summaryrefslogtreecommitdiff
path: root/inc
diff options
context:
space:
mode:
Diffstat (limited to 'inc')
-rw-r--r--inc/IXR_Library.php7
-rw-r--r--inc/RemoteAPICore.php767
-rw-r--r--inc/auth.php2
-rw-r--r--inc/httputils.php8
-rw-r--r--inc/init.php2
-rw-r--r--inc/load.php5
-rw-r--r--inc/remote.php253
7 files changed, 1038 insertions, 6 deletions
diff --git a/inc/IXR_Library.php b/inc/IXR_Library.php
index 80b534b2e..d1e877813 100644
--- a/inc/IXR_Library.php
+++ b/inc/IXR_Library.php
@@ -302,11 +302,12 @@ class IXR_Server {
}
function serve($data = false) {
if (!$data) {
- global $HTTP_RAW_POST_DATA;
- if (!$HTTP_RAW_POST_DATA) {
+
+ $postData = trim(http_get_raw_post_data());
+ if (!$postData) {
die('XML-RPC server accepts POST requests only.');
}
- $data = $HTTP_RAW_POST_DATA;
+ $data = $postData;
}
$this->message = new IXR_Message($data);
if (!$this->message->parse()) {
diff --git a/inc/RemoteAPICore.php b/inc/RemoteAPICore.php
new file mode 100644
index 000000000..450c6f39e
--- /dev/null
+++ b/inc/RemoteAPICore.php
@@ -0,0 +1,767 @@
+<?php
+
+/**
+ * Increased whenever the API is changed
+ */
+define('DOKU_API_VERSION', 7);
+
+class RemoteAPICore {
+
+ private $api;
+
+ public function __construct(RemoteAPI $api) {
+ $this->api = $api;
+ }
+
+ function __getRemoteInfo() {
+ return array(
+ 'dokuwiki.getVersion' => array(
+ 'args' => array(),
+ 'return' => 'string',
+ 'doc' => 'Returns the running DokuWiki version.'
+ ), 'dokuwiki.login' => array(
+ 'args' => array('string', 'string'),
+ 'return' => 'int',
+ 'doc' => 'Tries to login with the given credentials and sets auth cookies.',
+ 'public' => '1'
+ ), 'dokuwiki.getPagelist' => array(
+ 'args' => array('string', 'array'),
+ 'return' => 'array',
+ 'doc' => 'List all pages within the given namespace.',
+ 'name' => 'readNamespace'
+ ), 'dokuwiki.search' => array(
+ 'args' => array('string'),
+ 'return' => 'array',
+ 'doc' => 'Perform a fulltext search and return a list of matching pages'
+ ), 'dokuwiki.getTime' => array(
+ 'args' => array(),
+ 'return' => 'int',
+ 'doc' => 'Returns the current time at the remote wiki server as Unix timestamp.',
+ ), 'dokuwiki.setLocks' => array(
+ 'args' => array('array'),
+ 'return' => 'array',
+ 'doc' => 'Lock or unlock pages.'
+ ), 'dokuwiki.getTitle' => array(
+ 'args' => array(),
+ 'return' => 'string',
+ 'doc' => 'Returns the wiki title.'
+ ), 'dokuwiki.appendPage' => array(
+ 'args' => array('string', 'string', 'array'),
+ 'return' => 'int',
+ 'doc' => 'Append text to a wiki page.'
+ ), 'wiki.getPage' => array(
+ 'args' => array('string'),
+ 'return' => 'string',
+ 'doc' => 'Get the raw Wiki text of page, latest version.',
+ 'name' => 'rawPage',
+ ), 'wiki.getPageVersion' => array(
+ 'args' => array('string', 'int'),
+ 'name' => 'rawPage',
+ 'return' => 'string',
+ 'doc' => 'Return a raw wiki page'
+ ), 'wiki.getPageHTML' => array(
+ 'args' => array('string'),
+ 'return' => 'string',
+ 'doc' => 'Return page in rendered HTML, latest version.',
+ 'name' => 'htmlPage'
+ ), 'wiki.getPageHTMLVersion' => array(
+ 'args' => array('string', 'int'),
+ 'return' => 'string',
+ 'doc' => 'Return page in rendered HTML.',
+ 'name' => 'htmlPage'
+ ), 'wiki.getAllPages' => array(
+ 'args' => array(),
+ 'return' => 'array',
+ 'doc' => 'Returns a list of all pages. The result is an array of utf8 pagenames.',
+ 'name' => 'listPages'
+ ), 'wiki.getAttachments' => array(
+ 'args' => array('string', 'array'),
+ 'return' => 'array',
+ 'doc' => 'Returns a list of all media files.',
+ 'name' => 'listAttachments'
+ ), 'wiki.getBackLinks' => array(
+ 'args' => array('string'),
+ 'return' => 'array',
+ 'doc' => 'Returns the pages that link to this page.',
+ 'name' => 'listBackLinks'
+ ), 'wiki.getPageInfo' => array(
+ 'args' => array('string'),
+ 'return' => 'array',
+ 'doc' => 'Returns a struct with infos about the page.',
+ 'name' => 'pageInfo'
+ ), 'wiki.getPageInfoVersion' => array(
+ 'args' => array('string', 'int'),
+ 'return' => 'array',
+ 'doc' => 'Returns a struct with infos about the page.',
+ 'name' => 'pageInfo'
+ ), 'wiki.getPageVersions' => array(
+ 'args' => array('string', 'int'),
+ 'return' => 'array',
+ 'doc' => 'Returns the available revisions of the page.',
+ 'name' => 'pageVersions'
+ ), 'wiki.putPage' => array(
+ 'args' => array('string', 'string', 'array'),
+ 'return' => 'int',
+ 'doc' => 'Saves a wiki page.'
