1<?php 2/** 3 * DokuWiki Actions 4 * 5 * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) 6 * @author Andreas Gohr <andi@splitbrain.org> 7 */ 8 9 if(!defined('DOKU_INC')) define('DOKU_INC',realpath(dirname(__FILE__).'/../').'/'); 10 require_once(DOKU_INC.'inc/template.php'); 11 12 13/** 14 * Call the needed action handlers 15 * 16 * @author Andreas Gohr <andi@splitbrain.org> 17 */ 18function act_dispatch(){ 19 global $INFO; 20 global $ACT; 21 global $ID; 22 global $QUERY; 23 global $lang; 24 global $conf; 25 26 //sanitize $ACT 27 $ACT = act_clean($ACT); 28 29 //check if searchword was given - else just show 30 if($ACT == 'search' && empty($QUERY)){ 31 $ACT = 'show'; 32 } 33 34 //login stuff 35 if(in_array($ACT,array('login','logout'))) 36 $ACT = act_auth($ACT); 37 38 //check permissions 39 $ACT = act_permcheck($ACT); 40 41 //register 42 if($ACT == 'register' && register()){ 43 $ACT = 'login'; 44 } 45 46 //save 47 if($ACT == 'save') 48 $ACT = act_save($ACT); 49 50 //edit 51 if(($ACT == 'edit' || $ACT == 'preview') && $INFO['editable']){ 52 $ACT = act_edit($ACT); 53 }else{ 54 unlock($ID); //try to unlock 55 } 56 57 //handle export 58 if(substr($ACT,0,7) == 'export_') 59 $ACT = act_export($ACT); 60 61 //display some infos 62 if($ACT == 'check'){ 63 check(); 64 $ACT = 'show'; 65 } 66 67 //handle admin tasks 68 if($ACT == 'admin'){ 69 if($_REQUEST['page'] == 'acl'){ 70 require_once(DOKU_INC.'inc/admin_acl.php'); 71 admin_acl_handler(); 72 } 73 } 74 75 //call template FIXME: all needed vars available? 76 header('Content-Type: text/html; charset=utf-8'); 77 include(DOKU_INC.'lib/tpl/'.$conf['template'].'/main.php'); 78 // output for the commands is now handled in inc/templates.php 79 // in function tpl_content() 80} 81 82/** 83 * Sanitize the action command 84 * 85 * Add all allowed commands here. 86 * 87 * @author Andreas Gohr <andi@splitbrain.org> 88 */ 89function act_clean($act){ 90 global $lang; 91 92 //handle localized buttons 93 if($act == $lang['btn_save']) $act = 'save'; 94 if($act == $lang['btn_preview']) $act = 'preview'; 95 if($act == $lang['btn_cancel']) $act = 'show'; 96 97 //remove all bad chars 98 $act = strtolower($act); 99 $act = preg_replace('/[^a-z_]+/','',$act); 100 101 if($act == 'export_html') $act = 'export_xhtml'; 102 103 if(array_search($act,array('login','logout','register','save','edit', 104 'preview','search','show','check','index','revisions', 105 'diff','recent','backlink','admin',)) === false 106 && substr($act,0,7) != 'export_' ) { 107 msg('Unknown command: '.htmlspecialchars($act),-1); 108 return 'show'; 109 } 110 return $act; 111} 112 113/** 114 * Run permissionchecks 115 * 116 * @author Andreas Gohr <andi@splitbrain.org> 117 */ 118function act_permcheck($act){ 119 global $INFO; 120 global $conf; 121 122 if(in_array($act,array('save','preview','edit'))){ 123 if($INFO['exists']){ 124 if($act == 'edit'){ 125 //the edit function will check again and do a source show 126 //when no AUTH_EDIT available 127 $permneed = AUTH_READ; 128 }else{ 129 $permneed = AUTH_EDIT; 130 } 131 }else{ 132 $permneed = AUTH_CREATE; 133 } 134 }elseif(in_array($act,array('login','search','recent'))){ 135 $permneed = AUTH_NONE; 136 }elseif($act == 'register'){ 137 if ($conf['openregister']){ 138 $permneed = AUTH_NONE; 139 }else{ 140 $permneed = AUTH_ADMIN; 141 } 142 }elseif($act == 'admin'){ 143 $permneed = AUTH_ADMIN; 144 }else{ 145 $permneed = AUTH_READ; 146 } 147 if($INFO['perm'] >= $permneed) return $act; 148 149 return 'denied'; 150} 151 152/** 153 * Handle 'save' 154 * 155 * Checks for spam and conflicts and saves the page. 156 * Does a redirect to show the page afterwards or 157 * returns a new action. 158 * 159 * @author Andreas Gohr <andi@splitbrain.org> 160 */ 161function act_save($act){ 162 global $ID; 163 global $DATE; 164 global $PRE; 165 global $TEXT; 166 global $SUF; 167 global $SUM; 168 169 //spam check 170 if(checkwordblock()) 171 return 'wordblock'; 172 //conflict check //FIXME use INFO 173 if($DATE != 0 && @filemtime(wikiFN($ID)) > $DATE ) 174 return 'conflict'; 175 176 //save it 177 saveWikiText($ID,con($PRE,$TEXT,$SUF,1),$SUM); //use pretty mode for con 178 //unlock it 179 unlock($ID); 180 181 //show it 182 session_write_close(); 183 header("Location: ".wl($ID,'',true)); 184 exit(); 185} 186 187/** 188 * Handle 'login', 'logout' 189 * 190 * @author Andreas Gohr <andi@splitbrain.org> 191 */ 192function act_auth($act){ 193 global $ID; 194 195 //already logged in? 196 if($_SERVER['REMOTE_USER'] && $act=='login') 197 return 'show'; 198 199 //handle logout 200 if($act=='logout'){ 201 $lockedby = checklock($ID); //page still locked? 202 if($lockedby == $_SERVER['REMOTER_USER']) 203 unlock($ID); //try to unlock 204 205 auth_logoff(); 206 return 'login'; 207 } 208 209 return $act; 210} 211 212/** 213 * Handle 'edit', 'preview' 214 * 215 * @author Andreas Gohr <andi@splitbrain.org> 216 */ 217function act_edit($act){ 218 global $ID; 219 220 //check if locked by anyone - if not lock for my self 221 $lockedby = checklock($ID); 222 if($lockedby) return 'locked'; 223 224 lock($ID); 225 return $act; 226} 227 228/** 229 * Handle 'edit', 'preview' 230 * 231 * @author Andreas Gohr <andi@splitbrain.org> 232 */ 233function act_export($act){ 234 global $ID; 235 global $REV; 236 237 // no renderer for this 238 if($act == 'export_raw'){ 239 header('Content-Type: text/plain; charset=utf-8'); 240 print rawWiki($ID,$REV); 241 exit; 242 } 243 244 // html export #FIXME what about the template's style? 245 if($act == 'export_xhtml'){ 246 header('Content-Type: text/html; charset=utf-8'); 247 ptln('<html>'); 248 ptln('<head>'); 249 tpl_metaheaders(); 250 ptln('</head>'); 251 ptln('<body>'); 252 print p_wiki_xhtml($ID,$REV,false); 253 ptln('</body>'); 254 ptln('</html>'); 255 exit; 256 } 257 258 // try to run renderer #FIXME use cached instructions 259 $mode = substr($act,7); 260 $text = p_render($mode,p_get_instructions(rawWiki($ID,$REV)),$info); 261 if(!is_null($text)){ 262 print $text; 263 exit; 264 } 265 266 267 268 return 'show'; 269} 270 271 272//Setup VIM: ex: et ts=2 enc=utf-8 : 273