Revision | 4c95e67671984c5246931362affb33f06c888d06 (tree) |
---|---|
Zeit | 2011-02-06 22:50:46 |
Autor | henoheno <henoheno> |
Commiter | henoheno |
BugTrack2/343 BugTrack/779: Cleanup transition (1):
* Japanese comments => English ones
* &ref(); without arg shows its usage
* Remove comments that the souce already said
* Simplify renaming variables
* Simplify using htmlsc()
* Simplifying $params (to be continued)
* Simplifying $width/$height (to be continued)
@@ -1,6 +1,6 @@ | ||
1 | 1 | <?php |
2 | 2 | // PukiWiki - Yet another WikiWikiWeb clone |
3 | -// $Id: ref.inc.php,v 1.53 2011/02/03 15:03:10 henoheno Exp $ | |
3 | +// $Id: ref.inc.php,v 1.54 2011/02/06 13:50:46 henoheno Exp $ | |
4 | 4 | // Copyright (C) |
5 | 5 | // 2002-2006, 2011 PukiWiki Developers Team |
6 | 6 | // 2001-2002 Originally written by yu-ji |
@@ -25,18 +25,15 @@ define('PLUGIN_REF_DEFAULT_ALIGN', 'left'); // 'left', 'center', 'right' | ||
25 | 25 | // Text wrapping |
26 | 26 | define('PLUGIN_REF_WRAP_TABLE', FALSE); // TRUE, FALSE |
27 | 27 | |
28 | -// URL指定時に画像サイズを取得するか | |
28 | +// NOT RECOMMENDED: getimagesize($uri) for proper width/height | |
29 | 29 | define('PLUGIN_REF_URL_GET_IMAGE_SIZE', FALSE); // FALSE, TRUE |
30 | 30 | |
31 | -// UPLOAD_DIR のデータ(画像ファイルのみ)に直接アクセスさせる | |
31 | +// DANGER, DO NOT USE THIS: Allow direct access to UPLOAD_DIR | |
32 | 32 | define('PLUGIN_REF_DIRECT_ACCESS', FALSE); // FALSE or TRUE |
33 | -// - これは従来のインラインイメージ処理を互換のために残すもので | |
34 | -// あり、高速化のためのオプションではありません | |
35 | -// - UPLOAD_DIR をWebサーバー上に露出させており、かつ直接アクセス | |
36 | -// できる(アクセス制限がない)状態である必要があります | |
37 | -// - Apache などでは UPLOAD_DIR/.htaccess を削除する必要があります | |
38 | -// - ブラウザによってはインラインイメージの表示や、「インライン | |
39 | -// イメージだけを表示」させた時などに不具合が出る場合があります | |
33 | +// - This is NOT option for acceralation but old and compatible. | |
34 | +// - Apache: UPLOAD_DIR/.htaccess will prohibit this usage. | |
35 | +// - Browsers: This usage contains any proper mime-type, so | |
36 | +// some ones will not show proper result. And may cause XSS. | |
40 | 37 | |
41 | 38 | ///////////////////////////////////////////////// |
42 | 39 |
@@ -48,42 +45,41 @@ define('PLUGIN_REF_USAGE', '([pagename/]attached-file-name[,parameters, ... ][,t | ||
48 | 45 | |
49 | 46 | function plugin_ref_inline() |
50 | 47 | { |
51 | - // Not reached, because of "$aryargs[] = & $body" at plugin.php | |
52 | - // if (! func_num_args()) | |
53 | - // return '&ref(): Usage:' . PLUGIN_REF_USAGE . ';'; | |
48 | + // "$aryargs[] = & $body" at plugin.php | |
49 | + if (func_num_args() == 1) { | |
50 | + return htmlsc('&ref(): Usage:' . PLUGIN_REF_USAGE . ';'); | |
51 | + } | |
54 | 52 | |
55 | 53 | $params = plugin_ref_body(func_get_args()); |
56 | - | |
57 | 54 | if (isset($params['_error']) && $params['_error'] != '') { |
58 | - // Error | |
59 | - return '&ref(): ' . $params['_error'] . ';'; | |
60 | - } else { | |
61 | - return $params['_body']; | |
55 | + return htmlsc('&ref(): ' . $params['_error'] . ';'); | |
62 | 56 | } |
57 | + | |
58 | + return $params['_body']; | |
63 | 59 | } |
64 | 60 | |
65 | 61 | function plugin_ref_convert() |
66 | 62 | { |
67 | - if (! func_num_args()) | |
68 | - return '<p>#ref(): Usage:' . PLUGIN_REF_USAGE . '</p>' . "\n"; | |
