PageRenderTime 61ms CodeModel.GetById 30ms RepoModel.GetById 0ms app.codeStats 0ms

/plugin/edit.inc.php

https://github.com/miya5n/pukiwiki
PHP | 254 lines | 177 code | 45 blank | 32 comment | 58 complexity | 9839084efe3716abe42e127d6cfa996d MD5 | raw file
Possible License(s): GPL-2.0 
    

  1. <?php
    2. 

  2. // PukiWiki - Yet another WikiWikiWeb clone.
    3. 

  3. // $Id: edit.inc.php,v 1.49 2011/01/25 15:01:01 henoheno Exp $
    4. 

  4. // Copyright (C) 2001-2007 PukiWiki Developers Team
    5. 

  5. // License: GPL v2 or (at your option) any later version
    6. 

  6. //
    7. 

  7. // Edit plugin (cmd=edit)
    8. 

  8. 

  9. // Remove #freeze written by hand
    10. 

  10. define('PLUGIN_EDIT_FREEZE_REGEX', '/^(?:#freeze(?!\w)\s*)+/im');
    11. 

  11. 

  12. function plugin_edit_action()
    13. 

  13. {
    14. 

  14. 	global $post, $vars, $_title_edit, $load_template_func;
    15. 

  15. 

  16. 	if (PKWK_READONLY) die_message('PKWK_READONLY prohibits editing');
    17. 

  17. 

  18. 	$page = isset($vars['page']) ? $vars['page'] : '';
    19. 

  19. 

  20. 	check_editable($page, true, true);
    21. 

  21. 

  22. 	if (isset($post['preview']) || ($load_template_func && isset($post['template']))) {
    23. 

  23. 		return plugin_edit_preview();
    24. 

  24. 	} else if (isset($post['write'])) {
    25. 

  25. 		return plugin_edit_write();
    26. 

  26. 	} else if (isset($post['cancel'])) {
    27. 

  27. 		return plugin_edit_cancel();
    28. 

  28. 	}
    29. 

  29. 

  30. 	$postdata = get_source($page, TRUE, TRUE);
    31. 

  31. 	if ($postdata == '') $postdata = auto_template($page);
    32. 

  32. 

  33. 	return array('msg'=>$_title_edit, 'body'=>edit_form($page, $postdata));
    34. 

  34. }
    35. 

  35. 

  36. // Preview
    37. 

  37. function plugin_edit_preview()
    38. 

  38. {
    39. 

  39. 	global $post, $vars, $_title_preview, $_msg_preview, $_msg_preview_delete;
    40. 

  40. 

  41. 	$page = isset($vars['page']) ? $vars['page'] : '';
    42. 

  42. 

  43. 	// Loading template
    44. 

  44. 	if (isset($post['template_page']) && is_page($post['template_page'])) {
    45. 

  45. 

  46. 		$post['msg'] = get_source($post['template_page'], TRUE, TRUE);
    47. 

  47. 

  48. 		// Cut fixed anchors
    49. 

  49. 		$post['msg'] = preg_replace('/^(\*{1,3}.*)\[#[A-Za-z][\w-]+\](.*)$/m', '$1$2', $post['msg']);
    50. 

  50. 	}
    51. 

  51. 

  52. 	$post['msg'] = preg_replace(PLUGIN_EDIT_FREEZE_REGEX, '', $post['msg']);
    53. 

  53. 	$postdata = $post['msg'];
    54. 

  54. 

  55. 	// Compat: add plugin and adding contents
    56. 

  56. 	if (isset($vars['add']) && $vars['add']) {
    57. 

  57. 		if (isset($post['add_top']) && $post['add_top']) {
    58. 

  58. 			$postdata  = $postdata . "\n\n" . get_source($page, TRUE, TRUE);
    59. 

  59. 		} else {
    60. 

  60. 			$postdata  = get_source($page, TRUE, TRUE) . "\n\n" . $postdata;
    61. 

  61. 		}
    62. 

  62. 	}
    63. 

  63. 

  64. 	$body = $_msg_preview . '<br />' . "\n";
    65. 

  65. 	if ($postdata == '')
    66. 

  66. 		$body .= '<strong>' . $_msg_preview_delete . '</strong>';
    67. 

  67. 	$body .= '<br />' . "\n";
    68. 

  68. 

  69. 	if ($postdata) {
    70. 

  70. 		$postdata = make_str_rules($postdata);
    71. 

  71. 		$postdata = explode("\n", $postdata);
    72. 

  72. 		$postdata = drop_submit(convert_html($postdata));
    73. 

  73. 		$body .= '<div id="preview">' . $postdata . '</div>' . "\n";
    74. 

  74. 	}
    75. 

  75. 	$body .= edit_form($page, $post['msg'], $post['digest'], FALSE);
    76. 

  76. 

  77. 	return array('msg'=>$_title_preview, 'body'=>$body);
    78. 

  78. }
    79. 

  79. 

  80. // Inline: Show edit (or unfreeze text) link
    81. 

