taiosBlockadePPLassyPadnaviNQABugsQTronsssnakessstacoemtronserver

Català-Valencià - Catalan中文 - Chinese (Simplified)中文 - Chinese (Traditional)Česky - CzechDansk - DanishNederlands - DutchEnglish - EnglishSuomi - FinnishFrançais - FrenchDeutsch - Germanעברית - Hebrewहिंदी - HindiMagyar - HungarianBahasa Indonesia - IndonesianItaliano - Italian日本語 - Japanese한국어 - Koreanमराठी - MarathiNorsk - NorwegianPolski - PolishPortuguês - PortuguesePortuguês - Portuguese (Brazil)Русский - RussianSlovenčina - SlovakSlovenščina - SlovenianEspañol - SpanishSvenska - SwedishTürkçe - TurkishOëzbekcha - Uzbek

Compare Revisions

• This comparison shows the changes necessary to convert path

  → /wiki @ 499

  → /wiki @ 522

  ↔ Reverse comparison

• Compare Path:	Rev

  With Path:	Rev

Ignore whitespace Rev 499 → Rev 522

/wiki/edit-do.php
30,7 → 30,9
if ($page->isUserGM($page->getLoggedInUser()))
{
$pageName = str_replace("../", "/", $pageName);
while (strpos($pageName, '../') !== false) {
$pageName = str_replace("../", "/", $pageName);
}
$filename = 'pages/' . $pageName . '.txt';

/wiki/edit.php
22,7 → 22,7
$pageName = 'Index';
}
$page = new Taios_Page('Edit Page - ' . $pageName, '../');
$page = new Taios_Page('Edit Page - ' . htmlentities($pageName, ENT_QUOTES), '../');
$page->drawHeader();
$page->drawMiddle();
30,7 → 30,9
if ($page->isUserGM($page->getLoggedInUser()))
{
$pageName = str_replace("../", "/", $pageName);
while (strpos($pageName, '../') !== false) {
$pageName = str_replace("../", "/", $pageName);
}
$filename = 'pages/' . $pageName . '.txt';
46,10 → 48,10
?>
<form action="edit-do.php" method="POST">
<input type="hidden" name="page" value="<?php echo $pageName; ?>" />
<input type="hidden" name="page" value="<?php echo htmlentities($pageName, ENT_QUOTES); ?>" />
<table>
<tr>
<td><textarea name="content"><?php write($content); ?></textarea></td>
<td><textarea name="content"><?php write(htmlentities($content, ENT_QUOTES)); ?></textarea></td>
</tr>
<tr>
<td><input type="submit" value="Edit" /></td>

/wiki/index.php
29,7 → 29,7
$pageName = 'Index';
}
$page = new Taios_Page('Wiki · ' . $pageName, '../');
$page = new Taios_Page('Wiki · ' . htmlentities($pageName, ENT_QUOTES), '../');
if (isset($_GET['random']))
{
56,10 → 56,12
if ($page->isUserGM($page->getLoggedInUser()))
{
write('<p class="bold"><a href="edit.php?page=' . $pageName . '">Edit Page</a></p><br />');
write('<p class="bold"><a href="edit.php?page=' . htmlentities($pageName, ENT_QUOTES) . '">Edit Page</a></p><br />');
}
$pageName = str_replace("../", "/", $pageName);
while (strpos($pageName, '../') !== false) {
$pageName = str_replace("../", "/", $pageName);
}
$filename = 'pages/' . $pageName . '.txt';
76,7 → 78,7
if(is_dir('pages/' . $pageName))
{
write('<p>Directory listing of ' . $pageName . ':</p>');
write('<p>Directory listing of ' . htmlentities($pageName, ENT_QUOTES) . ':</p>');
write('<ul>');
$dir = opendir('pages/' . $pageName);
if($dir)
86,7 → 88,7
if($file != '.' && $file != '..' && (preg_match('/\.txt$/', $file) || is_dir('pages/' . $pageName . '/' . $file)))
{
$file = preg_replace('/\.txt$/', '', $file);
write('<li><a href="index.php?page=' . $pageName . '/' . htmlspecialchars($file) . '">' . htmlspecialchars($file) . '</a></li>');
write('<li><a href="index.php?page=' . htmlentities($pageName, ENT_QUOTES) . '/' . htmlentities($file, ENT_QUOTES) . '">' . htmlentities($file, ENT_QUOTES) . '</a></li>');
}
}
}