63 | + if (! func_num_args()) { | |
64 | + return '<p>' . htmlsc('#ref(): Usage:' . PLUGIN_REF_USAGE) . '</p>' . "\n"; | |
65 | + } | |
69 | 66 | |
70 | 67 | $params = plugin_ref_body(func_get_args()); |
71 | - | |
72 | 68 | if (isset($params['_error']) && $params['_error'] != '') { |
73 | - return '<p>#ref(): ' . $params['_error'] . '</p>' . "\n"; | |
69 | + return '<p>' . htmlsc('#ref(): ' . $params['_error']) . '</p>' . "\n"; | |
74 | 70 | } |
75 | 71 | |
72 | + // Wrap with a table | |
76 | 73 | if ((PLUGIN_REF_WRAP_TABLE && ! $params['nowrap']) || $params['wrap']) { |
77 | - // 枠で包む | |
78 | 74 | // margin:auto |
79 | - // Mozilla 1.x = x (wrap,aroundが効かない) | |
75 | + // Mozilla 1.x = x (wrap, and around are ignored) | |
80 | 76 | // Opera 6 = o |
81 | - // Netscape 6 = x (wrap,aroundが効かない) | |
82 | - // IE 6 = x (wrap,aroundが効かない) | |
77 | + // Netscape 6 = x (wrap, and around are ignored) | |
78 | + // IE 6 = x (wrap, and around are ignored) | |
83 | 79 | // margin:0px |
84 | - // Mozilla 1.x = x (wrapで寄せが効かない) | |
85 | - // Opera 6 = x (wrapで寄せが効かない) | |
86 | - // Netscape 6 = x (wrapで寄せが効かない) | |
80 | + // Mozilla 1.x = x (aligning seems ignored with wrap) | |
81 | + // Opera 6 = x (aligning seems ignored with wrap) | |
82 | + // Netscape 6 = x (aligning seems ignored with wrap) | |
87 | 83 | // IE6 = o |
88 | 84 | $margin = ($params['around'] ? '0px' : 'auto'); |
89 | 85 | $margin_align = ($params['_align'] == 'center') ? '' : |
@@ -102,195 +98,181 @@ EOD; | ||
102 | 98 | } else { |
103 | 99 | $style = 'text-align:' . $params['_align']; |
104 | 100 | } |
105 | - | |
106 | - // divで包む | |
107 | - return '<div class="img_margin" style="' . $style . '">' . $params['_body'] . '</div>' . "\n"; | |
101 | + return '<div class="img_margin" style="' . htmlsc($style) . '">' . | |
102 | + $params['_body'] . '</div>' . "\n"; | |
108 | 103 | } |
109 | 104 | |
105 | +// Common function | |
110 | 106 | function plugin_ref_body($args) |
111 | 107 | { |
112 | 108 | global $script, $vars; |
113 | - global $WikiName, $BracketName; // compat | |
109 | + global $WikiName, $BracketName; | |
110 | + | |
111 | + $page = isset($vars['page']) ? $vars['page'] : ''; | |
114 | 112 | |
115 | - // 戻り値 | |
116 | 113 | $params = array( |
117 | - 'left' => FALSE, // 左寄せ | |
118 | - 'center' => FALSE, // 中央寄せ | |
119 | - 'right' => FALSE, // 右寄せ | |
120 | - 'wrap' => FALSE, // TABLEで囲む | |
121 | - 'nowrap' => FALSE, // TABLEで囲まない | |
122 | - 'around' => FALSE, // 回り込み | |
123 | - 'noicon' => FALSE, // アイコンを表示しない | |
124 | - 'nolink' => FALSE, // 元ファイルへのリンクを張らない | |
125 | - 'noimg' => FALSE, // 画像を展開しない | |
126 | - 'zoom' => FALSE, // 縦横比を保持する | |
127 | - '_size' => FALSE, // サイズ指定あり | |
128 | - '_w' => 0, // 幅 | |
129 | - '_h' => 0, // 高さ | |
130 | - '_%' => 0, // 拡大率 | |
114 | + // Align | |
115 | + 'left' => FALSE, | |
116 | + 'center' => FALSE, | |
117 | + 'right' => FALSE, | |
118 | + '_align' => PLUGIN_REF_DEFAULT_ALIGN, | |
119 | + | |
120 | + // Wrap with table or not | |
121 | + 'wrap' => FALSE, | |
122 | + 'nowrap' => FALSE, | |
123 | + | |
124 | + 'around' => FALSE, // wrap around | |
125 | + 'noicon' => FALSE, // Suppress showing icon | |
126 | + 'nolink' => FALSE, // Suppress link to image itself | |
