diff options
Diffstat (limited to 'lib/exe')
| -rw-r--r-- | lib/exe/ajax.php | 86 | ||||
| -rw-r--r-- | lib/exe/css.php | 15 | ||||
| -rw-r--r-- | lib/exe/detail.php | 7 | ||||
| -rw-r--r-- | lib/exe/fetch.php | 140 | ||||
| -rw-r--r-- | lib/exe/indexer.php | 114 | ||||
| -rw-r--r-- | lib/exe/js.php | 23 | ||||
| -rw-r--r-- | lib/exe/mediamanager.php | 13 | ||||
| -rw-r--r-- | lib/exe/xmlrpc.php | 116 |
8 files changed, 309 insertions, 205 deletions
diff --git a/lib/exe/ajax.php b/lib/exe/ajax.php index 4618abd71..533b8f91c 100644 --- a/lib/exe/ajax.php +++ b/lib/exe/ajax.php @@ -7,16 +7,13 @@ */ //fix for Opera XMLHttpRequests -if(!count($_POST) && $HTTP_RAW_POST_DATA){ +if(!count($_POST) && !empty($HTTP_RAW_POST_DATA)){ parse_str($HTTP_RAW_POST_DATA, $_POST); } if(!defined('DOKU_INC')) define('DOKU_INC',dirname(__FILE__).'/../../'); require_once(DOKU_INC.'inc/init.php'); -require_once(DOKU_INC.'inc/common.php'); -require_once(DOKU_INC.'inc/pageutils.php'); -require_once(DOKU_INC.'inc/auth.php'); -//close sesseion +//close session session_write_close(); header('Content-Type: text/html; charset=utf-8'); @@ -53,30 +50,28 @@ function ajax_qsearch(){ global $conf; global $lang; - $query = cleanID($_POST['q']); - if(empty($query)) $query = cleanID($_GET['q']); + $query = $_POST['q']; + if(empty($query)) $query = $_GET['q']; if(empty($query)) return; - require_once(DOKU_INC.'inc/html.php'); - require_once(DOKU_INC.'inc/fulltext.php'); - - $data = array(); - $data = ft_pageLookup($query); + $data = ft_pageLookup($query, true, useHeading('navigation')); if(!count($data)) return; print '<strong>'.$lang['quickhits'].'</strong>'; print '<ul>'; - foreach($data as $id){ - print '<li>'; - $ns = getNS($id); - if($ns){ - $name = shorten(noNS($id), ' ('.$ns.')',30); - }else{ - $name = $id; + foreach($data as $id => $title){ + if (useHeading('navigation')) { + $name = $title; + } else { + $ns = getNS($id); + if($ns){ + $name = shorten(noNS($id), ' ('.$ns.')',30); + }else{ + $name = $id; + } } - print html_wikilink(':'.$id,$name); - print '</li>'; + echo '<li>' . html_wikilink(':'.$id,$name) . '</li>'; } print '</ul>'; } @@ -95,13 +90,10 @@ function ajax_suggestions() { if(empty($query)) $query = cleanID($_GET['q']); if(empty($query)) return; - require_once(DOKU_INC.'inc/html.php'); - require_once(DOKU_INC.'inc/fulltext.php'); - require_once(DOKU_INC.'inc/JSON.php'); - $data = array(); $data = ft_pageLookup($query); if(!count($data)) return; + $data = array_keys($data); // limit results to 15 hits $data = array_slice($data, 0, 15); @@ -147,7 +139,7 @@ function ajax_lock(){ 'prefix' => $_POST['prefix'], 'text' => $_POST['wikitext'], 'suffix' => $_POST['suffix'], - 'date' => $_POST['date'], + 'date' => (int) $_POST['date'], 'client' => $client, ); $cname = getCacheName($draft['client'].$id,'.draft'); @@ -164,7 +156,7 @@ function ajax_lock(){ * @author Andreas Gohr <andi@splitbrain.org> */ function ajax_draftdel(){ - $id = cleanID($_POST['id']); + $id = cleanID($_REQUEST['id']); if(empty($id)) return; $client = $_SERVER['REMOTE_USER']; @@ -181,8 +173,6 @@ function ajax_draftdel(){ */ function ajax_medians(){ global $conf; - require_once(DOKU_INC.'inc/search.php'); - require_once(DOKU_INC.'inc/media.php'); // wanted namespace $ns = cleanID($_POST['ns']); @@ -208,34 +198,18 @@ function ajax_medians(){ function ajax_medialist(){ global $conf; global $NS; - require_once(DOKU_INC.'inc/media.php'); - require_once(DOKU_INC.'inc/template.php'); $NS = $_POST['ns']; tpl_mediaContent(true); } /** - * Return list of search result for the Mediamanager - * - * @author Tobias Sarnowski <sarnowski@cosmocode.de> - */ -function ajax_mediasearchlist(){ - global $conf; - require_once(DOKU_INC.'inc/media.php'); - - media_searchlist($_POST['ns']); -} - -/** * Return sub index for index view * * @author Andreas Gohr <andi@splitbrain.org> */ function ajax_index(){ global $conf; - require_once(DOKU_INC.'inc/search.php'); - require_once(DOKU_INC.'inc/html.php'); // wanted namespace $ns = cleanID($_POST['idx']); @@ -263,7 +237,6 @@ function ajax_index(){ function ajax_linkwiz(){ global $conf; global $lang; - require_once(DOKU_INC.'inc/html.php'); $q = ltrim($_POST['q'],':'); $id = noNS($q); @@ -279,29 +252,28 @@ function ajax_linkwiz(){ if($q && !$ns){ // use index to lookup matching pages - require_once(DOKU_INC.'inc/fulltext.php'); - require_once(DOKU_INC.'inc/parserutils.php'); $pages = array(); - $pages = ft_pageLookup($id,false); + $pages = ft_pageLookup($id,true); // result contains matches in pages and namespaces // we now extract the matching namespaces to show // them seperately $dirs = array(); - $count = count($pages); - for($i=0; $i<$count; $i++){ - if(strpos(noNS($pages[$i]),$id) === false){ + + + foreach($pages as $pid => $title){ + if(strpos(noNS($pid),$id) === false){ // match was in the namespace - $dirs[getNS($pages[$i])] = 1; // assoc array avoids dupes + $dirs[getNS($pid)] = 1; // assoc array avoids dupes }else{ // it is a matching page, add it to the result $data[] = array( - 'id' => $pages[$i], - 'title' => p_get_first_heading($pages[$i],false), + 'id' => $pid, + 'title' => $title, 'type' => 'f', ); } - unset($pages[$i]); + unset($pages[$pid]); } foreach($dirs as $dir => $junk){ $data[] = array( @@ -312,13 +284,13 @@ function ajax_linkwiz(){ }else{ - require_once(DOKU_INC.'inc/search.php'); $opts = array( 'depth' => 1, 'listfiles' => true, 'listdirs' => true, 'pagesonly' => true, 'firsthead' => true, + 'sneakyacl' => $conf['sneaky_index'], ); if($id) $opts['filematch'] = '^.*\/'.$id; if($id) $opts['dirmatch'] = '^.*\/'.$id; diff --git a/lib/exe/css.php b/lib/exe/css.php index cb689d015..76f40c7bb 100644 --- a/lib/exe/css.php +++ b/lib/exe/css.php @@ -10,10 +10,6 @@ if(!defined('DOKU_INC')) define('DOKU_INC',dirname(__FILE__).'/../../'); if(!defined('NOSESSION')) define('NOSESSION',true); // we do not use a session or authentication here (better caching) if(!defined('DOKU_DISABLE_GZIP_OUTPUT')) define('DOKU_DISABLE_GZIP_OUTPUT',1); // we gzip ourself here require_once(DOKU_INC.'inc/init.php'); -require_once(DOKU_INC.'inc/pageutils.php'); -require_once(DOKU_INC.'inc/httputils.php'); -require_once(DOKU_INC.'inc/io.php'); -require_once(DOKU_INC.'inc/confutils.php'); // Main (don't run when UNIT test) if(!defined('SIMPLE_TEST')){ @@ -32,6 +28,8 @@ if(!defined('SIMPLE_TEST')){ function css_out(){ global $conf; global $lang; + global $config_cascade; + $style = ''; if (isset($_REQUEST['s']) && in_array($_REQUEST['s'], array('all', 'print', 'feed'))) { @@ -68,7 +66,10 @@ function css_out(){ // load plugin, template, user styles $files = array_merge($files, css_pluginstyles($style)); if (isset($tplstyles[$style])) $files = array_merge($files, $tplstyles[$style]); - $files[DOKU_CONF.'user'.$style.'.css'] = DOKU_BASE; + + if(isset($config_cascade['userstyle'][$style])){ + $files[$config_cascade['userstyle'][$style]] = DOKU_BASE; + } }else{ $files[DOKU_INC.'lib/styles/style.css'] = DOKU_BASE.'lib/styles/'; // load plugin, template, user styles @@ -77,7 +78,9 @@ function css_out(){ if($lang['direction'] == 'rtl'){ if (isset($tplstyles['rtl'])) $files = array_merge($files, $tplstyles['rtl']); } - $files[DOKU_CONF.'userstyle.css'] = DOKU_BASE; + if(isset($config_cascade['userstyle']['default'])){ + $files[$config_cascade['userstyle']['default']] = DOKU_BASE; + } } // check cache age & handle conditional request diff --git a/lib/exe/detail.php b/lib/exe/detail.php index f30e039d4..3a04b7b09 100644 --- a/lib/exe/detail.php +++ b/lib/exe/detail.php @@ -2,13 +2,6 @@ if(!defined('DOKU_INC')) define('DOKU_INC',dirname(__FILE__).'