2 /////////////////////////////////////////////////
3 // PukiWiki - Yet another WikiWikiWeb clone.
5 // $Id: init.php,v 1.11 2004/10/10 03:36:27 henoheno Exp $
8 /////////////////////////////////////////////////
10 define('S_VERSION', '1.4.4');
12 '<strong>PukiWiki ' . S_VERSION . '</strong>' .
13 ' Copyright © 2001-2004' .
14 ' <a href="http://pukiwiki.org">PukiWiki Developers Team</a>.' .
15 ' License is <a href="http://www.gnu.org/licenses/gpl.html">GPL</a>.<br />' .
16 ' Based on "PukiWiki" 1.3 by <a href="http://factage.com/yu-ji/">yu-ji</a>'
19 /////////////////////////////////////////////////
20 // ½é´üÀßÄê (¥µ¡¼¥ÐÊÑ¿ô)
21 foreach (array('SCRIPT_NAME', 'SERVER_ADMIN', 'SERVER_NAME',
22 'SERVER_PORT', 'SERVER_SOFTWARE') as $key) {
23 define($key, isset($_SERVER[$key]) ? $_SERVER[$key] : '');
24 unset(${$key}, $_SERVER[$key], $HTTP_SERVER_VARS[$key]);
27 /////////////////////////////////////////////////
28 // ½é´üÀßÄê (¥°¥í¡¼¥Ð¥ëÊÑ¿ô)
30 $foot_explain = array(); // µÓÃí
31 $related = array(); // ´ØÏ¢¤¹¤ë¥Ú¡¼¥¸
32 $head_tags = array(); // <head>Æâ¤ËÄɲ乤륿¥°
34 /////////////////////////////////////////////////
36 define('LOCALZONE', date('Z'));
37 define('UTIME', time() - LOCALZONE);
38 define('MUTIME', getmicrotime());
40 /////////////////////////////////////////////////
41 // ½é´üÀßÄê(ÀßÄê¥Õ¥¡¥¤¥ë¤Î¾ì½ê)
42 define('INI_FILE', DATA_HOME . 'pukiwiki.ini.php');
46 if (! file_exists(INI_FILE) || ! is_readable(INI_FILE)) {
47 $die = "${die}File is not found. (INI_FILE)\n";
51 if ($die) die_message(nl2br("\n\n" . $die));
53 /////////////////////////////////////////////////
54 // INI_FILE: mbstring extension ´ØÏ¢
56 mb_language('Japanese');
57 mb_internal_encoding(SOURCE_ENCODING);
58 ini_set('mbstring.http_input', 'pass');
59 mb_http_output('pass');
60 mb_detect_order('auto');
62 /////////////////////////////////////////////////
63 // INI_FILE: LANG ½é´üÀßÄê(¸À¸ì¥Õ¥¡¥¤¥ë¤Î¾ì½ê)
64 define('LANG_FILE', DATA_HOME . LANG . '.lng');
68 if (! file_exists(LANG_FILE) || ! is_readable(LANG_FILE)) {
69 $die = "${die}File is not found. (LANG_FILE)\n";
73 if ($die) die_message(nl2br("\n\n" . $die));
75 /////////////////////////////////////////////////
76 // LANG_FILE: ÍËÆüÇÛÎó
78 $weeklabels = $_msg_week;
80 /////////////////////////////////////////////////
81 // INI_FILE: $script: ½é´üÀßÄê
82 if (! isset($script) || $script == '') {
83 $script = get_script_uri();
84 if ($script === FALSE || (php_sapi_name() == 'cgi' && ! is_url($script, TRUE)))
85 die_message('get_script_uri() failed: Please set $script at INI_FILE manually.');
88 /////////////////////////////////////////////////
89 // INI_FILE: $agents: UserAgent¤Î¼±ÊÌ
