function kona3_action_new() { global $kona3conf; $page = $kona3conf["page"]; $action = kona3getPageURL($page, "new"); $am = kona3param('a_mode', ''); $key = kona3param('a_key', ''); $res = ""; if ($am == "new") { $url = kona3getPageURL($key, "edit"); header("Location: {$url}"); exit; } $key_ = kona3text2html($key); // show form $form = <<<EOS <div> <form method="post" action="{$action}"> <input type="hidden" name="a_mode" value="new"> <input type="text" name="a_key" value="{$key_}"> <input type="submit" value="New"> </form> </div> <div> {$res} </div> EOS; // show kona3template('message', array("page_title" => kona3text2html($page), "page_body" => $form)); }
function kona3_action_login() { global $kona3conf; $page = $kona3conf["page"]; $action = kona3getPageURL($page, "login"); $am = kona3param('a_mode', ''); $user = kona3param('a_user', ''); $pw = kona3param('a_pw', ''); $msg = ''; // check user if ($am == "trylogin") { $users = $kona3conf['users']; if (isset($users[$user]) && $users[$user] == $pw) { // ok $editLink = kona3getPageURL($page, 'edit'); $msg = "<a href='{$editLink}'>Success to login.</a>"; kona3login(); kona3showMessage($page, $msg); exit; } else { // ng $msg = '<div class="error">Invalid User or Password.</div>'; } } // show form $form = <<<EOS <div id="loginform"> {$msg} <form method="post" action="{$action}"> <input type="hidden" name="a_mode" value="trylogin"> <p> <label for="user">User:</label><br> <input id="user" type="text" name="a_user"> </p> <p> <label for="pass">Password:</label><br> <input id="pass" type="password" name="a_pw"> </p> <p><input type="submit" value="Login"></p> </form> </div> EOS; // show kona3template('message', array("page_title" => kona3text2html($page), "page_body" => $form)); }
function kona3_action_search() { global $kona3conf; $page = $kona3conf["page"]; $action = kona3getPageURL($page, "search"); $am = kona3param('a_mode', ''); $key = kona3param('a_key', ''); $res = ''; if ($am == "search") { $result = array(); $path_data = $kona3conf["path.data"]; kona3search($key, $result, $path_data); foreach ($result as $f) { $path = str_replace("{$path_data}/", "", $f); $path = preg_replace('/\\.(txt|md)$/', '', $path); $enc = urlencode($path); $res .= "<li><a href='index.php?{$enc}'>{$path}</li>"; } } if ($res != "") { $res = "<ul>{$res}</ul>\n"; } $key_ = kona3text2html($key); // show form $form = <<<EOS <div> <form method="post" action="{$action}"> <input type="hidden" name="a_mode" value="search"> <input type="text" name="a_key" value="{$key_}"> <input type="submit" value="Search"> </form> </div> <div> {$res} </div> EOS; // show kona3template('message', array("page_title" => kona3text2html($page), "page_body" => $form)); }
function kona3plugins_comment_action() { global $kona3conf, $output_format; $page = kona3getPage(); $m = kona3param("m", ""); $output_format = kona3param("fmt", ""); $is_login = kona3isLogin(); if ($m == "") { _err($page, 'No Mode in Comment'); } // write comment if ($m == "write") { kona3plugins_comment_action_write($page); return; } // delete comment (1/2) if ($m == "del") { $id = intval(@$_REQUEST['id']); if ($id <= 0) { kona3error($page, 'no id'); } $key = $_SESSION['password']; $del = "<form method='post'>" . "<input type='hidden' name='m' value='del2'>" . "<input type='hidden' name='id' value='{$id}'>" . "<p>Really delete (id={$id})?</p>" . "<p>password: <input type='password' name='pw' value='{$key}'>" . " <input type='submit' value='Delete'></p>" . "</form>"; _err($page, $del); exit; } // delete comment (2/2) if ($m == "del2") { $id = intval(@$_REQUEST['id']); $pw = isset($_REQUEST['pw']) ? $_REQUEST['pw'] : ''; if ($id <= 0) { kona3error($page, "no id"); } $pdo = kona3getDB(); $stmt = $pdo->prepare('SELECT * FROM comment_list WHERE comment_id=?'); $stmt->execute(array($id)); $row = $stmt->fetch(); if ($row['delkey'] === $pw || $is_login) { $pdo->exec("DELETE FROM comment_list WHERE comment_id={$id}"); if ($output_format == "json") { _ok($page, "deleted"); } header('location: index.php?' . urlencode($page)); exit; } } // set todo if ($m == "todo") { $id = intval(@$_REQUEST['id']); if ($id < 0) { kona3error($page, "no id"); } $v = isset($_REQUEST['v']) ? intval($_REQUEST['v']) : -1; if ($v < 0) { kona3error($page, "no v param"); } $pdo = kona3getDB(); $stmt = $pdo->prepare('UPDATE comment_list SET todo=? ' . ' WHERE comment_id=?'); $stmt->execute(array($v, $id)); $v = $v == 1 ? "todo" : "done"; _ok($page, "ok comment_id={$id} change to {$v}"); exit; } // else _err($page, 'Invalid mode'); exit; }
function kona3_trywrite(&$txt, &$a_hash, $i_mode) { global $kona3conf, $page; $edit_txt = kona3param('edit_txt', ''); $a_hash_frm = kona3param('a_hash', ''); $fname = kona3getWikiFile($page); // check hash if ($a_hash_frm !== $a_hash) { // conflict return kona3_conflict($edit_txt, $txt, $i_mode); } // save if (file_exists($fname)) { if (!is_writable($fname)) { kona3_edit_err('Could not write file.', $i_mode); exit; } } else { $dirname = dirname($fname); if (file_exists($dirname)) { if (!is_writable(dirname($fname))) { kona3_edit_err('Could not write file. Permission denied.', $i_mode); exit; } } else { // auto mkdir ? $data_dir = $kona3conf['path.data']; $max_level = $kona3conf['path.max.mkdir']; if ($data_dir != substr($dirname, 0, strlen($data_dir))) { kona3_edit_err('Invalid File Path.', $i_mode); exit; } $dirname2 = substr($dirname, strlen($data_dir) + 1); $cnt = count(explode("/", $dirname2)); if ($cnt <= $max_level) { // 3 level directories $b = mkdir($dirname, 0777, TRUE); if (!$b) { kona3_edit_err('mkdir failed, could not use "/"', $i_mode); exit; } } else { kona3_edit_err("Invalid Wiki Name (not allow use '/' over {$max_level} times)", $i_mode); exit; } } } file_put_contents($fname, $edit_txt); // result if ($i_mode == "ajax") { echo json_encode(array('result' => 'ok', 'a_hash' => hash('sha256', $edit_txt))); exit; } $jump = kona3getPageURL($page); header("location:{$jump}"); echo "ok, saved."; }