Esempio n. 1
0
function plugin_pcomment_action()
{
    global $vars, $_string;
    // if (PKWK_READONLY) die_message('PKWK_READONLY prohibits editing');
    if (Auth::check_role('readonly')) {
        Utility::dieMessage(sprintf($_string['error_prohibit'], 'PKWK_READONLY'));
    }
    if (!isset($vars['msg']) || empty($vars['msg'])) {
        return array();
    }
    // Validate
    if (is_spampost(array('msg'))) {
        Utility::dump();
        return array('msg' => '', 'body' => '');
        // Do nothing
    }
    $refer = isset($vars['refer']) ? $vars['refer'] : '';
    if (!is_page($refer) && Auth::is_check_role(PKWK_CREATE_PAGE)) {
        Utility::dieMessage(sprintf($_string['error_prohibit'], 'PKWK_CREATE_PAGE'));
    }
    $retval = plugin_pcomment_insert();
    if ($retval['collided']) {
        $vars['page'] = $refer;
        return $retval;
    }
    $hash = isset($vars['reply']) ? '#pcmt' . Utility::htmlsc($vars['reply']) : '';
    Utility::redirect(get_page_location_uri($refer) . $hash);
}
Esempio n. 2
0
function plugin_newpage_action()
{
    global $vars, $_string, $_newpage_messages;
    // if (PKWK_READONLY) die_message('PKWK_READONLY prohibits editing');
    if (Auth::check_role('readonly')) {
        Utility::dieMessage(sprintf($_string['error_prohibit'], 'PKWK_READONLY'), '', 403);
    }
    if (Auth::is_check_role(PKWK_CREATE_PAGE)) {
        Utility::dieMessage(sprintf($_string['error_prohibit'], 'PKWK_CREATE_PAGE'), '', 403);
    }
    if (!isset($vars['page'])) {
        $retvars['msg'] = $_newpage_messages['title'];
        $retvars['body'] = plugin_newpage_convert();
        return $retvars;
    } else {
        $page = Utility::stripNullBytes($vars['page']);
        if (isset($vars['refer'])) {
            $r_page = Utility::getPageName($page, $vars['refer']);
            $r_refer = 'refer=' . $vars['refer'];
        } else {
            $r_page = $page;
            $r_refer = '';
        }
        Utility::redirect(get_page_location_uri($r_page, $r_refer));
        exit;
    }
}
Esempio n. 3
0
function plugin_mypage_convert()
{
    global $_mypage_msg;
    @(list($is_page) = func_get_args());
    $is_page = empty($is_page) ? false : true;
    $auth_key = Auth::get_user_info();
    // 認証確認
    if (empty($auth_key['key'])) {
        return '';
    }
    // マイページ利用の確認
    if (empty($auth_key['mypage'])) {
        return '';
    }
    // マイページの作成により制御
    // マイページ未作成の場合
    // is_page : true  -> プラグイン利用ページに遷移 -> #mypage(1)
    //         : false -> 新規作成画面に遷移         -> #mypage
    // The page cannot be prepared. -> ページの準備ができていません。
    if ($is_page && !is_page($auth_key['mypage'])) {
        return $_mypage_msg['msg_no_page'];
    }
    // 画面に誘導
    header('Location: ' . get_page_location_uri($auth_key['mypage']));
    // 誘導失敗時の対処(ブラウザによる)
    die_message($_mypage_msg['err_jump']);
}
Esempio n. 4
0
function plugin_newpage_action()
{
    global $vars;
    $_btn_edit = _('Edit');
    $_msg_newpage = _('New page');
    // if (PKWK_READONLY) die_message('PKWK_READONLY prohibits editing');
    if (auth::check_role('readonly')) {
        die_message(_('PKWK_READONLY prohibits editing'));
    }
    if (auth::is_check_role(PKWK_CREATE_PAGE)) {
        die_message(_('PKWK_CREATE_PAGE prohibits editing'));
    }
    if ($vars['page'] == '') {
        $retvars['msg'] = $_msg_newpage;
        $retvars['body'] = plugin_newpage_convert();
        return $retvars;
    } else {
        $page = strip_bracket($vars['page']);
        if (isset($vars['refer'])) {
            $r_page = get_fullname($page, $vars['refer']);
            $r_refer = 'refer=' . $vars['refer'];
        } else {
            $r_page = $page;
            $r_refer = '';
        }
        pkwk_headers_sent();
        header('Location: ' . get_page_location_uri($r_page, $r_refer));
        exit;
    }
}
Esempio n. 5
0
function plugin_read_action()
{
    global $vars, $_title_invalidwn, $_msg_invalidiwn;
    $page = isset($vars['page']) ? $vars['page'] : '';
    if (is_page($page)) {
        // ページを表示
        check_readable($page, true, true);
        header_lastmod($page);
        return array('msg' => '', 'body' => '');
        // } else if (! PKWK_SAFE_MODE && is_interwiki($page)) {
    } else {
        if (!auth::check_role('safemode') && is_interwiki($page)) {
            return do_plugin_action('interwiki');
            // InterWikiNameを処理
        } else {
            if (is_pagename($page)) {
                $realpages = get_autoaliases($page);
                if (count($realpages) == 1) {
                    $realpage = $realpages[0];
                    if (is_page($realpage)) {
                        header('HTTP/1.0 301 Moved Permanently');
                        header('Location: ' . get_page_location_uri($realpage));
                        return;
                    } elseif (is_url($realpage)) {
                        header('HTTP/1.0 301 Moved Permanently');
                        header('Location: ' . $realpage);
                        return;
                    } elseif (is_interwiki($realpage)) {
                        header('HTTP/1.0 301 Moved Permanently');
                        $vars['page'] = $realpage;
