172dda0b4SAndreas Gohr<?php 28553d24dSAndreas Gohr 38553d24dSAndreas Gohruse dokuwiki\Extension\ActionPlugin; 48553d24dSAndreas Gohruse dokuwiki\Extension\Event; 5*5732c960SAndreas Gohruse dokuwiki\Extension\EventHandler; 6*5732c960SAndreas Gohruse dokuwiki\plugin\extension\Extension; 7*5732c960SAndreas Gohruse dokuwiki\plugin\extension\GuiExtension; 8d4f83172SAndreas Gohr 972dda0b4SAndreas Gohr/** DokuWiki Plugin extension (Action Component) 1072dda0b4SAndreas Gohr * 1172dda0b4SAndreas Gohr * @license GPL 2 http://www.gnu.org/licenses/gpl-2.0.html 1272dda0b4SAndreas Gohr * @author Andreas Gohr <andi@splitbrain.org> 1372dda0b4SAndreas Gohr */ 148553d24dSAndreas Gohrclass action_plugin_extension extends ActionPlugin 1518b1e90aSAndreas Gohr{ 1672dda0b4SAndreas Gohr /** 1772dda0b4SAndreas Gohr * Registers a callback function for a given event 1872dda0b4SAndreas Gohr * 195c483796SAndreas Gohr * @param EventHandler $controller DokuWiki's event controller object 2072dda0b4SAndreas Gohr * @return void 2172dda0b4SAndreas Gohr */ 228553d24dSAndreas Gohr public function register(EventHandler $controller) 2318b1e90aSAndreas Gohr { 24*5732c960SAndreas Gohr $controller->register_hook('AJAX_CALL_UNKNOWN', 'BEFORE', $this, 'handleAjaxToggle'); 2572dda0b4SAndreas Gohr } 2672dda0b4SAndreas Gohr 274c005e3fSAndreas Gohr /** 28*5732c960SAndreas Gohr * Toggle an extension via AJAX 29*5732c960SAndreas Gohr * 30*5732c960SAndreas Gohr * Returns the new HTML for the extension 314c005e3fSAndreas Gohr * 325c483796SAndreas Gohr * @param Event $event 334c005e3fSAndreas Gohr * @param $param 344c005e3fSAndreas Gohr */ 35*5732c960SAndreas Gohr public function handleAjaxToggle(Event $event, $param) 3618b1e90aSAndreas Gohr { 3772dda0b4SAndreas Gohr global $INPUT; 38da5f0eeeSAndreas Gohr 39b15cd32dSjgpcx if ($event->data != 'plugin_extension') return; 40b15cd32dSjgpcx $event->preventDefault(); 41b15cd32dSjgpcx $event->stopPropagation(); 42b15cd32dSjgpcx 43dda9db03SAndreas Gohr /** @var admin_plugin_extension $admin */ 44dda9db03SAndreas Gohr $admin = plugin_load('admin', 'extension'); 45dda9db03SAndreas Gohr if (!$admin->isAccessibleByCurrentUser()) { 46da5f0eeeSAndreas Gohr http_status(403); 47da5f0eeeSAndreas Gohr echo 'Forbidden'; 48da5f0eeeSAndreas Gohr exit; 49da5f0eeeSAndreas Gohr } 50da5f0eeeSAndreas Gohr 5172dda0b4SAndreas Gohr $ext = $INPUT->str('ext'); 5272dda0b4SAndreas Gohr if (!$ext) { 53fd51614bSAndreas Gohr http_status(400); 5472dda0b4SAndreas Gohr echo 'no extension given'; 5572dda0b4SAndreas Gohr return; 5672dda0b4SAndreas Gohr } 5772dda0b4SAndreas Gohr 5896f679faSAndreas Gohr if (getSecurityToken() != $INPUT->str('sectok')) { 5996f679faSAndreas Gohr http_status(403); 6096f679faSAndreas Gohr echo 'Security Token did not match. Possible CSRF attack.'; 6196f679faSAndreas Gohr return; 6296f679faSAndreas Gohr } 63fd51614bSAndreas Gohr 64*5732c960SAndreas Gohr $extension = Extension::createFromId($ext); 65*5732c960SAndreas Gohr $extension->toggle(); 66fd51614bSAndreas Gohr header('Content-Type: text/html; charset=utf-8'); 67*5732c960SAndreas Gohr echo (new GuiExtension($extension))->render(); 68fd51614bSAndreas Gohr } 6972dda0b4SAndreas Gohr} 70