function plugin_commentx_action()
{
global $vars, $post;
// Petit SPAM Check (Client(Browser)-Server Ticket Check)
$spam = FALSE;
if (isset($post['encode_hint']) && $post['encode_hint'] != '') {
if (PKWK_ENCODING_HINT != $post['encode_hint']) {
$spam = TRUE;
}
} else {
if (PKWK_ENCODING_HINT != '') {
$spam = TRUE;
}
}
if (method_exists('auth', 'check_role')) {
// Plus!
if (auth::check_role('readonly')) {
die_message('PKWK_READONLY prohibits editing');
}
if (!is_page($vars['refer']) && auth::is_check_role(PKWK_CREATE_PAGE)) {
die_message(_('PKWK_CREATE_PAGE prohibits editing'));
}
} else {
if (PKWK_READONLY) {
die_message('PKWK_READONLY prohibits editing');
}
}
// If SPAM, goto jail.
if ($spam) {
return plugin_commentx_honeypot();
}
return plugin_commentx_write();
}
function plugin_newpage_action()
{
global $vars;
$_btn_edit = _('Edit');
$_msg_newpage = _('New page');
// if (PKWK_READONLY) die_message('PKWK_READONLY prohibits editing');
if (auth::check_role('readonly')) {
die_message(_('PKWK_READONLY prohibits editing'));
}
if (auth::is_check_role(PKWK_CREATE_PAGE)) {
die_message(_('PKWK_CREATE_PAGE prohibits editing'));
}
if ($vars['page'] == '') {
$retvars['msg'] = $_msg_newpage;
$retvars['body'] = plugin_newpage_convert();
return $retvars;
} else {
$page = strip_bracket($vars['page']);
if (isset($vars['refer'])) {
$r_page = get_fullname($page, $vars['refer']);
$r_refer = 'refer=' . $vars['refer'];
} else {
$r_page = $page;
$r_refer = '';
}
pkwk_headers_sent();
header('Location: ' . get_page_location_uri($r_page, $r_refer));
exit;
}
}
function plugin_edit_action()
{
// global $vars, $_title_edit, $load_template_func;
global $vars, $load_template_func;
// if (PKWK_READONLY) die_message( _('PKWK_READONLY prohibits editing') );
if (auth::check_role('readonly')) {
die_message(_('PKWK_READONLY prohibits editing'));
}
if (PKWK_READONLY == ROLE_AUTH && auth::get_role_level() > ROLE_AUTH) {
die_message(_('PKWK_READONLY prohibits editing'));
}
if (isset($vars['realview'])) {
return plugin_edit_realview();
}
$page = isset($vars['page']) ? $vars['page'] : '';
check_editable($page, true, true);
if (!is_page($page) && auth::is_check_role(PKWK_CREATE_PAGE)) {
die_message(_('PKWK_CREATE_PAGE prohibits editing'));
}
if (isset($vars['preview']) || $load_template_func && isset($vars['template'])) {
return plugin_edit_preview();
} else {
if (isset($vars['write'])) {
return plugin_edit_write();
} else {
if (isset($vars['cancel'])) {
return plugin_edit_cancel();
}
}
}
$source = get_source($page);
auth::is_role_page($source);
$postdata = $vars['original'] = join('', $source);
if (!empty($vars['id'])) {
$postdata = plugin_edit_parts($vars['id'], $source);
if ($postdata === FALSE) {
unset($vars['id']);
// なかったことに :)
$postdata = $vars['original'];
}
}
if ($postdata == '') {
$postdata = auto_template($page);
}
return array('msg' => _('Edit of $1'), 'body' => edit_form($page, $postdata));
}
function plugin_role_convert()
{
global $_role_msg;
$role = auth::get_role_level();
if ($role == 0) {
return '';
}
$argv = func_get_args();
