• R/O
  • HTTP
  • SSH
  • HTTPS

Commit

Tags
Keine Tags

Frequently used words (click to add to your profile)

javac++androidlinuxc#windowsobjective-ccocoa誰得qtpythonphprubygameguibathyscaphec計画中(planning stage)翻訳omegatframeworktwitterdomtestvb.netdirectxゲームエンジンbtronarduinopreviewer

Commit MetaInfo

Revision4c95e67671984c5246931362affb33f06c888d06 (tree)
Zeit2011-02-06 22:50:46
Autorhenoheno <henoheno>
Commiterhenoheno

Log Message

BugTrack2/343 BugTrack/779: Cleanup transition (1):
* Japanese comments => English ones
* &ref(); without arg shows its usage
* Remove comments that the souce already said
* Simplify renaming variables
* Simplify using htmlsc()
* Simplifying $params (to be continued)
* Simplifying $width/$height (to be continued)

Ändern Zusammenfassung

Diff

--- a/plugin/ref.inc.php
+++ b/plugin/ref.inc.php
@@ -1,6 +1,6 @@
11 <?php
22 // PukiWiki - Yet another WikiWikiWeb clone
3-// $Id: ref.inc.php,v 1.53 2011/02/03 15:03:10 henoheno Exp $
3+// $Id: ref.inc.php,v 1.54 2011/02/06 13:50:46 henoheno Exp $
44 // Copyright (C)
55 // 2002-2006, 2011 PukiWiki Developers Team
66 // 2001-2002 Originally written by yu-ji
@@ -25,18 +25,15 @@ define('PLUGIN_REF_DEFAULT_ALIGN', 'left'); // 'left', 'center', 'right'
2525 // Text wrapping
2626 define('PLUGIN_REF_WRAP_TABLE', FALSE); // TRUE, FALSE
2727
28-// URL指定時に画像サイズを取得するか
28+// NOT RECOMMENDED: getimagesize($uri) for proper width/height
2929 define('PLUGIN_REF_URL_GET_IMAGE_SIZE', FALSE); // FALSE, TRUE
3030
31-// UPLOAD_DIR のデータ(画像ファイルのみ)に直接アクセスさせる
31+// DANGER, DO NOT USE THIS: Allow direct access to UPLOAD_DIR
3232 define('PLUGIN_REF_DIRECT_ACCESS', FALSE); // FALSE or TRUE
33-// - これは従来のインラインイメージ処理を互換のために残すもので
34-// あり、高速化のためのオプションではありません
35-// - UPLOAD_DIR をWebサーバー上に露出させており、かつ直接アクセス
36-// できる(アクセス制限がない)状態である必要があります
37-// - Apache などでは UPLOAD_DIR/.htaccess を削除する必要があります
38-// - ブラウザによってはインラインイメージの表示や、「インライン
39-// イメージだけを表示」させた時などに不具合が出る場合があります
33+// - This is NOT option for acceralation but old and compatible.
34+// - Apache: UPLOAD_DIR/.htaccess will prohibit this usage.
35+// - Browsers: This usage contains any proper mime-type, so
36+// some ones will not show proper result. And may cause XSS.
4037
4138 /////////////////////////////////////////////////
4239
@@ -48,42 +45,41 @@ define('PLUGIN_REF_USAGE', '([pagename/]attached-file-name[,parameters, ... ][,t
4845
4946 function plugin_ref_inline()
5047 {
51- // Not reached, because of "$aryargs[] = & $body" at plugin.php
52- // if (! func_num_args())
53- // return '&amp;ref(): Usage:' . PLUGIN_REF_USAGE . ';';
48+ // "$aryargs[] = & $body" at plugin.php
49+ if (func_num_args() == 1) {
50+ return htmlsc('&ref(): Usage:' . PLUGIN_REF_USAGE . ';');
51+ }
5452
5553 $params = plugin_ref_body(func_get_args());
56-
5754 if (isset($params['_error']) && $params['_error'] != '') {
58- // Error
59- return '&amp;ref(): ' . $params['_error'] . ';';
60- } else {
61- return $params['_body'];
55+ return htmlsc('&ref(): ' . $params['_error'] . ';');
6256 }
57+
58+ return $params['_body'];
6359 }
6460
6561 function plugin_ref_convert()
6662 {
67- if (! func_num_args())
68- return '<p>#ref(): Usage:' . PLUGIN_REF_USAGE . '</p>' . "\n";
63+ if (! func_num_args()) {
