diff -ur pukiwiki-1.4.7_notb/INSTALL.txt pukiwiki-r1_5_0_eucjp.bt2353_proposal/INSTALL.txt
--- pukiwiki-1.4.7_notb/INSTALL.txt Tue Jul 1 05:58:15 2014
+++ pukiwiki-r1_5_0_eucjp.bt2353_proposal/INSTALL.txt Tue Jul 1 06:16:57 2014
@@ -1,7 +1,7 @@
名前
PukiWiki - 自由にページを追加・削除・編集できるWebページ構築スクリプト
- Version 1.4.6
+ Version 1.5.0
Copyright (C)
2001-2005 PukiWiki Developers Team
2001-2002 yu-ji (Based on PukiWiki 1.3 by yu-ji)
Binary files pukiwiki-1.4.7_notb/README.en.txt.zip and pukiwiki-r1_5_0_eucjp.bt2353_proposal/README.en.txt.zip differ
diff -ur pukiwiki-1.4.7_notb/README.txt pukiwiki-r1_5_0_eucjp.bt2353_proposal/README.txt
--- pukiwiki-1.4.7_notb/README.txt Tue Jul 1 05:58:15 2014
+++ pukiwiki-r1_5_0_eucjp.bt2353_proposal/README.txt Tue Jul 1 06:16:58 2014
@@ -1,7 +1,7 @@
名前
PukiWiki - 自由にページを追加・削除・編集できるWebページ構築スクリプト
- Version 1.4.7
+ Version 1.5.0
Copyright (C)
2001-2006 PukiWiki Developers Team
2001-2002 yu-ji (Based on PukiWiki 1.3 by yu-ji)
Binary files pukiwiki-1.4.7_notb/UPDATING.en.txt.zip and pukiwiki-r1_5_0_eucjp.bt2353_proposal/UPDATING.en.txt.zip differ
diff -ur pukiwiki-1.4.7_notb/lib/auth.php pukiwiki-r1_5_0_eucjp.bt2353_proposal/lib/auth.php
--- pukiwiki-1.4.7_notb/lib/auth.php Tue Jul 1 05:58:22 2014
+++ pukiwiki-r1_5_0_eucjp.bt2353_proposal/lib/auth.php Tue Jul 1 06:17:05 2014
@@ -1,7 +1,7 @@
' . $_msg_unfreeze . ')';
@@ -214,7 +214,7 @@
}
if ($exit_flag) {
$body = $title = str_replace('$1',
- htmlspecialchars(strip_bracket($page)), $title_cannot);
+ htmlsc(strip_bracket($page)), $title_cannot);
$page = str_replace('$1', make_search($page), $title_cannot);
catbody($title, $page, $body);
exit;
diff -ur pukiwiki-1.4.7_notb/lib/backup.php pukiwiki-r1_5_0_eucjp.bt2353_proposal/lib/backup.php
--- pukiwiki-1.4.7_notb/lib/backup.php Tue Jul 1 05:58:22 2014
+++ pukiwiki-r1_5_0_eucjp.bt2353_proposal/lib/backup.php Tue Jul 1 06:17:05 2014
@@ -11,7 +11,7 @@
* @access public
* @author
* @create
- * @version $Id: backup.php,v 1.12 2006/02/02 13:27:57 henoheno Exp $
+ * @version $Id: backup.php,v 1.13 2011/01/25 15:01:01 henoheno Exp $
* Copyright (C)
* 2002-2006 PukiWiki Developers Team
* 2001-2002 Originally written by yu-ji
@@ -67,7 +67,7 @@
$body = preg_replace("/\n*$/", "\n", $body);
$fp = _backup_fopen($page, 'wb')
- or die_message('Cannot open ' . htmlspecialchars(_backup_get_filename($page)) .
+ or die_message('Cannot open ' . htmlsc(_backup_get_filename($page)) .
