header('Content-Type: text/plain');
-if(empty($_POST['lockid'])) {
+$lockid = optional_param('lockid', 0, PARAM_INT);
+
+if($lockid == 0) {
print 'noid';
exit;
}
-$lockid=(int)$_POST['lockid'];
if($lock=get_record('wiki_locks','id',$lockid)) {
$lock->lockedseen=time();
update_record('wiki_locks',$lock);
$o = "";
#-- selected page
- if (!isset($_REQUEST)) {
- $_REQUEST = @array_merge($_GET, $_POST);
- }
+ $action = optional_param('action', EWIKI_DEFAULT_ACTION);
+ $content = optional_param('content', false);
+ $version = optional_param('version', false);
+
if (!strlen($id)) {
$id = ewiki_id();
}
$id = format_string($id,true);
#-- page action
- $action = EWIKI_DEFAULT_ACTION;
if ($delim = strpos($id, EWIKI_ACTION_SEP_CHAR)) {
$action = substr($id, 0, $delim);
$id = substr($id, $delim + 1);
}
- elseif (EWIKI_USE_ACTION_PARAM && isset($_REQUEST["action"])) {
- $action = $_REQUEST["action"];
+ elseif (!EWIKI_USE_ACTION_PARAM) {
+ $action = EWIKI_DEFAULT_ACTION;
}
$GLOBALS["ewiki_id"] = $id;
$GLOBALS["ewiki_title"] = ewiki_split_title($id);
$dquery = array(
"id" => $id
);
- if (!isset($_REQUEST["content"]) && ($dquery["version"] = @$_REQUEST["version"])) {
+ if (!$content && ($dquery["version"] = $version)) {
$dquery["forced_version"] = $dquery["version"];
}
$data = @array_merge($dquery, ewiki_database("GET", $dquery));
global $ewiki_plugins, $ewiki_config;
$o = "";
+ $thanks = optional_param('thankyou', '');
+
#-- render requested wiki page <-- goal !!!
$render_args = array(
"scan_links" => 1,
foreach ($pf_a as $n => $pf) { $pf($o, $id, $data, $action); }
}
- if (!empty($_REQUEST["thankyou"]) && $ewiki_config["edit_thank_you"]) {
+ if (!empty($thankyou) && $ewiki_config["edit_thank_you"]) {
$o = ewiki_t("THANKSFORCONTRIBUTION") . $o;
}
further whenever desired
*/
function ewiki_id() {
- ($id = @$_REQUEST["id"]) or
- ($id = @$_REQUEST["name"]) or
- ($id = @$_REQUEST["page"]) or
- ($id = @$_REQUEST["file"]) or
+ ($id = optional_param("id", '')) or
+ ($id = optional_param("name", '')) or
+ ($id = optional_param("page", '')) or
+ ($id = optional_param("file", '')) or
(EWIKI_USE_PATH_INFO) and ($id = ltrim(@$_SERVER["PATH_INFO"], "/")) or
(!isset($_REQUEST["id"])) and ($id = trim(strtok($_SERVER["QUERY_STRING"], "&")));
if (!strlen($id) || ($id=="id=")) {
global $CFG;
+ $q = optional_param('q', '');
$o = ewiki_make_title($id, $id, 2, $action);
- if (! ($q = @$_REQUEST["q"])) {
+ if ($q == '') {
$o .= '<form action="' . ewiki_script("", $id) . '" method="post">';
$o .= '<fieldset class="invisiblefieldset">';
global $ewiki_plugins, $ewiki_config, $ewiki_links;
global $CFG, $course; // MOODLE HACK
+ $pnum = optional_param(EWIKI_UP_PAGENUM, 0);
+ $pend = optional_param(EWIKI_UP_PAGEEND, 0);
+
$o = ewiki_make_title($id, ewiki_t("INFOABOUTPAGE")." '{$id}'", 2, $action,"", "_MAY_SPLIT=1");
$flagnames = array(
#-- versions to show
$v_start = $data["version"];
- if ( ($uu=@$_REQUEST[EWIKI_UP_PAGENUM]) && ($uu<=$v_start) ) {
- $v_start = $uu;
+ if ( $pnum && ($pnum<=$v_start) ) {
+ $v_start = $pnum;
}
$v_end = $v_start - $ewiki_config["list_limit"] + 1;
- if ( ($uu=@$_REQUEST[EWIKI_UP_PAGEEND]) && ($uu<=$v_start) ) {
- $v_end = $uu;
+ if ( $pend && ($pend<=$v_start) ) {
+ $v_end = $pend;
}
$v_end = max($v_end, 1);
global $ewiki_links, $ewiki_author, $ewiki_plugins, $ewiki_ring, $ewiki_errmsg;
+ $content = optional_param('content', '');
+ $version = optional_param('version', '');
+ $preview = optional_param('preview', false);
+ $save = optional_param('save', false);
+
$hidden_postdata = array();
#-- previous version come back
$data["version"] = $current["version"];
unset($current);
- unset($_REQUEST["content"]);
- unset($_REQUEST["version"]);
+ /// Is this done for somewhere else?
