16b13307fSandi<?php 26b13307fSandi/** 36b13307fSandi * DokuWiki Actions 46b13307fSandi * 56b13307fSandi * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) 66b13307fSandi * @author Andreas Gohr <andi@splitbrain.org> 76b13307fSandi */ 86b13307fSandi 96b13307fSandi if(!defined('DOKU_INC')) define('DOKU_INC',realpath(dirname(__FILE__).'/../').'/'); 106b13307fSandi require_once(DOKU_INC.'inc/template.php'); 116b13307fSandi 12af182434Sandi 136b13307fSandi/** 146b13307fSandi * Call the needed action handlers 156b13307fSandi * 166b13307fSandi * @author Andreas Gohr <andi@splitbrain.org> 176b13307fSandi */ 186b13307fSandifunction act_dispatch(){ 196b13307fSandi global $INFO; 206b13307fSandi global $ACT; 216b13307fSandi global $ID; 226b13307fSandi global $QUERY; 236b13307fSandi global $lang; 246b13307fSandi global $conf; 256b13307fSandi 26af182434Sandi //sanitize $ACT 27af182434Sandi $ACT = act_clean($ACT); 28af182434Sandi 296b13307fSandi //check permissions 306b13307fSandi $ACT = act_permcheck($ACT); 316b13307fSandi 326b13307fSandi //login stuff 336b13307fSandi if(in_array($ACT,array('login','logout','register'))) 346b13307fSandi $ACT = act_login($ACT); 356b13307fSandi 366b13307fSandi //save 376b13307fSandi if($ACT == 'save') 386b13307fSandi $ACT = act_save($ACT); 396b13307fSandi 406b13307fSandi //edit 41b146b32bSandi if(($ACT == 'edit' || $ACT == 'preview') && $INFO['editable']){ 42af182434Sandi $ACT = act_edit($ACT); 436b13307fSandi }else{ 446b13307fSandi unlock($ID); //try to unlock 456b13307fSandi } 466b13307fSandi 476b13307fSandi //handle export 486b13307fSandi if(substr($ACT,0,6) == 'export') 496b13307fSandi $ACT = act_export($ACT); 506b13307fSandi 516b13307fSandi //display some infos 526b13307fSandi if($ACT == 'check'){ 536b13307fSandi check(); 546b13307fSandi $ACT = 'show'; 556b13307fSandi } 566b13307fSandi 576b13307fSandi //check if searchword was given - else just show 586b13307fSandi if($ACT == 'search' && empty($QUERY)){ 596b13307fSandi $ACT = 'show'; 606b13307fSandi } 616b13307fSandi 62*c19fe9c0Sandi //handle admin tasks 63*c19fe9c0Sandi if($ACT == 'admin'){ 64*c19fe9c0Sandi if($_REQUEST['page'] == 'acl'){ 65*c19fe9c0Sandi require_once(DOKU_INC.'inc/admin_acl.php'); 66*c19fe9c0Sandi admin_acl_handler(); 67*c19fe9c0Sandi } 68*c19fe9c0Sandi } 69*c19fe9c0Sandi 706b13307fSandi //call template FIXME: all needed vars available? 716b13307fSandi header('Content-Type: text/html; charset=utf-8'); 726b13307fSandi include(DOKU_INC.'tpl/'.$conf['template'].'/main.php'); 73*c19fe9c0Sandi // output for the commands is now handled in inc/templates.php 74*c19fe9c0Sandi // in function tpl_content() 756b13307fSandi} 766b13307fSandi 776b13307fSandi/** 78af182434Sandi * Sanitize the action command 79af182434Sandi * 80af182434Sandi * Add all allowed commands here. 81af182434Sandi * 82af182434Sandi * @author Andreas Gohr <andi@splitbrain.org> 83af182434Sandi */ 84af182434Sandifunction act_clean($act){ 85af182434Sandi global $lang; 86af182434Sandi global $conf; 87af182434Sandi 88af182434Sandi if($act == 'register' && !$conf['openregister']) 89af182434Sandi return 'show'; 90af182434Sandi 91b146b32bSandi if($act == $lang['btn_save']) $act = 'save'; 92b146b32bSandi if($act == $lang['btn_preview']) $act = 'preview'; 93b146b32bSandi $act = strtolower($act); 94b146b32bSandi 95af182434Sandi if(!array_search($act,array('login','logout','register','save','edit', 96b146b32bSandi 'preview','export_raw','export_html', 97af182434Sandi 'search','show','check','index','revisions', 98*c19fe9c0Sandi 'diff','recent','backlink','admin',))){ 99b146b32bSandi msg('Unknown command: '.htmlspecialchars($act),-1); 100af182434Sandi return 'show'; 101af182434Sandi } 102af182434Sandi return $act; 103af182434Sandi} 104af182434Sandi 105af182434Sandi/** 1066b13307fSandi * Run permissionchecks 1076b13307fSandi * 1086b13307fSandi * @author Andreas Gohr <andi@splitbrain.org> 1096b13307fSandi */ 1106b13307fSandifunction act_permcheck($act){ 111dbbc6aa7Sandi global $INFO; 112dbbc6aa7Sandi 1136b13307fSandi if(in_array($act,array('save','preview','edit'))){ 1146b13307fSandi