/////////////////////////////////////////////////
// PukiWiki - Yet another WikiWikiWeb clone.
//
-// $Id: attach.inc.php,v 1.30 2003/07/06 15:11:41 arino Exp $
+// $Id: attach.inc.php,v 1.31 2003/07/27 14:15:29 arino Exp $
//
/*
$vars['pcmd'] = 'delete';
$vars['file'] = $vars['delfile'];
}
- if (array_key_exists('attach_file',$_FILES) and
- is_uploaded_file($_FILES['attach_file']['tmp_name']))
+ if (array_key_exists('attach_file',$_FILES))
{
- return attach_upload();
+ $pass = array_key_exists('pass',$vars) ? md5($vars['pass']) : NULL;
+ return attach_upload($_FILES['attach_file'],$vars['refer'],$pass);
}
$age = array_key_exists('age',$vars) ? $vars['age'] : 0;
}
//-------- ¼ÂÂÎ
//¥Õ¥¡¥¤¥ë¥¢¥Ã¥×¥í¡¼¥É
-function attach_upload($force = FALSE)
+function attach_upload($file,$page,$pass=NULL)
{
- global $vars,$adminpass;
- global $_attach_messages;
+// $pass=NULL : ¥Ñ¥¹¥ï¡¼¥É¤¬»ØÄꤵ¤ì¤Æ¤¤¤Ê¤¤
+// $pass=TRUE : ¥¢¥Ã¥×¥í¡¼¥Éµö²Ä
+ global $adminpass,$_attach_messages;
- if ($_FILES['attach_file']['size'] > MAX_FILESIZE)
+ if ($file['tmp_name'] == '' or !is_uploaded_file($file['tmp_name']))
+ {
+ return array('result'=>FALSE);
+ }
+ if ($file['size'] > MAX_FILESIZE)
{
- return array('msg'=>$_attach_messages['err_exceed']);
+ return array('result'=>FALSE,'msg'=>$_attach_messages['err_exceed']);
}
- if (!$force and !is_editable($vars['refer']))
+ if (!is_pagename($page) or ($pass !== TRUE and !is_editable($page)))
{
- return array('msg'=>$_attach_messages['err_noparm']);
+ return array('result'=>FALSE,'msg'=>$_attach_messages['err_noparm']);
}
- if (ATTACH_UPLOAD_ADMIN_ONLY and md5($vars['pass']) != $adminpass)
+ if (ATTACH_UPLOAD_ADMIN_ONLY and $pass !== TRUE
+ and ($pass === NULL or $pass != $adminpass))
{
- return array('msg'=>$_attach_messages['err_adminpass']);
+ return array('result'=>FALSE,'msg'=>$_attach_messages['err_adminpass']);
}
- $obj = &new AttachFile($vars['refer'],$_FILES['attach_file']['name']);
+ $obj = &new AttachFile($page,$file['name']);
if ($obj->exist)
{
- return array('msg'=>$_attach_messages['err_exists']);
+ return array('result'=>FALSE,'msg'=>$_attach_messages['err_exists']);
}
- move_uploaded_file($_FILES['attach_file']['tmp_name'],$obj->filename);
+ move_uploaded_file($file['tmp_name'],$obj->filename);
- if (is_page($vars['refer']))
+ if (is_page($page))
{
- touch(get_filename($vars['refer']));
+ touch(get_filename($page));
}
$obj->getstatus();
- $obj->status['pass'] = array_key_exists('pass',$vars) ? md5($vars['pass']) : '';
+ $obj->status['pass'] = ($pass !== TRUE and $pass !== NULL) ? $pass : '';
$obj->putstatus();
- return array('msg'=>$_attach_messages['msg_uploaded']);
+ return array('result'=>TRUE,'msg'=>$_attach_messages['msg_uploaded']);;
}
//¾ÜºÙ¥Õ¥©¡¼¥à¤òɽ¼¨
function attach_info($err='')
/////////////////////////////////////////////////
// PukiWiki - Yet another WikiWikiWeb clone.
//
-// $Id: paint.inc.php,v 1.10 2003/07/03 05:23:47 arino Exp $
+// $Id: paint.inc.php,v 1.11 2003/07/27 14:15:29 arino Exp $
//
/*
$retval['msg'] = $_paint_messages['msg_title'];
$retval['body'] = '';
- if (array_key_exists('attach_file',$_FILES) and is_uploaded_file($_FILES['attach_file']['tmp_name']))
+ if (array_key_exists('attach_file',$_FILES)
+ and array_key_exists('refer',$vars)
+ and is_page($vars['refer']))
{
+ $file = $_FILES['attach_file'];
//BBSPaiter.jar¤Ï¡¢shift-jis¤ÇÆâÍƤòÁ÷¤Ã¤Æ¤¯¤ë¡£ÌÌÅݤʤΤǥڡ¼¥¸Ì¾¤Ï¥¨¥ó¥³¡¼¥É¤·¤Æ¤«¤éÁ÷¿®¤µ¤»¤ë¤è¤¦¤Ë¤·¤¿¡£
$vars['page'] = $vars['refer'] = decode($vars['refer']);
$filename = mb_convert_encoding($filename,SOURCE_ENCODING,'auto');
//¥Õ¥¡¥¤¥ë̾ÃÖ´¹
- $attachname = preg_replace('/^[^\.]+/', $filename, $_FILES['attach_file']['name']);
+ $attachname = preg_replace('/^[^\.]+/',$filename,$file['name']);
//¤¹¤Ç¤Ë¸ºß¤·¤¿¾ì¹ç¡¢ ¥Õ¥¡¥¤¥ë̾¤Ë'_0','_1',...¤òÉÕ¤±¤Æ²óÈò(¸È©)
$count = '_0';
while (file_exists(PAINT_UPLOAD_DIR.encode($vars['refer']).'_'.encode($attachname)))
{
- $attachname = preg_replace('/^[^\.]+/', $filename.$count++, $_FILES['attach_file']['name']);
+ $attachname = preg_replace('/^[^\.]+/',$filename.$count++,$file['name']);
}
- $_FILES['attach_file']['name'] = $attachname;
+ $file['name'] = $attachname;
if (!exist_plugin('attach') or !function_exists('attach_upload'))
{
return array('msg'=>'attach.inc.php not found or not correct version.');
}
- $retval = attach_upload(TRUE);
- $retval = paint_insert_ref($_FILES['attach_file']['name']);
+ $retval = attach_upload($file,$vars['refer'],TRUE);
+ if ($retval['result'] == TRUE)
+ {
+ $retval = paint_insert_ref($file['name']);
+ }
}
else
{