diff -urN pukiwiki-1_5_0_eucjp/cache/3A636F6E6669672F5061676552656164696E67.rel pukiwiki_1_5_1-beta1-f502_eucjp/cache/3A636F6E6669672F5061676552656164696E67.rel
--- pukiwiki-1_5_0_eucjp/cache/3A636F6E6669672F5061676552656164696E67.rel 2006-06-04 13:34:41.000000000 +0900
+++ pukiwiki_1_5_1-beta1-f502_eucjp/cache/3A636F6E6669672F5061676552656164696E67.rel 2014-11-26 01:40:37.000000000 +0900
@@ -1 +1 @@
-PageReading :config/PageReading/dict :config/plugin/attach/mime-type :config/plugin/referer/config :config/plugin/tracker/default :config/plugin/tracker/default/form :config/plugin/tracker/default/list :config/plugin/tracker/default/page BracketName FormattingRules FrontPage Help InterWiki InterWikiName InterWikiSandBox MenuBar PHP PukiWiki RecentChanges SandBox WikiEngines WikiName WikiWikiWeb YukiWiki
\ No newline at end of file
+PageReading :config/PageReading/dict :config/plugin/attach/mime-type :config/plugin/tracker/default :config/plugin/tracker/default/form :config/plugin/tracker/default/list :config/plugin/tracker/default/page BracketName FormattingRules FrontPage Help InterWiki InterWikiName InterWikiSandBox MenuBar PHP PukiWiki RecentChanges SandBox WikiEngines WikiName WikiWikiWeb YukiWiki
\ No newline at end of file
diff -urN pukiwiki-1_5_0_eucjp/cache/50756B6957696B692F312E342F4D616E75616C2F506C7567696E2F4F2D52.rel pukiwiki_1_5_1-beta1-f502_eucjp/cache/50756B6957696B692F312E342F4D616E75616C2F506C7567696E2F4F2D52.rel
--- pukiwiki-1_5_0_eucjp/cache/50756B6957696B692F312E342F4D616E75616C2F506C7567696E2F4F2D52.rel 2006-06-04 13:34:41.000000000 +0900
+++ pukiwiki_1_5_1-beta1-f502_eucjp/cache/50756B6957696B692F312E342F4D616E75616C2F506C7567696E2F4F2D52.rel 2014-11-26 01:40:37.000000000 +0900
@@ -1 +1 @@
-PukiWiki MenuBar FrontPage PukiWiki/1.4/Manual/Plugin/A-D InterWiki RecentChanges WikiName BracketName RenameLog TrackBack
\ No newline at end of file
+PukiWiki MenuBar FrontPage PukiWiki/1.4/Manual/Plugin/A-D InterWiki RecentChanges WikiName BracketName RenameLog
\ No newline at end of file
diff -urN pukiwiki-1_5_0_eucjp/cache/50756B6957696B692F312E342F4D616E75616C2F506C7567696E2F532D55.rel pukiwiki_1_5_1-beta1-f502_eucjp/cache/50756B6957696B692F312E342F4D616E75616C2F506C7567696E2F532D55.rel
--- pukiwiki-1_5_0_eucjp/cache/50756B6957696B692F312E342F4D616E75616C2F506C7567696E2F532D55.rel 2006-06-04 13:34:41.000000000 +0900
+++ pukiwiki_1_5_1-beta1-f502_eucjp/cache/50756B6957696B692F312E342F4D616E75616C2F506C7567696E2F532D55.rel 2014-11-26 01:40:37.000000000 +0900
@@ -1 +1 @@
-PukiWiki PukiWiki/1.4/Manual/Plugin/A-D MenuBar TrackBack
\ No newline at end of file
+PukiWiki PukiWiki/1.4/Manual/Plugin/A-D MenuBar
\ No newline at end of file
diff -urN pukiwiki-1_5_0_eucjp/cache/recent.dat pukiwiki_1_5_1-beta1-f502_eucjp/cache/recent.dat
--- pukiwiki-1_5_0_eucjp/cache/recent.dat 2006-01-10 00:22:02.000000000 +0900
+++ pukiwiki_1_5_1-beta1-f502_eucjp/cache/recent.dat 1970-01-01 09:00:00.000000000 +0900
@@ -1,25 +0,0 @@
-1136849896 FrontPage
-1136845400 InterWiki
-1136836572 Help
-1136836496 FormattingRules
-1136835756 BracketName
-1136835734 PukiWiki
-1136835670 SandBox
-1136835670 WikiEngines
-1136835670 WikiWikiWeb
-1136835670 WikiName
-1136835670 YukiWiki
-1136835669 PukiWiki/1.4/Manual/Plugin/S-U
-1136835669 PukiWiki/1.4/Manual/Plugin/V-Z
-1136835669 PukiWiki/1.4/Manual/Plugin/O-R
-1136835669 PukiWiki/1.4/Manual/Plugin/A-D
-1136835669 PukiWiki/1.4/Manual/Plugin/L-N
-1136835669 PukiWiki/1.4/Manual/Plugin/E-G
-1136835669 PukiWiki/1.4/Manual/Plugin/H-K
-1136835668 PHP
-1136835668 InterWikiName
-1136835668 InterWikiSandBox
-1136835668 PukiWiki/1.4/Manual
-1136835668 PukiWiki/1.4/Manual/Plugin
-1136835668 PukiWiki/1.4
-1136835668 MenuBar
diff -urN pukiwiki-1_5_0_eucjp/en.lng.php pukiwiki_1_5_1-beta1-f502_eucjp/en.lng.php
--- pukiwiki-1_5_0_eucjp/en.lng.php 2006-04-11 02:37:08.000000000 +0900
+++ pukiwiki_1_5_1-beta1-f502_eucjp/en.lng.php 2016-02-13 23:01:30.000000000 +0900
@@ -1,8 +1,8 @@
The comment was added, alhough it may be inserted in the wrong position.
