function plugin_edit_write()
{
global $vars, $trackback;
global $_title_collided, $_msg_collided_auto, $_msg_collided, $_title_deleted;
global $notimeupdate, $_msg_invalidpass, $do_update_diff_table;
$page = isset($vars['page']) ? $vars['page'] : '';
$add = isset($vars['add']) ? $vars['add'] : '';
$digest = isset($vars['digest']) ? $vars['digest'] : '';
$vars['msg'] = preg_replace(PLUGIN_EDIT_FREEZE_REGEX, '', $vars['msg']);
$msg =& $vars['msg'];
// Reference
$retvars = array();
// Collision Detection
$oldpagesrc = join('', get_source($page));
$oldpagemd5 = md5($oldpagesrc);
if ($digest != $oldpagemd5) {
$vars['digest'] = $oldpagemd5;
// Reset
$original = isset($vars['original']) ? $vars['original'] : '';
list($postdata_input, $auto) = do_update_diff($oldpagesrc, $msg, $original);
$retvars['msg'] = $_title_collided;
$retvars['body'] = ($auto ? $_msg_collided_auto : $_msg_collided) . "\n";
$retvars['body'] .= $do_update_diff_table;
$retvars['body'] .= edit_form($page, $postdata_input, $oldpagemd5, FALSE);
return $retvars;
}
// Action?
if ($add) {
// Add
if (isset($vars['add_top']) && $vars['add_top']) {
$postdata = $msg . "\n\n" . @join('', get_source($page));
} else {
$postdata = @join('', get_source($page)) . "\n\n" . $msg;
}
} else {
// Edit or Remove
$postdata =& $msg;
// Reference
}
// NULL POSTING, OR removing existing page
if ($postdata == '') {
page_write($page, $postdata);
$retvars['msg'] = $_title_deleted;
$retvars['body'] = str_replace('$1', htmlspecialchars($page), $_title_deleted);
if ($trackback) {
tb_delete($page);
}
return $retvars;
}
// $notimeupdate: Checkbox 'Do not change timestamp'
$notimestamp = isset($vars['notimestamp']) && $vars['notimestamp'] != '';
if ($notimeupdate > 1 && $notimestamp && !pkwk_login($vars['pass'])) {
// Enable only administrator & password error
$retvars['body'] = '<p><strong>' . $_msg_invalidpass . '</strong></p>' . "\n";
$retvars['body'] .= edit_form($page, $msg, $digest, FALSE);
return $retvars;
}
page_write($page, $postdata, $notimeupdate != 0 && $notimestamp);
pkwk_headers_sent();
header('Location: ' . get_script_uri() . '?' . rawurlencode($page));
exit;
}
function plugin_mceedit_write()
{
global $vars, $trackback;
global $notimeupdate;
// global $_title_collided, $_msg_collided_auto, $_msg_collided, $_title_deleted;
// global $_msg_invalidpass;
$page = isset($vars['page']) ? $vars['page'] : '';
$retvars = array();
// 手書きの#freezeを削除
$vars['msg'] = preg_replace('/^#freeze\\s*$/im', '', $vars['msg']);
$vars['msg'] = $vars['before'] . "\n#html{{\n" . $vars['msg'] . "\n}}\n";
//TinyMCE
$postdata = $postdata_input = $vars['msg'];
if (isset($vars['add']) && $vars['add']) {
if (isset($vars['add_top']) && $vars['add_top']) {
$postdata = $postdata . "\n\n" . @join('', get_source($page));
} else {
$postdata = @join('', get_source($page)) . "\n\n" . $postdata;
}
} else {
if (isset($vars['id']) && $vars['id']) {
$source = preg_split('/([^\\n]*\\n)/', $vars['original'], -1, PREG_SPLIT_NO_EMPTY | PREG_SPLIT_DELIM_CAPTURE);
if (plugin_mceedit_parts($vars['id'], $source, $vars['msg']) !== FALSE) {
$postdata = $postdata_input = join('', $source);
} else {
// $post['msg']だけがページに書き込まれてしまうのを防ぐ。
$postdata = $postdata_input = rtrim($vars['original']) . "\n\n" . $vars['msg'];
}
}
}
$oldpagesrc = join('', get_source($page));
$oldpagemd5 = md5($oldpagesrc);
if (!isset($vars['digest']) || $vars['digest'] != $oldpagemd5) {
$vars['digest'] = $oldpagemd5;
$retvars['msg'] = _('On updating $1, a collision has occurred.');
