<?php
-/////////////////////////////////////////////////
-// PukiWiki - Yet another WikiWikiWeb clone.
+// PukiWiki - Yet another WikiWikiWeb clone
+// attach.inc.php
+// Copyright
+// 2003-2016 PukiWiki Development Team
+// 2002-2003 PANDA <panda@arino.jp> http://home.arino.jp/
+// 2002 Y.MASUI <masui@hisec.co.jp> http://masui.net/pukiwiki/
+// 2001-2002 Originally written by yu-ji
+// License: GPL v2 or (at your option) any later version
//
-// $Id: attach.inc.php,v 1.59 2004/08/14 23:52:18 henoheno Exp $
-//
-
-/*
- ¥×¥é¥°¥¤¥ó attach
-
- changed by Y.MASUI <masui@hisec.co.jp> http://masui.net/pukiwiki/
- modified by PANDA <panda@arino.jp> http://home.arino.jp/
-*/
+// File attach plugin
+// NOTE (PHP > 4.2.3):
+// This feature is disabled at newer version of PHP.
+// Set this at php.ini if you want.
// Max file size for upload on PHP (PHP default: 2MB)
ini_set('upload_max_filesize', '2M');
// Max file size for upload on script of PukiWikiX_FILESIZE
-define('MAX_FILESIZE', (1024 * 1024)); // default: 1MB
+define('PLUGIN_ATTACH_MAX_FILESIZE', (1024 * 1024)); // default: 1MB
-// ´ÉÍý¼Ô¤À¤±¤¬ÅºÉÕ¥Õ¥¡¥¤¥ë¤ò¥¢¥Ã¥×¥í¡¼¥É¤Ç¤¤ë¤è¤¦¤Ë¤¹¤ë
-define('ATTACH_UPLOAD_ADMIN_ONLY', FALSE); // FALSE or TRUE
+// 管理者だけが添付ファイルをアップロードできるようにする
+define('PLUGIN_ATTACH_UPLOAD_ADMIN_ONLY', TRUE); // FALSE or TRUE
-// ´ÉÍý¼Ô¤À¤±¤¬ÅºÉÕ¥Õ¥¡¥¤¥ë¤òºï½ü¤Ç¤¤ë¤è¤¦¤Ë¤¹¤ë
-define('ATTACH_DELETE_ADMIN_ONLY', FALSE); // FALSE or TRUE
+// 管理者だけが添付ファイルを削除できるようにする
+define('PLUGIN_ATTACH_DELETE_ADMIN_ONLY', TRUE); // FALSE or TRUE
-// ´ÉÍý¼Ô¤¬ÅºÉÕ¥Õ¥¡¥¤¥ë¤òºï½ü¤¹¤ë¤È¤¤Ï¡¢¥Ð¥Ã¥¯¥¢¥Ã¥×¤òºî¤é¤Ê¤¤
-// ATTACH_DELETE_ADMIN_ONLY=TRUE¤Î¤È¤Í¸ú
-define('ATTACH_DELETE_ADMIN_NOBACKUP', FALSE); // FALSE or TRUE
+// 管理者が添付ファイルを削除するときは、バックアップを作らない
+// PLUGIN_ATTACH_DELETE_ADMIN_ONLY=TRUEのとき有効
+define('PLUGIN_ATTACH_DELETE_ADMIN_NOBACKUP', FALSE); // FALSE or TRUE
-// ¥¢¥Ã¥×¥í¡¼¥É/ºï½ü»þ¤Ë¥Ñ¥¹¥ï¡¼¥É¤òÍ׵᤹¤ë(ADMIN_ONLY¤¬Í¥Àè)
-define('ATTACH_PASSWORD_REQUIRE', FALSE); // FALSE or TRUE
+// アップロード/削除時にパスワードを要求する(ADMIN_ONLYが優先)
+define('PLUGIN_ATTACH_PASSWORD_REQUIRE', FALSE); // FALSE or TRUE
-// ¥Õ¥¡¥¤¥ë¤Î¥¢¥¯¥»¥¹¸¢
-define('ATTACH_FILE_MODE', 0644);
-//define('ATTACH_FILE_MODE', 0604); // for XREA.COM
+// 添付ファイル名を変更できるようにする
+define('PLUGIN_ATTACH_RENAME_ENABLE', TRUE); // FALSE or TRUE
-// file icon image
-if (! defined('FILE_ICON')) {
- define('FILE_ICON', '<img src="' . IMAGE_DIR . 'file.png"' .
- ' width="20" height="20" alt="file"' .
