xref: /dokuwiki/inc/actions.php (revision bb4866bd74ec6b55bf41e75c158d940dced91f2f) 
16b13307fSandi<?php
26b13307fSandi/**
36b13307fSandi * DokuWiki Actions
46b13307fSandi *
56b13307fSandi * @license    GPL 2 (http://www.gnu.org/licenses/gpl.html)
66b13307fSandi * @author     Andreas Gohr <andi@splitbrain.org>
76b13307fSandi */
86b13307fSandi
96b13307fSandi  if(!defined('DOKU_INC')) define('DOKU_INC',realpath(dirname(__FILE__).'/../').'/');
106b13307fSandi  require_once(DOKU_INC.'inc/template.php');
116b13307fSandi
12af182434Sandi
136b13307fSandi/**
146b13307fSandi * Call the needed action handlers
156b13307fSandi *
166b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
176b13307fSandi */
186b13307fSandifunction act_dispatch(){
196b13307fSandi  global $INFO;
206b13307fSandi  global $ACT;
216b13307fSandi  global $ID;
226b13307fSandi  global $QUERY;
236b13307fSandi  global $lang;
246b13307fSandi  global $conf;
256b13307fSandi
26c2e830f2Schris  // give plugins an opportunity to process the action
2724bb549bSchris  $evt = new Doku_Event('ACTION_ACT_PREPROCESS',$ACT);
2824bb549bSchris  if ($evt->advise_before()) {
29c2e830f2Schris
30af182434Sandi    //sanitize $ACT
31af182434Sandi    $ACT = act_clean($ACT);
32af182434Sandi
33b8957367SBenjamin Gilbert    //check if searchword was given - else just show
340868021bSAndreas Gohr    $s = cleanID($QUERY);
350868021bSAndreas Gohr    if($ACT == 'search' && empty($s)){
36b8957367SBenjamin Gilbert      $ACT = 'show';
37b8957367SBenjamin Gilbert    }
38b8957367SBenjamin Gilbert
39b8957367SBenjamin Gilbert    //login stuff
40b8957367SBenjamin Gilbert    if(in_array($ACT,array('login','logout')))
41b8957367SBenjamin Gilbert      $ACT = act_auth($ACT);
42b8957367SBenjamin Gilbert
431380fc45SAndreas Gohr    //check if user is asking to (un)subscribe a page
441380fc45SAndreas Gohr    if($ACT == 'subscribe' || $ACT == 'unsubscribe')
451380fc45SAndreas Gohr      $ACT = act_subscription($ACT);
46b158d625SSteven Danz
476b13307fSandi    //check permissions
486b13307fSandi    $ACT = act_permcheck($ACT);
496b13307fSandi
50b8957367SBenjamin Gilbert    //register
51b8957367SBenjamin Gilbert    if($ACT == 'register' && register()){
52b8957367SBenjamin Gilbert      $ACT = 'login';
53b8957367SBenjamin Gilbert    }
546b13307fSandi
558b06d178Schris    if ($ACT == 'resendpwd' && act_resendpwd()) {
568b06d178Schris      $ACT = 'login';
578b06d178Schris    }
588b06d178Schris
598b06d178Schris    //update user profile
608b06d178Schris    if (($ACT == 'profile') && updateprofile()) {
614cb79657SMatthias Grimm      msg($lang['profchanged'],1);
624cb79657SMatthias Grimm      $ACT = 'show';
638b06d178Schris    }
648b06d178Schris
656b13307fSandi    //save
666b13307fSandi    if($ACT == 'save')