$i = count($argv);
if ($i < 2) {
return role_list($role);
}
$msg = $argv[$i - 1];
if (!auth::is_check_role($argv[0])) {
return convert_html(str_replace("\r", "\n", $msg));
}
return '';
}
function plugin_pcomment_action()
{
global $post, $vars;
// if (PKWK_READONLY) die_message('PKWK_READONLY prohibits editing');
if (auth::check_role('readonly')) {
die_message('PKWK_READONLY prohibits editing');
}
// Petit SPAM Check (Client(Browser)-Server Ticket Check)
$b = FALSE;
if (!isset($post['encode_hint']) && PKWK_ENCODING_HINT == '') {
$b = TRUE;
} elseif (isset($post['encode_hint']) && $post['encode_hint'] == PKWK_ENCODING_HINT) {
$b = TRUE;
}
if ($b === FALSE) {
honeypot_write();
return array('msg' => '', 'body' => '');
// Do nothing
}
if (!isset($vars['msg']) || $vars['msg'] == '') {
return array();
}
// Validate
if (is_spampost(array('msg'))) {
honeypot_write();
return array('msg' => '', 'body' => '');
// Do nothing
}
$refer = isset($vars['refer']) ? $vars['refer'] : '';
if (!is_page($refer) && auth::is_check_role(PKWK_CREATE_PAGE)) {
die_message(_('PKWK_CREATE_PAGE prohibits editing'));
}
$retval = plugin_pcomment_insert();
if ($retval['collided']) {
$vars['page'] = $refer;
return $retval;
}
pkwk_headers_sent();
header('Location: ' . get_page_location_uri($refer));
exit;
}
function plugin_tracker_action()
{
global $post, $vars, $now;
// if (PKWK_READONLY) die_message('PKWK_READONLY prohibits editing');
if (auth::check_role('readonly')) {
die_message(_('PKWK_READONLY prohibits editing'));
}
if (auth::is_check_role(PKWK_CREATE_PAGE)) {
die_message(_('PKWK_CREATE_PAGE prohibits editing'));
}
$base = isset($post['_base']) ? $post['_base'] : '';
$refer = isset($post['_refer']) ? $post['_refer'] : '';
$createProxy = isset($post['_createProxy']) ? $post['_createProxy'] : '';
// $page name to add will be decided here
$num = 0;
$name = isset($post['_name']) ? $post['_name'] : '';
if (isset($post['_page'])) {
$real = $page = $post['_page'];
} else {
$real = is_pagename($name) ? $name : ++$num;
$page = get_fullname('./' . $real, $base);
}
if (!is_pagename($page)) {
$page = $base;
}
while (is_page($page)) {
$real = ++$num;
$page = $base . '/' . $real;
}
$config = isset($post['_config']) ? $post['_config'] : '';
$createProxy = isset($post['_createProxy']) ? $post['_createProxy'] : '';
// Petit SPAM Check (Client(Browser)-Server Ticket Check)
$spam = FALSE;
if (function_exists('pkwk_session_start') && pkwk_session_start() != 0) {
$s_tracker = md5(get_ticket() . $config_name);
error_log("\$s_tracker: " . $s_tracker);
error_log("\$_SESSION['tracker']: " . $_SESSION['tracker']);
// if ($_SESSION['tracker'] != $s_tracker) {
// $spam = TRUE;
// }
} else {
if (isset($post['encode_hint']) && $post['encode_hint'] != '') {
if (PKWK_ENCODING_HINT != $post['encode_hint']) {
$spam = TRUE;
}
} else {
if (PKWK_ENCODING_HINT != '') {
$spam = TRUE;
}
}
if (is_spampost(array('body'), PLUGIN_TRACKER_REJECT_SPAMCOUNT)) {
$spam = TRUE;
}
}
if ($spam) {
honeypot_write();
return array('msg' => 'cannot write', 'body' => '<p>prohibits editing</p>');
