function plugin_edit_action()
{
// global $vars, $_title_edit, $load_template_func;
global $vars, $load_template_func;
// if (PKWK_READONLY) die_message( _('PKWK_READONLY prohibits editing') );
if (auth::check_role('readonly')) {
die_message(_('PKWK_READONLY prohibits editing'));
}
if (PKWK_READONLY == ROLE_AUTH && auth::get_role_level() > ROLE_AUTH) {
die_message(_('PKWK_READONLY prohibits editing'));
}
if (isset($vars['realview'])) {
return plugin_edit_realview();
}
$page = isset($vars['page']) ? $vars['page'] : '';
check_editable($page, true, true);
if (!is_page($page) && auth::is_check_role(PKWK_CREATE_PAGE)) {
die_message(_('PKWK_CREATE_PAGE prohibits editing'));
}
if (isset($vars['preview']) || $load_template_func && isset($vars['template'])) {
return plugin_edit_preview();
} else {
if (isset($vars['write'])) {
return plugin_edit_write();
} else {
if (isset($vars['cancel'])) {
return plugin_edit_cancel();
}
}
}
$source = get_source($page);
auth::is_role_page($source);
$postdata = $vars['original'] = join('', $source);
if (!empty($vars['id'])) {
$postdata = plugin_edit_parts($vars['id'], $source);
if ($postdata === FALSE) {
unset($vars['id']);
// なかったことに :)
$postdata = $vars['original'];
}
}
if ($postdata == '') {
$postdata = auto_template($page);
}
return array('msg' => _('Edit of $1'), 'body' => edit_form($page, $postdata));
}
function plugin_role_convert()
{
global $_role_msg;
$role = auth::get_role_level();
if ($role == 0) {
return '';
}
$argv = func_get_args();
$i = count($argv);
if ($i < 2) {
return role_list($role);
}
$msg = $argv[$i - 1];
if (!auth::is_check_role($argv[0])) {
return convert_html(str_replace("\r", "\n", $msg));
}
return '';
}
function plugin_commentx_get_nick()
{
global $vars;
$name = empty($vars['name']) ? '' : $vars['name'];
if (PKWK_READONLY != ROLE_AUTH) {
return array($name, $name, '');
}
list($role, $name, $nick, $url) = auth::get_user_name();
if (empty($nick)) {
return array($name, $name, '');
}
if (auth::get_role_level() < ROLE_AUTH) {
return array($name, $name, '');
}
$link = empty($url) ? $nick : $nick . '>' . $url;
return array($nick, $link, "disabled=\"disabled\"");
}
function passwd_menu($msg = ' ')
{
global $script, $head_tags, $_passwd_msg, $auth_type, $realm, $vars;
$head_tags[] = ' <script type="text/javascript" src="' . SKIN_URI . 'crypt/md5.js"></script>';
$head_tags[] = ' <script type="text/javascript" src="' . SKIN_URI . 'crypt/sha1.js"></script>';
$head_tags[] = ' <script type="text/javascript" src="' . SKIN_URI . 'crypt/des.js"></script>';
$head_tags[] = ' <script type="text/javascript" src="' . SKIN_URI . 'crypt/base64.js"></script>';
$func = 'save';
$role_level = auth::get_role_level();
$old_algorithm = '';
$r_realm = rawurlencode($realm);
$checked_md5 = 'checked="checked"';
$checked_sha1 = '';
// adminpass を求める処理の場合か?
