function LoadFile($dbi, $filename, $text, $mtime) { set_time_limit(30); // Reset watchdog. if (!$mtime) { $mtime = time(); } // Last resort. $defaults = array('author' => 'The PhpWiki programming team', 'pagename' => rawurldecode($filename), 'created' => $mtime, 'flags' => 0, 'lastmodified' => $mtime, 'refs' => array(), 'version' => 1); if (!($parts = ParseMimeifiedPages($text))) { // Can't parse MIME: assume plain text file. $page = $defaults; $page['pagename'] = rawurldecode($filename); $page['content'] = preg_split('/[ \\t\\r]*\\n/', chop($text)); SavePage($dbi, $page, "text file"); } else { for (reset($parts); $page = current($parts); next($parts)) { // Fill in defaults for missing values? // Should we do more sanity checks here? reset($defaults); while (list($key, $val) = each($defaults)) { if (!isset($page[$key])) { $page[$key] = $val; } } if ($page['pagename'] != rawurldecode($filename)) { printf("<b>Warning:</b> " . "pagename (%s) doesn't match filename (%s)" . " (using pagename)<br>\n", htmlspecialchars($page['pagename']), htmlspecialchars(rawurldecode($filename))); } SavePage($dbi, $page, "MIME file"); } } }
/** * TODO: check for the pgsrc_version number, not the revision mtime only */ function doPgsrcUpdate($pagename, $path, $filename) { // don't ever update the HomePage if (defined(HOME_PAGE) and $pagename == HOME_PAGE or $pagename == _("HomePage") or $pagename == "HomePage") { echo "{$path}/{$pagename}: ", _("always skip the HomePage."), _(" Skipped"), ".<br />\n"; return; } $page = $this->dbi->getPage($pagename); if ($page->exists()) { // check mtime: update automatically if pgsrc is newer $rev = $page->getCurrentRevision(); $page_mtime = $rev->get('mtime'); $data = implode("", file($path . "/" . $filename)); if ($parts = ParseMimeifiedPages($data)) { usort($parts, 'SortByPageVersion'); reset($parts); $pageinfo = $parts[0]; $stat = stat($path . "/" . $filename); $new_mtime = 0; if (isset($pageinfo['versiondata']['mtime'])) { $new_mtime = $pageinfo['versiondata']['mtime']; } if (!$new_mtime and isset($pageinfo['versiondata']['lastmodified'])) { $new_mtime = $pageinfo['versiondata']['lastmodified']; } if (!$new_mtime and isset($pageinfo['pagedata']['date'])) { $new_mtime = $pageinfo['pagedata']['date']; } if (!$new_mtime) { $new_mtime = $stat[9]; } if ($new_mtime > $page_mtime) { echo "{$path}/{$pagename}: ", _("newer than the existing page."), _(" replace "), "({$new_mtime} > {$page_mtime})", "<br />\n"; LoadAny($this->request, $path . "/" . $filename); echo "<br />\n"; } else { echo "{$path}/{$pagename}: ", _("older than the existing page."), _(" Skipped"), ".<br />\n"; } } else { echo "{$path}/{$pagename}: ", "unknown format.", _(" Skipped"), ".<br />\n"; } } else { echo sprintf(_("%s does not exist"), $pagename), "<br />\n"; LoadAny($this->request, $path . "/" . $filename); echo "<br />\n"; } }
function _loadPageData($pagename) { if ($this->_page_data != NULL) { if ($this->_page_data['pagename'] == $pagename) { return $this->_page_data; } } //$pd = $this->_loadPage('page_data', $pagename, 0); $filename = $this->_pagename2filename('page_data', $pagename, 0); if (!file_exists($filename)) { return NULL; } if (!filesize($filename)) { return array(); } if ($fd = @fopen($filename, "rb")) { $locked = flock($fd, 1); // Read lock if (!$locked) { ExitWiki("Timeout while obtaining lock. Please try again"); } if ($data = fread($fd, filesize($filename))) { // This is the only difference from file: if ($parts = ParseMimeifiedPages($data)) { $pd = $parts[0]; } //if ($set_pagename == true) $pd['pagename'] = $pagename; //if ($version != 0) $pd['version'] = $version; if (!is_array($pd)) { ExitWiki(sprintf(gettext("'%s': corrupt file"), htmlspecialchars($filename))); } } fclose($fd); } if ($pd != NULL) { $this->_page_data = $pd; } if ($this->_page_data != NULL) { if ($this->_page_data['pagename'] == $pagename) { return $this->_page_data; } } return array(); // no values found }
