xref: /dokuwiki/inc/actions.php (revision 5f312baccd3f152f55bb9ce0364cc18a99191959) 
16b13307fSandi<?php
26b13307fSandi/**
36b13307fSandi * DokuWiki Actions
46b13307fSandi *
56b13307fSandi * @license    GPL 2 (http://www.gnu.org/licenses/gpl.html)
66b13307fSandi * @author     Andreas Gohr <andi@splitbrain.org>
76b13307fSandi */
86b13307fSandi
96b13307fSandi  if(!defined('DOKU_INC')) define('DOKU_INC',realpath(dirname(__FILE__).'/../').'/');
106b13307fSandi  require_once(DOKU_INC.'inc/template.php');
116b13307fSandi
12af182434Sandi
136b13307fSandi/**
146b13307fSandi * Call the needed action handlers
156b13307fSandi *
166b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
176b13307fSandi */
186b13307fSandifunction act_dispatch(){
196b13307fSandi  global $INFO;
206b13307fSandi  global $ACT;
216b13307fSandi  global $ID;
226b13307fSandi  global $QUERY;
236b13307fSandi  global $lang;
246b13307fSandi  global $conf;
256b13307fSandi
26c2e830f2Schris  // give plugins an opportunity to process the action
2724bb549bSchris  $evt = new Doku_Event('ACTION_ACT_PREPROCESS',$ACT);
2824bb549bSchris  if ($evt->advise_before()) {
29c2e830f2Schris
30af182434Sandi    //sanitize $ACT
31af182434Sandi    $ACT = act_clean($ACT);
32af182434Sandi
33b8957367SBenjamin Gilbert    //check if searchword was given - else just show
340868021bSAndreas Gohr    $s = cleanID($QUERY);
350868021bSAndreas Gohr    if($ACT == 'search' && empty($s)){
36b8957367SBenjamin Gilbert      $ACT = 'show';
37b8957367SBenjamin Gilbert    }
38b8957367SBenjamin Gilbert
39b8957367SBenjamin Gilbert    //login stuff
40b8957367SBenjamin Gilbert    if(in_array($ACT,array('login','logout')))
41b8957367SBenjamin Gilbert      $ACT = act_auth($ACT);
42b8957367SBenjamin Gilbert
431380fc45SAndreas Gohr    //check if user is asking to (un)subscribe a page
441380fc45SAndreas Gohr    if($ACT == 'subscribe' || $ACT == 'unsubscribe')
451380fc45SAndreas Gohr      $ACT = act_subscription($ACT);
46b158d625SSteven Danz
476b13307fSandi    //check permissions
486b13307fSandi    $ACT = act_permcheck($ACT);
496b13307fSandi
50b8957367SBenjamin Gilbert    //register
51b8957367SBenjamin Gilbert    if($ACT == 'register' && register()){
52b8957367SBenjamin Gilbert      $ACT = 'login';
53b8957367SBenjamin Gilbert    }
546b13307fSandi
558b06d178Schris    if ($ACT == 'resendpwd' && act_resendpwd()) {
568b06d178Schris      $ACT = 'login';
578b06d178Schris    }
588b06d178Schris
598b06d178Schris    //update user profile
608b06d178Schris    if (($ACT == 'profile') && updateprofile()) {
614cb79657SMatthias Grimm      msg($lang['profchanged'],1);
624cb79657SMatthias Grimm      $ACT = 'show';
638b06d178Schris    }
648b06d178Schris
656b13307fSandi    //save
666b13307fSandi    if($ACT == 'save')
676b13307fSandi      $ACT = act_save($ACT);
686b13307fSandi
69ee4c4a1bSAndreas Gohr    //draft deletion
70ee4c4a1bSAndreas Gohr    if($ACT == 'draftdel')
71ee4c4a1bSAndreas Gohr      $ACT = act_draftdel($ACT);
72ee4c4a1bSAndreas Gohr
73ee4c4a1bSAndreas Gohr    //draft saving on preview
74ee4c4a1bSAndreas Gohr    if($ACT == 'preview')
75ee4c4a1bSAndreas Gohr      $ACT = act_draftsave($ACT);
76ee4c4a1bSAndreas Gohr
776b13307fSandi    //edit
78b146b32bSandi    if(($ACT == 'edit' || $ACT == 'preview') && $INFO['editable']){
79af182434Sandi      $ACT = act_edit($ACT);
806b13307fSandi    }else{
