dokuwiki/inc/actions.php

6b13307fSandi<?php
6b13307fSandi/**
6b13307fSandi * DokuWiki Actions
6b13307fSandi *
6b13307fSandi * @license    GPL 2 (http://www.gnu.org/licenses/gpl.html)
6b13307fSandi * @author     Andreas Gohr <andi@splitbrain.org>
6b13307fSandi */
6b13307fSandi
fa8adffeSAndreas Gohrif(!defined('DOKU_INC')) die('meh.');
af182434Sandi
6b13307fSandi/**
6b13307fSandi * Call the needed action handlers
6b13307fSandi *
6b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
c9570649SAndreas Gohr * @triggers ACTION_ACT_PREPROCESS
c9570649SAndreas Gohr * @triggers ACTION_HEADERS_SEND
6b13307fSandi */
6b13307fSandifunction act_dispatch(){
6b13307fSandi    global $ACT;
6b13307fSandi    global $ID;
24ea6500SAndreas Gohr    global $INFO;
6b13307fSandi    global $QUERY;
90f1b7bdSTom N Harris    global $INPUT;
6b13307fSandi    global $lang;
85dcda20SRobin Getz    global $conf;
6b13307fSandi
69cd1e27SAndreas Gohr    $preact = $ACT;
69cd1e27SAndreas Gohr
c2e830f2Schris    // give plugins an opportunity to process the action
24bb549bSchris    $evt = new Doku_Event('ACTION_ACT_PREPROCESS',$ACT);
24bb549bSchris    if ($evt->advise_before()) {
c2e830f2Schris
af182434Sandi        //sanitize $ACT
62baad0fSMartin Doucha        $ACT = act_validate($ACT);
af182434Sandi
b8957367SBenjamin Gilbert        //check if searchword was given - else just show
0868021bSAndreas Gohr        $s = cleanID($QUERY);
0868021bSAndreas Gohr        if($ACT == 'search' && empty($s)){
b8957367SBenjamin Gilbert            $ACT = 'show';
b8957367SBenjamin Gilbert        }
b8957367SBenjamin Gilbert
b8957367SBenjamin Gilbert        //login stuff
1b2a85e8SAndreas Gohr        if(in_array($ACT,array('login','logout'))){
b8957367SBenjamin Gilbert            $ACT = act_auth($ACT);
1b2a85e8SAndreas Gohr        }
b8957367SBenjamin Gilbert
1380fc45SAndreas Gohr        //check if user is asking to (un)subscribe a page
5b75cd1fSAdrian Lang        if($ACT == 'subscribe') {
5b75cd1fSAdrian Lang            try {
1380fc45SAndreas Gohr                $ACT = act_subscription($ACT);
5b75cd1fSAdrian Lang            } catch (Exception $e) {
5b75cd1fSAdrian Lang                msg($e->getMessage(), -1);
5b75cd1fSAdrian Lang            }
5b75cd1fSAdrian Lang        }
52b0dd67SGuy Brand
*5381a7eeSElan Ruusamäe        //display some info
4064e2d3SRobin Getz        if($ACT == 'check'){
4064e2d3SRobin Getz            check();
4064e2d3SRobin Getz            $ACT = 'show';
4064e2d3SRobin Getz        }
4064e2d3SRobin Getz
6b13307fSandi        //check permissions
6b13307fSandi        $ACT = act_permcheck($ACT);
6b13307fSandi
c4f79b71SMichael Hamann        //sitemap
eae17177SMichael Hamann        if ($ACT == 'sitemap'){
c8b076b1SMichael Hamann            act_sitemap($ACT);
eae17177SMichael Hamann        }
c4f79b71SMichael Hamann
3c94d07bSAnika Henke        //recent changes
3c94d07bSAnika Henke        if ($ACT == 'recent'){
3c94d07bSAnika Henke            $show_changes = $INPUT->str('show_changes');
3c94d07bSAnika Henke            if (!empty($show_changes)) {
3c94d07bSAnika Henke                set_doku_pref('show_changes', $show_changes);
3c94d07bSAnika Henke            }
3c94d07bSAnika Henke        }
3c94d07bSAnika Henke
3c94d07bSAnika Henke        //diff
3c94d07bSAnika Henke        if ($ACT == 'diff'){
3c94d07bSAnika Henke            $difftype = $INPUT->str('difftype');
3c94d07bSAnika Henke            if (!empty($difftype)) {
3c94d07bSAnika Henke                set_doku_pref('difftype', $difftype);
3c94d07bSAnika Henke            }
3c94d07bSAnika Henke        }
3c94d07bSAnika Henke
b8957367SBenjamin Gilbert        //register
eea0f0d0SAndreas Gohr        if($ACT == 'register' && $INPUT->post->bool('save') && register()){
b8957367SBenjamin Gilbert            $ACT = 'login';
b8957367SBenjamin Gilbert        }
6b13307fSandi
8b06d178Schris        if ($ACT == 'resendpwd' && act_resendpwd()) {
8b06d178Schris            $ACT = 'login';
8b06d178Schris        }
8b06d178Schris
2a7abf2dSChristopher Smith        // user profile changes
2a7abf2dSChristopher Smith        if (in_array($ACT, array('profile','profile_delete'))) {
25b2a98cSMichael Klier            if(!$_SERVER['REMOTE_USER']) {
25b2a98cSMichael Klier                $ACT = 'login';
25b2a98cSMichael Klier            } else {
2a7abf2dSChristopher Smith                switch ($ACT) {
2a7abf2dSChristopher Smith                    case 'profile' :
25b2a98cSMichael Klier                        if(updateprofile()) {
4cb79657SMatthias Grimm                            msg($lang['profchanged'],1);
4cb79657SMatthias Grimm                            $ACT = 'show';
8b06d178Schris                        }
2a7abf2dSChristopher Smith                        break;
