2 /////////////////////////////////////////////////
3 // PukiWiki - Yet another WikiWikiWeb clone.
5 // $Id: paint.inc.php,v 1.12 2003/10/01 07:00:37 arino Exp $
21 // upload dir(must set end of /) attach.inc.php¤È¹ç¤ï¤»¤ë
22 define('PAINT_UPLOAD_DIR','./attach/');
24 // ÁÞÆþ¤¹¤ë°ÌÃÖ 1:Íó¤ÎÁ° 0:Íó¤Î¸å
25 define('PAINT_INSERT_INS',0);
27 // ¥Ç¥Õ¥©¥ë¥È¤ÎÉÁ²èÎΰè¤ÎÉý¤È¹â¤µ
28 define('PAINT_DEFAULT_WIDTH',80);
29 define('PAINT_DEFAULT_HEIGHT',60);
31 // ÉÁ²èÎΰè¤ÎÉý¤È¹â¤µ¤ÎÀ©¸ÂÃÍ
32 define('PAINT_MAX_WIDTH',320);
33 define('PAINT_MAX_HEIGHT',240);
35 // ¥¢¥×¥ì¥Ã¥ÈÎΰè¤ÎÉý¤È¹â¤µ 50x50̤Ëþ¤ÇÊÌ¥¦¥¤¥ó¥É¥¦¤¬³«¤¯
36 define('PAINT_APPLET_WIDTH',800);
37 define('PAINT_APPLET_HEIGHT',300);
39 //¥³¥á¥ó¥È¤ÎÁÞÆþ¥Õ¥©¡¼¥Þ¥Ã¥È
40 define('PAINT_NAME_FORMAT','[[$name]]');
41 define('PAINT_MSG_FORMAT','$msg');
42 define('PAINT_NOW_FORMAT','&new{$now};');
43 //¥á¥Ã¥»¡¼¥¸¤¬¤¢¤ë¾ì¹ç
44 define('PAINT_FORMAT',"\x08MSG\x08 -- \x08NAME\x08 \x08NOW\x08");
45 //¥á¥Ã¥»¡¼¥¸¤¬¤Ê¤¤¾ì¹ç
46 define('PAINT_FORMAT_NOMSG',"\x08NAME\x08 \x08NOW\x08");
48 function plugin_paint_action()
51 global $_paint_messages;
52 global $html_transitional;
55 $retval['msg'] = $_paint_messages['msg_title'];
58 if (array_key_exists('attach_file',$_FILES)
59 and array_key_exists('refer',$vars))
61 $file = $_FILES['attach_file'];
62 //BBSPaiter.jar¤Ï¡¢shift-jis¤ÇÆâÍƤòÁ÷¤Ã¤Æ¤¯¤ë¡£ÌÌÅݤʤΤǥڡ¼¥¸Ì¾¤Ï¥¨¥ó¥³¡¼¥É¤·¤Æ¤«¤éÁ÷¿®¤µ¤»¤ë¤è¤¦¤Ë¤·¤¿¡£
63 $vars['page'] = $vars['refer'] = decode($vars['refer']);
65 $filename = $vars['filename'];
66 $filename = mb_convert_encoding($filename,SOURCE_ENCODING,'auto');
69 $attachname = preg_replace('/^[^\.]+/',$filename,$file['name']);
70 //¤¹¤Ç¤Ë¸ºß¤·¤¿¾ì¹ç¡¢ ¥Õ¥¡¥¤¥ë̾¤Ë'_0','_1',...¤òÉÕ¤±¤Æ²óÈò(¸È©)
72 while (file_exists(PAINT_UPLOAD_DIR.encode($vars['refer']).'_'.encode($attachname)))
74 $attachname = preg_replace('/^[^\.]+/',$filename.$count++,$file['name']);
77 $file['name'] = $attachname;
79 if (!exist_plugin('attach') or !function_exists('attach_upload'))
81 return array('msg'=>'attach.inc.php not found or not correct version.');
84 $retval = attach_upload($file,$vars['refer'],TRUE);
85 if ($retval['result'] == TRUE)
87 $retval = paint_insert_ref($file['name']);
93 $r_refer = $s_refer = '';
94 if (array_key_exists('refer',$vars))
96 $r_refer = rawurlencode($vars['refer']);
97 $s_refer = htmlspecialchars($vars['refer']);
99 $link = "<p><a href=\"$script?$r_refer\">$s_refer</a></p>";;
101 $w = PAINT_APPLET_WIDTH;
102 $h = PAINT_APPLET_HEIGHT;
104 //¥¦¥¤¥ó¥É¥¦¥â¡¼¥É :)
105 if ($w < 50 and $h < 50)
109 $vars['page'] = $vars['refer'];
110 $vars['cmd'] = 'read';
111 $retval['body'] = convert_html(get_source($vars['refer']));
115 //XSSÀȼåÀÌäÂê - ³°Éô¤«¤éÍ褿ÊÑ¿ô¤ò¥¨¥¹¥±¡¼¥×
116 $width = empty($vars['width']) ? PAINT_DEFAULT_WIDTH : $vars['width'];
117 $height = empty($vars['height']) ? PAINT_DEFAULT_HEIGHT : $vars['height'];
118 $f_w = (is_numeric($width) and $width > 0) ? $width : PAINT_DEFAULT_WIDTH;
119 $f_h = (is_numeric($height) and $height > 0) ? $height : PAINT_DEFAULT_HEIGHT;
120 $f_refer = array_key_exists('refer',$vars) ? encode($vars['refer']) : ''; // BBSPainter.jar¤¬shift-jis¤ËÊÑ´¹¤¹¤ë¤Î¤ò²óÈò
121 $f_digest = array_key_exists('digest',$vars) ? htmlspecialchars($vars['digest']) : '';
122 $f_no = (array_key_exists('paint_no',$vars) and is_numeric($vars['paint_no'])) ?
