<?php
-// $Id: memo.inc.php,v 1.12 2004/10/09 08:01:58 henoheno Exp $
+// PukiWiki - Yet another WikiWikiWeb clone.
+// memo.inc.php
+// Copyright 2002-2017 PukiWiki Development Team
+// License: GPL v2 or (at your option) any later version
+//
+// Memo box plugin
-/////////////////////////////////////////////////
-// ¥Æ¥¥¹¥È¥¨¥ê¥¢¤Î¥«¥é¥à¿ô
-define('MEMO_COLS', 80);
+define('MEMO_COLS', 60); // Columns of textarea
+define('MEMO_ROWS', 5); // Rows of textarea
-// ¥Æ¥¥¹¥È¥¨¥ê¥¢¤Î¹Ô¿ô
-define('MEMO_ROWS', 5);
-
-/////////////////////////////////////////////////
function plugin_memo_action()
{
- global $script, $vars, $cols, $rows;
+ global $vars, $cols, $rows;
global $_title_collided, $_msg_collided, $_title_updated;
+ $script = get_base_uri();
+ if (PKWK_READONLY) die_message('PKWK_READONLY prohibits editing');
if (! isset($vars['msg']) || $vars['msg'] == '') return;
- $memo_body = preg_replace("/\r/", '', $vars['msg']);
- $memo_body = str_replace("\n", "\\n", $memo_body);
+ $memo_body = preg_replace('/' . "\r" . '/', '', $vars['msg']);
+ $memo_body = str_replace("\n", '\n', $memo_body);
$memo_body = str_replace('"', '"', $memo_body); // Escape double quotes
$memo_body = str_replace(',', ',', $memo_body); // Escape commas
$postdata_old = get_source($vars['refer']);
$postdata = '';
$memo_no = 0;
- foreach($postdata_old as $line)
- {
- if (preg_match("/^#memo\(?.*\)?$/i", $line))
- {
- if ($memo_no == $vars['memo_no'])
- {
- $postdata .= "#memo($memo_body)\n";
+ foreach($postdata_old as $line) {
+ if (preg_match("/^#memo\(?.*\)?$/i", $line)) {
+ if ($memo_no == $vars['memo_no']) {
+ $postdata .= '#memo(' . $memo_body . ')' . "\n";
$line = '';
}
++$memo_no;
$postdata .= $line;
}
- $postdata_input = "$memo_body\n";
+ $postdata_input = $memo_body . "\n";
- if (md5(@join('', get_source($vars['refer']))) != $vars['digest'])
- {
+ $body = '';
+ if (md5(get_source($vars['refer'], TRUE, TRUE)) !== $vars['digest']) {
$title = $_title_collided;
+ $body = $_msg_collided . "\n";
- $body = "$_msg_collided\n";
-
- $s_refer = htmlspecialchars($vars['refer']);
- $s_digest = htmlspecialchars($vars['digest']);
- $s_postdata_input = htmlspecialchars($postdata_input);
+ $s_refer = htmlsc($vars['refer']);
+ $s_digest = htmlsc($vars['digest']);
+ $s_postdata_input = htmlsc($postdata_input);
$body .= <<<EOD
<form action="$script?cmd=preview" method="post">
</div>
</form>
EOD;
- }
- else
- {
+ } else {
page_write($vars['refer'], $postdata);
$title = $_title_updated;
}
- $retvars['msg'] = $title;
- $retvars['body'] = $body;
+ $retvars['msg'] = & $title;
+ $retvars['body'] = & $body;
$vars['page'] = $vars['refer'];
function plugin_memo_convert()
{
- global $script, $vars, $digest;
+ global $vars, $digest;
global $_btn_memo_update;
static $numbers = array();
- if (! isset($numbers[$vars['page']]))
- {
- $numbers[$vars['page']] = 0;
- }
+ if (! isset($numbers[$vars['page']])) $numbers[$vars['page']] = 0;
$memo_no = $numbers[$vars['page']]++;
$data = func_get_args();
$data = implode(',', $data); // Care all arguments
$data = str_replace(',', ',', $data); // Unescape commas
$data = str_replace('"', '"', $data); // Unescape double quotes
- $data = htmlspecialchars(str_replace("\\n", "\n", $data));
-
- $s_page = htmlspecialchars($vars['page']);
- $s_digest = htmlspecialchars($digest);
- $s_cols = MEMO_COLS;
- $s_rows = MEMO_ROWS;
- $string = <<<EOD
-<form action="$script" method="post" class="memo">
+ $data = htmlsc(str_replace('\n', "\n", $data));
+
+ if (PKWK_READONLY) {
+ $_script = '';
+ $_submit = '';
+ } else {
+ $_script = get_base_uri();
+ $_submit = '<input type="submit" name="memo" value="' . $_btn_memo_update . '" />';
+ }
+
+ $s_page = htmlsc($vars['page']);
+ $s_digest = htmlsc($digest);
+ $s_cols = MEMO_COLS;
+ $s_rows = MEMO_ROWS;
+ $string = <<<EOD
+<form action="$_script" method="post" class="memo">
<div>
<input type="hidden" name="memo_no" value="$memo_no" />
<input type="hidden" name="refer" value="$s_page" />
<input type="hidden" name="plugin" value="memo" />
<input type="hidden" name="digest" value="$s_digest" />
<textarea name="msg" rows="$s_rows" cols="$s_cols">$data</textarea><br />
- <input type="submit" name="memo" value="$_btn_memo_update" />
+ $_submit
</div>
</form>
EOD;
return $string;
}
-?>