+ $_REQUEST['content'] = $_POST['content'] = $_GET['content'] = null;
+ $_REQUEST['version'] = $_POST['version'] = $_GET['version'] = null;
+ $content = '';
+ $version = '';
}
#-- edit hacks
$o = ewiki_make_title($id, ewiki_t("EDITTHISPAGE").(" '{$id}'"), 2, $action, "", "_MAY_SPLIT=1");
#-- preview
- if (isset($_REQUEST["preview"])) {
+ if ($preview) {
$o .= $ewiki_plugins["edit_preview"][0]($data);
}
#-- save
- if (isset($_REQUEST["save"])) {
+ if ($save) {
#-- normalize to UNIX newlines
- $_REQUEST["content"] = str_replace("\015\012", "\012", $_REQUEST["content"]);
- $_REQUEST["content"] = str_replace("\015", "\012", $_REQUEST["content"]);
+ $content = str_replace("\015\012", "\012", $content);
+ $content = str_replace("\015", "\012", $content);
#-- check for concurrent version saving
$error = 0;
- if ((@$data["version"] >= 1) && ($data["version"] != @$_REQUEST["version"]) || (@$_REQUEST["version"] < 1)) {
+ if ((@$data["version"] >= 1) && ($data["version"] != $version) || ($version < 1)) {
$pf = $ewiki_plugins["edit_patch"][0];
"id" => $id,
"version" => @$data["version"] + 1,
"flags" => $set_flags,
- "content" => $_REQUEST["content"],
+ "content" => $content,
"created" => ($uu=@$data["created"]) ? $uu : time(),
"meta" => ($uu=@$data["meta"]) ? $uu : "",
"hits" => ($uu=@$data["hits"]) ? $uu : "0",
function ewiki_page_edit_form(&$id, &$data, &$hidden_postdata) {
global $ewiki_plugins, $ewiki_config, $moodle_format;
+ $content = optional_param('content', '');
+ $version = optional_param('version', '');
+
$o='';
#-- previously edited, or db fetched content
- if (@$_REQUEST["content"] || @$_REQUEST["version"]) {
+ if ($content || $version) {
$data = array(
- "version" => &$_REQUEST["version"],
- "content" => &$_REQUEST["content"]
+ "version" => $version,
+ "content" => $content
);
}
else {
function ewiki_page_edit_preview(&$data) {
#### BEGIN MOODLE CHANGES
global $moodle_format;
- $preview_text=$GLOBALS["ewiki_plugins"]["render"][0]($_REQUEST["content"], 1, EWIKI_ALLOW_HTML || (@$data["flags"]&EWIKI_DB_F_HTML));
+ $preview_text=$GLOBALS["ewiki_plugins"]["render"][0](optional_param("content", null), 1, EWIKI_ALLOW_HTML || (@$data["flags"]&EWIKI_DB_F_HTML));
return( '<div class="preview">'
. "<hr noshade>"
. "<div align=\"right\">" . ewiki_t("PREVIEW") . "</div><hr noshade><br />\n"
global $ewiki_plugins;
global $USER; // MOODLE
+ $id = optional_param(EWIKI_UP_BINARY, '');
+
#-- reject calls
- if (!strlen($id = @$_REQUEST[EWIKI_UP_BINARY]) || !EWIKI_IDF_INTERNAL) {
+ if (!strlen($id) || !EWIKI_IDF_INTERNAL) {
return(false);
}
if (headers_sent()) die("ewiki-binary configuration error");
#-- auth only happens when enforced with _PROTECTED_MODE_XXL setting
# (authentication for inline images in violation of the WWW spirit)
if ((EWIKI_PROTECTED_MODE>=5) && !ewiki_auth($id, $data, "binary-{$do}")) {
- return($_REQUEST["id"]="view/BinaryPermissionError");
+ $_REQUEST['id'] = $_POST['id'] = $_GET['id'] = "view/BinaryPermissionError";
+ return("view/BinaryPermissionError");
}
#-- upload an image
