<?php
// PukiWiki - Yet another WikiWikiWeb clone.
-// $Id: backup.inc.php,v 1.27 2005/12/10 12:48:02 henoheno Exp $
+// $Id: backup.inc.php,v 1.29 2011/01/25 15:01:01 henoheno Exp $
// Copyright (C)
-// 2002-2005 PukiWiki Developers Team
+// 2002-2005, 2007 PukiWiki Developers Team
// 2001-2002 Originally written by yu-ji
// License: GPL v2 or (at your option) any later version
//
if ($page == '') return array('msg'=>$_title_backuplist, 'body'=>plugin_backup_get_list_all());
check_readable($page, true, true);
- $s_page = htmlspecialchars($page);
+ $s_page = htmlsc($page);
$r_page = rawurlencode($page);
$action = isset($vars['action']) ? $vars['action'] : '';
$s_action = $r_action = '';
if ($action != '') {
- $s_action = htmlspecialchars($action);
+ $s_action = htmlsc($action);
$r_action = rawurlencode($action);
}
} else if ($s_action == 'nowdiff') {
$title = & $_title_backupnowdiff;
$old = join('', $backups[$s_age]['data']);
- $cur = join('', get_source($page));
+ $cur = get_source($page, TRUE, TRUE);
$body .= plugin_backup_diff(do_diff($old, $cur));
} else if ($s_action == 'source') {
$title = & $_title_backupsource;
- $body .= '<pre>' . htmlspecialchars(join('', $backups[$s_age]['data'])) .
+ $body .= '<pre>' . htmlsc(join('', $backups[$s_age]['data'])) .
'</pre>' . "\n";
} else {
if (PLUGIN_BACKUP_DISABLE_BACKUP_RENDERING) {
}
$script = get_script_uri();
- $s_page = htmlspecialchars($page);
+ $s_page = htmlsc($page);
$body .= <<<EOD
<p>$_msg_backup_adminpass</p>
<form action="$script" method="post">
</ul>
EOD;
- return $ul . '<pre>' . diff_style_to_css(htmlspecialchars($str)) . '</pre>' . "\n";
+ return $ul . '<pre>' . diff_style_to_css(htmlsc($str)) . '</pre>' . "\n";
}
function plugin_backup_get_list($page)
$script = get_script_uri();
$r_page = rawurlencode($page);
- $s_page = htmlspecialchars($page);
+ $s_page = htmlsc($page);
$retval = array();
$retval[0] = <<<EOD
<ul>