xref: /dokuwiki/inc/actions.php (revision 60e6b550b60672fe78cdfeb0abafa4c16b1451c5) 
16b13307fSandi<?php
26b13307fSandi/**
36b13307fSandi * DokuWiki Actions
46b13307fSandi *
56b13307fSandi * @license    GPL 2 (http://www.gnu.org/licenses/gpl.html)
66b13307fSandi * @author     Andreas Gohr <andi@splitbrain.org>
76b13307fSandi */
86b13307fSandi
96b13307fSandi  if(!defined('DOKU_INC')) define('DOKU_INC',realpath(dirname(__FILE__).'/../').'/');
106b13307fSandi  require_once(DOKU_INC.'inc/template.php');
116b13307fSandi
12af182434Sandi
136b13307fSandi/**
146b13307fSandi * Call the needed action handlers
156b13307fSandi *
166b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
176b13307fSandi */
186b13307fSandifunction act_dispatch(){
196b13307fSandi  global $INFO;
206b13307fSandi  global $ACT;
216b13307fSandi  global $ID;
226b13307fSandi  global $QUERY;
236b13307fSandi  global $lang;
246b13307fSandi  global $conf;
256b13307fSandi
26af182434Sandi  //sanitize $ACT
27af182434Sandi  $ACT = act_clean($ACT);
28af182434Sandi
29b8957367SBenjamin Gilbert  //check if searchword was given - else just show
300868021bSAndreas Gohr  $s = cleanID($QUERY);
310868021bSAndreas Gohr  if($ACT == 'search' && empty($s)){
32b8957367SBenjamin Gilbert    $ACT = 'show';
33b8957367SBenjamin Gilbert  }
34b8957367SBenjamin Gilbert
35b8957367SBenjamin Gilbert  //login stuff
36b8957367SBenjamin Gilbert  if(in_array($ACT,array('login','logout')))
37b8957367SBenjamin Gilbert    $ACT = act_auth($ACT);
38b8957367SBenjamin Gilbert
391380fc45SAndreas Gohr  //check if user is asking to (un)subscribe a page
401380fc45SAndreas Gohr  if($ACT == 'subscribe' || $ACT == 'unsubscribe')
411380fc45SAndreas Gohr    $ACT = act_subscription($ACT);
42b158d625SSteven Danz
436b13307fSandi  //check permissions
446b13307fSandi  $ACT = act_permcheck($ACT);
456b13307fSandi
46b8957367SBenjamin Gilbert  //register
47b8957367SBenjamin Gilbert  if($ACT == 'register' && register()){
48b8957367SBenjamin Gilbert    $ACT = 'login';
49b8957367SBenjamin Gilbert  }
506b13307fSandi
518b06d178Schris  if ($ACT == 'resendpwd' && act_resendpwd()) {
528b06d178Schris    $ACT = 'login';
538b06d178Schris  }
548b06d178Schris
558b06d178Schris  //update user profile
568b06d178Schris  if (($ACT == 'profile') && updateprofile()) {
574cb79657SMatthias Grimm    msg($lang['profchanged'],1);
584cb79657SMatthias Grimm    $ACT = 'show';
598b06d178Schris  }
608b06d178Schris
616b13307fSandi  //save
626b13307fSandi  if($ACT == 'save')
636b13307fSandi    $ACT = act_save($ACT);
646b13307fSandi
656b13307fSandi  //edit
66b146b32bSandi  if(($ACT == 'edit' || $ACT == 'preview') && $INFO['editable']){
67af182434Sandi    $ACT = act_edit($ACT);
686b13307fSandi  }else{
696b13307fSandi    unlock($ID); //try to unlock
706b13307fSandi  }
716b13307fSandi
726b13307fSandi  //handle export
73ac83b9d8Sandi  if(substr($ACT,0,7) == 'export_')
746b13307fSandi    $ACT = act_export($ACT);
756b13307fSandi
766b13307fSandi  //display some infos
776b13307fSandi  if($ACT == 'check'){
786b13307fSandi    check();
796b13307fSandi    $ACT = 'show';
806b13307fSandi  }
816b13307fSandi
82c19fe9c0Sandi  //handle admin tasks
83c19fe9c0Sandi  if($ACT == 'admin'){