  81. function plugin_edit_inline()
    82. 

  82. {
    83. 

  83. 	$usage = '&amp;edit(pagename#anchor[[,noicon],nolabel])[{label}];';
    84. 

  84. 

  85. 	global $vars, $fixed_heading_anchor_edit;
    86. 

  86. 

  87. 	if (PKWK_READONLY) return ''; // Show nothing 
    88. 

  88. 

  89. 	// Arguments
    90. 

  90. 	$args = func_get_args();
    91. 

  91. 

  92. 	// {label}. Strip anchor tags only
    93. 

  93. 	$s_label = strip_htmltag(array_pop($args), FALSE);
    94. 

  94. 

  95. 	$page    = array_shift($args);
    96. 

  96. 	if ($page === NULL) $page = '';
    97. 

  97. 	$_noicon = $_nolabel = FALSE;
    98. 

  98. 	foreach($args as $arg){
    99. 

  99. 		switch(strtolower($arg)){
    100. 

  100. 		case ''       :                   break;
    101. 

  101. 		case 'nolabel': $_nolabel = TRUE; break;
    102. 

  102. 		case 'noicon' : $_noicon  = TRUE; break;
    103. 

  103. 		default       : return $usage;
    104. 

  104. 		}
    105. 

  105. 	}
    106. 

  106. 

  107. 	// Separate a page-name and a fixed anchor
    108. 

  108. 	list($s_page, $id, $editable) = anchor_explode($page, TRUE);
    109. 

  109. 

  110. 	// Default: This one
    111. 

  111. 	if ($s_page == '') $s_page = isset($vars['page']) ? $vars['page'] : '';
    112. 

  112. 

  113. 	// $s_page fixed
    114. 

  114. 	$isfreeze = is_freeze($s_page);
    115. 

  115. 	$ispage   = is_page($s_page);
    116. 

  116. 

  117. 	// Paragraph edit enabled or not
    118. 

  118. 	$short = htmlsc('Edit');
    119. 

  119. 	if ($fixed_heading_anchor_edit && $editable && $ispage && ! $isfreeze) {
    120. 

  120. 		// Paragraph editing
    121. 

  121. 		$id    = rawurlencode($id);
    122. 

  122. 		$title = htmlsc(sprintf('Edit %s', $page));
    123. 

  123. 		$icon = '<img src="' . IMAGE_DIR . 'paraedit.png' .
    124. 

  124. 			'" width="9" height="9" alt="' .
    125. 

  125. 			$short . '" title="' . $title . '" /> ';
    126. 

  126. 		$class = ' class="anchor_super"';
    127. 

  127. 	} else {
    128. 

  128. 		// Normal editing / unfreeze
    129. 

  129. 		$id    = '';
    130. 

  130. 		if ($isfreeze) {
    131. 

  131. 			$title = 'Unfreeze %s';
    132. 

  132. 			$icon  = 'unfreeze.png';
    133. 

  133. 		} else {
    134. 

  134. 			$title = 'Edit %s';
    135. 

  135. 			$icon  = 'edit.png';
    136. 

  136. 		}
    137. 

  137. 		$title = htmlsc(sprintf($title, $s_page));
    138. 

  138. 		$icon = '<img src="' . IMAGE_DIR . $icon .
    139. 

  139. 			'" width="20" height="20" alt="' .
    140. 

  140. 			$short . '" title="' . $title . '" />';
    141. 

  141. 		$class = '';
    142. 

  142. 	}
    143. 

  143. 	if ($_noicon) $icon = ''; // No more icon
    144. 

  144. 	if ($_nolabel) {
    145. 

  145. 		if (!$_noicon) {
    146. 

  146. 			$s_label = '';     // No label with an icon
    147. 

  147. 		} else {
    148. 

  148. 			$s_label = $short; // Short label without an icon
    149. 

  149. 		}
    150. 

  150. 	} else {
    151. 

  151. 		if ($s_label == '') $s_label = $title; // Rich label with an icon
    152. 

  152. 	}
    153. 

  153. 

  154. 	// URL
    155. 

  155. 	$script = get_script_uri();
    156. 

  156. 	if ($isfreeze) {
    157. 

  157. 		$url   = $script . '?cmd=unfreeze&amp;page=' . rawurlencode($s_page);
    158. 

  158. 	} else {
    159. 

  159. 		$s_id = ($id == '') ? '' : '&amp;id=' . $id;
    160. 

  160. 		$url  = $script . '?cmd=edit&amp;page=' . rawurlencode($s_page) . $s_id;
    161. 

  161. 	}
    162. 

  162. 	$atag  = '<a' . $class . ' href="' . $url . '" title="' . $title . '">';
    163. 

  163. 	static $atags = '</a>';
    164. 

  164. 

  165. 	if ($ispage) {
    166. 

  166. 		// Normal edit link
    167. 

  167. 		return $atag . $icon . $s_label . $atags;
    168. 

  168. 	} else {
    169. 

