示例#1
0
 function execute()
 {
     global $wgOut;
     global $wgRequest, $wgUser;
     // get the parameters
     $from = trim($wgRequest->getText('from'));
     $to = trim($wgRequest->getText('to'));
     $reason = $wgRequest->getText('reason');
     if ($from != "" and $to != "") {
         if ($wgRequest->getVal("wpPreview")) {
             // Preview batch move
             $wgOut->addHTML(wfMsg("batchmove-preview-header") . "<br/>");
             $wgOut->addHTML(doBatchMove($from, $to, $reason, true));
             $wgOut->addHTML("<form>");
             $wgOut->addHTML("<input id='to' name='to' type='hidden' value='" . htmlentities($to, ENT_QUOTES, "UTF-8") . "' />");
             $wgOut->addHTML("<input id='from' name='from' type='hidden' value='" . htmlentities($from, ENT_QUOTES, "UTF-8") . "' />");
             $wgOut->addHTML("<input id='reason' name='reason' type='hidden' value='" . htmlentities($reason, ENT_QUOTES, "UTF-8") . "' />");
             $wgOut->addHTML("<input id='wpConfirm' name='wpConfirm' type='submit' value='" . wfMsg("batchmove-confirm") . "'/>");
             $wgOut->addHTML("<input id='wpPreview' name='wpPreview' type='submit' value='" . wfMsg("batchmove-preview") . "'/>");
             $wgOut->addHTML("</form>");
         } else {
             if ($wgRequest->getVal("wpConfirm")) {
                 // Do batch move
                 $wgOut->addHTML(doBatchMove($from, $to, $reason));
                 $wgOut->addHTML("<i>" . wfMsg("batchmove-complete") . "</i>");
             } else {
                 $wgOut->setPageTitle(wfMsg("batchmove-title"));
                 $wgOut->addHTML(sandboxParse(wfMsg("batchmove-confirm-msg", $from, $to)));
                 $wgOut->addHTML("<form>");
                 $wgOut->addHTML("<input id='to' name='to' type='hidden' value='" . htmlentities($to, ENT_QUOTES, "UTF-8") . "' />");
                 $wgOut->addHTML("<input id='from' name='from' type='hidden' value='" . htmlentities($from, ENT_QUOTES, "UTF-8") . "' />");
                 $wgOut->addHTML("<input id='reason' name='reason' type='hidden' value='" . htmlentities($reason, ENT_QUOTES, "UTF-8") . "' />");
                 $wgOut->addHTML("<input id='wpConfirm' name='wpConfirm' type='submit' value='" . wfMsg("batchmove-confirm") . "'/>");
                 $wgOut->addHTML("<input id='wpPreview' name='wpPreview' type='submit' value='" . wfMsg("batchmove-preview") . "'/>");
                 $wgOut->addHTML("</form>");
             }
         }
     } else {
         $wgOut->setPageTitle(wfMsg("batchmove-title"));
         $wgOut->addHTML("" . wfMsg("batchmove-description") . "<br/><br/>" . "<form>" . wfMsg("batchmove-from") . ": <input type='edit' name='from' size=28/>" . "&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;" . wfMsg("batchmove-to") . ": <input type='edit' name='to' size=28/>" . "<br/><br/>" . wfMsg("batchmove-reason") . ": <input type='edit' name='reason' size=60/>" . "<br/><br/>" . "<input type='submit'/>" . "<input id='wpPreview' name='wpPreview' type='submit' value='" . wfMsg("batchmove-preview") . "'/>" . "</form><br/>");
     }
 }
 function sendPage($request, $wgOut)
 {
     $SERVER_NAME = $_SERVER['SERVER_NAME'];
     // for compatibility with servers with register-globals off.
