1<?php 2/** 3 * DokuWiki Actions 4 * 5 * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) 6 * @author Andreas Gohr <andi@splitbrain.org> 7 */ 8 9 if(!defined('DOKU_INC')) define('DOKU_INC',realpath(dirname(__FILE__).'/../').'/'); 10 require_once(DOKU_INC.'inc/template.php'); 11 12 13/** 14 * Call the needed action handlers 15 * 16 * @author Andreas Gohr <andi@splitbrain.org> 17 */ 18function act_dispatch(){ 19 global $INFO; 20 global $ACT; 21 global $ID; 22 global $QUERY; 23 global $lang; 24 global $conf; 25 26 //sanitize $ACT 27 $ACT = act_clean($ACT); 28 29 //check if searchword was given - else just show 30 if($ACT == 'search' && empty($QUERY)){ 31 $ACT = 'show'; 32 } 33 34 //login stuff 35 if(in_array($ACT,array('login','logout'))) 36 $ACT = act_auth($ACT); 37 38 //check if user is asking to (un)subscribe a page 39 if($ACT == 'subscribe' || $ACT == 'unsubscribe') 40 $ACT = act_subscription($ACT); 41 42 //check permissions 43 $ACT = act_permcheck($ACT); 44 45 //register 46 if($ACT == 'register' && register()){ 47 $ACT = 'login'; 48 } 49 50 if ($ACT == 'resendpwd' && act_resendpwd()) { 51 $ACT = 'login'; 52 } 53 54 //update user profile 55 if (($ACT == 'profile') && updateprofile()) { 56 } 57 58 //save 59 if($ACT == 'save') 60 $ACT = act_save($ACT); 61 62 //edit 63 if(($ACT == 'edit' || $ACT == 'preview') && $INFO['editable']){ 64 $ACT = act_edit($ACT); 65 }else{ 66 unlock($ID); //try to unlock 67 } 68 69 //handle export 70 if(substr($ACT,0,7) == 'export_') 71 $ACT = act_export($ACT); 72 73 //display some infos 74 if($ACT == 'check'){ 75 check(); 76 $ACT = 'show'; 77 } 78 79 //handle admin tasks 80 if($ACT == 'admin'){ 81 // retrieve admin plugin name from $_REQUEST['page'] 82 if ($_REQUEST['page']) { 83 $pluginlist = plugin_list('admin'); 84 if (in_array($_REQUEST['page'], $pluginlist)) { 85 // attempt to load the plugin 86 if ($plugin =& plugin_load('admin',$_REQUEST['page']) !== NULL) 87 $plugin->handle(); 88 } 89 } 90/* 91 if($_REQUEST['page'] == 'acl'){ 92 require_once(DOKU_INC.'inc/admin_acl.php'); 93 admin_acl_handler(); 94 } 95*/ 96 } 97 98 //call template FIXME: all needed vars available? 99 header('Content-Type: text/html; charset=utf-8'); 100 include(template('main.php')); 101 // output for the commands is now handled in inc/templates.php 102 // in function tpl_content() 103} 104 105/** 106 * Sanitize the action command 107 * 108 * Add all allowed commands here. 109 * 110 * @author Andreas Gohr <andi@splitbrain.org> 111 */ 112function act_clean($act){ 113 global $lang; 114 115 //handle localized buttons 116 if($act == $lang['btn_save']) $act = 'save'; 117 if($act == $lang['btn_preview']) $act = 'preview'; 118 if($act == $lang['btn_cancel']) $act = 'show'; 119 120 //remove all bad chars 121 $act = strtolower($act); 122 $act = preg_replace('/[^a-z_]+/','',$act); 123 124 if($act == 'export_html') $act = 'export_xhtml'; 125 126 if(array_search($act,array('login','logout','register','save','edit', 127 'preview','search','show','check','index','revisions', 128 'diff','recent','backlink','admin','subscribe', 129 'unsubscribe','profile','resendpwd',)) === false 130 && substr($act,0,7) != 'export_' ) { 131 msg('Unknown command: '.htmlspecialchars($act),-1); 132 return 'show'; 133 } 134 return $act; 135} 136 137/** 138 * Run permissionchecks 139 * 140 * @author Andreas Gohr <andi@splitbrain.org> 141 */ 142function act_permcheck($act){ 143 global $INFO; 144 global $conf; 145 146 if(in_array($act,array('save','preview','edit'))){ 147 if($INFO['exists']){ 148 if($act == 'edit'){ 149 //the edit function will check again and do a source show 150 //when no AUTH_EDIT available 151 $permneed = AUTH_READ; 152 }else{ 153 $permneed = AUTH_EDIT; 154 } 155 }else{ 156 $permneed = AUTH_CREATE; 157 } 158 }elseif(in_array($act,array('login','search','recent','profile'))){ 159 $permneed = AUTH_NONE; 160 }elseif($act == 'register'){ 161 if ($conf['openregister']){ 162 $permneed = AUTH_NONE; 163 }else{ 164 $permneed = AUTH_ADMIN; 165 } 166 }elseif($act == 'admin'){ 167 $permneed = AUTH_ADMIN; 168 }else{ 169 $permneed = AUTH_READ; 170 } 171 if($INFO['perm'] >= $permneed) return $act; 172 173 return 'denied'; 174} 175 176/** 177 * Handle 'save' 178 * 179 * Checks for spam and conflicts and saves the page. 180 * Does a redirect to show the page afterwards or 181 * returns a new action. 