xref: /dokuwiki/inc/actions.php (revision 067c5d22f81811424b2208d390852009c7be0c62) 
16b13307fSandi<?php
26b13307fSandi/**
36b13307fSandi * DokuWiki Actions
46b13307fSandi *
56b13307fSandi * @license    GPL 2 (http://www.gnu.org/licenses/gpl.html)
66b13307fSandi * @author     Andreas Gohr <andi@splitbrain.org>
76b13307fSandi */
86b13307fSandi
96b13307fSandi  if(!defined('DOKU_INC')) define('DOKU_INC',realpath(dirname(__FILE__).'/../').'/');
106b13307fSandi  require_once(DOKU_INC.'inc/template.php');
116b13307fSandi
12af182434Sandi
136b13307fSandi/**
146b13307fSandi * Call the needed action handlers
156b13307fSandi *
166b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
176b13307fSandi */
186b13307fSandifunction act_dispatch(){
196b13307fSandi  global $INFO;
206b13307fSandi  global $ACT;
216b13307fSandi  global $ID;
226b13307fSandi  global $QUERY;
236b13307fSandi  global $lang;
246b13307fSandi  global $conf;
256b13307fSandi
26c2e830f2Schris  // give plugins an opportunity to process the action
2724bb549bSchris  $evt = new Doku_Event('ACTION_ACT_PREPROCESS',$ACT);
2824bb549bSchris  if ($evt->advise_before()) {
29c2e830f2Schris
30af182434Sandi    //sanitize $ACT
31af182434Sandi    $ACT = act_clean($ACT);
32af182434Sandi
33b8957367SBenjamin Gilbert    //check if searchword was given - else just show
340868021bSAndreas Gohr    $s = cleanID($QUERY);
350868021bSAndreas Gohr    if($ACT == 'search' && empty($s)){
36b8957367SBenjamin Gilbert      $ACT = 'show';
37b8957367SBenjamin Gilbert    }
38b8957367SBenjamin Gilbert
39b8957367SBenjamin Gilbert    //login stuff
40b8957367SBenjamin Gilbert    if(in_array($ACT,array('login','logout')))
41b8957367SBenjamin Gilbert      $ACT = act_auth($ACT);
42b8957367SBenjamin Gilbert
431380fc45SAndreas Gohr    //check if user is asking to (un)subscribe a page
441380fc45SAndreas Gohr    if($ACT == 'subscribe' || $ACT == 'unsubscribe')
451380fc45SAndreas Gohr      $ACT = act_subscription($ACT);
46b158d625SSteven Danz
476b13307fSandi    //check permissions
486b13307fSandi    $ACT = act_permcheck($ACT);
496b13307fSandi
50b8957367SBenjamin Gilbert    //register
51b8957367SBenjamin Gilbert    if($ACT == 'register' && register()){
52b8957367SBenjamin Gilbert      $ACT = 'login';
53b8957367SBenjamin Gilbert    }
546b13307fSandi
558b06d178Schris    if ($ACT == 'resendpwd' && act_resendpwd()) {
568b06d178Schris      $ACT = 'login';
578b06d178Schris    }
588b06d178Schris
598b06d178Schris    //update user profile
608b06d178Schris    if (($ACT == 'profile') && updateprofile()) {
614cb79657SMatthias Grimm      msg($lang['profchanged'],1);
624cb79657SMatthias Grimm      $ACT = 'show';
638b06d178Schris    }
648b06d178Schris
656b13307fSandi    //save
666b13307fSandi    if($ACT == 'save')
676b13307fSandi      $ACT = act_save($ACT);
686b13307fSandi