$ewiki_t["en"]["PROTE6"] = "the email address you've clicked on is:";
$ewiki_t["en"]["PROTE7"] = "<b>spammers, please eat these:</b>";
- $ewiki_t["de"]["PROTE0"] = "Geschützte EMail-Adresse";
- $ewiki_t["de"]["PROTE1"] = "Die EMail-Adresse, die du angeklickt hast, wird durch dieses Formular vor <a href=\"http://google.com/search?q=spambots\">spambots</a> (automatisierte Suchwerkzeuge, die das Netz zur Freude der MarketingMafia nach Adressen abgrasen) beschützt.";
- $ewiki_t["de"]["PROTE2"] = "Die Seite, die du ändern willst, enthält momentan wenigstens eine EMail-Adresse. Um diese zu schützen müssen wir sicherstellen, daß kein Spambot an die Edit-Box kommt (weil dort die Adresse ja im Klartext steht).";
+ $ewiki_t["de"]["PROTE0"] = "Gesch�tzte EMail-Adresse";
+ $ewiki_t["de"]["PROTE1"] = "Die EMail-Adresse, die du angeklickt hast, wird durch dieses Formular vor <a href=\"http://google.com/search?q=spambots\">spambots</a> (automatisierte Suchwerkzeuge, die das Netz zur Freude der MarketingMafia nach Adressen abgrasen) besch�tzt.";
+ $ewiki_t["de"]["PROTE2"] = "Die Seite, die du �ndern willst, enth�lt momentan wenigstens eine EMail-Adresse. Um diese zu sch�tzen m�ssen wir sicherstellen, da� kein Spambot an die Edit-Box kommt (weil dort die Adresse ja im Klartext steht).";
$ewiki_t["de"]["PROTE4"] = "Ich bin wirklich kein Spambot!";
$ewiki_t["de"]["PROTE5"] = "<b>noch mehr fingierte Adressen anzeigen</b>";
$ewiki_t["de"]["PROTE6"] = "die EMail-Adresse die du angeklickt hast lautet:";
- $ewiki_t["de"]["PROTE7"] = "<b>Liebe Spammer, bitte freßt das:</b>";
+ $ewiki_t["de"]["PROTE7"] = "<b>Liebe Spammer, bitte fre�t das:</b>";
#-- plugin glue
$ewiki_plugins["link_url"][] = "ewiki_email_protect_link";
*/
function ewiki_email_protect_edit_hook($id, &$data, &$hidden_postdata) {
+ $ewiki_up_nospambot = optional_param(EWIKI_UP_NOSPAMBOT, null);
+
$hidden_postdata[EWIKI_UP_NOSPAMBOT] = 1;
- if (empty($_REQUEST[EWIKI_UP_NOSPAMBOT])
+ if (empty($ewiki_up_nospambot )
&& strpos($data["content"], "@")
&& preg_match('/\w\w@([-\w]+\.)+\w\w/', $data["content"]) )
{
return($o);
}
- if (!empty($_POST[EWIKI_UP_NOSPAMBOT]) && empty($_COOKIE[EWIKI_UP_NOSPAMBOT]) && EWIKI_HTTP_HEADERS) {
+ if (!empty($ewiki_up_nospambot) && empty($_COOKIE[EWIKI_UP_NOSPAMBOT]) && EWIKI_HTTP_HEADERS) {
setcookie(EWIKI_UP_NOSPAMBOT, "grant_access", time()+7*24*3600, "/");
}
*/
function ewiki_email_protect_form($id, $data=0, $action=0, $text="PROTE1", $url="") {
- if ($url || ($email = @$_REQUEST[EWIKI_UP_ENCEMAIL])) {
+ $ewiki_up_encemail = optional_param(EWIKI_UP_ENCEMAIL, null);
+ $ewiki_up_nospambot = optional_param(EWIKI_UP_NOSPAMBOT, null);
+
+ if ($url || ($email = $ewiki_up_encemail)) {
$html = "<h3>" . ewiki_t("PROTE0") . "</h3>\n";
- if (empty($_REQUEST[EWIKI_UP_NOSPAMBOT])) { #// from GET,POST,COOKIE
+ if (empty($ewiki_up_nospambot)) { #// from GET,POST,COOKIE
(empty($url)) and ($url = ewiki_script("", EWIKI_PAGE_EMAIL));
while (($rd = strrpos($string, ".")) > strpos($string, "@")) {
$string = substr($string, 0, $rd);
}
- $string = strtr($string, "@.-_", "»·±¯");
