diff options
| author | Andreas Gohr <andi@splitbrain.org> | 2010-08-29 14:22:01 +0200 |
|---|---|---|
| committer | Andreas Gohr <andi@splitbrain.org> | 2010-08-29 14:22:01 +0200 |
| commit | 2c053ed58376c6709596ab48fc40dceb90d4e89d (patch) | |
| tree | c8d0f78c2f47f373473419396d3c0855ec671eca /inc/actions.php | |
| parent | cb4a07568e84d853fbcd9d5eca37f572fa10786f (diff) | |
| parent | 5479a8c3341247ca228026819f20f3ab5c34a80f (diff) | |
| download | rpg-2c053ed58376c6709596ab48fc40dceb90d4e89d.tar.gz rpg-2c053ed58376c6709596ab48fc40dceb90d4e89d.tar.bz2 | |
Merge branch 'master' into stable
Conflicts:
conf/msg
lib/plugins/acl/ajax.php
Diffstat (limited to 'inc/actions.php')
| -rw-r--r-- | inc/actions.php | 910 |
1 files changed, 485 insertions, 425 deletions
diff --git a/inc/actions.php b/inc/actions.php index 27292e6f6..3e0cb1207 100644 --- a/inc/actions.php +++ b/inc/actions.php @@ -7,8 +7,6 @@ */ if(!defined('DOKU_INC')) die('meh.'); -require_once(DOKU_INC.'inc/template.php'); - /** * Call the needed action handlers @@ -18,149 +16,150 @@ require_once(DOKU_INC.'inc/template.php'); * @triggers ACTION_HEADERS_SEND */ function act_dispatch(){ - global $INFO; - global $ACT; - global $ID; - global $QUERY; - global $lang; - global $conf; - global $license; - - $preact = $ACT; - - // give plugins an opportunity to process the action - $evt = new Doku_Event('ACTION_ACT_PREPROCESS',$ACT); - if ($evt->advise_before()) { - - //sanitize $ACT - $ACT = act_clean($ACT); - - //check if searchword was given - else just show - $s = cleanID($QUERY); - if($ACT == 'search' && empty($s)){ - $ACT = 'show'; - } + global $INFO; + global $ACT; + global $ID; + global $QUERY; + global $lang; + global $conf; + global $license; - //login stuff - if(in_array($ACT,array('login','logout'))){ - $ACT = act_auth($ACT); - } + $preact = $ACT; - //check if user is asking to (un)subscribe a page - if($ACT == 'subscribe' || $ACT == 'unsubscribe') - $ACT = act_subscription($ACT); + // give plugins an opportunity to process the action + $evt = new Doku_Event('ACTION_ACT_PREPROCESS',$ACT); + if ($evt->advise_before()) { - //check if user is asking to (un)subscribe a namespace - if($ACT == 'subscribens' || $ACT == 'unsubscribens') - $ACT = act_subscriptionns($ACT); + //sanitize $ACT + $ACT = act_clean($ACT); - //check permissions - $ACT = act_permcheck($ACT); + //check if searchword was given - else just show + $s = cleanID($QUERY); + if($ACT == 'search' && empty($s)){ + $ACT = 'show'; + } - //register - $nil = array(); - if($ACT == 'register' && $_POST['save'] && register()){ - $ACT = 'login'; - } + //login stuff + if(in_array($ACT,array('login','logout'))){ + $ACT = act_auth($ACT); + } - if ($ACT == 'resendpwd' && act_resendpwd()) { - $ACT = 'login'; - } + //check if user is asking to (un)subscribe a page + if($ACT == 'subscribe') { + try { + $ACT = act_subscription($ACT); + } catch (Exception $e) { + msg($e->getMessage(), -1); + } + } - //update user profile - if ($ACT == 'profile') { - if(!$_SERVER['REMOTE_USER']) { - $ACT = 'login'; - } else { - if(updateprofile()) { - msg($lang['profchanged'],1); - $ACT = 'show'; + //check permissions + $ACT = act_permcheck($ACT); + + //register + $nil = array(); + if($ACT == 'register' && $_POST['save'] && register()){ + $ACT = 'login'; } - } - } - //revert - if($ACT == 'revert'){ - if(checkSecurityToken()){ - $ACT = act_revert($ACT); - }else{ - $ACT = 'show'; - } - } + if ($ACT == 'resendpwd' && act_resendpwd()) { + $ACT = 'login'; + } - //save - if($ACT == 'save'){ - if(checkSecurityToken()){ - $ACT = act_save($ACT); - }else{ - $ACT = 'show'; - } - } + //update user profile + if ($ACT == 'profile') { + if(!