91 $ua = 'HTTP_USER_AGENT';
92 $user_agent = $matches = array();
94 $user_agent['agent'] = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
95 unset(${$ua}, $_SERVER[$ua], $HTTP_SERVER_VARS[$ua], $ua); // safety
97 foreach ($agents as $agent) {
98 if (preg_match($agent['pattern'], $user_agent['agent'], $matches)) {
99 $user_agent['profile'] = isset($agent['profile']) ? $agent['profile'] : '';
100 $user_agent['name'] = isset($matches[1]) ? $matches[1] : ''; // device or browser name
101 $user_agent['vers'] = isset($matches[2]) ? $matches[2] : ''; // 's version
105 unset($agents, $matches);
107 // Profile-related init and setting
108 define('UA_PROFILE', isset($user_agent['profile']) ? $user_agent['profile'] : '');
110 define('UA_INI_FILE', DATA_HOME . UA_PROFILE . '.ini.php');
111 if (! file_exists(UA_INI_FILE) || ! is_readable(UA_INI_FILE)) {
112 die_message('UA_INI_FILE for "' . UA_PROFILE . '" not found.');
114 require(UA_INI_FILE); // Also manually
117 define('UA_NAME', isset($user_agent['name']) ? $user_agent['name'] : '');
118 define('UA_VERS', isset($user_agent['vers']) ? $user_agent['vers'] : '');
119 unset($user_agent); // Unset after reading UA_INI_FILE
121 /////////////////////////////////////////////////
122 // ¥Ç¥£¥ì¥¯¥È¥ê¤Î¥Á¥§¥Ã¥¯
125 foreach(array('DATA_DIR', 'DIFF_DIR', 'BACKUP_DIR', 'CACHE_DIR') as $dir){
126 if (! is_writable(constant($dir)))
127 $die = "${die}Directory is not found or not writable ($dir)\n";
130 // ÀßÄê¥Õ¥¡¥¤¥ë¤ÎÊÑ¿ô¥Á¥§¥Ã¥¯
132 foreach(array('rss_max', 'page_title', 'note_hr', 'related_link', 'show_passage',
133 'rule_related_str', 'load_template_func') as $var){
134 if (! isset(${$var})) $temp .= "\$$var\n";
137 if ($die) $die .= "\n"; // A breath
138 $die .= "Variable(s) not found: (Maybe the old *.ini.php?)\n" . $temp;
142 foreach(array('LANG', 'PLUGIN_DIR') as $def){
143 if (! defined($def)) $temp .= "$def\n";
146 if ($die) $die .= "\n"; // A breath
147 $die .= "Define(s) not found: (Maybe the old *.ini.php?)\n" . $temp;
150 if($die) die_message(nl2br("\n\n" . $die));
153 /////////////////////////////////////////////////
154 // ɬ¿Ü¤Î¥Ú¡¼¥¸¤¬Â¸ºß¤·¤Ê¤±¤ì¤Ð¡¢¶õ¤Î¥Õ¥¡¥¤¥ë¤òºîÀ®¤¹¤ë
156 foreach(array($defaultpage, $whatsnew, $interwiki) as $page){
157 if (! is_page($page)) touch(get_filename($page));
160 /////////////////////////////////////////////////
161 // ³°Éô¤«¤é¤¯¤ëÊÑ¿ô¤Î¥Á¥§¥Ã¥¯
163 // Prohibit $_GET attack
164 foreach (array('msg', 'pass') as $key) {
165 if (isset($_GET[$key])) die_message("Sorry, already reserved: $key=");
169 unset($HTTP_GET_VARS, $HTTP_POST_VARS); //, 'SERVER', 'ENV', 'SESSION', ...
170 unset($_REQUEST); // Considered harmful
172 // Remove null character etc.
