? $post['_base'] : ''; $refer = isset($post['_refer']) ? $post['_refer'] : ''; $createProxy = isset($post['_createProxy']) ? $post['_createProxy'] : ''; // $page name to add will be decided here $num = 0; $name = isset($post['_name']) ? $post['_name'] : ''; if (isset($post['_page'])) { $real = $page = $post['_page']; } else { $real = is_pagename($name) ? $name : ++$num; $page = get_fullname('./' . $real, $base); } if (!is_pagename($page)) { $page = $base; } while (is_page($page)) { $real = ++$num; $page = $base . '/' . $real; } $config = isset($post['_config']) ? $post['_config'] : ''; $createProxy = isset($post['_createProxy']) ? $post['_createProxy'] : ''; // Petit SPAM Check (Client(Browser)-Server Ticket Check) $spam = FALSE; if (function_exists('pkwk_session_start') && pkwk_session_start() != 0) { $s_tracker = md5(get_ticket() . $config_name); error_log("\$s_tracker: " . $s_tracker); error_log("\$_SESSION['tracker']: " . $_SESSION['tracker']); // if ($_SESSION['tracker'] != $s_tracker) { // $spam = TRUE; // } } else { if (isset($post['encode_hint']) && $post['encode_hint'] != '') { if (PKWK_ENCODING_HINT != $post['encode_hint']) { $spam = TRUE; } } else { if (PKWK_ENCODING_HINT != '') { $spam = TRUE; } } if (is_spampost(array('body'), PLUGIN_TRACKER_REJECT_SPAMCOUNT)) { $spam = TRUE; } } if ($spam) { honeypot_write(); return array('msg' => 'cannot write', 'body' => '<p>prohibits editing</p>'); } // TODO: Why here // Default $_post = array_merge($post, $_FILES); $_post['_date'] = $now; $_post['_page'] = $page; $_post['_name'] = $name; $_post['_real'] = $real; // $_post['_refer'] = $_post['refer']; // TODO: Why here => See BugTrack/662 // Creating an empty page, before attaching files pkwk_touch_file(get_filename($page)); $from = $to = array(); $tracker_form =& new Tracker_form(); if (!$tracker_form->init($base, $refer, $config)) { return array('msg' => 'Cannot write', 'body' => htmlspecialchars($tracker_form->error)); } // Load $template $template_page = $tracker_form->config->page . '/' . PLUGIN_TRACKER_DEFAULT_PAGE; $template = plugin_tracker_get_source($template_page); if ($template === FALSE || empty($template)) { return array('msg' => 'Cannot write', 'body' => 'Page template (' . htmlspecialchars($template_page) . ') not found'); } if (!$tracker_form->initFields(plugin_tracker_field_pickup(implode('', $template)))) { return array('msg' => 'Cannot write', 'body' => htmlspecialchars($tracker_form->error)); } $fields = $tracker_form->fields; unset($tracker_form); foreach (array_keys($fields) as $field) { $from[] = '[' . $field . ']'; $to[] = isset($_post[$field]) ? $fields[$field]->format_value($_post[$field]) : ''; unset($fields[$field]); } // Repalace every [$field]s (found inside $template) to real values $subject = $escape = array(); foreach (array_keys($template) as $linenum) { if (trim($template[$linenum]) == '') { continue; } // Escape some TextFormattingRules $letter = $template[$linenum][0]; if ($letter == '|' || $letter == ':') { $escape['|'][$linenum] = $template[$linenum]; } else { if ($letter == ',') { $escape[','][$linenum] = $template[$linenum]; } else { // TODO: Escape "\n" except multiline-allowed fields $subject[$linenum] = $template[$linenum]; } } } foreach (str_replace($from, $to, $subject) as $linenum => $line) { $template[$linenum] = $line; } if ($escape) { // Escape for some TextFormattingRules foreach (array_keys($escape) as $hint) { $to_e = plugin_tracker_escape($to, $hint); foreach (str_replace($from, $to_e, $escape[$hint]) as $linenum => $line) { $template[$linenum] = $line; } } unset($to_e); } unset($from, $to); // Write $template, without touch page_write($page, join('', $template)); // Create proxy page if ($createProxy && ($proxyPage = isset($_post[$createProxy]) ? $_post[$createProxy] : '')) { page_write($proxyPage, '#include(' . $page . ',notitle)'); } pkwk_headers_sent(); header('Location: ' . get_page_location_uri($page)); exit; }