127 | + 'noimg' => FALSE, // Suppress showing image | |
128 | + | |
129 | + 'zoom' => FALSE, // Image size spacified | |
130 | + '_%' => 0, // percentage | |
131 | + | |
132 | + '_size' => FALSE, // Image size specified | |
133 | + '_w' => 0, // width | |
134 | + '_h' => 0, // height | |
135 | + | |
131 | 136 | '_args' => array(), |
132 | 137 | '_done' => FALSE, |
133 | 138 | '_error' => '' |
134 | 139 | ); |
135 | 140 | |
136 | - // 添付ファイルのあるページ: defaultは現在のページ名 | |
137 | - $page = isset($vars['page']) ? $vars['page'] : ''; | |
138 | - | |
139 | - // 添付ファイルのファイル名 | |
140 | - $name = ''; | |
141 | + // [Page_name/maybe-separated-with/slashes/]AttachedFileName.sfx or URI | |
142 | + $name = array_shift($args); | |
143 | + $is_url = is_url($name); | |
141 | 144 | |
142 | - // 添付ファイルまでのパスおよび(実際の)ファイル名 | |
143 | - $file = ''; | |
144 | - | |
145 | - // 第一引数: "[ページ名および/]添付ファイル名"、あるいは"URL"を取得 | |
146 | - $name = array_shift($args); | |
147 | - $is_url = is_url($name); | |
145 | + $file = ''; // Path to the attached file | |
146 | + $is_file = FALSE; | |
148 | 147 | |
149 | 148 | if(! $is_url) { |
150 | - // 添付ファイル | |
151 | 149 | if (! is_dir(UPLOAD_DIR)) { |
152 | 150 | $params['_error'] = 'No UPLOAD_DIR'; |
153 | 151 | return $params; |
154 | 152 | } |
155 | 153 | |
156 | 154 | $matches = array(); |
157 | - // ファイル名にページ名(ページ参照パス)が合成されているか | |
158 | - // (Page_name/maybe-separated-with/slashes/ATTACHED_FILENAME) | |
159 | 155 | if (preg_match('#^(.+)/([^/]+)$#', $name, $matches)) { |
156 | + // Page_name/maybe-separated-with/slashes and AttachedFileName.sfx | |
160 | 157 | if ($matches[1] == '.' || $matches[1] == '..') { |
161 | 158 | $matches[1] .= '/'; // Restore relative paths |
162 | 159 | } |
163 | - $name = $matches[2]; | |
164 | - $page = get_fullname(strip_bracket($matches[1]), $page); // strip is a compat | |
165 | - $file = UPLOAD_DIR . encode($page) . '_' . encode($name); | |
160 | + $name = $matches[2]; // AttachedFileName.sfx | |
161 | + $page = get_fullname(strip_bracket($matches[1]), $page); // strip is a compat | |
162 | + $file = UPLOAD_DIR . encode($page) . '_' . encode($name); | |
166 | 163 | $is_file = is_file($file); |
167 | 164 | |
168 | - // 第二引数以降が存在し、それはrefのオプション名称などと一致しない | |
169 | 165 | } else if (isset($args[0]) && $args[0] != '' && ! isset($params[$args[0]])) { |
170 | - $e_name = encode($name); | |
171 | - | |
172 | - // Try the second argument, as a page-name or a path-name | |
173 | - $_arg = get_fullname(strip_bracket($args[0]), $page); // strip is a compat | |
174 | - $file = UPLOAD_DIR . encode($_arg) . '_' . $e_name; | |
175 | - $is_file_second = is_file($file); | |
166 | + // Is the second argument a page-name or a path-name? | |
167 | + $_page = array_shift($args); | |
176 | 168 | |
177 | - // If the second argument is WikiName, or double-bracket-inserted pagename (compat) | |
178 | - $is_bracket_bracket = preg_match('/^(' . $WikiName . '|\[\[' . $BracketName . '\]\])$/', $args[0]); | |
169 | + // Looks like WikiName, or double-bracket-inserted pagename? (compat) | |
170 | + $is_bracket_bracket = preg_match('/^(' . $WikiName . '|\[\[' . $BracketName . '\]\])$/', $_page); | |
179 | 171 | |
180 | - if ($is_file_second && $is_bracket_bracket) { | |