+ $string = strtr($string, "@.-_", "����");
break;
case 1: // encode
global $ewiki_config;
+ $ewiki_up_requestlv = optional_param(EWIKI_UP_REQUESTLV, 0);
+
$html = "";
srand(time()/17-1000*microtime());
$html .= '<a href="mailto:'.$traps[rand(0, $n_trp)].'">'.$traps[rand(0, $n_trp)].'</a>';
- if (($rl = 1 + @$_REQUEST[EWIKI_UP_REQUESTLV]) < EWIKI_FAKE_EMAIL_LOOP) {
+ if (($rl = 1 + $ewiki_up_requestlv) < EWIKI_FAKE_EMAIL_LOOP) {
$html .= ",\n" . '<br /><a href="' .
ewiki_script("", EWIKI_PAGE_EMAIL,
array(
global $ewiki_plugins;
+ $abort = optional_param('abort', false);
+ $init = optional_param('init', '');
+
#-- proceed only if frontpage missing or explicetely requested
- if ((strtolower($id)=="wikisetupwizard") || ($id==EWIKI_PAGE_INDEX) && ($action=="edit") && empty($data["version"]) && !($_REQUEST["abort"])) {
+ if ((strtolower($id)=="wikisetupwizard") || ($id==EWIKI_PAGE_INDEX) && ($action=="edit") && empty($data["version"]) && !($abort)) {
- if ($_REQUEST["abort"]) {
+ if ($abort) {
}
#-- first print some what-would-we-do-stats
- elseif (empty($_REQUEST["init"])) {
+ elseif (empty($init)) {
$o = "<h2>WikiSetupWizard</h2>\n";
$o .= "You don't have any pages in your Wiki yet, so we should try to read-in the default ones from <tt>init-pages/</tt> now.<br /><br />";
function ewiki_handler_jump(&$id, &$data, &$action) {
global $ewiki_config;
-
static $redirect_count = 5;
+
+ $redirect_count = optional_param("EWIKI_UP_REDIRECT_COUNT", $redirect_count, PARAM_INT);
+
$jump_markup = array("jump", "goto", "redirect", "location");
#-- we only care about "view" action
}
#-- escape from loop
- if (isset($_REQUEST["EWIKI_UP_REDIRECT_COUNT"])) {
- $redirect_count = $_REQUEST["EWIKI_UP_REDIRECT_COUNT"];
- }
if ($redirect_count-- <= 0) {
return(ewiki_t("REDIRECTION_LOOP", array("id"=>$id)));
}
}
if (count($ewiki_upload_sections) > 1) {
if (empty($def_sec)) {
- $def_sec = $_REQUEST["section"];
+ $def_sec = optional_param('section', '');
}
$o .= '<b>'.ewiki_t("UPL_INSECT").'</b><br /><select name="section">';
foreach ($ewiki_upload_sections as $id => $title) {
if (($s = $upload_file["name"]) && (strlen($s) >= 3)
|| ($s = substr(md5(time()+microtime()),0,8) . ".dat"))
{
- if (strlen($uu = trim($_REQUEST["new_filename"])) >= 3) {
+ if (strlen($uu = trim(optional_param("new_filename",''))) >= 3) {
if ($uu != $s) {
$meta["Original-Filename"] = $s;
}
($p = strrpos($s, '\\')) and ($p++);
$meta["Content-Disposition"] = 'attachment; filename="'.urlencode(substr($s, $p)).'"';
}
- if (strlen($sect = $_REQUEST["section"])) {
+ if (strlen($sect = optional_param("section",''))) {
if ($ewiki_upload_sections[$sect]
|| ($action==EWIKI_ACTION_ATTACHMENTS) && ($data["content"])
&& strlen($ewiki_plugins["action"][EWIKI_ACTION_ATTACHMENTS])) {
return($o);
}
}
- if (strlen($s = trim($_REQUEST["comment"]))) {
+ if (strlen($s = trim(optional_param("comment",'')))) {
$meta["comment"] = $s;
}
#-- params (section, orderby)
- ($orderby = $_REQUEST["orderby"]) or ($orderby = "created");
+ $orderby = optional_param('orderby', 'created');
