1<?php 2/** 3 * DokuWiki Actions 4 * 5 * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) 6 * @author Andreas Gohr <andi@splitbrain.org> 7 */ 8 9 if(!defined('DOKU_INC')) define('DOKU_INC',realpath(dirname(__FILE__).'/../').'/'); 10 require_once(DOKU_INC.'inc/template.php'); 11 12 13/** 14 * Call the needed action handlers 15 * 16 * @author Andreas Gohr <andi@splitbrain.org> 17 */ 18function act_dispatch(){ 19 global $INFO; 20 global $ACT; 21 global $ID; 22 global $QUERY; 23 global $lang; 24 global $conf; 25 26 //sanitize $ACT 27 $ACT = act_clean($ACT); 28 29 //check permissions 30 $ACT = act_permcheck($ACT); 31 32 //login stuff 33 if(in_array($ACT,array('login','logout','register'))) 34 $ACT = act_auth($ACT); 35 36 //save 37 if($ACT == 'save') 38 $ACT = act_save($ACT); 39 40 //edit 41 if(($ACT == 'edit' || $ACT == 'preview') && $INFO['editable']){ 42 $ACT = act_edit($ACT); 43 }else{ 44 unlock($ID); //try to unlock 45 } 46 47 //handle export 48 if(substr($ACT,0,7) == 'export_') 49 $ACT = act_export($ACT); 50 51 //display some infos 52 if($ACT == 'check'){ 53 check(); 54 $ACT = 'show'; 55 } 56 57 //check if searchword was given - else just show 58 if($ACT == 'search' && empty($QUERY)){ 59 $ACT = 'show'; 60 } 61 62 //handle admin tasks 63 if($ACT == 'admin'){ 64 if($_REQUEST['page'] == 'acl'){ 65 require_once(DOKU_INC.'inc/admin_acl.php'); 66 admin_acl_handler(); 67 } elseif ($_REQUEST['page'] == 'register') { 68 $ACT = 'register'; 69 } 70 } 71 72 //call template FIXME: all needed vars available? 73 header('Content-Type: text/html; charset=utf-8'); 74 include(DOKU_INC.'tpl/'.$conf['template'].'/main.php'); 75 // output for the commands is now handled in inc/templates.php 76 // in function tpl_content() 77} 78 79/** 80 * Sanitize the action command 81 * 82 * Add all allowed commands here. 83 * 84 * @author Andreas Gohr <andi@splitbrain.org> 85 */ 86function act_clean($act){ 87 global $lang; 88 global $conf; 89 90 //handle localized buttons 91 if($act == $lang['btn_save']) $act = 'save'; 92 if($act == $lang['btn_preview']) $act = 'preview'; 93 if($act == $lang['btn_cancel']) $act = 'show'; 94 95 //remove all bad chars 96 $act = strtolower($act); 97 $act = preg_replace('/[^a-z_]+/','',$act); 98 99 if($act == 'register' && !$conf['openregister']) 100 return 'show'; 101 102 if($act == 'export_html') $act = 'export_xhtml'; 103 104 if(array_search($act,array('login','logout','register','save','edit', 105 'preview','search','show','check','index','revisions', 106 'diff','recent','backlink','admin',)) === false 107 && substr($act,0,7) != 'export_' ) { 108 msg('Unknown command: '.htmlspecialchars($act),-1); 109 return 'show'; 110 } 111 return $act; 112} 113 114/** 115 * Run permissionchecks 116 * 117 * @author Andreas Gohr <andi@splitbrain.org> 118 */ 119function act_permcheck($act){ 120 global $INFO; 121 122 if(in_array($act,array('save','preview','edit'))){ 123 if($INFO['exists']){ 124 $permneed = AUTH_EDIT; 125 }else{ 126 $permneed = AUTH_CREATE; 127 } 128 }elseif(in_array($act,array('login','register','search','recent'))){ 129 $permneed = AUTH_NONE; 130 }elseif($act == 'admin'){ 131 $permneed = AUTH_ADMIN; 132 }else{ 133 $permneed = AUTH_READ; 134 } 135 if($INFO['perm'] >= $permneed) return $act; 136 137 return 'denied'; 138} 139 140/** 141 * Handle 'save' 142 * 143 * Checks for spam and conflicts and saves the page. 144 * Does a redirect to show the page afterwards or 145 * returns a new action. 146 * 147 * @author Andreas Gohr <andi@splitbrain.org> 148 */ 149function act_save($act){ 150 global $ID; 151 global $DATE; 152 global $PRE; 153 global $TEXT; 154 global $SUF; 155 global $SUM; 156 157 //spam check 158 if(checkwordblock()) 159 return 'wordblock'; 160 //conflict check //FIXME use INFO 161 if($DATE != 0 && @filemtime(wikiFN($ID)) > $DATE ) 162 return 'conflict'; 163 164 //save it 165 saveWikiText($ID,con($PRE,$TEXT,$SUF,1),$SUM); //use pretty mode for con 166 //unlock it 167 unlock($ID); 168 169 //show it 170 session_write_close(); 171 header("Location: ".wl($ID,'',true)); 172 exit(); 173} 174 175/** 176 * Handle 'login', 'logout', 'register' 177 * 178 * @author Andreas Gohr <andi@splitbrain.org> 179 */ 180function act_auth($act){ 181 //already logged in? 182 if($_SERVER['REMOTE_USER'] && $act=='login') 183 return 'show'; 184 185 //handle logout 186 if($act=='logout'){ 187 auth_logoff(); 188 return 'login'; 189 } 190 191 //handle register 192 if($act=='register' && register()){ 193 return 'login'; 194 } 195 196 return $act; 197} 198 199/** 200 * Handle 'edit', 'preview' 201 * 202 * @author Andreas Gohr <andi@splitbrain.org> 203 */ 204function act_edit($act){ 205 global $ID; 206 207 //check if locked by anyone - if not lock for my self 208 $lockedby = checklock($ID); 209 if($lockedby) return 'locked'; 210 211 lock($ID); 212 return $act; 213} 214 215/** 216 * Handle 'edit', 'preview' 217 * 218 * @author Andreas Gohr <andi@splitbrain.org> 219 */ 220function act_export($act){ 221 global $ID; 222 global $REV; 223 224 // no renderer for this 225 if($act == 'export_raw'){ 226 header('Content-Type: text/plain; charset=utf-8'); 227 print rawWiki($ID,$REV); 228 exit; 229 } 230 231 // html export #FIXME what about the template's style? 232 if($act == 'export_xhtml'){ 233 header('Content-Type: text/html; charset=utf-8'); 234 ptln('<html>'); 235 ptln('<head>'); 236 tpl_metaheaders(); 237 ptln('</head>'); 238 ptln('<body>'); 239 print p_wiki_xhtml($ID,$REV,false); 240 ptln('</body>'); 241 ptln('</html>'); 242 exit; 243 } 244 245 // try to run renderer #FIXME use cached instructions 246 $mode = substr($act,7); 247 $text = p_render($mode,p_get_instructions(rawWiki($ID,$REV)),$info); 248 if(!is_null($text)){ 249 print $text; 250 exit; 251 } 252 253 254 255 return 'show'; 256} 257 258 259//Setup VIM: ex: et ts=2 enc=utf-8 : 260