8411e2ce22Schris    // retrieve admin plugin name from $_REQUEST['page']
8511e2ce22Schris    if ($_REQUEST['page']) {
8611e2ce22Schris        $pluginlist = plugin_list('admin');
8711e2ce22Schris        if (in_array($_REQUEST['page'], $pluginlist)) {
8811e2ce22Schris          // attempt to load the plugin
8911e2ce22Schris          if ($plugin =& plugin_load('admin',$_REQUEST['page']) !== NULL)
9011e2ce22Schris              $plugin->handle();
9111e2ce22Schris        }
9211e2ce22Schris    }
9311e2ce22Schris/*
94c19fe9c0Sandi        if($_REQUEST['page'] == 'acl'){
95c19fe9c0Sandi            require_once(DOKU_INC.'inc/admin_acl.php');
96c19fe9c0Sandi            admin_acl_handler();
97c19fe9c0Sandi    }
9811e2ce22Schris*/
99c19fe9c0Sandi  }
100c19fe9c0Sandi
1016b13307fSandi  //call template FIXME: all needed vars available?
1026b13307fSandi  header('Content-Type: text/html; charset=utf-8');
1035a892029SAndreas Gohr  include(template('main.php'));
104c19fe9c0Sandi  // output for the commands is now handled in inc/templates.php
105c19fe9c0Sandi  // in function tpl_content()
1066b13307fSandi}
1076b13307fSandi
1086b13307fSandi/**
109af182434Sandi * Sanitize the action command
110af182434Sandi *
111af182434Sandi * Add all allowed commands here.
112af182434Sandi *
113af182434Sandi * @author Andreas Gohr <andi@splitbrain.org>
114af182434Sandi */
115af182434Sandifunction act_clean($act){
116af182434Sandi  global $lang;
117*60e6b550SAndreas Gohr  global $conf;
118af182434Sandi
119cf81b04aSandi  //handle localized buttons
120cf81b04aSandi  if($act == $lang['btn_save']) $act = 'save';
121cf81b04aSandi  if($act == $lang['btn_preview']) $act = 'preview';
122cf81b04aSandi  if($act == $lang['btn_cancel']) $act = 'show';
123cf81b04aSandi
124ac83b9d8Sandi  //remove all bad chars
125ac83b9d8Sandi  $act = strtolower($act);
126ac83b9d8Sandi  $act = preg_replace('/[^a-z_]+/','',$act);
127ac83b9d8Sandi
128ac83b9d8Sandi  if($act == 'export_html') $act = 'export_xhtml';
129cc2ae802SAndreas Gohr  if($act == 'export_htmlbody') $act = 'export_xhtmlbody';
130b146b32bSandi
131*60e6b550SAndreas Gohr  //disable all acl related commands if ACL is disabled
132*60e6b550SAndreas Gohr  if(!$conf['useacl'] && in_array($act,array('login','logout','register','admin',
133*60e6b550SAndreas Gohr                                             'subscribe','unsubscribe','profile',
134*60e6b550SAndreas Gohr                                             'resendpwd',))){
135*60e6b550SAndreas Gohr    msg('Command unavailable: '.htmlspecialchars($act),-1);
136*60e6b550SAndreas Gohr    return 'show';
137*60e6b550SAndreas Gohr  }
138*60e6b550SAndreas Gohr
1392f597e0eSandi  if(array_search($act,array('login','logout','register','save','edit',
140ac83b9d8Sandi                             'preview','search','show','check','index','revisions',
1411380fc45SAndreas Gohr                             'diff','recent','backlink','admin','subscribe',
1428b06d178Schris                             'unsubscribe','profile','resendpwd',)) === false
143ac83b9d8Sandi     && substr($act,0,7) != 'export_' ) {
144b146b32bSandi    msg('Unknown command: '.htmlspecialchars($act),-1);
145af182434Sandi    return 'show';
146af182434Sandi  }
147af182434Sandi  return $act;