if ($def_sec) {
$section = $def_sec;
}
else {
- ($section = $_REQUEST["section"]) or ($section = "");
+ $section = optional_param('section', '');
if (count($ewiki_upload_sections) > 1) {
$oa = array();
$ewiki_upload_sections["*"] = "*";
#-- slice
- ($pnum = $_REQUEST[EWIKI_UP_PAGENUM]) or ($pnum = 0);
+ $pnum = optional_param(EWIKI_UP_PAGENUM, 0, PARAM_INT);
if (count($sorted) > EWIKI_LIST_LIMIT) {
$o_nl .= '<div class="lighter">>> ';
for ($n=0; $n < (int)(count($sorted) / EWIKI_LIST_LIMIT); $n++) {
global $userid, $groupid, $cm, $wikipage, $wiki, $course, $CFG;
#-- return legacy page
$cont = true;
- if (!empty($_REQUEST["wikiexport"])) {
- $binaries=$_REQUEST["exportbinaries"];
+ $wikiexport = optional_param('wikiexport', '');
+ $binaries = optional_param("exportbinaries", null);
+ $exportformatval = optional_param("exportformats", null);
+ $withvirtualpages = optional_param("withvirtualpages", null);
+ $exportdestinationsval = optional_param('exportdestinations', null);
+
+ if (!empty($wikiexport)) {
if(!$wiki->ewikiacceptbinary) {
$binaries=0;
}
- $exportformats=$_REQUEST["exportformats"];
if($wiki->htmlmode==2) {
- $exportformats=1;
+ $exportformatval=1;
}
$cont=ewiki_page_wiki_dump_send($binaries,
- $exportformats,
- $_REQUEST["withvirtualpages"],
- $_REQUEST["exportdestinations"]);
+ $exportformatval,
+ $withvirtualpages,
+ optional_param("exportdestinations", null));
}
if($cont===false) {
die;
$ret.=" <TR valign=\"top\">\n".
' <TD align="right">'.get_string("withbinaries","wiki").":</TD>\n".
" <TD>\n".
- ' <input type="checkbox" name="exportbinaries" value="1"'.($_REQUEST["exportbinaries"]==1?" checked":"")." />\n".
+ ' <input type="checkbox" name="exportbinaries" value="1"'.($binaries==1?" checked":"")." />\n".
" </TD>\n".
" </TR>\n";
}
$ret.=" <TR valign=\"top\">\n".
' <TD align="right">'.get_string("withvirtualpages","wiki").":</TD>\n".
" <TD>\n".
- ' <input type="checkbox" name="withvirtualpages" value="1"'.($_REQUEST["withvirtualpages"]==1?" checked":"")." />\n".
+ ' <input type="checkbox" name="withvirtualpages" value="1"'.($withvirtualpages==1?" checked":"")." />\n".
" </TD>\n".
" </TR>\n";
$exportformats=array( "0" => get_string("plaintext","wiki") , "1" => get_string("html","wiki"));
' <TD align="right">'.get_string("exportformats","wiki").":</TD>\n".
" <TD>\n";
if($wiki->htmlmode!=2) {
- $ret.= choose_from_menu($exportformats, "exportformats", $_REQUEST["exportformats"], "", "", "", true)."\n";
+ $ret.= choose_from_menu($exportformats, "exportformats", $exportformatval, "", "", "", true)."\n";
} else {
$ret.= '<INPUT type="hidden" name="exportformats" value="1" />'.
get_string("html","wiki");
if(count($exportdestinations)==1) {
$ret.='<INPUT type="hidden" name="exportdestinations" value="0" />'.$exportdestinations[0]."\n";
} else {
- $ret.=choose_from_menu($exportdestinations, "exportdestinations", $_REQUEST["exportdestinations"], "", "", "", true)."\n";
+ $ret.=choose_from_menu($exportdestinations, "exportdestinations", $exportdestinationsval, "", "", "", true)."\n";
}
$ret.=" </TD>\n".