}
// TODO: Why here
// Default
$_post = array_merge($post, $_FILES);
$_post['_date'] = $now;
$_post['_page'] = $page;
$_post['_name'] = $name;
$_post['_real'] = $real;
// $_post['_refer'] = $_post['refer'];
// TODO: Why here => See BugTrack/662
// Creating an empty page, before attaching files
pkwk_touch_file(get_filename($page));
$from = $to = array();
$tracker_form =& new Tracker_form();
if (!$tracker_form->init($base, $refer, $config)) {
return array('msg' => 'Cannot write', 'body' => htmlspecialchars($tracker_form->error));
}
// Load $template
$template_page = $tracker_form->config->page . '/' . PLUGIN_TRACKER_DEFAULT_PAGE;
$template = plugin_tracker_get_source($template_page);
if ($template === FALSE || empty($template)) {
return array('msg' => 'Cannot write', 'body' => 'Page template (' . htmlspecialchars($template_page) . ') not found');
}
if (!$tracker_form->initFields(plugin_tracker_field_pickup(implode('', $template)))) {
return array('msg' => 'Cannot write', 'body' => htmlspecialchars($tracker_form->error));
}
$fields = $tracker_form->fields;
unset($tracker_form);
foreach (array_keys($fields) as $field) {
$from[] = '[' . $field . ']';
$to[] = isset($_post[$field]) ? $fields[$field]->format_value($_post[$field]) : '';
unset($fields[$field]);
}
// Repalace every [$field]s (found inside $template) to real values
$subject = $escape = array();
foreach (array_keys($template) as $linenum) {
if (trim($template[$linenum]) == '') {
continue;
}
// Escape some TextFormattingRules
$letter = $template[$linenum][0];
if ($letter == '|' || $letter == ':') {
$escape['|'][$linenum] = $template[$linenum];
} else {
if ($letter == ',') {
$escape[','][$linenum] = $template[$linenum];
} else {
// TODO: Escape "\n" except multiline-allowed fields
$subject[$linenum] = $template[$linenum];
}
}
}
foreach (str_replace($from, $to, $subject) as $linenum => $line) {
$template[$linenum] = $line;
}
if ($escape) {
// Escape for some TextFormattingRules
foreach (array_keys($escape) as $hint) {
$to_e = plugin_tracker_escape($to, $hint);
foreach (str_replace($from, $to_e, $escape[$hint]) as $linenum => $line) {
$template[$linenum] = $line;
}
}
unset($to_e);
}
unset($from, $to);
// Write $template, without touch
page_write($page, join('', $template));
// Create proxy page
if ($createProxy && ($proxyPage = isset($_post[$createProxy]) ? $_post[$createProxy] : '')) {
page_write($proxyPage, '#include(' . $page . ',notitle)');
}
pkwk_headers_sent();
header('Location: ' . get_page_location_uri($page));
exit;
}
function plugin_approve_action()
{
global $vars, $post;
if (auth::check_role('readonly')) {
die_message(_('PKWK_READONLY prohibits editing'));
}
if (auth::is_check_role(PKWK_CREATE_PAGE)) {
die_message(_('PKWK_CREATE_PAGE prohibits editing'));
}
// Petit SPAM Check (Client(Browser)-Server Ticket Check)
$spam = FALSE;
if (function_exists('pkwk_session_start') && pkwk_session_start() != 0) {
$s_tracker = md5(get_ticket() . 'Approve');
error_log("\$s_tracker: " . $s_tracker);
error_log("\$_SESSION['tracker']: " . $_SESSION['tracker']);
