Merge pull request #770 from 2du/master

v3.1.4

.gitignore

@@ -1,6 +1,8 @@
 __pycache__
 /app_session
 data/set.json
+data/mysql.json
+404.html
 .vscode
 
 *.db

Dockerfile

@@ -3,6 +3,7 @@ FROM python:3.6.8-stretch
 MAINTAINER 2du <min08101@naver.com>
 MAINTAINER hoparkgo9ma <me@ho9.me>
 
+ENV NAMU_DB_TYPE sqlite
 ENV NAMU_DB data
 ENV NAMU_HOST 0.0.0.0
 ENV NAMU_PORT 3000

Dockerfile.arm32v7

@@ -1,19 +0,0 @@
-FROM arm32v7/python:3.6.8-stretch
-
-MAINTAINER 2du <min08101@naver.com>
-MAINTAINER hoparkgo9ma <me@ho9.me>
-
-ENV NAMU_DB data
-ENV NAMU_HOST 0.0.0.0
-ENV NAMU_PORT 3000
-ENV NAMU_LANG en-US
-ENV NAMU_MARKUP namumark
-ENV NAMU_ENCRYPT sha3
-
-ADD . /app
-WORKDIR /app
-
-RUN pip install -r requirements.txt
-EXPOSE 3000
-
-CMD [ "python", "./app.py" ]

Dockerfile.arm64v8

@@ -3,6 +3,7 @@ FROM arm64v8/python:3.6.8-stretch
 MAINTAINER 2du <min08101@naver.com>
 MAINTAINER hoparkgo9ma <me@ho9.me>
 
+ENV NAMU_DB_TYPE sqlite
 ENV NAMU_DB data
 ENV NAMU_HOST 0.0.0.0
 ENV NAMU_PORT 3000

app.py

@@ -8,7 +8,7 @@ for i_data in os.listdir("route"):
 
         exec("from route." + f_src + " import *")
 
-version_list = json.loads(open('version.json', encoding='utf-8').read())
+version_list = json.loads(open('version.json').read())
 
 r_ver = version_list['master']['r_ver']
 c_ver = version_list['master']['c_ver']
@@ -19,37 +19,112 @@ print('DB set version : ' + c_ver)
 print('Skin set version : ' + s_ver)
 print('----')
 
-app_var = json.loads(open('data/app_var.json', encoding='utf-8').read())
+app_var = json.loads(open('data/app_var.json').read())
 
 # DB
-try:
-    set_data = json.loads(open('data/set.json').read())
-except:
-    if os.getenv('NAMU_DB') != None:
-        set_data = { "db" : os.getenv('NAMU_DB') }
-    else:
-        print('DB name (data) : ', end = '')
-        
-        new_json = str(input())
-        if new_json == '':
-            new_json = 'data'
-            
-        with open('data/set.json', 'w') as f:
-            f.write('{ "db" : "' + new_json + '" }')
-            
+while 1:
+    try:
         set_data = json.loads(open('data/set.json').read())
+        if not 'db_type' in set_data:
+            try:
+                os.remove('data/set.json')
+            except:
+                print('Please delete set.json')
+                print('----')
+                raise
+        else:
+            break
+    except:
+        if os.getenv('NAMU_DB') != None or os.getenv('NAMU_DB_TYPE') != None:
+            set_data = { 
+                "db" : os.getenv('NAMU_DB') if os.getenv('NAMU_DB') else 'data', 
+                "db_type" : os.getenv('NAMU_DB_TYPE') if os.getenv('NAMU_DB_TYPE') else 'sqlite'
+            }
+
+            break
+        else:        
+            new_json = ['', '']
+            normal_db_type = ['sqlite', 'mysql']
+
+            print('DB type (sqlite, mysql) : ', end = '')
+            new_json[0] = str(input())
+            if new_json[0] == '' or not new_json[0] in normal_db_type:
+                new_json[0] = 'sqlite'
+
+            all_src = []
+            for i_data in os.listdir("."):
+                f_src = re.search("(.+)\.db$", i_data)
+                if f_src:
+                    all_src += [f_src.groups()[0]]
+
+            if all_src != []:
+                print('DB name (' + ', '.join(all_src) + ') : ', end = '')
+            else:
+                print('DB name (data) : ', end = '')
+
+            new_json[1] = str(input())
+            if new_json[1] == '':
+                new_json[1] = 'data'
+                
+            with open('data/set.json', 'w') as f:
+                f.write('{ "db" : "' + new_json[1] + '", "db_type" : "' + new_json[0] + '" }')
+                
+            set_data = json.loads(open('data/set.json').read())
+            
+            break
         
 print('DB name : ' + set_data['db'])
+print('DB type : ' + set_data['db_type'])
 db_name = set_data['db']
+
+db_data_get(set_data['db_type'])
+
+if set_data['db_type'] == 'mysql':
+    try:
+        set_data_mysql = json.loads(open('data/mysql.json').read())
+    except:
+        new_json = ['', '']
+
+        while 1:
+            print('DB user id : ', end = '')
+            new_json[0] = str(input())
+            if new_json[0] != '':
+                break
+
+        while 1:
+            print('DB password : ', end = '')
+            new_json[1] = str(input())
+            if new_json[1] != '':
+                break
+
+        with open('data/mysql.json', 'w') as f:
+            f.write('{ "user" : "' + new_json[0] + '", "password" : "' + new_json[1] + '" }')
+                
+        set_data_mysql = json.loads(open('data/mysql.json').read())
+
+    conn = pymysql.connect(
+        host = 'localhost', 
+        user = set_data_mysql['user'], 
+        password = set_data_mysql['password'],
+        charset = 'utf8mb4'
+    )
+    curs = conn.cursor()
+
+    try:
+        curs.execute(db_change('create database ? default character set utf8mb4;')%pymysql.escape_string(db_name))
+    except:
+        pass
+
+    curs.execute(db_change('use ?')%pymysql.escape_string(db_name))
+else:
+    conn = sqlite3.connect(db_name + '.db', check_same_thread = False)
+    curs = conn.cursor()
             
 if os.path.exists(db_name + '.db'):
     setup_tool = 0
 else:
     setup_tool = 1
 
-conn = sqlite3.connect(db_name + '.db', check_same_thread = False)
-curs = conn.cursor()
-
 load_conn(conn)
 
 logging.basicConfig(level = logging.ERROR)
@@ -68,6 +143,7 @@ class EverythingConverter(werkzeug.routing.PathConverter):
 app.jinja_env.filters['md5_replace'] = md5_replace
 app.jinja_env.filters['load_lang'] = load_lang
 app.jinja_env.filters['cut_100'] = cut_100
+app.jinja_env.filters['change_space'] = change_space
 
 app.url_map.converters['everything'] = EverythingConverter
 
@@ -97,11 +173,14 @@ create_data['all_data'] = [
     'oauth_conn'
 ]
 for i in create_data['all_data']:
-    curs.execute('create table if not exists ' + i + '(test longtext)')
+    try:
+        curs.execute(db_change('select test from ' + i + ' limit 1'))
+    except:
+        curs.execute(db_change('create table ' + i + '(test longtext)'))
 
 if setup_tool == 0:
     try:
-        curs.execute('select data from other where name = "ver"')
+        curs.execute(db_change('select data from other where name = "ver"'))
         ver_set_data = curs.fetchall()
         if not ver_set_data:
             setup_tool = 1
@@ -138,17 +217,17 @@ if setup_tool != 0:
     for create_table in create_data['all_data']:
         for create in create_data[create_table]:
             try:
-                curs.execute('select ' + create + ' from ' + create_table + ' limit 1')
+                curs.execute(db_change('select ' + create + ' from ' + create_table + ' limit 1'))
             except:
-                curs.execute("alter table " + create_table + " add " + create + " longtext default ''")
+                curs.execute(db_change("alter table " + create_table + " add " + create + " longtext default ''"))
 
     update()
 
 # Init
-curs.execute('select name from alist where acl = "owner"')
+curs.execute(db_change('select name from alist where acl = "owner"'))
 if not curs.fetchall():
-    curs.execute('delete from alist where name = "owner"')
-    curs.execute('insert into alist (name, acl) values ("owner", "owner")')
+    curs.execute(db_change('delete from alist where name = "owner"'))
+    curs.execute(db_change('insert into alist (name, acl) values ("owner", "owner")'))
 
 if not os.path.exists(app_var['path_data_image']):
     os.makedirs(app_var['path_data_image'])
@@ -163,12 +242,12 @@ server_set_key = ['host', 'port', 'language', 'markup', 'encode']
 server_set = {}
 
 for i in range(len(server_set_key)):
-    curs.execute('select data from other where name = ?', [server_set_key[i]])
+    curs.execute(db_change('select data from other where name = ?'), [server_set_key[i]])
     server_set_val = curs.fetchall()
     if not server_set_val:
         server_set_val = server_init.init(server_set_key[i])
         
-        curs.execute('insert into other (name, data) values (?, ?)', [server_set_key[i], server_set_val])
+        curs.execute(db_change('insert into other (name, data) values (?, ?)'), [server_set_key[i], server_set_val])
         conn.commit()
     else:
         server_set_val = server_set_val[0][0]
@@ -177,43 +256,23 @@ for i in range(len(server_set_key)):
     
     server_set[server_set_key[i]] = server_set_val
 
-try:
-    if not os.path.exists('robots.txt'):
-        curs.execute('select data from other where name = "robot"')
-        robot_test = curs.fetchall()
-        if robot_test:
-            fw_test = open('./robots.txt', 'w')
-            fw_test.write(re.sub('\r\n', '\n', robot_test[0][0]))
-            fw_test.close()
-        else:
-            fw_test = open('./robots.txt', 'w')
-            fw_test.write('User-agent: *\nDisallow: /\nAllow: /$\nAllow: /w/')
-            fw_test.close()
-
-            curs.execute('insert into other (name, data) values ("robot", "User-agent: *\nDisallow: /\nAllow: /$\nAllow: /w/")')
-        
-        print('----')
-        print('Engine made robots.txt')
-except:
-    pass
-
-curs.execute('select data from other where name = "key"')
+curs.execute(db_change('select data from other where name = "key"'))
 rep_data = curs.fetchall()
 if not rep_data:
     rep_key = ''.join(random.choice("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ") for i in range(16))
     if rep_key:
-        curs.execute('insert into other (name, data) values ("key", ?)', [rep_key])
+        curs.execute(db_change('insert into other (name, data) values ("key", ?)'), [rep_key])
 else:
     rep_key = rep_data[0][0]
 
-curs.execute('select data from other where name = "adsense"')
+curs.execute(db_change('select data from other where name = "adsense"'))
 adsense_result = curs.fetchall()
 if not adsense_result:
-    curs.execute('insert into other (name, data) values ("adsense", "False")')
-    curs.execute('insert into other (name, data) values ("adsense_code", "")')
+    curs.execute(db_change('insert into other (name, data) values ("adsense", "False")'))
+    curs.execute(db_change('insert into other (name, data) values ("adsense_code", "")'))
 
-curs.execute('delete from other where name = "ver"')
-curs.execute('insert into other (name, data) values ("ver", ?)', [c_ver])
+curs.execute(db_change('delete from other where name = "ver"'))
+curs.execute(db_change('insert into other (name, data) values ("ver", ?)'), [c_ver])
 
 def back_up():
     print('----')
@@ -227,7 +286,7 @@ def back_up():
     threading.Timer(60 * 60 * back_time, back_up).start()
 
 try:
-    curs.execute('select data from other where name = "back_up"')
+    curs.execute(db_change('select data from other where name = "back_up"'))
     back_up_time = curs.fetchall()
     
     back_time = int(back_up_time[0][0])
@@ -242,27 +301,38 @@ if back_time != 0:
 else:
     print('Back up state : Turn off')
 
+if set_data['db_type'] == 'mysql':
+    def mysql_dont_off():
+        try:
+            urllib.request.urlopen('http://localhost:' + str(server_set['port']) + '/')
+        except:
+            pass
+
+        threading.Timer(60 * 60 * 6, mysql_dont_off).start()
+
+    mysql_dont_off()
+
 conn.commit()
 
 def count_all_title():
-    curs.execute("select count(title) from data")
+    curs.execute(db_change("select count(title) from data"))
     count_data = curs.fetchall()
     if count_data:
         count_data = count_data[0][0]
     else:
         count_data = 0
 
-    curs.execute('delete from other where name = "count_all_title"')
-    curs.execute('insert into other (name, data) values ("count_all_title", ?)', [str(count_data)])
+    curs.execute(db_change('delete from other where name = "count_all_title"'))
+    curs.execute(db_change('insert into other (name, data) values ("count_all_title", ?)'), [str(count_data)])
 
     conn.commit()
 
     threading.Timer(60 * 60 * 24, count_all_title).start()
 
-curs.execute('select data from other where name = "count_all_title"')
+curs.execute(db_change('select data from other where name = "count_all_title"'))
 all_title = curs.fetchall()
 if not all_title:
-    curs.execute('insert into other (name, data) values ("count_all_title", "0")')
+    curs.execute(db_change('insert into other (name, data) values ("count_all_title", "0")'))
 
 count_all_title()  
 
@@ -297,6 +367,10 @@ def setting(num = 0):
 def list_not_close_topic():
     return list_not_close_topic_2(conn)
 
+@app.route('/old_page')
+def list_old_page():
+    return list_old_page_2(conn)
+
 @app.route('/acl_list')
 def list_acl():
     return list_acl_2(conn)
@@ -591,6 +665,10 @@ def api_topic_sub(name = '', sub = '', time = ''):
 @app.route('/api/search/<name>')
 def api_search(name = ''):
     return api_search_2(conn, name)
+
+@app.route('/api/recent_changes')
+def api_recent_change():
+    return api_recent_change_2(conn)
     
 # File
 @app.route('/views/easter_egg.html')
@@ -603,7 +681,7 @@ def main_views(name = None):
 
 @app.route('/<data>')
 def main_file(data = None):
-    return main_file_2(conn, data)
+    return main_file_2(conn, data) if re.search('\.txt$', data) else main_error_404_2(conn)
 
 # End
 @app.errorhandler(404)

emergency_tool.py

@@ -1,31 +1,106 @@
 from route.tool.func import *
-from route.tool.mark import load_conn2, namumark
 
-try:
-    set_data = json.loads(open('data/set.json').read())
-except:
-    if os.getenv('NAMU_DB') != None:
-        set_data = { "db" : os.getenv('NAMU_DB') }
-    else:
-        print('DB name (data) : ', end = '')
-        
-        new_json = str(input())
-        if new_json == '':
-            new_json = 'data'
-            
-        with open('data/set.json', 'w') as f:
-            f.write('{ "db" : "' + new_json + '" }')
-            
+# DB
+while 1:
+    try:
         set_data = json.loads(open('data/set.json').read())
+        if not 'db_type' in set_data:
+            try:
+                os.remove('data/set.json')
+            except:
+                print('Please delete set.json')
+                print('----')
+                raise
+        else:
+            break
+    except:
+        if os.getenv('NAMU_DB') != None or os.getenv('NAMU_DB_TYPE') != None:
+            set_data = { 
+                "db" : os.getenv('NAMU_DB') if os.getenv('NAMU_DB') else 'data', 
+                "db_type" : os.getenv('NAMU_DB_TYPE') if os.getenv('NAMU_DB_TYPE') else 'sqlite'
+            }
+
+            break
+        else:        
+            new_json = ['', '']
+            normal_db_type = ['sqlite', 'mysql']
+
+            print('DB type (sqlite, mysql) : ', end = '')
+            new_json[0] = str(input())
+            if new_json[0] == '' or not new_json[0] in normal_db_type:
+                new_json[0] = 'sqlite'
+
+            all_src = []
+            for i_data in os.listdir("."):
+                f_src = re.search("(.+)\.db$", i_data)
+                if f_src:
+                    all_src += [f_src.groups()[0]]
+
+            if all_src != []:
+                print('DB name (' + ', '.join(all_src) + ') : ', end = '')
+            else:
+                print('DB name (data) : ', end = '')
+
+            new_json[1] = str(input())
+            if new_json[1] == '':
+                new_json[1] = 'data'
+                
+            with open('data/set.json', 'w') as f:
+                f.write('{ "db" : "' + new_json[1] + '", "db_type" : "' + new_json[0] + '" }')
+                
+            set_data = json.loads(open('data/set.json').read())
+            
+            break
         
 print('DB name : ' + set_data['db'])
 db_name = set_data['db']
 
-conn = sqlite3.connect(db_name + '.db', check_same_thread = False)
-curs = conn.cursor()
+db_data_get(set_data['db_type'])
+
+if set_data['db_type'] == 'mysql':
+    try:
+        set_data_mysql = json.loads(open('data/mysql.json').read())
+    except:
+        new_json = ['', '']
+
+        while 1:
+            print('DB user id : ', end = '')
+            new_json[0] = str(input())
+            if new_json[0] != '':
+                break
+
+        while 1:
+            print('DB password : ', end = '')
+            new_json[1] = str(input())
+            if new_json[1] != '':
+                break
+
+        with open('data/mysql.json', 'w') as f:
+            f.write('{ "user" : "' + new_json[0] + '", "password" : "' + new_json[1] + '" }')
+                
+        set_data_mysql = json.loads(open('data/mysql.json').read())
+
+    conn = pymysql.connect(
+        host = 'localhost', 
+        user = set_data_mysql['user'], 
+        password = set_data_mysql['password'],
+        charset = 'utf8mb4'
+    )
+    curs = conn.cursor()
+
+    try:
+        curs.execute(db_change('create database ? default character set utf8mb4;')%pymysql.escape_string(db_name))
+    except:
+        pass
+
+    curs.execute(db_change('use ?')%pymysql.escape_string(db_name))
+else:
+    conn = sqlite3.connect(db_name + '.db', check_same_thread = False)
+    curs = conn.cursor()
 
 load_conn(conn)
 
+# Main
 print('----')
 print('1. Backlink reset')
 print('2. reCAPTCHA delete')
@@ -35,8 +110,9 @@ print('5. Change port')
 print('6. Change skin')
 print('7. Change password')
 print('8. Reset version')
-print('9. New DB create')
-print('10. Delete set.json')
+print('9. Delete set.json')
+print('10. Change name')
+print('11. Delete mysql.json')
 
 print('----')
 print('Select : ', end = '')
@@ -46,10 +122,10 @@ if what_i_do == '1':
     def parser(data):
         namumark(data[0], data[1], 1)
 
-    curs.execute("delete from back")
+    curs.execute(db_change("delete from back"))
     conn.commit()
 
-    curs.execute("select title, data from data")
+    curs.execute(db_change("select title, data from data"))
     data = curs.fetchall()
     num = 0
 
@@ -63,8 +139,8 @@ if what_i_do == '1':
         if num % 10 == 0:
             print(num)
 elif what_i_do == '2':
-    curs.execute("delete from other where name = 'recaptcha'")
-    curs.execute("delete from other where name = 'sec_re'")
+    curs.execute(db_change("delete from other where name = 'recaptcha'"))
+    curs.execute(db_change("delete from other where name = 'sec_re'"))
 elif what_i_do == '3':
     print('----')
     print('IP or Name : ', end = '')
@@ -75,7 +151,7 @@ elif what_i_do == '3':
     else:
         band = ''
 
-        curs.execute("insert into rb (block, end, today, blocker, why, band) values (?, ?, ?, ?, ?, ?)", 
+        curs.execute(db_change("insert into rb (block, end, today, blocker, why, band) values (?, ?, ?, ?, ?, ?)"), 
             [user_data, 
             'release', 
             get_time(), 
@@ -83,25 +159,25 @@ elif what_i_do == '3':
             '', 
             band
         ])
-    curs.execute("delete from ban where block = ?", [user_data])
+    curs.execute(db_change("delete from ban where block = ?"), [user_data])
 elif what_i_do == '4':
     print('----')
     print('Host : ', end = '')
     host = input()
 
-    curs.execute("update other set data = ? where name = 'host'", [host])
+    curs.execute(db_change("update other set data = ? where name = 'host'"), [host])
 elif what_i_do == '5':
     print('----')
     print('Port : ', end = '')
     port = int(input())
 
-    curs.execute("update other set data = ? where name = 'port'", [port])
+    curs.execute(db_change("update other set data = ? where name = 'port'"), [port])
 elif what_i_do == '6':
     print('----')
-    print('Skin\'s name : ', end = '')
+    print('Skin name : ', end = '')
     skin = input()
 
-    curs.execute("update other set data = ? where name = 'skin'", [skin])
+    curs.execute(db_change("update other set data = ? where name = 'skin'"), [skin])
 elif what_i_do == '7':
     print('----')
     print('1. sha256')
@@ -112,11 +188,11 @@ elif what_i_do == '7':
     what_i_do = int(input())
 
     print('----')
-    print('User\'s name : ', end = '')
+    print('User name : ', end = '')
     user_name = input()
 
     print('----')
-    print('User\'s password : ', end = '')
+    print('User password : ', end = '')
     user_pw = input()
 
     if what_i_do == '1':
@@ -127,21 +203,27 @@ elif what_i_do == '7':
         else:
             hashed = hashlib.sha3_256(bytes(user_pw, 'utf-8')).hexdigest()
        
-    curs.execute("update user set pw = ? where id = ?", [hashed, user_name])
+    curs.execute(db_change("update user set pw = ? where id = ?"), [hashed, user_name])
 elif what_i_do == '8':
-    curs.execute("update other set data = '00000' where name = 'ver'")
+    curs.execute(db_change("update other set data = '00000' where name = 'ver'"))
 elif what_i_do == '9':
+    try:
+        os.remove('data/set.json')
+    except:
+        pass
+elif what_i_do == '10':
     print('----')
-    print('DB name (data) : ', end = '')
-    
-    db_name = input()
-    if db_name == '':
-        db_name = 'data'
+    print('User name : ', end = '')
+    user_name = input()
 
-    sqlite3.connect(db_name + '.db', check_same_thread = False)
-elif what_i_do == '10':
+    print('----')
+    print('New name : ', end = '')
+    new_name = input()
+
+    curs.execute(db_change("update user set id = ? where id = ?"), [new_name, user_name])
+else:
     try:
-        os.remove('data/set.json')
+        os.remove('data/mysql.json')
     except:
         pass
 

language/en-US.json

@@ -93,6 +93,7 @@
         "title" : "Title",
         "reference" : "Reference",
         "icon" : "Icon",
+        "view" : "View",
         "_comment_1.1_" : "Time",
             "second" : "Second(s)",
             "hour" : "Hour(s)",
@@ -179,6 +180,8 @@
         "last_edit_time" : "Last edited time",
         "admin_group" : "Admin group",
         "topic_setting" : "Topic setting(s)",
+        "old_page" : "Old decument(s)",
+        "skin_set" : "Skin setting(s)",
         "_comment_2.1_" : "Filter",
             "_comment_2.1.1_" : "List",
                 "interwiki_list" : "Interwiki(s) list",
@@ -239,6 +242,7 @@
                 "reset_user_text" : "Password reset complete text",
                 "error_401" : "ACL view limited document notice",
                 "error_404" : "Missing document notice",
+                "edit_help" : "Editing textarea phrase",
             "_comment_2.2.4_" : "Google",
                 "recaptcha" : "reCAPTCHA",
                 "google_imap" : "Google IMAP",
@@ -292,6 +296,7 @@
         "no_login_warring" : "Non-login status. IP is logged when working with non-login.",
         "user_reset_sign" : "Your account information has changed like this.",
         "update_warring" : "Manual updates are recommended if your version is 0.2 or lower than the latest version. For Windows, the contents of the route folder disappear.",
+        "defalut_edit_help" : "Describe it here",
         "markup_enabled" : "Markup enabled",
         "_comment_3.1_" : "Error",
             "update_error" : "Auto update is not support.",

language/ko-KR.json

@@ -56,6 +56,7 @@
     "connect": "연결",
     "edit_record": "편집 기록",
     "preview": "미리보기",
+    "view" : "보기",
     "no_login_error": "비로그인 상태입니다.",
     "upload": "업로드",
     "user_name": "사용자 이름",
@@ -296,5 +297,9 @@
     "last_edit_time": "최근 수정 시각",
     "link": "링크",
     "icon": "아이콘",
-    "topic_setting" : "토론 설정"
+    "topic_setting" : "토론 설정",
+    "old_page" : "오래된 문서",
+    "skin_set" : "스킨 설정",
+    "edit_help" : "편집창 문구",
+    "defalut_edit_help" : "이곳에 내용을 써주세요"
 }

requirements.txt

@@ -3,4 +3,5 @@ bcrypt
 flask
 flask-Reggie
 flask-compress
+pymysql
 pysha3; python_version < "3.6"

route/alarm.py

@@ -5,7 +5,7 @@ def alarm_2(conn):
 
     data = '<ul>'    
     
-    curs.execute("select data, date from alarm where name = ? order by date desc", [ip_check()])
+    curs.execute(db_change("select data, date from alarm where name = ? order by date desc"), [ip_check()])
     data_list = curs.fetchall()
     if data_list:
         data = '<a href="/del_alarm">(' + load_lang('delete') + ')</a><hr class=\"main_hr\">' + data

route/alarm_del.py

@@ -3,7 +3,7 @@ from .tool.func import *
 def alarm_del_2(conn):
     curs = conn.cursor()
     
-    curs.execute("delete from alarm where name = ?", [ip_check()])
+    curs.execute(db_change("delete from alarm where name = ?"), [ip_check()])
     conn.commit()
 
     return redirect('/alarm')

route/api_markup.py

@@ -3,7 +3,7 @@ from .tool.func import *
 def api_markup_2(conn):
     curs = conn.cursor()
 
