function plugin_dump_action()
{
global $vars, $auth_users, $realm;
// if (PKWK_READONLY) die_message('PKWK_READONLY prohibits this');
if (auth::check_role('readonly')) {
die_message(_("PKWK_READONLY prohibits this"));
}
$msg = PLUGIN_DUMP_ALLOW_RESTORE ? _("dump & restore") : _("dump");
$body = '';
while (auth::check_role('role_adm')) {
unset($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
if (!auth::auth_pw($auth_users)) {
header('WWW-Authenticate: Basic realm="' . $realm . '"');
header('HTTP/1.0 401 Unauthorized');
$body = "<p><strong>" . _("The password is different.") . "</strong></p>\n";
return array('msg' => $msg, 'body' => $body);
}
}
// メニューを表示する必要があるか?
if (!isset($vars['menu'])) {
// 入力フォームを表示
$body = plugin_dump_disp_form();
return array('msg' => $msg, 'body' => $body);
}
$act = isset($vars['act']) ? $vars['act'] : NULL;
set_time_limit(0);
switch ($act) {
case PLUGIN_DUMP_DUMP:
$body = plugin_dump_download();
break;
case PLUGIN_DUMP_RESTORE:
$retcode = plugin_dump_upload();
$msg = $retcode['code'] == TRUE ? _("Up-loading was completed.") : _("It failed in up-loading.");
$body = $retcode['msg'];
break;
default:
// 無効な命令です。
$body = _("It is an invalid instruction.");
}
return array('msg' => $msg, 'body' => $body);
}
function plugin_login_action()
{
global $vars, $auth_type, $auth_users, $realm;
$api = empty($vars['api']) ? 'plus' : $vars['api'];
if ($api != 'plus') {
if (!exist_plugin($vars['api'])) {
return;
}
$call_api = 'plugin_' . $vars['api'] . '_jump_url';
header('Location: ' . $call_api());
die;
}
// NTLM, Negotiate 認証 (IIS 4.0/5.0)
$srv_soft = defined('SERVER_SOFTWARE') ? SERVER_SOFTWARE : $_SERVER['SERVER_SOFTWARE'];
if (substr($srv_soft, 0, 9) == 'Microsoft') {
auth::auth_ntlm();
login_return_page();
}
switch ($auth_type) {
case 1:
if (!auth::auth_pw($auth_users)) {
unset($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
header('HTTP/1.0 401 Unauthorized');
header('WWW-Authenticate: Basic realm="' . $realm . '"');
} else {
// FIXME
// 認証成功時は、もともとのページに戻れる
// 下に記述すると認証すら行えないなぁ
login_return_page();
}
break;
case 2:
if (!auth::auth_digest($auth_users)) {
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Digest realm="' . $realm . '", qop="auth", nonce="' . uniqid() . '", opaque="' . md5($realm) . '"');
} else {
login_return_page();
}
break;
}
}
function plugin_table_edit2_action()
{
global $vars, $post, $auth_users, $_string;
$table_num = $vars['table_num'];
$page = isset($vars['refer']) ? $vars['refer'] : null;
if (empty($page)) {
Utility::dieMessage('Page name is null.');
}
$wiki = Factory::Wiki($page);
if (is_freeze($page)) {
check_editable($page, true, true);
}
if ($wiki->isFreezed()) {
$wiki->checkEditable(true);
}
// Cancel
$anchr_jump = PLUGIN_TABLE_EDIT2_ANCHR_JUMP ? '#TableEdit2TableNumber' . $table_num : '';
if (isset($vars['cancel'])) {
Utility::redirect($wiki->uri() . $anchr_jump);
exit;
}
$line_count = 1;
$table_sub_num = 1;
//td
$table_sub_num_chk = 1;
//td
$setting = 0;
