コード例 #1
0
/**
 * リダイレクトプラグイン
 *
 * @copyright   Copyright &copy; 2006,2008, Katsumi Saito <*****@*****.**>
 * @version     $Id: redirect.inc.php,v 0.3 2008/01/06 05:35:00 upk Exp $
 * @license     http://opensource.org/licenses/gpl-license.php GNU Public License
 *
 */
function plugin_redirect_action()
{
    global $vars;
    if (empty($vars['u'])) {
        return '';
    }
    // 自サイトからのリダイレクトのみ飛ばす
    if (path_check($_SERVER['HTTP_REFERER'], get_script_absuri())) {
        // 以下の方法は、NG です。
        // <a href="javascript:location.replace('URL');">Caption</a>
        //header('Location: ' . $vars['u'] );
        //die();
        $time = 0;
        echo <<<EOD
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html>
  <head>
  <meta http-equiv="Refresh" content="{$time};URL={$vars['u']}" />
  <title>Auto Redirect</title>
  </head>
  <body>
  <div><a href="{$vars['u']}">Please click here.</a></div>
  </body>
</html>
EOD;
        die;
    }
    return '';
}
コード例 #2
0
ファイル: redirect.inc.php プロジェクト: logue/pukiwiki_adv
function plugin_redirect_action()
{
    global $vars;
    if (empty($vars['u'])) {
        return '';
    }
    // 自サイトからのリダイレクトのみ飛ばす
    if (path_check($_SERVER['HTTP_REFERER'], get_script_absuri())) {
        Utility::redirect($vars['u']);
    }
    return '';
}
コード例 #3
0
function tb_send($page, $links)
{
    global $trackback, $page_title;
    if (!$trackback) {
        return;
    }
    // No link, END
    if (!is_array($links) || empty($links)) {
        return;
    }
    $script = get_script_uri();
    // PROHIBITION OF INVALID TRANSMISSION
    $url = parse_url($script);
    $host = empty($url['host']) ? $script : $url['host'];
    if (is_ipaddr($host)) {
        if (is_localIP($host)) {
            return;
        }
    } else {
        if (is_ReservedTLD($host)) {
            return;
        }
    }
    if (is_ignore_page($page)) {
        return;
    }
    // Disable 'max execution time' (php.ini: max_execution_time)
    if (ini_get('safe_mode') == '0') {
        set_time_limit(0);
    }
    $r_page = rawurlencode($page);
    $excerpt = strip_htmltag(convert_html(get_source($page)));
    // Sender's information
    $putdata = array('title' => $page, 'url' => $script . '?' . $r_page, 'excerpt' => mb_strimwidth(preg_replace("/[\r\n]/", ' ', $excerpt), 0, 255, '...'), 'blog_name' => $page_title . ' (' . PLUGIN_TRACKBACK_VERSION . ')', 'charset' => SOURCE_ENCODING);
    foreach ($links as $link) {
        if (path_check($script, $link)) {
            continue;
        }
        // Same Site
        $tb_id = tb_get_url($link);
        // Get Trackback ID from the URL
        if (empty($tb_id)) {
            continue;
        }
        // Trackback is not supported
        $result = http_request($tb_id, 'POST', '', $putdata, 2, CONTENT_CHARSET);
        // FIXME: Create warning notification space at pukiwiki.skin!
