function get_ticket($newticket = FALSE)
{
$file = CACHE_DIR . 'ticket.dat';
if (file_exists($file) && $newticket !== TRUE) {
$fp = fopen($file, 'r') or die_message('Cannot open ' . 'CACHE_DIR/' . 'ticket.dat');
$ticket = trim(fread($fp, filesize($file)));
fclose($fp);
} else {
$ticket = md5(mt_rand());
pkwk_touch_file($file);
$fp = fopen($file, 'r+') or die_message('Cannot open ' . 'CACHE_DIR/' . 'ticket.dat');
set_file_buffer($fp, 0);
@flock($fp, LOCK_EX);
$last = ignore_user_abort(1);
ftruncate($fp, 0);
rewind($fp);
fputs($fp, $ticket . "\n");
ignore_user_abort($last);
@flock($fp, LOCK_UN);
fclose($fp);
}
return $ticket;
}
function plugin_tracker_action()
{
global $post, $vars, $now;
// if (PKWK_READONLY) die_message('PKWK_READONLY prohibits editing');
if (auth::check_role('readonly')) {
die_message(_('PKWK_READONLY prohibits editing'));
}
if (auth::is_check_role(PKWK_CREATE_PAGE)) {
die_message(_('PKWK_CREATE_PAGE prohibits editing'));
}
$base = isset($post['_base']) ? $post['_base'] : '';
$refer = isset($post['_refer']) ? $post['_refer'] : '';
$createProxy = isset($post['_createProxy']) ? $post['_createProxy'] : '';
// $page name to add will be decided here
$num = 0;
$name = isset($post['_name']) ? $post['_name'] : '';
if (isset($post['_page'])) {
$real = $page = $post['_page'];
} else {
$real = is_pagename($name) ? $name : ++$num;
$page = get_fullname('./' . $real, $base);
}
if (!is_pagename($page)) {
$page = $base;
}
while (is_page($page)) {
$real = ++$num;
$page = $base . '/' . $real;
}
$config = isset($post['_config']) ? $post['_config'] : '';
$createProxy = isset($post['_createProxy']) ? $post['_createProxy'] : '';
// Petit SPAM Check (Client(Browser)-Server Ticket Check)
$spam = FALSE;
if (function_exists('pkwk_session_start') && pkwk_session_start() != 0) {
$s_tracker = md5(get_ticket() . $config_name);
error_log("\$s_tracker: " . $s_tracker);
error_log("\$_SESSION['tracker']: " . $_SESSION['tracker']);
// if ($_SESSION['tracker'] != $s_tracker) {
// $spam = TRUE;
// }
} else {
if (isset($post['encode_hint']) && $post['encode_hint'] != '') {
if (PKWK_ENCODING_HINT != $post['encode_hint']) {
$spam = TRUE;
}
} else {
if (PKWK_ENCODING_HINT != '') {
$spam = TRUE;
}
}
if (is_spampost(array('body'), PLUGIN_TRACKER_REJECT_SPAMCOUNT)) {
$spam = TRUE;
}
}
if ($spam) {
honeypot_write();
return array('msg' => 'cannot write', 'body' => '<p>prohibits editing</p>');
}
// TODO: Why here
// Default
$_post = array_merge($post, $_FILES);
$_post['_date'] = $now;
$_post['_page'] = $page;
$_post['_name'] = $name;
$_post['_real'] = $real;
// $_post['_refer'] = $_post['refer'];
// TODO: Why here => See BugTrack/662
// Creating an empty page, before attaching files
pkwk_touch_file(get_filename($page));
$from = $to = array();
$tracker_form =& new Tracker_form();
if (!$tracker_form->init($base, $refer, $config)) {
return array('msg' => 'Cannot write', 'body' => htmlspecialchars($tracker_form->error));
}
// Load $template
$template_page = $tracker_form->config->page . '/' . PLUGIN_TRACKER_DEFAULT_PAGE;
$template = plugin_tracker_get_source($template_page);
if ($template === FALSE || empty($template)) {
return array('msg' => 'Cannot write', 'body' => 'Page template (' . htmlspecialchars($template_page) . ') not found');
}
if (!$tracker_form->initFields(plugin_tracker_field_pickup(implode('', $template)))) {
