<?php
// PukiWiki - Yet another WikiWikiWeb clone.
-// $Id: make_link.php,v 1.15 2005/01/25 14:18:57 henoheno Exp $
+// make_link.php
+// Copyright
+// 2003-2016 PukiWiki Development Team
+// 2001-2002 Originally written by yu-ji
+// License: GPL v2 or (at your option) any later version
//
// Hyperlink-related functions
$string = preg_replace_callback('/' . $this->pattern . '/x',
array(& $this, 'replace'), $string);
- $arr = explode("\x08", make_line_rules(htmlspecialchars($string)));
+ $arr = explode("\x08", make_line_rules(htmlsc($string)));
$retval = '';
while (! empty($arr)) {
$retval .= array_shift($arr) . array_shift($this->result);
$obj = $this->get_converter($arr);
$this->result[] = ($obj !== NULL && $obj->set($arr, $this->page) !== FALSE) ?
- $obj->toString() : make_line_rules(htmlspecialchars($arr[0]));
+ $obj->toString() : make_line_rules(htmlsc($arr[0]));
return "\x08"; // Add a mark into latest processed part
}
function toString() {}
// Private: Get needed parts from a matched array()
- function splice($arr) {
+ function splice($arr)
+ {
$count = $this->get_count() + 1;
$arr = array_pad(array_splice($arr, $this->start, $count), $count, '');
$this->text = $arr[0];
$this->name = $name;
$this->body = $body;
$this->type = $type;
- if (is_url($alias) && preg_match('/\.(gif|png|jpe?g)$/i', $alias)) {
- $alias = htmlspecialchars($alias);
- $alias = '<img src="' . $alias . '" alt="' . $name . '" />';
+ if (! PKWK_DISABLE_INLINE_IMAGE_FROM_URI &&
+ is_url($alias) && preg_match('/\.(gif|png|jpe?g)$/i', $alias)) {
+ $alias = '<img src="' . htmlsc($alias) . '" alt="' . $name . '" />';
} else if ($alias != '') {
if ($converter === NULL)
$converter = new InlineConverter(array('plugin'));
} else {
// No such plugin, or Failed
$body = (($body == '') ? '' : '{' . $body . '}') . ';';
- return make_line_rules(htmlspecialchars('&' . $this->plain) . $body);
+ return make_line_rules(htmlsc('&' . $this->plain) . $body);
}
}
}
{
return <<<EOD
\(\(
- ((?:(?R)|(?!\)\)).)*) # (1) note body
+ ((?>(?=\(\()(?R)|(?!\)\)).)*) # (1) note body
\)\)
EOD;
}
function set($arr, $page)
{
- global $foot_explain, $script, $vars;
+ global $foot_explain, $vars;
static $note_id = 0;
list(, $body) = $this->splice($arr);
+ if (PKWK_ALLOW_RELATIVE_FOOTNOTE_ANCHOR) {
+ $script = '';
+ } else {
+ $script = get_script_uri() . '?' . pagename_urlencode($page);
+ }
+
$id = ++$note_id;
$note = make_link($body);
- $page = isset($vars['page']) ? htmlspecialchars($vars['page']) : '';
+ $page = isset($vars['page']) ? rawurlencode($vars['page']) : '';
// Footnote
- $foot_explain[$id] = <<<EOD
-<a id="notefoot_$id" href="$script?$page#notetext_$id" class="note_super">*$id</a>
-<span class="small">$note</span>
-<br />
-EOD;
+ $foot_explain[$id] = '<a id="notefoot_' . $id . '" href="' .
+ $script . '#notetext_' . $id . '" class="note_super">*' .
+ $id . '</a>' . "\n" .
+ '<span class="small">' . $note . '</span><br />';
+
// A hyperlink, content-body to footnote
- $name = '<a id="notetext_' . $id . '" href="' . $script . '?' . $page .
- '#notefoot_' . $id . '" class="note_super" title="' .
- htmlspecialchars(strip_tags($note)) . '">*' . $id . '</a>';
+ if (! is_numeric(PKWK_FOOTNOTE_TITLE_MAX) || PKWK_FOOTNOTE_TITLE_MAX <= 0) {
+ $title = '';
+ } else {
+ $title = strip_tags($note);
+ $count = mb_strlen($title, SOURCE_ENCODING);
+ $title = mb_substr($title, 0, PKWK_FOOTNOTE_TITLE_MAX, SOURCE_ENCODING);
+ $abbr = (mb_strlen($title) < $count) ? '...' : '';
+ $title = ' title="' . $title . $abbr . '"';
+ }
+ $name = '<a id="notetext_' . $id . '" href="' . $script .
+ '#notefoot_' . $id . '" class="note_super"' . $title .
+ '>*' . $id . '</a>';
return parent::setParam($page, $name, $body);
}
{
$s1 = $this->start + 1;
return <<<EOD
-(\[\[ # (1) open bracket
- ((?:(?!\]\]).)+) # (2) alias
+((?:\[\[))? # (1) open bracket
+((?($s1) # (2) alias
+((?:(?!\]\]).)+) # (3) alias name
(?:>|:)
-)?
-( # (3) url
+))?
