function ewiki_mpi_addlink($action, $args, &$iii, &$s)
{
global $ewiki_id, $ewiki_action;
$o = "";
#-- add URL
if ($_REQUEST["link_save"]) {
#-- check parameters
$url = trim($_REQUEST["link_url"]);
$text = "";
$title = $desc = "";
if (!strpos($url, "example.com") && strlen($url) > 12 && preg_match('#^https?://#', $url)) {
$text = implode("", file($url));
if ($text) {
preg_match('#<title[^>]*>([^<]+)</title>#ims', $text, $uu) and $title = $uu[1] or preg_match('#//([^/]+)#', $url, $uu) and $title = $uu[1];
preg_match('#<meta[^>]+name=["\']description["\'][^>]+content=["\']([^"\']+)["\']#ims', $text, $uu) and $desc = $uu[1] or preg_match('#<body[^>]+>(.+?)</body#ims', $text, $uu) and $desc = strip_tags($uu[1]);
$desc = substr(preg_replace('/\\s+/', " ", $desc), 0, 300);
}
$add = ":{$title}:\n {$url} %%%\n {$desc}\n";
}
#-- store bugreport
if ($text) {
$data = ewiki_db::GET($ewiki_id);
$data["content"] = rtrim($data["content"]) . "\n" . $add;
ewiki_data_update($data);
$data["version"]++;
ewiki_db::WRITE($data);
#-- append to page output
$iii[] = array($add, 0xffff, "core");
}
} else {
$url = ewiki_script("", $ewiki_id);
$o .= <<<EOT
<form style="border:2px #333370 solid; background:#7770B0; padding:5px;"class="BugReport" action="{$url}" method="POST" enctype="multipart/form-data">
<input type="hidden" name="id" value="{$ewiki_action}/{$ewiki_id}">
Link <input type="text" name="link_url" value="http://www.example.com/" size="50">
<input type="submit" name="link_save" value="hinzufügen">
</form>
EOT;
}
return $o;
}
function ewiki_editable_intermap($id, $data, $action)
{
global $ewiki_config;
$o = "";
if (($url = $_REQUEST["add_url"]) && ($moni = $_REQUEST["add_moniker"])) {
if (!preg_match('#^http[sz]?://(\\w{2,}\\.)+\\w{2,}(:\\d+)?[^\\[\\]\\"\\s]+$#', $url) || strpos($url, "example")) {
$o .= "URL was rejected.";
} elseif (!preg_match('#^([' . EWIKI_CHARS_U . ']+[' . EWIKI_CHARS_L . ']+){2,}[' . EWIKI_CHARS . ']+$#', $moni) || $moni == "WikiName") {
$o .= "Choosen InterWiki moniker not acceptable.";
} else {
if ($ewiki_config["interwiki"][$moni]) {
$o .= "(Note: eventually overriding earlier entry.)<br />";
}
$data["content"] = "\n" . trim($data["content"]) . "\n" . ":{$moni}:{$url}" . "\n";
ewiki_data_update($data);
$data["version"]++;
if (ewiki_db::WRITE($data)) {
$o .= "Map was updated.";
} else {
$o .= "Error occoured when saving your changes.";
}
}
$o .= "<br />";
}
$o .= ewiki_make_title($id, $id, 2);
$o .= ewiki_page_view($id, $data, $action, 0);
$o .= ewiki_t(<<<EOT
<form class="intermap-append" action="{$_SERVER['REQUEST_URI']}" method="POST" enctype="multipart/form-data">
<hr>
<input type="hidden" name="id" value="{$id}">
:<input name="add_moniker" value="WikiName" size="16">:<input name="add_url" value="http://www.example.com/..." size="42">
<br />
<input type="submit" value="_{add}">
</form>
EOT
);
return $o;
}
function ewiki_page_edit($id, $data, $action)
{
global $ewiki_links, $ewiki_author, $ewiki_plugins, $ewiki_ring, $ewiki_errmsg;
$content = optional_param('content', '');
$version = optional_param('version', '');
$preview = optional_param('preview', false);
$save = optional_param('save', false);
$hidden_postdata = array();
#-- previous version come back
if (@$data["forced_version"]) {
$current = ewiki_database("GET", array("id" => $id));
$data["version"] = $current["version"];
unset($current);
/// Is this done for somewhere else?
