xref: /dokuwiki/inc/actions.php (revision ebd3d9ce41d93a81c337b861cbf4d2c2887a37fa) 
16b13307fSandi<?php
26b13307fSandi/**
36b13307fSandi * DokuWiki Actions
46b13307fSandi *
56b13307fSandi * @license    GPL 2 (http://www.gnu.org/licenses/gpl.html)
66b13307fSandi * @author     Andreas Gohr <andi@splitbrain.org>
76b13307fSandi */
86b13307fSandi
96b13307fSandi  if(!defined('DOKU_INC')) define('DOKU_INC',realpath(dirname(__FILE__).'/../').'/');
106b13307fSandi  require_once(DOKU_INC.'inc/template.php');
116b13307fSandi
12af182434Sandi
136b13307fSandi/**
146b13307fSandi * Call the needed action handlers
156b13307fSandi *
166b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
176b13307fSandi */
186b13307fSandifunction act_dispatch(){
196b13307fSandi  global $INFO;
206b13307fSandi  global $ACT;
216b13307fSandi  global $ID;
226b13307fSandi  global $QUERY;
236b13307fSandi  global $lang;
246b13307fSandi  global $conf;
256b13307fSandi
26c2e830f2Schris  // give plugins an opportunity to process the action
2724bb549bSchris  $evt = new Doku_Event('ACTION_ACT_PREPROCESS',$ACT);
2824bb549bSchris  if ($evt->advise_before()) {
29c2e830f2Schris
30af182434Sandi    //sanitize $ACT
31af182434Sandi    $ACT = act_clean($ACT);
32af182434Sandi
33b8957367SBenjamin Gilbert    //check if searchword was given - else just show
340868021bSAndreas Gohr    $s = cleanID($QUERY);
350868021bSAndreas Gohr    if($ACT == 'search' && empty($s)){
36b8957367SBenjamin Gilbert      $ACT = 'show';
37b8957367SBenjamin Gilbert    }
38b8957367SBenjamin Gilbert
39b8957367SBenjamin Gilbert    //login stuff
40b8957367SBenjamin Gilbert    if(in_array($ACT,array('login','logout')))
41b8957367SBenjamin Gilbert      $ACT = act_auth($ACT);
42b8957367SBenjamin Gilbert
431380fc45SAndreas Gohr    //check if user is asking to (un)subscribe a page
441380fc45SAndreas Gohr    if($ACT == 'subscribe' || $ACT == 'unsubscribe')
451380fc45SAndreas Gohr      $ACT = act_subscription($ACT);
46b158d625SSteven Danz
476b13307fSandi    //check permissions
486b13307fSandi    $ACT = act_permcheck($ACT);
496b13307fSandi
50b8957367SBenjamin Gilbert    //register
51b8957367SBenjamin Gilbert    if($ACT == 'register' && register()){
52b8957367SBenjamin Gilbert      $ACT = 'login';
53b8957367SBenjamin Gilbert    }
546b13307fSandi
558b06d178Schris    if ($ACT == 'resendpwd' && act_resendpwd()) {
568b06d178Schris      $ACT = 'login';
578b06d178Schris    }
588b06d178Schris
598b06d178Schris    //update user profile
608b06d178Schris    if (($ACT == 'profile') && updateprofile()) {
614cb79657SMatthias Grimm      msg($lang['profchanged'],1);
624cb79657SMatthias Grimm      $ACT = 'show';
638b06d178Schris    }
648b06d178Schris
656b13307fSandi    //save
666b13307fSandi    if($ACT == 'save')
676b13307fSandi      $ACT = act_save($ACT);
686b13307fSandi
69ee4c4a1bSAndreas Gohr    //draft deletion
70ee4c4a1bSAndreas Gohr    if($ACT == 'draftdel')
71ee4c4a1bSAndreas Gohr      $ACT = act_draftdel($ACT);
72ee4c4a1bSAndreas Gohr
73ee4c4a1bSAndreas Gohr    //draft saving on preview
74ee4c4a1bSAndreas Gohr    if($ACT == 'preview')
75ee4c4a1bSAndreas Gohr      $ACT = act_draftsave($ACT);
76ee4c4a1bSAndreas Gohr
776b13307fSandi    //edit
78b146b32bSandi    if(($ACT == 'edit' || $ACT == 'preview') && $INFO['editable']){
