function plugin_doc_ini_action()
{
global $script, $vars, $_doc_ini_msg;
if (auth::check_role('role_adm_contents')) {
die_message('NOT AUTHORIZED.');
}
if (empty($vars['page'])) {
return;
}
if (!is_pagename($vars['page'])) {
return '';
}
// Invalid page name;
$action = empty($vars['action']) ? '' : $vars['action'];
$retval = array();
$msg_title = sprintf($_doc_ini_msg['msg_confirmation'], $vars['page']);
if ($action === 'exec') {
return plugin_doc_ini_exec($vars['page']);
}
$retval['body'] = <<<EOD
<form action="{$script}" method="post">
<div>
\t{$msg_title}
<input type="hidden" name="plugin" value="doc_ini" />
<input type="hidden" name="action" value="exec" />
<input type="hidden" name="page" value="{$vars['page']}" />
<input type="submit" value="{$_doc_ini_msg['btn_exec']}" />
</div>
</form>
EOD;
$retval['msg'] = $_doc_ini_msg['title_confirmation'];
return $retval;
}
function plugin_insert_convert()
{
global $script, $vars, $digest;
static $numbers = array();
$_btn_insert = _('add');
// if (PKWK_READONLY) return ''; // Show nothing
if (auth::check_role('readonly')) {
return '';
}
// Show nothing
if (!isset($numbers[$vars['page']])) {
$numbers[$vars['page']] = 0;
}
$insert_no = $numbers[$vars['page']]++;
$s_page = htmlspecialchars($vars['page']);
$s_digest = htmlspecialchars($digest);
$s_cols = INSERT_COLS;
$s_rows = INSERT_ROWS;
$string = <<<EOD
<form action="{$script}" method="post">
<div>
<input type="hidden" name="insert_no" value="{$insert_no}" />
<input type="hidden" name="refer" value="{$s_page}" />
<input type="hidden" name="plugin" value="insert" />
<input type="hidden" name="digest" value="{$s_digest}" />
<textarea name="msg" rows="{$s_rows}" cols="{$s_cols}"></textarea><br />
<input type="submit" name="insert" value="{$_btn_insert}" />
</div>
</form>
EOD;
return $string;
}
function count_files($no = 0, $pref = '')
{
// 0:DATA, 1:TB, 2:Referer, 3: DIFF, 4:BKUP, 5:CTR
static $dir = array(DATA_DIR, TRACKBACK_DIR, REFERER_DIR, DIFF_DIR, BACKUP_DIR, COUNTER_DIR);
static $ext = array('.txt', '.txt', '.ref', '.txt', BACKUP_EXT, '.count');
// コンテンツ管理者以上は、全てのファイルを対象にする
if (!auth::check_role('role_adm_contents')) {
$pages = get_existpages($dir[$no], $ext[$no]);
} else {
// 自分が閲覧できるページ数のみ戻す
$pages = auth::get_existpages($dir[$no], $ext[$no]);
}
// 条件なし
if (empty($pref)) {
return count($pages);
}
// 指定文書のカウント
$i = 0;
foreach ($pages as $page) {
if (strpos($page, $pref) === 0) {
$i++;
}
}
return $i;
}
function plugin_newpage_action()
{
global $vars;
$_btn_edit = _('Edit');
$_msg_newpage = _('New page');
// if (PKWK_READONLY) die_message('PKWK_READONLY prohibits editing');
if (auth::check_role('readonly')) {
die_message(_('PKWK_READONLY prohibits editing'));
}
if (auth::is_check_role(PKWK_CREATE_PAGE)) {
die_message(_('PKWK_CREATE_PAGE prohibits editing'));
}
if ($vars['page'] == '') {
$retvars['msg'] = $_msg_newpage;
$retvars['body'] = plugin_newpage_convert();
return $retvars;
} else {
$page = strip_bracket($vars['page']);
if (isset($vars['refer'])) {
$r_page = get_fullname($page, $vars['refer']);
$r_refer = 'refer=' . $vars['refer'];
} else {
$r_page = $page;
$r_refer = '';
}
pkwk_headers_sent();
header('Location: ' . get_page_location_uri($r_page, $r_refer));
exit;
}
}
function plugin_version_value()
{
// if (PKWK_SAFE_MODE) return '';
if (auth::check_role('safemode')) {
return '';
}
return S_VERSION;
}
function plugin_read_action()
{
global $vars, $_title_invalidwn, $_msg_invalidiwn;
$page = isset($vars['page']) ? $vars['page'] : '';
if (is_page($page)) {
// ページを表示
check_readable($page, true, true);
header_lastmod($page);
return array('msg' => '', 'body' => '');