} else {
if (isset($post['encode_hint']) && $post['encode_hint'] != '') {
error_log("\$post['encode_hint']: " . $post['encode_hint']);
if (PKWK_ENCODING_HINT != $post['encode_hint']) {
$spam = TRUE;
}
} else {
error_log("PKWK_ENCODING_HINT: " . PKWK_ENCODING_HINT);
if (PKWK_ENCODING_HINT != '') {
$spam = TRUE;
}
}
error_log("is_spampost: " . is_spampost(array('body'), PLUGIN_TRACKER_REJECT_SPAMCOUNT));
if (is_spampost(array('body'), PLUGIN_TRACKER_REJECT_SPAMCOUNT)) {
$spam = TRUE;
}
}
error_log("isSpam: " . $spam);
if ($spam) {
honeypot_write();
return array('msg' => 'cannot write', 'body' => '<p>prohibits editing</p>');
}
$name = isset($post['name']) ? $post['name'] : '';
$page = isset($post['_page']) ? $post['_page'] : '';
if ($name == '') {
return '<p>approve(): empty name.</p>';
}
if ($page == '') {
return '<p>approve(): empty page.</p>';
}
$config_path = PLUGIN_APPROVE_CONFIG_ROOT . $name;
$config = new YamlConfig($config_path);
if (!$config->read()) {
return array('msg' => 'Approve', 'body' => '<p>approve(): failed to load config. "' . $config_path . '"</p>');
}
$pattern = $config[PLUGIN_APPROVE_KEY_PATTERN];
$replace = $config[PLUGIN_APPROVE_KEY_REPLACE];
$page_regex = $config[PLUGIN_APPROVE_KEY_PAGE_REGEX];
if ($page == '') {
return array('msg' => 'Approve', 'body' => '<p>approve(): empty page.</p>');
}
if ($pattern == '') {
return array('msg' => 'Approve', 'body' => '<p>approve(): empty pattern.</p>');
}
if ($page_regex == '') {
return array('msg' => 'Approve', 'body' => '<p>approve(): empty page_regex.</p>');
}
if (!preg_match($page_regex, $page)) {
return array('msg' => 'Approve', 'body' => '<p>approve(): page not match.</p>');
}
if (PKWK_READONLY > 0 || is_freeze($vars['page']) || !plugin_approve_is_edit_authed($page)) {
return array('msg' => 'Approve', 'body' => '<p>approve(): prohibit editing. "' . $page . '"</p>');
}
$source = get_source($page, TRUE, TRUE);
if ($source === FALSE) {
return array('msg' => 'Approve', 'body' => '<p>approve(): failed to load page. "' . $page . '"</p>');
}
if (strpos($source, $pattern) === FALSE) {
return array('msg' => 'Approve', 'body' => '<p>approve(): pattern not match.</p>');
}
$source = str_replace($pattern, $replace, $source);
//return array('msg'=>'Approve', 'body'=>$source);
page_write($page, $source);
pkwk_headers_sent();
header('Location: ' . get_page_location_uri($page));
exit;
}
function plugin_toolbar_convert()
{
global $do_backup, $trackback, $referer;
global $function_freeze;
global $vars;
// $is_read = (arg_check('read') && is_page($vars['page']));
$is_read = is_page($vars['page']);
$is_readonly = auth::check_role('readonly');
$is_safemode = auth::check_role('safemode');
$is_createpage = auth::is_check_role(PKWK_CREATE_PAGE);
$num = func_num_args();
$args = $num ? func_get_args() : array();
$body = '';
while (!empty($args)) {
$name = array_shift($args);
switch ($name) {
case 'freeze':
if ($is_readonly) {
break;
}
if (!$is_read) {
break;
}
if ($function_freeze) {
if (!is_freeze($vars['page'])) {
$name = 'freeze';
} else {
$name = 'unfreeze';