79af182434Sandi      $ACT = act_edit($ACT);
806b13307fSandi    }else{
816b13307fSandi      unlock($ID); //try to unlock
826b13307fSandi    }
836b13307fSandi
846b13307fSandi    //handle export
85ac83b9d8Sandi    if(substr($ACT,0,7) == 'export_')
866b13307fSandi      $ACT = act_export($ACT);
876b13307fSandi
886b13307fSandi    //display some infos
896b13307fSandi    if($ACT == 'check'){
906b13307fSandi      check();
916b13307fSandi      $ACT = 'show';
926b13307fSandi    }
936b13307fSandi
94c19fe9c0Sandi    //handle admin tasks
95c19fe9c0Sandi    if($ACT == 'admin'){
9611e2ce22Schris      // retrieve admin plugin name from $_REQUEST['page']
9711e2ce22Schris      if ($_REQUEST['page']) {
9811e2ce22Schris          $pluginlist = plugin_list('admin');
9911e2ce22Schris          if (in_array($_REQUEST['page'], $pluginlist)) {
10011e2ce22Schris            // attempt to load the plugin
10111e2ce22Schris            if ($plugin =& plugin_load('admin',$_REQUEST['page']) !== NULL)
10211e2ce22Schris                $plugin->handle();
10311e2ce22Schris          }
10411e2ce22Schris      }
105c19fe9c0Sandi    }
10624bb549bSchris  }  // end event ACTION_ACT_PREPROCESS default action
10724bb549bSchris  $evt->advise_after();
10824bb549bSchris  unset($evt);
109c19fe9c0Sandi
1106b13307fSandi  //call template FIXME: all needed vars available?
111f63a2007Schris  $headers[] = 'Content-Type: text/html; charset=utf-8';
11224bb549bSchris  trigger_event('ACTION_HEADERS_SEND',$headers,act_sendheaders);
113f63a2007Schris
1145a892029SAndreas Gohr  include(template('main.php'));
115c19fe9c0Sandi  // output for the commands is now handled in inc/templates.php
116c19fe9c0Sandi  // in function tpl_content()
1176b13307fSandi}
1186b13307fSandi
119f63a2007Schrisfunction act_sendheaders($headers) {
120f63a2007Schris  foreach ($headers as $hdr) header($hdr);
121f63a2007Schris}
122f63a2007Schris
1236b13307fSandi/**
124af182434Sandi * Sanitize the action command
125af182434Sandi *
126af182434Sandi * Add all allowed commands here.
127af182434Sandi *
128af182434Sandi * @author Andreas Gohr <andi@splitbrain.org>
129af182434Sandi */
130af182434Sandifunction act_clean($act){
131af182434Sandi  global $lang;
13260e6b550SAndreas Gohr  global $conf;
133af182434Sandi
134ee4c4a1bSAndreas Gohr  // check if the action was given as array key
135ee4c4a1bSAndreas Gohr  if(is_array($act)){
136ee4c4a1bSAndreas Gohr    list($act) = array_keys($act);
137ee4c4a1bSAndreas Gohr  }
138ee4c4a1bSAndreas Gohr
139cf81b04aSandi  //handle localized buttons
140cf81b04aSandi  if($act == $lang['btn_save'])     $act = 'save';
141cf81b04aSandi  if($act == $lang['btn_preview'])  $act = 'preview';
142cf81b04aSandi  if($act == $lang['btn_cancel'])   $act = 'show';
143ee4c4a1bSAndreas Gohr  if($act == $lang['btn_recover'])  $act = 'recover';
144ee4c4a1bSAndreas Gohr  if($act == $lang['btn_draftdel']) $act = 'draftdel';
145ee4c4a1bSAndreas Gohr
146cf81b04aSandi
147ac83b9d8Sandi  //remove all bad chars
148ac83b9d8Sandi  $act = strtolower($act);
149ac83b9d8Sandi  $act = preg_replace('/[^a-z_]+/','',$act);
150ac83b9d8Sandi
151ac83b9d8Sandi  if($act == 'export_html') $act = 'export_xhtml';
152cc2ae802SAndreas Gohr  if($act == 'export_htmlbody') $act = 'export_xhtmlbody';
153b146b32bSandi
15460e6b550SAndreas Gohr  //disable all acl related commands if ACL is disabled
