xref: /dokuwiki/inc/actions.php (revision 24ea6500cc5285aac7f02df7f535ea10f8f97729) 
16b13307fSandi<?php
26b13307fSandi/**
36b13307fSandi * DokuWiki Actions
46b13307fSandi *
56b13307fSandi * @license    GPL 2 (http://www.gnu.org/licenses/gpl.html)
66b13307fSandi * @author     Andreas Gohr <andi@splitbrain.org>
76b13307fSandi */
86b13307fSandi
9fa8adffeSAndreas Gohrif(!defined('DOKU_INC')) die('meh.');
10af182434Sandi
116b13307fSandi/**
126b13307fSandi * Call the needed action handlers
136b13307fSandi *
146b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
15c9570649SAndreas Gohr * @triggers ACTION_ACT_PREPROCESS
16c9570649SAndreas Gohr * @triggers ACTION_HEADERS_SEND
176b13307fSandi */
186b13307fSandifunction act_dispatch(){
196b13307fSandi    global $ACT;
206b13307fSandi    global $ID;
21*24ea6500SAndreas Gohr    global $INFO;
226b13307fSandi    global $QUERY;
236b13307fSandi    global $lang;
2485dcda20SRobin Getz    global $conf;
256b13307fSandi
2669cd1e27SAndreas Gohr    $preact = $ACT;
2769cd1e27SAndreas Gohr
28c2e830f2Schris    // give plugins an opportunity to process the action
2924bb549bSchris    $evt = new Doku_Event('ACTION_ACT_PREPROCESS',$ACT);
3024bb549bSchris    if ($evt->advise_before()) {
31c2e830f2Schris
32af182434Sandi        //sanitize $ACT
33af182434Sandi        $ACT = act_clean($ACT);
34af182434Sandi
35b8957367SBenjamin Gilbert        //check if searchword was given - else just show
360868021bSAndreas Gohr        $s = cleanID($QUERY);
370868021bSAndreas Gohr        if($ACT == 'search' && empty($s)){
38b8957367SBenjamin Gilbert            $ACT = 'show';
39b8957367SBenjamin Gilbert        }
40b8957367SBenjamin Gilbert
41b8957367SBenjamin Gilbert        //login stuff
421b2a85e8SAndreas Gohr        if(in_array($ACT,array('login','logout'))){
43b8957367SBenjamin Gilbert            $ACT = act_auth($ACT);
441b2a85e8SAndreas Gohr        }
45b8957367SBenjamin Gilbert
461380fc45SAndreas Gohr        //check if user is asking to (un)subscribe a page
475b75cd1fSAdrian Lang        if($ACT == 'subscribe') {
485b75cd1fSAdrian Lang            try {
491380fc45SAndreas Gohr                $ACT = act_subscription($ACT);
505b75cd1fSAdrian Lang            } catch (Exception $e) {
515b75cd1fSAdrian Lang                msg($e->getMessage(), -1);
525b75cd1fSAdrian Lang            }
535b75cd1fSAdrian Lang        }
5452b0dd67SGuy Brand
554064e2d3SRobin Getz        //display some infos
564064e2d3SRobin Getz        if($ACT == 'check'){
574064e2d3SRobin Getz            check();
584064e2d3SRobin Getz            $ACT = 'show';
594064e2d3SRobin Getz        }
604064e2d3SRobin Getz
616b13307fSandi        //check permissions
626b13307fSandi        $ACT = act_permcheck($ACT);
636b13307fSandi
64c4f79b71SMichael Hamann        //sitemap
65eae17177SMichael Hamann        if ($ACT == 'sitemap'){
66c4f79b71SMichael Hamann            $ACT = act_sitemap($ACT);
67eae17177SMichael Hamann        }
68c4f79b71SMichael Hamann
69b8957367SBenjamin Gilbert        //register
70b3510079SAndreas Gohr        if($ACT == 'register' && $_POST['save'] && register()){
71b8957367SBenjamin Gilbert            $ACT = 'login';
72b8957367SBenjamin Gilbert        }
736b13307fSandi
748b06d178Schris        if ($ACT == 'resendpwd' && act_resendpwd()) {
758b06d178Schris            $ACT = 'login';
768b06d178Schris        }
778b06d178Schris
788b06d178Schris        //update user profile
7925b2a98cSMichael Klier        if ($ACT == 'profile') {
8025b2a98cSMichael Klier            if(!$_SERVER['REMOTE_USER']) {
8125b2a98cSMichael Klier                $ACT = 'login';
8225b2a98cSMichael Klier            } else {
8325b2a98cSMichael Klier                if(updateprofile()) {
844cb79657SMatthias Grimm                    msg($lang['profchanged'],1);
854cb79657SMatthias Grimm                    $ACT = 'show';
868b06d178Schris                }
8725b2a98cSMichael Klier            }
8825b2a98cSMichael Klier        }
898b06d178Schris
901246e016SAndreas Gohr        //revert
911246e016SAndreas Gohr        if($ACT == 'revert'){
921246e016SAndreas Gohr            if(checkSecurityToken()){
931246e016SAndreas Gohr                $ACT = act_revert($ACT);
941246e016SAndreas Gohr            }else{
951246e016SAndreas Gohr                $ACT = 'show';
961246e016SAndreas Gohr            }
971246e016SAndreas Gohr        }
981246e016SAndreas Gohr
996b13307fSandi        //save
1001b2a85e8SAndreas Gohr        if($ACT == 'save'){