// } else if (! PKWK_SAFE_MODE && is_interwiki($page)) {
} else {
if (!auth::check_role('safemode') && is_interwiki($page)) {
return do_plugin_action('interwiki');
// InterWikiNameを処理
} else {
if (is_pagename($page)) {
$realpages = get_autoaliases($page);
if (count($realpages) == 1) {
$realpage = $realpages[0];
if (is_page($realpage)) {
header('HTTP/1.0 301 Moved Permanently');
header('Location: ' . get_page_location_uri($realpage));
return;
} elseif (is_url($realpage)) {
header('HTTP/1.0 301 Moved Permanently');
header('Location: ' . $realpage);
return;
} elseif (is_interwiki($realpage)) {
header('HTTP/1.0 301 Moved Permanently');
$vars['page'] = $realpage;
return do_plugin_action('interwiki');
// header('Location');
} else {
// 存在しない場合、直接編集フォームに飛ばす // To avoid infinite loop
header('Location: ' . get_location_uri('edit', $realpage));
return;
}
} elseif (count($realpages) >= 2) {
$body = '<p>';
$body .= _('This pagename is an alias to') . '<br />';
$link = '';
foreach ($realpages as $realpage) {
$link .= '[[' . $realpage . '>' . $realpage . ']]&br;';
}
$body .= make_link($link);
$body .= '</p>';
return array('msg' => _('Redirect'), 'body' => $body);
}
$vars['cmd'] = 'edit';
return do_plugin_action('edit');
// 存在しないので、編集フォームを表示
} else {
// 無効なページ名
return array('msg' => $_title_invalidwn, 'body' => str_replace('$1', htmlspecialchars($page), str_replace('$2', 'WikiName', $_msg_invalidiwn)));
}
}
}
}
function plugin_server_convert()
{
// if (PKWK_SAFE_MODE) return ''; // Show nothing
if (auth::check_role('safemode')) {
return '';
}
// Show nothing
return '<dl>' . "\n" . '<dt>Server Name</dt>' . '<dd>' . SERVER_NAME . '</dd>' . "\n" . '<dt>Server Software</dt>' . '<dd>' . SERVER_SOFTWARE . '</dd>' . "\n" . '<dt>Server Admin</dt>' . '<dd>' . '<a href="mailto:' . SERVER_ADMIN . '">' . SERVER_ADMIN . '</a></dd>' . "\n" . '</dl>' . "\n";
}
function plugin_phpinfo_action()
{
// if (auth::check_role('role_adm_contents') return '';
if (auth::check_role('role_adm')) {
return '';
}
phpinfo();
die;
}
function plugin_yetlist_action()
{
// global $_title_yetlist, $_err_notexist, $_symbol_noexists, $non_list;
global $_symbol_noexists, $non_list, $whatsdeleted;
$retval = array('msg' => _('List of pages which have not yet been created.'), 'body' => '');
// Diff
$pages = array_diff(auth::get_existpages(CACHE_DIR, '.ref'), auth::get_existpages());
if (empty($pages)) {
$retval['body'] = _('All pages have been created.');
return $retval;
}
$empty = TRUE;
// Load .ref files and Output
$refer_regex = '/' . $non_list . '|^' . preg_quote($whatsdeleted, '/') . '$/S';
asort($pages, SORT_STRING);
foreach ($pages as $file => $page) {
$refer = array();
foreach (file(CACHE_DIR . $file) as $line) {
list($_page) = explode("\t", rtrim($line));
$refer[] = $_page;
}
// Diff
$refer = array_diff($refer, preg_grep($refer_regex, $refer));
if (!empty($refer)) {
$empty = FALSE;
$refer = array_unique($refer);
sort($refer, SORT_STRING);
$r_refer = '';
$link_refs = array();
foreach ($refer as $_refer) {
$r_refer = rawurlencode($_refer);
$link_refs[] = '<a href="' . get_page_uri($_refer) . '">' . htmlspecialchars($_refer) . '</a>';
}
$link_ref = join(' ', $link_refs);
unset($link_refs);
$s_page = htmlspecialchars($page);
// if (PKWK_READONLY) {
if (auth::check_role('readonly')) {
$href = $s_page;
} else {
// Dangling link
$href = '<span class="noexists">' . $s_page . '<a href="' . get_cmd_uri('edit', $page, '', 'refer=' . $r_refer) . '">' . $_symbol_noexists . '</a></span>';
}
$retval['body'] .= '<li>' . $href . ' <em>(' . $link_ref . ')</em></li>' . "\n";
}
}
if ($empty) {
$retval['body'] = $_err_notexist;
return $retval;
}
if ($retval['body'] != '') {