if($INFO['exists']){ 1156b13307fSandi $permneed = AUTH_EDIT; 1166b13307fSandi }else{ 1176b13307fSandi $permneed = AUTH_CREATE; 1186b13307fSandi } 1196b13307fSandi }elseif(in_array($act,array('login','register','search','recent'))){ 1206b13307fSandi $permneed = AUTH_NONE; 121*c19fe9c0Sandi }elseif($act == 'admin'){ 122*c19fe9c0Sandi $permneed = AUTH_ADMIN; 1236b13307fSandi }else{ 1246b13307fSandi $permneed = AUTH_READ; 1256b13307fSandi } 126dbbc6aa7Sandi if($INFO['perm'] >= $permneed) return $act; 127dbbc6aa7Sandi 1286b13307fSandi return 'denied'; 1296b13307fSandi} 1306b13307fSandi 1316b13307fSandi/** 1326b13307fSandi * Handle 'save' 1336b13307fSandi * 1346b13307fSandi * Checks for spam and conflicts and saves the page. 1356b13307fSandi * Does a redirect to show the page afterwards or 1366b13307fSandi * returns a new action. 1376b13307fSandi * 1386b13307fSandi * @author Andreas Gohr <andi@splitbrain.org> 1396b13307fSandi */ 1406b13307fSandifunction act_save($act){ 1416b13307fSandi global $ID; 1426b13307fSandi global $DATE; 1436b13307fSandi global $PRE; 1446b13307fSandi global $TEXT; 1456b13307fSandi global $SUF; 1466b13307fSandi global $SUM; 1476b13307fSandi 1486b13307fSandi //spam check 1496b13307fSandi if(checkwordblock()) 1506b13307fSandi return 'wordblock'; 1516b13307fSandi //conflict check //FIXME use INFO 1526b13307fSandi if($DATE != 0 && @filemtime(wikiFN($ID)) > $DATE ) 1536b13307fSandi return 'conflict'; 1546b13307fSandi 1556b13307fSandi //save it 1566b13307fSandi saveWikiText($ID,con($PRE,$TEXT,$SUF,1),$SUM); //use pretty mode for con 1576b13307fSandi //unlock it 1586b13307fSandi unlock($ID); 1596b13307fSandi 1606b13307fSandi //show it 1616b13307fSandi session_write_close(); 1626b13307fSandi header("Location: ".wl($ID,'',true)); 1636b13307fSandi exit(); 1646b13307fSandi} 1656b13307fSandi 1666b13307fSandi/** 1676b13307fSandi * Handle 'login', 'logout', 'register' 1686b13307fSandi * 1696b13307fSandi * @author Andreas Gohr <andi@splitbrain.org> 1706b13307fSandi */ 1716b13307fSandifunction act_auth($act){ 1726b13307fSandi //already logged in? 1736b13307fSandi if($_SERVER['REMOTE_USER'] && $act=='login') 1746b13307fSandi return 'show'; 1756b13307fSandi 1766b13307fSandi //handle logout 1776b13307fSandi if($act=='logout'){ 1786b13307fSandi auth_logoff(); 1796b13307fSandi return 'login'; 1806b13307fSandi } 1816b13307fSandi 1826b13307fSandi //handle register 1836b13307fSandi if($act=='register' && register()){ 1846b13307fSandi $act='login'; 1856b13307fSandi } 1866b13307fSandi 1876b13307fSandi return $act; 1886b13307fSandi} 1896b13307fSandi 1906b13307fSandi/** 1916b13307fSandi * Handle 'edit', 'preview' 1926b13307fSandi * 1936b13307fSandi * @author Andreas Gohr <andi@splitbrain.org> 1946b13307fSandi */ 1956b13307fSandifunction act_edit($act){ 1966b13307fSandi //check if locked by anyone - if not lock for my self 1976b13307fSandi $lockedby = checklock($ID); 1986b13307fSandi if($lockedby) return 'locked'; 1996b13307fSandi 2006b13307fSandi lock($ID); 2016b13307fSandi return $act; 2026b13307fSandi} 2036b13307fSandi 2046b13307fSandi/** 2056b13307fSandi * Handle 'edit', 'preview' 2066b13307fSandi * 2076b13307fSandi * @author Andreas Gohr <andi@splitbrain.org> 2086b13307fSandi */ 2096b13307fSandifunction act_export($act){ 2106b13307fSandi global $ID; 2116b13307fSandi global $REV; 2126b13307fSandi 2136b13307fSandi if($act == 'export_html'){ 2146b13307fSandi header('Content-Type: text/html; charset=utf-8'); 2156b13307fSandi ptln('<html>'); 2166b13307fSandi ptln('<head>'); 2176b13307fSandi tpl_metaheaders(); 2186b13307fSandi ptln('</head>'); 2196b13307fSandi ptln('<body>'); 2206b13307fSandi print parsedWiki($ID,$REV,false); 2216b13307fSandi ptln('</body>'); 2226b13307fSandi ptln('</html>'); 2236b13307fSandi exit; 2246b13307fSandi } 2256b13307fSandi 2266b13307fSandi if($act == 'export_raw'){ 2276b13307fSandi header('Content-Type: text/plain; charset=utf-8'); 2286b13307fSandi print rawWiki($ID,$REV); 2296b13307fSandi exit; 2306b13307fSandi } 2316b13307fSandi 2326b13307fSandi return 'show'; 2336b13307fSandi} 2346b13307fSandi?> 235