2a7abf2dSChristopher Smith                    case 'profile_delete' :
2a7abf2dSChristopher Smith                        if(auth_deleteprofile()){
2a7abf2dSChristopher Smith                            msg($lang['profdeleted'],1);
2a7abf2dSChristopher Smith                            $ACT = 'show';
2a7abf2dSChristopher Smith                        } else {
2a7abf2dSChristopher Smith                            $ACT = 'profile';
2a7abf2dSChristopher Smith                        }
2a7abf2dSChristopher Smith                        break;
2a7abf2dSChristopher Smith                }
25b2a98cSMichael Klier            }
25b2a98cSMichael Klier        }
8b06d178Schris
1246e016SAndreas Gohr        //revert
1246e016SAndreas Gohr        if($ACT == 'revert'){
1246e016SAndreas Gohr            if(checkSecurityToken()){
1246e016SAndreas Gohr                $ACT = act_revert($ACT);
1246e016SAndreas Gohr            }else{
1246e016SAndreas Gohr                $ACT = 'show';
1246e016SAndreas Gohr            }
1246e016SAndreas Gohr        }
1246e016SAndreas Gohr
6b13307fSandi        //save
1b2a85e8SAndreas Gohr        if($ACT == 'save'){
1b2a85e8SAndreas Gohr            if(checkSecurityToken()){
6b13307fSandi                $ACT = act_save($ACT);
1b2a85e8SAndreas Gohr            }else{
8071beaaSAndreas Gohr                $ACT = 'preview';
1b2a85e8SAndreas Gohr            }
1b2a85e8SAndreas Gohr        }
6b13307fSandi
067c5d22SBen Coburn        //cancel conflicting edit
067c5d22SBen Coburn        if($ACT == 'cancel')
067c5d22SBen Coburn            $ACT = 'show';
067c5d22SBen Coburn
ee4c4a1bSAndreas Gohr        //draft deletion
ee4c4a1bSAndreas Gohr        if($ACT == 'draftdel')
ee4c4a1bSAndreas Gohr            $ACT = act_draftdel($ACT);
ee4c4a1bSAndreas Gohr
ee4c4a1bSAndreas Gohr        //draft saving on preview
ee4c4a1bSAndreas Gohr        if($ACT == 'preview')
ee4c4a1bSAndreas Gohr            $ACT = act_draftsave($ACT);
ee4c4a1bSAndreas Gohr
6b13307fSandi        //edit
c9d5430bSAdrian Lang        if(in_array($ACT, array('edit', 'preview', 'recover'))) {
af182434Sandi            $ACT = act_edit($ACT);
6b13307fSandi        }else{
6b13307fSandi            unlock($ID); //try to unlock
6b13307fSandi        }
6b13307fSandi
6b13307fSandi        //handle export
ac83b9d8Sandi        if(substr($ACT,0,7) == 'export_')
6b13307fSandi            $ACT = act_export($ACT);
6b13307fSandi
c19fe9c0Sandi        //handle admin tasks
c19fe9c0Sandi        if($ACT == 'admin'){
11e2ce22Schris            // retrieve admin plugin name from $_REQUEST['page']
90f1b7bdSTom N Harris            if (($page = $INPUT->str('page', '', true)) != '') {
11e2ce22Schris                $pluginlist = plugin_list('admin');
90f1b7bdSTom N Harris                if (in_array($page, $pluginlist)) {
11e2ce22Schris                    // attempt to load the plugin
5da403f1SGerrit Uitslag
5da403f1SGerrit Uitslag                    if (($plugin = plugin_load('admin',$page)) !== null){
c8b076b1SMichael Hamann                        /** @var DokuWiki_Admin_Plugin $plugin */
24ea6500SAndreas Gohr                        if($plugin->forAdminOnly() && !$INFO['isadmin']){
24ea6500SAndreas Gohr                            // a manager tried to load a plugin that's for admins only
90f1b7bdSTom N Harris                            $INPUT->remove('page');
24ea6500SAndreas Gohr                            msg('For admins only',-1);
24ea6500SAndreas Gohr                        }else{
11e2ce22Schris                            $plugin->handle();
11e2ce22Schris                        }
11e2ce22Schris                    }
c19fe9c0Sandi                }
24ea6500SAndreas Gohr            }
24ea6500SAndreas Gohr        }
5f312bacSAndreas Gohr
5f312bacSAndreas Gohr        // check permissions again - the action may have changed
5f312bacSAndreas Gohr        $ACT = act_permcheck($ACT);
24bb549bSchris    }  // end event ACTION_ACT_PREPROCESS default action
24bb549bSchris    $evt->advise_after();
85dcda20SRobin Getz    // Make sure plugs can handle 'denied'
85dcda20SRobin Getz    if($conf['send404'] && $ACT == 'denied') {
9d2e1be6SAndreas Gohr        http_status(403);
85dcda20SRobin Getz    }
24bb549bSchris    unset($evt);
c19fe9c0Sandi
46c0ed74SMichael Hamann    // when action 'show', the intial not 'show' and POST, do a redirect
46c0ed74SMichael Hamann    if($ACT == 'show' && $preact != 'show' && strtolower($_SERVER['REQUEST_METHOD']) == 'post'){
69cd1e27SAndreas Gohr        act_redirect($ID,$preact);
69cd1e27SAndreas Gohr    }
5f312bacSAndreas Gohr
c346111aSAdrian Lang    global $INFO;
c346111aSAdrian Lang    global $conf;
c346111aSAdrian Lang    global $license;
c346111aSAdrian Lang
6b13307fSandi    //call template FIXME: all needed vars available?
