- global $script,$article_no,$vars,$digest;
- global $_btn_article,$_btn_name,$_btn_subject,$vars;
-
- if((arg_check("read")||$vars["cmd"] == ""||arg_check("unfreeze")||arg_check("freeze")||$vars["write"]||$vars["article"]))
- $button = "<input type=\"submit\" name=\"article\" value=\"$_btn_article\" />\n";
-
- $string = "<form action=\"$script\" method=\"post\">\n"
- ."<div>\n"
- ."<input type=\"hidden\" name=\"article_no\" value=\"$article_no\" />\n"
- ."<input type=\"hidden\" name=\"refer\" value=\"$vars[page]\" />\n"
- ."<input type=\"hidden\" name=\"plugin\" value=\"article\" />\n"
- ."<input type=\"hidden\" name=\"digest\" value=\"$digest\" />\n"
- ."$_btn_name<input type=\"text\" name=\"name\" size=\"".NAME_COLS."\" /><br />\n"
- ."$_btn_subject<input type=\"text\" name=\"subject\" size=\"".SUBJECT_COLS."\" /><br />\n"
- ."<textarea name=\"msg\" rows=\"".article_ROWS."\" cols=\"".article_COLS."\">\n</textarea><br />\n"
- .$button
- ."</div>\n"
- ."</form>";
-
- $article_no++;
+ global $script, $vars, $digest;
+ global $_btn_article, $_btn_name, $_btn_subject;
+ static $numbers = array();
+
+ if (! array_key_exists($vars['page'], $numbers))
+ {
+ $numbers[$vars['page']] = 0;
+ }
+ $article_no = $numbers[$vars['page']]++;
+
+ $s_page = htmlspecialchars($vars['page']);
+ $s_digest = htmlspecialchars($digest);
+ $name_cols = NAME_COLS;
+ $subject_cols = SUBJECT_COLS;
+ $article_rows = article_ROWS;
+ $article_cols = article_COLS;
+ $string = <<<EOD
+<form action="$script" method="post">
+ <div>
+ <input type="hidden" name="article_no" value="$article_no" />
+ <input type="hidden" name="plugin" value="article" />
+ <input type="hidden" name="digest" value="$s_digest" />
+ <input type="hidden" name="refer" value="$s_page" />
+ $_btn_name <input type="text" name="name" size="$name_cols" /><br />
+ $_btn_subject <input type="text" name="subject" size="$subject_cols" /><br />
+ <textarea name="msg" rows="$article_rows" cols="$article_cols">\n</textarea><br />
+ <input type="submit" name="article" value="$_btn_article" />
+ </div>
+</form>
+EOD;