$_SERVER['REMOTE_USER']) { + $ACT = 'login'; + } else { + if(updateprofile()) { + msg($lang['profchanged'],1); + $ACT = 'show'; + } + } + } - //cancel conflicting edit - if($ACT == 'cancel') - $ACT = 'show'; + //revert + if($ACT == 'revert'){ + if(checkSecurityToken()){ + $ACT = act_revert($ACT); + }else{ + $ACT = 'show'; + } + } - //draft deletion - if($ACT == 'draftdel') - $ACT = act_draftdel($ACT); + //save + if($ACT == 'save'){ + if(checkSecurityToken()){ + $ACT = act_save($ACT); + }else{ + $ACT = 'show'; + } + } - //draft saving on preview - if($ACT == 'preview') - $ACT = act_draftsave($ACT); + //cancel conflicting edit + if($ACT == 'cancel') + $ACT = 'show'; - //edit - if(($ACT == 'edit' || $ACT == 'preview') && $INFO['editable']){ - $ACT = act_edit($ACT); - }else{ - unlock($ID); //try to unlock - } + //draft deletion + if($ACT == 'draftdel') + $ACT = act_draftdel($ACT); - //handle export - if(substr($ACT,0,7) == 'export_') - $ACT = act_export($ACT); + //draft saving on preview + if($ACT == 'preview') + $ACT = act_draftsave($ACT); - //display some infos - if($ACT == 'check'){ - check(); - $ACT = 'show'; - } + //edit + if(in_array($ACT, array('edit', 'preview', 'recover'))) { + $ACT = act_edit($ACT); + }else{ + unlock($ID); //try to unlock + } - //handle admin tasks - if($ACT == 'admin'){ - // retrieve admin plugin name from $_REQUEST['page'] - if (!empty($_REQUEST['page'])) { - $pluginlist = plugin_list('admin'); - if (in_array($_REQUEST['page'], $pluginlist)) { - // attempt to load the plugin - if ($plugin =& plugin_load('admin',$_REQUEST['page']) !== NULL) - $plugin->handle(); - } - } - } + //handle export + if(substr($ACT,0,7) == 'export_') + $ACT = act_export($ACT); + + //display some infos + if($ACT == 'check'){ + check(); + $ACT = 'show'; + } + + //handle admin tasks + if($ACT == 'admin'){ + // retrieve admin plugin name from $_REQUEST['page'] + if (!empty($_REQUEST['page'])) { + $pluginlist = plugin_list('admin'); + if (in_array($_REQUEST['page'], $pluginlist)) { + // attempt to load the plugin + if ($plugin =& plugin_load('admin',$_REQUEST['page']) !== null) + $plugin->handle(); + } + } + } - // check permissions again - the action may have changed - $ACT = act_permcheck($ACT); - } // end event ACTION_ACT_PREPROCESS default action - $evt->advise_after(); - unset($evt); + // check permissions again - the action may have changed + $ACT = act_permcheck($ACT); + } // end event ACTION_ACT_PREPROCESS default action + $evt->advise_after(); + unset($evt); - // when action 'show', the intial not 'show' and POST, do a redirect - if($ACT == 'show' && $preact != 'show' && strtolower($_SERVER['REQUEST_METHOD']) == 'post'){ - act_redirect($ID,$preact); - } + // when action 'show', the intial not 'show' and POST, do a redirect + if($ACT == 'show' && $preact != 'show' && strtolower($_SERVER['REQUEST_METHOD']) == 'post'){ + act_redirect($ID,$preact); + } - //call template FIXME: all needed vars available? - $headers[] = 'Content-Type: text/html; charset=utf-8'; - trigger_event('ACTION_HEADERS_SEND',$headers,'act_sendheaders'); + //call template FIXME: all needed vars available? + $headers[] = 'Content-Type: text/html; charset=utf-8'; + trigger_event('ACTION_HEADERS_SEND',$headers,'act_sendheaders'); - include(template('main.php')); - // output for the commands is now handled in