676b13307fSandi      $ACT = act_save($ACT);
686b13307fSandi
69ee4c4a1bSAndreas Gohr    //draft deletion
70ee4c4a1bSAndreas Gohr    if($ACT == 'draftdel')
71ee4c4a1bSAndreas Gohr      $ACT = act_draftdel($ACT);
72ee4c4a1bSAndreas Gohr
73ee4c4a1bSAndreas Gohr    //draft saving on preview
74ee4c4a1bSAndreas Gohr    if($ACT == 'preview')
75ee4c4a1bSAndreas Gohr      $ACT = act_draftsave($ACT);
76ee4c4a1bSAndreas Gohr
776b13307fSandi    //edit
78b146b32bSandi    if(($ACT == 'edit' || $ACT == 'preview') && $INFO['editable']){
79af182434Sandi      $ACT = act_edit($ACT);
806b13307fSandi    }else{
816b13307fSandi      unlock($ID); //try to unlock
826b13307fSandi    }
836b13307fSandi
846b13307fSandi    //handle export
85ac83b9d8Sandi    if(substr($ACT,0,7) == 'export_')
866b13307fSandi      $ACT = act_export($ACT);
876b13307fSandi
886b13307fSandi    //display some infos
896b13307fSandi    if($ACT == 'check'){
906b13307fSandi      check();
916b13307fSandi      $ACT = 'show';
926b13307fSandi    }
936b13307fSandi
94c19fe9c0Sandi    //handle admin tasks
95c19fe9c0Sandi    if($ACT == 'admin'){
9611e2ce22Schris      // retrieve admin plugin name from $_REQUEST['page']
97*bb4866bdSchris      if (!empty($_REQUEST['page'])) {
9811e2ce22Schris          $pluginlist = plugin_list('admin');
9911e2ce22Schris          if (in_array($_REQUEST['page'], $pluginlist)) {
10011e2ce22Schris            // attempt to load the plugin
10111e2ce22Schris            if ($plugin =& plugin_load('admin',$_REQUEST['page']) !== NULL)
10211e2ce22Schris                $plugin->handle();
10311e2ce22Schris          }
10411e2ce22Schris      }
105c19fe9c0Sandi    }
1065f312bacSAndreas Gohr
1075f312bacSAndreas Gohr    // check permissions again - the action may have changed
1085f312bacSAndreas Gohr    $ACT = act_permcheck($ACT);
10924bb549bSchris  }  // end event ACTION_ACT_PREPROCESS default action
11024bb549bSchris  $evt->advise_after();
11124bb549bSchris  unset($evt);
112c19fe9c0Sandi
1135f312bacSAndreas Gohr
1146b13307fSandi  //call template FIXME: all needed vars available?
115f63a2007Schris  $headers[] = 'Content-Type: text/html; charset=utf-8';
116746855cfSBen Coburn  trigger_event('ACTION_HEADERS_SEND',$headers,'act_sendheaders');
117f63a2007Schris
1185a892029SAndreas Gohr  include(template('main.php'));
119c19fe9c0Sandi  // output for the commands is now handled in inc/templates.php
120c19fe9c0Sandi  // in function tpl_content()
1216b13307fSandi}
1226b13307fSandi
123f63a2007Schrisfunction act_sendheaders($headers) {
124f63a2007Schris  foreach ($headers as $hdr) header($hdr);
125f63a2007Schris}
126f63a2007Schris
1276b13307fSandi/**
128af182434Sandi * Sanitize the action command
129af182434Sandi *
130af182434Sandi * Add all allowed commands here.