816b13307fSandi      unlock($ID); //try to unlock
826b13307fSandi    }
836b13307fSandi
846b13307fSandi    //handle export
85ac83b9d8Sandi    if(substr($ACT,0,7) == 'export_')
866b13307fSandi      $ACT = act_export($ACT);
876b13307fSandi
886b13307fSandi    //display some infos
896b13307fSandi    if($ACT == 'check'){
906b13307fSandi      check();
916b13307fSandi      $ACT = 'show';
926b13307fSandi    }
936b13307fSandi
94c19fe9c0Sandi    //handle admin tasks
95c19fe9c0Sandi    if($ACT == 'admin'){
9611e2ce22Schris      // retrieve admin plugin name from $_REQUEST['page']
9711e2ce22Schris      if ($_REQUEST['page']) {
9811e2ce22Schris          $pluginlist = plugin_list('admin');
9911e2ce22Schris          if (in_array($_REQUEST['page'], $pluginlist)) {
10011e2ce22Schris            // attempt to load the plugin
10111e2ce22Schris            if ($plugin =& plugin_load('admin',$_REQUEST['page']) !== NULL)
10211e2ce22Schris                $plugin->handle();
10311e2ce22Schris          }
10411e2ce22Schris      }
105c19fe9c0Sandi    }
106*5f312bacSAndreas Gohr
107*5f312bacSAndreas Gohr    // check permissions again - the action may have changed
108*5f312bacSAndreas Gohr    $ACT = act_permcheck($ACT);
10924bb549bSchris  }  // end event ACTION_ACT_PREPROCESS default action
11024bb549bSchris  $evt->advise_after();
11124bb549bSchris  unset($evt);
112c19fe9c0Sandi
113*5f312bacSAndreas Gohr
1146b13307fSandi  //call template FIXME: all needed vars available?
115f63a2007Schris  $headers[] = 'Content-Type: text/html; charset=utf-8';
11624bb549bSchris  trigger_event('ACTION_HEADERS_SEND',$headers,act_sendheaders);
117f63a2007Schris
1185a892029SAndreas Gohr  include(template('main.php'));
119c19fe9c0Sandi  // output for the commands is now handled in inc/templates.php
120c19fe9c0Sandi  // in function tpl_content()
1216b13307fSandi}
1226b13307fSandi
123f63a2007Schrisfunction act_sendheaders($headers) {
124f63a2007Schris  foreach ($headers as $hdr) header($hdr);
125f63a2007Schris}
126f63a2007Schris
1276b13307fSandi/**
128af182434Sandi * Sanitize the action command
129af182434Sandi *
130af182434Sandi * Add all allowed commands here.
131af182434Sandi *
132af182434Sandi * @author Andreas Gohr <andi@splitbrain.org>
133af182434Sandi */
134af182434Sandifunction act_clean($act){
135af182434Sandi  global $lang;
13660e6b550SAndreas Gohr  global $conf;
137af182434Sandi
138ee4c4a1bSAndreas Gohr  // check if the action was given as array key
139ee4c4a1bSAndreas Gohr  if(is_array($act)){
140ee4c4a1bSAndreas Gohr    list($act) = array_keys($act);
141ee4c4a1bSAndreas Gohr  }
142ee4c4a1bSAndreas Gohr
143cf81b04aSandi  //handle localized buttons
144cf81b04aSandi  if($act == $lang['btn_save'])     $act = 'save';
145cf81b04aSandi  if($act == $lang['btn_preview'])  $act = 'preview';
146cf81b04aSandi  if($act == $lang['btn_cancel'])   $act = 'show';
147ee4c4a1bSAndreas Gohr  if($act == $lang['btn_recover'])  $act = 'recover';
148ee4c4a1bSAndreas Gohr  if($act == $lang['btn_draftdel']) $act = 'draftdel';
149ee4c4a1bSAndreas Gohr
150cf81b04aSandi
151ac83b9d8Sandi  //remove all bad chars
152ac83b9d8Sandi  $act = strtolower($act);
153ac83b9d8Sandi  $act = preg_replace('/[^a-z_]+/','',$act);
154ac83b9d8Sandi
155ac83b9d8Sandi  if($act == 'export_html') $act = 'export_xhtml';
156cc2ae802SAndreas Gohr  if($act == 'export_htmlbody') $act = 'export_xhtmlbody';