list($postdata_input, $auto) = do_update_diff($oldpagesrc, $postdata_input, $vars['original']);
$_msg_collided_auto = _('It seems that someone has already updated this page while you were editing it.<br />') . _('The collision has been corrected automatically, but there may still be some problems with the page.<br />') . _('To confirm the changes to the page, press [Update].<br />');
$_msg_collided = _('It seems that someone has already updated this page while you were editing it.<br />') . _(' + is placed at the beginning of a line that was newly added.<br />') . _(' ! is placed at the beginning of a line that has possibly been updated.<br />') . _(' Edit those lines, and submit again.');
$_msg_invalidpass = _('Invalid password.');
$retvars['body'] = ($auto ? $_msg_collided_auto : $_msg_collided) . "\n";
if (TRUE) {
global $do_update_diff_table;
$retvars['body'] .= $do_update_diff_table;
}
unset($vars['id']);
// 更新が衝突したら全文編集に切り替え
$retvars['body'] .= plugin_mceedit_edit_form($page, $postdata_input, $oldpagemd5, FALSE);
} else {
if ($postdata) {
$notimestamp = $notimeupdate != 0 && (isset($vars['notimestamp']) && $vars['notimestamp'] != '');
// if($notimestamp && ($notimeupdate == 2) && !pkwk_login($vars['pass'])) {
if ($notimestamp && $notimeupdate == 2 && auth::check_role('role_adm_contents') && !pkwk_login($vars['pass'])) {
// enable only administrator & password error
$retvars['body'] = "<p><strong>{$_msg_invalidpass}</strong></p>\n";
$retvars['body'] .= plugin_mceedit_edit_form($page, $vars['msg'], $vars['digest'], FALSE);
} else {
page_write($page, $postdata, $notimestamp);
pkwk_headers_sent();
if ($vars['refpage'] != '') {
if ($vars['id'] != '') {
header('Location: ' . get_script_uri() . '?' . rawurlencode($vars['refpage'])) . '#' . rawurlencode($vars['id']);
} else {
header('Location: ' . get_script_uri() . '?' . rawurlencode($vars['refpage']));
}
} else {
if ($vars['id'] != '') {
header('Location: ' . get_script_uri() . '?' . rawurlencode($page)) . '#' . rawurlencode($vars['id']);
} else {
header('Location: ' . get_script_uri() . '?' . rawurlencode($page));
}
}
exit;
}
} else {
$_title_deleted = _(' $1 was deleted');
page_write($page, $postdata);
$retvars['msg'] = $_title_deleted;
$retvars['body'] = str_replace('$1', htmlspecialchars($page), $_title_deleted);
if ($trackback) {
tb_delete($page);
}
}
}
return $retvars;
}
function plugin_edit_write()
{
global $vars, $trackback, $layout_pages;
global $notimeupdate, $do_update_diff_table;
global $qblog_defaultpage, $date_format, $qblog_menubar;
$qm = get_qm();
$page = isset($vars['page']) ? $vars['page'] : '';
$add = isset($vars['add']) ? $vars['add'] : '';
$digest = isset($vars['digest']) ? $vars['digest'] : '';
$vars['msg'] = preg_replace(PLUGIN_EDIT_FREEZE_REGEX, '', $vars['msg']);
$msg =& $vars['msg'];
// Reference
$retvars = array();
// Collision Detection
$oldpagesrc = join('', get_source($page));
$oldpagemd5 = md5($oldpagesrc);
if ($digest != $oldpagemd5) {
$vars['digest'] = $oldpagemd5;
// Reset
$original = isset($vars['original']) ? $vars['original'] : '';
list($postdata_input, $auto) = do_update_diff($oldpagesrc, $msg, $original);
$retvars['msg'] = $qm->m['fmt_title_collided'];
$retvars['body'] = ($auto ? $qm->m['fmt_msg_collided_auto'] : $qm->m['fmt_msg_collided']) . "\n";
$retvars['body'] .= $do_update_diff_table;
$retvars['body'] .= edit_form($page, $postdata_input, $oldpagemd5, FALSE);
return $retvars;
}
// Action?