                        return do_plugin_action('interwiki');
                        // header('Location');
                    } else {
                        // 存在しない場合、直接編集フォームに飛ばす // To avoid infinite loop
                        header('Location: ' . get_location_uri('edit', $realpage));
                        return;
                    }
                } elseif (count($realpages) >= 2) {
                    $body = '<p>';
                    $body .= _('This pagename is an alias to') . '<br />';
                    $link = '';
                    foreach ($realpages as $realpage) {
                        $link .= '[[' . $realpage . '>' . $realpage . ']]&br;';
                    }
                    $body .= make_link($link);
                    $body .= '</p>';
                    return array('msg' => _('Redirect'), 'body' => $body);
                }
                $vars['cmd'] = 'edit';
                return do_plugin_action('edit');
                // 存在しないので、編集フォームを表示
            } else {
                // 無効なページ名
                return array('msg' => $_title_invalidwn, 'body' => str_replace('$1', htmlspecialchars($page), str_replace('$2', 'WikiName', $_msg_invalidiwn)));
            }
        }
    }
}
Esempio n. 6
0
function plugin_multilang_action()
{
    global $vars, $language;
    $page = isset($vars['page']) ? $vars['page'] : '';
    $lang = isset($vars['lang']) ? $vars['lang'] : '';
    if ($lang) {
        setcookie('lang', $lang, 0, get_baseuri('abs'));
        $_COOKIE['lang'] = $lang;
        /* To effective promptly */
        // UPDATE
        $language = Lang::getLanguage(1);
    }
    // Location ヘッダーで飛ばないような環境の場合は、この部分を
    // 有効にして対応下さい。
    // if(exist_plugin_action('read')) return plugin_read_action();
    header('Location: ' . get_page_location_uri($page));
    exit;
}
Esempio n. 7
0
function plugin_pcomment_action()
{
    global $post, $vars;
    // if (PKWK_READONLY) die_message('PKWK_READONLY prohibits editing');
    if (auth::check_role('readonly')) {
        die_message('PKWK_READONLY prohibits editing');
    }
    // Petit SPAM Check (Client(Browser)-Server Ticket Check)
    $b = FALSE;
    if (!isset($post['encode_hint']) && PKWK_ENCODING_HINT == '') {
        $b = TRUE;
    } elseif (isset($post['encode_hint']) && $post['encode_hint'] == PKWK_ENCODING_HINT) {
        $b = TRUE;
    }
    if ($b === FALSE) {
        honeypot_write();
        return array('msg' => '', 'body' => '');
        // Do nothing
    }
    if (!isset($vars['msg']) || $vars['msg'] == '') {
        return array();
    }
    // Validate
    if (is_spampost(array('msg'))) {
        honeypot_write();
        return array('msg' => '', 'body' => '');
        // Do nothing
    }
    $refer = isset($vars['refer']) ? $vars['refer'] : '';
    if (!is_page($refer) && auth::is_check_role(PKWK_CREATE_PAGE)) {
        die_message(_('PKWK_CREATE_PAGE prohibits editing'));
    }
    $retval = plugin_pcomment_insert();
    if ($retval['collided']) {
        $vars['page'] = $refer;
        return $retval;
    }
    pkwk_headers_sent();
    header('Location: ' . get_page_location_uri($refer));
    exit;
}
Esempio n. 8
0
function plugin_skin_convert()
{
    global $vars, $skin_file, $_skin_msg;
    if (!PLUGIN_SKIN_USE) {
        return $_skin_msg['err_not_use'];
    }
    if (func_num_args() == 0) {
        return skin_make_filelist();
    }
    $argv = func_get_args();
    $parm = skin_set_parm($argv);
    if (count($parm['list']) > 1) {
        $skin_list = array();
        foreach ($parm['list'] as $skin) {
            $skin_list[$skin] = '';
        }
        return skin_make_filelist($skin_list);
    }
    $val = explode('.', $parm['list'][0]);
    $val[1] = empty($val[1]) ? $val[0] : $val[1];
    $skin_file = add_skindir($val[0]);
    if (!file_exists($skin_file) || !is_readable($skin_file)) {
        die_message($skin_file . ' (skin file) is not found.');
    }
    $expire = PLUGIN_SKIN_EXPIRE > 0 ? time() + 60 * 60 * 24 * PLUGIN_SKIN_EXPIRE : PLUGIN_SKIN_EXPIRE;
    setcookie('skin_file', $skin_file, $expire, get_baseuri('abs'));
    $_COOKIE['skin_file'] = $skin_file;
    if ($val[0] == 'tdiary') {
        setcookie('tdiary_theme', $val[1], $expire, get_baseuri('abs'));
        $_COOKIE['tdiary_theme'] = $val[1];
    } else {
        setcookie('tdiary_theme', '', time() - 3600);
        // tdiary じゃないので削除
    }
    header('Location: ' . get_page_location_uri($vars['page']));
}
Esempio n. 9
0
function plugin_livedoor_action()
{
    global $vars, $auth_api, $_livedoor_msg;
    if (!$auth_api['livedoor']['use']) {
        return '';
    }
    if (!function_exists('pkwk_session_start')) {
        return '';
    }
    if (pkwk_session_start() == 0) {
        return '';
    }
    $die_message = PLUS_PROTECT_MODE ? 'die_msg' : 'die_message';
    // LOGIN
    if (isset($vars['login'])) {
        header('Location: ' . plugin_livedoor_jump_url());
        die;
    }
    $obj = new auth_livedoor();
    // LOGOUT
    if (isset($vars['logout'])) {
        $obj->auth_session_unset();
        $page = empty($vars['page']) ? '' : decode($vars['page']);