-    curs.execute('select data from other where name = "markup"')
+    curs.execute(db_change('select data from other where name = "markup"'))
     rep_data = curs.fetchall()
     if rep_data[0][0] != '':
         return flask.jsonify({ "markup" : rep_data[0][0] })

route/api_raw.py

@@ -4,7 +4,7 @@ def api_raw_2(conn, name):
     curs = conn.cursor()
 
     if acl_check(name, 'render') != 1:
-        curs.execute("select data from data where title = ?", [name])
+        curs.execute(db_change("select data from data where title = ?"), [name])
         data = curs.fetchall()
         if data:
             json_data = { "title" : name, "data" : render_set(title = name, data = data[0][0], s_data = 1) }

route/api_recent_change.py

@@ -0,0 +1,29 @@
+from .tool.func import *
+
+def api_recent_change_2(conn):
+    curs = conn.cursor()
+
+    num = int(number_check(flask.request.args.get('num', '10')))
+    if not num > 0:
+        num = 1
+
+    if num > 1000:
+        num = 1
+
+    page = int(number_check(flask.request.args.get('page', '1')))
+    if page * num > 0:
+        page = page * num - num
+    else:
+        page = 0   
+
+    curs.execute(db_change('' + \
+        'select id, title, date, ip, send, leng from history ' + \
+        "where not title like 'user:%' " + \
+        'order by date desc ' + \
+        'limit ?, ?' + \
+    ''), [page, num])
+    all_list = curs.fetchall()
+    if all_list:
+        return flask.jsonify(all_list)
+    else:
+        return flask.jsonify({})

route/api_search.py

@@ -3,18 +3,24 @@ from .tool.func import *
 def api_search_2(conn, name):
     curs = conn.cursor()
 
-    num = int(number_check(flask.request.args.get('num', '1')))
+    num = int(number_check(flask.request.args.get('num', '10')))
     if not num > 0:
         num = 1
 
     if num > 1000:
         num = 1
 
-    curs.execute("" + \
+    page = int(number_check(flask.request.args.get('page', '1')))
+    if page * num > 0:
+        page = page * num - num
+    else:
+        page = 0      
+
+    curs.execute(db_change("" + \
         "select distinct title, case when title like ? then 'title' else 'data' " + \
         "end from data where title like ? or data like ? order by case " + \
-        "when title like ? then 1 else 2 end limit ?",
-        ['%' + name + '%', '%' + name + '%', '%' + name + '%', '%' + name + '%', str(num)]
+        "when title like ? then 1 else 2 end limit ?, ?"),
+        ['%' + name + '%', '%' + name + '%', '%' + name + '%', '%' + name + '%', page, num]
     )
     all_list = curs.fetchall()
     if all_list:

route/api_topic_sub.py

@@ -4,15 +4,15 @@ def api_topic_sub_2(conn, name, sub, time):
     curs = conn.cursor()
 
     if flask.request.args.get('num', None):
-        curs.execute("select id, data, date, ip, block, top from topic where title = ? and sub = ? and id + 0 = ? + 0 order by id + 0 asc", [
+        curs.execute(db_change("select id, data, date, ip, block, top from topic where title = ? and sub = ? and id + 0 = ? + 0 order by id + 0 asc"), [
             name, 
             sub, 
             flask.request.args.get('num', '')
         ])
     elif flask.request.args.get('top', None):
-        curs.execute("select id, data, date, ip, block, top from topic where title = ? and sub = ? and top = 'O' order by id + 0 asc", [name, sub])
+        curs.execute(db_change("select id, data, date, ip, block, top from topic where title = ? and sub = ? and top = 'O' order by id + 0 asc"), [name, sub])
     else:
-        curs.execute("select id, data, date, ip, block, top from topic where title = ? and sub = ? order by id + 0 asc", [name, sub])
+        curs.execute(db_change("select id, data, date, ip, block, top from topic where title = ? and sub = ? order by id + 0 asc"), [name, sub])
 
     data = curs.fetchall()
     if data:
@@ -20,25 +20,32 @@ def api_topic_sub_2(conn, name, sub, time):
         admin = admin_check(3)
                     
         for i in data:
-            if i[4] != 'O' or (i[4] == 'O' and admin == 1):
+            ip = ip_pas(i[3])
+
+            if i[4] != 'O':
                 t_data_f = i[1]
-                b_color = 'toron_color_grey'
+                b_color = 'toron_color'
             else:
-                curs.execute("select who from re_admin where what = ? order by time desc limit 1", ['blind (' + name + ' - ' + sub + '#' + str(i[0]) + ')'])
+                if admin == 1:
+                    t_data_f = i[1]
+                    b_color = 'toron_color_grey'
+                else:
+                    t_data_f = ''
+                    b_color = 'toron_color_not'
+
+                curs.execute(db_change("select who from re_admin where what = ? order by time desc limit 1"), ['blind (' + name + ' - ' + sub + '#' + str(i[0]) + ')'])
                 who_blind = curs.fetchall()
                 if who_blind:
-                    t_data_f = '[[user:' + who_blind[0][0] + ']] block'
-                    b_color = 'toron_color_grey'
+                    ip += ' (' + who_blind[0][0] + ' B)'
                 else:
-                    t_data_f = 'block'
-                    b_color = 'toron_color_grey'
+                    ip += ' (B)'
 
             if flask.request.args.get('render', None):
                 if i[0] == '1':
                     s_user = i[3]
                 else:
                     if flask.request.args.get('num', None):
-                        curs.execute("select ip from topic where title = ? and sub = ? order by id + 0 asc limit 1", [name, sub])
+                        curs.execute(db_change("select ip from topic where title = ? and sub = ? order by id + 0 asc limit 1"), [name, sub])
                         g_data = curs.fetchall()
                         if g_data:
                             s_user = g_data[0][0]
@@ -53,10 +60,8 @@ def api_topic_sub_2(conn, name, sub, time):
                     t_color = 'toron_color_blue'
                 else:
                     t_color = 'toron_color'
-                    
-                ip = ip_pas(i[3])
 
-                if admin == 1 or b_color != 'toron_color_grey':
+                if admin == 1 or b_color != 'toron_color_not':
                     ip += ' <a href="/topic/' + url_pas(name) + '/sub/' + url_pas(sub) + '/admin/' + i[0] + '">(' + load_lang('discussion_tool') + ')</a>'
                     
                 if t_data_f == '':
@@ -71,7 +76,7 @@ def api_topic_sub_2(conn, name, sub, time):
                                 </td>
                             </tr>
                             <tr>
-                                <td id="''' + b_color + '">' + render_set(data = t_data_f) + '''</td>
+                                <td id="''' + b_color + '">' + render_set(data = t_data_f, include = 'topic_' + i[0]) + '''</td>
                             </tr>
                         </tbody>
                     </table>
@@ -85,7 +90,7 @@ def api_topic_sub_2(conn, name, sub, time):
                 if i[4] != 'O' or (i[4] == 'O' and admin == 1):
                     t_data_f = i[1]
                 else:
-                    curs.execute("select who from re_admin where what = ? order by time desc limit 1", ['blind (' + name + ' - ' + sub + '#' + str(i[0]) + ')'])
+                    curs.execute(db_change("select who from re_admin where what = ? order by time desc limit 1"), ['blind (' + name + ' - ' + sub + '#' + str(i[0]) + ')'])
                     who_blind = curs.fetchall()
                     if who_blind:
                         t_data_f = '[[user:' + who_blind[0][0] + ']] block'

route/api_user_info.py

@@ -8,7 +8,7 @@ def api_user_info_2(conn, name):
         plus_t = []
 
         plus_d = '''
-            <table>
+            <table class="user_info_table">
                 <tbody>
                     <tr>
                         <td>''' + load_lang('user_name') + '''</td>
@@ -26,7 +26,7 @@ def api_user_info_2(conn, name):
             </table>
         '''
         
-        curs.execute("select acl from user where id = ?", [name])
+        curs.execute(db_change("select acl from user where id = ?"), [name])
         data = curs.fetchall()
         if data:
             if data[0][0] != 'user':
@@ -45,7 +45,7 @@ def api_user_info_2(conn, name):
             else:
                 match = '-'
 
-            curs.execute("select end, login, band from ban where block = ? or block = ?", [name, match])
+            curs.execute(db_change("select end, login, band from ban where block = ? or block = ?"), [name, match])
             block_data = curs.fetchall()
             if block_data:
                 if block_data[0][0] != '':

route/api_w.py

@@ -4,7 +4,7 @@ def api_w_2(conn, name):
     curs = conn.cursor()
 
     if flask.request.args.get('exist', None):
-        curs.execute("select title from data where title = ?", [name])
+        curs.execute(db_change("select title from data where title = ?"), [name])
         if curs.fetchall():
             return flask.jsonify({ "exist" : "1" })
         else:
@@ -16,7 +16,7 @@ def api_w_2(conn, name):
                 
                 return flask.jsonify({ "title" : name, "data" : g_data[0], "js_data" : g_data[1] })
             else:
-                curs.execute("select data from data where title = ?", [name])
+                curs.execute(db_change("select data from data where title = ?"), [name])
                 data = curs.fetchall()
                 if data:
                     if flask.request.args.get('include', 'include_1'):

route/edit.py

@@ -22,7 +22,7 @@ def edit_2(conn, name):
         today = get_time()
         content = savemark(flask.request.form.get('content', ''))
         
-        curs.execute("select data from data where title = ?", [name])
+        curs.execute(db_change("select data from data where title = ?"), [name])
         old = curs.fetchall()
         if old:
             leng = leng_check(len(flask.request.form.get('otent', '')), len(content))
@@ -30,15 +30,15 @@ def edit_2(conn, name):
             if flask.request.args.get('section', None):
                 content = old[0][0].replace(flask.request.form.get('otent', ''), content)
                 
-            curs.execute("update data set data = ? where title = ?", [content, name])
+            curs.execute(db_change("update data set data = ? where title = ?"), [content, name])
         else:
             leng = '+' + str(len(content))
             
-            curs.execute("insert into data (title, data) values (?, ?)", [name, content])
+            curs.execute(db_change("insert into data (title, data) values (?, ?)"), [name, content])
 
-        curs.execute("select user from scan where title = ?", [name])
+        curs.execute(db_change("select user from scan where title = ?"), [name])
         for _ in curs.fetchall():
-            curs.execute("insert into alarm (name, data, date) values (?, ?, ?)", [ip, ip + ' - <a href="/w/' + url_pas(name) + '">' + name + '</a> (Edit)', today])
+            curs.execute(db_change("insert into alarm (name, data, date) values (?, ?, ?)"), [ip, ip + ' - <a href="/w/' + url_pas(name) + '">' + name + '</a> (Edit)', today])
 
         history_plus(
             name,
@@ -49,8 +49,8 @@ def edit_2(conn, name):
             leng
         )
         
-        curs.execute("delete from back where link = ?", [name])
-        curs.execute("delete from back where title = ? and type = 'no'", [name])
+        curs.execute(db_change("delete from back where link = ?"), [name])
+        curs.execute(db_change("delete from back where title = ? and type = 'no'"), [name])
         
         render_set(
             title = name,
@@ -62,7 +62,7 @@ def edit_2(conn, name):
         
         return redirect('/w/' + url_pas(name))
     else:            
-        curs.execute("select data from data where title = ?", [name])
+        curs.execute(db_change("select data from data where title = ?"), [name])
         new = curs.fetchall()
         if new:
             if flask.request.args.get('section', None):
@@ -98,31 +98,39 @@ def edit_2(conn, name):
             get_name = ''
             
         if flask.request.args.get('plus', None):
-            curs.execute("select data from data where title = ?", [flask.request.args.get('plus', 'test')])
+            curs.execute(db_change("select data from data where title = ?"), [flask.request.args.get('plus', 'test')])
             get_data = curs.fetchall()
             if get_data:
                 data = get_data[0][0]
                 get_name = ''
 
-        curs.execute('select data from other where name = "edit_bottom_text"')
+        curs.execute(db_change('select data from other where name = "edit_bottom_text"'))
         sql_d = curs.fetchall()
         if sql_d and sql_d[0][0] != '':
             b_text = '<hr class=\"main_hr\">' + sql_d[0][0]
         else:
             b_text = ''
 
+        curs.execute(db_change('select data from other where name = "edit_help"'))
+        sql_d = curs.fetchall()
+        if sql_d and sql_d[0][0] != '':
+            p_text = sql_d[0][0]
+        else:
+            p_text = load_lang('defalut_edit_help')
+
         return easy_minify(flask.render_template(skin_check(), 
             imp = [name, wiki_set(), custom(), other2([' (' + load_lang('edit') + ')', 0])],
             data =  get_name + '''
                 <form method="post">
+                    <script>do_stop_exit();</script>
                     ''' + edit_button() + '''
-                    <textarea id="content" rows="25" id="content" name="content">''' + html.escape(re.sub('\n$', '', data)) + '''</textarea>
-                    <textarea style="display: none;" name="otent">''' + html.escape(re.sub('\n$', '', data_old)) + '''</textarea>
+                    <textarea rows="25" id="content" placeholder="''' + p_text + '''" name="content">''' + html.escape(re.sub('\n$', '', data)) + '''</textarea>
+                    <textarea id="origin" name="otent">''' + html.escape(re.sub('\n$', '', data_old)) + '''</textarea>
                     <hr class=\"main_hr\">
                     <input placeholder="''' + load_lang('why') + '''" name="send" type="text">
                     <hr class=\"main_hr\">
                     ''' + captcha_get() + ip_warring() + '''
-                    <button id="save" type="submit">''' + load_lang('save') + '''</button>
+                    <button id="save" type="submit" onclick="go_save_zone = 1;">''' + load_lang('save') + '''</button>
                     <button id="preview" type="button" onclick="load_preview(\'''' + url_pas(name) + '\')">' + load_lang('preview') + '''</button>
                 </form>
                 ''' + b_text + '''

route/edit_delete.py

@@ -13,7 +13,7 @@ def edit_delete_2(conn, name, app_var):
         else:
             captcha_post('', 0)
 
-        curs.execute("select data from data where title = ?", [name])
+        curs.execute(db_change("select data from data where title = ?"), [name])
         data = curs.fetchall()
         if data:
             today = get_time()
@@ -29,12 +29,12 @@ def edit_delete_2(conn, name, app_var):
                 'delete'
             )
             
-            curs.execute("select title, link from back where title = ? and not type = 'cat' and not type = 'no'", [name])
+            curs.execute(db_change("select title, link from back where title = ? and not type = 'cat' and not type = 'no'"), [name])
             for data in curs.fetchall():
-                curs.execute("insert into back (title, link, type) values (?, ?, 'no')", [data[0], data[1]])
+                curs.execute(db_change("insert into back (title, link, type) values (?, ?, 'no')"), [data[0], data[1]])
             
-            curs.execute("delete from back where link = ?", [name])
-            curs.execute("delete from data where title = ?", [name])
+            curs.execute(db_change("delete from back where link = ?"), [name])
+            curs.execute(db_change("delete from data where title = ?"), [name])
             conn.commit()
 
         file_check = re.search('^file:(.+)\.(.+)$', name)
@@ -47,7 +47,7 @@ def edit_delete_2(conn, name, app_var):
             
         return redirect('/w/' + url_pas(name))
     else:
-        curs.execute("select title from data where title = ?", [name])
+        curs.execute(db_change("select title from data where title = ?"), [name])
         if not curs.fetchall():
             return redirect('/w/' + url_pas(name))
 

route/edit_move.py

@@ -12,20 +12,20 @@ def edit_move_2(conn, name):
         else:
             captcha_post('', 0)
 
-        curs.execute("select title from history where title = ?", [flask.request.form.get('title', None)])
+        curs.execute(db_change("select title from history where title = ?"), [flask.request.form.get('title', None)])
         if curs.fetchall():
             if admin_check(None, 'merge documents') == 1:
-                curs.execute("select data from data where title = ?", [flask.request.form.get('title', None)])
+                curs.execute(db_change("select data from data where title = ?"), [flask.request.form.get('title', None)])
                 data = curs.fetchall()
                 if data:            
-                    curs.execute("delete from data where title = ?", [flask.request.form.get('title', None)])
-                    curs.execute("delete from back where link = ?", [flask.request.form.get('title', None)])
+                    curs.execute(db_change("delete from data where title = ?"), [flask.request.form.get('title', None)])
+                    curs.execute(db_change("delete from back where link = ?"), [flask.request.form.get('title', None)])
                 
-                curs.execute("select data from data where title = ?", [name])
+                curs.execute(db_change("select data from data where title = ?"), [name])
                 data = curs.fetchall()
                 if data:            
-                    curs.execute("update data set title = ? where title = ?", [flask.request.form.get('title', None), name])
-                    curs.execute("update back set link = ? where link = ?", [flask.request.form.get('title', None), name])
+                    curs.execute(db_change("update data set title = ? where title = ?"), [flask.request.form.get('title', None), name])
+                    curs.execute(db_change("update back set link = ? where link = ?"), [flask.request.form.get('title', None), name])
                     
                     data_in = data[0][0]
                 else:
@@ -41,18 +41,18 @@ def edit_move_2(conn, name):
                     'marge <a>' + name + '</a> - <a>' + flask.request.form.get('title', 'test') + '</a> move'
                 )
 
-                curs.execute("update back set type = 'no' where title = ? and not type = 'cat' and not type = 'no'", [name])
-                curs.execute("delete from back where title = ? and not type = 'cat' and type = 'no'", [flask.request.form.get('title', None)])
+                curs.execute(db_change("update back set type = 'no' where title = ? and not type = 'cat' and not type = 'no'"), [name])
+                curs.execute(db_change("delete from back where title = ? and not type = 'cat' and type = 'no'"), [flask.request.form.get('title', None)])
 
-                curs.execute("select id from history where title = ? order by id + 0 desc limit 1", [flask.request.form.get('title', None)])
+                curs.execute(db_change("select id from history where title = ? order by id + 0 desc limit 1"), [flask.request.form.get('title', None)])
                 data = curs.fetchall()
                 
                 num = data[0][0]
 
-                curs.execute("select id from history where title = ? order by id + 0 asc", [name])
+                curs.execute(db_change("select id from history where title = ? order by id + 0 asc"), [name])
                 data = curs.fetchall()
                 for move in data:
-                    curs.execute("update history set title = ?, id = ? where title = ? and id = ?", [flask.request.form.get('title', None), str(int(num) + int(move[0])), name, move[0]])
+                    curs.execute(db_change("update history set title = ?, id = ? where title = ? and id = ?"), [flask.request.form.get('title', None), str(int(num) + int(move[0])), name, move[0]])
 
                 conn.commit()
 
@@ -60,11 +60,11 @@ def edit_move_2(conn, name):
             else:
                 return re_error('/error/19')
         else:
-            curs.execute("select data from data where title = ?", [name])
+            curs.execute(db_change("select data from data where title = ?"), [name])
             data = curs.fetchall()
             if data:            
-                curs.execute("update data set title = ? where title = ?", [flask.request.form.get('title', None), name])
-                curs.execute("update back set link = ? where link = ?", [flask.request.form.get('title', None), name])
+                curs.execute(db_change("update data set title = ? where title = ?"), [flask.request.form.get('title', None), name])
+                curs.execute(db_change("update back set link = ? where link = ?"), [flask.request.form.get('title', None), name])
                 
                 data_in = data[0][0]
             else:
@@ -80,10 +80,10 @@ def edit_move_2(conn, name):
                 '<a>' + name + '</a> - <a>' + flask.request.form.get('title', 'test') + '</a> move'
             )
             
-            curs.execute("update back set type = 'no' where title = ? and not type = 'cat' and not type = 'no'", [name])
-            curs.execute("delete from back where title = ? and not type = 'cat' and type = 'no'", [flask.request.form.get('title', None)])
+            curs.execute(db_change("update back set type = 'no' where title = ? and not type = 'cat' and not type = 'no'"), [name])
+            curs.execute(db_change("delete from back where title = ? and not type = 'cat' and type = 'no'"), [flask.request.form.get('title', None)])
 
-            curs.execute("update history set title = ? where title = ?", [flask.request.form.get('title', None), name])
+            curs.execute(db_change("update history set title = ? where title = ?"), [flask.request.form.get('title', None), name])
             conn.commit()
 
             return redirect('/w/' + url_pas(flask.request.form.get('title', None)))

route/edit_revert.py

@@ -5,7 +5,7 @@ def edit_revert_2(conn, name):
 
     num = int(number_check(flask.request.args.get('num', '1')))
 
-    curs.execute("select title from history where title = ? and id = ? and hide = 'O'", [name, str(num)])
+    curs.execute(db_change("select title from history where title = ? and id = ? and hide = 'O'"), [name, str(num)])
     if curs.fetchall() and admin_check(6) != 1:
         return re_error('/error/3')
 
@@ -18,24 +18,24 @@ def edit_revert_2(conn, name):
         else:
             captcha_post('', 0)
     
-        curs.execute("select data from history where title = ? and id = ?", [name, str(num)])
+        curs.execute(db_change("select data from history where title = ? and id = ?"), [name, str(num)])
         data = curs.fetchall()
         if data:
             if edit_filter_do(data[0][0]) == 1:
                 return re_error('/error/21')
 
-        curs.execute("delete from back where link = ?", [name])
+        curs.execute(db_change("delete from back where link = ?"), [name])
         conn.commit()
         
         if data:                                
-            curs.execute("select data from data where title = ?", [name])
+            curs.execute(db_change("select data from data where title = ?"), [name])
             data_old = curs.fetchall()
             if data_old:
                 leng = leng_check(len(data_old[0][0]), len(data[0][0]))
-                curs.execute("update data set data = ? where title = ?", [data[0][0], name])
+                curs.execute(db_change("update data set data = ? where title = ?"), [data[0][0], name])
             else:
                 leng = '+' + str(len(data[0][0]))
-                curs.execute("insert into data (title, data) values (?, ?)", [name, data[0][0]])
+                curs.execute(db_change("insert into data (title, data) values (?, ?)"), [name, data[0][0]])
                 
             history_plus(
                 name, 
@@ -57,7 +57,7 @@ def edit_revert_2(conn, name):
             
         return redirect('/w/' + url_pas(name))
     else:
-        curs.execute("select title from history where title = ? and id = ?", [name, str(num)])
+        curs.execute(db_change("select title from history where title = ? and id = ?"), [name, str(num)])
         if not curs.fetchall():
             return redirect('/w/' + url_pas(name))
 

route/func_title_random.py

@@ -3,11 +3,11 @@ from .tool.func import *
 def func_title_random_2(conn):
     curs = conn.cursor()
 
-    curs.execute("" + \
+    curs.execute(db_change("" + \
         "select title from data " + \
         "where title not like 'user:%' and title not like 'category:%' and title not like 'file:%'" + \
         "order by random() limit 1" + \
-    "")
+    ""))
     data = curs.fetchall()
     if data:
         return redirect('/w/' + url_pas(data[0][0]))

route/func_upload.py

@@ -34,11 +34,11 @@ def func_upload_2(conn):
 
         e_data = sha224(piece[0]) + piece[1]
 
-        curs.execute("select title from data where title = ?", ['file:' + name])
+        curs.execute(db_change("select title from data where title = ?"), ['file:' + name])
         if curs.fetchall():
             return re_error('/error/16')
 
-        curs.execute("select html from html_filter where kind = 'file'")
+        curs.execute(db_change("select html from html_filter where kind = 'file'"))
         db_data = curs.fetchall()
         for i in db_data:
             t_re = re.compile(i[0])
@@ -73,8 +73,8 @@ def func_upload_2(conn):
 
         file_d = '[[file:' + name + ']][br][br]{{{[[file:' + name + ']]}}}[br][br]' + lice
         
-        curs.execute("insert into data (title, data) values (?, ?)", ['file:' + name, file_d])
-        curs.execute("insert into acl (title, decu, dis, why, view) values (?, 'admin', '', '', '')", ['file:' + name])
+        curs.execute(db_change("insert into data (title, data) values (?, ?)"), ['file:' + name, file_d])
+        curs.execute(db_change("insert into acl (title, decu, dis, why, view) values (?, 'admin', '', '', '')"), ['file:' + name])
 
         render_set(
             title = name,
@@ -87,8 +87,9 @@ def func_upload_2(conn):
             file_d,
             get_time(), 
             ip, 
-            '(upload)',
-            '0'
+            ip,
+            '0',
+            'upload'
         )
         
         conn.commit()
@@ -99,7 +100,7 @@ def func_upload_2(conn):
             <option value="direct_input">''' + load_lang('direct_input') + '''</option>
         '''
 
-        curs.execute("select html from html_filter where kind = 'image_license'")
+        curs.execute(db_change("select html from html_filter where kind = 'image_license'"))
         db_data = curs.fetchall()
         for i in db_data:
             license_list += '''

route/give_acl.py

@@ -30,14 +30,14 @@ def give_acl_2(conn, name):
                 check_ok = 'disabled'
 
     if flask.request.method == 'POST':
-        curs.execute("select title from acl where title = ?", [name])
+        curs.execute(db_change("select title from acl where title = ?"), [name])
         if curs.fetchall():
-            curs.execute("update acl set decu = ? where title = ?", [flask.request.form.get('decu', ''), name])
-            curs.execute("update acl set dis = ? where title = ?", [flask.request.form.get('dis', ''), name])
-            curs.execute("update acl set why = ? where title = ?", [flask.request.form.get('why', ''), name])
-            curs.execute("update acl set view = ? where title = ?", [flask.request.form.get('view', ''), name])
+            curs.execute(db_change("update acl set decu = ? where title = ?"), [flask.request.form.get('decu', ''), name])
+            curs.execute(db_change("update acl set dis = ? where title = ?"), [flask.request.form.get('dis', ''), name])
+            curs.execute(db_change("update acl set why = ? where title = ?"), [flask.request.form.get('why', ''), name])
+            curs.execute(db_change("update acl set view = ? where title = ?"), [flask.request.form.get('view', ''), name])
         else:
-            curs.execute("insert into acl (title, decu, dis, why, view) values (?, ?, ?, ?, ?)", [
+            curs.execute(db_change("insert into acl (title, decu, dis, why, view) values (?, ?, ?, ?, ?)"), [
                 name, 
                 flask.request.form.get('decu', ''), 
                 flask.request.form.get('dis', ''), 
@@ -45,9 +45,9 @@ def give_acl_2(conn, name):
                 flask.request.form.get('view', '')
             ])
         