$_REQUEST['content'] = $_POST['content'] = $_GET['content'] = null;
$_REQUEST['version'] = $_POST['version'] = $_GET['version'] = null;
$content = '';
$version = '';
}
#-- edit hacks
if ($pf_a = @$ewiki_plugins["edit_hook"]) {
foreach ($pf_a as $pf) {
if ($output = $pf($id, $data, $hidden_postdata)) {
return $output;
}
}
}
#-- permission checks
if (isset($ewiki_ring)) {
$ring = $ewiki_ring;
} else {
$ring = 3;
}
$flags = @$data["flags"];
if (!($flags & EWIKI_DB_F_WRITEABLE)) {
#-- perform auth
$edit_ring = EWIKI_PROTECTED_MODE >= 2 ? 2 : NULL;
if (EWIKI_PROTECTED_MODE && !ewiki_auth($id, $data, $action, $edit_ring, "FORCE")) {
return $ewiki_errmsg;
}
#-- flag checking
if ($flags & EWIKI_DB_F_READONLY and $ring >= 2) {
return ewiki_t("CANNOTCHANGEPAGE");
}
if ($flags and ($flags & EWIKI_DB_F_TYPE) != EWIKI_DB_F_TEXT and $ring >= 1) {
return ewiki_t("CANNOTCHANGEPAGE");
}
}
#-- "Edit Me"
$o = ewiki_make_title($id, ewiki_t("EDITTHISPAGE") . " '{$id}'", 2, $action, "", "_MAY_SPLIT=1");
#-- preview
if ($preview) {
$o .= $ewiki_plugins["edit_preview"][0]($data);
}
#-- save
if ($save) {
#-- normalize to UNIX newlines
$content = str_replace("\r\n", "\n", $content);
$content = str_replace("\r", "\n", $content);
#-- check for concurrent version saving
$error = 0;
if (@$data["version"] >= 1 && $data["version"] != $version || $version < 1) {
$pf = $ewiki_plugins["edit_patch"][0];
if (!$pf || !$pf($id, $data)) {
$error = 1;
$o .= ewiki_t("ERRVERSIONSAVE") . "<br /><br />";
}
}
if (!$error) {
#-- new pages` flags
if (!($set_flags = @$data["flags"] & EWIKI_DB_F_COPYMASK)) {
$set_flags = 1;
}
if (EWIKI_ALLOW_HTML) {
$set_flags |= EWIKI_DB_F_HTML;
}
#-- mk db entry
$save = array("id" => $id, "version" => @$data["version"] + 1, "flags" => $set_flags, "content" => $content, "created" => ($uu = @$data["created"]) ? $uu : time(), "meta" => ($uu = @$data["meta"]) ? $uu : "", "hits" => ($uu = @$data["hits"]) ? $uu : "0");
ewiki_data_update($save);
#-- edit storage hooks
if ($pf_a = @$ewiki_plugins["edit_save"]) {
foreach ($pf_a as $pf) {
$pf($save, $data);
}
}
#-- save
if (!$save || !ewiki_database("WRITE", $save)) {
$o .= $ewiki_errmsg ? $ewiki_errmsg : ewiki_t("ERRORSAVING");
} else {
#-- prevent double saving, when ewiki_page() is re-called
$_REQUEST = $_GET = $_POST = array();
$o = ewiki_t("THANKSFORCONTRIBUTION") . "<br /><br />";
$o .= ewiki_page($id);
if (EWIKI_EDIT_REDIRECT) {
$url = ewiki_script("", $id, "thankyou=1", 0, 0, EWIKI_HTTP_HEADERS ? ewiki_script_url() : 0);
if (EWIKI_HTTP_HEADERS && !headers_sent()) {
header("Status: 303 Redirect for GET");
header("Location: {$url}");
#header("URI: $url");
#header("Refresh: 0; URL=$url");
} else {
$o .= '<meta http-equiv="Refresh" content="0; URL=' . s($url) . '">';
}
}
}
}
//@REWORK
// header("Reload-Location: " . ewiki_script("", $id, "", 0, 0, ewiki_script_url()) );
} else {
#-- Edit <form>
$o .= ewiki_page_edit_form($id, $data, $hidden_postdata);
#-- additional forms
if ($pf_a = $ewiki_plugins["edit_form_final"]) {
foreach ($pf_a as $pf) {
$pf($o, $id, $data, $action);
}
}
}
return $o;
}
function ewiki_mpi_tableeditor($action, $args, &$iii, &$s)
{
global $ewiki_id, $ewiki_data;
#-- config
$rel = 5 / 2;
// favoured ratio width to height
$SEP = "|";
// table cell separator ("|", or "||" for other Wikis);
$add_empty_row = 1;
$w_min = 7;
$w_stretch = 1.17;
// + 17%
$w_max = 35;
$h_min = 2;
$h_max = 12;
#-- analyze current table for cell sizes
$t = array();
foreach (explode("\n", trim($args["_"])) as $row) {
$t[] = explode($SEP, trim(trim($row), $SEP));
}
$t_widths = array();
$t_heights = array();
$x = count($t[0]);
$y = count($t);
for ($row = 0; $row < $y; $row++) {
for ($col = 0; $col < $x; $col++) {
