1<?php 2/** 3 * DokuWiki Actions 4 * 5 * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) 6 * @author Andreas Gohr <andi@splitbrain.org> 7 */ 8 9 if(!defined('DOKU_INC')) define('DOKU_INC',realpath(dirname(__FILE__).'/../').'/'); 10 require_once(DOKU_INC.'inc/template.php'); 11 12 13/** 14 * Call the needed action handlers 15 * 16 * @author Andreas Gohr <andi@splitbrain.org> 17 */ 18function act_dispatch(){ 19 global $INFO; 20 global $ACT; 21 global $ID; 22 global $QUERY; 23 global $lang; 24 global $conf; 25 26 //sanitize $ACT 27 $ACT = act_clean($ACT); 28 29 //check permissions 30 $ACT = act_permcheck($ACT); 31 32 //login stuff 33 if(in_array($ACT,array('login','logout','register'))) 34 $ACT = act_auth($ACT); 35 36 //save 37 if($ACT == 'save') 38 $ACT = act_save($ACT); 39 40 //edit 41 if(($ACT == 'edit' || $ACT == 'preview') && $INFO['editable']){ 42 $ACT = act_edit($ACT); 43 }else{ 44 unlock($ID); //try to unlock 45 } 46 47 //handle export 48 if(substr($ACT,0,7) == 'export_') 49 $ACT = act_export($ACT); 50 51 //display some infos 52 if($ACT == 'check'){ 53 check(); 54 $ACT = 'show'; 55 } 56 57 //check if searchword was given - else just show 58 if($ACT == 'search' && empty($QUERY)){ 59 $ACT = 'show'; 60 } 61 62 //handle admin tasks 63 if($ACT == 'admin'){ 64 if($_REQUEST['page'] == 'acl'){ 65 require_once(DOKU_INC.'inc/admin_acl.php'); 66 admin_acl_handler(); 67 } 68 } 69 70 //call template FIXME: all needed vars available? 71 header('Content-Type: text/html; charset=utf-8'); 72 include(DOKU_INC.'lib/tpl/'.$conf['template'].'/main.php'); 73 // output for the commands is now handled in inc/templates.php 74 // in function tpl_content() 75} 76 77/** 78 * Sanitize the action command 79 * 80 * Add all allowed commands here. 81 * 82 * @author Andreas Gohr <andi@splitbrain.org> 83 */ 84function act_clean($act){ 85 global $lang; 86 87 //handle localized buttons 88 if($act == $lang['btn_save']) $act = 'save'; 89 if($act == $lang['btn_preview']) $act = 'preview'; 90 if($act == $lang['btn_cancel']) $act = 'show'; 91 92 //remove all bad chars 93 $act = strtolower($act); 94 $act = preg_replace('/[^a-z_]+/','',$act); 95 96 if($act == 'export_html') $act = 'export_xhtml'; 97 98 if(array_search($act,array('login','logout','register','save','edit', 99 'preview','search','show','check','index','revisions', 100 'diff','recent','backlink','admin',)) === false 101 && substr($act,0,7) != 'export_' ) { 102 msg('Unknown command: '.htmlspecialchars($act),-1); 103 return 'show'; 104 } 105 return $act; 106} 107 108/** 109 * Run permissionchecks 110 * 111 * @author Andreas Gohr <andi@splitbrain.org> 112 */ 113function act_permcheck($act){ 114 global $INFO; 115 global $conf; 116 117 if(in_array($act,array('save','preview','edit'))){ 118 if($INFO['exists']){ 119 if($act == 'edit'){ 120 //the edit function will check again and do a source show 121 //when no AUTH_EDIT available 122 $permneed = AUTH_READ; 123 }else{ 124 $permneed = AUTH_EDIT; 125 } 126 }else{ 127 $permneed = AUTH_CREATE; 128 } 129 }elseif(in_array($act,array('login','search','recent'))){ 130 $permneed = AUTH_NONE; 131 }elseif($act == 'register'){ 132 if ($conf['openregister']){ 133 $permneed = AUTH_NONE; 134 }else{ 135 $permneed = AUTH_ADMIN; 136 } 137 }elseif($act == 'admin'){ 138 $permneed = AUTH_ADMIN; 139 }else{ 140 $permneed = AUTH_READ; 141 } 142 if($INFO['perm'] >= $permneed) return $act; 143 144 return 'denied'; 145} 146 147/** 148 * Handle 'save' 149 * 150 * Checks for spam and conflicts and saves the page. 151 * Does a redirect to show the page afterwards or 152 * returns a new action. 153 * 154 * @author Andreas Gohr <andi@splitbrain.org> 155 */ 156function act_save($act){ 157 global $ID; 158 global $DATE; 159 global $PRE; 160 global $TEXT; 161 global $SUF; 162 global $SUM; 163 164 //spam check 165 if(checkwordblock()) 166 return 'wordblock'; 167 //conflict check //FIXME use INFO 168 if($DATE != 0 && @filemtime(wikiFN($ID)) > $DATE ) 169 return 'conflict'; 170 171 //save it 172 saveWikiText($ID,con($PRE,$TEXT,$SUF,1),$SUM); //use pretty mode for con 173 //unlock it 174 unlock($ID); 175 176 //show it 177 session_write_close(); 178 header("Location: ".wl($ID,'',true)); 179 exit(); 180} 181 182/** 183 * Handle 'login', 'logout', 'register' 184 * 185 * @author Andreas Gohr <andi@splitbrain.org> 186 */ 187function act_auth($act){ 188 //already logged in? 189 if($_SERVER['REMOTE_USER'] && $act=='login') 190 return 'show'; 191 192 //handle logout 193 if($act=='logout'){ 194 auth_logoff(); 195 return 'login'; 196 } 197 198 //handle register 199 if($act=='register' && register()){ 200 return 'login'; 201 } 202 203 return $act; 204} 205 206/** 207 * Handle 'edit', 'preview' 208 * 209 * @author Andreas Gohr <andi@splitbrain.org> 210 */ 211function act_edit($act){ 212 global $ID; 213 214 //check if locked by anyone - if not lock for my self 215 $lockedby = checklock($ID); 216 if($lockedby) return 'locked'; 217 218 lock($ID); 219 return $act; 220} 221 222/** 223 * Handle 'edit', 'preview' 224 * 225 * @author Andreas Gohr <andi@splitbrain.org> 226 */ 227function act_export($act){ 228 global $ID; 229 global $REV; 230 231 // no renderer for this 232 if($act == 'export_raw'){ 233 header('Content-Type: text/plain; charset=utf-8'); 234 print rawWiki($ID,$REV); 235 exit; 236 } 237 238 // html export #FIXME what about the template's style? 239 if($act == 'export_xhtml'){ 240 header('Content-Type: text/html; charset=utf-8'); 241 ptln('<html>'); 242 ptln('<head>'); 243 tpl_metaheaders(); 244 ptln('</head>'); 245 ptln('<body>'); 246 print p_wiki_xhtml($ID,$REV,false); 247 ptln('</body>'); 248 ptln('</html>'); 249 exit; 250 } 251 252 // try to run renderer #FIXME use cached instructions 253 $mode = substr($act,7); 254 $text = p_render($mode,p_get_instructions(rawWiki($ID,$REV)),$info); 255 if(!is_null($text)){ 256 print $text; 257 exit; 258 } 259 260 261 262 return 'show'; 263} 264 265 266//Setup VIM: ex: et ts=2 enc=utf-8 : 267