xref: /dokuwiki/inc/actions.php (revision f243a77fe35964d15fe442265666ccaa5303d953) 
1<?php
2/**
3 * DokuWiki Actions
4 *
5 * @license    GPL 2 (http://www.gnu.org/licenses/gpl.html)
6 * @author     Andreas Gohr <andi@splitbrain.org>
7 */
8
9  if(!defined('DOKU_INC')) define('DOKU_INC',realpath(dirname(__FILE__).'/../').'/');
10  require_once(DOKU_INC.'inc/template.php');
11
12
13/**
14 * Call the needed action handlers
15 *
16 * @author Andreas Gohr <andi@splitbrain.org>
17 */
18function act_dispatch(){
19  global $INFO;
20  global $ACT;
21  global $ID;
22  global $QUERY;
23  global $lang;
24  global $conf;
25
26  //sanitize $ACT
27  $ACT = act_clean($ACT);
28
29  //check permissions
30  $ACT = act_permcheck($ACT);
31
32  //login stuff
33  if(in_array($ACT,array('login','logout','register')))
34    $ACT = act_auth($ACT);
35
36  //save
37  if($ACT == 'save')
38    $ACT = act_save($ACT);
39
40  //edit
41  if(($ACT == 'edit' || $ACT == 'preview') && $INFO['editable']){
42    $ACT = act_edit($ACT);
43  }else{
44    unlock($ID); //try to unlock
45  }
46
47  //handle export
48  if(substr($ACT,0,7) == 'export_')
49    $ACT = act_export($ACT);
50
51  //display some infos
52  if($ACT == 'check'){
53    check();
54    $ACT = 'show';
55  }
56
57  //check if searchword was given - else just show
58  if($ACT == 'search' && empty($QUERY)){
59    $ACT = 'show';
60  }
61
62  //handle admin tasks
63  if($ACT == 'admin'){
64		if($_REQUEST['page'] == 'acl'){
65			require_once(DOKU_INC.'inc/admin_acl.php');
66			admin_acl_handler();
67		}
68  }
69
70  //call template FIXME: all needed vars available?
71  header('Content-Type: text/html; charset=utf-8');
72  include(DOKU_INC.'tpl/'.$conf['template'].'/main.php');
73  // output for the commands is now handled in inc/templates.php
74  // in function tpl_content()
75}
76
77/**
78 * Sanitize the action command
79 *
80 * Add all allowed commands here.
81 *
82 * @author Andreas Gohr <andi@splitbrain.org>
83 */
84function act_clean($act){
85  global $lang;
86  global $conf;
87
88  //handle localized buttons
89  if($act == $lang['btn_save']) $act = 'save';
90  if($act == $lang['btn_preview']) $act = 'preview';
91  if($act == $lang['btn_cancel']) $act = 'show';
92
93  //remove all bad chars
94  $act = strtolower($act);
95  $act = preg_replace('/[^a-z_]+/','',$act);
96
97  if($act == 'register' && !$conf['openregister'])
98    return 'show';
99
100  if($act == 'export_html') $act = 'export_xhtml';
101
102  if(array_search($act,array('login','logout','register','save','edit',
103                             'preview','search','show','check','index','revisions',
104                             'diff','recent','backlink','admin',)) === false
105     && substr($act,0,7) != 'export_' ) {
106    msg('Unknown command: '.htmlspecialchars($act),-1);
107    return 'show';
108  }
109  return $act;
110}
111
112/**
113 * Run permissionchecks
114 *
115 * @author Andreas Gohr <andi@splitbrain.org>
116 */
117function act_permcheck($act){
118  global $INFO;
119
120  if(in_array($act,array('save','preview','edit'))){
121    if($INFO['exists']){
122      $permneed = AUTH_EDIT;
123    }else{
124      $permneed = AUTH_CREATE;
125    }
126  }elseif(in_array($act,array('login','register','search','recent'))){
127    $permneed = AUTH_NONE;
128  }elseif($act == 'admin'){
129    $permneed = AUTH_ADMIN;
130  }else{
131    $permneed = AUTH_READ;
132  }
133  if($INFO['perm'] >= $permneed) return $act;
134
135  return 'denied';
136}
137
138/**
139 * Handle 'save'
140 *
141 * Checks for spam and conflicts and saves the page.
142 * Does a redirect to show the page afterwards or
143 * returns a new action.
144 *
145 * @author Andreas Gohr <andi@splitbrain.org>
146 */
147function act_save($act){
148  global $ID;
149  global $DATE;
150  global $PRE;
151  global $TEXT;
152  global $SUF;
153  global $SUM;
154
155  //spam check
156  if(checkwordblock())
157    return 'wordblock';
158  //conflict check //FIXME use INFO
159  if($DATE != 0 && @filemtime(wikiFN($ID)) > $DATE )
160    return 'conflict';
161
162  //save it
163  saveWikiText($ID,con($PRE,$TEXT,$SUF,1),$SUM); //use pretty mode for con
164  //unlock it
165  unlock($ID);
166
167  //show it
168  session_write_close();
169  header("Location: ".wl($ID,'',true));
170  exit();
171}
172
173/**
174 * Handle 'login', 'logout', 'register'
175 *
176 * @author Andreas Gohr <andi@splitbrain.org>
177 */
178function act_auth($act){
179  //already logged in?
180  if($_SERVER['REMOTE_USER'] && $act=='login')
181    return 'show';
182
183  //handle logout
184  if($act=='logout'){
185    auth_logoff();
186    return 'login';
187  }
188
189  //handle register
190  if($act=='register' && register()){
191    return 'login';
192  }
193
194  return $act;
195}
196
197/**
198 * Handle 'edit', 'preview'
199 *
200 * @author Andreas Gohr <andi@splitbrain.org>
201 */
202function act_edit($act){
203  global $ID;
204
205  //check if locked by anyone - if not lock for my self
206  $lockedby = checklock($ID);
207  if($lockedby) return 'locked';
208
209  lock($ID);
210  return $act;
211}
212
213/**
214 * Handle 'edit', 'preview'
215 *
216 * @author Andreas Gohr <andi@splitbrain.org>
217 */
218function act_export($act){
219  global $ID;
220  global $REV;
221
222  // no renderer for this
223  if($act == 'export_raw'){
224    header('Content-Type: text/plain; charset=utf-8');
225    print rawWiki($ID,$REV);
226    exit;
227  }
228
229  // html export #FIXME what about the template's style?
230  if($act == 'export_xhtml'){
231    header('Content-Type: text/html; charset=utf-8');
232    ptln('<html>');
233    ptln('<head>');
234    tpl_metaheaders();
235    ptln('</head>');
236    ptln('<body>');
237    print p_wiki_xhtml($ID,$REV,false);
238    ptln('</body>');
239    ptln('</html>');
240    exit;
241  }
242
243  // try to run renderer #FIXME use cached instructions
244  $mode = substr($act,7);
245  $text = p_render($mode,p_get_instructions(rawWiki($ID,$REV)));
246  if(!is_null($text)){
247    print $text;
248    exit;
249  }
250
251
252
253  return 'show';
254}
255
256
257//Setup VIM: ex: et ts=2 enc=utf-8 :
258