-        curs.execute("select title from acl where title = ? and decu = '' and dis = '' and view = ''", [name])
+        curs.execute(db_change("select title from acl where title = ? and decu = '' and dis = '' and view = ''"), [name])
         if curs.fetchall():
-            curs.execute("delete from acl where title = ?", [name])
+            curs.execute(db_change("delete from acl where title = ?"), [name])
             
         all_d = ''
         for i in ['decu', 'dis', 'view']:
@@ -73,7 +73,7 @@ def give_acl_2(conn, name):
         else:
             acl_list = ['', 'user', 'admin', 'owner', '50_edit', 'email']
         
-        curs.execute("select decu from acl where title = ?", [name])
+        curs.execute(db_change("select decu from acl where title = ?"), [name])
         acl_data = curs.fetchall()
         for data_list in acl_list:
             if acl_data and acl_data[0][0] == data_list:
@@ -88,7 +88,7 @@ def give_acl_2(conn, name):
         if not re.search('^user:', name):
             data += '<hr class=\"main_hr\"><h2>' + load_lang('discussion_acl') + '</h2><hr class=\"main_hr\"><select name="dis" ' + check_ok + '>'
         
-            curs.execute("select dis, why, view from acl where title = ?", [name])
+            curs.execute(db_change("select dis, why, view from acl where title = ?"), [name])
             acl_data = curs.fetchall()
             for data_list in acl_list:
                 if acl_data and acl_data[0][0] == data_list:

route/give_admin.py

@@ -5,13 +5,13 @@ def give_admin_2(conn, name):
 
     owner = admin_check()
     
-    curs.execute("select acl from user where id = ?", [name])
+    curs.execute(db_change("select acl from user where id = ?"), [name])
     user = curs.fetchall()
     if not user:
         return re_error('/error/2')
     else:
         if owner != 1:
-            curs.execute('select name from alist where name = ? and acl = "owner"', [user[0][0]])
+            curs.execute(db_change('select name from alist where name = ? and acl = "owner"'), [user[0][0]])
             if curs.fetchall():
                 return re_error('/error/3')
 
@@ -23,14 +23,14 @@ def give_admin_2(conn, name):
             return re_error('/error/3')
 
         if owner != 1:
-            curs.execute('select name from alist where name = ? and acl = "owner"', [flask.request.form.get('select', None)])
+            curs.execute(db_change('select name from alist where name = ? and acl = "owner"'), [flask.request.form.get('select', None)])
             if curs.fetchall():
                 return re_error('/error/3')
 
         if flask.request.form.get('select', None) == 'X':
-            curs.execute("update user set acl = 'user' where id = ?", [name])
+            curs.execute(db_change("update user set acl = 'user' where id = ?"), [name])
         else:
-            curs.execute("update user set acl = ? where id = ?", [flask.request.form.get('select', None), name])
+            curs.execute(db_change("update user set acl = ? where id = ?"), [flask.request.form.get('select', None), name])
         
         conn.commit()
         
@@ -41,13 +41,13 @@ def give_admin_2(conn, name):
 
         div = '<option value="X">X</option>'
         
-        curs.execute('select distinct name from alist order by name asc')
+        curs.execute(db_change('select distinct name from alist order by name asc'))
         for data in curs.fetchall():
             if user[0][0] == data[0]:
                 div += '<option value="' + data[0] + '" selected="selected">' + data[0] + '</option>'
             else:
                 if owner != 1:
-                    curs.execute('select name from alist where name = ? and acl = "owner"', [data[0]])
+                    curs.execute(db_change('select name from alist where name = ? and acl = "owner"'), [data[0]])
                     if not curs.fetchall():
                         div += '<option value="' + data[0] + '">' + data[0] + '</option>'
                 else:

route/give_admin_groups.py

@@ -7,28 +7,28 @@ def give_admin_groups_2(conn, name):
         if admin_check(None, 'admin_plus (' + name + ')') != 1:
             return re_error('/error/3')
 
-        curs.execute("delete from alist where name = ?", [name])
+        curs.execute(db_change("delete from alist where name = ?"), [name])
         
         if flask.request.form.get('ban', 0) != 0:
-            curs.execute("insert into alist (name, acl) values (?, 'ban')", [name])
+            curs.execute(db_change("insert into alist (name, acl) values (?, 'ban')"), [name])
 
         if flask.request.form.get('toron', 0) != 0:
-            curs.execute("insert into alist (name, acl) values (?, 'toron')", [name])
+            curs.execute(db_change("insert into alist (name, acl) values (?, 'toron')"), [name])
             
         if flask.request.form.get('check', 0) != 0:
-            curs.execute("insert into alist (name, acl) values (?, 'check')", [name])
+            curs.execute(db_change("insert into alist (name, acl) values (?, 'check')"), [name])
 
         if flask.request.form.get('acl', 0) != 0:
-            curs.execute("insert into alist (name, acl) values (?, 'acl')", [name])
+            curs.execute(db_change("insert into alist (name, acl) values (?, 'acl')"), [name])
 
         if flask.request.form.get('hidel', 0) != 0:
-            curs.execute("insert into alist (name, acl) values (?, 'hidel')", [name])
+            curs.execute(db_change("insert into alist (name, acl) values (?, 'hidel')"), [name])
 
         if flask.request.form.get('give', 0) != 0:
-            curs.execute("insert into alist (name, acl) values (?, 'give')", [name])
+            curs.execute(db_change("insert into alist (name, acl) values (?, 'give')"), [name])
 
         if flask.request.form.get('owner', 0) != 0:
-            curs.execute("insert into alist (name, acl) values (?, 'owner')", [name])
+            curs.execute(db_change("insert into alist (name, acl) values (?, 'owner')"), [name])
             
         conn.commit()
         
@@ -38,7 +38,7 @@ def give_admin_groups_2(conn, name):
         
         exist_list = ['', '', '', '', '', '', '', '']
 
-        curs.execute('select acl from alist where name = ?', [name])
+        curs.execute(db_change('select acl from alist where name = ?'), [name])
         acl_list = curs.fetchall()    
         for go in acl_list:
             if go[0] == 'ban':

route/give_history_hidden.py

@@ -6,11 +6,11 @@ def give_history_hidden_2(conn, name):
     num = number_check(flask.request.args.get('num', '1'))
 
     if admin_check(6, 'history_hidden (' + name + '#' + num + ')') == 1:
-        curs.execute("select title from history where title = ? and id = ? and hide = 'O'", [name, num])
+        curs.execute(db_change("select title from history where title = ? and id = ? and hide = 'O'"), [name, num])
         if curs.fetchall():
-            curs.execute("update history set hide = '' where title = ? and id = ?", [name, num])
+            curs.execute(db_change("update history set hide = '' where title = ? and id = ?"), [name, num])
         else:
-            curs.execute("update history set hide = 'O' where title = ? and id = ?", [name, num])
+            curs.execute(db_change("update history set hide = 'O' where title = ? and id = ?"), [name, num])
             
         conn.commit()
     

route/give_user_ban.py

@@ -4,7 +4,7 @@ def give_user_ban_2(conn, name):
     curs = conn.cursor()
 
     if name and ip_or_user(name) == 0:
-        curs.execute("select acl from user where id = ?", [name])
+        curs.execute(db_change("select acl from user where id = ?"), [name])
         user = curs.fetchall()
         if not user:
             return re_error('/error/2')
@@ -49,7 +49,7 @@ def give_user_ban_2(conn, name):
         if admin_check(1) != 1:
             return re_error('/error/3')
 
-        curs.execute("select end, why from ban where block = ?", [name])
+        curs.execute(db_change("select end, why from ban where block = ?"), [name])
         end = curs.fetchall()
         if end:
             main_name = name
@@ -61,7 +61,7 @@ def give_user_ban_2(conn, name):
             else:
                 data = '<ul><li>' + load_lang('period') + ' : ' + end[0][0] + '</li>'
                 
-            curs.execute("select block from ban where block = ? and login = 'O'", [name])
+            curs.execute(db_change("select block from ban where block = ? and login = 'O'"), [name])
             if curs.fetchall():
                 data += '<li>' + load_lang('login_able') + '</li>'
 

route/give_user_check.py

@@ -3,7 +3,7 @@ from .tool.func import *
 def give_user_check_2(conn, name):
     curs = conn.cursor()
 
-    curs.execute("select acl from user where id = ? or id = ?", [name, flask.request.args.get('plus', '-')])
+    curs.execute(db_change("select acl from user where id = ? or id = ?"), [name, flask.request.args.get('plus', '-')])
     user = curs.fetchall()
     if user and user[0][0] != 'user':
         if admin_check() != 1:
@@ -20,24 +20,24 @@ def give_user_check_2(conn, name):
     
     if flask.request.args.get('plus', None):
         end_check = 1
-    
-        if ip_or_user(name) == 1:
-            if ip_or_user(flask.request.args.get('plus', None)) == 1:
-                curs.execute("select name, ip, ua, today from ua_d where ip = ? or ip = ? order by today desc limit ?, '50'", [name, flask.request.args.get('plus', None), sql_num])
-            else:
-                curs.execute("select name, ip, ua, today from ua_d where ip = ? or name = ? order by today desc limit ?, '50'", [name, flask.request.args.get('plus', None), sql_num])
-        else:
-            if ip_or_user(flask.request.args.get('plus', None)) == 1:
-                curs.execute("select name, ip, ua, today from ua_d where name = ? or ip = ? order by today desc limit ?, '50'", [name, flask.request.args.get('plus', None), sql_num])
-            else:
-                curs.execute("select name, ip, ua, today from ua_d where name = ? or name = ? order by today desc limit ?, '50'", [name, flask.request.args.get('plus', None), sql_num])
+
+        curs.execute(db_change("" + \
+                "select name, ip, ua, today from ua_d " + \
+                "where " + ('ip' if ip_or_user(name) == 1 else 'name') + " = ? or " + \
+                ('ip' if ip_or_user(flask.request.args.get('plus', None)) == 1 else 'name') + " = ? " + \
+                "order by today desc limit ?, 50" + \
+            ""), [
+            name, 
+            flask.request.args.get('plus', None), 
+            sql_num
+        ])
     else:
         end_check = 0
         
-        if ip_or_user(name) == 1:
-            curs.execute("select name, ip, ua, today from ua_d where ip = ? order by today desc limit ?, '50'", [name, sql_num])
-        else:
-            curs.execute("select name, ip, ua, today from ua_d where name = ? order by today desc limit ?, '50'", [name, sql_num])
+        curs.execute(db_change("" + \
+            "select name, ip, ua, today from ua_d " + \
+            "where " + ('ip' if ip_or_user(name) == 1 else 'name') + " = ? order by today desc limit ?, 50" + \
+        ""), [name, sql_num])
     
     record = curs.fetchall()
     if record:

route/inter_wiki.py

@@ -12,7 +12,7 @@ def inter_wiki_2(conn, tools):
         title = load_lang('interwiki_list')
         div = ''
 
-        curs.execute('select title, link from inter')
+        curs.execute(db_change('select title, link from inter'))
     elif tools == 'email_filter':
         del_link = 'del_email_filter'
         plus_link = 'plus_email_filter'
@@ -27,49 +27,49 @@ def inter_wiki_2(conn, tools):
                 </ul>
                 '''
 
-        curs.execute("select html from html_filter where kind = 'email'")
+        curs.execute(db_change("select html from html_filter where kind = 'email'"))
     elif tools == 'name_filter':
         del_link = 'del_name_filter'
         plus_link = 'plus_name_filter'
         title = load_lang('id_filter_list')
         div = ''
 
-        curs.execute("select html from html_filter where kind = 'name'")
+        curs.execute(db_change("select html from html_filter where kind = 'name'"))
     elif tools == 'edit_filter':
         del_link = 'del_edit_filter'
         plus_link = 'manager/9'
         title = load_lang('edit_filter_list')
         div = ''
 
-        curs.execute("select name from filter")
+        curs.execute(db_change("select name from filter"))
     elif tools == 'file_filter':
         del_link = 'del_file_filter'
         plus_link = 'plus_file_filter'
         title = load_lang('file_filter_list')
         div = ''
 
-        curs.execute("select html from html_filter where kind = 'file'")
+        curs.execute(db_change("select html from html_filter where kind = 'file'"))
     elif tools == 'file_filter':
         del_link = 'del_file_filter'
         plus_link = 'plus_file_filter'
         title = load_lang('file_filter_list')
         div = ''
 
-        curs.execute("select html from html_filter where kind = 'file'")  
+        curs.execute(db_change("select html from html_filter where kind = 'file'"))  
     elif tools == 'image_license':
         del_link = 'del_image_license'
         plus_link = 'plus_image_license'
         title = load_lang('image_license_list')
         div = ''
 
-        curs.execute("select html from html_filter where kind = 'image_license'")  
+        curs.execute(db_change("select html from html_filter where kind = 'image_license'"))  
     else:
         del_link = 'del_edit_top'
         plus_link = 'plus_edit_top'
         title = load_lang('edit_tool_list')
         div = ''
 
-        curs.execute("select html, plus from html_filter where kind = 'edit_top'")
+        curs.execute(db_change("select html, plus from html_filter where kind = 'edit_top'"))
 
     db_data = curs.fetchall()
     if db_data:

route/inter_wiki_del.py

@@ -5,19 +5,19 @@ def inter_wiki_del_2(conn, tools, name):
     
     if admin_check(None, tools) == 1:
         if tools == 'del_inter_wiki':
-            curs.execute("delete from inter where title = ?", [name])
+            curs.execute(db_change("delete from inter where title = ?"), [name])
         elif tools == 'del_edit_filter':
-            curs.execute("delete from filter where name = ?", [name])
+            curs.execute(db_change("delete from filter where name = ?"), [name])
         elif tools == 'del_name_filter':
-            curs.execute("delete from html_filter where html = ? and kind = 'name'", [name])
+            curs.execute(db_change("delete from html_filter where html = ? and kind = 'name'"), [name])
         elif tools == 'del_file_filter':
-            curs.execute("delete from html_filter where html = ? and kind = 'file'", [name])
+            curs.execute(db_change("delete from html_filter where html = ? and kind = 'file'"), [name])
         elif tools == 'del_email_filter':
-            curs.execute("delete from html_filter where html = ? and kind = 'email'", [name])
+            curs.execute(db_change("delete from html_filter where html = ? and kind = 'email'"), [name])
         elif tools == 'del_image_license':
-            curs.execute("delete from html_filter where html = ? and kind = 'image_license'", [name])    
+            curs.execute(db_change("delete from html_filter where html = ? and kind = 'image_license'"), [name])    
         else:
-            curs.execute("delete from html_filter where html = ? and kind = 'edit_top'", [name])
+            curs.execute(db_change("delete from html_filter where html = ? and kind = 'edit_top'"), [name])
         
         conn.commit()
 

route/inter_wiki_plus.py

@@ -5,7 +5,7 @@ def inter_wiki_plus_2(conn, tools, name):
     
     if flask.request.method == 'POST':
         if tools == 'plus_inter_wiki':
-            curs.execute('insert into inter (title, link, icon) values (?, ?, ?)', [
+            curs.execute(db_change('insert into inter (title, link, icon) values (?, ?, ?)'), [
                 flask.request.form.get('title', None), 
                 flask.request.form.get('link', None),
                 flask.request.form.get('icon', None)
@@ -24,11 +24,11 @@ def inter_wiki_plus_2(conn, tools, name):
             try:
                 re.compile(flask.request.form.get('content', 'test'))
 
-                curs.execute("select name from filter where name = ?", [name])
+                curs.execute(db_change("select name from filter where name = ?"), [name])
                 if curs.fetchall():
-                    curs.execute("update filter set regex = ?, sub = ? where name = ?", [flask.request.form.get('content', 'test'), end, name])
+                    curs.execute(db_change("update filter set regex = ?, sub = ? where name = ?"), [flask.request.form.get('content', 'test'), end, name])
                 else:
-                    curs.execute("insert into filter (name, regex, sub) values (?, ?, ?)", [name, flask.request.form.get('content', 'test'), end])
+                    curs.execute(db_change("insert into filter (name, regex, sub) values (?, ?, ?)"), [name, flask.request.form.get('content', 'test'), end])
             except:
                 return re_error('/error/23')                
         else:
@@ -66,7 +66,7 @@ def inter_wiki_plus_2(conn, tools, name):
                 type_d = 'edit_top'
                 plus_d = flask.request.form.get('markup', 'test')
             
-            curs.execute('insert into html_filter (html, kind, plus) values (?, ?, ?)', [flask.request.form.get('title', 'test'), type_d, plus_d])
+            curs.execute(db_change('insert into html_filter (html, kind, plus) values (?, ?, ?)'), [flask.request.form.get('title', 'test'), type_d, plus_d])
         
         conn.commit()
     
@@ -87,7 +87,7 @@ def inter_wiki_plus_2(conn, tools, name):
                 <input placeholder="''' + load_lang('icon') + ''' (HTML)" type="text" name="icon">
             '''
         elif tools == 'plus_edit_filter':
-            curs.execute("select regex, sub from filter where name = ?", [name])
+            curs.execute(db_change("select regex, sub from filter where name = ?"), [name])
             exist = curs.fetchall()
             if exist:
                 textarea = exist[0][0]

route/list_acl.py

@@ -13,7 +13,7 @@ def list_acl_2(conn):
                     <td id="main_table_width_quarter">''' + load_lang('view_acl') + '''</td>
     '''
     
-    curs.execute("select title, decu, dis, view, why from acl where decu != '' or dis != '' or view != '' order by title desc")
+    curs.execute(db_change("select title, decu, dis, view, why from acl where decu != '' or dis != '' or view != '' order by title desc"))
     list_data = curs.fetchall()
     for data in list_data:
         if not re.search('^user:', data[0]) and not re.search('^file:', data[0]):

route/list_admin.py

@@ -5,7 +5,7 @@ def list_admin_2(conn):
 
     div = '<ul>'
     
-    curs.execute("select id, acl, date from user where not acl = 'user' order by date desc")
+    curs.execute(db_change("select id, acl, date from user where not acl = 'user' order by date desc"))
     for data in curs.fetchall():
         name = ip_pas(data[0]) + ' <a href="/admin_plus/' + url_pas(data[1]) + '">(' + data[1] + ')</a>'
         

route/list_admin_use.py

@@ -15,11 +15,11 @@ def list_admin_use_2(conn):
         list_data = '<ul>'
 
         if flask.request.args.get('search', 'normal') == 'normal':
-            curs.execute("select who, what, time from re_admin order by time desc limit ?, '50'", [str(sql_num)])
+            curs.execute(db_change("select who, what, time from re_admin order by time desc limit ?, 50"), [sql_num])
         else:
-            curs.execute("select who, what, time from re_admin where what like ? order by time desc limit ?, '50'", [
+            curs.execute(db_change("select who, what, time from re_admin where what like ? order by time desc limit ?, 50"), [
                 flask.request.args.get('search', 'normal') + "%",
-                str(sql_num)
+                sql_num
             ])
 
         get_list = curs.fetchall()

route/list_block.py

@@ -21,7 +21,7 @@ def list_block_2(conn, name, tool):
     
     data_list = ''
 
-    curs.execute("delete from ban where (end < ? and end like '2%')", [get_time()])
+    curs.execute(db_change("delete from ban where (end < ? and end like '2%')"), [get_time()])
     conn.commit()
     
     if not name:        
@@ -29,7 +29,10 @@ def list_block_2(conn, name, tool):
             sub = ' (' + load_lang('in_progress') + ')'
             menu = [['block_log', load_lang('normal')]]
 
-            curs.execute("select why, block, '', end, '', band from ban where ((end > ? and end like '2%') or end = '') order by end desc limit ?, '50'", [get_time(), str(sql_num)])
+            curs.execute(db_change("select why, block, '', end, '', band from ban where ((end > ? and end like '2%') or end = '') order by end desc limit ?, 50"), [
+                get_time(), 
+                sql_num
+            ])
         else:
             sub = 0
             menu = 0
@@ -39,18 +42,18 @@ def list_block_2(conn, name, tool):
                 <hr class=\"main_hr\">
             ''' + div
             
-            curs.execute("select why, block, blocker, end, today, band from rb order by today desc limit ?, '50'", [str(sql_num)])
+            curs.execute(db_change("select why, block, blocker, end, today, band from rb order by today desc limit ?, 50"), [sql_num])
     else:
         menu = [['block_log', load_lang('normal')]]
         
         if tool == 'block_user':
             sub = ' (' + load_lang('blocked') + ')'
             
-            curs.execute("select why, block, blocker, end, today, band from rb where block = ? order by today desc limit ?, '50'", [name, str(sql_num)])
+            curs.execute(db_change("select why, block, blocker, end, today, band from rb where block = ? order by today desc limit ?, 50"), [name, sql_num])
         else:
             sub = ' (' + load_lang('admin') + ')'
             
-            curs.execute("select why, block, blocker, end, today, band from rb where blocker = ? order by today desc limit ?, '50'", [name, str(sql_num)])
+            curs.execute(db_change("select why, block, blocker, end, today, band from rb where blocker = ? order by today desc limit ?, 50"), [name, sql_num])
 
     if data_list == '':
         data_list = curs.fetchall()

route/list_give.py

@@ -6,7 +6,7 @@ def list_give_2(conn):
     list_data = '<ul>'
     back = ''
 
-    curs.execute("select distinct name from alist order by name asc")
+    curs.execute(db_change("select distinct name from alist order by name asc"))
     for data in curs.fetchall():                      
         if back != data[0]:
             back = data[0]

route/list_not_close_topic.py

@@ -5,7 +5,7 @@ def list_not_close_topic_2(conn):
 
     div = '<ul>'
     
-    curs.execute('select title, sub from rd where stop != "O" order by date desc')
+    curs.execute(db_change('select title, sub from rd where stop != "O" order by date desc'))
     n_list = curs.fetchall()
     for data in n_list:
         div += '<li><a href="/topic/' + url_pas(data[0]) + '/sub/' + url_pas(data[1]) + '">' + html.escape(data[0]) + ' (' + data[1] + ')</a></li>'

route/list_old_page.py

@@ -0,0 +1,33 @@
+from .tool.func import *
+
+def list_old_page_2(conn):
+    curs = conn.cursor()
+
+    num = int(number_check(flask.request.args.get('num', '1')))
+    if num * 50 > 0:
+        sql_num = num * 50 - 50
+    else:
+        sql_num = 0
+
+    div = '<ul>'
+    
+    curs.execute(db_change('' + \
+        'select title, date from history h ' + \
+        "where title not like 'user:%' and title not like 'category:%' and title not like 'file:%' and " + \
+        "exists (select title from data where title = h.title) " + \
+        "and not exists (select title from back where link = h.title and type = 'redirect') " + \
+        'group by title ' + \
+        'order by date asc ' + \
+        'limit ?, 50' + \
+    ''), [sql_num])
+    n_list = curs.fetchall()
+    for data in n_list:
+        div += '<li><a href="/w/' + url_pas(data[0]) + '">' + html.escape(data[0]) + '</a> (' + re.sub(' .*$', '', data[1]) + ')</li>'
+    
+    div += '</ul>' + next_fix('/old_page?num=', num, n_list)
+
+    return easy_minify(flask.render_template(skin_check(), 
+        imp = [load_lang('old_page'), wiki_set(), custom(), other2([0, 0])],
+        data = div,
+        menu = [['other', load_lang('return')]]
+    ))

route/list_please.py

@@ -10,15 +10,11 @@ def list_please_2(conn):
         sql_num = 0
         
     div = '<ul>'
-    var = ''
     
-    curs.execute("select distinct title from back where type = 'no' order by title asc limit ?, '50'", [str(sql_num)])
+    curs.execute(db_change("select distinct title from back where type = 'no' order by title asc limit ?, 50"), [sql_num])
     data_list = curs.fetchall()
     for data in data_list:
-        if var != data[0]:
-            div += '<li><a id="not_thing" href="/w/' + url_pas(data[0]) + '">' + data[0] + '</a></li>'   
-
-            var = data[0]
+        div += '<li><a id="not_thing" href="/w/' + url_pas(data[0]) + '">' + data[0] + '</a></li>'   
         
     div += '</ul>' + next_fix('/please?num=', num, data_list)
     

route/list_title_index.py

@@ -17,7 +17,7 @@ def list_title_index_2(conn):
 
     data = '<a href="/title_index?num=250">(250)</a> <a href="/title_index?num=500">(500)</a> <a href="/title_index?num=1000">(1000)</a>'
 
-    curs.execute("select title from data order by title asc limit ?, ?", [str(sql_num), str(num)])
+    curs.execute(db_change("select title from data order by title asc limit ?, ?"), [sql_num, num])
     title_list = curs.fetchall()
     if title_list:
         data += '<hr class=\"main_hr\"><ul>'
@@ -29,10 +29,10 @@ def list_title_index_2(conn):
     if page == 1:
         count_end = []
 
-        curs.execute('select data from other where name = "count_all_title"')
+        curs.execute(db_change('select data from other where name = "count_all_title"'))
         all_title = curs.fetchall()
         if int(all_title[0][0]) < 50000:
-            curs.execute("select count(title) from data")
+            curs.execute(db_change("select count(title) from data"))
             count = curs.fetchall()
             if count:
                 count_end += [count[0][0]]
@@ -41,7 +41,7 @@ def list_title_index_2(conn):
 
             sql_list = ['category:', 'user:', 'file:']
             for sql in sql_list:
-                curs.execute("select count(title) from data where title like ?", [sql + '%'])
+                curs.execute(db_change("select count(title) from data where title like ?"), [sql + '%'])
                 count = curs.fetchall()
                 if count:
                     count_end += [count[0][0]]

route/list_user.py

@@ -13,11 +13,11 @@ def list_user_2(conn):
 
     admin_one = admin_check(1)
     
-    curs.execute("select id, date from user order by date desc limit ?, '50'", [str(sql_num)])
+    curs.execute(db_change("select id, date from user order by date desc limit ?, 50"), [sql_num])
     user_list = curs.fetchall()
     for data in user_list:
         if admin_one == 1:
-            curs.execute("select block from ban where block = ?", [data[0]])
+            curs.execute(db_change("select block from ban where block = ?"), [data[0]])
             if curs.fetchall():
                 ban_button = ' <a href="/ban/' + url_pas(data[0]) + '">(' + load_lang('ban_release') + ')</a>'
             else:

route/list_user_topic.py

@@ -21,14 +21,14 @@ def list_user_topic_2(conn, name):
                     </tr>
             '''
     