f63a2007Schris    $headers[] = 'Content-Type: text/html; charset=utf-8';
746855cfSBen Coburn    trigger_event('ACTION_HEADERS_SEND',$headers,'act_sendheaders');
f63a2007Schris
5a892029SAndreas Gohr    include(template('main.php'));
c19fe9c0Sandi    // output for the commands is now handled in inc/templates.php
c19fe9c0Sandi    // in function tpl_content()
6b13307fSandi}
6b13307fSandi
c8b076b1SMichael Hamann/**
c8b076b1SMichael Hamann * Send the given headers using header()
c8b076b1SMichael Hamann *
c8b076b1SMichael Hamann * @param array $headers The headers that shall be sent
c8b076b1SMichael Hamann */
f63a2007Schrisfunction act_sendheaders($headers) {
f63a2007Schris    foreach ($headers as $hdr) header($hdr);
f63a2007Schris}
f63a2007Schris
6b13307fSandi/**
af182434Sandi * Sanitize the action command
af182434Sandi *
af182434Sandi * @author Andreas Gohr <andi@splitbrain.org>
af182434Sandi */
af182434Sandifunction act_clean($act){
ee4c4a1bSAndreas Gohr    // check if the action was given as array key
ee4c4a1bSAndreas Gohr    if(is_array($act)){
ee4c4a1bSAndreas Gohr        list($act) = array_keys($act);
ee4c4a1bSAndreas Gohr    }
ee4c4a1bSAndreas Gohr
ac83b9d8Sandi    //remove all bad chars
ac83b9d8Sandi    $act = strtolower($act);
2d5ccb39SAndreas Gohr    $act = preg_replace('/[^1-9a-z_]+/','',$act);
ac83b9d8Sandi
ac83b9d8Sandi    if($act == 'export_html') $act = 'export_xhtml';
cc2ae802SAndreas Gohr    if($act == 'export_htmlbody') $act = 'export_xhtmlbody';
b146b32bSandi
396c218fSAndreas Gohr    if($act === '') $act = 'show';
62baad0fSMartin Doucha    return $act;
62baad0fSMartin Doucha}
62baad0fSMartin Doucha
62baad0fSMartin Doucha/**
62baad0fSMartin Doucha * Sanitize and validate action commands.
62baad0fSMartin Doucha *
62baad0fSMartin Doucha * Add all allowed commands here.
62baad0fSMartin Doucha *
62baad0fSMartin Doucha * @author Andreas Gohr <andi@splitbrain.org>
62baad0fSMartin Doucha */
62baad0fSMartin Douchafunction act_validate($act) {
daf0cdbaSMartin Doucha    global $conf;
daf0cdbaSMartin Doucha    global $INFO;
daf0cdbaSMartin Doucha
62baad0fSMartin Doucha    $act = act_clean($act);
396c218fSAndreas Gohr
409d7af7SAndreas Gohr    // check if action is disabled
409d7af7SAndreas Gohr    if(!actionOK($act)){
409d7af7SAndreas Gohr        msg('Command disabled: '.htmlspecialchars($act),-1);
409d7af7SAndreas Gohr        return 'show';
409d7af7SAndreas Gohr    }
409d7af7SAndreas Gohr
60e6b550SAndreas Gohr    //disable all acl related commands if ACL is disabled
60e6b550SAndreas Gohr    if(!$conf['useacl'] && in_array($act,array('login','logout','register','admin',
1246e016SAndreas Gohr                    'subscribe','unsubscribe','profile','revert',
2a7abf2dSChristopher Smith                    'resendpwd','profile_delete'))){
60e6b550SAndreas Gohr        msg('Command unavailable: '.htmlspecialchars($act),-1);
60e6b550SAndreas Gohr        return 'show';
60e6b550SAndreas Gohr    }
60e6b550SAndreas Gohr
c828a5d6SAndreas Gohr    //is there really a draft?
c828a5d6SAndreas Gohr    if($act == 'draft' && !file_exists($INFO['draft'])) return 'edit';
c828a5d6SAndreas Gohr
067c5d22SBen Coburn    if(!in_array($act,array('login','logout','register','save','cancel','edit','draft',
ac83b9d8Sandi                    'preview','search','show','check','index','revisions',
1246e016SAndreas Gohr                    'diff','recent','backlink','admin','subscribe','revert',
2a7abf2dSChristopher Smith                    'unsubscribe','profile','profile_delete','resendpwd','recover',
d5a9514cSAdrian Lang                    'draftdel','sitemap','media')) && substr($act,0,7) != 'export_' ) {
ee4c4a1bSAndreas Gohr        msg('Command unknown: '.htmlspecialchars($act),-1);
af182434Sandi        return 'show';
af182434Sandi    }
af182434Sandi    return $act;
af182434Sandi}
af182434Sandi
af182434Sandi/**
6b13307fSandi * Run permissionchecks
6b13307fSandi *
6b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
6b13307fSandi */
6b13307fSandifunction act_permcheck($act){
dbbc6aa7Sandi    global $INFO;
5e199953Smatthiasgrimm    global $conf;
dbbc6aa7Sandi
ee4c4a1bSAndreas Gohr    if(in_array($act,array('save','preview','edit','recover'))){
6b13307fSandi        if($INFO['exists']){
bdbc16bfSandi            if($act == 'edit'){
bdbc16bfSandi                //the edit function will check again and do a source show
bdbc16bfSandi                //when no AUTH_EDIT available
bdbc16bfSandi                $permneed = AUTH_READ;