$import = $export = $csv_cancel = 0;
$edit_mod = isset($vars['edit_mod']) ? $vars['edit_mod'] : '';
$td_edit = $edit_mod == 't_edit_td' || $edit_mod == 'td' ? 1 : 0;
$tr_edit = $edit_mod == 't_edit' || $edit_mod == 'tr' ? 1 : 0;
$t_edit = $edit_mod == 't_edit_td' || $edit_mod == 't_edit' ? 1 : 0;
$edit_show = $edit_mod == 'tdshow' || $edit_mod == 'show' ? 1 : 0;
// Petit SPAM Check (Client(Browser)-Server Ticket Check)
$spam = FALSE;
if (!function_exists('honeypot_write') && $t_edit) {
$spam = plugin_table_edit2_spam($post['encode_hint']);
}
if ($spam) {
return plugin_table_edit2_honeypot();
}
if (Auth::check_role('readonly')) {
die_message('PKWK_READONLY prohibits editing');
}
if (PLUGIN_TABLE_EDIT2_HTTP_REFERER) {
if (!function_exists('path_check')) {
if (!preg_match('/^(' . $script_uri . ')/', $_SERVER['HTTP_REFERER'])) {
return;
}
} else {
if (!path_check($script_uri, $_SERVER['HTTP_REFERER'])) {
return;
}
}
}
if ($edit_mod === 'setting') {
$set = new TableEdit2SettingWrite($vars);
if (!$set->sc) {
return $set->error;
}
$setting = 1;
unset($vars['table_mod']);
}
$notimestamp = FALSE;
if (isset($vars['csv_mod']) || isset($vars['ex_cancel']) || isset($vars['im_cancel']) || isset($vars['set_csv']) || isset($vars['csv_back'])) {
$csv = new TableEdit2CsvAction();
if (isset($vars['csv_mod']) && $vars['csv_mod'] === 'import') {
$csv->csv_import($vars);
$import = 1;
} else {
if (isset($vars['csv_mod']) && $vars['csv_mod'] === 'export') {
$export = 1;
$csv_export_data = array();
} else {
if (isset($vars['ex_cancel']) || isset($vars['im_cancel'])) {
$csv_cancel = 1;
$notimestamp = TRUE;
} else {
if (isset($vars['set_csv'])) {
$set_csv = 1;
$notimestamp = TRUE;
} else {
if (isset($vars['csv_back'])) {
if (PLUGIN_TABLE_EDIT2_CSV_UNLINK) {
$con = new TableEdit2CsvConversion($page, array('name' => $vars['file_name']));
unlink($con->filename);
unlink($con->logname);
}
Utility::redirect($wiki->uri());
exit;
} else {
return array('msg' => 'csv error', 'body' => 'csv option error');
// . join("\n", $csv_data)
}
}
}
}
}
}
if (isset($vars['table_mod'])) {
$chg = new TableEdit2TableMod($vars['table_mod']);
}
if ($td_edit || $tr_edit) {
$edit = new TableEdit2Edit($vars);
}
if ($edit_show) {
$show = new TableEdit2Show($vars, $page);
}
$args = get_source($page);
static $count = 0;
$source_s = '';
$body = '';
$row_title = 0;
$td_title_count = 0;
if ($td_edit || $tr_edit || $setting || $import) {
$notimestamp = isset($vars['notimestamp']) ? TRUE : FALSE;
}
foreach ($wiki->get() as $args_key => $args_line) {
if (preg_match('/^#([^\\(\\{]+)(?:\\(([^\\r]*)\\))?(\\{*)/', $args_line, $matches) !== FALSE) {
if (isset($matches[1]) && ($matches[1] == 'table_edit2' || $matches[1] == "table_edit2\n")) {
$table_find = 1;
$count++;
if ($line_count === 1 && $count == $table_num) {
if (preg_match('/auth_check[=_](on|off)/i', $matches[2], $auth_check)) {
if ($auth_check[1] == 'on') {
if (!auth::auth_pw($auth_users)) {
