xref: /dokuwiki/inc/actions.php (revision 18829381465e518a65e285578ee67a3daf88de98) 
16b13307fSandi<?php
26b13307fSandi/**
36b13307fSandi * DokuWiki Actions
46b13307fSandi *
56b13307fSandi * @license    GPL 2 (http://www.gnu.org/licenses/gpl.html)
66b13307fSandi * @author     Andreas Gohr <andi@splitbrain.org>
76b13307fSandi */
86b13307fSandi
96b13307fSandi  if(!defined('DOKU_INC')) define('DOKU_INC',realpath(dirname(__FILE__).'/../').'/');
106b13307fSandi  require_once(DOKU_INC.'inc/template.php');
116b13307fSandi
12af182434Sandi
136b13307fSandi/**
146b13307fSandi * Call the needed action handlers
156b13307fSandi *
166b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
176b13307fSandi */
186b13307fSandifunction act_dispatch(){
196b13307fSandi  global $INFO;
206b13307fSandi  global $ACT;
216b13307fSandi  global $ID;
226b13307fSandi  global $QUERY;
236b13307fSandi  global $lang;
246b13307fSandi  global $conf;
256b13307fSandi
26c2e830f2Schris  // give plugins an opportunity to process the action
2724bb549bSchris  $evt = new Doku_Event('ACTION_ACT_PREPROCESS',$ACT);
2824bb549bSchris  if ($evt->advise_before()) {
29c2e830f2Schris
30af182434Sandi    //sanitize $ACT
31af182434Sandi    $ACT = act_clean($ACT);
32af182434Sandi
33b8957367SBenjamin Gilbert    //check if searchword was given - else just show
340868021bSAndreas Gohr    $s = cleanID($QUERY);
350868021bSAndreas Gohr    if($ACT == 'search' && empty($s)){
36b8957367SBenjamin Gilbert      $ACT = 'show';
37b8957367SBenjamin Gilbert    }
38b8957367SBenjamin Gilbert
39b8957367SBenjamin Gilbert    //login stuff
40b8957367SBenjamin Gilbert    if(in_array($ACT,array('login','logout')))
41b8957367SBenjamin Gilbert      $ACT = act_auth($ACT);
42b8957367SBenjamin Gilbert
431380fc45SAndreas Gohr    //check if user is asking to (un)subscribe a page
441380fc45SAndreas Gohr    if($ACT == 'subscribe' || $ACT == 'unsubscribe')
451380fc45SAndreas Gohr      $ACT = act_subscription($ACT);
46b158d625SSteven Danz
476b13307fSandi    //check permissions
486b13307fSandi    $ACT = act_permcheck($ACT);
496b13307fSandi
50b8957367SBenjamin Gilbert    //register
51b8957367SBenjamin Gilbert    if($ACT == 'register' && register()){
52b8957367SBenjamin Gilbert      $ACT = 'login';
53b8957367SBenjamin Gilbert    }
546b13307fSandi
558b06d178Schris    if ($ACT == 'resendpwd' && act_resendpwd()) {
568b06d178Schris      $ACT = 'login';
578b06d178Schris    }
588b06d178Schris
598b06d178Schris    //update user profile
608b06d178Schris    if (($ACT == 'profile') && updateprofile()) {
614cb79657SMatthias Grimm      msg($lang['profchanged'],1);
624cb79657SMatthias Grimm      $ACT = 'show';
638b06d178Schris    }
648b06d178Schris
656b13307fSandi    //save
666b13307fSandi    if($ACT == 'save')
