function ewiki_action_image_append($id, $data, $action) { #-- invalid $id value if (empty($data) || !$data["version"] || EWIKI_DB_F_TEXT != ($data["flags"] & EWIKI_DB_F_TYPE)) { $o = ewiki_t("CANNOTCHANGEPAGE"); } elseif ($fa = $_FILES["imagefile"]) { #-- guess HTTP meta data $meta = array("X-Content-Type" => $fa["type"]); if ($s = $fa["name"]) { $meta["Content-Location"] = $s; $p = 0 or $p = strrpos($s, "/") and $p++ or $p = strrpos($s, '\\') and $p++; $meta["Content-Disposition"] = 'inline; filename="' . urlencode(substr($s, $p)) . '"'; } #-- proceed an image (reject binary, resize if too large) $result = ewiki_binary_save_image($fa["tmp_name"], "", "RETURN", $meta, 0, 1); #-- database rejected file if (!$result) { $o = ewiki_t("BIN_NOIMG"); } else { $loop = 3; while ($loop--) { $data = ewiki_db::GET($id); $data["version"]++; $data["content"] = rtrim($data["content"], "\n") . "\n\n" . "[\"AppendedPicture\"{$result}]\n\n\n"; $result = ewiki_db::WRITE($data); if ($result) { break; } } if ($result) { $o = ewiki_page("view/{$id}"); ewiki_log("image appended to '{$id}'"); } else { $o .= ewiki_t("NO_IMAGEAPPEND"); } } } else { $o .= ewiki_t("BIN_NOIMG"); #"You did not select an image, or something went really wrong during tansmission. Plase go back to the previous page."; } return $o; }
function ewiki_binary($break = 0) { global $ewiki_plugins; global $USER; // MOODLE $id = optional_param(EWIKI_UP_BINARY, ''); #-- reject calls if (!strlen($id) || !EWIKI_IDF_INTERNAL) { return false; } if (headers_sent()) { die("ewiki-binary configuration error"); } #-- upload requests $upload_file = @$_FILES[EWIKI_UP_UPLOAD]; $add_meta = array(); if ($orig_name = @$upload_file["name"]) { $add_meta["Content-Location"] = urlencode($orig_name); $add_meta["Content-Disposition"] = 'inline; filename="' . urlencode(basename("remote://{$orig_name}")) . '"'; } #-- what are we doing here? if ($id == EWIKI_IDF_INTERNAL && $upload_file) { $do = "upload"; } else { $data = ewiki_database("GET", array("id" => $id)); $flags = @$data["flags"]; if (EWIKI_DB_F_BINARY == ($flags & EWIKI_DB_F_TYPE)) { $do = "get"; } elseif (empty($data["version"]) and EWIKI_CACHE_IMAGES) { $do = "cache"; } else { $do = "nop"; } } #-- auth only happens when enforced with _PROTECTED_MODE_XXL setting # (authentication for inline images in violation of the WWW spirit) if (EWIKI_PROTECTED_MODE >= 5 && !ewiki_auth($id, $data, "binary-{$do}")) { $_REQUEST['id'] = $_POST['id'] = $_GET['id'] = "view/BinaryPermissionError"; return "view/BinaryPermissionError"; } #-- upload an image if ($do == "upload") { $id = ewiki_binary_save_image($upload_file["tmp_name"], "", $return = 0, $add_meta); @unlink($upload_file["tmp_name"]); ($title = trim($orig_name, "/")) && ($title = preg_replace("/[^-._\\w\\d]+/", "_", substr(substr($orig_name, strrpos($title, "/")), 0, 20))) && ($title = '"' . $title . '"') || ($title = ""); if ($id) { echo <<<EOF <html><head><title>File/Picture Upload</title><script type="text/javascript"><!-- opener.document.forms["ewiki"].elements["content"].value += "\\nUPLOADED PICTURE: [{$id}{$title}]\\n"; window.setTimeout("self.close()", 5000); //--></script></head><body bgcolor="#440707" text="#FFFFFF">Your uploaded file was saved as<br /><big><b> [{$id}] </b></big>.<br /><br /><noscript>Please copy this ↑ into the text input box:<br />select/mark it with your mouse, press [Ctrl]+[Insert], go back<br />to the previous screen and paste it into the textbox by pressing<br />[Shift]+[Insert] inside there.</noscript></body></html> EOF; } } elseif ($do == "get") { #### CHANGED FOR MOODLE if (EWIKI_HIT_COUNTING) { $tmp["id"] = $id; ewiki_database("HIT", $tmp); } #### CHANGED FOR MOODLE #-- send http_headers from meta if (is_array($data["meta"])) { foreach ($data["meta"] as $hdr => $val) { if ($hdr[0] >= "A" && $hdr[0] <= "Z") { header("{$hdr}: {$val}"); } } } #-- fetch from binary store if ($pf_a = $ewiki_plugins["binary_get"]) { #### CHANGED FOR MOODLE foreach ($pf_a as $pf) { $pf($id, $data["meta"]); } #### END CHANGED FOR MOODLE } #-- else fpassthru echo $data["content"]; } elseif ($do == "cache") { #-- check for standard protocol names, to prevent us from serving # evil requests for '/etc/passwd.jpeg' or '../.htaccess.gif' if (preg_match('@^\\w?