15560e6b550SAndreas Gohr  if(!$conf['useacl'] && in_array($act,array('login','logout','register','admin',
15660e6b550SAndreas Gohr                                             'subscribe','unsubscribe','profile',
15760e6b550SAndreas Gohr                                             'resendpwd',))){
15860e6b550SAndreas Gohr    msg('Command unavailable: '.htmlspecialchars($act),-1);
15960e6b550SAndreas Gohr    return 'show';
16060e6b550SAndreas Gohr  }
16160e6b550SAndreas Gohr
162ee4c4a1bSAndreas Gohr  if(!in_array($act,array('login','logout','register','save','edit','draft',
163ac83b9d8Sandi                          'preview','search','show','check','index','revisions',
1641380fc45SAndreas Gohr                          'diff','recent','backlink','admin','subscribe',
165ee4c4a1bSAndreas Gohr                          'unsubscribe','profile','resendpwd','recover',
166ee4c4a1bSAndreas Gohr                          'draftdel',)) && substr($act,0,7) != 'export_' ) {
167ee4c4a1bSAndreas Gohr    msg('Command unknown: '.htmlspecialchars($act),-1);
168af182434Sandi    return 'show';
169af182434Sandi  }
170af182434Sandi  return $act;
171af182434Sandi}
172af182434Sandi
173af182434Sandi/**
1746b13307fSandi * Run permissionchecks
1756b13307fSandi *
1766b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
1776b13307fSandi */
1786b13307fSandifunction act_permcheck($act){
179dbbc6aa7Sandi  global $INFO;
1805e199953Smatthiasgrimm  global $conf;
181dbbc6aa7Sandi
182ee4c4a1bSAndreas Gohr  if(in_array($act,array('save','preview','edit','recover'))){
1836b13307fSandi    if($INFO['exists']){
184bdbc16bfSandi      if($act == 'edit'){
185bdbc16bfSandi        //the edit function will check again and do a source show
186bdbc16bfSandi        //when no AUTH_EDIT available
187bdbc16bfSandi        $permneed = AUTH_READ;
188bdbc16bfSandi      }else{
1896b13307fSandi        $permneed = AUTH_EDIT;
190bdbc16bfSandi      }
1916b13307fSandi    }else{
1926b13307fSandi      $permneed = AUTH_CREATE;
1936b13307fSandi    }
1948b06d178Schris  }elseif(in_array($act,array('login','search','recent','profile'))){
1956b13307fSandi    $permneed = AUTH_NONE;
1965e199953Smatthiasgrimm  }elseif($act == 'register'){
197e1fcbe1eSandi    if ($conf['openregister']){
1985e199953Smatthiasgrimm      $permneed = AUTH_NONE;
199e1fcbe1eSandi    }else{
200e1fcbe1eSandi      $permneed = AUTH_ADMIN;
201e1fcbe1eSandi    }
202*ebd3d9ceSchris  }elseif($act == 'resendpwd'){
203*ebd3d9ceSchris    if ($conf['resendpasswd']) {
204*ebd3d9ceSchris      $permneed = AUTH_NONE;
205*ebd3d9ceSchris    }else{
206*ebd3d9ceSchris      $permneed = AUTH_ADMIN+1; // shouldn't get here if $conf['resendpasswd'] is off
207*ebd3d9ceSchris    }
208c19fe9c0Sandi  }elseif($act == 'admin'){
209c19fe9c0Sandi    $permneed = AUTH_ADMIN;
2106b13307fSandi  }else{
2116b13307fSandi    $permneed = AUTH_READ;
2126b13307fSandi  }
213dbbc6aa7Sandi  if($INFO['perm'] >= $permneed) return $act;
214dbbc6aa7Sandi
2156b13307fSandi  return 'denied';
2166b13307fSandi}
2176b13307fSandi
2186b13307fSandi/**
219ee4c4a1bSAndreas Gohr * Handle 'draftdel'
220ee4c4a1bSAndreas Gohr *
221ee4c4a1bSAndreas Gohr * Deletes the draft for the current page and user
222ee4c4a1bSAndreas Gohr */
223ee4c4a1bSAndreas Gohrfunction act_draftdel($act){