148af182434Sandi}
149af182434Sandi
150af182434Sandi/**
1516b13307fSandi * Run permissionchecks
1526b13307fSandi *
1536b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
1546b13307fSandi */
1556b13307fSandifunction act_permcheck($act){
156dbbc6aa7Sandi  global $INFO;
1575e199953Smatthiasgrimm  global $conf;
158dbbc6aa7Sandi
1596b13307fSandi  if(in_array($act,array('save','preview','edit'))){
1606b13307fSandi    if($INFO['exists']){
161bdbc16bfSandi      if($act == 'edit'){
162bdbc16bfSandi        //the edit function will check again and do a source show
163bdbc16bfSandi        //when no AUTH_EDIT available
164bdbc16bfSandi        $permneed = AUTH_READ;
165bdbc16bfSandi      }else{
1666b13307fSandi        $permneed = AUTH_EDIT;
167bdbc16bfSandi      }
1686b13307fSandi    }else{
1696b13307fSandi      $permneed = AUTH_CREATE;
1706b13307fSandi    }
1718b06d178Schris  }elseif(in_array($act,array('login','search','recent','profile'))){
1726b13307fSandi    $permneed = AUTH_NONE;
1735e199953Smatthiasgrimm  }elseif($act == 'register'){
174e1fcbe1eSandi    if ($conf['openregister']){
1755e199953Smatthiasgrimm      $permneed = AUTH_NONE;
176e1fcbe1eSandi    }else{
177e1fcbe1eSandi      $permneed = AUTH_ADMIN;
178e1fcbe1eSandi    }
179c19fe9c0Sandi  }elseif($act == 'admin'){
180c19fe9c0Sandi    $permneed = AUTH_ADMIN;
1816b13307fSandi  }else{
1826b13307fSandi    $permneed = AUTH_READ;
1836b13307fSandi  }
184dbbc6aa7Sandi  if($INFO['perm'] >= $permneed) return $act;
185dbbc6aa7Sandi
1866b13307fSandi  return 'denied';
1876b13307fSandi}
1886b13307fSandi
1896b13307fSandi/**
1906b13307fSandi * Handle 'save'
1916b13307fSandi *
1926b13307fSandi * Checks for spam and conflicts and saves the page.
1936b13307fSandi * Does a redirect to show the page afterwards or
1946b13307fSandi * returns a new action.
1956b13307fSandi *
1966b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
1976b13307fSandi */
1986b13307fSandifunction act_save($act){
1996b13307fSandi  global $ID;
2006b13307fSandi  global $DATE;
2016b13307fSandi  global $PRE;
2026b13307fSandi  global $TEXT;
2036b13307fSandi  global $SUF;
2046b13307fSandi  global $SUM;
2056b13307fSandi
2066b13307fSandi  //spam check
2076b13307fSandi  if(checkwordblock())
2086b13307fSandi    return 'wordblock';
2096b13307fSandi  //conflict check //FIXME use INFO
2106b13307fSandi  if($DATE != 0 && @filemtime(wikiFN($ID)) > $DATE )
2116b13307fSandi    return 'conflict';
2126b13307fSandi
2136b13307fSandi  //save it
214b6912aeaSAndreas Gohr  saveWikiText($ID,con($PRE,$TEXT,$SUF,1),$SUM,$_REQUEST['minor']); //use pretty mode for con
2156b13307fSandi  //unlock it
2166b13307fSandi  unlock($ID);
2176b13307fSandi
2186b13307fSandi  //show it
2196b13307fSandi  session_write_close();
2206b13307fSandi  header("Location: ".wl($ID,'',true));
2216b13307fSandi  exit();
2226b13307fSandi}
2236b13307fSandi
2246b13307fSandi/**
225b8957367SBenjamin Gilbert * Handle 'login', 'logout'
2266b13307fSandi *
2276b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
2286b13307fSandi */
2296b13307fSandifunction act_auth($act){
23008eda5bcSmatthiasgrimm  global $ID;
2317cace34dSAndreas Gohr  global $INFO;
23208eda5bcSmatthiasgrimm
2336b13307fSandi  //already logged in?
