16b13307fSandi<?php 26b13307fSandi/** 36b13307fSandi * DokuWiki Actions 46b13307fSandi * 56b13307fSandi * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) 66b13307fSandi * @author Andreas Gohr <andi@splitbrain.org> 76b13307fSandi */ 86b13307fSandi 96b13307fSandi if(!defined('DOKU_INC')) define('DOKU_INC',realpath(dirname(__FILE__).'/../').'/'); 106b13307fSandi require_once(DOKU_INC.'inc/template.php'); 116b13307fSandi 12af182434Sandi 136b13307fSandi/** 146b13307fSandi * Call the needed action handlers 156b13307fSandi * 166b13307fSandi * @author Andreas Gohr <andi@splitbrain.org> 176b13307fSandi */ 186b13307fSandifunction act_dispatch(){ 196b13307fSandi global $INFO; 206b13307fSandi global $ACT; 216b13307fSandi global $ID; 226b13307fSandi global $QUERY; 236b13307fSandi global $lang; 246b13307fSandi global $conf; 256b13307fSandi 26af182434Sandi //sanitize $ACT 27af182434Sandi $ACT = act_clean($ACT); 28af182434Sandi 29b8957367SBenjamin Gilbert //check if searchword was given - else just show 30b8957367SBenjamin Gilbert if($ACT == 'search' && empty($QUERY)){ 31b8957367SBenjamin Gilbert $ACT = 'show'; 32b8957367SBenjamin Gilbert } 33b8957367SBenjamin Gilbert 34b8957367SBenjamin Gilbert //login stuff 35b8957367SBenjamin Gilbert if(in_array($ACT,array('login','logout'))) 36b8957367SBenjamin Gilbert $ACT = act_auth($ACT); 37b8957367SBenjamin Gilbert 38*b158d625SSteven Danz //check if user is asking to track a page 39*b158d625SSteven Danz if($ACT == 'track' || $ACT == 'ignore') 40*b158d625SSteven Danz $ACT = act_track($ACT); 41*b158d625SSteven Danz 426b13307fSandi //check permissions 436b13307fSandi $ACT = act_permcheck($ACT); 446b13307fSandi 45b8957367SBenjamin Gilbert //register 46b8957367SBenjamin Gilbert if($ACT == 'register' && register()){ 47b8957367SBenjamin Gilbert $ACT = 'login'; 48b8957367SBenjamin Gilbert } 496b13307fSandi 506b13307fSandi //save 516b13307fSandi if($ACT == 'save') 526b13307fSandi $ACT = act_save($ACT); 536b13307fSandi 546b13307fSandi //edit 55b146b32bSandi if(($ACT == 'edit' || $ACT == 'preview') && $INFO['editable']){ 56af182434Sandi $ACT = act_edit($ACT); 576b13307fSandi }else{ 586b13307fSandi unlock($ID); //try to unlock 596b13307fSandi } 606b13307fSandi 616b13307fSandi //handle export 62ac83b9d8Sandi if(substr($ACT,0,7) == 'export_') 636b13307fSandi $ACT = act_export($ACT); 646b13307fSandi 656b13307fSandi //display some infos 666b13307fSandi if($ACT == 'check'){ 676b13307fSandi check(); 686b13307fSandi $ACT = 'show'; 696b13307fSandi } 706b13307fSandi 71c19fe9c0Sandi //handle admin tasks 72c19fe9c0Sandi if($ACT == 'admin'){ 73c19fe9c0Sandi if($_REQUEST['page'] == 'acl'){ 74c19fe9c0Sandi require_once(DOKU_INC.'inc/admin_acl.php'); 75c19fe9c0Sandi admin_acl_handler(); 76c19fe9c0Sandi } 77c19fe9c0Sandi } 78c19fe9c0Sandi 796b13307fSandi //call template FIXME: all needed vars available? 