/////////////////////////////////////////////////
// PukiWiki - Yet another WikiWikiWeb clone.
//
-// $Id: en.lng,v 1.13 2003/06/05 10:37:35 arino Exp $
+// $Id: en.lng,v 1.14 2003/06/22 06:37:19 arino Exp $
//
// PukiWiki message file (english)
$_attach_plugin_files = '%s downloads';
///////////////////////////////////////
+$_title_cannotread = '$1 is not readable';
+$_msg_auth = 'PukiWikiAuth';
+
+///////////////////////////////////////
// help 'wiki format rule'.
$rule_page = 'FormatRule';
$help_page = 'Help';
/////////////////////////////////////////////////
// PukiWiki - Yet another WikiWikiWeb clone.
//
-// $Id: func.php,v 1.43 2003/06/10 13:53:56 arino Exp $
+// $Id: func.php,v 1.44 2003/06/22 06:37:19 arino Exp $
//
// ʸ»úÎó¤¬InterWikiName¤«¤É¤¦¤«
}
// ÊÔ½¸ÉÔ²Äǽ¤Ê¥Ú¡¼¥¸¤òÊÔ½¸¤·¤è¤¦¤È¤·¤¿¤È¤
-function check_editable($page)
+// ¥Ç¥Õ¥©¥ë¥ÈÃͤǸߴ¹À¤òÊݤÄ
+function check_editable($page, $auth_flag=true, $exit_flag=true)
{
global $script,$_title_cannotedit,$_msg_unfreeze;
- edit_auth($page);
-
- if (is_editable($page))
- {
- return;
- }
-
- $body = $title = str_replace('$1',htmlspecialchars(strip_bracket($page)),$_title_cannotedit);
- $_page = str_replace('$1',make_search($page),$_title_cannotedit);
-
- if (is_freeze($page))
+ if (edit_auth($page, $auth_flag, $exit_flag) and is_editable($page))
{
- $body .= "(<a href=\"$script?cmd=unfreeze&page=".
- rawurlencode($page)."\">$_msg_unfreeze</a>)";
+ return true;
}
-
- catbody($title,$_page,$body);
- exit;
-}
-// ÊÔ½¸»þ¤Îǧ¾Ú
-function edit_auth($page)
-{
- global $edit_auth,$edit_auth_users,$_msg_auth,$_title_cannotedit;
-
- if ($edit_auth and
- (!isset($_SERVER['PHP_AUTH_USER']) or
- !array_key_exists($_SERVER['PHP_AUTH_USER'],$edit_auth_users) or
- $edit_auth_users[$_SERVER['PHP_AUTH_USER']] != $_SERVER['PHP_AUTH_PW']))
- {
- header('WWW-Authenticate: Basic realm="'.$_msg_auth.'"');
- header('HTTP/1.0 401 Unauthorized');
- // press cancel.
- $body = str_replace('$1',make_pagelink($page), $_title_cannotedit);
- $title = str_replace('$1',htmlspecialchars($page),$_title_cannotedit);
- $page = str_replace('$1',make_search($page), $_title_cannotedit);
-
+ if ($exit_flag) {
+ $body = $title = str_replace('$1',htmlspecialchars(strip_bracket($page)),$_title_cannotedit);
+ if(is_freeze($page))
+ {
+ $body .= "(<a href=\"$script?cmd=unfreeze&page=".