';
+$_comment_plugin_fail_msg = 'It seems that someone has already updated the page you were editing.
+ Failed to add the comment.
';
///////////////////////////////////////
// deleted.inc.php
@@ -330,19 +329,6 @@
error:%s
', @@ -440,4 +426,12 @@ // yetlist.inc.php $_title_yetlist = 'List of pages which have not yet been created.'; $_err_notexist = 'All pages have been created.'; -?> + +/////////////////////////////////////// +// loginform.inc.php +$_loginform_messages = array( + 'username' => 'Username', + 'password' => 'Password', + 'login' => 'Log in', + 'invalid_username_or_password' => 'The username or password you entered is incorrect' +); diff -urN pukiwiki-1_5_0_eucjp/.gitignore pukiwiki_1_5_1-beta1-f502_eucjp/.gitignore --- pukiwiki-1_5_0_eucjp/.gitignore 1970-01-01 09:00:00.000000000 +0900 +++ pukiwiki_1_5_1-beta1-f502_eucjp/.gitignore 2016-01-11 01:22:46.000000000 +0900 @@ -0,0 +1,19 @@ +/wiki +/attach +/backup +/cache +/counter +/diff + +/attach/*.[0-9] +/attach/*.log +/backup/*.gz +/cache/*.ref +/cache/*.rel +/counter/*.count +/diff/*.txt +/wiki/*.txt +/wiki.en/*.txt + +/nbproject/** + diff -urN pukiwiki-1_5_0_eucjp/INSTALL.txt pukiwiki_1_5_1-beta1-f502_eucjp/INSTALL.txt --- pukiwiki-1_5_0_eucjp/INSTALL.txt 2014-06-10 02:26:12.000000000 +0900 +++ pukiwiki_1_5_1-beta1-f502_eucjp/INSTALL.txt 2016-02-13 23:01:30.000000000 +0900 @@ -1,14 +1,12 @@ 名前 PukiWiki - 自由にページを追加・削除・編集できるWebページ構築スクリプト - Version 1.5.0 - Copyright (C) - 2001-2005 PukiWiki Developers Team + Version 1.5.1 + Copyright + 2001-2016 PukiWiki Development Team 2001-2002 yu-ji (Based on PukiWiki 1.3 by yu-ji) License: GPL version 2 or (at your option) any later version - $Id: INSTALL.txt,v 1.8 2005/12/06 14:59:29 henoheno Exp $ - インストール PukiWikiはPHPスクリプトであるため、(例えばPerlのように)スクリプトに実行権 を付ける必要はありません。CGI起動でないのであれば、スクリプトの一行目を修 @@ -18,7 +16,7 @@ まサーバーに転送し、サーバー上で解凍(tar pzxf pukiwiki*.tar.gz) するだけ でパーミッションの設定も行われ、すぐに使い始める事ができるでしょう。 - スクリプトの中の日本語は(あれば、基本的に)EUC-JPで、また改行コードはLFで + スクリプトの中の日本語は(あれば、基本的に)UTF-8で、また改行コードはLFで 記述されています。スクリプトを直接編集する場合は、日本語文字コードと改行 コードの自動判別ができ、それを元のまま保存できるテキストエディタを使用し て下さい。 @@ -77,7 +75,6 @@ lib 755 ライブラリ plugin 755 プラグイン skin 755 スキン、CSS、JavaScirptファイル - trackback 777 TrackBackファイル格納ディレクトリ wiki 777 データの格納ディレクトリ ファイル パーミッション データの種類(参考) @@ -178,7 +175,7 @@ バックアップとリストア ページの最新データを収めているディレクトリ(デフォルトの名前は wiki)以下 を、また必要に応じて他のデータを収めているディレクトリ以下をバックアップし - て下さい。(同 attach, backup, cache, counter, diff, trackback) + て下さい。(同 attach, backup, cache, counter, diff) cacheディレクトリもバックアップすることをお薦めします。 1. cache/*.rel ファイルと cache/*.ref ファイルは linksプラグイン で再生 diff -urN pukiwiki-1_5_0_eucjp/ja.lng.php pukiwiki_1_5_1-beta1-f502_eucjp/ja.lng.php --- pukiwiki-1_5_0_eucjp/ja.lng.php 2006-04-11 02:37:08.000000000 +0900 +++ pukiwiki_1_5_1-beta1-f502_eucjp/ja.lng.php 2016-02-13 23:01:30.000000000 +0900 @@ -1,8 +1,8 @@ コメントを追加しましたが、違う位置に挿入されているかもしれません。エラー:%s
', @@ -442,4 +428,12 @@ // yetlist.inc.php $_title_yetlist = '未作成のページ一覧'; $_err_notexist = '未作成のページはありません。'; -?> + +/////////////////////////////////////// +// loginform.inc.php +$_loginform_messages = array( + 'username' => 'ユーザー名:', + 'password' => 'パスワード:', + 'login' => 'ログイン', + 'invalid_username_or_password' => 'ユーザー名またはパスワードが違います' +); diff -urN pukiwiki-1_5_0_eucjp/lib/auth.php pukiwiki_1_5_1-beta1-f502_eucjp/lib/auth.php --- pukiwiki-1_5_0_eucjp/lib/auth.php 2014-06-02 05:57:45.000000000 +0900 +++ pukiwiki_1_5_1-beta1-f502_eucjp/lib/auth.php 2016-02-13 23:01:30.000000000 +0900 @@ -8,6 +8,18 @@ define('PKWK_PASSPHRASE_LIMIT_LENGTH', 512); +///////////////////////////////////////////////// +// Auth type + +define('AUTH_TYPE_NONE', 0); +define('AUTH_TYPE_BASIC', 1); +define('AUTH_TYPE_EXTERNAL', 2); +define('AUTH_TYPE_FORM', 3); + +define('AUTH_TYPE_EXTERNAL_REMOTE_USER', 4); +define('AUTH_TYPE_EXTERNAL_X_FORWARDED_USER', 5); + + // Passwd-auth related ---- function pkwk_login($pass = '') @@ -168,8 +180,8 @@ // Basic authentication function basic_auth($page, $auth_flag, $exit_flag, $auth_pages, $title_cannot) { - global $auth_method_type, $auth_users, $_msg_auth; - + global $auth_method_type, $auth_users, $_msg_auth, $auth_user, $auth_groups; + global $auth_user_groups, $auth_type, $g_query_string; // Checked by: $target_str = ''; if ($auth_method_type == 'pagename') { @@ -186,31 +198,29 @@ if (empty($user_list)) return TRUE; // No limit $matches = array(); - if (! isset($_SERVER['PHP_AUTH_USER']) && - ! isset($_SERVER ['PHP_AUTH_PW']) && - isset($_SERVER['HTTP_AUTHORIZATION']) && - preg_match('/^Basic (.