1<?php 2/** 3 * DokuWiki Plugin fileshare (Syntax Component) 4 * 5 * @license GPL 2 http://www.gnu.org/licenses/gpl-2.0.html 6 * @author Soft2C.de <info@soft2c.de> 7 */ 8 9if (! defined ( 'NL' )) 10 define ( 'NL', "\n" ); 11if (! defined ( 'DOKU_INC' )) 12 define ( 'DOKU_INC', dirname ( __FILE__ ) . '/../../' ); 13if (! defined ( 'DOKU_PLUGIN' )) 14 define ( 'DOKU_PLUGIN', DOKU_INC . 'lib/plugins/' ); 15require_once (DOKU_PLUGIN . 'syntax.php'); 16require_once (DOKU_INC . 'inc/media.php'); 17require_once (DOKU_INC . 'inc/auth.php'); 18 19require_once (DOKU_INC . 'inc/infoutils.php'); 20 21class syntax_plugin_fileshare_Fileshare extends DokuWiki_Syntax_Plugin { 22 /** 23 * @return string Syntax mode type 24 */ 25 public function getType() { 26 return 'container'; 27 } 28 /** 29 * @return string Paragraph type 30 */ 31 public function getPType() { 32 return 'normal'; 33 } 34 /** 35 * @return int Sort order - Low numbers go before high numbers 36 */ 37 public function getSort() { 38 return 280; 39 } 40 41 /** 42 * Connect lookup pattern to lexer. 43 * 44 * @param string $mode Parser mode 45 */ 46 public function connectTo($mode) { 47 $this->Lexer->addSpecialPattern ( '\{\{FileSharing\}\}', $mode, 'plugin_fileshare_Fileshare' ); 48 $this->Lexer->addSpecialPattern ( '\{\{FileSharing>.+\}\}', $mode, 'plugin_fileshare_Fileshare' ); 49 } 50 51 /** 52 * Handle matches of the fileshare syntax 53 * 54 * @param string $match The match of the syntax 55 * @param int $state The state of the handler 56 * @param int $pos The position in the document 57 * @param Doku_Handler $handler The handler 58 * @return array Data for the renderer 59 */ 60 public function handle($match, $state, $pos, Doku_Handler $handler){ 61 $pos = strpos($match, "{{FileSharing>"); 62 if($pos !== FALSE){ 63 $data = explode("|",preg_replace("/{{FileSharing>(.*?)}}/","\\1",$match)); 64 return $data; 65 } 66 67 $data = array (); 68 return $data; 69 } 70 71 /** 72 * Render xhtml output or metadata 73 * 74 * @param string $mode Renderer mode (supported modes: xhtml) 75 * @param Doku_Renderer $renderer The renderer 76 * @param array $data The data from the handler() function 77 * @return bool If rendering was successful. 78 */ 79 public function render($mode, Doku_Renderer $renderer, $data) { 80 if ($_FILES ['upload'] ['tmp_name']) { 81 $dir = $_POST ['ns']; 82 $tmp_name = $_FILES ['upload'] ['tmp_name']; 83 // basename() kann Directory-Traversal-Angriffe verhindern; 84 // weitere Validierung/Bereinigung des Dateinamens kann angebracht sein 85 $name = basename ( $_FILES ['upload'] ['name'] ); 86 87 if ( move_uploaded_file ( $tmp_name, $dir . '/' . $name )=== FALSE) { 88 $lastError = error_get_last(); 89 $err = $lastError ? "Error: ".$lastError["message"]." on line ".$lastError["line"] : ""; 90 $renderer->doc .= 'Fehler beim Upload! '.$err; 91 } 92 } 93 if($mode != 'xhtml') return false; 94 95 $renderer->nocache(); 96 97 if(empty($data)){ 98 $givenDir=''; 99 } 100 else{ 101 $givenDir= current($data); 102 } 103 104 $this->renderForm ( $givenDir, $renderer ); 105 106 return true; 107 } 108 109 private function renderForm($dir, $renderer) { 110 global $ID; 111 $archivRootDir = $this->getConf ( 'archivRootDir' ); 112 113 if(!isset($archivRootDir) || trim($archivRootDir)===''){ 114 $renderer->doc .= 'Please set the root dir to archive files in the admin section!'; 115 } 116 else 117 { 118 $fileDir = $archivRootDir; 119 120 if(isset($dir) && trim($dir)!==''){ 121 $fileDir =$fileDir. '/' . $dir; 122 } 123 124 $this->createDir ( $fileDir, $renderer ); 125 126 127 128 $renderer->doc .= '<div style="padding:4px 8px 4px 8px;">'; 129 130 $renderer->doc .= '<h2>' . $fileDir . '</h2>'; 131 132 133 $delete = false; 134 if (isset ( $_GET ['action'] )) { 135 $action = $_GET ['action']; 136 if (strcmp ( $action, 'DELETE' ) == 0) { 137 $delete = true; 138 } 139 } 140 141// $renderer->doc .= '<form action="' . wl ( $ID ) . '" method="GET" name="fileshare" id="fileshare">'; 142// $renderer->doc .= <<<EOT 143// <input type="hidden" name="id" value="$_REQUEST[id]" /> 144// EOT; 145// $renderer->doc .