summaryrefslogtreecommitdiff
path: root/lib/exe/xmlrpc.php
diff options
context:
space:
mode:
Diffstat (limited to 'lib/exe/xmlrpc.php')
-rw-r--r--lib/exe/xmlrpc.php190
1 files changed, 61 insertions, 129 deletions
diff --git a/lib/exe/xmlrpc.php b/lib/exe/xmlrpc.php
index f06792361..108dd8fd1 100644
--- a/lib/exe/xmlrpc.php
+++ b/lib/exe/xmlrpc.php
@@ -1,13 +1,13 @@
<?php
if(!defined('DOKU_INC')) define('DOKU_INC',dirname(__FILE__).'/../../');
-// fix when '<?xml' isn't on the very first line
+// fix when '< ?xml' isn't on the very first line
if(isset($HTTP_RAW_POST_DATA)) $HTTP_RAW_POST_DATA = trim($HTTP_RAW_POST_DATA);
/**
* Increased whenever the API is changed
*/
-define('DOKU_XMLRPC_API_VERSION',4);
+define('DOKU_XMLRPC_API_VERSION',5);
require_once(DOKU_INC.'inc/init.php');
session_write_close(); //close session
@@ -143,6 +143,13 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer {
true
);
+ $this->addCallback(
+ 'dokuwiki.appendPage',
+ 'this:appendPage',
+ array('int', 'string', 'string', 'struct'),
+ 'Append text to a wiki page.'
+ );
+
/* Wiki API v2 http://www.jspwiki.org/wiki/WikiRPCInterface2 */
$this->addCallback(
'wiki.getRPCVersionSupported',
@@ -289,6 +296,7 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer {
* Return a raw wiki page
*/
function rawPage($id,$rev=''){
+ $id = cleanID($id);
if(auth_quickaclcheck($id) < AUTH_READ){
return new IXR_Error(1, 'You are not allowed to read this page');
}
@@ -344,6 +352,7 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer {
* Return a wiki page rendered to html
*/
function htmlPage($id,$rev=''){
+ $id = cleanID($id);
if(auth_quickaclcheck($id) < AUTH_READ){
return new IXR_Error(1, 'You are not allowed to read this page');
}
@@ -355,9 +364,8 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer {
*/
function listPages(){
$list = array();
- $pages = array_filter(array_filter(idx_getIndex('page', ''),
- 'isVisiblePage'),
- 'page_exists');
+ $pages = idx_get_indexer()->getPages();
+ $pages = array_filter(array_filter($pages,'isVisiblePage'),'page_exists');
foreach(array_keys($pages) as $idx) {
$perm = auth_quickaclcheck($pages[$idx]);
@@ -481,6 +489,7 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer {
* Return some basic data about a page
*/
function pageInfo($id,$rev=''){
+ $id = cleanID($id);
if(auth_quickaclcheck($id) < AUTH_READ){
return new IXR_Error(1, 'You are not allowed to read this page');
}
@@ -552,29 +561,20 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer {
unlock($id);
// run the indexer if page wasn't indexed yet
- if(!@file_exists(metaFN($id, '.indexed'))) {
- // try to aquire a lock
- $lock = $conf['lockdir'].'/_indexer.lock';
- while(!@mkdir($lock,$conf['dmode'])){
- usleep(50);
- if(time()-@filemtime($lock) > 60*5){
- // looks like a stale lock - remove it
- @rmdir($lock);
- }else{
- return false;
- }
- }
- if($conf['dperm']) chmod($lock, $conf['dperm']);
+ idx_addPage($id);
- // do the work
- idx_addPage($id);
+ return 0;
+ }
- // we're finished - save and free lock
- io_saveFile(metaFN($id,'.indexed'),INDEXER_VERSION);
- @rmdir($lock);
+ /**
+ * Appends text to a wiki page.
+ */
+ function appendPage($id, $text, $params) {
+ $currentpage = $this->rawPage($id);
+ if (!is_string($currentpage)) {
+ return $currentpage;
}
-
- return 0;
+ return $this->putPage($id, $currentpage.$text, $params);
}
/**
@@ -583,64 +583,27 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer {
* Michael Klier <chi@chimeric.de>
*/
function putAttachment($id, $file, $params) {
- global $conf;
- global $lang;
-
+ $id = cleanID($id);
$auth = auth_quickaclcheck(getNS($id).':*');
- if($auth >= AUTH_UPLOAD) {
- if(!isset($id)) {
- return new IXR_ERROR(1, 'Filename not given.');
- }
-
- $ftmp = $conf['tmpdir'] . '/' . md5($id.clientIP());
- // save temporary file
- @unlink($ftmp);
- $buff = base64_decode($file);
- io_saveFile($ftmp, $buff);
+ if(!isset($id)) {
+ return new IXR_ERROR(1, 'Filename not given.');
+ }
- // get filename
- list($iext, $imime,$dl) = mimetype($id);
- $id = cleanID($id);
- $fn = mediaFN($id);
-
- // get filetype regexp
- $types = array_keys(getMimeTypes());
- $types = array_map(create_function('$q','return preg_quote($q,"/");'),$types);
- $regex = join('|',$types);
-
- // because a temp file was created already
- if(preg_match('/\.('.$regex.')$/i',$fn)) {
- //check for overwrite
- $overwrite = @file_exists($fn);
- if($overwrite && (!$params['ow'] || $auth < AUTH_DELETE)) {
- return new IXR_ERROR(1, $lang['uploadexist'].'1');
- }
- // check for valid content
- $ok = media_contentcheck($ftmp, $imime);
- if($ok == -1) {
