xref: /dokuwiki/inc/actions.php (revision 03f008cd4edafbcb75d5f3b99bd3271caabed988) 
16b13307fSandi<?php
26b13307fSandi/**
36b13307fSandi * DokuWiki Actions
46b13307fSandi *
56b13307fSandi * @license    GPL 2 (http://www.gnu.org/licenses/gpl.html)
66b13307fSandi * @author     Andreas Gohr <andi@splitbrain.org>
76b13307fSandi */
86b13307fSandi
9fa8adffeSAndreas Gohrif(!defined('DOKU_INC')) die('meh.');
10af182434Sandi
116b13307fSandi/**
126b13307fSandi * Call the needed action handlers
136b13307fSandi *
146b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
15c9570649SAndreas Gohr * @triggers ACTION_ACT_PREPROCESS
16c9570649SAndreas Gohr * @triggers ACTION_HEADERS_SEND
176b13307fSandi */
186b13307fSandifunction act_dispatch(){
196b13307fSandi    global $ACT;
206b13307fSandi    global $ID;
216b13307fSandi    global $QUERY;
226b13307fSandi    global $lang;
2385dcda20SRobin Getz    global $conf;
246b13307fSandi
2569cd1e27SAndreas Gohr    $preact = $ACT;
2669cd1e27SAndreas Gohr
27c2e830f2Schris    // give plugins an opportunity to process the action
2824bb549bSchris    $evt = new Doku_Event('ACTION_ACT_PREPROCESS',$ACT);
2924bb549bSchris    if ($evt->advise_before()) {
30c2e830f2Schris
31af182434Sandi        //sanitize $ACT
32af182434Sandi        $ACT = act_clean($ACT);
33af182434Sandi
34b8957367SBenjamin Gilbert        //check if searchword was given - else just show
350868021bSAndreas Gohr        $s = cleanID($QUERY);
360868021bSAndreas Gohr        if($ACT == 'search' && empty($s)){
37b8957367SBenjamin Gilbert            $ACT = 'show';
38b8957367SBenjamin Gilbert        }
39b8957367SBenjamin Gilbert
40b8957367SBenjamin Gilbert        //login stuff
411b2a85e8SAndreas Gohr        if(in_array($ACT,array('login','logout'))){
42b8957367SBenjamin Gilbert            $ACT = act_auth($ACT);
431b2a85e8SAndreas Gohr        }
44b8957367SBenjamin Gilbert
451380fc45SAndreas Gohr        //check if user is asking to (un)subscribe a page
465b75cd1fSAdrian Lang        if($ACT == 'subscribe') {
475b75cd1fSAdrian Lang            try {
481380fc45SAndreas Gohr                $ACT = act_subscription($ACT);
495b75cd1fSAdrian Lang            } catch (Exception $e) {
505b75cd1fSAdrian Lang                msg($e->getMessage(), -1);
515b75cd1fSAdrian Lang            }
525b75cd1fSAdrian Lang        }
5352b0dd67SGuy Brand
544064e2d3SRobin Getz        //display some infos
554064e2d3SRobin Getz        if($ACT == 'check'){
564064e2d3SRobin Getz            check();
574064e2d3SRobin Getz            $ACT = 'show';
584064e2d3SRobin Getz        }
594064e2d3SRobin Getz
606b13307fSandi        //check permissions
616b13307fSandi        $ACT = act_permcheck($ACT);
626b13307fSandi
63c4f79b71SMichael Hamann        //sitemap
64eae17177SMichael Hamann        if ($ACT == 'sitemap'){
65c4f79b71SMichael Hamann            $ACT = act_sitemap($ACT);
66eae17177SMichael Hamann        }
67c4f79b71SMichael Hamann
68b8957367SBenjamin Gilbert        //register
69b3510079SAndreas Gohr        if($ACT == 'register' && $_POST['save'] && register()){
70b8957367SBenjamin Gilbert            $ACT = 'login';
71b8957367SBenjamin Gilbert        }
726b13307fSandi
738b06d178Schris        if ($ACT == 'resendpwd' && act_resendpwd()) {
748b06d178Schris            $ACT = 'login';
758b06d178Schris        }
768b06d178Schris
778b06d178Schris        //update user profile
7825b2a98cSMichael Klier        if ($ACT == 'profile') {
7925b2a98cSMichael Klier            if(!$_SERVER['REMOTE_USER']) {
8025b2a98cSMichael Klier                $ACT = 'login';
8125b2a98cSMichael Klier            } else {
8225b2a98cSMichael Klier                if(updateprofile()) {
834cb79657SMatthias Grimm                    msg($lang['profchanged'],1);
844cb79657SMatthias Grimm                    $ACT = 'show';
858b06d178Schris                }
8625b2a98cSMichael Klier            }
8725b2a98cSMichael Klier        }
888b06d178Schris
891246e016SAndreas Gohr        //revert
901246e016SAndreas Gohr        if($ACT == 'revert'){
911246e016SAndreas Gohr            if(checkSecurityToken()){
921246e016SAndreas Gohr                $ACT = act_revert($ACT);