return array('msg' => 'Cannot write', 'body' => htmlspecialchars($tracker_form->error));
}
$fields = $tracker_form->fields;
unset($tracker_form);
foreach (array_keys($fields) as $field) {
$from[] = '[' . $field . ']';
$to[] = isset($_post[$field]) ? $fields[$field]->format_value($_post[$field]) : '';
unset($fields[$field]);
}
// Repalace every [$field]s (found inside $template) to real values
$subject = $escape = array();
foreach (array_keys($template) as $linenum) {
if (trim($template[$linenum]) == '') {
continue;
}
// Escape some TextFormattingRules
$letter = $template[$linenum][0];
if ($letter == '|' || $letter == ':') {
$escape['|'][$linenum] = $template[$linenum];
} else {
if ($letter == ',') {
$escape[','][$linenum] = $template[$linenum];
} else {
// TODO: Escape "\n" except multiline-allowed fields
$subject[$linenum] = $template[$linenum];
}
}
}
foreach (str_replace($from, $to, $subject) as $linenum => $line) {
$template[$linenum] = $line;
}
if ($escape) {
// Escape for some TextFormattingRules
foreach (array_keys($escape) as $hint) {
$to_e = plugin_tracker_escape($to, $hint);
foreach (str_replace($from, $to_e, $escape[$hint]) as $linenum => $line) {
$template[$linenum] = $line;
}
}
unset($to_e);
}
unset($from, $to);
// Write $template, without touch
page_write($page, join('', $template));
// Create proxy page
if ($createProxy && ($proxyPage = isset($_post[$createProxy]) ? $_post[$createProxy] : '')) {
page_write($proxyPage, '#include(' . $page . ',notitle)');
}
pkwk_headers_sent();
header('Location: ' . get_page_location_uri($page));
exit;
}
function restore_time()
{
$this->cachefile = CACHE_DIR . "remakepage.dat";
if (($lines = file($this->cachefile)) === FALSE) {
return "<p><b>timestamp cache file, {$this->cachefile}, does not exist or not readable. </b></p>";
}
$oldpages = array();
$failedpages = array();
foreach ($lines as $line) {
$line = rtrim($line);
list($page, $time) = csv_explode(',', $line);
$oldpages[] = $page;
if (is_page($page) && pkwk_touch_file(get_filename($page), $time) === false) {
$failedpages[] = $page;
}
}
put_lastmodified();
$body = '<p>';
$body .= '<b>Restored timestamps.</b><br />';
$nonexists = array_diff($oldpages, get_existpages());
if (!empty($nonexists)) {
$body .= "<b>Following pages do not exist in current wiki,</b><br />\n";
$body .= implode("<br />\n", $nonexists) . "<br />";
}
if (!empty($failedpages)) {
$body .= "<b>Failed to restore timestamp of </b><br />\n";
$body .= implode("<br />\n", $failedpages) . "<br />";
$body .= "<b>Skipped.</b><br />";
}
$body .= '</p>';
return $body;
}
function put_lastmodified()
{
global $maxshow, $whatsnew, $autolink, $autobasealias;
// if (PKWK_READONLY) return; // Do nothing
if (auth::check_role('readonly')) {
return;
}
// Do nothing
// Get WHOLE page list
$pages = get_existpages();
// Check ALL filetime
$recent_pages = array();
foreach ($pages as $page) {
if ($page != $whatsnew && !check_non_list($page)) {
$recent_pages[$page] = get_filetime($page);
}
}
// Sort decending order of last-modification date
arsort($recent_pages, SORT_NUMERIC);
// Cut unused lines
// BugTrack2/179: array_splice() will break integer keys in hashtable
$count = $maxshow + PKWK_MAXSHOW_ALLOWANCE;
$_recent = array();
foreach ($recent_pages as $key => $value) {
unset($recent_pages[$key]);