676b13307fSandi      $ACT = act_save($ACT);
686b13307fSandi
69ee4c4a1bSAndreas Gohr    //draft deletion
70ee4c4a1bSAndreas Gohr    if($ACT == 'draftdel')
71ee4c4a1bSAndreas Gohr      $ACT = act_draftdel($ACT);
72ee4c4a1bSAndreas Gohr
73ee4c4a1bSAndreas Gohr    //draft saving on preview
74ee4c4a1bSAndreas Gohr    if($ACT == 'preview')
75ee4c4a1bSAndreas Gohr      $ACT = act_draftsave($ACT);
76ee4c4a1bSAndreas Gohr
776b13307fSandi    //edit
78b146b32bSandi    if(($ACT == 'edit' || $ACT == 'preview') && $INFO['editable']){
79af182434Sandi      $ACT = act_edit($ACT);
806b13307fSandi    }else{
816b13307fSandi      unlock($ID); //try to unlock
826b13307fSandi    }
836b13307fSandi
846b13307fSandi    //handle export
85ac83b9d8Sandi    if(substr($ACT,0,7) == 'export_')
866b13307fSandi      $ACT = act_export($ACT);
876b13307fSandi
886b13307fSandi    //display some infos
896b13307fSandi    if($ACT == 'check'){
906b13307fSandi      check();
916b13307fSandi      $ACT = 'show';
926b13307fSandi    }
936b13307fSandi
94c19fe9c0Sandi    //handle admin tasks
95c19fe9c0Sandi    if($ACT == 'admin'){
9611e2ce22Schris      // retrieve admin plugin name from $_REQUEST['page']
97bb4866bdSchris      if (!empty($_REQUEST['page'])) {
9811e2ce22Schris          $pluginlist = plugin_list('admin');
9911e2ce22Schris          if (in_array($_REQUEST['page'], $pluginlist)) {
10011e2ce22Schris            // attempt to load the plugin
10111e2ce22Schris            if ($plugin =& plugin_load('admin',$_REQUEST['page']) !== NULL)
10211e2ce22Schris                $plugin->handle();
10311e2ce22Schris          }
10411e2ce22Schris      }
105c19fe9c0Sandi    }
1065f312bacSAndreas Gohr
1075f312bacSAndreas Gohr    // check permissions again - the action may have changed
1085f312bacSAndreas Gohr    $ACT = act_permcheck($ACT);
10924bb549bSchris  }  // end event ACTION_ACT_PREPROCESS default action
11024bb549bSchris  $evt->advise_after();
11124bb549bSchris  unset($evt);
112c19fe9c0Sandi
1135f312bacSAndreas Gohr
1146b13307fSandi  //call template FIXME: all needed vars available?
115f63a2007Schris  $headers[] = 'Content-Type: text/html; charset=utf-8';
116746855cfSBen Coburn  trigger_event('ACTION_HEADERS_SEND',$headers,'act_sendheaders');
117f63a2007Schris
1185a892029SAndreas Gohr  include(template('main.php'));
119c19fe9c0Sandi  // output for the commands is now handled in inc/templates.php
120c19fe9c0Sandi  // in function tpl_content()
1216b13307fSandi}
1226b13307fSandi
123f63a2007Schrisfunction act_sendheaders($headers) {
124f63a2007Schris  foreach ($headers as $hdr) header($hdr);
125f63a2007Schris}
126f63a2007Schris
1276b13307fSandi/**
128af182434Sandi * Sanitize the action command
129af182434Sandi *
130af182434Sandi * Add all allowed commands here.