931246e016SAndreas Gohr            }else{
941246e016SAndreas Gohr                $ACT = 'show';
951246e016SAndreas Gohr            }
961246e016SAndreas Gohr        }
971246e016SAndreas Gohr
986b13307fSandi        //save
991b2a85e8SAndreas Gohr        if($ACT == 'save'){
1001b2a85e8SAndreas Gohr            if(checkSecurityToken()){
1016b13307fSandi                $ACT = act_save($ACT);
1021b2a85e8SAndreas Gohr            }else{
1031b2a85e8SAndreas Gohr                $ACT = 'show';
1041b2a85e8SAndreas Gohr            }
1051b2a85e8SAndreas Gohr        }
1066b13307fSandi
107067c5d22SBen Coburn        //cancel conflicting edit
108067c5d22SBen Coburn        if($ACT == 'cancel')
109067c5d22SBen Coburn            $ACT = 'show';
110067c5d22SBen Coburn
111ee4c4a1bSAndreas Gohr        //draft deletion
112ee4c4a1bSAndreas Gohr        if($ACT == 'draftdel')
113ee4c4a1bSAndreas Gohr            $ACT = act_draftdel($ACT);
114ee4c4a1bSAndreas Gohr
115ee4c4a1bSAndreas Gohr        //draft saving on preview
116ee4c4a1bSAndreas Gohr        if($ACT == 'preview')
117ee4c4a1bSAndreas Gohr            $ACT = act_draftsave($ACT);
118ee4c4a1bSAndreas Gohr
1196b13307fSandi        //edit
120c9d5430bSAdrian Lang        if(in_array($ACT, array('edit', 'preview', 'recover'))) {
121af182434Sandi            $ACT = act_edit($ACT);
1226b13307fSandi        }else{
1236b13307fSandi            unlock($ID); //try to unlock
1246b13307fSandi        }
1256b13307fSandi
1266b13307fSandi        //handle export
127ac83b9d8Sandi        if(substr($ACT,0,7) == 'export_')
1286b13307fSandi            $ACT = act_export($ACT);
1296b13307fSandi
130c19fe9c0Sandi        //handle admin tasks
131c19fe9c0Sandi        if($ACT == 'admin'){
13211e2ce22Schris            // retrieve admin plugin name from $_REQUEST['page']
133bb4866bdSchris            if (!empty($_REQUEST['page'])) {
13411e2ce22Schris                $pluginlist = plugin_list('admin');
13511e2ce22Schris                if (in_array($_REQUEST['page'], $pluginlist)) {
13611e2ce22Schris                    // attempt to load the plugin
13749eb6e38SAndreas Gohr                    if ($plugin =& plugin_load('admin',$_REQUEST['page']) !== null)
13811e2ce22Schris                        $plugin->handle();
13911e2ce22Schris                }
14011e2ce22Schris            }
141c19fe9c0Sandi        }
1425f312bacSAndreas Gohr
1435f312bacSAndreas Gohr        // check permissions again - the action may have changed
1445f312bacSAndreas Gohr        $ACT = act_permcheck($ACT);
14524bb549bSchris    }  // end event ACTION_ACT_PREPROCESS default action
14624bb549bSchris    $evt->advise_after();
14785dcda20SRobin Getz    // Make sure plugs can handle 'denied'
14885dcda20SRobin Getz    if($conf['send404'] && $ACT == 'denied') {
14985dcda20SRobin Getz        header('HTTP/1.0 403 Forbidden');
15085dcda20SRobin Getz    }
15124bb549bSchris    unset($evt);
152c19fe9c0Sandi
15346c0ed74SMichael Hamann    // when action 'show', the intial not 'show' and POST, do a redirect
15446c0ed74SMichael Hamann    if($ACT == 'show' && $preact != 'show' && strtolower($_SERVER['REQUEST_METHOD']) == 'post'){
15569cd1e27SAndreas Gohr        act_redirect($ID,$preact);
15669cd1e27SAndreas Gohr    }
1575f312bacSAndreas Gohr
158c346111aSAdrian Lang    global $INFO;
159c346111aSAdrian Lang    global $conf;
160c346111aSAdrian Lang    global $license;
161c346111aSAdrian Lang
1626b13307fSandi    //call template FIXME: all needed vars available?
163f63a2007Schris    $headers[] = 'Content-Type: text/html; charset=utf-8';
164746855cfSBen Coburn    trigger_event('ACTION_HEADERS_SEND',$headers,'act_sendheaders');
165f63a2007Schris
1665a892029SAndreas Gohr    include(template('main.php'));
167c19fe9c0Sandi    // output for the commands is now handled in inc/templates.php
168c19fe9c0Sandi    // in function tpl_content()
1696b13307fSandi}
1706b13307fSandi
171f63a2007Schrisfunction act_sendheaders($headers) {
172f63a2007Schris    foreach ($headers as $hdr) header($hdr);
173f63a2007Schris}
174f63a2007Schris
1756b13307fSandi/**
176af182434Sandi * Sanitize the action command
177af182434Sandi *
178af182434Sandi * Add all allowed commands here.
