1<?php 2 3namespace dokuwiki; 4 5use dokuwiki\Extension\Event; 6use dokuwiki\Search\MetadataSearch; 7use dokuwiki\Ui\MediaDiff; 8use dokuwiki\Ui\Index; 9use dokuwiki\Ui; 10use dokuwiki\Utf8\Sort; 11 12/** 13 * Manage all builtin AJAX calls 14 * 15 * @todo The calls should be refactored out to their own proper classes 16 * @package dokuwiki 17 */ 18class Ajax 19{ 20 /** 21 * Execute the given call 22 * 23 * @param string $call name of the ajax call 24 */ 25 public function __construct($call) 26 { 27 $callfn = 'call' . ucfirst($call); 28 if (method_exists($this, $callfn)) { 29 $this->$callfn(); 30 } else { 31 $evt = new Event('AJAX_CALL_UNKNOWN', $call); 32 if ($evt->advise_before()) { 33 echo "AJAX call '" . hsc($call) . "' unknown!\n"; 34 } else { 35 $evt->advise_after(); 36 unset($evt); 37 } 38 } 39 } 40 41 /** 42 * Searches for matching pagenames 43 * 44 * @author Andreas Gohr <andi@splitbrain.org> 45 */ 46 protected function callQsearch() 47 { 48 global $lang; 49 global $INPUT; 50 51 $maxnumbersuggestions = 50; 52 53 $query = $INPUT->post->str('q'); 54 if (empty($query)) $query = $INPUT->get->str('q'); 55 if (empty($query)) return; 56 57 $query = urldecode($query); 58 $data = (new MetadataSearch())->pageLookup($query, true, useHeading('navigation')); 59 60 if ($data === []) return; 61 62 echo '<strong>' . $lang['quickhits'] . '</strong>'; 63 echo '<ul>'; 64 $counter = 0; 65 foreach ($data as $id => $title) { 66 if (useHeading('navigation')) { 67 $name = $title; 68 } else { 69 $ns = getNS($id); 70 if ($ns) { 71 $name = noNS($id) . ' (' . $ns . ')'; 72 } else { 73 $name = $id; 74 } 75 } 76 echo '<li>' . html_wikilink(':' . $id, $name) . '</li>'; 77 78 $counter++; 79 if ($counter > $maxnumbersuggestions) { 80 echo '<li>...</li>'; 81 break; 82 } 83 } 84 echo '</ul>'; 85 } 86 87 /** 88 * Support OpenSearch suggestions 89 * 90 * @link http://www.opensearch.org/Specifications/OpenSearch/Extensions/Suggestions/1.0 91 * @author Mike Frysinger <vapier@gentoo.org> 92 */ 93 protected function callSuggestions() 94 { 95 global $INPUT; 96 97 $query = cleanID($INPUT->post->str('q')); 98 if (empty($query)) $query = cleanID($INPUT->get->str('q')); 99 if (empty($query)) return; 100 101 $data = (new MetadataSearch())->pageLookup($query); 102 if ($data === []) return; 103 $data = array_keys($data); 104 105 // limit results to 15 hits 106 $data = array_slice($data, 0, 15); 107 $data = array_map(trim(...), $data); 108 $data = array_map(noNS(...), $data); 109 $data = array_unique($data); 110 Sort::sort($data); 111 112 /* now construct a json */ 113 $suggestions = [ 114 $query, // the original query 115 $data, // some suggestions 116 [], // no description 117 [], // no urls 118 ]; 119 120 header('Content-Type: application/x-suggestions+json'); 121 echo json_encode($suggestions, JSON_THROW_ON_ERROR); 122 } 123 124 /** 125 * Refresh a page lock and save draft 126 * 127 * Andreas Gohr <andi@splitbrain.org> 128 */ 129 protected function callLock() 130 { 131 global $ID; 132 global $INFO; 133 global $INPUT; 134 135 $ID = cleanID($INPUT->post->str('id')); 136 if (empty($ID)) return; 137 138 $response = [ 139 'errors' => [], 140 'lock' => '0', 141 'draft' => '', 142 ]; 143 144 if (!checkSecurityToken()) { 145 $response['errors'][] = 'Security token did not match. Please reload the page and try again.'; 146 echo json_encode($response, JSON_THROW_ON_ERROR); 147 return; 148 } 149 150 $INFO = pageinfo(); 151 152 if (!