bdbc16bfSandi            }else{
6b13307fSandi                $permneed = AUTH_EDIT;
bdbc16bfSandi            }
6b13307fSandi        }else{
6b13307fSandi            $permneed = AUTH_CREATE;
6b13307fSandi        }
2a7abf2dSChristopher Smith    }elseif(in_array($act,array('login','search','recent','profile','profile_delete','index', 'sitemap'))){
6b13307fSandi        $permneed = AUTH_NONE;
1246e016SAndreas Gohr    }elseif($act == 'revert'){
1246e016SAndreas Gohr        $permneed = AUTH_ADMIN;
1246e016SAndreas Gohr        if($INFO['ismanager']) $permneed = AUTH_EDIT;
5e199953Smatthiasgrimm    }elseif($act == 'register'){
5e199953Smatthiasgrimm        $permneed = AUTH_NONE;
ebd3d9ceSchris    }elseif($act == 'resendpwd'){
ebd3d9ceSchris        $permneed = AUTH_NONE;
c19fe9c0Sandi    }elseif($act == 'admin'){
f8cc712eSAndreas Gohr        if($INFO['ismanager']){
f8cc712eSAndreas Gohr            // if the manager has the needed permissions for a certain admin
f8cc712eSAndreas Gohr            // action is checked later
f8cc712eSAndreas Gohr            $permneed = AUTH_READ;
f8cc712eSAndreas Gohr        }else{
c19fe9c0Sandi            $permneed = AUTH_ADMIN;
f8cc712eSAndreas Gohr        }
6b13307fSandi    }else{
6b13307fSandi        $permneed = AUTH_READ;
6b13307fSandi    }
dbbc6aa7Sandi    if($INFO['perm'] >= $permneed) return $act;
dbbc6aa7Sandi
6b13307fSandi    return 'denied';
6b13307fSandi}
6b13307fSandi
6b13307fSandi/**
ee4c4a1bSAndreas Gohr * Handle 'draftdel'
ee4c4a1bSAndreas Gohr *
ee4c4a1bSAndreas Gohr * Deletes the draft for the current page and user
ee4c4a1bSAndreas Gohr */
ee4c4a1bSAndreas Gohrfunction act_draftdel($act){
ee4c4a1bSAndreas Gohr    global $INFO;
ee4c4a1bSAndreas Gohr    @unlink($INFO['draft']);
ee4c4a1bSAndreas Gohr    $INFO['draft'] = null;
ee4c4a1bSAndreas Gohr    return 'show';
ee4c4a1bSAndreas Gohr}
ee4c4a1bSAndreas Gohr
ee4c4a1bSAndreas Gohr/**
ee4c4a1bSAndreas Gohr * Saves a draft on preview
ee4c4a1bSAndreas Gohr *
ee4c4a1bSAndreas Gohr * @todo this currently duplicates code from ajax.php :-/
ee4c4a1bSAndreas Gohr */
ee4c4a1bSAndreas Gohrfunction act_draftsave($act){
ee4c4a1bSAndreas Gohr    global $INFO;
ee4c4a1bSAndreas Gohr    global $ID;
90f1b7bdSTom N Harris    global $INPUT;
ee4c4a1bSAndreas Gohr    global $conf;
90f1b7bdSTom N Harris    if($conf['usedraft'] && $INPUT->post->has('wikitext')) {
ee4c4a1bSAndreas Gohr        $draft = array('id'     => $ID,
90f1b7bdSTom N Harris                'prefix' => substr($INPUT->post->str('prefix'), 0, -1),
90f1b7bdSTom N Harris                'text'   => $INPUT->post->str('wikitext'),
90f1b7bdSTom N Harris                'suffix' => $INPUT->post->str('suffix'),
90f1b7bdSTom N Harris                'date'   => $INPUT->post->int('date'),
ee4c4a1bSAndreas Gohr                'client' => $INFO['client'],
ee4c4a1bSAndreas Gohr                );
ee4c4a1bSAndreas Gohr        $cname = getCacheName($draft['client'].$ID,'.draft');
ee4c4a1bSAndreas Gohr        if(io_saveFile($cname,serialize($draft))){
ee4c4a1bSAndreas Gohr            $INFO['draft'] = $cname;
ee4c4a1bSAndreas Gohr        }
ee4c4a1bSAndreas Gohr    }
ee4c4a1bSAndreas Gohr    return $act;
ee4c4a1bSAndreas Gohr}
ee4c4a1bSAndreas Gohr
ee4c4a1bSAndreas Gohr/**
6b13307fSandi * Handle 'save'
6b13307fSandi *
6b13307fSandi * Checks for spam and conflicts and saves the page.
6b13307fSandi * Does a redirect to show the page afterwards or
6b13307fSandi * returns a new action.
6b13307fSandi *
6b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
6b13307fSandi */
6b13307fSandifunction act_save($act){
6b13307fSandi    global $ID;
6b13307fSandi    global $DATE;
6b13307fSandi    global $PRE;
6b13307fSandi    global $TEXT;
6b13307fSandi    global $SUF;
6b13307fSandi    global $SUM;
5a932e77SAdrian Lang    global $lang;
8d67c48aSAdrian Lang    global $INFO;
90f1b7bdSTom N Harris    global $INPUT;
6b13307fSandi
6b13307fSandi    //spam check
5a932e77SAdrian Lang    if(checkwordblock()) {
5a932e77SAdrian Lang        msg($lang['wordblock'], -1);
5a932e77SAdrian Lang        return 'edit';
5a932e77SAdrian Lang    }
8d67c48aSAdrian Lang    //conflict check
8d67c48aSAdrian Lang    if($DATE != 0 && $INFO['meta']['date']['modified'] > $DATE )
6b13307fSandi        return 'conflict';
6b13307fSandi
6b13307fSandi    //save it
90f1b7bdSTom N Harris    saveWikiText($ID,con($PRE,$TEXT,$SUF,1),$SUM,$INPUT->bool('minor')); //use pretty mode for con
6b13307fSandi    //unlock it
6b13307fSandi    unlock($ID);
