/wiki/edit-do.php |
---|
2,6 → 2,22 |
require '../_taios.php'; |
if (get_magic_quotes_gpc()) { |
$process = array(&$_GET, &$_POST, &$_COOKIE, &$_REQUEST); |
while (list($key, $val) = each($process)) { |
foreach ($val as $k => $v) { |
unset($process[$key][$k]); |
if (is_array($v)) { |
$process[$key][stripslashes($k)] = $v; |
$process[] = &$process[$key][stripslashes($k)]; |
} else { |
$process[$key][stripslashes($k)] = stripslashes($v); |
} |
} |
} |
unset($process); |
} |
$pageName = $_POST['page']; |
if (empty($pageName)) |
{ |
14,7 → 30,12 |
if ($page->isUserGM($page->getLoggedInUser())) |
{ |
$pageName = str_replace("../", "/", $pageName); |
$filename = 'pages/' . $pageName . '.txt'; |
if(!is_dir(dirname($filename))) |
mkdir(dirname($filename), 0777, true); |
$fp = @fopen($filename, 'w'); |
if ($fp) |
/wiki/edit.php |
---|
16,6 → 16,8 |
if ($page->isUserGM($page->getLoggedInUser())) |
{ |
$pageName = str_replace("../", "/", $pageName); |
$filename = 'pages/' . $pageName . '.txt'; |
$content = ""; |
33,7 → 35,7 |
<input type="hidden" name="page" value="<?php echo $pageName; ?>" /> |
<table> |
<tr> |
<td><textarea name="content"><?php echo $content; ?></textarea></td> |
<td><textarea name="content"><?php write($content); ?></textarea></td> |
</tr> |
<tr> |
<td><input type="submit" value="Edit" /></td> |
/wiki/index.php |
---|
45,6 → 45,8 |
write('<p class="bold"><a href="edit.php?page=' . $pageName . '">Edit Page</a></p><br />'); |
} |
$pageName = str_replace("../", "/", $pageName); |
$filename = 'pages/' . $pageName . '.txt'; |
$fp = @fopen($filename, 'r'); |
58,6 → 60,26 |
write('<p>This page is empty.</p>'); |
} |
if(is_dir('pages/' . $pageName)) |
{ |
write('<p>Directory listing of ' . $pageName . ':</p>'); |
write('<ul>'); |
$dir = opendir('pages/' . $pageName); |
if($dir) |
{ |
while (($file = readdir($dir)) !== false) |
{ |
if($file != '.' && $file != '..' && (preg_match('/\.txt$/', $file) || is_dir('pages/' . $pageName . '/' . $file))) |
{ |
$file = preg_replace('/\.txt$/', '', $file); |
write('<li><a href="index.php?page=' . $pageName . '/' . htmlspecialchars($file) . '">' . htmlspecialchars($file) . '</a></li>'); |
} |
} |
} |
write('</ul>'); |
write('<p>End of directory listing</p>'); |
} |
$page->drawFooter(); |
?> |