xref: /plugin/diagrams/action/embed.php (revision bc39777fa364696c1e0053573aadb2d26ce57bd2) 
18c8c7007SAndreas Gohr<?php
2*bc39777fSAndreas Gohr
3*bc39777fSAndreas Gohruse dokuwiki\plugin\diagrams\Diagrams;
4*bc39777fSAndreas Gohr
58c8c7007SAndreas Gohr/**
68c8c7007SAndreas Gohr * DokuWiki Plugin diagrams (Action Component)
78c8c7007SAndreas Gohr *
88c8c7007SAndreas Gohr * This handles loading and saving embedded diagrams
98c8c7007SAndreas Gohr *
108c8c7007SAndreas Gohr * @license GPL 2 http://www.gnu.org/licenses/gpl-2.0.html
118c8c7007SAndreas Gohr * @author  Innovakom + CosmoCode <dokuwiki@cosmocode.de>
128c8c7007SAndreas Gohr */
138c8c7007SAndreas Gohrclass action_plugin_diagrams_embed extends \dokuwiki\Extension\ActionPlugin
148c8c7007SAndreas Gohr{
158c8c7007SAndreas Gohr
168c8c7007SAndreas Gohr    /** @inheritDoc */
178c8c7007SAndreas Gohr    public function register(Doku_Event_Handler $controller)
188c8c7007SAndreas Gohr    {
19*bc39777fSAndreas Gohr        // only register if embed mode is enabled
20*bc39777fSAndreas Gohr        if(!$this->getConf('mode') & Diagrams::MODE_EMBED) return;
21*bc39777fSAndreas Gohr
228c8c7007SAndreas Gohr        $controller->register_hook('AJAX_CALL_UNKNOWN', 'BEFORE', $this, 'handleLoad');
23*bc39777fSAndreas Gohr        $controller->register_hook('AJAX_CALL_UNKNOWN', 'BEFORE', $this, 'handleSave');
248c8c7007SAndreas Gohr    }
258c8c7007SAndreas Gohr
268c8c7007SAndreas Gohr    /**
278c8c7007SAndreas Gohr     * Load the SVG for an embedded diagram
288c8c7007SAndreas Gohr     *
298c8c7007SAndreas Gohr     * This locks the page for editing
308c8c7007SAndreas Gohr     *
318c8c7007SAndreas Gohr     * @see https://www.dokuwiki.org/devel:events:AJAX_CALL_UNKNOWN
328c8c7007SAndreas Gohr     * @param Doku_Event $event Event object
338c8c7007SAndreas Gohr     * @param mixed $param optional parameter passed when event was registered
348c8c7007SAndreas Gohr     * @return void
358c8c7007SAndreas Gohr     */
368c8c7007SAndreas Gohr    public function handleLoad(Doku_Event $event, $param) {
378c8c7007SAndreas Gohr        if($event->data !== 'plugin_diagrams_embed_load') return;
388c8c7007SAndreas Gohr        $event->preventDefault();
398c8c7007SAndreas Gohr        $event->stopPropagation();
408c8c7007SAndreas Gohr
418c8c7007SAndreas Gohr        global $INPUT;
428c8c7007SAndreas Gohr
438c8c7007SAndreas Gohr        $id = $INPUT->str('id');
448c8c7007SAndreas Gohr        $pos = $INPUT->int('pos');
458c8c7007SAndreas Gohr        $len = $INPUT->int('len');
468c8c7007SAndreas Gohr
478c8c7007SAndreas Gohr        if(auth_quickaclcheck($id) < AUTH_READ) { // FIXME should we check for EDIT perms on read as well?