-    curs.execute("select title, id, sub, ip, date from topic where ip = ? order by date desc limit ?, '50'", [name, str(sql_num)])
+    curs.execute(db_change("select title, id, sub, ip, date from topic where ip = ? order by date desc limit ?, 50"), [name, sql_num])
     data_list = curs.fetchall()
     for data in data_list:
         title = html.escape(data[0])
         sub = html.escape(data[2])
         
         if one_admin == 1:
-            curs.execute("select * from ban where block = ?", [data[3]])
+            curs.execute(db_change("select * from ban where block = ?"), [data[3]])
             if curs.fetchall():
                 ban = ' <a href="/ban/' + url_pas(data[3]) + '">(' + load_lang('release') + ')</a>'
             else:
@@ -42,7 +42,7 @@ def list_user_topic_2(conn, name):
     div += '</tbody></table>'
     div += next_fix('/topic_record/' + url_pas(name) + '?num=', num, data_list)      
     
-    curs.execute("select end from ban where block = ?", [name])
+    curs.execute(db_change("select end from ban where block = ?"), [name])
     if curs.fetchall():
         sub = ' (' + load_lang('blocked') + ')'
     else:

route/login.py

@@ -18,7 +18,7 @@ def login_2(conn):
             
         agent = flask.request.headers.get('User-Agent')
 
-        curs.execute("select pw, encode from user where id = ?", [flask.request.form.get('id', None)])
+        curs.execute(db_change("select pw, encode from user where id = ?"), [flask.request.form.get('id', None)])
         user = curs.fetchall()
         if not user:
             return re_error('/error/2')
@@ -35,14 +35,14 @@ def login_2(conn):
         flask.session['state'] = 1
         flask.session['id'] = flask.request.form.get('id', None)
         
-        curs.execute("select css from custom where user = ?", [flask.request.form.get('id', None)])
+        curs.execute(db_change("select css from custom where user = ?"), [flask.request.form.get('id', None)])
         css_data = curs.fetchall()
         if css_data:
             flask.session['head'] = css_data[0][0]
         else:
             flask.session['head'] = ''
 
-        curs.execute("insert into ua_d (name, ip, ua, today, sub) values (?, ?, ?, ?, '')", [flask.request.form.get('id', None), ip_check(1), agent, get_time()])
+        curs.execute(db_change("insert into ua_d (name, ip, ua, today, sub) values (?, ?, ?, ?, '')"), [flask.request.form.get('id', None), ip_check(1), agent, get_time()])
 
         conn.commit()
         

route/login_check_key.py

@@ -8,7 +8,7 @@ def login_check_key_2(conn, tool):
             if 'c_id' in flask.session and flask.session['c_key'] == flask.request.form.get('key', None):
                 hashed = pw_encode(flask.session['c_key'])
 
-                curs.execute("update user set pw = ? where id = ?", [hashed, flask.session['c_id']])
+                curs.execute(db_change("update user set pw = ? where id = ?"), [hashed, flask.session['c_id']])
                 conn.commit()
 
                 d_id = flask.session['c_id']
@@ -17,7 +17,7 @@ def login_check_key_2(conn, tool):
                 flask.session.pop('c_id', None)
                 flask.session.pop('c_key', None)
 
-                curs.execute('select data from other where name = "reset_user_text"')
+                curs.execute(db_change('select data from other where name = "reset_user_text"'))
                 sql_d = curs.fetchall()
                 if sql_d and sql_d[0][0] != '':
                     b_text = sql_d[0][0] + '<hr class=\"main_hr\">'
@@ -35,13 +35,13 @@ def login_check_key_2(conn, tool):
             ip = ip_check()
             
             if 'c_id' in flask.session and flask.session['c_key'] == flask.request.form.get('key', None):
-                curs.execute('select data from other where name = "encode"')
+                curs.execute(db_change('select data from other where name = "encode"'))
                 db_data = curs.fetchall()
                 
                 if tool == 'check_key':
-                    curs.execute("select id from user limit 1")
+                    curs.execute(db_change("select id from user limit 1"))
                     if not curs.fetchall():
-                        curs.execute("insert into user (id, pw, acl, date, encode) values (?, ?, 'owner', ?, ?)", [
+                        curs.execute(db_change("insert into user (id, pw, acl, date, encode) values (?, ?, 'owner', ?, ?)"), [
                             flask.session['c_id'], 
                             flask.session['c_pw'], 
                             get_time(), 
@@ -50,7 +50,7 @@ def login_check_key_2(conn, tool):
     
                         first = 1
                     else:
-                        curs.execute("insert into user (id, pw, acl, date, encode) values (?, ?, 'user', ?, ?)", [
+                        curs.execute(db_change("insert into user (id, pw, acl, date, encode) values (?, ?, 'user', ?, ?)"), [
                             flask.session['c_id'], 
                             flask.session['c_pw'], 
                             get_time(), 
@@ -61,11 +61,11 @@ def login_check_key_2(conn, tool):
     
                     agent = flask.request.headers.get('User-Agent')
     
-                    curs.execute("insert into user_set (name, id, data) values ('email', ?, ?)", [
+                    curs.execute(db_change("insert into user_set (name, id, data) values ('email', ?, ?)"), [
                         flask.session['c_id'], 
                         flask.session['c_email']
                     ])
-                    curs.execute("insert into ua_d (name, ip, ua, today, sub) values (?, ?, ?, ?, '')", [
+                    curs.execute(db_change("insert into ua_d (name, ip, ua, today, sub) values (?, ?, ?, ?, '')"), [
                         flask.session['c_id'], 
                         ip, 
                         agent, 
@@ -78,8 +78,8 @@ def login_check_key_2(conn, tool):
                             
                     conn.commit()
                 else:
-                    curs.execute('delete from user_set where name = "email" and id = ?', [ip])
-                    curs.execute('insert into user_set (name, id, data) values ("email", ?, ?)', [ip, flask.session['c_email']])
+                    curs.execute(db_change('delete from user_set where name = "email" and id = ?'), [ip])
+                    curs.execute(db_change('insert into user_set (name, id, data) values ("email", ?, ?)'), [ip, flask.session['c_email']])
                     
                     first = 0
                           
@@ -100,7 +100,7 @@ def login_check_key_2(conn, tool):
 
                 return redirect('/user')
     else:
-        curs.execute('select data from other where name = "check_key_text"')
+        curs.execute(db_change('select data from other where name = "check_key_text"'))
         sql_d = curs.fetchall()
         if sql_d and sql_d[0][0] != '':
             b_text = sql_d[0][0] + '<hr class=\"main_hr\">'

route/login_need_email.py

@@ -5,7 +5,7 @@ def login_need_email_2(conn, tool):
 
     if flask.request.method == 'POST':
         if tool == 'pass_find':
-            curs.execute("select id from user_set where id = ? and name = 'email' and data = ?", [
+            curs.execute(db_change("select id from user_set where id = ? and name = 'email' and data = ?"), [
                 flask.request.form.get('id', ''),
                 flask.request.form.get('email', '')
             ])
@@ -13,14 +13,14 @@ def login_need_email_2(conn, tool):
                 flask.session['c_key'] = ''.join(random.choice("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ") for i in range(16))
                 flask.session['c_id'] = flask.request.form.get('id', '')
 
-                curs.execute('select data from other where name = "email_title"')
+                curs.execute(db_change('select data from other where name = "email_title"'))
                 sql_d = curs.fetchall()
                 if sql_d and sql_d[0][0] != '':
                     t_text = html.escape(sql_d[0][0])
                 else:
                     t_text = wiki_set()[0] + ' key'
 
-                curs.execute('select data from other where name = "email_text"')
+                curs.execute(db_change('select data from other where name = "email_text"'))
                 sql_d = curs.fetchall()
                 if sql_d and sql_d[0][0] != '':
                     i_text = html.escape(sql_d[0][0]) + '\n\nKey : ' + flask.session['c_key']
@@ -44,9 +44,9 @@ def login_need_email_2(conn, tool):
                 if data:
                     data = data.groups()[0]
 
-                    curs.execute("select html from html_filter where html = ? and kind = 'email'", [data])
+                    curs.execute(db_change("select html from html_filter where html = ? and kind = 'email'"), [data])
                     if curs.fetchall() or (data in main_email):
-                        curs.execute('select id from user_set where name = "email" and data = ?', [flask.request.form.get('email', '')])
+                        curs.execute(db_change('select id from user_set where name = "email" and data = ?'), [flask.request.form.get('email', '')])
                         if curs.fetchall():
                             flask.session.pop('c_id', None)
                             flask.session.pop('c_pw', None)
@@ -55,14 +55,14 @@ def login_need_email_2(conn, tool):
                             # user 대신 오류 화면 보여주게 수정 필요
                             return redirect('/user')
                         else:
-                            curs.execute('select data from other where name = "email_title"')
+                            curs.execute(db_change('select data from other where name = "email_title"'))
                             sql_d = curs.fetchall()
                             if sql_d and sql_d[0][0] != '':
                                 t_text = html.escape(sql_d[0][0])
                             else:
                                 t_text = wiki_set()[0] + ' key'
 
-                            curs.execute('select data from other where name = "email_text"')
+                            curs.execute(db_change('select data from other where name = "email_text"'))
                             sql_d = curs.fetchall()
                             if sql_d and sql_d[0][0] != '':
                                 i_text = html.escape(sql_d[0][0]) + '\n\nKey : ' + flask.session['c_key']
@@ -82,7 +82,7 @@ def login_need_email_2(conn, tool):
             return redirect('/user')
     else:
         if tool == 'pass_find':
-            curs.execute('select data from other where name = "password_search_text"')
+            curs.execute(db_change('select data from other where name = "password_search_text"'))
             sql_d = curs.fetchall()
             if sql_d and sql_d[0][0] != '':
                 b_text = sql_d[0][0] + '<hr class=\"main_hr\">'
@@ -103,7 +103,7 @@ def login_need_email_2(conn, tool):
                 menu = [['user', load_lang('return')]]
             ))
         else:
-            curs.execute('select data from other where name = "email_insert_text"')
+            curs.execute(db_change('select data from other where name = "email_insert_text"'))
             sql_d = curs.fetchall()
             if sql_d and sql_d[0][0] != '':
                 b_text = sql_d[0][0] + '<hr class=\"main_hr\">'

route/login_oauth.py

@@ -205,10 +205,10 @@ def login_oauth_2(conn, platform, func):
             }
         
         if flask.session['referrer'][0:6] == 'change':
-            curs.execute('select * from oauth_conn where wiki_id = ? and provider = ?', [flask.session['id'], platform])
+            curs.execute(db_change('select * from oauth_conn where wiki_id = ? and provider = ?'), [flask.session['id'], platform])
             oauth_result = curs.fetchall()
             if len(oauth_result) == 0:
-                curs.execute('insert into oauth_conn (provider, wiki_id, sns_id, name, picture) values(?, ?, ?, ?, ?)', [
+                curs.execute(db_change('insert into oauth_conn (provider, wiki_id, sns_id, name, picture) values(?, ?, ?, ?, ?)'), [
                     platform, 
                     flask.session['id'], 
                     stand_json['id'], 
@@ -216,7 +216,7 @@ def login_oauth_2(conn, platform, func):
                     stand_json['picture']
                 ])
             else:
-                curs.execute('update oauth_conn set name = ? picture = ? where wiki_id = ?', [
+                curs.execute(db_change('update oauth_conn set name = ? picture = ? where wiki_id = ?'), [
                     stand_json['name'], 
                     stand_json['picture'], 
                     flask.session['id']
@@ -224,7 +224,7 @@ def login_oauth_2(conn, platform, func):
 
             conn.commit()
         elif flask.session['referrer'][0:5] == 'login':
-            curs.execute('select * from oauth_conn where provider = ? and sns_id = ?', [platform, stand_json['id']])
+            curs.execute(db_change('select * from oauth_conn where provider = ? and sns_id = ?'), [platform, stand_json['id']])
             curs_result = curs.fetchall()
             if len(curs_result) == 0:
                 return re_error('/error/2')

route/login_pw_change.py

@@ -15,7 +15,7 @@ def login_pw_change_2(conn):
             if flask.request.form.get('pw2', None) != flask.request.form.get('pw3', None):
                 return re_error('/error/20')
 
-            curs.execute("select pw, encode from user where id = ?", [flask.session['id']])
+            curs.execute(db_change("select pw, encode from user where id = ?"), [flask.session['id']])
             user = curs.fetchall()
             if not user:
                 return re_error('/error/2')
@@ -24,14 +24,14 @@ def login_pw_change_2(conn):
                 flask.request.form.get('pw4', ''), 
                 user[0][0],
                 user[0][1],
-                flask.request.form.get('id', None)
+                ip
             )
             if pw_check_d != 1:
                 return re_error('/error/10')
 
             hashed = pw_encode(flask.request.form.get('pw2', None))
                 
-            curs.execute("update user set pw = ? where id = ?", [hashed, ip_check()])
+            curs.execute(db_change("update user set pw = ? where id = ?"), [hashed, ip])
 
             return redirect('/user')
     else:
@@ -45,7 +45,7 @@ def login_pw_change_2(conn):
                     <hr class=\"main_hr\">
                     <input placeholder="''' + load_lang('password_confirm') + '''" name="pw3" type="password">
                     <hr class=\"main_hr\">
-                    <button type="submit">''' + load_lang('restart') + '''</button>
+                    <button type="submit">''' + load_lang('save') + '''</button>
                 </form>
             ''',
             menu = [['change', load_lang('return')]]

route/login_register.py

@@ -11,7 +11,7 @@ def login_register_2(conn):
         return redirect('/user')
 
     if not admin_check() == 1:
-        curs.execute('select data from other where name = "reg"')
+        curs.execute(db_change('select data from other where name = "reg"'))
         set_d = curs.fetchall()
         if set_d and set_d[0][0] == 'on':
             return re_error('/ban')
@@ -22,13 +22,16 @@ def login_register_2(conn):
         else:
             captcha_post('', 0)
 
+        if flask.request.form.get('id', None) == '' or flask.request.form.get('pw', None) == '':
+            return redirect('/register')
+
         if flask.request.form.get('pw', None) != flask.request.form.get('pw2', None):
             return re_error('/error/20')
 
         if re.search('(?:[^A-Za-zㄱ-힣0-9 ])', flask.request.form.get('id', None)):
             return re_error('/error/8')
             
-        curs.execute('select html from html_filter where kind = "name"')
+        curs.execute(db_change('select html from html_filter where kind = "name"'))
         set_d = curs.fetchall()
         for i in set_d:
             check_r = re.compile(i[0], re.I)
@@ -38,13 +41,13 @@ def login_register_2(conn):
         if len(flask.request.form.get('id', None)) > 32:
             return re_error('/error/7')
 
-        curs.execute("select id from user where id = ?", [flask.request.form.get('id', None)])
+        curs.execute(db_change("select id from user where id = ?"), [flask.request.form.get('id', None)])
         if curs.fetchall():
             return re_error('/error/6')
 
         hashed = pw_encode(flask.request.form.get('pw', None))
         
-        curs.execute('select data from other where name = "email_have"')
+        curs.execute(db_change('select data from other where name = "email_have"'))
         sql_data = curs.fetchall()
         if sql_data and sql_data[0][0] != '':
             flask.session['c_id'] = flask.request.form.get('id', None)
@@ -53,23 +56,23 @@ def login_register_2(conn):
 
             return redirect('/need_email')
         else:
-            curs.execute('select data from other where name = "encode"')
+            curs.execute(db_change('select data from other where name = "encode"'))
             db_data = curs.fetchall()
 
-            curs.execute("select id from user limit 1")
+            curs.execute(db_change("select id from user limit 1"))
             if not curs.fetchall():
-                curs.execute("insert into user (id, pw, acl, date, encode) values (?, ?, 'owner', ?, ?)", [flask.request.form.get('id', None), hashed, get_time(), db_data[0][0]])
+                curs.execute(db_change("insert into user (id, pw, acl, date, encode) values (?, ?, 'owner', ?, ?)"), [flask.request.form.get('id', None), hashed, get_time(), db_data[0][0]])
 
                 first = 1
             else:
-                curs.execute("insert into user (id, pw, acl, date, encode) values (?, ?, 'user', ?, ?)", [flask.request.form.get('id', None), hashed, get_time(), db_data[0][0]])
+                curs.execute(db_change("insert into user (id, pw, acl, date, encode) values (?, ?, 'user', ?, ?)"), [flask.request.form.get('id', None), hashed, get_time(), db_data[0][0]])
 
                 first = 0
 
             ip = ip_check()
             agent = flask.request.headers.get('User-Agent')
 
-            curs.execute("insert into ua_d (name, ip, ua, today, sub) values (?, ?, ?, ?, '')", [flask.request.form.get('id', None), ip, agent, get_time()])  
+            curs.execute(db_change("insert into ua_d (name, ip, ua, today, sub) values (?, ?, ?, ?, '')"), [flask.request.form.get('id', None), ip, agent, get_time()])  
 
             flask.session['state'] = 1
             flask.session['id'] = flask.request.form.get('id', None)
@@ -84,7 +87,7 @@ def login_register_2(conn):
     else:        
         contract = ''
         
-        curs.execute('select data from other where name = "contract"')
+        curs.execute(db_change('select data from other where name = "contract"'))
         data = curs.fetchall()
         if data and data[0][0] != '':
             contract = data[0][0] + '<hr class=\"main_hr\">'

route/main_error_404.py

@@ -3,4 +3,7 @@ from .tool.func import *
 def main_error_404_2(conn):
     curs = conn.cursor()
 
-    return redirect('/w/' + url_pas(wiki_set(2)))
+    if os.path.exists('404.html') and flask.request.path != '/':
+        return open('404.html', 'r').read()
+    else:
+        return redirect('/w/' + url_pas(wiki_set(2)))

route/main_file.py

@@ -3,7 +3,7 @@ from .tool.func import *
 def main_file_2(conn, data):
     curs = conn.cursor()
 
-    if re.search('\.txt$', data):
-        return flask.send_from_directory('./', data)
+    if data == 'robots.txt' and not os.path.exists('robots.txt'):
+        return flask.Response('User-agent: *\nDisallow: /\nAllow: /$\nAllow: /w/', mimetype='text/plain')
     else:
-        return redirect('/w/' + url_pas(wiki_set(2)))
+        return flask.send_from_directory('./', data)

route/main_other.py

@@ -22,6 +22,7 @@ def main_other_2(conn):
                 <li><a href="/block_log">''' + load_lang('recent_ban') + '''</a></li>
                 <li><a href="/user_log">''' + load_lang('member_list') + '''</a></li>
                 <li><a href="/admin_log">''' + load_lang('authority_use_list') + '''</a></li>
+                <li><a href="/old_page">''' + load_lang('old_page') + '''</a></li>
             </ul>
             <br>
             <h2>''' + load_lang('other') + '''</h2>

route/main_skin_set.py

@@ -5,12 +5,12 @@ def main_skin_set_2(conn):
     
     data = flask.make_response(re_error('/error/5'))
 
-    curs.execute("select data from other where name = 'language'")
+    curs.execute(db_change("select data from other where name = 'language'"))
     main_data = curs.fetchall()
 
     data.set_cookie('language', main_data[0][0])
 
-    curs.execute('select data from user_set where name = "lang" and id = ?', [ip_check()])
+    curs.execute(db_change('select data from user_set where name = "lang" and id = ?'), [ip_check()])
     user_data = curs.fetchall()
     if user_data:
         data.set_cookie('user_language', user_data[0][0])

route/recent_changes.py

@@ -40,19 +40,19 @@ def recent_changes_2(conn, name, tool):
                 # 기본적인 move만 구현
                 tool_select = flask.request.args.get('tool', None)
                 if tool_select and tool_select == 'move':
-                    curs.execute('' + \
+                    curs.execute(db_change('' + \
                         'select id, title, date, ip, send, leng from history ' + \
                         'where send like ? or send like ? ' + \
                         'order by id + 0 desc ' + \
-                        "limit ?, '50'" + \
-                    '', ['%(<a>' + name +'</a>%', '%<a>' + name + '</a> move)', str(sql_num)])
+                        "limit ?, 50" + \
+                    ''), ['%(<a>' + name +'</a>%', '%<a>' + name + '</a> move)', sql_num])
                 else:
-                    curs.execute('' + \
+                    curs.execute(db_change('' + \
                         'select id, title, date, ip, send, leng from history ' + \
                         'where title = ? ' + \
                         'order by id + 0 desc ' + \
-                        "limit ?, '50'" + \
-                    '', [name, str(sql_num)])
+                        "limit ?, 50" + \
+                    ''), [name, sql_num])
             else:
                 div +=  '''
                         <td id="main_table_width">''' + load_lang('document_name') + '''</td>
@@ -63,7 +63,10 @@ def recent_changes_2(conn, name, tool):
 
                 div = '<a href="/topic_record/' + url_pas(name) + '">(' + load_lang('discussion') + ')</a><hr class=\"main_hr\">' + div
                 
-                curs.execute("select id, title, date, ip, send, leng from history where ip = ? order by date desc limit ?, '50'", [name, str(sql_num)])
+                curs.execute(db_change('' + \
+                    'select id, title, date, ip, send, leng from history ' + \
+                    "where ip = ? order by date desc limit ?, 50" + \
+                ''), [name, sql_num])
         else:
             num = int(number_check(flask.request.args.get('num', '1')))
             if num * 50 > 0:
@@ -82,12 +85,12 @@ def recent_changes_2(conn, name, tool):
             if set_user == 'normal':
                 div = '<a href="?set=user">(' + load_lang('user_document') + ')</a>' + div
 
-            curs.execute('' + \
+            curs.execute(db_change('' + \
                 'select id, title, date, ip, send, leng from history ' + \
                 "where " + ('' if set_user == 'user' else 'not ') + "title like 'user:%' " + \
                 'order by date desc ' + \
                 'limit ?, 50' + \
-            '', [str(sql_num)])
+            ''), [sql_num])
 
         data_list = curs.fetchall()
         for data in data_list:    
@@ -114,10 +117,10 @@ def recent_changes_2(conn, name, tool):
             style = ['', '']
             date = data[2]
 
-            curs.execute('''
+            curs.execute(db_change('''
                 select title from history
                 where title = ? and id = ? and hide = 'O'
-            ''', [data[1], data[0]])
+            '''), [data[1], data[0]])
             hide = curs.fetchall()
             
             if six_admin == 1:
@@ -187,7 +190,7 @@ def recent_changes_2(conn, name, tool):
                 
                 div += next_fix('/history/' + url_pas(name) + '?num=', num, data_list)
             else:
-                curs.execute("select end from ban where block = ?", [name])
+                curs.execute(db_change("select end from ban where block = ?"), [name])
                 if curs.fetchall():
                     sub += ' (' + load_lang('blocked') + ')'
 

route/recent_discuss.py

@@ -25,9 +25,9 @@ def recent_discuss_2(conn):
             '''
     
     if m_sub == 0:
-        curs.execute("select title, sub, date from rd where not stop = 'O' order by date desc limit 50")
+        curs.execute(db_change("select title, sub, date from rd where not stop = 'O' order by date desc limit 50"))
     else:
-        curs.execute("select title, sub, date from rd where stop = 'O' order by date desc limit 50")
+        curs.execute(db_change("select title, sub, date from rd where stop = 'O' order by date desc limit 50"))
         
     for data in curs.fetchall():
         title = html.escape(data[0])

route/recent_history_delete.py

@@ -11,7 +11,7 @@ def recent_history_delete_2(conn, name):
     if flask.request.method == 'POST':
         admin_check(None, 'history delete r' + num)
 
-        curs.execute("delete from history where id = ? and title = ?", [num, name])
+        curs.execute(db_change("delete from history where id = ? and title = ?"), [num, name])
         conn.commit()
 
         return redirect('/history/' + url_pas(name))

route/recent_history_tool.py

@@ -34,10 +34,10 @@ def recent_history_tool_2(conn, name):
         '''
 
     if admin_check(6) == 1:
-        curs.execute('''
+        curs.execute(db_change('''
             select title from history
             where title = ? and id = ? and hide = 'O'
-        ''', [name, num])
+        '''), [name, num])
         hide = curs.fetchall()
         data += '''
             <li>

route/search_deep.py

@@ -17,7 +17,7 @@ def search_deep_2(conn, name):
     div_plus = ''
     test = ''
     
-    curs.execute("select title from data where title = ?", [name])
+    curs.execute(db_change("select title from data where title = ?"), [name])
     if curs.fetchall():
         link_id = ''
     else:
@@ -33,11 +33,11 @@ def search_deep_2(conn, name):
             <ul>
             '''
 
-    curs.execute("" + \
+    curs.execute(db_change("" + \
         "select distinct title, case when title like ? then 'title' else 'data' " + \
         "end from data where title like ? or data like ? order by case " + \
-        "when title like ? then 1 else 2 end limit ?, '50'",
-        ['%' + name + '%', '%' + name + '%', '%' + name + '%', '%' + name + '%', str(sql_num)]
+        "when title like ? then 1 else 2 end limit ?, 50"),
+        ['%' + name + '%', '%' + name + '%', '%' + name + '%', '%' + name + '%', sql_num]
     )
     all_list = curs.fetchall()
     if all_list:

route/search_goto.py

@@ -8,7 +8,7 @@ def search_goto_2(conn, name):
     else:
         data = name
 
-    curs.execute("select title from data where title = ?", [data])
+    curs.execute(db_change("select title from data where title = ?"), [data])
     t_data = curs.fetchall()
     if t_data:
         return redirect('/w/' + url_pas(data))

route/server_indexing.py

@@ -9,7 +9,7 @@ def server_indexing_2(conn):
     if flask.request.method == 'POST':
         admin_check(None, 'indexing')
 