- ' style="border-width:0px" />');
-}
+// ファイルのアクセス権
+define('PLUGIN_ATTACH_FILE_MODE', 0644);
+//define('PLUGIN_ATTACH_FILE_MODE', 0604); // for XREA.COM
+
+// File icon image
+define('PLUGIN_ATTACH_FILE_ICON', '<img src="' . IMAGE_DIR . 'file.png"' .
+ ' width="20" height="20" alt="file"' .
+ ' style="border-width:0px" />');
-// mime-type¤òµ½Ò¤·¤¿¥Ú¡¼¥¸
-define('ATTACH_CONFIG_PAGE_MIME', 'plugin/attach/mime-type');
+// mime-typeã\82\92è¨\98è¿°ã\81\97ã\81\9fã\83\9aã\83¼ã\82¸
+define('PLUGIN_ATTACH_CONFIG_PAGE_MIME', 'plugin/attach/mime-type');
//-------- convert
function plugin_attach_convert()
$ret = '';
if (! $nolist) {
- $obj = & new AttachPages($page);
+ $obj = new AttachPages($page);
$ret .= $obj->toString($page, TRUE);
}
if (! $noform) {
if (isset($_FILES['attach_file'])) {
// Upload
return attach_upload($_FILES['attach_file'], $refer, $pass);
- }
- switch ($pcmd) {
+ } else {
+ switch ($pcmd) {
+ case 'delete': /*FALLTHROUGH*/
+ case 'freeze':
+ case 'unfreeze':
+ if (PKWK_READONLY) die_message('PKWK_READONLY prohibits editing');
+ }
+ switch ($pcmd) {
case 'info' : return attach_info();
case 'delete' : return attach_delete();
case 'open' : return attach_open();
case 'list' : return attach_list();
case 'freeze' : return attach_freeze(TRUE);
case 'unfreeze' : return attach_freeze(FALSE);
+ case 'rename' : return attach_rename();
case 'upload' : return attach_showform();
- }
- if ($page == '' || ! is_page($page)) {
- return attach_list();
- } else {
- return attach_showform();
+ }
+ if ($page == '' || ! is_page($page)) {
+ return attach_list();
+ } else {
+ return attach_showform();
+ }
}
}
$page = isset($vars['page']) ? $vars['page'] : '';
- $obj = & new AttachPages($page, 0);
+ $obj = new AttachPages($page, 0);
if (! isset($obj->pages[$page])) {
return '';
}
}
-//-------- ¼ÂÂÎ
-// ¥Õ¥¡¥¤¥ë¥¢¥Ã¥×¥í¡¼¥É
-// $pass = NULL : ¥Ñ¥¹¥ï¡¼¥É¤¬»ØÄꤵ¤ì¤Æ¤¤¤Ê¤¤
-// $pass = TRUE : ¥¢¥Ã¥×¥í¡¼¥Éµö²Ä
+//-------- 実体
+// ファイルアップロード
+// $pass = NULL : パスワードが指定されていない
+// $pass = TRUE : アップロード許可
function attach_upload($file, $page, $pass = NULL)
{
- global $_attach_messages;
+ global $_attach_messages, $notify, $notify_subject;
+
+ if (PKWK_READONLY) die_message('PKWK_READONLY prohibits editing');
- if (! is_page($page)) {
- die_message("No such page");
+ // Check query-string
+ $query = 'plugin=attach&pcmd=info&refer=' . rawurlencode($page) .
+ '&file=' . rawurlencode($file['name']);
+
+ if (PKWK_QUERY_STRING_MAX && strlen($query) > PKWK_QUERY_STRING_MAX) {
+ pkwk_common_headers();
+ echo('Query string (page name and/or file name) too long');
+ exit;
+ } else if (! is_page($page)) {
+ die_message('No such page');
} else if ($file['tmp_name'] == '' || ! is_uploaded_file($file['tmp_name'])) {
return array('result'=>FALSE);
- } else if ($file['size'] > MAX_FILESIZE) {
+ } else if ($file['size'] > PLUGIN_ATTACH_MAX_FILESIZE) {
return array(
'result'=>FALSE,
'msg'=>$_attach_messages['err_exceed']);
return array(
'result'=>FALSE,'
msg'=>$_attach_messages['err_noparm']);
- } else if (ATTACH_UPLOAD_ADMIN_ONLY && $pass !== TRUE &&
+ } else if (PLUGIN_ATTACH_UPLOAD_ADMIN_ONLY && $pass !== TRUE &&
($pass === NULL || ! pkwk_login($pass))) {
return array(
'result'=>FALSE,
'msg'=>$_attach_messages['err_adminpass']);
}
- $obj = & new AttachFile($page, $file['name']);
- if ($obj->exist) {
+ $obj = new AttachFile($page, $file['name']);
+ if ($obj->exist)
return array('result'=>FALSE,
'msg'=>$_attach_messages['err_exists']);
- }
- if (move_uploaded_file($file['tmp_name'], $obj->filename)) {
- chmod($obj->filename, ATTACH_FILE_MODE);
- }
+ if (move_uploaded_file($file['tmp_name'], $obj->filename))
+ chmod($obj->filename, PLUGIN_ATTACH_FILE_MODE);
- if (is_page($page)) {
- touch(get_filename($page));
- }
+ if (is_page($page))
+ pkwk_touch_file(get_filename($page));
$obj->getstatus();
- $obj->status['pass'] = ($pass !== TRUE && $pass !== NULL) ? $pass : '';
+ $obj->status['pass'] = ($pass !== TRUE && $pass !== NULL) ? md5($pass) : '';
$obj->putstatus();
+ if ($notify) {
+ $footer['ACTION'] = 'File attached';
+ $footer['FILENAME'] = & $file['name'];
+ $footer['FILESIZE'] = & $file['size'];
+ $footer['PAGE'] = & $page;
+
+ $footer['URI'] = get_script_uri() .