224ee4c4a1bSAndreas Gohr  global $INFO;
225ee4c4a1bSAndreas Gohr  @unlink($INFO['draft']);
226ee4c4a1bSAndreas Gohr  $INFO['draft'] = null;
227ee4c4a1bSAndreas Gohr  return 'show';
228ee4c4a1bSAndreas Gohr}
229ee4c4a1bSAndreas Gohr
230ee4c4a1bSAndreas Gohr/**
231ee4c4a1bSAndreas Gohr * Saves a draft on preview
232ee4c4a1bSAndreas Gohr *
233ee4c4a1bSAndreas Gohr * @todo this currently duplicates code from ajax.php :-/
234ee4c4a1bSAndreas Gohr */
235ee4c4a1bSAndreas Gohrfunction act_draftsave($act){
236ee4c4a1bSAndreas Gohr  global $INFO;
237ee4c4a1bSAndreas Gohr  global $ID;
238ee4c4a1bSAndreas Gohr  global $conf;
239ee4c4a1bSAndreas Gohr  if($conf['usedraft'] && $_POST['wikitext']){
240ee4c4a1bSAndreas Gohr    $draft = array('id'     => $ID,
241ee4c4a1bSAndreas Gohr                   'prefix' => $_POST['prefix'],
242ee4c4a1bSAndreas Gohr                   'text'   => $_POST['wikitext'],
243ee4c4a1bSAndreas Gohr                   'suffix' => $_POST['suffix'],
244ee4c4a1bSAndreas Gohr                   'date'   => $_POST['date'],
245ee4c4a1bSAndreas Gohr                   'client' => $INFO['client'],
246ee4c4a1bSAndreas Gohr                  );
247ee4c4a1bSAndreas Gohr    $cname = getCacheName($draft['client'].$ID,'.draft');
248ee4c4a1bSAndreas Gohr    if(io_saveFile($cname,serialize($draft))){
249ee4c4a1bSAndreas Gohr      $INFO['draft'] = $cname;
250ee4c4a1bSAndreas Gohr    }
251ee4c4a1bSAndreas Gohr  }
252ee4c4a1bSAndreas Gohr  return $act;
253ee4c4a1bSAndreas Gohr}
254ee4c4a1bSAndreas Gohr
255ee4c4a1bSAndreas Gohr/**
2566b13307fSandi * Handle 'save'
2576b13307fSandi *
2586b13307fSandi * Checks for spam and conflicts and saves the page.
2596b13307fSandi * Does a redirect to show the page afterwards or
2606b13307fSandi * returns a new action.
2616b13307fSandi *
2626b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
2636b13307fSandi */
2646b13307fSandifunction act_save($act){
2656b13307fSandi  global $ID;
2666b13307fSandi  global $DATE;
2676b13307fSandi  global $PRE;
2686b13307fSandi  global $TEXT;
2696b13307fSandi  global $SUF;
2706b13307fSandi  global $SUM;
2716b13307fSandi
2726b13307fSandi  //spam check
2736b13307fSandi  if(checkwordblock())
2746b13307fSandi    return 'wordblock';
2756b13307fSandi  //conflict check //FIXME use INFO
2766b13307fSandi  if($DATE != 0 && @filemtime(wikiFN($ID)) > $DATE )
2776b13307fSandi    return 'conflict';
2786b13307fSandi
2796b13307fSandi  //save it
280b6912aeaSAndreas Gohr  saveWikiText($ID,con($PRE,$TEXT,$SUF,1),$SUM,$_REQUEST['minor']); //use pretty mode for con
2816b13307fSandi  //unlock it
2826b13307fSandi  unlock($ID);
2836b13307fSandi
284ee4c4a1bSAndreas Gohr  //delete draft
285ee4c4a1bSAndreas Gohr  act_draftdel($act);
286ee4c4a1bSAndreas Gohr
2876b13307fSandi  //show it
2886b13307fSandi  session_write_close();
2896b13307fSandi  header("Location: ".wl($ID,'',true));
2906b13307fSandi  exit();
2916b13307fSandi}
2926b13307fSandi
2936b13307fSandi/**
294b8957367SBenjamin Gilbert * Handle 'login', 'logout'
2956b13307fSandi *
2966b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
2976b13307fSandi */
2986b13307fSandifunction act_auth($act){
29908eda5bcSmatthiasgrimm  global $ID;
3007cace34dSAndreas Gohr  global $INFO;
30108eda5bcSmatthiasgrimm
3026b13307fSandi  //already logged in?
