function action_save() { global $Admin, $AllowAnonymousPosts, $AllowAnonymousPostsHtml, $archive; global $captcha, $categories, $comment, $Diff3Cmd, $document, $EmailSuffix; global $EnableCaptcha, $EnableDiff3, $EnableSubscriptions; global $ErrorPageLocked, $HTTP_POST_VARS, $MaxPostLen, $merge, $minoredit; global $nextver, $NickName, $page, $pagefrom, $pagestore, $REMOTE_ADDR; global $Save, $SaveMacroEngine, $section, $template, $text_after; global $text_before, $UserName, $validationcode, $WorkingDirectory; if (!$UserName && !$AllowAnonymousPosts) { global $ErrorNoAnonComments; die($ErrorNoAnonComments); } if (isset($HTTP_POST_VARS['quickadd'])) { $quickadd = $HTTP_POST_VARS['quickadd']; } if (isset($HTTP_POST_VARS['appending'])) { $appending = $HTTP_POST_VARS['appending']; } // added for "Add a Quote" feature for AnnoyingQuote page if (isset($HTTP_POST_VARS['quoteAuthor'])) { $quoteAuthor = $HTTP_POST_VARS['quoteAuthor']; } if (isset($HTTP_POST_VARS['appendingQuote'])) { $appendingQuote = $HTTP_POST_VARS['appendingQuote']; } if (get_magic_quotes_gpc()) { if (isset($quickadd)) { $quickadd = stripslashes($quickadd); } if (isset($quoteAuthor)) { $quoteAuthor = stripslashes($quoteAuthor); } } // validations for unlogged users if (!$UserName) { if ($EnableCaptcha) { $captcha_d = strtolower(decode_captcha_md5($captcha)); $captcha_v = trim(strtolower($validationcode)); if ($captcha_v == '' || $captcha_v !== $captcha_d) { global $ErrorValidationCode; die($ErrorValidationCode); } } // prevent empty posts if (strlen(trim($quickadd)) <= 75) { $ptrn = '/^----\\s+\'\'\'.+?@\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3} ' . '\\(\\d{4}\\/\\d{2}\\/\\d{2}\\)\'\'\':$/'; if (preg_match($ptrn, trim($quickadd))) { global $ErrorEmptyComment; die($ErrorEmptyComment); } } } if (empty($Save)) { include 'action/preview.php'; action_preview(); return; } $pagestore->lock(); // Ensure atomicity. $pg = $pagestore->page($page); $pg->read(); $pageWasEmpty = strlen($pg->text) <= 1; if (isset($appending)) { $document = $pg->text; $nextver = $pg->version + 1; } else { if ($section) { $document = $text_before . "\n\n" . trim($document) . "\n\n" . $text_after; } $pg->template = $template; } // Edit disallowed. if (!$pg->mutable || !$UserName && (!isset($appending) || !$pg->exists())) { $pagestore->unlock(); die($ErrorPageLocked); } // gets the hostname without the nickname $page_hostname = array_pop(explode('@', $pg->hostname)); if ($UserName && $pg->exists() && $pg->version >= $nextver && ($page_hostname != gethostbyaddr($REMOTE_ADDR) || $pg->username != $UserName) && !$archive) { $merge_conflict = 1; $merge = ''; $diff3_test = array(); if ($EnableDiff3) { exec($Diff3Cmd . ' --help', $diff3_test); } if (count($diff3_test)) { // page conflict, try to merge $your_file_text = $pg->text; $my_file_text = str_replace("\r", "", $document); $pg_old = $pagestore->page($page); $pg_old->version = $nextver - 1; $pg_old->read(); $old_file_text = $pg_old->text; global $TempDir; $num = posix_getpid(); // Comment if running on Windows. // $num = rand(); // Uncomment if running on Windows. $my_file = $TempDir . '/wiki_' . $num . '_my_file.txt'; $old_file = $TempDir . '/wiki_' . $num . '_old_file.txt'; $your_file = $TempDir . '/wiki_' . $num . '_your_file.txt'; if (!($h_my = fopen($my_file, 'w')) || !($h_old = fopen($old_file, 'w')) || !($h_your = fopen($your_file, 'w'))) { die("ErrorCreatingTemp"); } if (fwrite($h_my, $my_file_text) < 0 || fwrite($h_old, $old_file_text) < 0 || fwrite($h_your, $your_file_text) < 0) { die("ErrorWritingTemp"); } fclose($h_my); fclose($h_old); fclose($h_your); $diff3_options = '-mE -L "Your modifications" -L "Original file" ' . '-L "Someone else\'s modifications"'; exec($Diff3Cmd . ' ' . $diff3_options . ' ' . $my_file . ' ' . $old_file . ' ' . $your_file, $merge); unlink($my_file); unlink($old_file); unlink($your_file); $merge = implode("\n", $merge); $regexp = '/<{7} Your modifications/s'; $merge_conflict = preg_match($regexp, $merge); } if ($merge_conflict) { $pagestore->unlock(); include 'action/conflict.php'; action_conflict(); return; } else { $document = $merge; } } // "Add a Comment" is "Add a Quote" for specific pages like AnnoyingQuote if (isset($quickadd) && isset($appendingQuote)) { // if we're appending a quote, instead of a comment $quoteAuthor = trim($quoteAuthor); if ($quoteAuthor != '') { // Add author to quote if author provided. Add a leading dash if // needed. See strpos help for information about "=== false". $pos = strpos($quoteAuthor, '-'); if ($pos === false || $pos > 0) { $quoteAuthor = "-- {$quoteAuthor}"; } $quickadd .