179af182434Sandi *
180af182434Sandi * @author Andreas Gohr <andi@splitbrain.org>
181af182434Sandi */
182af182434Sandifunction act_clean($act){
183af182434Sandi    global $lang;
18460e6b550SAndreas Gohr    global $conf;
185af182434Sandi
186ee4c4a1bSAndreas Gohr    // check if the action was given as array key
187ee4c4a1bSAndreas Gohr    if(is_array($act)){
188ee4c4a1bSAndreas Gohr        list($act) = array_keys($act);
189ee4c4a1bSAndreas Gohr    }
190ee4c4a1bSAndreas Gohr
191ac83b9d8Sandi    //remove all bad chars
192ac83b9d8Sandi    $act = strtolower($act);
1932d5ccb39SAndreas Gohr    $act = preg_replace('/[^1-9a-z_]+/','',$act);
194ac83b9d8Sandi
195ac83b9d8Sandi    if($act == 'export_html') $act = 'export_xhtml';
196cc2ae802SAndreas Gohr    if($act == 'export_htmlbody') $act = 'export_xhtmlbody';
197b146b32bSandi
198396c218fSAndreas Gohr    if($act === '') $act = 'show';
199396c218fSAndreas Gohr
200409d7af7SAndreas Gohr    // check if action is disabled
201409d7af7SAndreas Gohr    if(!actionOK($act)){
202409d7af7SAndreas Gohr        msg('Command disabled: '.htmlspecialchars($act),-1);
203409d7af7SAndreas Gohr        return 'show';
204409d7af7SAndreas Gohr    }
205409d7af7SAndreas Gohr
20660e6b550SAndreas Gohr    //disable all acl related commands if ACL is disabled
20760e6b550SAndreas Gohr    if(!$conf['useacl'] && in_array($act,array('login','logout','register','admin',
2081246e016SAndreas Gohr                    'subscribe','unsubscribe','profile','revert',
20952b0dd67SGuy Brand                    'resendpwd','subscribens','unsubscribens',))){
21060e6b550SAndreas Gohr        msg('Command unavailable: '.htmlspecialchars($act),-1);
21160e6b550SAndreas Gohr        return 'show';
21260e6b550SAndreas Gohr    }
21360e6b550SAndreas Gohr
214067c5d22SBen Coburn    if(!in_array($act,array('login','logout','register','save','cancel','edit','draft',
215ac83b9d8Sandi                    'preview','search','show','check','index','revisions',
2161246e016SAndreas Gohr                    'diff','recent','backlink','admin','subscribe','revert',
2175a932e77SAdrian Lang                    'unsubscribe','profile','resendpwd','recover',
218c4f79b71SMichael Hamann                    'draftdel','subscribens','unsubscribens','sitemap')) && substr($act,0,7) != 'export_' ) {
219ee4c4a1bSAndreas Gohr        msg('Command unknown: '.htmlspecialchars($act),-1);
220af182434Sandi        return 'show';
221af182434Sandi    }
222af182434Sandi    return $act;
223af182434Sandi}
224af182434Sandi
225af182434Sandi/**
2266b13307fSandi * Run permissionchecks
2276b13307fSandi *
2286b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
2296b13307fSandi */
2306b13307fSandifunction act_permcheck($act){
231dbbc6aa7Sandi    global $INFO;
2325e199953Smatthiasgrimm    global $conf;
233dbbc6aa7Sandi
234ee4c4a1bSAndreas Gohr    if(in_array($act,array('save','preview','edit','recover'))){
2356b13307fSandi        if($INFO['exists']){
236bdbc16bfSandi            if($act == 'edit'){
237bdbc16bfSandi                //the edit function will check again and do a source show
238bdbc16bfSandi                //when no AUTH_EDIT available
239bdbc16bfSandi                $permneed = AUTH_READ;
240bdbc16bfSandi            }else{
2416b13307fSandi                $permneed = AUTH_EDIT;
242bdbc16bfSandi            }
2436b13307fSandi        }else{
2446b13307fSandi            $permneed = AUTH_CREATE;
2456b13307fSandi        }
246c4f79b71SMichael Hamann    }elseif(in_array($act,array('login','search','recent','profile','index', 'sitemap'))){
247c4f79b71SMichael Hamann    }elseif(in_array($act,array('login','search','recent','profile','sitemap'))){
2486b13307fSandi        $permneed = AUTH_NONE;
2491246e016SAndreas Gohr    }elseif($act == 'revert'){
2501246e016SAndreas Gohr        $permneed = AUTH_ADMIN;
2511246e016SAndreas Gohr        if($INFO['ismanager']) $permneed = AUTH_EDIT;
2525e199953Smatthiasgrimm    }elseif($act == 'register'){
2535e199953Smatthiasgrimm        $permneed = AUTH_NONE;
254ebd3d9ceSchris    }elseif($act == 'resendpwd'){
255ebd3d9ceSchris        $permneed = AUTH_NONE;
256c19fe9c0Sandi    }elseif($act == 'admin'){
257f8cc712eSAndreas Gohr        if($INFO['ismanager']){
258f8cc712eSAndreas Gohr            // if the manager has the needed permissions for a certain admin
259f8cc712eSAndreas Gohr            // action is checked later
260f8cc712eSAndreas Gohr            $permneed = AUTH_READ;
261f8cc712eSAndreas Gohr        }else{
262c19fe9c0Sandi            $permneed = AUTH_ADMIN;
263f8cc712eSAndreas Gohr        }
2646b13307fSandi    }else{
2656b13307fSandi        $permneed = AUTH_READ;
2666b13307fSandi    }
267dbbc6aa7Sandi    if($INFO['perm'] >= $permneed) return $act;
268dbbc6aa7Sandi
2696b13307fSandi    return 'denied';
2706b13307fSandi}
2716b13307fSandi
2726b13307fSandi/**
273ee4c4a1bSAndreas Gohr * Handle 'draftdel'
274ee4c4a1bSAndreas Gohr *
275ee4c4a1bSAndreas Gohr * Deletes the draft for the current page and user
276ee4c4a1bSAndreas Gohr */
277ee4c4a1bSAndreas Gohrfunction act_draftdel($act){
278ee4c4a1bSAndreas Gohr    global $INFO;
279ee4c4a1bSAndreas Gohr    @unlink($INFO['draft']);
280ee4c4a1bSAndreas Gohr    $INFO['draft'] = null;
281ee4c4a1bSAndreas Gohr    return 'show';
282ee4c4a1bSAndreas Gohr}
283ee4c4a1bSAndreas Gohr
284ee4c4a1bSAndreas Gohr/**
285ee4c4a1bSAndreas Gohr * Saves a draft on preview
286ee4c4a1bSAndreas Gohr *
287ee4c4a1bSAndreas Gohr * @todo this currently duplicates code from ajax.php :-/
288ee4c4a1bSAndreas Gohr */
289ee4c4a1bSAndreas Gohrfunction act_draftsave($act){
290ee4c4a1bSAndreas Gohr    global $INFO;
291ee4c4a1bSAndreas Gohr    global $ID;
292ee4c4a1bSAndreas Gohr    global $conf;
293ee4c4a1bSAndreas Gohr    if($conf['usedraft'] && $_POST['wikitext']){
294ee4c4a1bSAndreas Gohr        $draft = array('id'     => $ID,
295*03f008cdSMichael Hamann                'prefix' => substr($_POST['prefix'], 0, -1),
296ee4c4a1bSAndreas Gohr                'text'   => $_POST['wikitext'],
297ee4c4a1bSAndreas Gohr                'suffix' => $_POST['suffix'],
298*03f008cdSMichael Hamann                'date'   => (int) $_POST['date'],
299ee4c4a1bSAndreas Gohr                'date'   => $_POST['date'],
300ee4c4a1bSAndreas Gohr                'client' => $INFO['client'],
301ee4c4a1bSAndreas Gohr                );
302ee4c4a1bSAndreas Gohr        $cname = getCacheName($draft['client'].$ID,'.draft');
303ee4c4a1bSAndreas Gohr        if(io_saveFile($cname,serialize($draft))){
304ee4c4a1bSAndreas Gohr            $INFO['draft'] = $cname;
305ee4c4a1bSAndreas Gohr        }
306ee4c4a1bSAndreas Gohr    }
307ee4c4a1bSAndreas Gohr    return $act;
308ee4c4a1bSAndreas Gohr}
309ee4c4a1bSAndreas Gohr
310ee4c4a1bSAndreas Gohr/**
3116b13307fSandi * Handle 'save'
3126b13307fSandi *
3136b13307fSandi * Checks for spam and conflicts and saves the page.