     // make sure there is a page specified
     if ($this->getPageName($request) == "") {
         $wgOut->addHTML("<div style='background-color:#ff8080'>" . wfMsg("staf-nopage") . "</div>");
         $this->showForm($request, $wgOut);
         return;
     }
     // validate target email address
     $addr = $request->getText("addr");
     if ($addr == "" or !$this->validateEmailAddress($addr)) {
         $wgOut->addHTML("<span style='background-color:#ff8080'>" . wfMsg("staf-invalidfriendemail") . "</span><br/>");
         $this->showForm($request, $wgOut);
         return;
     }
     $myAddr = $request->getText("myAddr");
     // validate sender address
     $from = "grapevine@{$SERVER_NAME}";
     $myAddr = $request->getText("myAddr");
     if ($this->validateEmailAddress($myAddr)) {
         $from = $myAddr;
     }
     // prevent exploiting headers to send spam
     $subject = $request->getText("subj");
     $subject = $subject == "" ? wfMsg("staf-defaultsubject") : $subject;
     $subject = str_replace("@", " at ", $subject);
     // make the email body
     $body = $this->getMessageBody($request);
     if ($this->isSpam($body) || 0 < preg_match("/http:/si", $request->getText("msg"))) {
         //logEvent("Potential spam from IP ".$_SERVER['REMOTE_ADDR'].": \"$msg\"");
         $wgOut->addHTML("<div \tstyle='background-color:#ff8080'>" . wfMsg("staf-spamnotice") . "</div><br/>");
         $this->showForm($request, $wgOut);
     } else {
         if ($this->sendEmail($addr, $from, $subject, $body)) {
             // log usage data
             $cache = new DurableCache();
             $key = $request->getText("jsForm") ? "SEND_LYRICS_JS" : "SEND_LYRICS_NON_JS";
             $res = $cache->fetch($key);
             $res = (!$res or $res == "") ? 1 : intval($res) + 1;
             $cache->store($key, $res);
             $pagename = $this->getPageName($request);
             $body = wfMsg("staf-emailsent", "[[" . str_replace("_", " ", $pagename) . "]]");
             $wgOut->addHTML(sandboxParse($body));
             // sandboxParse will convert the wiki-format link above into html
             return;
         } else {
             $wgOut->addHTML("<span style='background-color:#ff8080'>" . wfMsg("staf-emailfail") . "</span><br/>");
             $this->showForm($request, $wgOut);
         }
     }
 }
示例#3
0
function renderXML($input, $argv, $parser)
{
    // parameters
    $feedURL = $argv["feed"];
    $escapedFeedURL = urlencode($argv["feed"]);
    $maxItems = (int) $argv["maxitems"];
    $addLineFeed = $argv["linefeed"];
    // retrieve the xml source from the cache before trying to fetch it
    // limits possible stress on other people's servers, reduces chance of DOS attacks
    global $wgMemc;
    $cachedSource = false;
    if (debugSwitch("forceload")) {
        $wgMemc->get($escapedFeedURL);
    }
    if (!$cachedSource) {
        // Uses Http::get which is the prefered method to make requests from MediaWiki since it handles going through proxies, etc.
        $timeout = 5;
        // set to zero for no timeout
        $source = Http::get($feedURL, $timeout, array(CURLOPT_FOLLOWLOCATION => 1));
        if (!$source) {
            return wfMsgExt("xml-feedfailed", array('parseinline'));
        }
        // only cache newly fetched sources
        $wgMemc->set($escapedFeedURL, $source, strtotime("+2 hour"));
    } else {
        $source = $cachedSource;
    }
    if (debugSwitch("source")) {
        echo $source . "\n";
    }
    // parse
    $feed = new XmlDocument();
    if (!$feed->parse($source)) {
        return wfMsg("xml-parseerror", $feed->getError());
    }
    // fill in the template with the fields from the xml file
    preg_match_all("#<item path=\"(.*?)\">(.*?)</item>#", filter($input), $matches);
    $result = "";
    foreach ($matches[0] as $i => $text) {
        $path = $matches[1][$i];
        $template = filter(trim(unfilter($matches[2][$i])));
        $items = $feed->getItem($path);
        $count = min(count($items), $maxItems);
        if (!$items) {
            $result .= wfMsg("xml-pathnotfound", $path);
        }
        for ($i = 0; $i < $count; ++$i) {
            $item = $items[$i];
            // fill in the template (use standard template parameter format)
            $text = $template;
            if (preg_match_all("/{{{([a-zA-Z:]*)}}}/", $text, $fields)) {
                foreach (array_unique($fields[1]) as $field) {
                    // SWC 20061113 - Broke the accessing into two lines so that it parses
                    $tempArray = $item[strtoupper($field)];
                    $currValue = implode("", $tempArray[0]);
                    $text = str_replace("{{{{$field}}}}", $currValue, $text);
                }
            }
            // conditially add a line feed to the end of each item
            if ($addLineFeed) {
                $result .= $text . "\n";
            } else {
                $result .= $text;
            }
        }
    }
    return sandboxParse($result);
}