-        curs.execute("select name from sqlite_master where type = 'index'")
+        curs.execute(db_change("select name from sqlite_master where type = 'index'"))
         data = curs.fetchall()
         if data:
             for delete_index in data:
@@ -18,13 +18,13 @@ def server_indexing_2(conn):
                 sql = 'drop index if exists ' + delete_index[0]
                 
                 try:
-                    curs.execute(sql)
+                    curs.execute(db_change(sql))
                 except:
                     pass
         else:
-            curs.execute("select name from sqlite_master where type in ('table', 'view') and name not like 'sqlite_%' union all select name from sqlite_temp_master where type in ('table', 'view') order by 1;")
+            curs.execute(db_change("select name from sqlite_master where type in ('table', 'view') and name not like 'sqlite_%' union all select name from sqlite_temp_master where type in ('table', 'view') order by 1;"))
             for table in curs.fetchall():            
-                curs.execute('select sql from sqlite_master where name = ?', [table[0]])
+                curs.execute(db_change('select sql from sqlite_master where name = ?'), [table[0]])
                 cul = curs.fetchall()
                 
                 r_cul = re.findall('(?:([^ (]*) text)', str(cul[0]))
@@ -34,7 +34,7 @@ def server_indexing_2(conn):
 
                     sql = 'create index index_' + table[0] + '_' + n_cul + ' on ' + table[0] + '(' + n_cul + ')'
                     try:
-                        curs.execute(sql)
+                        curs.execute(db_change(sql))
                     except:
                         pass
 
@@ -42,7 +42,7 @@ def server_indexing_2(conn):
         
         return redirect()  
     else:
-        curs.execute("select name from sqlite_master where type = 'index'")
+        curs.execute(db_change("select name from sqlite_master where type = 'index'"))
         data = curs.fetchall()
         if data:
             b_data = load_lang('delete')

route/server_now_update.py

@@ -9,7 +9,7 @@ def server_now_update_2(conn, r_ver):
     if flask.request.method == 'POST':
         admin_check(None, 'update')
 
-        curs.execute('select data from other where name = "update"')
+        curs.execute(db_change('select data from other where name = "update"'))
         up_data = curs.fetchall()
         if up_data:
             up_data = up_data[0][0]

route/setting.py

@@ -72,7 +72,7 @@ def setting_2(conn, num):
         
         if flask.request.method == 'POST':
             for i in i_list:
-                curs.execute("update other set data = ? where name = ?", [
+                curs.execute(db_change("update other set data = ? where name = ?"), [
                     flask.request.form.get(i_list[i], n_list[i]), 
                     i_list[i]]
                 )
@@ -86,12 +86,12 @@ def setting_2(conn, num):
             d_list = []
             
             for i in i_list:
-                curs.execute('select data from other where name = ?', [i_list[i]])
+                curs.execute(db_change('select data from other where name = ?'), [i_list[i]])
                 sql_d = curs.fetchall()
                 if sql_d:
                     d_list += [sql_d[0][0]]
                 else:
-                    curs.execute('insert into other (name, data) values (?, ?)', [i_list[i], n_list[i]])
+                    curs.execute(db_change('insert into other (name, data) values (?, ?)'), [i_list[i], n_list[i]])
                     
                     d_list += [n_list[i]]
 
@@ -225,11 +225,12 @@ def setting_2(conn, num):
             'password_search_text',
             'reset_user_text',
             'error_401',
-            'error_404'
+            'error_404',
+            'edit_help'
         ]
         if flask.request.method == 'POST':
             for i in i_list:
-                curs.execute("update other set data = ? where name = ?", [
+                curs.execute(db_change("update other set data = ? where name = ?"), [
                     flask.request.form.get(i, ''), 
                     i
                 ])
@@ -243,12 +244,12 @@ def setting_2(conn, num):
             d_list = []
             
             for i in i_list:
-                curs.execute('select data from other where name = ?', [i])
+                curs.execute(db_change('select data from other where name = ?'), [i])
                 sql_d = curs.fetchall()
                 if sql_d:
                     d_list += [sql_d[0][0]]
                 else:
-                    curs.execute('insert into other (name, data) values (?, ?)', [i, ''])
+                    curs.execute(db_change('insert into other (name, data) values (?, ?)'), [i, ''])
                     
                     d_list += ['']
 
@@ -302,6 +303,10 @@ def setting_2(conn, num):
                         <hr class=\"main_hr\">
                         <input name="''' + i_list[10] + '''" value="''' + html.escape(d_list[10]) + '''">
                         <hr class=\"main_hr\">
+                        <span>''' + load_lang('edit_help') + '''</span>
+                        <hr class=\"main_hr\">
+                        <input name="''' + i_list[11] + '''" value="''' + html.escape(d_list[11]) + '''">
+                        <hr class=\"main_hr\">
                         <button id="save" type="submit">''' + load_lang('save') + '''</button>
                     </form>
                 ''',
@@ -325,15 +330,15 @@ def setting_2(conn, num):
                 else:
                     coverage = flask.request.args.get('skin', '')
                 
-            curs.execute("select name from other where name = ? and coverage = ?", [info_d, coverage])
+            curs.execute(db_change("select name from other where name = ? and coverage = ?"), [info_d, coverage])
             if curs.fetchall():
-                curs.execute("update other set data = ? where name = ? and coverage = ?", [
+                curs.execute(db_change("update other set data = ? where name = ? and coverage = ?"), [
                     flask.request.form.get('content', ''),
                     info_d,
                     coverage
                 ])
             else:
-                curs.execute("insert into other (name, data, coverage) values (?, ?, ?)", [info_d, flask.request.form.get('content', ''), coverage])
+                curs.execute(db_change("insert into other (name, data, coverage) values (?, ?, ?)"), [info_d, flask.request.form.get('content', ''), coverage])
             
             conn.commit()
 
@@ -342,15 +347,15 @@ def setting_2(conn, num):
             return redirect('/setting/' + end_r + '?skin=' + flask.request.args.get('skin', ''))
         else:
             if num == 4:
-                curs.execute("select data from other where name = 'body'")
+                curs.execute(db_change("select data from other where name = 'body'"))
                 title = '_body'
                 start = ''
             elif num == 7:
-                curs.execute("select data from other where name = 'bottom_body'")
+                curs.execute(db_change("select data from other where name = 'bottom_body'"))
                 title = '_bottom_body'
                 start = ''
             else:
-                curs.execute("select data from other where name = 'head' and coverage = ?", [flask.request.args.get('skin', '')])
+                curs.execute(db_change("select data from other where name = 'head' and coverage = ?"), [flask.request.args.get('skin', '')])
                 title = '_head'
                 start = '<a href="?">(' + load_lang('all') + ')</a> ' + \
                 ' '.join(['<a href="?skin=' + i + '">(' + i + ')</a>' for i in load_skin('', 1)]) + \
@@ -380,11 +385,11 @@ def setting_2(conn, num):
             ))
     elif num == 5:
         if flask.request.method == 'POST':
-            curs.execute("select name from other where name = 'robot'")
+            curs.execute(db_change("select name from other where name = 'robot'"))
             if curs.fetchall():
-                curs.execute("update other set data = ? where name = 'robot'", [flask.request.form.get('content', '')])
+                curs.execute(db_change("update other set data = ? where name = 'robot'"), [flask.request.form.get('content', '')])
             else:
-                curs.execute("insert into other (name, data) values ('robot', ?)", [flask.request.form.get('content', '')])
+                curs.execute(db_change("insert into other (name, data) values ('robot', ?)"), [flask.request.form.get('content', '')])
             
             conn.commit()
             
@@ -396,7 +401,21 @@ def setting_2(conn, num):
 
             return redirect('/setting/4')
         else:
-            curs.execute("select data from other where name = 'robot'")
+            if not os.path.exists('robots.txt'):
+                curs.execute(db_change('select data from other where name = "robot"'))
+                robot_test = curs.fetchall()
+                if robot_test:
+                    fw_test = open('./robots.txt', 'w')
+                    fw_test.write(re.sub('\r\n', '\n', robot_test[0][0]))
+                    fw_test.close()
+                else:
+                    fw_test = open('./robots.txt', 'w')
+                    fw_test.write('User-agent: *\nDisallow: /\nAllow: /$\nAllow: /w/')
+                    fw_test.close()
+
+                    curs.execute(db_change('insert into other (name, data) values ("robot", "User-agent: *\nDisallow: /\nAllow: /$\nAllow: /w/")'))
+
+            curs.execute(db_change("select data from other where name = 'robot'"))
             robot = curs.fetchall()
             if robot:
                 data = robot[0][0]
@@ -413,7 +432,7 @@ def setting_2(conn, num):
             return easy_minify(flask.render_template(skin_check(), 
                 imp = ['robots.txt', wiki_set(), custom(), other2([0, 0])],
                 data = '''
-                    <a href="/robots.txt">(view)</a>
+                    <a href="/robots.txt">(''' + load_lang('view') + ''')</a>
                     <hr class=\"main_hr\">
                     <form method="post">
                         <textarea rows="25" name="content">''' + html.escape(data) + '''</textarea>
@@ -438,7 +457,7 @@ def setting_2(conn, num):
                 else:
                     into_data = flask.request.form.get(data, '')
 
-                curs.execute("update other set data = ? where name = ?", [into_data, data])
+                curs.execute(db_change("update other set data = ? where name = ?"), [into_data, data])
 
             conn.commit()
             
@@ -451,12 +470,12 @@ def setting_2(conn, num):
             x = 0
             
             for i in i_list:
-                curs.execute('select data from other where name = ?', [i])
+                curs.execute(db_change('select data from other where name = ?'), [i])
                 sql_d = curs.fetchall()
                 if sql_d:
                     d_list += [sql_d[0][0]]
                 else:
-                    curs.execute('insert into other (name, data) values (?, ?)', [i, ''])
+                    curs.execute(db_change('insert into other (name, data) values (?, ?)'), [i, ''])
                     
                     d_list += ['']
 

route/setting_adsense.py

@@ -18,21 +18,21 @@ def setting_adsense_2(conn):
             ))
         
         if adsense_enabled == 'on':
-            curs.execute('update other set data = "True" where name = "adsense"')
+            curs.execute(db_change('update other set data = "True" where name = "adsense"'))
         else:
-            curs.execute('update other set data = "False" where name = "adsense"')
+            curs.execute(db_change('update other set data = "False" where name = "adsense"'))
         
-        curs.execute('update other set data = ? where name = "adsense_code"', [adsense_code])
+        curs.execute(db_change('update other set data = ? where name = "adsense_code"'), [adsense_code])
         conn.commit()
         
         return redirect('/adsense_setting')
 
     body_content = ''
 
-    curs.execute('select data from other where name = "adsense"')
+    curs.execute(db_change('select data from other where name = "adsense"'))
     adsense_enabled = curs.fetchall()[0][0]
 
-    curs.execute('select data from other where name = "adsense_code"')
+    curs.execute(db_change('select data from other where name = "adsense_code"'))
     adsense_code = curs.fetchall()[0][0]
 
     template = '''

route/tool/func.py

@@ -14,6 +14,7 @@ for i in range(0, 2):
         import urllib.request
         import email.mime.text
         import sqlite3
+        import pymysql
         import hashlib
         import smtplib
         import bcrypt
@@ -31,7 +32,6 @@ for i in range(0, 2):
         if sys.version_info < (3, 6):
             import sha3
 
-        from .set_mark.tool import *
         from .mark import *
     except ImportError as e:
         if i == 0:
@@ -75,7 +75,7 @@ def send_email(who, title, data):
     smtp = smtplib.SMTP_SSL('smtp.gmail.com', 465)
 
     try:
-        curs.execute('select name, data from other where name = "g_email" or name = "g_pass"')
+        curs.execute(db_change('select name, data from other where name = "g_email" or name = "g_pass"'))
         rep_data = curs.fetchall()
         if rep_data:
             g_email = ''
@@ -149,10 +149,10 @@ def captcha_get():
     data = ''
 
     if ip_or_user() != 0:
-        curs.execute('select data from other where name = "recaptcha"')
+        curs.execute(db_change('select data from other where name = "recaptcha"'))
         recaptcha = curs.fetchall()
         if recaptcha and recaptcha[0][0] != '':
-            curs.execute('select data from other where name = "sec_re"')
+            curs.execute(db_change('select data from other where name = "sec_re"'))
             sec_re = curs.fetchall()
             if sec_re and sec_re[0][0] != '':
                 data += recaptcha[0][0] + '<hr class=\"main_hr\">'
@@ -162,10 +162,10 @@ def captcha_get():
 def update():
     #v3.1.2
     try:
-        curs.execute('select title, dec from acl where dec != ""')
+        curs.execute(db_change('select title, dec from acl where dec != ""'))
         db_data = curs.fetchall()
         for i in db_data:
-            curs.execute("update acl set decu = ? where title = ?", [i[1], i[0]])
+            curs.execute(db_change("update acl set decu = ? where title = ?"), [i[1], i[0]])
 
         print('Fix table acl column dec to decu')
         print('----')
@@ -176,7 +176,7 @@ def update():
 
 def pw_encode(data, data2 = '', type_d = ''):
     if type_d == '':
-        curs.execute('select data from other where name = "encode"')
+        curs.execute(db_change('select data from other where name = "encode"'))
         set_data = curs.fetchall()
 
         type_d = set_data[0][0]
@@ -197,7 +197,7 @@ def pw_encode(data, data2 = '', type_d = ''):
         return bcrypt.hashpw(bytes(data, 'utf-8'), salt_data).decode()
 
 def pw_check(data, data2, type_d = 'no', id_d = ''):
-    curs.execute('select data from other where name = "encode"')
+    curs.execute(db_change('select data from other where name = "encode"'))
     db_data = curs.fetchall()
 
     if type_d != 'no':
@@ -229,14 +229,14 @@ def pw_check(data, data2, type_d = 'no', id_d = ''):
                 set_data = db_data[0][0]
 
     if db_data[0][0] != set_data and re_data == 1 and id_d != '':
-        curs.execute("update user set pw = ?, encode = ? where id = ?", [pw_encode(data), db_data[0][0], id_d])
+        curs.execute(db_change("update user set pw = ?, encode = ? where id = ?"), [pw_encode(data), db_data[0][0], id_d])
 
     return re_data
 
 def captcha_post(re_data, num = 1):
     if num == 1:
         if ip_or_user() != 0 and captcha_get() != '':
-            curs.execute('select data from other where name = "sec_re"')
+            curs.execute(db_change('select data from other where name = "sec_re"'))
             sec_re = curs.fetchall()
             if sec_re and sec_re[0][0] != '':
                 try:
@@ -261,7 +261,7 @@ def captcha_post(re_data, num = 1):
 
 def load_lang(data, num = 2, safe = 0):
     if num == 1:
-        curs.execute("select data from other where name = 'language'")
+        curs.execute(db_change("select data from other where name = 'language'"))
         rep_data = curs.fetchall()
 
         json_data = open(os.path.join('language', rep_data[0][0] + '.json'), 'rt', encoding='utf-8').read()
@@ -275,7 +275,7 @@ def load_lang(data, num = 2, safe = 0):
         else:
             return html.escape(data + ' (M)')
     else:
-        curs.execute('select data from user_set where name = "lang" and id = ?', [ip_check()])
+        curs.execute(db_change('select data from user_set where name = "lang" and id = ?'), [ip_check()])
         rep_data = curs.fetchall()
         if rep_data:
             try:
@@ -320,7 +320,7 @@ def ip_or_user(data = ''):
 def edit_button():
     insert_list = []
     
-    curs.execute("select html, plus from html_filter where kind = 'edit_top'")
+    curs.execute(db_change("select html, plus from html_filter where kind = 'edit_top'"))
     db_data = curs.fetchall()
     for get_data in db_data:
         insert_list += [[get_data[1], get_data[0]]]
@@ -336,7 +336,7 @@ def edit_button():
 
 def ip_warring():
     if ip_or_user() != 0:
-        curs.execute('select data from other where name = "no_login_warring"')
+        curs.execute(db_change('select data from other where name = "no_login_warring"'))
         data = curs.fetchall()
         if data and data[0][0] != '':
             text_data = '<span>' + data[0][0] + '</span><hr class=\"main_hr\">'
@@ -350,13 +350,13 @@ def ip_warring():
 def skin_check(set_n = 0):
     skin = 'marisa'
 
-    curs.execute('select data from other where name = "skin"')
+    curs.execute(db_change('select data from other where name = "skin"'))
     skin_exist = curs.fetchall()
     if skin_exist and skin_exist[0][0] != '':
         if os.path.exists(os.path.abspath('./views/' + skin_exist[0][0] + '/index.html')) == 1:
             skin = skin_exist[0][0]
     
-    curs.execute('select data from user_set where name = "skin" and id = ?', [ip_check()])
+    curs.execute(db_change('select data from user_set where name = "skin" and id = ?'), [ip_check()])
     skin_exist = curs.fetchall()
     if skin_exist and skin_exist[0][0] != '':
         if os.path.exists(os.path.abspath('./views/' + skin_exist[0][0] + '/index.html')) == 1:
@@ -381,9 +381,14 @@ def next_fix(link, num, page, end = 50):
     return list_data
 
 def other2(data):
+    for _ in range(0, 3 - len(data)):
+        data += ['']
+
     req_list = ''
     
-    css_filter = {}
+    css_filter = {
+        'main.css' : '2'
+    }
     for i_data in os.listdir(os.path.join("views", "main_css", "css")):
         if i_data in css_filter:
             req_list += '<link rel="stylesheet" href="/views/main_css/css/' + i_data + '?ver=' + css_filter[i_data] + '">'
@@ -392,8 +397,12 @@ def other2(data):
     
     js_filter = {
         'load_include.js' : '2',
-        'render_html.js' : '2',
-        'do_open_foot.js' : '4'
+        'render_html.js' : '3',
+        'do_open_foot.js' : '4',
+        'topic_main_load.js' : '2',
+        'topic_plus_load.js' : '2',
+        'do_stop_exit.js' : '2',
+        'do_open_folding' : '2'
     }
     for i_data in os.listdir(os.path.join("views", "main_css", "js")):
         if i_data in js_filter:
@@ -401,7 +410,7 @@ def other2(data):
         else:
             req_list += '<script src="/views/main_css/js/' + i_data + '?ver=1"></script>'
 
-    data += ['', '''
+    data = data[0:2] + ['', '''
         <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.12.0/styles/default.min.css">
         <link   rel="stylesheet"
                 href="https://cdn.jsdelivr.net/npm/katex@0.10.1/dist/katex.min.css"
@@ -411,25 +420,34 @@ def other2(data):
                 integrity="sha384-2BKqo+exmr9su6dir+qCw08N2ZKRucY4PrGQPPWU1A7FtlCGjmEGFqXCv5nyM5Ij"
                 crossorigin="anonymous"></script>
         <script src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.12.0/highlight.min.js"></script>
-    ''' + req_list]
+    ''' + req_list] + data[2:]
 
     return data
 
 def cut_100(data):
-    return re.sub('<(((?!>).)*)>', '', data)[0:100] + '...'
+    data = re.sub('<(((?!>).)*)>', ' ', data)
+    data = re.sub('\n', ' ', data)
+    data = re.sub('^ +', '', data)
+    data = re.sub(' +$', '', data)
+    data = re.sub(' {2,}', ' ', data)
+
+    return data[0:100] + '...'
+
+def change_space(data):
+    return re.sub(' ', ' ', data)
 
 def wiki_set(num = 1):
     if num == 1:
         data_list = []
 
-        curs.execute('select data from other where name = ?', ['name'])
+        curs.execute(db_change('select data from other where name = ?'), ['name'])
         db_data = curs.fetchall()
         if db_data and db_data[0][0] != '':
             data_list += [db_data[0][0]]
         else:
             data_list += ['Wiki']
 
-        curs.execute('select data from other where name = "license"')
+        curs.execute(db_change('select data from other where name = "license"'))
         db_data = curs.fetchall()
         if db_data and db_data[0][0] != '':
             data_list += [db_data[0][0]]
@@ -438,14 +456,14 @@ def wiki_set(num = 1):
 
         data_list += ['', '']
 
-        curs.execute('select data from other where name = "logo"')
+        curs.execute(db_change('select data from other where name = "logo"'))
         db_data = curs.fetchall()
         if db_data and db_data[0][0] != '':
             data_list += [db_data[0][0]]
         else:
             data_list += [data_list[0]]
             
-        curs.execute("select data from other where name = 'head' and coverage = ?", [skin_check(1)])
+        curs.execute(db_change("select data from other where name = 'head' and coverage = ?"), [skin_check(1)])
         db_data = curs.fetchall()
         if db_data and db_data[0][0] != '':
             if len(re.findall('<', db_data[0][0])) % 2 != 1:
@@ -453,7 +471,7 @@ def wiki_set(num = 1):
             else:
                 data_list += ['']
         else:
-            curs.execute("select data from other where name = 'head' and coverage = ''")
+            curs.execute(db_change("select data from other where name = 'head' and coverage = ''"))
             db_data = curs.fetchall()
             if db_data and db_data[0][0] != '':
                 if len(re.findall('<', db_data[0][0])) % 2 != 1:
@@ -468,11 +486,11 @@ def wiki_set(num = 1):
     if num == 2:
         var_data = 'FrontPage'
 
-        curs.execute('select data from other where name = "frontpage"')
+        curs.execute(db_change('select data from other where name = "frontpage"'))
     elif num == 3:
         var_data = '2'
 
-        curs.execute('select data from other where name = "upload"')
+        curs.execute(db_change('select data from other where name = "upload"'))
     
     db_data = curs.fetchall()
     if db_data and db_data[0][0] != '':
@@ -535,7 +553,7 @@ def admin_check(num = None, what = None, name = ''):
     else:
         ip = name
 
-    curs.execute("select acl from user where id = ?", [ip])
+    curs.execute(db_change("select acl from user where id = ?"), [ip])
     user = curs.fetchall()
     if user:
         reset = 0
@@ -559,10 +577,10 @@ def admin_check(num = None, what = None, name = ''):
             else:
                 check = 'owner'
 
-            curs.execute('select name from alist where name = ? and acl = ?', [user[0][0], check])
+            curs.execute(db_change('select name from alist where name = ? and acl = ?'), [user[0][0], check])
             if curs.fetchall():
                 if what:
-                    curs.execute("insert into re_admin (who, what, time) values (?, ?, ?)", [ip, what, get_time()])
+                    curs.execute(db_change("insert into re_admin (who, what, time) values (?, ?, ?)"), [ip, what, get_time()])
                     conn.commit()
 
                 return 1
@@ -585,7 +603,7 @@ def ip_pas(raw_ip):
     hide = 0
 
     if ip_or_user(raw_ip) != 0:    
-        curs.execute("select data from other where name = 'ip_view'")
+        curs.execute(db_change("select data from other where name = 'ip_view'"))
         data = curs.fetchall()
         if data and data[0][0] != '':
             ip = re.sub('((?:(?!\.).)+)$', 'xxx', raw_ip)
@@ -595,7 +613,7 @@ def ip_pas(raw_ip):
         else:
             ip = raw_ip
     else:
-        curs.execute("select title from data where title = ?", ['user:' + raw_ip])
+        curs.execute(db_change("select title from data where title = ?"), ['user:' + raw_ip])
         if curs.fetchall():
             ip = '<a href="/w/' + url_pas('user:' + raw_ip) + '">' + raw_ip + '</a>'
         else:
@@ -628,7 +646,7 @@ def custom():
         user_icon = 0
 
     if user_icon != 0:
-        curs.execute('select data from user_set where name = "email" and id = ?', [ip])
+        curs.execute(db_change('select data from user_set where name = "email" and id = ?'), [ip])
         data = curs.fetchall()
         if data:
             email = data[0][0]
@@ -645,11 +663,11 @@ def custom():
     if admin_check('all') == 1:
         user_admin = '1'
 
-        curs.execute("select acl from user where id = ?", [ip])
+        curs.execute(db_change("select acl from user where id = ?"), [ip])
         user_acl = curs.fetchall()
 
         user_acl_list = []
-        curs.execute('select acl from alist where name = ?', [user_acl[0][0]])
+        curs.execute(db_change('select acl from alist where name = ?'), [user_acl[0][0]])
         user_acl = curs.fetchall()
         for i in user_acl:
             user_acl_list += [i[0]]
@@ -668,7 +686,7 @@ def custom():
         user_ban = '0'
 
     if user_icon == 1:
-        curs.execute("select count(name) from alarm where name = ?", [ip])
+        curs.execute(db_change("select count(name) from alarm where name = ?"), [ip])
         count = curs.fetchall()
         if count:
             user_notice = str(count[0][0])
@@ -687,11 +705,11 @@ def load_skin(data = '', set_n = 0):
     if data == '':
         ip = ip_check()
 
-        curs.execute('select data from user_set where name = "skin" and id = ?', [ip])
+        curs.execute(db_change('select data from user_set where name = "skin" and id = ?'), [ip])
         data = curs.fetchall()
 
         if not data:
-            curs.execute('select data from other where name = "skin"')
+            curs.execute(db_change('select data from other where name = "skin"'))
             data = curs.fetchall()
             if not data:
                 data = [['marisa']]
@@ -744,7 +762,7 @@ def acl_check(name = 'test', tool = '', sub = 'test'):
             if admin_check(5) == 1:
                 return 0
 