1011b2a85e8SAndreas Gohr            if(checkSecurityToken()){
1026b13307fSandi                $ACT = act_save($ACT);
1031b2a85e8SAndreas Gohr            }else{
1041b2a85e8SAndreas Gohr                $ACT = 'show';
1051b2a85e8SAndreas Gohr            }
1061b2a85e8SAndreas Gohr        }
1076b13307fSandi
108067c5d22SBen Coburn        //cancel conflicting edit
109067c5d22SBen Coburn        if($ACT == 'cancel')
110067c5d22SBen Coburn            $ACT = 'show';
111067c5d22SBen Coburn
112ee4c4a1bSAndreas Gohr        //draft deletion
113ee4c4a1bSAndreas Gohr        if($ACT == 'draftdel')
114ee4c4a1bSAndreas Gohr            $ACT = act_draftdel($ACT);
115ee4c4a1bSAndreas Gohr
116ee4c4a1bSAndreas Gohr        //draft saving on preview
117ee4c4a1bSAndreas Gohr        if($ACT == 'preview')
118ee4c4a1bSAndreas Gohr            $ACT = act_draftsave($ACT);
119ee4c4a1bSAndreas Gohr
1206b13307fSandi        //edit
121c9d5430bSAdrian Lang        if(in_array($ACT, array('edit', 'preview', 'recover'))) {
122af182434Sandi            $ACT = act_edit($ACT);
1236b13307fSandi        }else{
1246b13307fSandi            unlock($ID); //try to unlock
1256b13307fSandi        }
1266b13307fSandi
1276b13307fSandi        //handle export
128ac83b9d8Sandi        if(substr($ACT,0,7) == 'export_')
1296b13307fSandi            $ACT = act_export($ACT);
1306b13307fSandi
131c19fe9c0Sandi        //handle admin tasks
132c19fe9c0Sandi        if($ACT == 'admin'){
13311e2ce22Schris            // retrieve admin plugin name from $_REQUEST['page']
134bb4866bdSchris            if (!empty($_REQUEST['page'])) {
13511e2ce22Schris                $pluginlist = plugin_list('admin');
13611e2ce22Schris                if (in_array($_REQUEST['page'], $pluginlist)) {
13711e2ce22Schris                    // attempt to load the plugin
138*24ea6500SAndreas Gohr                    if ($plugin =& plugin_load('admin',$_REQUEST['page']) !== null){
139*24ea6500SAndreas Gohr                        if($plugin->forAdminOnly() && !$INFO['isadmin']){
140*24ea6500SAndreas Gohr                            // a manager tried to load a plugin that's for admins only
141*24ea6500SAndreas Gohr                            unset($_REQUEST['page']);
142*24ea6500SAndreas Gohr                            msg('For admins only',-1);
143*24ea6500SAndreas Gohr                        }else{
14411e2ce22Schris                            $plugin->handle();
14511e2ce22Schris                        }
14611e2ce22Schris                    }
147c19fe9c0Sandi                }
148*24ea6500SAndreas Gohr            }
149*24ea6500SAndreas Gohr        }
1505f312bacSAndreas Gohr
1515f312bacSAndreas Gohr        // check permissions again - the action may have changed
1525f312bacSAndreas Gohr        $ACT = act_permcheck($ACT);
15324bb549bSchris    }  // end event ACTION_ACT_PREPROCESS default action
15424bb549bSchris    $evt->advise_after();
15585dcda20SRobin Getz    // Make sure plugs can handle 'denied'
15685dcda20SRobin Getz    if($conf['send404'] && $ACT == 'denied') {
15785dcda20SRobin Getz        header('HTTP/1.0 403 Forbidden');
15885dcda20SRobin Getz    }
15924bb549bSchris    unset($evt);
160c19fe9c0Sandi
16146c0ed74SMichael Hamann    // when action 'show', the intial not 'show' and POST, do a redirect
16246c0ed74SMichael Hamann    if($ACT == 'show' && $preact != 'show' && strtolower($_SERVER['REQUEST_METHOD']) == 'post'){
16369cd1e27SAndreas Gohr        act_redirect($ID,$preact);
16469cd1e27SAndreas Gohr    }
1655f312bacSAndreas Gohr
166c346111aSAdrian Lang    global $INFO;
167c346111aSAdrian Lang    global $conf;
168c346111aSAdrian Lang    global $license;
169c346111aSAdrian Lang
1706b13307fSandi    //call template FIXME: all needed vars available?
171f63a2007Schris    $headers[] = 'Content-Type: text/html; charset=utf-8';
172746855cfSBen Coburn    trigger_event('ACTION_HEADERS_SEND',$headers,'act_sendheaders');
173f63a2007Schris
1745a892029SAndreas Gohr    include(template('main.php'));
175c19fe9c0Sandi    // output for the commands is now handled in inc/templates.php
176c19fe9c0Sandi    // in function tpl_content()
1776b13307fSandi}
1786b13307fSandi
179f63a2007Schrisfunction act_sendheaders($headers) {
180f63a2007Schris    foreach ($headers as $hdr) header($hdr);
181f63a2007Schris}
182f63a2007Schris
1836b13307fSandi/**
184af182434Sandi * Sanitize the action command
185af182434Sandi *
186af182434Sandi * Add all allowed commands here.
