18c8c7007SAndreas Gohr<?php 2bc39777fSAndreas Gohr 3bc39777fSAndreas Gohruse dokuwiki\plugin\diagrams\Diagrams; 4bc39777fSAndreas Gohr 58c8c7007SAndreas Gohr/** 68c8c7007SAndreas Gohr * DokuWiki Plugin diagrams (Action Component) 78c8c7007SAndreas Gohr * 88c8c7007SAndreas Gohr * This handles loading and saving embedded diagrams 98c8c7007SAndreas Gohr * 108c8c7007SAndreas Gohr * @license GPL 2 http://www.gnu.org/licenses/gpl-2.0.html 118c8c7007SAndreas Gohr * @author Innovakom + CosmoCode <dokuwiki@cosmocode.de> 128c8c7007SAndreas Gohr */ 138c8c7007SAndreas Gohrclass action_plugin_diagrams_embed extends \dokuwiki\Extension\ActionPlugin 148c8c7007SAndreas Gohr{ 1595ed8ca0SAndreas Gohr /** @var helper_plugin_diagrams */ 1695ed8ca0SAndreas Gohr protected $helper; 178c8c7007SAndreas Gohr 188c8c7007SAndreas Gohr /** @inheritDoc */ 198c8c7007SAndreas Gohr public function register(Doku_Event_Handler $controller) 208c8c7007SAndreas Gohr { 21bc39777fSAndreas Gohr // only register if embed mode is enabled 22bc39777fSAndreas Gohr if (!$this->getConf('mode') & Diagrams::MODE_EMBED) return; 23bc39777fSAndreas Gohr 248c8c7007SAndreas Gohr $controller->register_hook('AJAX_CALL_UNKNOWN', 'BEFORE', $this, 'handleLoad'); 25bc39777fSAndreas Gohr $controller->register_hook('AJAX_CALL_UNKNOWN', 'BEFORE', $this, 'handleSave'); 2695ed8ca0SAndreas Gohr 2795ed8ca0SAndreas Gohr $this->helper = plugin_load('helper', 'diagrams'); 288c8c7007SAndreas Gohr } 298c8c7007SAndreas Gohr 308c8c7007SAndreas Gohr /** 318c8c7007SAndreas Gohr * Load the SVG for an embedded diagram 328c8c7007SAndreas Gohr * 338c8c7007SAndreas Gohr * This locks the page for editing 348c8c7007SAndreas Gohr * 358c8c7007SAndreas Gohr * @see https://www.dokuwiki.org/devel:events:AJAX_CALL_UNKNOWN 368c8c7007SAndreas Gohr * @param Doku_Event $event Event object 378c8c7007SAndreas Gohr * @param mixed $param optional parameter passed when event was registered 388c8c7007SAndreas Gohr * @return void 398c8c7007SAndreas Gohr */ 40146e874bSAndreas Gohr public function handleLoad(Doku_Event $event, $param) 41146e874bSAndreas Gohr { 428c8c7007SAndreas Gohr if ($event->data !== 'plugin_diagrams_embed_load') return; 438c8c7007SAndreas Gohr $event->preventDefault(); 448c8c7007SAndreas Gohr $event->stopPropagation(); 458c8c7007SAndreas Gohr 468c8c7007SAndreas Gohr global $INPUT; 478c8c7007SAndreas Gohr 488c8c7007SAndreas Gohr $id = $INPUT->str('id'); 498c8c7007SAndreas Gohr $pos = $INPUT->int('pos'); 508c8c7007SAndreas Gohr $len = $INPUT->int('len'); 518c8c7007SAndreas Gohr 528c8c7007SAndreas Gohr if (auth_quickaclcheck($id) < AUTH_READ) { // FIXME should we check for EDIT perms on read as well? 538c8c7007SAndreas Gohr http_status(403); 548c8c7007SAndreas Gohr return; 558c8c7007SAndreas Gohr } 568c8c7007SAndreas Gohr 578c8c7007SAndreas Gohr if (!page_exists($id)) { 588c8c7007SAndreas Gohr http_status(404); 598c8c7007SAndreas Gohr return; 608c8c7007SAndreas Gohr } 618c8c7007SAndreas Gohr 628c8c7007SAndreas Gohr if (checklock($id)) { 638c8c7007SAndreas Gohr http_status(423, 'Page Locked'); 648c8c7007SAndreas Gohr return; 658c8c7007SAndreas Gohr } 668c8c7007SAndreas Gohr 678c8c7007SAndreas Gohr $svg = rawWiki($id); 6895ed8ca0SAndreas Gohr if(!