18c8c7007SAndreas Gohr<?php 2bc39777fSAndreas Gohr 3bc39777fSAndreas Gohruse dokuwiki\plugin\diagrams\Diagrams; 4bc39777fSAndreas Gohr 58c8c7007SAndreas Gohr/** 68c8c7007SAndreas Gohr * DokuWiki Plugin diagrams (Action Component) 78c8c7007SAndreas Gohr * 88c8c7007SAndreas Gohr * This handles loading and saving embedded diagrams 98c8c7007SAndreas Gohr * 108c8c7007SAndreas Gohr * @license GPL 2 http://www.gnu.org/licenses/gpl-2.0.html 118c8c7007SAndreas Gohr * @author Innovakom + CosmoCode <dokuwiki@cosmocode.de> 128c8c7007SAndreas Gohr */ 138c8c7007SAndreas Gohrclass action_plugin_diagrams_embed extends \dokuwiki\Extension\ActionPlugin 148c8c7007SAndreas Gohr{ 158c8c7007SAndreas Gohr 168c8c7007SAndreas Gohr /** @inheritDoc */ 178c8c7007SAndreas Gohr public function register(Doku_Event_Handler $controller) 188c8c7007SAndreas Gohr { 19bc39777fSAndreas Gohr // only register if embed mode is enabled 20bc39777fSAndreas Gohr if (!$this->getConf('mode') & Diagrams::MODE_EMBED) return; 21bc39777fSAndreas Gohr 228c8c7007SAndreas Gohr $controller->register_hook('AJAX_CALL_UNKNOWN', 'BEFORE', $this, 'handleLoad'); 23bc39777fSAndreas Gohr $controller->register_hook('AJAX_CALL_UNKNOWN', 'BEFORE', $this, 'handleSave'); 248c8c7007SAndreas Gohr } 258c8c7007SAndreas Gohr 268c8c7007SAndreas Gohr /** 278c8c7007SAndreas Gohr * Load the SVG for an embedded diagram 288c8c7007SAndreas Gohr * 298c8c7007SAndreas Gohr * This locks the page for editing 308c8c7007SAndreas Gohr * 318c8c7007SAndreas Gohr * @see https://www.dokuwiki.org/devel:events:AJAX_CALL_UNKNOWN 328c8c7007SAndreas Gohr * @param Doku_Event $event Event object 338c8c7007SAndreas Gohr * @param mixed $param optional parameter passed when event was registered 348c8c7007SAndreas Gohr * @return void 358c8c7007SAndreas Gohr */ 36*146e874bSAndreas Gohr public function handleLoad(Doku_Event $event, $param) 37*146e874bSAndreas Gohr { 388c8c7007SAndreas Gohr if ($event->data !== 'plugin_diagrams_embed_load') return; 398c8c7007SAndreas Gohr $event->preventDefault(); 408c8c7007SAndreas Gohr $event->stopPropagation(); 418c8c7007SAndreas Gohr 428c8c7007SAndreas Gohr global $INPUT; 438c8c7007SAndreas Gohr 448c8c7007SAndreas Gohr $id = $INPUT->str('id'); 458c8c7007SAndreas Gohr $pos = $INPUT->int('pos'); 468c8c7007SAndreas Gohr $len = $INPUT->int('len'); 478c8c7007SAndreas Gohr 488c8c7007SAndreas Gohr if (auth_quickaclcheck($id) < AUTH_READ) { // FIXME should we check for EDIT perms on read as well? 498c8c7007SAndreas Gohr http_status(403); 508c8c7007SAndreas Gohr return; 518c8c7007SAndreas Gohr } 528c8c7007SAndreas Gohr 538c8c7007SAndreas Gohr if (!page_exists($id)) { 548c8c7007SAndreas Gohr http_status(404); 558c8c7007SAndreas Gohr return; 568c8c7007SAndreas Gohr } 578c8c7007SAndreas Gohr 588c8c7007SAndreas Gohr if (checklock($id)) { 598c8c7007SAndreas Gohr http_status(423, 'Page Locked'); 608c8c7007SAndreas Gohr return; 618c8c7007SAndreas Gohr } 628c8c7007SAndreas Gohr lock($id); // FIXME we probably need some periodic lock renewal while editing? 