function plugin_guiedit_preview() { global $vars; // global $_title_preview, $_msg_preview, $_msg_preview_delete; global $note_hr, $foot_explain; global $guiedit_use_fck; //FIXME $_msg_preview = _('To confirm the changes, click the button at the bottom of the page'); $_msg_preview_delete = _('(The contents of the page are empty. Updating deletes this page.)'); if ($guiedit_use_fck) { $postdata = Xhtml2WikiFactory::factory($vars['msg']); } if ($postdata) { $postdata = make_str_rules($postdata); $postdata = explode("\n", $postdata); $postdata = drop_submit(RendererFactory::factory($postdata, true)); } // テキスト編集の場合 if (!$guiedit_use_fck) { $body = $_msg_preview . '<br />' . "\n"; if ($postdata == '') { $body .= '<strong>' . $_msg_preview_delete . '</strong><br />' . "\n"; } else { $body .= '<br />' . "\n"; $body .= '<div id="preview">' . $postdata . '</div>' . "\n"; } $body .= plugin_guiedit_edit_form($vars['page'], $vars['msg'], $vars['digest'], FALSE); return array('msg' => $_title['preview'], 'body' => $body); } // 注釈 ksort($foot_explain, SORT_NUMERIC); $postdata .= !empty($foot_explain) ? $note_hr . join("\n", $foot_explain) : ''; // 通常の編集フォーム if (DEBUG) { $postdata .= '<hr />' . Utility::editForm($vars['page'], $vars['msg']); } plugin_guiedit_send_ajax($postdata); }
function plugin_edit_write() { global $vars, $trackback, $_string, $_msg_edit; global $notimeupdate; $page = isset($vars['page']) ? $vars['page'] : null; $add = isset($vars['add']) ? $vars['add'] : null; $digest = isset($vars['digest']) ? $vars['digest'] : null; $partid = isset($vars['id']) ? $vars['id'] : null; $notimestamp = isset($vars['notimestamp']) && $vars['notimestamp'] !== null; if (empty($page)) { return array('mgs' => 'Error', 'body' => $_msg_edit['err_empty_page']); } $wiki = Factory::Wiki($page); // Check Validate and Ticket if ($notimestamp && !$wiki->isValied()) { return plugin_edit_honeypot(); } // Validate if (is_spampost(array('msg'))) { return plugin_edit_honeypot(); } // Paragraph edit mode if ($partid) { $source = preg_split('/([^\\n]*\\n)/', $vars['original'], -1, PREG_SPLIT_NO_EMPTY | PREG_SPLIT_DELIM_CAPTURE); $vars['msg'] = plugin_edit_parts($partid, $source, $vars['msg']) !== FALSE ? join('', $source) : rtrim($vars['original']) . "\n\n" . $vars['msg']; } $retvars = array(); if (isset($vars['msg']) && !empty($vars['msg'])) { // Delete "#freeze" command for form edit. $vars['msg'] = preg_replace('/^#freeze\\s*$/im', '', $vars['msg']); $msg = $vars['msg']; // Reference // Action? if ($add) { // Compat: add plugin and adding contents $postdata = isset($vars['add_top']) && $vars['add_top'] ? $msg . "\n\n" . $oldpagesrc : $oldpagesrc . "\n\n" . $msg; } else { // Edit or Remove $postdata =& $msg; } } else { // CAPTCHAが有効なときで、ページを削除しようとした時、$vars['msg']は空になる。 $wiki->set(''); $retvars['msg'] = sprintf($_msg_edit['title_deleted'], Utility::htmlsc($page)); $retvars['body'] = '<p class="alert alert-success">' . sprintf($_msg_edit['title_deleted'], Utility::htmlsc($page)) . '</p>'; return $retvars; } // $notimeupdate: Checkbox 'Do not change timestamp' // $notimestamp = isset($vars['notimestamp']) && $vars['notimestamp'] != ''; // if ($notimeupdate > 1 && $notimestamp && ! pkwk_login($vars['pass'])) { if ($notimeupdate > 1 && $notimestamp && Auth::check_role('role_contents_admin') && !pkwk_login($vars['pass'])) { // Enable only administrator & password error $retvars['body'] = '<p class="alert alert-danger">' . $_msg_edit['msg_invalidpass'] . '</p>' . "\n"; $retvars['body'] .= Utility::editForm($page, $msg, FALSE); return $retvars; } $wiki->set($postdata, $notimeupdate !== 0 && $notimestamp); if (isset($vars['refpage']) && $vars['refpage'] !== '') { $refwiki = Factory::Wiki($vars['refpage']); $url = $partid ? $refwiki->uri('read', null, rawurlencode($partid)) : $refwiki->uri(); } else { $url = $partid ? $wiki->uri('read', null, rawurlencode($partid)) : $wiki->uri(); } if (isset($vars['ajax'])) { $headers = Header::getHeaders('application/json'); Header::writeResponse($headers, 200, Json::encode(array('msg' => 'Your post has been saved.', 'posted' => true, 'taketime' => Time::getTakeTime()))); } else { Utility::redirect($url); } exit; }
function edit_form($page, $postdata, $digest = FALSE, $b_template = TRUE) { return Utility::editForm($page, $postdata); }