181 | - // Believe the second argument (compat) | |
182 | - array_shift($args); | |
183 | - $page = $_arg; | |
184 | - $is_file = TRUE; | |
185 | - } else { | |
186 | - // Try default page, with default params | |
187 | - $is_file_default = is_file(UPLOAD_DIR . encode($page) . '_' . $e_name); | |
172 | + $_page = get_fullname(strip_bracket($_page), $page); // strip is a compat | |
173 | + $file = UPLOAD_DIR . encode($_page) . '_' . encode($name); | |
174 | + $is_file = is_file($file); | |
188 | 175 | |
176 | + if (! $is_bracket_bracket || ! $is_file) { | |
189 | 177 | // Promote new design |
190 | - if ($is_file_default && $is_file_second) { | |
178 | + if ($is_file && is_file(UPLOAD_DIR . encode($page) . '_' . encode($name))) { | |
191 | 179 | // Because of race condition NOW |
192 | - $params['_error'] = htmlsc('The same file name "' . | |
193 | - $name . '" at both page: "' . $page . '" and "' . $_arg . | |
194 | - '". Try ref(pagename/filename) to specify one of them'); | |
180 | + $params['_error'] = | |
181 | + 'The same file name "' . $name . '" at both page: "' . | |
182 | + $page . '" and "' . $_page . | |
183 | + '". Try ref(pagename/filename) to specify one of them'; | |
195 | 184 | } else { |
196 | 185 | // Because of possibility of race condition, in the future |
197 | - $params['_error'] = 'The style ref(filename,pagename) is ambiguous ' . | |
186 | + $params['_error'] = | |
187 | + 'The style ref(filename,pagename) is ambiguous ' . | |
198 | 188 | 'and become obsolete. ' . |
199 | 189 | 'Please try ref(pagename/filename)'; |
200 | 190 | } |
201 | 191 | return $params; |
202 | 192 | } |
193 | + $page = $_page; // Believe it (compat) | |
194 | + | |
203 | 195 | } else { |
204 | 196 | // Simple single argument |
205 | - $file = UPLOAD_DIR . encode($page) . '_' . encode($name); | |
197 | + $file = UPLOAD_DIR . encode($page) . '_' . encode($name); | |
206 | 198 | $is_file = is_file($file); |
207 | 199 | } |
200 | + | |
208 | 201 | if (! $is_file) { |
209 | - $params['_error'] = htmlsc('File not found: "' . | |
210 | - $name . '" at page "' . $page . '"'); | |
202 | + $params['_error'] = 'File not found: "' . | |
203 | + $name . '" at page "' . $page . '"'; | |
211 | 204 | return $params; |
212 | 205 | } |
213 | 206 | } |
214 | 207 | |
215 | - // 残りの引数の処理 | |
216 | - if (! empty($args)) | |
217 | - foreach ($args as $arg) | |
208 | + // $params | |
209 | + if (! empty($args)) { | |
210 | + foreach ($args as $arg) { | |
218 | 211 | ref_check_arg($arg, $params); |
212 | + } | |
213 | + } | |
214 | + foreach (array('right', 'left', 'center') as $align) { | |
215 | + if ($params[$align]) { | |
216 | + $params['_align'] = $align; | |
217 | + break; | |
218 | + } | |
219 | + } | |
220 | + $seems_image = (! $params['noimg'] && preg_match(PLUGIN_REF_IMAGE, $name)); | |
219 | 221 | |
220 | -/* | |
221 | - $nameをもとに以下の変数を設定 | |
222 | - $url,$url2 : URL | |
223 | - $title :タイトル | |
224 | - $is_image : 画像のときTRUE | |
225 | - $info : 画像ファイルのときgetimagesize()の'size' | |
226 | - 画像ファイル以外のファイルの情報 | |
227 | - 添付ファイルのとき : ファイルの最終更新日とサイズ | |
228 | - URLのとき : URLそのもの | |
229 | -*/ | |
230 | - $title = $url = $url2 = $info = ''; | |
231 | 222 | $width = $height = 0; |