131af182434Sandi *
132af182434Sandi * @author Andreas Gohr <andi@splitbrain.org>
133af182434Sandi */
134af182434Sandifunction act_clean($act){
135af182434Sandi  global $lang;
13660e6b550SAndreas Gohr  global $conf;
137af182434Sandi
138ee4c4a1bSAndreas Gohr  // check if the action was given as array key
139ee4c4a1bSAndreas Gohr  if(is_array($act)){
140ee4c4a1bSAndreas Gohr    list($act) = array_keys($act);
141ee4c4a1bSAndreas Gohr  }
142ee4c4a1bSAndreas Gohr
143cf81b04aSandi  //handle localized buttons
144cf81b04aSandi  if($act == $lang['btn_save'])     $act = 'save';
145cf81b04aSandi  if($act == $lang['btn_preview'])  $act = 'preview';
146cf81b04aSandi  if($act == $lang['btn_cancel'])   $act = 'show';
147ee4c4a1bSAndreas Gohr  if($act == $lang['btn_recover'])  $act = 'recover';
148ee4c4a1bSAndreas Gohr  if($act == $lang['btn_draftdel']) $act = 'draftdel';
149ee4c4a1bSAndreas Gohr
150cf81b04aSandi
151ac83b9d8Sandi  //remove all bad chars
152ac83b9d8Sandi  $act = strtolower($act);
153ac83b9d8Sandi  $act = preg_replace('/[^a-z_]+/','',$act);
154ac83b9d8Sandi
155ac83b9d8Sandi  if($act == 'export_html') $act = 'export_xhtml';
156cc2ae802SAndreas Gohr  if($act == 'export_htmlbody') $act = 'export_xhtmlbody';
157b146b32bSandi
158409d7af7SAndreas Gohr  // check if action is disabled
159409d7af7SAndreas Gohr  if(!actionOK($act)){
160409d7af7SAndreas Gohr    msg('Command disabled: '.htmlspecialchars($act),-1);
161409d7af7SAndreas Gohr    return 'show';
162409d7af7SAndreas Gohr  }
163409d7af7SAndreas Gohr
16460e6b550SAndreas Gohr  //disable all acl related commands if ACL is disabled
16560e6b550SAndreas Gohr  if(!$conf['useacl'] && in_array($act,array('login','logout','register','admin',
16660e6b550SAndreas Gohr                                             'subscribe','unsubscribe','profile',
16760e6b550SAndreas Gohr                                             'resendpwd',))){
16860e6b550SAndreas Gohr    msg('Command unavailable: '.htmlspecialchars($act),-1);
16960e6b550SAndreas Gohr    return 'show';
17060e6b550SAndreas Gohr  }
17160e6b550SAndreas Gohr
172ee4c4a1bSAndreas Gohr  if(!in_array($act,array('login','logout','register','save','edit','draft',
173ac83b9d8Sandi                          'preview','search','show','check','index','revisions',
1741380fc45SAndreas Gohr                          'diff','recent','backlink','admin','subscribe',
175ee4c4a1bSAndreas Gohr                          'unsubscribe','profile','resendpwd','recover',
176ee4c4a1bSAndreas Gohr                          'draftdel',)) && substr($act,0,7) != 'export_' ) {
177ee4c4a1bSAndreas Gohr    msg('Command unknown: '.htmlspecialchars($act),-1);
178af182434Sandi    return 'show';
179af182434Sandi  }
180af182434Sandi  return $act;
181af182434Sandi}
182af182434Sandi
183af182434Sandi/**
1846b13307fSandi * Run permissionchecks
1856b13307fSandi *
1866b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
1876b13307fSandi */
1886b13307fSandifunction act_permcheck($act){
189dbbc6aa7Sandi  global $INFO;
1905e199953Smatthiasgrimm  global $conf;
191dbbc6aa7Sandi
192ee4c4a1bSAndreas Gohr  if(in_array($act,array('save','preview','edit','recover'))){
1936b13307fSandi    if($INFO['exists']){
194bdbc16bfSandi      if($act == 'edit'){
195bdbc16bfSandi        //the edit function will check again and do a source show
196bdbc16bfSandi        //when no AUTH_EDIT available
197bdbc16bfSandi        $permneed = AUTH_READ;
198bdbc16bfSandi      }else{
1996b13307fSandi        $permneed = AUTH_EDIT;
200bdbc16bfSandi      }
2016b13307fSandi    }else{
2026b13307fSandi      $permneed = AUTH_CREATE;
2036b13307fSandi    }
2048b06d178Schris  }elseif(in_array($act,array('login','search','recent','profile'))){
2056b13307fSandi    $permneed = AUTH_NONE;
2065e199953Smatthiasgrimm  }elseif($act == 'register'){
2075e199953Smatthiasgrimm    $permneed = AUTH_NONE;
208ebd3d9ceSchris  }elseif($act == 'resendpwd'){