= " {$quoteAuthor}"; } } // Silently trim string to $MaxPostLen chars. $document = substr($document, 0, $MaxPostLen); if (isset($appending)) { $document = str_replace("\\\\'", '"', $document); } $document = str_replace("\\", "\\\\", $document); $document = str_replace("'", "\\'", $document); $document = str_replace("\r", "", $document); $comment = str_replace("\\", "\\\\", $comment); $comment = str_replace("'", "\\'", $comment); if (isset($appending) && isset($quickadd)) { // Add new lines if document is not empty. if ($document) { $document = trim($document) . "\n\n"; } $quickadd = str_replace("\\", "\\\\", $quickadd); $quickadd = str_replace("'", "\\'", $quickadd); $quickadd = str_replace("\r", "", $quickadd); if (!$AllowAnonymousPostsHtml) { $quickadd = htmlspecialchars($quickadd); } $document .= $quickadd; } $pg->text = $document; $pg->hostname = gethostbyaddr($REMOTE_ADDR); if (!$UserName && $NickName) { $nick_sql = str_replace("\\", "\\\\", $NickName); $nick_sql = str_replace("'", "\\'", $nick_sql); $pg->hostname = $nick_sql . '@' . $pg->hostname; } $pg->username = $UserName; $pg->comment = $comment; if ($pg->exists) { $pg->version++; } else { $pg->version = 1; } if (!$pg->write($minoredit)) { $pagestore->unlock(); die("Error saving a page."); } // Parenting stuff for new pages. if ($pageWasEmpty) { // Ensures that $pagefrom is really a backlink. if ($pagefrom) { $backlinks = $pagestore->getBacklinks($page); if (!in_array($pagefrom, $backlinks)) { $pagefrom = ''; } } // If no parent is specified, tries to find one. if (!$pagefrom) { $pagefrom = $pagestore->findFosterParent($page); } // The $pagefrom page becomes the new page's parent. if ($pagefrom) { $tempPage = $pagestore->page($pagefrom); if ($tempPage->exists()) { $pagestore->reparent($page, $pagefrom); } } } // Editor asked page to be added to a category or categories. if (!empty($categories)) { add_to_category($page, $categories); } // Process save macros (e.g., to define interwiki entries). parseText($document, $SaveMacroEngine, $page); // Remove any parenting if the page is empty. if (strlen(trim($document)) == 0) { $pagestore->reparent_emptypage($page); } $pagestore->unlock(); // End "transaction". // Handles page subscriptions if ($EnableSubscriptions && isset($EmailSuffix)) { if ($subscribed_users = $pg->getSubscribedUsers($UserName)) { global $ScriptBase, $WikiName; foreach ($subscribed_users as $user) { $msg = "This is your friendly neighbourhood wiki ({$WikiName}) " . "letting you know that the page {$page} has changed!\n\n"; if ($minoredit) { $msg .= "This was a minor edit.\n\n"; } $msg .= "View page: {$ScriptBase}?{$page}\n\n" . "History: {$ScriptBase}?action=history&page={$page}\n\n"; // friendly diff $history = $pagestore->history($page); if (count($history) > 1) { $previous_ver = $history[1][2]; $latest_ver = $history[0][2]; $p1 = $pagestore->page($page); $p1->version = $previous_ver; $p2 = $pagestore->page($page); $p2->version = $latest_ver; $diff = diff_compute($p1->read(), $p2->read()); $msg .= "Friendly diff:\n\n{$diff}"; } mail($user . $EmailSuffix, "{$WikiName}: {$page} has changed", $msg, "From: {$Admin}"); } } } // Aligns the browser with an HTML anchor, showing the last added comment (or quote) // See: action/save.php, template/save.php, template/view.php if (isset($quickadd)) { // if Add a Comment or Add a Quote template_save(array('page' => $page, 'text' => $document, 'anchor' => 'pageContentBottom')); } else { // Standard save template_save(array('page' => $page, 'text' => $document)); } }
function output_captcha_img($md5) { $code = decode_captcha_md5($md5); $n = strlen($code); $im = imagecreate($n * 30, 40); $sx = imagesx($im); $sy = imagesy($im); $greypale = imagecolorallocate($im, 192, 192, 192); $grey = imagecolorallocate($im, 127, 127, 127); for ($i = 0; $i < $n; $i++) { $imltr = get_imgltr(substr($code, $i, 1)); imagecopy($im, $imltr, $i * 30, 0, 0, 0, 30, 40); } imagesmoothedges($im, $grey, $greypale); $black = imagecolorallocate($im, 0, 0, 0); $white = imagecolorallocate($im, 255, 255, 255); $random_x = array(); while (count($random_x) < 5) { $x = rand(5, $sx - 6); if (!in_array($x, $random_x)) { $random_x[] = $x; } } $random_y = array(); while (count($random_y) < 5) { $y = rand(5, $sy - 6); if (!in_array($y, $random_y)) { $random_y[] = $y; } } for ($n = 0; $n < 5; $n++) { $x = $random_x[$n]; imageline($im, $x, 0, $x, $sy - 1, $white); $y = $random_y[$n]; imageline($im, 0, $y, $sx - 1, $y, $white); } imagerectangle($im, 0, 0, $sx - 1, $sy - 1, $black); header('Content-type: image/png'); imagepng($im); exit; }