69*067c5d22SBen Coburn    //cancel conflicting edit
70*067c5d22SBen Coburn    if($ACT == 'cancel')
71*067c5d22SBen Coburn      $ACT = 'show';
72*067c5d22SBen Coburn
73ee4c4a1bSAndreas Gohr    //draft deletion
74ee4c4a1bSAndreas Gohr    if($ACT == 'draftdel')
75ee4c4a1bSAndreas Gohr      $ACT = act_draftdel($ACT);
76ee4c4a1bSAndreas Gohr
77ee4c4a1bSAndreas Gohr    //draft saving on preview
78ee4c4a1bSAndreas Gohr    if($ACT == 'preview')
79ee4c4a1bSAndreas Gohr      $ACT = act_draftsave($ACT);
80ee4c4a1bSAndreas Gohr
816b13307fSandi    //edit
82b146b32bSandi    if(($ACT == 'edit' || $ACT == 'preview') && $INFO['editable']){
83af182434Sandi      $ACT = act_edit($ACT);
846b13307fSandi    }else{
856b13307fSandi      unlock($ID); //try to unlock
866b13307fSandi    }
876b13307fSandi
886b13307fSandi    //handle export
89ac83b9d8Sandi    if(substr($ACT,0,7) == 'export_')
906b13307fSandi      $ACT = act_export($ACT);
916b13307fSandi
926b13307fSandi    //display some infos
936b13307fSandi    if($ACT == 'check'){
946b13307fSandi      check();
956b13307fSandi      $ACT = 'show';
966b13307fSandi    }
976b13307fSandi
98c19fe9c0Sandi    //handle admin tasks
99c19fe9c0Sandi    if($ACT == 'admin'){
10011e2ce22Schris      // retrieve admin plugin name from $_REQUEST['page']
101bb4866bdSchris      if (!empty($_REQUEST['page'])) {
10211e2ce22Schris          $pluginlist = plugin_list('admin');
10311e2ce22Schris          if (in_array($_REQUEST['page'], $pluginlist)) {
10411e2ce22Schris            // attempt to load the plugin
10511e2ce22Schris            if ($plugin =& plugin_load('admin',$_REQUEST['page']) !== NULL)
10611e2ce22Schris                $plugin->handle();
10711e2ce22Schris          }
10811e2ce22Schris      }
109c19fe9c0Sandi    }
1105f312bacSAndreas Gohr
1115f312bacSAndreas Gohr    // check permissions again - the action may have changed
1125f312bacSAndreas Gohr    $ACT = act_permcheck($ACT);
11324bb549bSchris  }  // end event ACTION_ACT_PREPROCESS default action
11424bb549bSchris  $evt->advise_after();
11524bb549bSchris  unset($evt);
116c19fe9c0Sandi
1175f312bacSAndreas Gohr
1186b13307fSandi  //call template FIXME: all needed vars available?
119f63a2007Schris  $headers[] = 'Content-Type: text/html; charset=utf-8';
120746855cfSBen Coburn  trigger_event('ACTION_HEADERS_SEND',$headers,'act_sendheaders');
121f63a2007Schris
1225a892029SAndreas Gohr  include(template('main.php'));
123c19fe9c0Sandi  // output for the commands is now handled in inc/templates.php
124c19fe9c0Sandi  // in function tpl_content()
1256b13307fSandi}
1266b13307fSandi
127f63a2007Schrisfunction act_sendheaders($headers) {
128f63a2007Schris  foreach ($headers as $hdr) header($hdr);
129f63a2007Schris}
130f63a2007Schris
1316b13307fSandi/**
132af182434Sandi * Sanitize the action command
133af182434Sandi *
134af182434Sandi * Add all allowed commands here.