}
if ($body != '') {
$body .= "\n";
}
$body .= _toolbar($name);
}
break;
case 'upload':
if ($is_readonly) {
break;
}
if (!$is_read) {
break;
}
if ($function_freeze && is_freeze($vars['page'])) {
break;
}
if ((bool) ini_get('file_uploads')) {
if ($body != '') {
$body .= "\n";
}
$body .= _toolbar($name);
}
break;
case 'filelist':
if (arg_check('list')) {
if ($body != '') {
$body .= "\n";
}
$body .= _toolbar($name);
}
break;
case 'backup':
if ($do_backup) {
if ($body != '') {
$body .= "\n";
}
$body .= _toolbar($name);
}
break;
case 'trackback':
if ($trackback) {
if ($body != '') {
$body .= "\n";
}
$tbcount = tb_count($vars['page']);
if ($tbcount > 0) {
$body .= _toolbar($name);
} else {
if (!$is_read) {
$body .= _toolbar($name);
}
}
}
break;
case 'refer':
if ($referer) {
if ($body != '') {
$body .= "\n";
}
$body .= _toolbar($name);
}
break;
case 'rss':
case 'mixirss':
if ($body != '') {
$body .= "\n";
}
$body .= _toolbar($name);
break;
case '|':
$body .= "\n \n";
break;
case 'diff':
if (!$is_read) {
break;
}
if ($is_safemode) {
break;
}
if ($body != '') {
$body .= "\n";
}
$body .= _toolbar($name);
break;
case 'edit':
case 'guiedit':
if (!$is_read) {
break;
}
if ($is_readonly) {
break;
}
if ($function_freeze && is_freeze($vars['page'])) {
break;
}
if ($body != '') {
$body .= "\n";
}
$body .= _toolbar($name);
break;
case 'new':
case 'newsub':
if ($is_createpage) {
break;
}
case 'rename':
case 'copy':
if ($is_readonly) {
break;
}
case 'reload':
case 'print':
case 'full':
if (!$is_read) {
break;
}
default:
if ($body != '') {
$body .= "\n";
}
$body .= _toolbar($name);
break;
}
}
return '<div id="toolbar">' . $body . '</div>';
}
function page_write($page, $postdata, $notimestamp = FALSE)
{
global $trackback, $autoalias, $aliaspage;
global $autoglossary, $glossarypage;
global $use_spam_check;
// if (PKWK_READONLY) return; // Do nothing
if (auth::check_role('readonly')) {
return;
}
// Do nothing
if (is_page($page)) {
$oldpostdata = get_source($page, TRUE, TRUE);
} else {
if (auth::is_check_role(PKWK_CREATE_PAGE)) {
die_message(_('PKWK_CREATE_PAGE prohibits editing'));
}
$oldpostdata = '';
}
$postdata = make_str_rules($postdata);
// Create and write diff
$diffdata = do_diff($oldpostdata, $postdata);
$role_adm_contents = auth::check_role('role_adm_contents');
$links = array();
if ($trackback > 1 || $role_adm_contents && $use_spam_check['page_contents']) {
$links = get_this_time_links($postdata, $diffdata);
}
// Blocking SPAM
if ($role_adm_contents) {
if ($use_spam_check['page_remote_addr'] && SpamCheck($_SERVER['REMOTE_ADDR'], 'ip')) {
die_message('Writing was limited by IPBL (Blocking SPAM).');
}
if ($use_spam_check['page_contents'] && SpamCheck($links)) {
die_message('Writing was limited by DNSBL (Blocking SPAM).');
}
if ($use_spam_check['page_write_proxy'] && is_proxy()) {
die_message('Writing was limited by PROXY (Blocking SPAM).');
}
}
// Logging postdata
postdata_write();
// Create diff text
file_write(DIFF_DIR, $page, $diffdata);
// Create backup
make_backup($page, $postdata == '');
// Is $postdata null?