$is_adminpass = isset($vars['adminpass']);
if ($is_adminpass) {
$use_pkwk_write_func = false;
$auth_type = 1;
} else {
$use_pkwk_write_func = USE_PKWK_WRITE_FUNC;
}
// 役割に応じた設定
if ($role_level == 2) {
// 管理者
$disabled_user = $user = '';
$msg_pass = $_passwd_msg['msg_pass_admin'];
$a1_des = "a1 = objForm.key.value;\n";
$msg_role = <<<EOD
<tr>
<th>{$_passwd_msg['role']}</th>
<td>
<select name="role">
<option value="">{$_passwd_msg['role_4']}</option>
<option value="3">{$_passwd_msg['role_3']}</option>
<option value="2">{$_passwd_msg['role_2']}</option>
</select>
</td>
</tr>
EOD;
} else {
// 一般ユーザ
$disabled_user = '******';
// ゲスト時は、admin として一律生成できるようにしておく
// $user = ($role_level == 0) ? 'admin' : auth::check_auth();
if ($role_level == 0) {
$user = '******';
$msg_pass = $_passwd_msg['msg_pass_none'];
$a1_des = "a1 = objForm.key.value;\n";
} else {
$user = auth::check_auth();
$msg_pass = $_passwd_msg['msg_pass_old'];
$old_algorithm = passwd_get_scheme($user);
switch ($old_algorithm) {
case 'md5':
$checked_md5 = 'checked="checked"';
$checked_sha1 = '';
break;
case 'sha1':
$checked_md5 = '';
$checked_sha1 = 'checked="checked"';
break;
}
// $a1_des = 'a1 = objForm.username.value+\':' . $realm . ":'+objForm.key.value;\n";
$a1_des = 'a1 = objForm.username.value+\':\'+decodeURIComponent(objForm.realm.value)+\':\'+objForm.key.value;' . "\n";
}
$func = 'update';
$msg_role = <<<EOD
<tr>
<th>{$_passwd_msg['role']}</th>
<td>
EOD;
$msg_role .= passwd_get_role_name($role_level) . ' (' . $role_level . ')';
$msg_role .= <<<EOD
</td>
</tr>
EOD;
}
$msg_username = <<<EOD
<tr>
<th>{$_passwd_msg['UserName']}</th>
<td><input type="text" name="username" size="10" value="{$user}" {$disabled_user} /></td>
</tr>
EOD;
switch ($auth_type) {
case 1:
// basic
$pref = 'php';
$submit_sha1 = "objForm.submit.disabled = false;\n";
$a1 = "a1 = objForm.passwd.value;\n";
// basic の場合は上書きする
$a1_des = "a1 = objForm.key.value;\n";
$disabled_sha1 = '';
// 書き込み禁止 または ゲスト時は、ユーザ名不要
if (!$use_pkwk_write_func || $role_level == 0) {
$msg_username = '';
}
break;
case 2:
default:
// digest
$pref = 'digest';
$submit_sha1 = '';
// $a1 = 'a1 = objForm.username.value+\':' . $realm . ":'+objForm.passwd.value;\n";
$a1 = 'a1 = objForm.username.value+\':\'+decodeURIComponent(objForm.realm.value)+\':\'+objForm.passwd.value;' . "\n";
$checked_md5 = 'checked="checked"';
$checked_sha1 = '';
$disabled_sha1 = 'disabled="disabled"';
}
// プラグインによる書き込み制限の場合
// 使用する場合は、変更させることもコピーさせることも不要なので、抑止する
// 更新ボタンすら表示しない
if (!$use_pkwk_write_func || $role_level == 0) {
$submit_sha1 = $submit_false = $submit_true = '';
$disabled_result = $msg_submit = $msg_role = '';
} else {
// $submit_sha1
$submit_false = "objForm.submit.disabled = false;\n";
$submit_true = "objForm.submit.disabled = true;\n";
$disabled_result = 'disabled="disabled"';
$msg_submit = <<<EOD
<tr>
<td><input type="submit" name="submit" value="{$_passwd_msg['Update']}" disabled="disabled" /></td>
</tr>
EOD;
}
$x = <<<EOD
<script type="text/javascript">
<!-- <![CDATA[
function set_hash()
{
var a1,ctr,pref,hash,des_key,hash_view,algorithm;
var fn = function(){
switch(algorithm) {
case 'sha1':
{$submit_sha1}
hash = hex_sha1(a1);
pref = "{x-{$pref}-sha1}";
break;
default:
{$submit_false}
hash = hex_md5(a1);
pref = "{x-{$pref}-md5}";
}
};
var objForm = eval("document.passwd");
{$submit_true}
if (objForm.passwd.value == "") {
objForm.hash.value = "";
objForm.algorithm.value = "";
objForm.key.value = "";
} else {
ctr = objForm.scheme.length;
for (i=0; i<ctr; i++) {
if (objForm.scheme[i].checked) {
objForm.algorithm.value = objForm.scheme[i].value;
break;
}
}
if (objForm.old_algorithm.value == "") {
algorithm = objForm.algorithm.value;
} else {
algorithm = objForm.old_algorithm.value;
}
{$a1_des}
fn();
des_key = hash;
algorithm = objForm.algorithm.value;
{$a1}
fn();
hash_view = hash;