*)$/', $_SERVER['HTTP_AUTHORIZATION'], $matches)) - { - - // Basic-auth with $_SERVER['HTTP_AUTHORIZATION'] - list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = - explode(':', base64_decode($matches[1])); - } - if (PKWK_READONLY || - ! isset($_SERVER['PHP_AUTH_USER']) || - ! in_array($_SERVER['PHP_AUTH_USER'], $user_list) || - ! isset($auth_users[$_SERVER['PHP_AUTH_USER']]) || - pkwk_hash_compute( - $_SERVER['PHP_AUTH_PW'], - $auth_users[$_SERVER['PHP_AUTH_USER']] - ) !== $auth_users[$_SERVER['PHP_AUTH_USER']]) + ! $auth_user || + count(array_intersect($auth_user_groups, $user_list)) === 0) { // Auth failed pkwk_common_headers(); - if ($auth_flag) { - header('WWW-Authenticate: Basic realm="' . $_msg_auth . '"'); - header('HTTP/1.0 401 Unauthorized'); + if ($auth_flag && !$auth_user) { + if (AUTH_TYPE_BASIC === $auth_type) { + header('WWW-Authenticate: Basic realm="' . $_msg_auth . '"'); + header('HTTP/1.0 401 Unauthorized'); + } elseif (AUTH_TYPE_FORM === $auth_type) { + $url_after_login = get_script_uri() . '?' . $g_query_string; + $loginurl = get_script_uri() . '?plugin=loginform' + . '&page=' . rawurlencode($page) + . '&url_after_login=' . rawurlencode($url_after_login); + header('HTTP/1.0 302 Found'); + header('Location: ' . $loginurl); + } elseif (AUTH_TYPE_EXTERNAL === $auth_type) { + $url_after_login = get_script_uri() . '?' . $g_query_string; + $loginurl = get_auth_external_login_url($page, $url_after_login); + header('HTTP/1.0 302 Found'); + header('Location: ' . $loginurl); + } } if ($exit_flag) { $body = $title = str_replace('$1', @@ -224,4 +234,293 @@ return TRUE; } } -?> + +/** + * Send 401 if client send a invalid credentials + * + * @return true if valid, false if invalid credentials + */ +function ensure_valid_auth_user() +{ + global $auth_type, $auth_users, $_msg_auth, $auth_user, $auth_groups; + global $auth_user_groups, $auth_user_fullname; + global $ldap_user_account; + global $read_auth, $edit_auth; + if ($read_auth || $edit_auth) { + switch ($auth_type) { + case AUTH_TYPE_BASIC: + case AUTH_TYPE_FORM: + case AUTH_TYPE_EXTERNAL: + case AUTH_TYPE_EXTERNAL_REMOTE_USER: + case AUTH_TYPE_EXTERNAL_X_FORWARDED_USER: + break; + default: + // $auth_type is not valid, Set form auth as default + $auth_type = AUTH_TYPE_FORM; + } + } + switch ($auth_type) { + case AUTH_TYPE_BASIC: + { + if (isset($_SERVER['PHP_AUTH_USER'])) { + $user = $_SERVER['PHP_AUTH_USER']; + if (in_array($user, array_keys($auth_users))) { + if (pkwk_hash_compute( + $_SERVER['PHP_AUTH_PW'], + $auth_users[$user]) === $auth_users[$user]) { + $auth_user = $user; + $auth_user_fullname = $auth_user; + $auth_user_groups = get_groups_from_username($user); + return true; + } + } + header('WWW-Authenticate: Basic realm="' . $_msg_auth . '"'); + header('HTTP/1.0 401 Unauthorized'); + } + $auth_user = ''; + $auth_user_groups = get_groups_from_username($user); + return true; // no auth input + } + case AUTH_TYPE_FORM: + case AUTH_TYPE_EXTERNAL: + { + session_start(); + $user = ''; + $fullname = ''; + if (isset($_SESSION['authenticated_user'])) { + $user = $_SESSION['authenticated_user']; + if (isset($_SESSION['authenticated_user_fullname'])) { + $fullname = $_SESSION['authenticated_user_fullname']; + } else { + $fullname = $user; + if ($auth_type === AUTH_TYPE_EXTERNAL && $ldap_user_account) { + $ldap_user_info = ldap_get_simple_user_info($user); + if ($ldap_user_info) { + $fullname = $ldap_user_info['fullname']; + } + } + $_SESSION['authenticated_user_fullname'] = $fullname; + } + } + $auth_user = $user; + $auth_user_fullname = $fullname; + break; + } + case