3146b13307fSandi * Does a redirect to show the page afterwards or
3156b13307fSandi * returns a new action.
3166b13307fSandi *
3176b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
3186b13307fSandi */
3196b13307fSandifunction act_save($act){
3206b13307fSandi    global $ID;
3216b13307fSandi    global $DATE;
3226b13307fSandi    global $PRE;
3236b13307fSandi    global $TEXT;
3246b13307fSandi    global $SUF;
3256b13307fSandi    global $SUM;
3265a932e77SAdrian Lang    global $lang;
3278d67c48aSAdrian Lang    global $INFO;
3286b13307fSandi
3296b13307fSandi    //spam check
3305a932e77SAdrian Lang    if(checkwordblock()) {
3315a932e77SAdrian Lang        msg($lang['wordblock'], -1);
3325a932e77SAdrian Lang        return 'edit';
3335a932e77SAdrian Lang    }
3348d67c48aSAdrian Lang    //conflict check
3358d67c48aSAdrian Lang    if($DATE != 0 && $INFO['meta']['date']['modified'] > $DATE )
3366b13307fSandi        return 'conflict';
3376b13307fSandi
3386b13307fSandi    //save it
339b6912aeaSAndreas Gohr    saveWikiText($ID,con($PRE,$TEXT,$SUF,1),$SUM,$_REQUEST['minor']); //use pretty mode for con
3406b13307fSandi    //unlock it
3416b13307fSandi    unlock($ID);
3426b13307fSandi
343ee4c4a1bSAndreas Gohr    //delete draft
344ee4c4a1bSAndreas Gohr    act_draftdel($act);
34569cd1e27SAndreas Gohr    session_write_close();
346ee4c4a1bSAndreas Gohr
34769cd1e27SAndreas Gohr    // when done, show page
34869cd1e27SAndreas Gohr    return 'show';
34969cd1e27SAndreas Gohr}
350f951a474SAndreas Gohr
35114a122deSAndreas Gohr/**
3521246e016SAndreas Gohr * Revert to a certain revision
3531246e016SAndreas Gohr *
3541246e016SAndreas Gohr * @author Andreas Gohr <andi@splitbrain.org>
3551246e016SAndreas Gohr */
3561246e016SAndreas Gohrfunction act_revert($act){
3571246e016SAndreas Gohr    global $ID;
3581246e016SAndreas Gohr    global $REV;
3591246e016SAndreas Gohr    global $lang;
360de4d479aSAdrian Lang    // FIXME $INFO['writable'] currently refers to the attic version
361de4d479aSAdrian Lang    // global $INFO;
362de4d479aSAdrian Lang    // if (!$INFO['writable']) {
363de4d479aSAdrian Lang    //     return 'show';
364de4d479aSAdrian Lang    // }
3651246e016SAndreas Gohr
3661246e016SAndreas Gohr    // when no revision is given, delete current one
3671246e016SAndreas Gohr    // FIXME this feature is not exposed in the GUI currently
3681246e016SAndreas Gohr    $text = '';
3691246e016SAndreas Gohr    $sum  = $lang['deleted'];
3701246e016SAndreas Gohr    if($REV){
3711246e016SAndreas Gohr        $text = rawWiki($ID,$REV);
3721246e016SAndreas Gohr        if(!$text) return 'show'; //something went wrong
3731246e016SAndreas Gohr        $sum  = $lang['restored'];
3741246e016SAndreas Gohr    }
3751246e016SAndreas Gohr
3761246e016SAndreas Gohr    // spam check
3775a932e77SAdrian Lang
3785a932e77SAdrian Lang    if (checkwordblock($text)) {
3795a932e77SAdrian Lang        msg($lang['wordblock'], -1);
3805a932e77SAdrian Lang        return 'edit';
3815a932e77SAdrian Lang    }
3821246e016SAndreas Gohr
3831246e016SAndreas Gohr    saveWikiText($ID,$text,$sum,false);
3841246e016SAndreas Gohr    msg($sum,1);
3851246e016SAndreas Gohr
3861246e016SAndreas Gohr    //delete any draft
3871246e016SAndreas Gohr    act_draftdel($act);
3881246e016SAndreas Gohr    session_write_close();
3891246e016SAndreas Gohr
3901246e016SAndreas Gohr    // when done, show current page
3911246e016SAndreas Gohr    $_SERVER['REQUEST_METHOD'] = 'post'; //should force a redirect
3921246e016SAndreas Gohr    $REV = '';
3931246e016SAndreas Gohr    return 'show';
3941246e016SAndreas Gohr}
3951246e016SAndreas Gohr
3961246e016SAndreas Gohr/**
39714a122deSAndreas Gohr * Do a redirect after receiving post data
39814a122deSAndreas Gohr *
39914a122deSAndreas Gohr * Tries to add the section id as hash mark after section editing
40014a122deSAndreas Gohr */
40169cd1e27SAndreas Gohrfunction act_redirect($id,$preact){
40269cd1e27SAndreas Gohr    global $PRE;
40369cd1e27SAndreas Gohr    global $TEXT;
404f951a474SAndreas Gohr
40569cd1e27SAndreas Gohr    $opts = array(
40669cd1e27SAndreas Gohr            'id'       => $id,
40769cd1e27SAndreas Gohr            'preact'   => $preact
40869cd1e27SAndreas Gohr            );
409c66972f2SAdrian Lang    //get section name when coming from section edit