+ ), 'wiki.listLinks' => array(
+ 'args' => array('string'),
+ 'return' => 'array',
+ 'doc' => 'Lists all links contained in a wiki page.'
+ ), 'wiki.getRecentChanges' => array(
+ 'args' => array('int'),
+ 'return' => 'array',
+ 'Returns a struct about all recent changes since given timestamp.'
+ ), 'wiki.getRecentMediaChanges' => array(
+ 'args' => array('int'),
+ 'return' => 'array',
+ 'Returns a struct about all recent media changes since given timestamp.'
+ ), 'wiki.aclCheck' => array(
+ 'args' => array('string'),
+ 'return' => 'int',
+ 'doc' => 'Returns the permissions of a given wiki page.'
+ ), 'wiki.putAttachment' => array(
+ 'args' => array('string', 'file', 'array'),
+ 'return' => 'array',
+ 'doc' => 'Upload a file to the wiki.'
+ ), 'wiki.deleteAttachment' => array(
+ 'args' => array('string'),
+ 'return' => 'int',
+ 'doc' => 'Delete a file from the wiki.'
+ ), 'wiki.getAttachment' => array(
+ 'args' => array('string'),
+ 'doc' => 'Return a media file',
+ 'return' => 'file',
+ 'name' => 'getAttachment',
+ ), 'wiki.getAttachmentInfo' => array(
+ 'args' => array('string'),
+ 'return' => 'array',
+ 'doc' => 'Returns a struct with infos about the attachment.'
+ ), 'dokuwiki.getXMLRPCAPIVersion' => array(
+ 'args' => array(),
+ 'name' => 'getAPIVersion',
+ 'return' => 'int',
+ 'doc' => 'Returns the XMLRPC API version.',
+ 'public' => '1',
+ ), 'wiki.getRPCVersionSupported' => array(
+ 'args' => array(),
+ 'name' => 'wiki_RPCVersion',
+ 'return' => 'int',
+ 'doc' => 'Returns 2 with the supported RPC API version.',
+ 'public' => '1'
+ ),
+
+ );
+ }
+
+ function getVersion() {
+ return getVersion();
+ }
+
+ function getTime() {
+ return time();
+ }
+
+ /**
+ * Return a raw wiki page
+ * @param string $id wiki page id
+ * @param string $rev revision number of the page
+ * @return page text.