" </TR>\n".
#-- translation.de
-$ewiki_t["de"]["NOTIFY_SUBJECT"] = '"$id" wurde geändert [notify:...]';
+$ewiki_t["de"]["NOTIFY_SUBJECT"] = '"$id" wurde ge�ndert [notify:...]';
$ewiki_t["de"]["NOTIFY_BODY"] = <<<_END_OF_STRING
Hi,
-Eine WikiSeite hat sich geändert, und du wolltest ja unbedingt wissen,
-wenn das passiert. Die geänderte Seite war '\$id' und
+Eine WikiSeite hat sich ge�ndert, und du wolltest ja unbedingt wissen,
+wenn das passiert. Die ge�nderte Seite war '\$id' und
ist leicht zu finden unter folgender URL:
\$link
Wenn du diese Benachrichtigungen nicht mehr bekommen willst, solltest du
-deine [notify:...]-Adresse aus der entsprechenden Edit-Box herauslöschen:
+deine [notify:...]-Adresse aus der entsprechenden Edit-Box herausl�schen:
\$edit_link
(\$wiki_title auf http://\$server/)
function ewiki_notify_edit_hook($id, $data, &$hidden_postdata) {
global $ewiki_t, $ewiki_plugins;
+
+ $content = optional_param('content', '');
$ret_err = 0;
+ $save = optional_param('save', false);
- if (!isset($_REQUEST["save"])) {
+ if ($save === false) {
return(false);
}
#-- save page versions temporarily as files
$fn1 = EWIKI_TMP."/ewiki.tmp.notify.diff.".md5($data["content"]);
- $fn2 = EWIKI_TMP."/ewiki.tmp.notify.diff.".md5($_REQUEST["content"]);
+ $fn2 = EWIKI_TMP."/ewiki.tmp.notify.diff.".md5($content);
$f = fopen($fn1, "w");
fwrite($f, $data["content"]);
fclose($f);
$f = fopen($fn2, "w");
- fwrite($f, $_REQUEST["content"]);
+ fwrite($f, $content);
fclose($f);
#-- set mtime of the old one (GNU diff will report it)
touch($fn1, $data["lastmodified"]);
function ewiki_edit_patch($id, &$data) {
+ $version = optional_param('version', null);
+ $content = optional_param('content', '');
+
$r = false;
$base = ewiki_database(
"GET",
- array("id"=>$id, "version"=>$_REQUEST["version"])
+ array("id"=>$id, "version"=>$version)
);
if (!$base) {
return(false);
}
$fn_base = EWIKI_TMP."/ewiki.base.".md5($base["content"]);
- $fn_requ = EWIKI_TMP."/ewiki..requ.".md5($_REQUEST["content"]);
- $fn_patch = EWIKI_TMP."/ewiki.patch.".md5($base["content"])."-".md5($_REQUEST["content"]);
+ $fn_requ = EWIKI_TMP."/ewiki..requ.".md5($content);
+ $fn_patch = EWIKI_TMP."/ewiki.patch.".md5($base["content"])."-".md5($content);
$fn_curr = EWIKI_TMP."/ewiki.curr.".md5($data["content"]);
if ($f = fopen($fn_base, "w")) {
}
if ($f = fopen($fn_requ, "w")) {
- fwrite($f, $_REQUEST["content"]);
+ fwrite($f, $content);
fclose($f);
}
else {
exec("patch $fn_curr $fn_patch", $output, $retval);
if (!$retval) {
- $_REQUEST["version"] = $curr["version"];
- $_REQUEST["content"] = implode("", file($fn_curr));
+ /// mrc - ?? what is $curr supposed to be ??
+ $_REQUEST["version"] = $_POST["version"] = $_GET["version"] = $curr["version"];
+ $_REQUEST["content"] = $_POST["content"] = $_GET["content"] = implode("", file($fn_curr));
$r = true;
}
projects / moodle.git / commitdiff