AUTH_TYPE_EXTERNAL_REMOTE_USER: + $auth_user = $_SERVER['REMOTE_USER']; + $auth_user_fullname = $auth_user; + break; + case AUTH_TYPE_EXTERNAL_X_FORWARDED_USER: + $auth_user = $_SERVER['HTTP_X_FORWARDED_USER']; + $auth_user_fullname = $auth_user; + break; + default: // AUTH_TYPE_NONE + $auth_user = ''; + $auth_user_fullname = ''; + break; + } + $auth_user_groups = get_groups_from_username($auth_user); + return true; // is not basic auth +} + +/** + * Return group name array whose group contains the user + * + * Result array contains reserved 'valid-user' group for all authenticated user + * @global array $auth_groups + * @param string $user + * @return array + */ +function get_groups_from_username($user) +{ + global $auth_groups; + if ($user !== '') { + $groups = array(); + foreach ($auth_groups as $group=>$users) { + $sp = explode(',', $users); + if (in_array($user, $sp)) { + $groups[] = $group; + } + } + // Implecit group that has same name as user itself + $groups[] = $user; + // 'valid-user' group for + $valid_user = 'valid-user'; + if (!in_array($valid_user, $groups)) { + $groups[] = $valid_user; + } + return $groups; + } + return array(); +} + +/** + * Get authenticated user name. + * + * @global type $auth_user + * @return type + */ +function get_auth_user() +{ + global $auth_user; + return $auth_user; +} + +/** + * Sign in with username and password + * + * @param String username + * @param String password + * @return true is sign in is OK + */ +function form_auth($username, $password) +{ + global $ldap_user_account, $auth_users; + $user = $username; + if ($ldap_user_account) { + // LDAP account + return ldap_auth($username, $password); + } else { + // Defined users in pukiwiki.ini.php + if (in_array($user, array_keys($auth_users))) { + if (pkwk_hash_compute( + $password, + $auth_users[$user]) === $auth_users[$user]) { + session_start(); + session_regenerate_id(true); // require: PHP5.1+ + $_SESSION['authenticated_user'] = $user; + $_SESSION['authenticated_user_fullname'] = $user; + return true; + } + } + } + return false; +} + +function ldap_auth($username, $password) +{ + global $ldap_server, $ldap_base_dn, $ldap_bind_dn, $ldap_bind_password; + $ldapconn = ldap_connect($ldap_server); + if ($ldapconn) { + ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3); + ldap_set_option($ldapconn, LDAP_OPT_REFERRALS, 0); + if (preg_match('#\$login\b#', $ldap_bind_dn)) { + // Bind by user credential + $bind_dn_user = preg_replace('#\$login#', $username, $ldap_bind_dn); + $ldap_bind_user = ldap_bind($ldapconn, $bind_dn_user, $password); + if ($ldap_bind_user) { + $user_info = get_ldap_user_info($ldapconn, $username, $ldap_base_dn); + if ($user_info) { + session_regenerate_id(true); // require: PHP5.1+ + $_SESSION['authenticated_user'] = $user_info['uid']; + $_SESSION['authenticated_user_fullname'] = $user_info['fullname']; + return true; + } + } + } else { + // Bind by bind dn + $ldap_bind = ldap_bind($ldapconn, $ldap_bind_dn, $ldap_bind_password); + if ($ldap_bind) { + $user_info = get_ldap_user_info($ldapconn, $username, $ldap_base_dn); + if ($user_info) { + $ldap_bind_user2 = ldap_bind($ldapconn, $user_info['dn'], $password); + if ($ldap_bind_user2) { + session_regenerate_id(true); // require: PHP5.1+ + $_SESSION['authenticated_user'] = $user_info['uid']; + $_SESSION['authenticated_user_fullname'] = $user_info['fullname']; + return true; + } + } + } + } + } + return false; +} + +// Get LDAP user info via bind DN +function ldap_get_simple_user_info($username) +{ + global $ldap_server, $ldap_base_dn, $ldap_bind_dn, $ldap_bind_password; + $ldapconn = ldap_connect($ldap_server); + if ($ldapconn) { + ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3); + ldap_set_option($ldapconn, LDAP_OPT_REFERRALS, 0); + // Bind by bind dn + $ldap_bind = ldap_bind($ldapconn, $ldap_bind_dn, $ldap_bind_password); + if ($ldap_bind) { + $user_info = get_ldap_user_info($ldapconn, $username, $ldap_base_dn); + if ($user_info) { + return $user_info; + } + } + } + return false; +} + +/** + * Search