123 $vars['paint_no'] + 0 : 0;
125 if ($f_w > PAINT_MAX_WIDTH)
127 $f_w = PAINT_MAX_WIDTH;
129 if ($f_h > PAINT_MAX_HEIGHT)
131 $f_h = PAINT_MAX_HEIGHT;
134 $retval['body'] .= <<<EOD
138 <applet codebase="." archive="BBSPainter.jar" code="Main.class" width="$w" height="$h">
139 <param name="size" value="$f_w,$f_h" />
140 <param name="action" value="$script" />
141 <param name="image" value="attach_file" />
142 <param name="form1" value="filename={$_paint_messages['field_filename']}=!" />
143 <param name="form2" value="yourname={$_paint_messages['field_name']}" />
144 <param name="comment" value="msg={$_paint_messages['field_comment']}" />
145 <param name="param1" value="plugin=paint" />
146 <param name="param2" value="refer=$f_refer" />
147 <param name="param3" value="digest=$f_digest" />
148 <param name="param4" value="max_file_size=1000000" />
149 <param name="param5" value="paint_no=$f_no" />
150 <param name="enctype" value="multipart/form-data" />
151 <param name="return.URL" value="$script?$r_refer" />
155 // XHTML 1.0 Transitional
156 $html_transitional = TRUE;
160 function plugin_paint_convert()
162 global $script,$vars,$digest;
163 global $_paint_messages;
164 static $numbers = array();
166 if (!array_key_exists($vars['page'],$numbers))
168 $numbers[$vars['page']] = 0;
170 $paint_no = $numbers[$vars['page']]++;
176 $width = $height = 0;
177 $args = func_get_args();
178 if (count($args) >= 2)
180 $width = array_shift($args);
181 $height = array_shift($args);
183 if (!is_numeric($width) or $width <= 0)
185 $width = PAINT_DEFAULT_WIDTH;
187 if (!is_numeric($height) or $height <= 0)
189 $height = PAINT_DEFAULT_HEIGHT;
192 //XSSÀȼåÀÌäÂê - ³°Éô¤«¤éÍ褿ÊÑ¿ô¤ò¥¨¥¹¥±¡¼¥×
193 $f_page = htmlspecialchars($vars['page']);
195 $max = sprintf($_paint_messages['msg_max'],PAINT_MAX_WIDTH,PAINT_MAX_HEIGHT);
198 <form action="$script" method="post">
200 <input type="hidden" name="paint_no" value="$paint_no" />
201 <input type="hidden" name="digest" value="$digest" />
202 <input type="hidden" name="plugin" value="paint" />
203 <input type="hidden" name="refer" value="$f_page" />
204 <input type="text" name="width" size="3" value="$width" />
206 <input type="text" name="height" size="3" value="$height" />
208 <input type="submit" value="{$_paint_messages['btn_submit']}" />
214 function paint_insert_ref($filename)
216 global $script,$vars,$now,$do_backup;
217 global $_paint_messages,$_no_name;
219 $ret['msg'] = $_paint_messages['msg_title'];
221 $msg = mb_convert_encoding(rtrim($vars['msg']),SOURCE_ENCODING,'auto');
222 $name = mb_convert_encoding($vars['yourname'],SOURCE_ENCODING,'auto');
224 $msg = str_replace('$msg',$msg,PAINT_MSG_FORMAT);
225 $name = ($name == '') ? $_no_name : $vars['yourname'];
226 $name = ($name == '') ? '' : str_replace('$name',$name,PAINT_NAME_FORMAT);
227 $now = str_replace('$now',$now,PAINT_NOW_FORMAT);
230 $msg = ($msg == '') ?
232 str_replace("\x08MSG\x08", $msg, PAINT_FORMAT);
233 $msg = str_replace("\x08NAME\x08",$name, $msg);
234 $msg = str_replace("\x08NOW\x08",$now, $msg);
235 //¥Ö¥í¥Ã¥¯¤Ë¿©¤ï¤ì¤Ê¤¤¤è¤¦¤Ë¡¢#img¤ÎľÁ°¤Ë\n¤ò2¸Ä½ñ¤¤¤Æ¤ª¤¯¡£
236 $msg = "#ref($filename,wrap,around)\n".trim($msg)."\n\n#img(,clear)\n";
238 $postdata_old = get_source($vars['refer']);
240 $paint_no = 0; //'#paint'¤Î½Ð¸½²ó¿ô
241 foreach ($postdata_old as $line)
243 if (!PAINT_INSERT_INS)
247 if (preg_match('/^#paint/',$line))
249 if ($paint_no == $vars['paint_no'])
255 if (PAINT_INSERT_INS)
262 if (md5(join('',$postdata_old)) != $vars['digest'])
264 $ret['msg'] = $_paint_messages['msg_title_collided'];
265 $ret['body'] = $_paint_messages['msg_collided'];
268 page_write($vars['refer'],$postdata);