inc/templates.php - // in function tpl_content() + include(template('main.php')); + // output for the commands is now handled in inc/templates.php + // in function tpl_content() } function act_sendheaders($headers) { - foreach ($headers as $hdr) header($hdr); + foreach ($headers as $hdr) header($hdr); } /** @@ -171,44 +170,46 @@ function act_sendheaders($headers) { * @author Andreas Gohr <andi@splitbrain.org> */ function act_clean($act){ - global $lang; - global $conf; + global $lang; + global $conf; - // check if the action was given as array key - if(is_array($act)){ - list($act) = array_keys($act); - } + // check if the action was given as array key + if(is_array($act)){ + list($act) = array_keys($act); + } - //remove all bad chars - $act = strtolower($act); - $act = preg_replace('/[^1-9a-z_]+/','',$act); + //remove all bad chars + $act = strtolower($act); + $act = preg_replace('/[^1-9a-z_]+/','',$act); - if($act == 'export_html') $act = 'export_xhtml'; - if($act == 'export_htmlbody') $act = 'export_xhtmlbody'; + if($act == 'export_html') $act = 'export_xhtml'; + if($act == 'export_htmlbody') $act = 'export_xhtmlbody'; - // check if action is disabled - if(!actionOK($act)){ - msg('Command disabled: '.htmlspecialchars($act),-1); - return 'show'; - } + if($act === '') $act = 'show'; - //disable all acl related commands if ACL is disabled - if(!$conf['useacl'] && in_array($act,array('login','logout','register','admin', - 'subscribe','unsubscribe','profile','revert', - 'resendpwd','subscribens','unsubscribens',))){ - msg('Command unavailable: '.htmlspecialchars($act),-1); - return 'show'; - } - - if(!in_array($act,array('login','logout','register','save','cancel','edit','draft', - 'preview','search','show','check','index','revisions', - 'diff','recent','backlink','admin','subscribe','revert', - 'unsubscribe','profile','resendpwd','recover','wordblock', - 'draftdel','subscribens','unsubscribens',)) && substr($act,0,7) != 'export_' ) { - msg('Command unknown: '.htmlspecialchars($act),-1); - return 'show'; - } - return $act; + // check if action is disabled + if(!actionOK($act)){ + msg('Command disabled: '.htmlspecialchars($act),-1); + return 'show'; + } + + //disable all acl related commands if ACL is disabled + if(!$conf['useacl'] && in_array($act,array('login','logout','register','admin', + 'subscribe','unsubscribe','profile','revert', + 'resendpwd','subscribens','unsubscribens',))){ + msg('Command unavailable: '.htmlspecialchars($act),-1); + return 'show'; + } + + if(!in_array($act,array('login','logout','register','save','cancel','edit','draft', + 'preview','search','show','check','index','revisions', + 'diff','recent','backlink','admin','subscribe','revert', + 'unsubscribe','profile','resendpwd','recover', + 'draftdel','subscribens','unsubscribens',)) && substr($act,0,7) != 'export_' ) { + msg('Command unknown: '.htmlspecialchars($act),-1); + return 'show'; + } + return $act; } /** @@ -217,44 +218,44 @@ function act_clean($act){ * @author Andreas Gohr <andi@splitbrain.org> */ function act_permcheck($act){ - global $INFO; - global $conf; - - if(in_array($act,array('save','preview','edit','recover'))){ - if($INFO['exists']){ - if($act == 'edit'){ - //the edit function will check again and do a source show - //when no AUTH_EDIT available - $permneed = AUTH_READ; - }else{ - $permneed = AUTH_EDIT; - } - }else{ - $permneed = AUTH_CREATE; - } - }elseif(in_array($act,array('login','search','recent','profile'))){ - $permneed = AUTH_NONE; - }elseif($act == 'revert'){ - $permneed = AUTH_ADMIN; - if($INFO['ismanager']) $permneed = AUTH_EDIT; - }elseif($act == 'register'){ - $permneed = AUTH_NONE; - }elseif($act == 'resendpwd'){ - $permneed = AUTH_NONE; - }elseif($act == 'admin'){ - if($INFO['ismanager']){ - // if the manager has the needed permissions for a certain admin - // action is checked later - $permneed = AUTH_READ; + global $INFO; + global $conf; + + if(in_array($act,array('save','preview','edit','recover'))){ + if($INFO['exists']){ + if($act == 'edit'){ + //the edit function will check again and do a source show + //when no AUTH_EDIT available + $permneed = AUTH_READ; + }else{ + $permneed = AUTH_EDIT; + } + }else{ + $permneed = AUTH_CREATE; + } + }elseif(in_array($act,array('login','search','recent','profile','index'))){ + $permneed = AUTH_NONE; + }elseif($act == 'revert'){ + $permneed = AUTH_ADMIN; + if($INFO['ismanager']) $permneed = AUTH_EDIT; + }elseif($act == 'register'){ + $permneed = AUTH_NONE; + }elseif($act == 'resendpwd'){ + $permneed = AUTH_NONE; + }elseif($act == 'admin'){ + if($INFO['ismanager']){ + // if the manager has the needed permissions for a certain admin + // action is checked later + $permneed = AUTH_READ; + }else{ + $permneed = AUTH_ADMIN; + } }else{ - $permneed = AUTH_ADMIN; + $permneed = AUTH_READ; } - }else{ - $permneed = AUTH_READ; - } - if($INFO['perm'] >= $permneed) return $act; + if($INFO['perm'] >= $permneed) return $act; - return 'denied'; + return 'denied'; } /** @@ -263,10 +264,10 @@ function act_permcheck($act){ * Deletes the draft for the current page and user */ function act_draftdel($act){ - global $INFO; - @unlink($INFO['draft']); - $INFO['draft'] = null; - return 'show'; + global $INFO; + @unlink($INFO['draft']); + $INFO['draft'] = null; + return 'show'; } /** @@ -275,23 +276,23 @@ function act_draftdel($act){ * @todo this currently duplicates code from ajax.php :-/ */ function act_draftsave($act){ - global $INFO; - global $ID; - global $conf; - if($conf['usedraft'] && $_POST['wikitext']){ - $draft = array('id' => $ID, - 'prefix' => $_POST['prefix'], - 'text' => $_POST['wikitext'], - 'suffix' => $_POST['suffix'], - 'date' => $_POST['date'], - 'client' => $INFO['client'], - ); - $cname = getCacheName($draft['client'].$ID,'.draft'); - if(io_saveFile($cname,serialize($draft))){ - $INFO['draft'] = $cname; + global $INFO; + global $ID; + global $conf; + if($conf['usedraft'] && $_POST['wikitext']){ + $draft = array('id' => $ID, + 'prefix' => $_POST['prefix'], + 'text' => $_POST['wikitext'], + 'suffix' => $_POST['suffix'], + 'date' => $_POST['date'], + 'client' => $INFO['client'], + ); + $cname = getCacheName($draft['client'].$ID,'.draft'); + if(io_saveFile($cname,serialize($draft))){ + $INFO['draft'] = $cname; + } } - } - return $act; + return $act; } /** @@ -304,31 +305,35 @@ function act_draftsave($act){ * @author Andreas Gohr <andi@splitbrain.org> */ function act_save($act){ - global $ID; - global $DATE; - global $PRE; - global $TEXT; - global $SUF; - global $SUM; - - //spam check - if(checkwordblock()) - return 'wordblock'; - //conflict check //FIXME use INFO - if($DATE != 0 && @filemtime(wikiFN($ID)) > $DATE ) - return 'conflict'; - - //save it - saveWikiText($ID,con($PRE,$TEXT,$SUF,1),$SUM,$_REQUEST['minor']); //use pretty mode for con - //unlock it - unlock($ID); - - //delete draft - act_draftdel($act); - session_write_close(); - - // when done, show page - return 'show'; + global $ID; + global $DATE; + global $PRE; + global $TEXT; + global $SUF; + global $SUM; + global $lang; + global $INFO; + + //spam check + if(checkwordblock()) { + msg($lang['wordblock'], -1); + return 'edit'; + } + //conflict check + if($DATE != 0 && $INFO['meta']['date']['modified'] > $DATE ) + return 'conflict'; + + //save it + saveWikiText($ID,con($PRE,$TEXT,$SUF,1),$SUM,$_REQUEST['minor']); //use pretty mode for con + //unlock it + unlock($ID); + + //delete draft + act_draftdel($act); + session_write_close(); + + // when done, show page + return 'show'; } /** @@ -340,6 +345,11 @@ function act_revert($act){ global $ID; global $REV; global $lang; + // FIXME $INFO['writable'] currently refers to the attic version + // global $INFO; + // if (!$INFO['writable']) { + // return 'show'; + // } // when no revision is given, delete current one // FIXME this feature is not exposed in the GUI currently @@ -352,8 +362,11 @@ function act_revert($act){ } // spam check - if(checkwordblock($Text)) - return 'wordblock'; + + if (checkwordblock($text)) { + msg($lang['wordblock'], -1); + return 'edit'; + } saveWikiText($ID,$text,$sum,false); msg($sum,1); @@ -374,38 +387,28 @@ function act_revert($act){ * Tries to add the section id as hash mark after section editing */ function act_redirect($id,$preact){ - global $PRE; - global $TEXT; - global $MSG; - - //are there any undisplayed messages? keep them in session for display - //on the next page - if(isset($MSG) && count($MSG)){ - //reopen session, store data and close session again - @session_start(); - $_SESSION[DOKU_COOKIE]['msg'] = $MSG; - session_write_close(); - } - - $opts = array( - 'id' => $id, - 'preact' => $preact - ); - //get section name when coming from section edit - if($PRE && preg_match('/^\s*==+([^=\n]+)/',$TEXT,$match)){ - $check = false; //Byref - $opts['fragment'] = sectionID($match[0], $check); - } - - trigger_event('ACTION_SHOW_REDIRECT',$opts,'act_redirect_execute'); + global $PRE; + global $TEXT; + + $opts = array( + 'id' => $id, + 'preact' => $preact + ); + //get section name when coming from section edit + if($PRE && preg_match('/^\s*==+([^=\n]+)/',$TEXT,$match)){ + $check = false; //Byref + $opts['fragment'] = sectionID($match[0], $check); + } + + trigger_event('ACTION_SHOW_REDIRECT',$opts,'act_redirect_execute'); } function act_redirect_execute($opts){ - $go = wl($opts['id'],'',true); - if(isset($opts['fragment'])) $go .= '#'.$opts['fragment']; + $go = wl($opts['id'],'',true); + if(isset($opts['fragment'])) $go .= '#'.$opts['fragment']; - //show it - send_redirect($go); + //show it + send_redirect($go); } /** @@ -414,47 +417,81 @@ function act_redirect_execute($opts){ * @author Andreas Gohr <andi@splitbrain.org> */ function act_auth($act){ - global $ID; - global $INFO; + global $ID; + global $INFO; - //already logged in? - if(isset($_SERVER['REMOTE_USER']) && $act=='login'){ - return 'show'; - } + //already logged in? + if(isset($_SERVER['REMOTE_USER']) && $act=='login'){ + return 'show'; + } - //handle logout - if($act=='logout'){ - $lockedby = checklock($ID); //page still locked? - if($lockedby == $_SERVER['REMOTE_USER']) - unlock($ID); //try to unlock + //handle logout + if($act=='logout'){ + $lockedby = checklock($ID); //page still locked? + if($lockedby == $_SERVER['REMOTE_USER']) + unlock($ID); //try to unlock - // do the logout stuff - auth_logoff(); + // do the logout stuff + auth_logoff(); - // rebuild info array - $INFO = pageinfo(); + // rebuild info array + $INFO = pageinfo(); - act_redirect($ID,'login'); - } + act_redirect($ID,'login'); + } - return $act; + return $act; } /** - * Handle 'edit', 'preview' + * Handle 'edit', 'preview', 'recover' * * @author Andreas Gohr <andi@splitbrain.org> */ function act_edit($act){ - global $ID; - global $INFO; + global $ID; + global $INFO; - //check if locked by anyone - if not lock for my self - $lockedby = checklock($ID); - if($lockedby) return 'locked'; + global $TEXT; + global $RANGE; + global $PRE; + global $SUF; + global $REV; + global $SUM; + global $lang; + global $DATE; + + if (!isset($TEXT)) { + if ($INFO['exists']) { + if ($RANGE) { + list($PRE,$TEXT,$SUF) = rawWikiSlices($RANGE,$ID,$REV); + } else { + $TEXT = rawWiki($ID,$REV); + } + } else { + $TEXT = pageTemplate($ID); + } + } - lock($ID); - return $act; + //set summary default + if(!$SUM){ + if($REV){ + $SUM = $lang['restored']; + }elseif(!$INFO['exists']){ + $SUM = $lang['created']; + } + } + + // Use the date of the newest revision, not of the revision we edit + // This is used for conflict detection + if(!$DATE) $DATE = $INFO['meta']['date']['modified']; + + //check if locked by anyone - if not lock for my self + $lockedby = checklock($ID); + if($lockedby) return 'locked'; + + lock($ID); + return $act; } /** @@ -472,159 +509,182 @@ function act_edit($act){ * @author Michael Klier <chi@chimeric.de> */ function act_export($act){ - global $ID; - global $REV; - global $conf; - global $lang; - - $pre = ''; - $post = ''; - $output = ''; - $headers = array(); - - // search engines: never cache exported docs! (Google only currently) - $headers['X-Robots-Tag'] = 'noindex'; - - $mode = substr($act,7); - switch($mode) { - case 'raw': - $headers['Content-Type'] = 'text/plain; charset=utf-8'; - $headers['Content-Disposition'] = 'attachment; filename='.noNS($ID).'.txt'; - $output = rawWiki($ID,$REV); - break; - case 'xhtml': - $pre .= '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"' . DOKU_LF; - $pre .= ' "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">' . DOKU_LF; - $pre .= '<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="'.$conf['lang'].'"' . DOKU_LF; - $pre .= ' lang="'.$conf['lang'].'" dir="'.$lang['direction'].'">' . DOKU_LF; - $pre .= '<head>' . DOKU_LF; - $pre .= ' <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />' . DOKU_LF; - $pre .= ' <title>'.$ID.'</title>' . DOKU_LF; - - // get metaheaders - ob_start(); - tpl_metaheaders(); - $pre .= ob_get_clean(); - - $pre .= '</head>' . DOKU_LF; - $pre .= '<body>' . DOKU_LF; - $pre .= '<div class="dokuwiki export">' . DOKU_LF; - - // get toc - $pre .= tpl_toc(true); - - $headers['Content-Type'] = 'text/html; charset=utf-8'; - $output = p_wiki_xhtml($ID,$REV,false); - - $post .= '</div>' . DOKU_LF; - $post .= '</body>' . DOKU_LF; - $post .= '</html>' . DOKU_LF; - break; - case 'xhtmlbody': - $headers['Content-Type'] = 'text/html; charset=utf-8'; - $output = p_wiki_xhtml($ID,$REV,false); - break; - default: - $output = p_cached_output(wikiFN($ID,$REV), $mode); - $headers = p_get_metadata($ID,"format $mode"); - break; - } - - // prepare event data - $data = array(); - $data['id'] = $ID; - $data['mode'] = $mode; - $data['headers'] = $headers; - $data['output'] =& $output; - - trigger_event('ACTION_EXPORT_POSTPROCESS', $data); - - if(!empty($data['output'])){ - if(is_array($data['headers'])) foreach($data['headers'] as $key => $val){ - header("$key: $val"); + global $ID; + global $REV; + global $conf; + global $lang; + + $pre = ''; + $post = ''; + $output = ''; + $headers = array(); + + // search engines: never cache exported docs! (Google only currently) + $headers['X-Robots-Tag'] = 'noindex'; + + $mode = substr($act,7); + switch($mode) { + case 'raw': + $headers['Content-Type'] = 'text/plain; charset=utf-8'; + $headers['Content-Disposition'] = 'attachment; filename='.noNS($ID).'