173 $_GET = input_filter($_GET);
174 $_POST = input_filter($_POST);
175 $_COOKIE = input_filter($_COOKIE);
177 // ʸ»ú¥³¡¼¥ÉÊÑ´¹ ($_POST)
178 // <form> ¤ÇÁ÷¿®¤µ¤ì¤¿Ê¸»ú (¥Ö¥é¥¦¥¶¤¬¥¨¥ó¥³¡¼¥É¤·¤¿¥Ç¡¼¥¿) ¤Î¥³¡¼¥É¤òÊÑ´¹
179 // POST method ¤Ï¾ï¤Ë form ·Ðͳ¤Ê¤Î¤Ç¡¢É¬¤ºÊÑ´¹¤¹¤ë
181 if (isset($_POST['encode_hint']) && $_POST['encode_hint'] != '') {
182 // html.php ¤ÎÃæ¤Ç¡¢<form> ¤Ë encode_hint ¤ò»Å¹þ¤ó¤Ç¤¤¤ë¤Î¤Ç¡¢
183 // encode_hint ¤òÍѤ¤¤Æ¥³¡¼¥É¸¡½Ð¤¹¤ë¡£
184 // Á´ÂΤò¸«¤Æ¥³¡¼¥É¸¡½Ð¤¹¤ë¤È¡¢µ¡¼ï°Í¸ʸ»ú¤ä¡¢Ì¯¤Ê¥Ð¥¤¥Ê¥ê
185 // ¥³¡¼¥É¤¬º®Æþ¤·¤¿¾ì¹ç¤Ë¡¢¥³¡¼¥É¸¡½Ð¤Ë¼ºÇÔ¤¹¤ë¶²¤ì¤¬¤¢¤ë¡£
186 $encode = mb_detect_encoding($_POST['encode_hint']);
187 mb_convert_variables(SOURCE_ENCODING, $encode, $_POST);
189 } else if (isset($_POST['charset']) && $_POST['charset'] != '') {
190 // TrackBack Ping ¤Ç»ØÄꤵ¤ì¤Æ¤¤¤ë¤³¤È¤¬¤¢¤ë
191 // ¤¦¤Þ¤¯¤¤¤«¤Ê¤¤¾ì¹ç¤Ï¼«Æ°¸¡½Ð¤ËÀÚ¤êÂؤ¨
192 if (mb_convert_variables(SOURCE_ENCODING,
193 $_POST['charset'], $_POST) !== $_POST['charset']) {
194 mb_convert_variables(SOURCE_ENCODING, 'auto', $_POST);
197 } else if (! empty($_POST)) {
198 // Á´Éô¤Þ¤È¤á¤Æ¡¢¼«Æ°¸¡½Ð¡¿ÊÑ´¹
199 mb_convert_variables(SOURCE_ENCODING, 'auto', $_POST);
202 // ʸ»ú¥³¡¼¥ÉÊÑ´¹ ($_GET)
203 // GET method ¤Ï form ¤«¤é¤Î¾ì¹ç¤È¡¢<a href="http://script/?key=value> ¤Î¾ì¹ç¤¬¤¢¤ë
204 // <a href...> ¤Î¾ì¹ç¤Ï¡¢¥µ¡¼¥Ð¡¼¤¬ rawurlencode ¤·¤Æ¤¤¤ë¤Î¤Ç¡¢¥³¡¼¥ÉÊÑ´¹¤ÏÉÔÍ×
205 if (isset($_GET['encode_hint']) && $_GET['encode_hint'] != '')
207 // form ·Ðͳ¤Î¾ì¹ç¤Ï¡¢¥Ö¥é¥¦¥¶¤¬¥¨¥ó¥³¡¼¥É¤·¤Æ¤¤¤ë¤Î¤Ç¡¢¥³¡¼¥É¸¡½Ð¡¦ÊÑ´¹¤¬É¬Íס£
208 // encode_hint ¤¬´Þ¤Þ¤ì¤Æ¤¤¤ë¤Ï¤º¤Ê¤Î¤Ç¡¢¤½¤ì¤ò¸«¤Æ¡¢¥³¡¼¥É¸¡½Ð¤·¤¿¸å¡¢ÊÑ´¹¤¹¤ë¡£
209 // Íýͳ¤Ï¡¢post ¤ÈƱÍÍ
210 $encode = mb_detect_encoding($_GET['encode_hint']);
211 mb_convert_variables(SOURCE_ENCODING, $encode, $_GET);
215 /////////////////////////////////////////////////
216 // QUERY_STRING¤ò¼èÆÀ
218 // cmd¤âplugin¤â»ØÄꤵ¤ì¤Æ¤¤¤Ê¤¤¾ì¹ç¤Ï¡¢QUERY_STRING¤ò
219 // ¥Ú¡¼¥¸Ì¾¤«InterWikiName¤Ç¤¢¤ë¤È¤ß¤Ê¤¹