+ */
+ function rawPage($id,$rev=''){
+ $id = cleanID($id);
+ if(auth_quickaclcheck($id) < AUTH_READ){
+ throw new RemoteAccessDeniedException('You are not allowed to read this file', 111);
+ }
+ $text = rawWiki($id,$rev);
+ if(!$text) {
+ return pageTemplate($id);
+ } else {
+ return $text;
+ }
+ }
+
+ /**
+ * Return a media file
+ *
+ * @author Gina Haeussge <osd@foosel.net>
+ * @param string $id file id
+ * @return media file
+ */
+ function getAttachment($id){
+ $id = cleanID($id);
+ if (auth_quickaclcheck(getNS($id).':*') < AUTH_READ) {
+ throw new RemoteAccessDeniedException('You are not allowed to read this file', 211);
+ }
+
+ $file = mediaFN($id);
+ if (!@ file_exists($file)) {
+ throw new RemoteException('The requested file does not exist', 221);
+ }
+
+ $data = io_readFile($file, false);
+ return $this->api->toFile($data);
+ }
+
+ /**
+ * Return info about a media file
+ *
+ * @author Gina Haeussge <osd@foosel.net>
+ */
+ function getAttachmentInfo($id){
+ $id = cleanID($id);
+ $info = array(
+ 'lastModified' => $this->api->toDate(0),
+ 'size' => 0,
+ );
+
+ $file = mediaFN($id);
+ if ((auth_quickaclcheck(getNS($id).':*') >= AUTH_READ) && file_exists($file)){
+ $info['lastModified'] = $this->api->toDate(filemtime($file));
+ $info['size'] = filesize($file);
+ }
+
+ return $info;
+ }
+
+ /**
+ * Return a wiki page rendered to html
+ */
+ function htmlPage($id,$rev=''){
+ $id = cleanID($id);
+ if(auth_quickaclcheck($id) < AUTH_READ){
+ throw new RemoteAccessDeniedException('You are not allowed to read this page', 111);
+ }
+ return p_wiki_xhtml($id,$rev,false);
+ }
+
+ /**
+ * List all pages - we use the indexer list here
+ */
+ function listPages(){
+ $list = array();
+ $pages = idx_get_indexer()->getPages();
+ $pages = array_filter(array_filter($pages,'isVisiblePage'),'page_exists');
+
+ foreach(array_keys($pages) as $idx) {
+ $perm = auth_quickaclcheck($pages[$idx]);
+ if($perm < AUTH_READ) {
+ continue;
+ }
+ $page = array();
+ $page['id'] = trim($pages[$idx]);
+ $page['perms'] = $perm;
+ $page['size'] = @filesize(wikiFN($pages[$idx]));
+ $page['lastModified'] = $this->api->toDate(@filemtime(wikiFN($pages[$idx])));
+ $list[] = $page;
+ }
+
+ return $list;
+ }
+
+ /**
+ * List all pages in the given namespace (and below)
+ */
+ function readNamespace($ns,$opts){
+ global $conf;
+
+ if(!is_array($opts)) $opts=array();
+
+ $ns = cleanID($ns);
+ $dir = utf8_encodeFN(str_replace(':', '/', $ns));
+ $data = array();
+ $opts['skipacl'] = 0; // no ACL skipping for XMLRPC
+ search($data, $conf['datadir'], 'search_allpages', $opts, $dir);
+ return $data;
+ }
+
+ /**
+ * List all pages in the given namespace (and below)
+ */
+ function search($query){
+ $regex = '';
+ $data = ft_pageSearch($query,$regex);
+ $pages = array();
+
+ // prepare additional data
+ $idx = 0;
+ foreach($data as $id => $score){
+ $file = wikiFN($id);
+
+ if($idx < FT_SNIPPET_NUMBER){
+ $snippet = ft_snippet($id,$regex);
+ $idx++;
+ }else{
+ $snippet = '';
+ }
+
+ $pages[] = array(
+ 'id' => $id,
+ 'score' => intval($score),
+ 'rev' => filemtime($file),
+ 'mtime' => filemtime($file),
+ 'size' => filesize($file),
+ 'snippet' => $snippet,
+ );
+ }
+ return $pages;
+ }
+
+ /**
+ * Returns the wiki title.
+ */
+ function getTitle(){
+ global $conf;
+ return $conf['title'];
+ }
+
+ /**
+ * List all media files.
+ *
+ * Available options are 'recursive' for also including the subnamespaces
+ * in the listing, and 'pattern' for filtering the returned files against
+ * a regular expression matching their name.
+ *
+ * @author Gina Haeussge <osd@foosel.net>
+ */
