16b13307fSandi<?php 26b13307fSandi/** 36b13307fSandi * DokuWiki Actions 46b13307fSandi * 56b13307fSandi * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) 66b13307fSandi * @author Andreas Gohr <andi@splitbrain.org> 76b13307fSandi */ 86b13307fSandi 96b13307fSandi if(!defined('DOKU_INC')) define('DOKU_INC',realpath(dirname(__FILE__).'/../').'/'); 106b13307fSandi require_once(DOKU_INC.'inc/template.php'); 116b13307fSandi 12af182434Sandi 136b13307fSandi/** 146b13307fSandi * Call the needed action handlers 156b13307fSandi * 166b13307fSandi * @author Andreas Gohr <andi@splitbrain.org> 176b13307fSandi */ 186b13307fSandifunction act_dispatch(){ 196b13307fSandi global $INFO; 206b13307fSandi global $ACT; 216b13307fSandi global $ID; 226b13307fSandi global $QUERY; 236b13307fSandi global $lang; 246b13307fSandi global $conf; 256b13307fSandi 26af182434Sandi //sanitize $ACT 27af182434Sandi $ACT = act_clean($ACT); 28af182434Sandi 29b8957367SBenjamin Gilbert //check if searchword was given - else just show 30b8957367SBenjamin Gilbert if($ACT == 'search' && empty($QUERY)){ 31b8957367SBenjamin Gilbert $ACT = 'show'; 32b8957367SBenjamin Gilbert } 33b8957367SBenjamin Gilbert 34b8957367SBenjamin Gilbert //login stuff 35b8957367SBenjamin Gilbert if(in_array($ACT,array('login','logout'))) 36b8957367SBenjamin Gilbert $ACT = act_auth($ACT); 37b8957367SBenjamin Gilbert 38*1380fc45SAndreas Gohr //check if user is asking to (un)subscribe a page 39*1380fc45SAndreas Gohr if($ACT == 'subscribe' || $ACT == 'unsubscribe') 40*1380fc45SAndreas Gohr $ACT = act_subscription($ACT); 41b158d625SSteven Danz 426b13307fSandi //check permissions 436b13307fSandi $ACT = act_permcheck($ACT); 446b13307fSandi 45b8957367SBenjamin Gilbert //register 46b8957367SBenjamin Gilbert if($ACT == 'register' && register()){ 47b8957367SBenjamin Gilbert $ACT = 'login'; 48b8957367SBenjamin Gilbert } 496b13307fSandi 506b13307fSandi //save 516b13307fSandi if($ACT == 'save') 526b13307fSandi $ACT = act_save($ACT); 536b13307fSandi 546b13307fSandi //edit 55b146b32bSandi if(($ACT == 'edit' || $ACT == 'preview') && $INFO['editable']){ 56af182434Sandi $ACT = act_edit($ACT); 576b13307fSandi }else{ 586b13307fSandi unlock($ID); //try to unlock 596b13307fSandi } 606b13307fSandi 616b13307fSandi //handle export 62ac83b9d8Sandi if(substr($ACT,0,7) == 'export_') 636b13307fSandi $ACT = act_export($ACT); 646b13307fSandi 656b13307fSandi //display some infos 666b13307fSandi if($ACT == 'check'){ 676b13307fSandi check(); 686b13307fSandi $ACT = 'show'; 696b13307fSandi } 706b13307fSandi 71c19fe9c0Sandi //handle admin tasks 72c19fe9c0Sandi if($ACT == 'admin'){ 73c19fe9c0Sandi if($_REQUEST['page'] == 'acl'){ 74c19fe9c0Sandi require_once(DOKU_INC.'inc/admin_acl.php'); 75c19fe9c0Sandi admin_acl_handler(); 76c19fe9c0Sandi } 77c19fe9c0Sandi } 78c19fe9c0Sandi 796b13307fSandi //call template FIXME: all needed vars available? 