/////////////////////////////////////////////////
// PukiWiki - Yet another WikiWikiWeb clone.
//
-// $Id: paint.inc.php,v 1.13 2003/11/05 10:40:48 arino Exp $
+// $Id: paint.inc.php,v 1.14 2004/07/31 03:09:20 henoheno Exp $
//
/*
//¥á¥Ã¥»¡¼¥¸¤¬¤¢¤ë¾ì¹ç
define('PAINT_FORMAT',"\x08MSG\x08 -- \x08NAME\x08 \x08NOW\x08");
//¥á¥Ã¥»¡¼¥¸¤¬¤Ê¤¤¾ì¹ç
-define('PAINT_FORMAT_NOMSG',"\x08NAME\x08 \x08NOW\x08");
+define('PAINT_FORMAT_NOMSG',"\x08NAME\x08 \x08NOW\x08");
function plugin_paint_action()
{
global $script,$vars;
global $_paint_messages;
global $html_transitional;
-
+
//Ìá¤êÃͤò½é´ü²½
$retval['msg'] = $_paint_messages['msg_title'];
$retval['body'] = '';
-
+
if (array_key_exists('attach_file',$_FILES)
and array_key_exists('refer',$vars))
{
$file = $_FILES['attach_file'];
//BBSPaiter.jar¤Ï¡¢shift-jis¤ÇÆâÍƤòÁ÷¤Ã¤Æ¤¯¤ë¡£ÌÌÅݤʤΤǥڡ¼¥¸Ì¾¤Ï¥¨¥ó¥³¡¼¥É¤·¤Æ¤«¤éÁ÷¿®¤µ¤»¤ë¤è¤¦¤Ë¤·¤¿¡£
$vars['page'] = $vars['refer'] = decode($vars['refer']);
-
+
$filename = $vars['filename'];
$filename = mb_convert_encoding($filename,SOURCE_ENCODING,'auto');
-
+
//¥Õ¥¡¥¤¥ë̾ÃÖ´¹
$attachname = preg_replace('/^[^\.]+/',$filename,$file['name']);
//¤¹¤Ç¤Ë¸ºß¤·¤¿¾ì¹ç¡¢ ¥Õ¥¡¥¤¥ë̾¤Ë'_0','_1',...¤òÉÕ¤±¤Æ²óÈò(¸È©)
{
$attachname = preg_replace('/^[^\.]+/',$filename.$count++,$file['name']);
}
-
+
$file['name'] = $attachname;
-
+
if (!exist_plugin('attach') or !function_exists('attach_upload'))
{
return array('msg'=>'attach.inc.php not found or not correct version.');
}
-
+
$retval = attach_upload($file,$vars['refer'],TRUE);
if ($retval['result'] == TRUE)
{
$s_refer = htmlspecialchars($vars['refer']);
}
$link = "<p><a href=\"$script?$r_refer\">$s_refer</a></p>";;
-
+
$w = PAINT_APPLET_WIDTH;
$h = PAINT_APPLET_HEIGHT;
-
+
//¥¦¥¤¥ó¥É¥¦¥â¡¼¥É :)
if ($w < 50 and $h < 50)
{
$retval['body'] = convert_html(get_source($vars['refer']));
$link = '';
}
-
+
//XSSÀȼåÀÌäÂê - ³°Éô¤«¤éÍ褿ÊÑ¿ô¤ò¥¨¥¹¥±¡¼¥×
$width = empty($vars['width']) ? PAINT_DEFAULT_WIDTH : $vars['width'];
$height = empty($vars['height']) ? PAINT_DEFAULT_HEIGHT : $vars['height'];
$f_digest = array_key_exists('digest',$vars) ? htmlspecialchars($vars['digest']) : '';
$f_no = (array_key_exists('paint_no',$vars) and is_numeric($vars['paint_no'])) ?
$vars['paint_no'] + 0 : 0;
-
+
if ($f_w > PAINT_MAX_WIDTH)
{
$f_w = PAINT_MAX_WIDTH;
{
$f_h = PAINT_MAX_HEIGHT;
}
-
+
$retval['body'] .= <<<EOD
<div>
$link
global $script,$vars,$digest;
global $_paint_messages;
static $numbers = array();
-
+
if (!array_key_exists($vars['page'],$numbers))
{
$numbers[$vars['page']] = 0;
}
$paint_no = $numbers[$vars['page']]++;
-
+
//Ìá¤êÃÍ
$ret = '';
-
+
//ʸ»úÎó¤ò¼èÆÀ
$width = $height = 0;
$args = func_get_args();
{
$height = PAINT_DEFAULT_HEIGHT;
}
-
+
//XSSÀȼåÀÌäÂê - ³°Éô¤«¤éÍ褿ÊÑ¿ô¤ò¥¨¥¹¥±¡¼¥×
$f_page = htmlspecialchars($vars['page']);
-
+
$max = sprintf($_paint_messages['msg_max'],PAINT_MAX_WIDTH,PAINT_MAX_HEIGHT);
-
+
$ret = <<<EOD
<form action="$script" method="post">
<div>
{
global $script,$vars,$now,$do_backup;
global $_paint_messages,$_no_name;
-
+
$ret['msg'] = $_paint_messages['msg_title'];
$msg = mb_convert_encoding(rtrim($vars['msg']),SOURCE_ENCODING,'auto');
$name = mb_convert_encoding($vars['yourname'],SOURCE_ENCODING,'auto');
-
+
$msg = str_replace('$msg',$msg,PAINT_MSG_FORMAT);
$name = ($name == '') ? $_no_name : $vars['yourname'];
$name = ($name == '') ? '' : str_replace('$name',$name,PAINT_NAME_FORMAT);
$now = str_replace('$now',$now,PAINT_NOW_FORMAT);
-
+
$msg = trim($msg);
$msg = ($msg == '') ?
PAINT_FORMAT_NOMSG :
$msg = str_replace("\x08NOW\x08",$now, $msg);
//¥Ö¥í¥Ã¥¯¤Ë¿©¤ï¤ì¤Ê¤¤¤è¤¦¤Ë¡¢#img¤ÎľÁ°¤Ë\n¤ò2¸Ä½ñ¤¤¤Æ¤ª¤¯¡£
$msg = "#ref($filename,wrap,around)\n".trim($msg)."\n\n#img(,clear)\n";
-
+
$postdata_old = get_source($vars['refer']);
$postdata = '';
$paint_no = 0; //'#paint'¤Î½Ð¸½²ó¿ô
$postdata .= $line;
}
}
-
+
// ¹¹¿·¤Î¾×Æͤò¸¡½Ð
if (md5(join('',$postdata_old)) != $vars['digest'])
{
$ret['msg'] = $_paint_messages['msg_title_collided'];
$ret['body'] = $_paint_messages['msg_collided'];
}
-
+
page_write($vars['refer'],$postdata);
-
+
return $ret;
}
?>