157b146b32bSandi
15860e6b550SAndreas Gohr  //disable all acl related commands if ACL is disabled
15960e6b550SAndreas Gohr  if(!$conf['useacl'] && in_array($act,array('login','logout','register','admin',
16060e6b550SAndreas Gohr                                             'subscribe','unsubscribe','profile',
16160e6b550SAndreas Gohr                                             'resendpwd',))){
16260e6b550SAndreas Gohr    msg('Command unavailable: '.htmlspecialchars($act),-1);
16360e6b550SAndreas Gohr    return 'show';
16460e6b550SAndreas Gohr  }
16560e6b550SAndreas Gohr
166ee4c4a1bSAndreas Gohr  if(!in_array($act,array('login','logout','register','save','edit','draft',
167ac83b9d8Sandi                          'preview','search','show','check','index','revisions',
1681380fc45SAndreas Gohr                          'diff','recent','backlink','admin','subscribe',
169ee4c4a1bSAndreas Gohr                          'unsubscribe','profile','resendpwd','recover',
170ee4c4a1bSAndreas Gohr                          'draftdel',)) && substr($act,0,7) != 'export_' ) {
171ee4c4a1bSAndreas Gohr    msg('Command unknown: '.htmlspecialchars($act),-1);
172af182434Sandi    return 'show';
173af182434Sandi  }
174af182434Sandi  return $act;
175af182434Sandi}
176af182434Sandi
177af182434Sandi/**
1786b13307fSandi * Run permissionchecks
1796b13307fSandi *
1806b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
1816b13307fSandi */
1826b13307fSandifunction act_permcheck($act){
183dbbc6aa7Sandi  global $INFO;
1845e199953Smatthiasgrimm  global $conf;
185dbbc6aa7Sandi
186ee4c4a1bSAndreas Gohr  if(in_array($act,array('save','preview','edit','recover'))){
1876b13307fSandi    if($INFO['exists']){
188bdbc16bfSandi      if($act == 'edit'){
189bdbc16bfSandi        //the edit function will check again and do a source show
190bdbc16bfSandi        //when no AUTH_EDIT available
191bdbc16bfSandi        $permneed = AUTH_READ;
192bdbc16bfSandi      }else{
1936b13307fSandi        $permneed = AUTH_EDIT;
194bdbc16bfSandi      }
1956b13307fSandi    }else{
1966b13307fSandi      $permneed = AUTH_CREATE;
1976b13307fSandi    }
1988b06d178Schris  }elseif(in_array($act,array('login','search','recent','profile'))){
1996b13307fSandi    $permneed = AUTH_NONE;
2005e199953Smatthiasgrimm  }elseif($act == 'register'){
201e1fcbe1eSandi    if ($conf['openregister']){
2025e199953Smatthiasgrimm      $permneed = AUTH_NONE;
203e1fcbe1eSandi    }else{
204e1fcbe1eSandi      $permneed = AUTH_ADMIN;
205e1fcbe1eSandi    }
206ebd3d9ceSchris  }elseif($act == 'resendpwd'){
207ebd3d9ceSchris    if ($conf['resendpasswd']) {
208ebd3d9ceSchris      $permneed = AUTH_NONE;
209ebd3d9ceSchris    }else{
210ebd3d9ceSchris      $permneed = AUTH_ADMIN+1; // shouldn't get here if $conf['resendpasswd'] is off
211ebd3d9ceSchris    }
212c19fe9c0Sandi  }elseif($act == 'admin'){
213c19fe9c0Sandi    $permneed = AUTH_ADMIN;
2146b13307fSandi  }else{
2156b13307fSandi    $permneed = AUTH_READ;
2166b13307fSandi  }
217dbbc6aa7Sandi  if($INFO['perm'] >= $permneed) return $act;
218dbbc6aa7Sandi
2196b13307fSandi  return 'denied';
2206b13307fSandi}
2216b13307fSandi
2226b13307fSandi/**
223ee4c4a1bSAndreas Gohr * Handle 'draftdel'
224ee4c4a1bSAndreas Gohr *
225ee4c4a1bSAndreas Gohr * Deletes the draft for the current page and user
226ee4c4a1bSAndreas Gohr */