223 | + $title = $url = $url2 = ''; | |
232 | 224 | $matches = array(); |
233 | 225 | |
234 | - if ($is_url) { // URL | |
226 | + if ($is_url) { | |
227 | + $url = $name; | |
228 | + $url2 = $name; | |
229 | + | |
235 | 230 | if (PKWK_DISABLE_INLINE_IMAGE_FROM_URI) { |
236 | 231 | //$params['_error'] = 'PKWK_DISABLE_INLINE_IMAGE_FROM_URI prohibits this'; |
237 | 232 | //return $params; |
238 | - $url = htmlsc($name); | |
239 | - $params['_body'] = '<a href="' . $url . '">' . $url . '</a>'; | |
233 | + $s_url = htmlsc($url); | |
234 | + $params['_body'] = '<a href="' . $s_url . '">' . $s_url . '</a>'; | |
240 | 235 | return $params; |
241 | 236 | } |
242 | 237 | |
243 | - $url = $url2 = htmlsc($name); | |
244 | - $title = htmlsc(preg_match('/([^\/]+)$/', $name, $matches) ? $matches[1] : $url); | |
245 | - | |
246 | - $is_image = (! $params['noimg'] && preg_match(PLUGIN_REF_IMAGE, $name)); | |
238 | + $title = preg_match('#([^/]+)$#', $url, $matches) ? $matches[1] : $url; | |
247 | 239 | |
248 | - if ($is_image && PLUGIN_REF_URL_GET_IMAGE_SIZE && (bool)ini_get('allow_url_fopen')) { | |
240 | + if (PLUGIN_REF_URL_GET_IMAGE_SIZE && $seems_image && (bool)ini_get('allow_url_fopen')) { | |
249 | 241 | $size = @getimagesize($name); |
250 | 242 | if (is_array($size)) { |
251 | 243 | $width = $size[0]; |
252 | 244 | $height = $size[1]; |
253 | - $info = $size[3]; | |
254 | 245 | } |
255 | 246 | } |
256 | 247 | |
257 | - } else { // 添付ファイル | |
258 | - | |
259 | - $title = htmlsc($name); | |
260 | - | |
261 | - $is_image = (! $params['noimg'] && preg_match(PLUGIN_REF_IMAGE, $name)); | |
248 | + } else { | |
249 | + $title = $name; | |
262 | 250 | |
263 | 251 | // Count downloads with attach plugin |
264 | - $url = $script . '?plugin=attach' . '&refer=' . rawurlencode($page) . | |
265 | - '&openfile=' . rawurlencode($name); // Show its filename at the last | |
252 | + $url = $script . '?plugin=attach' . '&refer=' . rawurlencode($page) . | |
253 | + '&openfile=' . rawurlencode($name); // Show its filename at the last | |
254 | + $url2 = ''; | |
266 | 255 | |
267 | - if ($is_image) { | |
268 | - // Swap $url | |
269 | - $url2 = $url; | |
256 | + if ($seems_image) { | |
270 | 257 | |
271 | 258 | // URI for in-line image output |
272 | - if (! PLUGIN_REF_DIRECT_ACCESS) { | |
273 | - // With ref plugin (faster than attach) | |
274 | - $url = $script . '?plugin=ref' . '&page=' . rawurlencode($page) . | |
275 | - '&src=' . rawurlencode($name); // Show its filename at the last | |
259 | + $url2 = $url; | |
260 | + if (PLUGIN_REF_DIRECT_ACCESS) { | |
261 | + $url = $file; // Try direct-access, if possible | |
276 | 262 | } else { |
277 | - // Try direct-access, if possible | |
278 | - $url = $file; | |
263 | + // With ref plugin (faster than attach) | |
264 | + $url = $script . '?plugin=ref' . '&page=' . rawurlencode($page) . | |
265 | + '&src=' . rawurlencode($name); // Show its filename at the last | |
279 | 266 | } |
280 | 267 | |
281 | - $width = $height = 0; | |
282 | 268 | $size = @getimagesize($file); |
283 | 269 | if (is_array($size)) { |
284 | 270 | $width = $size[0]; |
285 | 271 | $height = $size[1]; |
286 | 272 | } |
287 | - } else { | |
288 | - $info = get_date('Y/m/d H:i:s', filemtime($file) - LOCALZONE) . | |