187af182434Sandi *
188af182434Sandi * @author Andreas Gohr <andi@splitbrain.org>
189af182434Sandi */
190af182434Sandifunction act_clean($act){
191af182434Sandi    global $lang;
19260e6b550SAndreas Gohr    global $conf;
193af182434Sandi
194ee4c4a1bSAndreas Gohr    // check if the action was given as array key
195ee4c4a1bSAndreas Gohr    if(is_array($act)){
196ee4c4a1bSAndreas Gohr        list($act) = array_keys($act);
197ee4c4a1bSAndreas Gohr    }
198ee4c4a1bSAndreas Gohr
199ac83b9d8Sandi    //remove all bad chars
200ac83b9d8Sandi    $act = strtolower($act);
2012d5ccb39SAndreas Gohr    $act = preg_replace('/[^1-9a-z_]+/','',$act);
202ac83b9d8Sandi
203ac83b9d8Sandi    if($act == 'export_html') $act = 'export_xhtml';
204cc2ae802SAndreas Gohr    if($act == 'export_htmlbody') $act = 'export_xhtmlbody';
205b146b32bSandi
206396c218fSAndreas Gohr    if($act === '') $act = 'show';
207396c218fSAndreas Gohr
208409d7af7SAndreas Gohr    // check if action is disabled
209409d7af7SAndreas Gohr    if(!actionOK($act)){
210409d7af7SAndreas Gohr        msg('Command disabled: '.htmlspecialchars($act),-1);
211409d7af7SAndreas Gohr        return 'show';
212409d7af7SAndreas Gohr    }
213409d7af7SAndreas Gohr
21460e6b550SAndreas Gohr    //disable all acl related commands if ACL is disabled
21560e6b550SAndreas Gohr    if(!$conf['useacl'] && in_array($act,array('login','logout','register','admin',
2161246e016SAndreas Gohr                    'subscribe','unsubscribe','profile','revert',
21752b0dd67SGuy Brand                    'resendpwd','subscribens','unsubscribens',))){
21860e6b550SAndreas Gohr        msg('Command unavailable: '.htmlspecialchars($act),-1);
21960e6b550SAndreas Gohr        return 'show';
22060e6b550SAndreas Gohr    }
22160e6b550SAndreas Gohr
222067c5d22SBen Coburn    if(!in_array($act,array('login','logout','register','save','cancel','edit','draft',
223ac83b9d8Sandi                    'preview','search','show','check','index','revisions',
2241246e016SAndreas Gohr                    'diff','recent','backlink','admin','subscribe','revert',
2255a932e77SAdrian Lang                    'unsubscribe','profile','resendpwd','recover',
226c4f79b71SMichael Hamann                    'draftdel','subscribens','unsubscribens','sitemap')) && substr($act,0,7) != 'export_' ) {
227ee4c4a1bSAndreas Gohr        msg('Command unknown: '.htmlspecialchars($act),-1);
228af182434Sandi        return 'show';
229af182434Sandi    }
230af182434Sandi    return $act;
231af182434Sandi}
232af182434Sandi
233af182434Sandi/**
2346b13307fSandi * Run permissionchecks
2356b13307fSandi *
2366b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
2376b13307fSandi */
2386b13307fSandifunction act_permcheck($act){
239dbbc6aa7Sandi    global $INFO;
2405e199953Smatthiasgrimm    global $conf;
241dbbc6aa7Sandi
242ee4c4a1bSAndreas Gohr    if(in_array($act,array('save','preview','edit','recover'))){
2436b13307fSandi        if($INFO['exists']){
244bdbc16bfSandi            if($act == 'edit'){
245bdbc16bfSandi                //the edit function will check again and do a source show
246bdbc16bfSandi                //when no AUTH_EDIT available
247bdbc16bfSandi                $permneed = AUTH_READ;
248bdbc16bfSandi            }else{
2496b13307fSandi                $permneed = AUTH_EDIT;
250bdbc16bfSandi            }
2516b13307fSandi        }else{
2526b13307fSandi            $permneed = AUTH_CREATE;
2536b13307fSandi        }
254c4f79b71SMichael Hamann    }elseif(in_array($act,array('login','search','recent','profile','index', 'sitemap'))){
2556b13307fSandi        $permneed = AUTH_NONE;
2561246e016SAndreas Gohr    }elseif($act == 'revert'){
2571246e016SAndreas Gohr        $permneed = AUTH_ADMIN;
2581246e016SAndreas Gohr        if($INFO['ismanager']) $permneed = AUTH_EDIT;
2595e199953Smatthiasgrimm    }elseif($act == 'register'){
2605e199953Smatthiasgrimm        $permneed = AUTH_NONE;
261ebd3d9ceSchris    }elseif($act == 'resendpwd'){
262ebd3d9ceSchris        $permneed = AUTH_NONE;
263c19fe9c0Sandi    }elseif($act == 'admin'){
264f8cc712eSAndreas Gohr        if($INFO['ismanager']){
265f8cc712eSAndreas Gohr            // if the manager has the needed permissions for a certain admin
266f8cc712eSAndreas Gohr            // action is checked later
267f8cc712eSAndreas Gohr            $permneed = AUTH_READ;
268f8cc712eSAndreas Gohr        }else{
269c19fe9c0Sandi            $permneed = AUTH_ADMIN;
270f8cc712eSAndreas Gohr        }
2716b13307fSandi    }else{
2726b13307fSandi        $permneed = AUTH_READ;
2736b13307fSandi    }
274dbbc6aa7Sandi    if($INFO['perm'] >= $permneed) return $act;
275dbbc6aa7Sandi
2766b13307fSandi    return 'denied';
2776b13307fSandi}
2786b13307fSandi
2796b13307fSandi/**
280ee4c4a1bSAndreas Gohr * Handle 'draftdel'
281ee4c4a1bSAndreas Gohr *