$INFO['writable']) { 153 $response['errors'][] = 'Permission to write this page has been denied.'; 154 echo json_encode($response); 155 return; 156 } 157 158 if (!checklock($ID)) { 159 lock($ID); 160 $response['lock'] = '1'; 161 } 162 163 $draft = new Draft($ID, $INFO['client']); 164 if ($draft->saveDraft()) { 165 $response['draft'] = $draft->getDraftMessage(); 166 } else { 167 $response['errors'] = array_merge($response['errors'], $draft->getErrors()); 168 } 169 echo json_encode($response, JSON_THROW_ON_ERROR); 170 } 171 172 /** 173 * Delete a draft 174 * 175 * @author Andreas Gohr <andi@splitbrain.org> 176 */ 177 protected function callDraftdel() 178 { 179 global $INPUT; 180 $id = cleanID($INPUT->str('id')); 181 if (empty($id)) return; 182 183 $client = $INPUT->server->str('REMOTE_USER'); 184 if (!$client) $client = clientIP(true); 185 186 $draft = new Draft($id, $client); 187 if ($draft->isDraftAvailable() && checkSecurityToken()) { 188 $draft->deleteDraft(); 189 } 190 } 191 192 /** 193 * Return subnamespaces for the Mediamanager 194 * 195 * @author Andreas Gohr <andi@splitbrain.org> 196 */ 197 protected function callMedians() 198 { 199 global $conf; 200 global $INPUT; 201 202 // wanted namespace 203 $ns = cleanID($INPUT->post->str('ns')); 204 $dir = utf8_encodeFN(str_replace(':', '/', $ns)); 205 206 $lvl = count(explode(':', $ns)); 207 208 $data = []; 209 search($data, $conf['mediadir'], 'search_index', ['nofiles' => true], $dir); 210 foreach (array_keys($data) as $item) { 211 $data[$item]['level'] = $lvl + 1; 212 } 213 echo html_buildlist($data, 'idx', 'media_nstree_item', 'media_nstree_li'); 214 } 215 216 /** 217 * Return list of files for the Mediamanager 218 * 219 * @author Andreas Gohr <andi@splitbrain.org> 220 */ 221 protected function callMedialist() 222 { 223 global $NS; 224 global $INPUT; 225 226 $NS = cleanID($INPUT->post->str('ns')); 227 $sort = $INPUT->post->bool('recent') ? 'date' : 'natural'; 228 if ($INPUT->post->str('do') == 'media') { 229 tpl_mediaFileList(); 230 } else { 231 tpl_mediaContent(true, $sort); 232 } 233 } 234 235 /** 236 * Return the content of the right column 237 * (image details) for the Mediamanager 238 * 239 * @author Kate Arzamastseva <pshns@ukr.net> 240 */ 241 protected function callMediadetails() 242 { 243 global $IMG, $JUMPTO, $REV, $fullscreen, $INPUT; 244 $fullscreen = true; 245 require_once(DOKU_INC . 'lib/exe/mediamanager.php'); 246 247 $image = ''; 248 if ($INPUT->has('image')) $image = cleanID($INPUT->str('image')); 249 if (isset($IMG)) $image = $IMG; 250 if (isset($JUMPTO)) $image = $JUMPTO; 251 $rev = false; 252 if (isset($REV) && !$JUMPTO) $rev = $REV; 253 254 html_msgarea(); 255 tpl_mediaFileDetails($image, $rev); 256 } 257 258 /** 259 * Returns image diff representation for mediamanager 260 * 261 * @author Kate Arzamastseva <pshns@ukr.net> 262 */ 263 protected function callMediadiff() 264 { 265 global $INPUT; 266 267 $image = ''; 268 if ($INPUT->has('image')) $image = cleanID($INPUT->str('image')); 269 (new MediaDiff($image))->preference('fromAjax', true)->show(); 270 } 271 272 /** 273 * Manages file uploads 274 * 275 * @author Kate Arzamastseva <pshns@ukr.net> 276 */ 277 protected function callMediaupload() 278 { 279 global $NS, $MSG, $INPUT; 280 281 $id = ''; 282 if (isset($_FILES['qqfile']['tmp_name'])) { 283 $id = $INPUT->post->str('mediaid', $_FILES['qqfile']['name']); 284 } elseif ($INPUT->get->has('qqfile')) { 285 $id = $INPUT->get->str('qqfile'); 286 } 287 288 $id = cleanID($id); 289 290 $NS = $INPUT->filter('cleanID')->str('ns'); 291 $ns = $NS . ':' . getNS($id); 292 293 $AUTH = auth_quickaclcheck("$ns:*"); 294 if ($AUTH >= AUTH_UPLOAD) { 295 io_createNamespace("$ns:xxx", 'media'); 296 } 297 298 if (isset($_FILES['qqfile']['error']) && $_FILES['qqfile']['error']) unset($_FILES['qqfile']); 299 300 $res = false; 301 if (isset($_FILES['qqfile']['tmp_name'])) $res = media_upload($NS, $AUTH, $_FILES['qqfile']); 302 if ($INPUT->get->has('qqfile')) $res = media_upload_xhr($NS, $AUTH); 303 304 if ($res) { 305 $result = [ 306 'success' => true, 307 'link' => media_managerURL(['ns' => $ns, 'image' => $NS . ':' . $id], '&'), 308 'id' => $NS . ':' . $id, 309 'ns' => $NS 310 ]; 311 } else { 312 $error = ''; 313 if (isset($MSG)) { 314 foreach ($MSG as $msg) { 315 $error .