+( # (4) url
(?:(?:https?|ftp|news):\/\/|mailto:)[\w\/\@\$()!?&%#:;.,~'=*+-]+
)
(?($s1)\]\]) # close bracket
function get_count()
{
- return 3;
+ return 4;
}
function set($arr, $page)
{
- list(, , $alias, $name) = $this->splice($arr);
- return parent::setParam($page, htmlspecialchars($name),
+ list(, , , $alias, $name) = $this->splice($arr);
+ return parent::setParam($page, htmlsc($name),
'', 'url', $alias == '' ? $name : $alias);
}
function toString()
{
- if (! PKWK_SAFE_MODE && PKWK_READONLY) {
+ if (FALSE) {
$rel = '';
} else {
$rel = ' rel="nofollow"';
function set($arr, $page)
{
list(, $name, $alias) = $this->splice($arr);
- return parent::setParam($page, htmlspecialchars($name), '', 'url', $alias);
+ return parent::setParam($page, htmlsc($name), '', 'url', $alias);
}
function toString()
$url = get_interwiki_url($name, $this->param);
$this->url = ($url === FALSE) ?
- $script . '?' . rawurlencode('[[' . $name . ':' . $this->param . ']]') :
- htmlspecialchars($url);
+ $script . '?' . pagename_urlencode('[[' . $name . ':' . $this->param . ']]') :
+ htmlsc($url);
return parent::setParam(
$page,
- htmlspecialchars($name . ':' . $this->param),
+ htmlsc($name . ':' . $this->param),
'',
'InterWikiName',
$alias == '' ? $name . ':' . $this->param : $alias
function toString()
{
- return make_pagelink($this->name, $this->alias, '', $this->page);
+ return make_pagelink($this->name, $this->alias, '', $this->page, TRUE);
}
}
}
// Make hyperlink for the page
-function make_pagelink($page, $alias = '', $anchor = '', $refer = '')
+function make_pagelink($page, $alias = '', $anchor = '', $refer = '', $isautolink = FALSE)
{
global $script, $vars, $link_compact, $related, $_symbol_noexists;
- $s_page = htmlspecialchars(strip_bracket($page));
+ $s_page = htmlsc(strip_bracket($page));
$s_alias = ($alias == '') ? $s_page : $alias;
if ($page == '') return '<a href="' . $anchor . '">' . $s_alias . '</a>';
- $r_page = rawurlencode($page);
+ $r_page = pagename_urlencode($page);
$r_refer = ($refer == '') ? '' : '&refer=' . rawurlencode($refer);
- if (! isset($related[$page]) && $page != $vars['page'] && is_page($page))
+ if (! isset($related[$page]) && $page !== $vars['page'] && is_page($page))
$related[$page] = get_filetime($page);
- if (is_page($page)) {
- // Hyperlinks
- $passage = get_pg_passage($page, FALSE);
- $title = $link_compact ? '' : ' title="' . $s_page . $passage . '"';
- return '<a href="' . $script . '?' . $r_page . $anchor . '"' . $title . '>' .
- $s_alias . '</a>';
- } else if (PKWK_READONLY) {
- // Without hyperlink (= Suppress dangling link)
- return $s_alias;
+ if ($isautolink || is_page($page)) {
+ // Hyperlink to the page
+ if ($link_compact) {
+ $title = '';
+ } else {
+ $title = ' title="' . $s_page . get_pg_passage($page, FALSE) . '"';
+ }
+
+ // AutoLink marker
+ if ($isautolink) {
+ $al_left = '<!--autolink-->';
+ $al_right = '<!--/autolink-->';
+ } else {
+ $al_left = $al_right = '';
+ }
+
+ return $al_left . '<a ' . 'href="' . $script . '?' . $r_page . $anchor .
+ '"' . $title . '>' . $s_alias . '</a>' . $al_right;
} else {
- // Dangling links
+ // Dangling link
+ if (PKWK_READONLY) return $s_alias; // No dacorations
+
$retval = $s_alias . '<a href="' .
$script . '?cmd=edit&page=' . $r_page . $r_refer . '">' .
$_symbol_noexists . '</a>';
- if (! $link_compact)
- $retval = '<span class="noexists">' . $retval . '</span>';
- return $retval;
+
+ if ($link_compact) {
+ return $retval;
+ } else {
+ return '<span class="noexists">' . $retval . '</span>';
+ }
}
}
// Encoding
switch ($opt) {
- case '':
- case 'std': // As-Is (Internal encoding of this PukiWiki will be used)
+ case '': /* FALLTHROUGH */
+ case 'std': // Simply URL-encode the string, whose base encoding is the internal-encoding
$param = rawurlencode($param);
break;
- case 'asis': // As-Is
- case 'raw':
- // $param = htmlspecialchars($param);
+ case 'asis': /* FALLTHROUGH */
+ case 'raw' : // Truly as-is
break;
case 'yw': // YukiWiki
if (! preg_match('/' . $WikiName . '/', $param))
$param = '[[' . mb_convert_encoding($param, 'SJIS', SOURCE_ENCODING) . ']]';
- // $param = htmlspecialchars($param);
break;
case 'moin': // MoinMoin
break;
default:
- // Alias conversion
- if (isset($encode_aliases[$opt])) $opt = $encode_aliases[$opt];
+ // Alias conversion of $opt
+ if (isset($encode_aliases[$opt])) $opt = & $encode_aliases[$opt];
+
// Encoding conversion into specified encode, and URLencode
- $param = rawurlencode(mb_convert_encoding($param, $opt, 'auto'));
+ if (strpos($url, '$1') === FALSE && substr($url, -1) === '?') {
+ // PukiWiki site
+ $param = pagename_urlencode(mb_convert_encoding($param, $opt, SOURCE_ENCODING));
+ } else {
+ $param = rawurlencode(mb_convert_encoding($param, $opt, SOURCE_ENCODING));
+ }
}
- // Replace parameters
+ // Replace or Add the parameter
if (strpos($url, '$1') !== FALSE) {
$url = str_replace('$1', $param, $url);
} else {
return $url;
}
-?>