$retval['body'] = '<ul>' . "\n" . $retval['body'] . '</ul>' . "\n";
}
return $retval;
}
function plugin_stationary_action()
{
// See above
// if (PKWK_SAFE_MODE || PKWK_READONLY)
if (auth::check_role('safemode') || auth::check_role('readonly')) {
die_message('PKWK_SAFE_MODE or PKWK_READONLY prohibits this');
}
$msg = 'Message';
$body = 'Message body';
return array('msg' => htmlspecialchars($msg), 'body' => htmlspecialchars($body));
}
function plugin_add_action()
{
global $get, $post, $vars;
// if (PKWK_READONLY) die_message('PKWK_READONLY prohibits editing');
if (auth::check_role('readonly')) {
die_message('PKWK_READONLY prohibits editing');
}
$page = isset($vars['page']) ? $vars['page'] : '';
check_editable($page);
$get['add'] = $post['add'] = $vars['add'] = TRUE;
return array('msg' => _("Add to \$1"), 'body' => '<ul>' . "\n" . ' <li>' . _('Two and the contents of an input are added for a new-line to the contents of a page of present addition.') . '</li>' . "\n" . '</ul>' . "\n" . edit_form($page, ''));
}
function ref_save($page)
{
global $referer, $use_spam_check;
// if (PKWK_READONLY || ! $referer || empty($_SERVER['HTTP_REFERER'])) return TRUE;
if (auth::check_role('readonly') || !$referer || empty($_SERVER['HTTP_REFERER'])) {
return TRUE;
}
$url = $_SERVER['HTTP_REFERER'];
// Validate URI (Ignore own)
$parse_url = parse_url($url);
if ($parse_url === FALSE || !isset($parse_url['host']) || $parse_url['host'] == $_SERVER['HTTP_HOST']) {
return TRUE;
}
// Blocking SPAM
if ($use_spam_check['referer'] && SpamCheck($parse_url['host'])) {
return TRUE;
}
if (!is_dir(REFERER_DIR)) {
die('No such directory: REFERER_DIR');
}
if (!is_writable(REFERER_DIR)) {
die('Permission denied to write: REFERER_DIR');
}
// Update referer data
if (ereg("[,\"\n\r]", $url)) {
$url = '"' . str_replace('"', '""', $url) . '"';
}
$data = ref_get_data($page, 3);
$d_url = rawurldecode($url);
if (!isset($data[$d_url])) {
$data[$d_url] = array('', UTIME, 0, $url, 1);
}
$data[$d_url][0] = UTIME;
$data[$d_url][2]++;
$filename = ref_get_filename($page);
$fp = fopen($filename, 'w');
if ($fp === FALSE) {
return FALSE;
}
set_file_buffer($fp, 0);
@flock($fp, LOCK_EX);
rewind($fp);
foreach ($data as $line) {
$str = trim(join(',', $line));
if ($str != '') {
fwrite($fp, $str . "\n");
}
}
@flock($fp, LOCK_UN);
fclose($fp);
return TRUE;
}
function plugin_showrss_action()
{
// if (PKWK_SAFE_MODE) die_message('PKWK_SAFE_MODE prohibit this');
if (auth::check_role('safemode')) {
die_message('PKWK_SAFE_MODE prohibits this');
}
$body = '';
foreach (array('xml', 'mbstring') as $extension) {
${$extension} = extension_loaded($extension) ? '&color(green){Found};' : '&color(red){Not found};';
$body .= '| ' . $extension . ' extension | ' . ${$extension} . ' |' . "\n";
}
return array('msg' => 'showrss_info', 'body' => convert_html($body));
}
function plugin_code_action()
{
global $vars;
global $_source_messages;
// if (PKWK_SAFE_MODE) die_message('PKWK_SAFE_MODE prohibits this');
if (auth::check_role('safemode')) {
die_message('PKWK_SAFE_MODE prohibits this');
}
$vars['refer'] = $vars['page'];
if (!is_page($vars['page']) || !check_readable($vars['page'], false, false)) {
return array('msg' => $_source_messages['msg_notfound'], 'body' => $_source_messages['err_notfound']);
}
return array('msg' => $_source_messages['msg_title'], 'body' => plugin_code_convert('pukiwiki', join('', get_source($vars['page'])) . "\n"));
}
function plugin_freeze_action()
{
global $script, $vars, $function_freeze;
$_title_isfreezed = _(' $1 has already been frozen');
$_title_freezed = _(' $1 has been frozen.');
$_title_freeze = _('Freeze $1');
$_msg_invalidpass = _('Invalid password.');