user and get 'dn', 'uid', 'fullname' and 'mail' + * @param type $ldapconn + * @param type $username + * @param type $base_dn + * @return boolean + */ +function get_ldap_user_info($ldapconn, $username, $base_dn) { + $filter = "(|(uid=$username)(sAMAccountName=$username))"; + $result1 = ldap_search($ldapconn, $base_dn, $filter, array('dn', 'uid', 'cn', 'samaccountname', 'displayname', 'mail')); + $entries = ldap_get_entries($ldapconn, $result1); + $info = $entries[0]; + if (isset($info['dn'])) { + $user_dn = $info['dn']; + $cano_username = $username; + if (isset($info['uid'][0])) { + $cano_username = $info['uid'][0]; + } elseif (isset($info['samaccountname'][0])) { + $cano_username = $info['samaccountname'][0]; + } + $cano_fullname = $username; + if (isset($info['displayname'][0])) { + $cano_fullname = $info['displayname'][0]; + } elseif (isset($info['cn'][0])) { + $cano_fullname = $info['cn'][0]; + } + return array( + 'dn' => $user_dn, + 'uid' => $cano_username, + 'fullname' => $cano_fullname, + 'mail' => $info['mail'][0] + ); + } + return false; +} + +/** + * Redirect after login. Need to assing location or page + * + * @param type $location + * @param type $page + */ +function form_auth_redirect($location, $page) +{ + header('HTTP/1.0 302 Found'); + if ($location) { + header('Location: ' . $location); + } else { + $url = get_script_uri() . '?' . $page; + header('Location: ' . $url); + } +} + +/** + * Get External Auth log-in URL + */ +function get_auth_external_login_url($page, $url_after_login) { + global $auth_external_login_url_base; + $sep = '&'; + if (strpos($auth_external_login_url_base, '?') === FALSE) { + $sep = '?'; + } + $url = $auth_external_login_url_base . $sep + . 'page=' . rawurlencode($page) + . '&url_after_login=' . rawurlencode($url_after_login); + return $url; +} diff -urN pukiwiki-1_5_0_eucjp/lib/backup.php pukiwiki_1_5_1-beta1-f502_eucjp/lib/backup.php --- pukiwiki-1_5_0_eucjp/lib/backup.php 2014-06-02 05:57:45.000000000 +0900 +++ pukiwiki_1_5_1-beta1-f502_eucjp/lib/backup.php 2016-02-13 23:01:30.000000000 +0900 @@ -11,9 +11,8 @@ * @access public * @author * @create - * @version $Id: backup.php,v 1.13 2011/01/25 15:01:01 henoheno Exp $ * Copyright (C) - * 2002-2006 PukiWiki Developers Team + * 2002-2016 PukiWiki Development Team * 2001-2002 Originally written by yu-ji * License: GPL v2 or (at your option) any later version **/ @@ -29,14 +28,15 @@ * @return Void */ -function make_backup($page, $delete = FALSE) +function make_backup($page, $is_delete, $wikitext) { global $cycle, $maxage; global $do_backup, $del_backup; + global $auth_user; if (PKWK_READONLY || ! $do_backup) return; - if ($del_backup && $delete) { + if ($del_backup && $is_delete) { _backup_delete($page); return; } @@ -44,11 +44,25 @@ if (! is_page($page)) return; $lastmod = _backup_get_filetime($page); - if ($lastmod == 0 || UTIME - $lastmod > 60 * 60 * $cycle) + $backups = get_backup($page); + $is_author_differ = false; + $need_backup_by_time = $lastmod == 0 || UTIME - $lastmod > 60 * 60 * $cycle; + if (!$need_backup_by_time) { + // Backup file is saved recently, but the author may differ. + $last_content = get_source($page, TRUE, TRUE); + $m = array(); + $prev_author = null; + if (preg_match('/^#author\("([^"]+)","([^"]*)","([^"]*)"\)/m', $last_content, $m)) { + $prev_author = preg_replace('/^[^:]+:/', '', $m[2]); + } + if ($prev_author !== $auth_user) { + $is_author_differ = true; + } + } + if ($need_backup_by_time || $is_author_differ || $is_delete) { $backups = get_backup($page); $count = count($backups) + 1; - // 直後に1件追加するので、(最大件数 - 1)を超える要素を捨てる if ($count > $maxage) array_splice($backups, 0, $count - $maxage); @@ -65,12 +79,17 @@ $body = preg_replace('/^(' . preg_quote(PKWK_SPLITTER) . "\s\d+)$/", '$1 ', get_source($page)); $body = PKWK_SPLITTER . ' ' . get_filetime($page) . "\n" . join('', $body); $body = preg_replace("/\n*$/", "\n", $body); - + $body_on_delete = ''; + if ($is_delete) { + $body_on_delete = PKWK_SPLITTER . ' ' . UTIME . "\n" . $wikitext; + $body_on_delete = preg_replace("/\n*$/", "\n", $body_on_delete); + } $fp = _backup_fopen($page, 'wb') or die_message('Cannot open ' . htmlsc(_backup_get_filename($page)) . '(BugTrack/583) +// Escape using