= '</form>'; 146 if($this->isAuthorized('role_upload')){ 147 $renderer->doc .= $this->upload_plugin_uploadform ( $fileDir ); 148 } 149 $renderer->doc .= '</div>'; 150 $renderer->doc .= $this->readFileList ( $fileDir, $delete); 151 } 152 } 153 154 private function createDir($dir, $renderer) { 155 if (! file_exists ( $dir )) { 156 if (! mkdir ( $dir, 0755, true )) { 157 $renderer->doc .= 'Erstellung der Verzeichnisse: ' . $dir . ' schlug fehl...'; 158 } 159 } 160 } 161 162 private function readFileList($dir, $delete) { 163 $refreshbutton = $this->getLang ( 'refreshbutton' ); 164 $loeschenbutton = $this->getLang ( 'loeschenbutton' ); 165 166 $html .= '<div style="padding:4px 8px 4px 8px;">'; 167 $html .= '<form action="' . $_SERVER ['PHP_SELF'] . '" method="GET" name="filesharelist" id="filesharelist">'; 168 $html .= '<input type="hidden" name="id" value="' . $_REQUEST[id]. '" />'; 169 if($this->isAuthorized('role_delete')){ 170 $html .= '<button style="float:left" name="action" value="DELETE" type="submit"> ' . $loeschenbutton . ' </button>'; 171 $html .= '<button style="float:left" name="action" value="REFRESH" type="submit"> ' . $refreshbutton . ' </button>'; 172 } 173 $cdir = scandir ( $dir ); 174 foreach ( $cdir as $key => $value ) { 175 if (! in_array ( $value, array ( 176 ".", 177 ".." 178 ) )) { 179 $fileHash = 'f'.hash('md5', $value, false); 180 if( $delete == true && isset ( $_GET[$fileHash] )&& strcmp ( $_GET[$fileHash], 'on' ) == 0){ 181 if(unlink($dir.'/'.$value)== true){ 182 $html .= '<br>'.$this->getLang ( 'file_deleted' ) . $value; 183 } 184 else{ 185 $html .= '<br>'.$this->getLang ( 'file_not_deleted' ); 186 if($this->isAuthorized('role_download')) 187 $html .= '<a href="filesharedownload.php?file=' . $value . '&something=' . hsc ( $dir ) . '">' . $value . '</a>'; 188 else 189 $html .=$value; 190 } 191 }else{ 192 if($this->isAuthorized('role_delete')) 193 $html .= '<br><input type="checkbox" id="' . $fileHash . '" name="' . $fileHash . '" > : '; 194 else 195 $html .= '<br>'; 196 if($this->isAuthorized('role_download')) 197 $html .= '<a href="filesharedownload.php?file=' . $value . '&something=' . hsc ( $dir ) . '">' . $value . '</a>'; 198 else 199 $html .= $value; 200 } 201 } 202 } 203 $html .= '</form>'; 204 $html .= '</div>'; 205 206 return $html; 207 } 208 209 function upload_plugin_uploadform($ns) { 210 global $ID; 211 global $lang; 212 $html = ''; 213 214 $params = array (); 215 $params ['id'] = 'plugin_fileshare_Fileshare'; 216 $params ['action'] = wl ( $ID ); 217 $params ['method'] = 'post'; 218 $params ['enctype'] = 'multipart/form-data'; 219 $params ['class'] = 'plugin_fileshare_Fileshare'; 220 221 // Modification of the default dw HTML upload form 222 $form = new Doku_Form ( $params ); 223 $form->addElement ( formSecurityToken () ); 224 // $form->addHidden ( 'page', hsc ( $ID ) ); 225 $form->addHidden ( 'ns', hsc ( $ns ) ); 226 $form->addElement ( form_makeFileField ( 'upload', '', 'upload__file' ) ); 227 $form->addElement ( form_makeButton ( 'submit', '', $lang ['btn_upload'] ) ); 228 $form->endFieldset (); 229 230 $html .= '<div class="plugin_fileshare_Fileshare"><p>' . NL; 231 $html .= $form->getForm (); 232 $html .= '</p></div>' . NL; 233 return $html; 234 } 235 236 private function isAuthorized($settingRole) { 237 $allowedUserGroups = $this->getConf ( $settingRole); 238 239 $allowedUserGroups = utf8_strtolower ( $allowedUserGroups ); 240 $members = explode ( ',', $allowedUserGroups ); 241 $members = array_map ( 'trim', $members ); 242 $members = array_unique ( $members ); 243 $members = array_filter ( $members ); 244 245 // compare cleaned values 246 foreach ( $members as $member ) { 247 if ($member == 'all') 248 return true; 249 } 250 251 global $INPUT; 252 $remoteUser = $INPUT->server->str ( 'REMOTE_USER' ); 253 254 if (! $remoteUser) { 255 return false; 256 } 257 258 global $USERINFO; 259 $groups = $USERINFO ['grps']; 260 261 foreach ( $members as $member ) { 262 if (in_array ( $member, $groups )) 263 return true; 264 else { 265 if ($member == $remoteUser) 266 return true; 267 } 268 } 269 270 return false; 271 } 272} 273 274// vim:ts=4:sw=4:et: 275