xref: /plugin/diagrams/action/embed.php (revision bc39777fa364696c1e0053573aadb2d26ce57bd2) 
1<?php
2
3use dokuwiki\plugin\diagrams\Diagrams;
4
5/**
6 * DokuWiki Plugin diagrams (Action Component)
7 *
8 * This handles loading and saving embedded diagrams
9 *
10 * @license GPL 2 http://www.gnu.org/licenses/gpl-2.0.html
11 * @author  Innovakom + CosmoCode <dokuwiki@cosmocode.de>
12 */
13class action_plugin_diagrams_embed extends \dokuwiki\Extension\ActionPlugin
14{
15
16    /** @inheritDoc */
17    public function register(Doku_Event_Handler $controller)
18    {
19        // only register if embed mode is enabled
20        if(!$this->getConf('mode') & Diagrams::MODE_EMBED) return;
21
22        $controller->register_hook('AJAX_CALL_UNKNOWN', 'BEFORE', $this, 'handleLoad');
23        $controller->register_hook('AJAX_CALL_UNKNOWN', 'BEFORE', $this, 'handleSave');
24    }
25
26    /**
27     * Load the SVG for an embedded diagram
28     *
29     * This locks the page for editing
30     *
31     * @see https://www.dokuwiki.org/devel:events:AJAX_CALL_UNKNOWN
32     * @param Doku_Event $event Event object
33     * @param mixed $param optional parameter passed when event was registered
34     * @return void
35     */
36    public function handleLoad(Doku_Event $event, $param) {
37        if($event->data !== 'plugin_diagrams_embed_load') return;
38        $event->preventDefault();
39        $event->stopPropagation();
40
41        global $INPUT;
42
43        $id = $INPUT->str('id');
44        $pos = $INPUT->int('pos');
45        $len = $INPUT->int('len');
46
47        if(auth_quickaclcheck($id) < AUTH_READ) { // FIXME should we check for EDIT perms on read as well?
48            http_status(403);
49            return;
50        }
51
52        if(!page_exists($id)) {
53            http_status(404);
54            return;
55        }
56
57        if(checklock($id)) {
58            http_status(423, 'Page Locked');
59            return;
60        }
61        lock($id); // FIXME we probably need some periodic lock renewal while editing?
62
63        header('Content-Type: image/svg+xml');
64        $svg = rawWiki($id);
65        echo substr($svg, $pos, $len);
66    }
67
68    /**
69     * Save a new embedded diagram
70     *
71     * @see https://www.dokuwiki.org/devel:events:AJAX_CALL_UNKNOWN
72     * @param Doku_Event $event Event object
73     * @param mixed $param optional parameter passed when event was registered
74     * @return void
75     */
76    public function handleSave(Doku_Event $event, $param)
77    {
78        if ($event->data !== 'plugin_diagrams_embed_load') return;
79        $event->preventDefault();
80        $event->stopPropagation();
81
82        global $INPUT;
83
84        $id = $INPUT->str('id');
85        $svg = $INPUT->str('svg'); // FIXME do we want to do any sanity checks on this?
86        $pos = $INPUT->int('pos');
87        $len = $INPUT->int('len');
88
89
90        if(auth_quickaclcheck($id) < AUTH_EDIT) {
91            http_status(403);
92            return;
93        }
94
95        if(!page_exists($id)) {
96            http_status(404);
97            return;
98        }
99
100        if(!checkSecurityToken()) {
101            http_status(403);
102            return;
103        }
104
105        $original = rawWiki($id);
106        $new = substr($original, 0, $pos) . $svg . substr($original, $pos + $len);
107        saveWikiText($id, $new, $this->getLang('embedSaveSummary'));
108        unlock($id);
109        echo 'OK';
110    }
111
112}
113
114