135af182434Sandi *
136af182434Sandi * @author Andreas Gohr <andi@splitbrain.org>
137af182434Sandi */
138af182434Sandifunction act_clean($act){
139af182434Sandi  global $lang;
14060e6b550SAndreas Gohr  global $conf;
141af182434Sandi
142ee4c4a1bSAndreas Gohr  // check if the action was given as array key
143ee4c4a1bSAndreas Gohr  if(is_array($act)){
144ee4c4a1bSAndreas Gohr    list($act) = array_keys($act);
145ee4c4a1bSAndreas Gohr  }
146ee4c4a1bSAndreas Gohr
147ac83b9d8Sandi  //remove all bad chars
148ac83b9d8Sandi  $act = strtolower($act);
149ac83b9d8Sandi  $act = preg_replace('/[^a-z_]+/','',$act);
150ac83b9d8Sandi
151ac83b9d8Sandi  if($act == 'export_html') $act = 'export_xhtml';
152cc2ae802SAndreas Gohr  if($act == 'export_htmlbody') $act = 'export_xhtmlbody';
153b146b32bSandi
154409d7af7SAndreas Gohr  // check if action is disabled
155409d7af7SAndreas Gohr  if(!actionOK($act)){
156409d7af7SAndreas Gohr    msg('Command disabled: '.htmlspecialchars($act),-1);
157409d7af7SAndreas Gohr    return 'show';
158409d7af7SAndreas Gohr  }
159409d7af7SAndreas Gohr
16060e6b550SAndreas Gohr  //disable all acl related commands if ACL is disabled
16160e6b550SAndreas Gohr  if(!$conf['useacl'] && in_array($act,array('login','logout','register','admin',
16260e6b550SAndreas Gohr                                             'subscribe','unsubscribe','profile',
16360e6b550SAndreas Gohr                                             'resendpwd',))){
16460e6b550SAndreas Gohr    msg('Command unavailable: '.htmlspecialchars($act),-1);
16560e6b550SAndreas Gohr    return 'show';
16660e6b550SAndreas Gohr  }
16760e6b550SAndreas Gohr
168*067c5d22SBen Coburn  if(!in_array($act,array('login','logout','register','save','cancel','edit','draft',
169ac83b9d8Sandi                          'preview','search','show','check','index','revisions',
1701380fc45SAndreas Gohr                          'diff','recent','backlink','admin','subscribe',
17118829381SAndreas Gohr                          'unsubscribe','profile','resendpwd','recover','wordblock',
172ee4c4a1bSAndreas Gohr                          'draftdel',)) && substr($act,0,7) != 'export_' ) {
173ee4c4a1bSAndreas Gohr    msg('Command unknown: '.htmlspecialchars($act),-1);
174af182434Sandi    return 'show';
175af182434Sandi  }
176af182434Sandi  return $act;
177af182434Sandi}
178af182434Sandi
179af182434Sandi/**
1806b13307fSandi * Run permissionchecks
1816b13307fSandi *
1826b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
1836b13307fSandi */
1846b13307fSandifunction act_permcheck($act){
185dbbc6aa7Sandi  global $INFO;
1865e199953Smatthiasgrimm  global $conf;
187dbbc6aa7Sandi
188ee4c4a1bSAndreas Gohr  if(in_array($act,array('save','preview','edit','recover'))){
1896b13307fSandi    if($INFO['exists']){
190bdbc16bfSandi      if($act == 'edit'){
191bdbc16bfSandi        //the edit function will check again and do a source show
192bdbc16bfSandi        //when no AUTH_EDIT available
193bdbc16bfSandi        $permneed = AUTH_READ;
194bdbc16bfSandi      }else{
1956b13307fSandi        $permneed = AUTH_EDIT;
196bdbc16bfSandi      }
1976b13307fSandi    }else{
1986b13307fSandi      $permneed = AUTH_CREATE;
1996b13307fSandi    }
2008b06d178Schris  }elseif(in_array($act,array('login','search','recent','profile'))){
2016b13307fSandi    $permneed = AUTH_NONE;
2025e199953Smatthiasgrimm  }elseif($act == 'register'){
2035e199953Smatthiasgrimm    $permneed = AUTH_NONE;
204ebd3d9ceSchris  }elseif($act == 'resendpwd'){
205ebd3d9ceSchris    $permneed = AUTH_NONE;
206c19fe9c0Sandi  }elseif($act == 'admin'){
207c19fe9c0Sandi    $permneed = AUTH_ADMIN;
2086b13307fSandi  }else{
2096b13307fSandi    $permneed = AUTH_READ;
2106b13307fSandi  }