$_msg_freezing = _('Please input the password for freezing.');
$_btn_freeze = _('Freeze');
$page = isset($vars['page']) ? $vars['page'] : '';
if (!$function_freeze || is_cantedit($page) || !is_page($page)) {
return array('msg' => '', 'body' => '');
}
$pass = isset($vars['pass']) ? $vars['pass'] : NULL;
$msg = $body = '';
if (is_freeze($page)) {
// Freezed already
$msg =& $_title_isfreezed;
$body = str_replace('$1', htmlspecialchars(strip_bracket($page)), $_title_isfreezed);
} else {
if (!auth::check_role('role_adm_contents') || $pass !== NULL && pkwk_login($pass)) {
// Freeze
$postdata = get_source($page);
array_unshift($postdata, "#freeze\n");
file_write(DATA_DIR, $page, join('', $postdata), TRUE);
// Update
is_freeze($page, TRUE);
$vars['cmd'] = 'read';
$msg =& $_title_freezed;
$body = '';
} else {
// Show a freeze form
$msg =& $_title_freeze;
$s_page = htmlspecialchars($page);
$body = $pass === NULL ? '' : "<p><strong>{$_msg_invalidpass}</strong></p>\n";
$body .= <<<EOD
<p>{$_msg_freezing}</p>
<form action="{$script}" method="post">
<div>
<input type="hidden" name="cmd" value="freeze" />
<input type="hidden" name="page" value="{$s_page}" />
<input type="password" name="pass" size="12" />
<input type="submit" name="ok" value="{$_btn_freeze}" />
</div>
</form>
EOD;
}
}
return array('msg' => $msg, 'body' => $body);
}
function plugin_filelist_action()
{
global $vars;
if (!auth::check_role('role_adm_contents')) {
return do_plugin_action('list');
}
if (!isset($vars['pass'])) {
return filelist_adm('');
}
if (!pkwk_login($vars['pass'])) {
return filelist_adm('__nopass__');
}
return do_plugin_action('list');
}
function plugin_nonlist_action()
{
global $vars;
$_title_nonlist = _('List of non_list pages');
if (auth::check_role('role_adm_contents')) {
return '';
}
if (isset($vars['env'])) {
$cmd = 2;
} elseif (isset($vars['col'])) {
$cmd = 1;
} else {
$cmd = 0;
}
return array('msg' => $_title_nonlist, 'body' => plugin_nonlist_getlist($cmd));
}
function plugin_htdigest_action()
{
global $vars, $_htdigest_msg;
$msg = 'htdigest';
$body = '';
$func = empty($vars['func']) ? '' : $vars['func'];
if (htdigest_is_iis()) {
return array('msg' => $msg, 'body' => $_htdigest_msg['msg_iis']);
}
// 初回起動時
if (empty($func)) {
return array('msg' => $msg, 'body' => htdigest_menu());
}
// プラグインによる書き込み制限の場合
if (!USE_APACHE_WRITE_FUNC) {
return array('msg' => $msg, 'body' => htdigest_menu($_htdigest_msg['err_not_use']));
}
switch ($func) {
case 'save':
// サイト管理者権限が無い場合
if (auth::check_role('role_adm')) {
return array('msg' => $msg, 'body' => htdigest_menu($_htdigest_msg['err_role']));
}
// ADM
if (USE_APACHE_WRITE_FUNC) {
$rc_msg = htdigest_save($vars['username'], $vars['realm'], $vars['hash'], 2);
}
return array('msg' => $msg, 'body' => htdigest_menu($rc_msg));
case 'update':
// サイト管理者未満は、自分のパスワードのみ更新ができる
$role_level = auth::get_role_level();
if ($role_level < 2) {
// Guest
return array('msg' => $msg, 'body' => htdigest_menu($_htdigest_msg['err_role']));
}
// Auth User
global $realm;
$user = auth::check_auth();
if (USE_APACHE_WRITE_FUNC) {
$rc_msg = htdigest_save($user, $realm, $vars['hash'], $role_level);
}
return array('msg' => $msg, 'body' => htdigest_menu($rc_msg));
default:
$body = $_htdigest_msg['msg_err'];
}
return array('msg' => $msg, 'body' => $body);
}
function replace_adm($pass, $search)
{
global $_replace_msg;
global $script;
global $_button;
$label1 = $_replace_msg['msg_input_search_word'];
$label2 = $_replace_msg['msg_input_replace_word'];
$btn = $_replace_msg['btn_exec'];
$label3 = $_button['notchangetimestamp'];
$body = '';
if (!auth::check_role('role_adm_contents')) {
$msg = $_replace_msg['msg_input_str'];
