xref: /dokuwiki/inc/actions.php (revision 9d2e1be699d573eebda922cf67f030d3d2aa462d) 
16b13307fSandi<?php
26b13307fSandi/**
36b13307fSandi * DokuWiki Actions
46b13307fSandi *
56b13307fSandi * @license    GPL 2 (http://www.gnu.org/licenses/gpl.html)
66b13307fSandi * @author     Andreas Gohr <andi@splitbrain.org>
76b13307fSandi */
86b13307fSandi
9fa8adffeSAndreas Gohrif(!defined('DOKU_INC')) die('meh.');
10af182434Sandi
116b13307fSandi/**
126b13307fSandi * Call the needed action handlers
136b13307fSandi *
146b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
15c9570649SAndreas Gohr * @triggers ACTION_ACT_PREPROCESS
16c9570649SAndreas Gohr * @triggers ACTION_HEADERS_SEND
176b13307fSandi */
186b13307fSandifunction act_dispatch(){
196b13307fSandi    global $ACT;
206b13307fSandi    global $ID;
2124ea6500SAndreas Gohr    global $INFO;
226b13307fSandi    global $QUERY;
2390f1b7bdSTom N Harris    global $INPUT;
246b13307fSandi    global $lang;
2585dcda20SRobin Getz    global $conf;
266b13307fSandi
2769cd1e27SAndreas Gohr    $preact = $ACT;
2869cd1e27SAndreas Gohr
29c2e830f2Schris    // give plugins an opportunity to process the action
3024bb549bSchris    $evt = new Doku_Event('ACTION_ACT_PREPROCESS',$ACT);
3124bb549bSchris    if ($evt->advise_before()) {
32c2e830f2Schris
33af182434Sandi        //sanitize $ACT
3462baad0fSMartin Doucha        $ACT = act_validate($ACT);
35af182434Sandi
36b8957367SBenjamin Gilbert        //check if searchword was given - else just show
370868021bSAndreas Gohr        $s = cleanID($QUERY);
380868021bSAndreas Gohr        if($ACT == 'search' && empty($s)){
39b8957367SBenjamin Gilbert            $ACT = 'show';
40b8957367SBenjamin Gilbert        }
41b8957367SBenjamin Gilbert
42b8957367SBenjamin Gilbert        //login stuff
431b2a85e8SAndreas Gohr        if(in_array($ACT,array('login','logout'))){
44b8957367SBenjamin Gilbert            $ACT = act_auth($ACT);
451b2a85e8SAndreas Gohr        }
46b8957367SBenjamin Gilbert
471380fc45SAndreas Gohr        //check if user is asking to (un)subscribe a page
485b75cd1fSAdrian Lang        if($ACT == 'subscribe') {
495b75cd1fSAdrian Lang            try {
501380fc45SAndreas Gohr                $ACT = act_subscription($ACT);
515b75cd1fSAdrian Lang            } catch (Exception $e) {
525b75cd1fSAdrian Lang                msg($e->getMessage(), -1);
535b75cd1fSAdrian Lang            }
545b75cd1fSAdrian Lang        }
5552b0dd67SGuy Brand
564064e2d3SRobin Getz        //display some infos
574064e2d3SRobin Getz        if($ACT == 'check'){
584064e2d3SRobin Getz            check();
594064e2d3SRobin Getz            $ACT = 'show';
604064e2d3SRobin Getz        }
614064e2d3SRobin Getz
626b13307fSandi        //check permissions
636b13307fSandi        $ACT = act_permcheck($ACT);
646b13307fSandi
65c4f79b71SMichael Hamann        //sitemap
66eae17177SMichael Hamann        if ($ACT == 'sitemap'){
67c8b076b1SMichael Hamann            act_sitemap($ACT);
68eae17177SMichael Hamann        }
69c4f79b71SMichael Hamann
703c94d07bSAnika Henke        //recent changes
713c94d07bSAnika Henke        if ($ACT == 'recent'){
723c94d07bSAnika Henke            $show_changes = $INPUT->str('show_changes');
733c94d07bSAnika Henke            if (!empty($show_changes)) {
743c94d07bSAnika Henke                set_doku_pref('show_changes', $show_changes);
753c94d07bSAnika Henke            }
763c94d07bSAnika Henke        }
773c94d07bSAnika Henke
783c94d07bSAnika Henke        //diff
793c94d07bSAnika Henke        if ($ACT == 'diff'){
803c94d07bSAnika Henke            $difftype = $INPUT->str('difftype');
813c94d07bSAnika Henke            if (!empty($difftype)) {
823c94d07bSAnika Henke                set_doku_pref('difftype', $difftype);
833c94d07bSAnika Henke            }
843c94d07bSAnika Henke        }
853c94d07bSAnika Henke
86b8957367SBenjamin Gilbert        //register
87eea0f0d0SAndreas Gohr        if($ACT == 'register' && $INPUT->post->bool('save') && register()){
88b8957367SBenjamin Gilbert            $ACT = 'login';
89b8957367SBenjamin Gilbert        }
906b13307fSandi
918b06d178Schris        if ($ACT == 'resendpwd' && act_resendpwd()) {
928b06d178Schris            $ACT = 'login';
938b06d178Schris        }
948b06d178Schris
958b06d178Schris        //update user profile
9625b2a98cSMichael Klier        if ($ACT == 'profile') {
9725b2a98cSMichael Klier            if(!$_SERVER['REMOTE_USER']) {
9825b2a98cSMichael Klier                $ACT = 'login';
9925b2a98cSMichael Klier            } else {
10025b2a98cSMichael Klier                if(updateprofile()) {
1014cb79657SMatthias Grimm                    msg($lang['profchanged'],1);
1024cb79657SMatthias Grimm                    $ACT = 'show';
1038b06d178Schris                }
10425b2a98cSMichael Klier            }
10525b2a98cSMichael Klier        }
1068b06d178Schris
1071246e016SAndreas Gohr        //revert
1081246e016SAndreas Gohr        if($ACT == 'revert'){
1091246e016SAndreas Gohr            if(checkSecurityToken()){
1101246e016SAndreas Gohr                $ACT = act_revert($ACT);
1111246e016SAndreas Gohr            }else{
1121246e016SAndreas Gohr                $ACT = 'show';
1131246e016SAndreas Gohr            }
1141246e016SAndreas Gohr        }
1151246e016SAndreas Gohr
1166b13307fSandi        //save
1171b2a85e8SAndreas Gohr        if($ACT == 'save'){
1181b2a85e8SAndreas Gohr            if(checkSecurityToken()){
1196b13307fSandi                $ACT = act_save($ACT);
1201b2a85e8SAndreas Gohr            }else{