objForm.hash.value = base64encode( des(des_key, hash, 1, 0) );
objForm.passwd.value = "";
objForm.key.value = "";
}
if (objForm.hash.value == "") {
objForm.hash_view.value = "";
} else {
objForm.hash_view.value = pref+hash_view;
}
}
//]]>-->
</script>
<h2>passwd</h2>
<div>{$msg}</div>
<form name="passwd" action="{$script}" method="post">
<input type="hidden" name="plugin" value="passwd" />
<input type="hidden" name="func" value="{$func}" />
<input type="hidden" name="algorithm" />
<input type="hidden" name="old_algorithm" value="{$old_algorithm}"/>
<input type="hidden" name="hash" />
<input type="hidden" name="realm" value="{$r_realm}"/>
<table class="indented">
{$msg_username}
<tr>
<th>{$_passwd_msg['Passwd']}</th>
<td><input type="password" name="passwd" size="10" /> {$_passwd_msg['msg_pass_new']}</td>
</tr>
<tr>
<th>{$_passwd_msg['Crypt']}</th>
<td><input type="password" name="key" size="10" /> {$msg_pass}</td>
</tr>
{$msg_role}
<tr>
<th>{$_passwd_msg['Calculate']}</th>
<td>
<input type="radio" name="scheme" value="md5" {$checked_md5} /> <label>MD5</label>
<input type="radio" name="scheme" value="sha1" {$checked_sha1} {$disabled_sha1} /> <label>SHA-1</label>
<input type="button" onclick="set_hash()" value="{$_passwd_msg['CALC']}" />
</td>
</tr>
<tr>
<th>{$_passwd_msg['Result']}</th>
<td><input type="text" name="hash_view" size="80" {$disabled_result} /></td>
</tr>
{$msg_submit}
</table>
</form>
EOD;
return $x;
}
function is_check_role($chk_role)
{
if ($chk_role == ROLE_GUEST) {
return FALSE;
}
// 機能無効
if ($chk_role == ROLE_FORCE) {
return TRUE;
}
// 強制
// 役割に応じた挙動の設定
$now_role = (int) auth::get_role_level();
if ($now_role == ROLE_GUEST) {
return TRUE;
}
return $now_role <= $chk_role ? FALSE : TRUE;
}
function htdigest_menu($msg = ' ')
{
global $script, $realm, $head_tags, $_htdigest_msg;
$head_tags[] = ' <script type="text/javascript" src="' . SKIN_URI . 'crypt/md4.js"></script>';
$head_tags[] = ' <script type="text/javascript" src="' . SKIN_URI . 'crypt/md5.js"></script>';
$head_tags[] = ' <script type="text/javascript" src="' . SKIN_URI . 'crypt/sha1.js"></script>';
$head_tags[] = ' <script type="text/javascript" src="' . SKIN_URI . 'crypt/des.js"></script>';
$head_tags[] = ' <script type="text/javascript" src="' . SKIN_URI . 'crypt/base64.js"></script>';
// 使用する場合は、変更させることもコピーさせることも不要なので、抑止する
$disabled = USE_APACHE_WRITE_FUNC ? 'disabled="disabled"' : '';
$func = 'save';
$role_level = auth::get_role_level();
if ($role_level > 2) {
$user_disabled = 'disabled="disabled"';
$user = auth::check_auth();
$func = 'update';
$msg_pass = $_htdigest_msg['msg_pass_old'];
} else {
$user_disabled = $user = '';
$msg_pass = $role_level == 2 ? $_htdigest_msg['msg_pass_admin'] : '';
}
$x = <<<EOD
<script type="text/javascript">
<!-- <![CDATA[
function set_hash()
{
var a1,ctr,pref,hash,des_key;
var fn = function(){
switch(objForm.algorithm.value) {
case 'MD4':
hash = hex_md4(a1);
break;
case 'SHA-1':
hash = hex_sha1(a1);
break;
default:
objForm.submit.disabled = false;
hash = hex_md5(a1);
}
};
var objForm = eval("document.htdigest");
objForm.submit.disabled = true;
if (objForm.passwd.value == "" || objForm.key.value == "") {
objForm.hash.value = "";
objForm.algorithm.value = "";
} else {
ctr = objForm.scheme.length;
for (i=0; i<ctr; i++) {
if (objForm.scheme[i].checked) {
objForm.algorithm.value = objForm.scheme[i].value;
break;
}
}
EOD;
if ($role_level > 2) {
// a1
$x .= "a1 = objForm.username.value+':'+objForm.realm.value+':'+objForm.key.value;\n";
} else {
// adminpass
$x .= "a1 = objForm.key.value;\n";
}
$x .= <<<EOD
fn();
des_key = hash;
a1 = objForm.username.value+':'+objForm.realm.value+':'+objForm.passwd.value;
fn();
objForm.hash.value = base64encode( des(des_key, hash, 1, 0) );
objForm.passwd.value = "";
}
if (objForm.hash.value == "") {
objForm.hash_view.value = "";
} else {