+ rawurlencode($page)."\">$_msg_unfreeze</a>)";
+ }
+
+ $page = str_replace('$1',make_search($page),$_title_cannotedit);
+
catbody($title,$page,$body);
exit;
}
+ return false;
}
// ¼«Æ°¥Æ¥ó¥×¥ì¡¼¥È
continue;
}
- $source = get_source($page);
+ // ¸¡º÷Âоݥڡ¼¥¸¤ÎÀ©¸Â¤ò¤«¤±¤ë¤«¤É¤¦¤« (¥Ú¡¼¥¸Ì¾¤ÏÀ©¸Â³°)
+ if ($search_auth and !check_readable($page,false,false)) {
+ $source = get_source(); // ¸¡º÷Âоݥڡ¼¥¸ÆâÍƤò¶õ¤Ë¡£
+ } else {
+ $source = get_source($page);
+ }
if (!$non_format)
{
array_unshift($source,$page); // ¥Ú¡¼¥¸Ì¾¤â¸¡º÷ÂоݤË
return md5($data);
}
}
+
+/////////////////////////////////////////////////////////////////
+// Basicǧ¾Ú¤Ë¤è¤ë¸¢¸Â¥Á¥§¥Ã¥¯
+// ÊÔ½¸Ç§¾Ú
+// ±ÜÍ÷¤È¤ÎÂоÎÀ¤ò»ý¤¿¤»¤¿
+function edit_auth($page, $auth_flag=true, $exit_flag=true) {
+ global $_msg_auth,$edit_auth,$auth_users,$edit_auth_pages;
+ global $_title_cannotedit,$auth_method_type;
+
+ // ÊÔ½¸Ç§¾Ú¥Õ¥é¥°¤ò¥Á¥§¥Ã¥¯ (¥·¥¹¥Æ¥àÁ´ÂΤȤ·¤ÆÊÔ½¸Ç§¾Ú¤¹¤ë¤«¤É¤¦¤«)
+ if (!$edit_auth) { return true; }
+
+ // ǧ¾ÚÍ×ÈÝȽÃÇÂоÝʸ»úÎó¤ò¼èÆÀ¤¹¤ë
+ // ¥Ú¡¼¥¸Ì¾¤Ç¥Á¥§¥Ã¥¯¤¹¤ë¾ì¹ç
+ if ($auth_method_type == "pagename") {
+ $target_str = $page;
+ }
+ // ¥Ú¡¼¥¸Æâ¤Îʸ»úÎó¤Ç¥Á¥§¥Ã¥¯¤¹¤ë¾ì¹ç
+ else if ($auth_method_type == "contents") {
+ $target_str = join('',get_source($page));
+ }
+ else {
+ $target_str = "";
+ }
+
+ // ¹çÃפ·¤¿¥Ñ¥¿¡¼¥ó¤ÇÄêµÁ¤µ¤ì¤¿¥æ¡¼¥¶¥ê¥¹¥È¤ò¥Þ¡¼¥¸¤¹¤ë
+ reset($edit_auth_pages);
+ $user_list = "";
+ while (list($key, $val) = each($edit_auth_pages)) {
+ if (preg_match($key, $target_str)) {
+ $user_list .= ",".$val;
+ }
+ }
+ if ($user_list == "") { return true; }
+
+ // ¥æ¡¼¥¶¥ê¥¹¥È¤Ë´Þ¤Þ¤ì¤ë¤¤¤º¤ì¤«¤Î¥æ¡¼¥¶¤Èǧ¾Ú¤µ¤ì¤ì¤ÐOK
+ if (!isset($_SERVER['PHP_AUTH_USER'])
+ or !preg_match("/".$_SERVER['PHP_AUTH_USER']."/", $user_list)
+ or !array_key_exists($_SERVER['PHP_AUTH_USER'], $auth_users)
+ or $auth_users[$_SERVER['PHP_AUTH_USER']] != $_SERVER['PHP_AUTH_PW'])
+ {
+ if ($auth_flag) {
+ header('WWW-Authenticate: Basic realm="'.$_msg_auth.'"');
+ header('HTTP/1.0 401 Unauthorized');
+ }
+ if ($exit_flag) {
+ $body = $title = str_replace('$1',htmlspecialchars(strip_bracket($page)), $_title_cannotedit);
+ $page = str_replace('$1',make_search($page),$_title_cannotedit);
+ catbody($title, $page, $body);
+ exit;
+ }
+ return false;
+ }
+ return true;
+}
+
+// ±ÜÍ÷ÉÔ²Äǽ¤Ê¥Ú¡¼¥¸¤ò±ÜÍ÷¤·¤è¤¦¤È¤·¤¿¤È¤ (¡©)