'
Maybe permission is not writable or filename is too long');
_backup_fputs($fp, $strout);
_backup_fputs($fp, $body);
diff -ur pukiwiki-1.4.7_notb/lib/convert_html.php pukiwiki-r1_5_0_eucjp.bt2353_proposal/lib/convert_html.php
--- pukiwiki-1.4.7_notb/lib/convert_html.php Tue Jul 1 05:58:22 2014
+++ pukiwiki-r1_5_0_eucjp.bt2353_proposal/lib/convert_html.php Tue Jul 1 06:17:05 2014
@@ -1,6 +1,6 @@
style[$name] = $name . ':' . htmlspecialchars($matches[3]) . ';';
+ $this->style[$name] = $name . ':' . htmlsc($matches[3]) . ';';
$text = $matches[5];
} else if ($matches[4]) {
- $this->style['size'] = 'font-size:' . htmlspecialchars($matches[4]) . 'px;';
+ $this->style['size'] = 'font-size:' . htmlsc($matches[4]) . 'px;';
$text = $matches[5];
}
}
@@ -726,7 +726,7 @@
{
global $preformat_ltrim;
parent::Element();
- $this->elements[] = htmlspecialchars(
+ $this->elements[] = htmlsc(
(! $preformat_ltrim || $text == '' || $text{0} != ' ') ? $text : substr($text, 1));
}
diff -ur pukiwiki-1.4.7_notb/lib/diff.php pukiwiki-r1_5_0_eucjp.bt2353_proposal/lib/diff.php
--- pukiwiki-1.4.7_notb/lib/diff.php Tue Jul 1 05:58:22 2014
+++ pukiwiki-r1_5_0_eucjp.bt2353_proposal/lib/diff.php Tue Jul 1 06:17:05 2014
@@ -1,6 +1,6 @@
';
$params = array($_obj->get('left'), $_obj->get('right'), $_obj->text());
foreach ($params as $key=>$text) {
- $text = htmlspecialchars($text);
+ $text = htmlsc($text);
if (trim($text) == '') $text = ' ';
$do_update_diff_table .= '<' . $tags[$key] .
' class="style_' . $tags[$key] . '">' . $text .
diff -ur pukiwiki-1.4.7_notb/lib/file.php pukiwiki-r1_5_0_eucjp.bt2353_proposal/lib/file.php
--- pukiwiki-1.4.7_notb/lib/file.php Tue Jul 1 05:58:22 2014
+++ pukiwiki-r1_5_0_eucjp.bt2353_proposal/lib/file.php Tue Jul 1 06:17:04 2014
@@ -1,6 +1,6 @@
' . "\n" .
'Maybe permission is not writable or filename is too long');
set_file_buffer($fp, 0);
@@ -285,7 +285,7 @@
// Add
array_unshift($lines, '-' . format_date(UTIME) . ' - ' . $_page .
- htmlspecialchars($subject) . "\n");
+ htmlsc($subject) . "\n");
// Get latest $limit reports
$lines = array_splice($lines, 0, $limit);
@@ -293,7 +293,7 @@
// Update
$fp = fopen(get_filename($recentpage), 'w') or
die_message('Cannot write page file ' .
- htmlspecialchars($recentpage) .
+ htmlsc($recentpage) .
'
Maybe permission is not writable or filename is too long');
set_file_buffer($fp, 0);
flock($fp, LOCK_EX);
@@ -377,7 +377,7 @@
// Open
pkwk_touch_file($file);
$fp = fopen($file, 'r+') or
- die_message('Cannot open ' . htmlspecialchars($whatsnew));
+ die_message('Cannot open ' . htmlsc($whatsnew));
set_file_buffer($fp, 0);
flock($fp, LOCK_EX);
@@ -385,8 +385,8 @@
ftruncate($fp, 0);
rewind($fp);
foreach ($recent_pages as $_page=>$time)
- fputs($fp, '-' . htmlspecialchars(format_date($time)) .
- ' - ' . '[[' . htmlspecialchars($_page) . ']]' . "\n");
+ fputs($fp, '-' . htmlsc(format_date($time)) .