282ee4c4a1bSAndreas Gohr * Deletes the draft for the current page and user
283ee4c4a1bSAndreas Gohr */
284ee4c4a1bSAndreas Gohrfunction act_draftdel($act){
285ee4c4a1bSAndreas Gohr    global $INFO;
286ee4c4a1bSAndreas Gohr    @unlink($INFO['draft']);
287ee4c4a1bSAndreas Gohr    $INFO['draft'] = null;
288ee4c4a1bSAndreas Gohr    return 'show';
289ee4c4a1bSAndreas Gohr}
290ee4c4a1bSAndreas Gohr
291ee4c4a1bSAndreas Gohr/**
292ee4c4a1bSAndreas Gohr * Saves a draft on preview
293ee4c4a1bSAndreas Gohr *
294ee4c4a1bSAndreas Gohr * @todo this currently duplicates code from ajax.php :-/
295ee4c4a1bSAndreas Gohr */
296ee4c4a1bSAndreas Gohrfunction act_draftsave($act){
297ee4c4a1bSAndreas Gohr    global $INFO;
298ee4c4a1bSAndreas Gohr    global $ID;
299ee4c4a1bSAndreas Gohr    global $conf;
300ee4c4a1bSAndreas Gohr    if($conf['usedraft'] && $_POST['wikitext']){
301ee4c4a1bSAndreas Gohr        $draft = array('id'     => $ID,
30203f008cdSMichael Hamann                'prefix' => substr($_POST['prefix'], 0, -1),
303ee4c4a1bSAndreas Gohr                'text'   => $_POST['wikitext'],
304ee4c4a1bSAndreas Gohr                'suffix' => $_POST['suffix'],
30503f008cdSMichael Hamann                'date'   => (int) $_POST['date'],
306ee4c4a1bSAndreas Gohr                'client' => $INFO['client'],
307ee4c4a1bSAndreas Gohr                );
308ee4c4a1bSAndreas Gohr        $cname = getCacheName($draft['client'].$ID,'.draft');
309ee4c4a1bSAndreas Gohr        if(io_saveFile($cname,serialize($draft))){
310ee4c4a1bSAndreas Gohr            $INFO['draft'] = $cname;
311ee4c4a1bSAndreas Gohr        }
312ee4c4a1bSAndreas Gohr    }
313ee4c4a1bSAndreas Gohr    return $act;
314ee4c4a1bSAndreas Gohr}
315ee4c4a1bSAndreas Gohr
316ee4c4a1bSAndreas Gohr/**
3176b13307fSandi * Handle 'save'
3186b13307fSandi *
3196b13307fSandi * Checks for spam and conflicts and saves the page.
3206b13307fSandi * Does a redirect to show the page afterwards or
3216b13307fSandi * returns a new action.
3226b13307fSandi *
3236b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
3246b13307fSandi */
3256b13307fSandifunction act_save($act){
3266b13307fSandi    global $ID;
3276b13307fSandi    global $DATE;
3286b13307fSandi    global $PRE;
3296b13307fSandi    global $TEXT;
3306b13307fSandi    global $SUF;
3316b13307fSandi    global $SUM;
3325a932e77SAdrian Lang    global $lang;
3338d67c48aSAdrian Lang    global $INFO;
3346b13307fSandi
3356b13307fSandi    //spam check
3365a932e77SAdrian Lang    if(checkwordblock()) {
3375a932e77SAdrian Lang        msg($lang['wordblock'], -1);
3385a932e77SAdrian Lang        return 'edit';
3395a932e77SAdrian Lang    }
3408d67c48aSAdrian Lang    //conflict check
3418d67c48aSAdrian Lang    if($DATE != 0 && $INFO['meta']['date']['modified'] > $DATE )
3426b13307fSandi        return 'conflict';
3436b13307fSandi
3446b13307fSandi    //save it
345b6912aeaSAndreas Gohr    saveWikiText($ID,con($PRE,$TEXT,$SUF,1),$SUM,$_REQUEST['minor']); //use pretty mode for con
3466b13307fSandi    //unlock it
3476b13307fSandi    unlock($ID);
3486b13307fSandi
349ee4c4a1bSAndreas Gohr    //delete draft
350ee4c4a1bSAndreas Gohr    act_draftdel($act);
35169cd1e27SAndreas Gohr    session_write_close();
352ee4c4a1bSAndreas Gohr
35369cd1e27SAndreas Gohr    // when done, show page
35469cd1e27SAndreas Gohr    return 'show';
35569cd1e27SAndreas Gohr}
356f951a474SAndreas Gohr
35714a122deSAndreas Gohr/**
3581246e016SAndreas Gohr * Revert to a certain revision
3591246e016SAndreas Gohr *
3601246e016SAndreas Gohr * @author Andreas Gohr <andi@splitbrain.org>
3611246e016SAndreas Gohr */
3621246e016SAndreas Gohrfunction act_revert($act){
3631246e016SAndreas Gohr    global $ID;
3641246e016SAndreas Gohr    global $REV;
3651246e016SAndreas Gohr    global $lang;
366de4d479aSAdrian Lang    // FIXME $INFO['writable'] currently refers to the attic version
367de4d479aSAdrian Lang    // global $INFO;
368de4d479aSAdrian Lang    // if (!$INFO['writable']) {
369de4d479aSAdrian Lang    //     return 'show';
370de4d479aSAdrian Lang    // }
3711246e016SAndreas Gohr
3721246e016SAndreas Gohr    // when no revision is given, delete current one
3731246e016SAndreas Gohr    // FIXME this feature is not exposed in the GUI currently
3741246e016SAndreas Gohr    $text = '';
3751246e016SAndreas Gohr    $sum  = $lang['deleted'];
3761246e016SAndreas Gohr    if($REV){
3771246e016SAndreas Gohr        $text = rawWiki($ID,$REV);
3781246e016SAndreas Gohr        if(!$text) return 'show'; //something went wrong
3791246e016SAndreas Gohr        $sum  = $lang['restored'];
3801246e016SAndreas Gohr    }
3811246e016SAndreas Gohr
3821246e016SAndreas Gohr    // spam check
3835a932e77SAdrian Lang
3845a932e77SAdrian Lang    if (checkwordblock($text)) {
3855a932e77SAdrian Lang        msg($lang['wordblock'], -1);
