/////////////////////////////////////////////////
// PukiWiki - Yet another WikiWikiWeb clone.
//
-// $Id: func.php,v 1.40 2003/05/17 11:08:26 arino Exp $
+// $Id: func.php,v 1.41 2003/05/26 13:55:37 arino Exp $
//
// ʸ»úÎó¤¬InterWikiName¤«¤É¤¦¤«
{
global $BracketName,$WikiName;
- $is_pagename = (!is_interwiki($str) and preg_match("/^(?!\.{0,}\/)$BracketName$(?<!\/$)/",$str));
+ $is_pagename = (!is_interwiki($str) and preg_match("/^(?!\/)$BracketName$(?<!\/$)/",$str)
+ and !preg_match('/(^|\/)\.{1,2}(\/|$)/',$str));
if (defined('SOURCE_ENCODING'))
{
}
return $body;
}
-
+// ¸¡º÷¸ì¤òŸ³«¤¹¤ë
+function get_search_words($words,$special=FALSE)
+{
+ $quote_func = create_function('$str',$special ?
+ 'return preg_quote($str,"/");' :
+ 'return preg_quote(htmlspecialchars($str),"/");'
+ );
+
+ $retval = array();
+ // Perl¥á¥â - Àµ¤·¤¯¥Ñ¥¿¡¼¥ó¥Þ¥Ã¥Á¤µ¤»¤ë
+ // http://www.din.or.jp/~ohzaki/perl.htm#JP_Match
+ $eucpre = $eucpost = '';
+ if (SOURCE_ENCODING == 'EUC-JP')
+ {
+ $eucpre = '(?<!\x8F)';
+ // # JIS X 0208 ¤¬ 0ʸ»ú°Ê¾å³¤¤¤Æ # ASCII, SS2, SS3 ¤Þ¤¿¤Ï½ªÃ¼
+ $eucpost = '(?=(?:[\xA1-\xFE][\xA1-\xFE])*(?:[\x00-\x7F\x8E\x8F]|\z))';
+ }
+ if (!function_exists('mb_convert_case'))
+ {
+ foreach ($words as $word)
+ {
+ $retval[$word] = $eucpre.$quote_func($word).$eucpost;
+ }
+ return $retval;
+ }
+ foreach ($words as $word)
+ {
+ // ±Ñ¿ô»ú¤ÏȾ³Ñ,¥«¥¿¥«¥Ê¤ÏÁ´³Ñ,¤Ò¤é¤¬¤Ê¤Ï¥«¥¿¥«¥Ê¤Ë
+ $word_zk = mb_convert_kana($word,'aKCV');
+ $chars = array();
+ for ($pos = 0; $pos < mb_strlen($word_zk);$pos++)
+ {
+ $char = mb_substr($word_zk,$pos,1);
+ $arr = array($quote_func($char));
+ if (strlen($char) == 1) // ±Ñ¿ô»ú
+ {
+ $_char = strtoupper($char); // Âçʸ»ú
+ $arr[] = $quote_func($_char);
+ $arr[] = $quote_func(mb_convert_kana($_char,"A")); // Á´³Ñ
+ $_char = strtolower($char); // ¾®Ê¸»ú
+ $arr[] = $quote_func($_char);
+ $arr[] = $quote_func(mb_convert_kana($_char,"A")); // Á´³Ñ
+ }
+ else // ¥Þ¥ë¥Á¥Ð¥¤¥Èʸ»ú
+ {
+ $arr[] = $quote_func(mb_convert_kana($char,"c")); // ¤Ò¤é¤¬¤Ê
+ $arr[] = $quote_func(mb_convert_kana($char,"k")); // Ⱦ³Ñ¥«¥¿¥«¥Ê
+ }
+ $chars[] = '(?:'.join('|',array_unique($arr)).')';
+ }
+ $retval[$word] = $eucpre.join('',$chars).$eucpost;
+ }
+ return $retval;
+}
// ¸¡º÷
function do_search($word,$type='AND',$non_format=FALSE)
{
$retval = array();
$b_type = ($type == 'AND'); // AND:TRUE OR:FALSE
- $keys = preg_split('/\s+/',preg_quote($word,'/'),-1,PREG_SPLIT_NO_EMPTY);
+ $keys = get_search_words(preg_split('/\s+/',$word,-1,PREG_SPLIT_NO_EMPTY));
$_pages = get_existpages();
$pages = array();
$b_match = FALSE;
foreach ($keys as $key)
{
- $tmp = preg_grep("/$key/i",$source);
+ $tmp = preg_grep("/$key/",$source);
$b_match = (count($tmp) > 0);
if ($b_match xor $b_type)
{
[PHP-users 12736] null byte attack
2003-05-16: magic quotes gpc¤ÎÉü¸µ½èÍý¤òÅý¹ç
+2003-05-21: Ï¢ÁÛÇÛÎó¤Î¥¡¼¤Ïbinary safe
*/
function sanitize($param)
{
if (is_array($param))
{
- $result = array();
- foreach ($param as $key=>$value)
- {
- $key = str_replace("\0",'',$key);
- $result[$key] = sanitize($value);
- }
+ $result = array_map('sanitize',$param);
}
else
{