+ //'?' . pagename_urlencode($page);
+
+ // MD5 may heavy
+ '?plugin=attach' .
+ '&refer=' . rawurlencode($page) .
+ '&file=' . rawurlencode($file['name']) .
+ '&pcmd=info';
+
+ $footer['USER_AGENT'] = TRUE;
+ $footer['REMOTE_ADDR'] = TRUE;
+
+ pkwk_mail_notify($notify_subject, "\n", $footer) or
+ die('pkwk_mail_notify(): Failed');
+ }
+
return array(
'result'=>TRUE,
'msg'=>$_attach_messages['msg_uploaded']);
}
-// ¾ÜºÙ¥Õ¥©¡¼¥à¤òɽ¼¨
+// 詳細フォームを表示
function attach_info($err = '')
{
global $vars, $_attach_messages;
- foreach (array('refer', 'file', 'age') as $var) {
+ foreach (array('refer', 'file', 'age') as $var)
${$var} = isset($vars[$var]) ? $vars[$var] : '';
- }
- $obj = & new AttachFile($refer, $file, $age);
+ $obj = new AttachFile($refer, $file, $age);
return $obj->getstatus() ?
$obj->info($err) :
array('msg'=>$_attach_messages['err_notfound']);
}
-// ºï½ü
+// 削除
function attach_delete()
{
global $vars, $_attach_messages;
+ foreach (array('refer', 'file', 'age', 'pass') as $var)
+ ${$var} = isset($vars[$var]) ? $vars[$var] : '';
+
+ if (is_freeze($refer) || ! is_editable($refer))
+ return array('msg'=>$_attach_messages['err_noparm']);
+
+ $obj = new AttachFile($refer, $file, $age);
+ if (! $obj->getstatus())
+ return array('msg'=>$_attach_messages['err_notfound']);
+
+ return $obj->delete($pass);
+}
+
+// 凍結
+function attach_freeze($freeze)
+{
+ global $vars, $_attach_messages;
+
foreach (array('refer', 'file', 'age', 'pass') as $var) {
${$var} = isset($vars[$var]) ? $vars[$var] : '';
}
if (is_freeze($refer) || ! is_editable($refer)) {
return array('msg'=>$_attach_messages['err_noparm']);
} else {
- $obj = & new AttachFile($refer, $file, $age);
+ $obj = new AttachFile($refer, $file, $age);
return $obj->getstatus() ?
- $obj->delete($pass) :
+ $obj->freeze($freeze, $pass) :
array('msg'=>$_attach_messages['err_notfound']);
}
}
-// Åà·ë
-function attach_freeze($freeze)
+// リネーム
+function attach_rename()
{
global $vars, $_attach_messages;
- foreach (array('refer', 'file', 'age', 'pass') as $var) {
+ foreach (array('refer', 'file', 'age', 'pass', 'newname') as $var) {
${$var} = isset($vars[$var]) ? $vars[$var] : '';
}
if (is_freeze($refer) || ! is_editable($refer)) {
return array('msg'=>$_attach_messages['err_noparm']);
- } else {
- $obj = & new AttachFile($refer, $file, $age);
- return $obj->getstatus() ?