+ function listAttachments($ns, $options = array()) {
+ global $conf;
+
+ $ns = cleanID($ns);
+
+ if (!is_array($options)) $options = array();
+ $options['skipacl'] = 0; // no ACL skipping for XMLRPC
+
+
+ if(auth_quickaclcheck($ns.':*') >= AUTH_READ) {
+ $dir = utf8_encodeFN(str_replace(':', '/', $ns));
+
+ $data = array();
+ search($data, $conf['mediadir'], 'search_media', $options, $dir);
+ $len = count($data);
+ if(!$len) return array();
+
+ for($i=0; $i<$len; $i++) {
+ unset($data[$i]['meta']);
+ $data[$i]['lastModified'] = $this->api->toDate($data[$i]['mtime']);
+ }
+ return $data;
+ } else {
+ throw new RemoteAccessDeniedException('You are not allowed to list media files.', 215);
+ }
+ }
+
+ /**
+ * Return a list of backlinks
+ */
+ function listBackLinks($id){
+ return ft_backlinks(cleanID($id));
+ }
+
+ /**
+ * Return some basic data about a page
+ */
+ function pageInfo($id,$rev=''){
+ $id = cleanID($id);
+ if(auth_quickaclcheck($id) < AUTH_READ){
+ throw new RemoteAccessDeniedException('You are not allowed to read this page', 111);
+ }
+ $file = wikiFN($id,$rev);
+ $time = @filemtime($file);
+ if(!$time){
+ throw new RemoteException(10, 'The requested page does not exist', 121);
+ }
+
+ $info = getRevisionInfo($id, $time, 1024);
+
+ $data = array(
+ 'name' => $id,
+ 'lastModified' => $this->api->toDate($time),
+ 'author' => (($info['user']) ? $info['user'] : $info['ip']),
+ 'version' => $time
+ );
+
+ return ($data);
+ }
+
+ /**
+ * Save a wiki page
+ *
+ * @author Michael Klier <chi@chimeric.de>
+ */
+ function putPage($id, $text, $params) {
+ global $TEXT;
+ global $lang;
+
+ $id = cleanID($id);
+ $TEXT = cleanText($text);
+ $sum = $params['sum'];
+ $minor = $params['minor'];
+
+ if(empty($id)) {
+ throw new RemoteException('Empty page ID', 131);
+ }
+
+ if(!page_exists($id) && trim($TEXT) == '' ) {
+ throw new RemoteException('Refusing to write an empty new wiki page', 132);
+ }
+
+ if(auth_quickaclcheck($id) < AUTH_EDIT) {
+ throw new RemoteAccessDeniedException('You are not allowed to edit this page', 112);
+ }
+
+ // Check, if page is locked
+ if(checklock($id)) {
+ throw new RemoteException('The page is currently locked', 133);
+ }
+
+ // SPAM check
+ if(checkwordblock()) {
+ throw new RemoteException('Positive wordblock check', 134);
+ }
+
+ // autoset summary on new pages
+ if(!page_exists($id) && empty($sum)) {
+ $sum = $lang['created'];
+ }
+
+ // autoset summary on deleted pages
+ if(page_exists($id) && empty($TEXT) && empty($sum)) {
+ $sum = $lang['deleted'];
+ }
+
+ lock($id);
+
+ saveWikiText($id,$TEXT,$sum,$minor);
+
+ unlock($id);
+
+ // run the indexer if page wasn't indexed yet
+ idx_addPage($id);
+
+ return 0;
+ }
+
+ /**
+ * Appends text to a wiki page.
+ */
+ function appendPage($id, $text, $params) {
+ $currentpage = $this->rawPage($id);
+ if (!is_string($currentpage)) {
+ return $currentpage;
+ }
+ return $this->putPage($id, $currentpage.$text, $params);
+ }
+
+ /**
+ * Uploads a file to the wiki.
+ *
+ * Michael Klier <chi@chimeric.de>
+ */
+ function putAttachment($id, $file, $params) {
+ $id = cleanID($id);
+ $auth = auth_quickaclcheck(getNS($id).':*');
+
+ if(!isset($id)) {
+ throw new RemoteException('Filename not given.', 231);
+ }
+
+ global $conf;
+
+ $ftmp = $conf['tmpdir'] . '/' . md5($id.clientIP());
+
+ // save temporary file
+ @unlink($ftmp);
+ io_saveFile($ftmp, $file->getValue());
+
+ $res = media_save(array('name' => $ftmp), $id, $params['ow'], $auth, 'rename');
+ if (is_array($res)) {
+ throw new RemoteException($res[0], -$res[1]);
+ } else {
+ return $res;
+ }
+ }
+
+ /**
+ * Deletes a file from the wiki.