    }
}
コード例 #4
0
function plugin_table_edit2_action()
{
    global $vars, $post, $auth_users, $_string;
    $table_num = $vars['table_num'];
    $page = isset($vars['refer']) ? $vars['refer'] : null;
    if (empty($page)) {
        Utility::dieMessage('Page name is null.');
    }
    $wiki = Factory::Wiki($page);
    if (is_freeze($page)) {
        check_editable($page, true, true);
    }
    if ($wiki->isFreezed()) {
        $wiki->checkEditable(true);
    }
    //	Cancel
    $anchr_jump = PLUGIN_TABLE_EDIT2_ANCHR_JUMP ? '#TableEdit2TableNumber' . $table_num : '';
    if (isset($vars['cancel'])) {
        Utility::redirect($wiki->uri() . $anchr_jump);
        exit;
    }
    $line_count = 1;
    $table_sub_num = 1;
    //td
    $table_sub_num_chk = 1;
    //td
    $setting = 0;
    $import = $export = $csv_cancel = 0;
    $edit_mod = isset($vars['edit_mod']) ? $vars['edit_mod'] : '';
    $td_edit = $edit_mod == 't_edit_td' || $edit_mod == 'td' ? 1 : 0;
    $tr_edit = $edit_mod == 't_edit' || $edit_mod == 'tr' ? 1 : 0;
    $t_edit = $edit_mod == 't_edit_td' || $edit_mod == 't_edit' ? 1 : 0;
    $edit_show = $edit_mod == 'tdshow' || $edit_mod == 'show' ? 1 : 0;
    // Petit SPAM Check (Client(Browser)-Server Ticket Check)
    $spam = FALSE;
    if (!function_exists('honeypot_write') && $t_edit) {
        $spam = plugin_table_edit2_spam($post['encode_hint']);
    }
    if ($spam) {
        return plugin_table_edit2_honeypot();
    }
    if (Auth::check_role('readonly')) {
        die_message('PKWK_READONLY prohibits editing');
    }
    if (PLUGIN_TABLE_EDIT2_HTTP_REFERER) {
        if (!function_exists('path_check')) {
            if (!preg_match('/^(' . $script_uri . ')/', $_SERVER['HTTP_REFERER'])) {
                return;
            }
        } else {
            if (!path_check($script_uri, $_SERVER['HTTP_REFERER'])) {
                return;
            }
        }
    }
    if ($edit_mod === 'setting') {
        $set = new TableEdit2SettingWrite($vars);
        if (!$set->sc) {
            return $set->error;
        }
        $setting = 1;
        unset($vars['table_mod']);
    }
    $notimestamp = FALSE;
    if (isset($vars['csv_mod']) || isset($vars['ex_cancel']) || isset($vars['im_cancel']) || isset($vars['set_csv']) || isset($vars['csv_back'])) {
        $csv = new TableEdit2CsvAction();
        if (isset($vars['csv_mod']) && $vars['csv_mod'] === 'import') {
            $csv->csv_import($vars);
            $import = 1;
        } else {
            if (isset($vars['csv_mod']) && $vars['csv_mod'] === 'export') {
                $export = 1;
                $csv_export_data = array();
            } else {
                if (isset($vars['ex_cancel']) || isset($vars['im_cancel'])) {
                    $csv_cancel = 1;
                    $notimestamp = TRUE;
                } else {
                    if (isset($vars['set_csv'])) {
                        $set_csv = 1;
                        $notimestamp = TRUE;
                    } else {
                        if (isset($vars['csv_back'])) {
                            if (PLUGIN_TABLE_EDIT2_CSV_UNLINK) {
                                $con = new TableEdit2CsvConversion($page, array('name' => $vars['file_name']));
                                unlink($con->filename);
                                unlink($con->logname);
                            }
                            Utility::redirect($wiki->uri());
                            exit;
                        } else {
                            return array('msg' => 'csv error', 'body' => 'csv option error');
                            // . join("\n", $csv_data)
                        }
                    }
                }
            }
        }
    }
    if (isset($vars['table_mod'])) {
        $chg = new TableEdit2TableMod($vars['table_mod']);
    }
    if ($td_edit || $tr_edit) {
        $edit = new TableEdit2Edit($vars);
    }
    if ($edit_show) {
        $show = new TableEdit2Show($vars, $page);
    }
    $args = get_source($page);
    static $count = 0;
    $source_s = '';
    $body = '';
    $row_title = 0;
    $td_title_count = 0;
    if ($td_edit || $tr_edit || $setting || $import) {
        $notimestamp = isset($vars['notimestamp']) ? TRUE : FALSE;
    }
    foreach ($wiki->get() as $args_key => $args_line) {
        if (preg_match('/^#([^\\(\\{]+)(?:\\(([^\\r]*)\\))?(\\{*)/', $args_line, $matches) !== FALSE) {
            if (isset($matches[1]) && ($matches[1] == 'table_edit2' || $matches[1] == "table_edit2\n")) {
                $table_find = 1;
                $count++;
                if ($line_count === 1 && $count == $table_num) {
