Subversion Repositories taios

<?php

require '../_taios.php';
if (get_magic_quotes_gpc()) {
    $process = array(&$_GET, &$_POST, &$_COOKIE, &$_REQUEST);
    while (list($key, $val) = each($process)) {
        foreach ($val as $k => $v) {
            unset($process[$key][$k]);
            if (is_array($v)) {
                $process[$key][stripslashes($k)] = $v;
                $process[] = &$process[$key][stripslashes($k)];
            } else {
                $process[$key][stripslashes($k)] = stripslashes($v);
            }
        }
    }
    unset($process);
}
$pageName = $_GET['page'];
if (empty($pageName))
{
    $pageName = 'Index';
}

$page = new Taios_Page('Edit Page - ' . htmlentities($pageName, ENT_QUOTES), '../');
$page->drawHeader();
$page->drawMiddle();

$page->checkLoggedIn();

if ($page->isUserGM($page->getLoggedInUser()))
{
    while (strpos($pageName, '../') !== false) {
        $pageName = str_replace("../", "/", $pageName);
    }

    $filename = 'pages/' . $pageName . '.txt';
   
    $content = "";

    $fp = @fopen($filename, 'r');
    if ($fp)
    {
        $content = fread($fp, filesize($filename));
        fclose($fp);
    }
   
?>

<form action="edit-do.php" method="POST">
<input type="hidden" name="page" value="<?php echo htmlentities($pageName, ENT_QUOTES); ?>" />
<table>
<tr>
<td><textarea name="content"><?php write(htmlentities($content, ENT_QUOTES)); ?></textarea></td>
</tr>
<tr>
<td><input type="submit" value="Edit" /></td>
</tr>
</table>
</form>

<?php
}
else
{
    $page->drawError('You do not have permission to access this page.');
}

$page->drawFooter();

?>