/../../'); define('DOKU_MEDIADETAIL',1); require_once(DOKU_INC.'inc/init.php'); - require_once(DOKU_INC.'inc/common.php'); - require_once(DOKU_INC.'inc/lang/en/lang.php'); - require_once(DOKU_INC.'inc/lang/'.$conf['lang'].'/lang.php'); - require_once(DOKU_INC.'inc/JpegMeta.php'); - require_once(DOKU_INC.'inc/html.php'); - require_once(DOKU_INC.'inc/template.php'); - require_once(DOKU_INC.'inc/auth.php'); //close session session_write_close(); diff --git a/lib/exe/fetch.php b/lib/exe/fetch.php index 11877ef36..680fd9ae4 100644 --- a/lib/exe/fetch.php +++ b/lib/exe/fetch.php @@ -9,14 +9,8 @@ if(!defined('DOKU_INC')) define('DOKU_INC',dirname(__FILE__).'/../../'); define('DOKU_DISABLE_GZIP_OUTPUT', 1); require_once(DOKU_INC.'inc/init.php'); - require_once(DOKU_INC.'inc/common.php'); - require_once(DOKU_INC.'inc/media.php'); - require_once(DOKU_INC.'inc/pageutils.php'); - require_once(DOKU_INC.'inc/httputils.php'); - require_once(DOKU_INC.'inc/confutils.php'); - require_once(DOKU_INC.'inc/auth.php'); - - //close sesseion + + //close session session_write_close(); $mimetypes = getMimeTypes(); @@ -33,72 +27,59 @@ $DL = true; } - //media to local file - if(preg_match('#^(https?)://#i',$MEDIA)){ - //check hash - if(substr(md5(auth_cookiesalt().$MEDIA),0,6) != $_REQUEST['hash']){ - header("HTTP/1.0 412 Precondition Failed"); - print 'Precondition Failed'; - exit; - } - //handle external images - if(strncmp($MIME,'image/',6) == 0) $FILE = media_get_from_URL($MEDIA,$EXT,$CACHE); - if(!$FILE){ - //download failed - redirect to original URL - header('Location: '.$MEDIA); - exit; + // check for permissions, preconditions and cache external files + list($STATUS, $STATUSMESSAGE) = checkFileStatus($MEDIA, $FILE); + + // prepare data for plugin events + $data = array('media' => $MEDIA, + 'file' => $FILE, + 'orig' => $FILE, + 'mime' => $MIME, + 'download' => $DL, + 'cache' => $CACHE, + 'ext' => $EXT, + 'width' => $WIDTH, + 'height' => $HEIGHT, + 'status' => $STATUS, + 'statusmessage' => $STATUSMESSAGE, + ); + + // handle the file status + $evt = new Doku_Event('FETCH_MEDIA_STATUS', $data); + if ( $evt->advise_before() ) { + // redirects + if($data['status'] > 300 && $data['status'] <= 304){ + send_redirect($data['statusmessage']); } - }else{ - $MEDIA = cleanID($MEDIA); - if(empty($MEDIA)){ - header("HTTP/1.0 400 Bad Request"); - print 'Bad request'; - exit; + // send any non 200 status + if($data['status'] != 200){ + header('HTTP/1.0 ' . $data['status'] . ' ' . $data['statusmessage']); } - - //check permissions (namespace only) - if(auth_quickaclcheck(getNS($MEDIA).':X') < AUTH_READ){ - header("HTTP/1.0 401 Unauthorized"); - //fixme add some image for imagefiles - print 'Unauthorized'; + // die on errors + if($data['status'] > 203){ + print $data['statusmessage']; exit; } - $FILE = mediaFN($MEDIA); - } - - //check file existance - if(!