806b13307fSandi header('Content-Type: text/html; charset=utf-8'); 815a892029SAndreas Gohr include(template('main.php')); 82c19fe9c0Sandi // output for the commands is now handled in inc/templates.php 83c19fe9c0Sandi // in function tpl_content() 846b13307fSandi} 856b13307fSandi 866b13307fSandi/** 87af182434Sandi * Sanitize the action command 88af182434Sandi * 89af182434Sandi * Add all allowed commands here. 90af182434Sandi * 91af182434Sandi * @author Andreas Gohr <andi@splitbrain.org> 92af182434Sandi */ 93af182434Sandifunction act_clean($act){ 94af182434Sandi global $lang; 95af182434Sandi 96cf81b04aSandi //handle localized buttons 97cf81b04aSandi if($act == $lang['btn_save']) $act = 'save'; 98cf81b04aSandi if($act == $lang['btn_preview']) $act = 'preview'; 99cf81b04aSandi if($act == $lang['btn_cancel']) $act = 'show'; 100cf81b04aSandi 101ac83b9d8Sandi //remove all bad chars 102ac83b9d8Sandi $act = strtolower($act); 103ac83b9d8Sandi $act = preg_replace('/[^a-z_]+/','',$act); 104ac83b9d8Sandi 105ac83b9d8Sandi if($act == 'export_html') $act = 'export_xhtml'; 106b146b32bSandi 1072f597e0eSandi if(array_search($act,array('login','logout','register','save','edit', 108ac83b9d8Sandi 'preview','search','show','check','index','revisions', 109*1380fc45SAndreas Gohr 'diff','recent','backlink','admin','subscribe', 110*1380fc45SAndreas Gohr 'unsubscribe',)) === false 111ac83b9d8Sandi && substr($act,0,7) != 'export_' ) { 112b146b32bSandi msg('Unknown command: '.htmlspecialchars($act),-1); 113af182434Sandi return 'show'; 114af182434Sandi } 115af182434Sandi return $act; 116af182434Sandi} 117af182434Sandi 118af182434Sandi/** 1196b13307fSandi * Run permissionchecks 1206b13307fSandi * 1216b13307fSandi * @author Andreas Gohr <andi@splitbrain.org> 1226b13307fSandi */ 1236b13307fSandifunction act_permcheck($act){ 124dbbc6aa7Sandi global $INFO; 1255e199953Smatthiasgrimm global $conf; 126dbbc6aa7Sandi 1276b13307fSandi if(in_array($act,array('save','preview','edit'))){ 1286b13307fSandi if($INFO['exists']){ 129bdbc16bfSandi if($act == 'edit'){ 130bdbc16bfSandi //the edit function will check again and do a source show 131bdbc16bfSandi //when no AUTH_EDIT available 132bdbc16bfSandi $permneed = AUTH_READ; 133bdbc16bfSandi }else{ 1346b13307fSandi $permneed = AUTH_EDIT; 135bdbc16bfSandi } 1366b13307fSandi }else{ 1376b13307fSandi $permneed = AUTH_CREATE; 1386b13307fSandi } 1395e199953Smatthiasgrimm }elseif(in_array($act,array('login','search','recent'))){ 1406b13307fSandi $permneed = AUTH_NONE; 1415e199953Smatthiasgrimm }elseif($act == 'register'){ 142e1fcbe1eSandi if ($conf['openregister']){ 1435e199953Smatthiasgrimm $permneed = AUTH_NONE; 144e1fcbe1eSandi }else{ 145e1fcbe1eSandi $permneed = AUTH_ADMIN; 146e1fcbe1eSandi } 147c19fe9c0Sandi }elseif($act == 'admin'){ 148c19fe9c0Sandi $permneed = AUTH_ADMIN; 1496b13307fSandi }else{ 1506b13307fSandi $permneed = AUTH_READ; 1516b13307fSandi } 152dbbc6aa7Sandi if($INFO['perm'] >= $permneed) return $act; 153dbbc6aa7Sandi 1546b13307fSandi return 'denied'; 1556b13307fSandi} 1566b13307fSandi 1576b13307fSandi/** 1586b13307fSandi * Handle 'save' 1596b13307fSandi * 1606b13307fSandi * Checks for spam and conflicts and saves the page. 1616b13307fSandi * Does a redirect to show the page afterwards or 1626b13307fSandi * returns a new action. 