- $obj->freeze($freeze, $pass) :
- array('msg'=>$_attach_messages['err_notfound']);
}
+ $obj = new AttachFile($refer, $file, $age);
+ if (! $obj->getstatus())
+ return array('msg'=>$_attach_messages['err_notfound']);
+
+ return $obj->rename($pass, $newname);
+
}
-// ¥À¥¦¥ó¥í¡¼¥É
+// ダウンロード
function attach_open()
{
global $vars, $_attach_messages;
${$var} = isset($vars[$var]) ? $vars[$var] : '';
}
- $obj = & new AttachFile($refer, $file, $age);
+ $obj = new AttachFile($refer, $file, $age);
return $obj->getstatus() ?
$obj->open() :
array('msg'=>$_attach_messages['err_notfound']);
}
-// °ìÍ÷¼èÆÀ
+// 一覧取得
function attach_list()
{
global $vars, $_attach_messages;
$refer = isset($vars['refer']) ? $vars['refer'] : '';
- $obj = & new AttachPages($refer);
+ $obj = new AttachPages($refer);
$msg = $_attach_messages[($refer == '') ? 'msg_listall' : 'msg_listpage'];
$body = ($refer == '' || isset($obj->pages[$refer])) ?
return array('msg'=>$msg, 'body'=>$body);
}
-// ¥¢¥Ã¥×¥í¡¼¥É¥Õ¥©¡¼¥à¤òɽ¼¨ (action»þ)
+// アップロードフォームを表示 (action時)
function attach_showform()
{
global $vars, $_attach_messages;
return array('msg'=>$_attach_messages['msg_upload'], 'body'=>$body);
}
-//-------- ¥µ¡¼¥Ó¥¹
-// mime-type¤Î·èÄê
-function attach_mime_content_type($filename)
+//-------- ã\82µã\83¼ã\83\93ã\82¹
+// mime-typeの決定
+function attach_mime_content_type($filename, $displayname)
{
$type = 'application/octet-stream'; // default
if (! file_exists($filename)) return $type;
-
- $size = @getimagesize($filename);
- if (is_array($size)) {
- switch ($size[2]) {
- case 1: return 'image/gif';
- case 2: return 'image/jpeg';
- case 3: return 'image/png';
- case 4: return 'application/x-shockwave-flash';
+ $pathinfo = pathinfo($displayname);
+ $ext0 = $pathinfo['extension'];
+ if (preg_match('/^(gif|jpg|jpeg|png|swf)$/i', $ext0)) {
+ $size = @getimagesize($filename);
+ if (is_array($size)) {
+ switch ($size[2]) {
+ case 1: return 'image/gif';
+ case 2: return 'image/jpeg';
+ case 3: return 'image/png';
+ case 4: return 'application/x-shockwave-flash';
+ }
}
}
-
- $matches = array();
- if (! preg_match('/_((?:[0-9A-F]{2})+)(?:\.\d+)?$/', $filename, $matches))
- return $type;
-
- $filename = decode($matches[1]);
-
- // mime-type°ìÍ÷ɽ¤ò¼èÆÀ
- $config = new Config(ATTACH_CONFIG_PAGE_MIME);
+ // mime-type一覧表を取得
+ $config = new Config(PLUGIN_ATTACH_CONFIG_PAGE_MIME);
$table = $config->read() ? $config->get('mime-type') : array();
- unset($config); // ¥á¥â¥êÀáÌó
-
+ unset($config); // メモリ節約
foreach ($table as $row) {
$_type = trim($row[0]);
$exts = preg_split('/\s+|,/', trim($row[1]), -1, PREG_SPLIT_NO_EMPTY);
foreach ($exts as $ext) {
- if (preg_match("/\.$ext$/i", $filename)) return $_type;
+ if (preg_match("/\.$ext$/i", $displayname)) return $_type;
}
}
-
return $type;
}
-// ¥¢¥Ã¥×¥í¡¼¥É¥Õ¥©¡¼¥à¤Î½ÐÎÏ
+// アップロードフォームの出力
function attach_form($page)
{
global $script, $vars, $_attach_messages;
$r_page = rawurlencode($page);
- $s_page = htmlspecialchars($page);
+ $s_page = htmlsc($page);
$navi = <<<EOD
<span class="small">
[<a href="$script?plugin=attach&pcmd=list&refer=$r_page">{$_attach_messages['msg_list']}</a>]
if (! ini_get('file_uploads')) return '#attach(): file_uploads disabled<br />' . $navi;
if (! is_page($page)) return '#attach(): No such page<br />' . $navi;
- $maxsize = MAX_FILESIZE;
+ $maxsize = PLUGIN_ATTACH_MAX_FILESIZE;
$msg_maxsize = sprintf($_attach_messages['msg_maxsize'], number_format($maxsize/1024) . 'KB');
$pass = '';
- if (ATTACH_PASSWORD_REQUIRE || ATTACH_UPLOAD_ADMIN_ONLY) {
- $title = $_attach_messages[ATTACH_UPLOAD_ADMIN_ONLY ? 'msg_adminpass' : 'msg_password'];
+ if (PLUGIN_ATTACH_PASSWORD_REQUIRE || PLUGIN_ATTACH_UPLOAD_ADMIN_ONLY) {
+ $title = $_attach_messages[PLUGIN_ATTACH_UPLOAD_ADMIN_ONLY ? 'msg_adminpass' : 'msg_password'];