+ *
+ * @author Gina Haeussge <osd@foosel.net>
+ */
+ function deleteAttachment($id){
+ $id = cleanID($id);
+ $auth = auth_quickaclcheck(getNS($id).':*');
+ $res = media_delete($id, $auth);
+ if ($res & DOKU_MEDIA_DELETED) {
+ return 0;
+ } elseif ($res & DOKU_MEDIA_NOT_AUTH) {
+ throw new RemoteAccessDeniedException('You don\'t have permissions to delete files.', 212);
+ } elseif ($res & DOKU_MEDIA_INUSE) {
+ throw new RemoteException('File is still referenced', 232);
+ } else {
+ throw new RemoteException('Could not delete file', 233);
+ }
+ }
+
+ /**
+ * Returns the permissions of a given wiki page
+ */
+ function aclCheck($id) {
+ $id = cleanID($id);
+ return auth_quickaclcheck($id);
+ }
+
+ /**
+ * Lists all links contained in a wiki page
+ *
+ * @author Michael Klier <chi@chimeric.de>
+ */
+ function listLinks($id) {
+ $id = cleanID($id);
+ if(auth_quickaclcheck($id) < AUTH_READ){
+ throw new RemoteAccessDeniedException('You are not allowed to read this page', 111);
+ }
+ $links = array();
+
+ // resolve page instructions
+ $ins = p_cached_instructions(wikiFN($id));
+
+ // instantiate new Renderer - needed for interwiki links
+ include(DOKU_INC.'inc/parser/xhtml.php');
+ $Renderer = new Doku_Renderer_xhtml();
+ $Renderer->interwiki = getInterwiki();
+
+ // parse parse instructions
+ foreach($ins as $in) {
+ $link = array();
+ switch($in[0]) {
+ case 'internallink':
+ $link['type'] = 'local';
+ $link['page'] = $in[1][0];
+ $link['href'] = wl($in[1][0]);
+ array_push($links,$link);
+ break;
+ case 'externallink':
+ $link['type'] = 'extern';
+ $link['page'] = $in[1][0];
+ $link['href'] = $in[1][0];
+ array_push($links,$link);
+ break;
+ case 'interwikilink':
+ $url = $Renderer->_resolveInterWiki($in[1][2],$in[1][3]);
+ $link['type'] = 'extern';
+ $link['page'] = $url;
+ $link['href'] = $url;
+ array_push($links,$link);
+ break;
+ }
+ }
+
+ return ($links);
+ }
+
+ /**
+ * Returns a list of recent changes since give timestamp
+ *
+ * @author Michael Hamann <michael@content-space.de>
+ * @author Michael Klier <chi@chimeric.de>
+ */
+ function getRecentChanges($timestamp) {
+ if(strlen($timestamp) != 10) {
+ throw new RemoteException('The provided value is not a valid timestamp', 311);
+ }
+
+ $recents = getRecentsSince($timestamp);
+
+ $changes = array();
+
+ foreach ($recents as $recent) {
+ $change = array();
+ $change['name'] = $recent['id'];
+ $change['lastModified'] = $this->api->toDate($recent['date']);
+ $change['author'] = $recent['user'];
+ $change['version'] = $recent['date'];
+ $change['perms'] = $recent['perms'];
+ $change['size'] = @filesize(wikiFN($recent['id']));
+ array_push($changes, $change);
+ }
+
+ if (!empty($changes)) {
+ return $changes;
+ } else {
+ // in case we still have nothing at this point
+ return new RemoteException('There are no changes in the specified timeframe', 321);
+ }
+ }
+
+ /**
+ * Returns a list of recent media changes since give timestamp
+ *
+ * @author Michael Hamann <michael@content-space.de>
+ * @author Michael Klier <chi@chimeric.de>
+ */
+ function getRecentMediaChanges($timestamp) {
+ if(strlen($timestamp) != 10)
+ throw new RemoteException('The provided value is not a valid timestamp', 311);
+
+ $recents = getRecentsSince($timestamp, null, '', RECENTS_MEDIA_CHANGES);
+
+ $changes = array();
+
+ foreach ($recents as $recent) {
+ $change = array();
+ $change['name'] = $recent['id'];
+ $change['lastModified'] = $this->api->toDate($recent['date']);
+ $change['author'] = $recent['user'];
+ $change['version'] = $recent['date'];
+ $change['perms'] = $recent['perms'];
+ $change['size'] = @filesize(mediaFN($recent['id']));
+ array_push($changes, $change);
+ }
+
+ if (!empty($changes)) {
+ return $changes;
+ } else {
+ // in case we still have nothing at this point
+ throw new RemoteException('There are no changes in the specified timeframe', 321);
+ }
+ }
+
+ /**
+ * Returns a list of available revisions of a given wiki page
+ *
+ * @author Michael Klier <chi@chimeric.de>
+ */
+ function pageVersions($id, $first) {
+ $id = cleanID($id);
+ if(auth_quickaclcheck($id) < AUTH_READ) {
+ throw new RemoteAccessDeniedException('You are not allowed to read this page', 111);
+ }
+ global $conf;
+
+ $versions = array();
+
+ if(empty($id)) {
+ throw new RemoteException('Empty page ID', 131);
+ }
+
+ $revisions = getRevisions($id, $first, $conf['recent']+1);
+
+ if(count($revisions)==0 && $first!=0) {
+ $first=0;
+ $revisions = getRevisions($id, $first, $conf['recent']+1);
+ }
+
+ if(count($revisions)>0 && $first==0) {
+ array_unshift($revisions, ''); // include current revision
+ array_pop($revisions); // remove extra log entry
+ }
+
+ if(count($revisions) > $conf['recent']) {
+ array_pop($revisions); // remove extra log entry
+ }
+
+ if(!empty($revisions)) {
+ foreach($revisions as $rev) {
+ $file = wikiFN($id,$rev);
+ $time = @filemtime($file);
+ // we check if the page actually exists, if this is not the
+ // case this can lead to less pages being returned than
+ // specified via $conf['recent']
+ if($time){
+ $info = getRevisionInfo($id, $time, 1024);
+ if(!empty($info)) {
+ $data['user'] = $info['user'];
+ $data['ip'] = $info['ip'];
+ $data['type'] = $info['type'];
+ $data['sum'] = $info['sum'];
+ $data['modified'] = $this->api->toDate($info['date']);
+ $data['version'] = $info['date'];
+ array_push($versions, $data);
+ }
+ }
+ }
+ return $versions;
+ } else {
+ return array();
+ }
+ }
+
+ /**
+ * The version of Wiki RPC API supported
+ */
+ function wiki_RPCVersion(){
+ return 2;
+ }
+
+
+ /**
+ * Locks or unlocks a given batch of pages
+ *
+ * Give an associative array with two keys: lock and unlock. Both should contain a
+ * list of pages to lock or unlock
+ *
+ * Returns an associative array with the keys locked, lockfail, unlocked and
+ * unlockfail, each containing lists of pages.