6b13307fSandi
ee4c4a1bSAndreas Gohr    //delete draft
ee4c4a1bSAndreas Gohr    act_draftdel($act);
69cd1e27SAndreas Gohr    session_write_close();
ee4c4a1bSAndreas Gohr
69cd1e27SAndreas Gohr    // when done, show page
69cd1e27SAndreas Gohr    return 'show';
69cd1e27SAndreas Gohr}
f951a474SAndreas Gohr
14a122deSAndreas Gohr/**
1246e016SAndreas Gohr * Revert to a certain revision
1246e016SAndreas Gohr *
1246e016SAndreas Gohr * @author Andreas Gohr <andi@splitbrain.org>
1246e016SAndreas Gohr */
1246e016SAndreas Gohrfunction act_revert($act){
1246e016SAndreas Gohr    global $ID;
1246e016SAndreas Gohr    global $REV;
1246e016SAndreas Gohr    global $lang;
de4d479aSAdrian Lang    // FIXME $INFO['writable'] currently refers to the attic version
de4d479aSAdrian Lang    // global $INFO;
de4d479aSAdrian Lang    // if (!$INFO['writable']) {
de4d479aSAdrian Lang    //     return 'show';
de4d479aSAdrian Lang    // }
1246e016SAndreas Gohr
1246e016SAndreas Gohr    // when no revision is given, delete current one
1246e016SAndreas Gohr    // FIXME this feature is not exposed in the GUI currently
1246e016SAndreas Gohr    $text = '';
1246e016SAndreas Gohr    $sum  = $lang['deleted'];
1246e016SAndreas Gohr    if($REV){
1246e016SAndreas Gohr        $text = rawWiki($ID,$REV);
1246e016SAndreas Gohr        if(!$text) return 'show'; //something went wrong
d6b9c7bfSlupo49        $sum = sprintf($lang['restored'], dformat($REV));
1246e016SAndreas Gohr    }
1246e016SAndreas Gohr
1246e016SAndreas Gohr    // spam check
5a932e77SAdrian Lang
5a932e77SAdrian Lang    if (checkwordblock($text)) {
5a932e77SAdrian Lang        msg($lang['wordblock'], -1);
5a932e77SAdrian Lang        return 'edit';
5a932e77SAdrian Lang    }
1246e016SAndreas Gohr
1246e016SAndreas Gohr    saveWikiText($ID,$text,$sum,false);
1246e016SAndreas Gohr    msg($sum,1);
1246e016SAndreas Gohr
1246e016SAndreas Gohr    //delete any draft
1246e016SAndreas Gohr    act_draftdel($act);
1246e016SAndreas Gohr    session_write_close();
1246e016SAndreas Gohr
1246e016SAndreas Gohr    // when done, show current page
1246e016SAndreas Gohr    $_SERVER['REQUEST_METHOD'] = 'post'; //should force a redirect
1246e016SAndreas Gohr    $REV = '';
1246e016SAndreas Gohr    return 'show';
1246e016SAndreas Gohr}
1246e016SAndreas Gohr
1246e016SAndreas Gohr/**
14a122deSAndreas Gohr * Do a redirect after receiving post data
14a122deSAndreas Gohr *
14a122deSAndreas Gohr * Tries to add the section id as hash mark after section editing
14a122deSAndreas Gohr */
69cd1e27SAndreas Gohrfunction act_redirect($id,$preact){
69cd1e27SAndreas Gohr    global $PRE;
69cd1e27SAndreas Gohr    global $TEXT;
f951a474SAndreas Gohr
69cd1e27SAndreas Gohr    $opts = array(
69cd1e27SAndreas Gohr            'id'       => $id,
69cd1e27SAndreas Gohr            'preact'   => $preact
69cd1e27SAndreas Gohr            );
c66972f2SAdrian Lang    //get section name when coming from section edit
c66972f2SAdrian Lang    if($PRE && preg_match('/^\s*==+([^=\n]+)/',$TEXT,$match)){
c66972f2SAdrian Lang        $check = false; //Byref
c66972f2SAdrian Lang        $opts['fragment'] = sectionID($match[0], $check);
c66972f2SAdrian Lang    }
c66972f2SAdrian Lang
69cd1e27SAndreas Gohr    trigger_event('ACTION_SHOW_REDIRECT',$opts,'act_redirect_execute');
69cd1e27SAndreas Gohr}
69cd1e27SAndreas Gohr
c8b076b1SMichael Hamann/**
c8b076b1SMichael Hamann * Execute the redirect
c8b076b1SMichael Hamann *
c8b076b1SMichael Hamann * @param array $opts id and fragment for the redirect
c8b076b1SMichael Hamann */
69cd1e27SAndreas Gohrfunction act_redirect_execute($opts){
69cd1e27SAndreas Gohr    $go = wl($opts['id'],'',true);
c66972f2SAdrian Lang    if(isset($opts['fragment'])) $go .= '#'.$opts['fragment'];
69cd1e27SAndreas Gohr
6b13307fSandi    //show it
af2408d5SAndreas Gohr    send_redirect($go);
6b13307fSandi}
6b13307fSandi
6b13307fSandi/**
b8957367SBenjamin Gilbert * Handle 'login', 'logout'
6b13307fSandi *
6b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
6b13307fSandi */
6b13307fSandifunction act_auth($act){
08eda5bcSmatthiasgrimm    global $ID;
7cace34dSAndreas Gohr    global $INFO;
08eda5bcSmatthiasgrimm
6b13307fSandi    //already logged in?
c66972f2SAdrian Lang    if(isset($_SERVER['REMOTE_USER']) && $act=='login'){
ca12ce46SAndreas Gohr        return 'show';
2288dc06SGuy Brand    }
6b13307fSandi
6b13307fSandi    //handle logout
6b13307fSandi    if($act=='logout'){
08eda5bcSmatthiasgrimm        $lockedby = checklock($ID); //page still locked?
