1<?php
2/**
3 * DokuWiki Plugin fileshare (Syntax Component)
4 *
5 * @license GPL 2 http://www.gnu.org/licenses/gpl-2.0.html
6 * @author  Soft2C.de <info@soft2c.de>
7 */
8
9if (! defined ( 'NL' ))
10	define ( 'NL', "\n" );
11if (! defined ( 'DOKU_INC' ))
12	define ( 'DOKU_INC', dirname ( __FILE__ ) . '/../../' );
13if (! defined ( 'DOKU_PLUGIN' ))
14	define ( 'DOKU_PLUGIN', DOKU_INC . 'lib/plugins/' );
15require_once (DOKU_PLUGIN . 'syntax.php');
16require_once (DOKU_INC . 'inc/media.php');
17require_once (DOKU_INC . 'inc/auth.php');
18
19require_once (DOKU_INC . 'inc/infoutils.php');
20
21class syntax_plugin_fileshare_Fileshare extends DokuWiki_Syntax_Plugin {
22    /**
23     * @return string Syntax mode type
24     */
25    public function getType() {
26        return 'container';
27    }
28    /**
29     * @return string Paragraph type
30     */
31    public function getPType() {
32        return 'normal';
33    }
34    /**
35     * @return int Sort order - Low numbers go before high numbers
36     */
37    public function getSort() {
38        return 280;
39    }
40
41    /**
42     * Connect lookup pattern to lexer.
43     *
44     * @param string $mode Parser mode
45     */
46    public function connectTo($mode) {
47    	$this->Lexer->addSpecialPattern ( '\{\{FileSharing\}\}', $mode, 'plugin_fileshare_Fileshare' );
48    	$this->Lexer->addSpecialPattern ( '\{\{FileSharing>.+\}\}', $mode, 'plugin_fileshare_Fileshare' );
49    }
50
51    /**
52     * Handle matches of the fileshare syntax
53     *
54     * @param string          $match   The match of the syntax
55     * @param int             $state   The state of the handler
56     * @param int             $pos     The position in the document
57     * @param Doku_Handler    $handler The handler
58     * @return array Data for the renderer
59     */
60    public function handle($match, $state, $pos, Doku_Handler $handler){
61    	$pos = strpos($match, "{{FileSharing>");
62    	if($pos !== FALSE){
63    		$data = explode("|",preg_replace("/{{FileSharing>(.*?)}}/","\\1",$match));
64    		return $data;
65    	}
66
67    	$data = array ();
68    	return $data;
69    }
70
71    /**
72     * Render xhtml output or metadata
73     *
74     * @param string         $mode      Renderer mode (supported modes: xhtml)
75     * @param Doku_Renderer  $renderer  The renderer
76     * @param array          $data      The data from the handler() function
77     * @return bool If rendering was successful.
78     */
79    public function render($mode, Doku_Renderer $renderer, $data) {
80    	//if ($_FILES ['upload'] ['tmp_name']) {
81    	if(isset($_FILES['upload']) ){
82    		$dir = $_POST ['ns'];
83    		$tmp_name = $_FILES ['upload'] ['tmp_name'];
84    		// basename() kann Directory-Traversal-Angriffe verhindern;
85    		// weitere Validierung/Bereinigung des Dateinamens kann angebracht sein
86    		$name = basename ( $_FILES ['upload'] ['name'] );
87
88    		if ( move_uploaded_file ( $tmp_name, $dir . '/' . $name )=== FALSE) {
89    			$lastError = error_get_last();
90    			$err = $lastError ? "Error: ".$lastError["message"]." on line ".$lastError["line"] : "";
91    			$renderer->doc .= 'Fehler beim Upload! '.$err;
92    		}
93    	}
94        if($mode != 'xhtml') return false;
95
96        $renderer->nocache();
97
98        if(empty($data)){
99        	$givenDir='';
100        }
101        else{
102        	$givenDir= current($data);
103        }
104
105        $this->renderForm ( $givenDir, $renderer  );
106
107        return true;
108    }
109
110    private function renderForm($dir, $renderer) {
111    	global $ID;
112    	$archivRootDir = $this->getConf ( 'archivRootDir' );
113
114    	if(!isset($archivRootDir) || trim($archivRootDir)===''){
115    		$renderer->doc .= 'Please set the root dir to archive files in the admin section!';
116    	}
117    	else
118    	{
119    		$fileDir = $archivRootDir;
120
121    		if(isset($dir) && trim($dir)!==''){
122    			$fileDir =$fileDir. '/' . $dir;
123    		}
124
125    		$this->createDir ( $fileDir, $renderer );
126
127
128
129    		$renderer->doc .= '<div style="padding:4px 8px 4px 8px;">';
130
131    		$renderer->doc .= '<h2>' .  $fileDir . '</h2>';
132
133
134    		$delete = false;
135    		if (isset ( $_GET ['action'] )) {
136    			$action = $_GET ['action'];
137    			if (strcmp ( $action, 'DELETE' ) == 0) {
138    				$delete = true;
139    			}
140    		}
141
142//     		$renderer->doc .= '<form action="' . wl ( $ID ) . '" method="GET" name="fileshare" id="fileshare">';
143//     		$renderer->doc .= <<<EOT
144// <input type="hidden" name="id" value="$_REQUEST[id]" />
145// EOT;
146//     		$renderer->doc .= '</form>';