289 | - ' ' . sprintf('%01.1f', round(filesize($file)/1024, 1)) . 'KB'; | |
290 | 273 | } |
291 | 274 | } |
292 | 275 | |
293 | - // 拡張パラメータをチェック | |
294 | 276 | if (! empty($params['_args'])) { |
295 | 277 | $_title = array(); |
296 | 278 | foreach ($params['_args'] as $arg) { |
@@ -308,16 +290,15 @@ function plugin_ref_body($args) | ||
308 | 290 | } |
309 | 291 | |
310 | 292 | if (! empty($_title)) { |
311 | - $title = htmlsc(join(',', $_title)); | |
312 | - if ($is_image) { | |
313 | - $title = make_line_rules($title); | |
314 | - } | |
293 | + $title = join(',', $_title); | |
315 | 294 | } |
316 | 295 | } |
317 | 296 | |
318 | - // 画像サイズ調整 | |
319 | - if ($is_image) { | |
320 | - // 指定されたサイズを使用する | |
297 | + $s_url = htmlsc($url); | |
298 | + $s_title = htmlsc($title); | |
299 | + $s_info = ''; | |
300 | + if ($seems_image) { | |
301 | + $s_title = make_line_rules($s_title); | |
321 | 302 | if ($params['_size']) { |
322 | 303 | if ($width == 0 && $height == 0) { |
323 | 304 | $width = $params['_w']; |
@@ -327,8 +308,8 @@ function plugin_ref_body($args) | ||
327 | 308 | $_h = $params['_h'] ? $height / $params['_h'] : 0; |
328 | 309 | $zoom = max($_w, $_h); |
329 | 310 | if ($zoom) { |
330 | - $width = (int)($width / $zoom); | |
331 | - $height = (int)($height / $zoom); | |
311 | + $width = intval($width / $zoom); | |
312 | + $height = intval($height / $zoom); | |
332 | 313 | } |
333 | 314 | } else { |
334 | 315 | $width = $params['_w'] ? $params['_w'] : $width; |
@@ -336,53 +317,52 @@ function plugin_ref_body($args) | ||
336 | 317 | } |
337 | 318 | } |
338 | 319 | if ($params['_%']) { |
339 | - $width = (int)($width * $params['_%'] / 100); | |
340 | - $height = (int)($height * $params['_%'] / 100); | |
320 | + $width = intval($width * $params['_%'] / 100); | |
321 | + $height = intval($height * $params['_%'] / 100); | |
341 | 322 | } |
342 | 323 | if ($width && $height) { |
343 | - $info = 'width="' . $width . '" height="' . $height . '" '; | |
344 | - } | |
345 | - } | |
346 | - | |
347 | - // アラインメント判定 | |
348 | - $params['_align'] = PLUGIN_REF_DEFAULT_ALIGN; | |
349 | - foreach (array('right', 'left', 'center') as $align) { | |
350 | - if ($params[$align]) { | |
351 | - $params['_align'] = $align; | |
352 | - break; | |
324 | + $s_info = 'width="' . htmlsc($width) . | |
325 | + '" height="' . htmlsc($height) . '" '; | |
353 | 326 | } |
354 | - } | |
355 | - | |
356 | - if ($is_image) { // 画像 | |
357 | - $params['_body'] = '<img src="' . $url . '" ' . | |
358 | - 'alt="' . $title . '" ' . | |
359 | - 'title="' . $title . '" ' . | |
360 | - $info . '/>'; | |
327 | + $body = '<img src="' . $s_url . '" ' . | |
328 | + 'alt="' . $s_title . '" ' . | |
329 | + 'title="' . $s_title . '" ' . | |
330 | + $s_info . '/>'; | |
361 | 331 | if (! $params['nolink'] && $url2) { |
362 | 332 | $params['_body'] = |
363 | - '<a href="' . $url2 . '" title="' . $title . '">' . | |
364 | - $params['_body'] . '</a>'; | |
333 | + '<a href="' . htmlsc($url2) . '" title="' . $s_title . '">' . | |
334 | + $body . '</a>'; | |
335 | + } else { | |
336 | + $params['_body'] = $body; | |
365 | 337 | } |
366 | 338 | } else { |
339 | + if (! $is_url) { | |