in(BugTrack/583) define('PLUGIN_BR_ESCAPE_BLOCKQUOTE', 1); // ---- diff -urN pukiwiki-1_5_0_eucjp/plugin/bugtrack.inc.php pukiwiki_1_5_1-beta1-f502_eucjp/plugin/bugtrack.inc.php --- pukiwiki-1_5_0_eucjp/plugin/bugtrack.inc.php 2014-06-02 05:57:45.000000000 +0900 +++ pukiwiki_1_5_1-beta1-f502_eucjp/plugin/bugtrack.inc.php 2016-02-13 23:01:30.000000000 +0900 @@ -5,11 +5,7 @@ // 2002-2005, 2007 PukiWiki Developers Team // 2002 Y.MASUI GPL2 http://masui.net/pukiwiki/ masui@masui.net // -// PukiWiki BugTrack plugin -// -// Copyright: -// 2002-2005 PukiWiki Developers Team -// 2002 Y.MASUI GPL2 http://masui.net/pukiwiki/ masui@masui.net +// BugTrack plugin // Numbering format define('PLUGIN_BUGTRACK_NUMBER_FORMAT', '%d'); // Like 'page/1' @@ -181,7 +177,7 @@ $post['version'], $post['body']); pkwk_headers_sent(); - header('Location: ' . get_script_uri() . '?' . rawurlencode($page)); + header('Location: ' . get_script_uri() . '?' . pagename_urlencode($page)); exit; } @@ -240,7 +236,7 @@ - ${_plugin_bugtrack['priority']}: $priority - ${_plugin_bugtrack['state' ]}: $state - ${_plugin_bugtrack['category']}: $category -- ${_plugin_bugtrack['date' ]}: now? +- ${_plugin_bugtrack['date' ]}: &now; - ${_plugin_bugtrack['version' ]}: $version ** ${_plugin_bugtrack['body']} @@ -355,4 +351,4 @@ return array($page, $no, $summary, $name, $priority, $state, $category); } -?> + diff -urN pukiwiki-1_5_0_eucjp/plugin/calendar2.inc.php pukiwiki_1_5_1-beta1-f502_eucjp/plugin/calendar2.inc.php --- pukiwiki-1_5_0_eucjp/plugin/calendar2.inc.php 2014-06-02 05:57:45.000000000 +0900 +++ pukiwiki_1_5_1-beta1-f502_eucjp/plugin/calendar2.inc.php 2016-02-13 23:01:30.000000000 +0900 @@ -105,7 +105,7 @@ while (checkdate($m_num, $day, $year)) { $dt = sprintf('%4d-%02d-%02d', $year, $m_num, $day); $page = $prefix . $dt; - $r_page = rawurlencode($page); + $r_page = pagename_urlencode($page); $s_page = htmlsc($page); if ($wday == 0 && $day > 1) @@ -197,4 +197,4 @@ return $ret; } -?> + diff -urN pukiwiki-1_5_0_eucjp/plugin/calendar_viewer.inc.php pukiwiki_1_5_1-beta1-f502_eucjp/plugin/calendar_viewer.inc.php --- pukiwiki-1_5_0_eucjp/plugin/calendar_viewer.inc.php 2014-06-02 05:57:45.000000000 +0900 +++ pukiwiki_1_5_1-beta1-f502_eucjp/plugin/calendar_viewer.inc.php 2016-02-13 23:01:30.000000000 +0900 @@ -149,9 +149,9 @@ closedir($dir); if ($mode == 'past') { - rsort($pagelist); // New => Old + rsort($pagelist, SORT_STRING); // New => Old } else { - sort($pagelist); // Old => New + sort($pagelist, SORT_STRING); // Old => New } // Include start @@ -173,7 +173,7 @@ $body = str_replace('$1', $page, $_msg_calendar_viewer_restrict); } - $r_page = rawurlencode($page); + $r_page = pagename_urlencode($page); if (PLUGIN_CALENDAR_VIEWER_DATE_FORMAT !== FALSE) { $time = strtotime(basename($page)); // $date_sep must be assumed '-' or ''! @@ -324,10 +324,10 @@ if ($aSepList == '') { // yyymmddとしてチェック(手抜き(^^;) return checkdate(substr($aStr, 4, 2), substr($aStr, 6, 2), substr($aStr, 0, 4)); - } else if (ereg("^([0-9]{2,4})[$aSepList]([0-9]{1,2})[$aSepList]([0-9]{1,2})$", $aStr, $matches) ) { + } else if (preg_match("#^([0-9]{2,4})[$aSepList]([0-9]{1,2})[$aSepList]([0-9]{1,2})$#", $aStr, $matches) ) { return checkdate($matches[2], $matches[3], $matches[1]); } else { return FALSE; } } -?