1<?php 2/** 3 * DokuWiki Actions 4 * 5 * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) 6 * @author Andreas Gohr <andi@splitbrain.org> 7 */ 8 9 if(!defined('DOKU_INC')) define('DOKU_INC',realpath(dirname(__FILE__).'/../').'/'); 10 require_once(DOKU_INC.'inc/template.php'); 11 12 13/** 14 * Call the needed action handlers 15 * 16 * @author Andreas Gohr <andi@splitbrain.org> 17 */ 18function act_dispatch(){ 19 global $INFO; 20 global $ACT; 21 global $ID; 22 global $QUERY; 23 global $lang; 24 global $conf; 25 26 //sanitize $ACT 27 $ACT = act_clean($ACT); 28 29 //check permissions 30 $ACT = act_permcheck($ACT); 31 32 //login stuff 33 if(in_array($ACT,array('login','logout','register'))) 34 $ACT = act_auth($ACT); 35 36 //save 37 if($ACT == 'save') 38 $ACT = act_save($ACT); 39 40 //edit 41 if(($ACT == 'edit' || $ACT == 'preview') && $INFO['editable']){ 42 $ACT = act_edit($ACT); 43 }else{ 44 unlock($ID); //try to unlock 45 } 46 47 //handle export 48 if(substr($ACT,0,7) == 'export_') 49 $ACT = act_export($ACT); 50 51 //display some infos 52 if($ACT == 'check'){ 53 check(); 54 $ACT = 'show'; 55 } 56 57 //check if searchword was given - else just show 58 if($ACT == 'search' && empty($QUERY)){ 59 $ACT = 'show'; 60 } 61 62 //handle admin tasks 63 if($ACT == 'admin'){ 64 if($_REQUEST['page'] == 'acl'){ 65 require_once(DOKU_INC.'inc/admin_acl.php'); 66 admin_acl_handler(); 67 } 68 } 69 70 //call template FIXME: all needed vars available? 71 header('Content-Type: text/html; charset=utf-8'); 72 include(DOKU_INC.'lib/tpl/'.$conf['template'].'/main.php'); 73 // output for the commands is now handled in inc/templates.php 74 // in function tpl_content() 75} 76 77/** 78 * Sanitize the action command 79 * 80 * Add all allowed commands here. 81 * 82 * @author Andreas Gohr <andi@splitbrain.org> 83 */ 84function act_clean($act){ 85 global $lang; 86 87 //handle localized buttons 88 if($act == $lang['btn_save']) $act = 'save'; 89 if($act == $lang['btn_preview']) $act = 'preview'; 90 if($act == $lang['btn_cancel']) $act = 'show'; 91 92 //remove all bad chars 93 $act = strtolower($act); 94 $act = preg_replace('/[^a-z_]+/','',$act); 95 96 if($act == 'export_html') $act = 'export_xhtml'; 97 98 if(array_search($act,array('login','logout','register','save','edit', 99 'preview','search','show','check','index','revisions', 100 'diff','recent','backlink','admin',)) === false 101 && substr($act,0,7) != 'export_' ) { 102 msg('Unknown command: '.htmlspecialchars($act),-1); 103 return 'show'; 104 } 105 return $act; 106} 107 108/** 109 * Run permissionchecks 110 * 111 * @author Andreas Gohr <andi@splitbrain.org> 112 */ 113function act_permcheck($act){ 114 global $INFO; 115 global $conf; 116 117 if(in_array($act,array('save','preview','edit'))){ 118 if($INFO['exists']){ 119 if($act == 'edit'){ 120 //the edit function will check again and do a source show 121 //when no AUTH_EDIT available 122 $permneed = AUTH_READ; 123 }else{ 124 $permneed = AUTH_EDIT; 125 } 126 }else{ 127 $permneed = AUTH_CREATE; 128 } 129 }elseif(in_array($act,array('login','search','recent'))){ 130 $permneed = AUTH_NONE; 131 }elseif($act == 'register'){ 132 if ($conf['openregister']){ 133 $permneed = AUTH_NONE; 134 }else{ 135 $permneed = AUTH_ADMIN; 136 } 137 }elseif($act == 'admin'){ 138 $permneed = AUTH_ADMIN; 139 }else{ 140 $permneed = AUTH_READ; 141 } 142 if($INFO['perm'] >= $permneed) return $act; 143 144 return 'denied'; 145} 146 147/** 148 * Handle 'save' 149 * 150 * Checks for spam and conflicts and saves the page. 151 * Does a redirect to show the page afterwards or 152 * returns a new action. 153 * 154 * @author Andreas Gohr <andi@splitbrain.org> 155 */ 156function act_save($act){ 157 global $ID; 158 global $DATE; 159 global $PRE; 160 global $TEXT; 161 global $SUF; 162 global $SUM; 163 164 //spam check 165 if(checkwordblock()) 166 return 'wordblock'; 167 //conflict check //FIXME use INFO 168 if($DATE != 0 && @filemtime(wikiFN($ID)) > $DATE ) 169 return 'conflict'; 170 171 //save it 172 saveWikiText($ID,con($PRE,$TEXT,$SUF,1),$SUM); //use pretty mode for con 173 //unlock it 174 unlock($ID); 175 176 //show it 177 session_write_close(); 178 header("Location: ".wl($ID,'',true)); 179 exit(); 180} 181 182/** 183 * Handle 'login', 'logout', 'register' 184 * 185 * @author Andreas Gohr <andi@splitbrain.org> 186 */ 187function act_auth($act){ 188 global $ID; 189 190 //already logged in? 191 if($_SERVER['REMOTE_USER'] && $act=='login') 192 return 'show'; 193 194 //handle logout 195 if($act=='logout'){ 196 $lockedby = checklock($ID); //page still locked? 197 if($lockedby == $_SERVER['REMOTER_USER']) 198 unlock($ID); //try to unlock 199 200 auth_logoff(); 201 return 'login'; 202 } 203 204 //handle register 205 if($act=='register' && register()){ 206 return 'login'; 207 } 208 209 return $act; 210} 211 212/** 213 * Handle 'edit', 'preview' 214 * 215 * @author Andreas Gohr <andi@splitbrain.org> 216 */ 217function act_edit($act){ 218 global $ID; 219 220 //check if locked by anyone - if not lock for my self 221 $lockedby = checklock($ID); 222 if($lockedby) return 'locked'; 223 224 lock($ID); 225 return $act; 226} 227 228/** 229 * Handle 'edit', 'preview' 230 * 231 * @author Andreas Gohr <andi@splitbrain.org> 232 */ 233function act_export($act){ 234 global $ID; 235 global $REV; 236 237 // no renderer for this 238 if($act == 'export_raw'){ 239 header('Content-Type: text/plain; charset=utf-8'); 240 print rawWiki($ID,$REV); 241 exit; 242 } 243 244 // html export #FIXME what about the template's style? 245 if($act == 'export_xhtml'){ 246 header('Content-Type: text/html; charset=utf-8'); 247 ptln('<html>'); 248 ptln('<head>'); 249 tpl_metaheaders(); 250 ptln('</head>'); 251 ptln('<body>'); 252 print p_wiki_xhtml($ID,$REV,false); 253 ptln('</body>'); 254 ptln('</html>'); 255 exit; 256 } 257 258 // try to run renderer #FIXME use cached instructions 259 $mode = substr($act,7); 260 $text = p_render($mode,p_get_instructions(rawWiki($ID,$REV)),$info); 261 if(!is_null($text)){ 262 print $text; 263 exit; 264 } 265 266 267 268 return 'show'; 269} 270 271 272//Setup VIM: ex: et ts=2 enc=utf-8 : 273