-            curs.execute("select decu from acl where title = ?", ['user:' + acl_n[0]])
+            curs.execute(db_change("select decu from acl where title = ?"), ['user:' + acl_n[0]])
             acl_data = curs.fetchall()
             if acl_data:
                 if acl_data[0][0] == 'all':
@@ -774,27 +792,27 @@ def acl_check(name = 'test', tool = '', sub = 'test'):
     for i in range(0, end):
         if tool == '':
             if i == 0:
-                curs.execute("select decu from acl where title = ?", [name])
+                curs.execute(db_change("select decu from acl where title = ?"), [name])
                 acl_data = curs.fetchall()
             elif i == 1:
-                curs.execute('select data from other where name = "edit"')
+                curs.execute(db_change('select data from other where name = "edit"'))
                 acl_data = curs.fetchall()
             else:
-                curs.execute("select view from acl where title = ?", [name])
+                curs.execute(db_change("select view from acl where title = ?"), [name])
                 acl_data = curs.fetchall()
 
             num = 5
         elif tool == 'topic':
             if i == 0:
-                curs.execute("select dis from acl where title = ?", [name])
+                curs.execute(db_change("select dis from acl where title = ?"), [name])
                 acl_data = curs.fetchall()
             else:
-                curs.execute('select data from other where name = "discussion"')
+                curs.execute(db_change('select data from other where name = "discussion"'))
                 acl_data = curs.fetchall()
 
             num = 3
         else:
-            curs.execute("select view from acl where title = ?", [name])
+            curs.execute(db_change("select view from acl where title = ?"), [name])
             acl_data = curs.fetchall()
 
             num = 5
@@ -816,7 +834,7 @@ def acl_check(name = 'test', tool = '', sub = 'test'):
                     return 1
                 
                 if admin_check(num) != 1:
-                    curs.execute("select count(title) from history where ip = ?", [ip])
+                    curs.execute(db_change("select count(title) from history where ip = ?"), [ip])
                     count = curs.fetchall()
                     if count:
                         count = count[0][0]
@@ -831,7 +849,7 @@ def acl_check(name = 'test', tool = '', sub = 'test'):
                     return 1
                 
                 if admin_check(num) != 1:
-                    curs.execute("select data from user_set where id = ? and name = 'email'", [ip])
+                    curs.execute(db_change("select data from user_set where id = ? and name = 'email'"), [ip])
                     email = curs.fetchall()
                     if not email:
                         return 1
@@ -841,7 +859,7 @@ def acl_check(name = 'test', tool = '', sub = 'test'):
                     return 1
 
         if tool == 'topic':
-            curs.execute("select title from rd where title = ? and sub = ? and not stop = ''", [name, sub])
+            curs.execute(db_change("select title from rd where title = ? and sub = ? and not stop = ''"), [name, sub])
             if curs.fetchall():
                 if admin_check(3, 'topic (' + name + ')') != 1:
                     return 1
@@ -858,10 +876,10 @@ def ban_check(ip = None, tool = None):
     else:
         band_it = '-'
 
-    curs.execute("delete from ban where (end < ? and end like '2%')", [get_time()])
+    curs.execute(db_change("delete from ban where (end < ? and end like '2%')"), [get_time()])
     conn.commit()
 
-    curs.execute("select login, block from ban where ((end > ? and end like '2%') or end = '') and band = 'regex'", [get_time()])
+    curs.execute(db_change("select login, block from ban where ((end > ? and end like '2%') or end = '') and band = 'regex'"), [get_time()])
     regex_d = curs.fetchall()
     for test_r in regex_d:
         g_regex = re.compile(test_r[1])
@@ -872,7 +890,7 @@ def ban_check(ip = None, tool = None):
             else:
                 return 1
     
-    curs.execute("select login from ban where ((end > ? and end like '2%') or end = '') and block = ? and band = 'O'", [get_time(), band_it])
+    curs.execute(db_change("select login from ban where ((end > ? and end like '2%') or end = '') and block = ? and band = 'O'"), [get_time(), band_it])
     band_d = curs.fetchall()
     if band_d:
         if tool and tool == 'login':
@@ -881,7 +899,7 @@ def ban_check(ip = None, tool = None):
         else:
             return 1
 
-    curs.execute("select login from ban where ((end > ? and end like '2%') or end = '') and block = ? and band = ''", [get_time(), ip])
+    curs.execute(db_change("select login from ban where ((end > ? and end like '2%') or end = '') and block = ? and band = ''"), [get_time(), ip])
     ban_d = curs.fetchall()
     if ban_d:
         if tool and tool == 'login':
@@ -906,11 +924,11 @@ def ban_insert(name, end, why, login, blocker, type_d = None):
         else:
             band = ''
 
-    curs.execute("delete from ban where (end < ? and end like '2%')", [get_time()])
+    curs.execute(db_change("delete from ban where (end < ? and end like '2%')"), [get_time()])
 
-    curs.execute("select block from ban where ((end > ? and end like '2%') or end = '') and block = ? and band = ?", [get_time(), name, band])
+    curs.execute(db_change("select block from ban where ((end > ? and end like '2%') or end = '') and block = ? and band = ?"), [get_time(), name, band])
     if curs.fetchall():
-        curs.execute("insert into rb (block, end, today, blocker, why, band) values (?, ?, ?, ?, ?, ?)", [
+        curs.execute(db_change("insert into rb (block, end, today, blocker, why, band) values (?, ?, ?, ?, ?, ?)"), [
             name, 
             'release',
             now_time, 
@@ -918,7 +936,7 @@ def ban_insert(name, end, why, login, blocker, type_d = None):
             '', 
             band
         ])
-        curs.execute("delete from ban where block = ? and band = ?", [name, band])
+        curs.execute(db_change("delete from ban where block = ? and band = ?"), [name, band])
     else:
         if login != '':
             login = 'O'
@@ -934,22 +952,22 @@ def ban_insert(name, end, why, login, blocker, type_d = None):
         else:
             r_time = ''
 
-        curs.execute("insert into rb (block, end, today, blocker, why, band) values (?, ?, ?, ?, ?, ?)", [name, r_time, now_time, blocker, why, band])
-        curs.execute("insert into ban (block, end, why, band, login) values (?, ?, ?, ?, ?)", [name, r_time, why, band, login])
+        curs.execute(db_change("insert into rb (block, end, today, blocker, why, band) values (?, ?, ?, ?, ?, ?)"), [name, r_time, now_time, blocker, why, band])
+        curs.execute(db_change("insert into ban (block, end, why, band, login) values (?, ?, ?, ?, ?)"), [name, r_time, why, band, login])
     
     conn.commit()
 
 def rd_plus(title, sub, date):
-    curs.execute("select title from rd where title = ? and sub = ?", [title, sub])
+    curs.execute(db_change("select title from rd where title = ? and sub = ?"), [title, sub])
     if curs.fetchall():
-        curs.execute("update rd set date = ? where title = ? and sub = ?", [date, title, sub])
+        curs.execute(db_change("update rd set date = ? where title = ? and sub = ?"), [date, title, sub])
     else:
-        curs.execute("insert into rd (title, sub, date) values (?, ?, ?)", [title, sub, date])
+        curs.execute(db_change("insert into rd (title, sub, date) values (?, ?, ?)"), [title, sub, date])
 
     conn.commit()
 
 def history_plus(title, data, date, ip, send, leng, t_check = ''):
-    curs.execute("select id from history where title = ? order by id + 0 desc limit 1", [title])
+    curs.execute(db_change("select id from history where title = ? order by id + 0 desc limit 1"), [title])
     id_data = curs.fetchall()
 
     send = re.sub('\(|\)|<|>', '', send)
@@ -960,7 +978,7 @@ def history_plus(title, data, date, ip, send, leng, t_check = ''):
     if t_check != '':
         send += ' (' + t_check + ')'
 
-    curs.execute("insert into history (id, title, data, date, ip, send, leng, hide) values (?, ?, ?, ?, ?, ?, ?, '')", [
+    curs.execute(db_change("insert into history (id, title, data, date, ip, send, leng, hide) values (?, ?, ?, ?, ?, ?, ?, '')"), [
         str(int(id_data[0][0]) + 1) if id_data else '1',
         title,
         data,
@@ -989,7 +1007,7 @@ def number_check(data):
 
 def edit_filter_do(data):
     if admin_check(1) != 1:
-        curs.execute("select regex, sub from filter where regex != ''")
+        curs.execute(db_change("select regex, sub from filter where regex != ''"))
         for data_list in curs.fetchall():
             match = re.compile(data_list[0], re.I)
             if match.search(data):
@@ -1026,10 +1044,10 @@ def re_error(data):
             else:
                 band_it = '-'
 
-            curs.execute("delete from ban where (end < ? and end like '2%')", [get_time()])
+            curs.execute(db_change("delete from ban where (end < ? and end like '2%')"), [get_time()])
             conn.commit()
 
-            curs.execute("select login, block, end from ban where ((end > ? and end like '2%') or end = '') and band = 'regex'", [get_time()])
+            curs.execute(db_change("select login, block, end from ban where ((end > ? and end like '2%') or end = '') and band = 'regex'"), [get_time()])
             regex_d = curs.fetchall()
             for test_r in regex_d:
                 g_regex = re.compile(test_r[1])
@@ -1041,7 +1059,7 @@ def re_error(data):
 
                     end += '<hr class=\"main_hr\">'
             
-            curs.execute("select login, end from ban where ((end > ? and end like '2%') or end = '') and block = ?", [get_time(), band_it])
+            curs.execute(db_change("select login, end from ban where ((end > ? and end like '2%') or end = '') and block = ?"), [get_time(), band_it])
             band_d = curs.fetchall()
             if band_d:
                 end += '<li>' + load_lang('type') + ' : band ban</li>'
@@ -1051,7 +1069,7 @@ def re_error(data):
 
                 end += '<hr class=\"main_hr\">'
 
-            curs.execute("select login, end from ban where ((end > ? and end like '2%') or end = '') and block = ?", [get_time(), ip])
+            curs.execute(db_change("select login, end from ban where ((end > ? and end like '2%') or end = '') and block = ?"), [get_time(), ip])
             ban_d = curs.fetchall()
             if ban_d:
                 end += '<li>' + load_lang('type') + ' : ban</li>'
@@ -1117,10 +1135,17 @@ def re_error(data):
             else:
                 data = '???'
 
-            return easy_minify(flask.render_template(skin_check(), 
-                imp = [load_lang('error'), wiki_set(1), custom(), other2([0, 0])],
-                data = '<h2>' + load_lang('error') + '</h2><ul><li>' + data + '</li></ul>',
-                menu = 0
-            )), 401
+            if num == 5:
+                return easy_minify(flask.render_template(skin_check(), 
+                    imp = [load_lang('skin_set'), wiki_set(1), custom(), other2([0, 0])],
+                    data = '<div id="main_skin_set"><h2>' + load_lang('error') + '</h2><ul><li>' + data + '</li></ul></div>',
+                    menu = 0
+                ))
+            else:
+                return easy_minify(flask.render_template(skin_check(), 
+                    imp = [load_lang('error'), wiki_set(1), custom(), other2([0, 0])],
+                    data = '<h2>' + load_lang('error') + '</h2><ul><li>' + data + '</li></ul>',
+                    menu = 0
+                )), 401
         else:
             return redirect('/')

route/tool/init.py

@@ -43,6 +43,9 @@ def init(key):
     if env_dict[key] != None:
         return env_dict[key]
     else:
+        if key == 'markup':
+            return server_set_var[key]['default']
+
         while 1:
             if server_set_var[key]['require'] == 'select':
                 list_ = '[' + ', '.join(server_set_var[key]['list']) + ']'

route/tool/mark.py

@@ -1,6 +1,8 @@
 from .set_mark.namu import namu
 from .set_mark.markdown import markdown
 
+from .set_mark.tool import *
+
 import re
 import html
 import sqlite3
@@ -36,12 +38,12 @@ def send_parser(data):
     
 def plusing(data):
     for data_in in data:
-        curs.execute("select title from back where title = ? and link = ? and type = ?", [data_in[1], data_in[0], data_in[2]])
+        curs.execute(db_change("select title from back where title = ? and link = ? and type = ?"), [data_in[1], data_in[0], data_in[2]])
         if not curs.fetchall():
-            curs.execute("insert into back (title, link, type) values (?, ?, ?)", [data_in[1], data_in[0], data_in[2]])
+            curs.execute(db_change("insert into back (title, link, type) values (?, ?, ?)"), [data_in[1], data_in[0], data_in[2]])
 
 def namumark(title, data, num, include):
-    curs.execute('select data from other where name = "markup"')
+    curs.execute(db_change('select data from other where name = "markup"'))
     rep_data = curs.fetchall()
     if rep_data[0][0] == 'namumark':
         data = namu(conn, data, title, num, include)

route/tool/set_mark/namu.py

@@ -256,9 +256,9 @@ def middle_parser(data, fol_num, syntax_num, folding_num, include_num):
                                                 else:
                                                     middle_data_2 = ['']
 
-                                                middle_list += ['div_end']
+                                                middle_list += ['div_1']
                                                 
-                                                data = re.sub('{{{#!wiki(?: style=(?:&quot;|&#x27;)((?:(?!&quot;|&#x27;).)*)(?:&quot;|&#x27;))?\n?', '<div id="wiki_div" style="' + str(middle_data_2[0]) + '">', data, 1)
+                                                data = re.sub('{{{#!wiki(?: style=(?:&quot;|&#x27;)((?:(?!&quot;|&#x27;).)*)(?:&quot;|&#x27;))?\n?', '<div id="wiki_div" style="' + str(middle_data_2[0] if middle_data_2[0] else '') + '">', data, 1)
                                             else:
                                                 middle_search = re.search('^#!syntax', middle_data[0])
                                                 if middle_search:                                                
@@ -290,18 +290,18 @@ def middle_parser(data, fol_num, syntax_num, folding_num, include_num):
                                                         if folding_num == 0:
                                                             folding_num = 1
                                                         
-                                                        data = re.sub('{{{#!folding ?((?:(?!\n).)*)\n?', '<div>' + str(folding_data[0]) + ' <div style="display: inline-block;"><a href="javascript:void(0);" onclick="do_open_folding(' + str(fol_num) + ', \'' + include_num + '\');">[+]</a></div_end><div id="' + include_num + 'folding_' + str(fol_num) + '" style="display: none;"><div id="wiki_div" style="">\n', data, 1)
+                                                        data = re.sub('{{{#!folding ?((?:(?!\n).)*)\n?', '<div>' + str(folding_data[0]) + ' <div style="display: inline-block;"><a href="javascript:void(0);" onclick="do_open_folding(' + str(fol_num) + ', \'' + include_num + '\', this);">[+]</a></div_2><div id="' + include_num + 'folding_' + str(fol_num) + '" style="display: none;"><div id="wiki_div" style="">', data, 1)
                                                         
                                                         fol_num += 1
 
                                                     else:
                                                         middle_search = re.search('^#!html', middle_data[0])
                                                         if middle_search:
-                                                            middle_list += ['div_end']
+                                                            middle_list += ['span']
                                                             
                                                             html_number += 1
                                                         
-                                                            data = middle_re.sub('<div id="' + include_num + 'render_contect_' + str(html_number) + '">', data, 1)
+                                                            data = middle_re.sub('<span id="' + include_num + 'render_contect_' + str(html_number) + '">', data, 1)
                                                         else:
                                                             middle_list += ['span']
 
@@ -328,7 +328,7 @@ def middle_parser(data, fol_num, syntax_num, folding_num, include_num):
                             middle_number -= 1
                             
                         if middle_list[middle_number] == '2div':
-                            data = middle_re.sub('</div_end></div_end></div_end>', data, 1)
+                            data = middle_re.sub('</div_1></div_2></div_2>', data, 1)
                         elif middle_list[middle_number] == 'pre':
                             data = middle_re.sub('</code></pre>', data, 1)
                         else:
@@ -352,7 +352,7 @@ def middle_parser(data, fol_num, syntax_num, folding_num, include_num):
                             middle_number -= 1
                             
                         if middle_list[middle_number] == '2div':
-                            data += '</div_end></div_end></div_end>'
+                            data += '</div_1></div_2></div_2>'
                         elif middle_list[middle_number] == 'pre':
                             data += '</code></pre>'
                         else:
@@ -431,7 +431,7 @@ def namu(conn, data, title, main_num, include_num):
 
             backlink += [[title, include_link, 'include']]
 
-            curs.execute("select title from data where title = ?", [include_data])
+            curs.execute(tool.db_change("select title from data where title = ?"), [include_data])
             if curs.fetchall():
                 data = include_re.sub('<div id="include_' + str(i) + '"></div>', data, 1)
 
@@ -453,10 +453,6 @@ def namu(conn, data, title, main_num, include_num):
             break
 
     data = re.sub('\r\n', '\n', data)
-
-    t_data = middle_parser(data, t_data[1][0], t_data[1][1], t_data[1][2], include_num)
-    data = t_data[0]
-
     data = re.sub('&amp;', '&', data)
 
     data = re.sub('\n( +)\|\|', '\n||', data)
@@ -466,7 +462,7 @@ def namu(conn, data, title, main_num, include_num):
     data = re.sub('<div id="wiki_div" style="">\n', '<div id="wiki_div" style="">', data)
            
     while 1:
-        wiki_table_data = re.search('<div id="wiki_div" ((?:(?!>).)+)>((?:(?!<div id="wiki_div"|<\/div_end>).\n*)+)<\/div_end>', data)
+        wiki_table_data = re.search('<div id="wiki_div" ((?:(?!>).)+)>((?:(?!<div id="wiki_div"|<\/div_1>).\n*)+)<\/div_1>', data)
         if wiki_table_data:
             wiki_table_data = wiki_table_data.groups()
             if re.search('\|\|', wiki_table_data[1]):
@@ -474,12 +470,12 @@ def namu(conn, data, title, main_num, include_num):
             else:
                 end_parser = wiki_table_data[1]
 
-            data = re.sub('<div id="wiki_div" ((?:(?!>).)+)>((?:(?!<div id="wiki_div"|<\/div_end>).\n*)+)<\/div_end>', '<div ' + wiki_table_data[0] + '>' + end_parser + '</div>', data, 1)
+            data = re.sub('<div id="wiki_div" ((?:(?!>).)+)>((?:(?!<div id="wiki_div"|<\/div_1>).\n*)+)<\/div_1>', '<div ' + wiki_table_data[0] + '>' + end_parser + '</div_2>', data, 1)
         else:
             break
-            
-    data = re.sub('<\/div_end>', '</div>', data)
-    data = re.sub('<\/td>', '</td_end>', data)
+
+    data = re.sub('<\/div_2>', '</div>', data)
+    data = re.sub('<\/td>', '</td_1>', data)
     
     first = 0
     math_re = re.compile('\[math\(((?:(?!\)\]).)+)\)\]', re.I)
@@ -585,11 +581,13 @@ def namu(conn, data, title, main_num, include_num):
                     break
 
             all_stack = re.sub('^0\.', '', all_stack)
+            new_toc_data = re.sub('=*$', '', toc[1])
+            new_toc_data = re.sub(' +$', '', new_toc_data)
+            new_toc_data = re.sub('^# ?(?P<in>[^#]+) ?#$', '\g<in>', new_toc_data)
             
-            data = re.sub('\n(={1,6}) ?((?:(?!\n).)+) ?\n', '\n<h' + toc_number + ' id="s-' + re.sub('\.$', '', all_stack) + '"><a href="#toc">' + all_stack + '</a> ' + re.sub('=*$', '', toc[1]) + ' <span style="font-size: 12px"><a href="/edit/' + tool.url_pas(title) + '?section=' + str(edit_number) + '">(Edit)</a></span></h' + toc_number + '>\n', data, 1)
+            data = re.sub('\n(={1,6}) ?((?:(?!\n).)+) ?\n', '\n<h' + toc_number + ' id="s-' + re.sub('\.$', '', all_stack) + '"><a href="#toc">' + all_stack + '</a> ' + new_toc_data + ' <span style="font-size: 12px"><a href="/edit/' + tool.url_pas(title) + '?section=' + str(edit_number) + '">(Edit)</a></span></h' + toc_number + '>\n', data, 1)
 
-            toc_main_data = toc[1]
-            toc_main_data = re.sub('=*$', '', toc_main_data)
+            toc_main_data = new_toc_data
             toc_main_data = re.sub('\[\*((?:(?! |\]).)*)(?: ((?:(?!(\[\*(?:(?:(?!\]).)+)\]|\])).)+))?\]', '', toc_main_data)
             toc_main_data = re.sub('<span id="math_[0-9]"><\/span>', '(Math)', toc_main_data)
             
@@ -606,7 +604,7 @@ def namu(conn, data, title, main_num, include_num):
     anchor_re = re.compile("\[anchor\((?P<in>(?:(?!\)\]).)+)\)\]", re.I)
     data = anchor_re.sub('<span id="\g<in>"></span>', data)
 
-    ruby_re = re.compile("\[ruby\((?P<in>(?:(?!,).)+)\, ?ruby=(?P<out>(?:(?!\)\]|,).)+)(?:\, ?color=(?P<under>(?:(?!\)\]).)+))?\)\]", re.I)
+    ruby_re = re.compile("\[ruby\((?P<in>(?:(?!,).)+)\, ?ruby=(?P<out>(?:(?!\)\]|,).)+)(?:\, ?color=(?P<under>(?:(?!\)\]|,).)+)(?:, ?(?:(?:(?!\)\]).)+))?)?\)\]", re.I)
     data = ruby_re.sub('<ruby>\g<in><rp>(</rp><rt style="color: \g<under>">\g<out></rt><rp>)</rp></ruby>', data)
 
     now_time = tool.get_time()
@@ -616,7 +614,7 @@ def namu(conn, data, title, main_num, include_num):
 
     pagecount_re = re.compile('\[pagecount\]', re.I)
 
-    curs.execute('select data from other where name = "count_all_title"')
+    curs.execute(tool.db_change('select data from other where name = "count_all_title"'))
     all_title = curs.fetchall()
 
     data = pagecount_re.sub(all_title[0][0], data)
@@ -685,7 +683,13 @@ def namu(conn, data, title, main_num, include_num):
             else:
                 video_code = ''
 
+            video_start = ''
+
             if youtube_re.search(video[0]):
+                start = re.search(', ?(start=(?:(?!,).)+)', video[1])
+                if start:
+                    video_start = '?' + start.groups()[0]
+
                 video_code = re.sub('^https:\/\/www\.youtube\.com\/watch\?v=', '', video_code)
                 video_code = re.sub('^https:\/\/youtu\.be\/', '', video_code)
                 
@@ -698,7 +702,7 @@ def namu(conn, data, title, main_num, include_num):
             else:
                 video_src = 'https://embed.nicovideo.jp/watch/' + video_code
                 
-            data = video_re.sub('<iframe width="' + video_width + '" height="' + video_height + '" src="' + video_src + '" allowfullscreen frameborder="0"></iframe>', data, 1)
+            data = video_re.sub('<iframe width="' + video_width + '" height="' + video_height + '" src="' + video_src + video_start + '" allowfullscreen frameborder="0"></iframe>', data, 1)
         else:
             break
 
@@ -723,6 +727,7 @@ def namu(conn, data, title, main_num, include_num):
             break
 
     data = re.sub('(?P<in>\n +\* ?(?:(?:(?!\|\|).)+))\|\|', '\g<in>\n ||', data)
+    data = re.sub('(?P<in><div id="folding_(?:[0-9]+)" style="display: none;"><div style="">)(?P<out> )?\* ', '\g<in>\n\g<out>* ', data)
 
     while 1:
         li = re.search('(\n(?:(?: *)\* ?(?:(?:(?!\n).)+)\n)+)', data)
@@ -833,7 +838,7 @@ def namu(conn, data, title, main_num, include_num):
                     file_src = '/image/' + tool.sha224(file_name) + '.' + file_end
                     file_alt = 'file:' + file_name + '.' + file_end
 
-                    curs.execute("select title from data where title = ?", [file_alt])
+                    curs.execute(tool.db_change("select title from data where title = ?"), [file_alt])
                     exist = curs.fetchall()
                 
                 if exist:
@@ -870,7 +875,7 @@ def namu(conn, data, title, main_num, include_num):
                 inter_data = re.search('^inter:((?:(?!:).)+):((?:(?!\]\]|\|).)+)', main_link)
                 inter_data = inter_data.groups()
 
-                curs.execute('select link, icon from inter where title = ?', [inter_data[0]])
+                curs.execute(tool.db_change('select link, icon from inter where title = ?'), [inter_data[0]])
                 inter = curs.fetchall()
                 if inter:
                     if inter[0][1] != '':
@@ -919,7 +924,7 @@ def namu(conn, data, title, main_num, include_num):
                 if not re.search('^\|', main_link):
                     if main_link != title:
                         if main_link != '':
-                            curs.execute("select title from data where title = ?", [main_link])
+                            curs.execute(tool.db_change("select title from data where title = ?"), [main_link])
                             if not curs.fetchall():
                                 link_id = 'id="not_thing"'
 
@@ -1103,15 +1108,16 @@ def namu(conn, data, title, main_num, include_num):
                         break
 
                     if end_data[j][0] == find_data:
-                        backlink[i][1] = backlink[i][1].replace('<span id="' + end_data[j][0] + '"></span>', end_data[j][1])
+                        if backlink[i][2] != 'redirect':
+                            backlink[i][1] = backlink[i][1].replace('<span id="' + end_data[j][0] + '"></span>', end_data[j][1])
+                        else:
+                            backlink[i][1] = backlink[i][1].replace('<span id="' + end_data[j][0] + '"></span>', '\\' + end_data[j][1])
 
                     j += 1
 
             i += 1
     
-    data = re.sub('<\/td_end>', '</td>', data)
-    data = re.sub('<include>(?P<in><a (?:[^>]+)>)\n', '\g<in>', data)
-    data = re.sub('\n<\/include>', '', data)
+    data = re.sub('<\/td_1>', '</td>', data)
     data = re.sub('<\/ul>\n', '</ul>', data)
     
     data = re.sub('(?P<in><\/h[0-9]>)(\n)+', '\g<in>', data)

route/tool/set_mark/tool.py

@@ -1,11 +1,24 @@
-import flask
 import urllib.parse
 import datetime
-import re
 import hashlib
+import flask
+import re
 
 def get_time():
     return str(datetime.datetime.today().strftime("%Y-%m-%d %H:%M:%S"))
+
+def db_data_get(data):
+    global set_data
+
+    set_data = data
+
+def db_change(data):
+    if set_data == 'mysql':
+        data = data.replace('random()', 'rand()')
+        data = data.replace('%', '%%')
+        data = data.replace('?', '%s')
+
+    return data
     
 def ip_check(d_type = 0):
     if d_type == 0:
@@ -38,13 +51,15 @@ def link_fix(main_link):
     main_link = re.sub('^파일:', 'file:', main_link)
     main_link = re.sub('^분류:', 'category:', main_link)
 
