<?php
// PukiWiki - Yet another WikiWikiWeb clone.
-// $Id: diff.inc.php,v 1.17 2005/12/10 10:36:17 henoheno Exp $
+// $Id: diff.inc.php,v 1.20 2011/01/25 15:01:01 henoheno Exp $
// Copyright (C)
// 2002-2005 PukiWiki Developers Team
// 2002 Originally written by yu-ji
global $_msg_notfound, $_msg_goto, $_msg_deleted, $_msg_addline, $_msg_delline, $_title_diff;
global $_title_diff_delete;
- $r_page = rawurlencode($page);
- $s_page = htmlspecialchars($page);
+ $r_page = pagename_urlencode($page);
+ $s_page = htmlsc($page);
$menu = array(
'<li>' . $_msg_addline . '</li>',
$filename = DIFF_DIR . encode($page) . '.txt';
if (file_exists($filename)) {
- $diffdata = htmlspecialchars(join('', file($filename)));
-
- // Cut diff markers ('+' or '-' or ' ')
- $diffdata = preg_replace('/^\-(.*)$/m', '<span class="diff_removed">$1</span>', $diffdata);
- $diffdata = preg_replace('/^\+(.*)$/m', '<span class="diff_added" >$1</span>', $diffdata);
- $diffdata = preg_replace('/^ (.*)$/m', '$1', $diffdata);
-
if (! PKWK_READONLY) {
$menu[] = '<li><a href="' . $script . '?cmd=diff&action=delete&page=' .
$r_page . '">' . str_replace('$1', $s_page, $_title_diff_delete) . '</a></li>';
}
-
- $msg = '<pre>' . $diffdata . '</pre>' . "\n";
+ $msg = '<pre>' . diff_style_to_css(htmlsc(join('', file($filename)))) . '</pre>' . "\n";
} else if ($is_page) {
- $diffdata = trim(htmlspecialchars(join('', get_source($page))));
+ $diffdata = trim(htmlsc(join('', get_source($page))));
$msg = '<pre><span class="diff_added">' . $diffdata . '</span></pre>' . "\n";
} else {
return array('msg'=>$_title_diff, 'body'=>$_msg_notfound);
}
}
- $s_page = htmlspecialchars($page);
+ $s_page = htmlsc($page);
$body .= <<<EOD
<p>$_msg_diff_adminpass</p>
<form action="$script" method="post">
return array('msg'=>$_title_diff_delete, 'body'=>$body);
}
-?>
+