131af182434Sandi *
132af182434Sandi * @author Andreas Gohr <andi@splitbrain.org>
133af182434Sandi */
134af182434Sandifunction act_clean($act){
135af182434Sandi  global $lang;
13660e6b550SAndreas Gohr  global $conf;
137af182434Sandi
138ee4c4a1bSAndreas Gohr  // check if the action was given as array key
139ee4c4a1bSAndreas Gohr  if(is_array($act)){
140ee4c4a1bSAndreas Gohr    list($act) = array_keys($act);
141ee4c4a1bSAndreas Gohr  }
142ee4c4a1bSAndreas Gohr
143ac83b9d8Sandi  //remove all bad chars
144ac83b9d8Sandi  $act = strtolower($act);
145ac83b9d8Sandi  $act = preg_replace('/[^a-z_]+/','',$act);
146ac83b9d8Sandi
147ac83b9d8Sandi  if($act == 'export_html') $act = 'export_xhtml';
148cc2ae802SAndreas Gohr  if($act == 'export_htmlbody') $act = 'export_xhtmlbody';
149b146b32bSandi
150409d7af7SAndreas Gohr  // check if action is disabled
151409d7af7SAndreas Gohr  if(!actionOK($act)){
152409d7af7SAndreas Gohr    msg('Command disabled: '.htmlspecialchars($act),-1);
153409d7af7SAndreas Gohr    return 'show';
154409d7af7SAndreas Gohr  }
155409d7af7SAndreas Gohr
15660e6b550SAndreas Gohr  //disable all acl related commands if ACL is disabled
15760e6b550SAndreas Gohr  if(!$conf['useacl'] && in_array($act,array('login','logout','register','admin',
15860e6b550SAndreas Gohr                                             'subscribe','unsubscribe','profile',
15960e6b550SAndreas Gohr                                             'resendpwd',))){
16060e6b550SAndreas Gohr    msg('Command unavailable: '.htmlspecialchars($act),-1);
16160e6b550SAndreas Gohr    return 'show';
16260e6b550SAndreas Gohr  }
16360e6b550SAndreas Gohr
164ee4c4a1bSAndreas Gohr  if(!in_array($act,array('login','logout','register','save','edit','draft',
165ac83b9d8Sandi                          'preview','search','show','check','index','revisions',
1661380fc45SAndreas Gohr                          'diff','recent','backlink','admin','subscribe',
167*18829381SAndreas Gohr                          'unsubscribe','profile','resendpwd','recover','wordblock',
168ee4c4a1bSAndreas Gohr                          'draftdel',)) && substr($act,0,7) != 'export_' ) {
169ee4c4a1bSAndreas Gohr    msg('Command unknown: '.htmlspecialchars($act),-1);
170af182434Sandi    return 'show';
171af182434Sandi  }
172af182434Sandi  return $act;
173af182434Sandi}
174af182434Sandi
175af182434Sandi/**
1766b13307fSandi * Run permissionchecks
1776b13307fSandi *
1786b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
1796b13307fSandi */
1806b13307fSandifunction act_permcheck($act){
181dbbc6aa7Sandi  global $INFO;
1825e199953Smatthiasgrimm  global $conf;
183dbbc6aa7Sandi
184ee4c4a1bSAndreas Gohr  if(in_array($act,array('save','preview','edit','recover'))){
1856b13307fSandi    if($INFO['exists']){
186bdbc16bfSandi      if($act == 'edit'){
187bdbc16bfSandi        //the edit function will check again and do a source show
188bdbc16bfSandi        //when no AUTH_EDIT available
189bdbc16bfSandi        $permneed = AUTH_READ;
190bdbc16bfSandi      }else{
1916b13307fSandi        $permneed = AUTH_EDIT;
192bdbc16bfSandi      }
1936b13307fSandi    }else{
1946b13307fSandi      $permneed = AUTH_CREATE;
1956b13307fSandi    }
1968b06d178Schris  }elseif(in_array($act,array('login','search','recent','profile'))){
1976b13307fSandi    $permneed = AUTH_NONE;
1985e199953Smatthiasgrimm  }elseif($act == 'register'){
1995e199953Smatthiasgrimm    $permneed = AUTH_NONE;
200ebd3d9ceSchris  }elseif($act == 'resendpwd'){
201ebd3d9ceSchris    $permneed = AUTH_NONE;
202c19fe9c0Sandi  }elseif($act == 'admin'){
203c19fe9c0Sandi    $permneed = AUTH_ADMIN;
2046b13307fSandi  }else{
2056b13307fSandi    $permneed = AUTH_READ;
2066b13307fSandi  }