211dbbc6aa7Sandi  if($INFO['perm'] >= $permneed) return $act;
212dbbc6aa7Sandi
2136b13307fSandi  return 'denied';
2146b13307fSandi}
2156b13307fSandi
2166b13307fSandi/**
217ee4c4a1bSAndreas Gohr * Handle 'draftdel'
218ee4c4a1bSAndreas Gohr *
219ee4c4a1bSAndreas Gohr * Deletes the draft for the current page and user
220ee4c4a1bSAndreas Gohr */
221ee4c4a1bSAndreas Gohrfunction act_draftdel($act){
222ee4c4a1bSAndreas Gohr  global $INFO;
223ee4c4a1bSAndreas Gohr  @unlink($INFO['draft']);
224ee4c4a1bSAndreas Gohr  $INFO['draft'] = null;
225ee4c4a1bSAndreas Gohr  return 'show';
226ee4c4a1bSAndreas Gohr}
227ee4c4a1bSAndreas Gohr
228ee4c4a1bSAndreas Gohr/**
229ee4c4a1bSAndreas Gohr * Saves a draft on preview
230ee4c4a1bSAndreas Gohr *
231ee4c4a1bSAndreas Gohr * @todo this currently duplicates code from ajax.php :-/
232ee4c4a1bSAndreas Gohr */
233ee4c4a1bSAndreas Gohrfunction act_draftsave($act){
234ee4c4a1bSAndreas Gohr  global $INFO;
235ee4c4a1bSAndreas Gohr  global $ID;
236ee4c4a1bSAndreas Gohr  global $conf;
237ee4c4a1bSAndreas Gohr  if($conf['usedraft'] && $_POST['wikitext']){
238ee4c4a1bSAndreas Gohr    $draft = array('id'     => $ID,
239ee4c4a1bSAndreas Gohr                   'prefix' => $_POST['prefix'],
240ee4c4a1bSAndreas Gohr                   'text'   => $_POST['wikitext'],
241ee4c4a1bSAndreas Gohr                   'suffix' => $_POST['suffix'],
242ee4c4a1bSAndreas Gohr                   'date'   => $_POST['date'],
243ee4c4a1bSAndreas Gohr                   'client' => $INFO['client'],
244ee4c4a1bSAndreas Gohr                  );
245ee4c4a1bSAndreas Gohr    $cname = getCacheName($draft['client'].$ID,'.draft');
246ee4c4a1bSAndreas Gohr    if(io_saveFile($cname,serialize($draft))){
247ee4c4a1bSAndreas Gohr      $INFO['draft'] = $cname;
248ee4c4a1bSAndreas Gohr    }
249ee4c4a1bSAndreas Gohr  }
250ee4c4a1bSAndreas Gohr  return $act;
251ee4c4a1bSAndreas Gohr}
252ee4c4a1bSAndreas Gohr
253ee4c4a1bSAndreas Gohr/**
2546b13307fSandi * Handle 'save'
2556b13307fSandi *
2566b13307fSandi * Checks for spam and conflicts and saves the page.
2576b13307fSandi * Does a redirect to show the page afterwards or
2586b13307fSandi * returns a new action.
2596b13307fSandi *
2606b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
2616b13307fSandi */
2626b13307fSandifunction act_save($act){
2636b13307fSandi  global $ID;
2646b13307fSandi  global $DATE;
2656b13307fSandi  global $PRE;
2666b13307fSandi  global $TEXT;
2676b13307fSandi  global $SUF;
2686b13307fSandi  global $SUM;
2696b13307fSandi
2706b13307fSandi  //spam check
2716b13307fSandi  if(checkwordblock())
2726b13307fSandi    return 'wordblock';
2736b13307fSandi  //conflict check //FIXME use INFO
2746b13307fSandi  if($DATE != 0 && @filemtime(wikiFN($ID)) > $DATE )
2756b13307fSandi    return 'conflict';
2766b13307fSandi
2776b13307fSandi  //save it
278b6912aeaSAndreas Gohr  saveWikiText($ID,con($PRE,$TEXT,$SUF,1),$SUM,$_REQUEST['minor']); //use pretty mode for con
2796b13307fSandi  //unlock it
2806b13307fSandi  unlock($ID);
2816b13307fSandi
282ee4c4a1bSAndreas Gohr  //delete draft
283ee4c4a1bSAndreas Gohr  act_draftdel($act);
284ee4c4a1bSAndreas Gohr
2856b13307fSandi  //show it
2866b13307fSandi  session_write_close();
2876b13307fSandi  header("Location: ".wl($ID,'',true));
2886b13307fSandi  exit();
2896b13307fSandi}
2906b13307fSandi
2916b13307fSandi/**
292b8957367SBenjamin Gilbert * Handle 'login', 'logout'
2936b13307fSandi *
2946b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
2956b13307fSandi */
2966b13307fSandifunction act_auth($act){
29708eda5bcSmatthiasgrimm  global $ID;
2987cace34dSAndreas Gohr  global $INFO;
29908eda5bcSmatthiasgrimm
3006b13307fSandi  //already logged in?