if ($add) {
// Add
if (isset($vars['add_top']) && $vars['add_top']) {
$postdata = $msg . "\n\n" . @join('', get_source($page));
} else {
$postdata = @join('', get_source($page)) . "\n\n" . $msg;
}
} else {
// Edit or Remove
$postdata =& $msg;
// Reference
}
//ブログの時は、タイトルを足す
if ($page !== $qblog_defaultpage && is_qblog()) {
global $qblog_default_cat;
$title = trim($vars['title']);
$image = trim($vars['image']);
$cat = trim($vars['category']);
$cat = $cat === '' ? $qblog_default_cat : $cat;
if ($postdata !== '') {
$postdata = 'TITLE:' . $title . "\n" . $postdata;
}
}
// NULL POSTING, OR removing existing page
if ($postdata == '') {
page_write($page, $postdata);
$retvars['msg'] = $qm->m['fmt_title_deleted'];
$retvars['body'] = str_replace('$1', htmlspecialchars($page), $qm->m['fmt_title_deleted']);
if ($trackback) {
tb_delete($page);
}
return $retvars;
}
// $notimeupdate: Checkbox 'Do not change timestamp'
$notimestamp = isset($vars['notimestamp']) && $vars['notimestamp'] != '';
if ($notimeupdate > 1 && $notimestamp && !pkwk_login($vars['pass'])) {
// Enable only administrator & password error
$retvars['body'] = '<p><strong>' . $qm->m['fmt_msg_invalidpass'] . '</strong></p>' . "\n";
$retvars['body'] .= edit_form($page, $msg, $digest, FALSE);
return $retvars;
}
page_write($page, $postdata, $notimeupdate != 0 && $notimestamp);
//ブログの場合
if ($page !== $qblog_defaultpage && is_qblog()) {
// 日付の変更があったら、ページ名の変更
$page_date = get_qblog_date($date_format, $page);
if ($page_date and $vars['qblog_date'] != $page_date) {
// ページ名の変更
if (exist_plugin('rename')) {
// ! renameのために $vasの値を変更
$vars['page'] = $newpage = qblog_get_newpage($vars['qblog_date']);
$vars['refer'] = $refer = $page;
$vars['exist'] = 1;
$pages = array();
$pages[encode($refer)] = encode($newpage);
$files = plugin_rename_get_files($pages);
$exists = array();
foreach ($files as $_page => $arr) {
foreach ($arr as $old => $new) {
if (file_exists($new)) {
$exists[$_page][$old] = $new;
}
}
}
plugin_rename_proceed($pages, $files, $exists, FALSE);
//保留コメントリスト内のページ名を変更
$datafile = CACHEQBLOG_DIR . 'qblog_pending_comments.dat';
$pending_comments = unserialize(file_get_contents($datafile));
foreach ($pending_comments as $i => $comment) {
if ($comment['page'] == $page) {
$pending_comments[$i]['page'] = $newpage;
}
}
file_put_contents($datafile, serialize($pending_comments), LOCK_EX);
//最新コメントリスト内のページ名を変更
$datafile = CACHEQBLOG_DIR . 'qblog_recent_comments.dat';
file_put_contents($datafile, str_replace($page, $newpage, file_get_contents($datafile)), LOCK_EX);
//変数を格納し直す
$page = $newpage;
}
}
//ブログの時は、ポストキャッシュを書き換える
$option = array('category' => $cat, 'image' => $image);
qblog_update_post($force, $page, $option);
//Ping送信を行う
if (!$notimestamp) {
send_qblog_ping();
}
}
pkwk_headers_sent();
//ブログメニューの場合、ブログトップへ移動する
if ($page === $qblog_menubar) {
header('Location: ' . get_script_uri() . '?' . $qblog_defaultpage);
} else {
if (array_key_exists($page, $layout_pages)) {