2346b13307fSandi  if($_SERVER['REMOTE_USER'] && $act=='login')
2356b13307fSandi    return 'show';
2366b13307fSandi
2376b13307fSandi  //handle logout
2386b13307fSandi  if($act=='logout'){
23908eda5bcSmatthiasgrimm    $lockedby = checklock($ID); //page still locked?
240424c3c4fSJohannes Buchner    if($lockedby == $_SERVER['REMOTE_USER'])
24108eda5bcSmatthiasgrimm      unlock($ID); //try to unlock
24208eda5bcSmatthiasgrimm
2437cace34dSAndreas Gohr    // do the logout stuff
2446b13307fSandi    auth_logoff();
2457cace34dSAndreas Gohr
2467cace34dSAndreas Gohr    // rebuild info array
2477cace34dSAndreas Gohr    $INFO = pageinfo();
2487cace34dSAndreas Gohr
2496b13307fSandi    return 'login';
2506b13307fSandi  }
2516b13307fSandi
2526b13307fSandi  return $act;
2536b13307fSandi}
2546b13307fSandi
2556b13307fSandi/**
2566b13307fSandi * Handle 'edit', 'preview'
2576b13307fSandi *
2586b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
2596b13307fSandi */
2606b13307fSandifunction act_edit($act){
261cd409024Sjorda  global $ID;
262cd409024Sjorda
2636b13307fSandi  //check if locked by anyone - if not lock for my self
2646b13307fSandi  $lockedby = checklock($ID);
2656b13307fSandi  if($lockedby) return 'locked';
2666b13307fSandi
2676b13307fSandi  lock($ID);
2686b13307fSandi  return $act;
2696b13307fSandi}
2706b13307fSandi
2716b13307fSandi/**
2726b13307fSandi * Handle 'edit', 'preview'
2736b13307fSandi *
2746b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
2756b13307fSandi */
2766b13307fSandifunction act_export($act){
2776b13307fSandi  global $ID;
2786b13307fSandi  global $REV;
2796b13307fSandi
280ac83b9d8Sandi  // no renderer for this
281ac83b9d8Sandi  if($act == 'export_raw'){
282ac83b9d8Sandi    header('Content-Type: text/plain; charset=utf-8');
283ac83b9d8Sandi    print rawWiki($ID,$REV);
284ac83b9d8Sandi    exit;
285ac83b9d8Sandi  }
286ac83b9d8Sandi
287ac83b9d8Sandi  // html export #FIXME what about the template's style?