$_recent[$key] = $value;
if (--$count < 1) {
break;
}
}
$recent_pages =& $_recent;
// Re-create PKWK_MAXSHOW_CACHE
$file = CACHE_DIR . PKWK_MAXSHOW_CACHE;
pkwk_touch_file($file);
$fp = fopen($file, 'r+') or die_message('Cannot open' . 'CACHE_DIR/' . PKWK_MAXSHOW_CACHE);
set_file_buffer($fp, 0);
@flock($fp, LOCK_EX);
$last = ignore_user_abort(1);
ftruncate($fp, 0);
rewind($fp);
foreach ($recent_pages as $page => $time) {
fputs($fp, $time . "\t" . $page . "\n");
}
ignore_user_abort($last);
@flock($fp, LOCK_UN);
@fclose($fp);
// Create RecentChanges
$file = get_filename($whatsnew);
pkwk_touch_file($file);
$fp = fopen($file, 'r+') or die_message('Cannot open ' . htmlspecialchars($whatsnew));
set_file_buffer($fp, 0);
@flock($fp, LOCK_EX);
$last = ignore_user_abort(1);
ftruncate($fp, 0);
rewind($fp);
foreach (array_keys($recent_pages) as $page) {
$time = $recent_pages[$page];
// $s_lastmod = htmlspecialchars(format_date($time));
$s_lastmod = '&epoch(' . $time . ');';
$s_page = htmlspecialchars($page);
fputs($fp, '-' . $s_lastmod . ' - [[' . $s_page . ']]' . "\n");
}
fputs($fp, '#norelated' . "\n");
// :)
ignore_user_abort($last);
@flock($fp, LOCK_UN);
@fclose($fp);
// For AutoLink
if ($autolink) {
autolink_pattern_write(CACHE_DIR . PKWK_AUTOLINK_REGEX_CACHE, get_autolink_pattern($pages, $autolink));
}
// AutoBaseAlias
if ($autobasealias) {
autobasealias_write(CACHE_DIR . PKWK_AUTOBASEALIAS_CACHE, $pages);
}
}
/**
* Dump the PukiWiki output of a page into a html file
*
* @param string $page Pagename
* @param string $file Filename to be dumped. Default is computed from $page.
* @param boolean $overwrite Force to overwrite. Default overwrites if $page is newer than $file
* @param boolean $notimestamp Do not change timestamp for dumped file
* @return mixed
* TRUE : Success
* FALSE: Failure
* -1 : It is already up2date
* -2 : Exit by read-restriction
* -3 : Exit because statichtml USER_AGENT called statichtml again (infinite loop)
*/
function dump_page($page, $file = null, $overwrite = FALSE, $notimestamp = FALSE)
{
// statichtml USER_AGENT should not call statichtml again (avoid infinite loop)
if (isset($GLOBALS['vars'][$this->plugin])) {
return -3;
}
// Initialization
if (!isset($file)) {
$file = $this->get_dump_filename($page);
}
if (!is_page($page)) {
if (file_exists($file)) {
pkwk_chown($file);
@unlink($file);
}
return TRUE;
}
// Up2date?
if (!$overwrite && !is_page_newer($page, $file)) {
return -1;
}
// Try to create dir
$dir = dirname($file);
if (isset($GLOBALS['PLUGIN_STATICHTML_MKDIR_CGI'])) {
$error = file_get_contents($GLOBALS['PLUGIN_STATICHTML_MKDIR_CGI'] . '&mode=0777&dir=' . $dir);
if ($error != '1') {
$this->error = 'Failed to create ' . $dir . ' directory.';
return FALSE;
}
} else {
if (r_mkdir($dir) === FALSE) {
$this->error = 'Failed to create ' . $dir . ' directory.';
return FALSE;
}
}
// Get contents
if (is_read_auth($page) && !$this->CONF['readauth']) {
return -2;
// Do not read read-restriction pages
}
if (($contents = $this->http_pkwk_output($page)) === FALSE) {
return -2;
// HTTP GET failure (mostly because of read-restriction)
}
// Write
$filemtime = file_exists($file) && $notimestamp ? filemtime($file) : FALSE;
if (!file_put_contents($file, $contents)) {
$this->error = 'Failed to create ' . $file;
return FALSE;
}
if ($notimestamp) {
pkwk_touch_file($file, $filemtime, $filemtime);