1636b13307fSandi * 1646b13307fSandi * @author Andreas Gohr <andi@splitbrain.org> 1656b13307fSandi */ 1666b13307fSandifunction act_save($act){ 1676b13307fSandi global $ID; 1686b13307fSandi global $DATE; 1696b13307fSandi global $PRE; 1706b13307fSandi global $TEXT; 1716b13307fSandi global $SUF; 1726b13307fSandi global $SUM; 1736b13307fSandi 1746b13307fSandi //spam check 1756b13307fSandi if(checkwordblock()) 1766b13307fSandi return 'wordblock'; 1776b13307fSandi //conflict check //FIXME use INFO 1786b13307fSandi if($DATE != 0 && @filemtime(wikiFN($ID)) > $DATE ) 1796b13307fSandi return 'conflict'; 1806b13307fSandi 1816b13307fSandi //save it 1826b13307fSandi saveWikiText($ID,con($PRE,$TEXT,$SUF,1),$SUM); //use pretty mode for con 1836b13307fSandi //unlock it 1846b13307fSandi unlock($ID); 1856b13307fSandi 1866b13307fSandi //show it 1876b13307fSandi session_write_close(); 1886b13307fSandi header("Location: ".wl($ID,'',true)); 1896b13307fSandi exit(); 1906b13307fSandi} 1916b13307fSandi 1926b13307fSandi/** 193b8957367SBenjamin Gilbert * Handle 'login', 'logout' 1946b13307fSandi * 1956b13307fSandi * @author Andreas Gohr <andi@splitbrain.org> 1966b13307fSandi */ 1976b13307fSandifunction act_auth($act){ 19808eda5bcSmatthiasgrimm global $ID; 19908eda5bcSmatthiasgrimm 2006b13307fSandi //already logged in? 2016b13307fSandi if($_SERVER['REMOTE_USER'] && $act=='login') 2026b13307fSandi return 'show'; 2036b13307fSandi 2046b13307fSandi //handle logout 2056b13307fSandi if($act=='logout'){ 20608eda5bcSmatthiasgrimm $lockedby = checklock($ID); //page still locked? 207424c3c4fSJohannes Buchner if($lockedby == $_SERVER['REMOTE_USER']) 20808eda5bcSmatthiasgrimm unlock($ID); //try to unlock 20908eda5bcSmatthiasgrimm 2106b13307fSandi auth_logoff(); 2116b13307fSandi return 'login'; 2126b13307fSandi } 2136b13307fSandi 2146b13307fSandi return $act; 2156b13307fSandi} 2166b13307fSandi 2176b13307fSandi/** 2186b13307fSandi * Handle 'edit', 'preview' 2196b13307fSandi * 2206b13307fSandi * @author Andreas Gohr <andi@splitbrain.org> 2216b13307fSandi */ 2226b13307fSandifunction act_edit($act){ 223cd409024Sjorda global $ID; 224cd409024Sjorda 2256b13307fSandi //check if locked by anyone - if not lock for my self 2266b13307fSandi $lockedby = checklock($ID); 2276b13307fSandi if($lockedby) return 'locked'; 2286b13307fSandi 2296b13307fSandi lock($ID); 2306b13307fSandi return $act; 2316b13307fSandi} 2326b13307fSandi 2336b13307fSandi/** 2346b13307fSandi * Handle 'edit', 'preview' 2356b13307fSandi * 2366b13307fSandi * @author Andreas Gohr <andi@splitbrain.org> 2376b13307fSandi */ 2386b13307fSandifunction act_export($act){ 2396b13307fSandi global $ID; 2406b13307fSandi global $REV; 2416b13307fSandi 242ac83b9d8Sandi // no renderer for this 243ac83b9d8Sandi if($act == 'export_raw'){ 244ac83b9d8Sandi header('Content-Type: text/plain; charset=utf-8'); 245ac83b9d8Sandi print rawWiki($ID,$REV); 246ac83b9d8Sandi exit; 247ac83b9d8Sandi } 248ac83b9d8Sandi 249ac83b9d8Sandi // html export #FIXME what about the template's style? 