/** * ページを書き込む * @param string $str 書き込むデーター * @param boolean $notimestamp タイムスタンプを更新するかのフラグ * @return void */ public function set($str, $keeptimestamp = false) { global $use_spam_check, $_string, $vars, $_title, $whatsnew, $whatsdeleted; // roleのチェック if (Auth::check_role('readonly')) { return; } // Do nothing if (Auth::is_check_role(PKWK_CREATE_PAGE)) { Utility::dieMessage(sprintf($_strings['error_prohibit'], 'PKWK_READONLY'), 403); } // 簡易スパムチェック(不正なエンコードだった場合ここでエラー) if (isset($vars['encode_hint']) && $vars['encode_hint'] !== PKWK_ENCODING_HINT) { Utility::dump(); Utility::dieMessage($_string['illegal_chars'], 403); } // ポカミス対策:配列だった場合文字列に変換 if (is_array($str)) { $str = join("\n", $str); } // 入力データーを整形(※string型です) $postdata = Rules::make_str_rules($str); // 過去のデーターを取得 $oldpostdata = self::has() ? self::get(TRUE) : ''; // 差分を生成(ここでの差分データーはAkismetでも使う) $diff = new Diff($oldpostdata, $postdata); $diffobj = new LineDiff(); $diffdata = $diffobj->str_compare($oldpostdata, $postdata); // ログイン済みもしくは、自動更新されるページである $has_not_permission = Auth::check_role('role_contents_admin'); // 未ログインの場合、S25Rおよび、DNSBLチェック if ($has_not_permission) { $ip_filter = new IpFilter(); //if ($ip_filter->isS25R()) Utility::dieMessage('S25R host is denied.'); // 簡易スパムチェック if (Utility::isSpamPost()) { Utility::dump(); Utility::dieMessage('Writing was limited. (Blocking SPAM)'); } if (isset($use_spam_check['page_remote_addr']) && $use_spam_check['page_remote_addr'] !== 0) { // DNSBLチェック $listed = $ip_filter->checkHost(); if ($listed !== false) { Utility::dump('dnsbl'); Utility::dieMessage(sprintf($_strings['prohibit_dnsbl'], $listed), $_title['prohibit'], 400); } } if (isset($use_spam_check['page_contents']) && $use_spam_check['page_contents'] !== 0) { // URLBLチェック $reason = self::checkUriBl($diff); if ($reason !== false) { Utility::dump($reason); Utility::dieMessage($_strings['prohibit_uribl'], $_title['prohibit'], 400); } } // 匿名プロクシ if ($use_spam_check['page_write_proxy'] && ProxyChecker::is_proxy()) { Utility::dump('proxy'); Utility::dieMessage($_strings['prohibit_proxy'], $_title['prohibit'], 400); } // Akismet global $akismet_api_key; if (isset($use_spam_check['akismet']) && $use_spam_check['akismet'] !== 0 && !empty($akismet_api_key)) { $akismet = new Akismet($akismet_api_key, Router::get_script_absuri()); if ($akismet->verifyKey($akismet_api_key)) { // 送信するデーターをセット $akismet_post = array('user_ip' => REMOTE_ADDR, 'user_agent' => $_SERVER['HTTP_USER_AGENT'], 'comment_type' => 'comment', 'comment_author' => isset($vars['name']) ? $vars['name'] : 'Anonymous', 'comment_content' => $postdata); // if ($use_spam_check['akismet'] === 1){ // // 差分のみをAkismetに渡す // foreach ($diff->getSes() as $key=>$line){ // if ($key !== $diff::SES_ADD) continue; // $added_data[] = $line; // } // $akismet_post['comment_content'] = join("\n",$added_data); // unset($added_data); // } if ($akismet->isSpam($akismet_post)) { Utility::dump('akismet'); Utility::dieMessage($_strings['prohibit_akismet'], $_title['prohibit'], 400); } } else { Utility::dieMessage('Akismet API key does not valied.', 500); } } // captcha check if (isset($use_spam_check['captcha']) && $use_spam_check['captcha'] !== 0) { Captcha::check(false); } } // 現時点のページのハッシュを読む $old_digest = $this->wiki->has() ? $this->wiki->digest() : 0; // オリジナルが送られてきている場合、Wikiへの書き込みを中止し、競合画面を出す。 // 現時点のページのハッシュと、送信されたページのハッシュを比較して異なる場合、 // 自分が更新している間に第三者が更新した(=競合が起きた)と判断する。 $collided = isset($vars['digest']) && $old_digest !== 0 && $vars['digest'] !== $old_digest; if ($collided && isset($vars['original'])) { return array('msg' => $_string['title_collided'], 'body' => $_string['msg_collided'] . Utility::showCollision($oldpostdata, $postdata, $vars['original']) . Utility::editForm($this->page, $postdata, false)); } // add client info to diff // $diffdata[] = '// IP:"'. REMOTE_ADDR . '" TIME:"' . UTIME . '" REFERER:"' . $referer . '" USER_AGENT:"' . $user_agent. "\n"; FileFactory::Diff($this->page)->set($diffdata); unset($oldpostdata, $diff, $diffdata); // Logging postdata (Plus!) if (self::POST_LOGGING === TRUE) { Utility::dump(self::POST_LOG_FILENAME); } // 入力が空の場合、削除とする if (empty($str)) { // Wikiページを削除 $ret = $this->wiki->set(''); Recent::set($this->page, true); } else { // Wikiを保存 $ret = $this->wiki->set($postdata, $keeptimestamp); // 最終更新を更新 Recent::set($this->page); } if ($this->page !== $whatsnew || $this->page !== $whatsdeleted || !$this->isHidden()) { // バックアップを更新 Factory::Backup($this->page)->set(); // 更新ログをつける LogFactory::factory('update', $this->page)->set(); if (!$keeptimestamp && !empty($str)) { // weblogUpdates.pingを送信 $ping = new Ping($this->page); $ping->send(); } } // 簡易競合チェック if ($collided) { return array('msg' => $_string['title_collided'], 'body' => $_string['msg_collided_auto']); } }