+// ¢¨¤¢¤Þ¤êɬÍ×À¤ò´¶¤¸¤Ê¤¤¤¬¡¢edit¤Î¾ì¹ç¤ÈÂоÎÀ¤ò»ý¤¿¤»¤ë¤¿¤á¤ËƳÆþ¡£
+function check_readable($page, $auth_flag=true, $exit_flag=true) {
+ if (read_auth($page, $auth_flag, $exit_flag)) {
+ return true;
+ }
+ return false;
+}
+
+// ±ÜÍ÷ǧ¾Ú
+function read_auth($page, $auth_flag=true, $exit_flag=true) {
+ global $_msg_auth,$read_auth,$auth_users,$read_auth_pages;
+ global $_title_cannotread, $auth_method_type;
+
+ // ±ÜÍ÷ǧ¾Ú¥Õ¥é¥°¤ò¥Á¥§¥Ã¥¯
+ if (!$read_auth) { return true; }
+
+ // ǧ¾ÚÍ×ÈÝȽÃÇÂоÝʸ»úÎó¤ò¼èÆÀ¤¹¤ë
+ // ¥Ú¡¼¥¸Ì¾¤Ç¥Á¥§¥Ã¥¯¤¹¤ë¾ì¹ç
+ if ($auth_method_type == "pagename") {
+ $target_str = $page;
+ }
+ // ¥Ú¡¼¥¸Æâ¤Îʸ»úÎó¤Ç¥Á¥§¥Ã¥¯¤¹¤ë¾ì¹ç
+ else if ($auth_method_type == "contents") {
+ $target_str = join('',get_source($page));
+ }
+ else {
+ $target_str = "";
+ }
+
+ // ¹çÃפ·¤¿¥Ñ¥¿¡¼¥ó¤ÇÄêµÁ¤µ¤ì¤¿¥æ¡¼¥¶¥ê¥¹¥È¤ò¥Þ¡¼¥¸¤¹¤ë
+ reset($read_auth_pages);
+ $user_list = "";
+ while (list($key, $val) = each($read_auth_pages)) {
+ if (preg_match($key, $target_str)) {
+ $user_list .= ",".$val;
+ }
+ }
+ if ($user_list == "") { return true; }
+
+ // ¥æ¡¼¥¶¥ê¥¹¥È¤Ë´Þ¤Þ¤ì¤ë¤¤¤º¤ì¤«¤Î¥æ¡¼¥¶¤Èǧ¾Ú¤µ¤ì¤ì¤ÐOK
+ if (!isset($_SERVER['PHP_AUTH_USER'])
+ or !preg_match("/".$_SERVER['PHP_AUTH_USER']."/", $user_list)
+ or !array_key_exists($_SERVER['PHP_AUTH_USER'], $auth_users)
+ or $auth_users[$_SERVER['PHP_AUTH_USER']] != $_SERVER['PHP_AUTH_PW'])
+ {
+ if ($auth_flag) {
+ header('WWW-Authenticate: Basic realm="'.$_msg_auth.'"');
+ header('HTTP/1.0 401 Unauthorized');
+ }
+ if ($exit_flag) {
+ $body = $title = str_replace('$1',htmlspecialchars(strip_bracket($page)), $_title_cannotread);
+ $page = str_replace('$1',make_search($page),$_title_cannotread);
+ catbody($title, $page, $body);
+ exit;
+ }
+ return false;
+ }
+ return true;
+}
?>
/////////////////////////////////////////////////
// PukiWiki - Yet another WikiWikiWeb clone.
//
-// $Id: ja.lng,v 1.15 2003/06/05 10:37:35 arino Exp $
+// $Id: ja.lng,v 1.16 2003/06/22 06:37:19 arino Exp $
//
// PukiWiki message file (japanese)
$_attach_plugin_files = '%s·ï';
///////////////////////////////////////
+$_title_cannotread = '$1 ¤Ï±ÜÍ÷¤Ç¤¤Þ¤»¤ó';
+$_msg_auth = 'PukiWikiAuth';
+
+///////////////////////////////////////
// help 'wiki format rule'.
$rule_page = 'À°·Á¥ë¡¼¥ë';
$help_page = '¥Ø¥ë¥×';
/////////////////////////////////////////////////
// PukiWiki - Yet another WikiWikiWeb clone.