1218071beaaSAndreas Gohr                $ACT = 'preview';
1221b2a85e8SAndreas Gohr            }
1231b2a85e8SAndreas Gohr        }
1246b13307fSandi
125067c5d22SBen Coburn        //cancel conflicting edit
126067c5d22SBen Coburn        if($ACT == 'cancel')
127067c5d22SBen Coburn            $ACT = 'show';
128067c5d22SBen Coburn
129ee4c4a1bSAndreas Gohr        //draft deletion
130ee4c4a1bSAndreas Gohr        if($ACT == 'draftdel')
131ee4c4a1bSAndreas Gohr            $ACT = act_draftdel($ACT);
132ee4c4a1bSAndreas Gohr
133ee4c4a1bSAndreas Gohr        //draft saving on preview
134ee4c4a1bSAndreas Gohr        if($ACT == 'preview')
135ee4c4a1bSAndreas Gohr            $ACT = act_draftsave($ACT);
136ee4c4a1bSAndreas Gohr
1376b13307fSandi        //edit
138c9d5430bSAdrian Lang        if(in_array($ACT, array('edit', 'preview', 'recover'))) {
139af182434Sandi            $ACT = act_edit($ACT);
1406b13307fSandi        }else{
1416b13307fSandi            unlock($ID); //try to unlock
1426b13307fSandi        }
1436b13307fSandi
1446b13307fSandi        //handle export
145ac83b9d8Sandi        if(substr($ACT,0,7) == 'export_')
1466b13307fSandi            $ACT = act_export($ACT);
1476b13307fSandi
148c19fe9c0Sandi        //handle admin tasks
149c19fe9c0Sandi        if($ACT == 'admin'){
15011e2ce22Schris            // retrieve admin plugin name from $_REQUEST['page']
15190f1b7bdSTom N Harris            if (($page = $INPUT->str('page', '', true)) != '') {
15211e2ce22Schris                $pluginlist = plugin_list('admin');
15390f1b7bdSTom N Harris                if (in_array($page, $pluginlist)) {
15411e2ce22Schris                    // attempt to load the plugin
15590f1b7bdSTom N Harris                    if ($plugin =& plugin_load('admin',$page) !== null){
156c8b076b1SMichael Hamann                        /** @var DokuWiki_Admin_Plugin $plugin */
15724ea6500SAndreas Gohr                        if($plugin->forAdminOnly() && !$INFO['isadmin']){
15824ea6500SAndreas Gohr                            // a manager tried to load a plugin that's for admins only
15990f1b7bdSTom N Harris                            $INPUT->remove('page');
16024ea6500SAndreas Gohr                            msg('For admins only',-1);
16124ea6500SAndreas Gohr                        }else{
16211e2ce22Schris                            $plugin->handle();
16311e2ce22Schris                        }
16411e2ce22Schris                    }
165c19fe9c0Sandi                }
16624ea6500SAndreas Gohr            }
16724ea6500SAndreas Gohr        }
1685f312bacSAndreas Gohr
1695f312bacSAndreas Gohr        // check permissions again - the action may have changed
1705f312bacSAndreas Gohr        $ACT = act_permcheck($ACT);
17124bb549bSchris    }  // end event ACTION_ACT_PREPROCESS default action
17224bb549bSchris    $evt->advise_after();
17385dcda20SRobin Getz    // Make sure plugs can handle 'denied'
17485dcda20SRobin Getz    if($conf['send404'] && $ACT == 'denied') {
175*9d2e1be6SAndreas Gohr        http_status(403);
17685dcda20SRobin Getz    }
17724bb549bSchris    unset($evt);
178c19fe9c0Sandi
17946c0ed74SMichael Hamann    // when action 'show', the intial not 'show' and POST, do a redirect
18046c0ed74SMichael Hamann    if($ACT == 'show' && $preact != 'show' && strtolower($_SERVER['REQUEST_METHOD']) == 'post'){
18169cd1e27SAndreas Gohr        act_redirect($ID,$preact);
18269cd1e27SAndreas Gohr    }
1835f312bacSAndreas Gohr
184c346111aSAdrian Lang    global $INFO;
185c346111aSAdrian Lang    global $conf;
186c346111aSAdrian Lang    global $license;
187c346111aSAdrian Lang
1886b13307fSandi    //call template FIXME: all needed vars available?
189f63a2007Schris    $headers[] = 'Content-Type: text/html; charset=utf-8';
190746855cfSBen Coburn    trigger_event('ACTION_HEADERS_SEND',$headers,'act_sendheaders');
191f63a2007Schris
1925a892029SAndreas Gohr    include(template('main.php'));
193c19fe9c0Sandi    // output for the commands is now handled in inc/templates.php
194c19fe9c0Sandi    // in function tpl_content()
1956b13307fSandi}
1966b13307fSandi
197c8b076b1SMichael Hamann/**
198c8b076b1SMichael Hamann * Send the given headers using header()
199c8b076b1SMichael Hamann *
200c8b076b1SMichael Hamann * @param array $headers The headers that shall be sent
201c8b076b1SMichael Hamann */
202f63a2007Schrisfunction act_sendheaders($headers) {
203f63a2007Schris    foreach ($headers as $hdr) header($hdr);
204f63a2007Schris}
205f63a2007Schris
2066b13307fSandi/**
207af182434Sandi * Sanitize the action command
208af182434Sandi *
209af182434Sandi * @author Andreas Gohr <andi@splitbrain.org>
210af182434Sandi */
211af182434Sandifunction act_clean($act){
212ee4c4a1bSAndreas Gohr    // check if the action was given as array key
213ee4c4a1bSAndreas Gohr    if(is_array($act)){
214ee4c4a1bSAndreas Gohr        list($act) = array_keys($act);
215ee4c4a1bSAndreas Gohr    }
216ee4c4a1bSAndreas Gohr
217ac83b9d8Sandi    //remove all bad chars
218ac83b9d8Sandi    $act = strtolower($act);
2192d5ccb39SAndreas Gohr    $act = preg_replace('/[^1-9a-z_]+/','',$act);
220ac83b9d8Sandi
221ac83b9d8Sandi    if($act == 'export_html') $act = 'export_xhtml';
222cc2ae802SAndreas Gohr    if($act == 'export_htmlbody') $act = 'export_xhtmlbody';
223b146b32bSandi
224396c218fSAndreas Gohr    if($act === '') $act = 'show';
22562baad0fSMartin Doucha    return $act;
22662baad0fSMartin Doucha}
22762baad0fSMartin Doucha
22862baad0fSMartin Doucha/**
22962baad0fSMartin Doucha * Sanitize and validate action commands.