}
return TRUE;
}
function plugin_pcomment_insert()
{
global $vars, $now, $_title_updated, $_no_name, $_pcmt_messages;
$refer = isset($vars['refer']) ? $vars['refer'] : '';
$page = isset($vars['page']) ? $vars['page'] : '';
$page = get_fullname($page, $refer);
if (!is_pagename($page)) {
return array('msg' => 'Invalid page name', 'body' => 'Cannot add comment', 'collided' => TRUE);
}
check_editable($page, true, true);
$ret = array('msg' => $_title_updated, 'collided' => FALSE);
$msg = str_replace('$msg', rtrim($vars['msg']), PLUGIN_PCOMMENT_FORMAT_MSG);
$name = !isset($vars['name']) || $vars['name'] == '' ? $_no_name : $vars['name'];
$name = $name == '' ? '' : str_replace('$name', $name, PLUGIN_PCOMMENT_FORMAT_NAME);
$date = !isset($vars['nodate']) || $vars['nodate'] != '1' ? str_replace('$now', $now, PLUGIN_PCOMMENT_FORMAT_NOW) : '';
if ($date != '' || $name != '') {
$msg = str_replace("" . 'MSG' . "", $msg, PLUGIN_PCOMMENT_FORMAT_STRING);
$msg = str_replace("" . 'NAME' . "", $name, $msg);
$msg = str_replace("" . 'DATE' . "", $date, $msg);
}
$reply_hash = isset($vars['reply']) ? $vars['reply'] : '';
if ($reply_hash || !is_page($page)) {
$msg = preg_replace('/^\\-+/', '', $msg);
}
$msg = rtrim($msg);
if (!is_page($page)) {
$postdata = '[[' . htmlsc(strip_bracket($refer)) . ']]' . "\n\n" . '-' . $msg . "\n";
} else {
$postdata = get_source($page);
$count = count($postdata);
$digest = isset($vars['digest']) ? $vars['digest'] : '';
if (md5(join('', $postdata)) != $digest) {
$ret['msg'] = $_pcmt_messages['title_collided'];
$ret['body'] = $_pcmt_messages['msg_collided'];
}
$start_position = 0;
while ($start_position < $count) {
if (preg_match('/^\\-/', $postdata[$start_position])) {
break;
}
++$start_position;
}
$end_position = $start_position;
$dir = isset($vars['dir']) ? $vars['dir'] : '';
// Find the comment to reply
$level = 1;
$b_reply = FALSE;
if ($reply_hash != '') {
while ($end_position < $count) {
$matches = array();
if (preg_match('/^(\\-{1,2})(?!\\-)(.*)$/', $postdata[$end_position++], $matches) && md5($matches[2]) == $reply_hash) {
$b_reply = TRUE;
$level = strlen($matches[1]) + 1;
while ($end_position < $count) {
if (preg_match('/^(\\-{1,3})(?!\\-)/', $postdata[$end_position], $matches) && strlen($matches[1]) < $level) {
break;
}
++$end_position;
}
break;
}
}
}
if ($b_reply == FALSE) {
$end_position = $dir == '0' ? $start_position : $count;
}
// Insert new comment
array_splice($postdata, $end_position, 0, str_repeat('-', $level) . $msg . "\n");
if (PLUGIN_PCOMMENT_AUTO_LOG) {
$_count = isset($vars['count']) ? $vars['count'] : '';
plugin_pcomment_auto_log($page, $dir, $_count, $postdata);
}
$postdata = join('', $postdata);
}
page_write($page, $postdata, PLUGIN_PCOMMENT_TIMESTAMP);
if (PLUGIN_PCOMMENT_TIMESTAMP) {
if ($refer != '') {
pkwk_touch_file(get_filename($refer));
}
put_lastmodified();
}
return $ret;
}
function adm_auth_wkgrp_touch_file2page()
{
$filetime_auth_wkgrp = filemtime(PKWK_AUTH_WKGRP_FILE);
$config_page_name = ':config/' . CONFIG_AUTH_WKGRP;
$config_page_filename = get_filename($config_page_name);
pkwk_touch_file($config_page_filename, $filetime_auth_wkgrp);
}
function qblog_accept_comment($page, $id)
{
$datafile = CACHEQBLOG_DIR . encode($page) . '.qbcm.dat';
//コメントファイルの承認フラグを立てる
$comments = unserialize(file_get_contents($datafile));