227ee4c4a1bSAndreas Gohrfunction act_draftdel($act){
228ee4c4a1bSAndreas Gohr  global $INFO;
229ee4c4a1bSAndreas Gohr  @unlink($INFO['draft']);
230ee4c4a1bSAndreas Gohr  $INFO['draft'] = null;
231ee4c4a1bSAndreas Gohr  return 'show';
232ee4c4a1bSAndreas Gohr}
233ee4c4a1bSAndreas Gohr
234ee4c4a1bSAndreas Gohr/**
235ee4c4a1bSAndreas Gohr * Saves a draft on preview
236ee4c4a1bSAndreas Gohr *
237ee4c4a1bSAndreas Gohr * @todo this currently duplicates code from ajax.php :-/
238ee4c4a1bSAndreas Gohr */
239ee4c4a1bSAndreas Gohrfunction act_draftsave($act){
240ee4c4a1bSAndreas Gohr  global $INFO;
241ee4c4a1bSAndreas Gohr  global $ID;
242ee4c4a1bSAndreas Gohr  global $conf;
243ee4c4a1bSAndreas Gohr  if($conf['usedraft'] && $_POST['wikitext']){
244ee4c4a1bSAndreas Gohr    $draft = array('id'     => $ID,
245ee4c4a1bSAndreas Gohr                   'prefix' => $_POST['prefix'],
246ee4c4a1bSAndreas Gohr                   'text'   => $_POST['wikitext'],
247ee4c4a1bSAndreas Gohr                   'suffix' => $_POST['suffix'],
248ee4c4a1bSAndreas Gohr                   'date'   => $_POST['date'],
249ee4c4a1bSAndreas Gohr                   'client' => $INFO['client'],
250ee4c4a1bSAndreas Gohr                  );
251ee4c4a1bSAndreas Gohr    $cname = getCacheName($draft['client'].$ID,'.draft');
252ee4c4a1bSAndreas Gohr    if(io_saveFile($cname,serialize($draft))){
253ee4c4a1bSAndreas Gohr      $INFO['draft'] = $cname;
254ee4c4a1bSAndreas Gohr    }
255ee4c4a1bSAndreas Gohr  }
256ee4c4a1bSAndreas Gohr  return $act;
257ee4c4a1bSAndreas Gohr}
258ee4c4a1bSAndreas Gohr
259ee4c4a1bSAndreas Gohr/**
2606b13307fSandi * Handle 'save'
2616b13307fSandi *
2626b13307fSandi * Checks for spam and conflicts and saves the page.
2636b13307fSandi * Does a redirect to show the page afterwards or
2646b13307fSandi * returns a new action.
2656b13307fSandi *
2666b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
2676b13307fSandi */
2686b13307fSandifunction act_save($act){
2696b13307fSandi  global $ID;
2706b13307fSandi  global $DATE;
2716b13307fSandi  global $PRE;
2726b13307fSandi  global $TEXT;
2736b13307fSandi  global $SUF;
2746b13307fSandi  global $SUM;
2756b13307fSandi
2766b13307fSandi  //spam check
2776b13307fSandi  if(checkwordblock())
2786b13307fSandi    return 'wordblock';
2796b13307fSandi  //conflict check //FIXME use INFO
2806b13307fSandi  if($DATE != 0 && @filemtime(wikiFN($ID)) > $DATE )
2816b13307fSandi    return 'conflict';
2826b13307fSandi
2836b13307fSandi  //save it
284b6912aeaSAndreas Gohr  saveWikiText($ID,con($PRE,$TEXT,$SUF,1),$SUM,$_REQUEST['minor']); //use pretty mode for con
2856b13307fSandi  //unlock it
2866b13307fSandi  unlock($ID);
2876b13307fSandi
288ee4c4a1bSAndreas Gohr  //delete draft
289ee4c4a1bSAndreas Gohr  act_draftdel($act);
290ee4c4a1bSAndreas Gohr
2916b13307fSandi  //show it
2926b13307fSandi  session_write_close();
2936b13307fSandi  header("Location: ".wl($ID,'',true));
2946b13307fSandi  exit();
2956b13307fSandi}
2966b13307fSandi
2976b13307fSandi/**
298b8957367SBenjamin Gilbert * Handle 'login', 'logout'
2996b13307fSandi *
3006b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
3016b13307fSandi */
3026b13307fSandifunction act_auth($act){
30308eda5bcSmatthiasgrimm  global $ID;
3047cace34dSAndreas Gohr  global $INFO;
30508eda5bcSmatthiasgrimm
3066b13307fSandi  //already logged in?