64+ return '<p>' . htmlsc('#ref(): Usage:' . PLUGIN_REF_USAGE) . '</p>' . "\n";
65+ }
6966
7067 $params = plugin_ref_body(func_get_args());
71-
7268 if (isset($params['_error']) && $params['_error'] != '') {
73- return '<p>#ref(): ' . $params['_error'] . '</p>' . "\n";
69+ return '<p>' . htmlsc('#ref(): ' . $params['_error']) . '</p>' . "\n";
7470 }
7571
72+ // Wrap with a table
7673 if ((PLUGIN_REF_WRAP_TABLE && ! $params['nowrap']) || $params['wrap']) {
77- // 枠で包む
7874 // margin:auto
79- // Mozilla 1.x = x (wrap,aroundが効かない)
75+ // Mozilla 1.x = x (wrap, and around are ignored)
8076 // Opera 6 = o
81- // Netscape 6 = x (wrap,aroundが効かない)
82- // IE 6 = x (wrap,aroundが効かない)
77+ // Netscape 6 = x (wrap, and around are ignored)
78+ // IE 6 = x (wrap, and around are ignored)
8379 // margin:0px
84- // Mozilla 1.x = x (wrapで寄せが効かない)
85- // Opera 6 = x (wrapで寄せが効かない)
86- // Netscape 6 = x (wrapで寄せが効かない)
80+ // Mozilla 1.x = x (aligning seems ignored with wrap)
81+ // Opera 6 = x (aligning seems ignored with wrap)
82+ // Netscape 6 = x (aligning seems ignored with wrap)
8783 // IE6 = o
8884 $margin = ($params['around'] ? '0px' : 'auto');
8985 $margin_align = ($params['_align'] == 'center') ? '' :
@@ -102,195 +98,181 @@ EOD;
10298 } else {
10399 $style = 'text-align:' . $params['_align'];
104100 }
105-
106- // divで包む
107- return '<div class="img_margin" style="' . $style . '">' . $params['_body'] . '</div>' . "\n";
101+ return '<div class="img_margin" style="' . htmlsc($style) . '">' .
102+ $params['_body'] . '</div>' . "\n";
108103 }
109104
105+// Common function
110106 function plugin_ref_body($args)
111107 {
112108 global $script, $vars;
113- global $WikiName, $BracketName; // compat
109+ global $WikiName, $BracketName;
110+
111+ $page = isset($vars['page']) ? $vars['page'] : '';
114112
115- // 戻り値
116113 $params = array(
117- 'left' => FALSE, // 左寄せ
118- 'center' => FALSE, // 中央寄せ
119- 'right' => FALSE, // 右寄せ
120- 'wrap' => FALSE, // TABLEで囲む
121- 'nowrap' => FALSE, // TABLEで囲まない
122- 'around' => FALSE, // 回り込み
123- 'noicon' => FALSE, // アイコンを表示しない
124- 'nolink' => FALSE, // 元ファイルへのリンクを張らない
125- 'noimg' => FALSE, // 画像を展開しない
126- 'zoom' => FALSE, // 縦横比を保持する
127- '_size' => FALSE, // サイズ指定あり
128- '_w' => 0, // 幅
129- '_h' => 0, // 高さ
130- '_%' => 0, // 拡大率
114+ // Align
115+ 'left' => FALSE,
116+ 'center' => FALSE,
117+ 'right' => FALSE,
118+ '_align' => PLUGIN_REF_DEFAULT_ALIGN,
119+
120+ // Wrap with table or not
121+ 'wrap' => FALSE,
122+ 'nowrap' => FALSE,
123+
124+ 'around' => FALSE, // wrap around
125+ 'noicon' => FALSE, // Suppress showing icon
126+ 'nolink' => FALSE, // Suppress link to image itself
127+ 'noimg' => FALSE, // Suppress showing image
128+
129+ 'zoom' => FALSE, // Image size spacified
130+ '_%' => 0, // percentage
131+
132+ '_size' => FALSE, // Image size specified
133+ '_w' => 0, // width
134+ '_h' => 0, // height
135+
131136 '_args' => array(),
132137 '_done' => FALSE,
133138 '_error' => ''
134139 );
135140
136- // 添付ファイルのあるページ: defaultは現在のページ名
137- $page = isset($vars['page']) ? $vars['page'] : '';
138-
139- // 添付ファイルのファイル名
140- $name = '';
141+ // [Page_name/maybe-separated-with/slashes/]AttachedFileName.sfx or URI
142+ $name = array_shift($args);