.txt'; + $output = rawWiki($ID,$REV); + break; + case 'xhtml': + $pre .= '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"' . DOKU_LF; + $pre .= ' "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">' . DOKU_LF; + $pre .= '<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="'.$conf['lang'].'"' . DOKU_LF; + $pre .= ' lang="'.$conf['lang'].'" dir="'.$lang['direction'].'">' . DOKU_LF; + $pre .= '<head>' . DOKU_LF; + $pre .= ' <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />' . DOKU_LF; + $pre .= ' <title>'.$ID.'</title>' . DOKU_LF; + + // get metaheaders + ob_start(); + tpl_metaheaders(); + $pre .= ob_get_clean(); + + $pre .= '</head>' . DOKU_LF; + $pre .= '<body>' . DOKU_LF; + $pre .= '<div class="dokuwiki export">' . DOKU_LF; + + // get toc + $pre .= tpl_toc(true); + + $headers['Content-Type'] = 'text/html; charset=utf-8'; + $output = p_wiki_xhtml($ID,$REV,false); + + $post .= '</div>' . DOKU_LF; + $post .= '</body>' . DOKU_LF; + $post .= '</html>' . DOKU_LF; + break; + case 'xhtmlbody': + $headers['Content-Type'] = 'text/html; charset=utf-8'; + $output = p_wiki_xhtml($ID,$REV,false); + break; + default: + $output = p_cached_output(wikiFN($ID,$REV), $mode); + $headers = p_get_metadata($ID,"format $mode"); + break; + } + + // prepare event data + $data = array(); + $data['id'] = $ID; + $data['mode'] = $mode; + $data['headers'] = $headers; + $data['output'] =& $output; + + trigger_event('ACTION_EXPORT_POSTPROCESS', $data); + + if(!empty($data['output'])){ + if(is_array($data['headers'])) foreach($data['headers'] as $key => $val){ + header("$key: $val"); + } + print $pre.$data['output'].$post; + exit; } - print $pre.$data['output'].$post; - exit; - } - return 'show'; + return 'show'; } /** - * Handle page 'subscribe', 'unsubscribe' + * Handle page 'subscribe' + * + * Throws exception on error. * - * @author Steven Danz <steven-danz@kc.rr.com> - * @todo localize + * @author Adrian Lang <lang@cosmocode.de> */ function act_subscription($act){ - global $ID; - global $INFO; - global $lang; - - $file=metaFN($ID,'.mlist'); - if ($act=='subscribe' && !$INFO['subscribed']){ - if ($INFO['userinfo']['mail']){ - if (io_saveFile($file,$_SERVER['REMOTE_USER']."\n",true)) { - $INFO['subscribed'] = true; - msg(sprintf($lang[$act.'_success'], $INFO['userinfo']['name'], $ID),1); - } else { - msg(sprintf($lang[$act.'_error'], $INFO['userinfo']['name'], $ID),1); - } - } else { - msg($lang['subscribe_noaddress']); + global $lang; + global $INFO; + global $ID; + + // subcriptions work for logged in users only + if(!$_SERVER['REMOTE_USER']) return 'show'; + + // get and preprocess data. + $params = array(); + foreach(array('target', 'style', 'action') as $param) { + if (isset($_REQUEST["sub_$param"])) { + $params[$param] = $_REQUEST["sub_$param"]; + } } - } elseif ($act=='unsubscribe' && $INFO['subscribed']){ - if (io_deleteFromFile($file,$_SERVER['REMOTE_USER']."\n")) { - $INFO['subscribed'] = false; - msg(sprintf($lang[$act.'_success'], $INFO['userinfo']['name'], $ID),1); - } else { - msg(sprintf($lang[$act.'_error'], $INFO['userinfo']['name'], $ID),1); + + // any action given? if not just return and show the subscription page + if(!