410c66972f2SAdrian Lang    if($PRE && preg_match('/^\s*==+([^=\n]+)/',$TEXT,$match)){
411c66972f2SAdrian Lang        $check = false; //Byref
412c66972f2SAdrian Lang        $opts['fragment'] = sectionID($match[0], $check);
413c66972f2SAdrian Lang    }
414c66972f2SAdrian Lang
41569cd1e27SAndreas Gohr    trigger_event('ACTION_SHOW_REDIRECT',$opts,'act_redirect_execute');
41669cd1e27SAndreas Gohr}
41769cd1e27SAndreas Gohr
41869cd1e27SAndreas Gohrfunction act_redirect_execute($opts){
41969cd1e27SAndreas Gohr    $go = wl($opts['id'],'',true);
420c66972f2SAdrian Lang    if(isset($opts['fragment'])) $go .= '#'.$opts['fragment'];
42169cd1e27SAndreas Gohr
4226b13307fSandi    //show it
423af2408d5SAndreas Gohr    send_redirect($go);
4246b13307fSandi}
4256b13307fSandi
4266b13307fSandi/**
427b8957367SBenjamin Gilbert * Handle 'login', 'logout'
4286b13307fSandi *
4296b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
4306b13307fSandi */
4316b13307fSandifunction act_auth($act){
43208eda5bcSmatthiasgrimm    global $ID;
4337cace34dSAndreas Gohr    global $INFO;
43408eda5bcSmatthiasgrimm
4356b13307fSandi    //already logged in?
436c66972f2SAdrian Lang    if(isset($_SERVER['REMOTE_USER']) && $act=='login'){
437ca12ce46SAndreas Gohr        return 'show';
4382288dc06SGuy Brand    }
4396b13307fSandi
4406b13307fSandi    //handle logout
4416b13307fSandi    if($act=='logout'){
44208eda5bcSmatthiasgrimm        $lockedby = checklock($ID); //page still locked?
443424c3c4fSJohannes Buchner        if($lockedby == $_SERVER['REMOTE_USER'])
44408eda5bcSmatthiasgrimm            unlock($ID); //try to unlock
44508eda5bcSmatthiasgrimm
4467cace34dSAndreas Gohr        // do the logout stuff
4476b13307fSandi        auth_logoff();
4487cace34dSAndreas Gohr
4497cace34dSAndreas Gohr        // rebuild info array
4507cace34dSAndreas Gohr        $INFO = pageinfo();
4517cace34dSAndreas Gohr
452e16eccb7SGuy Brand        act_redirect($ID,'login');
4536b13307fSandi    }
4546b13307fSandi
4556b13307fSandi    return $act;
4566b13307fSandi}
4576b13307fSandi
4586b13307fSandi/**
45945a99335SAdrian Lang * Handle 'edit', 'preview', 'recover'
4606b13307fSandi *
4616b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
4626b13307fSandi */
4636b13307fSandifunction act_edit($act){
464cd409024Sjorda    global $ID;
465ee4c4a1bSAndreas Gohr    global $INFO;
466cd409024Sjorda
46745a99335SAdrian Lang    global $TEXT;
46845a99335SAdrian Lang    global $RANGE;
46945a99335SAdrian Lang    global $PRE;
47045a99335SAdrian Lang    global $SUF;
47145a99335SAdrian Lang    global $REV;
47245a99335SAdrian Lang    global $SUM;
47345a99335SAdrian Lang    global $lang;
47445a99335SAdrian Lang    global $DATE;
47545a99335SAdrian Lang
47645a99335SAdrian Lang    if (!isset($TEXT)) {
47745a99335SAdrian Lang        if ($INFO['exists']) {
47845a99335SAdrian Lang            if ($RANGE) {
47945a99335SAdrian Lang                list($PRE,$TEXT,$SUF) = rawWikiSlices($RANGE,$ID,$REV);
48045a99335SAdrian Lang            } else {
48145a99335SAdrian Lang                $TEXT = rawWiki($ID,$REV);
48245a99335SAdrian Lang            }
48345a99335SAdrian Lang        } else {
484fe17917eSAdrian Lang            $TEXT = pageTemplate($ID);
48545a99335SAdrian Lang        }
48645a99335SAdrian Lang    }
48745a99335SAdrian Lang
48845a99335SAdrian Lang    //set summary default
48945a99335SAdrian Lang    if(!$SUM){
49045a99335SAdrian Lang        if($REV){
49145a99335SAdrian Lang            $SUM = $lang['restored'];
49245a99335SAdrian Lang        }elseif(!$INFO['exists']){
49345a99335SAdrian Lang            $SUM = $lang['created'];
49445a99335SAdrian Lang        }
49545a99335SAdrian Lang    }
49645a99335SAdrian Lang
4978d67c48aSAdrian Lang    // Use the date of the newest revision, not of the revision we edit
4988d67c48aSAdrian Lang    // This is used for conflict detection
4998d67c48aSAdrian Lang    if(!$DATE) $DATE = $INFO['meta']['date']['modified'];
50045a99335SAdrian Lang
5016b13307fSandi    //check if locked by anyone - if not lock for my self
5026b13307fSandi    $lockedby = checklock($ID);
5036b13307fSandi    if($lockedby) return 'locked';
5046b13307fSandi
5056b13307fSandi    lock($ID);
5066b13307fSandi    return $act;
5076b13307fSandi}
5086b13307fSandi
5096b13307fSandi/**
510f6dad9fdSMichael Klier * Export a wiki page for various formats