340 | + $s_info = htmlsc(get_date('Y/m/d H:i:s', filemtime($file) - LOCALZONE) . | |
341 | + ' ' . sprintf('%01.1f', round(filesize($file) / 1024, 1)) . 'KB'); | |
342 | + } | |
367 | 343 | $icon = $params['noicon'] ? '' : FILE_ICON; |
368 | - $params['_body'] = '<a href="' . $url . '" title="' . $info . '">' . | |
369 | - $icon . $title . '</a>'; | |
344 | + $params['_body'] = '<a href="' . $s_url . '" title="' . $s_info . '">' . | |
345 | + $icon . $s_title . '</a>'; | |
370 | 346 | } |
371 | 347 | |
372 | 348 | return $params; |
373 | 349 | } |
374 | 350 | |
375 | -// オプションを解析する | |
376 | 351 | function ref_check_arg($val, & $params) |
377 | 352 | { |
353 | + if (preg_match('/^_/', $val)) { | |
354 | + $params['_args'][] = $val; | |
355 | + return; | |
356 | + } | |
378 | 357 | if ($val == '') { |
379 | 358 | $params['_done'] = TRUE; |
380 | 359 | return; |
381 | 360 | } |
382 | 361 | |
383 | 362 | if (! $params['_done']) { |
363 | + $lval = strtolower($val); | |
384 | 364 | foreach (array_keys($params) as $key) { |
385 | - if (strpos($key, strtolower($val)) === 0) { | |
365 | + if (strpos($key, $lval) === 0) { | |
386 | 366 | $params[$key] = TRUE; |
387 | 367 | return; |
388 | 368 | } |
@@ -401,14 +381,14 @@ function plugin_ref_action() | ||
401 | 381 | $usage = 'Usage: plugin=ref&page=page_name&src=attached_image_name'; |
402 | 382 | |
403 | 383 | if (! isset($vars['page']) || ! isset($vars['src'])) |
404 | - return array('msg'=>'Invalid argument', 'body'=>$usage); | |
384 | + return array('msg' => 'Invalid argument', 'body' => $usage); | |
405 | 385 | |
406 | 386 | $page = $vars['page']; |
407 | 387 | $filename = $vars['src'] ; |
408 | 388 | |
409 | 389 | $ref = UPLOAD_DIR . encode($page) . '_' . encode(preg_replace('#^.*/#', '', $filename)); |
410 | 390 | if(! file_exists($ref)) |
411 | - return array('msg'=>'Attach file not found', 'body'=>$usage); | |
391 | + return array('msg' => 'Attach file not found', 'body' => $usage); | |
412 | 392 | |
413 | 393 | $got = @getimagesize($ref); |
414 | 394 | if (! isset($got[2])) $got[2] = FALSE; |
@@ -418,7 +398,7 @@ function plugin_ref_action() | ||
418 | 398 | case 3: $type = 'image/png' ; break; |
419 | 399 | case 4: $type = 'application/x-shockwave-flash'; break; |
420 | 400 | default: |
421 | - return array('msg'=>'Seems not an image', 'body'=>$usage); | |
401 | + return array('msg' => 'Seems not an image', 'body' => $usage); | |
422 | 402 | } |
423 | 403 | |
424 | 404 | // Care for Japanese-character-included file name |
@@ -433,14 +413,13 @@ function plugin_ref_action() | ||
433 | 413 | break; |
434 | 414 | } |
435 | 415 | } |
436 | - $file = htmlsc($filename); | |
437 | - $size = filesize($ref); | |
438 | 416 | |
439 | 417 | // Output |
418 | + $size = filesize($ref); | |
440 | 419 | pkwk_common_headers(); |
441 | - header('Content-Disposition: inline; filename="' . $filename . '"'); | |
442 | - header('Content-Length: ' . $size); | |
443 | - header('Content-Type: ' . $type); | |
420 | + header('Content-Disposition: inline; filename="' . htmlsc($filename) . '"'); | |
421 | + header('Content-Length: ' . htmlsc($size)); | |
422 | + header('Content-Type: ' . htmlsc($type)); | |
444 | 423 | @readfile($ref); |
445 | 424 | exit; |
446 | 425 | } |