209ebd3d9ceSchris    $permneed = AUTH_NONE;
210c19fe9c0Sandi  }elseif($act == 'admin'){
211c19fe9c0Sandi    $permneed = AUTH_ADMIN;
2126b13307fSandi  }else{
2136b13307fSandi    $permneed = AUTH_READ;
2146b13307fSandi  }
215dbbc6aa7Sandi  if($INFO['perm'] >= $permneed) return $act;
216dbbc6aa7Sandi
2176b13307fSandi  return 'denied';
2186b13307fSandi}
2196b13307fSandi
2206b13307fSandi/**
221ee4c4a1bSAndreas Gohr * Handle 'draftdel'
222ee4c4a1bSAndreas Gohr *
223ee4c4a1bSAndreas Gohr * Deletes the draft for the current page and user
224ee4c4a1bSAndreas Gohr */
225ee4c4a1bSAndreas Gohrfunction act_draftdel($act){
226ee4c4a1bSAndreas Gohr  global $INFO;
227ee4c4a1bSAndreas Gohr  @unlink($INFO['draft']);
228ee4c4a1bSAndreas Gohr  $INFO['draft'] = null;
229ee4c4a1bSAndreas Gohr  return 'show';
230ee4c4a1bSAndreas Gohr}
231ee4c4a1bSAndreas Gohr
232ee4c4a1bSAndreas Gohr/**
233ee4c4a1bSAndreas Gohr * Saves a draft on preview
234ee4c4a1bSAndreas Gohr *
235ee4c4a1bSAndreas Gohr * @todo this currently duplicates code from ajax.php :-/
236ee4c4a1bSAndreas Gohr */
237ee4c4a1bSAndreas Gohrfunction act_draftsave($act){
238ee4c4a1bSAndreas Gohr  global $INFO;
239ee4c4a1bSAndreas Gohr  global $ID;
240ee4c4a1bSAndreas Gohr  global $conf;
241ee4c4a1bSAndreas Gohr  if($conf['usedraft'] && $_POST['wikitext']){
242ee4c4a1bSAndreas Gohr    $draft = array('id'     => $ID,
243ee4c4a1bSAndreas Gohr                   'prefix' => $_POST['prefix'],
244ee4c4a1bSAndreas Gohr                   'text'   => $_POST['wikitext'],
245ee4c4a1bSAndreas Gohr                   'suffix' => $_POST['suffix'],
246ee4c4a1bSAndreas Gohr                   'date'   => $_POST['date'],
247ee4c4a1bSAndreas Gohr                   'client' => $INFO['client'],
248ee4c4a1bSAndreas Gohr                  );
249ee4c4a1bSAndreas Gohr    $cname = getCacheName($draft['client'].$ID,'.draft');
250ee4c4a1bSAndreas Gohr    if(io_saveFile($cname,serialize($draft))){
251ee4c4a1bSAndreas Gohr      $INFO['draft'] = $cname;
252ee4c4a1bSAndreas Gohr    }
253ee4c4a1bSAndreas Gohr  }
254ee4c4a1bSAndreas Gohr  return $act;
255ee4c4a1bSAndreas Gohr}
256ee4c4a1bSAndreas Gohr
257ee4c4a1bSAndreas Gohr/**
2586b13307fSandi * Handle 'save'
2596b13307fSandi *
2606b13307fSandi * Checks for spam and conflicts and saves the page.
2616b13307fSandi * Does a redirect to show the page afterwards or
2626b13307fSandi * returns a new action.
2636b13307fSandi *
2646b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
2656b13307fSandi */
2666b13307fSandifunction act_save($act){
2676b13307fSandi  global $ID;
2686b13307fSandi  global $DATE;
2696b13307fSandi  global $PRE;
2706b13307fSandi  global $TEXT;
2716b13307fSandi  global $SUF;
2726b13307fSandi  global $SUM;
2736b13307fSandi
2746b13307fSandi  //spam check
2756b13307fSandi  if(checkwordblock())
2766b13307fSandi    return 'wordblock';
2776b13307fSandi  //conflict check //FIXME use INFO
2786b13307fSandi  if($DATE != 0 && @filemtime(wikiFN($ID)) > $DATE )
2796b13307fSandi    return 'conflict';
2806b13307fSandi
2816b13307fSandi  //save it
282b6912aeaSAndreas Gohr  saveWikiText($ID,con($PRE,$TEXT,$SUF,1),$SUM,$_REQUEST['minor']); //use pretty mode for con
2836b13307fSandi  //unlock it
2846b13307fSandi  unlock($ID);
2856b13307fSandi
286ee4c4a1bSAndreas Gohr  //delete draft
287ee4c4a1bSAndreas Gohr  act_draftdel($act);
288ee4c4a1bSAndreas Gohr
2896b13307fSandi  //show it
2906b13307fSandi  session_write_close();
2916b13307fSandi  header("Location: ".wl($ID,'',true));
2926b13307fSandi  exit();
2936b13307fSandi}
2946b13307fSandi
2956b13307fSandi/**
296b8957367SBenjamin Gilbert * Handle 'login', 'logout'
2976b13307fSandi *
2986b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
2996b13307fSandi */
3006b13307fSandifunction act_auth($act){
30108eda5bcSmatthiasgrimm  global $ID;
3027cace34dSAndreas Gohr  global $INFO;
30308eda5bcSmatthiasgrimm
3046b13307fSandi  //already logged in?