3865a932e77SAdrian Lang        return 'edit';
3875a932e77SAdrian Lang    }
3881246e016SAndreas Gohr
3891246e016SAndreas Gohr    saveWikiText($ID,$text,$sum,false);
3901246e016SAndreas Gohr    msg($sum,1);
3911246e016SAndreas Gohr
3921246e016SAndreas Gohr    //delete any draft
3931246e016SAndreas Gohr    act_draftdel($act);
3941246e016SAndreas Gohr    session_write_close();
3951246e016SAndreas Gohr
3961246e016SAndreas Gohr    // when done, show current page
3971246e016SAndreas Gohr    $_SERVER['REQUEST_METHOD'] = 'post'; //should force a redirect
3981246e016SAndreas Gohr    $REV = '';
3991246e016SAndreas Gohr    return 'show';
4001246e016SAndreas Gohr}
4011246e016SAndreas Gohr
4021246e016SAndreas Gohr/**
40314a122deSAndreas Gohr * Do a redirect after receiving post data
40414a122deSAndreas Gohr *
40514a122deSAndreas Gohr * Tries to add the section id as hash mark after section editing
40614a122deSAndreas Gohr */
40769cd1e27SAndreas Gohrfunction act_redirect($id,$preact){
40869cd1e27SAndreas Gohr    global $PRE;
40969cd1e27SAndreas Gohr    global $TEXT;
410f951a474SAndreas Gohr
41169cd1e27SAndreas Gohr    $opts = array(
41269cd1e27SAndreas Gohr            'id'       => $id,
41369cd1e27SAndreas Gohr            'preact'   => $preact
41469cd1e27SAndreas Gohr            );
415c66972f2SAdrian Lang    //get section name when coming from section edit
416c66972f2SAdrian Lang    if($PRE && preg_match('/^\s*==+([^=\n]+)/',$TEXT,$match)){
417c66972f2SAdrian Lang        $check = false; //Byref
418c66972f2SAdrian Lang        $opts['fragment'] = sectionID($match[0], $check);
419c66972f2SAdrian Lang    }
420c66972f2SAdrian Lang
42169cd1e27SAndreas Gohr    trigger_event('ACTION_SHOW_REDIRECT',$opts,'act_redirect_execute');
42269cd1e27SAndreas Gohr}
42369cd1e27SAndreas Gohr
42469cd1e27SAndreas Gohrfunction act_redirect_execute($opts){
42569cd1e27SAndreas Gohr    $go = wl($opts['id'],'',true);
426c66972f2SAdrian Lang    if(isset($opts['fragment'])) $go .= '#'.$opts['fragment'];
42769cd1e27SAndreas Gohr
4286b13307fSandi    //show it
429af2408d5SAndreas Gohr    send_redirect($go);
4306b13307fSandi}
4316b13307fSandi
4326b13307fSandi/**
433b8957367SBenjamin Gilbert * Handle 'login', 'logout'
4346b13307fSandi *
4356b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
4366b13307fSandi */
4376b13307fSandifunction act_auth($act){
43808eda5bcSmatthiasgrimm    global $ID;
4397cace34dSAndreas Gohr    global $INFO;
44008eda5bcSmatthiasgrimm
4416b13307fSandi    //already logged in?
442c66972f2SAdrian Lang    if(isset($_SERVER['REMOTE_USER']) && $act=='login'){
443ca12ce46SAndreas Gohr        return 'show';
4442288dc06SGuy Brand    }
4456b13307fSandi
4466b13307fSandi    //handle logout
4476b13307fSandi    if($act=='logout'){
44808eda5bcSmatthiasgrimm        $lockedby = checklock($ID); //page still locked?
449424c3c4fSJohannes Buchner        if($lockedby == $_SERVER['REMOTE_USER'])
45008eda5bcSmatthiasgrimm            unlock($ID); //try to unlock
45108eda5bcSmatthiasgrimm
4527cace34dSAndreas Gohr        // do the logout stuff
4536b13307fSandi        auth_logoff();
4547cace34dSAndreas Gohr
4557cace34dSAndreas Gohr        // rebuild info array
4567cace34dSAndreas Gohr        $INFO = pageinfo();
4577cace34dSAndreas Gohr
458e16eccb7SGuy Brand        act_redirect($ID,'login');
4596b13307fSandi    }
4606b13307fSandi
4616b13307fSandi    return $act;
4626b13307fSandi}
4636b13307fSandi
4646b13307fSandi/**
46545a99335SAdrian Lang * Handle 'edit', 'preview', 'recover'
4666b13307fSandi *
4676b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
4686b13307fSandi */
4696b13307fSandifunction act_edit($act){
470cd409024Sjorda    global $ID;
471ee4c4a1bSAndreas Gohr    global $INFO;
472cd409024Sjorda
47345a99335SAdrian Lang    global $TEXT;
47445a99335SAdrian Lang    global $RANGE;
47545a99335SAdrian Lang    global $PRE;
47645a99335SAdrian Lang    global $SUF;
47745a99335SAdrian Lang    global $REV;
47845a99335SAdrian Lang    global $SUM;
47945a99335SAdrian Lang    global $lang;
48045a99335SAdrian Lang    global $DATE;
48145a99335SAdrian Lang
48245a99335SAdrian Lang    if (!isset($TEXT)) {
48345a99335SAdrian Lang        if ($INFO['exists']) {
48445a99335SAdrian Lang            if ($RANGE) {
48545a99335SAdrian Lang                list($PRE,$TEXT,$SUF) = rawWikiSlices($RANGE,$ID,$REV);
48645a99335SAdrian Lang            } else {
48745a99335SAdrian Lang                $TEXT = rawWiki($ID,$REV);
48845a99335SAdrian Lang            }
48945a99335SAdrian Lang        } else {
490fe17917eSAdrian Lang            $TEXT = pageTemplate($ID);
49145a99335SAdrian Lang        }
49245a99335SAdrian Lang    }
49345a99335SAdrian Lang
49445a99335SAdrian Lang    //set summary default
49545a99335SAdrian Lang    if(!$SUM){
49645a99335SAdrian Lang        if($REV){
49745a99335SAdrian Lang            $SUM = $lang['restored'];