$len = strlen($t[$row][$col]);
$w = sqrt($rel * $len);
if ($w < $w_min) {
$w = $w_min;
}
$h = max((int) ($len / $w), $h_min);
$w = (int) ($w * $w_stretch);
$h = min($h, $h_max);
$w = min($w, $w_max);
$t_widths[$col] = max($t_widths[$col], $w);
$t_heights[$row] = max($t_heights[$row], $h);
}
}
#-- store -----------------------------------------------------------
$o = '<div class="mpi TableEditor">';
if ($_REQUEST["te_save"]) {
$data = ewiki_db::GET($ewiki_id);
if ($data && $_REQUEST["te_d_ver"] == $data["version"]) {
if (!preg_match_all('/<\\?plugin:?\\s*TableEditor/i', $data["content"], $uu)) {
$o .= "Could not detect the exact position of the TableEditor inside the page. Not saved.<br />";
} elseif (count($uu[0]) >= 2) {
$o .= "There can only be <b>one</b> TableEditor call in a page!<br />";
} else {
$src = "";
$t = $_REQUEST["te_d"];
foreach ($t as $y => $row) {
$empty = 1;
foreach ($row as $x => $cell) {
$t[$y][$x] = trim(strtr($cell, "\r\n\t\f", " "));
$empty = $empty && empty($t[$y][$x]);
}
if ($empty) {
unset($t[$y]);
continue;
}
$src .= "{$SEP} " . implode(" {$SEP} ", $t[$y]) . " {$SEP}\n";
}
$data["content"] = preg_replace('/<\\?plugin:?\\s*TableEditor.+?\\?>/is', "<?plugin TableEditor\n\n{$src}\n?>", $data["content"]);
ewiki_data_update($data);
$data["version"]++;
ewiki_db::WRITE($data);
}
} else {
$o .= ewiki_t("ERRVERSIONSAVE") . "<br />\n";
}
}
#-- output start ----------------------------------------------------
$o .= '<form action="' . $_SERVER["REQUEST_URI"] . '" method="POST" enctype="multipart/form-data">' . '<input type="hidden" name="te_d_ver" value="' . $ewiki_data["version"] . '">' . '<input type="hidden" name="id" value="' . htmlentities($ewiki_id) . '">';
#-- print <textarea> table variant
if ($_REQUEST["te_load"]) {
$o .= '<input type="submit" name="te_save" value="SaveTable"><br />';
$o .= '<table border="1" cellspacing="1" cellpadding="2">';
if ($add_empty_row) {
$y++;
}
for ($row = 0; $row < $y; $row++) {
for ($col = 0; $col < $x; $col++) {
$t[$row][$col] = "<textarea style=\"border:none;background:transparent;\" name=\"te_d[{$row}][{$col}]\" cols=\"{$t_widths[$col]}\" rows=\"{$t_heights[$row]}\" wrap=\"soft\">" . htmlentities(trim($t[$row][$col])) . "</textarea>";
}
$o .= '<tr><td>' . implode('</td><td>', $t[$row]) . '</td></tr>' . "\n";
}
$o .= "</table>\n";
} else {
#-- insert <html> form at current position
$o .= '<input type="submit" name="te_load" value="TableEditor"><br />';
$in = $s["in"];
$iii[$in][0] = "WILL BE REPLACED with \$o...";
#-- mk table markup, insert into $iii
$src = "\n\n";
foreach ($t as $row) {
$src .= "{$SEP} " . implode(" {$SEP} ", $row) . " {$SEP}\n";
}
$src .= "\n";
$iii = array_merge(array_slice($iii, 0, $in + 1), array(array($src, 0x137f, "core")), array_slice($iii, $in + 1));
// the following return($o); will insert the <form> into
// the current input buffer $iii[$in][0] later
}
$o .= "</form></div>\n";
return $o;
}
function ewiki_xpi_plugin_control_centre()
{
ewiki_xpi_load_registry($registry, $registry_hash);
#-- title
$o = '<div class="xpi-settings"><h4>plugin control</h4>';
#-- delete plugins
if ($access && ($uu = $_REQUEST["xpi_rm"])) {
foreach ($uu as $id => $del) {
if ($del) {
$id = rawurldecode($id);
$dat = ewiki_db::GET($id);
$vZ = $dat["version"];
for ($v = 1; $v <= $vZ; $v++) {
ewiki_db::DELETE($id, $v);
}
unset($registry[$id]);
$vZ += 0;
$o .= "<b>i</b>: Purged {$vZ} versions of '{$id}' and removed xpi registry entry.<br /><br />";
ewiki_log("uninstalled .xpi/.jpi plugin '{$id}'", 0);
}
}
$_REQUEST["setup_xpi"] = 1;
}
#-- update config settings
if ($_REQUEST["setup_xpi"]) {
if ($access) {
foreach ($registry as $id => $uu) {