424c3c4fSJohannes Buchner        if($lockedby == $_SERVER['REMOTE_USER'])
08eda5bcSmatthiasgrimm            unlock($ID); //try to unlock
08eda5bcSmatthiasgrimm
7cace34dSAndreas Gohr        // do the logout stuff
6b13307fSandi        auth_logoff();
7cace34dSAndreas Gohr
7cace34dSAndreas Gohr        // rebuild info array
7cace34dSAndreas Gohr        $INFO = pageinfo();
7cace34dSAndreas Gohr
e16eccb7SGuy Brand        act_redirect($ID,'login');
6b13307fSandi    }
6b13307fSandi
6b13307fSandi    return $act;
6b13307fSandi}
6b13307fSandi
6b13307fSandi/**
45a99335SAdrian Lang * Handle 'edit', 'preview', 'recover'
6b13307fSandi *
6b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
6b13307fSandi */
6b13307fSandifunction act_edit($act){
cd409024Sjorda    global $ID;
ee4c4a1bSAndreas Gohr    global $INFO;
cd409024Sjorda
45a99335SAdrian Lang    global $TEXT;
45a99335SAdrian Lang    global $RANGE;
45a99335SAdrian Lang    global $PRE;
45a99335SAdrian Lang    global $SUF;
45a99335SAdrian Lang    global $REV;
45a99335SAdrian Lang    global $SUM;
45a99335SAdrian Lang    global $lang;
45a99335SAdrian Lang    global $DATE;
45a99335SAdrian Lang
45a99335SAdrian Lang    if (!isset($TEXT)) {
45a99335SAdrian Lang        if ($INFO['exists']) {
45a99335SAdrian Lang            if ($RANGE) {
45a99335SAdrian Lang                list($PRE,$TEXT,$SUF) = rawWikiSlices($RANGE,$ID,$REV);
45a99335SAdrian Lang            } else {
45a99335SAdrian Lang                $TEXT = rawWiki($ID,$REV);
45a99335SAdrian Lang            }
45a99335SAdrian Lang        } else {
fe17917eSAdrian Lang            $TEXT = pageTemplate($ID);
45a99335SAdrian Lang        }
45a99335SAdrian Lang    }
45a99335SAdrian Lang
45a99335SAdrian Lang    //set summary default
45a99335SAdrian Lang    if(!$SUM){
45a99335SAdrian Lang        if($REV){
7656ee3bSlupo49            $SUM = sprintf($lang['restored'], dformat($REV));
45a99335SAdrian Lang        }elseif(!$INFO['exists']){
45a99335SAdrian Lang            $SUM = $lang['created'];
45a99335SAdrian Lang        }
45a99335SAdrian Lang    }
45a99335SAdrian Lang
8d67c48aSAdrian Lang    // Use the date of the newest revision, not of the revision we edit
8d67c48aSAdrian Lang    // This is used for conflict detection
78035fe8SAndreas Gohr    if(!$DATE) $DATE = @filemtime(wikiFN($ID));
45a99335SAdrian Lang
6b13307fSandi    //check if locked by anyone - if not lock for my self
31bc8f11SMichael Hamann    //do not lock when the user can't edit anyway
31bc8f11SMichael Hamann    if ($INFO['writable']) {
6b13307fSandi        $lockedby = checklock($ID);
6b13307fSandi        if($lockedby) return 'locked';
6b13307fSandi
6b13307fSandi        lock($ID);
31bc8f11SMichael Hamann    }
31bc8f11SMichael Hamann
6b13307fSandi    return $act;
6b13307fSandi}
6b13307fSandi
6b13307fSandi/**
f6dad9fdSMichael Klier * Export a wiki page for various formats
f6dad9fdSMichael Klier *
f6dad9fdSMichael Klier * Triggers ACTION_EXPORT_POSTPROCESS
f6dad9fdSMichael Klier *
f6dad9fdSMichael Klier *  Event data:
f6dad9fdSMichael Klier *    data['id']      -- page id
f6dad9fdSMichael Klier *    data['mode']    -- requested export mode
f6dad9fdSMichael Klier *    data['headers'] -- export headers
f6dad9fdSMichael Klier *    data['output']  -- export output
6b13307fSandi *
6b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
f6dad9fdSMichael Klier * @author Michael Klier <chi@chimeric.de>
6b13307fSandi */
6b13307fSandifunction act_export($act){
6b13307fSandi    global $ID;
6b13307fSandi    global $REV;
85f8705cSAnika Henke    global $conf;
85f8705cSAnika Henke    global $lang;
6b13307fSandi
f6dad9fdSMichael Klier    $pre = '';
f6dad9fdSMichael Klier    $post = '';
f6dad9fdSMichael Klier    $output = '';
f6dad9fdSMichael Klier    $headers = array();
cc2ae802SAndreas Gohr
f6dad9fdSMichael Klier    // search engines: never cache exported docs! (Google only currently)
f6dad9fdSMichael Klier    $headers['X-Robots-Tag'] = 'noindex';
f6dad9fdSMichael Klier
ac83b9d8Sandi    $mode = substr($act,7);
f6dad9fdSMichael Klier    switch($mode) {
f6dad9fdSMichael Klier        case 'raw':
5adfc5afSAnika Henke            $headers['Content-Type'] = 'text/plain; charset=utf-8';
66b23ce9SAndreas Gohr            $headers['Content-Disposition'] = 'attachment; filename='.noNS($ID).'.txt';
f6dad9fdSMichael Klier            $output = rawWiki($ID,$REV);
f6dad9fdSMichael Klier            break;
f6dad9fdSMichael Klier        case 'xhtml':
c8839c22SAnika Henke            $pre .= '<!DOCTYPE html>' . DOKU_LF;
c8839c22SAnika Henke            $pre .= '<html lang="'.$conf['lang'].'" dir="'.$lang['direction'].'">' . DOKU_LF;
f6dad9fdSMichael Klier            $pre .= '<head>' . DOKU_LF;
c8839c22SAnika Henke            $pre .= '  <meta charset="utf-8" />' . DOKU_LF;
f6dad9fdSMichael Klier            $pre .= '  <title>'.$ID.'</title>' . DOKU_LF;
f6dad9fdSMichael Klier
f6dad9fdSMichael Klier            // get metaheaders
f6dad9fdSMichael Klier            ob_start();
f6dad9fdSMichael Klier            tpl_metaheaders();
f6dad9fdSMichael Klier            $pre .= ob_get_clean();