@file_exists($FILE)){ - header("HTTP/1.0 404 Not Found"); - //FIXME add some default broken image - print 'Not Found'; - exit; } - - $ORIG = $FILE; + $evt->advise_after(); + unset($evt); //handle image resizing/cropping if((substr($MIME,0,5) == 'image') && $WIDTH){ if($HEIGHT){ - $FILE = media_crop_image($FILE,$EXT,$WIDTH,$HEIGHT); + $data['file'] = $FILE = media_crop_image($data['file'],$EXT,$WIDTH,$HEIGHT); }else{ - $FILE = media_resize_image($FILE,$EXT,$WIDTH,$HEIGHT); + $data['file'] = $FILE = media_resize_image($data['file'],$EXT,$WIDTH,$HEIGHT); } } // finally send the file to the client - $data = array('file' => $FILE, - 'mime' => $MIME, - 'download' => $DL, - 'cache' => $CACHE, - 'orig' => $ORIG, - 'ext' => $EXT, - 'width' => $WIDTH, - 'height' => $HEIGHT); - $evt = new Doku_Event('MEDIA_SENDFILE', $data); if ($evt->advise_before()) { sendFile($data['file'],$data['mime'],$data['download'],$data['cache']); } + // Do something after the download finished. + $evt->advise_after(); /* ------------------------------------------------------------------------ */ @@ -156,6 +137,53 @@ function sendFile($file,$mime,$dl,$cache){ } /** + * Check for media for preconditions and return correct status code + * + * READ: MEDIA, MIME, EXT, CACHE + * WRITE: MEDIA, FILE, array( STATUS, STATUSMESSAGE ) + * + * @author Gerry Weissbach <gerry.w@gammaproduction.de> + * @param $media reference to the media id + * @param $file reference to the file variable + * @returns array(STATUS, STATUSMESSAGE) + */ +function checkFileStatus(&$media, &$file) { + global $MIME, $EXT, $CACHE; + + //media to local file + if(preg_match('#^(https?)://#i',$media)){ + //check hash + if(substr(md5(auth_cookiesalt().$media),0,6) != $_REQUEST['hash']){ + return array( 412, 'Precondition Failed'); + } + //handle external images + if(strncmp($MIME,'image/',6) == 0) $file = media_get_from_URL($media,$EXT,$CACHE); + if(!$file){ + //download failed - redirect to original URL + return array( 302, $media ); + } + }else{ + $media = cleanID($media); + if(empty($media)){ + return array( 400, 'Bad request' ); + } + + //check permissions (namespace only) + if(auth_quickaclcheck(getNS($media).':X') < AUTH_READ){ + return array( 403, 'Forbidden' ); + } + $file = mediaFN($media); + } + + //check file existance + if(!@file_exists($file)){ + return array( 404, 'Not Found' ); + } + + return array(200, null); +} + +/** * Returns the wanted cachetime in seconds * * Resolves named constants diff --git a/lib/exe/indexer.php b/lib/exe/indexer.php index 1c4128eb7..f8e2f7981 100644 --- a/lib/exe/indexer.php +++ b/lib/exe/indexer.php @@ -8,8 +8,6 @@ if(!defined('DOKU_INC')) define('DOKU_INC',dirname(__FILE__).'/../../'); define('DOKU_DISABLE_GZIP_OUTPUT',1); require_once(DOKU_INC.'inc/init.php'); -require_once(DOKU_INC.'inc/auth.php'); -require_once(DOKU_INC.'inc/events.php'); session_write_close(); //close session if(!defined('NL')) define('NL',"\n"); @@ -37,6 +35,7 @@ if ($evt->advise_before()) { runIndexer() or metaUpdate() or runSitemapper() or + sendDigest() or runTrimRecentChanges() or runTrimRecentChanges(true) or $evt->advise_after(); @@ -135,18 +134,6 @@ function runIndexer(){ global $conf; print "runIndexer(): started".NL; - // Move index files (if needed) - // Uses the importoldindex plugin to upgrade the index automatically. - // FIXME: Remove this from runIndexer when it is no longer needed. - if (@file_exists($conf['cachedir'].'/page.idx') && - (!@file_exists($conf['indexdir'].'/page.idx') || - !filesize($conf['indexdir'].'/page.idx')) && - !@file_exists($conf['indexdir'].'/index_importing')) { - echo "trigger TEMPORARY_INDEX_UPGRADE_EVENT\n"; - $tmp = array(); // no event data - trigger_event('TEMPORARY_INDEX_UPGRADE_EVENT', $tmp); - } - if(!$ID) return false; // check if indexing needed @@ -176,8 +163,6 @@ function runIndexer(){ } if($conf['dperm']) chmod($lock, $conf['dperm']); - require_once(DOKU_INC.'inc/indexer.php'); - // upgrade to version 2 if (!@file_exists($conf['indexdir'].'/pageword.idx')) idx_upgradePageWords(); @@ -210,11 +195,8 @@ function metaUpdate(){ if (@file_exists($file)) return false; if (!