221 if (isset($_SERVER['QUERY_STRING']) && $_SERVER['QUERY_STRING']) {
222 $arg = $_SERVER['QUERY_STRING'];
223 } else if (isset($_SERVER['argv']) && count($_SERVER['argv'])) {
224 $arg = $_SERVER['argv'][0];
226 $arg = input_filter($arg); // \0 ½üµî
228 // unset QUERY_STRINGs
229 foreach (array('QUERY_STRING', 'argv', 'argc') as $key) {
230 unset(${$key}, $_SERVER[$key], $HTTP_SERVER_VARS[$key]);
232 // $_SERVER['REQUEST_URI'] is used at func.php NOW
233 unset($REQUEST_URI, $HTTP_SERVER_VARS['REQUEST_URI']);
235 // mb_convert_variables¤Î¥Ð¥°(?)Âкö: ÇÛÎó¤ÇÅϤµ¤Ê¤¤¤ÈÍî¤Á¤ë
237 mb_convert_variables(SOURCE_ENCODING, 'auto', $arg);
240 /////////////////////////////////////////////////
241 // QUERY_STRING¤òʬ²ò¤·¤Æ¥³¡¼¥ÉÊÑ´¹¤·¡¢$_GET ¤Ë¾å½ñ¤
243 // URI ¤ò urlencode ¤»¤º¤ËÆþÎϤ·¤¿¾ì¹ç¤ËÂн褹¤ë
245 foreach (explode('&', $arg) as $key_and_value) {
246 if (preg_match('/^([^=]+)=(.+)/', $key_and_value, $matches) &&
247 mb_detect_encoding($matches[2]) != 'ASCII') {
248 $_GET[$matches[1]] = $matches[2];
253 /////////////////////////////////////////////////
258 $cookie = & $_COOKIE;
260 // GET + POST = $vars
262 $vars = & $_GET; // Major pattern: Read-only access via GET
263 } else if (empty($_GET)) {
264 $vars = & $_POST; // Minor pattern: Write access via POST etc.
266 $vars = array_merge($_GET, $_POST); // Considered reliable than $_REQUEST
269 // ÆþÎÏ¥Á¥§¥Ã¥¯: cmd, plugin ¤Îʸ»úÎó¤Ï±Ñ¿ô»ú°Ê³°¤¢¤ê¤¨¤Ê¤¤
270 foreach(array('cmd', 'plugin') as $var) {
271 if (isset($vars[$var]) && ! preg_match('/^[a-zA-Z][a-zA-Z0-9_]*$/', $vars[$var]))
272 unset($get[$var], $post[$var], $vars[$var]);
275 // À°·Á: page, strip_bracket()
276 if (isset($vars['page'])) {
277 $get['page'] = $post['page'] = $vars['page'] = strip_bracket($vars['page']);
279 $get['page'] = $post['page'] = $vars['page'] = '';
282 // À°·Á: msg, ²þ¹Ô¤ò¼è¤ê½ü¤¯
283 if (isset($vars['msg'])) {
284 $get['msg'] = $post['msg'] = $vars['msg'] = str_replace("\r", '', $vars['msg']);
287 // ¸åÊý¸ß´¹À (?md5=...)