                    if (preg_match('/auth_check[=_](on|off)/i', $matches[2], $auth_check)) {
                        if ($auth_check[1] == 'on') {
                            if (!auth::auth_pw($auth_users)) {
                                $user = TableEdit2Auth::basic_auth();
                                if (empty($user)) {
                                    return;
                                }
                            }
                        }
                    } else {
                        check_editable($page, true, true);
                    }
                    if ($setting) {
                        $args_line = $set->plugin_set_opt($matches[3]);
                    }
                    if ($import) {
                        $args_line = $csv->import_data_set($matches[2], $matches[3]);
                    }
                    if (isset($vars['ex_cancel'])) {
                        $args_line = $csv->cancel($matches[2], $matches[3], 'export');
                    }
                    if (isset($vars['im_cancel'])) {
                        $args_line = $csv->cancel($matches[2], $matches[3], 'import');
                    }
                    if (isset($set_csv)) {
                        $args_line = $csv->set_csv_opt($matches[2], $matches[3], $vars['set_csv']);
                    }
                    if ($edit_mod == 'tdshow') {
                        //tdshow - td_title - 06.11.11
                        if (preg_match('/title_c=(\\d+)/i', $matches[2], $match_title)) {
                            $td_title_count = $match_title[1] - 1;
                        }
                    }
                    if ($edit_mod == 'show') {
                        //show				header
                        if (preg_match('/title_r=(\\d+)/i', $matches[2], $m_row_title)) {
                            $row_title = $m_row_title[1];
                        }
                    }
                    if ($edit_show) {
                        $show->text_type($matches[2]);
                    }
                    if (isset($vars['table_mod'])) {
                        //table_mod
                        $notimestamp = TRUE;
                        $args_line = $chg->table_mod_chg($matches, $args_line);
                    }
                }
                $end_line = strlen($matches[3]);
            }
        }
        if (isset($end_line) && preg_match('/^\\}{' . $end_line . '}/', $args_line) || !isset($end_line)) {
            $table_find = 0;
        }
        if ($table_find && $table_num == $count && !isset($vars['table_mod']) && !$setting && !$import) {
            $table_sub_num_count_chk = 0;
            $table_f_chose = preg_match('/^\\|(.+)\\|([hHfFcC]?)$/', $args_line, $match_line) ? 1 : 0;
            if ($args_line[0] == ',' && $args_line != ',') {
                $table_f_chose = 2;
            }
            if ($td_edit || $tr_edit) {
                $edit->chose = $table_f_chose;
            }
            if ($table_f_chose) {
                if ($table_f_chose === 1) {
                    $match_t = explode("|", $match_line[1]);
                } elseif ($table_f_chose === 2) {
                    $match_t = csv_explode(',', substr(str_replace("\n", '', $args_line), 1));
                    $match_line = array(1 => join(',', $match_t), 2 => '');
                }
                if ($export) {
                    $csv_export_data[] = $match_line[1];
                }
                if (isset($vars['table_sub_num']) && $table_sub_num === $vars['table_sub_num'] && $table_sub_num_chk) {
                    //td 06.09.18
                    $show->chk_table_sub_first_line = $line_count;
                    $table_sub_num_chk = 0;
                }
                if (isset($vars['line_count']) && $vars['line_count'] === $line_count || strtolower($match_line[2]) === 'h' || $edit_mod == 'tdshow' || $td_edit || $row_title) {
                    //					$match_t = explode("|", $match_line[1]);
                    if ($edit_mod == 'tdshow') {
                        //tdshow - td_title - 06.11.11
                        $show->td_title[$line_count] = $match_t[$td_title_count];
                    }
                }
                if ($edit_mod == 'show') {
                    //show				header
                    if ($match_line[2] == 'h' && !$row_title) {
                        $show->table_header($match_t);
                    }
                    if ($line_count == $row_title) {
                        $show->table_header($match_t);
                    }
                }
                if ($vars['line_count'] == $line_count || $table_sub_num == $vars['table_sub_num']) {