- return new IXR_ERROR(1, sprintf($lang['uploadexist'].'2', ".$iext"));
- } elseif($ok == -2) {
- return new IXR_ERROR(1, $lang['uploadspam']);
- } elseif($ok == -3) {
- return new IXR_ERROR(1, $lang['uploadxss']);
- }
+ global $conf;
- // prepare event data
- $data[0] = $ftmp;
- $data[1] = $fn;
- $data[2] = $id;
- $data[3] = $imime;
- $data[4] = $overwrite;
+ $ftmp = $conf['tmpdir'] . '/' . md5($id.clientIP());
- // trigger event
- return trigger_event('MEDIA_UPLOAD_FINISH', $data, array($this, '_media_upload_action'), true);
+ // save temporary file
+ @unlink($ftmp);
+ $buff = base64_decode($file);
+ io_saveFile($ftmp, $buff);
- } else {
- return new IXR_ERROR(1, $lang['uploadwrong']);
- }
+ $res = media_save(array('name' => $ftmp), $id, $params['ow'], $auth, 'rename');
+ if (is_array($res)) {
+ return new IXR_ERROR(-$res[1], $res[0]);
} else {
- return new IXR_ERROR(1, "You don't have permissions to upload files.");
+ return $res;
}
}
@@ -650,56 +613,17 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer {
* @author Gina Haeussge <osd@foosel.net>
*/
function deleteAttachment($id){
+ $id = cleanID($id);
$auth = auth_quickaclcheck(getNS($id).':*');
- if($auth < AUTH_DELETE) return new IXR_ERROR(1, "You don't have permissions to delete files.");
- global $conf;
- global $lang;
-
- // check for references if needed
- $mediareferences = array();
- if($conf['refcheck']){
- $mediareferences = ft_mediause($id,$conf['refshow']);
- }
-
- if(!count($mediareferences)){
- $file = mediaFN($id);
- if(@unlink($file)){
- addMediaLogEntry(time(), $id, DOKU_CHANGE_TYPE_DELETE);
- io_sweepNS($id,'mediadir');
- return 0;
- }
- //something went wrong
- return new IXR_ERROR(1, 'Could not delete file');
- } else {
+ $res = media_delete($id, $auth);
+ if ($res & DOKU_MEDIA_DELETED) {
+ return 0;
+ } elseif ($res & DOKU_MEDIA_NOT_AUTH) {
+ return new IXR_ERROR(1, "You don't have permissions to delete files.");
+ } elseif ($res & DOKU_MEDIA_INUSE) {
return new IXR_ERROR(1, 'File is still referenced');
- }
- }
-
- /**
- * Moves the temporary file to its final destination.
- *
- * Michael Klier <chi@chimeric.de>
- */
- function _media_upload_action($data) {
- global $conf;
-
- if(is_array($data) && count($data)===5) {
- io_createNamespace($data[2], 'media');
- if(rename($data[0], $data[1])) {
- chmod($data[1], $conf['fmode']);
- media_notify($data[2], $data[1], $data[3]);
- // add a log entry to the media changelog
- if ($data[4]) {
- addMediaLogEntry(time(), $data[2], DOKU_CHANGE_TYPE_EDIT);
- } else {
- addMediaLogEntry(time(), $data[2], DOKU_CHANGE_TYPE_CREATE);
- }
- return $data[2];
- } else {
- return new IXR_ERROR(1, 'Upload failed.');
- }
} else {
- return new IXR_ERROR(1, 'Upload failed.');
+ return new IXR_ERROR(1, 'Could not delete file');
}
}
@@ -707,6 +631,7 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer {
* Returns the permissions of a given wiki page
*/
function aclCheck($id) {
+ $id = cleanID($id);
return auth_quickaclcheck($id);
}
@@ -716,13 +641,14 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer {
* @author Michael Klier <chi@chimeric.de>
*/
function listLinks($id) {
+ $id = cleanID($id);
if(auth_quickaclcheck($id) < AUTH_READ){
return new IXR_Error(1, 'You are not allowed to read this page');
}
$links = array();
// resolve page instructions
- $ins = p_cached_instructions(wikiFN(cleanID($id)));
+ $ins = p_cached_instructions(wikiFN($id));
// instantiate new Renderer - needed for interwiki links
include(DOKU_INC.'inc/parser/xhtml.php');
@@ -830,6 +756,10 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer {
* @author Michael Klier <chi@chimeric.de>
*/
function pageVersions($id, $first) {
+ $id = cleanID($id);
+ if(auth_quickaclcheck($id) < AUTH_READ){
+ return new IXR_Error(1, 'You are not allowed to read this page');
+ }
global $conf;
$versions = array();
@@ -905,7 +835,8 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer {
$unlockfail = array();
foreach((array) $set['lock'] as $id){
- if(checklock($id)){
+ $id = cleanID($id);
+ if(auth_quickaclcheck($id) < AUTH_EDIT || checklock($id)){
$lockfail[] = $id;
}else{
lock($id);
@@ -914,10 +845,11 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer {
}
foreach((array) $set['unlock'] as $id){
- if(unlock($id)){
- $unlocked[] = $id;
- }else{
+ $id = cleanID($id);
+ if(auth_quickaclcheck($id) < AUTH_EDIT || !unlock($id)){
$unlockfail[] = $id;
+ }else{
+ $unlocked[] = $id;
}
}
@@ -950,4 +882,4 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer {
$server = new dokuwiki_xmlrpc_server();
-// vim:ts=4:sw=4:et:enc=utf-8:
+// vim:ts=4:sw=4:et:
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-12 00:59:26 +0000