//
-// $Id: backup.inc.php,v 1.7 2003/06/05 10:37:35 arino Exp $
+// $Id: backup.inc.php,v 1.8 2003/06/22 06:37:18 arino Exp $
//
// ¥Ð¥Ã¥¯¥¢¥Ã¥×
function plugin_backup_action()
{
return;
}
-
+
+ check_readable($get['page'], true, true);
+
$page = $s_page = $r_page = '';
if (array_key_exists('page',$vars))
{
* PukiWiki calendar_viewer¥×¥é¥°¥¤¥ó
*
*
- *$Id: calendar_viewer.inc.php,v 1.7 2003/06/03 11:59:07 arino Exp $
+ *$Id: calendar_viewer.inc.php,v 1.8 2003/06/22 06:37:19 arino Exp $
calendarrecent¥×¥é¥°¥¤¥ó¤ò¸µ¤ËºîÀ®
*/
/**
$get["page"] = $page;
$post["page"] = $page;
$vars["page"] = $page;
-
- $body = convert_html(get_source($page));
+
+ // ¸½¾õ¤Ç±ÜÍ÷µö²Ä¤¬¤¢¤ë¾ì¹ç¤À¤±É½¼¨¤¹¤ë
+ if (check_readable($page,false,false)) {
+ $body = convert_html(get_source($page));
+ } else {
+ $body = $page." ¤Ï±ÜÍ÷À©¸Â¤¬¤«¤«¤Ã¤Æ¤¤¤ë¤¿¤ácalendar_viewer¤Ë¤è¤ë»²¾È¤Ï¤Ç¤¤Þ¤»¤ó";
+ }
+
$r_page = rawurlencode($page);
$s_page = htmlspecialchars($page);
$link = "<a href=\"$script?cmd=edit&page=$r_page\">$s_page</a>";
/////////////////////////////////////////////////
// PukiWiki - Yet another WikiWikiWeb clone.
//
-// $Id: diff.inc.php,v 1.2 2003/01/28 14:30:39 panda Exp $
+// $Id: diff.inc.php,v 1.3 2003/06/22 06:37:18 arino Exp $
//
//¥Ú¡¼¥¸¤Îº¹Ê¬¤òɽ¼¨¤¹¤ë
function plugin_diff_action()
global $script,$get,$hr;
global $_msg_notfound,$_msg_goto,$_msg_addline,$_msg_delline,$_title_diff;
+ check_readable($get['page'],true,true);
+
$r_page = rawurlencode($get['page']);
$s_page = htmlspecialchars($get['page']);
$s_name = strip_bracket($s_page);
/////////////////////////////////////////////////
// PukiWiki - Yet another WikiWikiWeb clone.
//
-// $Id: edit.inc.php,v 1.10 2003/06/05 06:20:49 arino Exp $
+// $Id: edit.inc.php,v 1.11 2003/06/22 06:37:18 arino Exp $
//
// ÊÔ½¸
// cmd=edit
{
global $vars,$_title_edit;
- check_editable($vars['page']);
+ check_editable($vars['page'], true, true);
if (array_key_exists('preview',$vars) or array_key_exists('template',$vars)) {
return plugin_edit_preview();
/////////////////////////////////////////////////
// PukiWiki - Yet another WikiWikiWeb clone.
//
-// $Id: include.inc.php,v 1.6 2003/03/03 07:07:28 panda Exp $
+// $Id: include.inc.php,v 1.7 2003/06/22 06:37:18 arino Exp $
//
/*
$_page = $vars['page'];
$get['page'] = $post['page'] = $vars['page'] = $page;
- $body = convert_html(get_source($page));
+
+ // include¤Î¤È¤¤Ï¡¢Ç§¾Ú²èÌ̤ò¤¤¤Á¤¤¤Á½Ð¤µ¤º¡¢¸å»ÏËö¤â¤³¤Á¤é¤Ç¤Ä¤±¤ë
+ if (check_readable($page, false, false)) {
+ $body = convert_html(get_source($page));
+ } else {
+ $body = $page." ¤Ï±ÜÍ÷À©¸Â¤¬¤«¤«¤Ã¤Æ¤¤¤ë¤¿¤áinclude¤Ç¤¤Þ¤»¤ó";
+ }
+
$get['page'] = $post['page'] = $vars['page'] = $_page;
$s_page = htmlspecialchars($page);
/////////////////////////////////////////////////
// PukiWiki - Yet another WikiWikiWeb clone.
//
-// $Id: pcomment.inc.php,v 1.17 2003/06/10 14:05:42 arino Exp $
+// $Id: pcomment.inc.php,v 1.18 2003/06/22 06:37:18 arino Exp $
//
/*
return array('msg'=>'invalid page name.','body'=>'cannot add comment.','collided'=>TRUE);
}
+ check_editable($page, true, true);
+
$ret = array(
'msg' => $_title_updated,
'collided' => FALSE
function pcmt_get_comments($page,$count,$dir,$reply)
{
+ if (!check_readable($page, false, false))
+ {
+ return array("±ÜÍ÷À©¸Â¤¬¤«¤«¤Ã¤Æ¤¤¤ë¤¿¤á¡¢".$page."¤«¤é¤Ï¥³¥á¥ó¥È¤òÆɤߤ³¤à¤³¤È¤¬¤Ç¤¤Þ¤»¤ó¡£");
+ }
+
$data = get_source($page);
if (!is_array($data))
/////////////////////////////////////////////////
// PukiWiki - Yet another WikiWikiWeb clone.