$pass = '<br />' . $title . ': <input type="password" name="pass" size="8" />';
}
return <<<EOD
<span class="small">
$msg_maxsize
</span><br />
- {$_attach_messages['msg_file']}: <input type="file" name="attach_file" />
+ <label for="_p_attach_file">{$_attach_messages['msg_file']}:</label> <input type="file" name="attach_file" id="_p_attach_file" />
$pass
<input type="submit" value="{$_attach_messages['btn_upload']}" />
</div>
EOD;
}
-//-------- ¥¯¥é¥¹
-// ¥Õ¥¡¥¤¥ë
+//-------- ã\82¯ã\83©ã\82¹
+// ファイル
class AttachFile
{
var $page, $file, $age, $basename, $filename, $logname;
function AttachFile($page, $file, $age = 0)
{
$this->page = $page;
- $this->file = basename($file);
+ $this->file = preg_replace('#^.*/#','',$file);
$this->age = is_numeric($age) ? $age : 0;
$this->basename = UPLOAD_DIR . encode($page) . '_' . encode($this->file);
$this->logname = $this->basename . '.log';
$this->exist = file_exists($this->filename);
$this->time = $this->exist ? filemtime($this->filename) - LOCALZONE : 0;
- $this->md5hash = $this->exist ? md5_file($this->filename) : '';
}
- // ¥Õ¥¡¥¤¥ë¾ðÊó¼èÆÀ
- function getstatus()
+ function gethash()
{
- if (! $this->exist) return FALSE;
+ return $this->exist ? md5_file($this->filename) : '';
+ }
- // ¥í¥°¥Õ¥¡¥¤¥ë¼èÆÀ
+ // ファイル情報取得
+ function getstatus()
+ {
+ // ログファイル取得
if (file_exists($this->logname)) {
$data = file($this->logname);
foreach ($this->status as $key=>$value) {
}
$this->status['count'] = explode(',', $this->status['count']);
}
+ if (! $this->exist) return FALSE;
$this->time_str = get_date('Y/m/d H:i:s', $this->time);
$this->size = filesize($this->filename);
$this->size_str = sprintf('%01.1f', round($this->size/1024, 1)) . 'KB';
- $this->type = attach_mime_content_type($this->filename);
-
+ $this->type = attach_mime_content_type($this->filename, $this->file);
return TRUE;
}
- // ¥¹¥Æ¡¼¥¿¥¹Êݸ
+ // ステータス保存
function putstatus()
{
$this->status['count'] = join(',', $this->status['count']);
fclose($fp);
}
- // ÆüÉÕ¤ÎÈæ³Ó´Ø¿ô
+ // 日付の比較関数
function datecomp($a, $b) {
return ($a->time == $b->time) ? 0 : (($a->time > $b->time) ? -1 : 1);
}
$param = '&file=' . rawurlencode($this->file) . '&refer=' . rawurlencode($this->page) .
($this->age ? '&age=' . $this->age : '');
$title = $this->time_str . ' ' . $this->size_str;
- $label = ($showicon ? FILE_ICON : '') . htmlspecialchars($this->file);
+ $label = ($showicon ? PLUGIN_ATTACH_FILE_ICON : '') . htmlsc($this->file);
if ($this->age) {
$label .= ' (backup No.' . $this->age . ')';
}
$info = $count = '';
if ($showinfo) {
$_title = str_replace('$1', rawurlencode($this->file), $_attach_messages['msg_info']);
- $info = "\n<span class=\"small\">[<a href=\"$script?plugin=attach&pcmd=info$param\" title=\"$_title\">{$_attach_messages['btn_info']}</a>]</span><br />\n";
+ $info = "\n<span class=\"small\">[<a href=\"$script?plugin=attach&pcmd=info$param\" title=\"$_title\">{$_attach_messages['btn_info']}</a>]</span>\n";
$count = ($showicon && ! empty($this->status['count'][$this->age])) ?
sprintf($_attach_messages['msg_count'], $this->status['count'][$this->age]) : '';
}
return "<a href=\"$script?plugin=attach&pcmd=open$param\" title=\"$title\">$label</a>$count$info";
}
- // ¾ðÊóɽ¼¨
+ // 情報表示
function info($err)
{
global $script, $_attach_messages;
$r_page = rawurlencode($this->page);
- $s_page = htmlspecialchars($this->page);
- $s_file = htmlspecialchars($this->file);
+ $s_page = htmlsc($this->page);
+ $s_file = htmlsc($this->file);
$s_err = ($err == '') ? '' : '<p style="font-weight:bold">' . $_attach_messages[$err] . '</p>';
+ $msg_rename = '';
if ($this->age) {
$msg_freezed = '';
- $msg_delete = '<input type="radio" name="pcmd" value="delete" />' .
