1<?php 2/** 3 * DokuWiki Actions 4 * 5 * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) 6 * @author Andreas Gohr <andi@splitbrain.org> 7 */ 8 9 if(!defined('DOKU_INC')) define('DOKU_INC',realpath(dirname(__FILE__).'/../').'/'); 10 require_once(DOKU_INC.'inc/template.php'); 11 12 13/** 14 * Call the needed action handlers 15 * 16 * @author Andreas Gohr <andi@splitbrain.org> 17 */ 18function act_dispatch(){ 19 global $INFO; 20 global $ACT; 21 global $ID; 22 global $QUERY; 23 global $lang; 24 global $conf; 25 26 //sanitize $ACT 27 $ACT = act_clean($ACT); 28 29 //check if searchword was given - else just show 30 if($ACT == 'search' && empty($QUERY)){ 31 $ACT = 'show'; 32 } 33 34 //login stuff 35 if(in_array($ACT,array('login','logout'))) 36 $ACT = act_auth($ACT); 37 38 //check if user is asking to (un)subscribe a page 39 if($ACT == 'subscribe' || $ACT == 'unsubscribe') 40 $ACT = act_subscription($ACT); 41 42 //check permissions 43 $ACT = act_permcheck($ACT); 44 45 //register 46 if($ACT == 'register' && register()){ 47 $ACT = 'login'; 48 } 49 50 if ($ACT == 'resendpwd' && act_resendpwd()) { 51 $ACT = 'login'; 52 } 53 54 //update user profile 55 if (($ACT == 'profile') && updateprofile()) { 56 msg($lang['profchanged'],1); 57 $ACT = 'show'; 58 } 59 60 //save 61 if($ACT == 'save') 62 $ACT = act_save($ACT); 63 64 //edit 65 if(($ACT == 'edit' || $ACT == 'preview') && $INFO['editable']){ 66 $ACT = act_edit($ACT); 67 }else{ 68 unlock($ID); //try to unlock 69 } 70 71 //handle export 72 if(substr($ACT,0,7) == 'export_') 73 $ACT = act_export($ACT); 74 75 //display some infos 76 if($ACT == 'check'){ 77 check(); 78 $ACT = 'show'; 79 } 80 81 //handle admin tasks 82 if($ACT == 'admin'){ 83 // retrieve admin plugin name from $_REQUEST['page'] 84 if ($_REQUEST['page']) { 85 $pluginlist = plugin_list('admin'); 86 if (in_array($_REQUEST['page'], $pluginlist)) { 87 // attempt to load the plugin 88 if ($plugin =& plugin_load('admin',$_REQUEST['page']) !== NULL) 89 $plugin->handle(); 90 } 91 } 92/* 93 if($_REQUEST['page'] == 'acl'){ 94 require_once(DOKU_INC.'inc/admin_acl.php'); 95 admin_acl_handler(); 96 } 97*/ 98 } 99 100 //call template FIXME: all needed vars available? 101 header('Content-Type: text/html; charset=utf-8'); 102 include(template('main.php')); 103 // output for the commands is now handled in inc/templates.php 104 // in function tpl_content() 105} 106 107/** 108 * Sanitize the action command 109 * 110 * Add all allowed commands here. 111 * 112 * @author Andreas Gohr <andi@splitbrain.org> 113 */ 114function act_clean($act){ 115 global $lang; 116 117 //handle localized buttons 118 if($act == $lang['btn_save']) $act = 'save'; 119 if($act == $lang['btn_preview']) $act = 'preview'; 120 if($act == $lang['btn_cancel']) $act = 'show'; 121 122 //remove all bad chars 123 $act = strtolower($act); 124 $act = preg_replace('/[^a-z_]+/','',$act); 125 126 if($act == 'export_html') $act = 'export_xhtml'; 127 128 if(array_search($act,array('login','logout','register','save','edit', 129 'preview','search','show','check','index','revisions', 130 'diff','recent','backlink','admin','subscribe', 131 'unsubscribe','profile','resendpwd',)) === false 132 && substr($act,0,7) != 'export_' ) { 133 msg('Unknown command: '.htmlspecialchars($act),-1); 134 return 'show'; 135 } 136 return $act; 137} 138 139/** 140 * Run permissionchecks 141 * 142 * @author Andreas Gohr <andi@splitbrain.org> 143 */ 144function act_permcheck($act){ 145 global $INFO; 146 global $conf; 147 148 if(in_array($act,array('save','preview','edit'))){ 149 if($INFO['exists']){ 150 if($act == 'edit'){ 151 //the edit function will check again and do a source show 152 //when no AUTH_EDIT available 153 $permneed = AUTH_READ; 154 }else{ 155 $permneed = AUTH_EDIT; 156 } 157 }else{ 158 $permneed = AUTH_CREATE; 159 } 160 }elseif(in_array($act,array('login','search','recent','profile'))){ 161 $permneed = AUTH_NONE; 162 }elseif($act == 'register'){ 163 if ($conf['openregister']){ 164 $permneed = AUTH_NONE; 165 }else{ 166 $permneed = AUTH_ADMIN; 167 } 168 }elseif($act == 'admin'){ 169 $permneed = AUTH_ADMIN; 170 }else{ 171 $permneed = AUTH_READ; 172 } 173 if($INFO['perm'] >= $permneed) return $act; 174 175 return 'denied'; 176} 177 178/** 179 * Handle 'save' 180 * 181 * Checks for spam and conflicts and saves the page. 182 * Does a redirect to show the page afterwards or 183 * returns a new action. 