From: umorigu <umorigu@gmail.com>
Date: Sun, 13 Mar 2022 16:47:00 +0000 (+0900)
Subject: BugTrack/84 Limit page name length: 115 bytes(soft); 125 bytes(hard)
X-Git-Tag: r1_5_4~9
X-Git-Url: http://git.osdn.net/view?p=pukiwiki%2Fpukiwiki.git;a=commitdiff_plain;h=268a1affeb1d2c91c182e3f4581099d4c434aeeb

BugTrack/84 Limit page name length: 115 bytes(soft); 125 bytes(hard)

Limit Page name length for wiki and ref files.

* Normally - 115 bytes (38 Japaneses chars); 230 bytes in wiki base name.
* Hard limit - 125 bytes (41 Japaneses chars); 250 bytes in wiki base name.

For existing page in history, we can name long page within hard limit.
---

diff --git a/lib/func.php b/lib/func.php
index 2f11e94..ec1e3da 100644
--- a/lib/func.php
+++ b/lib/func.php
@@ -16,6 +16,11 @@ define('PKWK_URI_ROOT', 1);
 /** Absolute URI. */
 define('PKWK_URI_ABSOLUTE', 2);
 
+/** New page name - its length is need to be within the soft limit. */
+define('PKWK_PAGENAME_BYTES_SOFT_LIMIT', 115);
+/** Page name - its length is need to be within the hard limit. */
+define('PKWK_PAGENAME_BYTES_HARD_LIMIT', 125);
+
 function pkwk_log($message)
 {
 	$log_filepath = 'log/error.log.php';
@@ -144,6 +149,32 @@ function is_page($page, $clearcache = FALSE)
 	return file_exists(get_filename($page));
 }
 
+function is_pagename_bytes_within_soft_limit($page)
+{
+	return strlen($page) <= PKWK_PAGENAME_BYTES_SOFT_LIMIT;
+}
+
+function is_pagename_bytes_within_hard_limit($page)
+{
+	return strlen($page) <= PKWK_PAGENAME_BYTES_SOFT_LIMIT;
+}
+
+function page_exists_in_history($page)
+{
+	if (is_page($page)) {
+		return true;
+	}
+	$diff_file = DIFF_DIR . encode($page) . '.txt';
+	if (file_exists($diff_file)) {
+		return true;
+	}
+	$backup_file = BACKUP_DIR . encode($page) . BACKUP_EXT;
+	if (file_exists($backup_file)) {
+		return true;
+	}
+	return false;
+}
+
 function is_editable($page)
 {
 	global $cantedit;
diff --git a/lib/link.php b/lib/link.php
index 6a5d568..8ca3088 100644
--- a/lib/link.php
+++ b/lib/link.php
@@ -1,7 +1,7 @@
 <?php
 // PukiWiki - Yet another WikiWikiWeb clone
 // link.php
-// Copyright 2003-2020 PukiWiki Development Team
+// Copyright 2003-2022 PukiWiki Development Team
 // License: GPL v2 or (at your option) any later version
 //
 // Backlinks / AutoLinks related functions
@@ -211,6 +211,11 @@ function links_add($page, $add, $rel_auto)
 			}
 			unlink($ref_file);
 		}
+		if (! $is_page) {
+			if (! is_pagename_bytes_within_soft_limit($_page)) {
+				continue;
+			}
+		}
 		if ($is_page || ! $all_auto) {
 			$fp = fopen($ref_file, 'w')
 				 or die_message('cannot write ' . htmlsc($ref_file));
diff --git a/plugin/edit.inc.php b/plugin/edit.inc.php
index 2a9559c..7021728 100644
--- a/plugin/edit.inc.php
+++ b/plugin/edit.inc.php
@@ -1,7 +1,7 @@
 <?php
 // PukiWiki - Yet another WikiWikiWeb clone.
 // edit.inc.php
-// Copyright 2001-2019 PukiWiki Development Team
+// Copyright 2001-2022 PukiWiki Development Team
 // License: GPL v2 or (at your option) any later version
 //
 // Edit plugin (cmd=edit)
@@ -31,13 +31,36 @@ function plugin_edit_action()
 	} else if (isset($vars['cancel'])) {
 		return plugin_edit_cancel();
 	}
-
+	ensure_valid_page_name_length($page);
 	$postdata = @join('', get_source($page));
 	if ($postdata === '') $postdata = auto_template($page);
 	$postdata = remove_author_info($postdata);
 	return array('msg'=>$_title_edit, 'body'=>edit_form($page, $postdata));
 }
 
+function ensure_valid_page_name_length($page)
+{
+	if (is_page($page)) {
+		// Continue
+	} else {
+		if (is_pagename_bytes_within_soft_limit($page)) {
+			// Continue
+		} else {
+			if (page_exists_in_history($page)) {
+				if (is_pagename_bytes_within_hard_limit($page)) {
+					// Continue
+				} else {
+					die_message('Page name too long (hard limit): ' . htmlsc($page));
+					exit;
+				}
+			} else {
+				die_message('Page name too long: ' . htmlsc($page));
+				exit;
+			}
+		}
+	}
+}
+
 /**
  * Preview with template
  */
@@ -203,6 +226,7 @@ function plugin_edit_write()
 	$add    = isset($vars['add'])    ? $vars['add']    : '';
 	$digest = isset($vars['digest']) ? $vars['digest'] : '';
 
+	ensure_valid_page_name_length($page);
 	$vars['msg'] = preg_replace(PLUGIN_EDIT_FREEZE_REGEX, '', $vars['msg']);
 	$msg = & $vars['msg']; // Reference