806b13307fSandi header('Content-Type: text/html; charset=utf-8'); 815a892029SAndreas Gohr include(template('main.php')); 82c19fe9c0Sandi // output for the commands is now handled in inc/templates.php 83c19fe9c0Sandi // in function tpl_content() 846b13307fSandi} 856b13307fSandi 866b13307fSandi/** 87af182434Sandi * Sanitize the action command 88af182434Sandi * 89af182434Sandi * Add all allowed commands here. 90af182434Sandi * 91af182434Sandi * @author Andreas Gohr <andi@splitbrain.org> 92af182434Sandi */ 93af182434Sandifunction act_clean($act){ 94af182434Sandi global $lang; 95af182434Sandi 96cf81b04aSandi //handle localized buttons 97cf81b04aSandi if($act == $lang['btn_save']) $act = 'save'; 98cf81b04aSandi if($act == $lang['btn_preview']) $act = 'preview'; 99cf81b04aSandi if($act == $lang['btn_cancel']) $act = 'show'; 100cf81b04aSandi 101ac83b9d8Sandi //remove all bad chars 102ac83b9d8Sandi $act = strtolower($act); 103ac83b9d8Sandi $act = preg_replace('/[^a-z_]+/','',$act); 104ac83b9d8Sandi 105ac83b9d8Sandi if($act == 'export_html') $act = 'export_xhtml'; 106b146b32bSandi 1072f597e0eSandi if(array_search($act,array('login','logout','register','save','edit', 108ac83b9d8Sandi 'preview','search','show','check','index','revisions', 109*b158d625SSteven Danz 'diff','recent','backlink','admin','track','ignore',)) === false 110ac83b9d8Sandi && substr($act,0,7) != 'export_' ) { 111b146b32bSandi msg('Unknown command: '.htmlspecialchars($act),-1); 112af182434Sandi return 'show'; 113af182434Sandi } 114af182434Sandi return $act; 115af182434Sandi} 116af182434Sandi 117af182434Sandi/** 1186b13307fSandi * Run permissionchecks 1196b13307fSandi * 1206b13307fSandi * @author Andreas Gohr <andi@splitbrain.org> 1216b13307fSandi */ 1226b13307fSandifunction act_permcheck($act){ 123dbbc6aa7Sandi global $INFO; 1245e199953Smatthiasgrimm global $conf; 125dbbc6aa7Sandi 1266b13307fSandi if(in_array($act,array('save','preview','edit'))){ 1276b13307fSandi if($INFO['exists']){ 128bdbc16bfSandi if($act == 'edit'){ 129bdbc16bfSandi //the edit function will check again and do a source show 130bdbc16bfSandi //when no AUTH_EDIT available 131bdbc16bfSandi $permneed = AUTH_READ; 132bdbc16bfSandi }else{ 1336b13307fSandi $permneed = AUTH_EDIT; 134bdbc16bfSandi } 1356b13307fSandi }else{ 1366b13307fSandi $permneed = AUTH_CREATE; 1376b13307fSandi } 1385e199953Smatthiasgrimm }elseif(in_array($act,array('login','search','recent'))){ 1396b13307fSandi $permneed = AUTH_NONE; 1405e199953Smatthiasgrimm }elseif($act == 'register'){ 141e1fcbe1eSandi if ($conf['openregister']){ 1425e199953Smatthiasgrimm $permneed = AUTH_NONE; 143e1fcbe1eSandi }else{ 144e1fcbe1eSandi $permneed = AUTH_ADMIN; 145e1fcbe1eSandi } 146c19fe9c0Sandi }elseif($act == 'admin'){ 147c19fe9c0Sandi $permneed = AUTH_ADMIN; 1486b13307fSandi }else{ 1496b13307fSandi $permneed = AUTH_READ; 1506b13307fSandi } 151dbbc6aa7Sandi if($INFO['perm'] >= $permneed) return $act; 152dbbc6aa7Sandi 1536b13307fSandi return 'denied'; 1546b13307fSandi} 1556b13307fSandi 1566b13307fSandi/** 1576b13307fSandi * Handle 'save' 1586b13307fSandi * 1596b13307fSandi * Checks for spam and conflicts and saves the page. 1606b13307fSandi * Does a redirect to show the page afterwards or 1616b13307fSandi * returns a new action. 