function plugin_approve_action() { global $vars, $post; if (auth::check_role('readonly')) { die_message(_('PKWK_READONLY prohibits editing')); } if (auth::is_check_role(PKWK_CREATE_PAGE)) { die_message(_('PKWK_CREATE_PAGE prohibits editing')); } // Petit SPAM Check (Client(Browser)-Server Ticket Check) $spam = FALSE; if (function_exists('pkwk_session_start') && pkwk_session_start() != 0) { $s_tracker = md5(get_ticket() . 'Approve'); error_log("\$s_tracker: " . $s_tracker); error_log("\$_SESSION['tracker']: " . $_SESSION['tracker']); } else { if (isset($post['encode_hint']) && $post['encode_hint'] != '') { error_log("\$post['encode_hint']: " . $post['encode_hint']); if (PKWK_ENCODING_HINT != $post['encode_hint']) { $spam = TRUE; } } else { error_log("PKWK_ENCODING_HINT: " . PKWK_ENCODING_HINT); if (PKWK_ENCODING_HINT != '') { $spam = TRUE; } } error_log("is_spampost: " . is_spampost(array('body'), PLUGIN_TRACKER_REJECT_SPAMCOUNT)); if (is_spampost(array('body'), PLUGIN_TRACKER_REJECT_SPAMCOUNT)) { $spam = TRUE; } } error_log("isSpam: " . $spam); if ($spam) { honeypot_write(); return array('msg' => 'cannot write', 'body' => '<p>prohibits editing</p>'); } $name = isset($post['name']) ? $post['name'] : ''; $page = isset($post['_page']) ? $post['_page'] : ''; if ($name == '') { return '<p>approve(): empty name.</p>'; } if ($page == '') { return '<p>approve(): empty page.</p>'; } $config_path = PLUGIN_APPROVE_CONFIG_ROOT . $name; $config = new YamlConfig($config_path); if (!$config->read()) { return array('msg' => 'Approve', 'body' => '<p>approve(): failed to load config. "' . $config_path . '"</p>'); } $pattern = $config[PLUGIN_APPROVE_KEY_PATTERN]; $replace = $config[PLUGIN_APPROVE_KEY_REPLACE]; $page_regex = $config[PLUGIN_APPROVE_KEY_PAGE_REGEX]; if ($page == '') { return array('msg' => 'Approve', 'body' => '<p>approve(): empty page.</p>'); } if ($pattern == '') { return array('msg' => 'Approve', 'body' => '<p>approve(): empty pattern.</p>'); } if ($page_regex == '') { return array('msg' => 'Approve', 'body' => '<p>approve(): empty page_regex.</p>'); } if (!preg_match($page_regex, $page)) { return array('msg' => 'Approve', 'body' => '<p>approve(): page not match.</p>'); } if (PKWK_READONLY > 0 || is_freeze($vars['page']) || !plugin_approve_is_edit_authed($page)) { return array('msg' => 'Approve', 'body' => '<p>approve(): prohibit editing. "' . $page . '"</p>'); } $source = get_source($page, TRUE, TRUE); if ($source === FALSE) { return array('msg' => 'Approve', 'body' => '<p>approve(): failed to load page. "' . $page . '"</p>'); } if (strpos($source, $pattern) === FALSE) { return array('msg' => 'Approve', 'body' => '<p>approve(): pattern not match.</p>'); } $source = str_replace($pattern, $replace, $source); //return array('msg'=>'Approve', 'body'=>$source); page_write($page, $source); pkwk_headers_sent(); header('Location: ' . get_page_location_uri($page)); exit; }