> + diff -urN pukiwiki-1_5_0_eucjp/plugin/comment.inc.php pukiwiki_1_5_1-beta1-f502_eucjp/plugin/comment.inc.php --- pukiwiki-1_5_0_eucjp/plugin/comment.inc.php 2014-06-02 05:57:45.000000000 +0900 +++ pukiwiki_1_5_1-beta1-f502_eucjp/plugin/comment.inc.php 2016-02-13 23:01:30.000000000 +0900 @@ -1,8 +1,8 @@ diff -urN pukiwiki-1_5_0_eucjp/plugin/counter.inc.php pukiwiki_1_5_1-beta1-f502_eucjp/plugin/counter.inc.php --- pukiwiki-1_5_0_eucjp/plugin/counter.inc.php 2006-05-27 22:31:11.000000000 +0900 +++ pukiwiki_1_5_1-beta1-f502_eucjp/plugin/counter.inc.php 2016-02-13 23:01:30.000000000 +0900 @@ -1,12 +1,12 @@ $val) { + + // Read + foreach (array_keys($default) as $key) { // Update $counters[$page][$key] = rtrim(fgets($fp, 256)); if (feof($fp)) break; } + + // Anothoer day? if ($counters[$page]['date'] != $default['date']) { - // New day $modify = TRUE; - $is_yesterday = ($counters[$page]['date'] == get_date('Y/m/d', strtotime('yesterday', UTIME))); + $is_yesterday = ($counters[$page]['date'] == get_date('Y/m/d', UTIME - 24 * 60 * 60)); $counters[$page]['ip'] = $_SERVER['REMOTE_ADDR']; $counters[$page]['date'] = $default['date']; $counters[$page]['yesterday'] = $is_yesterday ? $counters[$page]['today'] : 0; $counters[$page]['today'] = 1; $counters[$page]['total']++; - } else if ($counters[$page]['ip'] != $_SERVER['REMOTE_ADDR']) { // Not the same host $modify = TRUE; @@ -97,6 +101,7 @@ $counters[$page]['today']++; $counters[$page]['total']++; } + // Modify if ($modify && $vars['cmd'] == 'read') { rewind($fp); @@ -104,9 +109,10 @@ foreach (array_keys($default) as $key) fputs($fp, $counters[$page][$key] . "\n"); } + + // Close flock($fp, LOCK_UN); fclose($fp); return $counters[$page]; } -?> diff -urN pukiwiki-1_5_0_eucjp/plugin/diff.inc.php pukiwiki_1_5_1-beta1-f502_eucjp/plugin/diff.inc.php --- pukiwiki-1_5_0_eucjp/plugin/diff.inc.php 2014-06-02 05:57:45.000000000 +0900 +++ pukiwiki_1_5_1-beta1-f502_eucjp/plugin/diff.inc.php 2016-02-13 23:01:30.000000000 +0900 @@ -29,7 +29,7 @@ global $_msg_notfound, $_msg_goto, $_msg_deleted, $_msg_addline, $_msg_delline, $_title_diff; global $_title_diff_delete; - $r_page = rawurlencode($page); + $r_page = pagename_urlencode($page); $s_page = htmlsc($page); $menu = array( @@ -110,4 +110,4 @@ return array('msg'=>$_title_diff_delete, 'body'=>$body); } -?> + diff -urN pukiwiki-1_5_0_eucjp/plugin/dump.inc.php pukiwiki_1_5_1-beta1-f502_eucjp/plugin/dump.inc.php --- pukiwiki-1_5_0_eucjp/plugin/dump.inc.php 2006-01-12 10:01:35.000000000 +0900 +++ pukiwiki_1_5_1-beta1-f502_eucjp/plugin/dump.inc.php 2016-02-13 23:01:30.000000000 +0900 @@ -1,5 +1,9 @@ filename); die_message($dir . ' is not found or not readable.'); } - - while ($filename = readdir($dp)) { - if (preg_match("/$mask/", $filename)) + while (($filename = readdir($dp)) !== FALSE) { + if (preg_match('/' . $mask . '/', $filename)) { $files[] = $dir . $filename; + } } closedir($dp); - sort($files); + sort($files, SORT_STRING); $matches = array(); foreach($files as $name) diff -urN pukiwiki-1_5_0_eucjp/plugin/edit.inc.php pukiwiki_1_5_1-beta1-f502_eucjp/plugin/edit.inc.php --- pukiwiki-1_5_0_eucjp/plugin/edit.inc.php 2014-06-02 05:57:45.000000000 +0900 +++ pukiwiki_1_5_1-beta1-f502_eucjp/plugin/edit.inc.php 2016-02-13 23:01:30.000000000 +0900 @@ -1,7 +1,7 @@ $_title_edit, 'body'=>edit_form($page, $postdata)); } @@ -43,9 +43,7 @@ // Loading template if (isset($vars['template_page']) && is_page($vars['template_page'])) { - - $vars['msg'] = join('', get_source($vars['template_page'])); - + $vars['msg'] = remove_author_info(get_source($vars['template_page'], TRUE, TRUE)); // Cut fixed anchors $vars['msg'] = preg_replace('/^(\*{1,3}.*)\[#[A-Za-z][\w-]+\](.*)$/m', '$1$2', $vars['msg']); } @@ -82,7 +80,7 @@ { static $usage = '&edit(pagename#anchor[[,noicon],nolabel])[{label}];'; - global $script, $vars, $fixed_heading_anchor_edit; + global $vars, $fixed_heading_anchor_edit; if (PKWK_READONLY) return ''; // Show nothing @@ -93,7 +91,7 @@ $s_label = strip_htmltag(array_pop($args), FALSE); $page = array_shift($args); - if ($page == NULL) $page = ''; + if ($page === NULL) $page = ''; $_noicon = $_nolabel = FALSE; foreach($args as $arg){ switch(strtolower($arg)){ @@ -152,6 +150,7 @@ } // URL + $script = get_script_uri(); if ($isfreeze) { $url = $script . '?cmd=unfreeze&page=' . rawurlencode($s_page); } else { @@ -174,7 +173,7 @@ // Write, add, or insert new comment function plugin_edit_write() { - global $vars, $trackback; + global $vars; global $_title_collided, $_msg_collided_auto, $_msg_collided, $_title_deleted; global $notimeupdate, $_msg_invalidpass, $do_update_diff_table; @@ -190,11 +189,12 @@ // Collision Detection $oldpagesrc = join('', get_source($page)); $oldpagemd5 = md5($oldpagesrc); - if ($digest != $oldpagemd5) { + if ($digest !