1<?php 2/* 3 * 4 * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) 5 * @author Jason Grout <jason-doku@creativetrax.com>> 6 * 7 * Modifications by Sergio (1 Apr 2007), an unidentified author, 8 * and Niko Paltzer (15 Jan 2010). 9 * 10 * brought up-to-date with current Dokuwiki Event changes 11 * and event handling by Myron Turner (April 7 2011); 12 * new security features (September 2 2011) 13 * turnermm02@shaw.ca 14 */ 15 16// must be run within Dokuwiki 17if(!defined('DOKU_INC')) die(); 18 19if(!defined('DOKU_PLUGIN')) define('DOKU_PLUGIN',DOKU_INC.'lib/plugins/'); 20 21class action_plugin_newpagetemplate extends DokuWiki_Action_Plugin { 22 var $done = false; 23 var $allow = true; 24 /** 25 * return some info 26 */ 27 function getInfo(){ 28 return array( 29 'author' => 'Jason Grout, Myron Turner', 30 'email' => 'jason-doku@creativetrax.com', 31 'date' => '2007-02-24', 32 'name' => 'newpagetemplate', 33 'desc' => 'Loads into the new page creation box a template specified in the $_REQUEST "newpagetemplate" parameter (i.e., can be passed in the URL or as a form value).', 34 'url' => '', 35 ); 36 } 37 38 /** 39 * register the eventhandlers 40 * Modified by 41 * @author Myron Turner 42 * turnermm02@shaw.ca 43 */ 44 function register(Doku_Event_Handler $contr){ 45 46 $contr->register_hook('COMMON_PAGE_FROMTEMPLATE', 'BEFORE', $this, 'pagefromtemplate', array()); 47 $contr->register_hook('COMMON_PAGETPL_LOAD', 'BEFORE', $this, 'pagefromtemplate', array()); 48 $contr->register_hook('DOKUWIKI_STARTED', 'AFTER', $this, 'check_acl', array()); 49 $contr->register_hook('TPL_CONTENT_DISPLAY', 'BEFORE', $this, 'write_msg', array()); 50 $contr->register_hook('HTML_PAGE_FROMTEMPLATE', 'BEFORE', $this, 'pagefromtemplate', array()); 51 } 52 53 /** 54 * pagefromtemplate 55 * Modified by 56 * @author Myron Turner 57 * turnermm02@shaw.ca 58 */ 59 60 function pagefromtemplate(Doku_Event $event, $param) { 61 if($this->done) return; 62 $this->done=true; 63 64 global $INPUT; 65 $template = trim($INPUT->str('newpagetemplate')); 66 67 if(!empty($template)) { 68 if(!$this->allow) { 69 return; 70 } 71 global $conf; 72 global $INFO; 73 global $ID; 74 75 $tpl = io_readFile(wikiFN($template)); 76 77 if($this->getConf('userreplace')) { 78 $stringvars = array_map( 79 function($v) { 80 return sexplode(',', $v, 2, ''); 81 }, 82 explode(';', $INPUT->str('newpagevars')) 83 ); 84 foreach($stringvars as $value) { 85 $tpl = str_replace(trim($value[0]),hsc(trim($value[1])),$tpl); 86 } 87 } 88 89 if($this->getConf('standardreplace')) { 90 // replace placeholders 91 $file = noNS($ID); 92 $page = cleanID($file) ; 93 if($this->getConf('prettytitles')) { 94 $title= str_replace('_',' ',$page); 95 } 96 else { 97 $title = $page; 98 } 99 100 if(class_exists('\dokuwiki\\Utf8\PhpString')) { 101 $ucfirst = '\dokuwiki\Utf8\PhpString::ucfirst'; 102 $ucwords = '\dokuwiki\\Utf8\PhpString::ucwords'; 103 $ucupper = '\dokuwiki\\Utf8\PhpString::strtoupper'; 104 } 105 else { 106 $ucfirst = 'utf8_ucfirst'; 107 $ucwords = 'utf8_ucwords'; 108 $ucupper = 'utf8_strtoupper'; 109 } 110 111 $tpl = str_replace(array( 112 '@ID@', 113 '@NS@', 114 '@CURNS@', 115 '@!CURNS@', 116 '@!!CURNS@', 117 '@!CURNS!@', 118 '@FILE@', 119 '@!FILE@', 120 '@!FILE!@', 121 '@PAGE@', 122 '@!PAGE@', 123 '@!!PAGE@', 124 '@!PAGE!@', 125 '@USER@', 126 '@NAME@', 127 '@MAIL@', 128 '@DATE@', 129 '@EVENT@' 130 ), 131 array( 132 $ID, 133 getNS($ID), 134 curNS($ID), 135 $ucfirst(curNS($ID)), 136 $ucwords(curNS($ID)), 137 $ucupper(curNS($ID)), 138 $file, 139 $ucfirst($file), 140 $ucupper($file), 141 $page, 142 $ucfirst($title), 143 $ucwords($title), 144 $ucupper($title), 145 $_SERVER['REMOTE_USER'], 146 $INFO['userinfo']['name'], 147 $INFO['userinfo']['mail'], 148 $conf['dformat'], 149 $event->name , 150 ), 151 $tpl 152 ); 153 154 // we need the callback to work around strftime's char limit 155 $tpl = preg_replace_callback('/%./', 156 function ($m) { 157 return strftime($m[0]); 158 }, 159 $tpl 160 ); 161 } 162 if($this->getConf('skip_unset_macros')) { 163 $tpl = preg_replace("/@.*?@/ms","",$tpl); 164 } 165 if($event->name == 'HTML_PAGE_FROMTEMPLATE') { 166 $event->result=$tpl; 167 } 168 else { 169 $event->data['tpl'] = $tpl; 170 } 171 $event->preventDefault(); 172 } 173 } 174 175 public function check_acl(Doku_Event $event,$param) { 176 global $INPUT; 177 if (!$INPUT->has('newpagetemplate')) { 178 return; 179 } 180 181 $pq = trim($INPUT->str('newpagetemplate'), ':'); 182 if (auth_quickaclcheck($pq) < AUTH_CREATE) { 183 $this->allow = false; 184 } 185 } 186 187 function write_msg (&$event,$param) { 188 if($this->allow) return; 189 global $ID,$INPUT; 190 191 echo"<h1> Permission Denied </h1>"; 192 echo "You do not have access to the template " . htmlentities($INPUT->str('newpagetemplate')) . '</br>'; 193 unlock($ID); 194 $event->preventDefault(); 195 } 196} 197