$this->helper->isDiagram($svg)) { 6995ed8ca0SAndreas Gohr http_status(400); 7095ed8ca0SAndreas Gohr return; 7195ed8ca0SAndreas Gohr } 7295ed8ca0SAndreas Gohr 7395ed8ca0SAndreas Gohr lock($id); // FIXME we probably need some periodic lock renewal while editing? 7495ed8ca0SAndreas Gohr header('Content-Type: image/svg+xml'); 758c8c7007SAndreas Gohr echo substr($svg, $pos, $len); 768c8c7007SAndreas Gohr } 778c8c7007SAndreas Gohr 788c8c7007SAndreas Gohr /** 798c8c7007SAndreas Gohr * Save a new embedded diagram 808c8c7007SAndreas Gohr * 818c8c7007SAndreas Gohr * @see https://www.dokuwiki.org/devel:events:AJAX_CALL_UNKNOWN 828c8c7007SAndreas Gohr * @param Doku_Event $event Event object 838c8c7007SAndreas Gohr * @param mixed $param optional parameter passed when event was registered 848c8c7007SAndreas Gohr * @return void 858c8c7007SAndreas Gohr */ 868c8c7007SAndreas Gohr public function handleSave(Doku_Event $event, $param) 878c8c7007SAndreas Gohr { 88*317bdfc2SAndreas Gohr if ($event->data !== 'plugin_diagrams_embed_save') return; 898c8c7007SAndreas Gohr $event->preventDefault(); 908c8c7007SAndreas Gohr $event->stopPropagation(); 918c8c7007SAndreas Gohr 928c8c7007SAndreas Gohr global $INPUT; 938c8c7007SAndreas Gohr 948c8c7007SAndreas Gohr $id = $INPUT->str('id'); 95*317bdfc2SAndreas Gohr $svg = $INPUT->str('svg'); 968c8c7007SAndreas Gohr $pos = $INPUT->int('pos'); 978c8c7007SAndreas Gohr $len = $INPUT->int('len'); 988c8c7007SAndreas Gohr 998c8c7007SAndreas Gohr 1008c8c7007SAndreas Gohr if (auth_quickaclcheck($id) < AUTH_EDIT) { 1018c8c7007SAndreas Gohr http_status(403); 1028c8c7007SAndreas Gohr return; 1038c8c7007SAndreas Gohr } 1048c8c7007SAndreas Gohr 1058c8c7007SAndreas Gohr if (!page_exists($id)) { 1068c8c7007SAndreas Gohr http_status(404); 1078c8c7007SAndreas Gohr return; 1088c8c7007SAndreas Gohr } 1098c8c7007SAndreas Gohr 1108c8c7007SAndreas Gohr if (!checkSecurityToken()) { 1118c8c7007SAndreas Gohr http_status(403); 1128c8c7007SAndreas Gohr return; 1138c8c7007SAndreas Gohr } 1148c8c7007SAndreas Gohr 115146e874bSAndreas Gohr if (empty($svg) || substr($svg, 0, 4) !== '<svg') { 116146e874bSAndreas Gohr http_status(400); 117146e874bSAndreas Gohr return; 118146e874bSAndreas Gohr } 119146e874bSAndreas Gohr 12095ed8ca0SAndreas Gohr if(!$this->helper->isDiagram($svg)) { 12195ed8ca0SAndreas Gohr http_status(400); 12295ed8ca0SAndreas Gohr return; 12395ed8ca0SAndreas Gohr } 12495ed8ca0SAndreas Gohr 1258c8c7007SAndreas Gohr $original = rawWiki($id); 1268c8c7007SAndreas Gohr $new = substr($original, 0, $pos) . $svg . substr($original, $pos + $len); 1278c8c7007SAndreas Gohr saveWikiText($id, $new, $this->getLang('embedSaveSummary')); 1288c8c7007SAndreas Gohr unlock($id); 1298c8c7007SAndreas Gohr echo 'OK'; 1308c8c7007SAndreas Gohr } 1318c8c7007SAndreas Gohr 1328c8c7007SAndreas Gohr} 1338c8c7007SAndreas Gohr 134