f6dad9fdSMichael Klier
f6dad9fdSMichael Klier            $pre .= '</head>' . DOKU_LF;
f6dad9fdSMichael Klier            $pre .= '<body>' . DOKU_LF;
f6dad9fdSMichael Klier            $pre .= '<div class="dokuwiki export">' . DOKU_LF;
f6dad9fdSMichael Klier
f6dad9fdSMichael Klier            // get toc
f6dad9fdSMichael Klier            $pre .= tpl_toc(true);
f6dad9fdSMichael Klier
f6dad9fdSMichael Klier            $headers['Content-Type'] = 'text/html; charset=utf-8';
f6dad9fdSMichael Klier            $output = p_wiki_xhtml($ID,$REV,false);
f6dad9fdSMichael Klier
f6dad9fdSMichael Klier            $post .= '</div>' . DOKU_LF;
f6dad9fdSMichael Klier            $post .= '</body>' . DOKU_LF;
f6dad9fdSMichael Klier            $post .= '</html>' . DOKU_LF;
f6dad9fdSMichael Klier            break;
f6dad9fdSMichael Klier        case 'xhtmlbody':
f6dad9fdSMichael Klier            $headers['Content-Type'] = 'text/html; charset=utf-8';
f6dad9fdSMichael Klier            $output = p_wiki_xhtml($ID,$REV,false);
f6dad9fdSMichael Klier            break;
f6dad9fdSMichael Klier        default:
f6dad9fdSMichael Klier            $output = p_cached_output(wikiFN($ID,$REV), $mode);
9acedd40SAndreas Gohr            $headers = p_get_metadata($ID,"format $mode");
f6dad9fdSMichael Klier            break;
f6dad9fdSMichael Klier    }
f6dad9fdSMichael Klier
f6dad9fdSMichael Klier    // prepare event data
f6dad9fdSMichael Klier    $data = array();
f6dad9fdSMichael Klier    $data['id'] = $ID;
f6dad9fdSMichael Klier    $data['mode'] = $mode;
f6dad9fdSMichael Klier    $data['headers'] = $headers;
f6dad9fdSMichael Klier    $data['output'] =& $output;
f6dad9fdSMichael Klier
f6dad9fdSMichael Klier    trigger_event('ACTION_EXPORT_POSTPROCESS', $data);
f6dad9fdSMichael Klier
f6dad9fdSMichael Klier    if(!empty($data['output'])){
f6dad9fdSMichael Klier        if(is_array($data['headers'])) foreach($data['headers'] as $key => $val){
85767031SAndreas Gohr            header("$key: $val");
85767031SAndreas Gohr        }
f6dad9fdSMichael Klier        print $pre.$data['output'].$post;
6b13307fSandi        exit;
6b13307fSandi    }
6b13307fSandi    return 'show';
6b13307fSandi}
340756e4Sandi
b158d625SSteven Danz/**
c4f79b71SMichael Hamann * Handle sitemap delivery
c4f79b71SMichael Hamann *
c4f79b71SMichael Hamann * @author Michael Hamann <michael@content-space.de>
c4f79b71SMichael Hamann */
c4f79b71SMichael Hamannfunction act_sitemap($act) {
c4f79b71SMichael Hamann    global $conf;
c4f79b71SMichael Hamann
eae17177SMichael Hamann    if ($conf['sitemap'] < 1 || !is_numeric($conf['sitemap'])) {
9d2e1be6SAndreas Gohr        http_status(404);
c4f79b71SMichael Hamann        print "Sitemap generation is disabled.";
c4f79b71SMichael Hamann        exit;
c4f79b71SMichael Hamann    }
c4f79b71SMichael Hamann
eae17177SMichael Hamann    $sitemap = Sitemapper::getFilePath();
65f6e7d6SMichael Hamann    if (Sitemapper::sitemapIsCompressed()) {
c4f79b71SMichael Hamann        $mime = 'application/x-gzip';
c4f79b71SMichael Hamann    }else{
c4f79b71SMichael Hamann        $mime = 'application/xml; charset=utf-8';
c4f79b71SMichael Hamann    }
c4f79b71SMichael Hamann
c4f79b71SMichael Hamann    // Check if sitemap file exists, otherwise create it
c4f79b71SMichael Hamann    if (!is_readable($sitemap)) {
2897eb23SMichael Hamann        Sitemapper::generate();
c4f79b71SMichael Hamann    }
c4f79b71SMichael Hamann
c4f79b71SMichael Hamann    if (is_readable($sitemap)) {
c4f79b71SMichael Hamann        // Send headers
c4f79b71SMichael Hamann        header('Content-Type: '.$mime);
3009a773SAndreas Gohr        header('Content-Disposition: attachment; filename='.utf8_basename($sitemap));
c4f79b71SMichael Hamann
eae17177SMichael Hamann        http_conditionalRequest(filemtime($sitemap));
eae17177SMichael Hamann
c4f79b71SMichael Hamann        // Send file
c4f79b71SMichael Hamann        //use x-sendfile header to pass the delivery to compatible webservers
c4f79b71SMichael Hamann        if (http_sendfile($sitemap)) exit;
c4f79b71SMichael Hamann
eae17177SMichael Hamann        readfile($sitemap);
c4f79b71SMichael Hamann        exit;
c4f79b71SMichael Hamann    }
c4f79b71SMichael Hamann
9d2e1be6SAndreas Gohr    http_status(500);
eae17177SMichael Hamann    print "Could not read the sitemap file - bad permissions?";
c4f79b71SMichael Hamann    exit;
c4f79b71SMichael Hamann}
c4f79b71SMichael Hamann
c4f79b71SMichael Hamann/**
5b75cd1fSAdrian Lang * Handle page 'subscribe'
b158d625SSteven Danz *
5b75cd1fSAdrian Lang * Throws exception on error.
5b75cd1fSAdrian Lang *
5b75cd1fSAdrian Lang * @author Adrian Lang <lang@cosmocode.de>
b158d625SSteven Danz */
1380fc45SAndreas Gohrfunction act_subscription($act){
056c2049SAndreas Gohr    global $lang;
056c2049SAndreas Gohr    global $INFO;
056c2049SAndreas Gohr    global $ID;
90f1b7bdSTom N Harris    global $INPUT;
52b0dd67SGuy Brand
9fa341d0SAndreas Gohr    // subcriptions work for logged in users only
9fa341d0SAndreas Gohr    if(!$_SERVER['REMOTE_USER']) return 'show';
9fa341d0SAndreas Gohr
056c2049SAndreas Gohr    // get and preprocess data.