3056b13307fSandi  if($_SERVER['REMOTE_USER'] && $act=='login')
3066b13307fSandi    return 'show';
3076b13307fSandi
3086b13307fSandi  //handle logout
3096b13307fSandi  if($act=='logout'){
31008eda5bcSmatthiasgrimm    $lockedby = checklock($ID); //page still locked?
311424c3c4fSJohannes Buchner    if($lockedby == $_SERVER['REMOTE_USER'])
31208eda5bcSmatthiasgrimm      unlock($ID); //try to unlock
31308eda5bcSmatthiasgrimm
3147cace34dSAndreas Gohr    // do the logout stuff
3156b13307fSandi    auth_logoff();
3167cace34dSAndreas Gohr
3177cace34dSAndreas Gohr    // rebuild info array
3187cace34dSAndreas Gohr    $INFO = pageinfo();
3197cace34dSAndreas Gohr
3206b13307fSandi    return 'login';
3216b13307fSandi  }
3226b13307fSandi
3236b13307fSandi  return $act;
3246b13307fSandi}
3256b13307fSandi
3266b13307fSandi/**
3276b13307fSandi * Handle 'edit', 'preview'
3286b13307fSandi *
3296b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
3306b13307fSandi */
3316b13307fSandifunction act_edit($act){
332cd409024Sjorda  global $ID;
333ee4c4a1bSAndreas Gohr  global $INFO;
334cd409024Sjorda
3356b13307fSandi  //check if locked by anyone - if not lock for my self
3366b13307fSandi  $lockedby = checklock($ID);
3376b13307fSandi  if($lockedby) return 'locked';
3386b13307fSandi
3396b13307fSandi  lock($ID);
3406b13307fSandi  return $act;
3416b13307fSandi}
3426b13307fSandi
3436b13307fSandi/**
3446b13307fSandi * Handle 'edit', 'preview'
3456b13307fSandi *
3466b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
3476b13307fSandi */
3486b13307fSandifunction act_export($act){
3496b13307fSandi  global $ID;
3506b13307fSandi  global $REV;
3516b13307fSandi
352ac83b9d8Sandi  // no renderer for this
353ac83b9d8Sandi  if($act == 'export_raw'){
354ac83b9d8Sandi    header('Content-Type: text/plain; charset=utf-8');
355ac83b9d8Sandi    print rawWiki($ID,$REV);
356ac83b9d8Sandi    exit;
357ac83b9d8Sandi  }
358ac83b9d8Sandi
359ac83b9d8Sandi  // html export #FIXME what about the template's style?