511f6dad9fdSMichael Klier *
512f6dad9fdSMichael Klier * Triggers ACTION_EXPORT_POSTPROCESS
513f6dad9fdSMichael Klier *
514f6dad9fdSMichael Klier *  Event data:
515f6dad9fdSMichael Klier *    data['id']      -- page id
516f6dad9fdSMichael Klier *    data['mode']    -- requested export mode
517f6dad9fdSMichael Klier *    data['headers'] -- export headers
518f6dad9fdSMichael Klier *    data['output']  -- export output
5196b13307fSandi *
5206b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
521f6dad9fdSMichael Klier * @author Michael Klier <chi@chimeric.de>
5226b13307fSandi */
5236b13307fSandifunction act_export($act){
5246b13307fSandi    global $ID;
5256b13307fSandi    global $REV;
52685f8705cSAnika Henke    global $conf;
52785f8705cSAnika Henke    global $lang;
5286b13307fSandi
529f6dad9fdSMichael Klier    $pre = '';
530f6dad9fdSMichael Klier    $post = '';
531f6dad9fdSMichael Klier    $output = '';
532f6dad9fdSMichael Klier    $headers = array();
533cc2ae802SAndreas Gohr
534f6dad9fdSMichael Klier    // search engines: never cache exported docs! (Google only currently)
535f6dad9fdSMichael Klier    $headers['X-Robots-Tag'] = 'noindex';
536f6dad9fdSMichael Klier
537ac83b9d8Sandi    $mode = substr($act,7);
538f6dad9fdSMichael Klier    switch($mode) {
539f6dad9fdSMichael Klier        case 'raw':
5405adfc5afSAnika Henke            $headers['Content-Type'] = 'text/plain; charset=utf-8';
54166b23ce9SAndreas Gohr            $headers['Content-Disposition'] = 'attachment; filename='.noNS($ID).'.txt';
542f6dad9fdSMichael Klier            $output = rawWiki($ID,$REV);
543f6dad9fdSMichael Klier            break;
544f6dad9fdSMichael Klier        case 'xhtml':
545f6dad9fdSMichael Klier            $pre .= '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"' . DOKU_LF;
546f6dad9fdSMichael Klier            $pre .= ' "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">' . DOKU_LF;
547f6dad9fdSMichael Klier            $pre .= '<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="'.$conf['lang'].'"' . DOKU_LF;
548f6dad9fdSMichael Klier            $pre .= ' lang="'.$conf['lang'].'" dir="'.$lang['direction'].'">' . DOKU_LF;
549f6dad9fdSMichael Klier            $pre .= '<head>' . DOKU_LF;
550f6dad9fdSMichael Klier            $pre .= '  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />' . DOKU_LF;
551f6dad9fdSMichael Klier            $pre .= '  <title>'.$ID.'</title>' . DOKU_LF;
552f6dad9fdSMichael Klier
553f6dad9fdSMichael Klier            // get metaheaders
554f6dad9fdSMichael Klier            ob_start();
555f6dad9fdSMichael Klier            tpl_metaheaders();
556f6dad9fdSMichael Klier            $pre .= ob_get_clean();
557f6dad9fdSMichael Klier
558f6dad9fdSMichael Klier            $pre .= '</head>' . DOKU_LF;
559f6dad9fdSMichael Klier            $pre .= '<body>' . DOKU_LF;
560f6dad9fdSMichael Klier            $pre .= '<div class="dokuwiki export">' . DOKU_LF;
561f6dad9fdSMichael Klier
562f6dad9fdSMichael Klier            // get toc
563f6dad9fdSMichael Klier            $pre .= tpl_toc(true);
564f6dad9fdSMichael Klier
565f6dad9fdSMichael Klier            $headers['Content-Type'] = 'text/html; charset=utf-8';
566f6dad9fdSMichael Klier            $output = p_wiki_xhtml($ID,$REV,false);
567f6dad9fdSMichael Klier
568f6dad9fdSMichael Klier            $post .= '</div>' . DOKU_LF;
569f6dad9fdSMichael Klier            $post .= '</body>' . DOKU_LF;
570f6dad9fdSMichael Klier            $post .= '</html>' . DOKU_LF;
571f6dad9fdSMichael Klier            break;
572f6dad9fdSMichael Klier        case 'xhtmlbody':
573f6dad9fdSMichael Klier            $headers['Content-Type'] = 'text/html; charset=utf-8';
574f6dad9fdSMichael Klier            $output = p_wiki_xhtml($ID,$REV,false);
575f6dad9fdSMichael Klier            break;
576f6dad9fdSMichael Klier        default:
577f6dad9fdSMichael Klier            $output = p_cached_output(wikiFN($ID,$REV), $mode);
5789acedd40SAndreas Gohr            $headers = p_get_metadata($ID,"format $mode");
579f6dad9fdSMichael Klier            break;
580f6dad9fdSMichael Klier    }
581f6dad9fdSMichael Klier
582f6dad9fdSMichael Klier    // prepare event data
583f6dad9fdSMichael Klier    $data = array();
584f6dad9fdSMichael Klier    $data['id'] = $ID;
585f6dad9fdSMichael Klier    $data['mode'] = $mode;