147			if($this->isAuthorized('role_upload')){
148    			$renderer->doc .= $this->upload_plugin_uploadform ( $fileDir );
149			}
150    		$renderer->doc .= '</div>';
151    		$renderer->doc .= $this->readFileList ( $fileDir, $delete);
152    	}
153    }
154
155    private function createDir($dir, $renderer) {
156    	if (! file_exists ( $dir )) {
157    		if (! mkdir ( $dir, 0755, true )) {
158    			$renderer->doc .= 'Erstellung der Verzeichnisse: ' . $dir . ' schlug fehl...';
159    		}
160    	}
161    }
162
163    private function readFileList($dir, $delete) {
164    	$refreshbutton = $this->getLang ( 'refreshbutton' );
165    	$loeschenbutton = $this->getLang ( 'loeschenbutton' );
166    	$html ='';
167    	$html .= '<div style="padding:4px 8px 4px 8px;">';
168    	$html .= '<form action="' . $_SERVER ['PHP_SELF'] . '" method="GET" name="filesharelist" id="filesharelist">';
169    	$html .= '<input type="hidden" name="id_" value="' . $_REQUEST['id']. '" />';
170    	if($this->isAuthorized('role_delete')){
171	    	$html .= '<button style="float:left" name="action" value="DELETE" type="submit"> ' . $loeschenbutton . ' </button>';
172	    	$html .= '<button style="float:left" name="action" value="REFRESH" type="submit"> ' . $refreshbutton . ' </button>';
173    	}
174    	$cdir = scandir ( $dir );
175    	foreach ( $cdir as $key => $value ) {
176    		if (! in_array ( $value, array (
177    				".",
178    				".."
179    		) )) {
180    			$fileHash = 'f'.hash('md5', $value, false);
181    			if( $delete == true && isset (  $_GET[$fileHash] )&& strcmp ( $_GET[$fileHash], 'on' ) == 0){
182    				if(unlink($dir.'/'.$value)== true){
183    				$html .= '<br>'.$this->getLang ( 'file_deleted' ) . $value;
184    				}
185    				else{
186    					$html .= '<br>'.$this->getLang ( 'file_not_deleted' );
187    					if($this->isAuthorized('role_download'))
188    						$html .= '<a href="filesharedownload.php?file=' . $value . '&something=' . hsc ( $dir ) . '">' . $value . '</a>';
189    					else
190    						$html .=$value;
191    				}
192    			}else{
193    				if($this->isAuthorized('role_delete'))
194	    				$html .= '<br><input type="checkbox" id="' . $fileHash . '" name="' . $fileHash . '" >  : ';
195    				else
196    					$html .= '<br>';
197	    			if($this->isAuthorized('role_download'))
198    					$html .= '<a href="filesharedownload.php?file=' . $value . '&something=' . hsc ( $dir ) . '">' . $value . '</a>';
199    				else
200    					$html .= $value;
201    			}
202    		}
203    	}
204    	$html .= '</form>';
205    	$html .= '</div>';
206
207    	return $html;
208    }
209
210    function upload_plugin_uploadform($ns) {
211    	global $ID;
212    	global $lang;
213    	$html = '';
214
215    	$params = array ();
216    	$params ['id'] = 'plugin_fileshare_Fileshare';
217    	$params ['action'] = wl ( $ID );
218    	$params ['method'] = 'post';
219    	$params ['enctype'] = 'multipart/form-data';
220    	$params ['class'] = 'plugin_fileshare_Fileshare';
221
222    	// Modification of the default dw HTML upload form
223    	$form = new Doku_Form ( $params );
224    	$form->addElement ( formSecurityToken () );
225    	// 		$form->addHidden ( 'page', hsc ( $ID ) );
226    	$form->addHidden ( 'ns', hsc ( $ns ) );
227    	$form->addElement ( form_makeFileField ( 'upload', '', 'upload__file' ) );
228    	$form->addElement ( form_makeButton ( 'submit', '', $lang ['btn_upload'] ) );
229    	$form->endFieldset ();
230
231    	$html .= '<div class="plugin_fileshare_Fileshare"><p>' . NL;
232    	$html .= $form->getForm ();
233    	$html .= '</p></div>' . NL;
234    	return $html;
235    }
236
237    private function isAuthorized($settingRole) {
238    	$allowedUserGroups = $this->getConf ( $settingRole);
239
240    	$allowedUserGroups = utf8_strtolower ( $allowedUserGroups );
241    	$members = explode ( ',', $allowedUserGroups );
242    	$members = array_map ( 'trim', $members );
243    	$members = array_unique ( $members );
244    	$members = array_filter ( $members );
245
246    	// compare cleaned values
247    	foreach ( $members as $member ) {
248    		if ($member == 'all')
249    			return true;
250    	}
251
252    	global $INPUT;
253    	$remoteUser = $INPUT->server->str ( 'REMOTE_USER' );
254
255    	if (! $remoteUser) {
256    		return false;
257    	}
258
259    	global $USERINFO;
260    	$groups = $USERINFO ['grps'];
261
262    	foreach ( $members as $member ) {
263	    	if (in_array ( $member, $groups ))
264	    		return true;
265	    	else {
266	    		if ($member == $remoteUser)
267	    			return true;
268	    	}
269    	}
270
271    	return false;
272    }
273}
274
275// vim:ts=4:sw=4:et:
276