360ac83b9d8Sandi  if($act == 'export_xhtml'){
36185f8705cSAnika Henke    global $conf;
36285f8705cSAnika Henke    global $lang;
3636b13307fSandi    header('Content-Type: text/html; charset=utf-8');
36485f8705cSAnika Henke    ptln('<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"');
36585f8705cSAnika Henke    ptln(' "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">');
36685f8705cSAnika Henke    ptln('<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="'.$conf['lang'].'"');
36785f8705cSAnika Henke    ptln(' lang="'.$conf['lang'].'" dir="'.$lang['direction'].'">');
3686b13307fSandi    ptln('<head>');
36985f8705cSAnika Henke    ptln('  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />');
37085f8705cSAnika Henke    ptln('  <title>'.$ID.'</title>');
3716b13307fSandi    tpl_metaheaders();
3726b13307fSandi    ptln('</head>');
3736b13307fSandi    ptln('<body>');
3742c5c3308SAndreas Gohr    ptln('<div class="dokuwiki export">');
375ac83b9d8Sandi    print p_wiki_xhtml($ID,$REV,false);
376c771e9edSAnika Henke    ptln('</div>');
3776b13307fSandi    ptln('</body>');
3786b13307fSandi    ptln('</html>');
3796b13307fSandi    exit;
3806b13307fSandi  }
3816b13307fSandi
382cc2ae802SAndreas Gohr  // html body only
383cc2ae802SAndreas Gohr  if($act == 'export_xhtmlbody'){
384cc2ae802SAndreas Gohr    print p_wiki_xhtml($ID,$REV,false);
385cc2ae802SAndreas Gohr    exit;
386cc2ae802SAndreas Gohr  }
387cc2ae802SAndreas Gohr
388ac83b9d8Sandi  // try to run renderer #FIXME use cached instructions
389ac83b9d8Sandi  $mode = substr($act,7);
3909dc2c2afSandi  $text = p_render($mode,p_get_instructions(rawWiki($ID,$REV)),$info);
391ac83b9d8Sandi  if(!is_null($text)){
392ac83b9d8Sandi    print $text;
3936b13307fSandi    exit;
3946b13307fSandi  }
3956b13307fSandi
396ac83b9d8Sandi
397ac83b9d8Sandi
3986b13307fSandi  return 'show';
3996b13307fSandi}
400340756e4Sandi
401b158d625SSteven Danz/**
4021380fc45SAndreas Gohr * Handle 'subscribe', 'unsubscribe'
403b158d625SSteven Danz *
404b158d625SSteven Danz * @author Steven Danz <steven-danz@kc.rr.com>
4051380fc45SAndreas Gohr * @todo   localize
406b158d625SSteven Danz */
4071380fc45SAndreas Gohrfunction act_subscription($act){
408b158d625SSteven Danz  global $ID;
409b158d625SSteven Danz  global $INFO;
410f9eb5648Ssteven-danz  global $lang;
411b158d625SSteven Danz
4121380fc45SAndreas Gohr  $file=metaFN($ID,'.mlist');
4131380fc45SAndreas Gohr  if ($act=='subscribe' && !$INFO['subscribed']){
414b158d625SSteven Danz    if ($INFO['userinfo']['mail']){
4151380fc45SAndreas Gohr      if (io_saveFile($file,$_SERVER['REMOTE_USER']."\n",true)) {
4161380fc45SAndreas Gohr        $INFO['subscribed'] = true;
417f9eb5648Ssteven-danz        msg(sprintf($lang[$act.'_success'], $INFO['userinfo']['name'], $ID),1);
418b158d625SSteven Danz      } else {
419f9eb5648Ssteven-danz        msg(sprintf($lang[$act.'_error'], $INFO['userinfo']['name'], $ID),1);
420b158d625SSteven Danz      }
421b158d625SSteven Danz    } else {
422f9eb5648Ssteven-danz      msg($lang['subscribe_noaddress']);
423b158d625SSteven Danz    }
4241380fc45SAndreas Gohr  } elseif ($act=='unsubscribe' && $INFO['subscribed']){
425b158d625SSteven Danz    if (io_deleteFromFile($file,$_SERVER['REMOTE_USER']."\n")) {
4261380fc45SAndreas Gohr      $INFO['subscribed'] = false;
427f9eb5648Ssteven-danz      msg(sprintf($lang[$act.'_success'], $INFO['userinfo']['name'], $ID),1);
428b158d625SSteven Danz    } else {
429f9eb5648Ssteven-danz      msg(sprintf($lang[$act.'_error'], $INFO['userinfo']['name'], $ID),1);
430b158d625SSteven Danz    }
431b158d625SSteven Danz  }
432b158d625SSteven Danz
433b158d625SSteven Danz  return 'show';
434b158d625SSteven Danz}
435b158d625SSteven Danz
436340756e4Sandi//Setup VIM: ex: et ts=2 enc=utf-8 :
437