@file_exists(wikiFN($ID))) return false; - require_once(DOKU_INC.'inc/common.php'); - require_once(DOKU_INC.'inc/parserutils.php'); global $conf; - // gather some additional info from changelog $info = io_grep($conf['changelog'], '/^(\d+)\t(\d+\.\d+\.\d+\.\d+)\t'.preg_quote($ID,'/').'\t([^\t]+)\t([^\t\n]+)/', @@ -273,7 +255,7 @@ function runSitemapper(){ return false; } - $pages = file($conf['indexdir'].'/page.idx'); + $pages = idx_getIndex('page', ''); print 'runSitemapper(): creating sitemap using '.count($pages).' pages'.NL; // build the sitemap @@ -335,6 +317,98 @@ function runSitemapper(){ } /** + * Send digest and list mails for all subscriptions which are in effect for the + * current page + * + * @author Adrian Lang <lang@cosmocode.de> + */ +function sendDigest() { + echo 'sendDigest(): start'.NL; + global $ID; + global $conf; + if (!$conf['subscribers']) { + return; + } + $subscriptions = subscription_find($ID, array('style' => '(digest|list)', + 'escaped' => true)); + global $auth; + global $lang; + global $conf; + global $USERINFO; + + // remember current user info + $olduinfo = $USERINFO; + $olduser = $_SERVER['REMOTE_USER']; + + foreach($subscriptions as $id => $users) { + if (!subscription_lock($id)) { + continue; + } + foreach($users as $data) { + list($user, $style, $lastupdate) = $data; + $lastupdate = (int) $lastupdate; + if ($lastupdate + $conf['subscribe_time'] > time()) { + // Less than the configured time period passed since last + // update. + continue; + } + + // Work as the user to make sure ACLs apply correctly + $USERINFO = $auth->getUserData($user); + $_SERVER['REMOTE_USER'] = $user; + if ($USERINFO === false) { + continue; + } + + if (substr($id, -1, 1) === ':') { + // The subscription target is a namespace + $changes = getRecentsSince($lastupdate, null, getNS($id)); + } else { + if(auth_quickaclcheck($id) < AUTH_READ) continue; + + $meta = p_get_metadata($id); + $changes = array($meta['last_change']); + } + + // Filter out pages only changed in small and own edits + $change_ids = array(); + foreach($changes as $rev) { + $n = 0; + while (!is_null($rev) && $rev['date'] >= $lastupdate && + ($_SERVER['REMOTE_USER'] === $rev['user'] || + $rev['type'] === DOKU_CHANGE_TYPE_MINOR_EDIT)) { + $rev = getRevisions($rev['id'], $n++, 1); + $rev = (count($rev) > 0) ? $rev[0] : null; + } + + if (!is_null($rev) && $rev['date'] >= $lastupdate) { + // Some change was not a minor one and not by myself + $change_ids[] = $rev['id']; + } + } + + if ($style === 'digest') { + foreach($change_ids as $change_id) { + subscription_send_digest($USERINFO['mail'], $change_id, + $lastupdate); + } + } elseif ($style === 'list') { + subscription_send_list($USERINFO['mail'], $change_ids, $id); + } + // TODO: Handle duplicate subscriptions. + + // Update notification time. + subscription_set($user, $id, $style, time(), true); + } + subscription_unlock($id); + } + + // restore current user info + $USERINFO = $olduinfo; + $_SERVER['REMOTE_USER'] = $olduser; +} + +/** * Formats a timestamp as ISO 8601 date * * @author <ungu at terong dot com> diff --git a/lib/exe/js.php b/lib/exe/js.php index ab67288cd..3756c43b9 100644 --- a/lib/exe/js.php +++ b/lib/exe/js.php @@ -11,10 +11,6 @@ if(!defined('NOSESSION')) define('NOSESSION',true); // we do not use a session o if(!defined('NL')) define('NL',"\n"); if(!defined('DOKU_DISABLE_GZIP_OUTPUT')) define('DOKU_DISABLE_GZIP_OUTPUT',1); // we gzip ourself here require_once(DOKU_INC.'inc/init.php'); -require_once(DOKU_INC.'inc/pageutils.php'); -require_once(DOKU_INC.'inc/httputils.php'); -require_once(DOKU_INC.'inc/io.php'); -require_once(DOKU_INC.'inc/JSON.php'); // Main (don't run when UNIT test) if(!defined('SIMPLE_TEST')){ @@ -33,6 +29,7 @@ if(!defined('SIMPLE_TEST')){ function js_out(){ global $conf; global $lang; + global $config_cascade; // The generated script depends on some dynamic options $cache = getCacheName('scripts'.