+ */
+ function setLocks($set){
+ $locked = array();
+ $lockfail = array();
+ $unlocked = array();
+ $unlockfail = array();
+
+ foreach((array) $set['lock'] as $id){
+ $id = cleanID($id);
+ if(auth_quickaclcheck($id) < AUTH_EDIT || checklock($id)){
+ $lockfail[] = $id;
+ }else{
+ lock($id);
+ $locked[] = $id;
+ }
+ }
+
+ foreach((array) $set['unlock'] as $id){
+ $id = cleanID($id);
+ if(auth_quickaclcheck($id) < AUTH_EDIT || !unlock($id)){
+ $unlockfail[] = $id;
+ }else{
+ $unlocked[] = $id;
+ }
+ }
+
+ return array(
+ 'locked' => $locked,
+ 'lockfail' => $lockfail,
+ 'unlocked' => $unlocked,
+ 'unlockfail' => $unlockfail,
+ );
+ }
+
+ function getAPIVersion(){
+ return DOKU_API_VERSION;
+ }
+
+ function login($user,$pass){
+ global $conf;
+ global $auth;
+ if(!$conf['useacl']) return 0;
+ if(!$auth) return 0;
+
+ @session_start(); // reopen session for login
+ if($auth->canDo('external')){
+ $ok = $auth->trustExternal($user,$pass,false);
+ }else{
+ $evdata = array(
+ 'user' => $user,
+ 'password' => $pass,
+ 'sticky' => false,
+ 'silent' => true,
+ );
+ $ok = trigger_event('AUTH_LOGIN_CHECK', $evdata, 'auth_login_wrapper');
+ }
+ session_write_close(); // we're done with the session
+
+ return $ok;
+ }
+
+
+}
+
diff --git a/inc/auth.php b/inc/auth.php
index cd0f612aa..59ef1cb54 100644
--- a/inc/auth.php
+++ b/inc/auth.php
@@ -422,7 +422,7 @@ function auth_isadmin($user=null,$groups=null){
* @param $memberlist string commaseparated list of allowed users and groups
* @param $user string user to match against
* @param $groups array groups the user is member of
- * @returns bool true for membership acknowledged
+ * @return bool true for membership acknowledged
*/
function auth_isMember($memberlist,$user,array $groups){
global $auth;
diff --git a/inc/httputils.php b/inc/httputils.php
index 0ad97a9a1..b815f3ca6 100644
--- a/inc/httputils.php
+++ b/inc/httputils.php
@@ -249,3 +249,11 @@ function http_cached_finish($file, $content) {
print $content;
}
}
+
+function http_get_raw_post_data() {
+ static $postData = null;
+ if ($postData === null) {
+ $postData = file_get_contents('php://input');
+ }
+ return $postData;
+}
diff --git a/inc/init.php b/inc/init.php
index cfd023e95..d57e12d7b 100644
--- a/inc/init.php
+++ b/inc/init.php
@@ -190,7 +190,7 @@ init_paths();
init_files();
// setup plugin controller class (can be overwritten in preload.php)
-$plugin_types = array('admin','syntax','action','renderer', 'helper');
+$plugin_types = array('admin','syntax','action','renderer', 'helper','remote');
global $plugin_controller_class, $plugin_controller;
if (empty($plugin_controller_class)) $plugin_controller_class = 'Doku_Plugin_Controller';
diff --git a/inc/load.php b/inc/load.php
index d30397f6e..f3ab5bcdd 100644
--- a/inc/load.php
+++ b/inc/load.php
@@ -76,10 +76,13 @@ function load_autoload($name){
'SafeFN' => DOKU_INC.'inc/SafeFN.class.php',
'Sitemapper' => DOKU_INC.'inc/Sitemapper.php',
'PassHash' => DOKU_INC.'inc/PassHash.class.php',
+ 'RemoteAPI' => DOKU_INC.'inc/remote.php',
+ 'RemoteAPICore' => DOKU_INC.'inc/RemoteAPICore.php',
'DokuWiki_Action_Plugin' => DOKU_PLUGIN.'action.php',
'DokuWiki_Admin_Plugin' => DOKU_PLUGIN.'admin.php',