                    // textarea 06.11.12
                    if ($edit_show) {
                        if ($show->t_type == 'textarea') {
                            $show->text_type_textarea(count($match_t));
                        }
                    }
                }
                if ($td_edit && $table_sub_num_chk == 0 && $table_sub_num == $vars['table_sub_num']) {
                    $source_s .= $edit->td_edit($match_t) . $match_line[2] . "\n";
                    $table_sub_num_count_chk = 1;
                } else {
                    if (isset($vars['line_count']) && $vars['line_count'] == $line_count && !$td_edit) {
                        if ($tr_edit) {
                            //t_edit tr_add
                            if (isset($vars['add_show']) && $vars['add_show'] === 1) {
                                $source_s .= $args_line;
                                if ($edit->chose !== 2) {
                                    $edit->chk_csv_source($args, $args_key);
                                }
                            }
                            $source_s .= $edit->tr_edit($args_line, $match_t, $match_line[2]);
                        } else {
                            if ($edit_show) {
                                //show or tdshow
                                $show->line_count = $line_count;
                                $body = $show->show_mod($match_t);
                            }
                        }
                    } else {
                        if ($edit_mod == 'tdshow') {
                            //tdshow and edit_td
                            $show->cells[$line_count] = $match_t;
                        }
                        $table_sub_num_count_chk = 1;
                        //td06.09.18
                        $source_s .= $args_line;
                    }
                }
                $line_count++;
            } else {
                if ($table_sub_num_count_chk == 1 && substr($args_line, 0, 2) != '//') {
                    //td
                    $table_sub_num++;
                    $table_sub_num_count_chk = 0;
                }
                $source_s .= $args_line;
            }
        } else {
            $source_s .= $args_line . "\n";
        }
    }
    if ($export) {
        return $csv->csv_export($vars, $csv_export_data);
    }
    $collision = 0;
    if ($tr_edit || $td_edit) {
        if (Factory::Wiki($vars['refer'])->digest() !== $vars['digest']) {
            global $_string, $_title;
            $title = $_title['collided'];
            $body = $_string['msg_collided_auto'] . make_pagelink($vars['refer']);
            $collision = 1;
        }
    }
    if ($tr_edit || $td_edit || isset($vars['table_mod']) || $setting || $import || $csv_cancel || isset($set_csv)) {
        $source = explode("\n", $source_s);
        array_pop($source);
        // 末尾に余計な改行が入るので削除
        //		var_dump($source);
        //		die;
        $wiki->set(explode("\n", $source_s), $notimestamp);
    }
    $get['page'] = $post['page'] = $vars['page'] = $page;
    if ($collision) {
        return array('msg' => $title, 'body' => $body);
    }
    if ($edit_show) {
        return array('msg' => $show->title, 'body' => $body);
    }
    //header('Location: ' . $script_uri . '?' . rawurlencode($page) . $anchr_jump);
    Utility::redirect($wiki->uri() . $anchr_jump);
    exit;
}
コード例 #5
0
function exec_ogp_module()
{
    global $db, $view;
    $blacklist = array('/install.php', '/modules/gamemanager/rsync_sites_local.list');
    $curren_blacklist = array();
    $blacklisted_files = $db->resultQuery('SELECT file_path FROM `OGP_DB_PREFIXupdate_blacklist`;');
    if ($blacklisted_files !== FALSE) {
        $curren_blacklist = array();
        foreach ($blacklisted_files as $blacklisted_file) {
            $curren_blacklist[] = $blacklisted_file['file_path'];
        }
    }
    if (isset($_POST['save_to_blacklist'])) {
        foreach ($_POST['blacklist'] as $file) {
            $db->query("INSERT INTO `OGP_DB_PREFIXupdate_blacklist` SET file_path='{$file}';");
        }
        foreach ($_POST['folder_files'] as $file) {
            if (in_array($file, $curren_blacklist)) {
                if (!in_array($file, $_POST['blacklist'])) {
                    $db->query("DELETE FROM `OGP_DB_PREFIXupdate_blacklist` WHERE file_path='{$file}';");
                }
            }
        }
        $blacklisted_files = $db->resultQuery('SELECT file_path FROM `OGP_DB_PREFIXupdate_blacklist`;');
        if ($blacklisted_files !== FALSE) {
            $curren_blacklist = array();
            foreach ($blacklisted_files as $blacklisted_file) {