250ac83b9d8Sandi if($act == 'export_xhtml'){ 2516b13307fSandi header('Content-Type: text/html; charset=utf-8'); 2526b13307fSandi ptln('<html>'); 2536b13307fSandi ptln('<head>'); 2546b13307fSandi tpl_metaheaders(); 2556b13307fSandi ptln('</head>'); 2566b13307fSandi ptln('<body>'); 257ac83b9d8Sandi print p_wiki_xhtml($ID,$REV,false); 2586b13307fSandi ptln('</body>'); 2596b13307fSandi ptln('</html>'); 2606b13307fSandi exit; 2616b13307fSandi } 2626b13307fSandi 263ac83b9d8Sandi // try to run renderer #FIXME use cached instructions 264ac83b9d8Sandi $mode = substr($act,7); 2659dc2c2afSandi $text = p_render($mode,p_get_instructions(rawWiki($ID,$REV)),$info); 266ac83b9d8Sandi if(!is_null($text)){ 267ac83b9d8Sandi print $text; 2686b13307fSandi exit; 2696b13307fSandi } 2706b13307fSandi 271ac83b9d8Sandi 272ac83b9d8Sandi 2736b13307fSandi return 'show'; 2746b13307fSandi} 275340756e4Sandi 276b158d625SSteven Danz/** 277*1380fc45SAndreas Gohr * Handle 'subscribe', 'unsubscribe' 278b158d625SSteven Danz * 279b158d625SSteven Danz * @author Steven Danz <steven-danz@kc.rr.com> 280*1380fc45SAndreas Gohr * @todo localize 281b158d625SSteven Danz */ 282*1380fc45SAndreas Gohrfunction act_subscription($act){ 283b158d625SSteven Danz global $ID; 284b158d625SSteven Danz global $INFO; 285b158d625SSteven Danz 286*1380fc45SAndreas Gohr $file=metaFN($ID,'.mlist'); 287*1380fc45SAndreas Gohr if ($act=='subscribe' && !$INFO['subscribed']){ 288b158d625SSteven Danz if ($INFO['userinfo']['mail']){ 289*1380fc45SAndreas Gohr if (io_saveFile($file,$_SERVER['REMOTE_USER']."\n",true)) { 290*1380fc45SAndreas Gohr $INFO['subscribed'] = true; 291*1380fc45SAndreas Gohr msg('Added '.$INFO['userinfo']['name'].' to subscription list for '.$ID,1); 292b158d625SSteven Danz } else { 293*1380fc45SAndreas Gohr msg('Error adding '.$INFO['userinfo']['name'].' to subscription list for '.$ID,-1); 294b158d625SSteven Danz } 295b158d625SSteven Danz } else { 296*1380fc45SAndreas Gohr msg('There is no address associated with your login, you cannot be added to the subscription list',-1); 297b158d625SSteven Danz } 298*1380fc45SAndreas Gohr } elseif ($act=='unsubscribe' && $INFO['subscribed']){ 299b158d625SSteven Danz if (io_deleteFromFile($file,$_SERVER['REMOTE_USER']."\n")) { 300*1380fc45SAndreas Gohr $INFO['subscribed'] = false; 301*1380fc45SAndreas Gohr msg('Removed '.$INFO['userinfo']['name'].' from subscription list for '.$ID,1); 302b158d625SSteven Danz } else { 303*1380fc45SAndreas Gohr msg('Error removing '.$INFO['userinfo']['name'].' from subscription list for '.$ID,-1); 304b158d625SSteven Danz } 305b158d625SSteven Danz } 306b158d625SSteven Danz 307b158d625SSteven Danz return 'show'; 308b158d625SSteven Danz} 309b158d625SSteven Danz 310340756e4Sandi 311340756e4Sandi//Setup VIM: ex: et ts=2 enc=utf-8 : 312