'DokuWiki_Syntax_Plugin' => DOKU_PLUGIN.'syntax.php',
+ 'DokuWiki_Remote_Plugin' => DOKU_PLUGIN.'remote.php',
);
@@ -89,7 +92,7 @@ function load_autoload($name){
}
// Plugin loading
- if(preg_match('/^(helper|syntax|action|admin|renderer)_plugin_([^_]+)(?:_([^_]+))?$/',
+ if(preg_match('/^(helper|syntax|action|admin|renderer|remote)_plugin_([^_]+)(?:_([^_]+))?$/',
$name, $m)) {
//try to load the wanted plugin file
// include, but be silent. Maybe some other autoloader has an idea
diff --git a/inc/remote.php b/inc/remote.php
new file mode 100644
index 000000000..2ef28afd2
--- /dev/null
+++ b/inc/remote.php
@@ -0,0 +1,253 @@
+<?php
+
+if (!defined('DOKU_INC')) die();
+
+class RemoteException extends Exception {}
+class RemoteAccessDeniedException extends RemoteException {}
+
+/**
+ * This class provides information about remote access to the wiki.
+ *
+ * == Types of methods ==
+ * There are two types of remote methods. The first is the core methods.
+ * These are always available and provided by dokuwiki.
+ * The other is plugin methods. These are provided by remote plugins.
+ *
+ * == Information structure ==
+ * The information about methods will be given in an array with the following structure:
+ * array(
+ * 'method.remoteName' => array(
+ * 'args' => array(
+ * 'type eg. string|int|...|date|file',
+ * )
+ * 'name' => 'method name in class',
+ * 'return' => 'type',
+ * 'public' => 1/0 - method bypass default group check (used by login)
+ * ['doc' = 'method documentation'],
+ * )
+ * )
+ *
+ * plugin names are formed the following:
+ * core methods begin by a 'dokuwiki' or 'wiki' followed by a . and the method name itself.
+ * i.e.: dokuwiki.version or wiki.getPage
+ *
+ * plugin methods are formed like 'plugin.<plugin name>.<method name>'.
+ * i.e.: plugin.clock.getTime or plugin.clock_gmt.getTime
+ *
+ * @throws RemoteException
+ */
+class RemoteAPI {
+
+ /**
+ * @var RemoteAPICore
+ */
+ private $coreMethods = null;
+
+ /**
+ * @var array remote methods provided by dokuwiki plugins - will be filled lazy via
+ * {@see RemoteAPI#getPluginMethods}
+ */
+ private $pluginMethods = null;
+
+ /**
+ * @var array contains custom calls to the api. Plugins can use the XML_CALL_REGISTER event.
+ * The data inside is 'custom.call.something' => array('plugin name', 'remote method name')
+ *
+ * The remote method name is the same as in the remote name returned by _getMethods().
+ */
+ private $pluginCustomCalls = null;
+
+ private $dateTransformation;
+ private $fileTransformation;
+
+ public function __construct() {
+ $this->dateTransformation = array($this, 'dummyTransformation');
+ $this->fileTransformation = array($this, 'dummyTransformation');
+ }
+
+ /**
+ * Get all available methods with remote access.
+ *
+ * @return array with information to all available methods
+ */
+ public function getMethods() {
+ return array_merge($this->getCoreMethods(), $this->getPluginMethods());
+ }
+
+ /**
+ * call a method via remote api.
+ *
+ * @param string $method name of the method to call.
+ * @param array $args arguments to pass to the given method
+ * @return mixed result of method call, must be a primitive type.