$user = TableEdit2Auth::basic_auth();
if (empty($user)) {
return;
}
}
}
} else {
check_editable($page, true, true);
}
if ($setting) {
$args_line = $set->plugin_set_opt($matches[3]);
}
if ($import) {
$args_line = $csv->import_data_set($matches[2], $matches[3]);
}
if (isset($vars['ex_cancel'])) {
$args_line = $csv->cancel($matches[2], $matches[3], 'export');
}
if (isset($vars['im_cancel'])) {
$args_line = $csv->cancel($matches[2], $matches[3], 'import');
}
if (isset($set_csv)) {
$args_line = $csv->set_csv_opt($matches[2], $matches[3], $vars['set_csv']);
}
if ($edit_mod == 'tdshow') {
//tdshow - td_title - 06.11.11
if (preg_match('/title_c=(\\d+)/i', $matches[2], $match_title)) {
$td_title_count = $match_title[1] - 1;
}
}
if ($edit_mod == 'show') {
//show header
if (preg_match('/title_r=(\\d+)/i', $matches[2], $m_row_title)) {
$row_title = $m_row_title[1];
}
}
if ($edit_show) {
$show->text_type($matches[2]);
}
if (isset($vars['table_mod'])) {
//table_mod
$notimestamp = TRUE;
$args_line = $chg->table_mod_chg($matches, $args_line);
}
}
$end_line = strlen($matches[3]);
}
}
if (isset($end_line) && preg_match('/^\\}{' . $end_line . '}/', $args_line) || !isset($end_line)) {
$table_find = 0;
}
if ($table_find && $table_num == $count && !isset($vars['table_mod']) && !$setting && !$import) {
$table_sub_num_count_chk = 0;
$table_f_chose = preg_match('/^\\|(.+)\\|([hHfFcC]?)$/', $args_line, $match_line) ? 1 : 0;
if ($args_line[0] == ',' && $args_line != ',') {
$table_f_chose = 2;
}
if ($td_edit || $tr_edit) {
$edit->chose = $table_f_chose;
}
if ($table_f_chose) {
if ($table_f_chose === 1) {
$match_t = explode("|", $match_line[1]);
} elseif ($table_f_chose === 2) {
$match_t = csv_explode(',', substr(str_replace("\n", '', $args_line), 1));
$match_line = array(1 => join(',', $match_t), 2 => '');
}
if ($export) {
$csv_export_data[] = $match_line[1];
}
if (isset($vars['table_sub_num']) && $table_sub_num === $vars['table_sub_num'] && $table_sub_num_chk) {
//td 06.09.18
$show->chk_table_sub_first_line = $line_count;
$table_sub_num_chk = 0;
}
if (isset($vars['line_count']) && $vars['line_count'] === $line_count || strtolower($match_line[2]) === 'h' || $edit_mod == 'tdshow' || $td_edit || $row_title) {
// $match_t = explode("|", $match_line[1]);
if ($edit_mod == 'tdshow') {
//tdshow - td_title - 06.11.11
$show->td_title[$line_count] = $match_t[$td_title_count];
}
}
if ($edit_mod == 'show') {
//show header
if ($match_line[2] == 'h' && !$row_title) {
$show->table_header($match_t);
}
if ($line_count == $row_title) {
$show->table_header($match_t);
}
}
if ($vars['line_count'] == $line_count || $table_sub_num == $vars['table_sub_num']) {
// textarea 06.11.12
if ($edit_show) {
if ($show->t_type == 'textarea') {
$show->text_type_textarea(count($match_t));
}
}
}
if ($td_edit && $table_sub_num_chk == 0 && $table_sub_num == $vars['table_sub_num']) {
$source_s .= $edit->td_edit($match_t) . $match_line[2] . "\n";
$table_sub_num_count_chk = 1;
} else {