288 if (isset($vars['md5']) && $vars['md5'] != '') {
289 $get['cmd'] = $post['cmd'] = $vars['cmd'] = 'md5';
293 if (isset($vars['tb_id']) && $vars['tb_id'] != '') {
294 $get['cmd'] = $post['cmd'] = $vars['cmd'] = 'tb';
297 // cmd¤âplugin¤â»ØÄꤵ¤ì¤Æ¤¤¤Ê¤¤¾ì¹ç¤Ï¡¢QUERY_STRING¤ò¥Ú¡¼¥¸Ì¾¤«InterWikiName¤Ç¤¢¤ë¤È¤ß¤Ê¤¹
298 if (! isset($vars['cmd']) && ! isset($vars['plugin'])) {
300 $get['cmd'] = $post['cmd'] = $vars['cmd'] = 'read';
302 if ($arg == '') $arg = $defaultpage;
303 $arg = rawurldecode($arg);
304 $arg = strip_bracket($arg);
305 $arg = input_filter($arg);
306 $get['page'] = $post['page'] = $vars['page'] = $arg;
309 // ÆþÎÏ¥Á¥§¥Ã¥¯: 'cmd=' prohibits nasty 'plugin='
310 if (isset($vars['cmd']) && isset($vars['plugin']))
311 unset($get['plugin'], $post['plugin'], $vars['plugin']);
314 /////////////////////////////////////////////////
315 // ½é´üÀßÄê($WikiName,$BracketName¤Ê¤É)
316 // $WikiName = '[A-Z][a-z]+(?:[A-Z][a-z]+)+';
317 // $WikiName = '\b[A-Z][a-z]+(?:[A-Z][a-z]+)+\b';
318 // $WikiName = '(?<![[:alnum:]])(?:[[:upper:]][[:lower:]]+){2,}(?![[:alnum:]])';
319 // $WikiName = '(?<!\w)(?:[A-Z][a-z]+){2,}(?!\w)';
321 // BugTrack/304»ÃÄêÂнè
322 $WikiName = '(?:[A-Z][a-z]+){2,}(?!\w)';
324 // $BracketName = ':?[^\s\]#&<>":]+:?';
325 $BracketName = '(?!\s):?[^\r\n\t\f\[\]<>#&":]+:?(?<!\s)';
328 $InterWikiName = "(\[\[)?((?:(?!\s|:|\]\]).)+):(.+)(?(1)\]\])";
331 $NotePattern = '/\(\(((?:(?>(?:(?!\(\()(?!\)\)(?:[^\)]|$)).)+)|(?R))*)\)\)/ex';
333 /////////////////////////////////////////////////
334 // ½é´üÀßÄê(¥æ¡¼¥¶ÄêµÁ¥ë¡¼¥ëÆɤ߹þ¤ß)
335 require(DATA_HOME . 'rules.ini.php');
337 /////////////////////////////////////////////////
338 // ½é´üÀßÄê(¤½¤Î¾¤Î¥°¥í¡¼¥Ð¥ëÊÑ¿ô)
341 $now = format_date(UTIME);
343 // skinÆâ¤ÇDTDÀë¸À¤òÀÚ¤êÂؤ¨¤ë¤Î¤Ë»ÈÍÑ¡£paint.inc.phpÂкö
344 $html_transitional = FALSE;
346 // TRUE :XHTML 1.0 Transitional
348 // ¥Õ¥§¥¤¥¹¥Þ¡¼¥¯¤ò$line_rules¤Ë²Ã¤¨¤ë
349 if ($usefacemark) $line_rules += $facemark_rules;
350 unset($facemark_rules);
352 // ¼ÂÂλ²¾È¥Ñ¥¿¡¼¥ó¤ª¤è¤Ó¥·¥¹¥Æ¥à¤Ç»ÈÍѤ¹¤ë¥Ñ¥¿¡¼¥ó¤ò$line_rules¤Ë²Ã¤¨¤ë
353 //$entity_pattern = '[a-zA-Z0-9]{2,8}';
354 $entity_pattern = trim(join('', file(CACHE_DIR . 'entities.dat')));
356 $line_rules = array_merge(array(
357 '&(#[0-9]+|#x[0-9a-f]+|' . $entity_pattern . ');' => '&$1;',
358 "\r" => "<br />\n", /* ¹ÔËö¤Ë¥Á¥ë¥À¤Ï²þ¹Ô */
359 '#related$' => '<del>#related</del>',
360 '^#contents$' => '<del>#contents</del>'