+ */
+ public function call($method, $args = array()) {
+ if ($args === null) {
+ $args = array();
+ }
+ list($type, $pluginName, $call) = explode('.', $method, 3);
+ if ($type === 'plugin') {
+ return $this->callPlugin($pluginName, $method, $args);
+ }
+ if ($this->coreMethodExist($method)) {
+ return $this->callCoreMethod($method, $args);
+ }
+ return $this->callCustomCallPlugin($method, $args);
+ }
+
+ private function coreMethodExist($name) {
+ $coreMethods = $this->getCoreMethods();
+ return array_key_exists($name, $coreMethods);
+ }
+
+ private function callCustomCallPlugin($method, $args) {
+ $customCalls = $this->getCustomCallPlugins();
+ if (!array_key_exists($method, $customCalls)) {
+ throw new RemoteException('Method does not exist', -32603);
+ }
+ $customCall = $customCalls[$method];
+ return $this->callPlugin($customCall[0], $customCall[1], $args);
+ }
+
+ private function getCustomCallPlugins() {
+ if ($this->pluginCustomCalls === null) {
+ $data = array();
+ trigger_event('RPC_CALL_ADD', $data);
+ $this->pluginCustomCalls = $data;
+ }
+ return $this->pluginCustomCalls;
+ }
+
+ private function callPlugin($pluginName, $method, $args) {
+ $plugin = plugin_load('remote', $pluginName);
+ $methods = $this->getPluginMethods();
+ if (!$plugin) {
+ throw new RemoteException('Method does not exist', -32603);
+ }
+ $this->checkAccess($methods[$method]);
+ $name = $this->getMethodName($methods, $method);
+ return call_user_func_array(array($plugin, $name), $args);
+ }
+
+ private function callCoreMethod($method, $args) {
+ $coreMethods = $this->getCoreMethods();
+ $this->checkAccess($coreMethods[$method]);
+ if (!isset($coreMethods[$method])) {
+ throw new RemoteException('Method does not exist', -32603);
+ }
+ $this->checkArgumentLength($coreMethods[$method], $args);
+ return call_user_func_array(array($this->coreMethods, $this->getMethodName($coreMethods, $method)), $args);
+ }
+
+ private function checkAccess($methodMeta) {
+ if (!isset($methodMeta['public'])) {
+ $this->forceAccess();
+ } else{
+ if ($methodMeta['public'] == '0') {
+ $this->forceAccess();
+ }
+ }
+ }
+
+ private function checkArgumentLength($method, $args) {
+ if (count($method['args']) < count($args)) {
+ throw new RemoteException('Method does not exist - wrong parameter count.', -32603);
+ }
+ }
+
+ private function getMethodName($methodMeta, $method) {
+ if (isset($methodMeta[$method]['name'])) {
+ return $methodMeta[$method]['name'];
+ }
+ $method = explode('.', $method);
+ return $method[count($method)-1];
+ }
+
+ /**
+ * @return bool true if the current user has access to remote api.
+ */
+ public function hasAccess() {
+ global $conf;
+ global $USERINFO;
+ if (!$conf['remote']) {
+ return false;
+ }
+ if(!$conf['useacl']) {
+ return true;
+ }
+ if(trim($conf['remoteuser']) == '') {
+ return true;
+ }
+
+ return auth_isMember($conf['remoteuser'], $_SERVER['REMOTE_USER'], (array) $USERINFO['grps']);
+ }
+
+ /**
+ * @throws RemoteException On denied access.
+ * @return void
+ */
+ public function forceAccess() {
+ if (!$this->hasAccess()) {
+ throw new RemoteAccessDeniedException('server error. not authorized to call method', -32604);
+ }
+ }
+
+ /**
+ * @return array all plugin methods.
+ */
+ public function getPluginMethods() {
+ if ($this->pluginMethods === null) {
+ $this->pluginMethods = array();
+ $plugins = plugin_list('remote');
+
+ foreach ($plugins as $pluginName) {
+ $plugin = plugin_load('remote', $pluginName);
+ if (!is_subclass_of($plugin, 'DokuWiki_Remote_Plugin')) {
+ throw new RemoteException("Plugin $pluginName does not implement DokuWiki_Remote_Plugin");
+ }
+
+ $methods = $plugin->_getMethods();
+ foreach ($methods as $method => $meta) {
+ $this->pluginMethods["plugin.$pluginName.$method"] = $meta;
+ }
+ }
+ }
+ return $this->pluginMethods;
+ }
+
+ /**
+ * @param RemoteAPICore $apiCore this parameter is used for testing. Here you can pass a non-default RemoteAPICore
+ * instance. (for mocking)
+ * @return array all core methods.
+ */
+ public function getCoreMethods($apiCore = null) {
+ if ($this->coreMethods === null) {
+ if ($apiCore === null) {
+ $this->coreMethods = new RemoteAPICore($this);
+ } else {
+ $this->coreMethods = $apiCore;
+ }
+ }
+ return $this->coreMethods->__getRemoteInfo();
+ }
+
+ public function toFile($data) {
+ return call_user_func($this->fileTransformation, $data);
+ }
+
+ public function toDate($data) {
+ return call_user_func($this->dateTransformation, $data);
+ }
+
+ public function dummyTransformation($data) {
+ return $data;
+ }
+
+ public function setDateTransformation($dateTransformation) {
+ $this->dateTransformation = $dateTransformation;
+ }
+
+ public function setFileTransformation($fileTransformation) {
+ $this->fileTransformation = $fileTransformation;
+ }
+}
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-10 08:14:44 +0000