488c8c7007SAndreas Gohr            http_status(403);
498c8c7007SAndreas Gohr            return;
508c8c7007SAndreas Gohr        }
518c8c7007SAndreas Gohr
528c8c7007SAndreas Gohr        if(!page_exists($id)) {
538c8c7007SAndreas Gohr            http_status(404);
548c8c7007SAndreas Gohr            return;
558c8c7007SAndreas Gohr        }
568c8c7007SAndreas Gohr
578c8c7007SAndreas Gohr        if(checklock($id)) {
588c8c7007SAndreas Gohr            http_status(423, 'Page Locked');
598c8c7007SAndreas Gohr            return;
608c8c7007SAndreas Gohr        }
618c8c7007SAndreas Gohr        lock($id); // FIXME we probably need some periodic lock renewal while editing?
628c8c7007SAndreas Gohr
638c8c7007SAndreas Gohr        header('Content-Type: image/svg+xml');
648c8c7007SAndreas Gohr        $svg = rawWiki($id);
658c8c7007SAndreas Gohr        echo substr($svg, $pos, $len);
668c8c7007SAndreas Gohr    }
678c8c7007SAndreas Gohr
688c8c7007SAndreas Gohr    /**
698c8c7007SAndreas Gohr     * Save a new embedded diagram
708c8c7007SAndreas Gohr     *
718c8c7007SAndreas Gohr     * @see https://www.dokuwiki.org/devel:events:AJAX_CALL_UNKNOWN
728c8c7007SAndreas Gohr     * @param Doku_Event $event Event object
738c8c7007SAndreas Gohr     * @param mixed $param optional parameter passed when event was registered
748c8c7007SAndreas Gohr     * @return void
758c8c7007SAndreas Gohr     */
768c8c7007SAndreas Gohr    public function handleSave(Doku_Event $event, $param)
778c8c7007SAndreas Gohr    {
788c8c7007SAndreas Gohr        if ($event->data !== 'plugin_diagrams_embed_load') return;
798c8c7007SAndreas Gohr        $event->preventDefault();
808c8c7007SAndreas Gohr        $event->stopPropagation();
818c8c7007SAndreas Gohr
828c8c7007SAndreas Gohr        global $INPUT;
838c8c7007SAndreas Gohr
848c8c7007SAndreas Gohr        $id = $INPUT->str('id');
858c8c7007SAndreas Gohr        $svg = $INPUT->str('svg'); // FIXME do we want to do any sanity checks on this?
868c8c7007SAndreas Gohr        $pos = $INPUT->int('pos');
878c8c7007SAndreas Gohr        $len = $INPUT->int('len');
888c8c7007SAndreas Gohr
898c8c7007SAndreas Gohr
908c8c7007SAndreas Gohr        if(auth_quickaclcheck($id) < AUTH_EDIT) {
918c8c7007SAndreas Gohr            http_status(403);
928c8c7007SAndreas Gohr            return;
938c8c7007SAndreas Gohr        }
948c8c7007SAndreas Gohr
958c8c7007SAndreas Gohr        if(!page_exists($id)) {
968c8c7007SAndreas Gohr            http_status(404);
978c8c7007SAndreas Gohr            return;
988c8c7007SAndreas Gohr        }
998c8c7007SAndreas Gohr
1008c8c7007SAndreas Gohr        if(!checkSecurityToken()) {
1018c8c7007SAndreas Gohr            http_status(403);
1028c8c7007SAndreas Gohr            return;
1038c8c7007SAndreas Gohr        }
1048c8c7007SAndreas Gohr
1058c8c7007SAndreas Gohr        $original = rawWiki($id);
1068c8c7007SAndreas Gohr        $new = substr($original, 0, $pos) . $svg . substr($original, $pos + $len);
1078c8c7007SAndreas Gohr        saveWikiText($id, $new, $this->getLang('embedSaveSummary'));
1088c8c7007SAndreas Gohr        unlock($id);
1098c8c7007SAndreas Gohr        echo 'OK';
1108c8c7007SAndreas Gohr    }
1118c8c7007SAndreas Gohr
1128c8c7007SAndreas Gohr}
1138c8c7007SAndreas Gohr
114