207dbbc6aa7Sandi  if($INFO['perm'] >= $permneed) return $act;
208dbbc6aa7Sandi
2096b13307fSandi  return 'denied';
2106b13307fSandi}
2116b13307fSandi
2126b13307fSandi/**
213ee4c4a1bSAndreas Gohr * Handle 'draftdel'
214ee4c4a1bSAndreas Gohr *
215ee4c4a1bSAndreas Gohr * Deletes the draft for the current page and user
216ee4c4a1bSAndreas Gohr */
217ee4c4a1bSAndreas Gohrfunction act_draftdel($act){
218ee4c4a1bSAndreas Gohr  global $INFO;
219ee4c4a1bSAndreas Gohr  @unlink($INFO['draft']);
220ee4c4a1bSAndreas Gohr  $INFO['draft'] = null;
221ee4c4a1bSAndreas Gohr  return 'show';
222ee4c4a1bSAndreas Gohr}
223ee4c4a1bSAndreas Gohr
224ee4c4a1bSAndreas Gohr/**
225ee4c4a1bSAndreas Gohr * Saves a draft on preview
226ee4c4a1bSAndreas Gohr *
227ee4c4a1bSAndreas Gohr * @todo this currently duplicates code from ajax.php :-/
228ee4c4a1bSAndreas Gohr */
229ee4c4a1bSAndreas Gohrfunction act_draftsave($act){
230ee4c4a1bSAndreas Gohr  global $INFO;
231ee4c4a1bSAndreas Gohr  global $ID;
232ee4c4a1bSAndreas Gohr  global $conf;
233ee4c4a1bSAndreas Gohr  if($conf['usedraft'] && $_POST['wikitext']){
234ee4c4a1bSAndreas Gohr    $draft = array('id'     => $ID,
235ee4c4a1bSAndreas Gohr                   'prefix' => $_POST['prefix'],
236ee4c4a1bSAndreas Gohr                   'text'   => $_POST['wikitext'],
237ee4c4a1bSAndreas Gohr                   'suffix' => $_POST['suffix'],
238ee4c4a1bSAndreas Gohr                   'date'   => $_POST['date'],
239ee4c4a1bSAndreas Gohr                   'client' => $INFO['client'],
240ee4c4a1bSAndreas Gohr                  );
241ee4c4a1bSAndreas Gohr    $cname = getCacheName($draft['client'].$ID,'.draft');
242ee4c4a1bSAndreas Gohr    if(io_saveFile($cname,serialize($draft))){
243ee4c4a1bSAndreas Gohr      $INFO['draft'] = $cname;
244ee4c4a1bSAndreas Gohr    }
245ee4c4a1bSAndreas Gohr  }
246ee4c4a1bSAndreas Gohr  return $act;
247ee4c4a1bSAndreas Gohr}
248ee4c4a1bSAndreas Gohr
249ee4c4a1bSAndreas Gohr/**
2506b13307fSandi * Handle 'save'
2516b13307fSandi *
2526b13307fSandi * Checks for spam and conflicts and saves the page.
2536b13307fSandi * Does a redirect to show the page afterwards or
2546b13307fSandi * returns a new action.
2556b13307fSandi *
2566b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
2576b13307fSandi */
2586b13307fSandifunction act_save($act){
2596b13307fSandi  global $ID;
2606b13307fSandi  global $DATE;
2616b13307fSandi  global $PRE;
2626b13307fSandi  global $TEXT;
2636b13307fSandi  global $SUF;
2646b13307fSandi  global $SUM;
2656b13307fSandi
2666b13307fSandi  //spam check
2676b13307fSandi  if(checkwordblock())
2686b13307fSandi    return 'wordblock';
2696b13307fSandi  //conflict check //FIXME use INFO
2706b13307fSandi  if($DATE != 0 && @filemtime(wikiFN($ID)) > $DATE )
2716b13307fSandi    return 'conflict';
2726b13307fSandi
2736b13307fSandi  //save it
274b6912aeaSAndreas Gohr  saveWikiText($ID,con($PRE,$TEXT,$SUF,1),$SUM,$_REQUEST['minor']); //use pretty mode for con
2756b13307fSandi  //unlock it
2766b13307fSandi  unlock($ID);
2776b13307fSandi
278ee4c4a1bSAndreas Gohr  //delete draft
279ee4c4a1bSAndreas Gohr  act_draftdel($act);
280ee4c4a1bSAndreas Gohr
2816b13307fSandi  //show it
2826b13307fSandi  session_write_close();
2836b13307fSandi  header("Location: ".wl($ID,'',true));
2846b13307fSandi  exit();
2856b13307fSandi}
2866b13307fSandi
2876b13307fSandi/**
288b8957367SBenjamin Gilbert * Handle 'login', 'logout'
2896b13307fSandi *
2906b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
2916b13307fSandi */
2926b13307fSandifunction act_auth($act){
29308eda5bcSmatthiasgrimm  global $ID;
2947cace34dSAndreas Gohr  global $INFO;
29508eda5bcSmatthiasgrimm
2966b13307fSandi  //already logged in?