/** * TODO: check for the pgsrc_version number, not the revision mtime only */ function doPgsrcUpdate(&$request, $pagename, $path, $filename, $checkonly = false) { $dbi = $request->getDbh(); $page = $dbi->getPage($pagename); if ($page->exists()) { // check mtime: update automatically if pgsrc is newer $rev = $page->getCurrentRevision(); $page_mtime = $rev->get('mtime'); $data = implode("", file($path . "/" . $filename)); if ($parts = ParseMimeifiedPages($data)) { usort($parts, 'SortByPageVersion'); reset($parts); $pageinfo = $parts[0]; $stat = stat($path . "/" . $filename); $new_mtime = @$pageinfo['versiondata']['mtime']; if (!$new_mtime) { $new_mtime = @$pageinfo['versiondata']['lastmodified']; } if (!$new_mtime) { $new_mtime = @$pageinfo['pagedata']['date']; } if (!$new_mtime) { $new_mtime = $stat[9]; } if ($new_mtime > $page_mtime) { echo "{$path}/{$pagename}: ", _("newer than the existing page."), _(" replace "), "({$new_mtime} > {$page_mtime})", "<br />\n"; if (!$checkonly) { LoadAny($request, $path . "/" . $filename); } echo "<br />\n"; } else { /*echo "$path/$pagename: ",_("older than the existing page."), _(" skipped"),".<br />\n";*/ } } else { echo "{$path}/{$pagename}: ", "unknown format.", _(" skipped"), ".<br />\n"; } } else { echo sprintf(_("%s does not exist"), $pagename), "<br />\n"; if (!$checkonly) { LoadAny($request, $path . "/" . $filename); } echo "<br />\n"; } }
/** * Security alert! We should not allow to import config.ini into our wiki (or from a sister wiki?) * because the sql passwords are in plaintext there. And the webserver must be able to read it. * Detected by Santtu Jarvi. */ function LoadFile(&$request, $filename, $text = false, $mtime = false) { if (preg_match("/config\$/", dirname($filename)) and preg_match("/config.*\\.ini/", basename($filename))) { trigger_error(sprintf("Refused to load %s", $filename), E_USER_WARNING); return; } if (!is_string($text)) { // Read the file. $stat = stat($filename); $mtime = $stat[9]; $text = implode("", file($filename)); } if (!$request->getArg('start_debug')) { @set_time_limit(30); } else { @set_time_limit(240); } // FIXME: basename("filewithnoslashes") seems to return garbage sometimes. $basename = basename("/dummy/" . $filename); if (!$mtime) { $mtime = time(); } // Last resort. $default_pagename = rawurldecode($basename); if ($parts = ParseMimeifiedPages($text)) { usort($parts, 'SortByPageVersion'); foreach ($parts as $pageinfo) { SavePage($request, $pageinfo, sprintf(_("MIME file %s"), $filename), $basename); } } else { if ($pageinfo = ParseSerializedPage($text, $default_pagename, $request->getUser())) { SavePage($request, $pageinfo, sprintf(_("Serialized file %s"), $filename), $basename); } else { $user = $request->getUser(); // Assume plain text file. $pageinfo = array('pagename' => $default_pagename, 'pagedata' => array(), 'versiondata' => array('author' => $user->getId()), 'content' => preg_replace('/[ \\t\\r]*\\n/', "\n", chop($text))); SavePage($request, $pageinfo, sprintf(_("plain file %s"), $filename), $basename); } } }