182 * 183 * @author Andreas Gohr <andi@splitbrain.org> 184 */ 185function act_save($act){ 186 global $ID; 187 global $DATE; 188 global $PRE; 189 global $TEXT; 190 global $SUF; 191 global $SUM; 192 193 //spam check 194 if(checkwordblock()) 195 return 'wordblock'; 196 //conflict check //FIXME use INFO 197 if($DATE != 0 && @filemtime(wikiFN($ID)) > $DATE ) 198 return 'conflict'; 199 200 //save it 201 saveWikiText($ID,con($PRE,$TEXT,$SUF,1),$SUM,$_REQUEST['minor']); //use pretty mode for con 202 //unlock it 203 unlock($ID); 204 205 //show it 206 session_write_close(); 207 header("Location: ".wl($ID,'',true)); 208 exit(); 209} 210 211/** 212 * Handle 'login', 'logout' 213 * 214 * @author Andreas Gohr <andi@splitbrain.org> 215 */ 216function act_auth($act){ 217 global $ID; 218 global $INFO; 219 220 //already logged in? 221 if($_SERVER['REMOTE_USER'] && $act=='login') 222 return 'show'; 223 224 //handle logout 225 if($act=='logout'){ 226 $lockedby = checklock($ID); //page still locked? 227 if($lockedby == $_SERVER['REMOTE_USER']) 228 unlock($ID); //try to unlock 229 230 // do the logout stuff 231 auth_logoff(); 232 233 // rebuild info array 234 $INFO = pageinfo(); 235 236 return 'login'; 237 } 238 239 return $act; 240} 241 242/** 243 * Handle 'edit', 'preview' 244 * 245 * @author Andreas Gohr <andi@splitbrain.org> 246 */ 247function act_edit($act){ 248 global $ID; 249 250 //check if locked by anyone - if not lock for my self 251 $lockedby = checklock($ID); 252 if($lockedby) return 'locked'; 253 254 lock($ID); 255 return $act; 256} 257 258/** 259 * Handle 'edit', 'preview' 260 * 261 * @author Andreas Gohr <andi@splitbrain.org> 262 */ 263function act_export($act){ 264 global $ID; 265 global $REV; 266 267 // no renderer for this 268 if($act == 'export_raw'){ 269 header('Content-Type: text/plain; charset=utf-8'); 270 print rawWiki($ID,$REV); 271 exit; 272 } 273 274 // html export #FIXME what about the template's style? 275 if($act == 'export_xhtml'){ 276 header('Content-Type: text/html; charset=utf-8'); 277 ptln('<html>'); 278 ptln('<head>'); 279 tpl_metaheaders(); 280 ptln('</head>'); 281 ptln('<body>'); 282 print p_wiki_xhtml($ID,$REV,false); 283 ptln('</body>'); 284 ptln('</html>'); 285 exit; 286 } 287 288 // try to run renderer #FIXME use cached instructions 289 $mode = substr($act,7); 290 $text = p_render($mode,p_get_instructions(rawWiki($ID,$REV)),$info); 291 if(!is_null($text)){ 292 print $text; 293 exit; 294 } 295 296 297 298 return 'show'; 299} 300 301/** 302 * Handle 'subscribe', 'unsubscribe' 303 * 304 * @author Steven Danz <steven-danz@kc.rr.com> 305 * @todo localize 306 */ 307function act_subscription($act){ 308 global $ID; 309 global $INFO; 310 global $lang; 311 312 $file=metaFN($ID,'.mlist'); 313 if ($act=='subscribe' && !$INFO['subscribed']){ 314 if ($INFO['userinfo']['mail']){ 315 if (io_saveFile($file,$_SERVER['REMOTE_USER']."\n",true)) { 316 $INFO['subscribed'] = true; 317 msg(sprintf($lang[$act.'_success'], $INFO['userinfo']['name'], $ID),1); 318 } else { 319 msg(sprintf($lang[$act.'_error'], $INFO['userinfo']['name'], $ID),1); 320 } 321 } else { 322 msg($lang['subscribe_noaddress']); 323 } 324 } elseif ($act=='unsubscribe' && $INFO['subscribed']){ 325 if (io_deleteFromFile($file,$_SERVER['REMOTE_USER']."\n")) { 326 $INFO['subscribed'] = false; 327 msg(sprintf($lang[$act.'_success'], $INFO['userinfo']['name'], $ID),1); 328 } else { 329 msg(sprintf($lang[$act.'_error'], $INFO['userinfo']['name'], $ID),1); 330 } 331 } 332 333 return 'show'; 334} 335 336//Setup VIM: ex: et ts=2 enc=utf-8 : 337