23062baad0fSMartin Doucha *
23162baad0fSMartin Doucha * Add all allowed commands here.
23262baad0fSMartin Doucha *
23362baad0fSMartin Doucha * @author Andreas Gohr <andi@splitbrain.org>
23462baad0fSMartin Doucha */
23562baad0fSMartin Douchafunction act_validate($act) {
236daf0cdbaSMartin Doucha    global $conf;
237daf0cdbaSMartin Doucha    global $INFO;
238daf0cdbaSMartin Doucha
23962baad0fSMartin Doucha    $act = act_clean($act);
240396c218fSAndreas Gohr
241409d7af7SAndreas Gohr    // check if action is disabled
242409d7af7SAndreas Gohr    if(!actionOK($act)){
243409d7af7SAndreas Gohr        msg('Command disabled: '.htmlspecialchars($act),-1);
244409d7af7SAndreas Gohr        return 'show';
245409d7af7SAndreas Gohr    }
246409d7af7SAndreas Gohr
24760e6b550SAndreas Gohr    //disable all acl related commands if ACL is disabled
24860e6b550SAndreas Gohr    if(!$conf['useacl'] && in_array($act,array('login','logout','register','admin',
2491246e016SAndreas Gohr                    'subscribe','unsubscribe','profile','revert',
250d5a9514cSAdrian Lang                    'resendpwd'))){
25160e6b550SAndreas Gohr        msg('Command unavailable: '.htmlspecialchars($act),-1);
25260e6b550SAndreas Gohr        return 'show';
25360e6b550SAndreas Gohr    }
25460e6b550SAndreas Gohr
255c828a5d6SAndreas Gohr    //is there really a draft?
256c828a5d6SAndreas Gohr    if($act == 'draft' && !file_exists($INFO['draft'])) return 'edit';
257c828a5d6SAndreas Gohr
258067c5d22SBen Coburn    if(!in_array($act,array('login','logout','register','save','cancel','edit','draft',
259ac83b9d8Sandi                    'preview','search','show','check','index','revisions',
2601246e016SAndreas Gohr                    'diff','recent','backlink','admin','subscribe','revert',
2615a932e77SAdrian Lang                    'unsubscribe','profile','resendpwd','recover',
262d5a9514cSAdrian Lang                    'draftdel','sitemap','media')) && substr($act,0,7) != 'export_' ) {
263ee4c4a1bSAndreas Gohr        msg('Command unknown: '.htmlspecialchars($act),-1);
264af182434Sandi        return 'show';
265af182434Sandi    }
266af182434Sandi    return $act;
267af182434Sandi}
268af182434Sandi
269af182434Sandi/**
2706b13307fSandi * Run permissionchecks
2716b13307fSandi *
2726b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
2736b13307fSandi */
2746b13307fSandifunction act_permcheck($act){
275dbbc6aa7Sandi    global $INFO;
2765e199953Smatthiasgrimm    global $conf;
277dbbc6aa7Sandi
278ee4c4a1bSAndreas Gohr    if(in_array($act,array('save','preview','edit','recover'))){
2796b13307fSandi        if($INFO['exists']){
280bdbc16bfSandi            if($act == 'edit'){
281bdbc16bfSandi                //the edit function will check again and do a source show
282bdbc16bfSandi                //when no AUTH_EDIT available
283bdbc16bfSandi                $permneed = AUTH_READ;
284bdbc16bfSandi            }else{
2856b13307fSandi                $permneed = AUTH_EDIT;
286bdbc16bfSandi            }
2876b13307fSandi        }else{
2886b13307fSandi            $permneed = AUTH_CREATE;
2896b13307fSandi        }
290c4f79b71SMichael Hamann    }elseif(in_array($act,array('login','search','recent','profile','index', 'sitemap'))){
2916b13307fSandi        $permneed = AUTH_NONE;
2921246e016SAndreas Gohr    }elseif($act == 'revert'){
2931246e016SAndreas Gohr        $permneed = AUTH_ADMIN;
2941246e016SAndreas Gohr        if($INFO['ismanager']) $permneed = AUTH_EDIT;
2955e199953Smatthiasgrimm    }elseif($act == 'register'){
2965e199953Smatthiasgrimm        $permneed = AUTH_NONE;
297ebd3d9ceSchris    }elseif($act == 'resendpwd'){
298ebd3d9ceSchris        $permneed = AUTH_NONE;
299c19fe9c0Sandi    }elseif($act == 'admin'){
300f8cc712eSAndreas Gohr        if($INFO['ismanager']){
301f8cc712eSAndreas Gohr            // if the manager has the needed permissions for a certain admin
302f8cc712eSAndreas Gohr            // action is checked later
303f8cc712eSAndreas Gohr            $permneed = AUTH_READ;
304f8cc712eSAndreas Gohr        }else{
305c19fe9c0Sandi            $permneed = AUTH_ADMIN;
306f8cc712eSAndreas Gohr        }
3076b13307fSandi    }else{