2976b13307fSandi  if($_SERVER['REMOTE_USER'] && $act=='login')
2986b13307fSandi    return 'show';
2996b13307fSandi
3006b13307fSandi  //handle logout
3016b13307fSandi  if($act=='logout'){
30208eda5bcSmatthiasgrimm    $lockedby = checklock($ID); //page still locked?
303424c3c4fSJohannes Buchner    if($lockedby == $_SERVER['REMOTE_USER'])
30408eda5bcSmatthiasgrimm      unlock($ID); //try to unlock
30508eda5bcSmatthiasgrimm
3067cace34dSAndreas Gohr    // do the logout stuff
3076b13307fSandi    auth_logoff();
3087cace34dSAndreas Gohr
3097cace34dSAndreas Gohr    // rebuild info array
3107cace34dSAndreas Gohr    $INFO = pageinfo();
3117cace34dSAndreas Gohr
3126b13307fSandi    return 'login';
3136b13307fSandi  }
3146b13307fSandi
3156b13307fSandi  return $act;
3166b13307fSandi}
3176b13307fSandi
3186b13307fSandi/**
3196b13307fSandi * Handle 'edit', 'preview'
3206b13307fSandi *
3216b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
3226b13307fSandi */
3236b13307fSandifunction act_edit($act){
324cd409024Sjorda  global $ID;
325ee4c4a1bSAndreas Gohr  global $INFO;
326cd409024Sjorda
3276b13307fSandi  //check if locked by anyone - if not lock for my self
3286b13307fSandi  $lockedby = checklock($ID);
3296b13307fSandi  if($lockedby) return 'locked';
3306b13307fSandi
3316b13307fSandi  lock($ID);
3326b13307fSandi  return $act;
3336b13307fSandi}
3346b13307fSandi
3356b13307fSandi/**
3366b13307fSandi * Handle 'edit', 'preview'
3376b13307fSandi *
3386b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
3396b13307fSandi */
3406b13307fSandifunction act_export($act){
3416b13307fSandi  global $ID;
3426b13307fSandi  global $REV;
3436b13307fSandi
344ac83b9d8Sandi  // no renderer for this
345ac83b9d8Sandi  if($act == 'export_raw'){
346ac83b9d8Sandi    header('Content-Type: text/plain; charset=utf-8');
347ac83b9d8Sandi    print rawWiki($ID,$REV);
348ac83b9d8Sandi    exit;
349ac83b9d8Sandi  }
350ac83b9d8Sandi
351ac83b9d8Sandi  // html export #FIXME what about the template's style?