638c8c7007SAndreas Gohr 648c8c7007SAndreas Gohr header('Content-Type: image/svg+xml'); 658c8c7007SAndreas Gohr $svg = rawWiki($id); 668c8c7007SAndreas Gohr echo substr($svg, $pos, $len); 678c8c7007SAndreas Gohr } 688c8c7007SAndreas Gohr 698c8c7007SAndreas Gohr /** 708c8c7007SAndreas Gohr * Save a new embedded diagram 718c8c7007SAndreas Gohr * 728c8c7007SAndreas Gohr * @see https://www.dokuwiki.org/devel:events:AJAX_CALL_UNKNOWN 738c8c7007SAndreas Gohr * @param Doku_Event $event Event object 748c8c7007SAndreas Gohr * @param mixed $param optional parameter passed when event was registered 758c8c7007SAndreas Gohr * @return void 768c8c7007SAndreas Gohr */ 778c8c7007SAndreas Gohr public function handleSave(Doku_Event $event, $param) 788c8c7007SAndreas Gohr { 798c8c7007SAndreas Gohr if ($event->data !== 'plugin_diagrams_embed_load') return; 808c8c7007SAndreas Gohr $event->preventDefault(); 818c8c7007SAndreas Gohr $event->stopPropagation(); 828c8c7007SAndreas Gohr 838c8c7007SAndreas Gohr global $INPUT; 848c8c7007SAndreas Gohr 858c8c7007SAndreas Gohr $id = $INPUT->str('id'); 868c8c7007SAndreas Gohr $svg = $INPUT->str('svg'); // FIXME do we want to do any sanity checks on this? 878c8c7007SAndreas Gohr $pos = $INPUT->int('pos'); 888c8c7007SAndreas Gohr $len = $INPUT->int('len'); 898c8c7007SAndreas Gohr 908c8c7007SAndreas Gohr 918c8c7007SAndreas Gohr if (auth_quickaclcheck($id) < AUTH_EDIT) { 928c8c7007SAndreas Gohr http_status(403); 938c8c7007SAndreas Gohr return; 948c8c7007SAndreas Gohr } 958c8c7007SAndreas Gohr 968c8c7007SAndreas Gohr if (!page_exists($id)) { 978c8c7007SAndreas Gohr http_status(404); 988c8c7007SAndreas Gohr return; 998c8c7007SAndreas Gohr } 1008c8c7007SAndreas Gohr 1018c8c7007SAndreas Gohr if (!checkSecurityToken()) { 1028c8c7007SAndreas Gohr http_status(403); 1038c8c7007SAndreas Gohr return; 1048c8c7007SAndreas Gohr } 1058c8c7007SAndreas Gohr 106*146e874bSAndreas Gohr if (empty($svg) || substr($svg, 0, 4) !== '<svg') { 107*146e874bSAndreas Gohr http_status(400); 108*146e874bSAndreas Gohr return; 109*146e874bSAndreas Gohr } 110*146e874bSAndreas Gohr 1118c8c7007SAndreas Gohr $original = rawWiki($id); 1128c8c7007SAndreas Gohr $new = substr($original, 0, $pos) . $svg . substr($original, $pos + $len); 1138c8c7007SAndreas Gohr saveWikiText($id, $new, $this->getLang('embedSaveSummary')); 1148c8c7007SAndreas Gohr unlock($id); 1158c8c7007SAndreas Gohr echo 'OK'; 1168c8c7007SAndreas Gohr } 1178c8c7007SAndreas Gohr 1188c8c7007SAndreas Gohr} 1198c8c7007SAndreas Gohr 120