        header('Location: ' . get_page_location_uri($page));
        die;
    }
    // AUTH
    $rc = $obj->auth($vars);
    if (!isset($rc['has_error']) || $rc['has_error'] == 'true') {
        // ERROR
        $body = isset($rc['message']) ? $rc['message'] : 'unknown error.';
        $die_message($body);
    }
    $obj->auth_session_put();
    header('Location: ' . get_page_location_uri($obj->get_return_page()));
    die;
}
Esempio n. 10
0
function plugin_edit_cancel()
{
    global $vars;
    pkwk_headers_sent();
    header('Location: ' . get_page_location_uri($vars['page']));
    exit;
}
Esempio n. 11
0
function plugin_comment_write()
{
    global $vars, $now;
    global $_no_name;
    //	global $_msg_comment_collided, $_title_comment_collided, $_title_updated;
    $_title_updated = _("\$1 was updated");
    $_title_comment_collided = _("On updating  \$1, a collision has occurred.");
    $_msg_comment_collided = _("It seems that someone has already updated the page you were editing.<br />") . _("The comment was added, alhough it may be inserted in the wrong position.<br />");
    if (!isset($vars['msg'])) {
        return array('msg' => '', 'body' => '');
    }
    // Do nothing
    // Validate
    if (is_spampost(array('msg'))) {
        return plugin_comment_honeypot();
    }
    $vars['msg'] = str_replace("\n", '', $vars['msg']);
    // Cut LFs
    $head = '';
    $match = array();
    if (preg_match('/^(-{1,2})-*\\s*(.*)/', $vars['msg'], $match)) {
        $head =& $match[1];
        $vars['msg'] =& $match[2];
    }
    if ($vars['msg'] == '') {
        return array('msg' => '', 'body' => '');
    }
    // Do nothing
    $comment = str_replace('$msg', $vars['msg'], PLUGIN_COMMENT_FORMAT_MSG);
    list($nick, $vars['name'], $disabled) = plugin_comment_get_nick();
    if (isset($vars['name']) || $vars['nodate'] != '1') {
        $_name = !isset($vars['name']) || $vars['name'] == '' ? $_no_name : $vars['name'];
        $_name = $_name == '' ? '' : str_replace('$name', $_name, PLUGIN_COMMENT_FORMAT_NAME);
        $_now = $vars['nodate'] == '1' ? '' : str_replace('$now', $now, PLUGIN_COMMENT_FORMAT_NOW);
        $comment = str_replace("MSG", $comment, PLUGIN_COMMENT_FORMAT_STRING);
        $comment = str_replace("NAME", $_name, $comment);
        $comment = str_replace("NOW", $_now, $comment);
    }
    $comment = '-' . $head . ' ' . $comment;
    $postdata = '';
    $comment_no = 0;
    $above = isset($vars['above']) && $vars['above'] == '1';
    foreach (get_source($vars['refer']) as $line) {
        if (!$above) {
            $postdata .= $line;
        }
        if (preg_match('/^#comment/i', $line) && $comment_no++ == $vars['comment_no']) {
            if ($above) {
                $postdata = rtrim($postdata) . "\n" . $comment . "\n" . "\n";
                // Insert one blank line above #commment, to avoid indentation
            } else {
                $postdata = rtrim($postdata) . "\n" . $comment . "\n";
                // Insert one blank line below #commment
            }
        }
        if ($above) {
            $postdata .= $line;
        }
    }
    $title = $_title_updated;
    $body = '';
    if (md5(@join('', get_source($vars['refer']))) != $vars['digest']) {
        $title = $_title_comment_collided;
        $body = $_msg_comment_collided . make_pagelink($vars['refer']);
    }
    page_write($vars['refer'], $postdata);
    $retvars['msg'] = $title;
    $retvars['body'] = $body;
    if ($vars['refpage']) {
        header('Location: ' . get_page_location_uri($vars['refpage']));
        exit;
    }
    $vars['page'] = $vars['refer'];
    return $retvars;
}
Esempio n. 12
0
function plugin_amazon_action()
{
    global $vars, $script;
    global $amazon_body;
    global $_amazon_msg;
    $check = new amazon_check_asin(htmlspecialchars(rawurlencode(strip_bracket($vars['asin']))));
    if (!$check->is_asin) {
        $retvars['msg'] = $_amazon_msg['msg_BookReviewEdit'];
        $retvars['refer'] = $vars['refer'];
        $s_page = $vars['refer'];
        $r_page = $s_page . '/' . $check->asin;
        $retvars['body'] = plugin_amazon_convert();
        return $retvars;
    }
    $s_page = $vars['refer'];
    $r_page = $s_page . '/' . $check->asin;
    // $r_page_url = rawurlencode($r_page);
    if (!check_readable($r_page, false, false)) {
        header('Location: ' . get_page_location_uri($r_page));
    } elseif (check_editable($r_page, false, false)) {
        $info = new amazon_getinfo($check->asin, 'heavy');
        $title = $info->items['title'];
        if ($title == '' or preg_match('/^\\//', $s_page)) {
            header('Location: ' . get_script_absuri() . '?' . encode($s_page));
        }
        $body = "#amazon({$check->asin},,image)\n*{$title}\n" . $amazon_body;
        amazon_review_save($r_page, $body);
        header('Location: ' . get_location_uri('edit', $r_page));
    } else {
        return false;
    }
    die;
}
Esempio n. 13
0
function plugin_remoteip_jump_url()
{
    global $vars;
    return get_page_location_uri($vars['page']);
}
Esempio n. 14
0
function login_return_page()
{
    global $vars;
    $page = empty($vars['page']) ? '' : $vars['page'];