//
-// $Id: read.inc.php,v 1.2 2003/06/12 02:23:53 arino Exp $
+// $Id: read.inc.php,v 1.3 2003/06/22 06:37:18 arino Exp $
//
// ¥Ú¡¼¥¸¤Îɽ¼¨¤ÈInterWikiName¤Î²ò¼á
function plugin_read_action()
// WikiName¡¢BracketName¤¬¼¨¤¹¥Ú¡¼¥¸¤òɽ¼¨
if (is_page($get['page'])) {
+ check_readable($get['page'],true,true);
return array('msg'=>'','body'=>'');
}
/////////////////////////////////////////////////
// PukiWiki - Yet another WikiWikiWeb clone.
//
-// $Id: pukiwiki.ini.php,v 1.39 2003/06/13 01:04:54 arino Exp $
+// $Id: pukiwiki.ini.php,v 1.40 2003/06/22 06:37:19 arino Exp $
//
// PukiWiki setting file
$adminpass = '1a1dc91c907325c69271ddf0c944bc72';
/////////////////////////////////////////////////
-// ÊÔ½¸»þ¤Ëǧ¾Ú¤¬É¬Í×
+// ¥æ¡¼¥¶ÄêµÁ
+$auth_users = array(
+'foo' => 'foo_passwd',
+'bar' => 'bar_passwd',
+'hoge' => 'hoge_passwd',
+);
+/////////////////////////////////////////////////
+// ǧ¾ÚÊý¼°¼ïÊÌ
+// pagename : ¥Ú¡¼¥¸Ì¾
+// contents : ¥Ú¡¼¥¸ÆâÍÆ
+$auth_method_type = "contents";
+/////////////////////////////////////////////////
+// ±ÜÍ÷ǧ¾Ú¥Õ¥é¥°
+// 0:ÉÔÍ×
+// 1:ɬÍ×
+$read_auth = 0;
+/////////////////////////////////////////////////
+// ±ÜÍ÷ǧ¾ÚÂоݥѥ¿¡¼¥óÄêµÁ
+$read_auth_pages = array(
+'/¤Ò¤¤³¤â¤ë¤Û¤²/' => 'hoge',
+'/(¥Í¥¿¥Ð¥ì|¤Í¤¿¤Ð¤ì)/' => 'foo,bar,hoge',
+);
+/////////////////////////////////////////////////
+// ÊÔ½¸Ç§¾Ú¥Õ¥é¥°
+// 0:ÉÔÍ×
+// 1:ɬÍ×
$edit_auth = 0;
-
/////////////////////////////////////////////////
-// ÊÔ½¸»þǧ¾Ú¤Î¥¢¥«¥¦¥ó¥È¤È¥Ñ¥¹¥ï¡¼¥É
-// ¥æ¡¼¥¶Ì¾¤È¥Ñ¥¹¥ï¡¼¥É¤òµÆþ¡£
-$edit_auth_users = array(
- '' => '',
+// ÊÔ½¸Ç§¾ÚÂоݥѥ¿¡¼¥óÄêµÁ
+$edit_auth_pages = array(
+'/Bar¤Î¸ø³«Æüµ/' => 'bar',
+'/¤Ò¤¤³¤â¤ë¤Û¤²/' => 'hoge',
+'/(¥Í¥¿¥Ð¥ì|¤Í¤¿¤Ð¤ì)/' => 'foo',
);
/////////////////////////////////////////////////
+// ¸¡º÷ǧ¾Ú¥Õ¥é¥°
+// 0: ±ÜÍ÷¤¬µö²Ä¤µ¤ì¤Æ¤¤¤Ê¤¤¥Ú¡¼¥¸ÆâÍƤ⸡º÷ÂоݤȤ¹¤ë
+// 1: ¸¡º÷»þ¤Î¥í¥°¥¤¥ó¥æ¡¼¥¶¤Ëµö²Ä¤µ¤ì¤¿¥Ú¡¼¥¸¤Î¤ß¸¡º÷ÂоݤȤ¹¤ë
+$search_auth = 0;
+
+/////////////////////////////////////////////////
// ¹¹¿·ÍúÎò¤òɽ¼¨¤¹¤ë¤È¤¤ÎºÇÂç·ï¿ô
$maxshow = 80;
/////////////////////////////////////////////////