  169. 		// Dangling edit link
    170. 

  170. 		return '<span class="noexists">' . $atag . $icon . $atags .
    171. 

  171. 			$s_label . $atag . '?' . $atags . '</span>';
    172. 

  172. 	}
    173. 

  173. }
    174. 

  174. 

  175. // Write, add, or insert new comment
    176. 

  176. function plugin_edit_write()
    177. 

  177. {
    178. 

  178. 	global $post, $vars;
    179. 

  179. 	global $_title_collided, $_msg_collided_auto, $_msg_collided, $_title_deleted;
    180. 

  180. 	global $notimeupdate, $_msg_invalidpass, $do_update_diff_table;
    181. 

  181. 

  182. 	$page   = isset($vars['page'])   ? $vars['page']   : '';
    183. 

  183. 	$add    = isset($vars['add'])    ? $vars['add']    : '';
    184. 

  184. 	$digest = isset($post['digest']) ? $post['digest'] : '';
    185. 

  185. 

  186. 	$post['msg'] = preg_replace(PLUGIN_EDIT_FREEZE_REGEX, '', $post['msg']);
    187. 

  187. 	$msg = & $post['msg'];
    188. 

  188. 

  189. 	$retvars = array();
    190. 

  190. 

  191. 	// Collision Detection
    192. 

  192. 	$oldpagesrc = get_source($page, TRUE, TRUE);
    193. 

  193. 	$oldpagemd5 = md5($oldpagesrc);
    194. 

  194. 	if ($digest !== $oldpagemd5) {
    195. 

  195. 		$post['digest'] = $oldpagemd5; // Reset
    196. 

  196. 

  197. 		$original = isset($post['original']) ? $post['original'] : '';
    198. 

  198. 		list($postdata_input, $auto) = do_update_diff($oldpagesrc, $msg, $original);
    199. 

  199. 

  200. 		$retvars['msg' ] = $_title_collided;
    201. 

  201. 		$retvars['body'] = ($auto ? $_msg_collided_auto : $_msg_collided) . "\n";
    202. 

  202. 		$retvars['body'] .= $do_update_diff_table;
    203. 

  203. 		$retvars['body'] .= edit_form($page, $postdata_input, $oldpagemd5, FALSE);
    204. 

  204. 		return $retvars;
    205. 

  205. 	}
    206. 

  206. 

  207. 	// Action?
    208. 

  208. 	if ($add) {
    209. 

  209. 		// Compat: add plugin and adding contents
    210. 

  210. 		if (isset($post['add_top']) && $post['add_top']) {
    211. 

  211. 			$postdata  = $msg . "\n\n" . get_source($page, TRUE, TRUE);
    212. 

  212. 		} else {
    213. 

  213. 			$postdata  = get_source($page, TRUE, TRUE) . "\n\n" . $msg;
    214. 

  214. 		}
    215. 

  215. 	} else {
    216. 

  216. 		// Edit or Remove
    217. 

  217. 		$postdata = & $msg;
    218. 

  218. 	}
    219. 

  219. 

  220. 	// NULL POSTING, OR removing existing page
    221. 

  221. 	if ($postdata == '') {
    222. 

  222. 		page_write($page, $postdata);
    223. 

  223. 		$retvars['msg' ] = $_title_deleted;
    224. 

  224. 		$retvars['body'] = str_replace('$1', htmlsc($page), $_title_deleted);
    225. 

  225. 		return $retvars;
    226. 

  226. 	}
    227. 

  227. 

  228. 	// $notimeupdate: Checkbox 'Do not change timestamp'
    229. 

  229. 	$notimestamp = isset($post['notimestamp']) && $post['notimestamp'] != '';
    230. 

  230. 	if ($notimeupdate > 1 && $notimestamp && ! pkwk_login($post['pass'])) {
    231. 

  231. 		// Enable only administrator & password error
    232. 

  232. 		$retvars['body']  = '<p><strong>' . $_msg_invalidpass . '</strong></p>' . "\n";
    233. 

  233. 		$retvars['body'] .= edit_form($page, $msg, $digest, FALSE);
    234. 

  234. 		return $retvars;
    235. 

  235. 	}
    236. 

  236. 

  237. 	page_write($page, $postdata, $notimeupdate != 0 && $notimestamp);
    238. 

  238. 

  239. 	pkwk_headers_sent();
    240. 

  240. 	header('Location: ' . get_script_uri() . '?' . rawurlencode($page));
    241. 

  241. 	exit;
    242. 

  242. }
    243. 

  243. 

  244. // Cancel (Back to the page / Escape edit page)
    245. 

  245. function plugin_edit_cancel()
    246. 

  246. {
    247. 

  247. 	global $vars;
    248. 

  248. 

  249. 	pkwk_headers_sent();
    250. 

  250. 	header('Location: ' . get_script_uri() . '?' . rawurlencode($vars['page']));
    251. 

  251. 	exit;
    252. 

  252. }
    253. 

  253. 

  254. ?>
    255. 

  255.