    log_write('login', '');
    header('Location: ' . get_page_location_uri($page));
    die;
}
Esempio n. 15
0
function plugin_rename_phase4($pages, $files, $exists)
{
    global $now, $_rename_messages;
    if (plugin_rename_getvar('exist') == '') {
        foreach ($exists as $key => $arr) {
            unset($files[$key]);
        }
    }
    set_time_limit(0);
    foreach ($files as $page => $arr) {
        foreach ($arr as $old => $new) {
            if (isset($exists[$page][$old]) && $exists[$page][$old]) {
                unlink($new);
            }
            rename($old, $new);
            // Update link database (BugTrack/327) arino
            //links_update($old);
            //links_update($new);
            $links = new Relational();
            $links->update($old);
            $links->update($new);
        }
    }
    $wiki = Factory::Wiki(PLUGIN_RENAME_LOGPAGE);
    $postdata = $wiki->get();
    $postdata[] = '*' . $now . "\n";
    if (plugin_rename_getvar('method') == 'regex') {
        $postdata[] = '-' . $_rename_messages['msg_regex'] . "\n";
        $postdata[] = '--From:[[' . plugin_rename_getvar('src') . ']]' . "\n";
        $postdata[] = '--To:[[' . plugin_rename_getvar('dst') . ']]' . "\n";
    } else {
        $postdata[] = '-' . $_rename_messages['msg_page'] . "\n";
        $postdata[] = '--From:[[' . plugin_rename_getvar('refer') . ']]' . "\n";
        $postdata[] = '--To:[[' . plugin_rename_getvar('page') . ']]' . "\n";
    }
    if (!empty($exists)) {
        $postdata[] = "\n" . $_rename_messages['msg_result'] . "\n";
        foreach ($exists as $page => $arr) {
            $postdata[] = '-' . decode($page) . $_rename_messages['msg_arrow'] . decode($pages[$page]) . "\n";
            foreach ($arr as $ofile => $nfile) {
                $postdata[] = '--' . $ofile . $_rename_messages['msg_arrow'] . $nfile . "\n";
            }
        }
        $postdata[] = '----' . "\n";
    }
    foreach ($pages as $old => $new) {
        $postdata[] = '-' . decode($old) . $_rename_messages['msg_arrow'] . decode($new) . "\n";
    }
    // At this time, collision detection is not implemented
    $wiki->set($postdata);
    //未定義
    //	cache_timestamp_touch();
    $page = plugin_rename_getvar('page');
    if ($page == '') {
        $page = PLUGIN_RENAME_LOGPAGE;
    }
    // Redirection
    if (!pkwk_headers_sent()) {
        header('Location: ' . get_page_location_uri($page));
    }
    exit;
}
Esempio n. 16
0
function plugin_comment_write()
{
    global $vars, $now;
    global $_no_name, $_comment_messages, $_comment_formats;
    if (!isset($vars['msg']) || !isset($vars['refer'])) {
        return array('msg' => '', 'body' => '');
    }
    // Do nothing
    $wiki = Factory::Wiki($vars['refer']);
    if (!$wiki->has()) {
        return array('msg' => '', 'body' => '');
    }
    // Do nothing
    $vars['msg'] = str_replace("\n", '', $vars['msg']);
    // Cut LFs
    $head = '';
    $match = array();
    if (preg_match('/^(-{1,2})-*\\s*(.*)/', $vars['msg'], $match)) {
        $head =& $match[1];
        $vars['msg'] =& $match[2];
    }
    if ($vars['msg'] == '') {
        return array('msg' => '', 'body' => '');
    }
    // Do nothing
    $comment = str_replace('$msg', $vars['msg'], $_comment_formats['msg']);
    list($nick, $vars['name'], $disabled) = plugin_comment_get_nick();
    if (isset($vars['name']) || isset($vars['nodate']) && $vars['nodate'] !== '1') {
        $_name = !isset($vars['name']) || $vars['name'] == '' ? $_no_name : $vars['name'];
        $_name = $_name == '' ? '' : str_replace('$name', $_name, $_comment_formats['name']);
        $_now = isset($vars['nodate']) && $vars['nodate'] == '1' ? '' : str_replace('$now', $now, PLUGIN_COMMENT_FORMAT_NOW);
        $comment = str_replace("MSG", $comment, $_comment_formats['str']);
        $comment = str_replace("NAME", $_name, $comment);
        $comment = str_replace("NOW", $_now, $comment);
    }
    $comment = '-' . $head . ' ' . $comment;
    $postdata = array();
    $comment_no = 0;
    $above = isset($vars['above']) && $vars['above'] == '1';
    foreach ($wiki->get() as $line) {
        if (!$above) {
            $postdata[] = $line;
        }
        if (preg_match('/^#comment/i', $line) && $comment_no++ == (isset($vars['comment_no']) ? $vars['comment_no'] : 0)) {
            $postdata[] = $comment;
            // Insert one blank line above #commment, to avoid indentation
        }
        if ($above) {
            $postdata[] = $line;
        }
    }
    $title = $_comment_messages['title_updated'];
    $body = '';
    if ($wiki->digest() !== $vars['digest']) {
        $title = $_comment_messages['title_collided'];
        $body = $_comment_messages['msg_collided'] . $wiki->uri();
    }
    $wiki->set($postdata);
    if (isset($vars['refpage'])) {
        Utility::redirect(get_page_location_uri($vars['refpage']));
        exit;
    }
    $vars['page'] = $vars['refer'];
    return array('msg' => $title, 'body' => $body);
}
Esempio n. 17
0
function plugin_jugemkey_action()
{
    global $vars, $auth_api, $_jugemkey_msg;
    if (!$auth_api['jugemkey']['use']) {
        return '';
    }
    if (!function_exists('pkwk_session_start')) {