$body_pass = "******";
} else {
$msg = $_replace_msg['msg_input_pass'];
$body_pass = <<<EOD
Password<br />
<input type="password" name="pass" size="12" /> <br />
EOD;
if ($pass == 'pass') {
$body .= '<p><strong>' . $_replace_msg['msg_warn_pass'] . "</strong></p>\n";
} elseif ($pass != '__nopass__') {
$body .= '<p><strong>' . $_replace_msg['msg_no_pass'] . "</strong></p>\n";
}
}
if ($search === '') {
$body .= '<p><strong>' . $_replace_msg['msg_no_search'] . "</strong></p>\n";
}
$body .= <<<EOD
<p>{$msg}</p>
<form action="{$script}" method="post">
<div>
<input type="hidden" name="cmd" value="replace" />
{$label1}<br />
<input type="text" name="search" size="24" /> <br />
{$label2}<br />
<input type="text" name="replace" size="24" /> <br />
{$body_pass}
<input type="checkbox" name="notimestamp" />{$label3}
<input type="submit" name="ok" value="{$btn}" />
</div>
</form>
EOD;
return array('msg' => $_replace_msg['msg_H0_replace'], 'body' => $body);
}
function plugin_monobook_login_action()
{
global $vars, $auth_users, $_msg_auth, $_monobook_login_messages;
if (!isset($_SERVER['PHP_AUTH_USER']) && !isset($_SERVER['PHP_AUTH_PW']) && isset($_SERVER['HTTP_AUTHORIZATION'])) {
list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':', base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6)));
}
if (auth::check_role('readonly') || !isset($_SERVER['PHP_AUTH_USER']) || !isset($auth_users[$_SERVER['PHP_AUTH_USER']]) || !isset($_SERVER['PHP_AUTH_PW']) || pkwk_hash_compute($_SERVER['PHP_AUTH_PW'], $auth_users[$_SERVER['PHP_AUTH_USER']]) !== $auth_users[$_SERVER['PHP_AUTH_USER']]) {
pkwk_common_headers();
header('WWW-Authenticate: Basic realm="' . $_msg_auth . '"');
header('HTTP/1.0 401 Unauthorized');
$msg = $_monobook_login_messages['auth_failed'];
return array('msg' => $msg, 'body' => '<p>' . $msg . '</p>');
} elseif (isset($vars['refer']) && is_page($vars['refer'])) {
header('Location: ' . get_script_uri() . '?' . rawurlencode($vars['refer']));
}
return;
}
function plugin_source_action()
{
global $vars;
//, $_source_messages;
// if (PKWK_SAFE_MODE) die_message('PKWK_SAFE_MODE prohibits this');
if (auth::check_role('safemode')) {
die_message('PKWK_SAFE_MODE prohibits this');
}
$page = isset($vars['page']) ? $vars['page'] : '';
$vars['refer'] = $page;
if (!is_page($page) || !check_readable($page, false, false)) {
return array('msg' => _(' $1 was not found.'), 'body' => _('cannot display the page source.'));
}
$source = join('', get_source($page));
auth::is_role_page($source);
return array('msg' => _('Source of $1'), 'body' => '<pre id="source">' . htmlspecialchars($source) . '</pre>');
}
/**
* make_backup
* バックアップを作成する
*
* @access public
* @param String $page ページ名
* @param Boolean $delete TRUE:バックアップを削除する
*
* @return Void
*/
function make_backup($page, $delete = FALSE)
{
global $cycle, $maxage;
global $do_backup, $del_backup;
// if (PKWK_READONLY || ! $do_backup) return;
if (auth::check_role('readonly') || !$do_backup) {
return;
}
if ($del_backup && $delete) {
_backup_delete($page);
return;
}
if (!is_page($page)) {
return;
}
$lastmod = _backup_get_filetime($page);
if ($lastmod == 0 || UTIME - $lastmod > 60 * 60 * $cycle) {
$backups = get_backup($page);
$count = count($backups) + 1;
// 直後に1件追加するので、(最大件数 - 1)を超える要素を捨てる
if ($count > $maxage) {
array_splice($backups, 0, $count - $maxage);
}
$strout = '';
foreach ($backups as $age => $data) {
// BugTrack/685 by UPK
//$strout .= PKWK_SPLITTER . ' ' . $data['time'] . "\n"; // Splitter format
$strout .= PKWK_SPLITTER . ' ' . $data['time'] . ' ' . $data['real'] . "\n";
// Splitter format
$strout .= join('', $data['data']);
unset($backups[$age]);