// Create wiki text
file_write(DATA_DIR, $page, $postdata, $notimestamp);
if (function_exists('senna_update')) {
senna_update($page, $oldpostdata, $postdata);
}
if ($trackback > 1) {
// TrackBack Ping
tb_send($page, $links);
}
unset($oldpostdata, $diffdata, $links);
links_update($page);
// Update autoalias.dat (AutoAliasName)
if ($autoalias && $page == $aliaspage) {
$aliases = get_autoaliases();
if (empty($aliases)) {
// Remove
@unlink(CACHE_DIR . PKWK_AUTOALIAS_REGEX_CACHE);
} else {
// Create or Update
autolink_pattern_write(CACHE_DIR . PKWK_AUTOALIAS_REGEX_CACHE, get_autolink_pattern(array_keys($aliases), $autoalias));
}
}
// Update glossary.dat (AutoGlossary)
if ($autoglossary && $page == $glossarypage) {
$words = get_autoglossaries();
if (empty($words)) {
// Remove
@unlink(CACHE_DIR . PKWK_GLOSSARY_REGEX_CACHE);
} else {
// Create or Update
autolink_pattern_write(CACHE_DIR . PKWK_GLOSSARY_REGEX_CACHE, get_glossary_pattern(array_keys($words), $autoglossary));
}
}
log_write('update', $page);
}
/**
*ページの管理権限を取得
* @return boolean
*/
public static function is_page_auth($page, $auth_flag, $auth_pages, $uname, $gname = '')
{
global $auth_method_type;
static $info;
if (!$auth_flag) {
return true;
}
if (!isset($info)) {
$info = auth::get_user_info();
}
$target_str = '';
switch ($auth_method_type) {
case self::AUTH_METHOD_PAGENAME:
$target_str = $page;
break;
case self::AUTH_METHOD_CONTENTS:
$target_str = Factory::Wiki($page)->get();
break;
}
$user_list = $group_list = $role = null;
foreach ($auth_pages as $key => $val) {
if (preg_match($key, $target_str)) {
if (is_array($val)) {
$user_list = empty($val['user']) ? null : explode(',', $val['user']);
$group_list = empty($val['group']) ? null : explode(',', $val['group']);
$role = empty($val['role']) ? null : $val['role'];
} else {
$user_list = empty($val) ? null : explode(',', $val);
}
break;
}
}
// No limit
if (empty($user_list) && empty($group_list) && empty($role)) {
return true;
}
// 未認証者
if (empty($uname)) {
return false;
}
// ユーザ名検査
if (!empty($user_list) && in_array($uname, $user_list)) {
return true;
}
// グループ検査
if (!empty($group_list) && !empty($gname) && in_array($gname, $group_list)) {
return true;
}
// role 検査
if (!empty($role) && !auth::is_check_role($role)) {
return true;
}
return false;
}
function check_role($func = '')
{
global $adminpass;
switch ($func) {
case 'readonly':
$chk_role = defined('PKWK_READONLY') ? PKWK_READONLY : ROLE_GUEST;
break;
case 'safemode':
$chk_role = defined('PKWK_SAFE_MODE') ? PKWK_SAFE_MODE : ROLE_GUEST;
break;
case 'su':
$now_role = auth::get_role_level();
if ($now_role == 2 || (int) $now_role == ROLE_ADM_CONTENTS) {
return FALSE;
}
// 既に権限有
$chk_role = ROLE_ADM_CONTENTS;
switch ($now_role) {
case ROLE_AUTH_TEMP:
// FIXME:
return TRUE;
case ROLE_GUEST:
// 未認証者は、単に管理者パスワードを要求
$user = UNAME_ADM_CONTENTS_TEMP;
break;
case ROLE_AUTH:
// 認証済ユーザは、ユーザ名を維持しつつ管理者パスワードを要求
$user = auth::check_auth();
break;
}
$auth_temp = array($user => array($adminpass));
while (1) {
if (!auth::auth_pw($auth_temp)) {
unset($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
header('WWW-Authenticate: Basic realm="USER NAME is ' . $user . '"');
header('HTTP/1.0 401 Unauthorized');
break;
}
// ESC : 認証失敗
return TRUE;
}
break;
case 'role_adm':
$chk_role = ROLE_ADM;
break;
case 'role_adm_contents':
$chk_role = ROLE_ADM_CONTENTS;
break;
case 'role_auth':
$chk_role = ROLE_AUTH;
break;
default:
$chk_role = ROLE_GUEST;
}
return auth::is_check_role($chk_role);
}
function plugin_guiedit_action()
{
// global $vars, $_title_edit, $load_template_func;
global $vars, $load_template_func;
global $menubar, $sidebar, $topicpath;