586f6dad9fdSMichael Klier    $data['headers'] = $headers;
587f6dad9fdSMichael Klier    $data['output'] =& $output;
588f6dad9fdSMichael Klier
589f6dad9fdSMichael Klier    trigger_event('ACTION_EXPORT_POSTPROCESS', $data);
590f6dad9fdSMichael Klier
591f6dad9fdSMichael Klier    if(!empty($data['output'])){
592f6dad9fdSMichael Klier        if(is_array($data['headers'])) foreach($data['headers'] as $key => $val){
59385767031SAndreas Gohr            header("$key: $val");
59485767031SAndreas Gohr        }
595f6dad9fdSMichael Klier        print $pre.$data['output'].$post;
5966b13307fSandi        exit;
5976b13307fSandi    }
5986b13307fSandi    return 'show';
5996b13307fSandi}
600340756e4Sandi
601b158d625SSteven Danz/**
602c4f79b71SMichael Hamann * Handle sitemap delivery
603c4f79b71SMichael Hamann *
604c4f79b71SMichael Hamann * @author Michael Hamann <michael@content-space.de>
605c4f79b71SMichael Hamann */
606c4f79b71SMichael Hamannfunction act_sitemap($act) {
607c4f79b71SMichael Hamann    global $conf;
608c4f79b71SMichael Hamann
609eae17177SMichael Hamann    if ($conf['sitemap'] < 1 || !is_numeric($conf['sitemap'])) {
610c4f79b71SMichael Hamann        header("HTTP/1.0 404 Not Found");
611c4f79b71SMichael Hamann        print "Sitemap generation is disabled.";
612c4f79b71SMichael Hamann        exit;
613c4f79b71SMichael Hamann    }
614c4f79b71SMichael Hamann
615eae17177SMichael Hamann    $sitemap = Sitemapper::getFilePath();
616eae17177SMichael Hamann    if(strrchr($sitemap, '.') === '.gz'){
617c4f79b71SMichael Hamann        $mime = 'application/x-gzip';
618c4f79b71SMichael Hamann    }else{
619c4f79b71SMichael Hamann        $mime = 'application/xml; charset=utf-8';
620c4f79b71SMichael Hamann    }
621c4f79b71SMichael Hamann
622c4f79b71SMichael Hamann    // Check if sitemap file exists, otherwise create it
623c4f79b71SMichael Hamann    if (!is_readable($sitemap)) {
6242897eb23SMichael Hamann        Sitemapper::generate();
625c4f79b71SMichael Hamann    }
626c4f79b71SMichael Hamann
627c4f79b71SMichael Hamann    if (is_readable($sitemap)) {
628c4f79b71SMichael Hamann        // Send headers
629c4f79b71SMichael Hamann        header('Content-Type: '.$mime);
630c4f79b71SMichael Hamann
631eae17177SMichael Hamann        http_conditionalRequest(filemtime($sitemap));
632eae17177SMichael Hamann
633c4f79b71SMichael Hamann        // Send file
634c4f79b71SMichael Hamann        //use x-sendfile header to pass the delivery to compatible webservers
635c4f79b71SMichael Hamann        if (http_sendfile($sitemap)) exit;
636c4f79b71SMichael Hamann
637eae17177SMichael Hamann        readfile($sitemap);
638c4f79b71SMichael Hamann        exit;
639c4f79b71SMichael Hamann    }
640c4f79b71SMichael Hamann
641c4f79b71SMichael Hamann    header("HTTP/1.0 500 Internal Server Error");
642eae17177SMichael Hamann    print "Could not read the sitemap file - bad permissions?";
643c4f79b71SMichael Hamann    exit;
644c4f79b71SMichael Hamann}
645c4f79b71SMichael Hamann
646c4f79b71SMichael Hamann/**
6475b75cd1fSAdrian Lang * Handle page 'subscribe'
648b158d625SSteven Danz *
6495b75cd1fSAdrian Lang * Throws exception on error.
6505b75cd1fSAdrian Lang *
6515b75cd1fSAdrian Lang * @author Adrian Lang <lang@cosmocode.de>
652b158d625SSteven Danz */
6531380fc45SAndreas Gohrfunction act_subscription($act){
654056c2049SAndreas Gohr    global $lang;
655056c2049SAndreas Gohr    global $INFO;
656056c2049SAndreas Gohr    global $ID;
65752b0dd67SGuy Brand
6589fa341d0SAndreas Gohr    // subcriptions work for logged in users only
6599fa341d0SAndreas Gohr    if(!$_SERVER['REMOTE_USER']) return 'show';
6609fa341d0SAndreas Gohr
661056c2049SAndreas Gohr    // get and preprocess data.
6628881fcc9SAdrian Lang    $params = array();
6638881fcc9SAdrian Lang    foreach(array('target', 'style', 'action') as $param) {
664056c2049SAndreas Gohr        if (isset($_REQUEST["sub_$param"])) {
665056c2049SAndreas Gohr            $params[$param] = $_REQUEST["sub_$param"];
6668881fcc9SAdrian Lang        }
6678881fcc9SAdrian Lang    }
6688881fcc9SAdrian Lang
669056c2049SAndreas Gohr    // any action given? if not just return and show the subscription page
67066d2bed9SAdrian Lang    if(!$params['action'] || !checkSecurityToken()) return $act;
671056c2049SAndreas Gohr
6728881fcc9SAdrian Lang    // Handle POST data, may throw exception.