== $oldpagemd5) { $vars['digest'] = $oldpagemd5; // Reset $original = isset($vars['original']) ? $vars['original'] : ''; - list($postdata_input, $auto) = do_update_diff($oldpagesrc, $msg, $original); + $old_body = remove_author_info($oldpagesrc); + list($postdata_input, $auto) = do_update_diff($old_body, $msg, $original); $retvars['msg' ] = $_title_collided; $retvars['body'] = ($auto ? $_msg_collided_auto : $_msg_collided) . "\n"; @@ -221,9 +221,6 @@ page_write($page, $postdata); $retvars['msg' ] = $_title_deleted; $retvars['body'] = str_replace('$1', htmlsc($page), $_title_deleted); - - if ($trackback) tb_delete($page); - return $retvars; } @@ -238,7 +235,7 @@ page_write($page, $postdata, $notimeupdate != 0 && $notimestamp); pkwk_headers_sent(); - header('Location: ' . get_script_uri() . '?' . rawurlencode($page)); + header('Location: ' . get_script_uri() . '?' . pagename_urlencode($page)); exit; } @@ -247,8 +244,6 @@ { global $vars; pkwk_headers_sent(); - header('Location: ' . get_script_uri() . '?' . rawurlencode($vars['page'])); + header('Location: ' . get_script_uri() . '?' . pagename_urlencode($vars['page'])); exit; } - -?> diff -urN pukiwiki-1_5_0_eucjp/plugin/img.inc.php pukiwiki_1_5_1-beta1-f502_eucjp/plugin/img.inc.php --- pukiwiki-1_5_0_eucjp/plugin/img.inc.php 2005-05-28 22:31:57.000000000 +0900 +++ pukiwiki_1_5_1-beta1-f502_eucjp/plugin/img.inc.php 2016-02-13 23:01:30.000000000 +0900 @@ -1,18 +1,19 @@ ' . "\n"); define('PLUGIN_IMG_CLEAR', '' . "\n"); // Stop word-wrapping -// Output inline-image tag from a URI function plugin_img_convert() { if (PKWK_DISABLE_INLINE_IMAGE_FROM_URI) return '#img(): PKWK_DISABLE_INLINE_IMAGE_FROM_URI prohibits this' . - '
' . "\n"; + '
' . "\n"; $args = func_get_args(); diff -urN pukiwiki-1_5_0_eucjp/plugin/include.inc.php pukiwiki_1_5_1-beta1-f502_eucjp/plugin/include.inc.php --- pukiwiki-1_5_0_eucjp/plugin/include.inc.php 2014-06-02 05:57:45.000000000 +0900 +++ pukiwiki_1_5_1-beta1-f502_eucjp/plugin/include.inc.php 2016-02-13 23:01:30.000000000 +0900 @@ -78,7 +78,7 @@ } $s_page = htmlsc($page); - $r_page = rawurlencode($page); + $r_page = pagename_urlencode($page); $link = '' . $s_page . ''; // Read link // I'm stuffed @@ -108,7 +108,7 @@ if ($with_title) { $link = '' . $s_page . ''; - if ($page == $menubar) { + if ($page === $menubar) { $body = '' . $link . '
' . $body . ''; } else { @@ -118,4 +118,4 @@ return $body; } -?> + diff -urN pukiwiki-1_5_0_eucjp/plugin/includesubmenu.inc.php pukiwiki_1_5_1-beta1-f502_eucjp/plugin/includesubmenu.inc.php --- pukiwiki-1_5_0_eucjp/plugin/includesubmenu.inc.php 2014-06-02 05:57:45.000000000 +0900 +++ pukiwiki_1_5_1-beta1-f502_eucjp/plugin/includesubmenu.inc.php 2016-02-13 23:01:30.000000000 +0900 @@ -31,8 +31,8 @@ } else { $SubMenuPageName2 = substr($tmppage,0,$LastSlash) . '/SubMenu'; } - //echo "$SubMenuPageName1
"; - //echo "$SubMenuPageName2
"; + //echo "$SubMenuPageName1
"; + //echo "$SubMenuPageName2
"; //下階層にSubMenuがあるかチェック //あれば、それを使用 if (is_page($SubMenuPageName1)) { diff -urN pukiwiki-1_5_0_eucjp/plugin/insert.inc.php pukiwiki_1_5_1-beta1-f502_eucjp/plugin/insert.inc.php --- pukiwiki-1_5_0_eucjp/plugin/insert.inc.php 2014-06-02 05:57:45.000000000 +0900 +++ pukiwiki_1_5_1-beta1-f502_eucjp/plugin/insert.inc.php 2016-02-13 23:01:30.000000000 +0900 @@ -36,7 +36,7 @@ $postdata_input = $insert . "\n"; $body = ''; - if (md5(@join('', get_source($vars['refer']))) != $vars['digest']) { + if (md5(get_source($vars['refer'], TRUE, TRUE)) !== $vars['digest']) { $title = $_title_collided; $body = $_msg_collided . "\n"; diff -urN pukiwiki-1_5_0_eucjp/plugin/links.inc.php pukiwiki_1_5_1-beta1-f502_eucjp/plugin/links.inc.php --- pukiwiki-1_5_0_eucjp/plugin/links.inc.php 2005-02-27 18:43:12.000000000 +0900 +++ pukiwiki_1_5_1-beta1-f502_eucjp/plugin/links.inc.php 2016-02-13 23:01:30.000000000 +0900 @@ -1,6 +1,8 @@ +