-    other_link = re.search('(#.+)$', main_link)
+    other_link = re.search('[^\\\\](#.+)$', main_link)
     if other_link:
         other_link = other_link.groups()[0]
 
         main_link = re.sub('(#.+)$', '', main_link)
     else:
         other_link = ''
+
+    main_link = re.sub('\\\\#', '%23', main_link)
         
     return [main_link, other_link]
 

route/topic.py

@@ -6,7 +6,7 @@ def topic_2(conn, name, sub):
     ban = topic_check(name, sub)
     admin = admin_check(3)
 
-    curs.execute("select id from topic where title = ? and sub = ? limit 1", [name, sub])
+    curs.execute(db_change("select id from topic where title = ? and sub = ? limit 1"), [name, sub])
     topic_exist = curs.fetchall()
     if not topic_exist and len(sub) > 256:
         return re_error('/error/11')
@@ -23,7 +23,7 @@ def topic_2(conn, name, sub):
         if ban == 1:
             return re_error('/ban')
         
-        curs.execute("select id from topic where title = ? and sub = ? order by id + 0 desc limit 1", [name, sub])
+        curs.execute(db_change("select id from topic where title = ? and sub = ? order by id + 0 desc limit 1"), [name, sub])
         old_num = curs.fetchall()
         if old_num:
             num = int(old_num[0][0]) + 1
@@ -34,23 +34,23 @@ def topic_2(conn, name, sub):
         if match:
             y_check = 0
             if ip_or_user(match.groups()[0]) == 1:
-                curs.execute("select ip from history where ip = ? limit 1", [match.groups()[0]])
+                curs.execute(db_change("select ip from history where ip = ? limit 1"), [match.groups()[0]])
                 u_data = curs.fetchall()
                 if u_data:
                     y_check = 1
                 else:
-                    curs.execute("select ip from topic where ip = ? limit 1", [match.groups()[0]])
+                    curs.execute(db_change("select ip from topic where ip = ? limit 1"), [match.groups()[0]])
                     u_data = curs.fetchall()
                     if u_data:
                         y_check = 1
             else:
-                curs.execute("select id from user where id = ?", [match.groups()[0]])
+                curs.execute(db_change("select id from user where id = ?"), [match.groups()[0]])
                 u_data = curs.fetchall()
                 if u_data:
                     y_check = 1
 
             if y_check == 1:
-                curs.execute('insert into alarm (name, data, date) values (?, ?, ?)', [
+                curs.execute(db_change('insert into alarm (name, data, date) values (?, ?, ?)'), [
                     match.groups()[0], 
                     ip + ' - <a href="/topic/' + url_pas(name) + '/sub/' + url_pas(sub) + '">' + load_lang('user_discussion', 1) + '</a>', 
                     today
@@ -60,10 +60,10 @@ def topic_2(conn, name, sub):
         data = cate_re.sub('[br]', flask.request.form.get('content', 'Test'))
         
         for rd_data in re.findall("(?:#([0-9]+))", data):
-            curs.execute("select ip from topic where title = ? and sub = ? and id = ?", [name, sub, rd_data])
+            curs.execute(db_change("select ip from topic where title = ? and sub = ? and id = ?"), [name, sub, rd_data])
             ip_data = curs.fetchall()
             if ip_data and ip_or_user(ip_data[0][0]) == 0:
-                curs.execute('insert into alarm (name, data, date) values (?, ?, ?)', [ip_data[0][0], ip + ' - <a href="/topic/' + url_pas(name) + '/sub/' + url_pas(sub) + '#' + str(num) + '">' + load_lang('discussion', 1) + '</a>', today])
+                curs.execute(db_change('insert into alarm (name, data, date) values (?, ?, ?)'), [ip_data[0][0], ip + ' - <a href="/topic/' + url_pas(name) + '/sub/' + url_pas(sub) + '#' + str(num) + '">' + load_lang('discussion', 1) + '</a>', today])
             
         data = re.sub("(?P<in>#(?:[0-9]+))", '[[\g<in>]]', data)
 
@@ -71,14 +71,14 @@ def topic_2(conn, name, sub):
 
         rd_plus(name, sub, today)
 
-        curs.execute("insert into topic (id, title, sub, data, date, ip, block, top) values (?, ?, ?, ?, ?, ?, '', '')", [str(num), name, sub, data, today, ip])
+        curs.execute(db_change("insert into topic (id, title, sub, data, date, ip, block, top) values (?, ?, ?, ?, ?, ?, '', '')"), [str(num), name, sub, data, today, ip])
         conn.commit()
         
         return redirect('/topic/' + url_pas(name) + '/sub/' + url_pas(sub) + '#reload')
     else:
         data = ''
     
-        curs.execute("select stop from rd where title = ? and sub = ? and stop != ''", [name, sub])
+        curs.execute(db_change("select stop from rd where title = ? and sub = ? and stop != ''"), [name, sub])
         close_data = curs.fetchall()
         if (close_data and admin != 1) or topic_check(name, sub) == 1:
             display = 'display: none;'
@@ -93,11 +93,14 @@ def topic_2(conn, name, sub):
             <a href="/topic/''' + url_pas(name) + '''/sub/''' + url_pas(sub) + '''/tool">(''' + load_lang('topic_tool') + ''')</a>
             <hr class=\"main_hr\">
             <form style="''' + display + '''" method="post">
-                <textarea style="height: 100px;" name="content"></textarea>
+                <textarea id="content" style="height: 100px;" name="content"></textarea>
                 <hr class=\"main_hr\">
                 ''' + captcha_get() + (ip_warring() if display == '' else '') + '''
                 <button type="submit">''' + load_lang('send') + '''</button>
+                <button id="preview" type="button" onclick="load_preview(\'''' + url_pas(name) + '\')">' + load_lang('preview') + '''</button>
             </form>
+            <hr class=\"main_hr\">
+            <div id="see_preview"></div>
         '''
 
         return easy_minify(flask.render_template(skin_check(), 

route/topic_admin.py

@@ -3,7 +3,7 @@ from .tool.func import *
 def topic_admin_2(conn, name, sub, num):
     curs = conn.cursor()
 
-    curs.execute("select block, ip, date from topic where title = ? and sub = ? and id = ?", [name, sub, str(num)])
+    curs.execute(db_change("select block, ip, date from topic where title = ? and sub = ? and id = ?"), [name, sub, str(num)])
     data = curs.fetchall()
     if not data:
         return redirect('/topic/' + url_pas(name) + '/sub/' + url_pas(sub))
@@ -24,10 +24,10 @@ def topic_admin_2(conn, name, sub, num):
     '''
 
     if admin_check(3) == 1:
-        curs.execute("select id from topic where title = ? and sub = ? and id = ? and top = 'O'", [name, sub, str(num)])
+        curs.execute(db_change("select id from topic where title = ? and sub = ? and id = ? and top = 'O'"), [name, sub, str(num)])
         top_topic_d = curs.fetchall()
 
-        curs.execute("select end from ban where block = ?", [data[0][1]])
+        curs.execute(db_change("select end from ban where block = ?"), [data[0][1]])
         user_ban_d = curs.fetchall()
         
         ban += '''

route/topic_block.py

@@ -6,13 +6,13 @@ def topic_block_2(conn, name, sub, num):
     if admin_check(3, 'blind (' + name + ' - ' + sub + '#' + str(num) + ')') != 1:
         return re_error('/error/3')
 
-    curs.execute("select block from topic where title = ? and sub = ? and id = ?", [name, sub, str(num)])
+    curs.execute(db_change("select block from topic where title = ? and sub = ? and id = ?"), [name, sub, str(num)])
     block = curs.fetchall()
     if block:
         if block[0][0] == 'O':
-            curs.execute("update topic set block = '' where title = ? and sub = ? and id = ?", [name, sub, str(num)])
+            curs.execute(db_change("update topic set block = '' where title = ? and sub = ? and id = ?"), [name, sub, str(num)])
         else:
-            curs.execute("update topic set block = 'O' where title = ? and sub = ? and id = ?", [name, sub, str(num)])
+            curs.execute(db_change("update topic set block = 'O' where title = ? and sub = ? and id = ?"), [name, sub, str(num)])
         
         rd_plus(name, sub, get_time())
         

route/topic_close_list.py

@@ -9,7 +9,7 @@ def topic_close_list_2(conn, name, tool):
         t_num = ''
         
         while 1:
-            curs.execute("select title from topic where title = ? and sub = ? limit 1", [name, flask.request.form.get('topic', None) + t_num])
+            curs.execute(db_change("select title from topic where title = ? and sub = ? limit 1"), [name, flask.request.form.get('topic', None) + t_num])
             if curs.fetchall():
                 if t_num == '':
                     t_num = ' 2'
@@ -24,15 +24,15 @@ def topic_close_list_2(conn, name, tool):
         menu = [['topic/' + url_pas(name), load_lang('return')]]
         
         if tool == 'close':
-            curs.execute("select sub from rd where title = ? and stop = 'O' order by sub asc", [name])
+            curs.execute(db_change("select sub from rd where title = ? and stop = 'O' order by sub asc"), [name])
             
             sub = load_lang('closed_discussion')
         elif tool == 'agree':
-            curs.execute("select sub from rd where title = ? and agree = 'O' order by sub asc", [name])
+            curs.execute(db_change("select sub from rd where title = ? and agree = 'O' order by sub asc"), [name])
             
             sub = load_lang('agreed_discussion')
         else:
-            curs.execute("select sub from rd where title = ? order by date desc", [name])
+            curs.execute(db_change("select sub from rd where title = ? order by date desc"), [name])
             
             sub = load_lang('discussion_list')
             
@@ -50,17 +50,17 @@ def topic_close_list_2(conn, name, tool):
         for data in curs.fetchall():
             t_num += 1
             
-            curs.execute("select data, date, ip, block from topic where title = ? and sub = ? and id = '1'", [name, data[0]])
+            curs.execute(db_change("select data, date, ip, block from topic where title = ? and sub = ? and id = '1'"), [name, data[0]])
             if curs.fetchall():                
                 it_p = 0
                 
                 if sub == load_lang('discussion_list'):
-                    curs.execute("select title from rd where title = ? and sub = ? and stop = 'O' order by sub asc", [name, data[0]])
+                    curs.execute(db_change("select title from rd where title = ? and sub = ? and stop = 'O' order by sub asc"), [name, data[0]])
                     if curs.fetchall():
                         it_p = 1
                 
                 if it_p != 1:
-                    curs.execute("select id from topic where title = ? and sub = ? order by date desc limit 1", [name, data[0]])
+                    curs.execute(db_change("select id from topic where title = ? and sub = ? order by date desc limit 1"), [name, data[0]])
                     t_data = curs.fetchall()
                 
                     div += '''

route/topic_stop.py

@@ -10,14 +10,14 @@ def topic_stop_2(conn, name, sub):
     time = get_time()
 
     if flask.request.method == 'POST':
-        curs.execute("select id from topic where title = ? and sub = ? order by id + 0 desc limit 1", [name, sub])
+        curs.execute(db_change("select id from topic where title = ? and sub = ? order by id + 0 desc limit 1"), [name, sub])
         topic_check = curs.fetchall()
         if topic_check:
             stop_d = flask.request.form.get('stop_d', '')
             why_d = flask.request.form.get('why', '')
             agree_d = flask.request.form.get('agree', '')
 
-            curs.execute("update rd set stop = ?, agree = ? where title = ? and sub = ?", [
+            curs.execute(db_change("update rd set stop = ?, agree = ? where title = ? and sub = ?"), [
                 stop_d,
                 agree_d,
                 name, 
@@ -31,7 +31,7 @@ def topic_stop_2(conn, name, sub):
             else:
                 t_state = 'Normal'
 
-            curs.execute("insert into topic (id, title, sub, data, date, ip, block, top) values (?, ?, ?, ?, ?, ?, '', '1')", [
+            curs.execute(db_change("insert into topic (id, title, sub, data, date, ip, block, top) values (?, ?, ?, ?, ?, ?, '', '1')"), [
                 str(int(topic_check[0][0]) + 1), 
                 name, 
                 sub, 
@@ -47,7 +47,7 @@ def topic_stop_2(conn, name, sub):
         stop_d_list = ''
         agree_check = ''
 
-        curs.execute("select stop, agree from rd where title = ? and sub = ? limit 1", [name, sub])
+        curs.execute(db_change("select stop, agree from rd where title = ? and sub = ? limit 1"), [name, sub])
         rd_d = curs.fetchall()
         if rd_d[0][0] == 'O':
             stop_d_list += '''

route/topic_tool.py

@@ -5,7 +5,7 @@ def topic_tool_2(conn, name, sub):
 
     data = ''
 
-    curs.execute("select stop, agree from rd where title = ? and sub = ?", [name, sub])
+    curs.execute(db_change("select stop, agree from rd where title = ? and sub = ?"), [name, sub])
     close_data = curs.fetchall()
     if close_data:
         if close_data[0][0] == 'S':

route/topic_top.py

@@ -6,15 +6,15 @@ def topic_top_2(conn, name, sub, num):
     if admin_check(3, 'notice (' + name + ' - ' + sub + '#' + str(num) + ')') != 1:
         return re_error('/error/3')
 
-    curs.execute("select title from topic where title = ? and sub = ? and id = ?", [name, sub, str(num)])
+    curs.execute(db_change("select title from topic where title = ? and sub = ? and id = ?"), [name, sub, str(num)])
     if curs.fetchall():
-        curs.execute("select top from topic where id = ? and title = ? and sub = ?", [str(num), name, sub])
+        curs.execute(db_change("select top from topic where id = ? and title = ? and sub = ?"), [str(num), name, sub])
         top_data = curs.fetchall()
         if top_data:
             if top_data[0][0] == 'O':
-                curs.execute("update topic set top = '' where title = ? and sub = ? and id = ?", [name, sub, str(num)])
+                curs.execute(db_change("update topic set top = '' where title = ? and sub = ? and id = ?"), [name, sub, str(num)])
             else:
-                curs.execute("update topic set top = 'O' where title = ? and sub = ? and id = ?", [name, sub, str(num)])
+                curs.execute(db_change("update topic set top = 'O' where title = ? and sub = ? and id = ?"), [name, sub, str(num)])
         
         rd_plus(name, sub, get_time())
 

route/user_count_edit.py

@@ -8,14 +8,14 @@ def user_count_edit_2(conn, name):
     else:
         that = name
 
-    curs.execute("select count(title) from history where ip = ?", [that])
+    curs.execute(db_change("select count(title) from history where ip = ?"), [that])
     count = curs.fetchall()
     if count:
         data = count[0][0]
     else:
         data = 0
 
-    curs.execute("select count(title) from topic where ip = ?", [that])
+    curs.execute(db_change("select count(title) from topic where ip = ?"), [that])
     count = curs.fetchall()
     if count:
         t_data = count[0][0]

route/user_custom_head_view.py

@@ -7,11 +7,11 @@ def user_custom_head_view_2(conn):
 
     if flask.request.method == 'POST':
         if ip_or_user(ip) == 0:
-            curs.execute("select user from custom where user = ?", [ip + ' (head)'])
+            curs.execute(db_change("select user from custom where user = ?"), [ip + ' (head)'])
             if curs.fetchall():
-                curs.execute("update custom set css = ? where user = ?", [flask.request.form.get('content', None), ip + ' (head)'])
+                curs.execute(db_change("update custom set css = ? where user = ?"), [flask.request.form.get('content', None), ip + ' (head)'])
             else:
-                curs.execute("insert into custom (user, css) values (?, ?)", [ip + ' (head)', flask.request.form.get('content', None)])
+                curs.execute(db_change("insert into custom (user, css) values (?, ?)"), [ip + ' (head)', flask.request.form.get('content', None)])
             
             conn.commit()
 
@@ -22,7 +22,7 @@ def user_custom_head_view_2(conn):
         if ip_or_user(ip) == 0:
             start = ''
 
-            curs.execute("select css from custom where user = ?", [ip + ' (head)'])
+            curs.execute(db_change("select css from custom where user = ?"), [ip + ' (head)'])
             head_data = curs.fetchall()
             if head_data:
                 data = head_data[0][0]

route/user_info.py

@@ -5,7 +5,7 @@ def user_info_2(conn):
 
     ip = ip_check()
 
-    curs.execute('select name from alarm where name = ? limit 1', [ip_check()])
+    curs.execute(db_change('select name from alarm where name = ? limit 1'), [ip_check()])
     if curs.fetchall():
         plus2 = '<li><a href="/alarm">' + load_lang('alarm') + ' (O)</a></li>'
     else:
@@ -26,7 +26,7 @@ def user_info_2(conn):
         '''
         plus3 = ''
 
-        curs.execute("select data from other where name = 'email_have'")
+        curs.execute(db_change("select data from other where name = 'email_have'"))
         test = curs.fetchall()
         if test and test[0][0] != '':
             plus += '<li><a href="/pass_find">' + load_lang('password_search') + '</a></li>'

route/user_setting.py

@@ -15,17 +15,17 @@ def user_setting_2(conn, server_init):
 
             for auto_data in auto_list:
                 if flask.request.form.get(auto_data, '') != '':
-                    curs.execute('select data from user_set where name = ? and id = ?', [auto_data, ip])
+                    curs.execute(db_change('select data from user_set where name = ? and id = ?'), [auto_data, ip])
                     if curs.fetchall():
-                        curs.execute("update user_set set data = ? where name = ? and id = ?", [flask.request.form.get(auto_data, ''), auto_data, ip])
+                        curs.execute(db_change("update user_set set data = ? where name = ? and id = ?"), [flask.request.form.get(auto_data, ''), auto_data, ip])
                     else:
-                        curs.execute("insert into user_set (name, id, data) values (?, ?, ?)", [auto_data, ip, flask.request.form.get(auto_data, '')])
+                        curs.execute(db_change("insert into user_set (name, id, data) values (?, ?, ?)"), [auto_data, ip, flask.request.form.get(auto_data, '')])
 
             conn.commit()
             
             return redirect('/change')
         else:        
-            curs.execute('select data from user_set where name = "email" and id = ?', [ip])
+            curs.execute(db_change('select data from user_set where name = "email" and id = ?'), [ip])
             data = curs.fetchall()
             if data:
                 email = data[0][0]
@@ -35,10 +35,10 @@ def user_setting_2(conn, server_init):
             div2 = load_skin()
             div3 = ''
 
-            curs.execute('select data from user_set where name = "lang" and id = ?', [flask.session['id']])
+            curs.execute(db_change('select data from user_set where name = "lang" and id = ?'), [flask.session['id']])
             data = curs.fetchall()
             if not data:
-                curs.execute('select data from other where name = "language"')
+                curs.execute(db_change('select data from other where name = "language"'))
                 data = curs.fetchall()
                 if not data:
                     data = [['en-US']]
@@ -52,7 +52,7 @@ def user_setting_2(conn, server_init):
             oauth_provider = load_oauth('_README')['support']
             oauth_content = '<ul>'
             for i in range(len(oauth_provider)):
-                curs.execute('select name, picture from oauth_conn where wiki_id = ? and provider = ?', [flask.session['id'], oauth_provider[i]])
+                curs.execute(db_change('select name, picture from oauth_conn where wiki_id = ? and provider = ?'), [flask.session['id'], oauth_provider[i]])
                 oauth_data = curs.fetchall()
                 if len(oauth_data) == 1:
                     oauth_content += '<li>{}</li>'.format(oauth_provider[i].capitalize() + ' : <img src="{}" width="17px" height="17px"> {}'.format(oauth_data[0][1], oauth_data[0][0]))

route/user_tool.py

@@ -12,7 +12,7 @@ def user_tool_2(conn, name):
     '''
             
     if admin_check(1) == 1:
-        curs.execute("select block from ban where block = ?", [name])
+        curs.execute(db_change("select block from ban where block = ?"), [name])
         if curs.fetchall():
             ban_name = load_lang('ban_release')
         else:

route/view_diff_data.py

@@ -9,14 +9,14 @@ def view_diff_data_2(conn, name):
     first = number_check(flask.request.args.get('first', '1'))
     second = number_check(flask.request.args.get('second', '1'))
 
-    curs.execute("select title from history where title = ? and (id = ? or id = ?) and hide = 'O'", [name, first, second])
+    curs.execute(db_change("select title from history where title = ? and (id = ? or id = ?) and hide = 'O'"), [name, first, second])
     if curs.fetchall() and admin_check(6) != 1:
         return re_error('/error/3')
 
-    curs.execute("select data from history where id = ? and title = ?", [first, name])
+    curs.execute(db_change("select data from history where id = ? and title = ?"), [first, name])
     first_raw_data = curs.fetchall()
     if first_raw_data:
-        curs.execute("select data from history where id = ? and title = ?", [second, name])
+        curs.execute(db_change("select data from history where id = ? and title = ?"), [second, name])
         second_raw_data = curs.fetchall()
         if second_raw_data:
             first_data = html.escape(first_raw_data[0][0])            

route/view_down.py

@@ -5,7 +5,7 @@ def view_down_2(conn, name):
 
     div = '<ul>'
 
-    curs.execute("select title from data where title like ?", [name + '/%'])
+    curs.execute(db_change("select title from data where title like ?"), [name + '/%'])
     for data in curs.fetchall():
         div += '<li><a href="/w/' + url_pas(data[0]) + '">' + data[0] + '</a></li>'
         

route/view_raw.py

@@ -15,27 +15,27 @@ def view_raw_2(conn, name, sub_title, num):
             num = int(number_check(num))
     
     if not sub_title and num:
-        curs.execute("select title from history where title = ? and id = ? and hide = 'O'", [name, str(num)])
+        curs.execute(db_change("select title from history where title = ? and id = ? and hide = 'O'"), [name, str(num)])
         if curs.fetchall() and admin_check(6) != 1:
             return re_error('/error/3')
         
-        curs.execute("select data from history where title = ? and id = ?", [name, str(num)])
+        curs.execute(db_change("select data from history where title = ? and id = ?"), [name, str(num)])
         
         sub += ' (r' + str(num) + ')'
 
         menu = [['history/' + url_pas(name), load_lang('history')]]
     elif sub_title:
         if admin_check(6) != 1:
-            curs.execute("select data from topic where id = ? and title = ? and sub = ? and block = ''", [str(num), name, sub_title])
+            curs.execute(db_change("select data from topic where id = ? and title = ? and sub = ? and block = ''"), [str(num), name, sub_title])
         else:
-            curs.execute("select data from topic where id = ? and title = ? and sub = ?", [str(num), name, sub_title])
+            curs.execute(db_change("select data from topic where id = ? and title = ? and sub = ?"), [str(num), name, sub_title])
         
         v_name = load_lang('discussion_raw')
         sub = ' (#' + str(num) + ')'
 
         menu = [['topic/' + url_pas(name) + '/sub/' + url_pas(sub_title) + '#' + str(num), load_lang('discussion')], ['topic/' + url_pas(name) + '/sub/' + url_pas(sub_title) + '/admin/' + str(num), load_lang('return')]]
     else:
-        curs.execute("select data from data where title = ?", [name])
+        curs.execute(db_change("select data from data where title = ?"), [name])
         
         menu = [['w/' + url_pas(name), load_lang('return')]]
 

route/view_read.py

@@ -6,29 +6,30 @@ def view_read_2(conn, name):
     sub = ''
     acl = ''
     div = ''
+    ip = ip_check()
 
     num = flask.request.args.get('num', None)
     if num:
         num = int(number_check(num))
     else:
         if not flask.request.args.get('from', None):
-            curs.execute("select title from back where link = ? and type = 'redirect'", [name])
+            curs.execute(db_change("select title from back where link = ? and type = 'redirect'"), [name])
             r_db = curs.fetchall()
             if r_db:
                 r_data = link_fix(r_db[0][0])
             
                 return redirect('/w/' + r_data[0] + '?from=' + name + r_data[1])
 
-    curs.execute("select sub from rd where title = ? and not stop = 'O' order by date desc", [name])
+    curs.execute(db_change("select sub from rd where title = ? and not stop = 'O' order by date desc"), [name])
     if curs.fetchall():
         sub += ' (' + load_lang('discussion') + ')'
         topic = 1
     else:
         topic = 0
 
-    curs.execute("select link from back where title = ? and type = 'cat' order by link asc", [name])
+    curs.execute(db_change("select link from back where title = ? and type = 'cat' order by link asc"), [name])
                 
-    curs.execute("select title from data where title like ?", ['%' + name + '/%'])
+    curs.execute(db_change("select title from data where title like ?"), ['%' + name + '/%'])
     if curs.fetchall():
         down = 1
     else:
@@ -41,7 +42,7 @@ def view_read_2(conn, name):
         uppage = 0
         
     if re.search('^category:', name):        
-        curs.execute("select link from back where title = ? and type = 'cat' order by link asc", [name])
+        curs.execute(db_change("select link from back where title = ? and type = 'cat' order by link asc"), [name])
         back = curs.fetchall()
         if back:
             div = '<br><h2 id="cate_normal">' + load_lang('category') + '</h2><ul>'
@@ -51,7 +52,7 @@ def view_read_2(conn, name):
                 if re.search('^category:', data[0]):
                     u_div += '<li><a href="/w/' + url_pas(data[0]) + '">' + data[0] + '</a></li>'
                 else:
-                    curs.execute("select title from back where title = ? and type = 'include'", [data[0]])
+                    curs.execute(db_change("select title from back where title = ? and type = 'include'"), [data[0]])
                     db_data = curs.fetchall()
                     if db_data:
                         div += '<li><a href="/w/' + url_pas(data[0]) + '">' + data[0] + '</a> <a id="inside" href="/xref/' + url_pas(data[0]) + '">(' + load_lang('backlink') + ')</a></li>'
@@ -68,13 +69,13 @@ def view_read_2(conn, name):
 
 
     if num:
-        curs.execute("select title from history where title = ? and id = ? and hide = 'O'", [name, str(num)])
+        curs.execute(db_change("select title from history where title = ? and id = ? and hide = 'O'"), [name, str(num)])
         if curs.fetchall() and admin_check(6) != 1:
             return redirect('/history/' + url_pas(name))
 
-        curs.execute("select title, data from history where title = ? and id = ?", [name, str(num)])
+        curs.execute(db_change("select title, data from history where title = ? and id = ?"), [name, str(num)])
     else:
-        curs.execute("select title, data from data where title = ?", [name])
+        curs.execute(db_change("select title, data from data where title = ?"), [name])
     
     data = curs.fetchall()
     if data:
@@ -82,7 +83,7 @@ def view_read_2(conn, name):
     else:
         else_data = None
 
