// PukiWiki - Yet another WikiWikiWeb clone.
// back.inc.php
// Copyright
-// 2003-2016 PukiWiki Development Team
+// 2003-2018 PukiWiki Development Team
// 2002 Katsumi Saito <katsumi@jo1upk.ymt.prug.or.jp>
//
// back plugin
if ($href != '') {
if (PLUGIN_BACK_ALLOW_PAGELINK) {
if (is_url($href)) {
- $href = rawurlencode($href);
+ $href = htmlsc($href);
} else {
+ $refer = isset($vars['page']) ? $vars['page'] : '';
$array = anchor_explode($href);
- $array[0] = rawurlencode($array[0]);
- $array[1] = ($array[1] != '') ? '#' . rawurlencode($array[1]) : '';
- $href = $script . '?' . $array[0] . $array[1];
- $link = is_page($array[0]);
+ $page = get_fullname($array[0], $refer);
+ if (! is_pagename($page)) {
+ return PLUGIN_BACK_USAGE;
+ }
+ $anchor = ($array[1] != '') ? '#' . rawurlencode($array[1]) : '';
+ $href = get_page_uri($page) . $anchor;
+ $link = is_page($page);
}
} else {
- $href = rawurlencode($href);
+ if (is_url($href)) {
+ $href = htmlsc($href);
+ } else {
+ return PLUGIN_BACK_USAGE . ': Set a page name or an URI';
+ }
}
} else {
if (! PLUGIN_BACK_ALLOW_JAVASCRIPT)