<?php
-/////////////////////////////////////////////////
// PukiWiki - Yet another WikiWikiWeb clone.
+// vote.inc.php
+// Copyright 2002-2017 PukiWiki Development Team
+// License: GPL v2 or (at your option) any later version
//
-// $Id: vote.inc.php,v 1.18 2004/10/09 07:36:33 henoheno Exp $
-//
+// Vote box plugin
function plugin_vote_action()
{
- global $vars, $script, $cols,$rows;
+ global $vars, $cols,$rows;
global $_title_collided, $_msg_collided, $_title_updated;
global $_vote_plugin_votes;
+ $script = get_base_uri();
+ if (PKWK_READONLY) die_message('PKWK_READONLY prohibits editing');
+
$postdata_old = get_source($vars['refer']);
$vote_no = 0;
$matches = array();
foreach($postdata_old as $line) {
- if (preg_match("/^#vote\((.*)\)(.*)$/i", $line, $matches)) {
- $args = explode(',', $matches[1]);
- $lefts = isset($matches[2]) ? $matches[2] : '';
- } else {
- $postdata .= $line;
- continue;
- }
-
- if ($vote_no++ != $vars['vote_no']) {
+ if (! preg_match('/^#vote(?:\((.*)\)(.*))?$/i', $line, $matches) ||
+ $vote_no++ != $vars['vote_no']) {
$postdata .= $line;
continue;
}
+ $args = explode(',', $matches[1]);
+ $lefts = isset($matches[2]) ? $matches[2] : '';
foreach($args as $arg) {
$cnt = 0;
- if (preg_match("/^(.+)\[(\d+)\]$/", $arg, $matches)) {
+ if (preg_match('/^(.+)\[(\d+)\]$/', $arg, $matches)) {
$arg = $matches[1];
$cnt = $matches[2];
}
$e_arg = encode($arg);
- if (! empty($vars["vote_$e_arg"]) && $vars["vote_$e_arg"] == $_vote_plugin_votes)
+ if (! empty($vars['vote_' . $e_arg]) && $vars['vote_' . $e_arg] == $_vote_plugin_votes)
++$cnt;
$votes[] = $arg . '[' . $cnt . ']';
}
- $vote_str = '#vote(' . @join(',', $votes) . ")$lefts\n";
+ $vote_str = '#vote(' . @join(',', $votes) . ')' . $lefts . "\n";
$postdata_input = $vote_str;
$postdata .= $vote_str;
}
- if (md5(@join('', get_source($vars['refer']))) != $vars['digest']) {
+ if (md5(get_source($vars['refer'], TRUE, TRUE)) !== $vars['digest']) {
$title = $_title_collided;
- $s_refer = htmlspecialchars($vars['refer']);
- $s_digest = htmlspecialchars($vars['digest']);
- $s_postdata_input = htmlspecialchars($postdata_input);
+ $s_refer = htmlsc($vars['refer']);
+ $s_digest = htmlsc($vars['digest']);
+ $s_postdata_input = htmlsc($postdata_input);
$body = <<<EOD
$_msg_collided
<form action="$script?cmd=preview" method="post">
function plugin_vote_convert()
{
- global $script, $vars, $digest;
+ global $vars, $digest;
global $_vote_plugin_choice, $_vote_plugin_votes;
static $number = array();
if (! isset($number[$page])) $number[$page] = 0; // Init
$vote_no = $number[$page]++;
- if (! func_num_args()) return '#vote(): No arguments';
+ if (! func_num_args()) return '#vote(): No arguments<br />' . "\n";
+
+ if (PKWK_READONLY) {
+ $_script = '';
+ $_submit = 'hidden';
+ } else {
+ $_script = get_base_uri();
+ $_submit = 'submit';
+ }
$args = func_get_args();
- $s_page = htmlspecialchars($page);
- $s_digest = htmlspecialchars($digest);
+ $s_page = htmlsc($page);
+ $s_digest = htmlsc($digest);
$body = <<<EOD
-<form action="$script" method="post">
+<form action="$_script" method="post">
<table cellspacing="0" cellpadding="2" class="style_table" summary="vote">
<tr>
<td align="left" class="vote_label" style="padding-left:1em;padding-right:1em"><strong>$_vote_plugin_choice</strong>
foreach($args as $arg) {
$cnt = 0;
- if (preg_match("/^(.+)\[(\d+)\]$/", $arg, $matches)) {
+ if (preg_match('/^(.+)\[(\d+)\]$/', $arg, $matches)) {
$arg = $matches[1];
$cnt = $matches[2];
}
<tr>
<td align="left" class="$cls" style="padding-left:1em;padding-right:1em;">$link</td>
<td align="right" class="$cls">$cnt
- <input type="submit" name="vote_$e_arg" value="$_vote_plugin_votes" class="submit" />
+ <input type="$_submit" name="vote_$e_arg" value="$_vote_plugin_votes" class="submit" />
</td>
</tr>
return $body;
}
-?>