$params['action'] || !checkSecurityToken()) return $act; + + // Handle POST data, may throw exception. + trigger_event('ACTION_HANDLE_SUBSCRIBE', $params, 'subscription_handle_post'); + + $target = $params['target']; + $style = $params['style']; + $data = $params['data']; + $action = $params['action']; + + // Perform action. + if (!subscription_set($_SERVER['REMOTE_USER'], $target, $style, $data)) { + throw new Exception(sprintf($lang["subscr_{$action}_error"], + hsc($INFO['userinfo']['name']), + prettyprint_id($target))); } - } + msg(sprintf($lang["subscr_{$action}_success"], hsc($INFO['userinfo']['name']), + prettyprint_id($target)), 1); + act_redirect($ID, $act); - return 'show'; + // Assure that we have valid data if act_redirect somehow fails. + $INFO['subscribed'] = get_info_subscribed(); + return 'show'; } /** - * Handle namespace 'subscribe', 'unsubscribe' + * Validate POST data + * + * Validates POST data for a subscribe or unsubscribe request. This is the + * default action for the event ACTION_HANDLE_SUBSCRIBE. * + * @author Adrian Lang <lang@cosmocode.de> */ -function act_subscriptionns($act){ - global $ID; - global $INFO; - global $lang; - - if(!getNS($ID)) { - $file = metaFN(getNS($ID),'.mlist'); - $ns = "root"; - } else { - $file = metaFN(getNS($ID),'/.mlist'); - $ns = getNS($ID); - } - - // reuse strings used to display the status of the subscribe action - $act_msg = rtrim($act, 'ns'); - - if ($act=='subscribens' && !$INFO['subscribedns']){ - if ($INFO['userinfo']['mail']){ - if (io_saveFile($file,$_SERVER['REMOTE_USER']."\n",true)) { - $INFO['subscribedns'] = true; - msg(sprintf($lang[$act_msg.'_success'], $INFO['userinfo']['name'], $ns),1); - } else { - msg(sprintf($lang[$act_msg.'_error'], $INFO['userinfo']['name'], $ns),1); - } - } else { - msg($lang['subscribe_noaddress']); +function subscription_handle_post(&$params) { + global $INFO; + global $lang; + + // Get and validate parameters. + if (!isset($params['target'])) { + throw new Exception('no subscription target given'); + } + $target = $params['target']; + $valid_styles = array('every', 'digest'); + if (substr($target, -1, 1) === ':') { + // Allow “list” subscribe style since the target is a namespace. + $valid_styles[] = 'list'; } - } elseif ($act=='unsubscribens' && $INFO['subscribedns']){ - if (io_deleteFromFile($file,$_SERVER['REMOTE_USER']."\n")) { - $INFO['subscribedns'] = false; - msg(sprintf($lang[$act_msg.'_success'], $INFO['userinfo']['name'], $ns),1); - } else { - msg(sprintf($lang[$act_msg.'_error'], $INFO['userinfo']['name'], $ns),1); + $style = valid_input_set('style', $valid_styles, $params, + 'invalid subscription style given'); + $action = valid_input_set('action', array('subscribe', 'unsubscribe'), + $params, 'invalid subscription action given'); + + // Check other conditions. + if ($action === 'subscribe') { + if ($INFO['userinfo']['mail'] === '') { + throw new Exception($lang['subscr_subscribe_noaddress']); + } + } elseif ($action === 'unsubscribe') { + $is = false; + foreach($INFO['subscribed'] as $subscr) { + if ($subscr['target'] === $target) { + $is = true; + } + } + if ($is === false) { + throw new Exception(sprintf($lang['subscr_not_subscribed'], + $_SERVER['REMOTE_USER'], + prettyprint_id($target))); + } + // subscription_set deletes a subscription if style = null. + $style = null; } - } - return 'show'; + $data = in_array($style, array('list', 'digest')) ? time() : null; + $params = compact('target', 'style', 'data', 'action'); } //Setup VIM: ex: et ts=2 enc=utf-8 : |