3086b13307fSandi        $permneed = AUTH_READ;
3096b13307fSandi    }
310dbbc6aa7Sandi    if($INFO['perm'] >= $permneed) return $act;
311dbbc6aa7Sandi
3126b13307fSandi    return 'denied';
3136b13307fSandi}
3146b13307fSandi
3156b13307fSandi/**
316ee4c4a1bSAndreas Gohr * Handle 'draftdel'
317ee4c4a1bSAndreas Gohr *
318ee4c4a1bSAndreas Gohr * Deletes the draft for the current page and user
319ee4c4a1bSAndreas Gohr */
320ee4c4a1bSAndreas Gohrfunction act_draftdel($act){
321ee4c4a1bSAndreas Gohr    global $INFO;
322ee4c4a1bSAndreas Gohr    @unlink($INFO['draft']);
323ee4c4a1bSAndreas Gohr    $INFO['draft'] = null;
324ee4c4a1bSAndreas Gohr    return 'show';
325ee4c4a1bSAndreas Gohr}
326ee4c4a1bSAndreas Gohr
327ee4c4a1bSAndreas Gohr/**
328ee4c4a1bSAndreas Gohr * Saves a draft on preview
329ee4c4a1bSAndreas Gohr *
330ee4c4a1bSAndreas Gohr * @todo this currently duplicates code from ajax.php :-/
331ee4c4a1bSAndreas Gohr */
332ee4c4a1bSAndreas Gohrfunction act_draftsave($act){
333ee4c4a1bSAndreas Gohr    global $INFO;
334ee4c4a1bSAndreas Gohr    global $ID;
33590f1b7bdSTom N Harris    global $INPUT;
336ee4c4a1bSAndreas Gohr    global $conf;
33790f1b7bdSTom N Harris    if($conf['usedraft'] && $INPUT->post->has('wikitext')) {
338ee4c4a1bSAndreas Gohr        $draft = array('id'     => $ID,
33990f1b7bdSTom N Harris                'prefix' => substr($INPUT->post->str('prefix'), 0, -1),
34090f1b7bdSTom N Harris                'text'   => $INPUT->post->str('wikitext'),
34190f1b7bdSTom N Harris                'suffix' => $INPUT->post->str('suffix'),
34290f1b7bdSTom N Harris                'date'   => $INPUT->post->int('date'),
343ee4c4a1bSAndreas Gohr                'client' => $INFO['client'],
344ee4c4a1bSAndreas Gohr                );
345ee4c4a1bSAndreas Gohr        $cname = getCacheName($draft['client'].$ID,'.draft');
346ee4c4a1bSAndreas Gohr        if(io_saveFile($cname,serialize($draft))){
347ee4c4a1bSAndreas Gohr            $INFO['draft'] = $cname;
348ee4c4a1bSAndreas Gohr        }
349ee4c4a1bSAndreas Gohr    }
350ee4c4a1bSAndreas Gohr    return $act;
351ee4c4a1bSAndreas Gohr}
352ee4c4a1bSAndreas Gohr
353ee4c4a1bSAndreas Gohr/**
3546b13307fSandi * Handle 'save'
3556b13307fSandi *
3566b13307fSandi * Checks for spam and conflicts and saves the page.
3576b13307fSandi * Does a redirect to show the page afterwards or
3586b13307fSandi * returns a new action.
3596b13307fSandi *
3606b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
3616b13307fSandi */
3626b13307fSandifunction act_save($act){
3636b13307fSandi    global $ID;
3646b13307fSandi    global $DATE;
3656b13307fSandi    global $PRE;
3666b13307fSandi    global $TEXT;
3676b13307fSandi    global $SUF;
3686b13307fSandi    global $SUM;
3695a932e77SAdrian Lang    global $lang;
3708d67c48aSAdrian Lang    global $INFO;
37190f1b7bdSTom N Harris    global $INPUT;
3726b13307fSandi
3736b13307fSandi    //spam check
3745a932e77SAdrian Lang    if(checkwordblock()) {
3755a932e77SAdrian Lang        msg($lang['wordblock'], -1);
3765a932e77SAdrian Lang        return 'edit';
3775a932e77SAdrian Lang    }
3788d67c48aSAdrian Lang    //conflict check
3798d67c48aSAdrian Lang    if($DATE != 0 && $INFO['meta']['date']['modified'] > $DATE )
3806b13307fSandi        return 'conflict';
3816b13307fSandi
3826b13307fSandi    //save it
38390f1b7bdSTom N Harris    saveWikiText($ID,con($PRE,$TEXT,$SUF,1),$SUM,$INPUT->bool('minor')); //use pretty mode for con
3846b13307fSandi    //unlock it
3856b13307fSandi    unlock($ID);
3866b13307fSandi
387ee4c4a1bSAndreas Gohr    //delete draft
388ee4c4a1bSAndreas Gohr    act_draftdel($act);
38969cd1e27SAndreas Gohr    session_write_close();
390ee4c4a1bSAndreas Gohr
39169cd1e27SAndreas Gohr    // when done, show page
39269cd1e27SAndreas Gohr    return 'show';
39369cd1e27SAndreas Gohr}
394f951a474SAndreas Gohr
39514a122deSAndreas Gohr/**
3961246e016SAndreas Gohr * Revert to a certain revision
3971246e016SAndreas Gohr *
3981246e016SAndreas Gohr * @author Andreas Gohr <andi@splitbrain.org>
3991246e016SAndreas Gohr */
4001246e016SAndreas Gohrfunction act_revert($act){
4011246e016SAndreas Gohr    global $ID;
4021246e016SAndreas Gohr    global $REV;