49845a99335SAdrian Lang        }elseif(!$INFO['exists']){
49945a99335SAdrian Lang            $SUM = $lang['created'];
50045a99335SAdrian Lang        }
50145a99335SAdrian Lang    }
50245a99335SAdrian Lang
5038d67c48aSAdrian Lang    // Use the date of the newest revision, not of the revision we edit
5048d67c48aSAdrian Lang    // This is used for conflict detection
5058d67c48aSAdrian Lang    if(!$DATE) $DATE = $INFO['meta']['date']['modified'];
50645a99335SAdrian Lang
5076b13307fSandi    //check if locked by anyone - if not lock for my self
5086b13307fSandi    $lockedby = checklock($ID);
5096b13307fSandi    if($lockedby) return 'locked';
5106b13307fSandi
5116b13307fSandi    lock($ID);
5126b13307fSandi    return $act;
5136b13307fSandi}
5146b13307fSandi
5156b13307fSandi/**
516f6dad9fdSMichael Klier * Export a wiki page for various formats
517f6dad9fdSMichael Klier *
518f6dad9fdSMichael Klier * Triggers ACTION_EXPORT_POSTPROCESS
519f6dad9fdSMichael Klier *
520f6dad9fdSMichael Klier *  Event data:
521f6dad9fdSMichael Klier *    data['id']      -- page id
522f6dad9fdSMichael Klier *    data['mode']    -- requested export mode
523f6dad9fdSMichael Klier *    data['headers'] -- export headers
524f6dad9fdSMichael Klier *    data['output']  -- export output
5256b13307fSandi *
5266b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
527f6dad9fdSMichael Klier * @author Michael Klier <chi@chimeric.de>
5286b13307fSandi */
5296b13307fSandifunction act_export($act){
5306b13307fSandi    global $ID;
5316b13307fSandi    global $REV;
53285f8705cSAnika Henke    global $conf;
53385f8705cSAnika Henke    global $lang;
5346b13307fSandi
535f6dad9fdSMichael Klier    $pre = '';
536f6dad9fdSMichael Klier    $post = '';
537f6dad9fdSMichael Klier    $output = '';
538f6dad9fdSMichael Klier    $headers = array();
539cc2ae802SAndreas Gohr
540f6dad9fdSMichael Klier    // search engines: never cache exported docs! (Google only currently)
541f6dad9fdSMichael Klier    $headers['X-Robots-Tag'] = 'noindex';
542f6dad9fdSMichael Klier
543ac83b9d8Sandi    $mode = substr($act,7);
544f6dad9fdSMichael Klier    switch($mode) {
545f6dad9fdSMichael Klier        case 'raw':
5465adfc5afSAnika Henke            $headers['Content-Type'] = 'text/plain; charset=utf-8';
54766b23ce9SAndreas Gohr            $headers['Content-Disposition'] = 'attachment; filename='.noNS($ID).'.txt';
548f6dad9fdSMichael Klier            $output = rawWiki($ID,$REV);
549f6dad9fdSMichael Klier            break;
550f6dad9fdSMichael Klier        case 'xhtml':
551f6dad9fdSMichael Klier            $pre .= '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"' . DOKU_LF;
552f6dad9fdSMichael Klier            $pre .= ' "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">' . DOKU_LF;
553f6dad9fdSMichael Klier            $pre .= '<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="'.$conf['lang'].'"' . DOKU_LF;
554f6dad9fdSMichael Klier            $pre .= ' lang="'.$conf['lang'].'" dir="'.$lang['direction'].'">' . DOKU_LF;
555f6dad9fdSMichael Klier            $pre .= '<head>' . DOKU_LF;
556f6dad9fdSMichael Klier            $pre .= '  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />' . DOKU_LF;
557f6dad9fdSMichael Klier            $pre .= '  <title>'.$ID.'</title>' . DOKU_LF;
558f6dad9fdSMichael Klier
559f6dad9fdSMichael Klier            // get metaheaders
560f6dad9fdSMichael Klier            ob_start();
561f6dad9fdSMichael Klier            tpl_metaheaders();
562f6dad9fdSMichael Klier            $pre .= ob_get_clean();
563f6dad9fdSMichael Klier
564f6dad9fdSMichael Klier            $pre .= '</head>' . DOKU_LF;
565f6dad9fdSMichael Klier            $pre .= '<body>' . DOKU_LF;
566f6dad9fdSMichael Klier            $pre .= '<div class="dokuwiki export">' . DOKU_LF;
567f6dad9fdSMichael Klier
568f6dad9fdSMichael Klier            // get toc
569f6dad9fdSMichael Klier            $pre .= tpl_toc(true);
570f6dad9fdSMichael Klier
571f6dad9fdSMichael Klier            $headers['Content-Type'] = 'text/html; charset=utf-8';
572f6dad9fdSMichael Klier            $output = p_wiki_xhtml($ID,$REV,false);
573f6dad9fdSMichael Klier
574f6dad9fdSMichael Klier            $post .= '</div>' . DOKU_LF;
575f6dad9fdSMichael Klier            $post .= '</body>' . DOKU_LF;
576f6dad9fdSMichael Klier            $post .= '</html>' . DOKU_LF;
577f6dad9fdSMichael Klier            break;
578f6dad9fdSMichael Klier        case 'xhtmlbody':
579f6dad9fdSMichael Klier            $headers['Content-Type'] = 'text/html; charset=utf-8';
580f6dad9fdSMichael Klier            $output = p_wiki_xhtml($ID,$REV,false);
581f6dad9fdSMichael Klier            break;
582f6dad9fdSMichael Klier        default:
583f6dad9fdSMichael Klier            $output = p_cached_output(wikiFN($ID,$REV), $mode);