1626b13307fSandi * 1636b13307fSandi * @author Andreas Gohr <andi@splitbrain.org> 1646b13307fSandi */ 1656b13307fSandifunction act_save($act){ 1666b13307fSandi global $ID; 1676b13307fSandi global $DATE; 1686b13307fSandi global $PRE; 1696b13307fSandi global $TEXT; 1706b13307fSandi global $SUF; 1716b13307fSandi global $SUM; 1726b13307fSandi 1736b13307fSandi //spam check 1746b13307fSandi if(checkwordblock()) 1756b13307fSandi return 'wordblock'; 1766b13307fSandi //conflict check //FIXME use INFO 1776b13307fSandi if($DATE != 0 && @filemtime(wikiFN($ID)) > $DATE ) 1786b13307fSandi return 'conflict'; 1796b13307fSandi 1806b13307fSandi //save it 1816b13307fSandi saveWikiText($ID,con($PRE,$TEXT,$SUF,1),$SUM); //use pretty mode for con 1826b13307fSandi //unlock it 1836b13307fSandi unlock($ID); 1846b13307fSandi 1856b13307fSandi //show it 1866b13307fSandi session_write_close(); 1876b13307fSandi header("Location: ".wl($ID,'',true)); 1886b13307fSandi exit(); 1896b13307fSandi} 1906b13307fSandi 1916b13307fSandi/** 192b8957367SBenjamin Gilbert * Handle 'login', 'logout' 1936b13307fSandi * 1946b13307fSandi * @author Andreas Gohr <andi@splitbrain.org> 1956b13307fSandi */ 1966b13307fSandifunction act_auth($act){ 19708eda5bcSmatthiasgrimm global $ID; 19808eda5bcSmatthiasgrimm 1996b13307fSandi //already logged in? 2006b13307fSandi if($_SERVER['REMOTE_USER'] && $act=='login') 2016b13307fSandi return 'show'; 2026b13307fSandi 2036b13307fSandi //handle logout 2046b13307fSandi if($act=='logout'){ 20508eda5bcSmatthiasgrimm $lockedby = checklock($ID); //page still locked? 206424c3c4fSJohannes Buchner if($lockedby == $_SERVER['REMOTE_USER']) 20708eda5bcSmatthiasgrimm unlock($ID); //try to unlock 20808eda5bcSmatthiasgrimm 2096b13307fSandi auth_logoff(); 2106b13307fSandi return 'login'; 2116b13307fSandi } 2126b13307fSandi 2136b13307fSandi return $act; 2146b13307fSandi} 2156b13307fSandi 2166b13307fSandi/** 2176b13307fSandi * Handle 'edit', 'preview' 2186b13307fSandi * 2196b13307fSandi * @author Andreas Gohr <andi@splitbrain.org> 2206b13307fSandi */ 2216b13307fSandifunction act_edit($act){ 222cd409024Sjorda global $ID; 223cd409024Sjorda 2246b13307fSandi //check if locked by anyone - if not lock for my self 2256b13307fSandi $lockedby = checklock($ID); 2266b13307fSandi if($lockedby) return 'locked'; 2276b13307fSandi 2286b13307fSandi lock($ID); 2296b13307fSandi return $act; 2306b13307fSandi} 2316b13307fSandi 2326b13307fSandi/** 2336b13307fSandi * Handle 'edit', 'preview' 2346b13307fSandi * 2356b13307fSandi * @author Andreas Gohr <andi@splitbrain.org> 2366b13307fSandi */ 2376b13307fSandifunction act_export($act){ 2386b13307fSandi global $ID; 2396b13307fSandi global $REV; 2406b13307fSandi 241ac83b9d8Sandi // no renderer for this 242ac83b9d8Sandi if($act == 'export_raw'){ 243ac83b9d8Sandi header('Content-Type: text/plain; charset=utf-8'); 244ac83b9d8Sandi print rawWiki($ID,$REV); 245ac83b9d8Sandi exit; 246ac83b9d8Sandi } 247ac83b9d8Sandi 248ac83b9d8Sandi // html export #FIXME what about the template's style? 