                $curren_blacklist[] = $blacklisted_file['file_path'];
            }
        }
    }
    $curren_blacklist = array_merge($curren_blacklist, $blacklist);
    path_check();
    echo "<h2>";
    echo get_lang('blacklist_files');
    echo "</h2>";
    $baseDir = str_replace("modules" . DIRECTORY_SEPARATOR . "update", "", dirname(__FILE__));
    $path = clean_path($baseDir . "/" . @$_SESSION['fm_cwd']);
    echo "<table class='center' style='width:100%;' ><tr>\n" . "<td colspan='3' ><h3>" . get_lang_f('currently_viewing', $path) . "</h3></td>" . "</tr></table>";
    if (!file_exists($path)) {
        $path = clean_path($baseDir);
        if (file_exists($path)) {
            print_failure(get_lang_f("dir_not_found", $path));
        } else {
            $_SESSION['fm_cwd'] = str_replace("\\", "", dirname($_SESSION['fm_cwd']));
            $view->refresh('?m=update&amp;p=blacklist', 0);
        }
    } else {
        $dirlist = scandir($path);
        if (!is_array($dirlist)) {
            if ($dirlist === -1) {
                if ($path != $baseDir . "/") {
                    $view->refresh('?m=update&amp;p=blacklist', 0);
                } else {
                    print_failure('The path is too long or there is a file with a very long name inside of your game server\'s home folder.');
                }
            } else {
                if (file_exists($path)) {
                    if (strpos($path, '/') !== FALSE) {
                        $ePath = explode('/', $path);
                        $filename = end($ePath);
                    } else {
                        if (strpos($path, '\\') !== FALSE) {
                            $ePath = explode('\\', $path);
                            $filename = end($ePath);
                        }
                    }
                    $_SESSION['fm_cwd'] = str_replace("\\", "", dirname($_SESSION['fm_cwd']));
                    $view->refresh('?m=update&amp;p=blacklist' . '&amp;path=' . $filename, 0);
                } else {
                    print_failure(get_lang("failed_list"));
                }
            }
            return;
        }
        if (empty($dirlist)) {
            print_lang('empty_directory');
        } else {
            echo "<form method=POST>" . "<table class='center' style='width:100%;' >\n" . show_back($home_id) . "<tr>\n" . "<td style='width:10px;' >\n" . "<input type='checkbox' onclick='toggleChecked(this.checked)'>\n" . "</td>\n" . "<td align=left>\n" . get_lang('filename') . "\n</td>\n" . "</tr>\n";
            $directorys = array();
            $files = array();
            $x = 0;
            $basedir_path = rtrim($_SERVER['DOCUMENT_ROOT'] . dirname($_SERVER['SCRIPT_NAME']), DIRECTORY_SEPARATOR);
            $preg_basedir_path = preg_quote($basedir_path, "/");
            foreach ($dirlist as $item) {
                # dirlist FM returns an array.  Each element has 5 fields separated by the | character
                if ($item == "." or $item == "..") {
                    continue;
                }
                $filename = $item;
                $filepath = clean_path($path . "/" . $filename);
                // Directory
                if (is_dir($filepath)) {
                    $directorys[$x]['filename'] = $filename;
                } else {
                    $files[$x]['filename'] = $filename;
                    $files[$x]['filepath'] = preg_replace("/^" . $preg_basedir_path . "/", "", $filepath);
                }
                $x++;
            }
            foreach ($directorys as $directory) {
                echo "<tr>\n" . "<td>" . "</td>" . "<td align=left>" . "<img class=\"viewitem\" src=\"images/folder.png\" alt=\"Directory\" /> " . "<a href=\"?m=update&amp;p=blacklist&amp;path=" . $directory['filename'] . "\">" . $directory['filename'] . "</a></td></tr>\n";
            }
            $i = 0;
            $unchecked = array();
            foreach ($files as $file) {
                $checked = in_array($file['filepath'], $curren_blacklist) ? "checked='checked'" : "";
                echo "<tr>\n" . "<td>" . "<input type=checkbox name='blacklist[{$i}]' value='" . $file['filepath'] . "' class='item' {$checked}/>\n" . "<input type=hidden name='folder_files[{$i}]' value='" . $file['filepath'] . "' />\n" . "</td>" . "<td align=left>";
                echo "<img class=\"viewitem\" src=\"images/txt.png\" alt=\"Text file\" /> " . $file['filename'] . "</td>\n" . "</tr>\n";
                $i++;
            }
            echo "</table>\n" . "<input type=submit name='save_to_blacklist' value='" . get_lang('save_to_blacklist') . "' />\n" . "</form>\n";
        }
    }
    echo create_back_button('update');
}