3076b13307fSandi  if($_SERVER['REMOTE_USER'] && $act=='login')
3086b13307fSandi    return 'show';
3096b13307fSandi
3106b13307fSandi  //handle logout
3116b13307fSandi  if($act=='logout'){
31208eda5bcSmatthiasgrimm    $lockedby = checklock($ID); //page still locked?
313424c3c4fSJohannes Buchner    if($lockedby == $_SERVER['REMOTE_USER'])
31408eda5bcSmatthiasgrimm      unlock($ID); //try to unlock
31508eda5bcSmatthiasgrimm
3167cace34dSAndreas Gohr    // do the logout stuff
3176b13307fSandi    auth_logoff();
3187cace34dSAndreas Gohr
3197cace34dSAndreas Gohr    // rebuild info array
3207cace34dSAndreas Gohr    $INFO = pageinfo();
3217cace34dSAndreas Gohr
3226b13307fSandi    return 'login';
3236b13307fSandi  }
3246b13307fSandi
3256b13307fSandi  return $act;
3266b13307fSandi}
3276b13307fSandi
3286b13307fSandi/**
3296b13307fSandi * Handle 'edit', 'preview'
3306b13307fSandi *
3316b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
3326b13307fSandi */
3336b13307fSandifunction act_edit($act){
334cd409024Sjorda  global $ID;
335ee4c4a1bSAndreas Gohr  global $INFO;
336cd409024Sjorda
3376b13307fSandi  //check if locked by anyone - if not lock for my self
3386b13307fSandi  $lockedby = checklock($ID);
3396b13307fSandi  if($lockedby) return 'locked';
3406b13307fSandi
3416b13307fSandi  lock($ID);
3426b13307fSandi  return $act;
3436b13307fSandi}
3446b13307fSandi
3456b13307fSandi/**
3466b13307fSandi * Handle 'edit', 'preview'
3476b13307fSandi *
3486b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
3496b13307fSandi */
3506b13307fSandifunction act_export($act){
3516b13307fSandi  global $ID;
3526b13307fSandi  global $REV;
3536b13307fSandi
354ac83b9d8Sandi  // no renderer for this
355ac83b9d8Sandi  if($act == 'export_raw'){
356ac83b9d8Sandi    header('Content-Type: text/plain; charset=utf-8');
357ac83b9d8Sandi    print rawWiki($ID,$REV);
358ac83b9d8Sandi    exit;
359ac83b9d8Sandi  }
360ac83b9d8Sandi
361ac83b9d8Sandi  // html export #FIXME what about the template's style?