4031246e016SAndreas Gohr    global $lang;
404de4d479aSAdrian Lang    // FIXME $INFO['writable'] currently refers to the attic version
405de4d479aSAdrian Lang    // global $INFO;
406de4d479aSAdrian Lang    // if (!$INFO['writable']) {
407de4d479aSAdrian Lang    //     return 'show';
408de4d479aSAdrian Lang    // }
4091246e016SAndreas Gohr
4101246e016SAndreas Gohr    // when no revision is given, delete current one
4111246e016SAndreas Gohr    // FIXME this feature is not exposed in the GUI currently
4121246e016SAndreas Gohr    $text = '';
4131246e016SAndreas Gohr    $sum  = $lang['deleted'];
4141246e016SAndreas Gohr    if($REV){
4151246e016SAndreas Gohr        $text = rawWiki($ID,$REV);
4161246e016SAndreas Gohr        if(!$text) return 'show'; //something went wrong
417d6b9c7bfSlupo49        $sum = sprintf($lang['restored'], dformat($REV));
4181246e016SAndreas Gohr    }
4191246e016SAndreas Gohr
4201246e016SAndreas Gohr    // spam check
4215a932e77SAdrian Lang
4225a932e77SAdrian Lang    if (checkwordblock($text)) {
4235a932e77SAdrian Lang        msg($lang['wordblock'], -1);
4245a932e77SAdrian Lang        return 'edit';
4255a932e77SAdrian Lang    }
4261246e016SAndreas Gohr
4271246e016SAndreas Gohr    saveWikiText($ID,$text,$sum,false);
4281246e016SAndreas Gohr    msg($sum,1);
4291246e016SAndreas Gohr
4301246e016SAndreas Gohr    //delete any draft
4311246e016SAndreas Gohr    act_draftdel($act);
4321246e016SAndreas Gohr    session_write_close();
4331246e016SAndreas Gohr
4341246e016SAndreas Gohr    // when done, show current page
4351246e016SAndreas Gohr    $_SERVER['REQUEST_METHOD'] = 'post'; //should force a redirect
4361246e016SAndreas Gohr    $REV = '';
4371246e016SAndreas Gohr    return 'show';
4381246e016SAndreas Gohr}
4391246e016SAndreas Gohr
4401246e016SAndreas Gohr/**
44114a122deSAndreas Gohr * Do a redirect after receiving post data
44214a122deSAndreas Gohr *
44314a122deSAndreas Gohr * Tries to add the section id as hash mark after section editing
44414a122deSAndreas Gohr */
44569cd1e27SAndreas Gohrfunction act_redirect($id,$preact){
44669cd1e27SAndreas Gohr    global $PRE;
44769cd1e27SAndreas Gohr    global $TEXT;
448f951a474SAndreas Gohr
44969cd1e27SAndreas Gohr    $opts = array(
45069cd1e27SAndreas Gohr            'id'       => $id,
45169cd1e27SAndreas Gohr            'preact'   => $preact
45269cd1e27SAndreas Gohr            );
453c66972f2SAdrian Lang    //get section name when coming from section edit
454c66972f2SAdrian Lang    if($PRE && preg_match('/^\s*==+([^=\n]+)/',$TEXT,$match)){
455c66972f2SAdrian Lang        $check = false; //Byref
456c66972f2SAdrian Lang        $opts['fragment'] = sectionID($match[0], $check);
457c66972f2SAdrian Lang    }
458c66972f2SAdrian Lang
45969cd1e27SAndreas Gohr    trigger_event('ACTION_SHOW_REDIRECT',$opts,'act_redirect_execute');
46069cd1e27SAndreas Gohr}
46169cd1e27SAndreas Gohr
462c8b076b1SMichael Hamann/**
463c8b076b1SMichael Hamann * Execute the redirect
464c8b076b1SMichael Hamann *
465c8b076b1SMichael Hamann * @param array $opts id and fragment for the redirect
466c8b076b1SMichael Hamann */
46769cd1e27SAndreas Gohrfunction act_redirect_execute($opts){
46869cd1e27SAndreas Gohr    $go = wl($opts['id'],'',true);
469c66972f2SAdrian Lang    if(isset($opts['fragment'])) $go .= '#'.$opts['fragment'];
47069cd1e27SAndreas Gohr
4716b13307fSandi    //show it
472af2408d5SAndreas Gohr    send_redirect($go);
4736b13307fSandi}
4746b13307fSandi
4756b13307fSandi/**
476b8957367SBenjamin Gilbert * Handle 'login', 'logout'
4776b13307fSandi *
4786b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
4796b13307fSandi */
4806b13307fSandifunction act_auth($act){
48108eda5bcSmatthiasgrimm    global $ID;
4827cace34dSAndreas Gohr    global $INFO;
48308eda5bcSmatthiasgrimm
4846b13307fSandi    //already logged in?
485c66972f2SAdrian Lang    if(isset($_SERVER['REMOTE_USER']) && $act=='login'){
486ca12ce46SAndreas Gohr        return 'show';
4872288dc06SGuy Brand    }
4886b13307fSandi
4896b13307fSandi    //handle logout
4906b13307fSandi    if($act=='logout'){
49108eda5bcSmatthiasgrimm        $lockedby = checklock($ID); //page still locked?
