xref: /plugin/diagrams/action/embed.php (revision 8c8c70074e1156a58dbfd89fe9e41e3dd346fb54) 
1*8c8c7007SAndreas Gohr<?php
2*8c8c7007SAndreas Gohr/**
3*8c8c7007SAndreas Gohr * DokuWiki Plugin diagrams (Action Component)
4*8c8c7007SAndreas Gohr *
5*8c8c7007SAndreas Gohr * This handles loading and saving embedded diagrams
6*8c8c7007SAndreas Gohr *
7*8c8c7007SAndreas Gohr * @license GPL 2 http://www.gnu.org/licenses/gpl-2.0.html
8*8c8c7007SAndreas Gohr * @author  Innovakom + CosmoCode <dokuwiki@cosmocode.de>
9*8c8c7007SAndreas Gohr */
10*8c8c7007SAndreas Gohrclass action_plugin_diagrams_embed extends \dokuwiki\Extension\ActionPlugin
11*8c8c7007SAndreas Gohr{
12*8c8c7007SAndreas Gohr
13*8c8c7007SAndreas Gohr    /** @inheritDoc */
14*8c8c7007SAndreas Gohr    public function register(Doku_Event_Handler $controller)
15*8c8c7007SAndreas Gohr    {
16*8c8c7007SAndreas Gohr        // FIXME only register this when enabled in config
17*8c8c7007SAndreas Gohr        $controller->register_hook('AJAX_CALL_UNKNOWN', 'BEFORE', $this, 'handleLoad');
18*8c8c7007SAndreas Gohr    }
19*8c8c7007SAndreas Gohr
20*8c8c7007SAndreas Gohr    /**
21*8c8c7007SAndreas Gohr     * Load the SVG for an embedded diagram
22*8c8c7007SAndreas Gohr     *
23*8c8c7007SAndreas Gohr     * This locks the page for editing
24*8c8c7007SAndreas Gohr     *
25*8c8c7007SAndreas Gohr     * @see https://www.dokuwiki.org/devel:events:AJAX_CALL_UNKNOWN
26*8c8c7007SAndreas Gohr     * @param Doku_Event $event Event object
27*8c8c7007SAndreas Gohr     * @param mixed $param optional parameter passed when event was registered
28*8c8c7007SAndreas Gohr     * @return void
29*8c8c7007SAndreas Gohr     */
30*8c8c7007SAndreas Gohr    public function handleLoad(Doku_Event $event, $param) {
31*8c8c7007SAndreas Gohr        if($event->data !== 'plugin_diagrams_embed_load') return;
32*8c8c7007SAndreas Gohr        $event->preventDefault();
33*8c8c7007SAndreas Gohr        $event->stopPropagation();
34*8c8c7007SAndreas Gohr
35*8c8c7007SAndreas Gohr        global $INPUT;
36*8c8c7007SAndreas Gohr
37*8c8c7007SAndreas Gohr        $id = $INPUT->str('id');
38*8c8c7007SAndreas Gohr        $pos = $INPUT->int('pos');
39*8c8c7007SAndreas Gohr        $len = $INPUT->int('len');
40*8c8c7007SAndreas Gohr
41*8c8c7007SAndreas Gohr        if(auth_quickaclcheck($id) < AUTH_READ) { // FIXME should we check for EDIT perms on read as well?
42*8c8c7007SAndreas Gohr            http_status(403);
43*8c8c7007SAndreas Gohr            return;
44*8c8c7007SAndreas Gohr        }
45*8c8c7007SAndreas Gohr
46*8c8c7007SAndreas Gohr        if(!page_exists($id)) {
47*8c8c7007SAndreas Gohr            http_status(404);
48*8c8c7007SAndreas Gohr            return;
49*8c8c7007SAndreas Gohr        }
50*8c8c7007SAndreas Gohr
51*8c8c7007SAndreas Gohr        if(checklock($id)) {
52*8c8c7007SAndreas Gohr            http_status(423, 'Page Locked');
53*8c8c7007SAndreas Gohr            return;
54*8c8c7007SAndreas Gohr        }
55*8c8c7007SAndreas Gohr        lock($id); // FIXME we probably need some periodic lock renewal while editing?