- $_attach_messages['msg_delete'] .
- $_attach_messages['msg_require'] . '<br />';
+ $msg_delete = '<input type="radio" name="pcmd" id="_p_attach_delete" value="delete" />' .
+ '<label for="_p_attach_delete">' . $_attach_messages['msg_delete'] .
+ $_attach_messages['msg_require'] . '</label><br />';
$msg_freeze = '';
} else {
if ($this->status['freeze']) {
$msg_freezed = "<dd>{$_attach_messages['msg_isfreeze']}</dd>";
$msg_delete = '';
- $msg_freeze = '<input type="radio" name="pcmd" value="unfreeze" />' .
- $_attach_messages['msg_unfreeze'] .
- $_attach_messages['msg_require'] . '<br />';
+ $msg_freeze = '<input type="radio" name="pcmd" id="_p_attach_unfreeze" value="unfreeze" />' .
+ '<label for="_p_attach_unfreeze">' . $_attach_messages['msg_unfreeze'] .
+ $_attach_messages['msg_require'] . '</label><br />';
} else {
$msg_freezed = '';
- $msg_delete = '<input type="radio" name="pcmd" value="delete" />' .
- $_attach_messages['msg_delete'];
- if (ATTACH_DELETE_ADMIN_ONLY || $this->age) {
+ $msg_delete = '<input type="radio" name="pcmd" id="_p_attach_delete" value="delete" />' .
+ '<label for="_p_attach_delete">' . $_attach_messages['msg_delete'];
+ if (PLUGIN_ATTACH_DELETE_ADMIN_ONLY || $this->age)
$msg_delete .= $_attach_messages['msg_require'];
+ $msg_delete .= '</label><br />';
+ $msg_freeze = '<input type="radio" name="pcmd" id="_p_attach_freeze" value="freeze" />' .
+ '<label for="_p_attach_freeze">' . $_attach_messages['msg_freeze'] .
+ $_attach_messages['msg_require'] . '</label><br />';
+
+ if (PLUGIN_ATTACH_RENAME_ENABLE) {
+ $msg_rename = '<input type="radio" name="pcmd" id="_p_attach_rename" value="rename" />' .
+ '<label for="_p_attach_rename">' . $_attach_messages['msg_rename'] .
+ $_attach_messages['msg_require'] . '</label><br /> ' .
+ '<label for="_p_attach_newname">' . $_attach_messages['msg_newname'] .
+ ':</label> ' .
+ '<input type="text" name="newname" id="_p_attach_newname" size="40" value="' .
+ $this->file . '" /><br />';
}
- $msg_delete .= '<br />';
- $msg_freeze = '<input type="radio" name="pcmd" value="freeze" />' .
- $_attach_messages['msg_freeze'] .