362ac83b9d8Sandi  if($act == 'export_xhtml'){
36385f8705cSAnika Henke    global $conf;
36485f8705cSAnika Henke    global $lang;
3656b13307fSandi    header('Content-Type: text/html; charset=utf-8');
36685f8705cSAnika Henke    ptln('<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"');
36785f8705cSAnika Henke    ptln(' "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">');
36885f8705cSAnika Henke    ptln('<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="'.$conf['lang'].'"');
36985f8705cSAnika Henke    ptln(' lang="'.$conf['lang'].'" dir="'.$lang['direction'].'">');
3706b13307fSandi    ptln('<head>');
37185f8705cSAnika Henke    ptln('  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />');
37285f8705cSAnika Henke    ptln('  <title>'.$ID.'</title>');
3736b13307fSandi    tpl_metaheaders();
3746b13307fSandi    ptln('</head>');
3756b13307fSandi    ptln('<body>');
3762c5c3308SAndreas Gohr    ptln('<div class="dokuwiki export">');
377ac83b9d8Sandi    print p_wiki_xhtml($ID,$REV,false);
378c771e9edSAnika Henke    ptln('</div>');
3796b13307fSandi    ptln('</body>');
3806b13307fSandi    ptln('</html>');
3816b13307fSandi    exit;
3826b13307fSandi  }
3836b13307fSandi
384cc2ae802SAndreas Gohr  // html body only
385cc2ae802SAndreas Gohr  if($act == 'export_xhtmlbody'){
386cc2ae802SAndreas Gohr    print p_wiki_xhtml($ID,$REV,false);
387cc2ae802SAndreas Gohr    exit;
388cc2ae802SAndreas Gohr  }
389cc2ae802SAndreas Gohr
390ac83b9d8Sandi  // try to run renderer #FIXME use cached instructions
391ac83b9d8Sandi  $mode = substr($act,7);
3929dc2c2afSandi  $text = p_render($mode,p_get_instructions(rawWiki($ID,$REV)),$info);
393ac83b9d8Sandi  if(!is_null($text)){
394ac83b9d8Sandi    print $text;
3956b13307fSandi    exit;
3966b13307fSandi  }
3976b13307fSandi
398ac83b9d8Sandi
399ac83b9d8Sandi
4006b13307fSandi  return 'show';
4016b13307fSandi}
402340756e4Sandi
403b158d625SSteven Danz/**
4041380fc45SAndreas Gohr * Handle 'subscribe', 'unsubscribe'
405b158d625SSteven Danz *
406b158d625SSteven Danz * @author Steven Danz <steven-danz@kc.rr.com>
4071380fc45SAndreas Gohr * @todo   localize
408b158d625SSteven Danz */
4091380fc45SAndreas Gohrfunction act_subscription($act){
410b158d625SSteven Danz  global $ID;
411b158d625SSteven Danz  global $INFO;
412f9eb5648Ssteven-danz  global $lang;
413b158d625SSteven Danz
4141380fc45SAndreas Gohr  $file=metaFN($ID,'.mlist');
4151380fc45SAndreas Gohr  if ($act=='subscribe' && !$INFO['subscribed']){
416b158d625SSteven Danz    if ($INFO['userinfo']['mail']){
4171380fc45SAndreas Gohr      if (io_saveFile($file,$_SERVER['REMOTE_USER']."\n",true)) {
4181380fc45SAndreas Gohr        $INFO['subscribed'] = true;
419f9eb5648Ssteven-danz        msg(sprintf($lang[$act.'_success'], $INFO['userinfo']['name'], $ID),1);
420b158d625SSteven Danz      } else {
421f9eb5648Ssteven-danz        msg(sprintf($lang[$act.'_error'], $INFO['userinfo']['name'], $ID),1);
422b158d625SSteven Danz      }
423b158d625SSteven Danz    } else {
424f9eb5648Ssteven-danz      msg($lang['subscribe_noaddress']);
425b158d625SSteven Danz    }
4261380fc45SAndreas Gohr  } elseif ($act=='unsubscribe' && $INFO['subscribed']){
427b158d625SSteven Danz    if (io_deleteFromFile($file,$_SERVER['REMOTE_USER']."\n")) {
4281380fc45SAndreas Gohr      $INFO['subscribed'] = false;
429f9eb5648Ssteven-danz      msg(sprintf($lang[$act.'_success'], $INFO['userinfo']['name'], $ID),1);
430b158d625SSteven Danz    } else {
431f9eb5648Ssteven-danz      msg(sprintf($lang[$act.'_error'], $INFO['userinfo']['name'], $ID),1);
432b158d625SSteven Danz    }
433b158d625SSteven Danz  }
434b158d625SSteven Danz
435b158d625SSteven Danz  return 'show';
436b158d625SSteven Danz}
437b158d625SSteven Danz
438340756e4Sandi//Setup VIM: ex: et ts=2 enc=utf-8 :
439