Rev 496 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed
Rev | Author | Line No. | Line |
---|---|---|---|
229 | tom | 1 | <?php |
2 | |||
3 | require '../_taios.php'; |
||
496 | muzer | 4 | if (get_magic_quotes_gpc()) { |
5 | $process = array(&$_GET, &$_POST, &$_COOKIE, &$_REQUEST); |
||
6 | while (list($key, $val) = each($process)) { |
||
7 | foreach ($val as $k => $v) { |
||
8 | unset($process[$key][$k]); |
||
9 | if (is_array($v)) { |
||
10 | $process[$key][stripslashes($k)] = $v; |
||
11 | $process[] = &$process[$key][stripslashes($k)]; |
||
12 | } else { |
||
13 | $process[$key][stripslashes($k)] = stripslashes($v); |
||
14 | } |
||
15 | } |
||
16 | } |
||
17 | unset($process); |
||
18 | } |
||
229 | tom | 19 | $pageName = $_GET['page']; |
20 | if (empty($pageName)) |
||
21 | { |
||
22 | $pageName = 'Index'; |
||
23 | } |
||
24 | |||
522 | muzer | 25 | $page = new Taios_Page('Edit Page - ' . htmlentities($pageName, ENT_QUOTES), '../'); |
229 | tom | 26 | $page->drawHeader(); |
27 | $page->drawMiddle(); |
||
28 | |||
290 | tom | 29 | $page->checkLoggedIn(); |
30 | |||
229 | tom | 31 | if ($page->isUserGM($page->getLoggedInUser())) |
32 | { |
||
522 | muzer | 33 | while (strpos($pageName, '../') !== false) { |
34 | $pageName = str_replace("../", "/", $pageName); |
||
35 | } |
||
486 | muzer | 36 | |
229 | tom | 37 | $filename = 'pages/' . $pageName . '.txt'; |
38 | |||
39 | $content = ""; |
||
40 | |||
41 | $fp = @fopen($filename, 'r'); |
||
42 | if ($fp) |
||
43 | { |
||
44 | $content = fread($fp, filesize($filename)); |
||
45 | fclose($fp); |
||
46 | } |
||
47 | |||
48 | ?> |
||
49 | |||
50 | <form action="edit-do.php" method="POST"> |
||
522 | muzer | 51 | <input type="hidden" name="page" value="<?php echo htmlentities($pageName, ENT_QUOTES); ?>" /> |
229 | tom | 52 | <table> |
53 | <tr> |
||
522 | muzer | 54 | <td><textarea name="content"><?php write(htmlentities($content, ENT_QUOTES)); ?></textarea></td> |
229 | tom | 55 | </tr> |
56 | <tr> |
||
57 | <td><input type="submit" value="Edit" /></td> |
||
58 | </tr> |
||
59 | </table> |
||
60 | </form> |
||
61 | |||
62 | <?php |
||
63 | } |
||
64 | else |
||
65 | { |
||
66 | $page->drawError('You do not have permission to access this page.'); |
||
67 | } |
||
68 | |||
69 | $page->drawFooter(); |
||
70 | |||
71 | ?> |
||
72 |