5849acedd40SAndreas Gohr            $headers = p_get_metadata($ID,"format $mode");
585f6dad9fdSMichael Klier            break;
586f6dad9fdSMichael Klier    }
587f6dad9fdSMichael Klier
588f6dad9fdSMichael Klier    // prepare event data
589f6dad9fdSMichael Klier    $data = array();
590f6dad9fdSMichael Klier    $data['id'] = $ID;
591f6dad9fdSMichael Klier    $data['mode'] = $mode;
592f6dad9fdSMichael Klier    $data['headers'] = $headers;
593f6dad9fdSMichael Klier    $data['output'] =& $output;
594f6dad9fdSMichael Klier
595f6dad9fdSMichael Klier    trigger_event('ACTION_EXPORT_POSTPROCESS', $data);
596f6dad9fdSMichael Klier
597f6dad9fdSMichael Klier    if(!empty($data['output'])){
598f6dad9fdSMichael Klier        if(is_array($data['headers'])) foreach($data['headers'] as $key => $val){
59985767031SAndreas Gohr            header("$key: $val");
60085767031SAndreas Gohr        }
601f6dad9fdSMichael Klier        print $pre.$data['output'].$post;
6026b13307fSandi        exit;
6036b13307fSandi    }
6046b13307fSandi    return 'show';
6056b13307fSandi}
606340756e4Sandi
607b158d625SSteven Danz/**
608c4f79b71SMichael Hamann * Handle sitemap delivery
609c4f79b71SMichael Hamann *
610c4f79b71SMichael Hamann * @author Michael Hamann <michael@content-space.de>
611c4f79b71SMichael Hamann */
612c4f79b71SMichael Hamannfunction act_sitemap($act) {
613c4f79b71SMichael Hamann    global $conf;
614c4f79b71SMichael Hamann
615eae17177SMichael Hamann    if ($conf['sitemap'] < 1 || !is_numeric($conf['sitemap'])) {
616c4f79b71SMichael Hamann        header("HTTP/1.0 404 Not Found");
617c4f79b71SMichael Hamann        print "Sitemap generation is disabled.";
618c4f79b71SMichael Hamann        exit;
619c4f79b71SMichael Hamann    }
620c4f79b71SMichael Hamann
621eae17177SMichael Hamann    $sitemap = Sitemapper::getFilePath();
622eae17177SMichael Hamann    if(strrchr($sitemap, '.') === '.gz'){
623c4f79b71SMichael Hamann        $mime = 'application/x-gzip';
624c4f79b71SMichael Hamann    }else{
625c4f79b71SMichael Hamann        $mime = 'application/xml; charset=utf-8';
626c4f79b71SMichael Hamann    }
627c4f79b71SMichael Hamann
628c4f79b71SMichael Hamann    // Check if sitemap file exists, otherwise create it
629c4f79b71SMichael Hamann    if (!is_readable($sitemap)) {
6302897eb23SMichael Hamann        Sitemapper::generate();
631c4f79b71SMichael Hamann    }
632c4f79b71SMichael Hamann
633c4f79b71SMichael Hamann    if (is_readable($sitemap)) {
634c4f79b71SMichael Hamann        // Send headers
635c4f79b71SMichael Hamann        header('Content-Type: '.$mime);
6364c36bf82SGuillaume Turri        header('Content-Disposition: attachment; filename='.basename($sitemap));
637c4f79b71SMichael Hamann
638eae17177SMichael Hamann        http_conditionalRequest(filemtime($sitemap));
639eae17177SMichael Hamann
640c4f79b71SMichael Hamann        // Send file
641c4f79b71SMichael Hamann        //use x-sendfile header to pass the delivery to compatible webservers
642c4f79b71SMichael Hamann        if (http_sendfile($sitemap)) exit;
643c4f79b71SMichael Hamann
644eae17177SMichael Hamann        readfile($sitemap);
645c4f79b71SMichael Hamann        exit;
646c4f79b71SMichael Hamann    }
647c4f79b71SMichael Hamann
648c4f79b71SMichael Hamann    header("HTTP/1.0 500 Internal Server Error");
649eae17177SMichael Hamann    print "Could not read the sitemap file - bad permissions?";
650c4f79b71SMichael Hamann    exit;
651c4f79b71SMichael Hamann}
652c4f79b71SMichael Hamann
653c4f79b71SMichael Hamann/**
6545b75cd1fSAdrian Lang * Handle page 'subscribe'
655b158d625SSteven Danz *
6565b75cd1fSAdrian Lang * Throws exception on error.
6575b75cd1fSAdrian Lang *
6585b75cd1fSAdrian Lang * @author Adrian Lang <lang@cosmocode.de>
659b158d625SSteven Danz */
6601380fc45SAndreas Gohrfunction act_subscription($act){
661056c2049SAndreas Gohr    global $lang;
662056c2049SAndreas Gohr    global $INFO;
663056c2049SAndreas Gohr    global $ID;
66452b0dd67SGuy Brand
6659fa341d0SAndreas Gohr    // subcriptions work for logged in users only
6669fa341d0SAndreas Gohr    if(!$_SERVER['REMOTE_USER']) return 'show';
6679fa341d0SAndreas Gohr
668056c2049SAndreas Gohr    // get and preprocess data.
6698881fcc9SAdrian Lang    $params = array();
6708881fcc9SAdrian Lang    foreach(array('target', 'style', 'action') as $param) {
671056c2049SAndreas Gohr        if (isset($_REQUEST["sub_$param"])) {
672056c2049SAndreas Gohr            $params[$param] = $_REQUEST["sub_$param"];
6738881fcc9SAdrian Lang        }
6748881fcc9SAdrian Lang    }
6758881fcc9SAdrian Lang
676056c2049SAndreas Gohr    // any action given? if not just return and show the subscription page
67766d2bed9SAdrian Lang    if(!$params['action'] || !checkSecurityToken()) return $act;
678056c2049SAndreas Gohr
6798881fcc9SAdrian Lang    // Handle POST data, may throw exception.