// if (PKWK_READONLY) die_message( _('PKWK_READONLY prohibits editing') );
if (auth::check_role('readonly')) {
die_message(_('PKWK_READONLY prohibits editing'));
}
if (PKWK_READONLY == ROLE_AUTH && auth::get_role_level() > ROLE_AUTH) {
die_message(_('PKWK_READONLY prohibits editing'));
}
$page = isset($vars['page']) ? $vars['page'] : '';
check_editable($page, true, true);
if (!is_page($page) && auth::is_check_role(PKWK_CREATE_PAGE)) {
die_message(_('PKWK_CREATE_PAGE prohibits editing'));
}
global $guiedit_use_fck;
$guiedit_use_fck = isset($vars['text']) ? false : true;
if ($guiedit_use_fck) {
global $guiedit_pkwk_root;
$guiedit_pkwk_root = get_baseuri('abs');
}
if (GUIEDIT_FULL_SIZE) {
$menubar = $sidebar = '';
$topicpath = false;
}
if (isset($vars['edit'])) {
return plugin_guiedit_edit_data($page);
} else {
if ($load_template_func && isset($vars['template'])) {
return plugin_guiedit_template();
} else {
if (isset($vars['preview'])) {
return plugin_guiedit_preview();
} else {
if (isset($vars['write'])) {
return plugin_guiedit_write();
} else {
if (isset($vars['cancel'])) {
return plugin_guiedit_cancel();
}
}
}
}
}
$source = get_source($page);
$postdata = $vars['original'] = join('', $source);
if (isset($vars['text'])) {
if (!empty($vars['id'])) {
exist_plugin('edit');
$postdata = plugin_edit_parts($vars['id'], $source);
if ($postdata === FALSE) {
unset($vars['id']);
$postdata = $vars['original'];
}
}
if ($postdata == '') {
$postdata = auto_template($page);
}
}
return array('msg' => $_title_edit, 'body' => plugin_guiedit_edit_form($page, $postdata));
}
function is_protect()
{
return PLUS_PROTECT_MODE && auth::is_check_role(PLUS_PROTECT_MODE);
}
function plugin_newpage_subdir_action()
{
global $vars;
if (auth::check_role('readonly')) {
return '';
}
if (auth::is_check_role(PKWK_CREATE_PAGE)) {
return '';
}
$roots = $retval = array();
$page = empty($vars['page']) ? '' : $vars['page'];
$dir = empty($vars['directory']) ? '' : strip_bracket($vars['directory']);
if (empty($page)) {
if (!empty($dir)) {
$roots[] = substr($dir, -1) == '/' ? substr($dir, 0, -1) : $dir;
// $msg_prefix = $directory."..に";
$msg_prefix = _("To {$dir}.");
}
$retval['msg'] = htmlspecialchars($msg_prefix) . _('New page');
$retval['body'] = print_form_string(build_directory_list($roots));
return $retval;
}
header('Location: ' . get_page_location_uri($dir . $page));
die;
}
function plugin_bugtrack_action()
{
global $post;
global $_plugin_bugtrack;
// if (PKWK_READONLY) die_message('PKWK_READONLY prohibits editing');
if (auth::check_role('readonly')) {
die_message('PKWK_READONLY prohibits editing');
}
if (auth::is_check_role(PKWK_CREATE_PAGE)) {
die_message(_('PKWK_CREATE_PAGE prohibits editing'));
}
if ($post['mode'] != 'submit') {
return FALSE;
}
// Petit SPAM Check (Client(Browser)-Server Ticket Check)
$spam = FALSE;
if (isset($post['encode_hint']) && $post['encode_hint'] != '') {
if (PKWK_ENCODING_HINT != $post['encode_hint']) {
$spam = TRUE;
}
} else {
if (PKWK_ENCODING_HINT != '') {
$spam = TRUE;
}
}
// Vaildation foreign values(by miko)
if (!in_array($post['priority'], $_plugin_bugtrack['priority_list'])) {
$spam = TRUE;
}
if (!in_array($post['state'], $_plugin_bugtrack['state_list'])) {
$spam = TRUE;
}
if ($spam) {
honeypot_write();
return array('msg' => 'cannot write', 'body' => '<p>prohibits editing</p>');
}
$page = plugin_bugtrack_write($post['base'], $post['pagename'], $post['summary'], $post['name'], $post['priority'], $post['state'], $post['category'], $post['version'], $post['body']);
pkwk_headers_sent();
header('Location: ' . get_page_location_uri($page));
exit;
}
