| リビジョン | d4db227e918a2f4edf4bb4d5527308887cbbabf2 (tree) |
|---|---|
| 日時 | 2018-12-27 01:30:40 |
| 作者 |  umorigu <umorigu@gmai...> |
| コミッター | umorigu |
BugTrack/2263 back.inc.php - Fix URL back link
plugin/back.inc.php (diff)| @@ -2,7 +2,7 @@ | ||
| 2 | 2 | // PukiWiki - Yet another WikiWikiWeb clone. |
| 3 | 3 | // back.inc.php |
| 4 | 4 | // Copyright |
| 5 | -// 2003-2016 PukiWiki Development Team | |
| 5 | +// 2003-2018 PukiWiki Development Team | |
| 6 | 6 | // 2002 Katsumi Saito <katsumi@jo1upk.ymt.prug.or.jp> |
| 7 | 7 | // |
| 8 | 8 | // back plugin |
| @@ -43,16 +43,24 @@ function plugin_back_convert() | ||
| 43 | 43 | if ($href != '') { |
| 44 | 44 | if (PLUGIN_BACK_ALLOW_PAGELINK) { |
| 45 | 45 | if (is_url($href)) { |
| 46 | - $href = rawurlencode($href); | |
| 46 | + $href = htmlsc($href); | |
| 47 | 47 | } else { |
| 48 | + $refer = isset($vars['page']) ? $vars['page'] : ''; | |
| 48 | 49 | $array = anchor_explode($href); |
| 49 | - $array[0] = rawurlencode($array[0]); | |
| 50 | - $array[1] = ($array[1] != '') ? '#' . rawurlencode($array[1]) : ''; | |
| 51 | - $href = $script . '?' . $array[0] . $array[1]; | |
| 52 | - $link = is_page($array[0]); | |
| 50 | + $page = get_fullname($array[0], $refer); | |
| 51 | + if (! is_pagename($page)) { | |
| 52 | + return PLUGIN_BACK_USAGE; | |
| 53 | + } | |
| 54 | + $anchor = ($array[1] != '') ? '#' . rawurlencode($array[1]) : ''; | |
| 55 | + $href = get_page_uri($page) . $anchor; | |
| 56 | + $link = is_page($page); | |
| 53 | 57 | } |
| 54 | 58 | } else { |
| 55 | - $href = rawurlencode($href); | |
| 59 | + if (is_url($href)) { | |
| 60 | + $href = htmlsc($href); | |
| 61 | + } else { | |
| 62 | + return PLUGIN_BACK_USAGE . ': Set a page name or an URI'; | |
| 63 | + } | |
| 56 | 64 | } |
| 57 | 65 | } else { |
| 58 | 66 | if (! PLUGIN_BACK_ALLOW_JAVASCRIPT) |
Fork