288ac83b9d8Sandi  if($act == 'export_xhtml'){
28985f8705cSAnika Henke    global $conf;
29085f8705cSAnika Henke    global $lang;
2916b13307fSandi    header('Content-Type: text/html; charset=utf-8');
29285f8705cSAnika Henke    ptln('<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"');
29385f8705cSAnika Henke    ptln(' "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">');
29485f8705cSAnika Henke    ptln('<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="'.$conf['lang'].'"');
29585f8705cSAnika Henke    ptln(' lang="'.$conf['lang'].'" dir="'.$lang['direction'].'">');
2966b13307fSandi    ptln('<head>');
29785f8705cSAnika Henke    ptln('  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />');
29885f8705cSAnika Henke    ptln('  <title>'.$ID.'</title>');
2996b13307fSandi    tpl_metaheaders();
3006b13307fSandi    ptln('</head>');
3016b13307fSandi    ptln('<body>');
3022c5c3308SAndreas Gohr    ptln('<div class="dokuwiki export">');
303ac83b9d8Sandi    print p_wiki_xhtml($ID,$REV,false);
304c771e9edSAnika Henke    ptln('</div>');
3056b13307fSandi    ptln('</body>');
3066b13307fSandi    ptln('</html>');
3076b13307fSandi    exit;
3086b13307fSandi  }
3096b13307fSandi
310cc2ae802SAndreas Gohr  // html body only
311cc2ae802SAndreas Gohr  if($act == 'export_xhtmlbody'){
312cc2ae802SAndreas Gohr    print p_wiki_xhtml($ID,$REV,false);
313cc2ae802SAndreas Gohr    exit;
314cc2ae802SAndreas Gohr  }
315cc2ae802SAndreas Gohr
316ac83b9d8Sandi  // try to run renderer #FIXME use cached instructions
317ac83b9d8Sandi  $mode = substr($act,7);
3189dc2c2afSandi  $text = p_render($mode,p_get_instructions(rawWiki($ID,$REV)),$info);
319ac83b9d8Sandi  if(!is_null($text)){
320ac83b9d8Sandi    print $text;
3216b13307fSandi    exit;
3226b13307fSandi  }
3236b13307fSandi
324ac83b9d8Sandi
325ac83b9d8Sandi
3266b13307fSandi  return 'show';
3276b13307fSandi}
328340756e4Sandi
329b158d625SSteven Danz/**
3301380fc45SAndreas Gohr * Handle 'subscribe', 'unsubscribe'
331b158d625SSteven Danz *
332b158d625SSteven Danz * @author Steven Danz <steven-danz@kc.rr.com>
3331380fc45SAndreas Gohr * @todo   localize
334b158d625SSteven Danz */
3351380fc45SAndreas Gohrfunction act_subscription($act){
336b158d625SSteven Danz  global $ID;
337b158d625SSteven Danz  global $INFO;
338f9eb5648Ssteven-danz  global $lang;
339b158d625SSteven Danz
3401380fc45SAndreas Gohr  $file=metaFN($ID,'.mlist');
3411380fc45SAndreas Gohr  if ($act=='subscribe' && !$INFO['subscribed']){
342b158d625SSteven Danz    if ($INFO['userinfo']['mail']){
3431380fc45SAndreas Gohr      if (io_saveFile($file,$_SERVER['REMOTE_USER']."\n",true)) {
3441380fc45SAndreas Gohr        $INFO['subscribed'] = true;
345f9eb5648Ssteven-danz        msg(sprintf($lang[$act.'_success'], $INFO['userinfo']['name'], $ID),1);
346b158d625SSteven Danz      } else {
347f9eb5648Ssteven-danz        msg(sprintf($lang[$act.'_error'], $INFO['userinfo']['name'], $ID),1);
348b158d625SSteven Danz      }
349b158d625SSteven Danz    } else {
350f9eb5648Ssteven-danz      msg($lang['subscribe_noaddress']);
351b158d625SSteven Danz    }
3521380fc45SAndreas Gohr  } elseif ($act=='unsubscribe' && $INFO['subscribed']){
353b158d625SSteven Danz    if (io_deleteFromFile($file,$_SERVER['REMOTE_USER']."\n")) {
3541380fc45SAndreas Gohr      $INFO['subscribed'] = false;
355f9eb5648Ssteven-danz      msg(sprintf($lang[$act.'_success'], $INFO['userinfo']['name'], $ID),1);
356b158d625SSteven Danz    } else {
357f9eb5648Ssteven-danz      msg(sprintf($lang[$act.'_error'], $INFO['userinfo']['name'], $ID),1);
358b158d625SSteven Danz    }
359b158d625SSteven Danz  }
360b158d625SSteven Danz
361b158d625SSteven Danz  return 'show';
362b158d625SSteven Danz}
363b158d625SSteven Danz
364340756e4Sandi//Setup VIM: ex: et ts=2 enc=utf-8 :
365