}
$strout = preg_replace("/([^\n])\n*\$/", "\$1\n", $strout);
// Escape 'lines equal to PKWK_SPLITTER', by inserting a space
$body = preg_replace('/^(' . preg_quote(PKWK_SPLITTER) . "\\s\\d+(\\s(\\d+)|))\$/", '$1 ', get_source($page));
// BugTrack/685 by UPK
// $body = PKWK_SPLITTER . ' ' . get_filetime($page) . "\n" . join('', $body);
$body = PKWK_SPLITTER . ' ' . get_filetime($page) . ' ' . UTIME . "\n" . join('', $body);
$body = preg_replace("/\n*\$/", "\n", $body);
$fp = _backup_fopen($page, 'wb') or die_message('Cannot open ' . htmlspecialchars(_backup_get_filename($page)) . '<br />Maybe permission is not writable or filename is too long');
_backup_fputs($fp, $strout);
_backup_fputs($fp, $body);
_backup_fclose($fp);
}
}
function plugin_interwiki_action()
{
global $vars, $InterWikiName;
// if (PKWK_SAFE_MODE) die_message('InterWiki plugin is not allowed');
if (auth::check_role('safemode')) {
die_message('InterWiki plugin is not allowed');
}
$match = array();
if (!preg_match("/^{$InterWikiName}\$/", $vars['page'], $match)) {
return plugin_interwiki_invalid();
}
$url = get_interwiki_url($match[2], $match[3]);
if ($url === FALSE) {
return plugin_interwiki_invalid();
}
pkwk_headers_sent();
header('Location: ' . $url);
exit;
}
function plugin_topicpath_inline()
{
global $vars, $defaultpage, $topicpath;
if (isset($topicpath) && $topicpath == false) {
return '';
}
$page = isset($vars['page']) ? $vars['page'] : '';
if ($page == '' || $page == $defaultpage) {
return '';
}
$parts = explode('/', $page);
$b_link = TRUE;
if (PLUGIN_TOPICPATH_THIS_PAGE_DISPLAY) {
$b_link = PLUGIN_TOPICPATH_THIS_PAGE_LINK;
} else {
array_pop($parts);
// Remove the page itself
}
$topic_path = array();
while (!empty($parts)) {
$_landing = join('/', $parts);
$element = htmlspecialchars(array_pop($parts));
if (!$b_link) {
// This page ($_landing == $page)
$b_link = TRUE;
$topic_path[] = $element;
// } else if (PKWK_READONLY && ! is_page($_landing)) {
} else {
if (auth::check_role('readonly') && !is_page($_landing)) {
// Page not exists
$topic_path[] = $element;
} else {
// Page exists or not exists
$topic_path[] = '<a href="' . get_page_uri($_landing) . '">' . $element . '</a>';
}
}
}
if (PLUGIN_TOPICPATH_TOP_DISPLAY) {
$topic_path[] = make_pagelink($defaultpage, PLUGIN_TOPICPATH_TOP_LABEL);
}
return join(PLUGIN_TOPICPATH_TOP_SEPARATOR, array_reverse($topic_path));
}
function plugin_list_action()
{
global $vars;
// global $_title_list,$_title_filelist;
$_title_list = _('List of pages');
$_title_filelist = _('List of page files');
// Redirected from filelist plugin?
$filelist = isset($vars['cmd']) && $vars['cmd'] == 'filelist';
if ($filelist) {
if (!auth::check_role('role_adm_contents')) {
$filelist = TRUE;
} else {
if (!pkwk_login($vars['pass'])) {
$filelist = FALSE;
}
}
}
$listcmd = isset($vars['listcmd']) ? $vars['listcmd'] : 'read';
return array('msg' => $filelist ? $_title_filelist : $_title_list, 'body' => plugin_list_getlist($filelist, $listcmd));
}
function plugin_dump_action()
{
global $vars, $auth_users, $realm;
// if (PKWK_READONLY) die_message('PKWK_READONLY prohibits this');
if (auth::check_role('readonly')) {
die_message(_("PKWK_READONLY prohibits this"));
}
$msg = PLUGIN_DUMP_ALLOW_RESTORE ? _("dump & restore") : _("dump");
$body = '';
while (auth::check_role('role_adm')) {
unset($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
if (!auth::auth_pw($auth_users)) {
header('WWW-Authenticate: Basic realm="' . $realm . '"');
header('HTTP/1.0 401 Unauthorized');
$body = "<p><strong>" . _("The password is different.") . "</strong></p>\n";
return array('msg' => $msg, 'body' => $body);
}
}
// メニューを表示する必要があるか?