        return '';
    }
    if (pkwk_session_start() == 0) {
        return '';
    }
    $page = empty($vars['page']) ? '' : $vars['page'];
    $die_message = PLUS_PROTECT_MODE ? 'die_msg' : 'die_message';
    // LOGIN
    if (isset($vars['login'])) {
        header('Location: ' . plugin_jugemkey_jump_url());
        die;
    }
    $obj = new auth_jugemkey();
    // LOGOUT
    if (isset($vars['logout'])) {
        $obj->auth_session_unset();
        header('Location: ' . get_page_location_uri($page));
        die;
    }
    // Get token info
    if (isset($vars['userinfo'])) {
        $rc = $obj->get_userinfo($vars['token']);
        if ($rc['rc'] != 200) {
            $msg = empty($rc['error']) ? '' : ' (' . $rc['error'] . ')';
            $die_message('JugemKey: RC=' . $rc['rc'] . $msg);
        }
        $body = '<h3>' . $_jugemkey_msg['msg_userinfo'] . '</h3>' . '<strong>' . $_jugemkey_msg['msg_user_name'] . ': ' . $rc['title'] . '</strong>';
        return array('msg' => 'JugemKey', 'body' => $body);
    }
    // AUTH
    $rc = $obj->auth($vars['frob']);
    if ($rc['rc'] != 200) {
        $msg = empty($rc['error']) ? '' : ' (' . $rc['error'] . ')';
        $die_message('JugemKey: ' . $rc['rc'] . $msg);
    }
    $obj->auth_session_put();
    header('Location: ' . get_page_location_uri($page));
    die;
}
Esempio n. 18
0
function plugin_bugtrack_action()
{
    global $vars;
    global $_plugin_bugtrack, $_string;
    // if (PKWK_READONLY) die_message('PKWK_READONLY prohibits editing');
    if (Auth::check_role('readonly')) {
        die_message($_string['prohibit']);
    }
    if (Auth::is_check_role(PKWK_CREATE_PAGE)) {
        die_message(str_replace('PKWK_CREATE_PAGE', 'PKWK_READONLY', $_string['prohibit']));
    }
    if ($vars['mode'] != 'submit') {
        return FALSE;
    }
    // Vaildation foreign values(by miko)
    $spam = !in_array($vars['priority'], $_plugin_bugtrack['priority_list']) || !in_array($vars['state'], $_plugin_bugtrack['state_list']) ? TRUE : FALSE;
    if ($spam) {
        honeypot_write();
        return array('msg' => 'cannot write', 'body' => '<p>prohibits editing</p>');
    }
    $page = plugin_bugtrack_write($vars['base'], $vars['pagename'], $vars['summary'], $vars['name'], $vars['priority'], $vars['state'], $vars['category'], $vars['version'], $vars['body']);
    Utility::redirect(get_page_location_uri($page));
    exit;
}
Esempio n. 19
0
function plugin_openid_finish_auth($consumer)
{
    global $vars, $_openid_msg;
    $die_message = PLUS_PROTECT_MODE ? 'die_msg' : 'die_message';
    $obj_verify = new auth_openid_plus_verify();
    $session_verify = $obj_verify->auth_session_get();
    //$session_verify['server_url']
    //$session_verify['local_id']
    $page = empty($session_verify['page']) ? '' : rawurldecode($session_verify['page']);
    $author = empty($session_verify['author']) ? '' : rawurldecode($session_verify['author']);
    $obj_verify->auth_session_unset();
    $return_to = get_page_location_uri($page);
    $response = $consumer->complete($return_to);
    /*
    echo '<pre>';
    var_dump($response);
    die();
    */
    switch ($response->status) {
        case Auth_OpenID_CANCEL:
            $die_message($_openid_msg['err_cancel']);
        case Auth_OpenID_FAILURE:
            $die_message($_openid_msg['err_failure'] . $response->message);
        case Auth_OpenID_SUCCESS:
            $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($response);
            $sreg = $sreg_resp->contents();
            // $sreg['email'], $sreg['nickname'], $sreg['fullname']
            if (!isset($sreg['nickname'])) {
                if (PLUGIN_OPENID_NO_NICKNAME) {
                    $sreg['nickname'] = 'anonymouse';
                } else {
                    $die_message($_openid_msg['err_nickname']);
                }
            }
            $obj = new auth_openid_plus();
            $obj->response = $sreg;
            // その他の項目を引き渡す
            $obj->response['author'] = $author;
            $obj->response['local_id'] = !empty($response->endpoint->local_id) ? $response->endpoint->local_id : $response->endpoint->claimed_id;
            $obj->response['identity_url'] = $response->getDisplayIdentifier();
            $obj->auth_session_put();
            break;
    }
    // オリジナルの画面に戻る
    header('Location: ' . get_page_location_uri($page));
}
Esempio n. 20
0
function plugin_help_action()
{
    global $help_page;
    header('Location: ' . get_page_location_uri($help_page));
    die;
}
Esempio n. 21
0
function plugin_bugtrack_action()
{
    global $post;
    global $_plugin_bugtrack;
    // if (PKWK_READONLY) die_message('PKWK_READONLY prohibits editing');
    if (auth::check_role('readonly')) {
        die_message('PKWK_READONLY prohibits editing');
    }
    if (auth::is_check_role(PKWK_CREATE_PAGE)) {
        die_message(_('PKWK_CREATE_PAGE prohibits editing'));
    }
    if ($post['mode'] != 'submit') {
        return FALSE;
    }
    // Petit SPAM Check (Client(Browser)-Server Ticket Check)
    $spam = FALSE;
    if (isset($post['encode_hint']) && $post['encode_hint'] != '') {
        if (PKWK_ENCODING_HINT != $post['encode_hint']) {