143+ $is_url = is_url($name);
141144
142- // 添付ファイルまでのパスおよび(実際の)ファイル名
143- $file = '';
144-
145- // 第一引数: "[ページ名および/]添付ファイル名"、あるいは"URL"を取得
146- $name = array_shift($args);
147- $is_url = is_url($name);
145+ $file = ''; // Path to the attached file
146+ $is_file = FALSE;
148147
149148 if(! $is_url) {
150- // 添付ファイル
151149 if (! is_dir(UPLOAD_DIR)) {
152150 $params['_error'] = 'No UPLOAD_DIR';
153151 return $params;
154152 }
155153
156154 $matches = array();
157- // ファイル名にページ名(ページ参照パス)が合成されているか
158- // (Page_name/maybe-separated-with/slashes/ATTACHED_FILENAME)
159155 if (preg_match('#^(.+)/([^/]+)$#', $name, $matches)) {
156+ // Page_name/maybe-separated-with/slashes and AttachedFileName.sfx
160157 if ($matches[1] == '.' || $matches[1] == '..') {
161158 $matches[1] .= '/'; // Restore relative paths
162159 }
163- $name = $matches[2];
164- $page = get_fullname(strip_bracket($matches[1]), $page); // strip is a compat
165- $file = UPLOAD_DIR . encode($page) . '_' . encode($name);
160+ $name = $matches[2]; // AttachedFileName.sfx
161+ $page = get_fullname(strip_bracket($matches[1]), $page); // strip is a compat
162+ $file = UPLOAD_DIR . encode($page) . '_' . encode($name);
166163 $is_file = is_file($file);
167164
168- // 第二引数以降が存在し、それはrefのオプション名称などと一致しない
169165 } else if (isset($args[0]) && $args[0] != '' && ! isset($params[$args[0]])) {
170- $e_name = encode($name);
171-
172- // Try the second argument, as a page-name or a path-name
173- $_arg = get_fullname(strip_bracket($args[0]), $page); // strip is a compat
174- $file = UPLOAD_DIR . encode($_arg) . '_' . $e_name;
175- $is_file_second = is_file($file);
166+ // Is the second argument a page-name or a path-name?
167+ $_page = array_shift($args);
176168
177- // If the second argument is WikiName, or double-bracket-inserted pagename (compat)
178- $is_bracket_bracket = preg_match('/^(' . $WikiName . '|\[\[' . $BracketName . '\]\])$/', $args[0]);
169+ // Looks like WikiName, or double-bracket-inserted pagename? (compat)
170+ $is_bracket_bracket = preg_match('/^(' . $WikiName . '|\[\[' . $BracketName . '\]\])$/', $_page);
179171
180- if ($is_file_second && $is_bracket_bracket) {
181- // Believe the second argument (compat)
182- array_shift($args);
183- $page = $_arg;
184- $is_file = TRUE;
185- } else {
186- // Try default page, with default params
187- $is_file_default = is_file(UPLOAD_DIR . encode($page) . '_' . $e_name);
172+ $_page = get_fullname(strip_bracket($_page), $page); // strip is a compat
173+ $file = UPLOAD_DIR . encode($_page) . '_' . encode($name);
174+ $is_file = is_file($file);
188175
176+ if (! $is_bracket_bracket || ! $is_file) {
189177 // Promote new design
190- if ($is_file_default && $is_file_second) {
178+ if ($is_file && is_file(UPLOAD_DIR . encode($page) . '_' . encode($name))) {
191179 // Because of race condition NOW
192- $params['_error'] = htmlsc('The same file name "' .
193- $name . '" at both page: "' . $page . '" and "' . $_arg .
194- '". Try ref(pagename/filename) to specify one of them');
180+ $params['_error'] =
181+ 'The same file name "' . $name . '" at both page: "' .
182+ $page . '" and "' . $_page .
183+ '". Try ref(pagename/filename) to specify one of them';
