1<?php 2/** 3 * DokuWiki Actions 4 * 5 * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) 6 * @author Andreas Gohr <andi@splitbrain.org> 7 */ 8 9 if(!defined('DOKU_INC')) define('DOKU_INC',realpath(dirname(__FILE__).'/../').'/'); 10 require_once(DOKU_INC.'inc/template.php'); 11 12 13/** 14 * Call the needed action handlers 15 * 16 * @author Andreas Gohr <andi@splitbrain.org> 17 */ 18function act_dispatch(){ 19 global $INFO; 20 global $ACT; 21 global $ID; 22 global $QUERY; 23 global $lang; 24 global $conf; 25 26 //sanitize $ACT 27 $ACT = act_clean($ACT); 28 29 //check permissions 30 $ACT = act_permcheck($ACT); 31 32 //login stuff 33 if(in_array($ACT,array('login','logout','register'))) 34 $ACT = act_auth($ACT); 35 36 //save 37 if($ACT == 'save') 38 $ACT = act_save($ACT); 39 40 //edit 41 if(($ACT == 'edit' || $ACT == 'preview') && $INFO['editable']){ 42 $ACT = act_edit($ACT); 43 }else{ 44 unlock($ID); //try to unlock 45 } 46 47 //handle export 48 if(substr($ACT,0,7) == 'export_') 49 $ACT = act_export($ACT); 50 51 //display some infos 52 if($ACT == 'check'){ 53 check(); 54 $ACT = 'show'; 55 } 56 57 //check if searchword was given - else just show 58 if($ACT == 'search' && empty($QUERY)){ 59 $ACT = 'show'; 60 } 61 62 //handle admin tasks 63 if($ACT == 'admin'){ 64 if($_REQUEST['page'] == 'acl'){ 65 require_once(DOKU_INC.'inc/admin_acl.php'); 66 admin_acl_handler(); 67 } 68 } 69 70 //call template FIXME: all needed vars available? 71 header('Content-Type: text/html; charset=utf-8'); 72 include(DOKU_INC.'lib/tpl/'.$conf['template'].'/main.php'); 73 // output for the commands is now handled in inc/templates.php 74 // in function tpl_content() 75} 76 77/** 78 * Sanitize the action command 79 * 80 * Add all allowed commands here. 81 * 82 * @author Andreas Gohr <andi@splitbrain.org> 83 */ 84function act_clean($act){ 85 global $lang; 86 87 //handle localized buttons 88 if($act == $lang['btn_save']) $act = 'save'; 89 if($act == $lang['btn_preview']) $act = 'preview'; 90 if($act == $lang['btn_cancel']) $act = 'show'; 91 92 //remove all bad chars 93 $act = strtolower($act); 94 $act = preg_replace('/[^a-z_]+/','',$act); 95 96 if($act == 'export_html') $act = 'export_xhtml'; 97 98 if(array_search($act,array('login','logout','register','save','edit', 99 'preview','search','show','check','index','revisions', 100 'diff','recent','backlink','admin',)) === false 101 && substr($act,0,7) != 'export_' ) { 102 msg('Unknown command: '.htmlspecialchars($act),-1); 103 return 'show'; 104 } 105 return $act; 106} 107 108/** 109 * Run permissionchecks 110 * 111 * @author Andreas Gohr <andi@splitbrain.org> 112 */ 113function act_permcheck($act){ 114 global $INFO; 115 global $conf; 116 117 if(in_array($act,array('save','preview','edit'))){ 118 if($INFO['exists']){ 119 $permneed = AUTH_EDIT; 120 }else{ 121 $permneed = AUTH_CREATE; 122 } 123 }elseif(in_array($act,array('login','search','recent'))){ 124 $permneed = AUTH_NONE; 125 }elseif($act == 'register'){ 126 if ($conf['openregister']){ 127 $permneed = AUTH_NONE; 128 }else{ 129 $permneed = AUTH_ADMIN; 130 } 131 }elseif($act == 'admin'){ 132 $permneed = AUTH_ADMIN; 133 }else{ 134 $permneed = AUTH_READ; 135 } 136 if($INFO['perm'] >= $permneed) return $act; 137 138 return 'denied'; 139} 140 141/** 142 * Handle 'save' 143 * 144 * Checks for spam and conflicts and saves the page. 145 * Does a redirect to show the page afterwards or 146 * returns a new action. 147 * 148 * @author Andreas Gohr <andi@splitbrain.org> 149 */ 150function act_save($act){ 151 global $ID; 152 global $DATE; 153 global $PRE; 154 global $TEXT; 155 global $SUF; 156 global $SUM; 157 158 //spam check 159 if(checkwordblock()) 160 return 'wordblock'; 161 //conflict check //FIXME use INFO 162 if($DATE != 0 && @filemtime(wikiFN($ID)) > $DATE ) 163 return 'conflict'; 164 165 //save it 166 saveWikiText($ID,con($PRE,$TEXT,$SUF,1),$SUM); //use pretty mode for con 167 //unlock it 168 unlock($ID); 169 170 //show it 171 session_write_close(); 172 header("Location: ".wl($ID,'',true)); 173 exit(); 174} 175 176/** 177 * Handle 'login', 'logout', 'register' 178 * 179 * @author Andreas Gohr <andi@splitbrain.org> 180 */ 181function act_auth($act){ 182 //already logged in? 183 if($_SERVER['REMOTE_USER'] && $act=='login') 184 return 'show'; 185 186 //handle logout 187 if($act=='logout'){ 188 auth_logoff(); 189 return 'login'; 190 } 191 192 //handle register 193 if($act=='register' && register()){ 194 return 'login'; 195 } 196 197 return $act; 198} 199 200/** 201 * Handle 'edit', 'preview' 202 * 203 * @author Andreas Gohr <andi@splitbrain.org> 204 */ 205function act_edit($act){ 206 global $ID; 207 208 //check if locked by anyone - if not lock for my self 209 $lockedby = checklock($ID); 210 if($lockedby) return 'locked'; 211 212 lock($ID); 213 return $act; 214} 215 216/** 217 * Handle 'edit', 'preview' 218 * 219 * @author Andreas Gohr <andi@splitbrain.org> 220 */ 221function act_export($act){ 222 global $ID; 223 global $REV; 224 225 // no renderer for this 226 if($act == 'export_raw'){ 227 header('Content-Type: text/plain; charset=utf-8'); 228 print rawWiki($ID,$REV); 229 exit; 230 } 231 232 // html export #FIXME what about the template's style? 233 if($act == 'export_xhtml'){ 234 header('Content-Type: text/html; charset=utf-8'); 235 ptln('<html>'); 236 ptln('<head>'); 237 tpl_metaheaders(); 238 ptln('</head>'); 239 ptln('<body>'); 240 print p_wiki_xhtml($ID,$REV,false); 241 ptln('</body>'); 242 ptln('</html>'); 243 exit; 244 } 245 246 // try to run renderer #FIXME use cached instructions 247 $mode = substr($act,7); 248 $text = p_render($mode,p_get_instructions(rawWiki($ID,$REV)),$info); 249 if(!is_null($text)){ 250 print $text; 251 exit; 252 } 253 254 255 256 return 'show'; 257} 258 259 260//Setup VIM: ex: et ts=2 enc=utf-8 : 261