3036b13307fSandi  if($_SERVER['REMOTE_USER'] && $act=='login')
3046b13307fSandi    return 'show';
3056b13307fSandi
3066b13307fSandi  //handle logout
3076b13307fSandi  if($act=='logout'){
30808eda5bcSmatthiasgrimm    $lockedby = checklock($ID); //page still locked?
309424c3c4fSJohannes Buchner    if($lockedby == $_SERVER['REMOTE_USER'])
31008eda5bcSmatthiasgrimm      unlock($ID); //try to unlock
31108eda5bcSmatthiasgrimm
3127cace34dSAndreas Gohr    // do the logout stuff
3136b13307fSandi    auth_logoff();
3147cace34dSAndreas Gohr
3157cace34dSAndreas Gohr    // rebuild info array
3167cace34dSAndreas Gohr    $INFO = pageinfo();
3177cace34dSAndreas Gohr
3186b13307fSandi    return 'login';
3196b13307fSandi  }
3206b13307fSandi
3216b13307fSandi  return $act;
3226b13307fSandi}
3236b13307fSandi
3246b13307fSandi/**
3256b13307fSandi * Handle 'edit', 'preview'
3266b13307fSandi *
3276b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
3286b13307fSandi */
3296b13307fSandifunction act_edit($act){
330cd409024Sjorda  global $ID;
331ee4c4a1bSAndreas Gohr  global $INFO;
332cd409024Sjorda
3336b13307fSandi  //check if locked by anyone - if not lock for my self
3346b13307fSandi  $lockedby = checklock($ID);
3356b13307fSandi  if($lockedby) return 'locked';
3366b13307fSandi
3376b13307fSandi  lock($ID);
3386b13307fSandi  return $act;
3396b13307fSandi}
3406b13307fSandi
3416b13307fSandi/**
3426b13307fSandi * Handle 'edit', 'preview'
3436b13307fSandi *
3446b13307fSandi * @author Andreas Gohr <andi@splitbrain.org>
3456b13307fSandi */
3466b13307fSandifunction act_export($act){
3476b13307fSandi  global $ID;
3486b13307fSandi  global $REV;
3496b13307fSandi
350ac83b9d8Sandi  // no renderer for this
351ac83b9d8Sandi  if($act == 'export_raw'){
352ac83b9d8Sandi    header('Content-Type: text/plain; charset=utf-8');
353ac83b9d8Sandi    print rawWiki($ID,$REV);
354ac83b9d8Sandi    exit;
355ac83b9d8Sandi  }
356ac83b9d8Sandi
357ac83b9d8Sandi  // html export #FIXME what about the template's style?