- $_attach_messages['msg_require'] . '<br />';
}
}
$info = $this->toString(TRUE, FALSE);
+ $hash = $this->gethash();
- $retval = array('msg'=>sprintf($_attach_messages['msg_info'], htmlspecialchars($this->file)));
+ $retval = array('msg'=>sprintf($_attach_messages['msg_info'], htmlsc($this->file)));
$retval['body'] = <<< EOD
<p class="small">
[<a href="$script?plugin=attach&pcmd=list&refer=$r_page">{$_attach_messages['msg_list']}</a>]
<dt>$info</dt>
<dd>{$_attach_messages['msg_page']}:$s_page</dd>
<dd>{$_attach_messages['msg_filename']}:{$this->filename}</dd>
- <dd>{$_attach_messages['msg_md5hash']}:{$this->md5hash}</dd>
+ <dd>{$_attach_messages['msg_md5hash']}:$hash</dd>
<dd>{$_attach_messages['msg_filesize']}:{$this->size_str} ({$this->size} bytes)</dd>
<dd>Content-type:{$this->type}</dd>
<dd>{$_attach_messages['msg_date']}:{$this->time_str}</dd>
<input type="hidden" name="age" value="{$this->age}" />
$msg_delete
$msg_freeze
- {$_attach_messages['msg_password']}: <input type="password" name="pass" size="8" />
+ $msg_rename
+ <br />
+ <label for="_p_attach_password">{$_attach_messages['msg_password']}:</label>
+ <input type="password" name="pass" id="_p_attach_password" size="8" />
<input type="submit" value="{$_attach_messages['btn_submit']}" />
</div>
</form>
function delete($pass)
{
- global $_attach_messages;
+ global $_attach_messages, $notify, $notify_subject;
if ($this->status['freeze']) return attach_info('msg_isfreeze');
if (! pkwk_login($pass)) {
- if (ATTACH_DELETE_ADMIN_ONLY || $this->age) {
+ if (PLUGIN_ATTACH_DELETE_ADMIN_ONLY || $this->age) {
return attach_info('err_adminpass');
- } else if (ATTACH_PASSWORD_REQUIRE &&
- md5($pass) != $this->status['pass']) {
+ } else if (PLUGIN_ATTACH_PASSWORD_REQUIRE &&
+ md5($pass) !== $this->status['pass']) {
return attach_info('err_password');
}
}
- // ¥Ð¥Ã¥¯¥¢¥Ã¥×
+ // バックアップ
if ($this->age ||
- (ATTACH_DELETE_ADMIN_ONLY && ATTACH_DELETE_ADMIN_NOBACKUP)) {
+ (PLUGIN_ATTACH_DELETE_ADMIN_ONLY && PLUGIN_ATTACH_DELETE_ADMIN_NOBACKUP)) {
@unlink($this->filename);
} else {
do {
} while (file_exists($this->basename . '.' . $age));
if (! rename($this->basename,$this->basename . '.' . $age)) {
- // ºï½ü¼ºÇÔ why?
+ // 削除失敗 why?
return array('msg'=>$_attach_messages['err_delete']);
}
$this->putstatus();
}
- if (is_page($this->page)) {
+ if (is_page($this->page))
touch(get_filename($this->page));
+
+ if ($notify) {
+ $footer['ACTION'] = 'File deleted';
+ $footer['FILENAME'] = & $this->file;
+ $footer['PAGE'] = & $this->page;
+ $footer['URI'] = get_script_uri() .
+ '?' . pagename_urlencode($this->page);
+ $footer['USER_AGENT'] = TRUE;
+ $footer['REMOTE_ADDR'] = TRUE;
+ pkwk_mail_notify($notify_subject, "\n", $footer) or
+ die('pkwk_mail_notify(): Failed');
}
return array('msg'=>$_attach_messages['msg_deleted']);
}
+ function rename($pass, $newname)
+ {
+ global $_attach_messages, $notify, $notify_subject;
+
+ if ($this->status['freeze']) return attach_info('msg_isfreeze');
+
+ if (! pkwk_login($pass)) {
+ if (PLUGIN_ATTACH_DELETE_ADMIN_ONLY || $this->age) {
+ return attach_info('err_adminpass');
+ } else if (PLUGIN_ATTACH_PASSWORD_REQUIRE &&
+ md5($pass) !== $this->status['pass']) {
+ return attach_info('err_password');
+ }
+ }
+ $newbase = UPLOAD_DIR . encode($this->page) . '_' . encode($newname);
+ if (file_exists($newbase)) {
+ return array('msg'=>$_attach_messages['err_exists']);
+ }
+ if (! PLUGIN_ATTACH_RENAME_ENABLE) {
+ return array('msg'=>$_attach_messages['err_rename']);
+ }
+ if (! rename($this->basename, $newbase)) {
+ return array('msg'=>$_attach_messages['err_rename']);
+ }
+ // Rename primary file succeeded.
+ // Then, rename backup(archive) files and log file)
+ $rename_targets = array();
+ $dir = opendir(UPLOAD_DIR);
+ if ($dir) {
+ $matches_leaf = array();
+ if (preg_match('/(((?:[0-9A-F]{2})+)_((?:[0-9A-F]{2})+))$/', $this->basename, $matches_leaf)) {
+ $attachfile_leafname = $matches_leaf[1];
+ $attachfile_leafname_pattern = preg_quote($attachfile_leafname, '/');
+ $pattern = "/^({$attachfile_leafname_pattern})(\.((\d+)|(log)))$/";
+ $matches = array();
+ while ($file = readdir($dir)) {
+ if (! preg_match($pattern, $file, $matches))
+ continue;
+ $basename2 = $matches[0];
+ $newbase2 = $newbase . $matches[2];
+ $rename_targets[$basename2] = $newbase2;
+ }
+ }
+ closedir($dir);
+ }
+ foreach ($rename_targets as $basename2=>$newbase2) {
+ $basename2path = UPLOAD_DIR . $basename2;
+ rename($basename2path, $newbase2);
+ }
+ return array('msg'=>$_attach_messages['msg_renamed']);
+ }
+
function freeze($freeze, $pass)
{
global $_attach_messages;
$this->getstatus();
$this->status['count'][$this->age]++;
$this->putstatus();
-
- // for Japanese (???)
