xref: /dokuwiki/inc/actions.php (revision b146b32bb0a5954f583a461f28f0fcf9fb020a2a) 
1<?php
2/**
3 * DokuWiki Actions
4 *
5 * @license    GPL 2 (http://www.gnu.org/licenses/gpl.html)
6 * @author     Andreas Gohr <andi@splitbrain.org>
7 */
8
9  if(!defined('DOKU_INC')) define('DOKU_INC',realpath(dirname(__FILE__).'/../').'/');
10  require_once(DOKU_INC.'inc/template.php');
11
12
13/**
14 * Call the needed action handlers
15 *
16 * @author Andreas Gohr <andi@splitbrain.org>
17 */
18function act_dispatch(){
19  global $INFO;
20  global $ACT;
21  global $ID;
22  global $QUERY;
23  global $lang;
24  global $conf;
25
26  //sanitize $ACT
27  $ACT = act_clean($ACT);
28
29  //check permissions
30  $ACT = act_permcheck($ACT);
31
32  //login stuff
33  if(in_array($ACT,array('login','logout','register')))
34    $ACT = act_login($ACT);
35
36  //save
37  if($ACT == 'save')
38    $ACT = act_save($ACT);
39
40  //edit
41  if(($ACT == 'edit' || $ACT == 'preview') && $INFO['editable']){
42    $ACT = act_edit($ACT);
43  }else{
44    unlock($ID); //try to unlock
45  }
46
47  //handle export
48  if(substr($ACT,0,6) == 'export')
49    $ACT = act_export($ACT);
50
51  //display some infos
52  if($ACT == 'check'){
53    check();
54    $ACT = 'show';
55  }
56
57  //check if searchword was given - else just show
58  if($ACT == 'search' && empty($QUERY)){
59    $ACT = 'show';
60  }
61
62  //call template FIXME: all needed vars available?
63  header('Content-Type: text/html; charset=utf-8');
64  include(DOKU_INC.'tpl/'.$conf['template'].'/main.php');
65}
66
67/**
68 * Sanitize the action command
69 *
70 * Add all allowed commands here.
71 *
72 * @author Andreas Gohr <andi@splitbrain.org>
73 */
74function act_clean($act){
75  global $lang;
76  global $conf;
77
78  if($act == 'register' && !$conf['openregister'])
79    return 'show';
80
81  if($act == $lang['btn_save']) $act = 'save';
82  if($act == $lang['btn_preview']) $act = 'preview';
83  $act = strtolower($act);
84
85  if(!array_search($act,array('login','logout','register','save','edit',
86                              'preview','export_raw','export_html',
87                              'search','show','check','index','revisions',
88                              'diff','recent','backlink',))){
89    msg('Unknown command: '.htmlspecialchars($act),-1);
90    return 'show';
91  }
92  return $act;
93}
94
95/**
96 * Run permissionchecks
97 *
98 * @author Andreas Gohr <andi@splitbrain.org>
99 */
100function act_permcheck($act){
101  if(in_array($act,array('save','preview','edit'))){
102    if($INFO['exists']){
103      $permneed = AUTH_EDIT;
104    }else{
105      $permneed = AUTH_CREATE;
106    }
107  }elseif(in_array($act,array('login','register','search','recent'))){
108    $permneed = AUTH_NONE;
109  }else{
110    $permneed = AUTH_READ;
111  }
112  if(! auth_quickaclcheck($ID) >= $permneed){
113    return 'denied';
114  }
115
116
117  return $act;
118}
119
120/**
121 * Handle 'save'
122 *
123 * Checks for spam and conflicts and saves the page.
124 * Does a redirect to show the page afterwards or
125 * returns a new action.
126 *
127 * @author Andreas Gohr <andi@splitbrain.org>
128 */
129function act_save($act){
130  global $ID;
131  global $DATE;
132  global $PRE;
133  global $TEXT;
134  global $SUF;
135  global $SUM;
136
137  //spam check
138  if(checkwordblock())
139    return 'wordblock';
140  //conflict check //FIXME use INFO
141  if($DATE != 0 && @filemtime(wikiFN($ID)) > $DATE )
142    return 'conflict';
143
144  //save it
145  saveWikiText($ID,con($PRE,$TEXT,$SUF,1),$SUM); //use pretty mode for con
146  //unlock it
147  unlock($ID);
148
149  //show it
150  session_write_close();
151  header("Location: ".wl($ID,'',true));
152  exit();
153}
154
155/**
156 * Handle 'login', 'logout', 'register'
157 *
158 * @author Andreas Gohr <andi@splitbrain.org>
159 */
160function act_auth($act){
161  //already logged in?
162  if($_SERVER['REMOTE_USER'] && $act=='login')
163    return 'show';
164
165  //handle logout
166  if($act=='logout'){
167    auth_logoff();
168    return 'login';
169  }
170
171  //handle register
172  if($act=='register' && register()){
173    $act='login';
174  }
175
176  return $act;
177}
178
179/**
180 * Handle 'edit', 'preview'
181 *
182 * @author Andreas Gohr <andi@splitbrain.org>
183 */
184function act_edit($act){
185  //check if locked by anyone - if not lock for my self
186  $lockedby = checklock($ID);
187  if($lockedby) return 'locked';
188
189  lock($ID);
190  return $act;
191}
192
193/**
194 * Handle 'edit', 'preview'
195 *
196 * @author Andreas Gohr <andi@splitbrain.org>
197 */
198function act_export($act){
199  global $ID;
200  global $REV;
201
202  if($act == 'export_html'){
203    header('Content-Type: text/html; charset=utf-8');
204    ptln('<html>');
205    ptln('<head>');
206    tpl_metaheaders();
207    ptln('</head>');
208    ptln('<body>');
209    print parsedWiki($ID,$REV,false);
210    ptln('</body>');
211    ptln('</html>');
212    exit;
213  }
214
215  if($act == 'export_raw'){
216    header('Content-Type: text/plain; charset=utf-8');
217    print rawWiki($ID,$REV);
218    exit;
219  }
220
221  return 'show';
222}
223?>
224