header('Location: ' . get_script_uri());
} else {
header('Location: ' . get_script_uri() . '?' . rawurlencode($page));
}
}
exit;
}
function plugin_edit_write()
{
global $post, $vars, $trackback;
global $notimeupdate, $do_update_diff_table;
global $use_trans_sid_address;
// global $_title_collided, $_msg_collided_auto, $_msg_collided, $_title_deleted;
// global $_msg_invalidpass;
$_title_deleted = _(' $1 was deleted');
$_msg_invalidpass = _('Invalid password.');
$page = isset($vars['page']) ? $vars['page'] : '';
$add = isset($vars['add']) ? $vars['add'] : '';
$digest = isset($vars['digest']) ? $vars['digest'] : '';
$partid = isset($vars['id']) ? $vars['id'] : '';
$notimestamp = isset($vars['notimestamp']) && $vars['notimestamp'] != '';
// Check Validate and Ticket
if ($notimestamp && !is_page($page)) {
return plugin_edit_honeypot();
}
// SPAM Check (Client(Browser)-Server Ticket Check)
if (isset($post['encode_hint']) && $post['encode_hint'] != PKWK_ENCODING_HINT) {
return plugin_edit_honeypot();
}
if (!isset($post['encode_hint']) && PKWK_ENCODING_HINT != '') {
return plugin_edit_honeypot();
}
// Validate
if (is_spampost(array('msg'))) {
return plugin_edit_honeypot();
}
// Paragraph edit mode
if ($partid) {
$source = preg_split('/([^\\n]*\\n)/', $vars['original'], -1, PREG_SPLIT_NO_EMPTY | PREG_SPLIT_DELIM_CAPTURE);
if (plugin_edit_parts($partid, $source, $vars['msg']) !== FALSE) {
$vars['msg'] = join('', $source);
} else {
$vars['msg'] = rtrim($vars['original']) . "\n\n" . $vars['msg'];
}
}
// Delete "#freeze" command for form edit.
$vars['msg'] = preg_replace('/^#freeze\\s*$/im', '', $vars['msg']);
$msg =& $vars['msg'];
// Reference
$retvars = array();
// Collision Detection
$oldpagesrc = get_source($page, TRUE, TRUE);
$oldpagemd5 = md5($oldpagesrc);
if ($digest != $oldpagemd5) {
$vars['digest'] = $oldpagemd5;
// Reset
$original = isset($vars['original']) ? $vars['original'] : '';
list($postdata_input, $auto) = do_update_diff($oldpagesrc, $msg, $original);
$_msg_collided_auto = _('It seems that someone has already updated this page while you were editing it.<br />') . _('The collision has been corrected automatically, but there may still be some problems with the page.<br />') . _('To confirm the changes to the page, press [Update].<br />');
$_msg_collided = _('It seems that someone has already updated this page while you were editing it.<br />') . _(' + is placed at the beginning of a line that was newly added.<br />') . _(' ! is placed at the beginning of a line that has possibly been updated.<br />') . _(' Edit those lines, and submit again.');
$retvars['msg'] = _('On updating $1, a collision has occurred.');
$retvars['body'] = ($auto ? $_msg_collided_auto : $_msg_collided) . "\n";
$retvars['body'] .= $do_update_diff_table;
unset($vars['id']);
// Change edit all-text of pages(from para-edit)
$retvars['body'] .= edit_form($page, $postdata_input, $oldpagemd5, FALSE);
return $retvars;
}
// Action?