- $filename = htmlspecialchars(mb_convert_encoding($this->file,'SJIS','auto'));
+ $filename = $this->file;
+
+ // Care for Japanese-character-included file name
+ $legacy_filename = mb_convert_encoding($filename, 'UTF-8', SOURCE_ENCODING);
+ if (LANG == 'ja') {
+ switch(UA_NAME . '/' . UA_PROFILE){
+ case 'MSIE/default':
+ $legacy_filename = mb_convert_encoding($filename, 'SJIS', SOURCE_ENCODING);
+ break;
+ }
+ }
+ $utf8filename = mb_convert_encoding($filename, 'UTF-8', SOURCE_ENCODING);
ini_set('default_charset', '');
mb_http_output('pass');
- header('Content-Disposition: inline; filename="' . $filename . '"');
+ pkwk_common_headers();
+ header('Content-Disposition: inline; filename="' . $legacy_filename
+ . '"; filename*=utf-8\'\'' . rawurlencode($utf8filename));
header('Content-Length: ' . $this->size);
header('Content-Type: ' . $this->type);
+
@readfile($this->filename);
exit;
}
}
-// ¥Õ¥¡¥¤¥ë¥³¥ó¥Æ¥Ê
+// ファイルコンテナ
class AttachFiles
{
var $page;
function add($file, $age)
{
- $this->files[$file][$age] = & new AttachFile($this->page, $file, $age);
+ $this->files[$file][$age] = new AttachFile($this->page, $file, $age);
}
- // ¥Õ¥¡¥¤¥ë°ìÍ÷¤ò¼èÆÀ
+ // ファイル一覧を取得
function toString($flat)
{
global $_title_cannotread;
$ret = '';
$files = array_keys($this->files);
- sort($files);
+ sort($files, SORT_STRING);
foreach ($files as $file) {
$_files = array();
$_files[$age] = $this->files[$file][$age]->toString(FALSE, TRUE);
}
if (! isset($_files[0])) {
- $_files[0] = htmlspecialchars($file);
+ $_files[0] = htmlsc($file);
}
- ksort($_files);
+ ksort($_files, SORT_NUMERIC);
$_file = $_files[0];
unset($_files[0]);
$ret .= " <li>$_file\n";
return make_pagelink($this->page) . "\n<ul>\n$ret</ul>\n";
}
- // ¥Õ¥¡¥¤¥ë°ìÍ÷¤ò¼èÆÀ(inline)
+ // ファイル一覧を取得(inline)
function to_flat()
{
$ret = '';
}
}
-// ¥Ú¡¼¥¸¥³¥ó¥Æ¥Ê
+// ページコンテナ
class AttachPages
{
var $pages = array();
$pattern = "/^({$page_pattern})_((?:[0-9A-F]{2})+){$age_pattern}$/";
$matches = array();
- while ($file = readdir($dir)) {
- if (! preg_match($pattern, $file, $matches))
- continue;
+ while (($file = readdir($dir)) !== FALSE) {
+ if (! preg_match($pattern, $file, $matches)) continue;
$_page = decode($matches[1]);
$_file = decode($matches[2]);
$_age = isset($matches[3]) ? $matches[3] : 0;
if (! isset($this->pages[$_page])) {
- $this->pages[$_page] = & new AttachFiles($_page);
+ $this->pages[$_page] = new AttachFiles($_page);
}
$this->pages[$_page]->add($_file, $_age);
}
function toString($page = '', $flat = FALSE)
{
- global $non_list;
-
if ($page != '') {
if (! isset($this->pages[$page])) {
return '';
$ret = '';
$pages = array_keys($this->pages);
- sort($pages);
+ sort($pages, SORT_STRING);
foreach ($pages as $page) {
- if (preg_match("/$non_list/", $page)) continue;
- $ret .= '<li>' . $this->pages[$page]->toString($flat) . "</li>\n";
+ if (check_non_list($page)) continue;
+ $ret .= '<li>' . $this->pages[$page]->toString($flat) . '</li>' . "\n";
}
- return "\n<ul>\n" . $ret . "</ul>\n";
+ return "\n" . '<ul>' . "\n" . $ret . '</ul>' . "\n";
}
}
-?>