$_SERVER['HTTP_HOST'].$_SERVER['SERVER_PORT'],'.js'); @@ -41,6 +38,7 @@ function js_out(){ $files = array( DOKU_INC.'lib/scripts/helpers.js', DOKU_INC.'lib/scripts/events.js', + DOKU_INC.'lib/scripts/delay.js', DOKU_INC.'lib/scripts/cookie.js', DOKU_INC.'lib/scripts/script.js', DOKU_INC.'lib/scripts/tw-sack.js', @@ -52,12 +50,16 @@ function js_out(){ DOKU_INC.'lib/scripts/edit.js', DOKU_INC.'lib/scripts/linkwiz.js', DOKU_INC.'lib/scripts/media.js', + DOKU_INC.'lib/scripts/subscriptions.js', + DOKU_INC.'lib/scripts/hotkeys.js', DOKU_TPLINC.'script.js', ); // add possible plugin scripts and userscript $files = array_merge($files,js_pluginscripts()); - $files[] = DOKU_CONF.'userscript.js'; + if(isset($config_cascade['userscript']['default'])){ + $files[] = $config_cascade['userscript']['default']; + } // check cache age & handle conditional request header('Cache-Control: public, max-age=3600'); @@ -94,7 +96,6 @@ function js_out(){ echo 'LANG = '.$json->encode($lang['js']).";\n"; // load toolbar - require_once(DOKU_INC.'inc/toolbar.php'); toolbar_JSdefines('toolbar'); // load files @@ -106,15 +107,17 @@ function js_out(){ // init stuff - js_runonstart("ajax_qsearch.init('qsearch__in','qsearch__out')"); js_runonstart("addEvent(document,'click',closePopups)"); js_runonstart('addTocToggle()'); js_runonstart("initSizeCtl('size__ctl','wiki__text')"); js_runonstart("initToolbar('tool__bar','wiki__text',toolbar)"); - js_runonstart("initChangeCheck('".js_escape($lang['notsavedyet'])."')"); - js_runonstart("locktimer.init(".($conf['locktime'] - 60).",'".js_escape($lang['willexpire'])."',".$conf['usedraft'].")"); + if($conf['locktime'] != 0){ + js_runonstart("locktimer.init(".($conf['locktime'] - 60).",'".js_escape($lang['willexpire'])."',".$conf['usedraft'].")"); + } js_runonstart('scrollToMarker()'); js_runonstart('focusMarker()'); + // init hotkeys - must have been done after init of toolbar + js_runonstart('initializeHotkeys()'); // end output buffering and get contents $js = ob_get_contents(); @@ -151,7 +154,7 @@ function js_load($file){ static $loaded = array(); $data = io_readFile($file); - while(preg_match('#/\*\s*DOKUWIKI:include(_once)?\s+([\w\./]+)\s*\*/#',$data,$match)){ + while(preg_match('#/\*\s*DOKUWIKI:include(_once)?\s+([\w\.\-_/]+)\s*\*/#',$data,$match)){ $ifile = $match[2]; // is it a include_once? diff --git a/lib/exe/mediamanager.php b/lib/exe/mediamanager.php index f6e91b858..c79a25c08 100644 --- a/lib/exe/mediamanager.php +++ b/lib/exe/mediamanager.php @@ -6,13 +6,6 @@ @ini_set('session.use_only_cookies',0); require_once(DOKU_INC.'inc/init.php'); - require_once(DOKU_INC.'inc/lang/en/lang.php'); - require_once(DOKU_INC.'inc/lang/'.$conf['lang'].'/lang.php'); - require_once(DOKU_INC.'inc/media.php'); - require_once(DOKU_INC.'inc/common.php'); - require_once(DOKU_INC.'inc/search.php'); - require_once(DOKU_INC.'inc/template.php'); - require_once(DOKU_INC.'inc/auth.php'); trigger_event('MEDIAMANAGER_STARTED',$tmp=array()); session_write_close(); //close session @@ -41,6 +34,12 @@ // check auth $AUTH = auth_quickaclcheck("$NS:*"); + // do not display the manager if user does not have read access + if($AUTH < AUTH_READ) { + header('HTTP/1.0 403 Forbidden'); + die($lang['accessdenied']); + } + // create the given namespace (just for beautification) if($AUTH >= AUTH_UPLOAD) { io_createNamespace("$NS:xxx", 'media'); } diff --git a/lib/exe/xmlrpc.php b/lib/exe/xmlrpc.php index d3913482f..f06792361 100644 --- a/lib/exe/xmlrpc.php +++ b/lib/exe/xmlrpc.php @@ -7,18 +7,13 @@ if(isset($HTTP_RAW_POST_DATA)) $HTTP_RAW_POST_DATA = trim($HTTP_RAW_POST_DATA); /** * Increased whenever the API is changed */ -define('DOKU_XMLRPC_API_VERSION',2); +define('DOKU_XMLRPC_API_VERSION',4); require_once(DOKU_INC.'inc/init.php'); -require_once(DOKU_INC.'inc/common.php'); -require_once(DOKU_INC.'inc/auth.php'); session_write_close(); //close session if(!$conf['xmlrpc']) die('XML-RPC server not enabled.'); -require_once(DOKU_INC.'inc/IXR_Library.php'); - - /** * Contains needed wrapper functions and registers all available * XMLRPC functions. @@ -119,6 +114,13 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { ); $this->addCallback( + 'dokuwiki.search', + 'this:search', + array('struct','string'), + 'Perform a fulltext search and return a list of matching pages' + ); + + $this->addCallback( 'dokuwiki.getTime', 'time', array('int'), @@ -132,6 +134,15 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { 'Lock or unlock pages.' ); + + $this->addCallback( + 'dokuwiki.getTitle', + 'this:getTitle', + array('string'), + 'Returns the wiki title.', + true + ); + /* Wiki API v2 http://www.jspwiki.org/wiki/WikiRPCInterface2 */ $this->addCallback( 'wiki.getRPCVersionSupported', @@ -283,8 +294,7 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { } $text = rawWiki($id,$rev); if(!$text) { - $data = array($id); - return trigger_event('HTML_PAGE_FROMTEMPLATE',$data,'pageTemplate',true); + return pageTemplate($id); } else { return $text; } @@ -344,24 +354,22 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { * List all pages - we use the indexer list here */ function listPages(){ - global $conf; - $list = array(); - $pages = file($conf['indexdir'] . '/page.idx'); - $pages = array_filter($pages, 'isVisiblePage'); + $pages = array_filter(array_filter(idx_getIndex('page', ''), + 'isVisiblePage'), + 'page_exists'); foreach(array_keys($pages) as $idx) { - if(page_exists($pages[$idx])) { - $perm = auth_quickaclcheck($pages[$idx]); - if($perm >= AUTH_READ) { - $page = array(); - $page['id'] = trim($pages[$idx]); - $page['perms'] = $perm; - $page['size'] = @filesize(wikiFN($pages[$idx])); - $page['lastModified'] = new IXR_Date(@filemtime(wikiFN($pages[$idx]))); - $list[] = $page; - } + $perm = auth_quickaclcheck($pages[$idx]); + if($perm < AUTH_READ) { + continue; } + $page = array(); + $page['id'] = trim($pages[$idx]); + $page['perms'] = $perm; + $page['size'] = @filesize(wikiFN($pages[$idx])); + $page['lastModified'] = new IXR_Date(@filemtime(wikiFN($pages[$idx]))); + $list[] = $page; } return $list; @@ -378,13 +386,54 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { $ns = cleanID($ns); $dir = utf8_encodeFN(str_replace(':', '/', $ns)); $data = array(); - require_once(DOKU_INC.'inc/search.php'); $opts['skipacl'] = 0; // no ACL skipping for XMLRPC search($data, $conf['datadir'], 'search_allpages', $opts, $dir); return $data; } /** + * List all pages in the given namespace (and below) + */ + function search($query){ + require_once(DOKU_INC.'inc/fulltext.php'); + + $regex = ''; + $data = ft_pageSearch($query,$regex); + $pages = array(); + + // prepare additional data + $idx = 0; + foreach($data as $id => $score){ + $file = wikiFN($id); + + if($idx < FT_SNIPPET_NUMBER){ + $snippet = ft_snippet($id,$regex); + $idx++; + }else{ + $snippet = ''; + } + + $pages[] = array( + 'id' => $id, + 'score' => $score, + 'rev' => filemtime($file), + 'mtime' => filemtime($file), + 