= $msg['msg']; 316 } 317 } 318 $result = ['error' => $error, 'ns' => $NS]; 319 } 320 321 header('Content-Type: application/json'); 322 echo json_encode($result, JSON_THROW_ON_ERROR); 323 } 324 325 /** 326 * Return sub index for index view 327 * 328 * @author Andreas Gohr <andi@splitbrain.org> 329 */ 330 protected function callIndex() 331 { 332 global $conf; 333 global $INPUT; 334 335 // wanted namespace 336 $ns = cleanID($INPUT->post->str('idx')); 337 $dir = utf8_encodeFN(str_replace(':', '/', $ns)); 338 339 $lvl = count(explode(':', $ns)); 340 341 $data = []; 342 search($data, $conf['datadir'], 'search_index', ['ns' => $ns], $dir); 343 foreach (array_keys($data) as $item) { 344 $data[$item]['level'] = $lvl + 1; 345 } 346 $idx = new Index(); 347 echo html_buildlist($data, 'idx', $idx->formatListItem(...), $idx->tagListItem(...)); 348 } 349 350 /** 351 * List matching namespaces and pages for the link wizard 352 * 353 * @author Andreas Gohr <gohr@cosmocode.de> 354 */ 355 protected function callLinkwiz() 356 { 357 global $conf; 358 global $lang; 359 global $INPUT; 360 361 $q = ltrim(trim($INPUT->post->str('q')), ':'); 362 $id = noNS($q); 363 $ns = getNS($q); 364 365 $ns = cleanID($ns); 366 367 $id = cleanID($id); 368 369 $nsd = utf8_encodeFN(str_replace(':', '/', $ns)); 370 371 $data = []; 372 if ($q !== '' && $ns === '') { 373 // use index to lookup matching pages 374 $pages = (new MetadataSearch())->pageLookup($id, true); 375 376 // If 'useheading' option is 'always' or 'content', 377 // search page titles with original query as well. 378 if ($conf['useheading'] == '1' || $conf['useheading'] == 'content') { 379 $pages = array_merge($pages, (new MetadataSearch())->pageLookup($q, true, true)); 380 asort($pages, SORT_STRING); 381 } 382 383 // result contains matches in pages and namespaces 384 // we now extract the matching namespaces to show 385 // them seperately 386 $dirs = []; 387 388 foreach ($pages as $pid => $title) { 389 if (str_contains(getNS($pid), $id)) { 390 // match was in the namespace 391 $dirs[getNS($pid)] = 1; // assoc array avoids dupes 392 } else { 393 // it is a matching page, add it to the result 394 $data[] = ['id' => $pid, 'title' => $title, 'type' => 'f']; 395 } 396 unset($pages[$pid]); 397 } 398 foreach (array_keys($dirs) as $dir) { 399 $data[] = ['id' => $dir, 'type' => 'd']; 400 } 401 } else { 402 $opts = [ 403 'depth' => 1, 404 'listfiles' => true, 405 'listdirs' => true, 406 'pagesonly' => true, 407 'firsthead' => true, 408 'sneakyacl' => $conf['sneaky_index'] 409 ]; 410 if ($id) $opts['filematch'] = '^.*\/' . $id; 411 if ($id) $opts['dirmatch'] = '^.*\/' . $id; 412 search($data, $conf['datadir'], 'search_universal', $opts, $nsd); 413 414 // add back to upper 415 if ($ns) { 416 array_unshift( 417 $data, 418 ['id' => getNS($ns), 'type' => 'u'] 419 ); 420 } 421 } 422 423 // fixme sort results in a useful way ? 424 425 if ($data === []) { 426 echo $lang['nothingfound']; 427 exit; 428 } 429 430 // output the found data 431 $even = 1; 432 foreach ($data as $item) { 433 $even *= -1; //zebra 434 435 if (($item['type'] == 'd' || $item['type'] == 'u') && $item['id'] !== '') $item['id'] .= ':'; 436 $link = wl($item['id']); 437 438 echo '<div class="' . (($even > 0) ? 'even' : 'odd') . ' type_' . $item['type'] . '">'; 439 440 if ($item['type'] == 'u') { 441 $name = $lang['upperns']; 442 } else { 443 $name = hsc($item['id']); 444 } 445 446 echo '<a href="' . $link . '" title="' . hsc($item['id']) . '" class="wikilink1">' . $name . '</a>'; 447 448 if (!blank($item['title'])) { 449 echo '<span>' . hsc($item['title']) . '</span>'; 450 } 451 echo '</div>'; 452 } 453 } 454} 455