3016b13307fSandi  if($_SERVER['REMOTE_USER'] && $act=='login')
3026b13307fSandi    return 'show';
3036b13307fSandi
3046b13307fSandi  //handle logout
3056b13307fSandi  if($act=='logout'){
30608eda5bcSmatthiasgrimm    $lockedby = checklock($ID); //page still locked?
307424c3c4fSJohannes Buchner    if($lockedby == $_SERVER['REMOTE_USER'])
30808eda5bcSmatthiasgrimm      unlock($ID); //try to unlock
30908eda5bcSmatthiasgrimm
3107cace34dSAndreas Gohr    // do the logout stuff
3116b13307fSandi    auth_logoff();
3127cace34dSAndreas Gohr
3137cace34dSAndreas Gohr    // rebuild info array
3147cace34dSAndreas Gohr    $INFO = pageinfo();
3157cace34dSAndreas Gohr
3166b13307fSandi    return 'login';
3176b13307fSandi  }
3186b13307fSandi
3196b13307fSandi  return $act;
3206b13307fSandi}
3216b13307fSandi
3226b13307fSandi/**
3236b13307fSandi * Handle 'edit', 'preview'
3246b13307fSandi *
3256b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
3266b13307fSandi */
3276b13307fSandifunction act_edit($act){
328cd409024Sjorda  global $ID;
329ee4c4a1bSAndreas Gohr  global $INFO;
330cd409024Sjorda
3316b13307fSandi  //check if locked by anyone - if not lock for my self
3326b13307fSandi  $lockedby = checklock($ID);
3336b13307fSandi  if($lockedby) return 'locked';
3346b13307fSandi
3356b13307fSandi  lock($ID);
3366b13307fSandi  return $act;
3376b13307fSandi}
3386b13307fSandi
3396b13307fSandi/**
3406b13307fSandi * Handle 'edit', 'preview'
3416b13307fSandi *
3426b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
3436b13307fSandi */
3446b13307fSandifunction act_export($act){
3456b13307fSandi  global $ID;
3466b13307fSandi  global $REV;
3476b13307fSandi
348ac83b9d8Sandi  // no renderer for this
349ac83b9d8Sandi  if($act == 'export_raw'){
350ac83b9d8Sandi    header('Content-Type: text/plain; charset=utf-8');
351ac83b9d8Sandi    print rawWiki($ID,$REV);
352ac83b9d8Sandi    exit;
353ac83b9d8Sandi  }
354ac83b9d8Sandi
355ac83b9d8Sandi  // html export #FIXME what about the template's style?