358ac83b9d8Sandi  if($act == 'export_xhtml'){
35985f8705cSAnika Henke    global $conf;
36085f8705cSAnika Henke    global $lang;
3616b13307fSandi    header('Content-Type: text/html; charset=utf-8');
36285f8705cSAnika Henke    ptln('<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"');
36385f8705cSAnika Henke    ptln(' "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">');
36485f8705cSAnika Henke    ptln('<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="'.$conf['lang'].'"');
36585f8705cSAnika Henke    ptln(' lang="'.$conf['lang'].'" dir="'.$lang['direction'].'">');
3666b13307fSandi    ptln('<head>');
36785f8705cSAnika Henke    ptln('  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />');
36885f8705cSAnika Henke    ptln('  <title>'.$ID.'</title>');
3696b13307fSandi    tpl_metaheaders();
3706b13307fSandi    ptln('</head>');
3716b13307fSandi    ptln('<body>');
3722c5c3308SAndreas Gohr    ptln('<div class="dokuwiki export">');
373ac83b9d8Sandi    print p_wiki_xhtml($ID,$REV,false);
374c771e9edSAnika Henke    ptln('</div>');
3756b13307fSandi    ptln('</body>');
3766b13307fSandi    ptln('</html>');
3776b13307fSandi    exit;
3786b13307fSandi  }
3796b13307fSandi
380cc2ae802SAndreas Gohr  // html body only
381cc2ae802SAndreas Gohr  if($act == 'export_xhtmlbody'){
382cc2ae802SAndreas Gohr    print p_wiki_xhtml($ID,$REV,false);
383cc2ae802SAndreas Gohr    exit;
384cc2ae802SAndreas Gohr  }
385cc2ae802SAndreas Gohr
386ac83b9d8Sandi  // try to run renderer #FIXME use cached instructions
387ac83b9d8Sandi  $mode = substr($act,7);
3889dc2c2afSandi  $text = p_render($mode,p_get_instructions(rawWiki($ID,$REV)),$info);
389ac83b9d8Sandi  if(!is_null($text)){
390ac83b9d8Sandi    print $text;
3916b13307fSandi    exit;
3926b13307fSandi  }
3936b13307fSandi
394ac83b9d8Sandi
395ac83b9d8Sandi
3966b13307fSandi  return 'show';
3976b13307fSandi}
398340756e4Sandi
399b158d625SSteven Danz/**
4001380fc45SAndreas Gohr * Handle 'subscribe', 'unsubscribe'
401b158d625SSteven Danz *
402b158d625SSteven Danz * @author Steven Danz <steven-danz@kc.rr.com>
4031380fc45SAndreas Gohr * @todo   localize
404b158d625SSteven Danz */
4051380fc45SAndreas Gohrfunction act_subscription($act){
406b158d625SSteven Danz  global $ID;
407b158d625SSteven Danz  global $INFO;
408f9eb5648Ssteven-danz  global $lang;
409b158d625SSteven Danz
4101380fc45SAndreas Gohr  $file=metaFN($ID,'.mlist');
4111380fc45SAndreas Gohr  if ($act=='subscribe' && !$INFO['subscribed']){
412b158d625SSteven Danz    if ($INFO['userinfo']['mail']){
4131380fc45SAndreas Gohr      if (io_saveFile($file,$_SERVER['REMOTE_USER']."\n",true)) {
4141380fc45SAndreas Gohr        $INFO['subscribed'] = true;
415f9eb5648Ssteven-danz        msg(sprintf($lang[$act.'_success'], $INFO['userinfo']['name'], $ID),1);
416b158d625SSteven Danz      } else {
417f9eb5648Ssteven-danz        msg(sprintf($lang[$act.'_error'], $INFO['userinfo']['name'], $ID),1);
418b158d625SSteven Danz      }
419b158d625SSteven Danz    } else {
420f9eb5648Ssteven-danz      msg($lang['subscribe_noaddress']);
421b158d625SSteven Danz    }
4221380fc45SAndreas Gohr  } elseif ($act=='unsubscribe' && $INFO['subscribed']){
423b158d625SSteven Danz    if (io_deleteFromFile($file,$_SERVER['REMOTE_USER']."\n")) {
4241380fc45SAndreas Gohr      $INFO['subscribed'] = false;
425f9eb5648Ssteven-danz      msg(sprintf($lang[$act.'_success'], $INFO['userinfo']['name'], $ID),1);
426b158d625SSteven Danz    } else {
427f9eb5648Ssteven-danz      msg(sprintf($lang[$act.'_error'], $INFO['userinfo']['name'], $ID),1);
428b158d625SSteven Danz    }
429b158d625SSteven Danz  }
430b158d625SSteven Danz
431b158d625SSteven Danz  return 'show';
432b158d625SSteven Danz}
433b158d625SSteven Danz
434340756e4Sandi//Setup VIM: ex: et ts=2 enc=utf-8 :