+ ' - ' . '[[' . htmlsc($_page) . ']]' . "\n");
fputs($fp, '#norelated' . "\n"); // :)
flock($fp, LOCK_UN);
@@ -441,15 +441,15 @@
$file = get_filename($whatsnew);
pkwk_touch_file($file);
$fp = fopen($file, 'r+') or
- die_message('Cannot open ' . htmlspecialchars($whatsnew));
+ die_message('Cannot open ' . htmlsc($whatsnew));
set_file_buffer($fp, 0);
flock($fp, LOCK_EX);
ftruncate($fp, 0);
rewind($fp);
foreach (array_keys($recent_pages) as $page) {
$time = $recent_pages[$page];
- $s_lastmod = htmlspecialchars(format_date($time));
- $s_page = htmlspecialchars($page);
+ $s_lastmod = htmlsc(format_date($time));
+ $s_page = htmlsc($page);
fputs($fp, '-' . $s_lastmod . ' - [[' . $s_page . ']]' . "\n");
}
fputs($fp, '#norelated' . "\n"); // :)
@@ -730,12 +730,12 @@
$lockfile = CACHE_DIR . 'pkwk_chown.lock';
$flock = fopen($lockfile, 'a') or
die('pkwk_chown(): fopen() failed for: CACHEDIR/' .
- basename(htmlspecialchars($lockfile)));
+ basename(htmlsc($lockfile)));
flock($flock, LOCK_EX) or die('pkwk_chown(): flock() failed for lock');
// Check owner
$stat = stat($filename) or
- die('pkwk_chown(): stat() failed for: ' . basename(htmlspecialchars($filename)));
+ die('pkwk_chown(): stat() failed for: ' . basename(htmlsc($filename)));
if ($stat[4] === $php_uid) {
// NOTE: Windows always here
$result = TRUE; // Seems the same UID. Nothing to do
@@ -746,7 +746,7 @@
// NOTE: Not 'r+'. Don't check write permission here
$ffile = fopen($filename, 'r') or
die('pkwk_chown(): fopen() failed for: ' .
- basename(htmlspecialchars($filename)));
+ basename(htmlsc($filename)));
// Try to chown by re-creating files
// NOTE:
@@ -786,7 +786,7 @@
return $result;
} else {
die('pkwk_touch_file(): Invalid UID and (not writable for the directory or not a flie): ' .
- htmlspecialchars(basename($filename)));
+ htmlsc(basename($filename)));
}
}
?>
diff -ur pukiwiki-1.4.7_notb/lib/func.php pukiwiki-r1_5_0_eucjp.bt2353_proposal/lib/func.php
--- pukiwiki-1.4.7_notb/lib/func.php Tue Jul 1 05:58:23 2014
+++ pukiwiki-r1_5_0_eucjp.bt2353_proposal/lib/func.php Tue Jul 1 06:17:05 2014
@@ -1,6 +1,6 @@
' . "\n";
foreach (array_keys($pages) as $page) {
$r_page = rawurlencode($page);
- $s_page = htmlspecialchars($page);
+ $s_page = htmlsc($page);
$passage = $show_passage ? ' ' . get_passage(get_filetime($page)) : '';
$retval .= '
Sorry, page \'' . htmlspecialchars($rule_page) . + return '
Sorry, page \'' . htmlsc($rule_page) . '\' unavailable.
'; } else { return convert_html(get_source($rule_page)); @@ -631,7 +631,7 @@ if (isset($script_directory_index)) { if (! file_exists($script_directory_index)) die_message('Directory index file not found: ' . - htmlspecialchars($script_directory_index)); + htmlsc($script_directory_index)); $matches = array(); if (preg_match('#^(.+/)' . preg_quote($script_directory_index, '#') . '$#', $script, $matches)) $script = $matches[1]; @@ -700,6 +700,13 @@ } return join($glue, $arr); } + +// Sugar with default settings +function htmlsc($string = '', $flags = ENT_COMPAT, $charset = CONTENT_CHARSET) +{ + return htmlspecialchars($string, $flags, $charset); // htmlsc() +} + //// Compat //// diff -ur pukiwiki-1.4.7_notb/lib/html.php pukiwiki-r1_5_0_eucjp.bt2353_proposal/lib/html.php --- pukiwiki-1.4.7_notb/lib/html.php Tue Jul 1 05:58:23 2014 +++ pukiwiki-r1_5_0_eucjp.bt2353_proposal/lib/html.php Tue Jul 1 06:17:04 2014 @@ -1,6 +1,6 @@ ' . $_msg_word . htmlspecialchars($vars['word']) . + $body = '