352ac83b9d8Sandi  if($act == 'export_xhtml'){
35385f8705cSAnika Henke    global $conf;
35485f8705cSAnika Henke    global $lang;
3556b13307fSandi    header('Content-Type: text/html; charset=utf-8');
35685f8705cSAnika Henke    ptln('<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"');
35785f8705cSAnika Henke    ptln(' "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">');
35885f8705cSAnika Henke    ptln('<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="'.$conf['lang'].'"');
35985f8705cSAnika Henke    ptln(' lang="'.$conf['lang'].'" dir="'.$lang['direction'].'">');
3606b13307fSandi    ptln('<head>');
36185f8705cSAnika Henke    ptln('  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />');
36285f8705cSAnika Henke    ptln('  <title>'.$ID.'</title>');
3636b13307fSandi    tpl_metaheaders();
3646b13307fSandi    ptln('</head>');
3656b13307fSandi    ptln('<body>');
3662c5c3308SAndreas Gohr    ptln('<div class="dokuwiki export">');
367ac83b9d8Sandi    print p_wiki_xhtml($ID,$REV,false);
368c771e9edSAnika Henke    ptln('</div>');
3696b13307fSandi    ptln('</body>');
3706b13307fSandi    ptln('</html>');
3716b13307fSandi    exit;
3726b13307fSandi  }
3736b13307fSandi
374cc2ae802SAndreas Gohr  // html body only
375cc2ae802SAndreas Gohr  if($act == 'export_xhtmlbody'){
376cc2ae802SAndreas Gohr    print p_wiki_xhtml($ID,$REV,false);
377cc2ae802SAndreas Gohr    exit;
378cc2ae802SAndreas Gohr  }
379cc2ae802SAndreas Gohr
380ac83b9d8Sandi  // try to run renderer #FIXME use cached instructions
381ac83b9d8Sandi  $mode = substr($act,7);
3829dc2c2afSandi  $text = p_render($mode,p_get_instructions(rawWiki($ID,$REV)),$info);
383ac83b9d8Sandi  if(!is_null($text)){
384ac83b9d8Sandi    print $text;
3856b13307fSandi    exit;
3866b13307fSandi  }
3876b13307fSandi
388ac83b9d8Sandi
389ac83b9d8Sandi
3906b13307fSandi  return 'show';
3916b13307fSandi}
392340756e4Sandi
393b158d625SSteven Danz/**
3941380fc45SAndreas Gohr * Handle 'subscribe', 'unsubscribe'
395b158d625SSteven Danz *
396b158d625SSteven Danz * @author Steven Danz <steven-danz@kc.rr.com>
3971380fc45SAndreas Gohr * @todo   localize
398b158d625SSteven Danz */
3991380fc45SAndreas Gohrfunction act_subscription($act){
400b158d625SSteven Danz  global $ID;
401b158d625SSteven Danz  global $INFO;
402f9eb5648Ssteven-danz  global $lang;
403b158d625SSteven Danz
4041380fc45SAndreas Gohr  $file=metaFN($ID,'.mlist');
4051380fc45SAndreas Gohr  if ($act=='subscribe' && !$INFO['subscribed']){
406b158d625SSteven Danz    if ($INFO['userinfo']['mail']){
4071380fc45SAndreas Gohr      if (io_saveFile($file,$_SERVER['REMOTE_USER']."\n",true)) {
4081380fc45SAndreas Gohr        $INFO['subscribed'] = true;
409f9eb5648Ssteven-danz        msg(sprintf($lang[$act.'_success'], $INFO['userinfo']['name'], $ID),1);
410b158d625SSteven Danz      } else {
411f9eb5648Ssteven-danz        msg(sprintf($lang[$act.'_error'], $INFO['userinfo']['name'], $ID),1);
412b158d625SSteven Danz      }
413b158d625SSteven Danz    } else {
414f9eb5648Ssteven-danz      msg($lang['subscribe_noaddress']);
415b158d625SSteven Danz    }
4161380fc45SAndreas Gohr  } elseif ($act=='unsubscribe' && $INFO['subscribed']){
417b158d625SSteven Danz    if (io_deleteFromFile($file,$_SERVER['REMOTE_USER']."\n")) {
4181380fc45SAndreas Gohr      $INFO['subscribed'] = false;
419f9eb5648Ssteven-danz      msg(sprintf($lang[$act.'_success'], $INFO['userinfo']['name'], $ID),1);
420b158d625SSteven Danz    } else {
421f9eb5648Ssteven-danz      msg(sprintf($lang[$act.'_error'], $INFO['userinfo']['name'], $ID),1);
422b158d625SSteven Danz    }
423b158d625SSteven Danz  }
424b158d625SSteven Danz
425b158d625SSteven Danz  return 'show';
426b158d625SSteven Danz}
427b158d625SSteven Danz
428340756e4Sandi//Setup VIM: ex: et ts=2 enc=utf-8 :
429