195184 } else {
196185 // Because of possibility of race condition, in the future
197- $params['_error'] = 'The style ref(filename,pagename) is ambiguous ' .
186+ $params['_error'] =
187+ 'The style ref(filename,pagename) is ambiguous ' .
198188 'and become obsolete. ' .
199189 'Please try ref(pagename/filename)';
200190 }
201191 return $params;
202192 }
193+ $page = $_page; // Believe it (compat)
194+
203195 } else {
204196 // Simple single argument
205- $file = UPLOAD_DIR . encode($page) . '_' . encode($name);
197+ $file = UPLOAD_DIR . encode($page) . '_' . encode($name);
206198 $is_file = is_file($file);
207199 }
200+
208201 if (! $is_file) {
209- $params['_error'] = htmlsc('File not found: "' .
210- $name . '" at page "' . $page . '"');
202+ $params['_error'] = 'File not found: "' .
203+ $name . '" at page "' . $page . '"';
211204 return $params;
212205 }
213206 }
214207
215- // 残りの引数の処理
216- if (! empty($args))
217- foreach ($args as $arg)
208+ // $params
209+ if (! empty($args)) {
210+ foreach ($args as $arg) {
218211 ref_check_arg($arg, $params);
212+ }
213+ }
214+ foreach (array('right', 'left', 'center') as $align) {
215+ if ($params[$align]) {
216+ $params['_align'] = $align;
217+ break;
218+ }
219+ }
220+ $seems_image = (! $params['noimg'] && preg_match(PLUGIN_REF_IMAGE, $name));
219221
220-/*
221- $nameをもとに以下の変数を設定
222- $url,$url2 : URL
223- $title :タイトル
224- $is_image : 画像のときTRUE
225- $info : 画像ファイルのときgetimagesize()の'size'
226- 画像ファイル以外のファイルの情報
227- 添付ファイルのとき : ファイルの最終更新日とサイズ
228- URLのとき : URLそのもの
229-*/
230- $title = $url = $url2 = $info = '';
231222 $width = $height = 0;
223+ $title = $url = $url2 = '';
232224 $matches = array();
233225
234- if ($is_url) { // URL
226+ if ($is_url) {
227+ $url = $name;
228+ $url2 = $name;
229+
235230 if (PKWK_DISABLE_INLINE_IMAGE_FROM_URI) {
236231 //$params['_error'] = 'PKWK_DISABLE_INLINE_IMAGE_FROM_URI prohibits this';
237232 //return $params;
238- $url = htmlsc($name);
239- $params['_body'] = '<a href="' . $url . '">' . $url . '</a>';
233+ $s_url = htmlsc($url);
234+ $params['_body'] = '<a href="' . $s_url . '">' . $s_url . '</a>';
240235 return $params;
241236 }
242237
243- $url = $url2 = htmlsc($name);
244- $title = htmlsc(preg_match('/([^\/]+)$/', $name, $matches) ? $matches[1] : $url);
245-
246- $is_image = (! $params['noimg'] && preg_match(PLUGIN_REF_IMAGE, $name));
238+ $title = preg_match('#([^/]+)$#', $url, $matches) ? $matches[1] : $url;
247239
248- if ($is_image && PLUGIN_REF_URL_GET_IMAGE_SIZE && (bool)ini_get('allow_url_fopen')) {
240+ if (PLUGIN_REF_URL_GET_IMAGE_SIZE && $seems_image && (bool)ini_get('allow_url_fopen')) {
249241 $size = @getimagesize($name);
250242 if (is_array($size)) {
251243 $width = $size[0];
252244 $height = $size[1];
253- $info = $size[3];
254245 }
255246 }
256247
257- } else { // 添付ファイル
258-
259- $title = htmlsc($name);
260-
261- $is_image = (! $params['noimg'] && preg_match(PLUGIN_REF_IMAGE, $name));
248+ } else {
249+ $title = $name;
262250
263251 // Count downloads with attach plugin
264- $url = $script . '?plugin=attach' . '&amp;refer=' . rawurlencode($page) .
265- '&amp;openfile=' . rawurlencode($name); // Show its filename at the last