-    curs.execute("select decu from acl where title = ?", [name])
+    curs.execute(db_change("select decu from acl where title = ?"), [name])
     data = curs.fetchall()
     if data:
         acl += ' (' + load_lang('acl') + ')'
@@ -99,7 +100,7 @@ def view_read_2(conn, name):
     if end_data == 'HTTP Request 401.3':
         response_data = 401
         
-        curs.execute('select data from other where name = "error_401"')
+        curs.execute(db_change('select data from other where name = "error_401"'))
         sql_d = curs.fetchall()
         if sql_d and sql_d[0][0] != '':
             end_data = '<h2>' + load_lang('error') + '</h2><ul><li>' + sql_d[0][0] + '</li></ul>'
@@ -108,14 +109,14 @@ def view_read_2(conn, name):
     elif end_data == 'HTTP Request 404':
         response_data = 404
         
-        curs.execute('select data from other where name = "error_404"')
+        curs.execute(db_change('select data from other where name = "error_404"'))
         sql_d = curs.fetchall()
         if sql_d and sql_d[0][0] != '':
             end_data = '<h2>' + load_lang('error') + '</h2><ul><li>' + sql_d[0][0] + '</li></ul>'
         else:
             end_data = '<h2>' + load_lang('error') + '</h2><ul><li>' + load_lang('decument_404_error') + '</li></ul>'
             
-        curs.execute('select ip, date, leng, send from history where title = ? order by id desc limit 3', [name])
+        curs.execute(db_change('select ip, date, leng, send from history where title = ? order by id desc limit 3'), [name])
         sql_d = curs.fetchall()
         if sql_d:
             end_data += '<h2>' + load_lang('history') + '</h2><ul>'
@@ -161,7 +162,7 @@ def view_read_2(conn, name):
         if down:
             menu += [['down/' + url_pas(name), load_lang('sub')]]
     
-        curs.execute("select date from history where title = ? order by date desc limit 1", [name])
+        curs.execute(db_change("select date from history where title = ? order by date desc limit 1"), [name])
         date = curs.fetchall()
         if date:
             r_date = date[0][0]
@@ -172,20 +173,20 @@ def view_read_2(conn, name):
             
     adsense_code = '<div align="center" style="display: block; margin-bottom: 10px;">{}</div>'
 
-    curs.execute("select data from other where name = 'adsense'")
+    curs.execute(db_change("select data from other where name = 'adsense'"))
     adsense_enabled = curs.fetchall()[0][0]
     if adsense_enabled == 'True':
-        curs.execute("select data from other where name = 'adsense_code'")
+        curs.execute(db_change("select data from other where name = 'adsense_code'"))
         adsense_code = adsense_code.format(curs.fetchall()[0][0])
     else:
         adsense_code = adsense_code.format('')
 
-    curs.execute("select data from other where name = 'body'")
+    curs.execute(db_change("select data from other where name = 'body'"))
     body = curs.fetchall()
     if body:
         div = body[0][0] + '<hr class=\"main_hr\">' + div
         
-    curs.execute("select data from other where name = 'bottom_body'")
+    curs.execute(db_change("select data from other where name = 'bottom_body'"))
     body = curs.fetchall()
     if body:
         div += '<hr class=\"main_hr\">' + body[0][0]
@@ -199,9 +200,18 @@ def view_read_2(conn, name):
             <div id="get_user_info"></div>
             <script>load_user_info("''' + user_name + '''");</script>
         ''' + div
+
+    if ip_or_user(ip) == 0:
+        curs.execute(db_change("select title from scan where user = ? and title = ?"), [ip, name])
+        if curs.fetchall():
+            watch_list = 2
+        else:
+            watch_list = 1
+    else:
+        watch_list = 0
         
     return easy_minify(flask.render_template(skin_check(), 
-        imp = [flask.request.args.get('show', name), wiki_set(), custom(), other2([sub + acl, r_date])],
+        imp = [flask.request.args.get('show', name), wiki_set(), custom(), other2([sub + acl, r_date, watch_list])],
         data = div,
         menu = menu
     )), response_data

route/view_xref.py

@@ -13,8 +13,19 @@ def view_xref_2(conn, name):
         sql_num = 0
         
     div = '<ul>'
+
+    if re.search('#', name):
+        name = re.sub('#', '\\\\#', name)
     
-    curs.execute("select link, type from back where title = ? and not type = 'cat' and not type = 'no' order by link asc limit ?, '50'", [name, str(sql_num)])
+    curs.execute(db_change("" + \
+        "select link, type from back " + \
+        "where (title = ? and not type = 'cat' and not type = 'no') or (title like ? and type = 'redirect')" + \
+        "order by link asc limit ?, 50" + \
+    ""), [
+        name,
+        name + '#s-%',
+        sql_num
+    ])
     data_list = curs.fetchall()
     for data in data_list:
         div += '<li><a href="/w/' + url_pas(data[0]) + '">' + data[0] + '</a>'
@@ -22,7 +33,7 @@ def view_xref_2(conn, name):
         if data[1]:                
             div += ' (' + data[1] + ')'
         
-        curs.execute("select title from back where title = ? and type = 'include'", [data[0]])
+        curs.execute(db_change("select title from back where title = ? and type = 'include'"), [data[0]])
         db_data = curs.fetchall()
         if db_data:
             div += ' <a id="inside" href="/xref/' + url_pas(data[0]) + '">(' + load_lang('backlink') + ')</a>'

route/watch_list.py

@@ -9,10 +9,10 @@ def watch_list_2(conn):
     if ip_or_user(ip) != 0:
         return redirect('/login')
 
-    curs.execute("delete from scan where user = ? and title = ''", [ip])
+    curs.execute(db_change("delete from scan where user = ? and title = ''"), [ip])
     conn.commit()
 
-    curs.execute("select title from scan where user = ?", [ip])
+    curs.execute(db_change("select title from scan where user = ?"), [ip])
     data = curs.fetchall()
     for data_list in data:
         div += '<li><a href="/w/' + url_pas(data_list[0]) + '">' + data_list[0] + '</a> <a href="/watch_list/' + url_pas(data_list[0]) + '">(' + load_lang('delete') + ')</a></li>'

route/watch_list_name.py

@@ -7,16 +7,16 @@ def watch_list_name_2(conn, name):
     if ip_or_user(ip) != 0:
         return redirect('/login')
 
-    curs.execute("select count(title) from scan where user = ?", [ip])
+    curs.execute(db_change("select count(title) from scan where user = ?"), [ip])
     count = curs.fetchall()
     if count and count[0][0] > 9:
         return redirect('/watch_list')
 
-    curs.execute("select title from scan where user = ? and title = ?", [ip, name])
+    curs.execute(db_change("select title from scan where user = ? and title = ?"), [ip, name])
     if curs.fetchall():
-        curs.execute("delete from scan where user = ? and title = ?", [ip, name])
+        curs.execute(db_change("delete from scan where user = ? and title = ?"), [ip, name])
     else:
-        curs.execute("insert into scan (user, title) values (?, ?)", [ip, name])
+        curs.execute(db_change("insert into scan (user, title) values (?, ?)"), [ip, name])
     
     conn.commit()
 

version.json

@@ -1,11 +1,11 @@
 {
     "master" : {
-        "r_ver" : "v3.1.3-stable-04",
+        "r_ver" : "v3.1.4-stable-01",
         "c_ver" : "400004",
-        "s_ver" : "3"
+        "s_ver" : "5"
     }, "stable" : {
-        "r_ver" : "v3.1.3-stable-04",
+        "r_ver" : "v3.1.4-stable-01",
         "c_ver" : "400004",
-        "s_ver" : "3"
+        "s_ver" : "5"
     }
 }

views/main_css/css/main.css

@@ -13,11 +13,11 @@ input[type="checkbox"] { width: auto; }
 .popup { position: fixed; bottom: 0; padding: 10px; left: 0; background: lightgray; width: 100%; }
 #list { padding: 10px; }
 #toron { width: 100%; }
-#toron_color { background: khaki; }
-#toron_color_green { background: darkseagreen; }
+#toron_color_green { background: lightgreen; }
 #toron_color_blue { background: skyblue; }
 #toron_color_red { background: indianred; }
 #toron_color_grey { background: gainsboro; }
+#toron_color_not { display: none; }
 #cate { border: 1px solid; padding: 5px; }
 blockquote { border: 1px solid; padding: 15px; margin: 0; margin-top: 10px; display: inline-block; }
 img, iframe { max-width: 100%; }
@@ -41,4 +41,5 @@ blockquote { background-image: url(/views/acme/img/quote.png); background-positi
 @media (max-width: 768px) { table { min-width: 100%; }}
 @media (max-width: 400px) { .foot_plus { width: 80%; right: calc(100% - 92%); }}
 @media (max-height: 400px) { .foot_plus { height: 80%; top: calc(100% - 92%); }}
-.foot_in { overflow-y: scroll; height: calc(100% - 20px); }
+.foot_in { overflow-y: scroll; height: calc(100% - 20px); }
+#origin { display: none; }

views/main_css/js/do_open_folding.js

@@ -1,8 +1,10 @@
-function do_open_folding(num, include_num) { 
+function do_open_folding(num, include_num, element) { 
     var fol = document.getElementById(include_num + 'folding_' + num); 
     if(fol.style.display === 'inline-block' || fol.style.display === 'block') { 
         fol.style.display = 'none';
+        element.innerHTML = '[+]'
     } else {
-        fol.style.display = 'block'; 
+        fol.style.display = 'block';
+        element.innerHTML = '[-]' 
     } 
 }

views/main_css/js/do_stop_exit.js

@@ -0,0 +1,12 @@
+var go_save_zone = 0;
+
+function do_stop_exit() {
+    window.onbeforeunload = function() {
+        console.log(go_save_zone);
+        data = document.getElementById('content').value;
+        origin = document.getElementById('origin').value;
+        if(data !== origin && go_save_zone != 1) {
+            return ''; 
+        }
+    }
+}

views/main_css/js/render_html.js

@@ -5,18 +5,18 @@ function render_html(name = '') {
         if(document.getElementById(name + 'render_contect_' + String(num))) {
             data = document.getElementById(name + 'render_contect_' + String(num)).innerHTML;
 
-            t_data = ['b', 'i', 's', 'del']
+            var t_data = ['b', 'i', 's', 'del']
             for(var key in t_data) {
                 var patt = new RegExp('<' + t_data[key] + '>((?:(?!<\/' + t_data[key] + '>).)*)<\/' + t_data[key] + '>', 'ig');
                 data = data.replace(patt, '<' + t_data[key] + '>$1</' + t_data[key] + '>');
             }
             
-            src_list = {
+            var src_list = {
                 'www.youtube.com' : '1',
                 'www.google.com' : '1'
             }
-            data = data.replace(/&lt;iframe( (?:(?:(?!&gt;).)+))&gt;&lt;\/iframe&gt;/g, function(full, in_data) {
-                src_data = in_data.match(/ src=['"]https:\/\/([^/'"]+)(?:[^'"]+)['"](?: |$)/);
+            data = data.replace(/&lt;iframe( (?:(?:(?!&gt;).)+))&gt;&lt;\/iframe&gt;/ig, function(full, in_data) {
+                var src_data = in_data.match(/ src=['"]https:\/\/([^/'"]+)(?:[^'"]+)['"](?: |$)/);
                 if(src_data) {
                     if(src_list[src_data[1]]) {
                         return '<iframe' + in_data + '></iframe>';
@@ -25,6 +25,18 @@ function render_html(name = '') {
                     }
                 }
             });
+
+            t_data = ['div', 'span']
+            for(var key in t_data) {
+                patt = new RegExp('&lt;' + t_data[key] + ' style=["\']((?:(?!["\']).)+)["\']&gt;((?:(?!&lt;\/' + t_data[key] + '&gt;).)*)&lt;\/' + t_data[key] + '&gt;', 'ig');
+                data = data.replace(patt, function(full, in_data, in_data_2) {
+                    return '<' + t_data[key] + ' style="' + in_data.replace(/position/ig, '') + '">' + in_data_2 + '</' + t_data[key] + '>'
+                });
+            }
+
+            data = data.replace(/&lt;a href=["\']((?:(?!["\']).)+)["\']&gt;((?:(?!&lt;\/a&gt;).)*)&lt;\/a&gt;/ig, function(full, in_data, in_data_2) {
+                return '<a id="out_link" href="' + in_data.replace(/^javascript/ig, '') + '">' + in_data_2 + '</a>'
+            });
             
             document.getElementById(name + 'render_contect_' + String(num)).innerHTML = data;
         } else {

views/main_css/js/topic_main_load.js

@@ -36,6 +36,10 @@ function topic_main_load(name, sub, s_num) {
 
                     if(markup === 'markdown') {
                         render_markdown();
+                    } else {
+                        for(var key in t_data) {
+                            render_html('topic_' + String(key) + '-');
+                        }
                     }
                 }
             }

views/main_css/js/topic_plus_load.js

@@ -21,7 +21,7 @@ function topic_plus_load(name, sub, num) {
 
                 // https://programmingsummaries.tistory.com/379
                 var options = {
-                    body: 'New ' + n_num + ' topic'
+                    body: '#' + n_num
                 }
                
                 var notification = new Notification("openNAMU", options);
@@ -30,6 +30,20 @@ function topic_plus_load(name, sub, num) {
                     notification.close();
                 }, 5000);
 
+                xhr_2.onreadystatechange = function() {
+                    if(xhr_2.readyState === 4 && xhr_2.status === 200) {
+                        markup = JSON.parse(xhr_2.responseText)['markup'];
+    
+                        if(markup === 'markdown') {
+                            render_markdown();
+                        } else {
+                            for(var key in t_data) {
+                                render_html('topic_' + String(key) + '-');
+                            }
+                        }
+                    }
+                }
+
                 topic_plus_load(name, sub, String(Number(num) + 1));
                 clearInterval(test);
             }

views/marisa/css/dark.css

@@ -26,4 +26,20 @@ textarea, input, button, select {
 #mobile_search_input, #mobile_search_input::placeholder {
     background: gray;
     color: white;
+}
+
+#toron_color_grey, code {
+    background: #4a4a4a;
+}
+
+#toron_color_green {
+    background: #2e4a2e;
+}
+
+#toron_color_red {
+    background: #803737;
+}
+
+#toron_color_blue {
+    background: #314c56;
 }

views/marisa/css/main.css

@@ -3,7 +3,7 @@ body {
     word-break: break-all;
     word-wrap: break-word;
     margin: 0;
-    font-family: 'Noto Sans KR', '나눔고딕', 'Nanum Gothic', 'Malgun Gothic', '맑은 고딕', sans-serif;
+    font-family: '나눔고딕', 'Nanum Gothic', 'Noto Sans KR', 'Malgun Gothic', '맑은 고딕', sans-serif;
 }
 
 ul {
@@ -11,10 +11,6 @@ ul {
     padding-left: 10px;
 }
 
-input {
-    padding: 5px;
-}
-
 select {
     padding: 5px;
 }
@@ -29,6 +25,7 @@ button {
     border: 2px solid gainsboro;
     background: white;
     cursor: pointer;
+    border-radius: 10px;
 }
 
 code {
@@ -343,29 +340,17 @@ a {
     border-radius: 10px;
 }
 
-pre {
+pre, #toc, #cate, #redirect {
     border: 2px solid gainsboro;
     border-radius: 10px;
 }
 
-textarea {
-    border: 2px solid gainsboro;
-    font-family: 'Noto Sans KR', '나눔고딕', 'Nanum Gothic', 'Malgun Gothic', '맑은 고딕', sans-serif;
-    padding: 0;
-}
-
-input {
-    border: 2px solid gainsboro;
-    font-family: 'Noto Sans KR', '나눔고딕', 'Nanum Gothic', 'Malgun Gothic', '맑은 고딕', sans-serif;
-}
-
-#toc {
-    border: 2px solid gainsboro;
-    border-radius: 10px;
-}
-
-#cate, #redirect {
+textarea, input {
     border: 2px solid gainsboro;
+    font-family: '나눔고딕', 'Nanum Gothic', 'Noto Sans KR', 'Malgun Gothic', '맑은 고딕', sans-serif;
+    border-radius: inherit;
+    padding: 5px;
+    margin-left: -5px;
     border-radius: 10px;
 }
 
@@ -416,8 +401,8 @@ blockquote {
 }
 
 #out_link::before {
-    content: 'ⓔ';
-    font-weight: 900;
+    content: '🅴';
+    font-weight: lighter;
     background: transparent;
     color: green;
 }

views/marisa/index.html

@@ -4,18 +4,17 @@
         <meta charset="utf-8">
         <title>{{imp[0]}} - {{imp[1][0]}}</title>
         {{imp[3][3]|safe}}
-        <link rel="stylesheet" href="/views/marisa/css/main.css?ver=3">
+        <link rel="stylesheet" href="/views/marisa/css/main.css?ver=5">
         <script src="/views/marisa/js/search.js?ver=1"></script>
         <script src="/views/marisa/js/skin_set.js?ver=2"></script>
         <script src="/views/marisa/js/main.js?ver=1"></script>
         <script>window.onload = function () { search_do(); skin_set(); }</script>
         <script src="https://code.iconify.design/1/1.0.3/iconify.min.js"></script>
-        <link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Noto+Sans+KR&display=swap">
         <link rel="shortcut icon" href="/views/main_css/file/favicon.ico?ver=1">
         {{imp[1][5]|safe}}
         {{imp[2][3]|safe}}
         <meta name="title" content="{{imp[0]}} - {{imp[1][0]}}">
-        <meta name="keywords" content="{{imp[1][0]}}">
+        <meta name="keywords" content="{{imp[0]}}">
         <meta name="description" content="{{data|cut_100}}">
         <meta name="viewport" content="width=device-width, initial-scale=1">
     </head>
@@ -29,18 +28,18 @@
                     <div id="top_tool" class="not_mobile">
                         <div id="top_tool_cel">
                             <a href="javascript:void(0);" onclick="opening('recent_cel');">
-                                <span class="iconify" data-icon="octicon:clock" data-inline="true"></span>
+                                <span class="iconify" data-icon="ic:baseline-access-time" data-inline="true"></span>
                                 {{'recent'|load_lang}}
-                                <span class="iconify" data-icon="octicon:chevron-down" data-inline="true"></span>
+                                <span class="iconify" data-icon="ic:baseline-arrow-drop-down" data-inline="true"></span>
                             </a>
                             <div id="recent_cel" class="cel_in_cel" style="display: none;">
                                 <a href="/recent_changes">
-                                    <span class="iconify" data-icon="octicon:sync" data-inline="true"></span>
+                                    <span class="iconify" data-icon="ic:baseline-autorenew" data-inline="true"></span>
                                     {{'edit'|load_lang}}
                                 </a>
                                 <hr>
                                 <a href="/recent_discuss">
-                                    <span class="iconify" data-icon="octicon:comment" data-inline="true"></span>
+                                    <span class="iconify" data-icon="ic:baseline-add-comment" data-inline="true"></span>
                                     {{'discussion'|load_lang}}
                                 </a>
                             </div>
@@ -48,23 +47,23 @@
                          
                         <div id="top_tool_cel">
                             <a href="javascript:void(0);" onclick="opening('other_cel');">
-                                <span class="iconify" data-icon="octicon:package" data-inline="true"></span>
+                                <span class="iconify" data-icon="ic:baseline-archive" data-inline="true"></span>
                                 {{'other'|load_lang}}
-                                <span class="iconify" data-icon="octicon:chevron-down" data-inline="true"></span>
+                                <span class="iconify" data-icon="ic:baseline-arrow-drop-down" data-inline="true"></span>
                             </a>
                             <div id="other_cel" class="cel_in_cel" style="display: none;">
                                 <a href="/random">
-                                    <span class="iconify" data-icon="octicon:repo-push" data-inline="true"></span>
+                                    <span class="iconify" data-icon="ic:baseline-shuffle" data-inline="true"></span>
                                     {{'random'|load_lang}}
                                 </a>
                                 <hr>
                                 <a href="/other">
-                                    <span class="iconify" data-icon="octicon:tools" data-inline="true"></span>
+                                    <span class="iconify" data-icon="ic:baseline-build" data-inline="true"></span>
                                     {{'tool'|load_lang}}
                                 </a>
                                 <hr>
                                 <a href="/skin_set">
-                                    <span class="iconify" data-icon="octicon:settings" data-inline="true"></span>
+                                    <span class="iconify" data-icon="ic:baseline-settings" data-inline="true"></span>
                                     {{'skin_setting'|load_lang}}
                                 </a>
                             </div>
@@ -74,12 +73,12 @@
                             <a href="/user">
                                 {% if imp[2][2] == 1 %}
                                     {% if imp[2][8] != '0' %}
-                                        <span class="iconify" data-icon="octicon:megaphone" data-inline="true"></span>
+                                        <span class="iconify" data-icon="ic:baseline-add-alert" data-inline="true"></span>
                                     {% else %}
-                                        <span class="iconify" data-icon="octicon:person" data-inline="true"></span>
+                                        <span class="iconify" data-icon="ic:baseline-person-add" data-inline="true"></span>
                                     {% endif %}
                                 {% else %}
-                                    <span class="iconify" data-icon="octicon:x" data-inline="true"></span>
+                                    <span class="iconify" data-icon="ic:baseline-person" data-inline="true"></span>
                                 {% endif %}
                                 {{imp[2][5]}}
                             </a>
@@ -89,18 +88,18 @@
                             <input id="search_input" name="search" placeholder="{{'search'|load_lang}}" autocomplete="off" type="search">
                             |
                             <button type="submit" formaction="/goto">
-                                <span class="iconify" data-icon="octicon:clippy" data-inline="true"></span>
+                                <span class="iconify" data-icon="ic:round-find-in-page" data-inline="true"></span>
                             </button>
                             |
                             <button type="submit" formaction="/search">
-                                <span class="iconify" data-icon="octicon:search" data-inline="true"></span>
+                                <span class="iconify" data-icon="ic:baseline-search" data-inline="true"></span>
                             </button>
                             <div id="pre_search" style="display: none;"></div>
                         </form>
                     </div>
                     <div id="top_tool_mobile" class="is_mobile">
                         <a href="javascript:void(0);" onclick="opening('mobile_menu');">
-                            <span class="iconify" data-icon="octicon:repo-push" data-inline="true"></span> {{'tool'|load_lang}}
+                            <span class="iconify" data-icon="ic:baseline-reorder" data-inline="true"></span> {{'tool'|load_lang}}
                         </a>
                     </div>
                 </div>
@@ -111,15 +110,15 @@
                         <input id="mobile_search_input" name="search" placeholder="{{'search'|load_lang}}" autocomplete="off" type="search">
                         <br>
                         <button id="mobile_button_first" type="submit" formaction="/goto">
-                            <span class="iconify" data-icon="octicon:clippy" data-inline="true"></span>
+                            <span class="iconify" data-icon="ic:round-find-in-page" data-inline="true"></span>
                         </button>
                         |
                         <button type="submit" formaction="/search">
-                            <span class="iconify" data-icon="octicon:search" data-inline="true"></span>
+                            <span class="iconify" data-icon="ic:baseline-search" data-inline="true"></span>
                         </button>
                         |
                         <a href="javascript:void(0);" onclick="opening('mobile_menu');">
-                            <span class="iconify" data-icon="octicon:repo-pull" data-inline="true"></span>
+                            <span class="iconify" data-icon="ic:baseline-reorder" data-inline="true"></span>
                         </a>
                     </form>
                     <h2>{{'recent'|load_lang}}</h2>
@@ -152,7 +151,7 @@
                         </div>
                     {% endif %}
                     <h1 id="title">
-                        {{imp[0]}}
+                        {{imp[0]|change_space}}
                         {% if imp[3][0] != 0 %}
                             <sub>{{imp[3][0]}}</sub>
                         {% endif %}
@@ -195,17 +194,17 @@
         <div id="nav_bar">
             <div id="go_top">
                 <a href="#top">
-                    <span class="iconify" data-icon="octicon:arrow-up" data-inline="true"></span>
+                    <span class="iconify" data-icon="ic:baseline-arrow-upward" data-inline="true"></span>
                 </a>                  
             </div>
             <div id="go_bottom">
                 <a href="#bottom">
-                    <span class="iconify" data-icon="octicon:arrow-down" data-inline="true"></span>
+                    <span class="iconify" data-icon="ic:baseline-arrow-downward" data-inline="true"></span>
                 </a>
             </div>
             <div id="go_toc">
                 <a href="#toc">
-                    <span class="iconify" data-icon="octicon:list-unordered" data-inline="true"></span>
+                    <span class="iconify" data-icon="ic:baseline-list" data-inline="true"></span>
                 </a>
             </div>                                    
         </div>

views/marisa/info.json

@@ -1,5 +1,5 @@
 {
     "name" : "Marisa",
-    "skin_ver" : "v1.0.9",
-    "require_ver" : "3"
+    "skin_ver" : "v1.1.2",
+    "require_ver" : "5"
 }

views/marisa/js/search.js

@@ -3,7 +3,7 @@ function search_do() {
         var data = document.getElementById("search_input").value;
         if(before !== data && data !== '') {
             before = data;
-            var url = "/api/search/" + encodeURI(data) + "?num=10";
+            var url = "/api/search/" + encodeURI(data);
         
             var xhr = new XMLHttpRequest();
             xhr.open("GET", url, true);
@@ -18,7 +18,7 @@ function search_do() {
 
                     if(this.responseText !== "{}\n") {
                         for(key in get_data) {
-                            document.getElementById("pre_search").innerHTML += '<a href="/w/' + encodeURI(get_data[key][0]) + '">' + get_data[key][0] + '</a><br>';
+                            document.getElementById("pre_search").innerHTML += '<a href="/w/' + encodeURI(get_data[key][0]).replace('#', '%23') + '">' + get_data[key][0] + '</a><br>';
                         }
                     } else {
                         document.getElementById("pre_search").style.display = 'none';