56*8c8c7007SAndreas Gohr
57*8c8c7007SAndreas Gohr        header('Content-Type: image/svg+xml');
58*8c8c7007SAndreas Gohr        $svg = rawWiki($id);
59*8c8c7007SAndreas Gohr        echo substr($svg, $pos, $len);
60*8c8c7007SAndreas Gohr    }
61*8c8c7007SAndreas Gohr
62*8c8c7007SAndreas Gohr    /**
63*8c8c7007SAndreas Gohr     * Save a new embedded diagram
64*8c8c7007SAndreas Gohr     *
65*8c8c7007SAndreas Gohr     * @see https://www.dokuwiki.org/devel:events:AJAX_CALL_UNKNOWN
66*8c8c7007SAndreas Gohr     * @param Doku_Event $event Event object
67*8c8c7007SAndreas Gohr     * @param mixed $param optional parameter passed when event was registered
68*8c8c7007SAndreas Gohr     * @return void
69*8c8c7007SAndreas Gohr     */
70*8c8c7007SAndreas Gohr    public function handleSave(Doku_Event $event, $param)
71*8c8c7007SAndreas Gohr    {
72*8c8c7007SAndreas Gohr        if ($event->data !== 'plugin_diagrams_embed_load') return;
73*8c8c7007SAndreas Gohr        $event->preventDefault();
74*8c8c7007SAndreas Gohr        $event->stopPropagation();
75*8c8c7007SAndreas Gohr
76*8c8c7007SAndreas Gohr        global $INPUT;
77*8c8c7007SAndreas Gohr
78*8c8c7007SAndreas Gohr        $id = $INPUT->str('id');
79*8c8c7007SAndreas Gohr        $svg = $INPUT->str('svg'); // FIXME do we want to do any sanity checks on this?
80*8c8c7007SAndreas Gohr        $pos = $INPUT->int('pos');
81*8c8c7007SAndreas Gohr        $len = $INPUT->int('len');
82*8c8c7007SAndreas Gohr
83*8c8c7007SAndreas Gohr
84*8c8c7007SAndreas Gohr        if(auth_quickaclcheck($id) < AUTH_EDIT) {
85*8c8c7007SAndreas Gohr            http_status(403);
86*8c8c7007SAndreas Gohr            return;
87*8c8c7007SAndreas Gohr        }
88*8c8c7007SAndreas Gohr
89*8c8c7007SAndreas Gohr        if(!page_exists($id)) {
90*8c8c7007SAndreas Gohr            http_status(404);
91*8c8c7007SAndreas Gohr            return;
92*8c8c7007SAndreas Gohr        }
93*8c8c7007SAndreas Gohr
94*8c8c7007SAndreas Gohr        if(!checkSecurityToken()) {
95*8c8c7007SAndreas Gohr            http_status(403);
96*8c8c7007SAndreas Gohr            return;
97*8c8c7007SAndreas Gohr        }
98*8c8c7007SAndreas Gohr
99*8c8c7007SAndreas Gohr        $original = rawWiki($id);
100*8c8c7007SAndreas Gohr        $new = substr($original, 0, $pos) . $svg . substr($original, $pos + $len);
101*8c8c7007SAndreas Gohr        saveWikiText($id, $new, $this->getLang('embedSaveSummary'));
102*8c8c7007SAndreas Gohr        unlock($id);
103*8c8c7007SAndreas Gohr        echo 'OK';
104*8c8c7007SAndreas Gohr    }
105*8c8c7007SAndreas Gohr
106*8c8c7007SAndreas Gohr}
107*8c8c7007SAndreas Gohr
108