function plugin_toolbar_convert() { global $do_backup, $trackback, $referer; global $function_freeze; global $vars; // $is_read = (arg_check('read') && is_page($vars['page'])); $is_read = is_page($vars['page']); $is_readonly = auth::check_role('readonly'); $is_safemode = auth::check_role('safemode'); $is_createpage = auth::is_check_role(PKWK_CREATE_PAGE); $num = func_num_args(); $args = $num ? func_get_args() : array(); $body = ''; while (!empty($args)) { $name = array_shift($args); switch ($name) { case 'freeze': if ($is_readonly) { break; } if (!$is_read) { break; } if ($function_freeze) { if (!is_freeze($vars['page'])) { $name = 'freeze'; } else { $name = 'unfreeze'; } if ($body != '') { $body .= "\n"; } $body .= _toolbar($name); } break; case 'upload': if ($is_readonly) { break; } if (!$is_read) { break; } if ($function_freeze && is_freeze($vars['page'])) { break; } if ((bool) ini_get('file_uploads')) { if ($body != '') { $body .= "\n"; } $body .= _toolbar($name); } break; case 'filelist': if (arg_check('list')) { if ($body != '') { $body .= "\n"; } $body .= _toolbar($name); } break; case 'backup': if ($do_backup) { if ($body != '') { $body .= "\n"; } $body .= _toolbar($name); } break; case 'trackback': if ($trackback) { if ($body != '') { $body .= "\n"; } $tbcount = tb_count($vars['page']); if ($tbcount > 0) { $body .= _toolbar($name); } else { if (!$is_read) { $body .= _toolbar($name); } } } break; case 'refer': if ($referer) { if ($body != '') { $body .= "\n"; } $body .= _toolbar($name); } break; case 'rss': case 'mixirss': if ($body != '') { $body .= "\n"; } $body .= _toolbar($name); break; case '|': $body .= "\n \n"; break; case 'diff': if (!$is_read) { break; } if ($is_safemode) { break; } if ($body != '') { $body .= "\n"; } $body .= _toolbar($name); break; case 'edit': case 'guiedit': if (!$is_read) { break; } if ($is_readonly) { break; } if ($function_freeze && is_freeze($vars['page'])) { break; } if ($body != '') { $body .= "\n"; } $body .= _toolbar($name); break; case 'new': case 'newsub': if ($is_createpage) { break; } case 'rename': case 'copy': if ($is_readonly) { break; } case 'reload': case 'print': case 'full': if (!$is_read) { break; } default: if ($body != '') { $body .= "\n"; } $body .= _toolbar($name); break; } } return '<div id="toolbar">' . $body . '</div>'; }
function page_write($page, $postdata, $notimestamp = FALSE) { global $trackback, $autoalias, $aliaspage; global $autoglossary, $glossarypage; global $use_spam_check; // if (PKWK_READONLY) return; // Do nothing if (auth::check_role('readonly')) { return; } // Do nothing if (is_page($page)) { $oldpostdata = get_source($page, TRUE, TRUE); } else { if (auth::is_check_role(PKWK_CREATE_PAGE)) { die_message(_('PKWK_CREATE_PAGE prohibits editing')); } $oldpostdata = ''; } $postdata = make_str_rules($postdata); // Create and write diff $diffdata = do_diff($oldpostdata, $postdata); $role_adm_contents = auth::check_role('role_adm_contents'); $links = array(); if ($trackback > 1 || $role_adm_contents && $use_spam_check['page_contents']) { $links = get_this_time_links($postdata, $diffdata); } // Blocking SPAM if ($role_adm_contents) { if ($use_spam_check['page_remote_addr'] && SpamCheck($_SERVER['REMOTE_ADDR'], 'ip')) { die_message('Writing was limited by IPBL (Blocking SPAM).'); } if ($use_spam_check['page_contents'] && SpamCheck($links)) { die_message('Writing was limited by DNSBL (Blocking SPAM).'); } if ($use_spam_check['page_write_proxy'] && is_proxy()) { die_message('Writing was limited by PROXY (Blocking SPAM).'); } } // Logging postdata postdata_write(); // Create diff text file_write(DIFF_DIR, $page, $diffdata); // Create backup make_backup($page, $postdata == ''); // Is $postdata null? // Create wiki text file_write(DATA_DIR, $page, $postdata, $notimestamp); if (function_exists('senna_update')) { senna_update($page, $oldpostdata, $postdata); } if ($trackback > 1) { // TrackBack Ping tb_send($page, $links); } unset($oldpostdata, $diffdata, $links); links_update($page); // Update autoalias.dat (AutoAliasName) if ($autoalias && $page == $aliaspage) { $aliases = get_autoaliases(); if (empty($aliases)) { // Remove @unlink(CACHE_DIR . PKWK_AUTOALIAS_REGEX_CACHE); } else { // Create or Update autolink_pattern_write(CACHE_DIR . PKWK_AUTOALIAS_REGEX_CACHE, get_autolink_pattern(array_keys($aliases), $autoalias)); } } // Update glossary.dat (AutoGlossary) if ($autoglossary && $page == $glossarypage) { $words = get_autoglossaries(); if (empty($words)) { // Remove @unlink(CACHE_DIR . PKWK_GLOSSARY_REGEX_CACHE); } else { // Create or Update autolink_pattern_write(CACHE_DIR . PKWK_GLOSSARY_REGEX_CACHE, get_glossary_pattern(array_keys($words), $autoglossary)); } } log_write('update', $page); }
/** *ページの管理権限を取得 * @return boolean */ public static function is_page_auth($page, $auth_flag, $auth_pages, $uname, $gname = '') { global $auth_method_type; static $info; if (!$auth_flag) { return true; } if (!isset($info)) { $info = auth::get_user_info(); } $target_str = ''; switch ($auth_method_type) { case self::AUTH_METHOD_PAGENAME: $target_str = $page; break; case self::AUTH_METHOD_CONTENTS: $target_str = Factory::Wiki($page)->get(); break; } $user_list = $group_list = $role = null; foreach ($auth_pages as $key => $val) { if (preg_match($key, $target_str)) { if (is_array($val)) { $user_list = empty($val['user']) ? null : explode(',', $val['user']); $group_list = empty($val['group']) ? null : explode(',', $val['group']); $role = empty($val['role']) ? null : $val['role']; } else { $user_list = empty($val) ? null : explode(',', $val); } break; } } // No limit if (empty($user_list) && empty($group_list) && empty($role)) { return true; } // 未認証者 if (empty($uname)) { return false; } // ユーザ名検査 if (!empty($user_list) && in_array($uname, $user_list)) { return true; } // グループ検査 if (!empty($group_list) && !empty($gname) && in_array($gname, $group_list)) { return true; } // role 検査 if (!empty($role) && !auth::is_check_role($role)) { return true; } return false; }
function check_role($func = '') { global $adminpass; switch ($func) { case 'readonly': $chk_role = defined('PKWK_READONLY') ? PKWK_READONLY : ROLE_GUEST; break; case 'safemode': $chk_role = defined('PKWK_SAFE_MODE') ? PKWK_SAFE_MODE : ROLE_GUEST; break; case 'su': $now_role = auth::get_role_level(); if ($now_role == 2 || (int) $now_role == ROLE_ADM_CONTENTS) { return FALSE; } // 既に権限有 $chk_role = ROLE_ADM_CONTENTS; switch ($now_role) { case ROLE_AUTH_TEMP: // FIXME: return TRUE; case ROLE_GUEST: // 未認証者は、単に管理者パスワードを要求 $user = UNAME_ADM_CONTENTS_TEMP; break; case ROLE_AUTH: // 認証済ユーザは、ユーザ名を維持しつつ管理者パスワードを要求 $user = auth::check_auth(); break; } $auth_temp = array($user => array($adminpass)); while (1) { if (!auth::auth_pw($auth_temp)) { unset($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']); header('WWW-Authenticate: Basic realm="USER NAME is ' . $user . '"'); header('HTTP/1.0 401 Unauthorized'); break; } // ESC : 認証失敗 return TRUE; } break; case 'role_adm': $chk_role = ROLE_ADM; break; case 'role_adm_contents': $chk_role = ROLE_ADM_CONTENTS; break; case 'role_auth': $chk_role = ROLE_AUTH; break; default: $chk_role = ROLE_GUEST; } return auth::is_check_role($chk_role); }