objForm.hash_view.value = objForm.username.value+':'+objForm.realm.value+':'+hash;
}
}
//]]>-->
</script>
<h2>htdigest</h2>
<div>{$msg}</div>
<form name="htdigest" action="{$script}" method="post">
<input type="hidden" name="plugin" value="htdigest" />
<input type="hidden" name="func" value="{$func}" />
<input type="hidden" name="algorithm" />
<input type="hidden" name="hash" />
<table class="indented">
<tr>
<th>{$_htdigest_msg['realm']}</th>
<td><input type="text" name="realm" size="30" value="{$realm}" /></td>
</tr>
<tr>
<th>{$_htdigest_msg['UserName']}</th>
<td><input type="text" name="username" size="10" value="{$user}" {$user_disabled} /></td>
</tr>
<tr>
<th>{$_htdigest_msg['Passwd']}</th>
<td><input type="password" name="passwd" size="10" /> {$_htdigest_msg['msg_pass_new']}</td>
</tr>
<tr>
<th>{$_htdigest_msg['Crypt']}</th>
<td><input type="password" name="key" size="10" /> {$msg_pass}</td>
</tr>
<tr>
<th>{$_htdigest_msg['Calculate']}</th>
<td>
<input type="radio" name="scheme" value="MD5" checked="checked" /> <label>MD5</label>
<input type="radio" name="scheme" value="SHA-1" /> <label>SHA-1</label>
<input type="radio" name="scheme" value="MD4" /> <label>MD4</label>
<input type="button" onclick="set_hash()" value="{$_htdigest_msg['CALC']}" />
</td>
</tr>
<tr>
<th>{$_htdigest_msg['Result']}</th>
<td><input type="text" name="hash_view" size="80" {$disabled} /></td>
</tr>
<tr>
<td><input type="submit" name="submit" value="{$_htdigest_msg['Update']}" disabled="disabled" /></td>
</tr>
</table>
</form>
EOD;
return $x;
}
function plugin_guiedit_action()
{
// global $vars, $_title_edit, $load_template_func;
global $vars, $load_template_func;
global $menubar, $sidebar, $topicpath;
// if (PKWK_READONLY) die_message( _('PKWK_READONLY prohibits editing') );
if (auth::check_role('readonly')) {
die_message(_('PKWK_READONLY prohibits editing'));
}
if (PKWK_READONLY == ROLE_AUTH && auth::get_role_level() > ROLE_AUTH) {
die_message(_('PKWK_READONLY prohibits editing'));
}
$page = isset($vars['page']) ? $vars['page'] : '';
check_editable($page, true, true);
if (!is_page($page) && auth::is_check_role(PKWK_CREATE_PAGE)) {
die_message(_('PKWK_CREATE_PAGE prohibits editing'));
}
global $guiedit_use_fck;
$guiedit_use_fck = isset($vars['text']) ? false : true;
if ($guiedit_use_fck) {
global $guiedit_pkwk_root;
$guiedit_pkwk_root = get_baseuri('abs');
}
if (GUIEDIT_FULL_SIZE) {
$menubar = $sidebar = '';
$topicpath = false;
}
if (isset($vars['edit'])) {
return plugin_guiedit_edit_data($page);
} else {
if ($load_template_func && isset($vars['template'])) {
return plugin_guiedit_template();
} else {
if (isset($vars['preview'])) {
return plugin_guiedit_preview();
} else {
if (isset($vars['write'])) {
return plugin_guiedit_write();
} else {
if (isset($vars['cancel'])) {
return plugin_guiedit_cancel();
}
}
}
}
}
$source = get_source($page);
$postdata = $vars['original'] = join('', $source);
if (isset($vars['text'])) {
if (!empty($vars['id'])) {
exist_plugin('edit');
$postdata = plugin_edit_parts($vars['id'], $source);
if ($postdata === FALSE) {
unset($vars['id']);
$postdata = $vars['original'];
}
}
if ($postdata == '') {
$postdata = auto_template($page);
}
}
return array('msg' => $_title_edit, 'body' => plugin_guiedit_edit_form($page, $postdata));
}
function plugin_pcomment_get_nick()
{
global $vars, $_no_name;
$name = empty($vars['name']) ? $_no_name : $vars['name'];
if (PKWK_READONLY != ROLE_AUTH) {
return array($name, $name, '');
}
$auth_key = auth::get_user_name();
if (empty($auth_key['nick'])) {
return array($name, $name, '');
}
if (auth::get_role_level() < ROLE_AUTH) {
return array($auth_key['nick'], $name, '');
}
$link = empty($auth_key['profile']) ? $auth_key['nick'] : $auth_key['nick'] . '>' . $auth_key['profile'];
return array($auth_key['nick'], $link, "disabled=\"disabled\"");
}