if (!isset($vars['menu'])) {
// 入力フォームを表示
$body = plugin_dump_disp_form();
return array('msg' => $msg, 'body' => $body);
}
$act = isset($vars['act']) ? $vars['act'] : NULL;
set_time_limit(0);
switch ($act) {
case PLUGIN_DUMP_DUMP:
$body = plugin_dump_download();
break;
case PLUGIN_DUMP_RESTORE:
$retcode = plugin_dump_upload();
$msg = $retcode['code'] == TRUE ? _("Up-loading was completed.") : _("It failed in up-loading.");
$body = $retcode['msg'];
break;
default:
// 無効な命令です。
$body = _("It is an invalid instruction.");
}
return array('msg' => $msg, 'body' => $body);
}
function plugin_update_entities_action()
{
global $script, $vars;
global $_entities_messages;
// if (PKWK_READONLY) die_message('PKWK_READONLY prohibits this');
if (auth::check_role('readonly')) {
die_message('PKWK_READONLY prohibits this');
}
$msg = $body = '';
$admin_pass = empty($vars['adminpass']) ? '' : $vars['adminpass'];
if (isset($vars['menu']) && (!auth::check_role('role_adm_contents') || pkwk_login($admin_pass))) {
set_time_limit(0);
plugin_update_entities_create(TRUE);
$msg =& $_entities_messages['title_update'];
$body =& $_entities_messages['msg_done'];
return array('msg' => $msg, 'body' => $body);
}
$msg =& $_entities_messages['title_update'];
$items = plugin_update_entities_create();
$body = convert_html(sprintf($_entities_messages['msg_usage1'], join("\n" . '-', $items)));
$body .= <<<EOD
<form method="post" action="{$script}">
<div>
<input type="hidden" name="plugin" value="update_entities" />
<input type="hidden" name="menu" value="1" />
EOD;
if (auth::check_role('role_adm_contents')) {
$body .= convert_html(sprintf($_entities_messages['msg_usage2']));
$body .= <<<EOD
<label for="_p_update_entities_adminpass">{$_entities_messages['msg_adminpass']}</label>
<input type="password" name="adminpass" id="_p_update_entities_adminpass" size="20" value="" />
EOD;
}
$body .= <<<EOD
<input type="submit" value="{$_entities_messages['btn_submit']}" />
</div>
</form>
EOD;
return array('msg' => $msg, 'body' => $body);
}
function plugin_links_action()
{
global $script, $post, $vars, $foot_explain;
global $_links_messages;
// if (PKWK_READONLY) die_message('PKWK_READONLY prohibits this');
if (auth::check_role('readonly')) {
die_message(_("PKWK_READONLY prohibits this"));
}
$admin_pass = empty($post['adminpass']) ? '' : $post['adminpass'];
if (isset($vars['menu']) && (!auth::check_role('role_adm_contents') || pkwk_login($admin_pass))) {
set_time_limit(0);
links_init();
$foot_explain = array();
// Exhaust footnotes
$msg =& $_links_messages['title_update'];
$body =& $_links_messages['msg_done'];
return array('msg' => $msg, 'body' => $body);
}
$msg =& $_links_messages['title_update'];
$body = convert_html(sprintf($_links_messages['msg_usage1']));
$body .= <<<EOD
<form method="post" action="{$script}">
<div>
<input type="hidden" name="plugin" value="links" />
<input type="hidden" name="menu" value="1" />
EOD;
if (auth::check_role('role_adm_contents')) {
$body .= convert_html(sprintf($_links_messages['msg_usage2']));
$body .= <<<EOD
<label for="_p_links_adminpass">{$_links_messages['msg_adminpass']}</label>
<input type="password" name="adminpass" id="_p_links_adminpass" size="20" value="" />
EOD;
}
$body .= <<<EOD
<input type="submit" value="{$_links_messages['btn_submit']}" />
</div>
</form>
EOD;
return array('msg' => $msg, 'body' => $body);
}
/**
* check_role plugin
*
* @copyright Copyright © 2006-2008, Katsumi Saito <*****@*****.**>
* @version $Id: check_role.inc.php,v 0.5 2008/01/05 20:56:00 upk Exp $
* @license http://opensource.org/licenses/gpl-license.php GNU Public License (GPL2)
*
*/
function plugin_check_role_convert()
{
global $check_role;
if (!$check_role) {
return '<p>check_role: The function is invalid.</p>';
}
// role - 0:Guest, 2:Webmaster, 3:Contents manager, 4:Authorized
// chk_role_str - 0,1,4: Authorized, 2:Webmaster, 3:Contents manager
static $chk_role_str = array('role_auth', 'role_auth', 'role_adm', 'role_adm_contents', 'role_auth');
$argv = func_get_args();
$argc = func_num_args();
$field = array('chk_role');
for ($i = 0; $i < $argc; $i++) {
${$field}[$i] = $argv[$i];
}
if (empty($chk_role)) {
$chk_role = 0;
}
$role_func = empty($chk_role_str[$chk_role]) ? 'role_auth' : $chk_role_str[$chk_role];
if (!auth::check_role($role_func)) {
return '';
}