function plugin_guiedit_action() { // global $vars, $_title_edit, $load_template_func; global $vars, $load_template_func; global $menubar, $sidebar, $topicpath; // if (PKWK_READONLY) die_message( _('PKWK_READONLY prohibits editing') ); if (auth::check_role('readonly')) { die_message(_('PKWK_READONLY prohibits editing')); } if (PKWK_READONLY == ROLE_AUTH && auth::get_role_level() > ROLE_AUTH) { die_message(_('PKWK_READONLY prohibits editing')); } $page = isset($vars['page']) ? $vars['page'] : ''; check_editable($page, true, true); if (!is_page($page) && auth::is_check_role(PKWK_CREATE_PAGE)) { die_message(_('PKWK_CREATE_PAGE prohibits editing')); } global $guiedit_use_fck; $guiedit_use_fck = isset($vars['text']) ? false : true; if ($guiedit_use_fck) { global $guiedit_pkwk_root; $guiedit_pkwk_root = get_baseuri('abs'); } if (GUIEDIT_FULL_SIZE) { $menubar = $sidebar = ''; $topicpath = false; } if (isset($vars['edit'])) { return plugin_guiedit_edit_data($page); } else { if ($load_template_func && isset($vars['template'])) { return plugin_guiedit_template(); } else { if (isset($vars['preview'])) { return plugin_guiedit_preview(); } else { if (isset($vars['write'])) { return plugin_guiedit_write(); } else { if (isset($vars['cancel'])) { return plugin_guiedit_cancel(); } } } } } $source = get_source($page); $postdata = $vars['original'] = join('', $source); if (isset($vars['text'])) { if (!empty($vars['id'])) { exist_plugin('edit'); $postdata = plugin_edit_parts($vars['id'], $source); if ($postdata === FALSE) { unset($vars['id']); $postdata = $vars['original']; } } if ($postdata == '') { $postdata = auto_template($page); } } return array('msg' => $_title_edit, 'body' => plugin_guiedit_edit_form($page, $postdata)); }
function is_protect() { return PLUS_PROTECT_MODE && auth::is_check_role(PLUS_PROTECT_MODE); }
function plugin_newpage_subdir_action() { global $vars; if (auth::check_role('readonly')) { return ''; } if (auth::is_check_role(PKWK_CREATE_PAGE)) { return ''; } $roots = $retval = array(); $page = empty($vars['page']) ? '' : $vars['page']; $dir = empty($vars['directory']) ? '' : strip_bracket($vars['directory']); if (empty($page)) { if (!empty($dir)) { $roots[] = substr($dir, -1) == '/' ? substr($dir, 0, -1) : $dir; // $msg_prefix = $directory."..に"; $msg_prefix = _("To {$dir}."); } $retval['msg'] = htmlspecialchars($msg_prefix) . _('New page'); $retval['body'] = print_form_string(build_directory_list($roots)); return $retval; } header('Location: ' . get_page_location_uri($dir . $page)); die; }
function plugin_bugtrack_action() { global $post; global $_plugin_bugtrack; // if (PKWK_READONLY) die_message('PKWK_READONLY prohibits editing'); if (auth::check_role('readonly')) { die_message('PKWK_READONLY prohibits editing'); } if (auth::is_check_role(PKWK_CREATE_PAGE)) { die_message(_('PKWK_CREATE_PAGE prohibits editing')); } if ($post['mode'] != 'submit') { return FALSE; } // Petit SPAM Check (Client(Browser)-Server Ticket Check) $spam = FALSE; if (isset($post['encode_hint']) && $post['encode_hint'] != '') { if (PKWK_ENCODING_HINT != $post['encode_hint']) { $spam = TRUE; } } else { if (PKWK_ENCODING_HINT != '') { $spam = TRUE; } } // Vaildation foreign values(by miko) if (!in_array($post['priority'], $_plugin_bugtrack['priority_list'])) { $spam = TRUE; } if (!in_array($post['state'], $_plugin_bugtrack['state_list'])) { $spam = TRUE; } if ($spam) { honeypot_write(); return array('msg' => 'cannot write', 'body' => '<p>prohibits editing</p>'); } $page = plugin_bugtrack_write($post['base'], $post['pagename'], $post['summary'], $post['name'], $post['priority'], $post['state'], $post['category'], $post['version'], $post['body']); pkwk_headers_sent(); header('Location: ' . get_page_location_uri($page)); exit; }