184 * 185 * @author Andreas Gohr <andi@splitbrain.org> 186 */ 187function act_save($act){ 188 global $ID; 189 global $DATE; 190 global $PRE; 191 global $TEXT; 192 global $SUF; 193 global $SUM; 194 195 //spam check 196 if(checkwordblock()) 197 return 'wordblock'; 198 //conflict check //FIXME use INFO 199 if($DATE != 0 && @filemtime(wikiFN($ID)) > $DATE ) 200 return 'conflict'; 201 202 //save it 203 saveWikiText($ID,con($PRE,$TEXT,$SUF,1),$SUM,$_REQUEST['minor']); //use pretty mode for con 204 //unlock it 205 unlock($ID); 206 207 //show it 208 session_write_close(); 209 header("Location: ".wl($ID,'',true)); 210 exit(); 211} 212 213/** 214 * Handle 'login', 'logout' 215 * 216 * @author Andreas Gohr <andi@splitbrain.org> 217 */ 218function act_auth($act){ 219 global $ID; 220 global $INFO; 221 222 //already logged in? 223 if($_SERVER['REMOTE_USER'] && $act=='login') 224 return 'show'; 225 226 //handle logout 227 if($act=='logout'){ 228 $lockedby = checklock($ID); //page still locked? 229 if($lockedby == $_SERVER['REMOTE_USER']) 230 unlock($ID); //try to unlock 231 232 // do the logout stuff 233 auth_logoff(); 234 235 // rebuild info array 236 $INFO = pageinfo(); 237 238 return 'login'; 239 } 240 241 return $act; 242} 243 244/** 245 * Handle 'edit', 'preview' 246 * 247 * @author Andreas Gohr <andi@splitbrain.org> 248 */ 249function act_edit($act){ 250 global $ID; 251 252 //check if locked by anyone - if not lock for my self 253 $lockedby = checklock($ID); 254 if($lockedby) return 'locked'; 255 256 lock($ID); 257 return $act; 258} 259 260/** 261 * Handle 'edit', 'preview' 262 * 263 * @author Andreas Gohr <andi@splitbrain.org> 264 */ 265function act_export($act){ 266 global $ID; 267 global $REV; 268 269 // no renderer for this 270 if($act == 'export_raw'){ 271 header('Content-Type: text/plain; charset=utf-8'); 272 print rawWiki($ID,$REV); 273 exit; 274 } 275 276 // html export #FIXME what about the template's style? 277 if($act == 'export_xhtml'){ 278 header('Content-Type: text/html; charset=utf-8'); 279 ptln('<html>'); 280 ptln('<head>'); 281 tpl_metaheaders(); 282 ptln('</head>'); 283 ptln('<body>'); 284 print p_wiki_xhtml($ID,$REV,false); 285 ptln('</body>'); 286 ptln('</html>'); 287 exit; 288 } 289 290 // try to run renderer #FIXME use cached instructions 291 $mode = substr($act,7); 292 $text = p_render($mode,p_get_instructions(rawWiki($ID,$REV)),$info); 293 if(!is_null($text)){ 294 print $text; 295 exit; 296 } 297 298 299 300 return 'show'; 301} 302 303/** 304 * Handle 'subscribe', 'unsubscribe' 305 * 306 * @author Steven Danz <steven-danz@kc.rr.com> 307 * @todo localize 308 */ 309function act_subscription($act){ 310 global $ID; 311 global $INFO; 312 global $lang; 313 314 $file=metaFN($ID,'.mlist'); 315 if ($act=='subscribe' && !$INFO['subscribed']){ 316 if ($INFO['userinfo']['mail']){ 317 if (io_saveFile($file,$_SERVER['REMOTE_USER']."\n",true)) { 318 $INFO['subscribed'] = true; 319 msg(sprintf($lang[$act.'_success'], $INFO['userinfo']['name'], $ID),1); 320 } else { 321 msg(sprintf($lang[$act.'_error'], $INFO['userinfo']['name'], $ID),1); 322 } 323 } else { 324 msg($lang['subscribe_noaddress']); 325 } 326 } elseif ($act=='unsubscribe' && $INFO['subscribed']){ 327 if (io_deleteFromFile($file,$_SERVER['REMOTE_USER']."\n")) { 328 $INFO['subscribed'] = false; 329 msg(sprintf($lang[$act.'_success'], $INFO['userinfo']['name'], $ID),1); 330 } else { 331 msg(sprintf($lang[$act.'_error'], $INFO['userinfo']['name'], $ID),1); 332 } 333 } 334 335 return 'show'; 336} 337 338//Setup VIM: ex: et ts=2 enc=utf-8 : 339