252+ $url = $script . '?plugin=attach' . '&refer=' . rawurlencode($page) .
253+ '&openfile=' . rawurlencode($name); // Show its filename at the last
254+ $url2 = '';
266255
267- if ($is_image) {
268- // Swap $url
269- $url2 = $url;
256+ if ($seems_image) {
270257
271258 // URI for in-line image output
272- if (! PLUGIN_REF_DIRECT_ACCESS) {
273- // With ref plugin (faster than attach)
274- $url = $script . '?plugin=ref' . '&amp;page=' . rawurlencode($page) .
275- '&amp;src=' . rawurlencode($name); // Show its filename at the last
259+ $url2 = $url;
260+ if (PLUGIN_REF_DIRECT_ACCESS) {
261+ $url = $file; // Try direct-access, if possible
276262 } else {
277- // Try direct-access, if possible
278- $url = $file;
263+ // With ref plugin (faster than attach)
264+ $url = $script . '?plugin=ref' . '&page=' . rawurlencode($page) .
265+ '&src=' . rawurlencode($name); // Show its filename at the last
279266 }
280267
281- $width = $height = 0;
282268 $size = @getimagesize($file);
283269 if (is_array($size)) {
284270 $width = $size[0];
285271 $height = $size[1];
286272 }
287- } else {
288- $info = get_date('Y/m/d H:i:s', filemtime($file) - LOCALZONE) .
289- ' ' . sprintf('%01.1f', round(filesize($file)/1024, 1)) . 'KB';
290273 }
291274 }
292275
293- // 拡張パラメータをチェック
294276 if (! empty($params['_args'])) {
295277 $_title = array();
296278 foreach ($params['_args'] as $arg) {
@@ -308,16 +290,15 @@ function plugin_ref_body($args)
308290 }
309291
310292 if (! empty($_title)) {
311- $title = htmlsc(join(',', $_title));
312- if ($is_image) {
313- $title = make_line_rules($title);
314- }
293+ $title = join(',', $_title);
315294 }
316295 }
317296
318- // 画像サイズ調整
319- if ($is_image) {
320- // 指定されたサイズを使用する
297+ $s_url = htmlsc($url);
298+ $s_title = htmlsc($title);
299+ $s_info = '';
300+ if ($seems_image) {
301+ $s_title = make_line_rules($s_title);
321302 if ($params['_size']) {
322303 if ($width == 0 && $height == 0) {
323304 $width = $params['_w'];
@@ -327,8 +308,8 @@ function plugin_ref_body($args)
327308 $_h = $params['_h'] ? $height / $params['_h'] : 0;
328309 $zoom = max($_w, $_h);
329310 if ($zoom) {
330- $width = (int)($width / $zoom);
331- $height = (int)($height / $zoom);
311+ $width = intval($width / $zoom);
312+ $height = intval($height / $zoom);
332313 }
333314 } else {
334315 $width = $params['_w'] ? $params['_w'] : $width;
@@ -336,53 +317,52 @@ function plugin_ref_body($args)
336317 }
337318 }
338319 if ($params['_%']) {
339- $width = (int)($width * $params['_%'] / 100);
340- $height = (int)($height * $params['_%'] / 100);
320+ $width = intval($width * $params['_%'] / 100);
321+ $height = intval($height * $params['_%'] / 100);
341322 }
342323 if ($width && $height) {
343- $info = 'width="' . $width . '" height="' . $height . '" ';
344- }
345- }
346-
347- // アラインメント判定
348- $params['_align'] = PLUGIN_REF_DEFAULT_ALIGN;
349- foreach (array('right', 'left', 'center') as $align) {
350- if ($params[$align]) {
351- $params['_align'] = $align;
352- break;
324+ $s_info = 'width="' . htmlsc($width) .
325+ '" height="' . htmlsc($height) . '" ';
353326 }
354- }
355-
356- if ($is_image) { // 画像
357- $params['_body'] = '<img src="' . $url . '" ' .
358- 'alt="' . $title . '" ' .
359- 'title="' . $title . '" ' .