356ac83b9d8Sandi  if($act == 'export_xhtml'){
35785f8705cSAnika Henke    global $conf;
35885f8705cSAnika Henke    global $lang;
3596b13307fSandi    header('Content-Type: text/html; charset=utf-8');
36085f8705cSAnika Henke    ptln('<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"');
36185f8705cSAnika Henke    ptln(' "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">');
36285f8705cSAnika Henke    ptln('<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="'.$conf['lang'].'"');
36385f8705cSAnika Henke    ptln(' lang="'.$conf['lang'].'" dir="'.$lang['direction'].'">');
3646b13307fSandi    ptln('<head>');
36585f8705cSAnika Henke    ptln('  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />');
36685f8705cSAnika Henke    ptln('  <title>'.$ID.'</title>');
3676b13307fSandi    tpl_metaheaders();
3686b13307fSandi    ptln('</head>');
3696b13307fSandi    ptln('<body>');
3702c5c3308SAndreas Gohr    ptln('<div class="dokuwiki export">');
371ac83b9d8Sandi    print p_wiki_xhtml($ID,$REV,false);
372c771e9edSAnika Henke    ptln('</div>');
3736b13307fSandi    ptln('</body>');
3746b13307fSandi    ptln('</html>');
3756b13307fSandi    exit;
3766b13307fSandi  }
3776b13307fSandi
378cc2ae802SAndreas Gohr  // html body only
379cc2ae802SAndreas Gohr  if($act == 'export_xhtmlbody'){
380cc2ae802SAndreas Gohr    print p_wiki_xhtml($ID,$REV,false);
381cc2ae802SAndreas Gohr    exit;
382cc2ae802SAndreas Gohr  }
383cc2ae802SAndreas Gohr
384ac83b9d8Sandi  // try to run renderer #FIXME use cached instructions
385ac83b9d8Sandi  $mode = substr($act,7);
3869dc2c2afSandi  $text = p_render($mode,p_get_instructions(rawWiki($ID,$REV)),$info);
387ac83b9d8Sandi  if(!is_null($text)){
388ac83b9d8Sandi    print $text;
3896b13307fSandi    exit;
3906b13307fSandi  }
3916b13307fSandi
392ac83b9d8Sandi
393ac83b9d8Sandi
3946b13307fSandi  return 'show';
3956b13307fSandi}
396340756e4Sandi
397b158d625SSteven Danz/**
3981380fc45SAndreas Gohr * Handle 'subscribe', 'unsubscribe'
399b158d625SSteven Danz *
400b158d625SSteven Danz * @author Steven Danz <steven-danz@kc.rr.com>
4011380fc45SAndreas Gohr * @todo   localize
402b158d625SSteven Danz */
4031380fc45SAndreas Gohrfunction act_subscription($act){
404b158d625SSteven Danz  global $ID;
405b158d625SSteven Danz  global $INFO;
406f9eb5648Ssteven-danz  global $lang;
407b158d625SSteven Danz
4081380fc45SAndreas Gohr  $file=metaFN($ID,'.mlist');
4091380fc45SAndreas Gohr  if ($act=='subscribe' && !$INFO['subscribed']){
410b158d625SSteven Danz    if ($INFO['userinfo']['mail']){
4111380fc45SAndreas Gohr      if (io_saveFile($file,$_SERVER['REMOTE_USER']."\n",true)) {
4121380fc45SAndreas Gohr        $INFO['subscribed'] = true;
413f9eb5648Ssteven-danz        msg(sprintf($lang[$act.'_success'], $INFO['userinfo']['name'], $ID),1);
414b158d625SSteven Danz      } else {
415f9eb5648Ssteven-danz        msg(sprintf($lang[$act.'_error'], $INFO['userinfo']['name'], $ID),1);
416b158d625SSteven Danz      }
417b158d625SSteven Danz    } else {
418f9eb5648Ssteven-danz      msg($lang['subscribe_noaddress']);
419b158d625SSteven Danz    }
4201380fc45SAndreas Gohr  } elseif ($act=='unsubscribe' && $INFO['subscribed']){
421b158d625SSteven Danz    if (io_deleteFromFile($file,$_SERVER['REMOTE_USER']."\n")) {
4221380fc45SAndreas Gohr      $INFO['subscribed'] = false;
423f9eb5648Ssteven-danz      msg(sprintf($lang[$act.'_success'], $INFO['userinfo']['name'], $ID),1);
424b158d625SSteven Danz    } else {
425f9eb5648Ssteven-danz      msg(sprintf($lang[$act.'_error'], $INFO['userinfo']['name'], $ID),1);
426b158d625SSteven Danz    }
427b158d625SSteven Danz  }
428b158d625SSteven Danz
429b158d625SSteven Danz  return 'show';
430b158d625SSteven Danz}
431b158d625SSteven Danz
432340756e4Sandi//Setup VIM: ex: et ts=2 enc=utf-8 :
433