xref: /dokuwiki/inc/actions.php (revision af1824345c357da2fbf69f5690b1135b29a14a1a) 
16b13307fSandi<?php
26b13307fSandi/**
36b13307fSandi * DokuWiki Actions
46b13307fSandi *
56b13307fSandi * @license    GPL 2 (http://www.gnu.org/licenses/gpl.html)
66b13307fSandi * @author     Andreas Gohr <andi@splitbrain.org>
76b13307fSandi */
86b13307fSandi
96b13307fSandi  if(!defined('DOKU_INC')) define('DOKU_INC',realpath(dirname(__FILE__).'/../').'/');
106b13307fSandi  require_once(DOKU_INC.'inc/template.php');
116b13307fSandi
12*af182434Sandi
136b13307fSandi/**
146b13307fSandi * Call the needed action handlers
156b13307fSandi *
166b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
176b13307fSandi */
186b13307fSandifunction act_dispatch(){
196b13307fSandi  global $INFO;
206b13307fSandi  global $ACT;
216b13307fSandi  global $ID;
226b13307fSandi  global $QUERY;
236b13307fSandi  global $lang;
246b13307fSandi  global $conf;
256b13307fSandi
26*af182434Sandi  //sanitize $ACT
27*af182434Sandi  $ACT = act_clean($ACT);
28*af182434Sandi
296b13307fSandi  //check permissions
306b13307fSandi  $ACT = act_permcheck($ACT);
316b13307fSandi
326b13307fSandi  //login stuff
336b13307fSandi  if(in_array($ACT,array('login','logout','register')))
346b13307fSandi    $ACT = act_login($ACT);
356b13307fSandi
366b13307fSandi  //save
376b13307fSandi  if($ACT == 'save')
386b13307fSandi    $ACT = act_save($ACT);
396b13307fSandi
406b13307fSandi  //edit
416b13307fSandi  if(($ACT == 'edit' || $ACT == $lang['btn_preview']) && $INFO['editable']){
42*af182434Sandi    $ACT = act_edit($ACT);
436b13307fSandi  }else{
446b13307fSandi    unlock($ID); //try to unlock
456b13307fSandi  }
466b13307fSandi
476b13307fSandi  //handle export
486b13307fSandi  if(substr($ACT,0,6) == 'export')
496b13307fSandi    $ACT = act_export($ACT);
506b13307fSandi
516b13307fSandi  //display some infos
526b13307fSandi  if($ACT == 'check'){
536b13307fSandi    check();
546b13307fSandi    $ACT = 'show';
556b13307fSandi  }
566b13307fSandi
576b13307fSandi  //check if searchword was given - else just show
586b13307fSandi  if($ACT == 'search' && empty($QUERY)){
596b13307fSandi    $ACT = 'show';
606b13307fSandi  }
616b13307fSandi
626b13307fSandi  //call template FIXME: all needed vars available?
636b13307fSandi  header('Content-Type: text/html; charset=utf-8');
646b13307fSandi  include(DOKU_INC.'tpl/'.$conf['template'].'/main.php');
656b13307fSandi}
666b13307fSandi
676b13307fSandi/**
68*af182434Sandi * Sanitize the action command
69*af182434Sandi *
70*af182434Sandi * Add all allowed commands here.
71*af182434Sandi *
72*af182434Sandi * @author Andreas Gohr <andi@splitbrain.org>
73*af182434Sandi */
74*af182434Sandifunction act_clean($act){
75*af182434Sandi  global $lang;
76*af182434Sandi  global $conf;
77*af182434Sandi
78*af182434Sandi  if($act == 'register' && !$conf['openregister'])
79*af182434Sandi    return 'show';
80*af182434Sandi
81*af182434Sandi  if(!array_search($act,array('login','logout','register','save','edit',
82*af182434Sandi                              $lang['btn_preview'],'export_raw','export_html',
83*af182434Sandi                              'search','show','check','index','revisions',
84*af182434Sandi                              'diff','recent','backlink',))){
85*af182434Sandi    msg('Unknown command',-1);
86*af182434Sandi    return 'show';
87*af182434Sandi  }
88*af182434Sandi  return $act;
89*af182434Sandi}
90*af182434Sandi
91*af182434Sandi/**
926b13307fSandi * Run permissionchecks
936b13307fSandi *
946b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
956b13307fSandi */
966b13307fSandifunction act_permcheck($act){
976b13307fSandi  if(in_array($act,array('save','preview','edit'))){
986b13307fSandi    if($INFO['exists']){
996b13307fSandi      $permneed = AUTH_EDIT;
1006b13307fSandi    }else{
1016b13307fSandi      $permneed = AUTH_CREATE;
1026b13307fSandi    }
1036b13307fSandi  }elseif(in_array($act,array('login','register','search','recent'))){
1046b13307fSandi    $permneed = AUTH_NONE;
1056b13307fSandi  }else{
1066b13307fSandi    $permneed = AUTH_READ;
1076b13307fSandi  }
1086b13307fSandi  if(! auth_quickaclcheck($ID) >= $permneed){
1096b13307fSandi    return 'denied';
1106b13307fSandi  }
1116b13307fSandi
112*af182434Sandi
1136b13307fSandi  return $act;
1146b13307fSandi}
1156b13307fSandi
1166b13307fSandi/**
1176b13307fSandi * Handle 'save'
1186b13307fSandi *
1196b13307fSandi * Checks for spam and conflicts and saves the page.