$registry[$id]["state"] = $_REQUEST["xpi_set"][rawurlencode($id)] ? 1 : 0;
}
$registry_hash["content"] = serialize($registry);
ewiki_data_update($registry_hash);
$registry_hash["version"]++;
ewiki_db::WRITE($registry_hash);
} else {
$o .= "You have no privileges to change the status of installed .xpi plugins.<br />\n";
}
}
#-- enable/disable checkboxes
$o .= '<table border="0" cellspacing="1" cellpadding="2">';
foreach ($registry as $dat) {
$enabled = $dat["state"] == 1;
$hard = $dat["type"] == "page";
$title = $hard ? ewiki_link($dat["id"]) : $dat["id"];
$o .= '<tr>' . '<td><tt>' . $dat["type"] . '</tt></td>' . '<td class="xs-check"><input type="checkbox" name="xpi_set[' . rawurlencode($dat["id"]) . ']" value="1"' . ($enabled ? " checked" : "") . ($hard ? " disabled" : "") . '></td>' . '<td class="xs-id">' . $title . '</td>' . '<td><small>' . htmlentities($dat["description"]) . '</small></td>' . '<td>' . $dat["author"] . ", " . $dat["license"] . '</td>' . '<td class="xs-check"><input type="submit" name="xpi_rm[' . rawurlencode($dat["id"]) . ']" value="rm" title="uninstall plugin"' . ($access ? "" : " disabled") . '></td>' . '</tr>';
}
$o .= '</table>';
$o .= '<br /><input type="submit" name="setup_xpi" value="configure"' . ($access ? "" : " disabled") . '>';
$o .= '</form></div>';
return $o;
}
function ewiki_shutdown_referer_log($id, &$data, $action, $args = NULL)
{
global $ewiki_config;
$iw = $ewiki_config["interwiki"];
#-- the referer url
$ref = strtok($_SERVER["HTTP_REFERER"], "# ");
$this1 = EWIKI_SERVER . $_SERVER["REQUEST_URI"];
$this2 = ewiki_script("", $id);
#-- pattern of ourselfs
$host = $_SERVER["HTTP_HOST"];
$pat = substr($host, strpos($host, ".") + 1);
if (!strpos($pat, ".")) {
$pat = $host;
}
#-- reject if self-referring
if (strpos($ref, $host) || strpos($ref, $_SERVER["SERVER_NAME"])) {
return false;
}
#-- reject search engine links
if (strpos($ref, "?") && strpos($ref, "q=")) {
return false;
}
#-- link already on page?
$sref = trim($ref, "/");
$sref = substr($sref, strpos($sref, ".") + 1);
$sref = strtolower($sref);
if (strpos(strtolower($data["refs"]), $sref)) {
return false;
}
#-- forgery test 1
if (strpos(urldecode($ref), $pat) || strpos(urldecode(urldecode($ref)), $pat)) {
ewiki_log("forged REFERER '{$ref}' to {$this1}");
return -1;
}
#-- already banned?
if (function_exists("ewiki_banned_link") && ewiki_banned_link($ref)) {
ewiki_log("banned REFERER '{$ref}' to {$this1}");
return -1;
}
#-- special cases
if (!strpos(trim(substr($ref, 10), "/"), "/")) {
$likely_fake = 1;
// link from server root dir?
} elseif (strpos($ref, "slashdot")) {
$from_sd = 1;
}
#-- decode InterWiki URLs into "prefix:PageName" representation
if ($link = ewiki_url2wiki($ref)) {
if (stristr($data["refs"], $link)) {
// already in page
return false;
}
} else {
$link = $ref;
}
#-- retrieve page to check for link existence
$R = ewiki_http_query("GET", $ref, NULL, array(), "cookies.txt");
if (!stristr($R[0], $this1) && !stristr($R[0], $this2) && !strpos($R[0], EWIKI_NAME . ":{$id}")) {
ewiki_log("faked REFERER '{$ref}' to {$this1}");
if ($likely_fake && ($abuse = $_SERVER["HTTP_FROM"])) {
mail($abuse, "REFERER Header Abuse", "Dear 'search-engine' maintainer,\n\nYou misused the HTTP Referer: header for marketing purposes.\nThis informational mail is meant to annoy you likewise.\n\n", "X-From: {$_SERVER['SERVER_ADMIN']}\nX-Mailer: ewiki:refererlog\n");
}
return -1;
}
#-- all tests passed, add link
$data = ewiki_db::GET($id);
if ($data["version"]++) {
$data["content"] = trim($data["content"]) . "\n- {$link}\n";
ewiki_data_update($data);
$data["author"] = "RefererLog; " . $data["author"];
if (!EWIKI_REFERER_NOISE) {
$data["flags"] |= EWIKI_DB_F_MINOR;
}
ewiki_db::WRITE($data);
}
}