function ParseMimeMultipart($data, $boundary) { if (!$boundary) { ExitWiki("No boundary?"); } $boundary = preg_quote($boundary); while (preg_match("/^(|.*?\n)--{$boundary}((?:--)?)[^\n]*\n/s", $data, $match)) { $data = substr($data, strlen($match[0])); if (!isset($parts)) { $parts = array(); } else { if ($content = ParseMimeifiedPages($match[1])) { for (reset($content); $p = current($content); next($content)) { $parts[] = $p; } } } if ($match[2]) { return $parts; } // End boundary found. } ExitWiki("No end boundary?"); }
/** * Security alert! We should not allow to import config.ini into our wiki (or from a sister wiki?) * because the sql passwords are in plaintext there. And the webserver must be able to read it. * Detected by Santtu Jarvi. */ function LoadFile(&$request, $filename, $text = false, $mtime = false) { if (preg_match("/config\$/", dirname($filename)) and preg_match("/config.*\\.ini/", basename($filename))) { trigger_error(sprintf("Refused to load %s", $filename), E_USER_WARNING); return; } if (!is_string($text)) { // Read the file. $stat = stat($filename); $mtime = $stat[9]; $text = implode("", file($filename)); } if (!$request->getArg('start_debug')) { @set_time_limit(30); } else { @set_time_limit(240); } // FIXME: basename("filewithnoslashes") seems to return garbage sometimes. $basename = basename("/dummy/" . $filename); if (!$mtime) { $mtime = time(); } // Last resort. // DONE: check source - target charset for content and pagename // but only for pgsrc'ed content, not from the browser. $default_pagename = rawurldecode($basename); if ($parts = ParseMimeifiedPages($text)) { if (count($parts) > 1) { $overwrite = $request->getArg('overwrite'); } usort($parts, 'SortByPageVersion'); foreach ($parts as $pageinfo) { // force overwrite if (count($parts) > 1) { $request->setArg('overwrite', 1); } SavePage($request, $pageinfo, sprintf(_("MIME file %s"), $filename), $basename); } if (count($parts) > 1) { if ($overwrite) { $request->setArg('overwrite', $overwrite); } else { unset($request->_args['overwrite']); } } } else { if ($pageinfo = ParseSerializedPage($text, $default_pagename, $request->getUser())) { SavePage($request, $pageinfo, sprintf(_("Serialized file %s"), $filename), $basename); } else { // plain old file $user = $request->getUser(); $file_charset = 'utf-8'; // compare to target charset if ($file_charset != strtolower($GLOBALS['charset'])) { $text = charset_convert($file_charset, $GLOBALS['charset'], $text); $default_pagename = charset_convert($file_charset, $GLOBALS['charset'], $default_pagename); } // Assume plain text file. $pageinfo = array('pagename' => $default_pagename, 'pagedata' => array(), 'versiondata' => array('author' => $user->getId()), 'content' => preg_replace('/[ \\t\\r]*\\n/', "\n", chop($text))); SavePage($request, $pageinfo, sprintf(_("plain file %s"), $filename), $basename); } } }
function ParseMimeMultipart($data, $boundary) { if (!$boundary) ExitWiki('No boundary?'); $boundary = preg_quote($boundary); while (preg_match("/^(|.*?\n)--$boundary((?:--)?)[^\n]*\n/s", $data, $match)) { $data = substr($data, strlen($match[0])); if (!isset($parts)) { $parts = array(); // First time through: discard leading chaff } else { if ($content = ParseMimeifiedPages($match[1])) { foreach ($content as $p ) { $parts[] = $p; } } } if ($match[2]) return $parts; // End boundary found. } ExitWiki('No end boundary?'); }