            $spam = TRUE;
        }
    } else {
        if (PKWK_ENCODING_HINT != '') {
            $spam = TRUE;
        }
    }
    // Vaildation foreign values(by miko)
    if (!in_array($post['priority'], $_plugin_bugtrack['priority_list'])) {
        $spam = TRUE;
    }
    if (!in_array($post['state'], $_plugin_bugtrack['state_list'])) {
        $spam = TRUE;
    }
    if ($spam) {
        honeypot_write();
        return array('msg' => 'cannot write', 'body' => '<p>prohibits editing</p>');
    }
    $page = plugin_bugtrack_write($post['base'], $post['pagename'], $post['summary'], $post['name'], $post['priority'], $post['state'], $post['category'], $post['version'], $post['body']);
    pkwk_headers_sent();
    header('Location: ' . get_page_location_uri($page));
    exit;
}
Esempio n. 22
0
function plugin_typekey_action()
{
    global $vars, $auth_api;
    if (empty($auth_api['typekey']['site_token'])) {
        return '';
    }
    $obj = new AuthTypekey();
    $obj->set_regkeys();
    $obj->set_need_email($auth_api['typekey']['need_email']);
    $obj->set_sigKey($vars);
    $page = empty($vars['page']) ? '' : $vars['page'];
    if (!$obj->auth()) {
        if (isset($vars['logout'])) {
            $obj->unsetSession();
        }
        Utility::redirect(get_page_location_uri($page));
    }
    // 認証成功
    $obj->setSession();
    Utility::redirect(get_page_location_uri($page));
}
Esempio n. 23
0
function plugin_typekey_action()
{
    global $vars, $auth_api;
    if (!function_exists('pkwk_session_start')) {
        return '';
    }
    if (pkwk_session_start() == 0) {
        return '';
    }
    if (empty($auth_api['typekey']['site_token'])) {
        return '';
    }
    $obj = new auth_typekey();
    $obj->set_regkeys();
    $obj->set_need_email($auth_api['typekey']['need_email']);
    $obj->set_sigKey($vars);
    $page = empty($vars['page']) ? '' : $vars['page'];
    if (!$obj->auth()) {
        if (isset($vars['logout'])) {
            $obj->auth_session_unset();
        }
        header('Location: ' . get_page_location_uri($page));
        die;
    }
    // 認証成功
    $obj->auth_session_put();
    header('Location: ' . get_page_location_uri($page));
    die;
}
Esempio n. 24
0
function plugin_rename_proceed($pages, $files, $exists)
{
    global $now, $_rename_messages;
    if (plugin_rename_getvar('exist') == '') {
        foreach ($exists as $key => $arr) {
            unset($files[$key]);
        }
    }
    set_time_limit(0);
    foreach ($files as $page => $arr) {
        foreach ($arr as $old => $new) {
            if (isset($exists[$page][$old]) && $exists[$page][$old]) {
                unlink($new);
            }
            rename($old, $new);
            // linkデータベースを更新する BugTrack/327 arino
            links_update($old);
            links_update($new);
        }
    }
    $postdata = get_source(PLUGIN_RENAME_LOGPAGE);
    $postdata[] = '*' . $now . "\n";
    if (plugin_rename_getvar('method') == 'regex') {
        $postdata[] = '-' . $_rename_messages['msg_regex'] . "\n";
        $postdata[] = '--From:[[' . plugin_rename_getvar('src') . ']]' . "\n";
        $postdata[] = '--To:[[' . plugin_rename_getvar('dst') . ']]' . "\n";
    } else {
        $postdata[] = '-' . $_rename_messages['msg_page'] . "\n";
        $postdata[] = '--From:[[' . plugin_rename_getvar('refer') . ']]' . "\n";
        $postdata[] = '--To:[[' . plugin_rename_getvar('page') . ']]' . "\n";
    }
    if (!empty($exists)) {
        $postdata[] = "\n" . $_rename_messages['msg_result'] . "\n";
        foreach ($exists as $page => $arr) {
            $postdata[] = '-' . decode($page) . $_rename_messages['msg_arrow'] . decode($pages[$page]) . "\n";
            foreach ($arr as $ofile => $nfile) {
                $postdata[] = '--' . $ofile . $_rename_messages['msg_arrow'] . $nfile . "\n";
            }
        }
        $postdata[] = '----' . "\n";
    }
    foreach ($pages as $old => $new) {
        $postdata[] = '-' . decode($old) . $_rename_messages['msg_arrow'] . decode($new) . "\n";
    }
    // 更新の衝突はチェックしない。
    // ファイルの書き込み
    page_write(PLUGIN_RENAME_LOGPAGE, join('', $postdata));
    //リダイレクト
    $page = plugin_rename_getvar('page');
    if ($page == '') {
        $page = PLUGIN_RENAME_LOGPAGE;
    }
    pkwk_headers_sent();
    header('Location: ' . get_page_location_uri($page));
    exit;
}
Esempio n. 25
0
function read_auth($page, $auth_flag = TRUE, $exit_flag = TRUE)
{
    global $read_auth, $read_auth_pages, $auth_api, $defaultpage, $_title;
    if (!$read_auth) {
        return true;
    }
    $info = auth::get_user_info();
    if (!empty($info['key']) && auth::is_page_readable($page, $info['key'], $info['group'])) {
        return true;
    }
    if (!$auth_api['plus']['use']) {
        return auth::is_page_readable($page, '', '');
    }
    $auth_func_name = get_auth_func_name();
    // 未認証時で認証不要($auth_flag)であっても、制限付きページかの判定が必要
    if ($auth_flag && !$auth_func_name($page, $auth_flag, $exit_flag, $read_auth_pages, $_title['cannotread'])) {
        return false;
    }
    return auth::is_page_readable($page, '', '');
    if ($exit_flag) {
        // 無応答