6738881fcc9SAdrian Lang    trigger_event('ACTION_HANDLE_SUBSCRIBE', $params, 'subscription_handle_post');
6748881fcc9SAdrian Lang
6758881fcc9SAdrian Lang    $target = $params['target'];
6768881fcc9SAdrian Lang    $style  = $params['style'];
6778881fcc9SAdrian Lang    $data   = $params['data'];
6788881fcc9SAdrian Lang    $action = $params['action'];
6798881fcc9SAdrian Lang
6808881fcc9SAdrian Lang    // Perform action.
6818881fcc9SAdrian Lang    if (!subscription_set($_SERVER['REMOTE_USER'], $target, $style, $data)) {
6828881fcc9SAdrian Lang        throw new Exception(sprintf($lang["subscr_{$action}_error"],
6838881fcc9SAdrian Lang                                    hsc($INFO['userinfo']['name']),
6848881fcc9SAdrian Lang                                    prettyprint_id($target)));
6858881fcc9SAdrian Lang    }
6868881fcc9SAdrian Lang    msg(sprintf($lang["subscr_{$action}_success"], hsc($INFO['userinfo']['name']),
6878881fcc9SAdrian Lang                prettyprint_id($target)), 1);
688cb3f9dbaSAdrian Lang    act_redirect($ID, $act);
689cb3f9dbaSAdrian Lang
690cb3f9dbaSAdrian Lang    // Assure that we have valid data if act_redirect somehow fails.
691cb3f9dbaSAdrian Lang    $INFO['subscribed'] = get_info_subscribed();
692cb3f9dbaSAdrian Lang    return 'show';
6938881fcc9SAdrian Lang}
6948881fcc9SAdrian Lang
6958881fcc9SAdrian Lang/**
6968881fcc9SAdrian Lang * Validate POST data
6978881fcc9SAdrian Lang *
6988881fcc9SAdrian Lang * Validates POST data for a subscribe or unsubscribe request. This is the
6998881fcc9SAdrian Lang * default action for the event ACTION_HANDLE_SUBSCRIBE.
7008881fcc9SAdrian Lang *
7018881fcc9SAdrian Lang * @author Adrian Lang <lang@cosmocode.de>
7028881fcc9SAdrian Lang */
7037a9add1cSAdrian Langfunction subscription_handle_post(&$params) {
7048881fcc9SAdrian Lang    global $INFO;
7058881fcc9SAdrian Lang    global $lang;
7068881fcc9SAdrian Lang
7075b75cd1fSAdrian Lang    // Get and validate parameters.
7088881fcc9SAdrian Lang    if (!isset($params['target'])) {
70915741132SAndreas Gohr        throw new Exception('no subscription target given');
7105b75cd1fSAdrian Lang    }
7118881fcc9SAdrian Lang    $target = $params['target'];
7125b75cd1fSAdrian Lang    $valid_styles = array('every', 'digest');
7135b75cd1fSAdrian Lang    if (substr($target, -1, 1) === ':') {
7145b75cd1fSAdrian Lang        // Allow “list” subscribe style since the target is a namespace.
7155b75cd1fSAdrian Lang        $valid_styles[] = 'list';
7165b75cd1fSAdrian Lang    }
7178881fcc9SAdrian Lang    $style  = valid_input_set('style', $valid_styles, $params,
71815741132SAndreas Gohr                              'invalid subscription style given');
7198881fcc9SAdrian Lang    $action = valid_input_set('action', array('subscribe', 'unsubscribe'),
72015741132SAndreas Gohr                              $params, 'invalid subscription action given');
721613964ecSGuy Brand
7225b75cd1fSAdrian Lang    // Check other conditions.
7235b75cd1fSAdrian Lang    if ($action === 'subscribe') {
7245b75cd1fSAdrian Lang        if ($INFO['userinfo']['mail'] === '') {
7255b75cd1fSAdrian Lang            throw new Exception($lang['subscr_subscribe_noaddress']);
72652b0dd67SGuy Brand        }
7275b75cd1fSAdrian Lang    } elseif ($action === 'unsubscribe') {
7285b75cd1fSAdrian Lang        $is = false;
7295b75cd1fSAdrian Lang        foreach($INFO['subscribed'] as $subscr) {
7305b75cd1fSAdrian Lang            if ($subscr['target'] === $target) {
7315b75cd1fSAdrian Lang                $is = true;
73252b0dd67SGuy Brand            }
73352b0dd67SGuy Brand        }
7345b75cd1fSAdrian Lang        if ($is === false) {
73515741132SAndreas Gohr            throw new Exception(sprintf($lang['subscr_not_subscribed'],
73615741132SAndreas Gohr                                        $_SERVER['REMOTE_USER'],
7375b75cd1fSAdrian Lang                                        prettyprint_id($target)));
7385b75cd1fSAdrian Lang        }
7395b75cd1fSAdrian Lang        // subscription_set deletes a subscription if style = null.
7405b75cd1fSAdrian Lang        $style = null;
74152b0dd67SGuy Brand    }
74252b0dd67SGuy Brand
7438881fcc9SAdrian Lang    $data = in_array($style, array('list', 'digest')) ? time() : null;
7448881fcc9SAdrian Lang    $params = compact('target', 'style', 'data', 'action');
74552b0dd67SGuy Brand}
74652b0dd67SGuy Brand
747e3776c06SMichael Hamann//Setup VIM: ex: et ts=2 :
748