check_role_die('It is necessary to attest it to inspect this page.');
}
function plugin_tracker_action()
{
global $post, $vars, $now;
// if (PKWK_READONLY) die_message('PKWK_READONLY prohibits editing');
if (auth::check_role('readonly')) {
die_message(_('PKWK_READONLY prohibits editing'));
}
if (auth::is_check_role(PKWK_CREATE_PAGE)) {
die_message(_('PKWK_CREATE_PAGE prohibits editing'));
}
$base = isset($post['_base']) ? $post['_base'] : '';
$refer = isset($post['_refer']) ? $post['_refer'] : '';
$createProxy = isset($post['_createProxy']) ? $post['_createProxy'] : '';
// $page name to add will be decided here
$num = 0;
$name = isset($post['_name']) ? $post['_name'] : '';
if (isset($post['_page'])) {
$real = $page = $post['_page'];
} else {
$real = is_pagename($name) ? $name : ++$num;
$page = get_fullname('./' . $real, $base);
}
if (!is_pagename($page)) {
$page = $base;
}
while (is_page($page)) {
$real = ++$num;
$page = $base . '/' . $real;
}
$config = isset($post['_config']) ? $post['_config'] : '';
$createProxy = isset($post['_createProxy']) ? $post['_createProxy'] : '';
// Petit SPAM Check (Client(Browser)-Server Ticket Check)
$spam = FALSE;
if (function_exists('pkwk_session_start') && pkwk_session_start() != 0) {
$s_tracker = md5(get_ticket() . $config_name);
error_log("\$s_tracker: " . $s_tracker);
error_log("\$_SESSION['tracker']: " . $_SESSION['tracker']);
// if ($_SESSION['tracker'] != $s_tracker) {
// $spam = TRUE;
// }
} else {
if (isset($post['encode_hint']) && $post['encode_hint'] != '') {
if (PKWK_ENCODING_HINT != $post['encode_hint']) {
$spam = TRUE;
}
} else {
if (PKWK_ENCODING_HINT != '') {
$spam = TRUE;
}
}
if (is_spampost(array('body'), PLUGIN_TRACKER_REJECT_SPAMCOUNT)) {
$spam = TRUE;
}
}
if ($spam) {
honeypot_write();
return array('msg' => 'cannot write', 'body' => '<p>prohibits editing</p>');
}
// TODO: Why here
// Default
$_post = array_merge($post, $_FILES);
$_post['_date'] = $now;
$_post['_page'] = $page;
$_post['_name'] = $name;
$_post['_real'] = $real;
// $_post['_refer'] = $_post['refer'];
// TODO: Why here => See BugTrack/662
// Creating an empty page, before attaching files
pkwk_touch_file(get_filename($page));
$from = $to = array();
$tracker_form =& new Tracker_form();
if (!$tracker_form->init($base, $refer, $config)) {
return array('msg' => 'Cannot write', 'body' => htmlspecialchars($tracker_form->error));
}
// Load $template
$template_page = $tracker_form->config->page . '/' . PLUGIN_TRACKER_DEFAULT_PAGE;
$template = plugin_tracker_get_source($template_page);
if ($template === FALSE || empty($template)) {
return array('msg' => 'Cannot write', 'body' => 'Page template (' . htmlspecialchars($template_page) . ') not found');
}
if (!$tracker_form->initFields(plugin_tracker_field_pickup(implode('', $template)))) {
return array('msg' => 'Cannot write', 'body' => htmlspecialchars($tracker_form->error));
}
$fields = $tracker_form->fields;
unset($tracker_form);
foreach (array_keys($fields) as $field) {
$from[] = '[' . $field . ']';
$to[] = isset($_post[$field]) ? $fields[$field]->format_value($_post[$field]) : '';
unset($fields[$field]);
}
// Repalace every [$field]s (found inside $template) to real values
$subject = $escape = array();
foreach (array_keys($template) as $linenum) {
if (trim($template[$linenum]) == '') {
continue;
}
// Escape some TextFormattingRules
$letter = $template[$linenum][0];
if ($letter == '|' || $letter == ':') {
$escape['|'][$linenum] = $template[$linenum];
} else {
if ($letter == ',') {
$escape[','][$linenum] = $template[$linenum];
} else {
// TODO: Escape "\n" except multiline-allowed fields
$subject[$linenum] = $template[$linenum];
}
}
}
foreach (str_replace($from, $to, $subject) as $linenum => $line) {
$template[$linenum] = $line;
}
if ($escape) {
// Escape for some TextFormattingRules
foreach (array_keys($escape) as $hint) {
$to_e = plugin_tracker_escape($to, $hint);
foreach (str_replace($from, $to_e, $escape[$hint]) as $linenum => $line) {
$template[$linenum] = $line;
}
}
unset($to_e);
}
unset($from, $to);
// Write $template, without touch
page_write($page, join('', $template));
// Create proxy page
if ($createProxy && ($proxyPage = isset($_post[$createProxy]) ? $_post[$createProxy] : '')) {
page_write($proxyPage, '#include(' . $page . ',notitle)');
}
pkwk_headers_sent();
header('Location: ' . get_page_location_uri($page));
exit;
}