1<?php 2/** 3 * DokuWiki Actions 4 * 5 * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) 6 * @author Andreas Gohr <andi@splitbrain.org> 7 */ 8 9 if(!defined('DOKU_INC')) define('DOKU_INC',realpath(dirname(__FILE__).'/../').'/'); 10 require_once(DOKU_INC.'inc/template.php'); 11 12 13/** 14 * Call the needed action handlers 15 * 16 * @author Andreas Gohr <andi@splitbrain.org> 17 */ 18function act_dispatch(){ 19 global $INFO; 20 global $ACT; 21 global $ID; 22 global $QUERY; 23 global $lang; 24 global $conf; 25 26 //sanitize $ACT 27 $ACT = act_clean($ACT); 28 29 //check permissions 30 $ACT = act_permcheck($ACT); 31 32 //login stuff 33 if(in_array($ACT,array('login','logout','register'))) 34 $ACT = act_auth($ACT); 35 36 //save 37 if($ACT == 'save') 38 $ACT = act_save($ACT); 39 40 //edit 41 if(($ACT == 'edit' || $ACT == 'preview') && $INFO['editable']){ 42 $ACT = act_edit($ACT); 43 }else{ 44 unlock($ID); //try to unlock 45 } 46 47 //handle export 48 if(substr($ACT,0,7) == 'export_') 49 $ACT = act_export($ACT); 50 51 //display some infos 52 if($ACT == 'check'){ 53 check(); 54 $ACT = 'show'; 55 } 56 57 //check if searchword was given - else just show 58 if($ACT == 'search' && empty($QUERY)){ 59 $ACT = 'show'; 60 } 61 62 //handle admin tasks 63 if($ACT == 'admin'){ 64 if($_REQUEST['page'] == 'acl'){ 65 require_once(DOKU_INC.'inc/admin_acl.php'); 66 admin_acl_handler(); 67 } 68 } 69 70 //call template FIXME: all needed vars available? 71 header('Content-Type: text/html; charset=utf-8'); 72 include(DOKU_INC.'tpl/'.$conf['template'].'/main.php'); 73 // output for the commands is now handled in inc/templates.php 74 // in function tpl_content() 75} 76 77/** 78 * Sanitize the action command 79 * 80 * Add all allowed commands here. 81 * 82 * @author Andreas Gohr <andi@splitbrain.org> 83 */ 84function act_clean($act){ 85 global $lang; 86 87 //handle localized buttons 88 if($act == $lang['btn_save']) $act = 'save'; 89 if($act == $lang['btn_preview']) $act = 'preview'; 90 if($act == $lang['btn_cancel']) $act = 'show'; 91 92 //remove all bad chars 93 $act = strtolower($act); 94 $act = preg_replace('/[^a-z_]+/','',$act); 95 96 if($act == 'export_html') $act = 'export_xhtml'; 97 98 if(array_search($act,array('login','logout','register','save','edit', 99 'preview','search','show','check','index','revisions', 100 'diff','recent','backlink','admin',)) === false 101 && substr($act,0,7) != 'export_' ) { 102 msg('Unknown command: '.htmlspecialchars($act),-1); 103 return 'show'; 104 } 105 return $act; 106} 107 108/** 109 * Run permissionchecks 110 * 111 * @author Andreas Gohr <andi@splitbrain.org> 112 */ 113function act_permcheck($act){ 114 global $INFO; 115 global $conf; 116 117 if(in_array($act,array('save','preview','edit'))){ 118 if($INFO['exists']){ 119 $permneed = AUTH_EDIT; 120 }else{ 121 $permneed = AUTH_CREATE; 122 } 123 }elseif(in_array($act,array('login','search','recent'))){ 124 $permneed = AUTH_NONE; 125 }elseif($act == 'register'){ 126 if ($conf['openregister']) 127 $permneed = AUTH_NONE; 128 else 129 $permneed = AUTH_AUTH; 130 }elseif($act == 'admin'){ 131 $permneed = AUTH_ADMIN; 132 }else{ 133 $permneed = AUTH_READ; 134 } 135 if($INFO['perm'] >= $permneed) return $act; 136 137 return 'denied'; 138} 139 140/** 141 * Handle 'save' 142 * 143 * Checks for spam and conflicts and saves the page. 144 * Does a redirect to show the page afterwards or 145 * returns a new action. 146 * 147 * @author Andreas Gohr <andi@splitbrain.org> 148 */ 149function act_save($act){ 150 global $ID; 151 global $DATE; 152 global $PRE; 153 global $TEXT; 154 global $SUF; 155 global $SUM; 156 157 //spam check 158 if(checkwordblock()) 159 return 'wordblock'; 160 //conflict check //FIXME use INFO 161 if($DATE != 0 && @filemtime(wikiFN($ID)) > $DATE ) 162 return 'conflict'; 163 164 //save it 165 saveWikiText($ID,con($PRE,$TEXT,$SUF,1),$SUM); //use pretty mode for con 166 //unlock it 167 unlock($ID); 168 169 //show it 170 session_write_close(); 171 header("Location: ".wl($ID,'',true)); 172 exit(); 173} 174 175/** 176 * Handle 'login', 'logout', 'register' 177 * 178 * @author Andreas Gohr <andi@splitbrain.org> 179 */ 180function act_auth($act){ 181 //already logged in? 182 if($_SERVER['REMOTE_USER'] && $act=='login') 183 return 'show'; 184 185 //handle logout 186 if($act=='logout'){ 187 auth_logoff(); 188 return 'login'; 189 } 190 191 //handle register 192 if($act=='register' && register()){ 193 return 'login'; 194 } 195 196 return $act; 197} 198 199/** 200 * Handle 'edit', 'preview' 201 * 202 * @author Andreas Gohr <andi@splitbrain.org> 203 */ 204function act_edit($act){ 205 global $ID; 206 207 //check if locked by anyone - if not lock for my self 208 $lockedby = checklock($ID); 209 if($lockedby) return 'locked'; 210 211 lock($ID); 212 return $act; 213} 214 215/** 216 * Handle 'edit', 'preview' 217 * 218 * @author Andreas Gohr <andi@splitbrain.org> 219 */ 220function act_export($act){ 221 global $ID; 222 global $REV; 223 224 // no renderer for this 225 if($act == 'export_raw'){ 226 header('Content-Type: text/plain; charset=utf-8'); 227 print rawWiki($ID,$REV); 228 exit; 229 } 230 231 // html export #FIXME what about the template's style? 232 if($act == 'export_xhtml'){ 233 header('Content-Type: text/html; charset=utf-8'); 234 ptln('<html>'); 235 ptln('<head>'); 236 tpl_metaheaders(); 237 ptln('</head>'); 238 ptln('<body>'); 239 print p_wiki_xhtml($ID,$REV,false); 240 ptln('</body>'); 241 ptln('</html>'); 242 exit; 243 } 244 245 // try to run renderer #FIXME use cached instructions 246 $mode = substr($act,7); 247 $text = p_render($mode,p_get_instructions(rawWiki($ID,$REV)),$info); 248 if(!is_null($text)){ 249 print $text; 250 exit; 251 } 252 253 254 255 return 'show'; 256} 257 258 259//Setup VIM: ex: et ts=2 enc=utf-8 : 260