(http|ftp|https|ftps|sftp)\\w?://@', $id)) { #-- generate local copy $filename = tempnam(EWIKI_TMP, "ewiki.local.temp."); if (($i = fopen($id, "rb")) && ($o = fopen($filename, "wb"))) { while (!feof($i)) { fwrite($o, fread($i, 65536)); } fclose($i); fclose($o); $add_meta = array("Content-Location" => urlencode($id), "Content-Disposition" => 'inline; filename="' . urlencode(basename($id)) . '"'); $result = ewiki_binary_save_image($filename, $id, "RETURN", $add_meta); } } #-- deliver if ($result && !$break) { ewiki_binary($break = 1); } else { $data = array("id" => $id, "version" => 1, "flags" => EWIKI_DB_F_DISABLED, "lastmodified" => time(), "created" => time(), "author" => ewiki_author("ewiki_binary_cache"), "userid" => $USER->id, "content" => "", "meta" => array("Status" => "404 Absent")); ewiki_database("WRITE", $data); header("Location: {$id}"); ewiki_log("imgcache: did not find '{$id}', and marked it now in database as DISABLED", 2); } } else { if (strpos($id, EWIKI_IDF_INTERNAL) === false) { header("Status: 301 Located SomeWhere Else"); header("Location: {$id}"); } else { header("Status: 404 Absent"); header("X-Broken-URI: {$id}"); } } // you should not remove this one, it is really a good idea to use it! die; }
function ewiki_page_fileupload($id, $data, $action, $def_sec = "") { global $ewiki_upload_sections, $ewiki_plugins; $o = ewiki_make_title($id, $id, 2); $upload_file = $_FILES[EWIKI_UP_UPLOAD]; if (empty($upload_file)) { $o .= ewiki_t("UPLOAD0"); $o .= '<div class="upload">' . '<form action="' . ewiki_script($action != "view" ? $action : "", $id) . '" method="POST" enctype="multipart/form-data">' . '<b>' . ewiki_t("file") . '</b><br /><input type="file" name="' . EWIKI_UP_UPLOAD . '"><br /><br />' . '<input type="submit" value="' . EWIKI_PAGE_UPLOAD . '"><br /><br />'; $o .= '<b>' . ewiki_t("comment") . '</b><br /><textarea name="comment" cols="35" rows="3"></textarea><br /><br />'; if (empty($ewiki_upload_sections[$def_sec])) { $ewiki_upload_sections[$def_sec] = $def_sec; } if (count($ewiki_upload_sections) > 1) { if (empty($def_sec)) { $def_sec = $_REQUEST["section"]; } $o .= '<b>' . ewiki_t("UPL_INSECT") . '</b><br /><select name="section">'; foreach ($ewiki_upload_sections as $id => $title) { $o .= '<option value="' . $id . '"' . ($id == $def_sec ? ' selected' : '') . '>' . $title . '</option>'; } $o .= '</select><br /><br />'; } $o .= '<b>' . ewiki_t("UPL_NEWNAM") . '</b><br /><input type="text" name="new_filename" size="20"><br /><br />'; $o .= '</form></div>'; } elseif ($upload_file["size"] > EWIKI_UPLOAD_MAXSIZE) { $o .= ewiki_t("UPL_TOOLARGE"); } else { $meta = array("X-Content-Type" => $upload_file["type"], "Cache-control" => "private"); if (($s = $upload_file["name"]) && strlen($s) >= 3 || ($s = substr(md5(time() + microtime()), 0, 8) . ".dat")) { if (strlen($uu = trim($_REQUEST["new_filename"])) >= 3) { if ($uu != $s) { $meta["Original-Filename"] = $s; } $s = $uu; } $meta["Content-Location"] = $s; $p = 0 or $p = strrpos($s, "/") and $p++ or $p = strrpos($s, '\\') and $p++; $meta["Content-Disposition"] = 'attachment; filename="' . urlencode(substr($s, $p)) . '"'; } if (strlen($sect = $_REQUEST["section"])) { if ($ewiki_upload_sections[$sect] || $action == EWIKI_ACTION_ATTACHMENTS && $data["content"] && strlen($ewiki_plugins["action"][EWIKI_ACTION_ATTACHMENTS])) { $meta["section"] = $sect; } else { $o .= ewiki_t("UPL_REJSECT", array('sect' => $sect)); return $o; } } if (strlen($s = trim($_REQUEST["comment"]))) { $meta["comment"] = $s; } $result = ewiki_binary_save_image($upload_file["tmp_name"], "", "RETURN", $meta, "ACCEPT_ALL", $care_for_images = 0); if ($result) { $o .= ewiki_t("UPL_OK", array('$script' => ewiki_script(EWIKI_PAGE_DOWNLOAD))); ewiki_log("file uploaded to section '{$sect}'"); } else { $o .= ewiki_t("UPL_ERROR"); } } return $o; }