8881fcc9SAdrian Lang    $params = array();
8881fcc9SAdrian Lang    foreach(array('target', 'style', 'action') as $param) {
90f1b7bdSTom N Harris        if ($INPUT->has("sub_$param")) {
90f1b7bdSTom N Harris            $params[$param] = $INPUT->str("sub_$param");
8881fcc9SAdrian Lang        }
8881fcc9SAdrian Lang    }
8881fcc9SAdrian Lang
056c2049SAndreas Gohr    // any action given? if not just return and show the subscription page
66d2bed9SAdrian Lang    if(!$params['action'] || !checkSecurityToken()) return $act;
056c2049SAndreas Gohr
8881fcc9SAdrian Lang    // Handle POST data, may throw exception.
8881fcc9SAdrian Lang    trigger_event('ACTION_HANDLE_SUBSCRIBE', $params, 'subscription_handle_post');
8881fcc9SAdrian Lang
8881fcc9SAdrian Lang    $target = $params['target'];
8881fcc9SAdrian Lang    $style  = $params['style'];
8881fcc9SAdrian Lang    $action = $params['action'];
8881fcc9SAdrian Lang
8881fcc9SAdrian Lang    // Perform action.
a0519fdaSAndreas Gohr    $sub = new Subscription();
a0519fdaSAndreas Gohr    if($action == 'unsubscribe'){
a0519fdaSAndreas Gohr        $ok = $sub->remove($target, $_SERVER['REMOTE_USER'], $style);
a0519fdaSAndreas Gohr    }else{
a0519fdaSAndreas Gohr        $ok = $sub->add($target, $_SERVER['REMOTE_USER'], $style);
a0519fdaSAndreas Gohr    }
a0519fdaSAndreas Gohr
a0519fdaSAndreas Gohr    if($ok) {
a0519fdaSAndreas Gohr        msg(sprintf($lang["subscr_{$action}_success"], hsc($INFO['userinfo']['name']),
a0519fdaSAndreas Gohr                    prettyprint_id($target)), 1);
a0519fdaSAndreas Gohr        act_redirect($ID, $act);
a0519fdaSAndreas Gohr    } else {
8881fcc9SAdrian Lang        throw new Exception(sprintf($lang["subscr_{$action}_error"],
8881fcc9SAdrian Lang                                    hsc($INFO['userinfo']['name']),
8881fcc9SAdrian Lang                                    prettyprint_id($target)));
8881fcc9SAdrian Lang    }
cb3f9dbaSAdrian Lang
cb3f9dbaSAdrian Lang    // Assure that we have valid data if act_redirect somehow fails.
a0519fdaSAndreas Gohr    $INFO['subscribed'] = $sub->user_subscription();
cb3f9dbaSAdrian Lang    return 'show';
8881fcc9SAdrian Lang}
8881fcc9SAdrian Lang
8881fcc9SAdrian Lang/**
8881fcc9SAdrian Lang * Validate POST data
8881fcc9SAdrian Lang *
8881fcc9SAdrian Lang * Validates POST data for a subscribe or unsubscribe request. This is the
8881fcc9SAdrian Lang * default action for the event ACTION_HANDLE_SUBSCRIBE.
8881fcc9SAdrian Lang *
8881fcc9SAdrian Lang * @author Adrian Lang <lang@cosmocode.de>
8881fcc9SAdrian Lang */
7a9add1cSAdrian Langfunction subscription_handle_post(&$params) {
8881fcc9SAdrian Lang    global $INFO;
8881fcc9SAdrian Lang    global $lang;
8881fcc9SAdrian Lang
5b75cd1fSAdrian Lang    // Get and validate parameters.
8881fcc9SAdrian Lang    if (!isset($params['target'])) {
15741132SAndreas Gohr        throw new Exception('no subscription target given');
5b75cd1fSAdrian Lang    }
8881fcc9SAdrian Lang    $target = $params['target'];
5b75cd1fSAdrian Lang    $valid_styles = array('every', 'digest');
5b75cd1fSAdrian Lang    if (substr($target, -1, 1) === ':') {
5b75cd1fSAdrian Lang        // Allow “list” subscribe style since the target is a namespace.
5b75cd1fSAdrian Lang        $valid_styles[] = 'list';
5b75cd1fSAdrian Lang    }
8881fcc9SAdrian Lang    $style  = valid_input_set('style', $valid_styles, $params,
15741132SAndreas Gohr                              'invalid subscription style given');
8881fcc9SAdrian Lang    $action = valid_input_set('action', array('subscribe', 'unsubscribe'),
15741132SAndreas Gohr                              $params, 'invalid subscription action given');
613964ecSGuy Brand
5b75cd1fSAdrian Lang    // Check other conditions.
5b75cd1fSAdrian Lang    if ($action === 'subscribe') {
5b75cd1fSAdrian Lang        if ($INFO['userinfo']['mail'] === '') {
5b75cd1fSAdrian Lang            throw new Exception($lang['subscr_subscribe_noaddress']);
52b0dd67SGuy Brand        }
5b75cd1fSAdrian Lang    } elseif ($action === 'unsubscribe') {
5b75cd1fSAdrian Lang        $is = false;
5b75cd1fSAdrian Lang        foreach($INFO['subscribed'] as $subscr) {
5b75cd1fSAdrian Lang            if ($subscr['target'] === $target) {
5b75cd1fSAdrian Lang                $is = true;
52b0dd67SGuy Brand            }
52b0dd67SGuy Brand        }
5b75cd1fSAdrian Lang        if ($is === false) {
15741132SAndreas Gohr            throw new Exception(sprintf($lang['subscr_not_subscribed'],
15741132SAndreas Gohr                                        $_SERVER['REMOTE_USER'],
5b75cd1fSAdrian Lang                                        prettyprint_id($target)));
5b75cd1fSAdrian Lang        }
5b75cd1fSAdrian Lang        // subscription_set deletes a subscription if style = null.
5b75cd1fSAdrian Lang        $style = null;
52b0dd67SGuy Brand    }
52b0dd67SGuy Brand
16c665d9SAndreas Gohr    $params = compact('target', 'style', 'action');
52b0dd67SGuy Brand}
52b0dd67SGuy Brand
e3776c06SMichael Hamann//Setup VIM: ex: et ts=2 :