360- $info . '/>';
327+ $body = '<img src="' . $s_url . '" ' .
328+ 'alt="' . $s_title . '" ' .
329+ 'title="' . $s_title . '" ' .
330+ $s_info . '/>';
361331 if (! $params['nolink'] && $url2) {
362332 $params['_body'] =
363- '<a href="' . $url2 . '" title="' . $title . '">' .
364- $params['_body'] . '</a>';
333+ '<a href="' . htmlsc($url2) . '" title="' . $s_title . '">' .
334+ $body . '</a>';
335+ } else {
336+ $params['_body'] = $body;
365337 }
366338 } else {
339+ if (! $is_url) {
340+ $s_info = htmlsc(get_date('Y/m/d H:i:s', filemtime($file) - LOCALZONE) .
341+ ' ' . sprintf('%01.1f', round(filesize($file) / 1024, 1)) . 'KB');
342+ }
367343 $icon = $params['noicon'] ? '' : FILE_ICON;
368- $params['_body'] = '<a href="' . $url . '" title="' . $info . '">' .
369- $icon . $title . '</a>';
344+ $params['_body'] = '<a href="' . $s_url . '" title="' . $s_info . '">' .
345+ $icon . $s_title . '</a>';
370346 }
371347
372348 return $params;
373349 }
374350
375-// オプションを解析する
376351 function ref_check_arg($val, & $params)
377352 {
353+ if (preg_match('/^_/', $val)) {
354+ $params['_args'][] = $val;
355+ return;
356+ }
378357 if ($val == '') {
379358 $params['_done'] = TRUE;
380359 return;
381360 }
382361
383362 if (! $params['_done']) {
363+ $lval = strtolower($val);
384364 foreach (array_keys($params) as $key) {
385- if (strpos($key, strtolower($val)) === 0) {
365+ if (strpos($key, $lval) === 0) {
386366 $params[$key] = TRUE;
387367 return;
388368 }
@@ -401,14 +381,14 @@ function plugin_ref_action()
401381 $usage = 'Usage: plugin=ref&amp;page=page_name&amp;src=attached_image_name';
402382
403383 if (! isset($vars['page']) || ! isset($vars['src']))
404- return array('msg'=>'Invalid argument', 'body'=>$usage);
384+ return array('msg' => 'Invalid argument', 'body' => $usage);
405385
406386 $page = $vars['page'];
407387 $filename = $vars['src'] ;
408388
409389 $ref = UPLOAD_DIR . encode($page) . '_' . encode(preg_replace('#^.*/#', '', $filename));
410390 if(! file_exists($ref))
411- return array('msg'=>'Attach file not found', 'body'=>$usage);
391+ return array('msg' => 'Attach file not found', 'body' => $usage);
412392
413393 $got = @getimagesize($ref);
414394 if (! isset($got[2])) $got[2] = FALSE;
@@ -418,7 +398,7 @@ function plugin_ref_action()
418398 case 3: $type = 'image/png' ; break;
419399 case 4: $type = 'application/x-shockwave-flash'; break;
420400 default:
421- return array('msg'=>'Seems not an image', 'body'=>$usage);
401+ return array('msg' => 'Seems not an image', 'body' => $usage);
422402 }
423403
424404 // Care for Japanese-character-included file name
@@ -433,14 +413,13 @@ function plugin_ref_action()
433413 break;
434414 }
435415 }
436- $file = htmlsc($filename);
437- $size = filesize($ref);
438416
439417 // Output
418+ $size = filesize($ref);
440419 pkwk_common_headers();
441- header('Content-Disposition: inline; filename="' . $filename . '"');
442- header('Content-Length: ' . $size);
443- header('Content-Type: ' . $type);
420+ header('Content-Disposition: inline; filename="' . htmlsc($filename) . '"');
421+ header('Content-Length: ' . htmlsc($size));
422+ header('Content-Type: ' . htmlsc($type));
444423 @readfile($ref);
445424 exit;
446425 }