492424c3c4fSJohannes Buchner        if($lockedby == $_SERVER['REMOTE_USER'])
49308eda5bcSmatthiasgrimm            unlock($ID); //try to unlock
49408eda5bcSmatthiasgrimm
4957cace34dSAndreas Gohr        // do the logout stuff
4966b13307fSandi        auth_logoff();
4977cace34dSAndreas Gohr
4987cace34dSAndreas Gohr        // rebuild info array
4997cace34dSAndreas Gohr        $INFO = pageinfo();
5007cace34dSAndreas Gohr
501e16eccb7SGuy Brand        act_redirect($ID,'login');
5026b13307fSandi    }
5036b13307fSandi
5046b13307fSandi    return $act;
5056b13307fSandi}
5066b13307fSandi
5076b13307fSandi/**
50845a99335SAdrian Lang * Handle 'edit', 'preview', 'recover'
5096b13307fSandi *
5106b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
5116b13307fSandi */
5126b13307fSandifunction act_edit($act){
513cd409024Sjorda    global $ID;
514ee4c4a1bSAndreas Gohr    global $INFO;
515cd409024Sjorda
51645a99335SAdrian Lang    global $TEXT;
51745a99335SAdrian Lang    global $RANGE;
51845a99335SAdrian Lang    global $PRE;
51945a99335SAdrian Lang    global $SUF;
52045a99335SAdrian Lang    global $REV;
52145a99335SAdrian Lang    global $SUM;
52245a99335SAdrian Lang    global $lang;
52345a99335SAdrian Lang    global $DATE;
52445a99335SAdrian Lang
52545a99335SAdrian Lang    if (!isset($TEXT)) {
52645a99335SAdrian Lang        if ($INFO['exists']) {
52745a99335SAdrian Lang            if ($RANGE) {
52845a99335SAdrian Lang                list($PRE,$TEXT,$SUF) = rawWikiSlices($RANGE,$ID,$REV);
52945a99335SAdrian Lang            } else {
53045a99335SAdrian Lang                $TEXT = rawWiki($ID,$REV);
53145a99335SAdrian Lang            }
53245a99335SAdrian Lang        } else {
533fe17917eSAdrian Lang            $TEXT = pageTemplate($ID);
53445a99335SAdrian Lang        }
53545a99335SAdrian Lang    }
53645a99335SAdrian Lang
53745a99335SAdrian Lang    //set summary default
53845a99335SAdrian Lang    if(!$SUM){
53945a99335SAdrian Lang        if($REV){
5407656ee3bSlupo49            $SUM = sprintf($lang['restored'], dformat($REV));
54145a99335SAdrian Lang        }elseif(!$INFO['exists']){
54245a99335SAdrian Lang            $SUM = $lang['created'];
54345a99335SAdrian Lang        }
54445a99335SAdrian Lang    }
54545a99335SAdrian Lang
5468d67c48aSAdrian Lang    // Use the date of the newest revision, not of the revision we edit
5478d67c48aSAdrian Lang    // This is used for conflict detection
54878035fe8SAndreas Gohr    if(!$DATE) $DATE = @filemtime(wikiFN($ID));
54945a99335SAdrian Lang
5506b13307fSandi    //check if locked by anyone - if not lock for my self
55131bc8f11SMichael Hamann    //do not lock when the user can't edit anyway
55231bc8f11SMichael Hamann    if ($INFO['writable']) {
5536b13307fSandi        $lockedby = checklock($ID);
5546b13307fSandi        if($lockedby) return 'locked';
5556b13307fSandi
5566b13307fSandi        lock($ID);
55731bc8f11SMichael Hamann    }
55831bc8f11SMichael Hamann
5596b13307fSandi    return $act;
5606b13307fSandi}
5616b13307fSandi
5626b13307fSandi/**
563f6dad9fdSMichael Klier * Export a wiki page for various formats
564f6dad9fdSMichael Klier *
565f6dad9fdSMichael Klier * Triggers ACTION_EXPORT_POSTPROCESS
566f6dad9fdSMichael Klier *
567f6dad9fdSMichael Klier *  Event data:
568f6dad9fdSMichael Klier *    data['id']      -- page id
569f6dad9fdSMichael Klier *    data['mode']    -- requested export mode
570f6dad9fdSMichael Klier *    data['headers'] -- export headers
571f6dad9fdSMichael Klier *    data['output']  -- export output
5726b13307fSandi *
5736b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
574f6dad9fdSMichael Klier * @author Michael Klier <chi@chimeric.de>
5756b13307fSandi */
5766b13307fSandifunction act_export($act){
5776b13307fSandi    global $ID;
5786b13307fSandi    global $REV;
57985f8705cSAnika Henke    global $conf;
58085f8705cSAnika Henke    global $lang;
5816b13307fSandi
582f6dad9fdSMichael Klier    $pre = '';
583f6dad9fdSMichael Klier    $post = '';
584f6dad9fdSMichael Klier    $output = '';
585f6dad9fdSMichael Klier    $headers = array();
586cc2ae802SAndreas Gohr
587f6dad9fdSMichael Klier    // search engines: never cache exported docs! (Google only currently)
588f6dad9fdSMichael Klier    $headers['X-Robots-Tag'] = 'noindex';
589f6dad9fdSMichael Klier
590ac83b9d8Sandi    $mode = substr($act,7);
591f6dad9fdSMichael Klier    switch($mode) {
592f6dad9fdSMichael Klier        case 'raw':
5935adfc5afSAnika Henke            $headers['Content-Type'] = 'text/plain; charset=utf-8';
59466b23ce9SAndreas Gohr            $headers['Content-Disposition'] = 'attachment; filename='.noNS($ID).'.txt';
595f6dad9fdSMichael Klier            $output = rawWiki($ID,$REV);
596f6dad9fdSMichael Klier            break;
597f6dad9fdSMichael Klier        case 'xhtml':
598c8839c22SAnika Henke            $pre .= '<!DOCTYPE html>' . DOKU_LF;
599c8839c22SAnika Henke            $pre .= '<html lang="'.$conf['lang'].'" dir="'.$lang['direction'].'">' . DOKU_LF;
600f6dad9fdSMichael Klier            $pre .= '<head>' . DOKU_LF;
601c8839c22SAnika Henke            $pre .= '  <meta charset="utf-8" />' . DOKU_LF;
602f6dad9fdSMichael Klier            $pre .= '  <title>'.$ID.'</title>' . DOKU_LF;
603f6dad9fdSMichael Klier
604f6dad9fdSMichael Klier            // get metaheaders
605f6dad9fdSMichael Klier            ob_start();
606f6dad9fdSMichael Klier            tpl_metaheaders();
607f6dad9fdSMichael Klier            $pre .= ob_get_clean();