if (isset($vars['line_count']) && $vars['line_count'] == $line_count && !$td_edit) {
if ($tr_edit) {
//t_edit tr_add
if (isset($vars['add_show']) && $vars['add_show'] === 1) {
$source_s .= $args_line;
if ($edit->chose !== 2) {
$edit->chk_csv_source($args, $args_key);
}
}
$source_s .= $edit->tr_edit($args_line, $match_t, $match_line[2]);
} else {
if ($edit_show) {
//show or tdshow
$show->line_count = $line_count;
$body = $show->show_mod($match_t);
}
}
} else {
if ($edit_mod == 'tdshow') {
//tdshow and edit_td
$show->cells[$line_count] = $match_t;
}
$table_sub_num_count_chk = 1;
//td06.09.18
$source_s .= $args_line;
}
}
$line_count++;
} else {
if ($table_sub_num_count_chk == 1 && substr($args_line, 0, 2) != '//') {
//td
$table_sub_num++;
$table_sub_num_count_chk = 0;
}
$source_s .= $args_line;
}
} else {
$source_s .= $args_line . "\n";
}
}
if ($export) {
return $csv->csv_export($vars, $csv_export_data);
}
$collision = 0;
if ($tr_edit || $td_edit) {
if (Factory::Wiki($vars['refer'])->digest() !== $vars['digest']) {
global $_string, $_title;
$title = $_title['collided'];
$body = $_string['msg_collided_auto'] . make_pagelink($vars['refer']);
$collision = 1;
}
}
if ($tr_edit || $td_edit || isset($vars['table_mod']) || $setting || $import || $csv_cancel || isset($set_csv)) {
$source = explode("\n", $source_s);
array_pop($source);
// 末尾に余計な改行が入るので削除
// var_dump($source);
// die;
$wiki->set(explode("\n", $source_s), $notimestamp);
}
$get['page'] = $post['page'] = $vars['page'] = $page;
if ($collision) {
return array('msg' => $title, 'body' => $body);
}
if ($edit_show) {
return array('msg' => $show->title, 'body' => $body);
}
//header('Location: ' . $script_uri . '?' . rawurlencode($page) . $anchr_jump);
Utility::redirect($wiki->uri() . $anchr_jump);
exit;
}
function check_role($func = '')
{
global $adminpass;
switch ($func) {
case 'readonly':
$chk_role = defined('PKWK_READONLY') ? PKWK_READONLY : ROLE_GUEST;
break;
case 'safemode':
$chk_role = defined('PKWK_SAFE_MODE') ? PKWK_SAFE_MODE : ROLE_GUEST;
break;
case 'su':
$now_role = auth::get_role_level();
if ($now_role == 2 || (int) $now_role == ROLE_ADM_CONTENTS) {
return FALSE;
}
// 既に権限有
$chk_role = ROLE_ADM_CONTENTS;
switch ($now_role) {
case ROLE_AUTH_TEMP:
// FIXME:
return TRUE;
case ROLE_GUEST:
// 未認証者は、単に管理者パスワードを要求
$user = UNAME_ADM_CONTENTS_TEMP;
break;
case ROLE_AUTH:
// 認証済ユーザは、ユーザ名を維持しつつ管理者パスワードを要求
$user = auth::check_auth();
break;
}
$auth_temp = array($user => array($adminpass));
while (1) {
if (!auth::auth_pw($auth_temp)) {
unset($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
header('WWW-Authenticate: Basic realm="USER NAME is ' . $user . '"');
header('HTTP/1.0 401 Unauthorized');
break;
}
// ESC : 認証失敗
return TRUE;
}
break;
case 'role_adm':
$chk_role = ROLE_ADM;
break;
case 'role_adm_contents':
$chk_role = ROLE_ADM_CONTENTS;
break;
case 'role_auth':
$chk_role = ROLE_AUTH;
break;
default:
$chk_role = ROLE_GUEST;
}
return auth::is_check_role($chk_role);
}