249ac83b9d8Sandi if($act == 'export_xhtml'){ 2506b13307fSandi header('Content-Type: text/html; charset=utf-8'); 2516b13307fSandi ptln('<html>'); 2526b13307fSandi ptln('<head>'); 2536b13307fSandi tpl_metaheaders(); 2546b13307fSandi ptln('</head>'); 2556b13307fSandi ptln('<body>'); 256ac83b9d8Sandi print p_wiki_xhtml($ID,$REV,false); 2576b13307fSandi ptln('</body>'); 2586b13307fSandi ptln('</html>'); 2596b13307fSandi exit; 2606b13307fSandi } 2616b13307fSandi 262ac83b9d8Sandi // try to run renderer #FIXME use cached instructions 263ac83b9d8Sandi $mode = substr($act,7); 2649dc2c2afSandi $text = p_render($mode,p_get_instructions(rawWiki($ID,$REV)),$info); 265ac83b9d8Sandi if(!is_null($text)){ 266ac83b9d8Sandi print $text; 2676b13307fSandi exit; 2686b13307fSandi } 2696b13307fSandi 270ac83b9d8Sandi 271ac83b9d8Sandi 2726b13307fSandi return 'show'; 2736b13307fSandi} 274340756e4Sandi 275*b158d625SSteven Danz/** 276*b158d625SSteven Danz * Handle 'track', 'ignore' 277*b158d625SSteven Danz * 278*b158d625SSteven Danz * @author Steven Danz <steven-danz@kc.rr.com> 279*b158d625SSteven Danz */ 280*b158d625SSteven Danzfunction act_track($act){ 281*b158d625SSteven Danz global $ID; 282*b158d625SSteven Danz global $INFO; 283*b158d625SSteven Danz 284*b158d625SSteven Danz $tracking = tracking($ID, $_SERVER['REMOTE_USER']); 285*b158d625SSteven Danz $file=wikiMN($ID); 286*b158d625SSteven Danz if ($act=='track' && !$tracking){ 287*b158d625SSteven Danz if ($INFO['userinfo']['mail']){ 288*b158d625SSteven Danz if (io_appendFile($file,$_SERVER['REMOTE_USER']."\n")) { 289*b158d625SSteven Danz msg('Added '.$INFO['userinfo']['name'].' to tracking list for '.$ID,0); 290*b158d625SSteven Danz } else { 291*b158d625SSteven Danz msg('Error adding '.$INFO['userinfo']['name'].' to tracking list for '.$ID,0); 292*b158d625SSteven Danz } 293*b158d625SSteven Danz } else { 294*b158d625SSteven Danz msg('There is no address associated with your login, you cannot be added to the tracking list',-1); 295*b158d625SSteven Danz } 296*b158d625SSteven Danz } elseif ($act=='ignore' && $tracking){ 297*b158d625SSteven Danz if (io_deleteFromFile($file,$_SERVER['REMOTE_USER']."\n")) { 298*b158d625SSteven Danz msg('Removed '.$INFO['userinfo']['name'].' from the tracking list for '.$ID,0); 299*b158d625SSteven Danz } else { 300*b158d625SSteven Danz msg('Error removing '.$INFO['userinfo']['name'].' to tracking list for '.$ID,0); 301*b158d625SSteven Danz } 302*b158d625SSteven Danz } 303*b158d625SSteven Danz 304*b158d625SSteven Danz return 'show'; 305*b158d625SSteven Danz} 306*b158d625SSteven Danz 307340756e4Sandi 308340756e4Sandi//Setup VIM: ex: et ts=2 enc=utf-8 : 309