1<?php
2/**
3 * Federated Login for DokuWiki - ajax calls handler
4 *
5 * Enables your DokuWiki to provide users with
6 * Hybrid OAuth + OpenId federated login.
7 *
8 * @copyright  2012 Aoi Karasu
9 * @license    GPL 2 (http://www.gnu.org/licenses/gpl.html)
10 * @link       http://www.dokuwiki.org/plugin:fedauth
11 * @author     Aoi Karasu <aoikarasu@gmail.com>
12 */
13
14// Default Dokuwiki AJAX handler requires $_GET['call'] or $_POST['call'] set
15// to process the request. Thus setting any of these variables is condition
16// for action_plugin_fedauth::isAjaxCall() to recognize an AJAX request.
17// Until this custom handler is reimpelemented, a dummy value is used to
18// signal that the authorization process should skip the timout check.
19$_GET['call'] = 'dummy';
20
21//fix for Opera XMLHttpRequests
22if(!count($_POST) && !empty($HTTP_RAW_POST_DATA)){
23  parse_str($HTTP_RAW_POST_DATA, $_POST);
24}
25
26if(!defined('DOKU_INC_LOC')) define('DOKU_INC_LOC',dirname(__FILE__).'/../../../');
27require_once(DOKU_INC_LOC.'inc/init.php');
28// close session
29session_write_close();
30
31// TODO: incorporate manager permissions according to plugin settings
32if(!auth_isadmin()) die('for admins only');
33if(!checkSecurityToken()) die('CRSF Attack');
34
35$ID = getID();
36
37$fa = plugin_load('admin','fedauth');
38$fa->handle();
39
40$ajax = $_REQUEST['ajax'];
41header('Content-Type: text/html; charset=utf-8');
42
43$fa->ajax();
44
45/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
46