608f6dad9fdSMichael Klier
609f6dad9fdSMichael Klier            $pre .= '</head>' . DOKU_LF;
610f6dad9fdSMichael Klier            $pre .= '<body>' . DOKU_LF;
611f6dad9fdSMichael Klier            $pre .= '<div class="dokuwiki export">' . DOKU_LF;
612f6dad9fdSMichael Klier
613f6dad9fdSMichael Klier            // get toc
614f6dad9fdSMichael Klier            $pre .= tpl_toc(true);
615f6dad9fdSMichael Klier
616f6dad9fdSMichael Klier            $headers['Content-Type'] = 'text/html; charset=utf-8';
617f6dad9fdSMichael Klier            $output = p_wiki_xhtml($ID,$REV,false);
618f6dad9fdSMichael Klier
619f6dad9fdSMichael Klier            $post .= '</div>' . DOKU_LF;
620f6dad9fdSMichael Klier            $post .= '</body>' . DOKU_LF;
621f6dad9fdSMichael Klier            $post .= '</html>' . DOKU_LF;
622f6dad9fdSMichael Klier            break;
623f6dad9fdSMichael Klier        case 'xhtmlbody':
624f6dad9fdSMichael Klier            $headers['Content-Type'] = 'text/html; charset=utf-8';
625f6dad9fdSMichael Klier            $output = p_wiki_xhtml($ID,$REV,false);
626f6dad9fdSMichael Klier            break;
627f6dad9fdSMichael Klier        default:
628f6dad9fdSMichael Klier            $output = p_cached_output(wikiFN($ID,$REV), $mode);
6299acedd40SAndreas Gohr            $headers = p_get_metadata($ID,"format $mode");
630f6dad9fdSMichael Klier            break;
631f6dad9fdSMichael Klier    }
632f6dad9fdSMichael Klier
633f6dad9fdSMichael Klier    // prepare event data
634f6dad9fdSMichael Klier    $data = array();
635f6dad9fdSMichael Klier    $data['id'] = $ID;
636f6dad9fdSMichael Klier    $data['mode'] = $mode;
637f6dad9fdSMichael Klier    $data['headers'] = $headers;
638f6dad9fdSMichael Klier    $data['output'] =& $output;
639f6dad9fdSMichael Klier
640f6dad9fdSMichael Klier    trigger_event('ACTION_EXPORT_POSTPROCESS', $data);
641f6dad9fdSMichael Klier
642f6dad9fdSMichael Klier    if(!empty($data['output'])){
643f6dad9fdSMichael Klier        if(is_array($data['headers'])) foreach($data['headers'] as $key => $val){
64485767031SAndreas Gohr            header("$key: $val");
64585767031SAndreas Gohr        }
646f6dad9fdSMichael Klier        print $pre.$data['output'].$post;
6476b13307fSandi        exit;
6486b13307fSandi    }
6496b13307fSandi    return 'show';
6506b13307fSandi}
651340756e4Sandi
652b158d625SSteven Danz/**
653c4f79b71SMichael Hamann * Handle sitemap delivery
654c4f79b71SMichael Hamann *
655c4f79b71SMichael Hamann * @author Michael Hamann <michael@content-space.de>
656c4f79b71SMichael Hamann */
657c4f79b71SMichael Hamannfunction act_sitemap($act) {
658c4f79b71SMichael Hamann    global $conf;
659c4f79b71SMichael Hamann
660eae17177SMichael Hamann    if ($conf['sitemap'] < 1 || !is_numeric($conf['sitemap'])) {
661*9d2e1be6SAndreas Gohr        http_status(404);
662c4f79b71SMichael Hamann        print "Sitemap generation is disabled.";
663c4f79b71SMichael Hamann        exit;
664c4f79b71SMichael Hamann    }
665c4f79b71SMichael Hamann
666eae17177SMichael Hamann    $sitemap = Sitemapper::getFilePath();
66765f6e7d6SMichael Hamann    if (Sitemapper::sitemapIsCompressed()) {
668c4f79b71SMichael Hamann        $mime = 'application/x-gzip';
669c4f79b71SMichael Hamann    }else{
670c4f79b71SMichael Hamann        $mime = 'application/xml; charset=utf-8';
671c4f79b71SMichael Hamann    }
672c4f79b71SMichael Hamann
673c4f79b71SMichael Hamann    // Check if sitemap file exists, otherwise create it
674c4f79b71SMichael Hamann    if (!is_readable($sitemap)) {
6752897eb23SMichael Hamann        Sitemapper::generate();
676c4f79b71SMichael Hamann    }
677c4f79b71SMichael Hamann
678c4f79b71SMichael Hamann    if (is_readable($sitemap)) {
679c4f79b71SMichael Hamann        // Send headers
680c4f79b71SMichael Hamann        header('Content-Type: '.$mime);
6813009a773SAndreas Gohr        header('Content-Disposition: attachment; filename='.utf8_basename($sitemap));
682c4f79b71SMichael Hamann
683eae17177SMichael Hamann        http_conditionalRequest(filemtime($sitemap));
684eae17177SMichael Hamann
685c4f79b71SMichael Hamann        // Send file
686c4f79b71SMichael Hamann        //use x-sendfile header to pass the delivery to compatible webservers
687c4f79b71SMichael Hamann        if (http_sendfile($sitemap)) exit;
688c4f79b71SMichael Hamann
689eae17177SMichael Hamann        readfile($sitemap);
690c4f79b71SMichael Hamann        exit;
691c4f79b71SMichael Hamann    }
692c4f79b71SMichael Hamann
693*9d2e1be6SAndreas Gohr    http_status(500);
694eae17177SMichael Hamann    print "Could not read the sitemap file - bad permissions?";
695c4f79b71SMichael Hamann    exit;
696c4f79b71SMichael Hamann}
697c4f79b71SMichael Hamann
698c4f79b71SMichael Hamann/**
6995b75cd1fSAdrian Lang * Handle page 'subscribe'
700b158d625SSteven Danz *
7015b75cd1fSAdrian Lang * Throws exception on error.
7025b75cd1fSAdrian Lang *
7035b75cd1fSAdrian Lang * @author Adrian Lang <lang@cosmocode.de>
704b158d625SSteven Danz */
7051380fc45SAndreas Gohrfunction act_subscription($act){
706056c2049SAndreas Gohr    global $lang;
707056c2049SAndreas Gohr    global $INFO;
708056c2049SAndreas Gohr    global $ID;
70990f1b7bdSTom N Harris    global $INPUT;
71052b0dd67SGuy Brand
7119fa341d0SAndreas Gohr    // subcriptions work for logged in users only
7129fa341d0SAndreas Gohr    if(!$_SERVER['REMOTE_USER']) return 'show';
7139fa341d0SAndreas Gohr
714056c2049SAndreas Gohr    // get and preprocess data.