        header('Location: ' . get_page_location_uri($defaultpage));
        die;
    }
    return false;
}
Esempio n. 26
0
function plugin_approve_action()
{
    global $vars, $post;
    if (auth::check_role('readonly')) {
        die_message(_('PKWK_READONLY prohibits editing'));
    }
    if (auth::is_check_role(PKWK_CREATE_PAGE)) {
        die_message(_('PKWK_CREATE_PAGE prohibits editing'));
    }
    // Petit SPAM Check (Client(Browser)-Server Ticket Check)
    $spam = FALSE;
    if (function_exists('pkwk_session_start') && pkwk_session_start() != 0) {
        $s_tracker = md5(get_ticket() . 'Approve');
        error_log("\$s_tracker: " . $s_tracker);
        error_log("\$_SESSION['tracker']: " . $_SESSION['tracker']);
    } else {
        if (isset($post['encode_hint']) && $post['encode_hint'] != '') {
            error_log("\$post['encode_hint']: " . $post['encode_hint']);
            if (PKWK_ENCODING_HINT != $post['encode_hint']) {
                $spam = TRUE;
            }
        } else {
            error_log("PKWK_ENCODING_HINT: " . PKWK_ENCODING_HINT);
            if (PKWK_ENCODING_HINT != '') {
                $spam = TRUE;
            }
        }
        error_log("is_spampost: " . is_spampost(array('body'), PLUGIN_TRACKER_REJECT_SPAMCOUNT));
        if (is_spampost(array('body'), PLUGIN_TRACKER_REJECT_SPAMCOUNT)) {
            $spam = TRUE;
        }
    }
    error_log("isSpam: " . $spam);
    if ($spam) {
        honeypot_write();
        return array('msg' => 'cannot write', 'body' => '<p>prohibits editing</p>');
    }
    $name = isset($post['name']) ? $post['name'] : '';
    $page = isset($post['_page']) ? $post['_page'] : '';
    if ($name == '') {
        return '<p>approve(): empty name.</p>';
    }
    if ($page == '') {
        return '<p>approve(): empty page.</p>';
    }
    $config_path = PLUGIN_APPROVE_CONFIG_ROOT . $name;
    $config = new YamlConfig($config_path);
    if (!$config->read()) {
        return array('msg' => 'Approve', 'body' => '<p>approve(): failed to load config. "' . $config_path . '"</p>');
    }
    $pattern = $config[PLUGIN_APPROVE_KEY_PATTERN];
    $replace = $config[PLUGIN_APPROVE_KEY_REPLACE];
    $page_regex = $config[PLUGIN_APPROVE_KEY_PAGE_REGEX];
    if ($page == '') {
        return array('msg' => 'Approve', 'body' => '<p>approve(): empty page.</p>');
    }
    if ($pattern == '') {
        return array('msg' => 'Approve', 'body' => '<p>approve(): empty pattern.</p>');
    }
    if ($page_regex == '') {
        return array('msg' => 'Approve', 'body' => '<p>approve(): empty page_regex.</p>');
    }
    if (!preg_match($page_regex, $page)) {
        return array('msg' => 'Approve', 'body' => '<p>approve(): page not match.</p>');
    }
    if (PKWK_READONLY > 0 || is_freeze($vars['page']) || !plugin_approve_is_edit_authed($page)) {
        return array('msg' => 'Approve', 'body' => '<p>approve(): prohibit editing. "' . $page . '"</p>');
    }
    $source = get_source($page, TRUE, TRUE);
    if ($source === FALSE) {
        return array('msg' => 'Approve', 'body' => '<p>approve(): failed to load page. "' . $page . '"</p>');
    }
    if (strpos($source, $pattern) === FALSE) {
        return array('msg' => 'Approve', 'body' => '<p>approve(): pattern not match.</p>');
    }
    $source = str_replace($pattern, $replace, $source);
    //return array('msg'=>'Approve', 'body'=>$source);
    page_write($page, $source);
    pkwk_headers_sent();
    header('Location: ' . get_page_location_uri($page));
    exit;
}
Esempio n. 27
0
function plugin_livedoor_action()
{
    global $vars, $auth_api, $_livedoor_msg;
    if (!$auth_api['livedoor']['use']) {
        return '';
    }
    // LOGIN
    if (isset($vars['login'])) {
        Utility::redirect(plugin_livedoor_jump_url());
    }
    $obj = new auth_livedoor();
    // LOGOUT
    if (isset($vars['logout'])) {
        $obj->unsetSession();
        $page = empty($vars['page']) ? '' : decode($vars['page']);
        Utility::redirect(get_page_location_uri($page));
    }
    // AUTH
    $rc = $obj->auth($vars);
    if (!isset($rc['has_error']) || $rc['has_error'] == 'true') {
        // ERROR
        $body = isset($rc['message']) ? $rc['message'] : 'unknown error.';
        $die_message($body);
    }
    $obj->setSession();
    Utility::redirect(get_page_location_uri($obj->get_return_page()));
}
Esempio n. 28
0
function plugin_tracker_action()
{
    global $post, $vars, $now;
    //	if (PKWK_READONLY) die_message('PKWK_READONLY prohibits editing');
    if (auth::check_role('readonly')) {
        die_message(_('PKWK_READONLY prohibits editing'));
    }
    if (auth::is_check_role(PKWK_CREATE_PAGE)) {
        die_message(_('PKWK_CREATE_PAGE prohibits editing'));
    }
    $base = isset($post['_base']) ? $post['_base'] : '';
    $refer = isset($post['_refer']) ? $post['_refer'] : '';
    $createProxy = isset($post['_createProxy']) ? $post['_createProxy'] : '';
    // $page name to add will be decided here
    $num = 0;
    $name = isset($post['_name']) ? $post['_name'] : '';
    if (isset($post['_page'])) {
        $real = $page = $post['_page'];
    } else {
        $real = is_pagename($name) ? $name : ++$num;