'size' => filesize($file), + 'snippet' => $snippet, + ); + } + return $pages; + } + + /** + * Returns the wiki title. + */ + function getTitle(){ + global $conf; + return $conf['title']; + } + + /** * List all media files. * * Available options are 'recursive' for also including the subnamespaces @@ -407,7 +456,6 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { $dir = utf8_encodeFN(str_replace(':', '/', $ns)); $data = array(); - require_once(DOKU_INC.'inc/search.php'); search($data, $conf['mediadir'], 'search_media', $options, $dir); $len = count($data); if(!$len) return array(); @@ -426,8 +474,7 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { * Return a list of backlinks */ function listBackLinks($id){ - require_once(DOKU_INC.'inc/fulltext.php'); - return ft_backlinks($id); + return ft_backlinks(cleanID($id)); } /** @@ -519,8 +566,6 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { } if($conf['dperm']) chmod($lock, $conf['dperm']); - require_once(DOKU_INC.'inc/indexer.php'); - // do the work idx_addPage($id); @@ -547,7 +592,7 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { return new IXR_ERROR(1, 'Filename not given.'); } - $ftmp = $conf['tmpdir'] . '/' . $id; + $ftmp = $conf['tmpdir'] . '/' . md5($id.clientIP()); // save temporary file @unlink($ftmp); @@ -572,7 +617,6 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { return new IXR_ERROR(1, $lang['uploadexist'].'1'); } // check for valid content - @require_once(DOKU_INC.'inc/media.php'); $ok = media_contentcheck($ftmp, $imime); if($ok == -1) { return new IXR_ERROR(1, sprintf($lang['uploadexist'].'2', ".$iext")); @@ -590,7 +634,6 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { $data[4] = $overwrite; // trigger event - require_once(DOKU_INC.'inc/events.php'); return trigger_event('MEDIA_UPLOAD_FINISH', $data, array($this, '_media_upload_action'), true); } else { @@ -615,14 +658,12 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { // check for references if needed $mediareferences = array(); if($conf['refcheck']){ - require_once(DOKU_INC.'inc/fulltext.php'); $mediareferences = ft_mediause($id,$conf['refshow']); } if(!count($mediareferences)){ $file = mediaFN($id); if(@unlink($file)){ - require_once(DOKU_INC.'inc/changelog.php'); addMediaLogEntry(time(), $id, DOKU_CHANGE_TYPE_DELETE); io_sweepNS($id,'mediadir'); return 0; @@ -648,7 +689,6 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { chmod($data[1], $conf['fmode']); media_notify($data[2], $data[1], $data[3]); // add a log entry to the media changelog - require_once(DOKU_INC.'inc/changelog.php'); if ($data[4]) { addMediaLogEntry(time(), $data[2], DOKU_CHANGE_TYPE_EDIT); } else { @@ -728,9 +768,6 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { if(strlen($timestamp) != 10) return new IXR_Error(20, 'The provided value is not a valid timestamp'); - require_once(DOKU_INC.'inc/changelog.php'); - require_once(DOKU_INC.'inc/pageutils.php'); - $recents = getRecentsSince($timestamp); $changes = array(); @@ -764,9 +801,6 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { if(strlen($timestamp) != 10) return new IXR_Error(20, 'The provided value is not a valid timestamp'); - require_once(DOKU_INC.'inc/changelog.php'); - require_once(DOKU_INC.'inc/pageutils.php'); - $recents = getRecentsSince($timestamp, null, '', RECENTS_MEDIA_CHANGES); $changes = array(); @@ -803,8 +837,6 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { if(empty($id)) return new IXR_Error(1, 'Empty page ID'); - require_once(DOKU_INC.'inc/changelog.php'); - $revisions = getRevisions($id, $first, $conf['recent']+1); if(count($revisions)==0 && $first!=0) { |