6808881fcc9SAdrian Lang    trigger_event('ACTION_HANDLE_SUBSCRIBE', $params, 'subscription_handle_post');
6818881fcc9SAdrian Lang
6828881fcc9SAdrian Lang    $target = $params['target'];
6838881fcc9SAdrian Lang    $style  = $params['style'];
6848881fcc9SAdrian Lang    $data   = $params['data'];
6858881fcc9SAdrian Lang    $action = $params['action'];
6868881fcc9SAdrian Lang
6878881fcc9SAdrian Lang    // Perform action.
6888881fcc9SAdrian Lang    if (!subscription_set($_SERVER['REMOTE_USER'], $target, $style, $data)) {
6898881fcc9SAdrian Lang        throw new Exception(sprintf($lang["subscr_{$action}_error"],
6908881fcc9SAdrian Lang                                    hsc($INFO['userinfo']['name']),
6918881fcc9SAdrian Lang                                    prettyprint_id($target)));
6928881fcc9SAdrian Lang    }
6938881fcc9SAdrian Lang    msg(sprintf($lang["subscr_{$action}_success"], hsc($INFO['userinfo']['name']),
6948881fcc9SAdrian Lang                prettyprint_id($target)), 1);
695cb3f9dbaSAdrian Lang    act_redirect($ID, $act);
696cb3f9dbaSAdrian Lang
697cb3f9dbaSAdrian Lang    // Assure that we have valid data if act_redirect somehow fails.
698cb3f9dbaSAdrian Lang    $INFO['subscribed'] = get_info_subscribed();
699cb3f9dbaSAdrian Lang    return 'show';
7008881fcc9SAdrian Lang}
7018881fcc9SAdrian Lang
7028881fcc9SAdrian Lang/**
7038881fcc9SAdrian Lang * Validate POST data
7048881fcc9SAdrian Lang *
7058881fcc9SAdrian Lang * Validates POST data for a subscribe or unsubscribe request. This is the
7068881fcc9SAdrian Lang * default action for the event ACTION_HANDLE_SUBSCRIBE.
7078881fcc9SAdrian Lang *
7088881fcc9SAdrian Lang * @author Adrian Lang <lang@cosmocode.de>
7098881fcc9SAdrian Lang */
7107a9add1cSAdrian Langfunction subscription_handle_post(&$params) {
7118881fcc9SAdrian Lang    global $INFO;
7128881fcc9SAdrian Lang    global $lang;
7138881fcc9SAdrian Lang
7145b75cd1fSAdrian Lang    // Get and validate parameters.
7158881fcc9SAdrian Lang    if (!isset($params['target'])) {
71615741132SAndreas Gohr        throw new Exception('no subscription target given');
7175b75cd1fSAdrian Lang    }
7188881fcc9SAdrian Lang    $target = $params['target'];
7195b75cd1fSAdrian Lang    $valid_styles = array('every', 'digest');
7205b75cd1fSAdrian Lang    if (substr($target, -1, 1) === ':') {
7215b75cd1fSAdrian Lang        // Allow “list” subscribe style since the target is a namespace.
7225b75cd1fSAdrian Lang        $valid_styles[] = 'list';
7235b75cd1fSAdrian Lang    }
7248881fcc9SAdrian Lang    $style  = valid_input_set('style', $valid_styles, $params,
72515741132SAndreas Gohr                              'invalid subscription style given');
7268881fcc9SAdrian Lang    $action = valid_input_set('action', array('subscribe', 'unsubscribe'),
72715741132SAndreas Gohr                              $params, 'invalid subscription action given');
728613964ecSGuy Brand
7295b75cd1fSAdrian Lang    // Check other conditions.
7305b75cd1fSAdrian Lang    if ($action === 'subscribe') {
7315b75cd1fSAdrian Lang        if ($INFO['userinfo']['mail'] === '') {
7325b75cd1fSAdrian Lang            throw new Exception($lang['subscr_subscribe_noaddress']);
73352b0dd67SGuy Brand        }
7345b75cd1fSAdrian Lang    } elseif ($action === 'unsubscribe') {
7355b75cd1fSAdrian Lang        $is = false;
7365b75cd1fSAdrian Lang        foreach($INFO['subscribed'] as $subscr) {
7375b75cd1fSAdrian Lang            if ($subscr['target'] === $target) {
7385b75cd1fSAdrian Lang                $is = true;
73952b0dd67SGuy Brand            }
74052b0dd67SGuy Brand        }
7415b75cd1fSAdrian Lang        if ($is === false) {
74215741132SAndreas Gohr            throw new Exception(sprintf($lang['subscr_not_subscribed'],
74315741132SAndreas Gohr                                        $_SERVER['REMOTE_USER'],
7445b75cd1fSAdrian Lang                                        prettyprint_id($target)));
7455b75cd1fSAdrian Lang        }
7465b75cd1fSAdrian Lang        // subscription_set deletes a subscription if style = null.
7475b75cd1fSAdrian Lang        $style = null;
74852b0dd67SGuy Brand    }
74952b0dd67SGuy Brand
7508881fcc9SAdrian Lang    $data = in_array($style, array('list', 'digest')) ? time() : null;
7518881fcc9SAdrian Lang    $params = compact('target', 'style', 'data', 'action');
75252b0dd67SGuy Brand}
75352b0dd67SGuy Brand
754e3776c06SMichael Hamann//Setup VIM: ex: et ts=2 :
755