        $page = get_fullname('./' . $real, $base);
    }
    if (!is_pagename($page)) {
        $page = $base;
    }
    while (is_page($page)) {
        $real = ++$num;
        $page = $base . '/' . $real;
    }
    $config = isset($post['_config']) ? $post['_config'] : '';
    $createProxy = isset($post['_createProxy']) ? $post['_createProxy'] : '';
    // Petit SPAM Check (Client(Browser)-Server Ticket Check)
    $spam = FALSE;
    if (function_exists('pkwk_session_start') && pkwk_session_start() != 0) {
        $s_tracker = md5(get_ticket() . $config_name);
        error_log("\$s_tracker: " . $s_tracker);
        error_log("\$_SESSION['tracker']: " . $_SESSION['tracker']);
        //		if ($_SESSION['tracker'] != $s_tracker) {
        //			$spam = TRUE;
        //		}
    } else {
        if (isset($post['encode_hint']) && $post['encode_hint'] != '') {
            if (PKWK_ENCODING_HINT != $post['encode_hint']) {
                $spam = TRUE;
            }
        } else {
            if (PKWK_ENCODING_HINT != '') {
                $spam = TRUE;
            }
        }
        if (is_spampost(array('body'), PLUGIN_TRACKER_REJECT_SPAMCOUNT)) {
            $spam = TRUE;
        }
    }
    if ($spam) {
        honeypot_write();
        return array('msg' => 'cannot write', 'body' => '<p>prohibits editing</p>');
    }
    // TODO: Why here
    // Default
    $_post = array_merge($post, $_FILES);
    $_post['_date'] = $now;
    $_post['_page'] = $page;
    $_post['_name'] = $name;
    $_post['_real'] = $real;
    // $_post['_refer'] = $_post['refer'];
    // TODO: Why here => See BugTrack/662
    // Creating an empty page, before attaching files
    pkwk_touch_file(get_filename($page));
    $from = $to = array();
    $tracker_form =& new Tracker_form();
    if (!$tracker_form->init($base, $refer, $config)) {
        return array('msg' => 'Cannot write', 'body' => htmlspecialchars($tracker_form->error));
    }
    // Load $template
    $template_page = $tracker_form->config->page . '/' . PLUGIN_TRACKER_DEFAULT_PAGE;
    $template = plugin_tracker_get_source($template_page);
    if ($template === FALSE || empty($template)) {
        return array('msg' => 'Cannot write', 'body' => 'Page template (' . htmlspecialchars($template_page) . ') not found');
    }
    if (!$tracker_form->initFields(plugin_tracker_field_pickup(implode('', $template)))) {
        return array('msg' => 'Cannot write', 'body' => htmlspecialchars($tracker_form->error));
    }
    $fields = $tracker_form->fields;
    unset($tracker_form);
    foreach (array_keys($fields) as $field) {
        $from[] = '[' . $field . ']';
        $to[] = isset($_post[$field]) ? $fields[$field]->format_value($_post[$field]) : '';
        unset($fields[$field]);
    }
    // Repalace every [$field]s (found inside $template) to real values
    $subject = $escape = array();
    foreach (array_keys($template) as $linenum) {
        if (trim($template[$linenum]) == '') {
            continue;
        }
        // Escape some TextFormattingRules
        $letter = $template[$linenum][0];
        if ($letter == '|' || $letter == ':') {
            $escape['|'][$linenum] = $template[$linenum];
        } else {
            if ($letter == ',') {
                $escape[','][$linenum] = $template[$linenum];
            } else {
                // TODO: Escape "\n" except multiline-allowed fields
                $subject[$linenum] = $template[$linenum];
            }
        }
    }
    foreach (str_replace($from, $to, $subject) as $linenum => $line) {
        $template[$linenum] = $line;
    }
    if ($escape) {
        // Escape for some TextFormattingRules
        foreach (array_keys($escape) as $hint) {
            $to_e = plugin_tracker_escape($to, $hint);
            foreach (str_replace($from, $to_e, $escape[$hint]) as $linenum => $line) {
                $template[$linenum] = $line;
            }
        }
        unset($to_e);
    }
    unset($from, $to);
    // Write $template, without touch
    page_write($page, join('', $template));
    // Create proxy page
    if ($createProxy && ($proxyPage = isset($_post[$createProxy]) ? $_post[$createProxy] : '')) {
        page_write($proxyPage, '#include(' . $page . ',notitle)');
    }
    pkwk_headers_sent();
    header('Location: ' . get_page_location_uri($page));
    exit;
}
function plugin_newpage_subdir_action()
{
    global $vars;
    if (auth::check_role('readonly')) {
        return '';
    }
    if (auth::is_check_role(PKWK_CREATE_PAGE)) {
        return '';
    }
    $roots = $retval = array();
    $page = empty($vars['page']) ? '' : $vars['page'];
    $dir = empty($vars['directory']) ? '' : strip_bracket($vars['directory']);
    if (empty($page)) {
        if (!empty($dir)) {
            $roots[] = substr($dir, -1) == '/' ? substr($dir, 0, -1) : $dir;
            // $msg_prefix = $directory."..に";
            $msg_prefix = _("To {$dir}.");
        }
        $retval['msg'] = htmlspecialchars($msg_prefix) . _('New page');
        $retval['body'] = print_form_string(build_directory_list($roots));
        return $retval;
    }
    header('Location: ' . get_page_location_uri($dir . $page));
    die;
}