7158881fcc9SAdrian Lang    $params = array();
7168881fcc9SAdrian Lang    foreach(array('target', 'style', 'action') as $param) {
71790f1b7bdSTom N Harris        if ($INPUT->has("sub_$param")) {
71890f1b7bdSTom N Harris            $params[$param] = $INPUT->str("sub_$param");
7198881fcc9SAdrian Lang        }
7208881fcc9SAdrian Lang    }
7218881fcc9SAdrian Lang
722056c2049SAndreas Gohr    // any action given? if not just return and show the subscription page
72366d2bed9SAdrian Lang    if(!$params['action'] || !checkSecurityToken()) return $act;
724056c2049SAndreas Gohr
7258881fcc9SAdrian Lang    // Handle POST data, may throw exception.
7268881fcc9SAdrian Lang    trigger_event('ACTION_HANDLE_SUBSCRIBE', $params, 'subscription_handle_post');
7278881fcc9SAdrian Lang
7288881fcc9SAdrian Lang    $target = $params['target'];
7298881fcc9SAdrian Lang    $style  = $params['style'];
7308881fcc9SAdrian Lang    $action = $params['action'];
7318881fcc9SAdrian Lang
7328881fcc9SAdrian Lang    // Perform action.
733a0519fdaSAndreas Gohr    $sub = new Subscription();
734a0519fdaSAndreas Gohr    if($action == 'unsubscribe'){
735a0519fdaSAndreas Gohr        $ok = $sub->remove($target, $_SERVER['REMOTE_USER'], $style);
736a0519fdaSAndreas Gohr    }else{
737a0519fdaSAndreas Gohr        $ok = $sub->add($target, $_SERVER['REMOTE_USER'], $style);
738a0519fdaSAndreas Gohr    }
739a0519fdaSAndreas Gohr
740a0519fdaSAndreas Gohr    if($ok) {
741a0519fdaSAndreas Gohr        msg(sprintf($lang["subscr_{$action}_success"], hsc($INFO['userinfo']['name']),
742a0519fdaSAndreas Gohr                    prettyprint_id($target)), 1);
743a0519fdaSAndreas Gohr        act_redirect($ID, $act);
744a0519fdaSAndreas Gohr    } else {
7458881fcc9SAdrian Lang        throw new Exception(sprintf($lang["subscr_{$action}_error"],
7468881fcc9SAdrian Lang                                    hsc($INFO['userinfo']['name']),
7478881fcc9SAdrian Lang                                    prettyprint_id($target)));
7488881fcc9SAdrian Lang    }
749cb3f9dbaSAdrian Lang
750cb3f9dbaSAdrian Lang    // Assure that we have valid data if act_redirect somehow fails.
751a0519fdaSAndreas Gohr    $INFO['subscribed'] = $sub->user_subscription();
752cb3f9dbaSAdrian Lang    return 'show';
7538881fcc9SAdrian Lang}
7548881fcc9SAdrian Lang
7558881fcc9SAdrian Lang/**
7568881fcc9SAdrian Lang * Validate POST data
7578881fcc9SAdrian Lang *
7588881fcc9SAdrian Lang * Validates POST data for a subscribe or unsubscribe request. This is the
7598881fcc9SAdrian Lang * default action for the event ACTION_HANDLE_SUBSCRIBE.
7608881fcc9SAdrian Lang *
7618881fcc9SAdrian Lang * @author Adrian Lang <lang@cosmocode.de>
7628881fcc9SAdrian Lang */
7637a9add1cSAdrian Langfunction subscription_handle_post(&$params) {
7648881fcc9SAdrian Lang    global $INFO;
7658881fcc9SAdrian Lang    global $lang;
7668881fcc9SAdrian Lang
7675b75cd1fSAdrian Lang    // Get and validate parameters.
7688881fcc9SAdrian Lang    if (!isset($params['target'])) {
76915741132SAndreas Gohr        throw new Exception('no subscription target given');
7705b75cd1fSAdrian Lang    }
7718881fcc9SAdrian Lang    $target = $params['target'];
7725b75cd1fSAdrian Lang    $valid_styles = array('every', 'digest');
7735b75cd1fSAdrian Lang    if (substr($target, -1, 1) === ':') {
7745b75cd1fSAdrian Lang        // Allow “list” subscribe style since the target is a namespace.
7755b75cd1fSAdrian Lang        $valid_styles[] = 'list';
7765b75cd1fSAdrian Lang    }
7778881fcc9SAdrian Lang    $style  = valid_input_set('style', $valid_styles, $params,
77815741132SAndreas Gohr                              'invalid subscription style given');
7798881fcc9SAdrian Lang    $action = valid_input_set('action', array('subscribe', 'unsubscribe'),
78015741132SAndreas Gohr                              $params, 'invalid subscription action given');
781613964ecSGuy Brand
7825b75cd1fSAdrian Lang    // Check other conditions.
7835b75cd1fSAdrian Lang    if ($action === 'subscribe') {
7845b75cd1fSAdrian Lang        if ($INFO['userinfo']['mail'] === '') {
7855b75cd1fSAdrian Lang            throw new Exception($lang['subscr_subscribe_noaddress']);
78652b0dd67SGuy Brand        }
7875b75cd1fSAdrian Lang    } elseif ($action === 'unsubscribe') {
7885b75cd1fSAdrian Lang        $is = false;
7895b75cd1fSAdrian Lang        foreach($INFO['subscribed'] as $subscr) {
7905b75cd1fSAdrian Lang            if ($subscr['target'] === $target) {
7915b75cd1fSAdrian Lang                $is = true;
79252b0dd67SGuy Brand            }
79352b0dd67SGuy Brand        }
7945b75cd1fSAdrian Lang        if ($is === false) {
79515741132SAndreas Gohr            throw new Exception(sprintf($lang['subscr_not_subscribed'],
79615741132SAndreas Gohr                                        $_SERVER['REMOTE_USER'],
7975b75cd1fSAdrian Lang                                        prettyprint_id($target)));
7985b75cd1fSAdrian Lang        }
7995b75cd1fSAdrian Lang        // subscription_set deletes a subscription if style = null.
8005b75cd1fSAdrian Lang        $style = null;
80152b0dd67SGuy Brand    }
80252b0dd67SGuy Brand
80316c665d9SAndreas Gohr    $params = compact('target', 'style', 'action');
80452b0dd67SGuy Brand}
80552b0dd67SGuy Brand
806e3776c06SMichael Hamann//Setup VIM: ex: et ts=2 :
807