1206b13307fSandi * Does a redirect to show the page afterwards or
1216b13307fSandi * returns a new action.
1226b13307fSandi *
1236b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
1246b13307fSandi */
1256b13307fSandifunction act_save($act){
1266b13307fSandi  global $ID;
1276b13307fSandi  global $DATE;
1286b13307fSandi  global $PRE;
1296b13307fSandi  global $TEXT;
1306b13307fSandi  global $SUF;
1316b13307fSandi  global $SUM;
1326b13307fSandi
1336b13307fSandi  //spam check
1346b13307fSandi  if(checkwordblock())
1356b13307fSandi    return 'wordblock';
1366b13307fSandi  //conflict check //FIXME use INFO
1376b13307fSandi  if($DATE != 0 && @filemtime(wikiFN($ID)) > $DATE )
1386b13307fSandi    return 'conflict';
1396b13307fSandi
1406b13307fSandi  //save it
1416b13307fSandi  saveWikiText($ID,con($PRE,$TEXT,$SUF,1),$SUM); //use pretty mode for con
1426b13307fSandi  //unlock it
1436b13307fSandi  unlock($ID);
1446b13307fSandi
1456b13307fSandi  //show it
1466b13307fSandi  session_write_close();
1476b13307fSandi  header("Location: ".wl($ID,'',true));
1486b13307fSandi  exit();
1496b13307fSandi}
1506b13307fSandi
1516b13307fSandi/**
1526b13307fSandi * Handle 'login', 'logout', 'register'
1536b13307fSandi *
1546b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
1556b13307fSandi */
1566b13307fSandifunction act_auth($act){
1576b13307fSandi  //already logged in?
1586b13307fSandi  if($_SERVER['REMOTE_USER'] && $act=='login')
1596b13307fSandi    return 'show';
1606b13307fSandi
1616b13307fSandi  //handle logout
1626b13307fSandi  if($act=='logout'){
1636b13307fSandi    auth_logoff();
1646b13307fSandi    return 'login';
1656b13307fSandi  }
1666b13307fSandi
1676b13307fSandi  //handle register
1686b13307fSandi  if($act=='register' && register()){
1696b13307fSandi    $act='login';
1706b13307fSandi  }
1716b13307fSandi
1726b13307fSandi  return $act;
1736b13307fSandi}
1746b13307fSandi
1756b13307fSandi/**
1766b13307fSandi * Handle 'edit', 'preview'
1776b13307fSandi *
1786b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
1796b13307fSandi */
1806b13307fSandifunction act_edit($act){
1816b13307fSandi  //check if locked by anyone - if not lock for my self
1826b13307fSandi  $lockedby = checklock($ID);
1836b13307fSandi  if($lockedby) return 'locked';
1846b13307fSandi
1856b13307fSandi  lock($ID);
1866b13307fSandi  return $act;
1876b13307fSandi}
1886b13307fSandi
1896b13307fSandi/**
1906b13307fSandi * Handle 'edit', 'preview'
1916b13307fSandi *
1926b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
1936b13307fSandi */
1946b13307fSandifunction act_export($act){
1956b13307fSandi  global $ID;
1966b13307fSandi  global $REV;
1976b13307fSandi
1986b13307fSandi  if($act == 'export_html'){
1996b13307fSandi    header('Content-Type: text/html; charset=utf-8');
2006b13307fSandi    ptln('<html>');
2016b13307fSandi    ptln('<head>');
2026b13307fSandi    tpl_metaheaders();
2036b13307fSandi    ptln('</head>');
2046b13307fSandi    ptln('<body>');
2056b13307fSandi    print parsedWiki($ID,$REV,false);
2066b13307fSandi    ptln('</body>');
2076b13307fSandi    ptln('</html>');
2086b13307fSandi    exit;
2096b13307fSandi  }
2106b13307fSandi
2116b13307fSandi  if($act == 'export_raw'){
2126b13307fSandi    header('Content-Type: text/plain; charset=utf-8');
2136b13307fSandi    print rawWiki($ID,$REV);
2146b13307fSandi    exit;
2156b13307fSandi  }
2166b13307fSandi
2176b13307fSandi  return 'show';
2186b13307fSandi}
2196b13307fSandi?>
220