if ($add) {
// Add
if (isset($vars['add_top']) && $vars['add_top']) {
$postdata = $msg . "\n\n" . @join('', get_source($page));
} else {
$postdata = @join('', get_source($page)) . "\n\n" . $msg;
}
} else {
// Edit or Remove
$postdata =& $msg;
// Reference
}
// NULL POSTING, OR removing existing page
if ($postdata == '') {
page_write($page, $postdata);
$retvars['msg'] = $_title_deleted;
$retvars['body'] = str_replace('$1', htmlspecialchars($page), $_title_deleted);
if ($trackback) {
tb_delete($page);
}
return $retvars;
}
// $notimeupdate: Checkbox 'Do not change timestamp'
// $notimestamp = isset($vars['notimestamp']) && $vars['notimestamp'] != '';
// if ($notimeupdate > 1 && $notimestamp && ! pkwk_login($vars['pass'])) {
if ($notimeupdate > 1 && $notimestamp && auth::check_role('role_adm_contents') && !pkwk_login($vars['pass'])) {
// Enable only administrator & password error
$retvars['body'] = '<p><strong>' . $_msg_invalidpass . '</strong></p>' . "\n";
$retvars['body'] .= edit_form($page, $msg, $digest, FALSE);
return $retvars;
}
page_write($page, $postdata, $notimestamp);
pkwk_headers_sent();
if (isset($vars['refpage']) && $vars['refpage'] != '') {
if ($partid) {
header('Location: ' . get_page_location_uri($vars['refpage'], '', rawurlencode($partid)));
} else {
header('Location: ' . get_page_location_uri($vars['refpage']));
}
} else {
if ($partid) {
header('Location: ' . get_page_location_uri($page, '', rawurlencode($partid)));
} else {
header('Location: ' . get_page_location_uri($page));
}
}
exit;
}
function process()
{
global $do_update_diff_table, $notimeupdate;
$qm = get_qm();
$this->init();
$this->check();
if (substr($this->postdata, -1) !== "\n") {
$this->postdata .= "\n";
}
$this->sections->set_section($this->id, $this->postdata, $this->level);
$postdata = $this->sections->get_source();
$current_src = get_source($this->page, true, true);
$current_md5 = md5($current_src);
if ($this->digest !== $current_md5) {
list($postdata, $auto) = do_update_diff($current_src, $postdata, $this->original);
$this->s_postdata = htmlspecialchars($postdata);
$this->s_digest = htmlspecialchars($current_md5);
$body = ($auto ? $qm->m['fmt_msg_collided_auto'] : $qm->m['fmt_msg_collided']) . "\n";
$body .= $do_update_diff_table . edit_form($this->page, $postdata, $current_md5, false);
return array('msg' => $qm->m['fmt_title_collided'], 'body' => $body);
}
if ($postdata === '') {
page_write($this->page, $postdata);
return array('msg' => $qm->m['fmt_title_deleted'], 'body' => str_replace('$1', $this->s_page, $qm->m['fmt_title_deleted']));
}
if ($notimeupdate > 1 && $this->notimestamp && !pkwk_login($this->pass)) {
return array('msg' => $qm->m['fmt_title_edit'], 'body' => "<p><strong>{$qm->m['fmt_msg_invalidpass']}</strong></p>\n" . $this->form());
}
if (md5($postdata) === $current_md5) {
$this->redirect($this->page);
}
page_write($this->page, $postdata, $notimeupdate != 0 && $this->notimestamp);
$this->redirect($this->page);
}