if (!isset($comments[$id])) {
return FALSE;
}
$comments[$id]['accepted'] = 1;
file_put_contents($datafile, serialize($comments), LOCK_EX);
//最新コメントに追加
qblog_update_recent_comment($page);
//承認待ちリストから削除
$datafile = CACHEQBLOG_DIR . 'qblog_pending_comments.dat';
$pending_comments = unserialize(file_get_contents($datafile));
$pending_comments = $pending_comments === FALSE ? array() : $pending_comments;
foreach ($pending_comments as $i => $comment) {
if ($comment['page'] === $page && $comment['id'] == $id) {
unset($pending_comments[$i]);
break;
}
}
file_put_contents($datafile, serialize($pending_comments), LOCK_EX);
//タイムスタンプを更新
pkwk_touch_file(CACHE_DIR . QHM_LASTMOD);
return TRUE;
}
if ($temp) {
if ($die) {
$die .= "\n";
}
// A breath
$die .= _('Define(s) not found: (Maybe the old *.ini.php?)') . "\n" . $temp;
}
if ($die) {
die_message(nl2br("\n\n" . $die));
}
unset($die, $temp);
/////////////////////////////////////////////////
// 必須のページが存在しなければ、空のファイルを作成する
foreach (array($defaultpage, $whatsnew, $interwiki) as $page) {
if (!is_page($page)) {
pkwk_touch_file(get_filename($page));
}
}
/////////////////////////////////////////////////
// 外部からくる変数のチェック
// Prohibit $_GET attack
foreach (array('msg', 'pass') as $key) {
if (isset($_GET[$key])) {
die_message('Sorry, already reserved: ' . $key . '=');
}
}
// Expire risk
unset($HTTP_GET_VARS, $HTTP_POST_VARS);
//, 'SERVER', 'ENV', 'SESSION', ...
unset($_REQUEST);
// Considered harmful
function plugin_counter_get_count($page)
{
global $vars;
static $counters = array();
static $default;
static $localtime;
if (!isset($localtime)) {
list($zone, $zonetime) = set_timezone(DEFAULT_LANG);
$localtime = UTIME + $zonetime;
}
if (!isset($default)) {
$default = array('total' => 0, 'date' => gmdate('Y/m/d', $localtime), 'today' => 0, 'yesterday' => 0, 'ip' => '');
}
if (!is_page($page)) {
return $default;
}
if (isset($counters[$page])) {
return $counters[$page];
}
// Set default
$counters[$page] = $default;
$modify = FALSE;
// Open
$file = COUNTER_DIR . encode($page) . PLUGIN_COUNTER_SUFFIX;
pkwk_touch_file($file);
$fp = fopen($file, 'r+') or die('counter.inc.php: Cannot open COUTER_DIR/' . basename($file));
set_file_buffer($fp, 0);
@flock($fp, LOCK_EX);
rewind($fp);
// Read
foreach ($default as $key => $val) {
// Update
$counters[$page][$key] = rtrim(fgets($fp, 256));
if (feof($fp)) {
break;
}
}
// Anothoer day?
if ($counters[$page]['date'] != $default['date']) {
$modify = TRUE;
$yesterday = gmmktime(0, 0, 0, gmdate('m', $localtime), gmdate('d', $localtime) - 1, gmdate('Y', $localtime));
$is_yesterday = $counters[$page]['date'] == gmdate('Y/m/d', $yesterday);
$counters[$page]['ip'] = $_SERVER['REMOTE_ADDR'];
$counters[$page]['date'] = $default['date'];
$counters[$page]['yesterday'] = $is_yesterday ? $counters[$page]['today'] : 0;
$counters[$page]['today'] = 1;
$counters[$page]['total']++;
} else {
if ($counters[$page]['ip'] != $_SERVER['REMOTE_ADDR']) {
// Not the same host
$modify = TRUE;
$counters[$page]['ip'] = $_SERVER['REMOTE_ADDR'];
$counters[$page]['today']++;
$counters[$page]['total']++;
}
}
// Modify
if ($modify && $vars['cmd'] == 'read') {
rewind($fp);
ftruncate($fp, 0);
foreach (array_keys($default) as $key) {
fputs($fp, $counters[$page][$key] . "\n");
}
}
// Close
@flock($fp, LOCK_UN);
fclose($fp);
return $counters[$page];
}
